From e3e13fb40b997545256f98b74f5b78083acb4614 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jul 2024 17:21:20 +0200 Subject: [PATCH] mbedtls: rename MBEDTLS_ENTROPY_ENABLED as MBEDTLS_ENTROPY_C ENABLED suffix does not really makes much sense for a kconfig so it should be removed. Also other MBEDTLS symbols were recently updated accordingly. Moreover having it named exactly the same way as in Mbed TLS symplifies the understanding of what this kconfig is doing. Signed-off-by: Valerio Setti --- drivers/bluetooth/hci/Kconfig | 2 +- modules/mbedtls/Kconfig.tls-generic | 10 +++++++--- modules/mbedtls/configs/config-tls-generic.h | 2 +- samples/tfm_integration/psa_crypto/prj.conf | 2 +- subsys/net/l2/openthread/Kconfig | 2 +- 5 files changed, 11 insertions(+), 7 deletions(-) diff --git a/drivers/bluetooth/hci/Kconfig b/drivers/bluetooth/hci/Kconfig index 9392044b4a3..f1ac3feae60 100644 --- a/drivers/bluetooth/hci/Kconfig +++ b/drivers/bluetooth/hci/Kconfig @@ -85,7 +85,7 @@ config BT_SILABS_HCI select ENTROPY_GENERATOR select MBEDTLS select MBEDTLS_PSA_CRYPTO_C - select MBEDTLS_ENTROPY_ENABLED + select MBEDTLS_ENTROPY_C select MBEDTLS_ZEPHYR_ENTROPY help Use Silicon Labs binary Bluetooth library to connect to the diff --git a/modules/mbedtls/Kconfig.tls-generic b/modules/mbedtls/Kconfig.tls-generic index ef7e330bd8d..d79c4efd37a 100644 --- a/modules/mbedtls/Kconfig.tls-generic +++ b/modules/mbedtls/Kconfig.tls-generic @@ -371,10 +371,14 @@ config MBEDTLS_HAVE_ASM of asymmetric cryptography, however this might have an impact on the code size. -config MBEDTLS_ENTROPY_ENABLED - bool "MbedTLS generic entropy pool" +config MBEDTLS_ENTROPY_C + bool "Mbed TLS entropy accumulator" depends on MBEDTLS_SHA256 || MBEDTLS_SHA384 || MBEDTLS_SHA512 default y if MBEDTLS_ZEPHYR_ENTROPY + help + This module gathers entropy data from enabled entropy sources. It's + mostly used in conjunction with CTR_DRBG or HMAC_DRBG to create + a deterministic random number generator. config MBEDTLS_OPENTHREAD_OPTIMIZATIONS_ENABLED bool "MbedTLS optimizations for OpenThread" @@ -461,7 +465,7 @@ config MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG config MBEDTLS_PSA_CRYPTO_LEGACY_RNG bool "Use legacy modules to generate random data" - select MBEDTLS_ENTROPY_ENABLED + select MBEDTLS_ENTROPY_C select MBEDTLS_HMAC_DRBG_ENABLED if !MBEDTLS_CTR_DRBG_ENABLED help Use legacy MbedTLS modules (ENTROPY + CTR_DRBG/HMAC_DRBG) as random diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h index 92471768b6c..9c7cb8dc099 100644 --- a/modules/mbedtls/configs/config-tls-generic.h +++ b/modules/mbedtls/configs/config-tls-generic.h @@ -320,7 +320,7 @@ #define MBEDTLS_GENPRIME #endif -#if defined(CONFIG_MBEDTLS_ENTROPY_ENABLED) +#if defined(CONFIG_MBEDTLS_ENTROPY_C) #define MBEDTLS_ENTROPY_C #endif diff --git a/samples/tfm_integration/psa_crypto/prj.conf b/samples/tfm_integration/psa_crypto/prj.conf index 0abda953423..96ef160e129 100644 --- a/samples/tfm_integration/psa_crypto/prj.conf +++ b/samples/tfm_integration/psa_crypto/prj.conf @@ -34,7 +34,7 @@ CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC=y CONFIG_PSA_WANT_ECC_SECP_R1_256=y CONFIG_PSA_WANT_ALG_ECDSA=y CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY=y -CONFIG_MBEDTLS_ENTROPY_ENABLED=y +CONFIG_MBEDTLS_ENTROPY_C=y CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y CONFIG_MBEDTLS_ECDSA_C=y diff --git a/subsys/net/l2/openthread/Kconfig b/subsys/net/l2/openthread/Kconfig index de7fb4a3aaa..db09d32fd31 100644 --- a/subsys/net/l2/openthread/Kconfig +++ b/subsys/net/l2/openthread/Kconfig @@ -182,7 +182,7 @@ config OPENTHREAD_MBEDTLS select MBEDTLS_CIPHER_AES_ENABLED select MBEDTLS_CIPHER_CCM_ENABLED select MBEDTLS_SHA256 - select MBEDTLS_ENTROPY_ENABLED + select MBEDTLS_ENTROPY_C select MBEDTLS_CMAC select MBEDTLS_CIPHER select MBEDTLS_MD