Generate DeviceKey Root of Trust if SecureStore is enabled #66
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #52
Following ARMmbed/mbed-os#12385, DeviceKey Root of Trust is not implicitly generated anymore. The Root of Trust can be either auto generated with
DeviceKey::get_instance().generate_root_of_trust()
, or injected withDeviceKey::device_inject_root_of_trust(...)
.External TDB uses SecureStore which depends on DeviceKey (here), so we need to set up a Root of Trust by generating one. Note:
generate_root_of_trust()
depends on TRNG support, which is already a requirement for SecureStore so we don't need an extra check here.Tested on K64F with SD card.
@ARMmbed/mbed-os-core