Added new macro to enable crypto accelerator
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 09a1b87..0426ef4 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -73,7 +73,8 @@
* and MUST NOT use the content of the output buffer if the return
* status is not #PSA_SUCCESS.
*
- * \note This function has to be defined by the vendor.
+ * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C
+ * is defined.
* A weakly linked version is provided by default and returns
* PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
* to generate a key, use psa_generate_key() instead.
@@ -92,7 +93,8 @@
* \brief Perform vendor specific setup for cipher operations.
*
*
- * \note This function has to be defined by the vendor.
+ * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C
+ * is defined.
* A weakly linked version is provided by default and returns
* PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
* to generate a key, use psa_generate_key() instead.
@@ -116,10 +118,8 @@
/** Perform any vendor specific action when aborting a cipher operation.
*
- * This function is called at the beginning of the psa_cipher_abort function.
- * The vendor must provide an implementation of this function to perform any
- * vendor specific abort operation. A weakly linked implementation of this
- * function that does nothing is provided in the implementation.
+ * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C
+ * is defined. This function is called at the beginning of the psa_cipher_abort function.
*
* This function must not be called directly.
*
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fa920cc..cdc6f5b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2427,6 +2427,8 @@
target_operation->alg = source_operation->alg;
return( PSA_SUCCESS );
}
+
+
/****************************************************************/
/* MAC */
/****************************************************************/
@@ -3332,41 +3334,6 @@
}
#endif /* MBEDTLS_ECDSA_C */
-// The weakly linked function "psa_asymmetric_sign_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if
-// the vendor does not provide a definition for "psa_asymmetric_sign_vendor"
-psa_status_t psa_asymmetric_sign_vendor( psa_key_slot_t * slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length ) __attribute__ ((weak, alias("psa_asymmetric_sign_vendor_weak")));
-psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_slot_t * slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length );
-psa_status_t psa_asymmetric_sign_vendor_weak( psa_key_slot_t * slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_size,
- size_t *signature_length )
-{
- (void) slot ;
- (void) alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_size;
- (void)signature_length;
-
-
- return PSA_ERROR_NOT_SUPPORTED;
-}
psa_status_t psa_asymmetric_sign( psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
@@ -3411,6 +3378,7 @@
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C)
if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime))
{
status = psa_asymmetric_sign_vendor(slot,alg,
@@ -3419,6 +3387,7 @@
signature_length );
}
else
+#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */
#if defined(MBEDTLS_RSA_C)
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
@@ -3472,37 +3441,7 @@
* memset because signature may be NULL in this case. */
return( status );
}
-// The weakly linked function "psa_asymmetric_verify_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if
-// the vendor does not provide a definition for "psa_asymmetric_verify_vendor"
-psa_status_t psa_asymmetric_verify_vendor( psa_key_slot_t * slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_length ) __attribute__ ((weak, alias("psa_asymmetric_verify_vendor_weak")));
-psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_slot_t * slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_length );
-psa_status_t psa_asymmetric_verify_vendor_weak( psa_key_slot_t * slot,
- psa_algorithm_t alg,
- const uint8_t *hash,
- size_t hash_length,
- uint8_t *signature,
- size_t signature_length )
-{
- (void) slot;
- (void) alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_length;
-
- return PSA_ERROR_NOT_SUPPORTED;
-}
psa_status_t psa_asymmetric_verify( psa_key_handle_t handle,
psa_algorithm_t alg,
const uint8_t *hash,
@@ -3535,6 +3474,7 @@
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C)
if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime))
{
return( psa_asymmetric_verify_vendor(slot,alg,
@@ -3542,6 +3482,7 @@
signature, signature_length ) );
}
else
+#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */
#if defined(MBEDTLS_RSA_C)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
@@ -3772,17 +3713,6 @@
mbedtls_cipher_init( &operation->ctx.cipher );
return( PSA_SUCCESS );
}
-// The weakly linked function "psa_cipher_setup_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if
-// the vendor does not provide a definition for "psa_cipher_setup_vendor"
-psa_status_t psa_cipher_setup_vendor( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg) __attribute__ ((weak, alias("psa_cipher_setup_vendor_weak")));
-psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg);
-psa_status_t psa_cipher_setup_vendor_weak( psa_cipher_operation_t * operation, psa_key_handle_t handle, psa_algorithm_t alg)
-{
- (void)operation;
- (void)handle;
- (void)alg;
- return PSA_ERROR_NOT_SUPPORTED;
-}
static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
psa_key_handle_t handle,
@@ -3824,13 +3754,14 @@
if( ret != 0 )
goto exit;
+#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C)
if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime))
{
status = psa_cipher_setup_vendor(operation, handle, alg);
if( status != PSA_SUCCESS )
goto exit;
}
-
+#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */
#if defined(MBEDTLS_DES_C)
if( slot->attr.type == PSA_KEY_TYPE_DES && key_bits == 128 )
{
@@ -4071,16 +4002,6 @@
return( status );
}
-// The weakly linked function "psa_cipher_abort_vendor_weak" which returns "PSA_SUCCESS" will be linked if
-// the vendor does not provide a definition for "psa_cipher_abort_vendor"
-psa_status_t psa_cipher_abort_vendor( psa_cipher_operation_t * operation) __attribute__ ((weak, alias("psa_cipher_abort_vendor_weak")));
-psa_status_t psa_cipher_abort_vendor_weak( psa_cipher_operation_t * operation);
-psa_status_t psa_cipher_abort_vendor_weak( psa_cipher_operation_t * operation)
-{
- (void)operation;
- return PSA_SUCCESS;
-}
-
psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
{
if( operation->alg == 0 )
@@ -5611,19 +5532,7 @@
return( PSA_SUCCESS );
}
-// The weakly linked function "psa_generate_key_vendor_weak" which returns "PSA_ERROR_NOT_SUPPORTED" will be linked if
-// the vendor does not provide a definition for "psa_generate_key_vendor"
-psa_status_t psa_generate_key_vendor( psa_key_slot_t *slot, size_t bits,
- const uint8_t *domain_parameters, size_t domain_parameters_size ) __attribute__ ((weak, alias("psa_generate_key_vendor_weak")));
-psa_status_t psa_generate_key_vendor_weak( psa_key_slot_t *slot, size_t bits,
- const uint8_t *domain_parameters, size_t domain_parameters_size );
-psa_status_t psa_generate_key_vendor_weak( psa_key_slot_t *slot, size_t bits,
- const uint8_t *domain_parameters, size_t domain_parameters_size )
-{
- (void) slot;
-
- return PSA_ERROR_NOT_SUPPORTED;
-}
+
psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
psa_key_handle_t *handle )
{
@@ -5654,6 +5563,7 @@
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+#if defined (MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C)
if (PSA_KEY_LIFETIME_IS_VENDOR_DEFINED(slot->attr.lifetime))
{
status = psa_generate_key_vendor(slot, attributes->core.bits,
@@ -5665,7 +5575,7 @@
slot, attributes->core.bits,
attributes->domain_parameters, attributes->domain_parameters_size );
}
-
+#endif /* MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C */
exit:
if( status == PSA_SUCCESS )
status = psa_finish_key_creation( slot, driver );
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 4654405..5ea68a6 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -139,9 +139,8 @@
/**
* \brief Generate a vendor defined key or key pair.
*
- * \note This function has to be defined by the vendor.
- * A weakly linked version is provided by default and returns
- * PSA_ERROR_NOT_SUPPORTED. Do not use this function directly;
+ * \note This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C
+ * is defined. Do not use this function directly;
* to generate a key, use psa_generate_key() instead.
*
* \param[in] slot
@@ -178,6 +177,8 @@
/**
* \brief Sign a hash or short message with a vendor defined private key.
+ * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C
+ *is defined.
*
* Note that to perform a hash-and-sign signature algorithm, you must
* first calculate the hash by calling psa_hash_setup(), psa_hash_update()
@@ -216,6 +217,8 @@
/**
* \brief Verify the signature a hash or short message using a vendor defined public key.
+ * This function has to be defined by the vendor if MBEDTLS_PSA_CRYPTO_ACCEL_DRV_C
+ * is defined.
*
* Note that to perform a hash-and-sign signature algorithm, you must
* first calculate the hash by calling psa_hash_setup(), psa_hash_update()