DeviceKey: Key size mismatch between generate_root_of_trust() and mbed-bootloader #12821
Description
Description of defect
mbed-bootloader requires 16 bytes device key (https://github.com/ARMmbed/mbed-bootloader/blob/94579e9f238b15f7fabe14005cdd181da0fa9123/source/kvstore_rot.cpp#L25). For convenience and development, mbed-bootloader enabled application can call DeviceKey's generate_root_of_trust() with mbedtls entropy configuration having been there to install device key. According to its implementation, it installs 32 bytes device key, which mismatches mbed-bootloader and causes error (https://github.com/ARMmbed/mbed-bootloader/blob/94579e9f238b15f7fabe14005cdd181da0fa9123/source/kvstore_rot.cpp#L64).
Suggest refining generate_root_of_trust() or providing its variant which can specify device key size parameter.
Target(s) affected by this defect ?
n/a
Toolchain(s) (name and version) displaying this defect ?
n/a
What version of Mbed-os are you using (tag or sha) ?
mbed-os-6.0.0-alpha-3
What version(s) of tools are you using. List all that apply (E.g. mbed-cli)
n/a
How is this defect reproduced ?
In an mbed-bootloader enabled application e.g. mbed-os-example-pelion, install device key via generate_root_of_trust(), run OTA process, and mbbed-bootloader will fail to upgrade firmware due to this size mismatch issue.