Page MenuHomePhabricator
Create Task
Maniphest T682

psa_open_key/psa_close_key APIs require support for persistent key storage
Closed, ResolvedPublic
Actions

Description

When running the PSA Crypto APIs tests from https://github.com/ARM-software/psa-arch-tests (Hash: e44ccebdff9631e2474d85650c1812d0ce001dc3) with TFM (Hash: 6e7be077eabef00b4825e245604148d82b11f832), there are couple of failures due to below reason:

The implementation of psa_open_key/psa_close_key requires the support for persistent key storage. Since TFM doesn't have support for storing persistent keys, psa_import_key fails for the same (Error return: -134 - UNSUPPORTED).

Test failures (Target- AN521):

TEST: 250 | DESCRIPTION: Testing crypto key management APIs
[Info] Executing tests from non-secure
[Check 1] Test psa_open_key 16 Byte AES
        Failed at Checkpoint: 6
        Actual: -134
        Expected: 0
TEST RESULT: FAILED (Error Code=0x00000001) 

******************************************

TEST: 251 | DESCRIPTION: Testing crypto key management APIs
[Info] Executing tests from non-secure
[Check 1] Test psa_close_key 16 Byte AES
[Check 2] Test psa_close_key 24 Byte AES
        Failed at Checkpoint: 3
        Actual: -134
        Expected: 0
TEST RESULT: FAILED (Error Code=0x00000001)

Please guide us on planning the support for persistent key storage.

Event Timeline

jaypit02 created this task.Mar 3 2020, 1:11 PM
soby-mathew added a comment.Mar 3 2020, 1:18 PM

ACKed. We need to investigate how to solve this problem.

soby-mathew added a project: Restricted Project.Mar 3 2020, 1:23 PM
soby-mathew edited projects, added Trusted Firmware M; removed Restricted Project.
soby-mathew closed this task as Resolved.Sep 23 2020, 8:37 AM

Persistent key support has been added as part of TFMv1.1. Clsoing this issue.

growthstarboard added a subscriber: growthstarboard.Nov 1 2023, 3:22 AM

The support for permanent key storage is necessary for the implementation of the psa_open_key and psa_close_key functions. skibidi toilet