1####################################### 2Trusted Firmware-M Profile Small Design 3####################################### 4 5************ 6Introduction 7************ 8 9As one of the TF-M Profiles, TF-M Profile Small (Profile S) consists of 10lightweight TF-M framework and basic Secure Services to keep smallest memory 11footprint, supporting fundamental security features on devices with ultra 12constrained resource. 13 14This profile enables connecting with Edge Gateways and IoT Cloud Services 15supporting secure connection based solely on symmetric cryptography. 16 17This document summarizes and discusses the features specified in TF-M Profile 18Small. 19 20************** 21Overall design 22************** 23 24TF-M Profile Small defines the following features: 25 26 - Lightweight framework 27 28 - Secure Function (SFN) model [2]_ 29 - Level 1 isolation 30 - Buffer sharing allowed 31 - Single secure context 32 33 - Crypto 34 35 - Symmetric cipher only 36 - Cipher suite for symmetric-key algorithms based protocols, such as 37 cipher suites defined in TLS pre-shared key (TLS-PSK) [1]_. 38 39 - Advanced Encryption Standard (AES) as symmetric crypto algorithm 40 - SHA256 as Hash function 41 - HMAC as Message Authentication Code algorithm 42 - Only enable multi-part functions in hash, symmetric ciphers, 43 Message Authentication Code (MAC) and Authenticated Encryption with 44 Associated Data (AEAD) operations. 45 46 - Internal Trusted Storage (ITS) 47 48 - No encryption 49 - No rollback protection 50 - Decrease internal transient buffer size 51 52 - Initial Attestation 53 54 - Based on symmetric key algorithms 55 56 - Lightweight boot 57 58 - Single image boot 59 - Anti-rollback protection is enabled 60 61 62Protected Storage, firmware update and other Secure Services provided by TF-M are 63disabled by default. 64 65************** 66Design details 67************** 68 69More details of TF-M Profile Small design are discussed in following sections. 70 71Lightweight framework 72===================== 73 74TF-M framework model 75-------------------- 76 77SFN model is selected by default in Profile Small implementation. 78SFN model is defined in FF-M 1.1 extensions [2]_. It is a more simple 79implementation of TF-M framework and may also reduce memory footprint, compared 80with Inter-Process Communication (IPC) model [3]_. 81 82Level 1 isolation 83----------------- 84 85PSA Security Model [4]_ defines 3 levels of isolation. 86 87 - Level 1 isolation isolates Secure Processing Environment (SPE) from 88 Non-secure Processing Environment (NSPE). 89 - PSA Root of Trust (PSA RoT) and Application Root of Trust (ARoT) are 90 isolated from each other in level 2 isolation. 91 - Individual secure partitions are isolated from each other even within a 92 particular security domain (PSA RoT, ARoT), in level 3 isolation. 93 94Profile Small dedicated use cases with simple service model may not require 95level 2 or level 3 isolation. Devices which Profile Small aims at may be unable 96to implement stricter isolation, limited by hardware capabilities. 97 98Level 1 isolation reduces requirements enforced by hardware isolation and cost 99of software for management. 100 101.. note :: 102 103 **Security note** 104 105 If a device or a use case enforces level 2 or level 3 isolation, it is 106 suggested to apply other configurations, other than TF-M Profile Small. 107 108Crypto service 109============== 110 111TF-M Profile Small only requires symmetric crypto since symmetric algorithms 112require shorter keys and less computational burden, compared with asymmetric 113crypto. 114 115By default, TF-M Profile Small requires the same capabilities as defined in 116TLS-PSK, to support symmetric key algorithms based protocols. 117 118.. note :: 119 120 **Implementation note** 121 122 Please note that TF-M Profile Small doesn't require that TLS-PSK is 123 mandatory in applications. Instead, Profile Small only requires the same 124 capabilities as defined in TLS-PSK, such as one symmetric cipher algorithm 125 and one hash function. 126 127TF-M Profile Small selects TLS-PSK cipher suite TLS_PSK_WITH_AES_128_CCM [5]_ 128as reference, which requires: 129 130 - AES-128-CCM (AES CCM mode with 128-bit key) as symmetric crypto algorithm 131 - SHA256 as Hash function 132 - HMAC as Message Authentication Code algorithm 133 134TLS_PSK_WITH_AES_128_CCM is selected since it requires small key length and less 135hardware capabilities, while keeping enough level of security. 136 137.. note :: 138 139 **Implementation note** 140 141 Developers can replace default algorithms with others or implement more 142 algorithms. 143 144 Proper symmetric key algorithms and cipher suites should be selected 145 according to device capabilities, the use case and the requirement of peers 146 in connection. 147 148 Refer to `Crypto service configuration`_ for implementation details of 149 configuring algorithms and cipher suites. 150 151.. note :: 152 153 **Security note** 154 155 It is recommended not to use MD5 or SHA-1 for message digests as they are 156 subject to collision attacks [6]_ [7]_. 157 158By default, Profile Small only enables multi-part functions defined in PSA 159Cryptography API [13]_ in hash, symmetric ciphers, MAC and AEAD operations. 160Disabling single-part functions optimizes the code size of TF-M crypto service. 161Multi-part operations allows the message data to be processed in fragments 162instead of all at once. In static memory allocation, single-part operation may 163require to allocate a large memory space to support long message with unknown 164length. Therefore single-part operations can help users optimize memory 165footprint, especially while dealing with streaming data on IoT devices. 166 167It may slightly increase the code size in applications to replace single-part 168implementation with mulit-part implementation. Althgouth the code size increment 169can be qaulified, if users are concerned about the code size increment, they can 170enable single-part operations by toggling Profile Small default configuration. 171 172It may increase latency and overall time cost to implement cryptography 173functionality with single-part operations, compared to with multi-part ones. 174Users can enable single-part operations if the usage scenario requires 175single-part opreations to meet its perfermance metrics. 176 177Secure Storage 178============== 179 180TF-M Profile Small assumes that extremely constrained devices only contain basic 181on-chip storage, without external or removable storage. 182As a result, TF-M Profile Small includes ITS service and disables Protected 183Storage service. 184 185Encryption and rollback protection 186---------------------------------- 187 188Neither encryption nor rollback protection is enabled in current ITS 189implementation. 190 191It is expected that ITS relies solely on the physical inaccessibility property 192of on-chip storage, together with PSA isolation, without requiring additional 193cryptographic protection. 194 195Internal transient buffer 196------------------------- 197 198ITS implements a internal transient buffer [8]_ to hold the data read 199from/written to storage, especially for flash, to solve the alignment and 200security issues. 201 202The internal transient buffer is aligned to the flash device’s program unit. 203Copying data to it from the caller can align all write requests to the flash 204device’s program unit. 205The internal transient buffer can help protect Flash access from some attacks, 206such as TOCTOU attack. 207 208Although removing this internal buffer can save some memory consumption, 209typically 512 bytes, it may bring alignment or security issues. 210Therefore, to achieve a better trade-off between memory footprint and security, 211TF-M Profile Small optimizes the internal buffer size to 32 bytes by default. 212 213As discussed in `Crypto service`_, TF-M Profile Small requires AES-128 and 214SHA-256, which use 128-bit key and 256-bit key respectively. 215Besides, either long public/private keys or PKI-based certificates should be 216very rare as asymmetric crypto is not supported in Profile Small. 217Therefore, a 32-byte internal buffer should cover the assets in TF-M Profile 218Small use cases. 219 220The buffer size can be adjusted according to use case and device Flash 221attributes. Refer to `Internal Trusted Storage configurations`_ for more 222details. 223 224Initial Attestation 225=================== 226 227Profile Small requires an Initial Attestation secure service based on symmetric 228key algorithms. Refer to PSA Attestation API document [9]_ for details of 229Initial Attestation based on symmetric key algorithms. 230 231It can heavily increase memory footprint to support Initial Attestation based on 232asymmetric key algorithms, due to asymmetric ciphers and related PKI modules. 233 234.. note :: 235 236 **Implementation note** 237 238 As pointed out by PSA Attestation API document [9]_, the use cases of 239 Initial Attestation based on symmetric key algorithms can be limited due to 240 the associated infrastructure costs for key management and operational 241 complexities. It may also restrict the ability to interoperate with 242 scenarios that involve third parties. 243 244 If asymmetric key algorithms based Initial Attestation is required in use 245 scenarios, it is recommended to select other TF-M Profiles which support 246 asymmetric key algorithms. 247 248.. note :: 249 250 **Implementation note** 251 252 It is recommended to utilize the same MAC algorithm supported in Crypto 253 service to complete the signing in ``COSE_Mac0``, to minimize memory 254 footprint. 255 256Lightweight boot 257================ 258 259If MCUBoot provided by TF-M is enabled, single image boot [10]_ is selected by 260default in Profile Small. 261In case of single image boot, secure and non-secure images are handled as a 262single blob and signed together during image generation. 263 264However, secure and non-secure images must be updated together in single image 265boot. It may decrease the flexibility of image update and cost longer update 266process. Since the image sizes should usually be small with limited 267functionalities in Profile Small dedicated use case, the cost may still be 268reasonable. 269 270BL2 implementation can be device specific. Devices may implement diverse 271boot processes with different features and configurations. 272However, anti-rollback protection is required as a mandatory feature of boot 273loader. Boot loader should be able to prevent unauthorized rollback, to protect 274devices from being downgraded to earlier versions with known vulnerabilities. 275 276************** 277Implementation 278************** 279 280Overview 281======== 282 283The basic idea is to add dedicated profile CMake configuration files under 284folder ``config/profile`` for TF-M Profile Small default configuration. 285 286The top-level Profile Small config file collects all the necessary 287configuration flags and set them to default values, to explicitly enable the 288features required in Profile Small and disable the unnecessary ones, during 289TF-M build. 290 291A platform/use case can provide a configuration extension file to overwrite 292Profile Small default setting and append other configurations. 293This configuration extension file can be added via parameter 294``TFM_EXTRA_CONFIG_PATH`` in build command line. 295 296The behavior of the Profile Small build flow (particularly the order of 297configuration loading and overriding) can be found at 298:ref:`tfm_cmake_configuration` 299 300The details of configurations will be covered in each module in 301`Implementation details`_. 302 303Implementation details 304====================== 305 306This section discusses the details of Profile Small implementation. 307 308Top-level configuration files 309----------------------------- 310 311The firmware framework configurations in ``config/profile/profile_small`` are 312shown below. 313 314.. table:: TFM options in Profile Small top-level CMake config file 315 :widths: auto 316 :align: center 317 318 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 319 | Configs | Default value | Descriptions | 320 +============================================+=====================================================================================================+=====================================+ 321 | ``TFM_ISOLATION_LEVEL`` | ``1`` | Select level 2 isolation | 322 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 323 | ``TFM_PARTITION_INTERNAL_TRUSTED_STORAGE`` | ``ON`` | Enable ITS SP | 324 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 325 | ``ITS_BUF_SIZE`` | ``32`` | ITS internal transient buffer size | 326 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 327 | ``TFM_PARTITION_CRYPTO`` | ``ON`` | Enable Crypto service | 328 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 329 | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h`` | Mbed Crypto config file path | 330 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 331 | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_small.h`` | Mbed Crypto PSA config file path | 332 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 333 | ``CRYPTO_ASYM_SIGN_MODULE_ENABLED`` | ``OFF`` | Enable asymmetric signature | 334 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 335 | ``CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED`` | ``OFF`` | Enable asymmetric encryption | 336 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 337 | ``TFM_PARTITION_INITIAL_ATTESTATION`` | ``ON`` | Enable Initial Attestation service | 338 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 339 | ``SYMMETRIC_INITIAL_ATTESTATION`` | ``ON`` | Enable symmetric attestation | 340 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 341 | ``TFM_PARTITION_PROTECTED_STORAGE`` | ``OFF`` | Enable PS service | 342 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 343 | ``TFM_PARTITION_PLATFORM`` | ``OFF`` | Enable TF-M Platform SP | 344 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 345 346.. note :: 347 348 **Implementation note** 349 350 The following sections focus on the feature selection via configuration 351 setting. 352 Dedicated optimization on memory footprint is not covered in this document. 353 354Device configuration extension 355^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 356 357To change default configurations and add platform specific configurations, 358a platform can add a platform configuration file at 359``platform/ext<TFM_PLATFORM>/config.cmake`` 360 361TF-M framework setting 362---------------------- 363 364The top-level Profile Small CMake config file selects SFN model and level 1 365isolation. 366 367In SFN model, ``-DPSA_FRAMEWORK_HAS_MM_IOVEC`` is enabled by default. 368It reduces memory footprint by avoiding the transient copy from input 369vectors and copy to output vectors. 370 371Crypto service configuration 372---------------------------- 373 374Crypto Secure Partition 375^^^^^^^^^^^^^^^^^^^^^^^ 376 377TF-M Profile Small enables Crypto Secure Partition (SP) in its top-level CMake 378config file. Crypto SP modules not supported in TF-M Profile Small are disabled. 379The disabled modules/features are shown below. 380 381 - Disable asymmetric cipher 382 - Disable single-part operations in Hash, MAC, AEAD and symmetric ciphers 383 via selecting ``CRYPTO_SINGLE_PART_FUNCS_DISABLED`` 384 385Other modules and configurations [11]_ are kept as default values. 386 387Additional configuration flags with more fine granularity can be added to 388control building of specific crypto algorithms and corresponding test cases. 389 390Mbed Crypto configurations 391^^^^^^^^^^^^^^^^^^^^^^^^^^ 392 393TF-M Profile Small adds a dedicated Mbed Crypto config file 394``tfm_mbedcrypto_config_profile_small.h`` and Mbed Crypto PSA config file 395``crypto_config_profile_small.h`` at ``/lib/ext/mbedcrypto/mbedcrypto_config`` 396folder, instead of the common one ``tfm_mbedcrypto_config_default.h`` and 397``crypto_config_default.h`` [11]_. 398 399Major Mbed Crypto configurations are set as listed below: 400 401 - Enable SHA256 402 - Enable generic message digest wrappers 403 - Enable AES 404 - Enable CCM mode for symmetric ciphers 405 - Disable other modes for symmetric ciphers 406 - Disable asymmetric ciphers 407 - Disable HMAC-based key derivation function (HKDF) 408 409Other configurations can be selected to optimize the memory footprint of Crypto 410module. 411 412A device/use case can append an extra config header to the Profile Small 413default Mbed Crypto config file. This can be done by setting the 414``TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH`` cmake variable in the platform 415config file ``platform/ext<TFM_PLATFORM>/config.cmake``. This cmake variable is 416a wrapper around the ``MBEDTLS_USER_CONFIG_FILE`` options, but is preferred as 417it keeps all configuration in cmake. 418 419Internal Trusted Storage configurations 420--------------------------------------- 421 422ITS service is enabled in top-level Profile Small CMake config file. 423 424The internal transient buffer size ``ITS_BUF_SIZE`` [8]_ is set to 32 bytes by 425default. A platform/use case can overwrite the buffer size in its specific 426configuration extension according to its actual requirement of assets and Flash 427attributes. 428 429Profile Small CMake config file won't touch the configurations of device 430specific Flash hardware attributes [8]_. 431 432Initial Attestation secure service 433---------------------------------- 434 435TF-M Profile Small provides a reference implementation of symmetric key 436algorithms based Initial Attestation, using HMAC SHA-256 as MAC algorithm in 437``COSE_Mac0`` structure. The implementation follows PSA Attestation API document 438[9]_. 439 440Profile Small top-level config file enables Initial Attestation secure service 441and selects symmetric key algorithms based Initial Attestation by default. 442 443 - Set ``TFM_PARTITION_INITIAL_ATTESTATION`` to ``ON`` 444 - Set ``SYMMETRIC_INITIAL_ATTESTATION`` to ``ON`` 445 446Symmetric and asymmetric key algorithms based Initial Attestation can share the 447same generations of token claims, except Instance ID claim. 448 449Profile Small may implement the procedure or rely on a 3rd-party tool to 450construct and sign ``COSE_Mac0`` structure. 451 452Details of symmetric key algorithms based Initial Attestation design will be 453covered in a dedicated document. 454 455Disabled secure services 456------------------------ 457 458Protected Storage and Platform Service are disabled by default 459in Profile Small top-level CMake config file. 460 461Test configuration 462------------------ 463 464Some cryptography tests are disabled due to the reduced Mbed Crypto config. 465Some of them are shown in the table below. 466 467.. table:: TFM options in Profile Small top-level CMake config file 468 :widths: auto 469 :align: center 470 471 +--------------------------------------------+---------------+----------------------------------------+ 472 | Configs | Default value | Descriptions | 473 +============================================+===============+========================================+ 474 | ``TFM_CRYPTO_TEST_ALG_CBC`` | ``OFF`` | Test CBC cryptography mode | 475 +--------------------------------------------+---------------+----------------------------------------+ 476 | ``TFM_CRYPTO_TEST_ALG_CCM`` | ``ON`` | Test CCM cryptography mode | 477 +--------------------------------------------+---------------+----------------------------------------+ 478 | ``TFM_CRYPTO_TEST_ALG_CFB`` | ``OFF`` | Test CFB cryptography mode | 479 +--------------------------------------------+---------------+----------------------------------------+ 480 | ``TFM_CRYPTO_TEST_ALG_ECB`` | ``OFF`` | Test ECB cryptography mode | 481 +--------------------------------------------+---------------+----------------------------------------+ 482 | ``TFM_CRYPTO_TEST_ALG_CTR`` | ``OFF`` | Test CTR cryptography mode | 483 +--------------------------------------------+---------------+----------------------------------------+ 484 | ``TFM_CRYPTO_TEST_ALG_OFB`` | ``OFF`` | Test OFB cryptography mode | 485 +--------------------------------------------+---------------+----------------------------------------+ 486 | ``TFM_CRYPTO_TEST_ALG_GCM`` | ``OFF`` | Test GCM cryptography mode | 487 +--------------------------------------------+---------------+----------------------------------------+ 488 | ``TFM_CRYPTO_TEST_ALG_SHA_384`` | ``OFF`` | Test SHA-384 cryptography algorithm | 489 +--------------------------------------------+---------------+----------------------------------------+ 490 | ``TFM_CRYPTO_TEST_ALG_SHA_512`` | ``OFF`` | Test SHA-512 cryptography algorithm | 491 +--------------------------------------------+---------------+----------------------------------------+ 492 | ``TFM_CRYPTO_TEST_HKDF`` | ``OFF`` | Test HKDF key derivation algorithm | 493 +--------------------------------------------+---------------+----------------------------------------+ 494 | ``TFM_CRYPTO_TEST_ECDH`` | ``OFF`` | Test ECDH key agreement algorithm | 495 +--------------------------------------------+---------------+----------------------------------------+ 496 | ``TFM_CRYPTO_TEST_CHACHA20`` | ``OFF`` | Test ChaCha20 stream cipher | 497 +--------------------------------------------+---------------+----------------------------------------+ 498 | ``TFM_CRYPTO_TEST_CHACHA20_POLY1305`` | ``OFF`` | Test ChaCha20-Poly1305 AEAD algorithm | 499 +--------------------------------------------+---------------+----------------------------------------+ 500 | ``TFM_CRYPTO_TEST_SINGLE_PART_FUNCS`` | ``OFF`` | Test single-part operations in hash, | 501 | | | MAC, AEAD and symmetric ciphers | 502 +--------------------------------------------+---------------+----------------------------------------+ 503 504BL2 setting 505----------- 506 507Profile Small enables MCUBoot provided by TF-M by default. A platform can 508overwrite this configuration by disabling MCUBoot in its configuration extension 509file ``platform/ext<TFM_PLATFORM>/config.cmake``. 510 511If MCUBoot provided by TF-M is enabled, single image boot is selected in TF-M 512Profile Small top-level CMake config file. 513 514If a device implements its own boot loader, the configurations are 515implementation defined. 516 517.. table:: BL2 options in Profile Small top-level CMake config file 518 :widths: auto 519 :align: center 520 521 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 522 | Configs | Default value | Descriptions | 523 +============================================+=====================================================================================================+=====================================+ 524 | ``BL2`` | ``ON`` | Enable MCUBoot bootloader | 525 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 526 | ``MCUBOOT_IMAGE_NUMBER`` | ``1`` | Combine S and NS images | 527 +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+ 528 529**************** 530Platform support 531**************** 532 533Building Profile Small 534====================== 535 536To build Profile Small, argument ``TFM_PROFILE`` in build command line should be 537set to ``profile_small``. 538 539Take AN521 as an example. 540 541The following commands build Profile Small without test cases on **AN521** with 542build type **MinSizeRel**, built by **Armclang**. 543SFN model is selected by default. 544 545.. code-block:: bash 546 547 cd <TFM root dir> 548 mkdir build && cd build 549 cmake -DTFM_PLATFORM=arm/mps2/an521 \ 550 -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \ 551 -DTFM_PROFILE=profile_small \ 552 -DCMAKE_BUILD_TYPE=MinSizeRel \ 553 ../ 554 cmake --build ./ -- install 555 556The following commands build Profile Small with regression test cases on 557**AN521** with build type **MinSizeRel**, built by **Armclang**. 558SFN model is selected by default. 559 560.. code-block:: bash 561 562 cd <TFM root dir> 563 mkdir build && cd build 564 cmake -DTFM_PLATFORM=arm/mps2/an521 \ 565 -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \ 566 -DTFM_PROFILE=profile_small \ 567 -DCMAKE_BUILD_TYPE=MinSizeRel \ 568 -DTEST_NS=ON \ 569 ../ 570 cmake --build ./ -- install 571 572.. Note:: 573 574 - For devices with more constrained memory and flash requirements, it is 575 possible to build with either only TEST_S enabled or only TEST_NS enabled. 576 This will decrease the size of the test images. Note that both test suites 577 must still be run to ensure correct operation. 578 579More details of building instructions and parameters can be found TF-M build 580instruction guide [12]_. 581 582********* 583Reference 584********* 585 586.. [1] `Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) <https://tools.ietf.org/html/rfc4279>`_ 587 588.. [2] `Arm Firmware Framework for M 1.1 Extensions <https://developer.arm.com/documentation/aes0039/latest>`_ 589 590.. [3] `Arm Platform Security Architecture Firmware Framework 1.0 <https://developer.arm.com/documentation/den0063/latest/>`_ 591 592.. [4] `Platform Security Model 1.1 <https://developer.arm.com/documentation/den0128/latest>`_ 593 594.. [5] `AES-CCM Cipher Suites for Transport Layer Security (TLS) <https://tools.ietf.org/html/rfc6655>`_ 595 596.. [6] `Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms <https://tools.ietf.org/html/rfc6151>`_ 597 598.. [7] `Transitioning the Use of Cryptographic Algorithms and Key Lengths <https://www.nist.gov/publications/transitioning-use-cryptographic-algorithms-and-key-lengths>`_ 599 600.. [8] :doc:`ITS integration guide </integration_guide/services/tfm_its_integration_guide>` 601 602.. [9] `PSA Attestation API 1.0 (ARM IHI 0085) <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Implement/IHI0085-PSA_Attestation_API-1.0.2.pdf?revision=eef78753-c77e-4b24-bcf0-65596213b4c1&la=en&hash=E5E0353D612077AFDCE3F2F3708A50C77A74B2A3>`_ 603 604.. [10] :doc:`Secure boot </design_docs/booting/tfm_secure_boot>` 605 606.. [11] :doc:`Crypto design </design_docs/services/tfm_crypto_design>` 607 608.. [12] :doc:`TF-M build instruction </building/tfm_build_instruction>` 609 610.. [13] `PSA Cryptography API 1.0 <https://developer.arm.com/documentation/ihi0086/a/?lang=en>`_ 611 612-------------- 613 614*Copyright (c) 2020-2022, Arm Limited. All rights reserved.* 615
