nrf_security: CRACEN: Make key derivation operation struct be aware of enabled features

AntonZma · AntonZma · commit 46fdae8877a3 · 2025-10-06T18:14:38.000+03:00
cracen_key_derivation_operation_t struct is modified so as to include
KDF algorithms required by the project configuration.

Ref: NCSDK-35675

Signed-off-by: Anton Zyma &lt;anton.zyma@nordicsemi.no&gt;
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_primitives.h b/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_primitives.h
@@ -240,6 +240,7 @@ struct cracen_key_derivation_operation {
 		cracen_hash_operation_t hash_op;
 	};
 	union {
+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)
 		struct {
 			uint8_t blk_counter;
 			uint8_t prk[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
@@ -248,7 +249,8 @@ struct cracen_key_derivation_operation {
 			size_t info_length;
 			bool info_set;
 		} hkdf;
-
+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 		struct {
 			uint64_t input_cost;
 			char password[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
@@ -259,7 +261,8 @@ struct cracen_key_derivation_operation {
 			uint8_t uj[PSA_MAC_MAX_SIZE];
 			uint8_t tj[PSA_MAC_MAX_SIZE];
 		} pbkdf2;
-
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 		struct {
 			uint8_t key_buffer[CRACEN_MAX_AES_KEY_SIZE];
 			struct sxkeyref keyref;
@@ -275,11 +278,13 @@ struct cracen_key_derivation_operation {
 			uint32_t L;
 			uint8_t K_0[SX_BLKCIPHER_AES_BLK_SZ];
 		} cmac_ctr;
-
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)
 		struct {
 			uint8_t key[32];
 		} ecjpake_to_pms;
-
+#endif /* PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) || defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)
 		struct {
 			/* May contain secret, length of secret as uint16be, other secret
 			 * and other secret length as uint16be.
@@ -293,6 +298,7 @@ struct cracen_key_derivation_operation {
 			size_t counter;
 			uint8_t a[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 		} tls12;
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF || CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */
 	};
 };
 typedef struct cracen_key_derivation_operation cracen_key_derivation_operation_t;
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c
@@ -151,7 +151,7 @@ static psa_status_t cracen_ecdh_montgmr_calc_secret(const struct sx_pk_ecurve *c
 
 /**
  * \brief Initialize and set up the MAC operation that will be used to generate pseudo-random
- *        bytes for HDKF and PBKDF2.
+ *        bytes for HKDF and PBKDF2.
  *
  * \param[in, out] operation        Cracen key derivation operation object.
  * \param[in]      key_buffer       Key buffer or HKDF salt.
@@ -180,6 +180,7 @@ static psa_status_t start_mac_operation(cracen_key_derivation_operation_t *opera
 				     mac_alg);
 }
 
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 static size_t pbkdf2_prf_output_length(psa_algorithm_t alg)
 {
 	if (alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
@@ -188,12 +189,14 @@ static size_t pbkdf2_prf_output_length(psa_algorithm_t alg)
 		return PSA_HASH_LENGTH(PSA_ALG_GET_HASH(alg));
 	}
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
 psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *operation,
 					 psa_algorithm_t alg)
 {
 	operation->alg = alg;
 
+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)
 	if (IS_ENABLED(PSA_NEED_CRACEN_HKDF) && (PSA_ALG_IS_HKDF(operation->alg) ||
 	PSA_ALG_IS_HKDF_EXPAND(operation->alg))) {
 		size_t hash_size = PSA_HASH_LENGTH(PSA_ALG_HKDF_GET_HASH(alg));
@@ -222,7 +225,9 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper
 
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 	if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC) && PSA_ALG_IS_PBKDF2(operation->alg)) {
 		size_t output_length = pbkdf2_prf_output_length(operation->alg);
 
@@ -234,15 +239,19 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper
 		operation->state = CRACEN_KD_STATE_PBKDF2_INIT;
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)
 	if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)) {
 		if (operation->alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
 			operation->capacity = PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE;
 			operation->state = CRACEN_KD_STATE_TLS12_ECJPAKE_TO_PMS_INIT;
 			return PSA_SUCCESS;
 		}
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) || defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)
 	if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_PRF) && PSA_ALG_IS_TLS12_PRF(operation->alg)) {
 		operation->state = CRACEN_KD_STATE_TLS12_PRF_INIT;
 		operation->capacity = UINT64_MAX;
@@ -255,6 +264,7 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper
 		operation->capacity = UINT64_MAX;
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF || CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */
 
 	if (IS_ENABLED(PSA_NEED_CRACEN_SRP_PASSWORD_HASH) && PSA_ALG_IS_SRP_PASSWORD_HASH(alg)) {
 		if (PSA_ALG_HKDF_GET_HASH(alg) != CRACEN_SRP_HASH_ALG) {
@@ -264,6 +274,7 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper
 		return PSA_SUCCESS;
 	}
 
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 	if (operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC) {
 		operation->capacity = PSA_ALG_SP800_108_COUNTER_CMAC_INIT_CAPACITY;
 		operation->state = CRACEN_KD_STATE_CMAC_CTR_INIT;
@@ -272,6 +283,7 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper
 
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 
 	return PSA_ERROR_NOT_SUPPORTED;
 }
@@ -291,6 +303,7 @@ psa_status_t cracen_key_derivation_set_capacity(cracen_key_derivation_operation_
 	return PSA_SUCCESS;
 }
 
+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)
 static psa_status_t
 cracen_key_derivation_input_bytes_hkdf(cracen_key_derivation_operation_t *operation,
 				       psa_key_derivation_step_t step, const uint8_t *data,
@@ -374,7 +387,9 @@ cracen_key_derivation_input_bytes_hkdf(cracen_key_derivation_operation_t *operat
 
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 static psa_status_t
 cracen_key_derivation_input_bytes_pbkdf2(cracen_key_derivation_operation_t *operation,
 					 psa_key_derivation_step_t step, const uint8_t *data,
@@ -445,7 +460,9 @@ cracen_key_derivation_input_bytes_pbkdf2(cracen_key_derivation_operation_t *oper
 
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 static psa_status_t
 cracen_key_derivation_input_bytes_cmac_ctr(cracen_key_derivation_operation_t *operation,
 					   psa_key_derivation_step_t step, const uint8_t *data,
@@ -502,7 +519,9 @@ cracen_key_derivation_input_bytes_cmac_ctr(cracen_key_derivation_operation_t *op
 
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) || defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)
 static psa_status_t
 cracen_key_derivation_input_bytes_tls12(cracen_key_derivation_operation_t *operation,
 					psa_key_derivation_step_t step, const uint8_t *data,
@@ -576,6 +595,7 @@ cracen_key_derivation_input_bytes_tls12(cracen_key_derivation_operation_t *opera
 	}
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF || CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */
 
 static psa_status_t
 cracen_key_derivation_input_bytes_srp(cracen_key_derivation_operation_t *operation,
@@ -641,6 +661,7 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t
 					       psa_key_derivation_step_t step, const uint8_t *data,
 					       size_t data_length)
 {
+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)
 	if (IS_ENABLED(PSA_NEED_CRACEN_HKDF) && (PSA_ALG_IS_HKDF(operation->alg) ||
 	PSA_ALG_IS_HKDF_EXTRACT(operation->alg))) {
 		return cracen_key_derivation_input_bytes_hkdf(operation, step, data, data_length);
@@ -657,17 +678,23 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t
 		}
 		return cracen_key_derivation_input_bytes_hkdf(operation, step, data, data_length);
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 	if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC) && PSA_ALG_IS_PBKDF2(operation->alg)) {
 		return cracen_key_derivation_input_bytes_pbkdf2(operation, step, data, data_length);
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 	if (IS_ENABLED(PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC) &&
 	    (operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC)) {
 		return cracen_key_derivation_input_bytes_cmac_ctr(operation, step, data,
 								  data_length);
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)
 	if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS) &&
 	    operation->alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
 		if (operation->state != CRACEN_KD_STATE_TLS12_ECJPAKE_TO_PMS_INIT) {
@@ -682,7 +709,9 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t
 		       sizeof(operation->ecjpake_to_pms.key));
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) || defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)
 	if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_PRF) && PSA_ALG_IS_TLS12_PRF(operation->alg)) {
 		return cracen_key_derivation_input_bytes_tls12(operation, step, data, data_length);
 	}
@@ -691,6 +720,7 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t
 	    PSA_ALG_IS_TLS12_PSK_TO_MS(operation->alg)) {
 		return cracen_key_derivation_input_bytes_tls12(operation, step, data, data_length);
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF || CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */
 
 	if (IS_ENABLED(PSA_NEED_CRACEN_SRP_PASSWORD_HASH) &&
 	    PSA_ALG_IS_SRP_PASSWORD_HASH(operation->alg)) {
@@ -705,13 +735,16 @@ psa_status_t cracen_key_derivation_input_key(cracen_key_derivation_operation_t *
 					     const psa_key_attributes_t *attributes,
 					     const uint8_t *key_buffer, size_t key_buffer_size)
 {
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 	psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 
 	if (operation->alg != PSA_ALG_SP800_108_COUNTER_CMAC) {
 		return cracen_key_derivation_input_bytes(operation, step, key_buffer,
 							 key_buffer_size);
 	}
 
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 	if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) {
 		return PSA_ERROR_NOT_SUPPORTED;
 	}
@@ -739,12 +772,15 @@ psa_status_t cracen_key_derivation_input_key(cracen_key_derivation_operation_t *
 
 	operation->state = CRACEN_KD_STATE_CMAC_CTR_KEY_LOADED;
 	return status;
+#else
+	return PSA_ERROR_INVALID_ARGUMENT;
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 }
 
 psa_status_t cracen_key_derivation_input_integer(cracen_key_derivation_operation_t *operation,
 						 psa_key_derivation_step_t step, uint64_t value)
 {
-
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 	if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC)) {
 		if ((PSA_ALG_IS_PBKDF2(operation->alg)) && step == PSA_KEY_DERIVATION_INPUT_COST) {
 			if (operation->pbkdf2.input_cost) {
@@ -755,10 +791,12 @@ psa_status_t cracen_key_derivation_input_integer(cracen_key_derivation_operation
 			return PSA_SUCCESS;
 		}
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
 	return PSA_ERROR_NOT_SUPPORTED;
 }
 
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 static int
 cracen_key_derivation_cmac_ctr_add_core_fixed_input(cracen_key_derivation_operation_t *operation,
 						    struct sxmac *cmac_ctx)
@@ -870,7 +908,9 @@ cracen_key_derivation_cmac_ctr_generate_block(cracen_key_derivation_operation_t
 	operation->cmac_ctr.counter++;
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)
 /**
  * \brief Generates the next block for HKDF.
  *
@@ -922,7 +962,9 @@ cracen_key_derivation_hkdf_generate_block(cracen_key_derivation_operation_t *ope
 
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 /**
  * \brief Generates the next block for PBKDF2.
  *
@@ -992,7 +1034,9 @@ cracen_key_derivation_pbkdf2_generate_block(cracen_key_derivation_operation_t *o
 
 	return PSA_SUCCESS;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) || defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)
 static psa_status_t
 cracen_key_derivation_tls12_prf_generate_block(cracen_key_derivation_operation_t *operation)
 {
@@ -1072,6 +1116,7 @@ cracen_key_derivation_tls12_prf_generate_block(cracen_key_derivation_operation_t
 
 	return status;
 }
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF || CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */
 
 psa_status_t cracen_key_agreement(const psa_key_attributes_t *attributes, const uint8_t *priv_key,
 				  size_t priv_key_size, const uint8_t *publ_key,
@@ -1127,6 +1172,7 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 {
 	psa_status_t (*generator)(cracen_key_derivation_operation_t *) = NULL;
 
+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)
 	if (IS_ENABLED(PSA_NEED_CRACEN_HKDF) && (PSA_ALG_IS_HKDF(operation->alg) ||
 	PSA_ALG_IS_HKDF_EXPAND(operation->alg))) {
 		if (operation->state < CRACEN_KD_STATE_HKDF_KEYED || !operation->hkdf.info_set) {
@@ -1153,7 +1199,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 		memcpy(output, operation->hkdf.prk, prk_length);
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)
 	if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC) && PSA_ALG_IS_PBKDF2(operation->alg)) {
 		/* Salt, password and input cost must have been provided. */
 		if (!operation->pbkdf2.input_cost) {
@@ -1168,7 +1216,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 		operation->state = CRACEN_KD_STATE_PBKDF2_OUTPUT;
 		generator = cracen_key_derivation_pbkdf2_generate_block;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)
 	if (IS_ENABLED(PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC) &&
 	    (operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC)) {
 		if (operation->state == CRACEN_KD_STATE_CMAC_CTR_KEY_LOADED ||
@@ -1189,7 +1239,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 			return PSA_ERROR_BAD_STATE;
 		}
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)
 	if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS) &&
 	    operation->alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
 		size_t outlen;
@@ -1204,7 +1256,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 		}
 		return PSA_SUCCESS;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */
 
+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) || defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)
 	if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_PRF) && PSA_ALG_IS_TLS12_PRF(operation->alg)) {
 		operation->state = CRACEN_KD_STATE_TLS12_PRF_OUTPUT;
 		generator = cracen_key_derivation_tls12_prf_generate_block;
@@ -1215,6 +1269,7 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 		operation->state = CRACEN_KD_STATE_TLS12_PSK_TO_MS_OUTPUT;
 		generator = cracen_key_derivation_tls12_prf_generate_block;
 	}
+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF || CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */
 
 	if (IS_ENABLED(PSA_NEED_CRACEN_SRP_PASSWORD_HASH) &&
 	    PSA_ALG_IS_SRP_PASSWORD_HASH(operation->alg)) {
diff --git a/subsys/nrf_security/src/drivers/cracen/psa_driver.Kconfig b/subsys/nrf_security/src/drivers/cracen/psa_driver.Kconfig
@@ -1858,7 +1858,9 @@ config PSA_NEED_CRACEN_KEY_DERIVATION_DRIVER
 		   PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS || \
 		   PSA_NEED_CRACEN_PBKDF2_HMAC		|| \
 		   PSA_NEED_CRACEN_SRP_PASSWORD_HASH    || \
-		   PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC
+		   PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC	|| \
+		   PSA_NEED_CRACEN_TLS12_PRF	|| \
+		   PSA_NEED_CRACEN_TLS12_PSK_TO_MS
 
 config PSA_NEED_CRACEN_KMU_DRIVER
 	bool

Original file line number	Diff line number	Diff line change
`@@ -151,7 +151,7 @@ static psa_status_t cracen_ecdh_montgmr_calc_secret(const struct sx_pk_ecurve *c`
`151`	`151`
`152`	`152`	`/**`
`153`	`153`	`* \brief Initialize and set up the MAC operation that will be used to generate pseudo-random`
`154`		`- * bytes for HDKF and PBKDF2.`
	`154`	`+ * bytes for HKDF and PBKDF2.`
`155`	`155`	`*`
`156`	`156`	`* \param[in, out] operation Cracen key derivation operation object.`
`157`	`157`	`* \param[in] key_buffer Key buffer or HKDF salt.`
`@@ -180,6 +180,7 @@ static psa_status_t start_mac_operation(cracen_key_derivation_operation_t *opera`
`180`	`180`	`mac_alg);`
`181`	`181`	`}`
`182`	`182`
	`183`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`183`	`184`	`static size_t pbkdf2_prf_output_length(psa_algorithm_t alg)`
`184`	`185`	`{`
`185`	`186`	`if (alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {`
`@@ -188,12 +189,14 @@ static size_t pbkdf2_prf_output_length(psa_algorithm_t alg)`
`188`	`189`	`return PSA_HASH_LENGTH(PSA_ALG_GET_HASH(alg));`
`189`	`190`	`}`
`190`	`191`	`}`
	`192`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`191`	`193`
`192`	`194`	`psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *operation,`
`193`	`195`	`psa_algorithm_t alg)`
`194`	`196`	`{`
`195`	`197`	`operation->alg = alg;`
`196`	`198`
	`199`	`+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)`
`197`	`200`	`if (IS_ENABLED(PSA_NEED_CRACEN_HKDF) && (PSA_ALG_IS_HKDF(operation->alg) \|\|`
`198`	`201`	`PSA_ALG_IS_HKDF_EXPAND(operation->alg))) {`
`199`	`202`	`size_t hash_size = PSA_HASH_LENGTH(PSA_ALG_HKDF_GET_HASH(alg));`
`@@ -222,7 +225,9 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper`
`222`	`225`
`223`	`226`	`return PSA_SUCCESS;`
`224`	`227`	`}`
	`228`	`+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */`
`225`	`229`
	`230`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`226`	`231`	`if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC) && PSA_ALG_IS_PBKDF2(operation->alg)) {`
`227`	`232`	`size_t output_length = pbkdf2_prf_output_length(operation->alg);`
`228`	`233`
`@@ -234,15 +239,19 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper`
`234`	`239`	`operation->state = CRACEN_KD_STATE_PBKDF2_INIT;`
`235`	`240`	`return PSA_SUCCESS;`
`236`	`241`	`}`
	`242`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`237`	`243`
	`244`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)`
`238`	`245`	`if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)) {`
`239`	`246`	`if (operation->alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {`
`240`	`247`	`operation->capacity = PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE;`
`241`	`248`	`operation->state = CRACEN_KD_STATE_TLS12_ECJPAKE_TO_PMS_INIT;`
`242`	`249`	`return PSA_SUCCESS;`
`243`	`250`	`}`
`244`	`251`	`}`
	`252`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */`
`245`	`253`
	`254`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) \|\| defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)`
`246`	`255`	`if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_PRF) && PSA_ALG_IS_TLS12_PRF(operation->alg)) {`
`247`	`256`	`operation->state = CRACEN_KD_STATE_TLS12_PRF_INIT;`
`248`	`257`	`operation->capacity = UINT64_MAX;`
`@@ -255,6 +264,7 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper`
`255`	`264`	`operation->capacity = UINT64_MAX;`
`256`	`265`	`return PSA_SUCCESS;`
`257`	`266`	`}`
	`267`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF \|\| CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */`
`258`	`268`
`259`	`269`	`if (IS_ENABLED(PSA_NEED_CRACEN_SRP_PASSWORD_HASH) && PSA_ALG_IS_SRP_PASSWORD_HASH(alg)) {`
`260`	`270`	`if (PSA_ALG_HKDF_GET_HASH(alg) != CRACEN_SRP_HASH_ALG) {`
`@@ -264,6 +274,7 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper`
`264`	`274`	`return PSA_SUCCESS;`
`265`	`275`	`}`
`266`	`276`
	`277`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`267`	`278`	`if (operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC) {`
`268`	`279`	`operation->capacity = PSA_ALG_SP800_108_COUNTER_CMAC_INIT_CAPACITY;`
`269`	`280`	`operation->state = CRACEN_KD_STATE_CMAC_CTR_INIT;`
`@@ -272,6 +283,7 @@ psa_status_t cracen_key_derivation_setup(cracen_key_derivation_operation_t *oper`
`272`	`283`
`273`	`284`	`return PSA_SUCCESS;`
`274`	`285`	`}`
	`286`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`275`	`287`
`276`	`288`	`return PSA_ERROR_NOT_SUPPORTED;`
`277`	`289`	`}`
`@@ -291,6 +303,7 @@ psa_status_t cracen_key_derivation_set_capacity(cracen_key_derivation_operation_`
`291`	`303`	`return PSA_SUCCESS;`
`292`	`304`	`}`
`293`	`305`
	`306`	`+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)`
`294`	`307`	`static psa_status_t`
`295`	`308`	`cracen_key_derivation_input_bytes_hkdf(cracen_key_derivation_operation_t *operation,`
`296`	`309`	`psa_key_derivation_step_t step, const uint8_t *data,`
`@@ -374,7 +387,9 @@ cracen_key_derivation_input_bytes_hkdf(cracen_key_derivation_operation_t *operat`
`374`	`387`
`375`	`388`	`return PSA_SUCCESS;`
`376`	`389`	`}`
	`390`	`+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */`
`377`	`391`
	`392`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`378`	`393`	`static psa_status_t`
`379`	`394`	`cracen_key_derivation_input_bytes_pbkdf2(cracen_key_derivation_operation_t *operation,`
`380`	`395`	`psa_key_derivation_step_t step, const uint8_t *data,`
`@@ -445,7 +460,9 @@ cracen_key_derivation_input_bytes_pbkdf2(cracen_key_derivation_operation_t *oper`
`445`	`460`
`446`	`461`	`return PSA_SUCCESS;`
`447`	`462`	`}`
	`463`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`448`	`464`
	`465`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`449`	`466`	`static psa_status_t`
`450`	`467`	`cracen_key_derivation_input_bytes_cmac_ctr(cracen_key_derivation_operation_t *operation,`
`451`	`468`	`psa_key_derivation_step_t step, const uint8_t *data,`
`@@ -502,7 +519,9 @@ cracen_key_derivation_input_bytes_cmac_ctr(cracen_key_derivation_operation_t *op`
`502`	`519`
`503`	`520`	`return PSA_SUCCESS;`
`504`	`521`	`}`
	`522`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`505`	`523`
	`524`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) \|\| defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)`
`506`	`525`	`static psa_status_t`
`507`	`526`	`cracen_key_derivation_input_bytes_tls12(cracen_key_derivation_operation_t *operation,`
`508`	`527`	`psa_key_derivation_step_t step, const uint8_t *data,`
`@@ -576,6 +595,7 @@ cracen_key_derivation_input_bytes_tls12(cracen_key_derivation_operation_t *opera`
`576`	`595`	`}`
`577`	`596`	`return PSA_SUCCESS;`
`578`	`597`	`}`
	`598`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF \|\| CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */`
`579`	`599`
`580`	`600`	`static psa_status_t`
`581`	`601`	`cracen_key_derivation_input_bytes_srp(cracen_key_derivation_operation_t *operation,`
`@@ -641,6 +661,7 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t`
`641`	`661`	`psa_key_derivation_step_t step, const uint8_t *data,`
`642`	`662`	`size_t data_length)`
`643`	`663`	`{`
	`664`	`+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)`
`644`	`665`	`if (IS_ENABLED(PSA_NEED_CRACEN_HKDF) && (PSA_ALG_IS_HKDF(operation->alg) \|\|`
`645`	`666`	`PSA_ALG_IS_HKDF_EXTRACT(operation->alg))) {`
`646`	`667`	`return cracen_key_derivation_input_bytes_hkdf(operation, step, data, data_length);`
`@@ -657,17 +678,23 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t`
`657`	`678`	`}`
`658`	`679`	`return cracen_key_derivation_input_bytes_hkdf(operation, step, data, data_length);`
`659`	`680`	`}`
	`681`	`+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */`
`660`	`682`
	`683`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`661`	`684`	`if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC) && PSA_ALG_IS_PBKDF2(operation->alg)) {`
`662`	`685`	`return cracen_key_derivation_input_bytes_pbkdf2(operation, step, data, data_length);`
`663`	`686`	`}`
	`687`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`664`	`688`
	`689`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`665`	`690`	`if (IS_ENABLED(PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC) &&`
`666`	`691`	`(operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC)) {`
`667`	`692`	`return cracen_key_derivation_input_bytes_cmac_ctr(operation, step, data,`
`668`	`693`	`data_length);`
`669`	`694`	`}`
	`695`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`670`	`696`
	`697`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)`
`671`	`698`	`if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS) &&`
`672`	`699`	`operation->alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {`
`673`	`700`	`if (operation->state != CRACEN_KD_STATE_TLS12_ECJPAKE_TO_PMS_INIT) {`
`@@ -682,7 +709,9 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t`
`682`	`709`	`sizeof(operation->ecjpake_to_pms.key));`
`683`	`710`	`return PSA_SUCCESS;`
`684`	`711`	`}`
	`712`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */`
`685`	`713`
	`714`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) \|\| defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)`
`686`	`715`	`if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_PRF) && PSA_ALG_IS_TLS12_PRF(operation->alg)) {`
`687`	`716`	`return cracen_key_derivation_input_bytes_tls12(operation, step, data, data_length);`
`688`	`717`	`}`
`@@ -691,6 +720,7 @@ psa_status_t cracen_key_derivation_input_bytes(cracen_key_derivation_operation_t`
`691`	`720`	`PSA_ALG_IS_TLS12_PSK_TO_MS(operation->alg)) {`
`692`	`721`	`return cracen_key_derivation_input_bytes_tls12(operation, step, data, data_length);`
`693`	`722`	`}`
	`723`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF \|\| CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */`
`694`	`724`
`695`	`725`	`if (IS_ENABLED(PSA_NEED_CRACEN_SRP_PASSWORD_HASH) &&`
`696`	`726`	`PSA_ALG_IS_SRP_PASSWORD_HASH(operation->alg)) {`
`@@ -705,13 +735,16 @@ psa_status_t cracen_key_derivation_input_key(cracen_key_derivation_operation_t *`
`705`	`735`	`const psa_key_attributes_t *attributes,`
`706`	`736`	`const uint8_t *key_buffer, size_t key_buffer_size)`
`707`	`737`	`{`
	`738`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`708`	`739`	`psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;`
	`740`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`709`	`741`
`710`	`742`	`if (operation->alg != PSA_ALG_SP800_108_COUNTER_CMAC) {`
`711`	`743`	`return cracen_key_derivation_input_bytes(operation, step, key_buffer,`
`712`	`744`	`key_buffer_size);`
`713`	`745`	`}`
`714`	`746`
	`747`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`715`	`748`	`if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) {`
`716`	`749`	`return PSA_ERROR_NOT_SUPPORTED;`
`717`	`750`	`}`
`@@ -739,12 +772,15 @@ psa_status_t cracen_key_derivation_input_key(cracen_key_derivation_operation_t *`
`739`	`772`
`740`	`773`	`operation->state = CRACEN_KD_STATE_CMAC_CTR_KEY_LOADED;`
`741`	`774`	`return status;`
	`775`	`+#else`
	`776`	`+ return PSA_ERROR_INVALID_ARGUMENT;`
	`777`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`742`	`778`	`}`
`743`	`779`
`744`	`780`	`psa_status_t cracen_key_derivation_input_integer(cracen_key_derivation_operation_t *operation,`
`745`	`781`	`psa_key_derivation_step_t step, uint64_t value)`
`746`	`782`	`{`
`747`		`-`
	`783`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`748`	`784`	`if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC)) {`
`749`	`785`	`if ((PSA_ALG_IS_PBKDF2(operation->alg)) && step == PSA_KEY_DERIVATION_INPUT_COST) {`
`750`	`786`	`if (operation->pbkdf2.input_cost) {`
`@@ -755,10 +791,12 @@ psa_status_t cracen_key_derivation_input_integer(cracen_key_derivation_operation`
`755`	`791`	`return PSA_SUCCESS;`
`756`	`792`	`}`
`757`	`793`	`}`
	`794`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`758`	`795`
`759`	`796`	`return PSA_ERROR_NOT_SUPPORTED;`
`760`	`797`	`}`
`761`	`798`
	`799`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`762`	`800`	`static int`
`763`	`801`	`cracen_key_derivation_cmac_ctr_add_core_fixed_input(cracen_key_derivation_operation_t *operation,`
`764`	`802`	`struct sxmac *cmac_ctx)`
`@@ -870,7 +908,9 @@ cracen_key_derivation_cmac_ctr_generate_block(cracen_key_derivation_operation_t`
`870`	`908`	`operation->cmac_ctr.counter++;`
`871`	`909`	`return PSA_SUCCESS;`
`872`	`910`	`}`
	`911`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`873`	`912`
	`913`	`+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)`
`874`	`914`	`/**`
`875`	`915`	`* \brief Generates the next block for HKDF.`
`876`	`916`	`*`
`@@ -922,7 +962,9 @@ cracen_key_derivation_hkdf_generate_block(cracen_key_derivation_operation_t *ope`
`922`	`962`
`923`	`963`	`return PSA_SUCCESS;`
`924`	`964`	`}`
	`965`	`+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */`
`925`	`966`
	`967`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`926`	`968`	`/**`
`927`	`969`	`* \brief Generates the next block for PBKDF2.`
`928`	`970`	`*`
`@@ -992,7 +1034,9 @@ cracen_key_derivation_pbkdf2_generate_block(cracen_key_derivation_operation_t *o`
`992`	`1034`
`993`	`1035`	`return PSA_SUCCESS;`
`994`	`1036`	`}`
	`1037`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`995`	`1038`
	`1039`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) \|\| defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)`
`996`	`1040`	`static psa_status_t`
`997`	`1041`	`cracen_key_derivation_tls12_prf_generate_block(cracen_key_derivation_operation_t *operation)`
`998`	`1042`	`{`
`@@ -1072,6 +1116,7 @@ cracen_key_derivation_tls12_prf_generate_block(cracen_key_derivation_operation_t`
`1072`	`1116`
`1073`	`1117`	`return status;`
`1074`	`1118`	`}`
	`1119`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF \|\| CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */`
`1075`	`1120`
`1076`	`1121`	`psa_status_t cracen_key_agreement(const psa_key_attributes_t attributes, const uint8_t priv_key,`
`1077`	`1122`	`size_t priv_key_size, const uint8_t *publ_key,`
`@@ -1127,6 +1172,7 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1127`	`1172`	`{`
`1128`	`1173`	`psa_status_t (generator)(cracen_key_derivation_operation_t ) = NULL;`
`1129`	`1174`
	`1175`	`+#if defined(CONFIG_PSA_NEED_CRACEN_HKDF)`
`1130`	`1176`	`if (IS_ENABLED(PSA_NEED_CRACEN_HKDF) && (PSA_ALG_IS_HKDF(operation->alg) \|\|`
`1131`	`1177`	`PSA_ALG_IS_HKDF_EXPAND(operation->alg))) {`
`1132`	`1178`	`if (operation->state < CRACEN_KD_STATE_HKDF_KEYED \|\| !operation->hkdf.info_set) {`
`@@ -1153,7 +1199,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1153`	`1199`	`memcpy(output, operation->hkdf.prk, prk_length);`
`1154`	`1200`	`return PSA_SUCCESS;`
`1155`	`1201`	`}`
	`1202`	`+#endif /* CONFIG_PSA_NEED_CRACEN_HKDF */`
`1156`	`1203`
	`1204`	`+#if defined(CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC)`
`1157`	`1205`	`if (IS_ENABLED(PSA_NEED_CRACEN_PBKDF2_HMAC) && PSA_ALG_IS_PBKDF2(operation->alg)) {`
`1158`	`1206`	`/* Salt, password and input cost must have been provided. */`
`1159`	`1207`	`if (!operation->pbkdf2.input_cost) {`
`@@ -1168,7 +1216,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1168`	`1216`	`operation->state = CRACEN_KD_STATE_PBKDF2_OUTPUT;`
`1169`	`1217`	`generator = cracen_key_derivation_pbkdf2_generate_block;`
`1170`	`1218`	`}`
	`1219`	`+#endif /* CONFIG_PSA_NEED_CRACEN_PBKDF2_HMAC */`
`1171`	`1220`
	`1221`	`+#if defined(CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC)`
`1172`	`1222`	`if (IS_ENABLED(PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC) &&`
`1173`	`1223`	`(operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC)) {`
`1174`	`1224`	`if (operation->state == CRACEN_KD_STATE_CMAC_CTR_KEY_LOADED \|\|`
`@@ -1189,7 +1239,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1189`	`1239`	`return PSA_ERROR_BAD_STATE;`
`1190`	`1240`	`}`
`1191`	`1241`	`}`
	`1242`	`+#endif /* CONFIG_PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC */`
`1192`	`1243`
	`1244`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS)`
`1193`	`1245`	`if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS) &&`
`1194`	`1246`	`operation->alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {`
`1195`	`1247`	`size_t outlen;`
`@@ -1204,7 +1256,9 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1204`	`1256`	`}`
`1205`	`1257`	`return PSA_SUCCESS;`
`1206`	`1258`	`}`
	`1259`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_ECJPAKE_TO_PMS */`
`1207`	`1260`
	`1261`	`+#if defined(CONFIG_PSA_NEED_CRACEN_TLS12_PRF) \|\| defined(CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS)`
`1208`	`1262`	`if (IS_ENABLED(PSA_NEED_CRACEN_TLS12_PRF) && PSA_ALG_IS_TLS12_PRF(operation->alg)) {`
`1209`	`1263`	`operation->state = CRACEN_KD_STATE_TLS12_PRF_OUTPUT;`
`1210`	`1264`	`generator = cracen_key_derivation_tls12_prf_generate_block;`
`@@ -1215,6 +1269,7 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1215`	`1269`	`operation->state = CRACEN_KD_STATE_TLS12_PSK_TO_MS_OUTPUT;`
`1216`	`1270`	`generator = cracen_key_derivation_tls12_prf_generate_block;`
`1217`	`1271`	`}`
	`1272`	`+#endif /* CONFIG_PSA_NEED_CRACEN_TLS12_PRF \|\| CONFIG_PSA_NEED_CRACEN_TLS12_PSK_TO_MS */`
`1218`	`1273`
`1219`	`1274`	`if (IS_ENABLED(PSA_NEED_CRACEN_SRP_PASSWORD_HASH) &&`
`1220`	`1275`	`PSA_ALG_IS_SRP_PASSWORD_HASH(operation->alg)) {`