Generate DeviceKey RoT for all non-internal storage type#67
Conversation
All external TDB and filesystem storage types for KV global API are based on SecureStore, which depends on DeviceKey which requires a Root of Trust (RoT) being present.
|
@ARMmbed/mbed-os-core This PR has been open for a while, but it would be good to have it reviewed. |
| printf("kv_reset -> %d\n", err_code(res)); | ||
|
|
||
| if (strcmp(STR(MBED_CONF_STORAGE_STORAGE_TYPE), "TDB_EXTERNAL") == 0) { | ||
| if (strcmp(STR(MBED_CONF_STORAGE_STORAGE_TYPE), "TDB_INTERNAL") != 0) { |
There was a problem hiding this comment.
Was the intention the same originally but with an incorrect condition?
There was a problem hiding this comment.
The original condition was incomplete. The condition should be "anything except TDB_INTERNAL", which includes both TDB_EXTERNAL and FILESYSTEM.
There was a problem hiding this comment.
So the intention was the same?
There was a problem hiding this comment.
The original condition was incomplete.
How did you complete the condition? It [the condition] is now the opposite of what it was before?
There was a problem hiding this comment.
It's not the opposite. Notice TDB_EXTERNAL, == before, and TDB_INTERNAL, != now.
There was a problem hiding this comment.
Ah I didnt notice INTERNAL...
2 participants
Corrects #66
Both
TDB_EXTERNALandFILESYSTEMare based onSecureStore, which depends onDeviceKeywhich requires a Root of Trust (RoT) being present. In other words, we need to generate an RoT in all cases other than TDB_INTERNAL.@ARMmbed/mbed-os-core