crypto: initialize crypto on crypto_keys init

make sure that crypto is initialized before use of crypto_keys Signed-off-by: Robert Gałat <[email protected]>
nrfconnect · Sep 6, 2024 · 66048e3 · 66048e3
1 parent 0b30ecf
commit 66048e3
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 9 deletions.
diff --git a/subsys/sal/sid_pal/src/sid_crypto.c b/subsys/sal/sid_pal/src/sid_crypto.c
@@ -375,13 +375,6 @@ static psa_status_t aead_decrypt(psa_key_handle_t key_handle, sid_pal_aead_param
 
 sid_error_t sid_pal_crypto_init(void)
 {
-#ifdef CONFIG_SIDEWALK_CRYPTO_PSA_KEY_STORAGE
-	int err = sid_crypto_keys_init();
-	if (err) {
-		LOG_ERR("Keys init failed! (err: %d)", err);
-		return SID_ERROR_NOT_FOUND;
-	}
-#endif /* CONFIG_SIDEWALK_CRYPTO_PSA_KEY_STORAGE */
 	psa_status_t status = psa_crypto_init();
 
 	if (PSA_SUCCESS == status) {

diff --git a/subsys/sal/sid_pal/src/sid_crypto_keys.c b/subsys/sal/sid_pal/src/sid_crypto_keys.c
@@ -4,16 +4,29 @@
  * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
  */
 
+#include <sid_error.h>
+#include <sid_pal_crypto_ifc.h>
 #include <sid_crypto_keys.h>
 #include <errno.h>
 #include <zephyr/logging/log.h>
+#include <json_printer/sidTypes2str.h>
 
 LOG_MODULE_REGISTER(sid_crypto_key, CONFIG_SIDEWALK_CRYPTO_LOG_LEVEL);
 #define ESUCCESS (0)
 #define MAX_PUBLIC_KEY_LENGTH (65)
 
 int sid_crypto_keys_init(void)
 {
+	static bool initialized = false;
+	if (!initialized) {
+		sid_error_t e = sid_pal_crypto_init();
+		if (e != SID_ERROR_NONE) {
+			LOG_ERR("Failed to initialize sid_pal_crypto with error %d (%s)", e,
+				SID_ERROR_T_STR(e));
+			return -EINVAL;
+		}
+		initialized = true;
+	}
 	/* Nothing to do, left for stable api for future features */
 	return ESUCCESS;
 }

diff --git a/subsys/sal/sid_pal/src/sid_mfg_storage.c b/subsys/sal/sid_pal/src/sid_mfg_storage.c
@@ -72,6 +72,14 @@ void sid_pal_mfg_store_init(sid_pal_mfg_store_region_t mfg_store_region)
 			       .end_offset = mfg_store_region.addr_end,
 			       .tlv_storage_start_marker_size = sizeof(struct mfg_header) };
 
+#if CONFIG_SIDEWALK_CRYPTO_PSA_KEY_STORAGE
+	int crypto_init_ret = sid_crypto_keys_init();
+	if (crypto_init_ret != 0) {
+		LOG_ERR("Failed to initialize crypto_keys_storage returned errno %d",
+			crypto_init_ret);
+		return;
+	}
+#endif
 	struct mfg_header header = { 0 };
 	int ret = tlv_read_start_marker(&tlv_flash, (uint8_t *)&header, sizeof(header));
 	if (ret != 0 ||

diff --git a/subsys/sal/sid_pal/src/sid_storage.c b/subsys/sal/sid_pal/src/sid_storage.c
@@ -106,9 +106,13 @@ sid_error_t sid_pal_storage_kv_init()
 	LOG_DBG("Initialized KV storage");
 
 #ifdef CONFIG_SIDEWALK_CRYPTO_PSA_KEY_STORAGE
+	int ret = sid_crypto_keys_init();
+	if (ret != 0) {
+		LOG_ERR("Failed to initialize crypto_keys_storage returned errno %d", ret);
+		return SID_ERROR_GENERIC;
+	}
 	storage_key_save_secure(STORAGE_KV_INTERNAL_PROTOCOL_GROUP_ID, STORAGE_KV_WAN_MASTER_KEY);
-	storage_key_save_secure(STORAGE_KV_INTERNAL_PROTOCOL_GROUP_ID,
-				STORAGE_KV_APP_MASTER_KEY);
+	storage_key_save_secure(STORAGE_KV_INTERNAL_PROTOCOL_GROUP_ID, STORAGE_KV_APP_MASTER_KEY);
 	storage_key_save_secure(STORAGE_KV_INTERNAL_PROTOCOL_GROUP_ID, STORAGE_KV_D2D_MASTER_KEY);
 #endif /* CONFIG_SIDEWALK_CRYPTO_PSA_KEY_STORAGE */