Wrap the codes to handle key with TAG_STORAGE_KEY

HWWSK may not be supported for every platform so we guard
the codes to handle "TAG_STORAGE_KEY" key with feature
"with_hwwsk_support".

Test: build and VTS module "vts_kernel_encryption_test"
Bug: None

Change-Id: I07a5476336206f18559b2b7d7ea3bbbcd8415be7
Signed-off-by: Ji Luo <ji.luo@nxp.com>
diff --git a/app/rules.mk b/app/rules.mk
index ce6ce93..d49afbd 100644
--- a/app/rules.mk
+++ b/app/rules.mk
@@ -40,4 +40,10 @@
 	trusty/user/base/lib/trusty-log \
 	trusty/user/base/lib/trusty-std \
 
+TRUSTY_KM_WITH_HWWSK_SUPPORT ?= true
+ifeq (true,$(call TOBOOL,$(TRUSTY_KM_WITH_HWWSK_SUPPORT)))
+MODULE_RUSTFLAGS += \
+	--cfg 'feature="with_hwwsk_support"'
+endif
+
 include make/trusted_app.mk
diff --git a/main.rs b/main.rs
index 7c9b9d0..8033f60 100644
--- a/main.rs
+++ b/main.rs
@@ -17,9 +17,13 @@
 //! Main entrypoint for KeyMint/Rust trusted application (TA) on Trusty.
 
 use keymint::{
-    AttestationIds, CertSignInfo, SharedSddManager, TrustyAes, TrustyKeys, TrustyMonotonicClock,
-    TrustyRng, TrustyRpc, TrustySecureDeletionSecretManager, TrustyStorageKeyWrapper,
+    AttestationIds, CertSignInfo, SharedSddManager, TrustyKeys, TrustyMonotonicClock, TrustyRng,
+    TrustyRpc, TrustySecureDeletionSecretManager,
 };
+
+#[cfg(feature = "with_hwwsk_support")]
+use keymint::{TrustyAes, TrustyStorageKeyWrapper};
+
 use kmr_common::crypto;
 use kmr_crypto_boring::{
     aes::BoringAes, aes_cmac::BoringAesCmac, des::BoringDes, ec::BoringEc, eq::BoringEq,
@@ -60,7 +64,10 @@
 
     let rng = TrustyRng::default();
     let clock = TrustyMonotonicClock;
+    #[cfg(feature = "with_hwwsk_support")]
     let aes = TrustyAes::default();
+    #[cfg(not(feature = "with_hwwsk_support"))]
+    let aes = BoringAes;
     let imp = crypto::Implementation {
         rng: Box::new(rng),
         clock: Some(Box::new(clock)),
@@ -89,7 +96,10 @@
         attest_ids: Some(Box::new(AttestationIds)),
         sdd_mgr: Some(Box::new(shared_sdd_mgr)),
         bootloader: Box::new(kmr_ta::device::BootloaderDone),
+        #[cfg(feature = "with_hwwsk_support")]
         sk_wrapper: Some(Box::new(TrustyStorageKeyWrapper)),
+        #[cfg(not(feature = "with_hwwsk_support"))]
+        sk_wrapper: None,
         tup: Box::new(kmr_ta::device::TrustedPresenceUnsupported),
         legacy_key: Some(Box::new(legacy_key)),
         rpc: Box::new(TrustyRpc),