• State Not Answered
  • Replies 1 reply
  • Subscribers 71 subscribers
  • Views 961 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 274536
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Cannot use PSA Cryptography API with nCS + TF-M + MbedTLS

kFYatek

Hi, I want to use TrustedFirmware-M as a secure backend for an application that uses Mbed TLS in the non-secure domain, and this seems to be artificially limited - the MBEDTLS_USE_PSA_CRYPTO configuration flag is never enabled in the Mbed TLS config file that is generated by the nCS build system.

A possible workaround would be to use a custom Mbed TLS config file, but then still there is a problem that the PSA API headers that come from TF-M do not contain some macros that the currently used version of Mbed TLS expects.

I'm using nCS 1.6.0 and targeting nrf9160dk_nrf9160ns, although I suppose this problem is not related to any specific hardware platform, and I haven't found any commits in newer revisions that would address the problem.

I was able to get things to work after applying the following modifications to nCS 1.6.0 codebase:

diff -ru ncs/modules/tee/tfm/trusted-firmware-m/interface/include/psa/crypto_values.h ncs-kinda-working-psa/modules/tee/tfm/trusted-firmware-m/interface/include/psa/crypto_values.h
--- ncs/modules/tee/tfm/trusted-firmware-m/interface/include/psa/crypto_values.h	2021-08-06 11:28:29.648936390 +0200
+++ ncs-kinda-working-psa/modules/tee/tfm/trusted-firmware-m/interface/include/psa/crypto_values.h	2021-08-05 16:23:15.009159829 +0200
@@ -1871,4 +1871,12 @@
 
 /**@}*/
 
+#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG  ((psa_algorithm_t)0x00008000)
+
+#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)           \
+    (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK |                     \
+                     PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) |         \
+     ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
+      PSA_ALG_AEAD_TAG_LENGTH_MASK))
+
 #endif /* PSA_CRYPTO_VALUES_H */
diff -ru ncs/nrfxlib/nrf_security/cmake/kconfig_psa_configure.cmake ncs-kinda-working-psa/nrfxlib/nrf_security/cmake/kconfig_psa_configure.cmake
--- ncs/nrfxlib/nrf_security/cmake/kconfig_psa_configure.cmake	2021-08-06 11:28:31.308917693 +0200
+++ ncs-kinda-working-psa/nrfxlib/nrf_security/cmake/kconfig_psa_configure.cmake	2021-08-05 16:20:47.542678677 +0200
@@ -13,3 +13,4 @@
 kconfig_mbedtls_config("MBEDTLS_PSA_CRYPTO_C")
 kconfig_mbedtls_config("MBEDTLS_PSA_CRYPTO_SPM")
 kconfig_mbedtls_config("MBEDTLS_PSA_CRYPTO_STORAGE_C")
+kconfig_mbedtls_config("MBEDTLS_USE_PSA_CRYPTO")

The missing PSA_ALG_AEAD_WITH_SHORTENED_TAG is, I believe, due to the fact that nCS contains a different Mbed TLS version to the one that the TF-M revision linked in nCS is designed for - in upstream TF-M repos, commits that add or remove such macros in crypto_values.h are those that mention updating Mbed TLS in the commit messages.

After applying the patch above, I've been able to use APIs such as psa_generate_key() and mbedtls_pk_setup_opaque() in the non-secure application, they've been working properly, and I verified in the debugger that they are indeed realized as IPC calls into the secure partition, including during TLS handshake.

Related
Terms of service