1From 4b2df7aeedd3fec1f46766afb39a36f5e2b6be59 Mon Sep 17 00:00:00 2001 2From: Antonio de Angelis <Antonio.deAngelis@arm.com> 3Date: Thu, 21 Mar 2024 11:44:56 +0000 4Subject: [PATCH 1/6] Add TF-M Builtin Key Loader driver entry points 5 6TF-M requires a mechanism to leverage the drivers 7and builtin keys at the same time to allow for 8"transparent builtin keys". More details are in the 9TF-M design doc. Provide directly the wrappers instead 10of modifying the autogen scripts, for the time being. 11 12Signed-off-by: Raef Coles <raef.coles@arm.com> 13Co-authored-by: Antonio de Angelis <antonio.deangelis@arm.com> 14--- 15 library/psa_crypto.c | 10 +- 16 library/psa_crypto_driver_wrappers.h | 102 +++++++++++++++++- 17 .../psa_crypto_driver_wrappers_no_static.c | 40 ++++++- 18 3 files changed, 143 insertions(+), 9 deletions(-) 19 20diff --git a/library/psa_crypto.c b/library/psa_crypto.c 21index c4f41db10..5180435de 100644 22--- a/library/psa_crypto.c 23+++ b/library/psa_crypto.c 24@@ -73,6 +73,10 @@ 25 #include "mbedtls/psa_util.h" 26 #include "mbedtls/threading.h" 27 28+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 29+#include "tfm_builtin_key_loader.h" 30+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 31+ 32 #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ 33 defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ 34 defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) 35@@ -1166,7 +1170,11 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( 36 return status; 37 } 38 39- if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime)) { 40+ if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime) 41+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 42+ && PSA_KEY_LIFETIME_GET_LOCATION((*p_slot)->attr.lifetime) != TFM_BUILTIN_KEY_LOADER_KEY_LOCATION 43+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 44+ ) { 45 psa_unregister_read_under_mutex(*p_slot); 46 *p_slot = NULL; 47 return PSA_ERROR_NOT_SUPPORTED; 48diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h 49index b90155720..2e828115f 100644 50--- a/library/psa_crypto_driver_wrappers.h 51+++ b/library/psa_crypto_driver_wrappers.h 52@@ -42,16 +42,32 @@ 53 54 #endif 55 56+/* Include TF-M builtin key driver */ 57+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 58+#ifndef PSA_CRYPTO_DRIVER_PRESENT 59+#define PSA_CRYPTO_DRIVER_PRESENT 60+#endif 61+#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT 62+#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT 63+#endif 64+#include "tfm_builtin_key_loader.h" 65+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 66+ 67 /* END-driver headers */ 68 69 /* Auto-generated values depending on which drivers are registered. 70 * ID 0 is reserved for unallocated operations. 71 * ID 1 is reserved for the Mbed TLS software driver. */ 72 /* BEGIN-driver id definition */ 73-#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) 74-#define MBEDTLS_TEST_OPAQUE_DRIVER_ID (2) 75-#define MBEDTLS_TEST_TRANSPARENT_DRIVER_ID (3) 76-#define P256_TRANSPARENT_DRIVER_ID (4) 77+enum { 78+ PSA_CRYPTO_MBED_TLS_DRIVER_ID = 1, 79+ MBEDTLS_TEST_OPAQUE_DRIVER_ID, 80+ MBEDTLS_TEST_TRANSPARENT_DRIVER_ID, 81+ P256_TRANSPARENT_DRIVER_ID, 82+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 83+ PSA_CRYPTO_TFM_BUILTIN_KEY_LOADER_DRIVER_ID, 84+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 85+}; 86 87 /* END-driver id */ 88 89@@ -73,6 +89,12 @@ static inline psa_status_t psa_driver_wrapper_init( void ) 90 { 91 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; 92 93+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 94+ status = tfm_builtin_key_loader_init(); 95+ if (status != PSA_SUCCESS) 96+ return ( status ); 97+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 98+ 99 #if defined(MBEDTLS_PSA_CRYPTO_SE_C) 100 status = psa_init_all_se_drivers( ); 101 if( status != PSA_SUCCESS ) 102@@ -126,6 +148,9 @@ static inline psa_status_t psa_driver_wrapper_sign_message( 103 switch( location ) 104 { 105 case PSA_KEY_LOCATION_LOCAL_STORAGE: 106+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 107+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 108+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 109 /* Key is stored in the slot in export representation, so 110 * cycle through all known transparent accelerators */ 111 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 112@@ -200,6 +225,9 @@ static inline psa_status_t psa_driver_wrapper_verify_message( 113 switch( location ) 114 { 115 case PSA_KEY_LOCATION_LOCAL_STORAGE: 116+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 117+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 118+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 119 /* Key is stored in the slot in export representation, so 120 * cycle through all known transparent accelerators */ 121 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 122@@ -287,6 +315,9 @@ static inline psa_status_t psa_driver_wrapper_sign_hash( 123 switch( location ) 124 { 125 case PSA_KEY_LOCATION_LOCAL_STORAGE: 126+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 127+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 128+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 129 /* Key is stored in the slot in export representation, so 130 * cycle through all known transparent accelerators */ 131 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 132@@ -391,6 +422,9 @@ static inline psa_status_t psa_driver_wrapper_verify_hash( 133 switch( location ) 134 { 135 case PSA_KEY_LOCATION_LOCAL_STORAGE: 136+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 137+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 138+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 139 /* Key is stored in the slot in export representation, so 140 * cycle through all known transparent accelerators */ 141 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 142@@ -521,6 +555,9 @@ static inline psa_status_t psa_driver_wrapper_sign_hash_start( 143 switch( location ) 144 { 145 case PSA_KEY_LOCATION_LOCAL_STORAGE: 146+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 147+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 148+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 149 /* Key is stored in the slot in export representation, so 150 * cycle through all known transparent accelerators */ 151 152@@ -613,6 +650,9 @@ static inline psa_status_t psa_driver_wrapper_verify_hash_start( 153 switch( location ) 154 { 155 case PSA_KEY_LOCATION_LOCAL_STORAGE: 156+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 157+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 158+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 159 /* Key is stored in the slot in export representation, so 160 * cycle through all known transparent accelerators */ 161 162@@ -776,6 +816,9 @@ static inline psa_status_t psa_driver_wrapper_generate_key( 163 switch( location ) 164 { 165 case PSA_KEY_LOCATION_LOCAL_STORAGE: 166+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 167+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 168+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 169 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 170 /* Transparent drivers are limited to generating asymmetric keys. */ 171 /* We don't support passing custom production parameters 172@@ -880,6 +923,9 @@ static inline psa_status_t psa_driver_wrapper_import_key( 173 switch( location ) 174 { 175 case PSA_KEY_LOCATION_LOCAL_STORAGE: 176+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 177+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 178+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 179 /* Key is stored in the slot in export representation, so 180 * cycle through all known transparent accelerators */ 181 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 182@@ -981,6 +1027,9 @@ static inline psa_status_t psa_driver_wrapper_export_key( 183 switch( location ) 184 { 185 case PSA_KEY_LOCATION_LOCAL_STORAGE: 186+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 187+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 188+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 189 return( psa_export_key_internal( attributes, 190 key_buffer, 191 key_buffer_size, 192@@ -1087,6 +1136,9 @@ static inline psa_status_t psa_driver_wrapper_cipher_encrypt( 193 switch( location ) 194 { 195 case PSA_KEY_LOCATION_LOCAL_STORAGE: 196+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 197+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 198+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 199 /* Key is stored in the slot in export representation, so 200 * cycle through all known transparent accelerators */ 201 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 202@@ -1177,6 +1229,9 @@ static inline psa_status_t psa_driver_wrapper_cipher_decrypt( 203 switch( location ) 204 { 205 case PSA_KEY_LOCATION_LOCAL_STORAGE: 206+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 207+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 208+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 209 /* Key is stored in the slot in export representation, so 210 * cycle through all known transparent accelerators */ 211 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 212@@ -1254,6 +1309,9 @@ static inline psa_status_t psa_driver_wrapper_cipher_encrypt_setup( 213 switch( location ) 214 { 215 case PSA_KEY_LOCATION_LOCAL_STORAGE: 216+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 217+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 218+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 219 /* Key is stored in the slot in export representation, so 220 * cycle through all known transparent accelerators */ 221 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 222@@ -1327,6 +1385,9 @@ static inline psa_status_t psa_driver_wrapper_cipher_decrypt_setup( 223 switch( location ) 224 { 225 case PSA_KEY_LOCATION_LOCAL_STORAGE: 226+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 227+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 228+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 229 /* Key is stored in the slot in export representation, so 230 * cycle through all known transparent accelerators */ 231 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 232@@ -1727,6 +1788,9 @@ static inline psa_status_t psa_driver_wrapper_aead_encrypt( 233 switch( location ) 234 { 235 case PSA_KEY_LOCATION_LOCAL_STORAGE: 236+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 237+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 238+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 239 /* Key is stored in the slot in export representation, so 240 * cycle through all known transparent accelerators */ 241 242@@ -1779,6 +1843,9 @@ static inline psa_status_t psa_driver_wrapper_aead_decrypt( 243 switch( location ) 244 { 245 case PSA_KEY_LOCATION_LOCAL_STORAGE: 246+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 247+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 248+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 249 /* Key is stored in the slot in export representation, so 250 * cycle through all known transparent accelerators */ 251 252@@ -1828,6 +1895,9 @@ static inline psa_status_t psa_driver_wrapper_aead_encrypt_setup( 253 switch( location ) 254 { 255 case PSA_KEY_LOCATION_LOCAL_STORAGE: 256+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 257+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 258+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 259 /* Key is stored in the slot in export representation, so 260 * cycle through all known transparent accelerators */ 261 262@@ -1876,6 +1946,9 @@ static inline psa_status_t psa_driver_wrapper_aead_decrypt_setup( 263 switch( location ) 264 { 265 case PSA_KEY_LOCATION_LOCAL_STORAGE: 266+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 267+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 268+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 269 /* Key is stored in the slot in export representation, so 270 * cycle through all known transparent accelerators */ 271 272@@ -2212,6 +2285,9 @@ static inline psa_status_t psa_driver_wrapper_mac_compute( 273 switch( location ) 274 { 275 case PSA_KEY_LOCATION_LOCAL_STORAGE: 276+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 277+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 278+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 279 /* Key is stored in the slot in export representation, so 280 * cycle through all known transparent accelerators */ 281 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 282@@ -2276,6 +2352,9 @@ static inline psa_status_t psa_driver_wrapper_mac_sign_setup( 283 switch( location ) 284 { 285 case PSA_KEY_LOCATION_LOCAL_STORAGE: 286+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 287+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 288+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 289 /* Key is stored in the slot in export representation, so 290 * cycle through all known transparent accelerators */ 291 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 292@@ -2348,6 +2427,9 @@ static inline psa_status_t psa_driver_wrapper_mac_verify_setup( 293 switch( location ) 294 { 295 case PSA_KEY_LOCATION_LOCAL_STORAGE: 296+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 297+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 298+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 299 /* Key is stored in the slot in export representation, so 300 * cycle through all known transparent accelerators */ 301 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 302@@ -2548,6 +2630,9 @@ static inline psa_status_t psa_driver_wrapper_asymmetric_encrypt( 303 switch( location ) 304 { 305 case PSA_KEY_LOCATION_LOCAL_STORAGE: 306+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 307+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 308+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 309 /* Key is stored in the slot in export representation, so 310 * cycle through all known transparent accelerators */ 311 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 312@@ -2606,6 +2691,9 @@ static inline psa_status_t psa_driver_wrapper_asymmetric_decrypt( 313 switch( location ) 314 { 315 case PSA_KEY_LOCATION_LOCAL_STORAGE: 316+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 317+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 318+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 319 /* Key is stored in the slot in export representation, so 320 * cycle through all known transparent accelerators */ 321 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 322@@ -2670,6 +2758,9 @@ static inline psa_status_t psa_driver_wrapper_key_agreement( 323 switch( location ) 324 { 325 case PSA_KEY_LOCATION_LOCAL_STORAGE: 326+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 327+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 328+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 329 /* Key is stored in the slot in export representation, so 330 * cycle through all known transparent accelerators */ 331 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 332@@ -2750,6 +2841,9 @@ static inline psa_status_t psa_driver_wrapper_pake_setup( 333 switch( location ) 334 { 335 case PSA_KEY_LOCATION_LOCAL_STORAGE: 336+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 337+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 338+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 339 /* Key is stored in the slot in export representation, so 340 * cycle through all known transparent accelerators */ 341 status = PSA_ERROR_NOT_SUPPORTED; 342diff --git a/library/psa_crypto_driver_wrappers_no_static.c b/library/psa_crypto_driver_wrappers_no_static.c 343index de8a5269b..436a650fc 100644 344--- a/library/psa_crypto_driver_wrappers_no_static.c 345+++ b/library/psa_crypto_driver_wrappers_no_static.c 346@@ -41,16 +41,32 @@ 347 348 #endif 349 350+/* Include TF-M builtin key driver */ 351+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 352+#ifndef PSA_CRYPTO_DRIVER_PRESENT 353+#define PSA_CRYPTO_DRIVER_PRESENT 354+#endif 355+#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT 356+#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT 357+#endif 358+#include "tfm_builtin_key_loader.h" 359+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 360+ 361 /* END-driver headers */ 362 363 /* Auto-generated values depending on which drivers are registered. 364 * ID 0 is reserved for unallocated operations. 365 * ID 1 is reserved for the Mbed TLS software driver. */ 366 /* BEGIN-driver id definition */ 367-#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) 368-#define MBEDTLS_TEST_OPAQUE_DRIVER_ID (2) 369-#define MBEDTLS_TEST_TRANSPARENT_DRIVER_ID (3) 370-#define P256_TRANSPARENT_DRIVER_ID (4) 371+enum { 372+ PSA_CRYPTO_MBED_TLS_DRIVER_ID = 1, 373+ MBEDTLS_TEST_OPAQUE_DRIVER_ID, 374+ MBEDTLS_TEST_TRANSPARENT_DRIVER_ID, 375+ P256_TRANSPARENT_DRIVER_ID, 376+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 377+ PSA_CRYPTO_TFM_BUILTIN_KEY_LOADER_DRIVER_ID, 378+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 379+}; 380 381 /* END-driver id */ 382 383@@ -112,6 +128,12 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( 384 PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); 385 #endif /* PSA_CRYPTO_DRIVER_TEST */ 386 387+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 388+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 389+ return tfm_builtin_key_loader_get_key_buffer_size(psa_get_key_id(attributes), 390+ key_buffer_size); 391+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 392+ 393 default: 394 (void)key_type; 395 (void)key_bits; 396@@ -153,6 +175,9 @@ psa_status_t psa_driver_wrapper_export_public_key( 397 switch( location ) 398 { 399 case PSA_KEY_LOCATION_LOCAL_STORAGE: 400+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 401+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 402+#endif /* defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) */ 403 /* Key is stored in the slot in export representation, so 404 * cycle through all known transparent accelerators */ 405 #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) 406@@ -241,6 +266,13 @@ psa_status_t psa_driver_wrapper_get_builtin_key( 407 )); 408 #endif 409 410+#if defined(PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER) 411+ case TFM_BUILTIN_KEY_LOADER_KEY_LOCATION: 412+ return( tfm_builtin_key_loader_get_builtin_key( 413+ slot_number, 414+ attributes, 415+ key_buffer, key_buffer_size, key_buffer_length ) ); 416+#endif /* PSA_CRYPTO_DRIVER_TFM_BUILTIN_KEY_LOADER */ 417 418 #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ 419 default: 420-- 4212.34.1 422 423
