From e76ddf1050db1d75474046d6b421337572fa0718 Mon Sep 17 00:00:00 2001
From: Joakim Andersson <joakim.andersson@nordicsemi.no>
Date: Tue, 28 Nov 2023 11:29:23 +0100
Subject: [PATCH] [crypto] remove PSA mbedtls hybrid setup of PBKDF2 function
 (#9655)

Remove PSA mbedtls hybrid setup of the PBKDF2 function.
With Mbed TLS 3.5.0 release this function is now supported by PSA
implementation.
---
 src/core/crypto/crypto_platform.cpp | 124 ++++++++++++++++------------
 1 file changed, 72 insertions(+), 52 deletions(-)

diff --git a/src/core/crypto/crypto_platform.cpp b/src/core/crypto/crypto_platform.cpp
index 0e8126e5be5..4865b08f1a5 100644
--- a/src/core/crypto/crypto_platform.cpp
+++ b/src/core/crypto/crypto_platform.cpp
@@ -662,58 +662,6 @@ OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *a
 
 #endif // #if !OPENTHREAD_RADIO
 
-#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA
-
-#if !OPENTHREAD_RADIO
-#if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                                   otPlatCryptoEcdsaPublicKey     *aPublicKey)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aPublicKey);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair,
-                                           const otPlatCryptoSha256Hash   *aHash,
-                                           otPlatCryptoEcdsaSignature     *aSignature)
-{
-    OT_UNUSED_VARIABLE(aKeyPair);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-
-OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey,
-                                             const otPlatCryptoSha256Hash     *aHash,
-                                             const otPlatCryptoEcdsaSignature *aSignature)
-
-{
-    OT_UNUSED_VARIABLE(aPublicKey);
-    OT_UNUSED_VARIABLE(aHash);
-    OT_UNUSED_VARIABLE(aSignature);
-
-    return OT_ERROR_NOT_CAPABLE;
-}
-#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE
-
-#endif // #if !OPENTHREAD_RADIO
-
-#endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS
-
-//---------------------------------------------------------------------------------------------------------------------
-// APIs to be used in "hybrid" mode by every OPENTHREAD_CONFIG_CRYPTO_LIB variant until full PSA support is ready
-
 #if OPENTHREAD_FTD
 
 OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
@@ -801,3 +749,75 @@ OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
 }
 
 #endif // #if OPENTHREAD_FTD
+
+#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA
+
+#if !OPENTHREAD_RADIO
+#if OPENTHREAD_CONFIG_ECDSA_ENABLE
+
+OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair)
+{
+    OT_UNUSED_VARIABLE(aKeyPair);
+
+    return OT_ERROR_NOT_CAPABLE;
+}
+
+OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair,
+                                                   otPlatCryptoEcdsaPublicKey     *aPublicKey)
+{
+    OT_UNUSED_VARIABLE(aKeyPair);
+    OT_UNUSED_VARIABLE(aPublicKey);
+
+    return OT_ERROR_NOT_CAPABLE;
+}
+
+OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair,
+                                           const otPlatCryptoSha256Hash   *aHash,
+                                           otPlatCryptoEcdsaSignature     *aSignature)
+{
+    OT_UNUSED_VARIABLE(aKeyPair);
+    OT_UNUSED_VARIABLE(aHash);
+    OT_UNUSED_VARIABLE(aSignature);
+
+    return OT_ERROR_NOT_CAPABLE;
+}
+
+OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey,
+                                             const otPlatCryptoSha256Hash     *aHash,
+                                             const otPlatCryptoEcdsaSignature *aSignature)
+
+{
+    OT_UNUSED_VARIABLE(aPublicKey);
+    OT_UNUSED_VARIABLE(aHash);
+    OT_UNUSED_VARIABLE(aSignature);
+
+    return OT_ERROR_NOT_CAPABLE;
+}
+#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE
+
+#endif // #if !OPENTHREAD_RADIO
+
+#if OPENTHREAD_FTD
+
+OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
+                                                   uint16_t       aPasswordLen,
+                                                   const uint8_t *aSalt,
+                                                   uint16_t       aSaltLen,
+                                                   uint32_t       aIterationCounter,
+                                                   uint16_t       aKeyLen,
+                                                   uint8_t       *aKey)
+{
+    OT_UNUSED_VARIABLE(aPassword);
+    OT_UNUSED_VARIABLE(aPasswordLen);
+    OT_UNUSED_VARIABLE(aSalt);
+    OT_UNUSED_VARIABLE(aSaltLen);
+    OT_UNUSED_VARIABLE(aIterationCounter);
+    OT_UNUSED_VARIABLE(aKeyLen);
+    OT_UNUSED_VARIABLE(aKey);
+
+    return OT_ERROR_NOT_CAPABLE;
+}
+
+#endif // #if OPENTHREAD_FTD
+
+#endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS