Skip to content

Allow Devicekey::generate_root_of_trust() to define key size. #12823

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 30, 2020
Merged

Allow Devicekey::generate_root_of_trust() to define key size. #12823

merged 1 commit into from
Apr 30, 2020

Conversation

SeppoTakalo
Copy link
Contributor

Summary of changes

Allow Devicekey::generate_root_of_trust() to define key size.

By default, generate 16 byte keys, to be compatible with bootloader.
But allow user to generate 32 byte keys as well.

This fixes #12821

Impact of changes

Default key, generated by Devicekey::generate_root_of_trust() is now 16 bytes,
instead of 32 bytes.

Migration actions required

If you want to generate 32 byte keys with Devicekey::generate_root_of_trust(),
you need to explicitly supply key size as a parameter.

Documentation

Documentation is in the Doxygen, and it is updated.

Pull request type 

[] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[X] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results 

[] No Tests required for this change (E.g docs only update)
[X] Covered by existing mbed-os tests (Greentea or Unittest)
[] Tests / results supplied as part of this PR

Reviewers

@SeppoTakalo SeppoTakalo mentioned this pull request Apr 17, 2020
Closed
@ciarmcom ciarmcom requested review from a team April 17, 2020 09:00
@ciarmcom
Copy link
Member

@SeppoTakalo, thank you for your changes.
@ARMmbed/mbed-os-storage @ARMmbed/mbed-os-maintainers please review.

0xc0170
0xc0170 previously approved these changes Apr 17, 2020
View reviewed changes
@mergify mergify bot added needs: CI and removed needs: review labels Apr 17, 2020
@0xc0170
Copy link
Contributor

0xc0170 commented Apr 17, 2020

CI started

VeijoPesonen
VeijoPesonen approved these changes Apr 17, 2020
View reviewed changes
Copy link
Contributor

@VeijoPesonen VeijoPesonen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@mbed-ci
Copy link

mbed-ci commented Apr 17, 2020

Test run: FAILED

Summary: 1 of 6 test jobs failed
Build number : 1
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_greentea-test

boomer41
boomer41 reviewed Apr 19, 2020
View reviewed changes
@0xc0170
Copy link
Contributor

0xc0170 commented Apr 20, 2020

please review the failures in tests

ccli8
ccli8 reviewed Apr 20, 2020
View reviewed changes
@mergify mergify bot dismissed 0xc0170’s stale review April 20, 2020 09:36

Pull request has been modified.

@boomer41
Copy link
Contributor

This is just nitpicking, but the inline docs is missing the return code for DEVICEKEY_INVALID_KEY_SIZE.

Allow Devicekey::generate_root_of_trust() to define key size.
fc9e75b 
By default, generate 16 byte keys, to be compatible with bootloader.
But allow user to generate 32 byte keys as well.
@SeppoTakalo
Copy link
Contributor Author

This is just nitpicking, but the inline docs is missing the return code for DEVICEKEY_INVALID_KEY_SIZE.

Fixed.

@mbed-ci
Copy link

mbed-ci commented Apr 20, 2020

Test run: FAILED

Summary: 1 of 6 test jobs failed
Build number : 2
Build artifacts

Failed test jobs:

  • jenkins-ci/mbed-os-ci_greentea-test

@ccli8 ccli8 mentioned this pull request Apr 29, 2020
Merged
@0xc0170
Copy link
Contributor

0xc0170 commented Apr 29, 2020

Will need a new CI run, set to needs: CI

@0xc0170
Copy link
Contributor

0xc0170 commented Apr 30, 2020

CI started

@mbed-ci
Copy link

mbed-ci commented Apr 30, 2020

Test run: SUCCESS

Summary: 6 of 6 test jobs passed
Build number : 3
Build artifacts

@0xc0170 0xc0170 merged commit 930ef84 into ARMmbed:master Apr 30, 2020
@teetak01 teetak01 mentioned this pull request May 6, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@boomer41 boomer41 boomer41 left review comments

@ccli8 ccli8 ccli8 left review comments

@0xc0170 0xc0170 0xc0170 approved these changes

@VeijoPesonen VeijoPesonen VeijoPesonen approved these changes

Assignees
No one assigned
Labels
release-version: 6.0.0-beta-1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

DeviceKey: Key size mismatch between generate_root_of_trust() and mbed-bootloader
7 participants
@SeppoTakalo @ciarmcom @0xc0170 @mbed-ci @boomer41 @ccli8 @VeijoPesonen