Fix PSA crypto partiotion and tests

* Styling * Correct error codes on failing connection * Add panics where needed * correct skip defines * Fix psa_spm_init_refence_counter bug
2018-12-02 11:14:49 +02:00 · 2018-12-02 11:14:49 +02:00 · c3bd6f12d2
parent 6edc81ddae
commit c3bd6f12d2
15 changed files with 304 additions and 202 deletions
--- a/TESTS/psa/crypto_init/COMPONENT_SPE/psa_setup.c
+++ b/TESTS/psa/crypto_init/COMPONENT_SPE/psa_setup.c
@ -27,21 +27,21 @@
 #include "spm_internal.h"
 #include "handles_manager.h"
 #include "cmsis.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 spm_partition_t g_partitions[2] = {
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -65,7 +65,7 @@ const mem_region_t *mem_regions = NULL;
 const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 uint32_t init_partitions(spm_partition_t **partitions)
@ -74,7 +74,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
        SPM_PANIC("partitions is NULL!\n");
    }
-    psa_f_init(&(g_partitions[0]));
+    crypto_srv_init(&(g_partitions[0]));
    its_init(&(g_partitions[1]));
    *partitions = g_partitions;
--- a/TESTS/psa/crypto_init/main.cpp
+++ b/TESTS/psa/crypto_init/main.cpp
@ -16,7 +16,7 @@
 * limitations under the License.
 */
-#if ((!defined(TARGET_PSA)) || (!defined(MBEDTLS_PSA_CRYPTO_C)) || (!defined(MBEDTLS_PSA_CRYPTO_SPM )))
+#if ((!defined(TARGET_PSA)) || (!defined(COMPONENT_PSA_SRV_IPC)) || (!defined(MBEDTLS_PSA_CRYPTO_C)))
 #error [NOT_SUPPORTED] Mbed SPM Crypto is OFF - skipping.
 #endif // TARGET_PSA
@ -50,22 +50,20 @@ utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
 static void check_multi_crypto_init_deinit()
 {
    uint8_t output[TEST_RANDOM_SIZE] = {0};
-    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0};
+
    /* inject some a seed for test*/
    for (int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) {
        seed[i] = i;
    }
    /* don't really care if this succeed this is just to make crypto init pass*/
    mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
    psa_status_t status = psa_crypto_init();
    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
    status = psa_crypto_init();
    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
    status = psa_generate_random(output, sizeof(output));
    TEST_ASSERT_NOT_EQUAL(PSA_ERROR_BAD_STATE, status);
    mbedtls_psa_crypto_free();
    status = psa_generate_random(output, sizeof(output));
    TEST_ASSERT_NOT_EQUAL(PSA_ERROR_BAD_STATE, status);
    mbedtls_psa_crypto_free();
    status = psa_generate_random(output, sizeof(output));
    TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status);
@ -75,19 +73,17 @@ static void check_crypto_init_deinit()
 {
    psa_status_t status;
    uint8_t output[TEST_RANDOM_SIZE] = {0};
-    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0};
+
-    /* inject some a seed for test*/
+    // Should fail as init is required first
    for (int i; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) {
        seed[i] = i;
    }
    /* don't really care if this succeed this is just to make crypto init pass*/
    mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
    status = psa_generate_random(output, sizeof(output));
    TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status);
    status = psa_crypto_init();
    TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
    status = psa_generate_random(output, sizeof(output));
    TEST_ASSERT_NOT_EQUAL(PSA_ERROR_BAD_STATE, status);
    mbedtls_psa_crypto_free();
    status = psa_generate_random(output, sizeof(output));
    TEST_ASSERT_EQUAL(PSA_ERROR_BAD_STATE, status);
@ -102,5 +98,13 @@ Specification specification(greentea_test_setup, cases, greentea_test_teardown_h
 int main()
 {
    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = {0};
    /* inject some a seed for test*/
    for (int i = 0; i < MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE; ++i) {
        seed[i] = i;
    }
    /* don't really care if this succeed this is just to make crypto init pass*/
    mbedtls_psa_inject_entropy(seed, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE);
    return !Harness::run(specification);
 }
--- a/TESTS/psa/entropy_inject/COMPONENT_SPE/psa_setup.c
+++ b/TESTS/psa/entropy_inject/COMPONENT_SPE/psa_setup.c
@ -28,10 +28,10 @@
 #include "handles_manager.h"
 #include "cmsis.h"
 #include "psa_test_its_reset_partition.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 spm_partition_t g_partitions[3] = {
    {
@ -46,14 +46,14 @@ spm_partition_t g_partitions[3] = {
        .irq_mapper = NULL,
    },
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -78,7 +78,7 @@ const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
 void test_its_reset_init(spm_partition_t *partition);
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 uint32_t init_partitions(spm_partition_t **partitions)
@ -88,7 +88,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
    }
    test_its_reset_init(&(g_partitions[0]));
-    psa_f_init(&(g_partitions[1]));
+    crypto_srv_init(&(g_partitions[1]));
    its_init(&(g_partitions[2]));
    *partitions = g_partitions;
--- a/TESTS/psa/entropy_inject/main.cpp
+++ b/TESTS/psa/entropy_inject/main.cpp
@ -16,7 +16,7 @@
 * limitations under the License.
 */
-#if ((!defined(TARGET_PSA) || (!defined(COMPONENT_PSA_SRV_IPC)) && !defined(MBEDTLS_ENTROPY_NV_SEED)))
+#if (!defined(TARGET_PSA) || !defined(COMPONENT_PSA_SRV_IPC))
 #error [NOT_SUPPORTED] PSA entropy injection tests can run only on PSA-enabled targets.
 #endif // TARGET_PSA
@ -41,6 +41,7 @@
 using namespace utest::v1;
 uint8_t seed[MBEDTLS_ENTROPY_MAX_SEED_SIZE + 2] = {0};
 bool skip_tests = false;
 void validate_entropy_seed_injection(int seed_length_a,
                                     int expected_status_a,
@ -83,31 +84,46 @@ utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
 #ifndef NO_GREENTEA
    GREENTEA_SETUP(60, "default_auto");
 #endif
    /* fill seed in some data */
    for (size_t i = 0; i < sizeof(seed); ++i) {
        seed[i] = i;
    }
    if (mbedtls_psa_inject_entropy(seed, MBEDTLS_ENTROPY_MAX_SEED_SIZE) == PSA_ERROR_NOT_SUPPORTED) {
        skip_tests = true;
    }
    return greentea_test_setup_handler(number_of_cases);
 }
 static void injection_small_good()
 {
    TEST_SKIP_UNLESS(!skip_tests);
    validate_entropy_seed_injection(MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_ERROR_NOT_PERMITTED);
 }
 static void injection_big_good()
 {
    TEST_SKIP_UNLESS(!skip_tests);
    validate_entropy_seed_injection(MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS, MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_ERROR_NOT_PERMITTED);
 }
 static void injection_too_small()
 {
    TEST_SKIP_UNLESS(!skip_tests);
    validate_entropy_seed_injection((MBEDTLS_ENTROPY_MIN_PLATFORM - 1), PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE, PSA_SUCCESS);
 }
 static void injection_too_big()
 {
    TEST_SKIP_UNLESS(!skip_tests);
    validate_entropy_seed_injection((MBEDTLS_ENTROPY_MAX_SEED_SIZE + 1), PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ENTROPY_MAX_SEED_SIZE, PSA_SUCCESS);
 }
 static void injection_and_init_deinit()
 {
    TEST_SKIP_UNLESS(!skip_tests);
    run_entropy_inject_with_crypto_init();
 }
@ -129,10 +145,6 @@ utest::v1::status_t case_setup_handler(const Case *const source, const size_t in
    psa_status_t status;
    status = test_psa_its_reset();
    TEST_ASSERT_EQUAL(PSA_ITS_SUCCESS, status);
    /* fill seed in some data */
    for (size_t i = 0; i < MBEDTLS_ENTROPY_MAX_SEED_SIZE + 2; ++i) {
        seed[i] = i;
    }
    return greentea_case_setup_handler(source, index_of_case);
 }
--- a/TESTS/psa/prot_internal_storage/COMPONENT_SPE/psa_setup.c
+++ b/TESTS/psa/prot_internal_storage/COMPONENT_SPE/psa_setup.c
@ -28,10 +28,10 @@
 #include "handles_manager.h"
 #include "cmsis.h"
 #include "psa_test_its_reset_partition.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 spm_partition_t g_partitions[3] = {
    {
@ -46,14 +46,14 @@ spm_partition_t g_partitions[3] = {
        .irq_mapper = NULL,
    },
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -78,7 +78,7 @@ const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
 void test_its_reset_init(spm_partition_t *partition);
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 uint32_t init_partitions(spm_partition_t **partitions)
@ -88,7 +88,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
    }
    test_its_reset_init(&(g_partitions[0]));
-    psa_f_init(&(g_partitions[1]));
+    crypto_srv_init(&(g_partitions[1]));
    its_init(&(g_partitions[2]));
    *partitions = g_partitions;
--- a/TESTS/psa/spm_client/COMPONENT_SPE/psa_setup.c
+++ b/TESTS/psa/spm_client/COMPONENT_SPE/psa_setup.c
@ -28,10 +28,10 @@
 #include "handles_manager.h"
 #include "cmsis.h"
 #include "psa_client_tests_part1_partition.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 spm_partition_t g_partitions[3] = {
    {
@ -46,14 +46,14 @@ spm_partition_t g_partitions[3] = {
        .irq_mapper = NULL,
    },
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -78,7 +78,7 @@ const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
 void client_tests_part1_init(spm_partition_t *partition);
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 uint32_t init_partitions(spm_partition_t **partitions)
@ -88,7 +88,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
    }
    client_tests_part1_init(&(g_partitions[0]));
-    psa_f_init(&(g_partitions[1]));
+    crypto_srv_init(&(g_partitions[1]));
    its_init(&(g_partitions[2]));
    *partitions = g_partitions;
--- a/TESTS/psa/spm_server/COMPONENT_SPE/psa_setup.c
+++ b/TESTS/psa/spm_server/COMPONENT_SPE/psa_setup.c
@ -29,11 +29,11 @@
 #include "cmsis.h"
 #include "psa_server_test_part1_partition.h"
 #include "psa_server_test_part2_partition.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
 extern const uint32_t server_test_part1_external_sids[2];
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 spm_partition_t g_partitions[4] = {
    {
@ -59,14 +59,14 @@ spm_partition_t g_partitions[4] = {
        .irq_mapper = NULL,
    },
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -92,7 +92,7 @@ const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
 void server_test_part1_init(spm_partition_t *partition);
 void server_test_part2_init(spm_partition_t *partition);
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 uint32_t init_partitions(spm_partition_t **partitions)
@ -103,7 +103,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
    server_test_part1_init(&(g_partitions[0]));
    server_test_part2_init(&(g_partitions[1]));
-    psa_f_init(&(g_partitions[2]));
+    crypto_srv_init(&(g_partitions[2]));
    its_init(&(g_partitions[3]));
    *partitions = g_partitions;
--- a/TESTS/psa/spm_smoke/COMPONENT_SPE/psa_setup.c
+++ b/TESTS/psa/spm_smoke/COMPONENT_SPE/psa_setup.c
@ -28,10 +28,10 @@
 #include "handles_manager.h"
 #include "cmsis.h"
 #include "psa_smoke_test_part1_partition.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 spm_partition_t g_partitions[3] = {
    {
@ -46,14 +46,14 @@ spm_partition_t g_partitions[3] = {
        .irq_mapper = NULL,
    },
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -78,7 +78,7 @@ const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
 void smoke_test_part1_init(spm_partition_t *partition);
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 uint32_t init_partitions(spm_partition_t **partitions)
@ -88,7 +88,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
    }
    smoke_test_part1_init(&(g_partitions[0]));
-    psa_f_init(&(g_partitions[1]));
+    crypto_srv_init(&(g_partitions[1]));
    its_init(&(g_partitions[2]));
    *partitions = g_partitions;
--- a/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c
+++ b/components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c
@ -23,7 +23,7 @@
 #include <stdlib.h>
 #include <string.h>
-#include "psa_psa_f_ifs.h"
+#include "psa_crypto_ifs.h"
 #include "spm/psa_defs.h"
 #include "spm/spm_client.h"
--- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
+++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
@ -7,7 +7,7 @@
 #define PSA_CRYPTO_SECURE 1
 #include "crypto_spe.h"
 #include "crypto_platform_spe.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_partition.h"
 #include "mbedtls/entropy.h"
 #if defined(MBEDTLS_PLATFORM_C)
@ -17,7 +17,7 @@
 #define mbedtls_free   free
 #endif
 // ------------------------- Globals ---------------------------
-static psa_spm_init_refence_counter = 0;
+static int psa_spm_init_refence_counter = 0;
 // ------------------------- Partition's Main Thread ---------------------------
 static void psa_crypto_init_operation(void)
@ -26,7 +26,6 @@ static void psa_crypto_init_operation(void)
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_CRYPTO_INIT, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT:
        case PSA_IPC_DISCONNECT: {
@ -38,14 +37,16 @@ static void psa_crypto_init_operation(void)
            if (status == PSA_SUCCESS) {
                ++psa_spm_init_refence_counter;
            }
            break;
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, (psa_error_t) status);
 }
@ -55,7 +56,6 @@ static void psa_crypto_free_operation(void)
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_CRYPTO_FREE, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT:
        case PSA_IPC_DISCONNECT: {
@ -66,18 +66,23 @@ static void psa_crypto_free_operation(void)
            /** perform crypto_free iff the number of init-s
             * is equal to the number of free-s
             */
-            --psa_spm_init_refence_counter;
+            if (psa_spm_init_refence_counter > 0) {
-            if (!psa_spm_init_refence_counter) {
+                --psa_spm_init_refence_counter;
            }
            if (psa_spm_init_refence_counter == 0) {
                mbedtls_psa_crypto_free();
            }
            break;
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, (psa_error_t) status);
 }
@ -87,14 +92,14 @@ static void psa_mac_operation(void)
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_MAC, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT: {
            psa_mac_operation_t *psa_operation = mbedtls_calloc(1, sizeof(psa_mac_operation_t));
            if (psa_operation == NULL) {
-                status = PSA_ERROR_INSUFFICIENT_MEMORY;
+                status = PSA_CONNECTION_REFUSED;
                break;
            }
            psa_set_rhandle(msg.handle, psa_operation);
            break;
        }
@ -109,7 +114,6 @@ static void psa_mac_operation(void)
            }
            bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]);
            if (bytes_read != msg.in_size[0]) {
                SPM_PANIC("SPM read length mismatch");
            }
@ -135,6 +139,7 @@ static void psa_mac_operation(void)
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 1, input_ptr,
                                          msg.in_size[1]);
@ -164,17 +169,19 @@ static void psa_mac_operation(void)
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    status = psa_mac_sign_finish(msg.rhandle, mac, mac_size,
                                                 &mac_length);
                    if (status == PSA_SUCCESS) {
                        psa_write(msg.handle, 0, mac, mac_length);
                        psa_write(msg.handle, 1, &mac_length,
                                  sizeof(mac_length));
                    }
                    mbedtls_free(mac);
                    break;
                }
                case PSA_MAC_VERIFY_FINISH: {
                    size_t mac_length = 0;
                    bytes_read = psa_read(msg.handle, 1, &mac_length,
@ -183,61 +190,71 @@ static void psa_mac_operation(void)
                            mac_length != msg.in_size[2]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    uint8_t *mac = mbedtls_calloc(1, mac_length);
                    if (mac == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 2, mac, msg.in_size[2]);
                    if (bytes_read != msg.in_size[2]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    status = psa_mac_verify_finish(msg.rhandle, mac, mac_length);
                    mbedtls_free(mac);
                    break;
                }
                case PSA_MAC_ABORT: {
                    status = psa_mac_abort(msg.rhandle);
                    break;
                }
                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
                break;
            }
            break;
        }
        case PSA_IPC_DISCONNECT: {
            psa_mac_abort(msg.rhandle);
            if (msg.rhandle != NULL) {
                mbedtls_free(msg.rhandle);
            }
            break;
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, (psa_error_t) status);
 }
 static void psa_hash_operation(void)
 {
    psa_msg_t msg = { 0 };
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_HASH, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT: {
            psa_hash_operation_t *psa_operation = mbedtls_calloc(1, sizeof(psa_hash_operation_t));
            if (psa_operation == NULL) {
-                status = PSA_ERROR_INSUFFICIENT_MEMORY;
+                status = PSA_CONNECTION_REFUSED;
                break;
            }
            psa_set_rhandle(msg.handle, psa_operation);
            break;
        }
@ -252,7 +269,6 @@ static void psa_hash_operation(void)
            }
            bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]);
            if (bytes_read != msg.in_size[0]) {
                SPM_PANIC("SPM read length mismatch");
            }
@ -270,6 +286,7 @@ static void psa_hash_operation(void)
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 1, input_ptr,
                                          msg.in_size[1]);
@ -291,15 +308,16 @@ static void psa_hash_operation(void)
                    if (bytes_read != msg.in_size[1]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    size_t hash_length = 0;
                    uint8_t *hash = mbedtls_calloc(1, hash_size);
                    if (hash == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    status = psa_hash_finish(msg.rhandle, hash, hash_size,
                                             &hash_length);
                    if (status == PSA_SUCCESS) {
                        psa_write(msg.handle, 0, hash, hash_length);
                        psa_write(msg.handle, 1, &hash_length,
@ -309,6 +327,7 @@ static void psa_hash_operation(void)
                    mbedtls_free(hash);
                    break;
                }
                case PSA_HASH_VERIFY: {
                    size_t hash_length = 0;
                    bytes_read = psa_read(msg.handle, 1, &hash_length,
@ -317,39 +336,48 @@ static void psa_hash_operation(void)
                            hash_length != msg.in_size[2]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    uint8_t *hash = mbedtls_calloc(1, hash_length);
                    if (hash == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 2, hash, msg.in_size[2]);
                    if (bytes_read != msg.in_size[2]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    status = psa_hash_verify(msg.rhandle, hash, hash_length);
                    mbedtls_free(hash);
                    break;
                }
                case PSA_HASH_ABORT: {
                    status = psa_hash_abort(msg.rhandle);
                    break;
                }
                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
            }
            break;
        }
        case PSA_IPC_DISCONNECT: {
            psa_hash_abort(msg.rhandle);
            if (msg.rhandle != NULL) {
                mbedtls_free(msg.rhandle);
            }
            break;
        }
        default: {
-            status = PSA_ERROR_INSUFFICIENT_MEMORY;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
@ -363,10 +391,11 @@ static void psa_asymmetric_operation(void)
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_ASYMMETRIC, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT:
        case PSA_IPC_DISCONNECT: {
            break;
        }
        case PSA_IPC_CALL: {
            if (msg.in_size[0] != sizeof(psa_crypto_ipc_asymmetric_t)) {
@ -378,7 +407,6 @@ static void psa_asymmetric_operation(void)
            psa_crypto_ipc_asymmetric_t psa_crypto = {0};
            bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]);
            if (bytes_read != msg.in_size[0]) {
                SPM_PANIC("SPM read length mismatch");
            }
@ -407,6 +435,7 @@ static void psa_asymmetric_operation(void)
                    if (bytes_read != msg.in_size[1]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    status = psa_asymmetric_sign(psa_crypto.key,
                                                 psa_crypto.alg,
                                                 hash,
@ -433,11 +462,13 @@ static void psa_asymmetric_operation(void)
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 1,
                                          signature, msg.in_size[1]);
                    if (bytes_read != msg.in_size[1]) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    hash = mbedtls_calloc(1, msg.in_size[2]);
                    if (hash == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
@ -473,6 +504,7 @@ static void psa_asymmetric_operation(void)
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 1, buffer,
                                          msg.in_size[1]);
                    if (bytes_read != msg.in_size[1]) {
@ -481,7 +513,6 @@ static void psa_asymmetric_operation(void)
                    input = buffer;
                    salt = buffer + psa_crypto.input_length;
                    output = mbedtls_calloc(1, msg.out_size[0]);
                    if (output == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
@ -513,6 +544,7 @@ static void psa_asymmetric_operation(void)
                    if (status == PSA_SUCCESS) {
                        psa_write(msg.handle, 0, output, output_length);
                    }
                    psa_write(msg.handle, 1,
                              &output_length, sizeof(output_length));
@ -520,18 +552,22 @@ static void psa_asymmetric_operation(void)
                    mbedtls_free(buffer);
                    break;
                }
                break;
-                default:
+                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
            }
        }
        case PSA_IPC_DISCONNECT:
            break;
-        default:
+            break;
-            status = PSA_ERROR_NOT_SUPPORTED;
+        }
        default: {
            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, (psa_error_t) status);
 }
@ -539,11 +575,13 @@ static void psa_aead_operation()
 {
    psa_msg_t msg = { 0 };
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_AEAD, &msg);
    psa_get(PSA_AEAD, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT:
        case PSA_IPC_DISCONNECT: {
            break;
        }
        case PSA_IPC_CALL: {
            if (msg.in_size[0] != sizeof(psa_crypto_ipc_aead_t)) {
@ -555,7 +593,6 @@ static void psa_aead_operation()
            psa_crypto_ipc_aead_t psa_crypto = {0};
            bytes_read = psa_read(msg.handle, 0, &psa_crypto, msg.in_size[0]);
            if (bytes_read != msg.in_size[0]) {
                SPM_PANIC("SPM read length mismatch");
            }
@ -573,6 +610,7 @@ static void psa_aead_operation()
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 1, buffer,
                                          msg.in_size[1]);
                    if (bytes_read != msg.in_size[1]) {
@ -623,18 +661,22 @@ static void psa_aead_operation()
                    mbedtls_free(output);
                    break;
                }
-                default:
+
                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
            }
            break;
        }
        case PSA_IPC_DISCONNECT:
            break;
-        default:
+        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, (psa_error_t) status);
 }
@ -644,18 +686,19 @@ static void psa_symmetric_operation(void)
    psa_msg_t msg = { 0 };
    psa_get(PSA_SYMMETRIC, &msg);
    switch (msg.type) {
        case PSA_IPC_CONNECT: {
            psa_cipher_operation_t *psa_operation =
                mbedtls_calloc(1, sizeof(psa_cipher_operation_t));
            if (psa_operation == NULL) {
-                status = PSA_ERROR_INSUFFICIENT_MEMORY;
+                status = PSA_CONNECTION_REFUSED;
                break;
            }
            psa_set_rhandle(msg.handle, psa_operation);
            break;
        }
        case PSA_IPC_CALL: {
            uint32_t bytes_read;
            psa_crypto_ipc_t psa_crypto_ipc = { 0 };
@ -664,6 +707,7 @@ static void psa_symmetric_operation(void)
                status = PSA_ERROR_COMMUNICATION_FAILURE;
                break;
            }
            bytes_read = psa_read(msg.handle, 0, &psa_crypto_ipc,
                                  msg.in_size[0]);
            if (bytes_read != msg.in_size[0]) {
@ -677,12 +721,14 @@ static void psa_symmetric_operation(void)
                                                      psa_crypto_ipc.alg);
                    break;
                }
                case PSA_CIPHER_DECRYPT_SETUP: {
                    status = psa_cipher_decrypt_setup(msg.rhandle,
                                                      psa_crypto_ipc.key,
                                                      psa_crypto_ipc.alg);
                    break;
                }
                case PSA_CIPHER_GENERATE_IV: {
                    size_t iv_length = 0;
                    size_t iv_size = msg.out_size[0];
@ -697,6 +743,7 @@ static void psa_symmetric_operation(void)
                    }
                    break;
                }
                case PSA_CIPHER_SET_IV: {
                    size_t iv_length = msg.in_size[1];
                    unsigned char iv[PSA_AEAD_MAX_NONCE_SIZE] = { 0 };
@ -709,6 +756,7 @@ static void psa_symmetric_operation(void)
                    break;
                }
                case PSA_CIPHER_UPDATE: {
                    size_t input_length = msg.in_size[1];
                    size_t output_size = msg.out_size[0];
@ -721,6 +769,7 @@ static void psa_symmetric_operation(void)
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
                        break;
                    }
                    bytes_read = psa_read(msg.handle, 1, input,
                                          input_length);
                    if (bytes_read != input_length) {
@ -741,10 +790,12 @@ static void psa_symmetric_operation(void)
                        psa_write(msg.handle, 1,
                                  &output_length, sizeof(output_length));
                    }
                    mbedtls_free(input);
                    mbedtls_free(output);
                    break;
                }
                case PSA_CIPHER_FINISH: {
                    uint8_t *output;
                    size_t output_size = msg.out_size[0];
@ -766,26 +817,32 @@ static void psa_symmetric_operation(void)
                    mbedtls_free(output);
                    break;
                }
                case PSA_CIPHER_ABORT: {
                    status = psa_cipher_abort(msg.rhandle);
                    break;
                }
                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
            }
            break;
        }
        case PSA_IPC_DISCONNECT: {
            psa_cipher_abort(msg.rhandle);
            if (msg.rhandle != NULL) {
                mbedtls_free(msg.rhandle);
            }
            break;
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
@ -798,11 +855,12 @@ static void psa_key_management_operation(void)
 {
    psa_msg_t msg = { 0 };
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_KEY_MNG, &msg);
    psa_get(PSA_KEY_MNG, &msg);
    switch (msg.type) {
-        case PSA_IPC_CONNECT: {
+        case PSA_IPC_CONNECT:
-            break; /* do nothing*/
+        case PSA_IPC_DISCONNECT: {
            break;
        }
        case PSA_IPC_CALL: {
@ -832,8 +890,10 @@ static void psa_key_management_operation(void)
                        psa_write(msg.handle, 0,
                                  &lifetime, lifetime_length);
                    }
                    break;
                }
                case PSA_SET_KEY_LIFETIME: {
                    size_t lifetime_length = msg.in_size[1];
                    psa_key_lifetime_t lifetime;
@ -843,9 +903,11 @@ static void psa_key_management_operation(void)
                    if (bytes_read != lifetime_length) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    status = psa_set_key_lifetime(psa_key_mng.key, lifetime);
                    break;
                }
                case PSA_SET_KEY_POLICY: {
                    size_t policy_length = msg.in_size[1];
                    psa_key_policy_t policy;
@ -855,9 +917,11 @@ static void psa_key_management_operation(void)
                    if (bytes_read != policy_length) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    status = psa_set_key_policy(psa_key_mng.key, &policy);
                    break;
                }
                case PSA_GET_KEY_POLICY: {
                    size_t policy_size = msg.out_size[0];
                    psa_key_policy_t policy;
@ -866,8 +930,10 @@ static void psa_key_management_operation(void)
                    if (status == PSA_SUCCESS) {
                        psa_write(msg.handle, 0, &policy, policy_size);
                    }
                    break;
                }
                case PSA_IMPORT_KEY: {
                    size_t key_length = msg.in_size[1];
                    uint8_t *key = mbedtls_calloc(1, key_length);
@ -880,16 +946,19 @@ static void psa_key_management_operation(void)
                    if (bytes_read != key_length) {
                        SPM_PANIC("SPM read length mismatch");
                    }
                    status = psa_import_key(psa_key_mng.key,
                                            psa_key_mng.type,
                                            key, key_length);
                    mbedtls_free(key);
                    break;
                }
                case PSA_DESTROY_KEY: {
                    status  = psa_destroy_key(psa_key_mng.key);
                    break;
                }
                case PSA_GET_KEY_INFORMATION: {
                    psa_key_type_t type;
                    size_t bits;
@ -903,8 +972,10 @@ static void psa_key_management_operation(void)
                            psa_write(msg.handle, 1, &bits, sizeof(size_t));
                        }
                    }
                    break;
                }
                case PSA_EXPORT_KEY: {
                    size_t key_length = msg.out_size[0];
                    size_t data_length;
@ -925,6 +996,7 @@ static void psa_key_management_operation(void)
                    mbedtls_free(key);
                    break;
                }
                case PSA_EXPORT_PUBLIC_KEY: {
                    size_t key_length = msg.out_size[0];
                    size_t data_length;
@ -945,6 +1017,7 @@ static void psa_key_management_operation(void)
                    mbedtls_free(key);
                    break;
                }
                case PSA_GENERATE_KEY: {
                    size_t bits;
                    size_t bits_size = msg.in_size[1];
@ -963,37 +1036,36 @@ static void psa_key_management_operation(void)
                            break;
                        }
                        bytes_read = psa_read(msg.handle, 2,
                                              parameter, parameter_size);
                        if (bytes_read != parameter_size) {
                            SPM_PANIC("SPM read length mismatch");
                        }
                    }
                    status = psa_generate_key(psa_key_mng.key,
                                              psa_key_mng.type,
                                              bits,
                                              parameter, parameter_size);
                    mbedtls_free(parameter);
                    break;
                }
                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
            }
            break;
        }
-        case PSA_IPC_DISCONNECT: {
+
            break; /* do nothing*/
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, status);
 }
@ -1001,44 +1073,49 @@ static void psa_entropy_operation(void)
 {
    psa_msg_t msg = { 0 };
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_ENTROPY_INJECT, &msg);
-#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+    psa_get(PSA_ENTROPY_INJECT, &msg);
    switch (msg.type) {
-        case PSA_IPC_CONNECT: {
+        case PSA_IPC_CONNECT:
-            break; /* do nothing */
+        case PSA_IPC_DISCONNECT: {
            status = PSA_SUCCESS;
            break;
        }
        case PSA_IPC_CALL: {
 #if (defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO))
            uint32_t bytes_read;
            size_t seed_size = msg.in_size[0];
            if (MBEDTLS_ENTROPY_MAX_SEED_SIZE < seed_size) {
                status = PSA_ERROR_INVALID_ARGUMENT;
                break;
            }
            unsigned char *seed = mbedtls_calloc(1, seed_size);
            if (seed == NULL) {
                status = PSA_ERROR_INSUFFICIENT_MEMORY;
                break;
            }
            bytes_read = psa_read(msg.handle, 0, seed, seed_size);
            if (bytes_read != seed_size) {
                SPM_PANIC("SPM read length mismatch");
            }
            status = mbedtls_psa_inject_entropy(seed, seed_size);
            mbedtls_free(seed);
 #else
            status = PSA_ERROR_NOT_SUPPORTED;
 #endif /* MBEDTLS_ENTROPY_NV_SEED && MBEDTLS_PSA_HAS_ITS_IO*/
            break;
        }
-        case PSA_IPC_DISCONNECT: {
+
            break; /* do nothing */
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
-#else
+
    status = PSA_ERROR_NOT_SUPPORTED;
 #endif /* MBEDTLS_ENTROPY_NV_SEED && MBEDTLS_PSA_HAS_ITS_IO*/
    psa_reply(msg.handle, status);
 }
@ -1047,11 +1124,12 @@ static void psa_rng_operation(void)
 {
    psa_msg_t msg = { 0 };
    psa_status_t status = PSA_SUCCESS;
    psa_get(PSA_RNG, &msg);
    psa_get(PSA_RNG, &msg);
    switch (msg.type) {
-        case PSA_IPC_CONNECT: {
+        case PSA_IPC_CONNECT:
-            break; /* do nothing*/
+        case PSA_IPC_DISCONNECT: {
            break;
        }
        case PSA_IPC_CALL: {
@ -1061,21 +1139,22 @@ static void psa_rng_operation(void)
                status = PSA_ERROR_INSUFFICIENT_MEMORY;
                break;
            }
            status = psa_generate_random(random, random_size);
            if (status == PSA_SUCCESS) {
                psa_write(msg.handle, 0, random, random_size);
            }
            mbedtls_free(random);
            break;
        }
-        case PSA_IPC_DISCONNECT: {
+
            break; /* do nothing*/
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
    psa_reply(msg.handle, status);
 }
@ -1095,9 +1174,11 @@ void psa_crypto_generator_operations(void)
                status = PSA_ERROR_INSUFFICIENT_MEMORY;
                break;
            }
            psa_set_rhandle(msg.handle, psa_operation);
            break;
        }
        case PSA_IPC_CALL: {
            uint32_t bytes_read;
            psa_crypto_derivation_ipc_t psa_crypto_ipc = { 0 };
@ -1105,6 +1186,7 @@ void psa_crypto_generator_operations(void)
                status = PSA_ERROR_COMMUNICATION_FAILURE;
                break;
            }
            bytes_read = psa_read(msg.handle, 0, &psa_crypto_ipc,
                                  msg.in_size[0]);
            if (bytes_read != msg.in_size[0]) {
@ -1123,6 +1205,7 @@ void psa_crypto_generator_operations(void)
                    break;
                }
                case PSA_GENERATOR_READ: {
                    uint8_t *output = NULL;
                    size_t output_length = msg.out_size[0];
@ -1141,8 +1224,8 @@ void psa_crypto_generator_operations(void)
                    mbedtls_free(output);
                    break;
                }
                case PSA_GENERATOR_IMPORT_KEY: {
                    psa_key_type_t type;
                    size_t bits;
@ -1163,12 +1246,13 @@ void psa_crypto_generator_operations(void)
                                                      bits, msg.rhandle);
                    break;
                }
                case PSA_GENERATOR_ABORT: {
                    status = psa_generator_abort(msg.rhandle);
                    break;
                }
                case PSA_KEY_DERIVATION: {
                case PSA_KEY_DERIVATION: {
                    uint8_t *salt = mbedtls_calloc(1, msg.in_size[1]);
                    if (salt == NULL) {
                        status = PSA_ERROR_INSUFFICIENT_MEMORY;
@ -1204,6 +1288,7 @@ void psa_crypto_generator_operations(void)
                    break;
                }
                case PSA_KEY_AGREEMENT: {
                    uint8_t *private_key = mbedtls_calloc(1, msg.in_size[1]);
@ -1225,11 +1310,13 @@ void psa_crypto_generator_operations(void)
                    break;
                }
                default: {
                    status = PSA_ERROR_NOT_SUPPORTED;
                    break;
                }
            }
            break;
        }
        case PSA_IPC_DISCONNECT: {
@ -1237,10 +1324,12 @@ void psa_crypto_generator_operations(void)
            if (msg.rhandle != NULL) {
                mbedtls_free(msg.rhandle);
            }
            break;
        }
        default: {
-            status = PSA_ERROR_NOT_SUPPORTED;
+            SPM_PANIC("Unexpected message type %d!", (int)(msg.type));
            break;
        }
    }
@ -1249,13 +1338,10 @@ void psa_crypto_generator_operations(void)
 }
-void part_main(void *ptr)
+void crypto_main(void *ptr)
 {
    uint32_t signals = 0;
    psa_status_t status = PSA_SUCCESS;
    while (1) {
-        signals = psa_wait_any(PSA_BLOCK);
+        uint32_t signals = psa_wait_any(PSA_BLOCK);
        if (signals & PSA_CRYPTO_INIT) {
            psa_crypto_init_operation();
        }
--- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_srv_partition.c
+++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_srv_partition.c
@ -28,31 +28,31 @@
 #include "rtx_os.h"
 #include "spm_panic.h"
 #include "spm_internal.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
-#include "psa_psa_f_ifs.h"
+#include "psa_crypto_srv_ifs.h"
 #include "psa_its_ifs.h"
 /* Threads stacks */
-MBED_ALIGN(8) uint8_t psa_f_thread_stack[16384] = {0};
+MBED_ALIGN(8) uint8_t crypto_srv_thread_stack[16384] = {0};
 /* Threads control blocks */
-osRtxThread_t psa_f_thread_cb = {0};
+osRtxThread_t crypto_srv_thread_cb = {0};
 /* Thread attributes - for thread initialization */
-osThreadAttr_t psa_f_thread_attr = {
+osThreadAttr_t crypto_srv_thread_attr = {
-    .name = "psa_f",
+    .name = "crypto_srv",
    .attr_bits = 0,
-    .cb_mem = &psa_f_thread_cb,
+    .cb_mem = &crypto_srv_thread_cb,
-    .cb_size = sizeof(psa_f_thread_cb),
+    .cb_size = sizeof(crypto_srv_thread_cb),
-    .stack_mem = psa_f_thread_stack,
+    .stack_mem = crypto_srv_thread_stack,
    .stack_size = 16384,
    .priority = osPriorityNormal,
    .tz_module = 0,
    .reserved = 0
 };
-spm_rot_service_t psa_f_rot_services[PSA_F_ROT_SRV_COUNT] = {
+spm_rot_service_t crypto_srv_rot_services[CRYPTO_SRV_ROT_SRV_COUNT] = {
    {
        .sid = PSA_CRYPTO_INIT_ID,
        .mask = PSA_CRYPTO_INIT,
@ -187,43 +187,43 @@ spm_rot_service_t psa_f_rot_services[PSA_F_ROT_SRV_COUNT] = {
    },
 };
-/* External SIDs used by PSA_F */
+/* External SIDs used by CRYPTO_SRV */
-const uint32_t psa_f_external_sids[4] = {
+const uint32_t crypto_srv_external_sids[4] = {
    PSA_ITS_GET,
    PSA_ITS_SET,
    PSA_ITS_INFO,
    PSA_ITS_REMOVE,
 };
-static osRtxMutex_t psa_f_mutex = {0};
+static osRtxMutex_t crypto_srv_mutex = {0};
-static const osMutexAttr_t psa_f_mutex_attr = {
+static const osMutexAttr_t crypto_srv_mutex_attr = {
-    .name = "psa_f_mutex",
+    .name = "crypto_srv_mutex",
    .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust,
-    .cb_mem = &psa_f_mutex,
+    .cb_mem = &crypto_srv_mutex,
-    .cb_size = sizeof(psa_f_mutex),
+    .cb_size = sizeof(crypto_srv_mutex),
 };
-extern void part_main(void *ptr);
+extern void crypto_main(void *ptr);
-void psa_f_init(spm_partition_t *partition)
+void crypto_srv_init(spm_partition_t *partition)
 {
    if (NULL == partition) {
        SPM_PANIC("partition is NULL!\n");
    }
-    partition->mutex = osMutexNew(&psa_f_mutex_attr);
+    partition->mutex = osMutexNew(&crypto_srv_mutex_attr);
    if (NULL == partition->mutex) {
-        SPM_PANIC("Failed to create mutex for secure partition psa_f!\n");
+        SPM_PANIC("Failed to create mutex for secure partition crypto_srv!\n");
    }
-    for (uint32_t i = 0; i < PSA_F_ROT_SRV_COUNT; ++i) {
+    for (uint32_t i = 0; i < CRYPTO_SRV_ROT_SRV_COUNT; ++i) {
-        psa_f_rot_services[i].partition = partition;
+        crypto_srv_rot_services[i].partition = partition;
    }
-    partition->rot_services = psa_f_rot_services;
+    partition->rot_services = crypto_srv_rot_services;
-    partition->thread_id = osThreadNew(part_main, NULL, &psa_f_thread_attr);
+    partition->thread_id = osThreadNew(crypto_main, NULL, &crypto_srv_thread_attr);
    if (NULL == partition->thread_id) {
-        SPM_PANIC("Failed to create start main thread of partition psa_f!\n");
+        SPM_PANIC("Failed to create start main thread of partition crypto_srv!\n");
    }
 }
--- a/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_srv_partition.h
+++ b/components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_srv_partition.h
@ -23,20 +23,20 @@
 * Generated by tools/spm/generate_partition_code.py Version 1.0
 **********************************************************************************************************************/
-#ifndef PSA_PSA_F_PARTITION_H
+#ifndef PSA_CRYPTO_SRV_PARTITION_H
-#define PSA_PSA_F_PARTITION_H
+#define PSA_CRYPTO_SRV_PARTITION_H
-#define PSA_F_ID 35
+#define CRYPTO_SRV_ID 35
-#define PSA_F_ROT_SRV_COUNT (11UL)
+#define CRYPTO_SRV_ROT_SRV_COUNT (11UL)
-#define PSA_F_EXT_ROT_SRV_COUNT (4UL)
+#define CRYPTO_SRV_EXT_ROT_SRV_COUNT (4UL)
-/* PSA_F event flags */
+/* CRYPTO_SRV event flags */
-#define PSA_F_RESERVED1_POS (1UL)
+#define CRYPTO_SRV_RESERVED1_POS (1UL)
-#define PSA_F_RESERVED1_MSK (1UL << PSA_F_RESERVED1_POS)
+#define CRYPTO_SRV_RESERVED1_MSK (1UL << CRYPTO_SRV_RESERVED1_POS)
-#define PSA_F_RESERVED2_POS (2UL)
+#define CRYPTO_SRV_RESERVED2_POS (2UL)
-#define PSA_F_RESERVED2_MSK (1UL << PSA_F_RESERVED2_POS)
+#define CRYPTO_SRV_RESERVED2_MSK (1UL << CRYPTO_SRV_RESERVED2_POS)
@ -63,7 +63,7 @@
 #define PSA_ENTROPY_INJECT_POS (14UL)
 #define PSA_ENTROPY_INJECT (1UL << PSA_ENTROPY_INJECT_POS)
-#define PSA_F_WAIT_ANY_SID_MSK (\
+#define CRYPTO_SRV_WAIT_ANY_SID_MSK (\
    PSA_CRYPTO_INIT | \
    PSA_MAC | \
    PSA_HASH | \
@ -77,4 +77,4 @@
    PSA_ENTROPY_INJECT)
-#endif // PSA_PSA_F_PARTITION_H
+#endif // PSA_CRYPTO_SRV_PARTITION_H
--- a/components/TARGET_PSA/services/crypto/crypto_partition_psa.json
+++ b/components/TARGET_PSA/services/crypto/crypto_partition_psa.json
@ -1,9 +1,9 @@
 {
-  "name": "PSA_F",
+  "name": "CRYPTO_SRV",
  "type": "APPLICATION-ROT",
  "priority": "NORMAL",
  "id": "0x00000023",
-  "entry_point": "part_main",
+  "entry_point": "crypto_main",
  "stack_size": "0x4000",
  "heap_size": "0x400",
  "services": [
--- a/components/TARGET_PSA/services/crypto/psa_crypto_srv_ifs.h
+++ b/components/TARGET_PSA/services/crypto/psa_crypto_srv_ifs.h
@ -23,8 +23,8 @@
 * Generated by tools/spm/generate_partition_code.py Version 1.0
 **********************************************************************************************************************/
-#ifndef PSA_PSA_F_PARTITION_ROT_SERVICES_H
+#ifndef PSA_CRYPTO_SRV_PARTITION_ROT_SERVICES_H
-#define PSA_PSA_F_PARTITION_ROT_SERVICES_H
+#define PSA_CRYPTO_SRV_PARTITION_ROT_SERVICES_H
 #define PSA_CRYPTO_INIT_ID 0x00000F00
 #define PSA_MAC_ID 0x00000F01
@ -38,4 +38,4 @@
 #define PSA_GENERATOR_ID 0x00000F09
 #define PSA_ENTROPY_ID 0x00000F0A
-#endif // PSA_PSA_F_PARTITION_ROT_SERVICES_H
+#endif // PSA_CRYPTO_SRV_PARTITION_ROT_SERVICES_H
--- a/components/TARGET_PSA/spm/COMPONENT_SPE/psa_setup.c
+++ b/components/TARGET_PSA/spm/COMPONENT_SPE/psa_setup.c
@ -27,22 +27,22 @@
 #include "spm_internal.h"
 #include "handles_manager.h"
 #include "cmsis.h"
-#include "psa_psa_f_partition.h"
+#include "psa_crypto_srv_partition.h"
 #include "psa_its_partition.h"
-extern const uint32_t psa_f_external_sids[4];
+extern const uint32_t crypto_srv_external_sids[4];
 __attribute__((weak))
 spm_partition_t g_partitions[2] = {
    {
-        .partition_id = PSA_F_ID,
+        .partition_id = CRYPTO_SRV_ID,
        .thread_id = 0,
-        .flags_rot_srv = PSA_F_WAIT_ANY_SID_MSK,
+        .flags_rot_srv = CRYPTO_SRV_WAIT_ANY_SID_MSK,
        .flags_interrupts = 0,
        .rot_services = NULL,
-        .rot_services_count = PSA_F_ROT_SRV_COUNT,
+        .rot_services_count = CRYPTO_SRV_ROT_SRV_COUNT,
-        .extern_sids = psa_f_external_sids,
+        .extern_sids = crypto_srv_external_sids,
-        .extern_sids_count = PSA_F_EXT_ROT_SRV_COUNT,
+        .extern_sids_count = CRYPTO_SRV_EXT_ROT_SRV_COUNT,
        .irq_mapper = NULL,
    },
    {
@ -68,7 +68,7 @@ __attribute__((weak))
 const uint32_t mem_region_count = 0;
 // forward declaration of partition initializers
-void psa_f_init(spm_partition_t *partition);
+void crypto_srv_init(spm_partition_t *partition);
 void its_init(spm_partition_t *partition);
 __attribute__((weak))
@ -78,7 +78,7 @@ uint32_t init_partitions(spm_partition_t **partitions)
        SPM_PANIC("partitions is NULL!\n");
    }
-    psa_f_init(&(g_partitions[0]));
+    crypto_srv_init(&(g_partitions[0]));
    its_init(&(g_partitions[1]));
    *partitions = g_partitions;