Remove interuptible key agreement driver interface

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2025-09-29 00:18:06 -04:00 · 2024-10-30 16:38:31 +00:00 · 2024-10-30 16:38:31 +00:00 · 86e518b7bd
commit 86e518b7bd
parent 842213811d
4 changed files with 20 additions and 131 deletions
--- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja
+++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja
@ -2701,121 +2701,6 @@ static inline psa_status_t psa_driver_wrapper_key_agreement(
    }
 }
 static inline uint32_t psa_driver_wrapper_key_agreement_get_num_ops(
    psa_key_agreement_iop_t *operation )
 {
    switch( operation->id )
    {
        /* If uninitialised, return 0, as no work can have been done. */
        case 0:
            return 0;
        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
            return( mbedtls_psa_key_agreement_get_num_ops( &operation->ctx.mbedtls_ctx ) );
 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
    /* Add cases for drivers here */
 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
    }
    return 0;
 }
 static inline psa_status_t psa_driver_wrapper_key_agreement_setup(
    psa_key_agreement_iop_t *operation,
    const uint8_t *private_key_buffer,
    size_t private_key_buffer_len,
    const uint8_t *peer_key,
    size_t peer_key_length,
    const psa_key_attributes_t *attributes )
 {
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
    psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(
                                                    psa_get_key_lifetime(attributes) );
    switch( location )
    {
        case PSA_KEY_LOCATION_LOCAL_STORAGE:
            /* Key is stored in the slot in export representation, so
             * cycle through all known transparent accelerators */
 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
    /* Add cases for drivers here */
 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
            /* Fell through, meaning no accelerator supports this operation */
            operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
            status = mbedtls_psa_key_agreement_setup( &operation->ctx.mbedtls_ctx, private_key_buffer,
                                                      private_key_buffer_len, peer_key,
                                                      peer_key_length,
                                                      attributes );
            break;
            /* Add cases for opaque driver here */
            default:
                /* Key is declared with a lifetime not known to us */
                status = PSA_ERROR_INVALID_ARGUMENT;
                break;
    }
    return( status );
 }
 static inline psa_status_t psa_driver_wrapper_key_agreement_complete(
    psa_key_agreement_iop_t *operation,
    uint8_t *shared_secret,
    size_t shared_secret_size,
    size_t *shared_secret_length)
 {
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
    switch( operation->id )
    {
        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
            status = mbedtls_psa_key_agreement_complete( &operation->ctx.mbedtls_ctx, shared_secret,
                                                         shared_secret_size,
                                                         shared_secret_length );
            break;
 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
    /* Add cases for drivers here */
 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
        default:
            status = PSA_ERROR_INVALID_ARGUMENT;
            break;
    }
    return( status );
 }
 static inline psa_status_t psa_driver_wrapper_key_agreement_abort(
    psa_key_agreement_iop_t *operation)
 {
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
    switch( operation->id )
    {
        case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
            status = mbedtls_psa_key_agreement_abort( &operation->ctx.mbedtls_ctx );
            break;
 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
    /* Add cases for drivers here */
 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
        default:
            status = PSA_ERROR_INVALID_ARGUMENT;
            break;
    }
    return( status );
 }
 static inline psa_status_t psa_driver_wrapper_pake_setup(
    psa_pake_operation_t *operation,
    const psa_crypto_driver_pake_inputs_t *inputs )
--- a/tf-psa-crypto/core/psa_crypto.c
+++ b/tf-psa-crypto/core/psa_crypto.c
@ -7771,7 +7771,13 @@ static psa_status_t psa_key_agreement_iop_abort_internal(psa_key_agreement_iop_t
 {
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    status = psa_driver_wrapper_key_agreement_abort(operation);
+    if (operation->id == 0) {
        return PSA_SUCCESS;
    }
    status = mbedtls_psa_key_agreement_iop_abort(&operation->mbedtls_ctx);
    operation->id = 0;
    return status;
 }
@ -7830,12 +7836,15 @@ psa_status_t psa_key_agreement_iop_setup(
    operation->num_ops = 0;
-    status = psa_driver_wrapper_key_agreement_setup(operation, slot->key.data,
+    /* To be removed later when driver dispatch is added. */
-                                                    slot->key.bytes, peer_key,
+    operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID;
                                                    peer_key_length,
                                                    &slot->attr);
-    operation->num_ops = psa_driver_wrapper_key_agreement_get_num_ops(operation);
+    status = mbedtls_psa_key_agreement_iop_setup(&operation->mbedtls_ctx,
                                                 &slot->attr, slot->key.data,
                                                 slot->key.bytes, peer_key,
                                                 peer_key_length);
    operation->num_ops = mbedtls_psa_key_agreement_iop_get_num_ops(&operation->mbedtls_ctx);
 exit:
    unlock_status = psa_unregister_read_under_mutex(slot);
@ -7871,11 +7880,11 @@ psa_status_t psa_key_agreement_iop_complete(
    uint8_t intermediate_key[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE];
    size_t key_len = 0;
-    status = psa_driver_wrapper_key_agreement_complete(operation, intermediate_key,
+    status = mbedtls_psa_key_agreement_iop_complete(&operation->mbedtls_ctx, intermediate_key,
-                                                       PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE,
+                                                    sizeof(intermediate_key),
-                                                       &key_len);
+                                                    &key_len);
-    operation->num_ops = psa_driver_wrapper_key_agreement_get_num_ops(operation);
+    operation->num_ops = mbedtls_psa_key_agreement_iop_get_num_ops(&operation->mbedtls_ctx);
    if (status == PSA_SUCCESS) {
        status = psa_import_key(&operation->attributes, intermediate_key,
--- a/tf-psa-crypto/include/psa/crypto_driver_contexts_composites.h
+++ b/tf-psa-crypto/include/psa/crypto_driver_contexts_composites.h
@ -147,10 +147,5 @@ typedef union {
 #endif
 } psa_driver_pake_context_t;
 typedef union {
    unsigned dummy; /* Make sure this union is always non-empty */
    mbedtls_psa_key_agreement_interruptible_operation_t mbedtls_ctx;
 } psa_driver_key_agreement_interruptible_context_t;
 #endif /* PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H */
 /* End of automatically generated file. */
--- a/tf-psa-crypto/include/psa/crypto_struct.h
+++ b/tf-psa-crypto/include/psa/crypto_struct.h
@ -508,7 +508,7 @@ struct psa_key_agreement_iop_s {
     * any driver (i.e. none of the driver contexts are active).
     */
    unsigned int MBEDTLS_PRIVATE(id);
-    psa_driver_key_agreement_interruptible_context_t MBEDTLS_PRIVATE(ctx);
+    mbedtls_psa_key_agreement_interruptible_operation_t MBEDTLS_PRIVATE(mbedtls_ctx);
    uint32_t MBEDTLS_PRIVATE(num_ops);
    psa_key_attributes_t MBEDTLS_PRIVATE(attributes);
    unsigned int MBEDTLS_PRIVATE(error_occurred) : 1;