-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nrf_security: Changes for Oberon PSA configurations in Kconfig #12125
Conversation
The following west manifest projects have been modified in this Pull Request:
Note: This message is automatically posted and updated by the Manifest GitHub Action. |
Test specificationCI/Jenkins/NRF
CI/Jenkins/integration
Detailed information of selected test modules Note: This message is automatically posted and updated by the CI |
You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds. Note: This comment is automatically posted by the Documentation Publishing GitHub Action. |
a5ce615
to
3f08bec
Compare
3f08bec
to
89074a1
Compare
89074a1
to
561a207
Compare
Fix configuration of PSA_WANT_ALG_ECDSA_DETERMINISTIC enabled without PSA_WANT_ALG_ECDSA for the Oberon driver. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Bring Zephyr with added PSA_WANT options only available in the Oberon PSA core. The Oberon PSA core uses the name PSA_WANT_ALG_SRP_6, this aligns nrf_security with this naming. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Update the psa_tls sample to follow the new configuration scheme from Oberon PSA core. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
1024 bit RSA keys are not recommended to use because they considered unsafe. Change the sample to use 2048 bit keys. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
The builtin crypto implementation, which is the software implementation of PSA crypto APIs from mbedTLS is not supported anymore. Only the Oberon PSA API implementation exists right now as a software implementation, and there are also the crypto accelerator implementation. Remove the unused builtin PSA implementation configuration in the tests. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
When we built with TF-M in non minimal builts we we required HKDF which is only supported by Oberon. So in configuration we don't allow Oberon to be disabled, this updates all the samples so that they don't allow to disable the Oberon PSA driver in TF-M builds. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Enable ECDSA and the R1 256 bit curve for the identity key sample since the samples imports a key pair of that type. This change is needed because of the new Oberon PSA configuration system. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Removes unused PSA configs for the TF-M regressions tests. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
Remove unused configs. Signed-off-by: Georgios Vasilakis <georgios.vasilakis@nordicsemi.no>
We're using SRP_6 as configuration option, so we should specify the version of SRP in the documentation also. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
561a207
to
cf141eb
Compare
No description provided.