TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e435f23019c040dd30c1def3176f134466770dc7^! / . / include / mbedtls
commite435f23019c040dd30c1def3176f134466770dc7[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Sun Feb 24 14:03:29 2019 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Fri Mar 15 11:14:51 2019 +0100
treeb79f2c9f91ae0136c1fcf701d971916c055c8291
parent23793482ac41d9cf0195e89e5e9a63583d2328d0 [diff]
Remove psa_crypto_storage_file

Now that we have ITS over files, we no longer need a direct backend
for key storage over files. Remove psa_crypto_storage_file and its
tests.

Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on
by default. This preserves functionality and test coverage in the
default configuration, but forgets any key previously stored using the
file backend.

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 28cdb43..7d6c0c9 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -525,23 +525,12 @@
 #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
-#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined"
-#endif
-
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&            \
     !( defined(MBEDTLS_PSA_CRYPTO_C) &&                 \
-       ( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) ||  \
-         defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) )
+       defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) )
 #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) &&            \
-    !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&           \
-       defined(MBEDTLS_FS_IO) )
-#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) &&             \
     ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
 #error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites"

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 45b1932..f8585c7 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -2761,27 +2761,12 @@
  *
  * Module:  library/psa_crypto_storage.c
  *
- * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
- * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
- * (but not both)
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
  *
  */
 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
 
 /**
- * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
- *
- * Enable direct persistent key storage over files for the
- * Platform Security Architecture cryptography API.
- *
- * Module:  library/psa_crypto_storage_file.c
- *
- * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
- *
- */
-#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
-
-/**
  * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
  *
  * Enable persistent key storage over PSA ITS for the
@@ -2793,7 +2778,7 @@
  *           either MBEDTLS_PSA_HAS_ITS_IO or MBEDTLS_PSA_ITS_FILE_C
  *
  */
-//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
 
 /**
  * \def MBEDTLS_PSA_ITS_FILE_C