bartoszek/zephyr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
exceptions
zephyr/samples/psa/its
History
Valerio Setti aa64dd32f1 samples|tests: secure-storage: allow all test rng sources 
Add MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG to the list of
test Kconfigs. Typical use case of this:

- the platform has "zephyr,entropy" defined in the devicetree which means
  that CSPRNG_AVAILABLE is set;
- for some reason the board actually does not have any entropy driver
  enabled (ex: ENTROPY_BT_HCI is disabled in nrf5340bsim when BT is _not_
  enabled in the build);
- since TEST_RANDOM_GENERATOR is enabled then also TEST_CSPRNG_GENERATOR
  would be;
- unfortunately the call to psa_generate_random() would fail in
  get_random_data() (in modules/mbedtls/zephyr_entropy.c) because
  MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG is not set and it would
  not reach "subsys/random/random_test_csprng.c".

This commit fixes this problem.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2024-12-19 17:53:37 +01:00
..
src
CMakeLists.txt
overlay-entropy_driver.conf
overlay-entropy_not_secure.conf samples|tests: secure-storage: allow all test rng sources 2024-12-19 17:53:37 +01:00
overlay-secure_storage.conf
prj.conf
README.rst
sample.yaml

README.rst 

.. zephyr:code-sample:: psa_its
   :name: PSA Internal Trusted Storage API
   :relevant-api: psa_secure_storage

   Use the PSA ITS API.

Overview
********

This sample demonstrates usage of the
`PSA Internal Trusted Storage (ITS) API <https://arm-software.github.io/psa-api/storage/1.0/overview/architecture.html#the-internal-trusted-storage-api>`_,
which is part of the `PSA Secure Storage API <https://arm-software.github.io/psa-api/storage/>`_,
for storing and retrieving persistent data.

Requirements
************

An implementation of the PSA ITS API must be present for this sample to build.
It can be provided by:

* :ref:`tfm`, for ``*/ns`` :term:`board targets<board target>`.
* The :ref:`secure storage subsystem <secure_storage>`, for the other board targets.

Building
********

This sample is located in :zephyr_file:`samples/psa/its`.

Different configurations are defined in the :file:`sample.yaml` file.
You can use them to build the sample, depending on the PSA ITS provider, as follows:

.. tabs::

   .. tab:: TF-M

     For board targets with TF-M:

      .. zephyr-app-commands::
         :zephyr-app: samples/psa/its
         :tool: west
         :goals: build
         :board: <ns_board_target>
         :west-args: -T sample.psa.its.tfm

   .. tab:: secure storage subsystem

      For board targets without TF-M.

      If the board target to compile for has an entropy driver (preferable):

      .. zephyr-app-commands::
         :zephyr-app: samples/psa/its
         :tool: west
         :goals: build
         :board: <board_target>
         :west-args: -T sample.psa.its.secure_storage.entropy_driver

      Or, to use an insecure entropy source (only for testing):

      .. zephyr-app-commands::
         :zephyr-app: samples/psa/its
         :tool: west
         :goals: build
         :board: <board_target>
         :west-args: -T sample.psa.its.secure_storage.entropy_not_secure

To flash it, see :ref:`west-flashing`.