Allow the use of PSA Crypto in TLS client example

Hanno Becker · Hanno Becker · commit 6b1f3c36b30c · 2019-01-22T13:12:47.000Z
diff --git a/tls-client/main.cpp b/tls-client/main.cpp
@@ -35,6 +35,9 @@
 #include "mbed.h"
 
 #include "mbedtls/platform.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #include "HelloHttpsClient.h"
 
@@ -52,6 +55,24 @@ int main()
 {
     int exit_code = MBEDTLS_EXIT_FAILURE;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    /*
+     * Initialize underlying PSA Crypto implementation.
+     * Even if the HTTPS client doesn't make use of
+     * PSA-specific API, for example for setting opaque PSKs
+     * or opaque private keys, Mbed TLS will use PSA
+     * for public and symmetric key operations as well as
+     * hashing.
+     */
+    psa_status_t status;
+    status = psa_crypto_init();
+    if( status != PSA_SUCCESS )
+    {
+        printf("psa_crypto_init() failed with %d\r\n", status );
+        return MBEDTLS_EXIT_FAILURE;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     if((exit_code = mbedtls_platform_setup(NULL)) != 0) {
         printf("Platform initialization failed with error %d\r\n", exit_code);
         return MBEDTLS_EXIT_FAILURE;
diff --git a/tls-client/mbedtls_entropy_config.h b/tls-client/mbedtls_entropy_config.h
@@ -36,4 +36,14 @@
 #undef MBEDTLS_MPI_MAX_SIZE
 #define MBEDTLS_MPI_MAX_SIZE        256
 
+/* This macro determines whether Mbed TLS uses its own legacy crypto library
+ * or an implementation of the PSA Crypto API such as Mbed Crypto.
+ *
+ * To confirm the use of PSA Crypto, you may enable debugging by setting
+ * HELLO_HTTPS_CLIENT_DEBUG_LEVEL in HelloHttpsClient.h and look for
+ * PSA-related debugging output on the serial line.
+ *
+ * Uncomment this to use the PSA Crypto API. */
+//#define MBEDTLS_USE_PSA_CRYPTO
+
 #define MBEDTLS_MPI_WINDOW_SIZE     1
