Remove compilation option MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_HAS_ITS_IO is not really useful since it doesn't actually
enable anything except the entropy seed file support, which only
requires the ITS interface and not a native implemetation. Remove it.
diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 0b57d1c..7f7c0cf 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -1146,16 +1146,6 @@
*/
//#define MBEDTLS_ENTROPY_NV_SEED
-/**
- * \def MBEDTLS_PSA_HAS_ITS_IO
- *
- * Enable the non-volatile secure storage usage.
- *
- * This is crucial on systems that do not have a HW TRNG support.
- *
- */
-//#define MBEDTLS_PSA_HAS_ITS_IO
-
/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
*
* In PSA key storage, encode the owner of the key.
@@ -1242,16 +1232,6 @@
//#define MBEDTLS_PSA_CRYPTO_SPM
/**
- * \def MBEDTLS_PSA_HAS_ITS_IO
- *
- * Enable the non-volatile secure storage usage.
- *
- * This is crucial on systems that do not have a HW TRNG support.
- *
- */
-//#define MBEDTLS_PSA_HAS_ITS_IO
-
-/**
* \def MBEDTLS_RSA_NO_CRT
*
* Do not use the Chinese Remainder Theorem
@@ -2735,7 +2715,7 @@
*
* Requires: MBEDTLS_FS_IO
*/
-#define MBEDTLS_PSA_ITS_FILE_C
+//#define MBEDTLS_PSA_ITS_FILE_C
/**
* \def MBEDTLS_RIPEMD160_C
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index f27b50e..a358a20 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1166,16 +1166,6 @@
*/
//#define MBEDTLS_ENTROPY_NV_SEED
-/**
- * \def MBEDTLS_PSA_HAS_ITS_IO
- *
- * Enable the non-volatile secure storage usage.
- *
- * This is crucial on systems that do not have a HW TRNG support.
- *
- */
-//#define MBEDTLS_PSA_HAS_ITS_IO
-
/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
*
* In PSA key storage, encode the owner of the key.
@@ -1262,16 +1252,6 @@
//#define MBEDTLS_PSA_CRYPTO_SPM
/**
- * \def MBEDTLS_PSA_HAS_ITS_IO
- *
- * Enable the non-volatile secure storage usage.
- *
- * This is crucial on systems that do not have a HW TRNG support.
- *
- */
-//#define MBEDTLS_PSA_HAS_ITS_IO
-
-/**
* \def MBEDTLS_RSA_NO_CRT
*
* Do not use the Chinese Remainder Theorem
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 5dd4789..545dd4b 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -115,7 +115,7 @@
*
* \note This function is only available on the following platforms:
* * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and
- * MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you
+ * MBEDTLS_PSA_CRYPTO_STORAGE_C are both enabled. Note that you
* must provide compatible implementations of mbedtls_nv_seed_read
* and mbedtls_nv_seed_write.
* * In a client-server integration of PSA Cryptography, on the client side,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cd1499a..1b554b5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -78,10 +78,6 @@
#include "mbedtls/sha512.h"
#include "mbedtls/xtea.h"
-#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
-#include "psa/internal_trusted_storage.h"
-#endif
-
#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
/* constant-time buffer comparison */
@@ -4423,8 +4419,8 @@
return( mbedtls_to_psa_error( ret ) );
}
-#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
-
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && \
+ defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
size_t seed_size )
{
diff --git a/library/version_features.c b/library/version_features.c
index 61a662c..92b1af1 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -411,9 +411,6 @@
#if defined(MBEDTLS_ENTROPY_NV_SEED)
"MBEDTLS_ENTROPY_NV_SEED",
#endif /* MBEDTLS_ENTROPY_NV_SEED */
-#if defined(MBEDTLS_PSA_HAS_ITS_IO)
- "MBEDTLS_PSA_HAS_ITS_IO",
-#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
"MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER",
#endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
@@ -435,9 +432,6 @@
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
"MBEDTLS_PSA_CRYPTO_SPM",
#endif /* MBEDTLS_PSA_CRYPTO_SPM */
-#if defined(MBEDTLS_PSA_HAS_ITS_IO)
- "MBEDTLS_PSA_HAS_ITS_IO",
-#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_RSA_NO_CRT)
"MBEDTLS_RSA_NO_CRT",
#endif /* MBEDTLS_RSA_NO_CRT */
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 3e847e5..52db0b2 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -1138,14 +1138,6 @@
}
#endif /* MBEDTLS_ENTROPY_NV_SEED */
-#if defined(MBEDTLS_PSA_HAS_ITS_IO)
- if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 )
- {
- MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO );
- return( 0 );
- }
-#endif /* MBEDTLS_PSA_HAS_ITS_IO */
-
#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", config ) == 0 )
{
@@ -1202,14 +1194,6 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SPM */
-#if defined(MBEDTLS_PSA_HAS_ITS_IO)
- if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 )
- {
- MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO );
- return( 0 );
- }
-#endif /* MBEDTLS_PSA_HAS_ITS_IO */
-
#if defined(MBEDTLS_RSA_NO_CRT)
if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 )
{
diff --git a/scripts/config.pl b/scripts/config.pl
index 5542b2d..fc71f65 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -101,7 +101,6 @@
MBEDTLS_NO_UDBL_DIVISION
MBEDTLS_NO_64BIT_MULTIPLICATION
MBEDTLS_PSA_CRYPTO_SPM
-MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
MBEDTLS_USE_PSA_CRYPTO
_ALT\s*$
@@ -125,7 +124,6 @@
MBEDTLS_PLATFORM_FPRINTF_ALT
MBEDTLS_PSA_CRYPTO_STORAGE_C
MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
-MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_ITS_FILE_C
);
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index a14657e..76a7b58 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -12,7 +12,7 @@
/* END_HEADER */
/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
+ * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_CRYPTO_STORAGE_C
* END_DEPENDENCIES
*/