-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for Hardware Secure Module (HSM) using Infineon Optiga Trust M #28397
Conversation
* Add the optiga_lib_config_mtb.h
2)Added infineon_trustm_provisioning.md
2)Updated README.md for psoc6 lock-app
examples/platform/infineon/trustm/DeviceAttestationCredsExampleTrustM.cpp
Outdated
Show resolved
Hide resolved
2)Updated the argument with infineon added
examples/platform/infineon/trustm/DeviceAttestationCredsExampleTrustM.cpp
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: I did not carefully review the actual CryptoPAL bits. I assume someone else has done that already.
… script 2)Fixed the bug for CHIPCryptoPALHsm_HMAC_trustm.cpp
…t-chip#28507) * ESP32: avoid installing gdbgui when not needed (project-chip#26542) ESP-IDF v4.4.4 requires gdbgui only when Python before 3.11 is used (see espressif/esp-idf@3974be7). Avoid installing it when not needed. Fixes: project-chip#25385 * Remove gdbgui requirement for esp32 (project-chip#28007) * Remove gdbgui requirement for esp32 * Fix qemu * Fix chef as well --------- Co-authored-by: Stefan Agner <stefan@agner.ch> Co-authored-by: Andrei Litvin <andy314@gmail.com>
- Misspell - restyling - infineon build
@admin Could you kindly merge this pull request? Thanks a lot |
Hi @bzbarsky-apple @tcarmelveilleux @admin, @andy31415 Some of the tests are randomly failing because of the free space issue. And the pull request done before #28507 also failed but was merged. I am not sure what can be done to resolve these tests as it is not failing because of our code changes. Thanks, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ying-css - since this is a v1.1 branch change, please link to the original PR from master that you are cherrypicking or describe clearly why this is not a cherrypick.
I took a brief history search on master for the title of this PR and did not see the changes (examples/platform/infineon/trustm
does not exist)
Hi @andy31415, Our current goal is to push the changes to the v1.1 branch, as our integration efforts commenced from there. Since the folder structures and our substantial feature additions differ significantly between the v1.1 branch and the master branch, cherry-picking from the master branch later might not be a viable option. Is it feasible to merge these changes into the v1.1 branch first? Meanwhile, we'll also work on integrating these changes into the master branch and submit a new pull request. Thank you for your understanding. |
Hi @andy31415, For V1.1 branch, the trustm(as HSM)implementation is under the /src/crypto/hsm/infineon folder. This will involve modifications to the core matter stack(Related PR - #21415). |
Summary of Changes:
The following changes are only applicable for V1.1 branch since the trustm(as HSM)implementation is under the /src/crypto/hsm/infineon folder which will involve modifications to the core matter stack.
For the Master branch, the /src/crypto/hsm folder has been removed so the trustm (as HSM) implementation is needed to be relocated to the platform folder. One new pull request will be submitted for master branch once we finish the integration.
1)Added Infineon Optiga Trust M as Hardware Secure Module (HSM)
2)Added support for device attestation using Infineon Optiga Trust M
3)Integrated Optiga Trust M into psoc6 platform for lock-app
4)Option to switch between HSM and Host Software Crypto implementation
Fixed #28355