TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / db2b8db7150183e15169636027f87c4145e5645c^! / . / include / mbedtls
commitdb2b8db7150183e15169636027f87c4145e5645c[log] [tgz]
authorDarryl Green <darryl.green@arm.com>Fri Jun 15 13:06:04 2018 +0100
committerDarryl Green <darryl.green@arm.com>Tue Nov 20 15:21:22 2018 +0000
tree1fa9bc1fe13b1c7be90282e256d8e1f60ffbfdf1
parentd9eee3b417c2e8f63dd10d835ab9a9472242c2ed [diff]
psa: Add storage implementation for files

Add new functions, psa_load_persistent_key(),
psa_free_persistent_key_data(), and psa_save_persistent_key(), for
managing persistent keys. These functions load to or save from our
internal representation of key slots. Serialization is a concern of the
storage backend implementation and doesn't abstraction-leak into the
lifetime management code.

An initial implementation for files is provided. Additional storage
backends can implement this interface for other storage types.

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 6eec2ad..f78e61b 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -506,6 +506,18 @@
 #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&            \
+    !( defined(MBEDTLS_PSA_CRYPTO_C) &&           \
+       defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) )
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) &&            \
+    !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&           \
+       defined(MBEDTLS_FS_IO) )
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index cd256c3..2190ac5 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -2617,6 +2617,31 @@
 #define MBEDTLS_PSA_CRYPTO_C
 
 /**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
+ *
+ * Enable the Platform Security Architecture persistent key storage.
+ *
+ * Module:  library/psa_crypto_storage.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ * Enable persistent key storage over files for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto_storage_file.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+
+/**
  * \def MBEDTLS_RIPEMD160_C
  *
  * Enable the RIPEMD-160 hash algorithm.