Crypto: Implement PSA builtin keys
Implement builtin key driver, and add HAL apis to load HUK and IAK into
this driver. Add necessary funtions to route PSA crypto calls into this
driver. Add fixed builtin key IDs into the interface, and a mechanism to
allow platforms to add extra keys.
Change-Id: I7ffc16eb14215dd6b323baeb53b40ccb1c0ce126
Signed-off-by: Raef Coles <raef.coles@arm.com>
diff --git a/interface/include/tfm_crypto_defs.h b/interface/include/tfm_crypto_defs.h
index b5e65d5..5d429a8 100644
--- a/interface/include/tfm_crypto_defs.h
+++ b/interface/include/tfm_crypto_defs.h
@@ -16,6 +16,11 @@
#include <limits.h>
#include "tfm_api.h"
#include "psa/crypto.h"
+#ifdef PLATFORM_DEFAULT_CRYPTO_KEYS
+#include "crypto_keys/tfm_builtin_key_ids.h"
+#else
+#include "tfm_builtin_key_ids.h"
+#endif /* PLATFORM_DEFAULT_CRYPTO_KEYS */
/**
* \brief This type is used to overcome a limitation in the number of maximum
@@ -264,19 +269,6 @@
#define TFM_CRYPTO_INVALID_HANDLE (0x0u)
/**
- * \brief The persistent key identifier that refers to the hardware unique key.
- *
- */
-#define TFM_CRYPTO_KEY_ID_HUK (0xFFFF815Bu)
-
-/**
- * \brief The algorithm identifier that refers to key derivation from the
- * hardware unique key.
- *
- */
-#define TFM_CRYPTO_ALG_HUK_DERIVATION ((psa_algorithm_t)0xB0000F00)
-
-/**
* \brief Define miscellaneous literal constants that are used in the service
*
*/