This is the case for all key creation in a secure element, but state it
explicitly where relevant.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is the generic way of going adapting a psa_key_id_t argument in the
application interface to the driver interface. Thanks Hannes Lindström.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The new function psa_crypto_driver_key_derivation_get_input_type() allows
drivers to retrieve the effective type of each input step, and thus to call
the correct get-data function. This is simpler than the previous scheme
which required a somewhat contrived dance with get_key() and get_bytes() for
inputs that can be passed either as a key or as a byte buffer at the
application's choice.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't use “output” for an input of the KDF. It's correct in context (it's
the output of a function that copies the input of the KDF from core-owned
memory to driver-owned memory) but confusing.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Pass all the initial inputs in a single structure. It's impossible to pass
the inputs as soon as the application makes them available because the core
cannot know which driver to call until it receives the SECRET input.
Do support hiding the key material inside a secure element if the relevant
driver has all the requisite entry points.
Do cooked key derivation (i.e. derivation of non-raw keys) and key agreement
separately.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
* Updated the default argument to create less noise with argument
passing.
* Reworded ChangeLog to match MbedTLS documentation/ announcement
requirements
Signed-off-by: Archana <archana.madhavan@silabs.com>
Jinja2 rev 2.10.1 is required for the driver wrappers code gen.
The same is set up in the bionic docker file.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Pylint errors are fixed.
The Python script is improved to take default arguments when not
passed (eg invoked from root of the tree)
check-generated-files.sh and CMakeLists.sh updated.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Moved python script generate_driver_wrappers.py under scripts and
corresponding template file under script/data_files.
Signed-off-by: Archana <archana.madhavan@silabs.com>
The file psa_crypto_driver_wrappers.c is deleted to be autogenerated.
Updated psa_crypto_driver_wrappers.h, this file only contains the
prototypes for the driver wrappers, we don't expect this to be auto
generated.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Change 'tranlation' -> 'translation' in the name of a
method in `scripts/generate_ssl_debug_headers.py`.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Having an automatically generated header file makes it harder to have
working build scripts. The content of ssl_debug_helpers_generated.h isn't
likely to change often, so we can update it manually.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
