-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove core dependencies from generic part #11
Conversation
I'll remove it
Right. But we have already a tee_fs.c in the generic part. That is why I used this name. However, I'm opened to any other name
Because depending on the compiler, all the types are not defined in sys/types.h. sys/types.h is not available on arm since we do not include libc. However, it can be the case on other platforms. So on given platforms, we will use types_ext.h as given by the TEE, but sys/types.h as given by the compiler.
Well, this is not what I call "generic". They cannot be used on other cores, like the st231 for example. That is why I removed it from the generic part. Let me know if I missed any comment. |
This concerns: - Communication Non-Secure <--> Secure - sys/types.h contains some types not defined on all compilers Signed-off-by: Pascal Brand <pascal.brand@st.com>
Here is a new version of the patch without asm.S and driver changes. |
A squashed series of changes in stm32mp1 clock driver for supporting SCMI server as a clock consumer. These changes have not been upstream yet in OP-TEE OS. Below the details. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> ### Commit message OP-TEE#1 plat-stm32mp1: clock: remove oscillators and PLLs from shared resources Oscillators, PLL1 and PLL2 are not resources allocated upon platform configuration, these are always under secure world control. This change removes them fro the list of the shared resources. Since these resource are always secure, there is no need to look up clock tree when a leaf clock is registered as secure to know which parent clock(s) is/are secure. This removes functions from shared_resources.c and stm32mp1_clk.c. stm32mp_register_clock_parents_secure() can be removed and all its private dependencies. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#2 plat-stm32mp1: clock: fix mcu/axi parent clock Correct MCU clock parent selector: MCU subsystem clock is derived from clock PLL3_P, not PLL3. Correct AXI clock parent selector: AXI subsystem clock is derived from clock PLL2_P, not PLL2. This change also renames MCU clock and AXI clock resources to prevent confusion. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#3 plat-stm32mp1: clock: allow tree lookup for several system clocks Oscillators, PLLs and some system clocks can be related straight to a parent clock. Prior this change were only oscillators and few clocks supported by this look up. This changes adds PLLs and other system clocks. This enables for flexible use of clock tree exploration when computing a clock frequency value. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#4 plat-stm32mp1: clock: handle always on clocks Oscillators and PLLs are not gated on stm32mp_clk_enable/disable() calls. This change allows function to blindly call clock gating function on always on clocks. Gating these clock is out of the scope of this change even if preferred for power consumption optimization. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#5 plat-stm32mp1: clock: add rtc as gateable clock Add clock RTC as a clock one can access through the stm32_util.h API function stm32_clock_*(). Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#6 plat-stm32mp1: clock: enable some secure clocks at init With this change some system clock are enabled by core at boot time and have a reference counter synchronized with the clock hardware state. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#7 plat-stm32mp1: factorize rtc clock gating bit position For consistency, define macro RCC_BDCR_RTCCKEN_POS in stm32mp1_rcc.h to factorize definition of the RTC clock gating resources. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#8 plat-stm32mp1: add mdma secure clock Add support for MDMA secure clock. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#9 plat-stm32mp1: remove unused usb non-secure clock Remove unused clocks USBO_CLK and USBPHY_K resources. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#10 plat-stm32mp1: clock: secure and non-secure gateable clocks Array stm32mp1_clk_gate[] defines the clock resources. This change add a secure attribute to the clock: secure upon RCC[TZEN] (SEC), secure upon RCC[TZEN] and RCC[MCKPROT] (MKP) or always accessible from non-secure (N_S). At init, lookup clock tree to ensure that parents of a secure clock are registered a secure resources in the shared_resources.c driver. Non-secure clock that OP-TEE expect to enable are enabled without increase the clock refcount. For consistency, such clocks are not disabled by core. Such clocks may be accessed by OP-TEE Core when the non-secure world is not executing, for example at boot time or could be when system is suspending/resuming. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#11 plat-stm32mp1: clock: fixup parent clock ids Use _UNKNOWN_ID macro rather than 0xff for clocks parent IDs that do not relate to a gateable clock. Fix parent clock ID _HSE_KER_DIV2 that relates to clock CK_HSE_KER_DIV2, not CK_HSE. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#12 plat-stm32mp1: clock: don't embed unused non-secure uart clock Embed UART parent clock resource upon CFG_WITH_NSEC_UARTS=y. This configuration switch was already used to embed or not the non-secure UART clocks but not the resources used to looks there ascendant clocks. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#13 plat-stm32mp1: shared resources: get shared clock controller state stm32mp_nsec_can_access_clock() reports whether a clock is assigned to the secure world only, or when it can be manipulated by the non-secure world. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> ### Commit message OP-TEE#14 plat-stm32mp1: shared resource: remove unused stm32mp_clock_is_*() Remove unused functions stm32mp_clock_is_shareable(), stm32mp_clock_is_shared() and stm32mp_clock_is_non_secure(). Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
When creating a new public/private key in its template it is not mandatory to have CKA_SUBJECT field. However in the object stored in it must be present. If CKA_SUBJECT is not present it will be given empty default value. In PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01: 4.8 Public key objects: CKA_SUBJECT -- DER-encoding of the key subject name (default empty) 4.9 Private key objects: CKA_SUBJECT -- DER-encoding of the key subject name (default empty) Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
CKA_PUBLIC_EXPONENT can also be provided by calling process when creating a new RSA key pair. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.2 RSA public key objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 C_SetAttributeValue Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.10 PKCS OP-TEE#1 RSA PSS To support CKM_RSA_PKCS_PSS request params for hash and mgf need to be translated to TEE operation ID. Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
It is fully allowed to have pre-defined CKA_ID values during key-pair generation. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 C_GenerateKeyPair Fixes: c3c16294 ("pkcs11: Fix object creation to have only one ID") Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
PKCS#11 Specification[1] states that Private session/token objects cannot be created in Public sessions. So, add a check for access type when creating objects. [1] PKCS OP-TEE#11 Cryptographic Token Interface Usage Guide Version 2.40 (Table 3 - ACCESS TO DIFFERENT TYPES OBJECTS BY DIFFERENT TYPES OF SESSIONS) Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
PKCS#11 Specification[1] states that Private session/token objects cannot be created in Public sessions. So, add a check for access type when creating objects. [1] PKCS OP-TEE#11 Cryptographic Token Interface Usage Guide Version 2.40 (Table 3 - ACCESS TO DIFFERENT TYPES OBJECTS BY DIFFERENT TYPES OF SESSIONS) Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
PKCS#11 Specification[1] states that Private session/token objects cannot be created in Public sessions. So, add a check for access type when creating objects. [1] PKCS #11 Cryptographic Token Interface Usage Guide Version 2.40 (Table 3 - ACCESS TO DIFFERENT TYPES OBJECTS BY DIFFERENT TYPES OF SESSIONS) Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
When creating a new public/private key in its template it is not mandatory to have CKA_SUBJECT field. However in the object stored in it must be present. If CKA_SUBJECT is not present it will be given empty default value. In PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01: 4.8 Public key objects: CKA_SUBJECT -- DER-encoding of the key subject name (default empty) 4.9 Private key objects: CKA_SUBJECT -- DER-encoding of the key subject name (default empty) Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
This commit only adds common key pair generation support code. Actual mechanism specific key pair generation codes are in their own commits. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.13 Key management functions C_GenerateKeyPair Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.3.5 Elliptic curve key pair generation Co-developed-by: Ricardo Salveti <ricardo@foundries.io> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
When creating a new public/private key in its template it is not mandatory to have CKA_SUBJECT field. However in the object stored in it must be present. If CKA_SUBJECT is not present it will be given empty default value. In PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01: 4.8 Public key objects: CKA_SUBJECT -- DER-encoding of the key subject name (default empty) 4.9 Private key objects: CKA_SUBJECT -- DER-encoding of the key subject name (default empty) Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
This commit only adds common key pair generation support code. Actual mechanism specific key pair generation codes are in their own commits. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.13 Key management functions C_GenerateKeyPair Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.3.5 Elliptic curve key pair generation Co-developed-by: Ricardo Salveti <ricardo@foundries.io> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
It is mandatory to have CKF_SERIAL_SESSION set when invoking C_OpenSession(). Return value CKR_SESSION_PARALLEL_NOT_SUPPORTED must be returned. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.6 Session management functions C_OpenSession Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
It is mandatory to have CKF_SERIAL_SESSION set when invoking C_OpenSession(). Return value CKR_SESSION_PARALLEL_NOT_SUPPORTED must be returned. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.6 Session management functions C_OpenSession Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Add support for performing RSA signing & verification operations for: - PKCS OP-TEE#1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1 RSA Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add support for performing RSA PSS signing & verification operations for: - PKCS OP-TEE#1 RSA PSS with supplied hash value - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.10 PKCS OP-TEE#1 RSA PSS Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Add support for performing PKCS OP-TEE#1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SHA-384 - MGF1 SHA-512 Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.8 PKCS OP-TEE#1 RSA OAEP Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Encrypt()/C_EncryptFinal() should return in this case CKR_DATA_LEN_RANGE. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_Encrypt/C_EncryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Decrypt()/C_DecryptFinal() should return in this case CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE. As it is hard to determine which case it is return matching error similar to encryption case. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.9 Decryption functions C_Decrypt/C_DecryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.2 RSA public key objects and 2.1.4 PKCS OP-TEE#1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add support for performing RSA PSS signing & verification operations for: - PKCS OP-TEE#1 RSA PSS with supplied hash value - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.10 PKCS OP-TEE#1 RSA PSS Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add support for performing PKCS OP-TEE#1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SHA-384 - MGF1 SHA-512 Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.8 PKCS OP-TEE#1 RSA OAEP Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Encrypt()/C_EncryptFinal() should return in this case CKR_DATA_LEN_RANGE. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_Encrypt/C_EncryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Decrypt()/C_DecryptFinal() should return in this case CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE. As it is hard to determine which case it is return matching error similar to encryption case. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.9 Decryption functions C_Decrypt/C_DecryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.2 RSA public key objects and 2.1.4 PKCS OP-TEE#1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add support for performing RSA signing & verification operations for: - PKCS #1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1 RSA Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add support for performing RSA PSS signing & verification operations for: - PKCS #1 RSA PSS with supplied hash value - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.10 PKCS #1 RSA PSS Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add support for performing PKCS #1 RSA OAEP encryption & decryption operations for: - MGF1 SHA-1 - MGF1 SHA-224 - MGF1 SHA-256 - MGF1 SHA-384 - MGF1 SHA-512 Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.8 PKCS #1 RSA OAEP Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
When invalid input data is provided for TEE_AsymmetricEncrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Encrypt()/C_EncryptFinal() should return in this case CKR_DATA_LEN_RANGE. Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.8 Encryption functions C_Encrypt/C_EncryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
When invalid input data is provided for TEE_AsymmetricDecrypt() it will fail with TEE_ERROR_BAD_PARAMETERS. PCSK#11 operation for C_Decrypt()/C_DecryptFinal() should return in this case CKR_ENCRYPTED_DATA_INVALID or CKR_ENCRYPTED_DATA_LEN_RANGE. As it is hard to determine which case it is return matching error similar to encryption case. Specified in: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 5.9 Decryption functions C_Decrypt/C_DecryptFinal Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Different requirements are in place when importing RSA public key vs. generaing a new RSA key pair. Specified in: PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.2 RSA public key objects and 2.1.4 PKCS #1 RSA key pair generation Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Adds support for: PKCS OP-TEE#11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Adds support for: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Plus Errata 01 4.6 Certificate objects 4.6.3 X.509 public key certificate objects Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
This concerns:
Signed-off-by: Pascal Brand pascal.brand@st.com