Page MenuHomePhabricator

psa_open_key/psa_close_key APIs require support for persistent key storage
Open, Needs TriagePublic

Description

When running the PSA Crypto APIs tests from https://github.com/ARM-software/psa-arch-tests (Hash: e44ccebdff9631e2474d85650c1812d0ce001dc3) with TFM (Hash: 6e7be077eabef00b4825e245604148d82b11f832), there are couple of failures due to below reason:

The implementation of psa_open_key/psa_close_key requires the support for persistent key storage. Since TFM doesn't have support for storing persistent keys, psa_import_key fails for the same (Error return: -134 - UNSUPPORTED).

Test failures (Target- AN521):

TEST: 250 | DESCRIPTION: Testing crypto key management APIs
[Info] Executing tests from non-secure
[Check 1] Test psa_open_key 16 Byte AES
        Failed at Checkpoint: 6
        Actual: -134
        Expected: 0
TEST RESULT: FAILED (Error Code=0x00000001) 

******************************************

TEST: 251 | DESCRIPTION: Testing crypto key management APIs
[Info] Executing tests from non-secure
[Check 1] Test psa_close_key 16 Byte AES
[Check 2] Test psa_close_key 24 Byte AES
        Failed at Checkpoint: 3
        Actual: -134
        Expected: 0
TEST RESULT: FAILED (Error Code=0x00000001)

Please guide us on planning the support for persistent key storage.

Event Timeline

ACKed. We need to investigate how to solve this problem.

soby-mathew added a project: Restricted Project.Mar 3 2020, 1:23 PM
soby-mathew edited projects, added Trusted Firmware M; removed Restricted Project.