secure_storage: its: make definitions available outside of transform.h

Some ITS store module implementations may make use of them.
This is the case of the custom one in the
secure_storage.psa.its.secure_storage.custom.store test.

Instead of making transform.h conditionally available, move the definitions
to common.h and simply make them available whenever the ITS transform
module is enabled.

At the same time, remove unneeded/redundant includes/build asserts.

Signed-off-by: Tomi Fontanilles <[email protected]>

Author: tomi-font

subsys/secure_storage/CMakeLists.txt

@@ -31,9 +31,7 @@ if(CONFIG_SECURE_STORAGE_PS_IMPLEMENTATION_CUSTOM)
   make_available(ps.h)
 endif()
 
-if(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_IMPLEMENTATION_CUSTOM
-    OR (CONFIG_SECURE_STORAGE_ITS_STORE_IMPLEMENTATION_CUSTOM
-        AND CONFIG_SECURE_STORAGE_ITS_TRANSFORM_MODULE))
+if(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_IMPLEMENTATION_CUSTOM)
   make_available(its/transform.h)
 endif()
 

subsys/secure_storage/include/internal/zephyr/secure_storage/its/common.h

@@ -28,4 +28,19 @@ typedef struct {
 	secure_storage_its_caller_id_t caller_id;
 } __packed secure_storage_its_uid_t;
 
+#ifdef CONFIG_SECURE_STORAGE_ITS_TRANSFORM_MODULE
+
+/** The maximum size, in bytes, of an entry's data after it has been transformed for storage. */
+enum { SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE
+	= CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE
+	  + sizeof(secure_storage_packed_create_flags_t)
+	  + CONFIG_SECURE_STORAGE_ITS_TRANSFORM_OUTPUT_OVERHEAD };
+
+/** The size, in bytes, of an entry's data given its size once transformed for storage. */
+#define SECURE_STORAGE_ITS_TRANSFORM_DATA_SIZE(transformed_data_size) \
+	(transformed_data_size - (SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE \
+				  - CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE))
+
+#endif /* CONFIG_SECURE_STORAGE_ITS_TRANSFORM_MODULE */
+
 #endif

subsys/secure_storage/include/internal/zephyr/secure_storage/its/transform.h

@@ -13,16 +13,6 @@
  */
 #include <zephyr/secure_storage/its/common.h>
 
-/** The maximum size, in bytes, of an entry's data after it has been transformed for storage. */
-enum { SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE
-	= CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE
-	  + sizeof(secure_storage_packed_create_flags_t)
-	  + CONFIG_SECURE_STORAGE_ITS_TRANSFORM_OUTPUT_OVERHEAD };
-
-#define SECURE_STORAGE_ITS_TRANSFORM_DATA_SIZE(stored_data_len) \
-	(stored_data_len - (SECURE_STORAGE_ITS_TRANSFORM_MAX_STORED_DATA_SIZE \
-			    - CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE))
-
 /** @brief Transforms the data of an ITS entry for storage.
  *
  * @param[in]  uid             The entry's UID.

subsys/secure_storage/src/its/store/settings.c

@@ -10,10 +10,6 @@
 #include <errno.h>
 #include <stdio.h>
 
-#ifdef CONFIG_SECURE_STORAGE_ITS_IMPLEMENTATION_ZEPHYR
-#include <zephyr/secure_storage/its/transform.h>
-#endif
-
 LOG_MODULE_DECLARE(secure_storage, CONFIG_SECURE_STORAGE_LOG_LEVEL);
 
 static int init_settings_subsys(void)

subsys/secure_storage/src/its/store/zms.c

@@ -5,9 +5,6 @@
 #include <zephyr/logging/log.h>
 #include <zephyr/fs/zms.h>
 #include <zephyr/storage/flash_map.h>
-#ifdef CONFIG_SECURE_STORAGE_ITS_IMPLEMENTATION_ZEPHYR
-#include <zephyr/secure_storage/its/transform.h>
-#endif
 
 LOG_MODULE_DECLARE(secure_storage, CONFIG_SECURE_STORAGE_LOG_LEVEL);
 

subsys/secure_storage/src/its/transform/aead.c

@@ -57,10 +57,6 @@ static psa_status_t psa_aead_crypt(psa_key_usage_t operation, secure_storage_its
 enum { CIPHERTEXT_MAX_SIZE
 	= PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE) };
 
-BUILD_ASSERT(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_OUTPUT_OVERHEAD
-	     == CIPHERTEXT_MAX_SIZE - CONFIG_SECURE_STORAGE_ITS_MAX_DATA_SIZE
-		+ CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_NONCE_SIZE);
-
 BUILD_ASSERT(SECURE_STORAGE_ALL_CREATE_FLAGS
 	     <= (1 << (8 * sizeof(secure_storage_packed_create_flags_t))) - 1);
 

tests/subsys/secure_storage/psa/its/src/custom_store.c

@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 #include <zephyr/secure_storage/its/store.h>
-#include <zephyr/secure_storage/its/transform.h>
 #include <zephyr/sys/util.h>
 #include <string.h>