Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[crypto] Initial crypto backend using PSA crypto API #23193

Merged
merged 2 commits into from
Oct 20, 2022
Merged

[crypto] Initial crypto backend using PSA crypto API #23193

merged 2 commits into from
Oct 20, 2022

Conversation

Damian-Nordic
Copy link
Contributor

Implement most cryptographic operations using PSA crypto API (remaining ones will probably keep using old mbedTLS APIs).

Make it unit-testable using the following manual steps (until we all agree to update mbedTLS to 3.X):

  1. Update mbedTLS submodule to 3.2.1 and update mbedtls.gni accordingly.
  2. Use scripts/generate_driver_wrappers.py to generate psa_crypto_driver_wrappers.c and include it in mbedTLS library build.
  3. Increase CHIP_CONFIG_SHA256_CONTEXT_SIZE to 256B
  4. gn gen out/ut --args='chip_crypto="psa"'
  5. ninja -C out/ut tests/CHIPCryptoPALTest
  6. out/ut/tests/CHIPCryptoPALTest

Note that the first 3 steps are done on my private branch: Damian-Nordic@1e9201d.

Fixes #23188

@Damian-Nordic Damian-Nordic changed the title [crypto] Add initial implementation for PSA crypto API [crypto] Initial crypto backend using PSA crypto API Oct 14, 2022
@github-actions
Copy link

github-actions bot commented Oct 14, 2022
edited
Loading

PR #23193: Size comparison from bc6b438 to 2f75489

Increases (4 builds for cc13x2_26x2, esp32, psoc6, telink)
platform target config section bc6b438 2f75489 change % change
cc13x2_26x2 lock-mtd LP_CC2652R7 (read only) 659615 659623 8 0.0
.text 556000 556008 8 0.0
esp32 all-clusters-app c3devkit (read only) 1223338 1223340 2 0.0
.flash.text 1223338 1223340 2 0.0
psoc6 all-clusters cy8ckit_062s2_43012 .debug_info 26831616 26831617 1 0.0
telink ota-requestor-app tlsr9518adk80d text 577542 577544 2 0.0
Decreases (10 builds for bl602, bl702, cc13x2_26x2, psoc6, telink)
platform target config section bc6b438 2f75489 change % change
bl602 lighting-app bl602 .text 1069054 1069052 -2 -0.0
bl602+rpc (read/write) 1434866 1434858 -8 -0.0
.text 1100402 1100400 -2 -0.0
bl702 lighting-app bl702 .debug_info 37905258 37905257 -1 -0.0
.text 957024 957022 -2 -0.0
bl702+rpc .debug_info 4181187 41811871 -1 -0.0
.text 1030728 1030726 -2 -0.0
cc13x2_26x2 all-clusters-minimal-app LP_CC2652R7 (read only) 641423 641415 -8 -0.0
.text 562176 562168 -8 -0.0
lock-mtd LP_CC2652R7 (read/write) 184768 184760 -8 -0.0
psoc6 all-clusters-minimal cy8ckit_062s2_43012 .debug_info 26568399 2656839 -1 -0.0
lock cy8ckit_062s2_43012 .debug_info 22270816 22270815 -1 -0.0
telink light-switch-app tlsr9518adk80d text 553138 553136 -2 -0.0
lighting-app tlsr9518adk80d text 571356 571354 -2 -0.0
Full report (38 builds for bl602, bl702, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, psoc6, qpg, telink)
platform target config section bc6b438 2f75489 change % change
bl602 lighting-app bl602 (read/write) 1389646 1389646 0 0.0
.bss 90729 90729 0 0.0
.data 9928 9928 0 0.0
.text 1069054 1069052 -2 -0.0
bl602+rpc (read/write) 1434866 1434858 -8 -0.0
.bss 98161 98161 0 0.0
.data 10312 10312 0 0.0
.text 1100402 1100400 -2 -0.0
bl702 lighting-app bl702 (read only) 3262 3262 0 0.0
(read/write) 1188643 1188643 0 0.0
.bleromro 6296 6296 0 0.0
.bleromrw 124 124 0 0.0
.boot2 688 688 0 0.0
.bss 67102 67102 0 0.0
.bss_psram 29696 29696 0 0.0
.comment 48 48 0 0.0
.data 4272 4272 0 0.0
.debug_abbrev 1506865 1506865 0 0.0
.debug_aranges 133128 133128 0 0.0
.debug_frame 486580 486580 0 0.0
.debug_info 37905258 37905257 -1 -0.0
.debug_line 5256764 5256764 0 0.0
.debug_loc 3367112 3367112 0 0.0
.debug_ranges 359368 359368 0 0.0
.debug_str 3457811 3457811 0 0.0
.hbn 509 509 0 0.0
.hbn_noinit 260 260 0 0.0
.init 342 342 0 0.0
.init_array 144 144 0 0.0
.psram 0 0 0 0.0
.riscv.attributes 47 47 0 0.0
.rodata 116744 116744 0 0.0
.rsvd 3188 3188 0 0.0
.shstrtab 293 293 0 0.0
.stack 2048 2048 0 0.0
.strtab 565071 565071 0 0.0
.symtab 171664 171664 0 0.0
.tcm_data 36 36 0 0.0
.tcmcode 3262 3262 0 0.0
.text 0 0 0 0.0
957024 957022 -2 -0.0
bl702+rpc (read only) 3262 3262 0 0.0
(read/write) 1284579 1284579 0 0.0
.bleromro 6296 6296 0 0.0
.bleromrw 124 124 0 0.0
.boot2 688 688 0 0.0
.bss 75150 75150 0 0.0
.bss_psram 29936 29936 0 0.0
.comment 48 48 0 0.0
.data 4800 4800 0 0.0
.debug_abbrev 1644410 1644410 0 0.0
.debug_aranges 140632 140632 0 0.0
.debug_frame 511956 511956 0 0.0
.debug_info 4181187 41811871 -1 -0.0
.debug_line 5631299 5631299 0 0.0
.debug_loc 3559772 3559772 0 0.0
.debug_ranges 381824 381824 0 0.0
.debug_str 3853711 3853711 0 0.0
.hbn 509 509 0 0.0
.hbn_noinit 260 260 0 0.0
.init 342 342 0 0.0
.init_array 160 160 0 0.0
.psram 0 0 0 0.0
.riscv.attributes 47 47 0 0.0
.rodata 130136 130136 0 0.0
.rsvd 3188 3188 0 0.0
.shstrtab 293 293 0 0.0
.stack 2048 2048 0 0.0
.strtab 624244 624244 0 0.0
.symtab 189472 189472 0 0.0
.tcm_data 36 36 0 0.0
.tcmcode 3262 3262 0 0.0
.text 0 0 0 0.0
1030728 1030726 -2 -0.0
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 677175 677175 0 0.0
(read/write) 174368 174368 0 0.0
.bss 81236 81236 0 0.0
.data 3380 3380 0 0.0
.rodata 89791 89791 0 0.0
.text 587072 587072 0 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 641423 641415 -8 -0.0
(read/write) 158004 158004 0 0.0
.bss 80508 80508 0 0.0
.data 3380 3380 0 0.0
.rodata 78927 78927 0 0.0
.text 562176 562168 -8 -0.0
lock-ftd LP_CC2652R7 (read only) 675867 675867 0 0.0
(read/write) 172828 172828 0 0.0
.bss 78476 78476 0 0.0
.data 3304 3304 0 0.0
.rodata 77315 77315 0 0.0
.text 598072 598072 0 0.0
lock-mtd LP_CC2652R7 (read only) 659615 659623 8 0.0
(read/write) 184768 184760 -8 -0.0
.bss 74164 74164 0 0.0
.data 3304 3304 0 0.0
.rodata 103135 103135 0 0.0
.text 556000 556008 8 0.0
pump-app LP_CC2652R7 (read only) 687915 687915 0 0.0
(read/write) 161500 161500 0 0.0
.bss 78428 78428 0 0.0
.data 3296 3296 0 0.0
.rodata 90731 90731 0 0.0
.text 596700 596700 0 0.0
pump-controller-app LP_CC2652R7 (read only) 672423 672423 0 0.0
(read/write) 177104 177104 0 0.0
.bss 78540 78540 0 0.0
.data 3292 3292 0 0.0
.rodata 86287 86287 0 0.0
.text 585656 585656 0 0.0
shell LP_CC2652R7 (read only) 668198 668198 0 0.0
(read/write) 185664 185664 0 0.0
.bss 83556 83556 0 0.0
.data 3376 3376 0 0.0
.rodata 86502 86502 0 0.0
.text 581380 581380 0 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 587914 587914 0 0.0
.app_xip_area 464524 464524 0 0.0
.bss 65808 65808 0 0.0
.data 760 760 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
lock cyw930739m2evb_01 (read/write) 592162 592162 0 0.0
.app_xip_area 463452 463452 0 0.0
.bss 71120 71120 0 0.0
.data 768 768 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 543958 543958 0 0.0
.app_xip_area 425624 425624 0 0.0
.bss 60800 60800 0 0.0
.data 716 716 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A+rpc (read/write) 973892 973892 0 0.0
.bss 152252 152252 0 0.0
.data 2248 2248 0 0.0
.text 819372 819372 0 0.0
BRD4161A+rs911x (read/write) 1030960 1030960 0 0.0
.bss 186656 186656 0 0.0
.data 2092 2092 0 0.0
.text 842192 842192 0 0.0
BRD4187C (read/write) 1145876 1145876 0 0.0
.bss 138640 138640 0 0.0
.data 2596 2596 0 0.0
.text 980044 980044 0 0.0
lock-app BRD4161A+wf200 (read/write) 1157024 1157024 0 0.0
.bss 158208 158208 0 0.0
.data 2100 2100 0 0.0
.text 996696 996696 0 0.0
window-app BRD4187C (read/write) 1139312 1139312 0 0.0
.bss 140080 140080 0 0.0
.data 2620 2620 0 0.0
.text 972016 972016 0 0.0
esp32 all-clusters-app c3devkit (read only) 1223338 1223340 2 0.0
(read/write) 1788294 1788294 0 0.0
.dram0.bss 76944 76944 0 0.0
.dram0.data 13840 13840 0 0.0
.flash.rodata 257864 257864 0 0.0
.flash.text 1223338 1223340 2 0.0
.iram0.text 65204 65204 0 0.0
m5stack (read only) 1233415 1233415 0 0.0
(read/write) 564204 564204 0 0.0
.dram0.bss 82312 82312 0 0.0
.dram0.data 34296 34296 0 0.0
.flash.rodata 314928 314928 0 0.0
.flash.text 1228031 1228031 0 0.0
.iram0.text 123939 123939 0 0.0
k32w contact k32w0+release (read/write) 661284 661284 0 0.0
.bss 77040 77040 0 0.0
.data 2104 2104 0 0.0
.text 563028 563028 0 0.0
light k32w0+release (read/write) 671280 671280 0 0.0
.bss 74816 74816 0 0.0
.data 2060 2060 0 0.0
.text 591676 591676 0 0.0
lock k32w0+release (read/write) 633092 633092 0 0.0
.bss 75600 75600 0 0.0
.data 2080 2080 0 0.0
.text 552684 552684 0 0.0
linux chip-tool-ipv6only arm64 (read only) 10429476 10429476 0 0.0
(read/write) 706353 706353 0 0.0
.bss 33953 33953 0 0.0
.data 2768 2768 0 0.0
.data.rel.ro 650632 650632 0 0.0
.dynamic 560 560 0 0.0
.got 13896 13896 0 0.0
.init 24 24 0 0.0
.init_array 208 208 0 0.0
.rodata 518132 518132 0 0.0
.text 8255780 8255780 0 0.0
thermostat-no-ble arm64 (read only) 2390380 2390380 0 0.0
(read/write) 143633 143633 0 0.0
.bss 55377 55377 0 0.0
.data 1816 1816 0 0.0
.data.rel.ro 77256 77256 0 0.0
.dynamic 560 560 0 0.0
.got 5176 5176 0 0.0
.init 24 24 0 0.0
.init_array 440 440 0 0.0
.rodata 144436 144436 0 0.0
.text 2003040 2003040 0 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2452168 2452168 0 0.0
.bss 215028 215028 0 0.0
.data 5872 5872 0 0.0
.text 1414812 1414812 0 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1183451 1183451 0 0.0
bss 144441 144441 0 0.0
rodata 144396 144396 0 0.0
text 815708 815708 0 0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read/write) 1162119 1162119 0 0.0
bss 143668 143668 0 0.0
rodata 135968 135968 0 0.0
text 803600 803600 0 0.0
psoc6 all-clusters cy8ckit_062s2_43012 (read only) 841968 841968 0 0.0
(read/write) 1745164 1745164 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 188712 188712 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2664 2664 0 0.0
.debug_abbrev 1229390 1229390 0 0.0
.debug_aranges 111856 111856 0 0.0
.debug_frame 373484 373484 0 0.0
.debug_info 26831616 26831617 1 0.0
.debug_line 3672032 3672032 0 0.0
.debug_loc 3589149 3589149 0 0.0
.debug_ranges 339712 339712 0 0.0
.debug_str 3441214 3441214 0 0.0
.heap 841968 841968 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 569639 569639 0 0.0
.symtab 421184 421184 0 0.0
.text 1545400 1545400 0 0.0
.zero.table 8 8 0 0.0
text 0 0 0 0.0
all-clusters-minimal cy8ckit_062s2_43012 (read only) 842704 842704 0 0.0
(read/write) 1687748 1687748 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 187976 187976 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2664 2664 0 0.0
.debug_abbrev 1221189 1221189 0 0.0
.debug_aranges 111328 111328 0 0.0
.debug_frame 376564 376564 0 0.0
.debug_info 26568399 2656839 -1 -0.0
.debug_line 3692749 3692749 0 0.0
.debug_loc 3576786 3576786 0 0.0
.debug_ranges 338328 338328 0 0.0
.debug_str 3430227 3430227 0 0.0
.heap 842704 842704 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 533728 533728 0 0.0
.symtab 407616 407616 0 0.0
.text 1488720 1488720 0 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
light cy8ckit_062s2_43012 (read only) 850896 850896 0 0.0
(read/write) 1606292 1606292 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 179992 179992 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2456 2456 0 0.0
.debug_abbrev 1055300 1055300 0 0.0
.debug_aranges 103536 103536 0 0.0
.debug_frame 346896 346896 0 0.0
.debug_info 22032120 22032120 0 0.0
.debug_line 3262673 3262673 0 0.0
.debug_loc 3274748 3274748 0 0.0
.debug_ranges 303632 303632 0 0.0
.debug_str 3235759 3235759 0 0.0
.heap 850896 850896 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 470105 470105 0 0.0
.symtab 376064 376064 0 0.0
.text 1415456 1415456 0 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
lock cy8ckit_062s2_43012 (read only) 845880 845880 0 0.0
(read/write) 1640212 1640212 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 184992 184992 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2472 2472 0 0.0
.debug_abbrev 1057426 1057426 0 0.0
.debug_aranges 103936 103936 0 0.0
.debug_frame 348788 348788 0 0.0
.debug_info 22270816 22270815 -1 -0.0
.debug_line 3260534 3260534 0 0.0
.debug_loc 3303341 3303341 0 0.0
.debug_ranges 305576 305576 0 0.0
.debug_str 3255273 3255273 0 0.0
.heap 845880 845880 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 472512 472512 0 0.0
.symtab 377728 377728 0 0.0
.text 1444360 1444360 0 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
qpg lighting-app qpg6105+debug (read/write) 1148632 1148632 0 0.0
.bss 110556 110556 0 0.0
.data 832 832 0 0.0
.text 595732 595732 0 0.0
lock-app qpg6105+debug (read/write) 1113712 1113712 0 0.0
.bss 106372 106372 0 0.0
.data 836 836 0 0.0
.text 560808 560808 0 0.0
telink light-switch-app tlsr9518adk80d (read/write) 789364 789364 0 0.0
bss 72480 72480 0 0.0
noinit 43520 43520 0 0.0
text 553138 553136 -2 -0.0
lighting-app tlsr9518adk80d (read/write) 811468 811468 0 0.0
bss 73328 73328 0 0.0
noinit 43520 43520 0 0.0
text 571356 571354 -2 -0.0
ota-requestor-app tlsr9518adk80d (read/write) 819412 819412 0 0.0
bss 74236 74236 0 0.0
noinit 43520 43520 0 0.0
text 577542 577544 2 0.0

emargolis
emargolis approved these changes Oct 14, 2022
View reviewed changes
src/crypto/CHIPCryptoPALPSA.cpp Show resolved Hide resolved
src/crypto/CHIPCryptoPALPSA.cpp Outdated Show resolved Hide resolved
src/crypto/CHIPCryptoPALPSA.cpp Show resolved Hide resolved
@Damian-Nordic
[crypto] Add initial implementation for PSA crypto API
c85a001 
Implement most cryptographic operations using PSA crypto
API. Make it unit-testable using the following manual
steps (until we all agree to update mbedTLS to 3.X):
1. Update mbedTLS submodule to 3.2.1 and update mbedtls.gni
   accordingly.
2. Use scripts/generate_driver_wrappers.py to generate
   psa_crypto_driver_wrappers.c and include it in mbedTLS
   library build.
3. Increase CHIP_CONFIG_SHA256_CONTEXT_SIZE to 256B
4. gn gen out/ut --args='chip_crypto="psa"'
5. ninja -C out/ut tests/CHIPCryptoPALTest
6. out/ut/tests/CHIPCryptoPALTest

[crypto] Implement PBKDF2 using PSA crypto API

PBKDF2 PSA crypto API is not yet implemented in mbedTLS 3.1
nor 3.2 so for now use a handcrafted implementation using
HMAC directly.

[crypto] Implement ECDSA and ECDH using PSA crypto API

The ECDSA and ECDH operations specified by P256Keypair
and P256PublicKey classes have been implemented using
PSA crypto API provided by mbedTLS 3.X.
@Damian-Nordic
Code review comments
41778cc
@github-actions
Copy link

github-actions bot commented Oct 17, 2022
edited
Loading

PR #23193: Size comparison from 9f08fc1 to 41778cc

Increases (3 builds for cc13x2_26x2, esp32, psoc6)
platform target config section 9f08fc1 41778cc change % change
cc13x2_26x2 lock-mtd LP_CC2652R7 (read/write) 184760 184768 8 0.0
esp32 all-clusters-app c3devkit (read only) 1223340 1223342 2 0.0
.flash.text 1223340 1223342 2 0.0
psoc6 light cy8ckit_062s2_43012 .debug_info 22032548 22032549 1 0.0
Decreases (6 builds for bl602, bl702, cc13x2_26x2, esp32, psoc6, telink)
platform target config section 9f08fc1 41778cc change % change
bl602 lighting-app bl602+rpc .text 1100468 1100466 -2 -0.0
bl702 lighting-app bl702+rpc .debug_info 41812028 41812027 -1 -0.0
.text 1030506 1030504 -2 -0.0
cc13x2_26x2 lock-mtd LP_CC2652R7 (read only) 659623 659615 -8 -0.0
.text 556008 556000 -8 -0.0
esp32 all-clusters-app c3devkit (read/write) 1788302 1788294 -8 -0.0
.flash.rodata 257872 257864 -8 -0.0
psoc6 lock cy8ckit_062s2_43012 .debug_info 22271244 22271243 -1 -0.0
telink ota-requestor-app tlsr9518adk80d text 577544 577542 -2 -0.0
Full report (38 builds for bl602, bl702, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, psoc6, qpg, telink)
platform target config section 9f08fc1 41778cc change % change
bl602 lighting-app bl602 (read/write) 1389710 1389710 0 0.0
.bss 90729 90729 0 0.0
.data 9928 9928 0 0.0
.text 1069118 1069118 0 0.0
bl602+rpc (read/write) 1434934 1434934 0 0.0
.bss 98161 98161 0 0.0
.data 10312 10312 0 0.0
.text 1100468 1100466 -2 -0.0
bl702 lighting-app bl702 (read only) 3262 3262 0 0.0
(read/write) 1188675 1188675 0 0.0
.bleromro 6296 6296 0 0.0
.bleromrw 124 124 0 0.0
.boot2 688 688 0 0.0
.bss 67102 67102 0 0.0
.bss_psram 29696 29696 0 0.0
.comment 48 48 0 0.0
.data 4272 4272 0 0.0
.debug_abbrev 1506865 1506865 0 0.0
.debug_aranges 133136 133136 0 0.0
.debug_frame 486600 486600 0 0.0
.debug_info 37905412 37905412 0 0.0
.debug_line 5256822 5256822 0 0.0
.debug_loc 3367145 3367145 0 0.0
.debug_ranges 359376 359376 0 0.0
.debug_str 3457811 3457811 0 0.0
.hbn 509 509 0 0.0
.hbn_noinit 260 260 0 0.0
.init 342 342 0 0.0
.init_array 144 144 0 0.0
.psram 0 0 0 0.0
.riscv.attributes 47 47 0 0.0
.rodata 116744 116744 0 0.0
.rsvd 3188 3188 0 0.0
.shstrtab 293 293 0 0.0
.stack 2048 2048 0 0.0
.strtab 565071 565071 0 0.0
.symtab 171664 171664 0 0.0
.tcm_data 36 36 0 0.0
.tcmcode 3262 3262 0 0.0
.text 0 0 0 0.0
957056 957056 0 0.0
bl702+rpc (read only) 3262 3262 0 0.0
(read/write) 1284355 1284355 0 0.0
.bleromro 6296 6296 0 0.0
.bleromrw 124 124 0 0.0
.boot2 688 688 0 0.0
.bss 75150 75150 0 0.0
.bss_psram 29936 29936 0 0.0
.comment 48 48 0 0.0
.data 4800 4800 0 0.0
.debug_abbrev 1644410 1644410 0 0.0
.debug_aranges 140640 140640 0 0.0
.debug_frame 511972 511972 0 0.0
.debug_info 41812028 41812027 -1 -0.0
.debug_line 5631353 5631353 0 0.0
.debug_loc 3559792 3559792 0 0.0
.debug_ranges 381832 381832 0 0.0
.debug_str 3853711 3853711 0 0.0
.hbn 509 509 0 0.0
.hbn_noinit 260 260 0 0.0
.init 342 342 0 0.0
.init_array 160 160 0 0.0
.psram 0 0 0 0.0
.riscv.attributes 47 47 0 0.0
.rodata 130136 130136 0 0.0
.rsvd 3188 3188 0 0.0
.shstrtab 293 293 0 0.0
.stack 2048 2048 0 0.0
.strtab 624244 624244 0 0.0
.symtab 189472 189472 0 0.0
.tcm_data 36 36 0 0.0
.tcmcode 3262 3262 0 0.0
.text 0 0 0 0.0
1030506 1030504 -2 -0.0
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 677175 677175 0 0.0
(read/write) 174368 174368 0 0.0
.bss 81236 81236 0 0.0
.data 3380 3380 0 0.0
.rodata 89791 89791 0 0.0
.text 587072 587072 0 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 641423 641423 0 0.0
(read/write) 158004 158004 0 0.0
.bss 80508 80508 0 0.0
.data 3380 3380 0 0.0
.rodata 78927 78927 0 0.0
.text 562176 562176 0 0.0
lock-ftd LP_CC2652R7 (read only) 675867 675867 0 0.0
(read/write) 172828 172828 0 0.0
.bss 78476 78476 0 0.0
.data 3304 3304 0 0.0
.rodata 77315 77315 0 0.0
.text 598072 598072 0 0.0
lock-mtd LP_CC2652R7 (read only) 659623 659615 -8 -0.0
(read/write) 184760 184768 8 0.0
.bss 74164 74164 0 0.0
.data 3304 3304 0 0.0
.rodata 103135 103135 0 0.0
.text 556008 556000 -8 -0.0
pump-app LP_CC2652R7 (read only) 687915 687915 0 0.0
(read/write) 161500 161500 0 0.0
.bss 78428 78428 0 0.0
.data 3296 3296 0 0.0
.rodata 90731 90731 0 0.0
.text 596700 596700 0 0.0
pump-controller-app LP_CC2652R7 (read only) 672423 672423 0 0.0
(read/write) 177104 177104 0 0.0
.bss 78540 78540 0 0.0
.data 3292 3292 0 0.0
.rodata 86287 86287 0 0.0
.text 585656 585656 0 0.0
shell LP_CC2652R7 (read only) 668198 668198 0 0.0
(read/write) 185664 185664 0 0.0
.bss 83556 83556 0 0.0
.data 3376 3376 0 0.0
.rodata 86502 86502 0 0.0
.text 581380 581380 0 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 587914 587914 0 0.0
.app_xip_area 464524 464524 0 0.0
.bss 65808 65808 0 0.0
.data 760 760 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
lock cyw930739m2evb_01 (read/write) 592162 592162 0 0.0
.app_xip_area 463452 463452 0 0.0
.bss 71120 71120 0 0.0
.data 768 768 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 543958 543958 0 0.0
.app_xip_area 425624 425624 0 0.0
.bss 60800 60800 0 0.0
.data 716 716 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A+rpc (read/write) 973860 973860 0 0.0
.bss 152252 152252 0 0.0
.data 2248 2248 0 0.0
.text 819340 819340 0 0.0
BRD4161A+rs911x (read/write) 1030992 1030992 0 0.0
.bss 186656 186656 0 0.0
.data 2092 2092 0 0.0
.text 842224 842224 0 0.0
BRD4187C (read/write) 1145900 1145900 0 0.0
.bss 138640 138640 0 0.0
.data 2596 2596 0 0.0
.text 980068 980068 0 0.0
lock-app BRD4161A+wf200 (read/write) 1157024 1157024 0 0.0
.bss 158208 158208 0 0.0
.data 2100 2100 0 0.0
.text 996696 996696 0 0.0
window-app BRD4187C (read/write) 1139336 1139336 0 0.0
.bss 140080 140080 0 0.0
.data 2620 2620 0 0.0
.text 972040 972040 0 0.0
esp32 all-clusters-app c3devkit (read only) 1223340 1223342 2 0.0
(read/write) 1788302 1788294 -8 -0.0
.dram0.bss 76944 76944 0 0.0
.dram0.data 13840 13840 0 0.0
.flash.rodata 257872 257864 -8 -0.0
.flash.text 1223340 1223342 2 0.0
.iram0.text 65204 65204 0 0.0
m5stack (read only) 1233415 1233415 0 0.0
(read/write) 564204 564204 0 0.0
.dram0.bss 82312 82312 0 0.0
.dram0.data 34296 34296 0 0.0
.flash.rodata 314928 314928 0 0.0
.flash.text 1228031 1228031 0 0.0
.iram0.text 123939 123939 0 0.0
k32w contact k32w0+release (read/write) 661284 661284 0 0.0
.bss 77040 77040 0 0.0
.data 2104 2104 0 0.0
.text 563028 563028 0 0.0
light k32w0+release (read/write) 671280 671280 0 0.0
.bss 74816 74816 0 0.0
.data 2060 2060 0 0.0
.text 591676 591676 0 0.0
lock k32w0+release (read/write) 633092 633092 0 0.0
.bss 75600 75600 0 0.0
.data 2080 2080 0 0.0
.text 552684 552684 0 0.0
linux chip-tool-ipv6only arm64 (read only) 10429476 10429476 0 0.0
(read/write) 706353 706353 0 0.0
.bss 33953 33953 0 0.0
.data 2768 2768 0 0.0
.data.rel.ro 650632 650632 0 0.0
.dynamic 560 560 0 0.0
.got 13896 13896 0 0.0
.init 24 24 0 0.0
.init_array 208 208 0 0.0
.rodata 518132 518132 0 0.0
.text 8255780 8255780 0 0.0
thermostat-no-ble arm64 (read only) 2390524 2390524 0 0.0
(read/write) 143633 143633 0 0.0
.bss 55377 55377 0 0.0
.data 1816 1816 0 0.0
.data.rel.ro 77256 77256 0 0.0
.dynamic 560 560 0 0.0
.got 5176 5176 0 0.0
.init 24 24 0 0.0
.init_array 440 440 0 0.0
.rodata 144436 144436 0 0.0
.text 2003184 2003184 0 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2452168 2452168 0 0.0
.bss 215028 215028 0 0.0
.data 5872 5872 0 0.0
.text 1414812 1414812 0 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1183451 1183451 0 0.0
bss 144441 144441 0 0.0
rodata 144396 144396 0 0.0
text 815708 815708 0 0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read/write) 1162119 1162119 0 0.0
bss 143668 143668 0 0.0
rodata 135968 135968 0 0.0
text 803600 803600 0 0.0
psoc6 all-clusters cy8ckit_062s2_43012 (read only) 841968 841968 0 0.0
(read/write) 1745212 1745212 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 188712 188712 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2664 2664 0 0.0
.debug_abbrev 1229384 1229384 0 0.0
.debug_aranges 111872 111872 0 0.0
.debug_frame 373516 373516 0 0.0
.debug_info 26832044 26832044 0 0.0
.debug_line 3672175 3672175 0 0.0
.debug_loc 3589235 3589235 0 0.0
.debug_ranges 339728 339728 0 0.0
.debug_str 3441214 3441214 0 0.0
.heap 841968 841968 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 569639 569639 0 0.0
.symtab 421184 421184 0 0.0
.text 1545448 1545448 0 0.0
.zero.table 8 8 0 0.0
text 0 0 0 0.0
all-clusters-minimal cy8ckit_062s2_43012 (read only) 842704 842704 0 0.0
(read/write) 1687796 1687796 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 187976 187976 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2664 2664 0 0.0
.debug_abbrev 1221183 1221183 0 0.0
.debug_aranges 111344 111344 0 0.0
.debug_frame 376596 376596 0 0.0
.debug_info 26568826 26568826 0 0.0
.debug_line 3692892 3692892 0 0.0
.debug_loc 3576872 3576872 0 0.0
.debug_ranges 338344 338344 0 0.0
.debug_str 3430227 3430227 0 0.0
.heap 842704 842704 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 533728 533728 0 0.0
.symtab 407616 407616 0 0.0
.text 1488768 1488768 0 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
light cy8ckit_062s2_43012 (read only) 850896 850896 0 0.0
(read/write) 1606356 1606356 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 179992 179992 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2456 2456 0 0.0
.debug_abbrev 1055294 1055294 0 0.0
.debug_aranges 103552 103552 0 0.0
.debug_frame 346928 346928 0 0.0
.debug_info 22032548 22032549 1 0.0
.debug_line 3262816 3262816 0 0.0
.debug_loc 3274834 3274834 0 0.0
.debug_ranges 303648 303648 0 0.0
.debug_str 3235759 3235759 0 0.0
.heap 850896 850896 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 470105 470105 0 0.0
.symtab 376064 376064 0 0.0
.text 1415520 1415520 0 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
lock cy8ckit_062s2_43012 (read only) 845880 845880 0 0.0
(read/write) 1640276 1640276 0 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 184992 184992 0 0.0
.comment 204 204 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2472 2472 0 0.0
.debug_abbrev 1057420 1057420 0 0.0
.debug_aranges 103952 103952 0 0.0
.debug_frame 348820 348820 0 0.0
.debug_info 22271244 22271243 -1 -0.0
.debug_line 3260677 3260677 0 0.0
.debug_loc 3303427 3303427 0 0.0
.debug_ranges 305592 305592 0 0.0
.debug_str 3255273 3255273 0 0.0
.heap 845880 845880 0 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 472512 472512 0 0.0
.symtab 377728 377728 0 0.0
.text 1444424 1444424 0 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
qpg lighting-app qpg6105+debug (read/write) 1148632 1148632 0 0.0
.bss 110556 110556 0 0.0
.data 832 832 0 0.0
.text 595732 595732 0 0.0
lock-app qpg6105+debug (read/write) 1113712 1113712 0 0.0
.bss 106372 106372 0 0.0
.data 836 836 0 0.0
.text 560808 560808 0 0.0
telink light-switch-app tlsr9518adk80d (read/write) 789364 789364 0 0.0
bss 72480 72480 0 0.0
noinit 43520 43520 0 0.0
text 553136 553136 0 0.0
lighting-app tlsr9518adk80d (read/write) 811468 811468 0 0.0
bss 73328 73328 0 0.0
noinit 43520 43520 0 0.0
text 571354 571354 0 0.0
ota-requestor-app tlsr9518adk80d (read/write) 819412 819412 0 0.0
bss 74236 74236 0 0.0
noinit 43520 43520 0 0.0
text 577544 577542 -2 -0.0

@andy31415 andy31415 merged commit d37c801 into project-chip:master Oct 20, 2022
@Damian-Nordic Damian-Nordic deleted the psa-upstream branch October 20, 2022 07:01
adbridge pushed a commit to ARM-software/connectedhomeip that referenced this pull request Nov 18, 2022
@Damian-Nordic @adbridge
[crypto] Initial crypto backend using PSA crypto API (project-chip#23193
e73bf16 
)

* [crypto] Add initial implementation for PSA crypto API

Implement most cryptographic operations using PSA crypto
API. Make it unit-testable using the following manual
steps (until we all agree to update mbedTLS to 3.X):
1. Update mbedTLS submodule to 3.2.1 and update mbedtls.gni
   accordingly.
2. Use scripts/generate_driver_wrappers.py to generate
   psa_crypto_driver_wrappers.c and include it in mbedTLS
   library build.
3. Increase CHIP_CONFIG_SHA256_CONTEXT_SIZE to 256B
4. gn gen out/ut --args='chip_crypto="psa"'
5. ninja -C out/ut tests/CHIPCryptoPALTest
6. out/ut/tests/CHIPCryptoPALTest

[crypto] Implement PBKDF2 using PSA crypto API

PBKDF2 PSA crypto API is not yet implemented in mbedTLS 3.1
nor 3.2 so for now use a handcrafted implementation using
HMAC directly.

[crypto] Implement ECDSA and ECDH using PSA crypto API

The ECDSA and ECDH operations specified by P256Keypair
and P256PublicKey classes have been implemented using
PSA crypto API provided by mbedTLS 3.X.

* Code review comments
adbridge pushed a commit to ARM-software/connectedhomeip that referenced this pull request Nov 18, 2022
@Damian-Nordic @adbridge
[crypto] Initial crypto backend using PSA crypto API (project-chip#23193
37b8dd9 
)

* [crypto] Add initial implementation for PSA crypto API

Implement most cryptographic operations using PSA crypto
API. Make it unit-testable using the following manual
steps (until we all agree to update mbedTLS to 3.X):
1. Update mbedTLS submodule to 3.2.1 and update mbedtls.gni
   accordingly.
2. Use scripts/generate_driver_wrappers.py to generate
   psa_crypto_driver_wrappers.c and include it in mbedTLS
   library build.
3. Increase CHIP_CONFIG_SHA256_CONTEXT_SIZE to 256B
4. gn gen out/ut --args='chip_crypto="psa"'
5. ninja -C out/ut tests/CHIPCryptoPALTest
6. out/ut/tests/CHIPCryptoPALTest

[crypto] Implement PBKDF2 using PSA crypto API

PBKDF2 PSA crypto API is not yet implemented in mbedTLS 3.1
nor 3.2 so for now use a handcrafted implementation using
HMAC directly.

[crypto] Implement ECDSA and ECDH using PSA crypto API

The ECDSA and ECDH operations specified by P256Keypair
and P256PublicKey classes have been implemented using
PSA crypto API provided by mbedTLS 3.X.

* Code review comments
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emargolis emargolis emargolis approved these changes

@anush-apple anush-apple Awaiting requested review from anush-apple

@arkq arkq Awaiting requested review from arkq

@Byungjoo-Lee Byungjoo-Lee Awaiting requested review from Byungjoo-Lee

@bzbarsky-apple bzbarsky-apple Awaiting requested review from bzbarsky-apple

@carol-apple carol-apple Awaiting requested review from carol-apple

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@chshu chshu Awaiting requested review from chshu

@chulspro chulspro Awaiting requested review from chulspro

@dhrishi dhrishi Awaiting requested review from dhrishi

@electrocucaracha electrocucaracha Awaiting requested review from electrocucaracha

@erjiaqing erjiaqing Awaiting requested review from erjiaqing

@franck-apple franck-apple Awaiting requested review from franck-apple

@gjc13 gjc13 Awaiting requested review from gjc13

@harsha-rajendran harsha-rajendran Awaiting requested review from harsha-rajendran

@hawk248 hawk248 Awaiting requested review from hawk248

@isiu-apple isiu-apple Awaiting requested review from isiu-apple

@jelderton jelderton Awaiting requested review from jelderton

@jepenven-silabs jepenven-silabs Awaiting requested review from jepenven-silabs

@jmartinez-silabs jmartinez-silabs Awaiting requested review from jmartinez-silabs

@jtung-apple jtung-apple Awaiting requested review from jtung-apple

@kghost kghost Awaiting requested review from kghost

@lazarkov lazarkov Awaiting requested review from lazarkov

@LuDuda LuDuda Awaiting requested review from LuDuda

@mlepage-google mlepage-google Awaiting requested review from mlepage-google

@mrjerryjohns mrjerryjohns Awaiting requested review from mrjerryjohns

@msandstedt msandstedt Awaiting requested review from msandstedt

@mspang mspang Awaiting requested review from mspang

@rgoliver rgoliver Awaiting requested review from rgoliver

@robszewczyk robszewczyk Awaiting requested review from robszewczyk

@saurabhst saurabhst Awaiting requested review from saurabhst

@selissia selissia Awaiting requested review from selissia

@tecimovic tecimovic Awaiting requested review from tecimovic

@turon turon Awaiting requested review from turon

@vijs vijs Awaiting requested review from vijs

@vivien-apple vivien-apple Awaiting requested review from vivien-apple

@wbschiller wbschiller Awaiting requested review from wbschiller

@woody-apple woody-apple Awaiting requested review from woody-apple

@xylophone21 xylophone21 Awaiting requested review from xylophone21

@yunhanw-google yunhanw-google Awaiting requested review from yunhanw-google

Assignees
No one assigned
Labels
crypto fast track review - pending
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Feature] Initial crypto backend based on PSA crypto API
3 participants
@Damian-Nordic @emargolis @andy31415