secure_storage: use hybrid key store in samples/tests

Use dynamic allocation for key material for better compatibility as a fully static key store is a new feature that not all PSA Crypto implementations support. Explicitly enable CONFIG_MBEDTLS_ENABLE_HEAP to ensure that Mbed TLS uses heap for the PSA keys' data (instead of failing at runtime). This will turn off CONFIG_MBEDTLS_PSA_STATIC_KEY_SLOTS, making the implementation default to dynamic key slots. Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
5 months ago · eb1ed1205f
2 changed files with 4 additions and 2 deletions
--- a/samples/psa/persistent_key/overlay-secure_storage.conf
+++ b/samples/psa/persistent_key/overlay-secure_storage.conf
@ -2,6 +2,8 @@
				@@ -2,6 +2,8 @@

 CONFIG_MBEDTLS=y
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=1024

 # The default stack size (1024) is not enough for the PSA Crypto core.
 # On top of that, the ITS implementation uses the stack for buffers.
--- a/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf
+++ b/tests/subsys/secure_storage/psa/crypto/overlay-secure_storage.conf
@ -5,9 +5,9 @@ CONFIG_MBEDTLS=y
				@@ -5,9 +5,9 @@ CONFIG_MBEDTLS=y
 CONFIG_TEST_RANDOM_GENERATOR=y
 CONFIG_TIMER_RANDOM_GENERATOR=y
 CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y
-# PSA Crypto needs some heap, but MINIMAL_LIBC has none by default.
-CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=2048
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=1024

 CONFIG_SECURE_STORAGE=y
 # For testing isolation between the different callers of the ITS.