Declare a psa_key_file_id_t layout with an owner field
Declare the owner as psa_key_owner_id_t, of which an implementation must be provided separately. Make this a configuration option MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER, to make the conditional compilation flow easier to follow. Declare it in config.h to pacify check_names.sh. Support for a specific implementation of psa_key_owner_id_t in storage backends will come in a subsequent commit.
This commit is contained in:
Gilles Peskine
parent
5b229a06f4
commit
69d7c8b2d7
5 changed files with 46 additions and 0 deletions
|
|
@ -1156,6 +1156,21 @@
|
|||
*/
|
||||
//#define MBEDTLS_PSA_HAS_ITS_IO
|
||||
|
||||
/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
|
||||
*
|
||||
* In PSA key storage, encode the owner of the key.
|
||||
*
|
||||
* This is only meaningful when building the library as part of a
|
||||
* multi-client service. When you activate this option, you must provide
|
||||
* an implementation of the type psa_key_owner_id_t and a translation
|
||||
* from psa_key_file_id_t to file name in all the storage backends that
|
||||
* you wish to support.
|
||||
*
|
||||
* Note that this option is meant for internal use only and may be removed
|
||||
* without notice.
|
||||
*/
|
||||
//#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_MEMORY_DEBUG
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue