From 26fd730876bf83169d7d02de08101c7c5fba5c5e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 22 Oct 2018 12:14:52 +0200
Subject: [PATCH 01/17] Add config option for X.509/TLS to use PSA

---
 include/mbedtls/check_config.h |  4 ++++
 include/mbedtls/config.h       | 14 ++++++++++++++
 library/version_features.c     |  3 +++
 scripts/config.pl              |  3 +++
 4 files changed, 24 insertions(+)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 21bede7075..508c00a8a1 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -670,6 +670,10 @@
 #endif
 #undef MBEDTLS_THREADING_IMPL
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_C)
+#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
 #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
 #endif
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index c1619fbade..2341ef50f6 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1616,6 +1616,20 @@
  */
 //#define MBEDTLS_THREADING_PTHREAD
 
+/**
+ * \def MBEDTLS_USE_PSA_CRYPTO
+ *
+ * Make the X.509 and TLS library use PSA for cryptographic operations, see
+ * #MBEDTLS_PSA_CRYPTO_C.
+ *
+ * Note: this option is still in progress, the full X.509 and TLS modules are
+ * not covered yet, but parts that are not ported to PSA yet will still work
+ * as usual, so enabling this option should not break backwards compatibility.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ */
+//#define MBEDTLS_USE_PSA_CRYPTO
+
 /**
  * \def MBEDTLS_VERSION_FEATURES
  *
diff --git a/library/version_features.c b/library/version_features.c
index 590f949f4f..2bfcfc0159 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -522,6 +522,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_THREADING_PTHREAD)
     "MBEDTLS_THREADING_PTHREAD",
 #endif /* MBEDTLS_THREADING_PTHREAD */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    "MBEDTLS_USE_PSA_CRYPTO",
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 #if defined(MBEDTLS_VERSION_FEATURES)
     "MBEDTLS_VERSION_FEATURES",
 #endif /* MBEDTLS_VERSION_FEATURES */
diff --git a/scripts/config.pl b/scripts/config.pl
index 6d02ec05c4..55f4b6e1c4 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -36,6 +36,8 @@
 #       - this could be enabled if the respective tests were adapted
 #   MBEDTLS_ZLIB_SUPPORT
 #   MBEDTLS_PKCS11_C
+#   MBEDTLS_USE_PSA_CRYPTO
+#       - experimental, and more an alternative implementation than a feature
 #   and any symbol beginning _ALT
 #
 
@@ -99,6 +101,7 @@ MBEDTLS_NO_64BIT_MULTIPLICATION
 MBEDTLS_PSA_CRYPTO_SPM
 MBEDTLS_PSA_HAS_ITS_IO
 MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+MBEDTLS_USE_PSA_CRYPTO
 _ALT\s*$
 );
 

From dde444258192af79b3732c6dd8568633a0ba6601 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 30 Oct 2018 11:20:45 +0100
Subject: [PATCH 02/17] Add build using PSA to all.sh

---
 tests/scripts/all.sh | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 43f1db600d..b9e1e37bbc 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -573,6 +573,35 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_
 msg "test: compat.sh ARIA + ChachaPoly"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
+# USE_PSA: run the same set of tests as basic-build-test.sh
+msg "build: cmake, full config + USE_PSA, ASan"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl full
+scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+scripts/config.pl set MBEDTLS_PSA_CRYPTO_C
+scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: main suites (USE_PSA)"
+make test
+
+msg "test: ssl-opt.sh (USE_PSA)"
+if_build_succeeded tests/ssl-opt.sh
+
+msg "test: compat.sh default (USE_PSA)"
+if_build_succeeded tests/compat.sh
+
+msg "test: compat.sh ssl3 (USE_PSA)"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
+
+msg "test: compat.sh RC4, DES & NULL (USE_PSA)"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
+
+msg "test: compat.sh ARIA + ChachaPoly (USE_PSA)"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+
 msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
 cleanup
 cp "$CONFIG_H" "$CONFIG_BAK"

From 560aeaf26bd7a702fe43acf827cbe5f87c87e55b Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Nov 2018 13:32:02 +0000
Subject: [PATCH 03/17] Add internal header for PSA utility functions

This commit adds the header file mbedtls/psa_util.h which contains
static utility functions `mbedtls_psa_xxx()` used in the integration
of PSA Crypto into Mbed TLS.

Warning: These functions are internal only and may change at any time.
---
 include/mbedtls/psa_util.h | 162 +++++++++++++++++++++++++++++++++++++
 1 file changed, 162 insertions(+)
 create mode 100644 include/mbedtls/psa_util.h

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
new file mode 100644
index 0000000000..03c55e1664
--- /dev/null
+++ b/include/mbedtls/psa_util.h
@@ -0,0 +1,162 @@
+/**
+ * \file psa_compat.h
+ *
+ * \brief Utility functions for the use of the PSA Crypto library.
+ *
+ * \warning This function is not part of the public API and may
+ *          change at any time.
+ */
+/*
+ *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_PSA_COMPAT_H)
+#define MBEDTLS_PSA_COMPAT_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "psa/crypto.h"
+
+#include "ecp.h"
+#include "md.h"
+
+static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
+{
+    for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
+    {
+        if( psa_get_key_information( slot, NULL, NULL )  == PSA_ERROR_EMPTY_SLOT )
+        {
+            *key = slot;
+            return( PSA_SUCCESS );
+        }
+    }
+    return( PSA_ERROR_INSUFFICIENT_MEMORY );
+}
+
+static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+{
+    switch( md_alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+    case MBEDTLS_MD_MD2:
+        return( PSA_ALG_MD2 );
+#endif
+#if defined(MBEDTLS_MD4_C)
+    case MBEDTLS_MD_MD4:
+        return( PSA_ALG_MD4 );
+#endif
+#if defined(MBEDTLS_MD5_C)
+    case MBEDTLS_MD_MD5:
+        return( PSA_ALG_MD5 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    case MBEDTLS_MD_SHA1:
+        return( PSA_ALG_SHA_1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    case MBEDTLS_MD_SHA224:
+        return( PSA_ALG_SHA_224 );
+    case MBEDTLS_MD_SHA256:
+        return( PSA_ALG_SHA_256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    case MBEDTLS_MD_SHA384:
+        return( PSA_ALG_SHA_384 );
+    case MBEDTLS_MD_SHA512:
+        return( PSA_ALG_SHA_512 );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+    case MBEDTLS_MD_RIPEMD160:
+        return( PSA_ALG_RIPEMD160 );
+#endif
+    case MBEDTLS_MD_NONE:  /* Intentional fallthrough */
+    default:
+        return( 0 );
+    }
+}
+
+static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
+{
+    switch( grpid )
+    {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192R1:
+            return( PSA_ECC_CURVE_SECP192R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224R1:
+            return( PSA_ECC_CURVE_SECP224R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256R1:
+            return( PSA_ECC_CURVE_SECP256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP384R1:
+            return( PSA_ECC_CURVE_SECP384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP521R1:
+            return( PSA_ECC_CURVE_SECP521R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP256R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP384R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP512R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            return( PSA_ECC_CURVE_CURVE25519 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192K1:
+            return( PSA_ECC_CURVE_SECP192K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224K1:
+            return( PSA_ECC_CURVE_SECP224K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256K1:
+            return( PSA_ECC_CURVE_SECP256K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE448:
+            return( PSA_ECC_CURVE_CURVE448 );
+#endif
+        default:
+            return( 0 );
+    }
+}
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_PSA_COMPAT_H */

From 28b9d3590480ddd1680c6d88cfb4ac551c5c5e84 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 09:29:12 +0000
Subject: [PATCH 04/17] Add PSA-to-Mbed TLS translations for cipher module

---
 include/mbedtls/psa_util.h | 73 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 72 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 03c55e1664..f92f95087c 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -41,6 +41,8 @@
 #include "ecp.h"
 #include "md.h"
 
+/* Slot allocation */
+
 static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 {
     for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
@@ -54,7 +56,74 @@ static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
     return( PSA_ERROR_INSUFFICIENT_MEMORY );
 }
 
-static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+/* Translations for symmetric crypto. */
+
+static psa_key_type_t mbedtls_psa_translate_cipher_type(
+    mbedtls_cipher_type_t cipher )
+{
+    switch( cipher )
+    {
+        case MBEDTLS_CIPHER_AES_128_CCM:
+        case MBEDTLS_CIPHER_AES_192_CCM:
+        case MBEDTLS_CIPHER_AES_256_CCM:
+        case MBEDTLS_CIPHER_AES_128_GCM:
+        case MBEDTLS_CIPHER_AES_192_GCM:
+        case MBEDTLS_CIPHER_AES_256_GCM:
+        case MBEDTLS_CIPHER_AES_128_CBC:
+        case MBEDTLS_CIPHER_AES_192_CBC:
+        case MBEDTLS_CIPHER_AES_256_CBC:
+            return( PSA_KEY_TYPE_AES );
+
+        /* ARIA not yet supported in PSA. */
+        /* case MBEDTLS_CIPHER_ARIA_128_CCM:
+           case MBEDTLS_CIPHER_ARIA_192_CCM:
+           case MBEDTLS_CIPHER_ARIA_256_CCM:
+           case MBEDTLS_CIPHER_ARIA_128_GCM:
+           case MBEDTLS_CIPHER_ARIA_192_GCM:
+           case MBEDTLS_CIPHER_ARIA_256_GCM:
+           case MBEDTLS_CIPHER_ARIA_128_CBC:
+           case MBEDTLS_CIPHER_ARIA_192_CBC:
+           case MBEDTLS_CIPHER_ARIA_256_CBC:
+               return( PSA_KEY_TYPE_ARIA ); */
+
+        default:
+            return( 0 );
+    }
+}
+
+static psa_algorithm_t mbedtls_psa_translate_cipher_mode(
+    mbedtls_cipher_mode_t mode )
+{
+    switch( mode )
+    {
+        case MBEDTLS_MODE_GCM:
+            return( PSA_ALG_GCM );
+        case MBEDTLS_MODE_CCM:
+            return( PSA_ALG_CCM );
+        case MBEDTLS_MODE_CBC:
+            return( PSA_ALG_CBC_NO_PADDING );
+        default:
+            return( 0 );
+    }
+}
+
+static psa_key_usage_t mbedtls_psa_translate_cipher_operation(
+    mbedtls_cipher_operation_t op )
+{
+    switch( op )
+    {
+        case MBEDTLS_ENCRYPT:
+            return( PSA_KEY_USAGE_ENCRYPT );
+        case MBEDTLS_DECRYPT:
+            return( PSA_KEY_USAGE_DECRYPT );
+        default:
+            return( 0 );
+    }
+}
+
+/* Translations for hashing. */
+
+psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
 {
     switch( md_alg )
     {
@@ -96,6 +165,8 @@ static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
     }
 }
 
+/* Translations for ECC. */
+
 static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
 {
     switch( grpid )

From 5f48818712054f2f5f018e04ca5d2906abfb150a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 10:18:57 +0000
Subject: [PATCH 05/17] Make PSA utility functions static inline

Compilers warn about unused static functions.
---
 include/mbedtls/psa_util.h | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index f92f95087c..017c48e2ad 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -43,7 +43,7 @@
 
 /* Slot allocation */
 
-static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
+static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 {
     for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
     {
@@ -58,7 +58,7 @@ static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 
 /* Translations for symmetric crypto. */
 
-static psa_key_type_t mbedtls_psa_translate_cipher_type(
+static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
     mbedtls_cipher_type_t cipher )
 {
     switch( cipher )
@@ -91,7 +91,7 @@ static psa_key_type_t mbedtls_psa_translate_cipher_type(
     }
 }
 
-static psa_algorithm_t mbedtls_psa_translate_cipher_mode(
+static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
     mbedtls_cipher_mode_t mode )
 {
     switch( mode )
@@ -107,8 +107,8 @@ static psa_algorithm_t mbedtls_psa_translate_cipher_mode(
     }
 }
 
-static psa_key_usage_t mbedtls_psa_translate_cipher_operation(
-    mbedtls_cipher_operation_t op )
+static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
+    mbedtls_operation_t op )
 {
     switch( op )
     {
@@ -123,7 +123,7 @@ static psa_key_usage_t mbedtls_psa_translate_cipher_operation(
 
 /* Translations for hashing. */
 
-psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
 {
     switch( md_alg )
     {
@@ -167,7 +167,7 @@ psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
 
 /* Translations for ECC. */
 
-static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
+static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
 {
     switch( grpid )
     {

From eba99931710083543a842827609ae59c011a6761 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 13:18:45 +0000
Subject: [PATCH 06/17] Initialize PSA Crypto implementation at the start of
 each test suite

---
 tests/suites/main_test.function | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 2ba919ce07..8bd408ca95 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -25,6 +25,9 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /*----------------------------------------------------------------------------*/
 /* Common helper code */
@@ -221,8 +224,22 @@ int main( int argc, const char *argv[] )
                          ret );
         return( -1 );
     }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    {
+        psa_status_t status;
+        status = psa_crypto_init();
+        if( status != PSA_SUCCESS )
+        {
+            mbedtls_fprintf( stderr,
+                          "FATAL: Failed to initialize PSA Crypto - error %d\n",
+                          status );
+            return( -1 );
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     ret = execute_tests( argc, argv );
     platform_teardown();
     return( ret );
 }
-

From 50955d1c18e79b0234e5f0192a76aeac2902c0d6 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 17:46:59 +0000
Subject: [PATCH 07/17] Initialize PSA Crypto implementation in ssl_client2.c

---
 programs/ssl/ssl_client2.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 15c778d315..87b9ab1bd2 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -59,6 +59,10 @@ int main( void )
 #include "mbedtls/debug.h"
 #include "mbedtls/timing.h"
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -555,6 +559,9 @@ int main( int argc, char *argv[] )
 #endif
     char *p, *q;
     const int *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status;
+#endif
 
     /*
      * Make sure memory references are valid.
@@ -573,6 +580,17 @@ int main( int argc, char *argv[] )
     memset( (void * ) alpn_list, 0, sizeof( alpn_list ) );
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_crypto_init();
+    if( status != PSA_SUCCESS )
+    {
+        mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                         (int) status );
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif
+
     if( argc == 0 )
     {
     usage:

From 06b6f34e9f668e34e01e4c75bc90e6ee445cb0db Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 17:47:48 +0000
Subject: [PATCH 08/17] Initialize PSA Crypto implementation in ssl_server2

---
 programs/ssl/ssl_server2.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index efda65d23d..1c6ccaef1d 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -60,6 +60,10 @@ int main( void )
 #include "mbedtls/debug.h"
 #include "mbedtls/timing.h"
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -1238,6 +1242,9 @@ int main( int argc, char *argv[] )
     int i;
     char *p, *q;
     const int *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status;
+#endif
 
 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
     mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
@@ -1277,6 +1284,17 @@ int main( int argc, char *argv[] )
     mbedtls_ssl_cookie_init( &cookie_ctx );
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_crypto_init();
+    if( status != PSA_SUCCESS )
+    {
+        mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                         (int) status );
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif
+
 #if !defined(_WIN32)
     /* Abort cleanly on SIGTERM and SIGINT */
     signal( SIGTERM, term_handler );

From 639a4320ca6d46acdce14c6069b4bd29460bb35c Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 13 Nov 2018 21:01:41 +0000
Subject: [PATCH 09/17] Fix Doxygen annotation in psa_util.h

---
 include/mbedtls/psa_util.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 017c48e2ad..224432ea15 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -1,5 +1,5 @@
 /**
- * \file psa_compat.h
+ * \file psa_util.h
  *
  * \brief Utility functions for the use of the PSA Crypto library.
  *

From 14f78b03bb6460d1ef3735b4b9b29a939c7de8d2 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 09:37:19 +0000
Subject: [PATCH 10/17] Add function to translate PSA errors to PK module
 errors

---
 include/mbedtls/psa_util.h | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 224432ea15..d9f1be49dd 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -40,6 +40,7 @@
 
 #include "ecp.h"
 #include "md.h"
+#include "pk.h"
 
 /* Slot allocation */
 
@@ -228,6 +229,31 @@ static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group
     }
 }
 
+/* Translations for PK layer */
+
+static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
+{
+    switch( status )
+    {
+        case PSA_SUCCESS:
+            return( 0 );
+        case PSA_ERROR_NOT_SUPPORTED:
+            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_INSUFFICIENT_MEMORY:
+            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+        case PSA_ERROR_TAMPERING_DETECTED:
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+        case PSA_ERROR_INSUFFICIENT_ENTROPY:
+            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+        case PSA_ERROR_BAD_STATE:
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+        default: /* should never happen */
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+    }
+}
+
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #endif /* MBEDTLS_PSA_COMPAT_H */

From dec64735e2924ff581b0341cf24d350e9fbdcfaf Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 15:48:57 +0000
Subject: [PATCH 11/17] Add AEAD tag length parameter to
 mbedtls_psa_translate_cipher_mode()

In case of AEAD ciphers, the cipher mode (and not even the entire content
of mbedtls_cipher_info_t) doesn't uniquely determine a psa_algorithm_t
because it doesn't specify the AEAD tag length, which however is included
in psa_algorithm_t identifiers.

This commit adds a tag length value to mbedtls_psa_translate_cipher_mode()
to account for that ambiguity.
---
 include/mbedtls/psa_util.h | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index d9f1be49dd..f66635cc48 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -93,16 +93,18 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
 }
 
 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
-    mbedtls_cipher_mode_t mode )
+    mbedtls_cipher_mode_t mode, size_t taglen )
 {
     switch( mode )
     {
         case MBEDTLS_MODE_GCM:
-            return( PSA_ALG_GCM );
+            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );
         case MBEDTLS_MODE_CCM:
-            return( PSA_ALG_CCM );
+            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) );
         case MBEDTLS_MODE_CBC:
-            return( PSA_ALG_CBC_NO_PADDING );
+            if( taglen == 0 )
+                return( PSA_ALG_CBC_NO_PADDING );
+            /* Intentional fallthrough for taglen != 0 */
         default:
             return( 0 );
     }

From 4d9e1e0ac4217a5a5288f98effa0438b71b95b75 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 15:01:22 +0000
Subject: [PATCH 12/17] Improve documentation of mbedtls_psa_err_translate_pk()

---
 include/mbedtls/psa_util.h | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index f66635cc48..41c0e2b30b 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -243,15 +243,18 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
             return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
         case PSA_ERROR_INSUFFICIENT_MEMORY:
             return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-        case PSA_ERROR_COMMUNICATION_FAILURE:
-        case PSA_ERROR_HARDWARE_FAILURE:
-        case PSA_ERROR_TAMPERING_DETECTED:
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
         case PSA_ERROR_INSUFFICIENT_ENTROPY:
             return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
         case PSA_ERROR_BAD_STATE:
             return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-        default: /* should never happen */
+        /* All other failures */
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+        case PSA_ERROR_TAMPERING_DETECTED:
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+        default: /* We return the same as for the 'other failures',
+                  * but list them separately nonetheless to indicate
+                  * which failure conditions we have considered. */
             return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
     }
 }

From 77030426a0600297342f29d7f7fea9e11fff23bc Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sun, 18 Nov 2018 07:16:46 +0000
Subject: [PATCH 13/17] Update VisualC files

---
 visualc/VS2010/mbedTLS.vcxproj | 1 +
 1 file changed, 1 insertion(+)

diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 5d57a75041..6535d483a7 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -204,6 +204,7 @@
     <ClInclude Include="..\..\include\mbedtls\platform_time.h" />
     <ClInclude Include="..\..\include\mbedtls\platform_util.h" />
     <ClInclude Include="..\..\include\mbedtls\poly1305.h" />
+    <ClInclude Include="..\..\include\mbedtls\psa_util.h" />
     <ClInclude Include="..\..\include\mbedtls\ripemd160.h" />
     <ClInclude Include="..\..\include\mbedtls\rsa.h" />
     <ClInclude Include="..\..\include\mbedtls\rsa_internal.h" />

From 56a78dd4adb8aafb4c0ab0d99dd71942016f079a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 09:46:26 +0000
Subject: [PATCH 14/17] State explicitly that any API depending on PSA is
 unstable

---
 include/mbedtls/config.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 2341ef50f6..1f37d0843a 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1626,6 +1626,10 @@
  * not covered yet, but parts that are not ported to PSA yet will still work
  * as usual, so enabling this option should not break backwards compatibility.
  *
+ * \warning  Support for PSA is still an experimental feature.
+ *           Any public API that depends on this option may change
+ *           at any time until this warning is removed.
+ *
  * Requires: MBEDTLS_PSA_CRYPTO_C.
  */
 //#define MBEDTLS_USE_PSA_CRYPTO

From 47a6291445f0c38fbaac5bf0455a88c3c273f045 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 15:14:21 +0000
Subject: [PATCH 15/17] Use MBEDTLS_PSA_UTIL_H instead of MBEDTLS_PSA_COMPAT_H
 in psa_util.h

This is still an artifact from when psa_util.h was called psa_compat.h.
---
 include/mbedtls/psa_util.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 41c0e2b30b..4a0c87ccfa 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -25,8 +25,8 @@
  *  This file is part of mbed TLS (https://tls.mbed.org)
  */
 
-#if !defined(MBEDTLS_PSA_COMPAT_H)
-#define MBEDTLS_PSA_COMPAT_H
+#ifndef MBEDTLS_PSA_UTIL_H
+#define MBEDTLS_PSA_UTIL_H
 
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "config.h"
@@ -261,4 +261,4 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
 
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
-#endif /* MBEDTLS_PSA_COMPAT_H */
+#endif /* MBEDTLS_PSA_UTIL_H */

From fc359fd837db38ad6039afac96d78c0c94a21010 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 15:15:01 +0000
Subject: [PATCH 16/17] Remove double white space

---
 include/mbedtls/psa_util.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 4a0c87ccfa..5766133097 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -48,7 +48,7 @@ static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 {
     for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
     {
-        if( psa_get_key_information( slot, NULL, NULL )  == PSA_ERROR_EMPTY_SLOT )
+        if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT )
         {
             *key = slot;
             return( PSA_SUCCESS );

From 12bd57b8c8868db16ce4d2872629a79e9078aaf3 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 15:16:12 +0000
Subject: [PATCH 17/17] Refer to PSA through MBEDTLS_USE_PSA_CRYPTO, not
 USE_PSA, in all.sh

---
 tests/scripts/all.sh | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index b9e1e37bbc..6af13e6608 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -573,8 +573,8 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_
 msg "test: compat.sh ARIA + ChachaPoly"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
-# USE_PSA: run the same set of tests as basic-build-test.sh
-msg "build: cmake, full config + USE_PSA, ASan"
+# MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
+msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan"
 cleanup
 cp "$CONFIG_H" "$CONFIG_BAK"
 scripts/config.pl full
@@ -584,22 +584,22 @@ scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO
 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
 make
 
-msg "test: main suites (USE_PSA)"
+msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)"
 make test
 
-msg "test: ssl-opt.sh (USE_PSA)"
+msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded tests/ssl-opt.sh
 
-msg "test: compat.sh default (USE_PSA)"
+msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded tests/compat.sh
 
-msg "test: compat.sh ssl3 (USE_PSA)"
+msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
 
-msg "test: compat.sh RC4, DES & NULL (USE_PSA)"
+msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
 
-msg "test: compat.sh ARIA + ChachaPoly (USE_PSA)"
+msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
 msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s