Hi,
The Unified Driver Specification should state which precondition checks are needed in a driver function. It would be redundant to do all validity checks in both the core and the drivers.
From the samples it seems to be safe to assume all pointer arguments are non-null.
What about sizes? Is it safe to assume only valid key sizes are delivered to a driver? (For instance only 192, 224, 256, 384 or 521 for PSA_ECC_CURVE_SECP_R1.) Is it guaranteed that the key_length is always correct for the given bit size of the key? (For instance key_length is always 32 for a 256 bit SECP_R1 secret key.) What about the sequence of function calls for a multi-part interface? Is a driver expected to check for out-of-sequence calls and return PSA_ERROR_BAD_STATE?
Thanks for clarifications. Regards Beat Heeb