new file mode 100644
@@ -0,0 +1,413 @@
+From ca7d37502f9453125aead14c7ee5181336cbe8f4 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 00:22:40 +0000
+Subject: [PATCH 1/3] TF-Mv1.7 alignment: Align PSA Crypto SIDs
+
+This patch is to change the PSA Crypto SIDs to match the values of the
+PSA Crypto SID definitions in TF-M v1.7 running on the secure enclave
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ .../service/common/include/psa/crypto_sid.h | 241 ++++++++++++++++++
+ components/service/common/include/psa/sid.h | 78 +-----
+ .../caller/psa_ipc/crypto_caller_sign_hash.h | 4 +-
+ .../psa_ipc/crypto_caller_verify_hash.h | 4 +-
+ 4 files changed, 249 insertions(+), 78 deletions(-)
+ create mode 100644 components/service/common/include/psa/crypto_sid.h
+
+diff --git a/components/service/common/include/psa/crypto_sid.h b/components/service/common/include/psa/crypto_sid.h
+new file mode 100644
+index 00000000..5b05f46d
+--- /dev/null
++++ b/components/service/common/include/psa/crypto_sid.h
+@@ -0,0 +1,241 @@
++/*
++ * Copyright (c) 2023, Arm Limited. All rights reserved.
++ *
++ * SPDX-License-Identifier: BSD-3-Clause
++ *
++ */
++
++#ifndef __PSA_CRYPTO_SID_H__
++#define __PSA_CRYPTO_SID_H__
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++#include <stdint.h>
++
++/**
++ * \brief Type associated to the group of a function encoding. There can be
++ * nine groups (Random, Key management, Hash, MAC, Cipher, AEAD,
++ * Asym sign, Asym encrypt, Key derivation).
++ */
++enum tfm_crypto_group_id {
++ TFM_CRYPTO_GROUP_ID_RANDOM = 0x0,
++ TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT,
++ TFM_CRYPTO_GROUP_ID_HASH,
++ TFM_CRYPTO_GROUP_ID_MAC,
++ TFM_CRYPTO_GROUP_ID_CIPHER,
++ TFM_CRYPTO_GROUP_ID_AEAD,
++ TFM_CRYPTO_GROUP_ID_ASYM_SIGN,
++ TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT,
++ TFM_CRYPTO_GROUP_ID_KEY_DERIVATION,
++};
++
++/* X macro describing each of the available PSA Crypto APIs */
++#define KEY_MANAGEMENT_FUNCS \
++ X(TFM_CRYPTO_GET_KEY_ATTRIBUTES) \
++ X(TFM_CRYPTO_RESET_KEY_ATTRIBUTES) \
++ X(TFM_CRYPTO_OPEN_KEY) \
++ X(TFM_CRYPTO_CLOSE_KEY) \
++ X(TFM_CRYPTO_IMPORT_KEY) \
++ X(TFM_CRYPTO_DESTROY_KEY) \
++ X(TFM_CRYPTO_EXPORT_KEY) \
++ X(TFM_CRYPTO_EXPORT_PUBLIC_KEY) \
++ X(TFM_CRYPTO_PURGE_KEY) \
++ X(TFM_CRYPTO_COPY_KEY) \
++ X(TFM_CRYPTO_GENERATE_KEY)
++
++#define HASH_FUNCS \
++ X(TFM_CRYPTO_HASH_COMPUTE) \
++ X(TFM_CRYPTO_HASH_COMPARE) \
++ X(TFM_CRYPTO_HASH_SETUP) \
++ X(TFM_CRYPTO_HASH_UPDATE) \
++ X(TFM_CRYPTO_HASH_CLONE) \
++ X(TFM_CRYPTO_HASH_FINISH) \
++ X(TFM_CRYPTO_HASH_VERIFY) \
++ X(TFM_CRYPTO_HASH_ABORT)
++
++#define MAC_FUNCS \
++ X(TFM_CRYPTO_MAC_COMPUTE) \
++ X(TFM_CRYPTO_MAC_VERIFY) \
++ X(TFM_CRYPTO_MAC_SIGN_SETUP) \
++ X(TFM_CRYPTO_MAC_VERIFY_SETUP) \
++ X(TFM_CRYPTO_MAC_UPDATE) \
++ X(TFM_CRYPTO_MAC_SIGN_FINISH) \
++ X(TFM_CRYPTO_MAC_VERIFY_FINISH) \
++ X(TFM_CRYPTO_MAC_ABORT)
++
++#define CIPHER_FUNCS \
++ X(TFM_CRYPTO_CIPHER_ENCRYPT) \
++ X(TFM_CRYPTO_CIPHER_DECRYPT) \
++ X(TFM_CRYPTO_CIPHER_ENCRYPT_SETUP) \
++ X(TFM_CRYPTO_CIPHER_DECRYPT_SETUP) \
++ X(TFM_CRYPTO_CIPHER_GENERATE_IV) \
++ X(TFM_CRYPTO_CIPHER_SET_IV) \
++ X(TFM_CRYPTO_CIPHER_UPDATE) \
++ X(TFM_CRYPTO_CIPHER_FINISH) \
++ X(TFM_CRYPTO_CIPHER_ABORT)
++
++#define AEAD_FUNCS \
++ X(TFM_CRYPTO_AEAD_ENCRYPT) \
++ X(TFM_CRYPTO_AEAD_DECRYPT) \
++ X(TFM_CRYPTO_AEAD_ENCRYPT_SETUP) \
++ X(TFM_CRYPTO_AEAD_DECRYPT_SETUP) \
++ X(TFM_CRYPTO_AEAD_GENERATE_NONCE) \
++ X(TFM_CRYPTO_AEAD_SET_NONCE) \
++ X(TFM_CRYPTO_AEAD_SET_LENGTHS) \
++ X(TFM_CRYPTO_AEAD_UPDATE_AD) \
++ X(TFM_CRYPTO_AEAD_UPDATE) \
++ X(TFM_CRYPTO_AEAD_FINISH) \
++ X(TFM_CRYPTO_AEAD_VERIFY) \
++ X(TFM_CRYPTO_AEAD_ABORT)
++
++#define ASYMMETRIC_SIGN_FUNCS \
++ X(TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE) \
++ X(TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE) \
++ X(TFM_CRYPTO_ASYMMETRIC_SIGN_HASH) \
++ X(TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH)
++
++#define AYSMMETRIC_ENCRYPT_FUNCS \
++ X(TFM_CRYPTO_ASYMMETRIC_ENCRYPT) \
++ X(TFM_CRYPTO_ASYMMETRIC_DECRYPT)
++
++#define KEY_DERIVATION_FUNCS \
++ X(TFM_CRYPTO_RAW_KEY_AGREEMENT) \
++ X(TFM_CRYPTO_KEY_DERIVATION_SETUP) \
++ X(TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES) \
++ X(TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT) \
++ X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES) \
++ X(TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY) \
++ X(TFM_CRYPTO_KEY_DERIVATION_ABORT)
++
++#define RANDOM_FUNCS \
++ X(TFM_CRYPTO_GENERATE_RANDOM)
++
++/*
++ * Define function IDs in each group. The function ID will be encoded into
++ * tfm_crypto_func_sid below.
++ * Each group is defined as a dedicated enum in case the total number of
++ * PSA Crypto APIs exceeds 256.
++ */
++#define X(func_id) func_id,
++enum tfm_crypto_key_management_func_id {
++ KEY_MANAGEMENT_FUNCS
++};
++enum tfm_crypto_hash_func_id {
++ HASH_FUNCS
++};
++enum tfm_crypto_mac_func_id {
++ MAC_FUNCS
++};
++enum tfm_crypto_cipher_func_id {
++ CIPHER_FUNCS
++};
++enum tfm_crypto_aead_func_id {
++ AEAD_FUNCS
++};
++enum tfm_crypto_asym_sign_func_id {
++ ASYMMETRIC_SIGN_FUNCS
++};
++enum tfm_crypto_asym_encrypt_func_id {
++ AYSMMETRIC_ENCRYPT_FUNCS
++};
++enum tfm_crypto_key_derivation_func_id {
++ KEY_DERIVATION_FUNCS
++};
++enum tfm_crypto_random_func_id {
++ RANDOM_FUNCS
++};
++#undef X
++
++#define FUNC_ID(func_id) (((func_id) & 0xFF) << 8)
++
++/*
++ * Numerical progressive value identifying a function API exposed through
++ * the interfaces (S or NS). It's used to dispatch the requests from S/NS
++ * to the corresponding API implementation in the Crypto service backend.
++ *
++ * Each function SID is encoded as uint16_t.
++ * | Func ID | Group ID |
++ * 15 8 7 0
++ * Func ID is defined in each group func_id enum above
++ * Group ID is defined in tfm_crypto_group_id.
++ */
++enum tfm_crypto_func_sid {
++
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_KEY_MANAGEMENT & 0xFF)),
++
++ KEY_MANAGEMENT_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_HASH & 0xFF)),
++ HASH_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_MAC & 0xFF)),
++ MAC_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_CIPHER & 0xFF)),
++ CIPHER_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_AEAD & 0xFF)),
++ AEAD_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_ASYM_SIGN & 0xFF)),
++ ASYMMETRIC_SIGN_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_ASYM_ENCRYPT & 0xFF)),
++ AYSMMETRIC_ENCRYPT_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_KEY_DERIVATION & 0xFF)),
++ KEY_DERIVATION_FUNCS
++
++#undef X
++#define X(func_id) func_id ## _SID = (uint16_t)((FUNC_ID(func_id)) | \
++ (TFM_CRYPTO_GROUP_ID_RANDOM & 0xFF)),
++ RANDOM_FUNCS
++
++};
++#undef X
++
++/**
++ * \brief Define an invalid value for an SID
++ *
++ */
++#define TFM_CRYPTO_SID_INVALID (~0x0u)
++
++/**
++ * \brief This value is used to mark an handle as invalid.
++ *
++ */
++#define TFM_CRYPTO_INVALID_HANDLE (0x0u)
++
++/**
++ * \brief Define miscellaneous literal constants that are used in the service
++ *
++ */
++enum {
++ TFM_CRYPTO_NOT_IN_USE = 0,
++ TFM_CRYPTO_IN_USE = 1
++};
++
++#ifdef __cplusplus
++}
++#endif
++
++#endif /* __PSA_CRYPTO_SID_H__ */
+diff --git a/components/service/common/include/psa/sid.h b/components/service/common/include/psa/sid.h
+index 8103a9af..50ad070e 100644
+--- a/components/service/common/include/psa/sid.h
++++ b/components/service/common/include/psa/sid.h
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
++ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+@@ -12,6 +12,9 @@
+ extern "C" {
+ #endif
+
++/******** PSA Crypto SIDs ********/
++#include "crypto_sid.h"
++
+ /******** TFM_SP_PS ********/
+ #define TFM_PROTECTED_STORAGE_SERVICE_SID (0x00000060U)
+ #define TFM_PROTECTED_STORAGE_SERVICE_VERSION (1U)
+@@ -43,79 +46,6 @@ extern "C" {
+ #define TFM_PLATFORM_SERVICE_HANDLE (0x40000105U)
+
+
+-/**
+- * \brief Define a progressive numerical value for each SID which can be used
+- * when dispatching the requests to the service
+- */
+-enum {
+- TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID = (0u),
+- TFM_CRYPTO_RESET_KEY_ATTRIBUTES_SID,
+- TFM_CRYPTO_OPEN_KEY_SID,
+- TFM_CRYPTO_CLOSE_KEY_SID,
+- TFM_CRYPTO_IMPORT_KEY_SID,
+- TFM_CRYPTO_DESTROY_KEY_SID,
+- TFM_CRYPTO_EXPORT_KEY_SID,
+- TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
+- TFM_CRYPTO_PURGE_KEY_SID,
+- TFM_CRYPTO_COPY_KEY_SID,
+- TFM_CRYPTO_HASH_COMPUTE_SID,
+- TFM_CRYPTO_HASH_COMPARE_SID,
+- TFM_CRYPTO_HASH_SETUP_SID,
+- TFM_CRYPTO_HASH_UPDATE_SID,
+- TFM_CRYPTO_HASH_FINISH_SID,
+- TFM_CRYPTO_HASH_VERIFY_SID,
+- TFM_CRYPTO_HASH_ABORT_SID,
+- TFM_CRYPTO_HASH_CLONE_SID,
+- TFM_CRYPTO_MAC_COMPUTE_SID,
+- TFM_CRYPTO_MAC_VERIFY_SID,
+- TFM_CRYPTO_MAC_SIGN_SETUP_SID,
+- TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
+- TFM_CRYPTO_MAC_UPDATE_SID,
+- TFM_CRYPTO_MAC_SIGN_FINISH_SID,
+- TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
+- TFM_CRYPTO_MAC_ABORT_SID,
+- TFM_CRYPTO_CIPHER_ENCRYPT_SID,
+- TFM_CRYPTO_CIPHER_DECRYPT_SID,
+- TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
+- TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
+- TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
+- TFM_CRYPTO_CIPHER_SET_IV_SID,
+- TFM_CRYPTO_CIPHER_UPDATE_SID,
+- TFM_CRYPTO_CIPHER_FINISH_SID,
+- TFM_CRYPTO_CIPHER_ABORT_SID,
+- TFM_CRYPTO_AEAD_ENCRYPT_SID,
+- TFM_CRYPTO_AEAD_DECRYPT_SID,
+- TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
+- TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
+- TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
+- TFM_CRYPTO_AEAD_SET_NONCE_SID,
+- TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
+- TFM_CRYPTO_AEAD_UPDATE_AD_SID,
+- TFM_CRYPTO_AEAD_UPDATE_SID,
+- TFM_CRYPTO_AEAD_FINISH_SID,
+- TFM_CRYPTO_AEAD_VERIFY_SID,
+- TFM_CRYPTO_AEAD_ABORT_SID,
+- TFM_CRYPTO_SIGN_MESSAGE_SID,
+- TFM_CRYPTO_VERIFY_MESSAGE_SID,
+- TFM_CRYPTO_SIGN_HASH_SID,
+- TFM_CRYPTO_VERIFY_HASH_SID,
+- TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
+- TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
+- TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
+- TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
+- TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
+- TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
+- TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
+- TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
+- TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
+- TFM_CRYPTO_GENERATE_RANDOM_SID,
+- TFM_CRYPTO_GENERATE_KEY_SID,
+- TFM_CRYPTO_SID_MAX,
+-};
+-
+ /******** TFM_SP_PLATFORM ********/
+ #define TFM_SP_PLATFORM_SYSTEM_RESET_SID (0x00000040U)
+ #define TFM_SP_PLATFORM_SYSTEM_RESET_VERSION (1U)
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+index e4a2b167..9276748d 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_SIGN_HASH_SID,
++ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+@@ -70,7 +70,7 @@ static inline psa_status_t crypto_caller_sign_message(struct service_client *con
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_SIGN_MESSAGE_SID,
++ .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+index cc9279ee..bcd8e0e4 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+@@ -63,7 +63,7 @@ static inline psa_status_t crypto_caller_verify_hash(struct service_client *cont
+ {
+
+ return crypto_caller_common(context,id,alg,hash,hash_length,
+- signature,signature_length, TFM_CRYPTO_VERIFY_HASH_SID);
++ signature,signature_length, TFM_CRYPTO_ASYMMETRIC_VERIFY_HASH_SID);
+ }
+
+ static inline psa_status_t crypto_caller_verify_message(struct service_client *context,
+@@ -76,7 +76,7 @@ static inline psa_status_t crypto_caller_verify_message(struct service_client *c
+ {
+
+ return crypto_caller_common(context,id,alg,hash,hash_length,
+- signature,signature_length, TFM_CRYPTO_VERIFY_MESSAGE_SID);
++ signature,signature_length, TFM_CRYPTO_ASYMMETRIC_VERIFY_MESSAGE_SID);
+ }
+
+ #ifdef __cplusplus
+--
+2.25.1
+
new file mode 100644
@@ -0,0 +1,655 @@
+From a3e203136e7c552069ae582273e0540a219c105f Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 00:01:06 +0000
+Subject: [PATCH 2/3] TF-Mv1.7 alignment: Align crypto iovec definition
+
+This patch is to align psa_ipc_crypto_pack_iovec with TF-M v1.7
+And propagate changes accross psa_ipc functions
+More accuratly change sfn_id to function_id
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ .../backend/psa_ipc/crypto_ipc_backend.h | 34 +++++++++----------
+ .../caller/psa_ipc/crypto_caller_aead.h | 24 ++++++-------
+ .../crypto_caller_asymmetric_decrypt.h | 2 +-
+ .../crypto_caller_asymmetric_encrypt.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_cipher.h | 14 ++++----
+ .../caller/psa_ipc/crypto_caller_copy_key.h | 2 +-
+ .../psa_ipc/crypto_caller_destroy_key.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_export_key.h | 2 +-
+ .../psa_ipc/crypto_caller_export_public_key.h | 2 +-
+ .../psa_ipc/crypto_caller_generate_key.h | 2 +-
+ .../psa_ipc/crypto_caller_generate_random.h | 2 +-
+ .../crypto_caller_get_key_attributes.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_hash.h | 12 +++----
+ .../caller/psa_ipc/crypto_caller_import_key.h | 2 +-
+ .../psa_ipc/crypto_caller_key_derivation.h | 20 +++++------
+ .../client/caller/psa_ipc/crypto_caller_mac.h | 12 +++----
+ .../caller/psa_ipc/crypto_caller_purge_key.h | 2 +-
+ .../caller/psa_ipc/crypto_caller_sign_hash.h | 4 +--
+ .../psa_ipc/crypto_caller_verify_hash.h | 4 +--
+ 19 files changed, 73 insertions(+), 73 deletions(-)
+
+diff --git a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
+index ec25eaf8..aacd3fcc 100644
+--- a/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
++++ b/components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h
+@@ -28,23 +28,23 @@ struct psa_ipc_crypto_aead_pack_input {
+ };
+
+ struct psa_ipc_crypto_pack_iovec {
+- uint32_t sfn_id; /*!< Secure function ID used to dispatch the
+- * request
+- */
+- uint16_t step; /*!< Key derivation step */
+- psa_key_id_t key_id; /*!< Key id */
+- psa_algorithm_t alg; /*!< Algorithm */
+- uint32_t op_handle; /*!< Frontend context handle associated to a
+- * multipart operation
+- */
+- uint32_t capacity; /*!< Key derivation capacity */
+- uint32_t ad_length; /*!< Additional Data length for multipart AEAD */
+- uint32_t plaintext_length; /*!< Plaintext length for multipart AEAD */
+- struct psa_ipc_crypto_aead_pack_input aead_in; /*!< FixMe: Temporarily used for
+- * AEAD until the API is
+- * restructured
+- */
+-};
++ psa_key_id_t key_id; /*!< Key id */
++ psa_algorithm_t alg; /*!< Algorithm */
++ uint32_t op_handle; /*!< Frontend context handle associated to a
++ * multipart operation
++ */
++ uint32_t capacity; /*!< Key derivation capacity */
++ uint32_t ad_length; /*!< Additional Data length for multipart AEAD */
++ uint32_t plaintext_length; /*!< Plaintext length for multipart AEAD */
++
++ struct psa_ipc_crypto_aead_pack_input aead_in; /*!< Packs AEAD-related inputs */
++
++ uint16_t function_id; /*!< Used to identify the function in the
++ * API dispatcher to the service backend
++ * See tfm_crypto_func_sid for detail
++ */
++ uint16_t step; /*!< Key derivation step */
++}__packed;
+
+ #define iov_size sizeof(struct psa_ipc_crypto_pack_iovec)
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+index f6aadd8b..efdffdf7 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+@@ -44,7 +44,7 @@ static inline psa_status_t crypto_caller_aead_encrypt(
+ size_t in_len;
+ int i;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
++ .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SID,
+ .key_id = key,
+ .alg = alg,
+ .aead_in = { .nonce = {0}, .nonce_length = nonce_length },
+@@ -105,7 +105,7 @@ static inline psa_status_t crypto_caller_aead_decrypt(
+ size_t in_len;
+ int i;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
++ .function_id = TFM_CRYPTO_AEAD_DECRYPT_SID,
+ .key_id = key,
+ .alg = alg,
+ .aead_in = { .nonce = {0}, .nonce_length = nonce_length },
+@@ -156,7 +156,7 @@ static inline psa_status_t crypto_caller_aead_encrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_AEAD_ENCRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = (*op_handle),
+@@ -185,7 +185,7 @@ static inline psa_status_t crypto_caller_aead_decrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_AEAD_DECRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = (*op_handle),
+@@ -214,7 +214,7 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
++ .function_id = TFM_CRYPTO_AEAD_GENERATE_NONCE_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -243,7 +243,7 @@ static inline psa_status_t crypto_caller_aead_set_nonce(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
++ .function_id = TFM_CRYPTO_AEAD_SET_NONCE_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -270,7 +270,7 @@ static inline psa_status_t crypto_caller_aead_set_lengths(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
++ .function_id = TFM_CRYPTO_AEAD_SET_LENGTHS_SID,
+ .ad_length = ad_length,
+ .plaintext_length = plaintext_length,
+ .op_handle = op_handle,
+@@ -299,7 +299,7 @@ static inline psa_status_t crypto_caller_aead_update_ad(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
++ .function_id = TFM_CRYPTO_AEAD_UPDATE_AD_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -339,7 +339,7 @@ static inline psa_status_t crypto_caller_aead_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_UPDATE_SID,
++ .function_id = TFM_CRYPTO_AEAD_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -383,7 +383,7 @@ static inline psa_status_t crypto_caller_aead_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_FINISH_SID,
++ .function_id = TFM_CRYPTO_AEAD_FINISH_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -436,7 +436,7 @@ static inline psa_status_t crypto_caller_aead_verify(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_VERIFY_SID,
++ .function_id = TFM_CRYPTO_AEAD_VERIFY_SID,
+ .op_handle = op_handle,
+ };
+
+@@ -482,7 +482,7 @@ static inline psa_status_t crypto_caller_aead_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_AEAD_ABORT_SID,
++ .function_id = TFM_CRYPTO_AEAD_ABORT_SID,
+ .op_handle = op_handle,
+ };
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
+index ff01815c..c387eb55 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_decrypt.h
+@@ -38,7 +38,7 @@ static inline psa_status_t crypto_caller_asymmetric_decrypt(
+ psa_status_t status;
+ size_t in_len;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_DECRYPT_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
+index 1daf1689..8eb3de45 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_asymmetric_encrypt.h
+@@ -38,7 +38,7 @@ static inline psa_status_t crypto_caller_asymmetric_encrypt(
+ psa_status_t status;
+ size_t in_len;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_ENCRYPT_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+index fbefb28d..20aa46a5 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_cipher_encrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_CIPHER_ENCRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -62,7 +62,7 @@ static inline psa_status_t crypto_caller_cipher_decrypt_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
++ .function_id = TFM_CRYPTO_CIPHER_DECRYPT_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -91,7 +91,7 @@ static inline psa_status_t crypto_caller_cipher_generate_iv(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
++ .function_id = TFM_CRYPTO_CIPHER_GENERATE_IV_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -120,7 +120,7 @@ static inline psa_status_t crypto_caller_cipher_set_iv(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
++ .function_id = TFM_CRYPTO_CIPHER_SET_IV_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -150,7 +150,7 @@ static inline psa_status_t crypto_caller_cipher_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
++ .function_id = TFM_CRYPTO_CIPHER_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -181,7 +181,7 @@ static inline psa_status_t crypto_caller_cipher_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_FINISH_SID,
++ .function_id = TFM_CRYPTO_CIPHER_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -208,7 +208,7 @@ static inline psa_status_t crypto_caller_cipher_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_CIPHER_ABORT_SID,
++ .function_id = TFM_CRYPTO_CIPHER_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
+index 9a988171..48157d7e 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_copy_key.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_copy_key(struct service_client *context
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_COPY_KEY_SID,
++ .function_id = TFM_CRYPTO_COPY_KEY_SID,
+ .key_id = source_key,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
+index d00f4faa..6d0a05e6 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_destroy_key.h
+@@ -31,7 +31,7 @@ static inline psa_status_t crypto_caller_destroy_key(struct service_client *cont
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_DESTROY_KEY_SID,
++ .function_id = TFM_CRYPTO_DESTROY_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
+index 8ac5477f..9a6b7013 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_key.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_export_key(struct service_client *conte
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_EXPORT_KEY_SID,
++ .function_id = TFM_CRYPTO_EXPORT_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
+index b24c47f1..52bdd757 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_export_public_key.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_export_public_key(struct service_client
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
++ .function_id = TFM_CRYPTO_EXPORT_PUBLIC_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
+index 1b66ed40..7ed1673b 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_key.h
+@@ -32,7 +32,7 @@ static inline psa_status_t crypto_caller_generate_key(struct service_client *con
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_GENERATE_KEY_SID,
++ .function_id = TFM_CRYPTO_GENERATE_KEY_SID,
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
+index 7c538237..4fb87aa8 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_generate_random.h
+@@ -32,7 +32,7 @@ static inline psa_status_t crypto_caller_generate_random(struct service_client *
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
++ .function_id = TFM_CRYPTO_GENERATE_RANDOM_SID,
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
+index 22f1d18f..2caa3bd3 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_get_key_attributes.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_get_key_attributes(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
++ .function_id = TFM_CRYPTO_GET_KEY_ATTRIBUTES_SID,
+ .key_id = key,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+index 9f37908a..4fb60d44 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_hash_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_SETUP_SID,
++ .function_id = TFM_CRYPTO_HASH_SETUP_SID,
+ .alg = alg,
+ .op_handle = *op_handle,
+ };
+@@ -60,7 +60,7 @@ static inline psa_status_t crypto_caller_hash_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_UPDATE_SID,
++ .function_id = TFM_CRYPTO_HASH_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -88,7 +88,7 @@ static inline psa_status_t crypto_caller_hash_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_FINISH_SID,
++ .function_id = TFM_CRYPTO_HASH_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -115,7 +115,7 @@ static inline psa_status_t crypto_caller_hash_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_ABORT_SID,
++ .function_id = TFM_CRYPTO_HASH_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -141,7 +141,7 @@ static inline psa_status_t crypto_caller_hash_verify(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_VERIFY_SID,
++ .function_id = TFM_CRYPTO_HASH_VERIFY_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -167,7 +167,7 @@ static inline psa_status_t crypto_caller_hash_clone(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_HASH_CLONE_SID,
++ .function_id = TFM_CRYPTO_HASH_CLONE_SID,
+ .op_handle = source_op_handle,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
+index d4703366..1458163c 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_import_key.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_import_key(struct service_client *conte
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_IMPORT_KEY_SID,
++ .function_id = TFM_CRYPTO_IMPORT_KEY_SID,
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec) },
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
+index 5ce4fb6c..16be9916 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_key_derivation.h
+@@ -33,7 +33,7 @@ static inline psa_status_t crypto_caller_key_derivation_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_SETUP_SID,
+ .alg = alg,
+ .op_handle = *op_handle,
+ };
+@@ -59,7 +59,7 @@ static inline psa_status_t crypto_caller_key_derivation_get_capacity(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_GET_CAPACITY_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -84,7 +84,7 @@ static inline psa_status_t crypto_caller_key_derivation_set_capacity(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_SET_CAPACITY_SID,
+ .capacity = capacity,
+ .op_handle = op_handle,
+ };
+@@ -109,7 +109,7 @@ static inline psa_status_t crypto_caller_key_derivation_input_bytes(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_BYTES_SID,
+ .step = step,
+ .op_handle = op_handle,
+ };
+@@ -134,7 +134,7 @@ static inline psa_status_t crypto_caller_key_derivation_input_key(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_INPUT_KEY_SID,
+ .key_id = key,
+ .step = step,
+ .op_handle = op_handle,
+@@ -159,7 +159,7 @@ static inline psa_status_t crypto_caller_key_derivation_output_bytes(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -185,7 +185,7 @@ static inline psa_status_t crypto_caller_key_derivation_output_key(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_OUTPUT_KEY_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -211,7 +211,7 @@ static inline psa_status_t crypto_caller_key_derivation_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -239,7 +239,7 @@ static inline psa_status_t crypto_caller_key_derivation_key_agreement(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
++ .function_id = TFM_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT_SID,
+ .key_id = private_key,
+ .step = step,
+ .op_handle = op_handle,
+@@ -270,7 +270,7 @@ static inline psa_status_t crypto_caller_raw_key_agreement(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
++ .function_id = TFM_CRYPTO_RAW_KEY_AGREEMENT_SID,
+ .alg = alg,
+ .key_id = private_key,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
+index 3a820192..30222800 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_mac.h
+@@ -34,7 +34,7 @@ static inline psa_status_t crypto_caller_mac_sign_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
++ .function_id = TFM_CRYPTO_MAC_SIGN_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -62,7 +62,7 @@ static inline psa_status_t crypto_caller_mac_verify_setup(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
++ .function_id = TFM_CRYPTO_MAC_VERIFY_SETUP_SID,
+ .key_id = key,
+ .alg = alg,
+ .op_handle = *op_handle,
+@@ -90,7 +90,7 @@ static inline psa_status_t crypto_caller_mac_update(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_UPDATE_SID,
++ .function_id = TFM_CRYPTO_MAC_UPDATE_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -118,7 +118,7 @@ static inline psa_status_t crypto_caller_mac_sign_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
++ .function_id = TFM_CRYPTO_MAC_SIGN_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -147,7 +147,7 @@ static inline psa_status_t crypto_caller_mac_verify_finish(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
++ .function_id = TFM_CRYPTO_MAC_VERIFY_FINISH_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+@@ -172,7 +172,7 @@ static inline psa_status_t crypto_caller_mac_abort(
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_MAC_ABORT_SID,
++ .function_id = TFM_CRYPTO_MAC_ABORT_SID,
+ .op_handle = op_handle,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
+index a3a796e2..f6ab0978 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_purge_key.h
+@@ -31,7 +31,7 @@ static inline psa_status_t crypto_caller_purge_key(struct service_client *contex
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_PURGE_KEY_SID,
++ .function_id = TFM_CRYPTO_PURGE_KEY_SID,
+ .key_id = id,
+ };
+ struct psa_invec in_vec[] = {
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+index 9276748d..8b53e3dc 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_sign_hash.h
+@@ -37,7 +37,7 @@ static inline psa_status_t crypto_caller_sign_hash(struct service_client *contex
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_SIGN_HASH_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+@@ -70,7 +70,7 @@ static inline psa_status_t crypto_caller_sign_message(struct service_client *con
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
++ .function_id = TFM_CRYPTO_ASYMMETRIC_SIGN_MESSAGE_SID,
+ .key_id = id,
+ .alg = alg,
+ };
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+index bcd8e0e4..c9ed865b 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_verify_hash.h
+@@ -31,13 +31,13 @@ static inline psa_status_t crypto_caller_common(struct service_client *context,
+ size_t hash_length,
+ const uint8_t *signature,
+ size_t signature_length,
+- uint32_t sfn_id)
++ uint32_t function_id)
+ {
+ struct service_client *ipc = context;
+ struct rpc_caller *caller = ipc->caller;
+ psa_status_t status;
+ struct psa_ipc_crypto_pack_iovec iov = {
+- .sfn_id = sfn_id,
++ .function_id = function_id,
+ .key_id = id,
+ .alg = alg,
+ };
+--
+2.25.1
+
new file mode 100644
@@ -0,0 +1,117 @@
+From ee7e13dcc14110aa16f7c6453cfe72f088857ed2 Mon Sep 17 00:00:00 2001
+From: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Date: Thu, 9 Feb 2023 00:34:23 +0000
+Subject: [PATCH 3/3] TF-Mv1.7 alignment: PSA crypto client in/out_vec
+
+Few psa crypto operations have different in/out_vec expectations
+This patch is fixing the differences between psa crypto client in TS
+and psa crypto service in TF-M running on the secure enclave
+
+operations:
+- aead_generate_nonce: TFM service doesn't expect op_handle in in_vec
+- aead_update: TFM service doesn't expect op_handle in in_vec
+- cipher_generate_iv: TFM service doesn't expect op_handle in in_vec
+- cipher_update: TFM service doesn't expect op_handle in in_vec
+- hash_clone: TFM service expects target_op_handle in the in_vec
+ rationale is target_op_handle according to the spec
+ must be initialized and not active. and since hash_clone
+ manipulates it. hence, target_op_handle should be passed
+ as input and output.
+
+Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
+Upstream-Status: Pending [Not submitted yet]
+---
+ .../crypto/client/caller/psa_ipc/crypto_caller_aead.h | 6 ++----
+ .../crypto/client/caller/psa_ipc/crypto_caller_cipher.h | 6 ++----
+ .../crypto/client/caller/psa_ipc/crypto_caller_hash.h | 2 ++
+ 3 files changed, 6 insertions(+), 8 deletions(-)
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+index efdffdf7..e862c2de 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_aead.h
+@@ -222,14 +222,13 @@ static inline psa_status_t crypto_caller_aead_generate_nonce(
+ {.base = psa_ptr_to_u32(&iov), .len = sizeof(struct psa_ipc_crypto_pack_iovec)},
+ };
+ struct psa_outvec out_vec[] = {
+- {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
+ {.base = psa_ptr_to_u32(nonce), .len = nonce_size}
+ };
+
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+
+- *nonce_length = out_vec[1].len;
++ *nonce_length = out_vec[0].len;
+ return status;
+ }
+
+@@ -353,7 +352,6 @@ static inline psa_status_t crypto_caller_aead_update(
+ {.base = psa_ptr_const_to_u32(input), .len = input_length}
+ };
+ struct psa_outvec out_vec[] = {
+- {.base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t)},
+ {.base = psa_ptr_const_to_u32(output), .len = output_size},
+ };
+
+@@ -365,7 +363,7 @@ static inline psa_status_t crypto_caller_aead_update(
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ in_len, out_vec, IOVEC_LEN(out_vec));
+
+- *output_length = out_vec[1].len;
++ *output_length = out_vec[0].len;
+ return status;
+ }
+
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+index 20aa46a5..948865e4 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_cipher.h
+@@ -98,14 +98,13 @@ static inline psa_status_t crypto_caller_cipher_generate_iv(
+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
+ };
+ struct psa_outvec out_vec[] = {
+- { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
+ { .base = psa_ptr_to_u32(iv), .len = iv_size },
+ };
+
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+
+- *iv_length = out_vec[1].len;
++ *iv_length = out_vec[0].len;
+
+ return status;
+ }
+@@ -158,14 +157,13 @@ static inline psa_status_t crypto_caller_cipher_update(
+ { .base = psa_ptr_const_to_u32(input), .len = input_length },
+ };
+ struct psa_outvec out_vec[] = {
+- { .base = psa_ptr_to_u32(&op_handle), .len = sizeof(uint32_t) },
+ { .base = psa_ptr_to_u32(output), .len = output_size },
+ };
+
+ status = psa_call(caller, TFM_CRYPTO_HANDLE, PSA_IPC_CALL, in_vec,
+ IOVEC_LEN(in_vec), out_vec, IOVEC_LEN(out_vec));
+
+- *output_length = out_vec[1].len;
++ *output_length = out_vec[0].len;
+
+ return status;
+ }
+diff --git a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+index 4fb60d44..1e422130 100644
+--- a/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
++++ b/components/service/crypto/client/caller/psa_ipc/crypto_caller_hash.h
+@@ -172,6 +172,8 @@ static inline psa_status_t crypto_caller_hash_clone(
+ };
+ struct psa_invec in_vec[] = {
+ { .base = psa_ptr_to_u32(&iov), .len = iov_size },
++ { .base = psa_ptr_to_u32(target_op_handle),
++ .len = sizeof(uint32_t) },
+ };
+ struct psa_outvec out_vec[] = {
+ { .base = psa_ptr_to_u32(target_op_handle),
+--
+2.25.1
+
@@ -25,6 +25,10 @@ SRC_URI:append:corstone1000 = " \
file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \
file://0023-Use-the-stateless-platform-service.patch;patchdir=../trusted-services \
+ file://0024-TF-Mv1.7-alignment-Align-PSA-Crypto-SIDs.patch;patchdir=../trusted-services \
+ file://0025-TF-Mv1.7-alignment-Align-crypto-iovec-definition.patch;patchdir=../trusted-services \
+ file://0026-TF-Mv1.7-alignment-PSA-crypto-client-in-out_vec.patch;patchdir=../trusted-services \
"
+
COMPATIBLE_MACHINE:n1sdp = "n1sdp"