mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2026-07-05 03:38:39 +00:00
Currently the psa key is created and destroyed after each usage during signature verification. This redesign adds a key_cache to store the key ID, psa algorithm, and key attributes associated with a particular pk_oid. This allows for the psa key to be reused by each image that has the associated pk_oid. The pk_oid of the image being authenticated is stored as the global current_pk_oid variable, which is used during the psa crypto verification stage to associate a key_cache entry with a particular pk_oid. Since the psa key is no longer destroyed after each usage, the psa keys are therefore destroyed after all images have been loaded during each boot phase in the new crypto_mod_finish() function that is registered by the REGISTER_CRYPTO_LIB and enabled through the build option of PSA_CRYTPO. Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: Iba330bc659a76493bd958673424efcc621bab1c4