Wrap PSA

[chrysn]

Now that we have PSA in RIOT, let's make it available also on the Rust side.

Open issues to solve this:

• psa_crypto_sys is not no_std parallaxsecond/rust-psa-crypto#131

Cc'ing @Einhornhool (who is the expert on the PSA side) and @geonnave (whose PR that happens to have the same number as the rust-psa-crypto issue, openwsn-berkeley/lakers#131, will eventually need this) -- I trust you'll unsubscribe if you don't want to track this.

The general plan is like this:

• Use the psa_crypto crate for the actual wrapping.
• Fix everything in the backend so that RIOT's PSA headers just get used there, and any Rust calls from a Rust-on-RIOT build just wind up in the PSA provided in RIOT.

(As a whole, it may well be that this will not even go through riot-wrappers, but just needs some tricks on riot-sys and psa-crypto-sys).

[geonnave]

Just to make sure I understand, once solved, we would have the psa_crypto crate using RIOT's PSA instead of [another PSA wrapper in C which in turn uses mbedtls] ?

[chrysn]

Yes. More precisely, I'd hope that psa_crypto_sys will decide based on the system state (as most sys crates do -- use pkgconfig or explicitly passed paths) to use one or the other.

[chrysn]

If it turns out that psa_crypto_sys can not have that flexibility, a good alternative would be for psa_crypto to have a feature switch between using psa_crypto_sys::* and riot_sys::psa::* (with the latter to be defined).