diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h index a6a506933..ec9829f6f 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h @@ -95,6 +95,14 @@ typedef struct mbedtls_ecdh_context_mbed { } mbedtls_ecdh_context_mbed; #endif +#if defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_ECDH_CTX_MBED_INIT {MBEDTLS_ECP_GROUP_INIT, MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, \ + MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT, MBEDTLS_ECP_RESTART_INIT} +#else +#define MBEDTLS_ECDH_CTX_MBED_INIT {MBEDTLS_ECP_GROUP_INIT, MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, \ + MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT} +#endif + /** * * \warning Performing multiple operations concurrently on the same @@ -141,6 +149,32 @@ typedef struct mbedtls_ecdh_context { } mbedtls_ecdh_context; +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) +#if defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_ECDH_CTX_INIT {MBEDTLS_ECP_GROUP_INIT, MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, \ + MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT, 0, MBEDTLS_ECP_POINT_INIT, \ + MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT,0, MBEDTLS_ECP_RESTART_INIT} +#else +#define MBEDTLS_ECDH_CTX_INIT {MBEDTLS_ECP_GROUP_INIT, MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, \ + MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT, 0, MBEDTLS_ECP_POINT_INIT, \ + MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT} +#endif /* MBEDTLS_ECP_RESTARTABLE */ +#else +#if !defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) +#if defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_ECDH_CTX_INIT {0, MBEDTLS_ECP_DP_NONE, MBEDTLS_ECDH_VARIANT_NONE, MBEDTLS_ECDH_CTX_MBED_INIT, MBEDTLS_ECDH_CTX_MBED_INIT, 0} +#else +#define MBEDTLS_ECDH_CTX_INIT {0, MBEDTLS_ECP_DP_NONE, MBEDTLS_ECDH_VARIANT_NONE, MBEDTLS_ECDH_CTX_MBED_INIT, MBEDTLS_ECDH_CTX_MBED_INIT} +#endif /* MBEDTLS_ECP_RESTARTABLE */ +#else +#if defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_ECDH_CTX_INIT {0, MBEDTLS_ECP_DP_NONE, MBEDTLS_ECDH_VARIANT_NONE, MBEDTLS_ECDH_CTX_EVEREST_INIT, MBEDTLS_ECDH_CTX_MBED_INIT, 0} +#else +#define MBEDTLS_ECDH_CTX_INIT {0, MBEDTLS_ECP_DP_NONE, MBEDTLS_ECDH_VARIANT_NONE, MBEDTLS_ECDH_CTX_EVEREST_INIT, MBEDTLS_ECDH_CTX_MBED_INIT} +#endif /* MBEDTLS_ECP_RESTARTABLE */ +#endif /* !MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ +#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ + /** * \brief Return the ECP group for provided context. * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h index b3406142f..f4fc8923d 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h @@ -255,6 +255,7 @@ mbedtls_ecp_group; #define MBEDTLS_ECP_GROUP_INIT { MBEDTLS_ECP_DP_NONE, MBEDTLS_MPI_INIT, MBEDTLS_MPI_INIT, \ MBEDTLS_MPI_INIT, MBEDTLS_ECP_POINT_INIT, MBEDTLS_MPI_INIT, \ 0, 0, 0, NULL, NULL, NULL, NULL, NULL, 0 } + /** * \name SECTION: Module settings * @@ -372,6 +373,8 @@ typedef struct { mbedtls_ecp_restart_muladd_ctx *MBEDTLS_PRIVATE(ma); /*!< ecp_muladd() sub-context */ } mbedtls_ecp_restart_ctx; +#define MBEDTLS_ECP_RESTART_INIT {0, 0, NULL, NULL} + /* * Operation counts for restartable functions */ diff --git a/tf-psa-crypto/drivers/everest/include/everest/everest.h b/tf-psa-crypto/drivers/everest/include/everest/everest.h index 392e7924a..beb867494 100644 --- a/tf-psa-crypto/drivers/everest/include/everest/everest.h +++ b/tf-psa-crypto/drivers/everest/include/everest/everest.h @@ -41,6 +41,7 @@ typedef struct { mbedtls_x25519_context ctx; } mbedtls_ecdh_context_everest; +#define MBEDTLS_ECDH_CTX_EVERSET_INIT {MBEDTLS_X25519_CTX_INIT} /** * \brief This function sets up the ECDH context with the information diff --git a/tf-psa-crypto/drivers/everest/include/everest/x25519.h b/tf-psa-crypto/drivers/everest/include/everest/x25519.h index ef314d2f3..aa71388f5 100644 --- a/tf-psa-crypto/drivers/everest/include/everest/x25519.h +++ b/tf-psa-crypto/drivers/everest/include/everest/x25519.h @@ -47,6 +47,8 @@ typedef struct unsigned char peer_point[MBEDTLS_X25519_KEY_SIZE_BYTES]; } mbedtls_x25519_context; +#define MBEDTLS_X25519_CTX_INIT {{0}, {0}} + /** * \brief This function initializes an x25519 context. * diff --git a/tf-psa-crypto/include/psa/crypto_builtin_composites.h b/tf-psa-crypto/include/psa/crypto_builtin_composites.h index 47493b239..706a1055a 100644 --- a/tf-psa-crypto/include/psa/crypto_builtin_composites.h +++ b/tf-psa-crypto/include/psa/crypto_builtin_composites.h @@ -243,9 +243,9 @@ typedef struct { } mbedtls_psa_key_agreement_interruptible_operation_t; #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) && defined(MBEDTLS_ECP_RESTARTABLE) -#define MBEDTLS_PSA_KEY_AGREEMENT_INTERRUPTIBLE_OPERATION_INIT { { 0 }, 0 } +#define MBEDTLS_PSA_KEY_AGREEMENT_IOP_INIT { MBEDTLS_ECDH_CTX_INIT, 0 } #else -#define MBEDTLS_PSA_KEY_AGREEMENT_INTERRUPTIBLE_OPERATION_INIT { 0 } +#define MBEDTLS_PSA_KEY_AGREEMENT_IOP_INIT { 0 } #endif #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/tf-psa-crypto/include/psa/crypto_struct.h b/tf-psa-crypto/include/psa/crypto_struct.h index 7dbeadc80..a5016dcb3 100644 --- a/tf-psa-crypto/include/psa/crypto_struct.h +++ b/tf-psa-crypto/include/psa/crypto_struct.h @@ -518,7 +518,7 @@ struct psa_key_agreement_iop_s { #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) #define PSA_KEY_AGREEMENT_IOP_INIT { 0 } #else -#define PSA_KEY_AGREEMENT_IOP_INIT { 0, { 0 }, 0, PSA_KEY_ATTRIBUTES_INIT, 0 } +#define PSA_KEY_AGREEMENT_IOP_INIT { 0, MBEDTLS_PSA_KEY_AGREEMENT_IOP_INIT, 0, PSA_KEY_ATTRIBUTES_INIT, 0 } #endif static inline struct psa_key_agreement_iop_s