diff options
| -rw-r--r-- | configs/config-psa-crypto.h | 17 | ||||
| -rw-r--r-- | include/mbedtls/check_config.h | 14 | ||||
| -rw-r--r-- | include/mbedtls/config.h | 17 | ||||
| -rw-r--r-- | library/version_features.c | 3 | ||||
| -rwxr-xr-x | scripts/config.pl | 1 |
5 files changed, 48 insertions, 4 deletions
diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 27e9ef1..f3a8b72 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1529,7 +1529,9 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * Requires: MBEDTLS_PSA_CRYPTO_C and one of either + * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * (but not both) * */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -1548,6 +1550,19 @@ #define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C /** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * + * Enable persistent key storage over PSA ITS for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_its.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + +/** * \def MBEDTLS_RIPEMD160_C * * Enable the RIPEMD-160 hash algorithm. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index f78e61b..21bede7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -506,9 +506,14 @@ #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) +#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined" +#endif + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ - !( defined(MBEDTLS_PSA_CRYPTO_C) && \ - defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) ) + !( defined(MBEDTLS_PSA_CRYPTO_C) && \ + ( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) || \ + defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) ) #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" #endif @@ -518,6 +523,11 @@ #error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) && \ + ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) +#error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2190ac5..b2a9a2e 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2623,7 +2623,9 @@ * * Module: library/psa_crypto_storage.c * - * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C + * Requires: MBEDTLS_PSA_CRYPTO_C and one of either + * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * (but not both) * */ #define MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -2642,6 +2644,19 @@ #define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C /** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + * + * Enable persistent key storage over PSA ITS for the + * Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto_storage_its.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO + * + */ +//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C + +/** * \def MBEDTLS_RIPEMD160_C * * Enable the RIPEMD-160 hash algorithm. diff --git a/library/version_features.c b/library/version_features.c index 7ef8997..00652f1 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -693,6 +693,9 @@ static const char *features[] = { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C", #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) + "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C", +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */ #if defined(MBEDTLS_RIPEMD160_C) "MBEDTLS_RIPEMD160_C", #endif /* MBEDTLS_RIPEMD160_C */ diff --git a/scripts/config.pl b/scripts/config.pl index 69c6d5f..81bb895 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -118,6 +118,7 @@ MBEDTLS_PLATFORM_TIME_ALT MBEDTLS_PLATFORM_FPRINTF_ALT MBEDTLS_PSA_CRYPTO_STORAGE_C MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C +MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C ); # Things that should be enabled in "full" even if they match @excluded |