Instead of checking whether a custom implementation is present, check
whether the AEAD one is used.
This allows downstream users to expand the implementation choice with
more options.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Some ITS store module implementations may make use of them.
This is the case of the custom one in the
secure_storage.psa.its.secure_storage.custom.store test.
Instead of making transform.h conditionally available, move the definitions
to common.h and simply make them available whenever the ITS transform
module is enabled.
At the same time, remove unneeded/redundant includes/build asserts.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Instead of checking for CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_*_CUSTOM,
check for any of the existing providers.
This allows downstream users to expand the choices with more options
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Allow replacing the default naming scheme of the stored settings by
providing a custom function that fills a name buffer based on the ITS
entry UID.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
The rule says there must not be spaces "between a command and the opening
parenthesis".
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add a Kconfig option to match the Mbed TLS define
instead of defining it based on CONFIG_SECURE_STORAGE.
This gives more flexibility regarding the potential re-definition of the
CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C Kconfig option.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Mixing `select` and `depends on` is a common source of Kconfig
dependency loops and should be avoided. Both `ZMS` and `SETTINGS` are
more commonly used with `depends on` rather than `select`.
The usage here also contradicts the Zephyr best practices guide for
`select`:
* Avoid selecting symbols with prompts or dependencies.
Prefer depends on.
Signed-off-by: Jordan Yates <jordan@embeint.com>
`SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_SETTINGS` does not use either
the `FLASH_MAP` or `NVS` APIs, only `SETTINGS`.
Similarly, `SECURE_STORAGE_ITS_STORE_MODULE` does not consist of any
code itself and therefore should not select or imply any options.
Signed-off-by: Jordan Yates <jordan@embeint.com>
-Adding explicit include for mbedtls/platform_util.h to get acces
to mbedtls_platform_zeroize in ITS. Somehow not visibile in Zephyr but
it caused build issues in nRF Connect SDK.
Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
Output a CMake error when the ITS store module is enabled but no
implementation ended up enabled (due to unfulfilled prerequisites).
This is to make it more clear than undefined references at link time.
Not a fatal error because CMake cannot fail for the twister filtering
to work on the tests.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Remove the hard restriction on CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE.
SETTINGS_MAX_VAL_LEN is in practice not used by any settings backend
implementation.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
It becomes the new default when the secure_storage_its_partition
devicetree chosen property is defined as it is a preferred alternative.
See the help message of the
`CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_ZMS` Kconfig option
for more information.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
