mbedtls: Initialize PSA Crypto if available

Mbed TLS uses PSA Crypto for cryptographic operations when available,
but PSA Crypto needs to be initialized first. To do this, we set
`MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT` to enable Mbed OS's override of
`mbedtls_platform_setup()` and implement the latter's required
`crypto_platform_setup()`.

Author: LDong-Arm

connectivity/mbedtls/platform/inc/platform_mbed.h

@@ -50,6 +50,8 @@
 
 #define MBEDTLS_ENTROPY_HARDWARE_ALT
 
+#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+
 #endif  // defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA)
 
 #if DEVICE_TRNG

platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/CMakeLists.txt

@@ -17,6 +17,7 @@ target_include_directories(mbed-psa
 
 target_sources(mbed-psa
     INTERFACE
+        src/mbedtls_crypto_setup.c
         src/psa_hrng.c
 )
 

platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/inc/crypto_device_platform.h

@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2021 Arm Limited
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __CRYPTO_PLATFORM_H_
+#define __CRYPTO_PLATFORM_H_
+
+// Unused platform-defined crypto context
+// required by mbedtls_platform_context
+typedef struct {
+    char unused;
+} crypto_platform_ctx;
+
+#endif // __CRYPTO_PLATFORM_H_

platform/FEATURE_EXPERIMENTAL_API/FEATURE_PSA/src/mbedtls_crypto_setup.c

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2021 Arm Limited
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "crypto_device_platform.h"
+#include "psa/crypto.h"
+
+// Required by mbedtls_platform_setup()
+
+int crypto_platform_setup(crypto_platform_ctx *unused)
+{
+    psa_status_t status = psa_crypto_init();
+    return (int) status;
+}
+
+void crypto_platform_terminate(crypto_platform_ctx *unused)
+{
+    // The PSA Crypto API does not provide a deinit function.
+    // By specification, psa_crypto_init() can be called any
+    // number of times.
+}