nrf_security: Add IronSide PSA crypto driver interface

Define the functions that will be used to implement a transparent driver
for platform keys in IronSide SE. This new driver will be used alongside
the CRACEN driver.

Ref: NCSDK-35399
Signed-off-by: Grzegorz Swiderski <[email protected]>

Author: 57300

subsys/nrf_security/cmake/psa_crypto_config.cmake

@@ -498,6 +498,7 @@ kconfig_check_and_set_base_to_one(PSA_NEED_CRACEN_TRNG_DRIVER)
 
 # Nordic specific
 kconfig_check_and_set_base_to_one(PSA_CRYPTO_DRIVER_ALG_PRNG_TEST)
+kconfig_check_and_set_base_to_one(PSA_CRYPTO_DRIVER_IRONSIDE)
 
 # PSA and Drivers
 kconfig_check_and_set_base_to_one(MBEDTLS_PSA_CRYPTO_STORAGE_C)

subsys/nrf_security/configs/psa_crypto_config.h.template

@@ -490,6 +490,7 @@
 
 /* Nordic specific */
 #cmakedefine PSA_CRYPTO_DRIVER_ALG_PRNG_TEST                    @PSA_CRYPTO_DRIVER_ALG_PRNG_TEST@
+#cmakedefine PSA_CRYPTO_DRIVER_IRONSIDE                         @PSA_CRYPTO_DRIVER_IRONSIDE@
 
 /* PSA and drivers */
 #cmakedefine MBEDTLS_PSA_CRYPTO_C

subsys/nrf_security/include/psa/crypto_driver_contexts_key_derivation.h

@@ -28,6 +28,10 @@
 #include "cracen_psa_primitives.h"
 #endif
 
+#if defined(PSA_CRYPTO_DRIVER_IRONSIDE)
+#include "ironside_psa_types.h"
+#endif
+
 /*
  * Define the context to be used for an operation that is executed through the
  * PSA Driver wrapper layer as the union of all possible drivers' contexts.
@@ -56,6 +60,9 @@ typedef union {
 #ifdef PSA_NEED_CRACEN_PAKE_DRIVER
 	cracen_pake_operation_t cracen_pake_ctx;
 #endif
+#ifdef PSA_CRYPTO_DRIVER_IRONSIDE
+	ironside_psa_pake_operation_t ironside_pake_ctx;
+#endif
 } psa_driver_pake_context_t;
 
 typedef union {

subsys/nrf_security/src/drivers/CMakeLists.txt

@@ -24,6 +24,10 @@ if(CONFIG_MBEDTLS_PSA_CRYPTO_C)
     add_subdirectory(nrf_oberon)
   endif()
 
+  if(CONFIG_PSA_CRYPTO_DRIVER_IRONSIDE)
+    add_subdirectory(ironside)
+  endif()
+
   add_subdirectory(zephyr)
 endif()
 

subsys/nrf_security/src/drivers/Kconfig

@@ -36,6 +36,12 @@ config PSA_CRYPTO_DRIVER_CRACEN
 	help
 	  PSA crypto driver for the CRACEN HW peripheral.
 
+config PSA_CRYPTO_DRIVER_IRONSIDE
+	bool
+	help
+	  Internal option selected by IronSide firmware to enable
+	  the IronSide PSA crypto driver.
+
 menu "Choose DRBG algorithm"
 config PSA_WANT_ALG_CTR_DRBG
 	prompt "CTR_DRBG"

subsys/nrf_security/src/drivers/ironside/CMakeLists.txt

@@ -0,0 +1,19 @@
+# Copyright (c) 2025 Nordic Semiconductor ASA
+# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+
+# Driver sources are expected to be added externally
+add_library(ironside_psa_driver STATIC)
+
+target_include_directories(psa_crypto_library_config
+  INTERFACE
+    ${CMAKE_CURRENT_LIST_DIR}
+    $<TARGET_PROPERTY:ironside_psa_driver,INTERFACE_INCLUDE_DIRECTORIES>
+)
+
+# Link psa_core with this driver
+target_link_libraries(psa_core
+  PRIVATE
+    ironside_psa_driver
+)
+
+nrf_security_add_zephyr_options_library(ironside_psa_driver)

subsys/nrf_security/src/drivers/ironside/ironside_psa.h

@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2025 Nordic Semiconductor ASA
+ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+ */
+
+#ifndef IRONSIDE_PSA_H
+#define IRONSIDE_PSA_H
+
+/**
+ * @file ironside_psa.h
+ * @brief IronSide PSA crypto driver interface
+ *
+ * This driver is to be implemented by IronSide firmware for these purposes:
+ *
+ * - Leverage Mbed TLS' built-in key concept to support additional keys,
+ *   with implementation-defined properties, in the PSA_KEY_ID_VENDOR range.
+ * - Hijack the key creation functions of the PSA Crypto API to control
+ *   provisioning of such keys at different product life cycles.
+ * - Capture the above functionality in its own driver, independent of other
+ *   crypto accelerators, for portability to future IronSide firmware variants.
+ */
+
+#include <psa/crypto.h>
+
+/* The following header must be provided externally and with these types:
+ * - ironside_psa_pake_operation_t
+ */
+#include "ironside_psa_types.h"
+
+psa_status_t ironside_psa_get_key_slot(mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime,
+				       psa_drv_slot_number_t *slot_number);
+
+psa_status_t ironside_psa_import_key(const psa_key_attributes_t *attributes, const uint8_t *data,
+				     size_t data_length, uint8_t *key_buffer,
+				     size_t key_buffer_size, size_t *key_buffer_length,
+				     size_t *bits);
+
+psa_status_t ironside_psa_get_key_buffer_size(const psa_key_attributes_t *attributes,
+					      size_t *key_buffer_size);
+
+psa_status_t ironside_psa_generate_key(const psa_key_attributes_t *attributes, uint8_t *key_buffer,
+				       size_t key_buffer_size, size_t *key_buffer_length);
+
+psa_status_t ironside_psa_get_builtin_key(psa_drv_slot_number_t slot_number,
+					  psa_key_attributes_t *attributes, uint8_t *key_buffer,
+					  size_t key_buffer_size, size_t *key_buffer_length);
+
+psa_status_t ironside_psa_copy_key(psa_key_attributes_t *attributes, const uint8_t *source_key,
+				   size_t source_key_length, uint8_t *target_key_buffer,
+				   size_t target_key_buffer_size, size_t *target_key_buffer_length);
+
+psa_status_t ironside_psa_derive_key(const psa_key_attributes_t *attributes, const uint8_t *input,
+				     size_t input_length, uint8_t *key_buffer,
+				     size_t key_buffer_size, size_t *key_buffer_length);
+
+psa_status_t ironside_psa_destroy_builtin_key(const psa_key_attributes_t *attributes);
+
+psa_status_t ironside_psa_key_agreement(const psa_key_attributes_t *attributes,
+					const uint8_t *priv_key, size_t priv_key_size,
+					psa_algorithm_t alg, const uint8_t *publ_key,
+					size_t publ_key_size, uint8_t *output, size_t output_size,
+					size_t *output_length);
+
+psa_status_t ironside_psa_key_encapsulate(const psa_key_attributes_t *attributes,
+					  const uint8_t *key, size_t key_length,
+					  psa_algorithm_t alg,
+					  const psa_key_attributes_t *output_attributes,
+					  uint8_t *output_key, size_t output_key_size,
+					  size_t *output_key_length, uint8_t *ciphertext,
+					  size_t ciphertext_size, size_t *ciphertext_length);
+
+psa_status_t ironside_psa_key_decapsulate(const psa_key_attributes_t *attributes,
+					  const uint8_t *key, size_t key_length,
+					  psa_algorithm_t alg, const uint8_t *ciphertext,
+					  size_t ciphertext_length,
+					  const psa_key_attributes_t *output_attributes,
+					  uint8_t *output_key, size_t output_key_size,
+					  size_t *output_key_length);
+
+psa_status_t ironside_psa_pake_setup(ironside_psa_pake_operation_t *operation,
+				     const psa_key_attributes_t *attributes,
+				     const uint8_t *password, size_t password_length,
+				     const psa_pake_cipher_suite_t *cipher_suite);
+
+psa_status_t ironside_psa_pake_set_role(ironside_psa_pake_operation_t *operation,
+					psa_pake_role_t role);
+
+psa_status_t ironside_psa_pake_set_user(ironside_psa_pake_operation_t *operation,
+					const uint8_t *user_id, size_t user_id_length);
+
+psa_status_t ironside_psa_pake_set_peer(ironside_psa_pake_operation_t *operation,
+					const uint8_t *peer_id, size_t peer_id_length);
+
+psa_status_t ironside_psa_pake_set_context(ironside_psa_pake_operation_t *operation,
+					   const uint8_t *context, size_t context_length);
+
+psa_status_t ironside_psa_pake_output(ironside_psa_pake_operation_t *operation,
+				      psa_pake_step_t step, uint8_t *output, size_t output_size,
+				      size_t *output_length);
+
+psa_status_t ironside_psa_pake_input(ironside_psa_pake_operation_t *operation, psa_pake_step_t step,
+				     const uint8_t *input, size_t input_length);
+
+psa_status_t ironside_psa_pake_get_shared_key(ironside_psa_pake_operation_t *operation,
+					      const psa_key_attributes_t *attributes,
+					      uint8_t *key_buffer, size_t key_buffer_size,
+					      size_t *key_buffer_length);
+
+psa_status_t ironside_psa_pake_abort(ironside_psa_pake_operation_t *operation);
+
+#endif /* IRONSIDE_PSA_H */