CryptoKeyKeyStore_PSA.h

Go to the documentation of this file.

/*
 * Copyright (c) 2022-2025, Texas Instruments Incorporated
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * *  Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * *  Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * *  Neither the name of Texas Instruments Incorporated nor the names of
 *    its contributors may be used to endorse or promote products derived
 *    from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef ti_drivers_CryptoKeyKeyStore_PSA__include
#define ti_drivers_CryptoKeyKeyStore_PSA__include

#include <ti/devices/DeviceFamily.h>

#if (TFM_ENABLED == 0) || defined(TFM_BUILD) /* TFM_BUILD indicates this is a TF-M build */
    #if ((DeviceFamily_PARENT == DeviceFamily_PARENT_CC27XX) || (DeviceFamily_PARENT == DeviceFamily_PARENT_CC35XX))
        #include <third_party/hsmddk/include/Integration/Adapter_PSA/incl/psa/crypto.h>
        #include <third_party/hsmddk/include/Integration/Adapter_PSA/incl/psa/crypto_extra.h>
        #include <third_party/hsmddk/include/Integration/Adapter_PSA/Adapter_mbedTLS/incl/private_access.h>
    #elif (DeviceFamily_PARENT == DeviceFamily_PARENT_CC13X4_CC26X3_CC26X4)
        #include <third_party/mbedtls/include/psa/crypto.h>
        #include <third_party/mbedtls/include/psa/crypto_extra.h>
        #include <third_party/mbedtls/include/mbedtls/build_info.h>
        #include <third_party/mbedtls/include/mbedtls/private_access.h>
        #include <third_party/mbedtls/ti/driver/ti_sl_transparent_driver_entrypoints.h>
    #else
        #error "Unsupported DeviceFamily_Parent for CryptoKeyKeyStore_PSA"
    #endif /* #if ((DeviceFamily_PARENT == DeviceFamily_PARENT_CC27XX) || (DeviceFamily_PARENT == \
              DeviceFamily_PARENT_CC35XX)) */
#else
    #include <third_party/tfm/interface/include/psa/crypto.h>
#endif /* #if (TFM_ENABLED == 0) || defined(TFM_BUILD) */

#ifdef __cplusplus
extern "C" {
#endif

typedef psa_key_usage_t KeyStore_PSA_KeyUsage;

typedef psa_key_lifetime_t KeyStore_PSA_KeyLifetime;

typedef psa_key_persistence_t KeyStore_PSA_KeyPersistence;

typedef psa_key_location_t KeyStore_PSA_KeyLocation;

#define KEYSTORE_PSA_STATUS_SUCCESS ((int_fast16_t)PSA_SUCCESS)

#define KEYSTORE_PSA_STATUS_GENERIC_ERROR ((int_fast16_t)PSA_ERROR_GENERIC_ERROR)

#define KEYSTORE_PSA_STATUS_NOT_SUPPORTED ((int_fast16_t)PSA_ERROR_NOT_SUPPORTED)

#define KEYSTORE_PSA_STATUS_NOT_PERMITTED ((int_fast16_t)PSA_ERROR_NOT_PERMITTED)

#define KEYSTORE_PSA_STATUS_INVALID_KEY_ID ((int_fast16_t)PSA_ERROR_INVALID_HANDLE)

#define KEYSTORE_PSA_STATUS_BUFFER_TOO_SMALL ((int_fast16_t)PSA_ERROR_BUFFER_TOO_SMALL)

#define KEYSTORE_PSA_STATUS_ALREADY_EXISTS ((int_fast16_t)PSA_ERROR_ALREADY_EXISTS)

#define KEYSTORE_PSA_STATUS_DOES_NOT_EXIST ((int_fast16_t)PSA_ERROR_DOES_NOT_EXIST)

#define KEYSTORE_PSA_STATUS_BAD_STATE ((int_fast16_t)PSA_ERROR_BAD_STATE)

#define KEYSTORE_PSA_STATUS_INVALID_ARGUMENT ((int_fast16_t)PSA_ERROR_INVALID_ARGUMENT)

#define KEYSTORE_PSA_STATUS_INSUFFICIENT_MEMORY ((int_fast16_t)PSA_ERROR_INSUFFICIENT_MEMORY)

#define KEYSTORE_PSA_STATUS_INSUFFICIENT_STORAGE ((int_fast16_t)PSA_ERROR_INSUFFICIENT_STORAGE)

#define KEYSTORE_PSA_STATUS_COMMUNICATION_FAILURE ((int_fast16_t)PSA_ERROR_COMMUNICATION_FAILURE)

#define KEYSTORE_PSA_STATUS_STORAGE_FAILURE ((int_fast16_t)PSA_ERROR_STORAGE_FAILURE)

#define KEYSTORE_PSA_STATUS_HARDWARE_FAILURE ((int_fast16_t)PSA_ERROR_HARDWARE_FAILURE)

#define KEYSTORE_PSA_STATUS_INSUFFICIENT_ENTROPY ((int_fast16_t)PSA_ERROR_INSUFFICIENT_ENTROPY)

#define KEYSTORE_PSA_STATUS_CORRUPTION_DETECTED ((int_fast16_t)PSA_ERROR_CORRUPTION_DETECTED)

#define KEYSTORE_PSA_STATUS_RESOURCE_UNAVAILABLE ((int_fast16_t)-250)

typedef psa_key_type_t KeyStore_PSA_KeyType;

#define KEYSTORE_PSA_KEY_TYPE_RAW_DATA ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_RAW_DATA)

#define KEYSTORE_PSA_KEY_TYPE_HMAC ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_HMAC)

#define KEYSTORE_PSA_KEY_TYPE_DERIVE ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_DERIVE)

#define KEYSTORE_PSA_KEY_TYPE_AES ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_AES)

#define KEYSTORE_PSA_KEY_TYPE_DES ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_DES)

#define KEYSTORE_PSA_KEY_TYPE_CAMELLIA ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_CAMELLIA)

#define KEYSTORE_PSA_KEY_TYPE_ARC4 ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_ARC4)

#define KEYSTORE_PSA_KEY_TYPE_CHACHA20 ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_CHACHA20)

#define KEYSTORE_PSA_KEY_TYPE_RSA_PUBLIC_KEY ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_RSA_PUBLIC_KEY)

#define KEYSTORE_PSA_KEY_TYPE_RSA_KEY_PAIR   ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_RSA_KEY_PAIR)

#define PSA_KEY_TYPE_IS_RSA(type)            (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)

#define KEYSTORE_PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
#define KEYSTORE_PSA_KEY_TYPE_ECC_KEY_PAIR_BASE   ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_ECC_KEY_PAIR_BASE)

#define KEYSTORE_PSA_KEY_TYPE_PASSWORD ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_PASSWORD)

#define KEYSTORE_PSA_KEY_TYPE_PASSWORD_HASH ((KeyStore_PSA_KeyType)PSA_KEY_TYPE_PASSWORD_HASH)

typedef psa_algorithm_t KeyStore_PSA_Algorithm;

#define KEYSTORE_PSA_ALG_SHA_224     ((KeyStore_PSA_Algorithm)PSA_ALG_SHA_224)

#define KEYSTORE_PSA_ALG_SHA_256     ((KeyStore_PSA_Algorithm)PSA_ALG_SHA_256)

#define KEYSTORE_PSA_ALG_SHA_384     ((KeyStore_PSA_Algorithm)PSA_ALG_SHA_384)

#define KEYSTORE_PSA_ALG_SHA_512     ((KeyStore_PSA_Algorithm)PSA_ALG_SHA_512)

#define KEYSTORE_PSA_ALG_SHA_512_224 ((KeyStore_PSA_Algorithm)PSA_ALG_SHA_512_224)

#define KEYSTORE_PSA_ALG_SHA_512_256 ((KeyStore_PSA_Algorithm)PSA_ALG_SHA_512_256)

#define KEYSTORE_PSA_ALG_HMAC(hash_alg) ((KeyStore_PSA_Algorithm)(PSA_ALG_HMAC(hash_alg)))

#define KEYSTORE_PSA_ALG_CBC_MAC ((KeyStore_PSA_Algorithm)PSA_ALG_CBC_MAC)

#define KEYSTORE_PSA_ALG_CMAC    ((KeyStore_PSA_Algorithm)PSA_ALG_CMAC)

#define KEYSTORE_PSA_ALG_CTR ((KeyStore_PSA_Algorithm)PSA_ALG_CTR)

#define KEYSTORE_PSA_ALG_ECB_NO_PADDING ((KeyStore_PSA_Algorithm)PSA_ALG_ECB_NO_PADDING)

#define KEYSTORE_PSA_ALG_CBC_NO_PADDING ((KeyStore_PSA_Algorithm)PSA_ALG_CBC_NO_PADDING)

#define KEYSTORE_PSA_ALG_CCM ((KeyStore_PSA_Algorithm)PSA_ALG_CCM)

#define KEYSTORE_PSA_ALG_GCM ((KeyStore_PSA_Algorithm)PSA_ALG_GCM)

#define KEYSTORE_PSA_ALG_CHACHA20_POLY1305 ((KeyStore_PSA_Algorithm)PSA_ALG_CHACHA20_POLY1305)

#define KEYSTORE_PSA_ALG_ECDH ((KeyStore_PSA_Algorithm)PSA_ALG_ECDH)

#define KEYSTORE_PSA_ALG_ECDSA ((KeyStore_PSA_Algorithm)PSA_ALG_ECDSA_ANY)

#define KEYSTORE_PSA_ALG_PAKE ((KeyStore_PSA_Algorithm)PSA_ALG_JPAKE)

#define KEYSTORE_PSA_ALG_PURE_EDDSA ((KeyStore_PSA_Algorithm)PSA_ALG_PURE_EDDSA)

/* The encoding of curve identifiers is currently aligned with the
 * TLS Supported Groups Registry (formerly known as the
 * TLS EC Named Curve Registry)
 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
 * The values are defined by RFC 8422 and RFC 7027. */
#define KEYSTORE_PSA_ECC_CURVE_SECT163K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECT163R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECT163R2    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R2)
#define KEYSTORE_PSA_ECC_CURVE_SECT193R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECT193R2    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R2)
#define KEYSTORE_PSA_ECC_CURVE_SECT233K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECT233R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECT239K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECT283K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECT283R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECT409K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECT409R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECT571K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECT571R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECP160K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECP160R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECP160R2    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R2)
#define KEYSTORE_PSA_ECC_CURVE_SECP192K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECP192R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECP224K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECP224R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECP256K1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_K1)
#define KEYSTORE_PSA_ECC_CURVE_SECP256R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECP384R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_PSA_ECC_CURVE_SECP521R1    ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_SECP_R1)
#define KEYSTORE_ECC_CURVE_BRAINPOOL_P256R1 ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_BRAINPOOL_P_R1)
#define KEYSTORE_ECC_CURVE_BRAINPOOL_P384R1 ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_BRAINPOOL_P_R1)
#define KEYSTORE_ECC_CURVE_BRAINPOOL_P512R1 ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_BRAINPOOL_P_R1)

#define KEYSTORE_PSA_ECC_CURVE_ED25519      ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_TWISTED_EDWARDS)

#define KEYSTORE_PSA_ECC_CURVE_CURVE25519   ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_MONTGOMERY)

#define KEYSTORE_PSA_ECC_CURVE_CURVE448     ((KeyStore_PSA_KeyType)PSA_ECC_FAMILY_MONTGOMERY)

#define KEYSTORE_PSA_ECC_CURVE_VENDOR_MIN ((KeyStore_PSA_KeyType)PSA_ECC_CURVE_VENDOR_MIN)

#define KEYSTORE_PSA_ECC_CURVE_VENDOR_MAX ((KeyStore_PSA_KeyType)PSA_ECC_CURVE_VENDOR_MAX)

#if (TFM_ENABLED == 0) || defined(TFM_BUILD) /* TFM_BUILD indicates this is a TF-M build */
    #define KEYSTORE_PSA_MIN_VOLATILE_KEY_ID PSA_KEY_ID_VOLATILE_MIN
    #define KEYSTORE_PSA_MAX_VOLATILE_KEY_ID PSA_KEY_ID_VOLATILE_MAX
#else
    /* PSA_KEY_SLOT_COUNT is not available in TF-M's crypto.h so we must
     * hardcode it to match the value in Mbed TLS's header.
     */
    #define KEYSTORE_PSA_MIN_VOLATILE_KEY_ID (PSA_KEY_ID_VENDOR_MAX - MBEDTLS_PSA_KEY_SLOT_COUNT + 1)
    #define KEYSTORE_PSA_MAX_VOLATILE_KEY_ID PSA_KEY_ID_VENDOR_MAX
#endif

/* Macro to obtain size of struct member */
#define MEMBER_SIZE(type, member) sizeof(((type *)0)->member)

#define KEYSTORE_PSA_KEY_LIFETIME_VOLATILE ((KeyStore_PSA_KeyLifetime)PSA_KEY_LIFETIME_VOLATILE)

#define KEYSTORE_PSA_KEY_LIFETIME_PERSISTENT ((KeyStore_PSA_KeyLifetime)PSA_KEY_LIFETIME_PERSISTENT)

#define KEYSTORE_PSA_KEY_PERSISTENCE_VOLATILE ((KeyStore_PSA_KeyPersistence)PSA_KEY_PERSISTENCE_VOLATILE)

#define KEYSTORE_PSA_KEY_PERSISTENCE_DEFAULT ((KeyStore_PSA_KeyPersistence)PSA_KEY_PERSISTENCE_DEFAULT)

#define KEYSTORE_PSA_KEY_PERSISTENCE_HSM_ASSET_STORE ((KeyStore_PSA_KeyPersistence)0x80U)

#define KEYSTORE_PSA_KEY_PERSISTENCE_READ_ONLY ((KeyStore_PSA_KeyPersistence)PSA_KEY_PERSISTENCE_READ_ONLY)

/* clang-format off */
#define KEYSTORE_PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) ((KeyStore_PSA_KeyPersistence)((lifetime) & 0x000000ff))
/* clang-format on */

#define KEYSTORE_PSA_KEY_LIFETIME_GET_LOCATION(lifetime) ((KeyStore_PSA_KeyLocation)((lifetime) >> 8))

#define KEYSTORE_PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) \
    (KEYSTORE_PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == KEYSTORE_PSA_KEY_PERSISTENCE_VOLATILE)

#define KEYSTORE_PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
    (KEYSTORE_PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == KEYSTORE_PSA_KEY_PERSISTENCE_READ_ONLY)

#define KEYSTORE_PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) \
    (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location))

#define KEYSTORE_PSA_KEY_LOCATION_LOCAL_STORAGE ((KeyStore_PSA_KeyLocation)PSA_KEY_LOCATION_LOCAL_STORAGE)

#define KEYSTORE_PSA_KEY_LOCATION_HSM_ASSET_STORE ((KeyStore_PSA_KeyLocation)0x000001U)

#define KEYSTORE_PSA_KEY_ID_NULL ((KeyStore_PSA_keyID)0x0)

#define KEYSTORE_PSA_KEY_ID_USER_MAX ((KeyStore_PSA_keyID)PSA_KEY_ID_USER_MAX)

#define KEYSTORE_PSA_KEY_ID_USER_MIN ((KeyStore_PSA_keyID)PSA_KEY_ID_USER_MIN)

#define KEYSTORE_PSA_KEY_ID_USER_MAX ((KeyStore_PSA_keyID)PSA_KEY_ID_USER_MAX)

#define KEYSTORE_PSA_KEY_ID_VENDOR_MIN ((KeyStore_PSA_keyID)PSA_KEY_ID_VENDOR_MIN)

#define KEYSTORE_PSA_KEY_ID_VENDOR_MAX ((KeyStore_PSA_keyID)PSA_KEY_ID_VENDOR_MAX)

#define KEYSTORE_PSA_DEFAULT_OWNER MBEDTLS_PSA_CRYPTO_KEY_ID_DEFAULT_OWNER

#define KEYSTORE_PSA_KEY_USAGE_EXPORT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_EXPORT)

#define KEYSTORE_PSA_KEY_USAGE_COPY ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_COPY)

#define KEYSTORE_PSA_KEY_USAGE_ENCRYPT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_ENCRYPT)

#define KEYSTORE_PSA_KEY_USAGE_DECRYPT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_DECRYPT)

#define KEYSTORE_PSA_KEY_USAGE_SIGN_MESSAGE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_SIGN_MESSAGE)

#define KEYSTORE_PSA_KEY_USAGE_VERIFY_MESSAGE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_VERIFY_MESSAGE)

#define KEYSTORE_PSA_KEY_USAGE_SIGN_HASH ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_SIGN_HASH)

#define KEYSTORE_PSA_KEY_USAGE_VERIFY_HASH ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_VERIFY_HASH)

#define KEYSTORE_PSA_KEY_USAGE_DERIVE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_DERIVE)

typedef psa_key_attributes_t KeyStore_PSA_KeyAttributes;
#if (TFM_ENABLED == 0) || defined(TFM_BUILD) /* TFM_BUILD indicates this is a TF-M build */

    #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
/* Building for the PSA Crypto service on a PSA platform. */
/* A key owner is a PSA partition identifier. */
typedef mbedtls_key_owner_id_t KeyStore_PSA_key_owner_id_t;

typedef psa_key_id_t KeyStore_PSA_keyID;
    #endif /* defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) */

typedef mbedtls_svc_key_id_t KeyStore_PSA_KeyFileId;

    #define KEYSTORE_PSA_KEY_ATTRIBUTES_INIT PSA_KEY_ATTRIBUTES_INIT

    #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
        #define GET_KEY_ID(keyID, ID)           \
            keyID.MBEDTLS_PRIVATE(key_id) = ID; \
            keyID.MBEDTLS_PRIVATE(owner)  = KEYSTORE_PSA_DEFAULT_OWNER;

        #define SET_KEY_ID(ID, keyID) ID = keyID.MBEDTLS_PRIVATE(key_id)
    #else
        #define GET_KEY_ID(keyID, ID) keyID = ID

        #define SET_KEY_ID(ID, keyID) ID = keyID
    #endif /* defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) */

#else

typedef psa_key_id_t KeyStore_PSA_keyID;

typedef mbedtls_svc_key_id_t KeyStore_PSA_KeyFileId;

    #define GET_KEY_ID(keyID, ID) keyID = ID
    #define SET_KEY_ID(ID, keyID) ID = keyID

    #define KEYSTORE_PSA_KEY_ATTRIBUTES_INIT PSA_CLIENT_KEY_ATTRIBUTES_INIT
#endif /* #if (TFM_ENABLED == 0) || defined(TFM_BUILD) */

#define KEYSTORE_PSA_PREPROVISIONED_AREA_ADDR 0x0000

#define KEYSTORE_PSA_PREPROVISIONED_AREA_SIZE (0x700) /* 1792 B */

#define KEYSTORE_PSA_PREPROVISIONED_KEYS_EMPTY 0xFFFF

#define KEYSTORE_PSA_PRE_PROVISIONED_KEY_MAGIC_HEADER        "HUK\0KEY"
#define KEYSTORE_PSA_PRE_PROVISIONED_KEYS_END                0
#define KEYSTORE_PSA_PRE_PROVISIONED_KEY_MAGIC_HEADER_LENGTH (sizeof(KEYSTORE_PSA_PRE_PROVISIONED_KEY_MAGIC_HEADER))
#define KEYSTORE_PSA_PRE_PROVISIONED_KEYS_END_LENGTH         (sizeof(KEYSTORE_PSA_PRE_PROVISIONED_KEYS_END))
#define KEYSTORE_PSA_MAX_PREPROVISIONED_KEYS                 0x10

#define KEYSTORE_PSA_PRE_PROVISIONED_KEY_VALID_LIFETIME   0xAAAA
#define KEYSTORE_PSA_PRE_PROVISIONED_KEY_INVALID_LIFETIME 0x8888

#define KEYSTORE_PSA_PRE_PROVISIONED_KEY_ID_MAX MBEDTLS_PSA_KEY_ID_BUILTIN_MAX
#define KEYSTORE_PSA_PRE_PROVISIONED_KEY_ID_MIN MBEDTLS_PSA_KEY_ID_BUILTIN_MIN

void KeyStore_PSA_setKeyId(KeyStore_PSA_KeyAttributes *attributes, KeyStore_PSA_KeyFileId key);

void KeyStore_PSA_setKeyLifetime(KeyStore_PSA_KeyAttributes *attributes, KeyStore_PSA_KeyLifetime lifetime);

KeyStore_PSA_KeyFileId KeyStore_PSA_getKeyId(KeyStore_PSA_KeyAttributes *attributes);

KeyStore_PSA_KeyLifetime KeyStore_PSA_getKeyLifetime(KeyStore_PSA_KeyAttributes *attributes);

void KeyStore_PSA_setKeyUsageFlags(KeyStore_PSA_KeyAttributes *attributes, KeyStore_PSA_KeyUsage usageFlags);

KeyStore_PSA_KeyUsage KeyStore_PSA_getKeyUsageFlags(KeyStore_PSA_KeyAttributes *attributes);

void KeyStore_PSA_setKeyAlgorithm(KeyStore_PSA_KeyAttributes *attributes, KeyStore_PSA_Algorithm alg);

KeyStore_PSA_Algorithm KeyStore_PSA_getKeyAlgorithm(KeyStore_PSA_KeyAttributes *attributes);

void KeyStore_PSA_setKeyType(KeyStore_PSA_KeyAttributes *attributes, KeyStore_PSA_KeyType type);

void KeyStore_PSA_setKeyBits(KeyStore_PSA_KeyAttributes *attributes, size_t bits);

KeyStore_PSA_KeyType KeyStore_PSA_getKeyType(KeyStore_PSA_KeyAttributes *attributes);

size_t KeyStore_PSA_getKeyBits(KeyStore_PSA_KeyAttributes *attributes);

void KeyStore_PSA_resetKeyAttributes(KeyStore_PSA_KeyAttributes *attributes);

int_fast16_t KeyStore_PSA_exportPublicKey(KeyStore_PSA_KeyFileId key,
                                          uint8_t *data,
                                          size_t dataSize,
                                          size_t *dataLength);

int_fast16_t KeyStore_PSA_exportKey(KeyStore_PSA_KeyFileId key, uint8_t *data, size_t dataSize, size_t *dataLength);

int_fast16_t KeyStore_PSA_importKey(KeyStore_PSA_KeyAttributes *attributes,
                                    uint8_t *data,
                                    size_t dataLength,
                                    KeyStore_PSA_KeyFileId *key);

int_fast16_t KeyStore_PSA_getKeyAttributes(KeyStore_PSA_KeyFileId key, KeyStore_PSA_KeyAttributes *attributes);

int_fast16_t KeyStore_PSA_purgeKey(KeyStore_PSA_KeyFileId key);

int_fast16_t KeyStore_PSA_destroyKey(KeyStore_PSA_KeyFileId key);

#if ((DeviceFamily_PARENT == DeviceFamily_PARENT_CC27XX) || (DeviceFamily_PARENT == DeviceFamily_PARENT_CC35XX))

int_fast16_t KeyStore_PSA_copyKey(KeyStore_PSA_KeyFileId source_key,
                                  KeyStore_PSA_KeyAttributes *attributes,
                                  KeyStore_PSA_KeyFileId *target_key);

#endif /* #if ((DeviceFamily_PARENT == DeviceFamily_PARENT_CC27XX) || (DeviceFamily_PARENT == \
          DeviceFamily_PARENT_CC35XX)) */
#ifdef __cplusplus
}
#endif

#endif /* ti_drivers_KeyStore_PSA__include */