mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-01-18 12:52:44 +01:00
9be022afd8
18547: sys: PSA Crypto API implementation r=MrKevinWeiss a=Einhornhool ### Contribution description This adds an implementation of the ARM [PSA Crypto API](https://armmbed.github.io/mbed-crypto/html/index.html) specification to RIOT. It is a cryptographic API that supports software and hardware backends as well as the use of multiple secure elements, which can be configured with Kconfig. It integrates indirect, identifier based key management to support persistent storage of key material in local memory and devices with protected key storage. A description of the implementation design and an evaluation of the processing time and memory overhead in RIOT has been published here: [Usable Security for an IoT OS: Integrating the Zoo of Embedded Crypto Components Below a Common API](https://arxiv.org/abs/2208.09281) #### Implementation status So far this implementation supports the following operations: - Volatile key storage - AES in CBC mode - Hashes (MD5, SHA1, SHA224, SHA256) - HMAC SHA256 - ECDSA with NIST P192 and P256 curves The following backends are supported so far: - RIOT Cipher Module - RIOT Hash Module - Micro ECC library package - Cryptocell 310 hardware accelerator on the Nordic NRF52840dk - Microchip ATECC608A secure element Other operations and backends as well as persistent key storage can and will be implemented by me and anyone who wants to contribute in the future. ### Testing procedure So far there is a show case application in `examples/psa_crypto` to demonstrate the usage and configuration of different backends of the API (refer to the application README for more information). Co-authored-by: Lena Boeckmann <lena.boeckmann@haw-hamburg.de> |
||
---|---|---|
.. | ||
pythonlibs | ||
testbed-support | ||
tools | ||
empty.a | ||
gdbinit-docker | ||
Makefile | ||
usb_id_testing |