1# SPDX-License-Identifier: Apache-2.0
2
3zephyr_library()
4zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
5zephyr_library_include_directories(include/internal) # secure_storage headers
6add_subdirectory(src)
7
8# Make the subsystem's PSA Secure Storage API headers available only when it's enabled.
9zephyr_include_directories(
10  include
11)
12
13# Make the secure_storage headers available to the application only when it's implementing the relevant APIs.
14function(make_available header)
15  if(NOT header STREQUAL "common.h")
16    make_available(common.h)
17  endif()
18  if((header MATCHES "^its") AND NOT (header STREQUAL "its/common.h"))
19    make_available(its/common.h)
20  endif()
21  configure_file(include/internal/zephyr/secure_storage/${header}
22                 ${CMAKE_BINARY_DIR}/zephyr/include/generated/zephyr/secure_storage/${header}
23                 COPYONLY)
24endfunction()
25
26if(CONFIG_SECURE_STORAGE_ITS_IMPLEMENTATION_CUSTOM)
27  make_available(its.h)
28endif()
29
30if(CONFIG_SECURE_STORAGE_PS_IMPLEMENTATION_CUSTOM)
31  make_available(ps.h)
32endif()
33
34if(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_MODULE)
35
36  if(NOT CONFIG_SECURE_STORAGE_ITS_TRANSFORM_IMPLEMENTATION_AEAD)
37    make_available(its/transform.h)
38  endif()
39
40endif() # CONFIG_SECURE_STORAGE_ITS_TRANSFORM_MODULE
41
42if(CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_CUSTOM)
43  make_available(its/store.h)
44endif()
45
46if(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_IMPLEMENTATION_AEAD)
47
48  # Make the aead_get.h header available whenever none of the Zephyr-provided
49  # implementations are in use. In that case either the custom or an additional
50  # option added downstream is used, and it needs that header file.
51
52  if((NOT CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_SCHEME_AES_GCM
53      AND NOT CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_SCHEME_CHACHA20_POLY1305)
54  OR (NOT CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER_DEVICE_ID_HASH
55      AND NOT CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER_ENTRY_UID_HASH)
56  OR (NOT CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_NONCE_PROVIDER_DEFAULT))
57    make_available(its/transform/aead_get.h)
58  endif()
59
60endif() # CONFIG_SECURE_STORAGE_ITS_TRANSFORM_IMPLEMENTATION_AEAD
61
62if(CONFIG_SECURE_STORAGE_ITS_STORE_SETTINGS_NAME_CUSTOM)
63  make_available(its/store/settings_get.h)
64endif()
65