[crypto] introduce default port for PSA API

Author: LuDuda

include/openthread/platform/crypto.h

@@ -58,10 +58,11 @@ extern "C" {
  */
 typedef enum
 {
-    OT_CRYPTO_KEY_TYPE_RAW,   ///< Key Type: Raw Data.
-    OT_CRYPTO_KEY_TYPE_AES,   ///< Key Type: AES.
-    OT_CRYPTO_KEY_TYPE_HMAC,  ///< Key Type: HMAC.
-    OT_CRYPTO_KEY_TYPE_ECDSA, ///< Key Type: ECDSA.
+    OT_CRYPTO_KEY_TYPE_RAW,    ///< Key Type: Raw Data.
+    OT_CRYPTO_KEY_TYPE_AES,    ///< Key Type: AES.
+    OT_CRYPTO_KEY_TYPE_HMAC,   ///< Key Type: HMAC.
+    OT_CRYPTO_KEY_TYPE_ECDSA,  ///< Key Type: ECDSA.
+    OT_CRYPTO_KEY_TYPE_DERIVE, ///< Key Type: Derive.
 } otCryptoKeyType;
 
 /**
@@ -73,6 +74,7 @@ typedef enum
     OT_CRYPTO_KEY_ALG_AES_ECB,      ///< Key Algorithm: AES ECB.
     OT_CRYPTO_KEY_ALG_HMAC_SHA_256, ///< Key Algorithm: HMAC SHA-256.
     OT_CRYPTO_KEY_ALG_ECDSA,        ///< Key Algorithm: ECDSA.
+    OT_CRYPTO_KEY_ALG_HKDF_SHA256,  ///< Key Algorithm: HKDF SHA-256.
 } otCryptoKeyAlgorithm;
 
 /**
@@ -86,6 +88,8 @@ enum
     OT_CRYPTO_KEY_USAGE_DECRYPT     = 1 << 2, ///< Key Usage: AES ECB.
     OT_CRYPTO_KEY_USAGE_SIGN_HASH   = 1 << 3, ///< Key Usage: Sign Hash.
     OT_CRYPTO_KEY_USAGE_VERIFY_HASH = 1 << 4, ///< Key Usage: Verify Hash.
+    OT_CRYPTO_KEY_USAGE_DERIVE      = 1 << 5, ///< Key Usage: Derive.
+
 };
 
 /**

src/core/BUILD.gn

@@ -464,7 +464,8 @@ openthread_core_files = [
   "crypto/aes_ecb.cpp",
   "crypto/aes_ecb.hpp",
   "crypto/context_size.hpp",
-  "crypto/crypto_platform.cpp",
+  "crypto/crypto_platform_mbedtls.cpp",
+  "crypto/crypto_platform_psa.cpp",
   "crypto/ecdsa.hpp",
   "crypto/hkdf_sha256.cpp",
   "crypto/hkdf_sha256.hpp",
@@ -768,7 +769,8 @@ openthread_radio_sources = [
   "common/uptime.cpp",
   "crypto/aes_ccm.cpp",
   "crypto/aes_ecb.cpp",
-  "crypto/crypto_platform.cpp",
+  "crypto/crypto_platform_mbedtls.cpp",
+  "crypto/crypto_platform_psa.cpp",
   "crypto/storage.cpp",
   "diags/factory_diags.cpp",
   "instance/instance.cpp",

src/core/CMakeLists.txt

@@ -125,7 +125,8 @@ set(COMMON_SOURCES
     common/uptime.cpp
     crypto/aes_ccm.cpp
     crypto/aes_ecb.cpp
-    crypto/crypto_platform.cpp
+    crypto/crypto_platform_mbedtls.cpp
+    crypto/crypto_platform_psa.cpp
     crypto/hkdf_sha256.cpp
     crypto/hmac_sha256.cpp
     crypto/mbedtls.cpp
@@ -287,7 +288,8 @@ set(RADIO_COMMON_SOURCES
     common/uptime.cpp
     crypto/aes_ccm.cpp
     crypto/aes_ecb.cpp
-    crypto/crypto_platform.cpp
+    crypto/crypto_platform_mbedtls.cpp
+    crypto/crypto_platform_psa.cpp
     crypto/storage.cpp
     diags/factory_diags.cpp
     instance/instance.cpp

src/core/crypto/crypto_platform.cpp …/core/crypto/crypto_platform_mbedtls.cppsrc/core/crypto/crypto_platform.cpp renamed to src/core/crypto/crypto_platform_mbedtls.cpp src/core/crypto/crypto_platform.cpp renamed to src/core/crypto/crypto_platform_mbedtls.cpp

@@ -750,74 +750,4 @@ OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
 
 #endif // #if OPENTHREAD_FTD
 
-#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA
-
-#if OPENTHREAD_FTD || OPENTHREAD_MTD
-#if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                                   otPlatCryptoEcdsaPublicKey     *aPublicKey)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aPublicKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                           const otPlatCryptoSha256Hash   *aHash,
-                                           otPlatCryptoEcdsaSignature     *aSignature)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey,
-                                             const otPlatCryptoSha256Hash     *aHash,
-                                             const otPlatCryptoEcdsaSignature *aSignature)
-
-{
-    OT_UNUSED_VARIABLE(aPublicKey);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-#endif // #if OPENTHREAD_FTD || OPENTHREAD_MTD
-
-#if OPENTHREAD_FTD
-
-OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
-                                                   uint16_t       aPasswordLen,
-                                                   const uint8_t *aSalt,
-                                                   uint16_t       aSaltLen,
-                                                   uint32_t       aIterationCounter,
-                                                   uint16_t       aKeyLen,
-                                                   uint8_t       *aKey)
-{
-    OT_UNUSED_VARIABLE(aPassword);
-    OT_UNUSED_VARIABLE(aPasswordLen);
-    OT_UNUSED_VARIABLE(aSalt);
-    OT_UNUSED_VARIABLE(aSaltLen);
-    OT_UNUSED_VARIABLE(aIterationCounter);
-    OT_UNUSED_VARIABLE(aKeyLen);
-    OT_UNUSED_VARIABLE(aKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-#endif // #if OPENTHREAD_FTD
-
 #endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS