Hi experts,
I wanted to forward some crypto operations to an external driver that provides psa_call APIs. The mbedtls version I am using 3.4.0.
Take psa_asymmetric_encrypt as an example, The mbedtls api is
psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *salt,
size_t salt_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
It gets attribute, key.data and key.byte from key_id. Then call function psa_driver_wrapper_asymmetric_encrypt without key_id as its argument:
status = psa_driver_wrapper_asymmetric_encrypt(
&attributes, slot->key.data, slot->key.bytes,
alg, input, input_length, salt, salt_length,
output, output_size, output_length);
In psa_driver_wrapper_asymmetric_encrypt, it will use different implementations according to the location value in
https://github.com/Mbed-TLS/mbedtls/blob/d69d3cda34c400a55220352518e37d3d2ccea5d2/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja#L2503C13-L2503C21.
I define a new location definition(RSS_PSA_LOCATION. When the location is RSS_PSA_LOCATION, making it call
psa_status_t crypto_psa_asymmetric_encrypt(psa_key_id_t key,
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
const uint8_t *salt,
size_t salt_length,
uint8_t *output,
size_t output_size,
size_t *output_length)
This API require key_id. Is it possible to get key_id from attribute and key_slot?
Regards,
Jiamei Xie