commit 34a0ffd0d14bf98c8dc517e3982c4ed8cec9f56f
author Antonio de Angelis <Antonio.deAngelis@arm.com> Thu Feb 16 11:56:46 2023 +0000
committer Antonio de Angelis <Antonio.deAngelis@arm.com> Thu Mar 23 10:07:13 2023 +0000
tree 3e4a711dd98f3406f4c3eb653f98526e3e604776
parent 10642e087953c2709075765eeb09d18f38f767a4

Crypto: Reduce diverging PSA Crypto headers between TF-M and Mbed TLS

Reduce divergence between PSA Crypto headers available in TF-M and
Mbed TLS.

* Consistently use mbedtls_svc_key_id_t for psa_key_id_t in the headers
* Concentrate IMPDEF behaviour in crypto_struct and crypto_platform
* Make sure the same config file is used for client and server views,
  i.e. make sure that ENCODES_OWNER config define is passed in a
  dedicated compile switch privately to the crypto service
* Add \emptydescription for Doxygen when required
* clean up the psa_crypto_config cmake target

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: Ia65c9d267ac9dc0441ea484408c5501c1558e580

interface/include/psa/crypto_compat.h

diff --git a/interface/include/psa/crypto_compat.h b/interface/include/psa/crypto_compat.h
index f877340..c21649d 100644
--- a/interface/include/psa/crypto_compat.h
+++ b/interface/include/psa/crypto_compat.h
@@ -26,11 +26,13 @@
 
 /*
  * To support both openless APIs and psa_open_key() temporarily, define
- * psa_key_handle_t to be equal to psa_key_id_t. Do not mark the
+ * psa_key_handle_t to be equal to mbedtls_svc_key_id_t. Do not mark the
  * type and its utility macros and functions deprecated yet. This will be done
  * in a subsequent phase.
  */
-typedef psa_key_id_t psa_key_handle_t;
+typedef mbedtls_svc_key_id_t psa_key_handle_t;
+
+#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
 
 /** Check whether a handle is null.
  *
@@ -40,7 +42,7 @@
  */
 static inline int psa_key_handle_is_null(psa_key_handle_t handle)
 {
-    return(handle == 0);
+    return mbedtls_svc_key_id_is_null(handle);
 }
 
 /** Open a handle to an existing persistent key.
@@ -73,8 +75,8 @@
  * opened. See also :ref:\`key-handles\`.
  *
  *
- * \param id           The persistent identifier of the key.
- * \param[out] key     On success, a handle to the key.
+ * \param key           The persistent identifier of the key.
+ * \param[out] handle   On success, a handle to the key.
  *
  * \retval #PSA_SUCCESS
  *         Success. The application can now use the value of `*handle`
@@ -85,26 +87,26 @@
  *         number of open keys, the number of open key handles, or available
  *         memory.
  * \retval #PSA_ERROR_DOES_NOT_EXIST
- *         There is no persistent key with key identifier \p id.
+ *         There is no persistent key with key identifier \p key.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p id is not a valid persistent key identifier.
+ *         \p key is not a valid persistent key identifier.
  * \retval #PSA_ERROR_NOT_PERMITTED
  *         The specified key exists, but the application does not have the
  *         permission to access it. Note that this specification does not
  *         define any way to create such a key, but it may be possible
  *         through implementation-specific means.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
- * \retval #PSA_ERROR_STORAGE_FAILURE
- * \retval #PSA_ERROR_DATA_INVALID
- * \retval #PSA_ERROR_DATA_CORRUPT
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
+ * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
+ * \retval #PSA_ERROR_DATA_INVALID \emptydescription
+ * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_open_key(psa_key_id_t id,
-                          psa_key_id_t *key);
+psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
+                          psa_key_handle_t *handle);
 
 /** Close a key handle.
  *
@@ -130,21 +132,21 @@
  * key handle can cause the multipart operation to fail. Applications should
  * maintain the key handle until after the multipart operation has finished.
  *
- * \param key           The key to close.
+ * \param handle        The key handle to close.
  *                      If this is \c 0, do nothing and return \c PSA_SUCCESS.
  *
  * \retval #PSA_SUCCESS
  *         \p handle was a valid handle or \c 0. It is now closed.
  * \retval #PSA_ERROR_INVALID_HANDLE
  *         \p handle is not a valid handle nor \c 0.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_CORRUPTION_DETECTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
+ * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_close_key(psa_key_id_t key);
+psa_status_t psa_close_key(psa_key_handle_t handle);
 
 #ifdef __cplusplus
 }