Crypto: Decouple TF-M Crypto service from mbed TLS types and macros
Provide an abstraction layer towards the underlying crypto library
that implements the PSA Crypto core functionalities. Remove the
assumption that this library is mbed TLS, i.e. provide this
abstraction layer specifically for mbed TLS but could be implemented
for other crypto libraries as well, if needed, as generic as possible.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I9f2690a749a01209c39acfce161d4953765e22ed
diff --git a/secure_fw/partitions/crypto/crypto_init.c b/secure_fw/partitions/crypto/crypto_init.c
index 71f5216..c21bc85 100644
--- a/secure_fw/partitions/crypto/crypto_init.c
+++ b/secure_fw/partitions/crypto/crypto_init.c
@@ -10,6 +10,7 @@
#include "tfm_mbedcrypto_include.h"
#include "tfm_crypto_api.h"
+#include "tfm_crypto_key.h"
#include "tfm_crypto_defs.h"
#include "tfm_sp_log.h"
#include "crypto_check_config.h"
@@ -31,10 +32,6 @@
#include "crypto_hw.h"
#endif /* CRYPTO_HW_ACCELERATOR */
-#ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-#error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be selected in Mbed TLS config file"
-#endif
-
#include <string.h>
#include "psa/framework_feature.h"
#include "psa/service.h"
@@ -355,7 +352,7 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
const struct tfm_crypto_pack_iovec *iov = in_vec[0].base;
int32_t caller_id = 0;
- mbedtls_svc_key_id_t encoded_key = MBEDTLS_SVC_KEY_ID_INIT;
+ struct tfm_crypto_key_id_s encoded_key = TFM_CRYPTO_KEY_ID_S_INIT;
bool is_key_required = false;
enum tfm_crypto_group_id group_id;
@@ -376,7 +373,8 @@
/* The caller_id being set in the owner field is the partition ID
* of the calling partition
*/
- encoded_key = mbedtls_svc_key_id_make(caller_id, iov->key_id);
+ encoded_key.key_id = iov->key_id;
+ encoded_key.owner = caller_id;
}
/* Dispatch to each sub-module based on the Group ID */