Skip to content

Fix Mbed TLS + TF-M integration issues #13337

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 23, 2020
Merged

Fix Mbed TLS + TF-M integration issues #13337

merged 2 commits into from
Jul 23, 2020

Conversation

Patater
Copy link
Contributor

@Patater Patater commented Jul 22, 2020

Summary of changes

Ensure PSA key types and key lengths are handled properly when using Mbed TLS with TF-M.

Impact of changes

Migration actions required

Documentation

Pull request type 

[X] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results 

[] No Tests required for this change (E.g docs only update)
[X] Covered by existing mbed-os tests (Greentea or Unittest)
[] Tests / results supplied as part of this PR

Reviewers

@Patater
mbedtls: Specify key length with TF-M
0cf6805 
When using TF-M, be sure to specify the length of the key.

Fixes: 0961f31 ("Make PSA util compatible with Mbed Crypto 3.0.1")
@Patater Patater requested a review from moshe-shahar July 22, 2020 16:08
@ciarmcom ciarmcom added the release-type: patch Indentifies a PR as containing just a patch label Jul 22, 2020
@ciarmcom
Copy link
Member

@Patater, thank you for your changes.
@ARMmbed/mbed-os-security @ARMmbed/mbed-os-maintainers please review.

@ciarmcom ciarmcom requested review from a team July 22, 2020 17:00
moshe-shahar
moshe-shahar approved these changes Jul 23, 2020
View reviewed changes
Copy link
Contributor

@moshe-shahar moshe-shahar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Patater,
I tested it locally and it works as expected.
Thank you!

0xc0170
0xc0170 previously approved these changes Jul 23, 2020
View reviewed changes
@mergify mergify bot added needs: CI and removed needs: review labels Jul 23, 2020
@Patater
mbedtls: Fix PSA key encoding
61a65c0 
When using TF-M, use the PSA_KEY_TYPE_ECC_KEY_PAIR() macro from
mbedtls_psa_parse_tls_ecc_group(), since that function is supposed to
return a psa_key_type_t. This helps to avoid any misencodings when the
return value from mbedtls_psa_parse_tls_ecc_group() is used directly as
a psa_key_type_t without additional encoding.

Fixes: 0961f31 ("Make PSA util compatible with Mbed Crypto 3.0.1")
@mergify mergify bot dismissed 0xc0170’s stale review July 23, 2020 09:51

Pull request has been modified.

@Patater Patater requested a review from moshe-shahar July 23, 2020 10:02
@Patater
Copy link
Contributor Author

Patater commented Jul 23, 2020

@moshe-shahar I've modified the code a bit based on review feedback. Could you ensure it still works as intended for you?

@0xc0170
Copy link
Contributor

0xc0170 commented Jul 23, 2020

CI started

moshe-shahar
moshe-shahar approved these changes Jul 23, 2020
View reviewed changes
Copy link
Contributor

@moshe-shahar moshe-shahar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tested again

@mbed-ci
Copy link

mbed-ci commented Jul 23, 2020

Test run: SUCCESS

Summary: 6 of 6 test jobs passed
Build number : 1
Build artifacts

@0xc0170 0xc0170 merged commit 3279689 into ARMmbed:master Jul 23, 2020
@mergify mergify bot removed the ready for merge label Jul 23, 2020
@mbedmain mbedmain added release-version: 6.2.1 Release-pending and removed release-type: patch Indentifies a PR as containing just a patch Release-pending labels Aug 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xc0170 0xc0170 0xc0170 approved these changes

@urutva urutva urutva approved these changes

@moshe-shahar moshe-shahar moshe-shahar approved these changes

Assignees
No one assigned
Labels
release-version: 6.2.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@Patater @ciarmcom @0xc0170 @mbed-ci @urutva @moshe-shahar @mbedmain