From ac9197b6404a7b1f63d1cbf41262f64962f10868 Mon Sep 17 00:00:00 2001 From: Devaraj Ranganna Date: Fri, 4 Jun 2021 16:45:09 +0100 Subject: [PATCH] samples: tfm_integration: Rename sample psa_level_1 to psa_crypto The example in folder `samples/tfm_integration/psa_level_1` contains code that demonstrate usage of PSA crypto APIs in Zephyr rather than the PSA levels. Therefore renaming the sample as `psa_crypto`. Signed-off-by: Devaraj Ranganna --- boards/arm/v2m_musca_s1/doc/index.rst | 2 +- .../CMakeLists.txt | 0 .../{psa_level_1 => psa_crypto}/Kconfig | 6 ++- .../{psa_level_1 => psa_crypto}/README.rst | 41 +++++++++---------- .../boards/nrf9160dk_nrf9160ns.overlay | 0 .../boards/nucleo_l552ze_q_ns.overlay | 0 .../boards/stm32l562e_dk_ns.overlay | 0 .../{psa_level_1 => psa_crypto}/prj.conf | 0 .../{psa_level_1 => psa_crypto}/sample.yaml | 10 ++--- .../{psa_level_1 => psa_crypto}/src/main.c | 0 .../src/psa_attestation.c | 0 .../src/psa_attestation.h | 0 .../src/psa_crypto.c | 0 .../src/psa_crypto.h | 0 .../{psa_level_1 => psa_crypto}/src/shell.c | 0 .../src/util_app_cfg.c | 0 .../src/util_app_cfg.h | 0 .../src/util_app_log.c | 0 .../src/util_app_log.h | 0 .../src/util_sformat.c | 0 .../src/util_sformat.h | 0 .../{psa_level_1 => psa_crypto}/user.pem | 0 .../{psa_level_1 => psa_crypto}/user_pub.pem | 0 .../psa_protected_storage/README.rst | 2 +- 24 files changed, 31 insertions(+), 30 deletions(-) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/CMakeLists.txt (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/Kconfig (77%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/README.rst (92%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/boards/nrf9160dk_nrf9160ns.overlay (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/boards/nucleo_l552ze_q_ns.overlay (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/boards/stm32l562e_dk_ns.overlay (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/prj.conf (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/sample.yaml (69%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/main.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/psa_attestation.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/psa_attestation.h (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/psa_crypto.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/psa_crypto.h (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/shell.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/util_app_cfg.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/util_app_cfg.h (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/util_app_log.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/util_app_log.h (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/util_sformat.c (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/src/util_sformat.h (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/user.pem (100%) rename samples/tfm_integration/{psa_level_1 => psa_crypto}/user_pub.pem (100%) diff --git a/boards/arm/v2m_musca_s1/doc/index.rst b/boards/arm/v2m_musca_s1/doc/index.rst index 9627d6f7748..c67cf5f6d5c 100644 --- a/boards/arm/v2m_musca_s1/doc/index.rst +++ b/boards/arm/v2m_musca_s1/doc/index.rst @@ -393,7 +393,7 @@ target. Please make sure all the requirements listed in the sample's description are met before building. .. zephyr-app-commands:: - :zephyr-app: samples/tfm_integration/psa_level_1 + :zephyr-app: samples/tfm_integration/psa_crypto :board: v2m_musca_s1_nonsecure :goals: build diff --git a/samples/tfm_integration/psa_level_1/CMakeLists.txt b/samples/tfm_integration/psa_crypto/CMakeLists.txt similarity index 100% rename from samples/tfm_integration/psa_level_1/CMakeLists.txt rename to samples/tfm_integration/psa_crypto/CMakeLists.txt diff --git a/samples/tfm_integration/psa_level_1/Kconfig b/samples/tfm_integration/psa_crypto/Kconfig similarity index 77% rename from samples/tfm_integration/psa_level_1/Kconfig rename to samples/tfm_integration/psa_crypto/Kconfig index 9869f2bd8eb..7ec02701aea 100644 --- a/samples/tfm_integration/psa_level_1/Kconfig +++ b/samples/tfm_integration/psa_crypto/Kconfig @@ -26,12 +26,14 @@ choice config PRIVATE_KEY_STATIC bool "Static" help - A static key value will be used for the private key. + A static key value will be used for the elliptic curve 'secp256r1' + private key. config PRIVATE_KEY_RANDOM bool "Random" help - A randomly generated value will be used for the private key. + A randomly generated value will be used for the elliptic curve + 'secp256r1' private key. endchoice diff --git a/samples/tfm_integration/psa_level_1/README.rst b/samples/tfm_integration/psa_crypto/README.rst similarity index 92% rename from samples/tfm_integration/psa_level_1/README.rst rename to samples/tfm_integration/psa_crypto/README.rst index a2e43da7115..0d671d38131 100644 --- a/samples/tfm_integration/psa_level_1/README.rst +++ b/samples/tfm_integration/psa_crypto/README.rst @@ -1,23 +1,22 @@ -.. _tfm_psa_level_1: +.. _tfm_psa_crypto: -TF-M PSA Level 1 +TF-M PSA crypto ################ Overview ******** -This TF-M integration example demonstrates how to use certain TF-M features -that are covered as part of the RTOS vendor requirements for a +This TF-M integration example demonstrates how to use the PSA crypto API in +Zephyr for cryptography. In addition, this example also demonstrates certain +TF-M features that are covered as part of the RTOS vendor requirements for a `PSA Certified Level 1`_ product, such as secure storage for config data, -initial attestation for device verification, and the PSA crypto API for -cryptography. +initial attestation for device verification. Trusted Firmware (TF-M) Platform Security Architecture (PSA) APIs are used for the secure processing environment, with Zephyr running in the non-secure processing environment. It uses **IPC Mode** for communication, where an IPC mechanism is inserted to -handle secure TF-M API calls and responses. The OS-specific code to handle -the IPC calls is in ``tfm_ipc.c``. +handle secure TF-M API calls and responses. The sample prints test info to the console either as a single-thread or multi-thread application. @@ -35,10 +34,10 @@ Demonstrates the following workflow: - Generate a persistent key: secp256r1 (usage: ecdsa-with-SHA256) - Display the public key based on the private key data above -- Calculates the SHA256 hash of a payload -- Signs the hash with the persistent key -- Verifies the signature using the public key -- Destroys the key +- Calculate the SHA256 hash of a payload +- Sign the hash with the persistent key +- Verify the signature using the public key +- Destroy the key ``psa_attestation.c`` ===================== @@ -78,13 +77,13 @@ On MPS2+ AN521: .. code-block:: bash cd - west build -p -b mps2_an521_nonsecure samples/tfm_integration/psa_level_1 + west build -p -b mps2_an521_nonsecure samples/tfm_integration/psa_crypto Using ``cmake`` and ``ninja`` .. code-block:: bash - cd /samples/tfm_integration/psa_level_1/ + cd /samples/tfm_integration/psa_crypto/ rm -rf build mkdir build && cd build cmake -GNinja -DBOARD=mps2_an521_nonsecure .. @@ -94,7 +93,7 @@ On MPS2+ AN521: .. code-block:: bash - cd /samples/tfm_integration/psa_level_1/ + cd /samples/tfm_integration/psa_crypto/ rm -rf build mkdir build && cd build cmake -DBOARD=mps2_an521_nonsecure .. @@ -132,13 +131,13 @@ and run it in qemu via the ``run`` command. .. code-block:: bash cd - west build -p -b mps2_an521_nonsecure samples/tfm_integration/psa_level_1 -t run + west build -p -b mps2_an521_nonsecure samples/tfm_integration/psa_crypto -t run Using ``cmake`` and ``ninja`` .. code-block:: bash - cd /samples/tfm_integration/psa_level_1/ + cd /samples/tfm_integration/psa_crypto/ rm -rf build mkdir build && cd build cmake -GNinja -DBOARD=mps2_an521_nonsecure .. @@ -148,7 +147,7 @@ and run it in qemu via the ``run`` command. .. code-block:: bash - cd /samples/tfm_integration/psa_level_1/ + cd /samples/tfm_integration/psa_crypto/ rm -rf build mkdir build && cd build cmake -DBOARD=mps2_an521_nonsecure .. @@ -161,7 +160,7 @@ Build Zephyr with a non-secure configuration: .. code-block:: bash - $ west build -p -b lpcxpresso55s69_ns samples/tfm_integration/psa_level_1/ -- + $ west build -p -b lpcxpresso55s69_ns samples/tfm_integration/psa_crypto/ -- Make sure your board is set up with :ref:`lpclink2-jlink-onboard-debug-probe`, since this isn't the debug interface boards ship with from the factory; @@ -191,7 +190,7 @@ Build Zephyr with a non-secure configuration .. code-block:: bash - cd /samples/tfm_integration/psa_level_1/ + cd /samples/tfm_integration/psa_crypto/ rm -rf build mkdir build && cd build cmake -GNinja -DBOARD=nrf9160dk_nrf9160ns .. @@ -223,7 +222,7 @@ Build Zephyr with a non-secure configuration .. code-block:: bash - cd /samples/tfm_integration/psa_level_1/ + cd /samples/tfm_integration/psa_crypto/ rm -rf build mkdir build && cd build cmake -GNinja -DBOARD=bl5340_dvk_cpuappns .. diff --git a/samples/tfm_integration/psa_level_1/boards/nrf9160dk_nrf9160ns.overlay b/samples/tfm_integration/psa_crypto/boards/nrf9160dk_nrf9160ns.overlay similarity index 100% rename from samples/tfm_integration/psa_level_1/boards/nrf9160dk_nrf9160ns.overlay rename to samples/tfm_integration/psa_crypto/boards/nrf9160dk_nrf9160ns.overlay diff --git a/samples/tfm_integration/psa_level_1/boards/nucleo_l552ze_q_ns.overlay b/samples/tfm_integration/psa_crypto/boards/nucleo_l552ze_q_ns.overlay similarity index 100% rename from samples/tfm_integration/psa_level_1/boards/nucleo_l552ze_q_ns.overlay rename to samples/tfm_integration/psa_crypto/boards/nucleo_l552ze_q_ns.overlay diff --git a/samples/tfm_integration/psa_level_1/boards/stm32l562e_dk_ns.overlay b/samples/tfm_integration/psa_crypto/boards/stm32l562e_dk_ns.overlay similarity index 100% rename from samples/tfm_integration/psa_level_1/boards/stm32l562e_dk_ns.overlay rename to samples/tfm_integration/psa_crypto/boards/stm32l562e_dk_ns.overlay diff --git a/samples/tfm_integration/psa_level_1/prj.conf b/samples/tfm_integration/psa_crypto/prj.conf similarity index 100% rename from samples/tfm_integration/psa_level_1/prj.conf rename to samples/tfm_integration/psa_crypto/prj.conf diff --git a/samples/tfm_integration/psa_level_1/sample.yaml b/samples/tfm_integration/psa_crypto/sample.yaml similarity index 69% rename from samples/tfm_integration/psa_level_1/sample.yaml rename to samples/tfm_integration/psa_crypto/sample.yaml index f812a4e019a..0e74c93f675 100644 --- a/samples/tfm_integration/psa_level_1/sample.yaml +++ b/samples/tfm_integration/psa_crypto/sample.yaml @@ -1,10 +1,10 @@ sample: - description: This app provides an example of using TF-M on the secure - side, with Zephyr on the NS side, using IPC mode. - name: TF-M PSA Level 1 example + description: This app provides an example of using PSA crypto APIs + in Zephyr using IPC mode. + name: PSA crypto example tests: - sample.psa_level_1: - tags: introduction tfm + sample.psa_crypto: + tags: introduction tfm crypto platform_allow: mps2_an521_nonsecure lpcxpresso55s69_ns nrf5340dk_nrf5340_cpuappns nrf9160dk_nrf9160ns nucleo_l552ze_q_ns v2m_musca_s1_nonsecure stm32l562e_dk_ns bl5340_dvk_cpuappns diff --git a/samples/tfm_integration/psa_level_1/src/main.c b/samples/tfm_integration/psa_crypto/src/main.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/main.c rename to samples/tfm_integration/psa_crypto/src/main.c diff --git a/samples/tfm_integration/psa_level_1/src/psa_attestation.c b/samples/tfm_integration/psa_crypto/src/psa_attestation.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/psa_attestation.c rename to samples/tfm_integration/psa_crypto/src/psa_attestation.c diff --git a/samples/tfm_integration/psa_level_1/src/psa_attestation.h b/samples/tfm_integration/psa_crypto/src/psa_attestation.h similarity index 100% rename from samples/tfm_integration/psa_level_1/src/psa_attestation.h rename to samples/tfm_integration/psa_crypto/src/psa_attestation.h diff --git a/samples/tfm_integration/psa_level_1/src/psa_crypto.c b/samples/tfm_integration/psa_crypto/src/psa_crypto.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/psa_crypto.c rename to samples/tfm_integration/psa_crypto/src/psa_crypto.c diff --git a/samples/tfm_integration/psa_level_1/src/psa_crypto.h b/samples/tfm_integration/psa_crypto/src/psa_crypto.h similarity index 100% rename from samples/tfm_integration/psa_level_1/src/psa_crypto.h rename to samples/tfm_integration/psa_crypto/src/psa_crypto.h diff --git a/samples/tfm_integration/psa_level_1/src/shell.c b/samples/tfm_integration/psa_crypto/src/shell.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/shell.c rename to samples/tfm_integration/psa_crypto/src/shell.c diff --git a/samples/tfm_integration/psa_level_1/src/util_app_cfg.c b/samples/tfm_integration/psa_crypto/src/util_app_cfg.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/util_app_cfg.c rename to samples/tfm_integration/psa_crypto/src/util_app_cfg.c diff --git a/samples/tfm_integration/psa_level_1/src/util_app_cfg.h b/samples/tfm_integration/psa_crypto/src/util_app_cfg.h similarity index 100% rename from samples/tfm_integration/psa_level_1/src/util_app_cfg.h rename to samples/tfm_integration/psa_crypto/src/util_app_cfg.h diff --git a/samples/tfm_integration/psa_level_1/src/util_app_log.c b/samples/tfm_integration/psa_crypto/src/util_app_log.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/util_app_log.c rename to samples/tfm_integration/psa_crypto/src/util_app_log.c diff --git a/samples/tfm_integration/psa_level_1/src/util_app_log.h b/samples/tfm_integration/psa_crypto/src/util_app_log.h similarity index 100% rename from samples/tfm_integration/psa_level_1/src/util_app_log.h rename to samples/tfm_integration/psa_crypto/src/util_app_log.h diff --git a/samples/tfm_integration/psa_level_1/src/util_sformat.c b/samples/tfm_integration/psa_crypto/src/util_sformat.c similarity index 100% rename from samples/tfm_integration/psa_level_1/src/util_sformat.c rename to samples/tfm_integration/psa_crypto/src/util_sformat.c diff --git a/samples/tfm_integration/psa_level_1/src/util_sformat.h b/samples/tfm_integration/psa_crypto/src/util_sformat.h similarity index 100% rename from samples/tfm_integration/psa_level_1/src/util_sformat.h rename to samples/tfm_integration/psa_crypto/src/util_sformat.h diff --git a/samples/tfm_integration/psa_level_1/user.pem b/samples/tfm_integration/psa_crypto/user.pem similarity index 100% rename from samples/tfm_integration/psa_level_1/user.pem rename to samples/tfm_integration/psa_crypto/user.pem diff --git a/samples/tfm_integration/psa_level_1/user_pub.pem b/samples/tfm_integration/psa_crypto/user_pub.pem similarity index 100% rename from samples/tfm_integration/psa_level_1/user_pub.pem rename to samples/tfm_integration/psa_crypto/user_pub.pem diff --git a/samples/tfm_integration/psa_protected_storage/README.rst b/samples/tfm_integration/psa_protected_storage/README.rst index b32ebc02cdd..16a4602c8af 100644 --- a/samples/tfm_integration/psa_protected_storage/README.rst +++ b/samples/tfm_integration/psa_protected_storage/README.rst @@ -34,7 +34,7 @@ Building and Running On Target ========= -Refer to :ref:`tfm_psa_level_1` for detailed instructions. +Refer to :ref:`tfm_psa_crypto` for detailed instructions. Note that the board needs to be completely erased before programming the sample, as the flash area used might contain data from before. The board must also be erased between each time the sample is