[crypto] PSA API: introduce default OpenThread crypto platform port

This commit adds a default implementation of the OpenThread crypto
platform API for the PSA Crypto API.

Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>

Author: LuDuda

etc/cmake/options.cmake

@@ -302,6 +302,10 @@ if(ot_index EQUAL -1)
     message(FATAL_ERROR "Invalid value for OT_PLATFORM - valid values are:" "${OT_PLATFORM_VALUES}")
 endif()
 
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+set(OT_CRYPTO_LIB_VALUES "MBEDTLS" "PSA" "PLATFORM")
+ot_multi_option(OT_CRYPTO_LIB OT_CRYPTO_LIB_VALUES OPENTHREAD_CONFIG_CRYPTO_LIB OPENTHREAD_CONFIG_CRYPTO_LIB_ "set Crypto backend library")
+
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 set(OT_THREAD_VERSION_VALUES "1.1" "1.2" "1.3" "1.3.1" "1.4")
 set(OT_THREAD_VERSION "1.4" CACHE STRING "set Thread version")
@@ -359,7 +363,7 @@ ot_int_option(OT_RCP_TX_WAIT_TIME_SECS OPENTHREAD_SPINEL_CONFIG_RCP_TX_WAIT_TIME
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
 if(NOT OT_EXTERNAL_MBEDTLS)
-    set(OT_MBEDTLS mbedtls)
+    set(OT_MBEDTLS mbedtls mbedcrypto)
     target_compile_definitions(ot-config INTERFACE "OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS=1")
 else()
     set(OT_MBEDTLS ${OT_EXTERNAL_MBEDTLS})

src/core/BUILD.gn

@@ -341,7 +341,8 @@ openthread_core_files = [
   "crypto/aes_ecb.cpp",
   "crypto/aes_ecb.hpp",
   "crypto/context_size.hpp",
-  "crypto/crypto_platform.cpp",
+  "crypto/crypto_platform_mbedtls.cpp",
+  "crypto/crypto_platform_psa.cpp",
   "crypto/ecdsa.hpp",
   "crypto/hkdf_sha256.cpp",
   "crypto/hkdf_sha256.hpp",
@@ -673,7 +674,8 @@ openthread_radio_sources = [
   "common/uptime.cpp",
   "crypto/aes_ccm.cpp",
   "crypto/aes_ecb.cpp",
-  "crypto/crypto_platform.cpp",
+  "crypto/crypto_platform_mbedtls.cpp",
+  "crypto/crypto_platform_psa.cpp",
   "crypto/storage.cpp",
   "diags/factory_diags.cpp",
   "instance/instance.cpp",

src/core/CMakeLists.txt

@@ -138,7 +138,8 @@ set(COMMON_SOURCES
     common/uptime.cpp
     crypto/aes_ccm.cpp
     crypto/aes_ecb.cpp
-    crypto/crypto_platform.cpp
+    crypto/crypto_platform_mbedtls.cpp
+    crypto/crypto_platform_psa.cpp
     crypto/hkdf_sha256.cpp
     crypto/hmac_sha256.cpp
     crypto/mbedtls.cpp
@@ -315,7 +316,8 @@ set(RADIO_COMMON_SOURCES
     common/uptime.cpp
     crypto/aes_ccm.cpp
     crypto/aes_ecb.cpp
-    crypto/crypto_platform.cpp
+    crypto/crypto_platform_mbedtls.cpp
+    crypto/crypto_platform_psa.cpp
     crypto/storage.cpp
     diags/factory_diags.cpp
     instance/instance.cpp

src/core/crypto/crypto_platform.cpp …/core/crypto/crypto_platform_mbedtls.cppsrc/core/crypto/crypto_platform.cpp renamed to src/core/crypto/crypto_platform_mbedtls.cpp src/core/crypto/crypto_platform.cpp renamed to src/core/crypto/crypto_platform_mbedtls.cpp

@@ -755,74 +755,4 @@ OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
 
 #endif // #if OPENTHREAD_FTD
 
-#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA
-
-#if OPENTHREAD_FTD || OPENTHREAD_MTD
-#if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                                   otPlatCryptoEcdsaPublicKey     *aPublicKey)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aPublicKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                           const otPlatCryptoSha256Hash   *aHash,
-                                           otPlatCryptoEcdsaSignature     *aSignature)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey,
-                                             const otPlatCryptoSha256Hash     *aHash,
-                                             const otPlatCryptoEcdsaSignature *aSignature)
-
-{
-    OT_UNUSED_VARIABLE(aPublicKey);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-#endif // #if OPENTHREAD_FTD || OPENTHREAD_MTD
-
-#if OPENTHREAD_FTD
-
-OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
-                                                   uint16_t       aPasswordLen,
-                                                   const uint8_t *aSalt,
-                                                   uint16_t       aSaltLen,
-                                                   uint32_t       aIterationCounter,
-                                                   uint16_t       aKeyLen,
-                                                   uint8_t       *aKey)
-{
-    OT_UNUSED_VARIABLE(aPassword);
-    OT_UNUSED_VARIABLE(aPasswordLen);
-    OT_UNUSED_VARIABLE(aSalt);
-    OT_UNUSED_VARIABLE(aSaltLen);
-    OT_UNUSED_VARIABLE(aIterationCounter);
-    OT_UNUSED_VARIABLE(aKeyLen);
-    OT_UNUSED_VARIABLE(aKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-#endif // #if OPENTHREAD_FTD
-
 #endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS