From 0b7ee23fe09b1ef763a7b3287f98952d9a075d0b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Jun 2022 12:16:50 +0200 Subject: [PATCH] Historical update: the layout on stdio changed in Mbed Crypto 1.1.0 Signed-off-by: Gilles Peskine --- .../mbed-crypto-storage-specification.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index 1442f67b89..60203a0aa0 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -171,7 +171,21 @@ Tags: mbedcrypto-1.1.0 Released in early June 2019.
Integrated in Mbed OS 5.13. -Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format. +Changes since [1.0.0](#mbed-crypto-1.0.0): + +* The stdio backend for storage has been replaced by an implementation of [PSA ITS over stdio](#file-namespace-on-stdio-for-1.1.0). +* [Some changes in the key file format](#key-file-format-for-1.1.0). + +### File namespace on stdio for 1.1.0 + +Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23. + +An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory). + +* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present. +* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a non-key file (currently: only the [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0)). The contents of the file are: + * Magic header (8 bytes): `"PSA\0ITS\0"` + * File contents. ### Key file format for 1.1.0