Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[crypto] Introduce AES key abstraction #23792

Merged
merged 5 commits into from
Feb 17, 2023
Merged

[crypto] Introduce AES key abstraction #23792

merged 5 commits into from
Feb 17, 2023

Conversation

Damian-Nordic
Copy link
Contributor

Add AesKey class that represents a platform-specific AES key, either in the form of raw key material or key reference. This is needed to enable more secure key management for crypto backends that support invoking crypto operations using key references, such as PSA crypto API.

Thanks to this class the session can only hold key references while having the actual keys stored securely. Group key management is still to be improved though.

Fixes #23189

@pullapprove pullapprove bot requested a review from amitnj January 25, 2023 19:24
@github-actions
Copy link

github-actions bot commented Feb 1, 2023
edited
Loading

PR #23792: Size comparison from 811ab2b to 79457a2

Increases above 0.2%:

platform target config section 811ab2b 79457a2 change % change
bl702 lighting-app bl702 .debug_abbrev 1549875 1554936 5061 0.3
bl702+rpc .debug_abbrev 1698271 1703076 4805 0.3
cyw30739 light cyw930739m2evb_01 .data 736 740 4 0.5
lock cyw930739m2evb_01 .data 744 748 4 0.5
ota-requestor-no-progress-logging cyw930739m2evb_01 .data 692 696 4 0.6
linux bridge-app debug .data 3632 3664 32 0.9
lighting-app debug+rpc .data 2288 2320 32 1.4
lock-app debug .data 1904 1936 32 1.7
ota-provider-app debug .data 2080 2112 32 1.5
ota-requestor-app debug .data 2480 2512 32 1.3
shell debug .data 1264 1296 32 2.5
thermostat-no-ble arm64 .data 1824 1832 8 0.4
tv-app debug .data 3904 3920 16 0.4
psoc6 all-clusters cy8ckit_062s2_43012 .debug_abbrev 1251453 1256996 5543 0.4
all-clusters-minimal cy8ckit_062s2_43012 .data 2664 2672 8 0.3
.debug_abbrev 1237164 1242665 5501 0.4
light cy8ckit_062s2_43012 .debug_abbrev 1072030 1076983 4953 0.5
lock cy8ckit_062s2_43012 .data 2472 2480 8 0.3
.debug_abbrev 1073262 1078772 5510 0.5
qpg lighting-app qpg6105+debug .data 848 852 4 0.5
lock-app qpg6105+debug .data 860 864 4 0.5
Increases (51 builds for bl702, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, psoc6, qpg, telink)
platform target config section 811ab2b 79457a2 change % change
bl702 lighting-app bl702 (read/write) 1183467 1183619 152 0.0
.data 4056 4064 8 0.2
.debug_abbrev 1549875 1554936 5061 0.3
.debug_aranges 134056 134168 112 0.1
.debug_frame 490964 491420 456 0.1
.debug_info 40197534 40245125 47591 0.1
.debug_line 5265819 5270134 4315 0.1
.debug_loc 3400392 3404227 3835 0.1
.debug_ranges 371624 371632 8 0.0
.debug_str 3534818 3538992 4174 0.1
.rodata 106752 106784 32 0.0
.symtab 173184 173200 16 0.0
.text 951566 951700 134 0.0
bl702+rpc (read/write) 1276159 1276327 168 0.0
.debug_abbrev 1698271 1703076 4805 0.3
.debug_aranges 142280 142392 112 0.1
.debug_frame 518668 519124 456 0.1
.debug_info 44594117 44643189 49072 0.1
.debug_line 5664170 5668493 4323 0.1
.debug_loc 3596502 3600324 3822 0.1
.debug_ranges 395328 395336 8 0.0
.debug_str 3938127 3942301 4174 0.1
.rodata 121296 121328 32 0.0
.symtab 191536 191552 16 0.0
.text 1028590 1028780 190 0.0
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 676771 677047 276 0.0
.data 3384 3388 4 0.1
.rodata 87515 87519 4 0.0
.text 588940 589212 272 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 640851 641135 284 0.0
.data 3384 3388 4 0.1
.rodata 77467 77479 12 0.0
.text 563064 563336 272 0.0
lock-ftd LP_CC2652R7 (read only) 673823 674111 288 0.0
.data 3312 3316 4 0.1
.rodata 76311 76319 8 0.0
.text 597032 597312 280 0.0
lock-mtd LP_CC2652R7 (read only) 660183 660443 260 0.0
.data 3312 3316 4 0.1
.rodata 102775 102779 4 0.0
.text 556928 557184 256 0.0
pump-app LP_CC2652R7 (read only) 686883 687187 304 0.0
.data 3276 3280 4 0.1
.rodata 90435 90451 16 0.0
.text 595968 596256 288 0.0
pump-controller-app LP_CC2652R7 (read only) 672315 672611 296 0.0
.data 3300 3304 4 0.1
.rodata 86515 86523 8 0.0
.text 585320 585608 288 0.0
shell LP_CC2652R7 (read only) 668022 668294 272 0.0
.data 3380 3384 4 0.1
.rodata 84254 84262 8 0.0
.text 583456 583720 264 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 583898 584106 208 0.0
.app_xip_area 460652 460876 224 0.0
.data 736 740 4 0.5
lock cyw930739m2evb_01 (read/write) 587614 587826 212 0.0
.app_xip_area 459072 459292 220 0.0
.data 744 748 4 0.5
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 549358 549566 208 0.0
.app_xip_area 431592 431824 232 0.1
.data 692 696 4 0.6
efr32 lighting-app BRD4161A+rs911x (read/write) 1037624 1037804 180 0.0
.data 2044 2048 4 0.2
.text 853932 854136 204 0.0
BRD4187C (read/write) 1150752 1150956 204 0.0
.data 2544 2548 4 0.2
.text 990692 990916 224 0.0
lock-app BRD4161A+wf200 (read/write) 1065296 1065588 292 0.0
.data 2052 2056 4 0.2
.text 910068 910384 316 0.0
window-app BRD4187C (read/write) 1145660 1145864 204 0.0
.data 2572 2576 4 0.2
.text 984068 984284 216 0.0
esp32 all-clusters-app c3devkit (read only) 1042098 1042190 92 0.0
.flash.rodata 220136 220152 16 0.0
.flash.text 1042098 1042190 92 0.0
m5stack .dram0.data 34072 34080 8 0.0
.flash.rodata 248904 248912 8 0.0
k32w contact k32w0+release (read/write) 659420 659672 252 0.0
.data 2112 2116 4 0.2
.text 561572 561844 272 0.0
light k32w0+release (read/write) 671420 671676 256 0.0
.data 2064 2068 4 0.2
.text 592220 592496 276 0.0
lock k32w0+release (read/write) 630800 631068 268 0.0
.data 2084 2088 4 0.2
.text 550812 551100 288 0.1
linux all-clusters-app debug (read only) 3154937 3156033 1096 0.0
.data.rel.ro 82248 82296 48 0.1
.rodata 283659 283787 128 0.0
.text 2685858 2686706 848 0.0
all-clusters-minimal-app debug (read only) 2971209 2972241 1032 0.0
.data.rel.ro 76472 76520 48 0.1
.rodata 282379 282443 64 0.0
.text 2506738 2507586 848 0.0
bridge-app debug (read only) 2524825 2525665 840 0.0
(read/write) 132320 132384 64 0.0
.data 3632 3664 32 0.9
.data.rel.ro 68952 69016 64 0.1
.text 2138514 2139362 848 0.0
chip-tool debug (read only) 11643017 11644937 1920 0.0
(read/write) 655568 655696 128 0.0
.data.rel.ro 619504 619632 128 0.0
.rodata 651301 651397 96 0.0
.text 9468484 9470068 1584 0.0
chip-tool-ipv6only arm64 (read only) 11040076 11040140 64 0.0
(read/write) 704904 705048 144 0.0
.data.rel.ro 648312 648440 128 0.0
.got 14128 14144 16 0.1
.rodata 577084 577164 80 0.0
lighting-app debug+rpc (read only) 2692257 2693369 1112 0.0
(read/write) 131688 131720 32 0.0
.data 2288 2320 32 1.4
.data.rel.ro 72088 72136 48 0.1
.rodata 229856 229984 128 0.1
.text 2285042 2285906 864 0.0
lock-app debug (read only) 2655033 2656081 1048 0.0
(read/write) 126736 126800 64 0.1
.data 1904 1936 32 1.7
.data.rel.ro 69064 69128 64 0.1
.rodata 246088 246152 64 0.0
.text 2236434 2237298 864 0.0
ota-provider-app debug (read only) 2225057 2226153 1096 0.0
.data 2080 2112 32 1.5
.data.rel.ro 51560 51608 48 0.1
.rodata 197416 197544 128 0.1
.text 1887122 1887970 848 0.0
ota-requestor-app debug (read only) 2386569 2387633 1064 0.0
.data 2480 2512 32 1.3
.data.rel.ro 56328 56376 48 0.1
.rodata 204400 204496 96 0.0
.text 2032626 2033474 848 0.0
shell debug (read only) 2684385 2685433 1048 0.0
(read/write) 139360 139424 64 0.0
.data 1264 1296 32 2.5
.data.rel.ro 73128 73184 56 0.1
.rodata 241746 241810 64 0.0
.text 2282194 2283058 864 0.0
thermostat-no-ble arm64 (read only) 2506620 2506644 24 0.0
.data 1824 1832 8 0.4
.data.rel.ro 76968 76992 24 0.0
.rodata 150856 150960 104 0.1
.text 2093936 2093952 16 0.0
tv-app debug (read only) 3314737 3315921 1184 0.0
(read/write) 259568 259632 64 0.0
.data 3904 3920 16 0.4
.data.rel.ro 78096 78144 48 0.1
.rodata 270520 270584 64 0.0
.text 2849490 2850466 976 0.0
tv-casting-app debug (read only) 5700265 5701249 984 0.0
(read/write) 164568 164632 64 0.0
.data.rel.ro 102520 102600 80 0.1
.text 5049346 5050306 960 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read/write) 2463256 2464128 872 0.0
.text 1425900 1426772 872 0.1
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1160672 1160956 284 0.0
rodata 133436 133448 12 0.0
text 803808 804084 276 0.0
nrf7002dk_nrf5340_cpuapp (read/write) 1366012 1366332 320 0.0
rodata 210876 210888 12 0.0
text 763564 763860 296 0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read/write) 1107048 1107332 284 0.0
rodata 110580 110592 12 0.0
text 773880 774156 276 0.0
psoc6 all-clusters cy8ckit_062s2_43012 (read only) 840808 840832 24 0.0
(read/write) 1755764 1755948 184 0.0
.debug_abbrev 1251453 1256996 5543 0.4
.debug_aranges 111280 111392 112 0.1
.debug_frame 373636 373956 320 0.1
.debug_info 27506003 27558889 52886 0.2
.debug_line 3778996 3783436 4440 0.1
.debug_loc 3673164 3676644 3480 0.1
.debug_ranges 362248 362256 8 0.0
.debug_str 3485030 3489185 4155 0.1
.heap 840808 840832 24 0.0
.text 1554840 1555048 208 0.0
all-clusters-minimal cy8ckit_062s2_43012 (read only) 841624 841640 16 0.0
(read/write) 1697644 1697844 200 0.0
.data 2664 2672 8 0.3
.debug_abbrev 1237164 1242665 5501 0.4
.debug_aranges 110544 110656 112 0.1
.debug_frame 376080 376400 320 0.1
.debug_info 27063756 2711501 51263 0.2
.debug_line 3787362 3791836 4474 0.1
.debug_loc 3656895 3660375 3480 0.1
.debug_ranges 360216 360224 8 0.0
.debug_str 3470783 3474946 4163 0.1
.heap 841624 841640 16 0.0
.text 1497536 1497752 216 0.0
light cy8ckit_062s2_43012 (read only) 849944 849968 24 0.0
(read/write) 1611196 1611396 200 0.0
.debug_abbrev 1072030 1076983 4953 0.5
.debug_aranges 102800 102912 112 0.1
.debug_frame 346624 346944 320 0.1
.debug_info 22491180 22538722 47542 0.2
.debug_line 3340167 3344482 4315 0.1
.debug_loc 3336443 3339915 3472 0.1
.debug_ranges 319440 319448 8 0.0
.debug_str 3274807 3278958 4151 0.1
.heap 849944 849968 24 0.0
.text 1419408 1419632 224 0.0
lock cy8ckit_062s2_43012 (read only) 844960 844976 16 0.0
(read/write) 1645188 1645388 200 0.0
.data 2472 2480 8 0.3
.debug_abbrev 1073262 1078772 5510 0.5
.debug_aranges 103192 103304 112 0.1
.debug_frame 348448 348768 320 0.1
.debug_info 22711597 22761001 49404 0.2
.debug_line 3341772 3346089 4317 0.1
.debug_loc 3357821 3361204 3383 0.1
.debug_ranges 321304 321312 8 0.0
.debug_str 3291255 3295402 4147 0.1
.heap 844960 844976 16 0.0
.text 1448416 1448632 216 0.0
qpg lighting-app qpg6105+debug (read/write) 1147688 1147940 252 0.0
.data 848 852 4 0.5
.text 594788 595036 248 0.0
lock-app qpg6105+debug (read/write) 1115408 1115644 236 0.0
.data 860 864 4 0.5
.text 562504 562744 240 0.0
telink all-clusters-app tlsr9518adk80d (read/write) 1015280 1015544 264 0.0
text 685418 685718 300 0.0
all-clusters-minimal-app tlsr9518adk80d (read/write) 951940 952188 248 0.0
text 647800 648086 286 0.0
contact-sensor-app tlsr9518adk80d (read/write) 857388 857652 264 0.0
text 578778 579080 302 0.1
light-switch-app tlsr9518adk80d (read/write) 873168 873416 248 0.0
text 592904 593192 288 0.0
lighting-app tlsr9518adk80d (read/write) 950484 950748 264 0.0
text 658300 658604 304 0.0
ota-requestor-app tlsr9518adk80d (read/write) 887328 887600 272 0.0
text 604272 604570 298 0.0
thermostat tlsr9518adk80d (read/write) 877376 877624 248 0.0
text 594478 594766 288 0.0
Decreases (52 builds for bl602, bl702, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, psoc6, qpg, telink)
platform target config section 811ab2b 79457a2 change % change
bl602 lighting-app bl602 (read/write) 1345490 1345422 -68 -0.0
.bss 94858 94810 -48 -0.1
.text 1022526 1022480 -46 -0.0
bl602+rpc (read/write) 1390930 1390870 -60 -0.0
.bss 102906 102858 -48 -0.0
.text 1053456 1053412 -44 -0.0
bl702 lighting-app bl702 .bss 69969 69921 -48 -0.1
.strtab 571683 571518 -165 -0.0
bl702+rpc .bss 78017 77969 -48 -0.1
.data 4608 4600 -8 -0.2
.strtab 632280 632115 -165 -0.0
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read/write) 174476 174176 -300 -0.2
.bss 80940 80916 -24 -0.0
all-clusters-minimal-app LP_CC2652R7 (read/write) 157632 157620 -12 -0.0
.bss 80132 80116 -16 -0.0
lock-ftd LP_CC2652R7 (read/write) 174768 174464 -304 -0.2
.bss 78372 78356 -16 -0.0
lock-mtd LP_CC2652R7 (read/write) 183672 183396 -276 -0.2
.bss 73636 73620 -16 -0.0
pump-app LP_CC2652R7 (read/write) 162444 162116 -328 -0.2
.bss 78340 78316 -24 -0.0
pump-controller-app LP_CC2652R7 (read/write) 177124 176812 -312 -0.2
.bss 78452 78436 -16 -0.0
shell LP_CC2652R7 (read/write) 185296 185000 -296 -0.2
.bss 83012 82988 -24 -0.0
cyw30739 light cyw930739m2evb_01 .bss 65696 65672 -24 -0.0
lock cyw930739m2evb_01 .bss 70984 70968 -16 -0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 .bss 60256 60232 -24 -0.0
efr32 lighting-app BRD4161A+rs911x .bss 181624 181600 -24 -0.0
BRD4187C .bss 132920 132896 -24 -0.0
lock-app BRD4161A+wf200 .bss 153152 153128 -24 -0.0
window-app BRD4187C .bss 134424 134408 -16 -0.0
esp32 all-clusters-app c3devkit (read/write) 1516178 1516146 -32 -0.0
.dram0.bss 76032 75984 -48 -0.1
m5stack (read only) 1094279 1094227 -52 -0.0
(read/write) 497827 497787 -40 -0.0
.dram0.bss 81080 81024 -56 -0.1
.flash.text 1088895 1088843 -52 -0.0
k32w contact k32w0+release .bss 76624 76600 -24 -0.0
light k32w0+release .bss 74408 74384 -24 -0.0
lock k32w0+release .bss 75176 75152 -24 -0.0
linux all-clusters-app debug (read/write) 154864 154832 -32 -0.0
.bss 63744 63680 -64 -0.1
all-clusters-minimal-app debug (read/write) 148080 148048 -32 -0.0
.bss 62880 62816 -64 -0.1
bridge-app debug .bss 53632 53600 -32 -0.1
.rodata 213920 213792 -128 -0.1
chip-tool-ipv6only arm64 .text 8789764 8789412 -352 -0.0
lighting-app debug+rpc .bss 51104 51040 -64 -0.1
lock-app debug .bss 49536 49504 -32 -0.1
ota-provider-app debug .bss 47712 47648 -64 -0.1
ota-requestor-app debug (read/write) 114208 114176 -32 -0.0
.bss 50176 50080 -96 -0.2
shell debug .bss 59144 59112 -32 -0.1
thermostat-no-ble arm64 (read/write) 144680 144600 -80 -0.1
.bss 56456 56408 -48 -0.1
.got 5392 5336 -56 -1.0
tv-app debug .bss 170872 170840 -32 -0.0
tv-casting-app debug .bss 53496 53464 -32 -0.1
.rodata 365300 365204 -96 -0.0
mbed lock-app CY8CPROTO_062_4343W+release .bss 215956 215932 -24 -0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 bss 143595 143575 -20 -0.0
nrf7002dk_nrf5340_cpuapp bss 106054 106034 -20 -0.0
all-clusters-minimal-app nrf52840dk_nrf52840 bss 142751 142731 -20 -0.0
psoc6 all-clusters cy8ckit_062s2_43012 .bss 189864 189840 -24 -0.0
.strtab 577246 577123 -123 -0.0
.symtab 424288 424256 -32 -0.0
all-clusters-minimal cy8ckit_062s2_43012 .bss 189056 189032 -24 -0.0
.strtab 538662 538539 -123 -0.0
.symtab 409728 409696 -32 -0.0
light cy8ckit_062s2_43012 .bss 180936 180912 -24 -0.0
.strtab 474072 473949 -123 -0.0
.symtab 377632 377600 -32 -0.0
lock cy8ckit_062s2_43012 .bss 185912 185888 -24 -0.0
.strtab 477035 476912 -123 -0.0
.symtab 379504 379472 -32 -0.0
qpg lighting-app qpg6105+debug .bss 99940 99924 -16 -0.0
lock-app qpg6105+debug .bss 96460 96436 -24 -0.0
telink all-clusters-app tlsr9518adk80d bss 98044 97992 -52 -0.1
all-clusters-minimal-app tlsr9518adk80d bss 97092 97040 -52 -0.1
contact-sensor-app tlsr9518adk80d bss 89216 89164 -52 -0.1
light-switch-app tlsr9518adk80d bss 89304 89252 -52 -0.1
lighting-app tlsr9518adk80d bss 97452 97400 -52 -0.1
ota-requestor-app tlsr9518adk80d bss 90252 90200 -52 -0.1
thermostat tlsr9518adk80d bss 90692 90640 -52 -0.1
Full report (53 builds for bl602, bl702, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, psoc6, qpg, telink)
platform target config section 811ab2b 79457a2 change % change
bl602 lighting-app bl602 (read/write) 1345490 1345422 -68 -0.0
.bss 94858 94810 -48 -0.1
.data 9736 9736 0 0.0
.text 1022526 1022480 -46 -0.0
bl602+rpc (read/write) 1390930 1390870 -60 -0.0
.bss 102906 102858 -48 -0.0
.data 10128 10128 0 0.0
.text 1053456 1053412 -44 -0.0
bl702 lighting-app bl702 (read only) 3358 3358 0 0.0
(read/write) 1183467 1183619 152 0.0
.bleromro 6342 6342 0 0.0
.bleromrw 124 124 0 0.0
.boot2 292 292 0 0.0
.bss 69969 69921 -48 -0.1
.bss_psram 30048 30048 0 0.0
.comment 48 48 0 0.0
.data 4056 4064 8 0.2
.debug_abbrev 1549875 1554936 5061 0.3
.debug_aranges 134056 134168 112 0.1
.debug_frame 490964 491420 456 0.1
.debug_info 40197534 40245125 47591 0.1
.debug_line 5265819 5270134 4315 0.1
.debug_loc 3400392 3404227 3835 0.1
.debug_ranges 371624 371632 8 0.0
.debug_str 3534818 3538992 4174 0.1
.hbn 536 536 0 0.0
.hbn_noinit 260 260 0 0.0
.init 342 342 0 0.0
.init_array 144 144 0 0.0
.psram 0 0 0 0.0
.riscv.attributes 47 47 0 0.0
.rodata 106752 106784 32 0.0
.rsvd 2960 2960 0 0.0
.sha_ocram 72 72 0 0.0
.shstrtab 304 304 0 0.0
.stack 2048 2048 0 0.0
.strtab 571683 571518 -165 -0.0
.symtab 173184 173200 16 0.0
.tcm_data 36 36 0 0.0
.tcmcode 3358 3358 0 0.0
.text 0 0 0 0.0
951566 951700 134 0.0
bl702+rpc (read only) 3358 3358 0 0.0
(read/write) 1276159 1276327 168 0.0
.bleromro 6342 6342 0 0.0
.bleromrw 124 124 0 0.0
.boot2 292 292 0 0.0
.bss 78017 77969 -48 -0.1
.bss_psram 30304 30304 0 0.0
.comment 48 48 0 0.0
.data 4608 4600 -8 -0.2
.debug_abbrev 1698271 1703076 4805 0.3
.debug_aranges 142280 142392 112 0.1
.debug_frame 518668 519124 456 0.1
.debug_info 44594117 44643189 49072 0.1
.debug_line 5664170 5668493 4323 0.1
.debug_loc 3596502 3600324 3822 0.1
.debug_ranges 395328 395336 8 0.0
.debug_str 3938127 3942301 4174 0.1
.hbn 536 536 0 0.0
.hbn_noinit 260 260 0 0.0
.init 342 342 0 0.0
.init_array 160 160 0 0.0
.psram 0 0 0 0.0
.riscv.attributes 47 47 0 0.0
.rodata 121296 121328 32 0.0
.rsvd 2960 2960 0 0.0
.sha_ocram 72 72 0 0.0
.shstrtab 304 304 0 0.0
.stack 2048 2048 0 0.0
.strtab 632280 632115 -165 -0.0
.symtab 191536 191552 16 0.0
.tcm_data 36 36 0 0.0
.tcmcode 3358 3358 0 0.0
.text 0 0 0 0.0
1028590 1028780 190 0.0
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 676771 677047 276 0.0
(read/write) 174476 174176 -300 -0.2
.bss 80940 80916 -24 -0.0
.data 3384 3388 4 0.1
.rodata 87515 87519 4 0.0
.text 588940 589212 272 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 640851 641135 284 0.0
(read/write) 157632 157620 -12 -0.0
.bss 80132 80116 -16 -0.0
.data 3384 3388 4 0.1
.rodata 77467 77479 12 0.0
.text 563064 563336 272 0.0
lock-ftd LP_CC2652R7 (read only) 673823 674111 288 0.0
(read/write) 174768 174464 -304 -0.2
.bss 78372 78356 -16 -0.0
.data 3312 3316 4 0.1
.rodata 76311 76319 8 0.0
.text 597032 597312 280 0.0
lock-mtd LP_CC2652R7 (read only) 660183 660443 260 0.0
(read/write) 183672 183396 -276 -0.2
.bss 73636 73620 -16 -0.0
.data 3312 3316 4 0.1
.rodata 102775 102779 4 0.0
.text 556928 557184 256 0.0
pump-app LP_CC2652R7 (read only) 686883 687187 304 0.0
(read/write) 162444 162116 -328 -0.2
.bss 78340 78316 -24 -0.0
.data 3276 3280 4 0.1
.rodata 90435 90451 16 0.0
.text 595968 596256 288 0.0
pump-controller-app LP_CC2652R7 (read only) 672315 672611 296 0.0
(read/write) 177124 176812 -312 -0.2
.bss 78452 78436 -16 -0.0
.data 3300 3304 4 0.1
.rodata 86515 86523 8 0.0
.text 585320 585608 288 0.0
shell LP_CC2652R7 (read only) 668022 668294 272 0.0
(read/write) 185296 185000 -296 -0.2
.bss 83012 82988 -24 -0.0
.data 3380 3384 4 0.1
.rodata 84254 84262 8 0.0
.text 583456 583720 264 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 583898 584106 208 0.0
.app_xip_area 460652 460876 224 0.0
.bss 65696 65672 -24 -0.0
.data 736 740 4 0.5
.rodata 0 0 0 0.0
.text 112 112 0 0.0
lock cyw930739m2evb_01 (read/write) 587614 587826 212 0.0
.app_xip_area 459072 459292 220 0.0
.bss 70984 70968 -16 -0.0
.data 744 748 4 0.5
.rodata 0 0 0 0.0
.text 112 112 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 549358 549566 208 0.0
.app_xip_area 431592 431824 232 0.1
.bss 60256 60232 -24 -0.0
.data 692 696 4 0.6
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A+rs911x (read/write) 1037624 1037804 180 0.0
.bss 181624 181600 -24 -0.0
.data 2044 2048 4 0.2
.text 853932 854136 204 0.0
BRD4187C (read/write) 1150752 1150956 204 0.0
.bss 132920 132896 -24 -0.0
.data 2544 2548 4 0.2
.text 990692 990916 224 0.0
lock-app BRD4161A+wf200 (read/write) 1065296 1065588 292 0.0
.bss 153152 153128 -24 -0.0
.data 2052 2056 4 0.2
.text 910068 910384 316 0.0
window-app BRD4187C (read/write) 1145660 1145864 204 0.0
.bss 134424 134408 -16 -0.0
.data 2572 2576 4 0.2
.text 984068 984284 216 0.0
esp32 all-clusters-app c3devkit (read only) 1042098 1042190 92 0.0
(read/write) 1516178 1516146 -32 -0.0
.dram0.bss 76032 75984 -48 -0.1
.dram0.data 13792 13792 0 0.0
.flash.rodata 220136 220152 16 0.0
.flash.text 1042098 1042190 92 0.0
.iram0.text 72896 72896 0 0.0
m5stack (read only) 1094279 1094227 -52 -0.0
(read/write) 497827 497787 -40 -0.0
.dram0.bss 81080 81024 -56 -0.1
.dram0.data 34072 34080 8 0.0
.flash.rodata 248904 248912 8 0.0
.flash.text 1088895 1088843 -52 -0.0
.iram0.text 124855 124855 0 0.0
k32w contact k32w0+release (read/write) 659420 659672 252 0.0
.bss 76624 76600 -24 -0.0
.data 2112 2116 4 0.2
.text 561572 561844 272 0.0
light k32w0+release (read/write) 671420 671676 256 0.0
.bss 74408 74384 -24 -0.0
.data 2064 2068 4 0.2
.text 592220 592496 276 0.0
lock k32w0+release (read/write) 630800 631068 268 0.0
.bss 75176 75152 -24 -0.0
.data 2084 2088 4 0.2
.text 550812 551100 288 0.1
linux all-clusters-app debug (read only) 3154937 3156033 1096 0.0
(read/write) 154864 154832 -32 -0.0
.bss 63744 63680 -64 -0.1
.data 2272 2272 0 0.0
.data.rel.ro 82248 82296 48 0.1
.dynamic 608 608 0 0.0
.got 4776 4776 0 0.0
.init 27 27 0 0.0
.init_array 1192 1192 0 0.0
.rodata 283659 283787 128 0.0
.text 2685858 2686706 848 0.0
all-clusters-minimal-app debug (read only) 2971209 2972241 1032 0.0
(read/write) 148080 148048 -32 -0.0
.bss 62880 62816 -64 -0.1
.data 2240 2240 0 0.0
.data.rel.ro 76472 76520 48 0.1
.dynamic 608 608 0 0.0
.got 4688 4688 0 0.0
.init 27 27 0 0.0
.init_array 1160 1160 0 0.0
.rodata 282379 282443 64 0.0
.text 2506738 2507586 848 0.0
bridge-app debug (read only) 2524825 2525665 840 0.0
(read/write) 132320 132384 64 0.0
.bss 53632 53600 -32 -0.1
.data 3632 3664 32 0.9
.data.rel.ro 68952 69016 64 0.1
.dynamic 608 608 0 0.0
.got 4616 4616 0 0.0
.init 27 27 0 0.0
.init_array 856 856 0 0.0
.rodata 213920 213792 -128 -0.1
.text 2138514 2139362 848 0.0
chip-tool debug (read only) 11643017 11644937 1920 0.0
(read/write) 655568 655696 128 0.0
.bss 26264 26264 0 0.0
.data 3042 3042 0 0.0
.data.rel.ro 619504 619632 128 0.0
.dynamic 608 608 0 0.0
.got 5352 5352 0 0.0
.init 27 27 0 0.0
.init_array 752 752 0 0.0
.rodata 651301 651397 96 0.0
.text 9468484 9470068 1584 0.0
chip-tool-ipv6only arm64 (read only) 11040076 11040140 64 0.0
(read/write) 704904 705048 144 0.0
.bss 34248 34248 0 0.0
.data 3008 3008 0 0.0
.data.rel.ro 648312 648440 128 0.0
.dynamic 560 560 0 0.0
.got 14128 14144 16 0.1
.init 24 24 0 0.0
.init_array 208 208 0 0.0
.rodata 577084 577164 80 0.0
.text 8789764 8789412 -352 -0.0
lighting-app debug+rpc (read only) 2692257 2693369 1112 0.0
(read/write) 131688 131720 32 0.0
.bss 51104 51040 -64 -0.1
.data 2288 2320 32 1.4
.data.rel.ro 72088 72136 48 0.1
.dynamic 608 608 0 0.0
.got 4648 4648 0 0.0
.init 27 27 0 0.0
.init_array 928 928 0 0.0
.rodata 229856 229984 128 0.1
.text 2285042 2285906 864 0.0
lock-app debug (read only) 2655033 2656081 1048 0.0
(read/write) 126736 126800 64 0.1
.bss 49536 49504 -32 -0.1
.data 1904 1936 32 1.7
.data.rel.ro 69064 69128 64 0.1
.dynamic 608 608 0 0.0
.got 4680 4680 0 0.0
.init 27 27 0 0.0
.init_array 904 904 0 0.0
.rodata 246088 246152 64 0.0
.text 2236434 2237298 864 0.0
ota-provider-app debug (read only) 2225057 2226153 1096 0.0
(read/write) 106480 106480 0 0.0
.bss 47712 47648 -64 -0.1
.data 2080 2112 32 1.5
.data.rel.ro 51560 51608 48 0.1
.dynamic 608 608 0 0.0
.got 3744 3744 0 0.0
.init 27 27 0 0.0
.init_array 744 744 0 0.0
.rodata 197416 197544 128 0.1
.text 1887122 1887970 848 0.0
ota-requestor-app debug (read only) 2386569 2387633 1064 0.0
(read/write) 114208 114176 -32 -0.0
.bss 50176 50080 -96 -0.2
.data 2480 2512 32 1.3
.data.rel.ro 56328 56376 48 0.1
.dynamic 608 608 0 0.0
.got 3744 3744 0 0.0
.init 27 27 0 0.0
.init_array 824 824 0 0.0
.rodata 204400 204496 96 0.0
.text 2032626 2033474 848 0.0
shell debug (read only) 2684385 2685433 1048 0.0
(read/write) 139360 139424 64 0.0
.bss 59144 59112 -32 -0.1
.data 1264 1296 32 2.5
.data.rel.ro 73128 73184 56 0.1
.dynamic 608 608 0 0.0
.got 4136 4136 0 0.0
.init 27 27 0 0.0
.init_array 1040 1040 0 0.0
.rodata 241746 241810 64 0.0
.text 2282194 2283058 864 0.0
thermostat-no-ble arm64 (read only) 2506620 2506644 24 0.0
(read/write) 144680 144600 -80 -0.1
.bss 56456 56408 -48 -0.1
.data 1824 1832 8 0.4
.data.rel.ro 76968 76992 24 0.0
.dynamic 560 560 0 0.0
.got 5392 5336 -56 -1.0
.init 24 24 0 0.0
.init_array 432 432 0 0.0
.rodata 150856 150960 104 0.1
.text 2093936 2093952 16 0.0
tv-app debug (read only) 3314737 3315921 1184 0.0
(read/write) 259568 259632 64 0.0
.bss 170872 170840 -32 -0.0
.data 3904 3920 16 0.4
.data.rel.ro 78096 78144 48 0.1
.dynamic 608 608 0 0.0
.got 5008 5008 0 0.0
.init 27 27 0 0.0
.init_array 1072 1072 0 0.0
.rodata 270520 270584 64 0.0
.text 2849490 2850466 976 0.0
tv-casting-app debug (read only) 5700265 5701249 984 0.0
(read/write) 164568 164632 64 0.0
.bss 53496 53464 -32 -0.1
.data 1936 1936 0 0.0
.data.rel.ro 102520 102600 80 0.1
.dynamic 608 608 0 0.0
.got 4928 4928 0 0.0
.init 27 27 0 0.0
.init_array 1048 1048 0 0.0
.rodata 365300 365204 -96 -0.0
.text 5049346 5050306 960 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2463256 2464128 872 0.0
.bss 215956 215932 -24 -0.0
.data 5880 5880 0 0.0
.text 1425900 1426772 872 0.1
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read only) 4 4 0 0.0
(read/write) 1160672 1160956 284 0.0
bss 143595 143575 -20 -0.0
rodata 133436 133448 12 0.0
text 803808 804084 276 0.0
nrf7002dk_nrf5340_cpuapp (read only) 4 4 0 0.0
(read/write) 1366012 1366332 320 0.0
bss 106054 106034 -20 -0.0
rodata 210876 210888 12 0.0
text 763564 763860 296 0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read only) 4 4 0 0.0
(read/write) 1107048 1107332 284 0.0
bss 142751 142731 -20 -0.0
rodata 110580 110592 12 0.0
text 773880 774156 276 0.0
psoc6 all-clusters cy8ckit_062s2_43012 (read only) 840808 840832 24 0.0
(read/write) 1755764 1755948 184 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 189864 189840 -24 -0.0
.comment 200 200 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2672 2672 0 0.0
.debug_abbrev 1251453 1256996 5543 0.4
.debug_aranges 111280 111392 112 0.1
.debug_frame 373636 373956 320 0.1
.debug_info 27506003 27558889 52886 0.2
.debug_line 3778996 3783436 4440 0.1
.debug_loc 3673164 3676644 3480 0.1
.debug_ranges 362248 362256 8 0.0
.debug_str 3485030 3489185 4155 0.1
.heap 840808 840832 24 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 577246 577123 -123 -0.0
.symtab 424288 424256 -32 -0.0
.text 1554840 1555048 208 0.0
.zero.table 8 8 0 0.0
text 0 0 0 0.0
all-clusters-minimal cy8ckit_062s2_43012 (read only) 841624 841640 16 0.0
(read/write) 1697644 1697844 200 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 189056 189032 -24 -0.0
.comment 200 200 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2664 2672 8 0.3
.debug_abbrev 1237164 1242665 5501 0.4
.debug_aranges 110544 110656 112 0.1
.debug_frame 376080 376400 320 0.1
.debug_info 27063756 2711501 51263 0.2
.debug_line 3787362 3791836 4474 0.1
.debug_loc 3656895 3660375 3480 0.1
.debug_ranges 360216 360224 8 0.0
.debug_str 3470783 3474946 4163 0.1
.heap 841624 841640 16 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 538662 538539 -123 -0.0
.symtab 409728 409696 -32 -0.0
.text 1497536 1497752 216 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
light cy8ckit_062s2_43012 (read only) 849944 849968 24 0.0
(read/write) 1611196 1611396 200 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 180936 180912 -24 -0.0
.comment 200 200 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2464 2464 0 0.0
.debug_abbrev 1072030 1076983 4953 0.5
.debug_aranges 102800 102912 112 0.1
.debug_frame 346624 346944 320 0.1
.debug_info 22491180 22538722 47542 0.2
.debug_line 3340167 3344482 4315 0.1
.debug_loc 3336443 3339915 3472 0.1
.debug_ranges 319440 319448 8 0.0
.debug_str 3274807 3278958 4151 0.1
.heap 849944 849968 24 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 474072 473949 -123 -0.0
.symtab 377632 377600 -32 -0.0
.text 1419408 1419632 224 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
lock cy8ckit_062s2_43012 (read only) 844960 844976 16 0.0
(read/write) 1645188 1645388 200 0.0
.ARM.attributes 46 46 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 185912 185888 -24 -0.0
.comment 200 200 0 0.0
.copy.table 24 24 0 0.0
.cy_m0p_image 6216 6216 0 0.0
.cy_sharedmem 8 8 0 0.0
.data 2472 2480 8 0.3
.debug_abbrev 1073262 1078772 5510 0.5
.debug_aranges 103192 103304 112 0.1
.debug_frame 348448 348768 320 0.1
.debug_info 22711597 22761001 49404 0.2
.debug_line 3341772 3346089 4317 0.1
.debug_loc 3357821 3361204 3383 0.1
.debug_ranges 321304 321312 8 0.0
.debug_str 3291255 3295402 4147 0.1
.heap 844960 844976 16 0.0
.noinit 148 148 0 0.0
.ramVectors 736 736 0 0.0
.shstrtab 288 288 0 0.0
.stab 156 156 0 0.0
.stabstr 335 335 0 0.0
.stack_dummy 4096 4096 0 0.0
.strtab 477035 476912 -123 -0.0
.symtab 379504 379472 -32 -0.0
.text 1448416 1448632 216 0.0
.zero.table 0 0 0 0.0
8 8 0 0.0
qpg lighting-app qpg6105+debug (read/write) 1147688 1147940 252 0.0
.bss 99940 99924 -16 -0.0
.data 848 852 4 0.5
.text 594788 595036 248 0.0
lock-app qpg6105+debug (read/write) 1115408 1115644 236 0.0
.bss 96460 96436 -24 -0.0
.data 860 864 4 0.5
.text 562504 562744 240 0.0
telink all-clusters-app tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 1015280 1015544 264 0.0
bss 98044 97992 -52 -0.1
text 685418 685718 300 0.0
all-clusters-minimal-app tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 951940 952188 248 0.0
bss 97092 97040 -52 -0.1
text 647800 648086 286 0.0
contact-sensor-app tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 857388 857652 264 0.0
bss 89216 89164 -52 -0.1
text 578778 579080 302 0.1
light-switch-app tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 873168 873416 248 0.0
bss 89304 89252 -52 -0.1
text 592904 593192 288 0.0
lighting-app tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 950484 950748 264 0.0
bss 97452 97400 -52 -0.1
text 658300 658604 304 0.0
ota-requestor-app tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 887328 887600 272 0.0
bss 90252 90200 -52 -0.1
text 604272 604570 298 0.0
thermostat tlsr9518adk80d (read only) 4 4 0 0.0
(read/write) 877376 877624 248 0.0
bss 90692 90640 -52 -0.1
text 594478 594766 288 0.0

@project-chip project-chip deleted a comment Feb 1, 2023
@pullapprove pullapprove bot requested a review from andy31415 February 13, 2023 03:02
@Damian-Nordic
[crypto] Introduce AES key abstraction
134b428 
Add Aes128KeyHandle class that represents a platform-specific
AES key, either in the form of raw key material or key
reference. Also add SessionKeystore interface for managing
the lifetime of symmetric keys.

This is needed to enable more secure key management for
crypto backends that support invoking crypto operations
using key references, such as PSA crypto API.

Thanks to this class the session can only hold key references
while having the actual keys stored securely. Group key
management is still to be improved though.
@Damian-Nordic
Update PSA implementation
66775f2
@Damian-Nordic
Code review p.2
f5b9d45
@Damian-Nordic
Code review p.3
b3daf09 
1. Align AES key handle as uintptr_t instead of size_t.
2. Replace temporary implementation of PSA key derivation
   with a proper one that does not reveal derived keys.
3. Do not use DefaultSessionKeystore in controllers.
@github-actions
Copy link

PR #23792: Size comparison from 9913fc8 to b3daf09

Increases above 0.2%:

platform target config section 9913fc8 b3daf09 change % change
cc32xx lock CC3235SF_LAUNCHXL .data 1476 1480 4 0.3
.debug_abbrev 930005 934765 4760 0.5
.debug_info 20327107 20376094 48987 0.2
Increases (1 build for cc32xx)
platform target config section 9913fc8 b3daf09 change % change
cc32xx lock CC3235SF_LAUNCHXL (read only) 641857 642097 240 0.0
.data 1476 1480 4 0.3
.debug_abbrev 930005 934765 4760 0.5
.debug_aranges 87416 87528 112 0.1
.debug_frame 300116 300436 320 0.1
.debug_info 20327107 20376094 48987 0.2
.debug_line 2657881 2662014 4133 0.2
.debug_loc 2790854 2794558 3704 0.1
.debug_str 3010599 3014681 4082 0.1
.rodata 105697 105729 32 0.0
.text 534036 534248 212 0.0
Decreases (1 build for cc32xx)
platform target config section 9913fc8 b3daf09 change % change
cc32xx lock CC3235SF_LAUNCHXL (read/write) 204124 203784 -340 -0.2
.bss 197528 197184 -344 -0.2
.debug_ranges 281552 281544 -8 -0.0
.strtab 376514 376442 -72 -0.0
Full report (1 build for cc32xx)
platform target config section 9913fc8 b3daf09 change % change
cc32xx lock CC3235SF_LAUNCHXL 0 0 0 0.0
(read only) 641857 642097 240 0.0
(read/write) 204124 203784 -340 -0.2
.ARM.attributes 44 44 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 197528 197184 -344 -0.2
.comment 194 194 0 0.0
.data 1476 1480 4 0.3
.debug_abbrev 930005 934765 4760 0.5
.debug_aranges 87416 87528 112 0.1
.debug_frame 300116 300436 320 0.1
.debug_info 20327107 20376094 48987 0.2
.debug_line 2657881 2662014 4133 0.2
.debug_loc 2790854 2794558 3704 0.1
.debug_ranges 281552 281544 -8 -0.0
.debug_str 3010599 3014681 4082 0.1
.ramVecs 780 780 0 0.0
.resetVecs 64 64 0 0.0
.rodata 105697 105729 32 0.0
.shstrtab 232 232 0 0.0
.stab 204 204 0 0.0
.stabstr 441 441 0 0.0
.stack 2048 2048 0 0.0
.strtab 376514 376442 -72 -0.0
.symtab 256016 256016 0 0.0
.text 534036 534248 212 0.0

@github-actions
Copy link

PR #23792: Size comparison from 9913fc8 to a8860b3

Increases above 0.2%:

platform target config section 9913fc8 a8860b3 change % change
cc32xx lock CC3235SF_LAUNCHXL .data 1476 1480 4 0.3
.debug_abbrev 930005 934765 4760 0.5
.debug_info 20327107 20376094 48987 0.2
Increases (1 build for cc32xx)
platform target config section 9913fc8 a8860b3 change % change
cc32xx lock CC3235SF_LAUNCHXL (read only) 641857 642097 240 0.0
.data 1476 1480 4 0.3
.debug_abbrev 930005 934765 4760 0.5
.debug_aranges 87416 87528 112 0.1
.debug_frame 300116 300436 320 0.1
.debug_info 20327107 20376094 48987 0.2
.debug_line 2657881 2662014 4133 0.2
.debug_loc 2790854 2794558 3704 0.1
.debug_str 3010599 3014681 4082 0.1
.rodata 105697 105729 32 0.0
.text 534036 534248 212 0.0
Decreases (1 build for cc32xx)
platform target config section 9913fc8 a8860b3 change % change
cc32xx lock CC3235SF_LAUNCHXL (read/write) 204124 203784 -340 -0.2
.bss 197528 197184 -344 -0.2
.debug_ranges 281552 281544 -8 -0.0
.strtab 376514 376442 -72 -0.0
Full report (1 build for cc32xx)
platform target config section 9913fc8 a8860b3 change % change
cc32xx lock CC3235SF_LAUNCHXL 0 0 0 0.0
(read only) 641857 642097 240 0.0
(read/write) 204124 203784 -340 -0.2
.ARM.attributes 44 44 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 197528 197184 -344 -0.2
.comment 194 194 0 0.0
.data 1476 1480 4 0.3
.debug_abbrev 930005 934765 4760 0.5
.debug_aranges 87416 87528 112 0.1
.debug_frame 300116 300436 320 0.1
.debug_info 20327107 20376094 48987 0.2
.debug_line 2657881 2662014 4133 0.2
.debug_loc 2790854 2794558 3704 0.1
.debug_ranges 281552 281544 -8 -0.0
.debug_str 3010599 3014681 4082 0.1
.ramVecs 780 780 0 0.0
.resetVecs 64 64 0 0.0
.rodata 105697 105729 32 0.0
.shstrtab 232 232 0 0.0
.stab 204 204 0 0.0
.stabstr 441 441 0 0.0
.stack 2048 2048 0 0.0
.strtab 376514 376442 -72 -0.0
.symtab 256016 256016 0 0.0
.text 534036 534248 212 0.0

@Damian-Nordic Damian-Nordic merged commit b07872c into project-chip:master Feb 17, 2023
@Damian-Nordic Damian-Nordic deleted the psa-aes-upstream branch February 17, 2023 12:56
@chirag-silabs chirag-silabs mentioned this pull request Feb 20, 2023
Merged
lecndav pushed a commit to lecndav/connectedhomeip that referenced this pull request Mar 22, 2023
@Damian-Nordic
[crypto] Introduce AES key abstraction (project-chip#23792)
5ec56ec 
* [crypto] Introduce AES key abstraction

Add Aes128KeyHandle class that represents a platform-specific
AES key, either in the form of raw key material or key
reference. Also add SessionKeystore interface for managing
the lifetime of symmetric keys.

This is needed to enable more secure key management for
crypto backends that support invoking crypto operations
using key references, such as PSA crypto API.

Thanks to this class the session can only hold key references
while having the actual keys stored securely. Group key
management is still to be improved though.

* Update PSA implementation

* Code review p.2

* Code review p.3

1. Align AES key handle as uintptr_t instead of size_t.
2. Replace temporary implementation of PSA key derivation
   with a proper one that does not reveal derived keys.
3. Do not use DefaultSessionKeystore in controllers.

* Fix build
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tcarmelveilleux tcarmelveilleux tcarmelveilleux approved these changes

@bzbarsky-apple bzbarsky-apple bzbarsky-apple approved these changes

@LuDuda LuDuda LuDuda approved these changes

@anush-apple anush-apple Awaiting requested review from anush-apple

@arkq arkq Awaiting requested review from arkq

@Byungjoo-Lee Byungjoo-Lee Awaiting requested review from Byungjoo-Lee

@carol-apple carol-apple Awaiting requested review from carol-apple

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@chshu chshu Awaiting requested review from chshu

@chulspro chulspro Awaiting requested review from chulspro

@dhrishi dhrishi Awaiting requested review from dhrishi

@electrocucaracha electrocucaracha Awaiting requested review from electrocucaracha

@emargolis emargolis Awaiting requested review from emargolis

@franck-apple franck-apple Awaiting requested review from franck-apple

@gjc13 gjc13 Awaiting requested review from gjc13

@harimau-qirex harimau-qirex Awaiting requested review from harimau-qirex

@harsha-rajendran harsha-rajendran Awaiting requested review from harsha-rajendran

@hawk248 hawk248 Awaiting requested review from hawk248

@jelderton jelderton Awaiting requested review from jelderton

@jepenven-silabs jepenven-silabs Awaiting requested review from jepenven-silabs

@jmartinez-silabs jmartinez-silabs Awaiting requested review from jmartinez-silabs

@jtung-apple jtung-apple Awaiting requested review from jtung-apple

@lazarkov lazarkov Awaiting requested review from lazarkov

@mlepage-google mlepage-google Awaiting requested review from mlepage-google

@msandstedt msandstedt Awaiting requested review from msandstedt

@mspang mspang Awaiting requested review from mspang

@rgoliver rgoliver Awaiting requested review from rgoliver

@robszewczyk robszewczyk Awaiting requested review from robszewczyk

@saurabhst saurabhst Awaiting requested review from saurabhst

@selissia selissia Awaiting requested review from selissia

@tecimovic tecimovic Awaiting requested review from tecimovic

@turon turon Awaiting requested review from turon

@vijs vijs Awaiting requested review from vijs

@vivien-apple vivien-apple Awaiting requested review from vivien-apple

@woody-apple woody-apple Awaiting requested review from woody-apple

@xylophone21 xylophone21 Awaiting requested review from xylophone21

@yufengwangca yufengwangca Awaiting requested review from yufengwangca

@yunhanw-google yunhanw-google Awaiting requested review from yunhanw-google

@lpbeliveau-silabs lpbeliveau-silabs Awaiting requested review from lpbeliveau-silabs

@jmeg-sfy jmeg-sfy Awaiting requested review from jmeg-sfy

@ksperling-apple ksperling-apple Awaiting requested review from ksperling-apple

@pjzander-signify pjzander-signify Awaiting requested review from pjzander-signify

@amitnj amitnj Awaiting requested review from amitnj

@andy31415 andy31415 Awaiting requested review from andy31415

Assignees
No one assigned
Labels
app controller crypto darwin examples platform review - approved tests tools transport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Feature] Abstract key interface for symmetric encryption
4 participants
@Damian-Nordic @tcarmelveilleux @LuDuda @bzbarsky-apple