682dbae203
Adds a refactored version of the psa_crypto sample back, which was removed as part of the update to TF-M 1.7.0 due to unresolvable (at the time) issues with use of MbedTLS instances on the S and NS sides. This sample takes advantage of changes to MbedTLS and TF-M that were introduced after the TF-M 1.7.0 and MbedTLS 3.3 release, and cherry-picked in Zephyr, allowing for improved linking of MbedTLS in secure and non-secure images. PSA API calls on the non-secure side can now be correctly routed to the secure partition, while X.509 and TLS calls remain on the non-secure/Zephyr side. Signed-off-by: Rajkumar Kanagaraj <rajkumar.kanagaraj@linaro.org>
26 lines
910 B
YAML
26 lines
910 B
YAML
sample:
|
|
description: This app provides an example of using PSA crypto APIs
|
|
to generate device certificate signing request in Zephyr
|
|
using IPC mode.
|
|
name: PSA crypto example
|
|
tests:
|
|
sample.psa_crypto:
|
|
tags: introduction tfm crypto csr
|
|
platform_allow: mps2_an521_ns v2m_musca_s1_ns
|
|
nrf5340dk_nrf5340_cpuapp_ns nrf9160dk_nrf9160_ns
|
|
stm32l562e_dk_ns bl5340_dvk_cpuapp_ns
|
|
harness: console
|
|
harness_config:
|
|
type: multi_line
|
|
regex:
|
|
- "System IAT size is: (.*)"
|
|
- "Requesting IAT with (.*) byte challenge."
|
|
- "IAT data received: (.*)"
|
|
- "Retrieving public key for key #1"
|
|
- "Signature verified"
|
|
- "Destroyed persistent key #1"
|
|
- "Generating 256 bytes of random data."
|
|
- "Create device Certificate Signing Request completed"
|
|
- "BEGIN CERTIFICATE REQUEST"
|
|
- "END CERTIFICATE REQUEST"
|