Merge pull request #13433 from LDong-Arm/refactor_device_key

Refactor device_key

docs/design-documents/features/storage/SecureStore/SecureStore_design.md

@@ -46,11 +46,11 @@ SecureStore is a storage class, derived from KVStore. It adds security features
  
 As such, it offers all KVStore APIs, with additional security options (which can be selected using the creation flags at set). These include:
 
-- Encryption: Data is encrypted using the AES-CTR encryption method, with a randomly generated 8-byte IV. Key is derived from [Device Key](../../../../../../mbed-os/features/device_key/README.md), using the NIST SP 800-108 KDF in counter mode spec, where salt is the key trimmed to 32 bytes, with "ENC" as prefix. Flag here is called "require confidentiality flag".  
+- Encryption: Data is encrypted using the AES-CTR encryption method, with a randomly generated 8-byte IV. Key is derived from [Device Key](../../../../../../mbed-os/drivers/device_key/README.md), using the NIST SP 800-108 KDF in counter mode spec, where salt is the key trimmed to 32 bytes, with "ENC" as prefix. Flag here is called "require confidentiality flag".  
 - Rollback protection: (Requires authentication) CMAC is stored in a designated rollback protected storage (also of KVStore type) and compared to when reading the data under the same KVStore key. A missing or different key in the rollback protected storage results in an error. The flag here is called "Require replay protection flag".
 - Write once: Key can only be stored once and can't be removed. The flag here is called "Write once flag".
 
-SecureStore maintains data integrity using a record CMAC. This 16-byte CMAC is calculated on all stored data (including key & metadata) and stored at the end of the record. When reading the record, SecureStore compares the calculated CMAC with the stored one. In the case of encryption, CMAC is calculated on the encrypted data. The key used for generating the CMAC is derived from [Device Key](../../../../../../mbed-os/features/device_key/README.md), where salt is the key trimmed to 32 bytes, with "AUTH" as prefix.  
+SecureStore maintains data integrity using a record CMAC. This 16-byte CMAC is calculated on all stored data (including key & metadata) and stored at the end of the record. When reading the record, SecureStore compares the calculated CMAC with the stored one. In the case of encryption, CMAC is calculated on the encrypted data. The key used for generating the CMAC is derived from [Device Key](../../../../../../mbed-os/drivers/device_key/README.md), where salt is the key trimmed to 32 bytes, with "AUTH" as prefix.
  
 ![SecureStore Layers](./SecureStore_layers.jpg)
 

drivers/device_key/README.md

@@ -42,5 +42,5 @@ To instantiate DeviceKey, you need to call its `get_instance` member function as
 Run the DeviceKey functionality test with the `mbed` command as follows:
 
 ``` 
-    ```mbed test -n features-device_key-tests-device_key-functionality```
+    ```mbed test -n drivers-device_key-tests-tests-device_key-functionality```
 ```

storage/kvstore/securestore/include/securestore/SecureStore.h

@@ -23,7 +23,7 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
-#include "features/device_key/source/DeviceKey.h"
+#include "device_key/DeviceKey.h"
 
 #define SECURESTORE_ENABLED 1
 

tools/test/travis-ci/doxy-spellchecker/ignore.en.pws

@@ -117,4 +117,7 @@ Hinnant
 Vin
 Vref
 ssid
+instantiation
+instantiations
+KVStore
 _doxy_