From 433c9bef76a37e7ae63f4a7575512866bd1d0bf8 Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Sat, 23 May 2026 14:34:05 +0200 Subject: [PATCH 1/2] [nrf toup] Add PSA_ALG_IS_SP800_108_COUNTER_CMAC macro This macro is used by the TF-M tests and is implemented as a patch in the TF-M patch files for TF-PSA-Crypto. Since Oberon PSA crypto acts as TF-PSA-Crypto provider add this here. This will be communicated to Oberon so that we can drop this noup. Signed-off-by: Georgios Vasilakis (cherry picked from commit a9e11ac11726336d66876685ee4bf4861b21acb5) --- include/psa/crypto_values.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 520e2d0..6002833 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -2301,6 +2301,18 @@ */ #define PSA_ALG_SP800_108_COUNTER_CMAC ((psa_algorithm_t) 0x08000800) +/** Whether the specified algorithm is a key derivation algorithm constructed + * using #PSA_ALG_SP800_108_COUNTER_CMAC. + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if \p alg is a key derivation algorithm constructed using #PSA_ALG_SP800_108_COUNTER_CMAC(), + * 0 otherwise. This macro may return either 0 or 1 if \c alg is not a supported + * key derivation algorithm identifier. + */ +#define PSA_ALG_IS_SP800_108_COUNTER_CMAC(alg) \ + ((alg) == PSA_ALG_SP800_108_COUNTER_CMAC) + #define PSA_ALG_SRP_PASSWORD_HASH_BASE ((psa_algorithm_t) 0x08800300) /** The SRP password to password-hash KDF. * It takes the password p, the salt s, and the user id u. From 4f3edec54beea4fa14eaf5f02488c46182f38977 Mon Sep 17 00:00:00 2001 From: Georgios Vasilakis Date: Thu, 28 May 2026 13:58:09 +0200 Subject: [PATCH 2/2] [nrf noup] Allow CMAC key type to be used with CMAC key derivation Allow a CMAC key to be used with SP800-108 CMAC since they are compatible. This was triggered when running the TF-M regression test: TFM_S_CRYPTO_TEST_1057 which uses a CMAC key for the key derivation, you can check the function: psa_key_derivation_sp800_108_counter_cmac_test_vector from the file crypto_tests_common.c Another solution to this is to update the test and set the algorithm to SP800-108 CMAC but this will take more time and it is better in the mean time to execute this test. Signed-off-by: Georgios Vasilakis (cherry picked from commit 1b16da979e813805dd5eb5ad77e0d56be9ab299c) --- core/psa_crypto.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/psa_crypto.c b/core/psa_crypto.c index 73cd16e..f26fc1d 100644 --- a/core/psa_crypto.c +++ b/core/psa_crypto.c @@ -541,6 +541,11 @@ static int psa_key_algorithm_permits(psa_key_type_t key_type, requested_output_length; } } + + if (policy_alg == PSA_ALG_CMAC && requested_alg == PSA_ALG_SP800_108_COUNTER_CMAC) { + return 1; + } + /* If policy_alg is a generic key agreement operation, then using it for * a key derivation with that key agreement should also be allowed. This * behaviour is expected to be defined in a future specification version. */