diff --git a/tf-psa-crypto/include/psa/crypto.h b/tf-psa-crypto/include/psa/crypto.h index 6f0049bc6e..2b0343582f 100644 --- a/tf-psa-crypto/include/psa/crypto.h +++ b/tf-psa-crypto/include/psa/crypto.h @@ -5168,6 +5168,46 @@ psa_status_t psa_key_agreement_iop_abort( /**@}*/ +/** + * \defgroup interruptible_generate_key Interruptible Key Generation + * @{ + */ + +/** + * The type of the state data structure for interruptible key generation + * operations. + * + * Before calling any function on an interruptible key generation object, the + * application must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_generate_key_iop_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_generate_key_iop_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer #PSA_GENERATE_KEY_IOP_INIT, + * for example: + * - \code + * psa_generate_key_iop_t operation = PSA_GENERATE_KEY_IOP_INIT; + * \endcode + * - Assign the result of the function psa_generate_key_iop_init() to the + * structure, for example: + * \code + * psa_generate_key_iop_t operation; + * operation = psa_generate_key_iop_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. + */ +typedef struct psa_generate_key_iop_s psa_generate_key_iop_t; + +/**@}*/ + #ifdef __cplusplus } #endif diff --git a/tf-psa-crypto/include/psa/crypto_struct.h b/tf-psa-crypto/include/psa/crypto_struct.h index 9685eae209..2eec948119 100644 --- a/tf-psa-crypto/include/psa/crypto_struct.h +++ b/tf-psa-crypto/include/psa/crypto_struct.h @@ -526,6 +526,40 @@ psa_key_agreement_iop_init(void) return v; } +/** + * \brief The context for PSA interruptible key agreement. + */ +struct psa_generate_key_iop_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else + /** + * Unique ID indicating which driver got assigned to do the + * operation. Since driver contexts are driver-specific, swapping + * drivers halfway through the operation is not supported. + * ID values are auto-generated in psa_crypto_driver_wrappers.h + * ID value zero means the context is not valid or not assigned to + * any driver (i.e. none of the driver contexts are active). + */ + unsigned int MBEDTLS_PRIVATE(id); + +#endif +}; + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_GENERATE_KEY_IOP_INIT { 0 } +#else +#define PSA_GENERATE_KEY_IOP_INIT { 0 } +#endif + +static inline struct psa_generate_key_iop_s +psa_generate_key_iop_init(void) +{ + const struct psa_generate_key_iop_s v = PSA_GENERATE_KEY_IOP_INIT; + + return v; +} + #ifdef __cplusplus } #endif