Hi,
It is unclear whether drivers are allowed to call functions of the outer PSA crypto interface. If this is allowed, strict rules are needed to avoid hard to find recursive invocation and reentrancy problems. Such problems are not necessarily detected at development time because they may be caused by a combination of several drivers developed by different vendors. The easiest and most secure way would be to prohibit such calls completely. However, at least in one case they are unavoidable: Several driver functions need a source of randomness to fill some random values (cipher_encrypt, RSA_PSS, non-deterministic ECDSA, ..). Getting randomness is non-trivial and involves special hardware in most cases which is usually not accessible to any driver (in particular accelerators). So drivers must be allowed to call at least psa_generate_random(). The only alternative would be to split up all affected functions to separate randomness generation from cryptographic calculations. Regards Beat