Remove compilation option MBEDTLS_PSA_HAS_ITS_IO

MBEDTLS_PSA_HAS_ITS_IO is not really useful since it doesn't actually
enable anything except the entropy seed file support, which only
requires the ITS interface and not a native implemetation. Remove it.
This commit is contained in:
Gilles Peskine 2019-02-24 17:47:27 +01:00
parent 5e80d91dbf
commit 6bf4baef95
8 changed files with 5 additions and 73 deletions

View file

@ -1146,16 +1146,6 @@
*/ */
//#define MBEDTLS_ENTROPY_NV_SEED //#define MBEDTLS_ENTROPY_NV_SEED
/**
* \def MBEDTLS_PSA_HAS_ITS_IO
*
* Enable the non-volatile secure storage usage.
*
* This is crucial on systems that do not have a HW TRNG support.
*
*/
//#define MBEDTLS_PSA_HAS_ITS_IO
/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
* *
* In PSA key storage, encode the owner of the key. * In PSA key storage, encode the owner of the key.
@ -1241,16 +1231,6 @@
*/ */
//#define MBEDTLS_PSA_CRYPTO_SPM //#define MBEDTLS_PSA_CRYPTO_SPM
/**
* \def MBEDTLS_PSA_HAS_ITS_IO
*
* Enable the non-volatile secure storage usage.
*
* This is crucial on systems that do not have a HW TRNG support.
*
*/
//#define MBEDTLS_PSA_HAS_ITS_IO
/** /**
* \def MBEDTLS_RSA_NO_CRT * \def MBEDTLS_RSA_NO_CRT
* *
@ -2735,7 +2715,7 @@
* *
* Requires: MBEDTLS_FS_IO * Requires: MBEDTLS_FS_IO
*/ */
#define MBEDTLS_PSA_ITS_FILE_C //#define MBEDTLS_PSA_ITS_FILE_C
/** /**
* \def MBEDTLS_RIPEMD160_C * \def MBEDTLS_RIPEMD160_C

View file

@ -1166,16 +1166,6 @@
*/ */
//#define MBEDTLS_ENTROPY_NV_SEED //#define MBEDTLS_ENTROPY_NV_SEED
/**
* \def MBEDTLS_PSA_HAS_ITS_IO
*
* Enable the non-volatile secure storage usage.
*
* This is crucial on systems that do not have a HW TRNG support.
*
*/
//#define MBEDTLS_PSA_HAS_ITS_IO
/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
* *
* In PSA key storage, encode the owner of the key. * In PSA key storage, encode the owner of the key.
@ -1261,16 +1251,6 @@
*/ */
//#define MBEDTLS_PSA_CRYPTO_SPM //#define MBEDTLS_PSA_CRYPTO_SPM
/**
* \def MBEDTLS_PSA_HAS_ITS_IO
*
* Enable the non-volatile secure storage usage.
*
* This is crucial on systems that do not have a HW TRNG support.
*
*/
//#define MBEDTLS_PSA_HAS_ITS_IO
/** /**
* \def MBEDTLS_RSA_NO_CRT * \def MBEDTLS_RSA_NO_CRT
* *

View file

@ -115,7 +115,7 @@ void mbedtls_psa_crypto_free( void );
* *
* \note This function is only available on the following platforms: * \note This function is only available on the following platforms:
* * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and
* MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you * MBEDTLS_PSA_CRYPTO_STORAGE_C are both enabled. Note that you
* must provide compatible implementations of mbedtls_nv_seed_read * must provide compatible implementations of mbedtls_nv_seed_read
* and mbedtls_nv_seed_write. * and mbedtls_nv_seed_write.
* * In a client-server integration of PSA Cryptography, on the client side, * * In a client-server integration of PSA Cryptography, on the client side,

View file

@ -78,10 +78,6 @@
#include "mbedtls/sha512.h" #include "mbedtls/sha512.h"
#include "mbedtls/xtea.h" #include "mbedtls/xtea.h"
#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
#include "psa/internal_trusted_storage.h"
#endif
#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
/* constant-time buffer comparison */ /* constant-time buffer comparison */
@ -4423,8 +4419,8 @@ psa_status_t psa_generate_random( uint8_t *output,
return( mbedtls_to_psa_error( ret ) ); return( mbedtls_to_psa_error( ret ) );
} }
#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) ) #if defined(MBEDTLS_ENTROPY_NV_SEED) && \
defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed, psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
size_t seed_size ) size_t seed_size )
{ {

View file

@ -411,9 +411,6 @@ static const char *features[] = {
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
"MBEDTLS_ENTROPY_NV_SEED", "MBEDTLS_ENTROPY_NV_SEED",
#endif /* MBEDTLS_ENTROPY_NV_SEED */ #endif /* MBEDTLS_ENTROPY_NV_SEED */
#if defined(MBEDTLS_PSA_HAS_ITS_IO)
"MBEDTLS_PSA_HAS_ITS_IO",
#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) #if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
"MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER",
#endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */ #endif /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
@ -435,9 +432,6 @@ static const char *features[] = {
#if defined(MBEDTLS_PSA_CRYPTO_SPM) #if defined(MBEDTLS_PSA_CRYPTO_SPM)
"MBEDTLS_PSA_CRYPTO_SPM", "MBEDTLS_PSA_CRYPTO_SPM",
#endif /* MBEDTLS_PSA_CRYPTO_SPM */ #endif /* MBEDTLS_PSA_CRYPTO_SPM */
#if defined(MBEDTLS_PSA_HAS_ITS_IO)
"MBEDTLS_PSA_HAS_ITS_IO",
#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_RSA_NO_CRT) #if defined(MBEDTLS_RSA_NO_CRT)
"MBEDTLS_RSA_NO_CRT", "MBEDTLS_RSA_NO_CRT",
#endif /* MBEDTLS_RSA_NO_CRT */ #endif /* MBEDTLS_RSA_NO_CRT */

View file

@ -1138,14 +1138,6 @@ int query_config( const char *config )
} }
#endif /* MBEDTLS_ENTROPY_NV_SEED */ #endif /* MBEDTLS_ENTROPY_NV_SEED */
#if defined(MBEDTLS_PSA_HAS_ITS_IO)
if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO );
return( 0 );
}
#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER) #if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", config ) == 0 ) if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER", config ) == 0 )
{ {
@ -1202,14 +1194,6 @@ int query_config( const char *config )
} }
#endif /* MBEDTLS_PSA_CRYPTO_SPM */ #endif /* MBEDTLS_PSA_CRYPTO_SPM */
#if defined(MBEDTLS_PSA_HAS_ITS_IO)
if( strcmp( "MBEDTLS_PSA_HAS_ITS_IO", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HAS_ITS_IO );
return( 0 );
}
#endif /* MBEDTLS_PSA_HAS_ITS_IO */
#if defined(MBEDTLS_RSA_NO_CRT) #if defined(MBEDTLS_RSA_NO_CRT)
if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 ) if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 )
{ {

View file

@ -101,7 +101,6 @@ MBEDTLS_PKCS11_C
MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_UDBL_DIVISION
MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_NO_64BIT_MULTIPLICATION
MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_CRYPTO_SPM
MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
MBEDTLS_USE_PSA_CRYPTO MBEDTLS_USE_PSA_CRYPTO
_ALT\s*$ _ALT\s*$
@ -125,7 +124,6 @@ MBEDTLS_PLATFORM_TIME_ALT
MBEDTLS_PLATFORM_FPRINTF_ALT MBEDTLS_PLATFORM_FPRINTF_ALT
MBEDTLS_PSA_CRYPTO_STORAGE_C MBEDTLS_PSA_CRYPTO_STORAGE_C
MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
MBEDTLS_PSA_HAS_ITS_IO
MBEDTLS_PSA_ITS_FILE_C MBEDTLS_PSA_ITS_FILE_C
); );

View file

@ -12,7 +12,7 @@
/* END_HEADER */ /* END_HEADER */
/* BEGIN_DEPENDENCIES /* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_CRYPTO_STORAGE_C
* END_DEPENDENCIES * END_DEPENDENCIES
*/ */