Fix a few SecureStore issues (following preliminary security review)

Fork: 0

LuminaSensum / mbed-os

Browse code Fix a few SecureStore issues (following preliminary security review) - Remove require integrity flag (authentication) - always authenticate - Use RBP KV to store CMAC also in write once case - Allow removing a key if reading it failed on RBP authentication error - Disable SecureStore if user disables MBED TLS AES CTR or CMAC ls
1 parent 3df9421 commit cb7f68e99291dd29b113da6a3669785556ba2e94 David Saada authored on 6 Dec 2018

Browse code

- Remove require integrity flag (authentication) - always authenticate
- Use RBP KV to store CMAC also in write once case
- Allow removing a key if reading it failed on RBP authentication error
- Disable SecureStore if user disables MBED TLS AES CTR or CMAC

1 parent 3df9421 commit cb7f68e99291dd29b113da6a3669785556ba2e94

David Saada authored on 6 Dec 2018

Patch

Unified Split

Showing 9 changed files

Ignore Space Show notes View docs/design-documents/features/storage/KVStore/KVStore_design.md

Ignore Space Show notes View docs/design-documents/features/storage/SecureStore/SecureStore_design.md

Ignore Space Show notes View features/storage/TESTS/kvstore/general_tests_phase_1/main.cpp

Ignore Space Show notes View features/storage/TESTS/kvstore/securestore_whitebox/main.cpp

Ignore Space Show notes View features/storage/kvstore/KVStore.h

Ignore Space Show notes View features/storage/kvstore/conf/kv_config.cpp

Ignore Space Show notes View features/storage/kvstore/global_api/kvstore_global_api.h

Ignore Space Show notes View features/storage/kvstore/securestore/SecureStore.cpp

Ignore Space Show notes View features/storage/kvstore/securestore/SecureStore.h

Show line notes below