Adds PSA crypto support file for SiWx917 (#174)

* Adds mbedTLS and PSA configuration files for SiWx917

matter/si91x/siwx917/BRD4338A/autogen/sl_component_catalog.h

@@ -1,32 +1,33 @@
-#ifndef SL_COMPONENT_CATALOG_H
-#define SL_COMPONENT_CATALOG_H
-
-// APIs present in project
-#define SL_CATALOG_BTN0_PRESENT
-#define SL_CATALOG_BUTTON_PRESENT
-#define SL_CATALOG_BUTTON_BTN0_PRESENT
-#define SL_CATALOG_BTN1_PRESENT
-#define SL_CATALOG_BUTTON_BTN1_PRESENT
-#define SL_CATALOG_LED0_PRESENT
-#define SL_CATALOG_LED_PRESENT
-#define SL_CATALOG_LED_LED0_PRESENT
-#define SL_CATALOG_LED1_PRESENT
-#define SL_CATALOG_LED_LED1_PRESENT
-#define SL_CATALOG_TIMER0_PRESENT
-#define SL_CATALOG_ULP_TIMERS_INSTANCE_PRESENT
-#define SL_CATALOG_TEMP_ULP_TIMER_TIMER0_PRESENT
-#define SL_CATALOG_CMSIS_OS_COMMON_PRESENT
-#define SL_CATALOG_DEVICE_INIT_NVIC_PRESENT
-#define SL_CATALOG_EMLIB_CORE_PRESENT
-#define SL_CATALOG_EMLIB_CORE_DEBUG_CONFIG_PRESENT
-#define SL_CATALOG_FREERTOS_KERNEL_PRESENT
-#define SL_CATALOG_KERNEL_PRESENT
-#define SL_CATALOG_IOSTREAM_PRESENT
-#define SL_CATALOG_NVM3_PRESENT
-#ifdef DISPLAY_ENABLED
-#define SL_CATALOG_SLEEPTIMER_PRESENT
-#define SL_CATALOG_DMD_MEMLCD_PRESENT
-#define SL_CATALOG_GLIB_PRESENT
-#endif // DISPLAY_ENABLED
-
-#endif // SL_COMPONENT_CATALOG_H
+#ifndef SL_COMPONENT_CATALOG_H
+#define SL_COMPONENT_CATALOG_H
+
+// APIs present in project
+#define SL_CATALOG_BTN0_PRESENT
+#define SL_CATALOG_BUTTON_PRESENT
+#define SL_CATALOG_BUTTON_BTN0_PRESENT
+#define SL_CATALOG_BTN1_PRESENT
+#define SL_CATALOG_BUTTON_BTN1_PRESENT
+#define SL_CATALOG_LED0_PRESENT
+#define SL_CATALOG_LED_PRESENT
+#define SL_CATALOG_LED_LED0_PRESENT
+#define SL_CATALOG_LED1_PRESENT
+#define SL_CATALOG_LED_LED1_PRESENT
+#define SL_CATALOG_TIMER0_PRESENT
+#define SL_CATALOG_ULP_TIMERS_INSTANCE_PRESENT
+#define SL_CATALOG_TEMP_ULP_TIMER_TIMER0_PRESENT
+#define SL_CATALOG_CMSIS_OS_COMMON_PRESENT
+#define SL_CATALOG_DEVICE_INIT_NVIC_PRESENT
+#define SL_CATALOG_EMLIB_CORE_PRESENT
+#define SL_CATALOG_EMLIB_CORE_DEBUG_CONFIG_PRESENT
+#define SL_CATALOG_FREERTOS_KERNEL_PRESENT
+#define SL_CATALOG_KERNEL_PRESENT
+#define SL_CATALOG_IOSTREAM_PRESENT
+#define SL_CATALOG_NVM3_PRESENT
+#define SL_CATALOG_PSA_CRYPTO_PRESENT
+#ifdef DISPLAY_ENABLED
+#define SL_CATALOG_SLEEPTIMER_PRESENT
+#define SL_CATALOG_DMD_MEMLCD_PRESENT
+#define SL_CATALOG_GLIB_PRESENT
+#endif // DISPLAY_ENABLED
+
+#endif // SL_COMPONENT_CATALOG_H

matter/si91x/siwx917/BRD4338A/autogen/sli_mbedtls_config_autogen.h

@@ -0,0 +1,47 @@
+// This is an autogenerated config file, any changes to this file will be
+// overwritten
+
+#ifndef SLI_MBEDTLS_CONFIG_AUTOGEN_H
+#define SLI_MBEDTLS_CONFIG_AUTOGEN_H
+
+#define MBEDTLS_MPI_MAX_SIZE 32
+
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CMAC_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_MD_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_PEM_WRITE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_ENTROPY_FORCE_SHA256
+#define MBEDTLS_ENTROPY_MAX_SOURCES 2
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CREATE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CRT_WRITE_C
+#define MBEDTLS_X509_CRL_PARSE_C
+#define MBEDTLS_X509_CSR_PARSE_C
+#define MBEDTLS_X509_CSR_WRITE_C
+#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_USE_PSA_CRYPTO
+#define MBEDTLS_PSA_CRYPTO_CONFIG
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+#endif // SLI_MBEDTLS_CONFIG_AUTOGEN_H

matter/si91x/siwx917/BRD4338A/autogen/sli_mbedtls_config_transform_autogen.h

@@ -0,0 +1,51 @@
+// This is an autogenerated config file, any changes to this file will be
+// overwritten
+
+#ifndef SLI_MBEDTLS_CONFIG_TRANSFORM_AUTOGEN_H
+#define SLI_MBEDTLS_CONFIG_TRANSFORM_AUTOGEN_H
+
+// Convert CMSIS Markup config defines to mbedTLS specific config defines
+
+#if SL_MBEDTLS_RSA_NO_CRT
+#define MBEDTLS_RSA_NO_CRT
+#endif
+
+// Allow undefining the specified cipher suites
+#if defined(SLI_MBEDTLS_AUTODETECT_CIPHERSUITES)
+#undef MBEDTLS_SSL_CIPHERSUITES
+#endif
+
+#if SL_MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+#endif
+#if SL_MBEDTLS_SSL_EXPORT_KEYS
+#define MBEDTLS_SSL_EXPORT_KEYS
+#endif
+#if SL_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+#endif
+#if SL_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+#endif
+#if SL_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#endif
+#if SL_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+#endif
+#if SL_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+#endif
+#if SL_MBEDTLS_ECP_ENABLE_COMPRESSED_CURVE_PARSING
+#define MBEDTLS_ECP_ENABLE_COMPRESSED_CURVE_PARSING
+#endif
+
+#if !defined(MBEDTLS_SSL_IN_CONTENT_LEN)
+#define MBEDTLS_SSL_IN_CONTENT_LEN SL_MBEDTLS_SSL_IN_CONTENT_LEN
+#endif
+
+#if !defined(MBEDTLS_SSL_OUT_CONTENT_LEN)
+#define MBEDTLS_SSL_OUT_CONTENT_LEN SL_MBEDTLS_SSL_OUT_CONTENT_LEN
+#endif
+
+#endif // SLI_MBEDTLS_CONFIG_TRANSFORM_AUTOGEN_H

matter/si91x/siwx917/BRD4338A/autogen/sli_psa_builtin_config_autogen.h

@@ -0,0 +1,15 @@
+// This is an autogenerated config file, any changes to this file will be
+// overwritten
+
+#ifndef SLI_PSA_BUILTIN_CONFIG_AUTOGEN_H
+#define SLI_PSA_BUILTIN_CONFIG_AUTOGEN_H
+
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
+#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
+
+#endif // SLI_PSA_BUILTIN_CONFIG_AUTOGEN_H

matter/si91x/siwx917/BRD4338A/autogen/sli_psa_config_autogen.h

@@ -0,0 +1,32 @@
+// This is an autogenerated config file, any changes to this file will be
+// overwritten
+
+#ifndef SLI_PSA_CONFIG_AUTOGEN_H
+#define SLI_PSA_CONFIG_AUTOGEN_H
+
+#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+#define PSA_WANT_KEY_TYPE_AES 1
+#define PSA_WANT_ALG_CCM 1
+#define PSA_WANT_ALG_CMAC 1
+#define PSA_WANT_ALG_SHA_224 1
+#define PSA_WANT_ALG_SHA_256 1
+#define PSA_WANT_ALG_ECB_NO_PADDING 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
+#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define PSA_WANT_ECC_SECP_R1_256 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
+#define PSA_WANT_ALG_ECDH 1
+#define PSA_WANT_ALG_ECDSA 1
+#define PSA_WANT_ALG_HKDF 1
+#define PSA_WANT_ALG_HMAC 1
+#define PSA_WANT_KEY_TYPE_HMAC 1
+
+#define MBEDTLS_PSA_KEY_SLOT_COUNT (1 + SL_PSA_KEY_USER_SLOT_COUNT)
+#ifndef SL_PSA_ITS_MAX_FILES
+#define SL_PSA_ITS_MAX_FILES (1 + SL_PSA_ITS_USER_MAX_FILES)
+#endif
+
+#endif // SLI_PSA_CONFIG_AUTOGEN_H

matter/si91x/siwx917/BRD4338A/config/psa_crypto_config.h

@@ -0,0 +1,130 @@
+#ifndef PSA_CRYPTO_CONFIG_H
+#define PSA_CRYPTO_CONFIG_H
+
+// -----------------------------------------------------------------------------
+// User exposed config options
+
+// <<< Use Configuration Wizard in Context Menu >>>
+
+// <h> Key management configuration
+
+// <o SL_PSA_KEY_USER_SLOT_COUNT> PSA User Maximum Open Keys Count <0-128>
+// <i> Maximum amount of keys that the user application will have open
+// <i> simultaneously. In context of PSA Crypto, an open key means any key
+// <i> either stored in RAM (lifetime set to PSA_KEY_LIFETIME_VOLATILE), or
+// <i> used as part of a cryptographic operation.
+// <i> When using a key for a multi-part (setup/update/finish) operation, a key
+// <i> is considered to be open from the moment the operation is successfully
+// <i> setup, until it finishes or aborts.
+// <i> When an application tries to open more keys than this value accounts for,
+// <i> the PSA API may return PSA_ERROR_INSUFFICIENT_MEMORY. Keep in mind that
+// <i> other software included in the application (e.g. wireless protocol
+// stacks) <i> also can have a need to have open keys in PSA Crypto. This could
+// lead to <i> a race condition when the application key slot count is set too
+// low for <i> the actual usage of the application, as a software stack may not
+// fail <i> gracefully in case an application opens more than its declared
+// amount of <i> keys, thereby precluding the stack from functioning. <i>
+// Default: 4
+#define SL_PSA_KEY_USER_SLOT_COUNT (4)
+
+// <o SL_PSA_ITS_USER_MAX_FILES> PSA Maximum User Persistent Keys Count <0-1024>
+// <i> Maximum amount of keys (or other files) that can be stored persistently
+// <i> by the application through the PSA interface, when persistent storage
+// <i> support for PSA Crypto is included in the project.
+// <i> Due to caching logic, this setting does have an impact on static RAM
+// usage. <i> Note that this number is added to the potential requirements from
+// other <i> software components in the project, such that the total amount of
+// keys <i> which can be stored through the ITS backend can be higher than what
+// is <i> configured here. <i> <i> WARNING: When changing this setting on an
+// application that is already <i> deployed, and thus will get the change
+// through an application upgrade, <i> care should be taken to ensure that the
+// setting is only ever increased, <i> and never decreased. Decreasing this
+// setting might cause previously <i> stored keys/files to become inaccessible.
+// <i>
+// <i> It is not possible to change this setting when using V3 ITS Driver.
+// <i> The file-storage indexing is dependent on the  maximum number of files,
+// <i> and if SL_PSA_ITS_USER_MAX_FILES is changed, ITS should be cleared and
+// <i> all files need to be stored again.
+// <i> Default: 128
+#define SL_PSA_ITS_USER_MAX_FILES (128)
+
+// <o SL_PSA_ITS_SUPPORT_V1_DRIVER> Enable V1 Format Support For ITS Files <0-1>
+// <i> Devices that used PSA ITS together with gecko_sdk_3.1.x  or earlier
+// <i> might have keys (or other files) stored in V1 format.
+// <i> If no v1 files are used, its support can be disabled for space
+// <i> optimization.
+// <i> Default: 0
+#define SL_PSA_ITS_SUPPORT_V1_DRIVER 0
+
+// <o SL_PSA_ITS_SUPPORT_V2_DRIVER> Enable V2 ITS Driver Support <0-1>
+// <i> Devices that have used GSDK 4.1.x and earlier, and used ITS have the keys
+// <i> (or other files) stored using different address range. Enabling this
+// <i> config option adds upgrade code which converts V2 (and V1 if
+// <i> supported) format ITS keys/files to the latest V3 format. Update is
+// <i> fully automatic, needs to be run once and require extra flash space of
+// <i> approximately the size of the largest key.
+// <i> V1 ITS driver support can be disabled if the device has never used ITS
+// <i> driver before in GSDK 4.1.x and earlier, or the keys has been already
+// <i> migrated.
+// <i> Default: 0
+#define SL_PSA_ITS_SUPPORT_V2_DRIVER 0
+
+// <o SL_PSA_ITS_SUPPORT_V3_DRIVER> Enable support for V3 ITS Driver <0-1>
+// <i> Devices that have used GSDK 4.1.x and earlier, and used ITS have the keys
+// <i> (or other files) stored using different address range. In rare case
+// <i> that those devices have full nvm3 and not enough space for the
+// <i> upgrade, (that requires an extra space to store largest key in memory
+// <i> twice), this config option can disable v3 driver and use v2 one.
+// <i> To upgrade the device, make space for the upgrade, and enable v3 driver
+// again. <i> <i> WARNING: When using V3 driver, it is not possible to increase
+// or decrease <i> the value of SL_PSA_ITS_USER_MAX_FILES. If the change of <i>
+// SL_PSA_ITS_USER_MAX_FILES is required, ITS should be cleared and <i> all
+// files need to be stored again. <i> Default: 1
+#define SL_PSA_ITS_SUPPORT_V3_DRIVER 1
+
+// <o SL_SE_BUILTIN_KEY_AES128_ALG_CONFIG> Built-in AES Key Mode of Operation
+// <PSA_ALG_CTR=> CTR Mode
+// <PSA_ALG_CFB=> CFB Mode
+// <PSA_ALG_OFB=> OFB Mode
+// <PSA_ALG_ECB_NO_PADDING=> ECB Mode
+// <PSA_ALG_CBC_NO_PADDING=> CBC Mode (no padding)
+// <PSA_ALG_CBC_PKCS7=> CBC Mode (PKCS#7 padding)
+// <i> PSA Crypto only allows one specific usage algorithm per built-in key ID.
+// <i> Default: PSA_ALG_CTR
+#define SL_SE_BUILTIN_KEY_AES128_ALG_CONFIG (PSA_ALG_CTR)
+
+#ifndef SL_CRYPTOACC_BUILTIN_KEY_PUF_ALG
+// <o SL_CRYPTOACC_BUILTIN_KEY_PUF_ALG> Built-in PUF Key Algorithm
+// <PSA_ALG_PBKDF2_AES_CMAC_PRF_128=> PBKDF2 (CMAC-AES-128-PRF)
+// <PSA_ALG_CMAC=> CMAC
+// <i> PSA Crypto only allows one specific usage algorithm per built-in key ID.
+// <i> It is recommended to only use the PUF key for deriving further key
+// <i> material.
+// <i> Default: PSA_ALG_PBKDF2_AES_CMAC_PRF_128
+#define SL_CRYPTOACC_BUILTIN_KEY_PUF_ALG (PSA_ALG_PBKDF2_AES_CMAC_PRF_128)
+#endif // SL_CRYPTOACC_BUILTIN_KEY_PUF_ALG
+
+// </h>
+
+// <<< end of configuration section >>>
+
+// -----------------------------------------------------------------------------
+// Sub-files
+
+#if defined(SLI_PSA_CONFIG_AUTOGEN_OVERRIDE_FILE)
+#include SLI_PSA_CONFIG_AUTOGEN_OVERRIDE_FILE
+#else
+#include "sli_psa_config_autogen.h"
+#endif
+
+#if defined(TFM_CONFIG_SL_SECURE_LIBRARY)
+#include "sli_psa_tfm_translation.h"
+#endif
+
+#if SL_MBEDTLS_DRIVERS_ENABLED
+#include "sli_psa_acceleration.h"
+#endif
+
+#include "sli_psa_builtin_config_autogen.h"
+
+#endif // PSA_CRYPTO_CONFIG_H