Add utility function to check for drivers init

This will be used in the next commit. While at it, move driver initialization before RNG init - this will be handy when the entropy module wants to use drivers for hashes. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-07-29 11:41:15 +03:00 · 2023-03-09 11:17:43 +01:00
parent d8ea37f1a3
commit 7abdf7eee5
4 changed files with 44 additions and 6 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -111,6 +111,7 @@ static int key_type_is_raw_bytes(psa_key_type_t type)
 typedef struct {
    unsigned initialized : 1;
    unsigned rng_state : 2;
+    unsigned drivers_initialized : 1;
    mbedtls_psa_random_context_t rng;
 } psa_global_data_t;

@ -125,6 +126,12 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state =
    if (global_data.initialized == 0)  \
    return PSA_ERROR_BAD_STATE;

+int psa_can_do_hash(psa_algorithm_t hash_alg)
+{
+    (void) hash_alg;
+    return global_data.drivers_initialized;
+}
+
 psa_status_t mbedtls_to_psa_error(int ret)
 {
    /* Mbed TLS error codes can combine a high-level error code and a
@ -7124,6 +7131,13 @@ psa_status_t psa_crypto_init(void)
        return PSA_SUCCESS;
    }

+    /* Init drivers */
+    status = psa_driver_wrapper_init();
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }
+    global_data.drivers_initialized = 1;
+
    /* Initialize and seed the random generator. */
    mbedtls_psa_random_init(&global_data.rng);
    global_data.rng_state = RNG_INITIALIZED;
@ -7138,12 +7152,6 @@ psa_status_t psa_crypto_init(void)
        goto exit;
    }

-    /* Init drivers */
-    status = psa_driver_wrapper_init();
-    if (status != PSA_SUCCESS) {
-        goto exit;
-    }
-
 #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
    status = psa_crypto_load_transaction();
    if (status == PSA_SUCCESS) {
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@ -26,6 +26,18 @@
 #include "psa/crypto.h"
 #include "psa/crypto_se_driver.h"

+/**
+ * Tell if PSA is ready for this hash.
+ *
+ * \note            For now, only checks the state of the driver subsystem,
+ *                  not the algorithm. Might do more in the future.
+ *
+ * \param hash_alg  The hash algorithm (ignored for now).
+ *
+ * \return 1 if the driver subsytem is ready, 0 otherwise.
+ */
+int psa_can_do_hash(psa_algorithm_t hash_alg);
+
 /** Constant-time buffer comparison
 *
 * \param[in]  a    Left-hand buffer for comparison.