From a90abf13b6e2be43a22a1bca41474bb3e032852b Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 20 Nov 2018 18:32:25 +0200
Subject: [PATCH] add MBEDTLS_PSA_HAS_ITS_IO

update config.h,config-psa-crypto.h, version_features.c and config.pl
---
 configs/config-psa-crypto.h | 10 ++++++++++
 include/mbedtls/config.h    | 10 ++++++++++
 library/version_features.c  |  3 +++
 scripts/config.pl           |  3 +++
 4 files changed, 26 insertions(+)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index f3a8b722f..c9a8ebd62 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -710,6 +710,16 @@
  */
 //#define MBEDTLS_PSA_CRYPTO_SPM
 
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index b2a9a2e10..c47c4714a 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1173,6 +1173,16 @@
  */
 //#define MBEDTLS_PSA_CRYPTO_SPM
 
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/library/version_features.c b/library/version_features.c
index 00652f1e4..af8149052 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -420,6 +420,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_PSA_CRYPTO_SPM)
     "MBEDTLS_PSA_CRYPTO_SPM",
 #endif /* MBEDTLS_PSA_CRYPTO_SPM */
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+    "MBEDTLS_PSA_HAS_ITS_IO",
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
 #if defined(MBEDTLS_RSA_NO_CRT)
     "MBEDTLS_RSA_NO_CRT",
 #endif /* MBEDTLS_RSA_NO_CRT */
diff --git a/scripts/config.pl b/scripts/config.pl
index 81bb8950d..6d02ec05c 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -97,6 +97,8 @@ MBEDTLS_PKCS11_C
 MBEDTLS_NO_UDBL_DIVISION
 MBEDTLS_NO_64BIT_MULTIPLICATION
 MBEDTLS_PSA_CRYPTO_SPM
+MBEDTLS_PSA_HAS_ITS_IO
+MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
 _ALT\s*$
 );
 
@@ -119,6 +121,7 @@ MBEDTLS_PLATFORM_FPRINTF_ALT
 MBEDTLS_PSA_CRYPTO_STORAGE_C
 MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+MBEDTLS_PSA_HAS_ITS_IO
 );
 
 # Things that should be enabled in "full" even if they match @excluded