[crypto] introduce default OpenThread PSA crypto platform port

LuDuda · LuDuda · commit 4db4fcfd4bf7 · 2025-04-22T16:40:25.000+02:00
This commit adds a default implementation of the OpenThread crypto
platform API for the PSA Crypto API.

Signed-off-by: Łukasz Duda &lt;lukasz.duda@nordicsemi.no&gt;
diff --git a/src/core/BUILD.gn b/src/core/BUILD.gn
@@ -464,7 +464,8 @@ openthread_core_files = [
   "crypto/aes_ecb.cpp",
   "crypto/aes_ecb.hpp",
   "crypto/context_size.hpp",
-  "crypto/crypto_platform.cpp",
+  "crypto/crypto_platform_mbedtls.cpp",
+  "crypto/crypto_platform_psa.cpp",
   "crypto/ecdsa.hpp",
   "crypto/hkdf_sha256.cpp",
   "crypto/hkdf_sha256.hpp",
@@ -768,7 +769,8 @@ openthread_radio_sources = [
   "common/uptime.cpp",
   "crypto/aes_ccm.cpp",
   "crypto/aes_ecb.cpp",
-  "crypto/crypto_platform.cpp",
+  "crypto/crypto_platform_mbedtls.cpp",
+  "crypto/crypto_platform_psa.cpp",
   "crypto/storage.cpp",
   "diags/factory_diags.cpp",
   "instance/instance.cpp",
diff --git a/src/core/CMakeLists.txt b/src/core/CMakeLists.txt
@@ -125,7 +125,8 @@ set(COMMON_SOURCES
     common/uptime.cpp
     crypto/aes_ccm.cpp
     crypto/aes_ecb.cpp
-    crypto/crypto_platform.cpp
+    crypto/crypto_platform_mbedtls.cpp
+    crypto/crypto_platform_psa.cpp
     crypto/hkdf_sha256.cpp
     crypto/hmac_sha256.cpp
     crypto/mbedtls.cpp
@@ -287,7 +288,8 @@ set(RADIO_COMMON_SOURCES
     common/uptime.cpp
     crypto/aes_ccm.cpp
     crypto/aes_ecb.cpp
-    crypto/crypto_platform.cpp
+    crypto/crypto_platform_mbedtls.cpp
+    crypto/crypto_platform_psa.cpp
     crypto/storage.cpp
     diags/factory_diags.cpp
     instance/instance.cpp
diff --git a/src/core/crypto/crypto_platform_mbedtls.cpp b/src/core/crypto/crypto_platform_mbedtls.cpp
@@ -750,74 +750,4 @@ OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
 
 #endif // #if OPENTHREAD_FTD
 
-#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA
-
-#if OPENTHREAD_FTD || OPENTHREAD_MTD
-#if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                                   otPlatCryptoEcdsaPublicKey     *aPublicKey)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aPublicKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                           const otPlatCryptoSha256Hash   *aHash,
-                                           otPlatCryptoEcdsaSignature     *aSignature)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey,
-                                             const otPlatCryptoSha256Hash     *aHash,
-                                             const otPlatCryptoEcdsaSignature *aSignature)
-
-{
-    OT_UNUSED_VARIABLE(aPublicKey);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-#endif // #if OPENTHREAD_FTD || OPENTHREAD_MTD
-
-#if OPENTHREAD_FTD
-
-OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
-                                                   uint16_t       aPasswordLen,
-                                                   const uint8_t *aSalt,
-                                                   uint16_t       aSaltLen,
-                                                   uint32_t       aIterationCounter,
-                                                   uint16_t       aKeyLen,
-                                                   uint8_t       *aKey)
-{
-    OT_UNUSED_VARIABLE(aPassword);
-    OT_UNUSED_VARIABLE(aPasswordLen);
-    OT_UNUSED_VARIABLE(aSalt);
-    OT_UNUSED_VARIABLE(aSaltLen);
-    OT_UNUSED_VARIABLE(aIterationCounter);
-    OT_UNUSED_VARIABLE(aKeyLen);
-    OT_UNUSED_VARIABLE(aKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-#endif // #if OPENTHREAD_FTD
-
 #endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS
diff --git a/src/core/crypto/crypto_platform_psa.cpp b/src/core/crypto/crypto_platform_psa.cpp
