Skip to content

Commit 46e254f

Browse files
frkvbjarki-andreasen
frkv
authored and
bjarki-andreasen
committed
[nrf noup] mbedtls: Remove unsupported algorithms in PSA crypto
-This commit is a [nrf noup] because it removes configuration options for cryptographic algortihms available in Mbed TLS but which is not actively supported in nRF Connect SDK. The list of algorithms removed: - AES CFB - Cipher Feedback block cipher - AES OFB - Output Feedback block cipher - FFDH - RIPEMD160 - Aria - Camellia - DES The removal of these algorithms is based both on a wish to remove weaker cryptography and unsupported features in the products we have today. Signed-off-by: Frank Audun Kvamtrø <[email protected]>
1 parent 5ef3d39 commit 46e254f

File tree

1 file changed

+0
-65
lines changed

1 file changed

+0
-65
lines changed

modules/mbedtls/Kconfig.psa

Lines changed: 0 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -36,10 +36,6 @@ config PSA_WANT_ALG_CMAC
3636
bool "PSA_WANT_ALG_CMAC" if !MBEDTLS_PROMPTLESS
3737
default y if PSA_CRYPTO_ENABLE_ALL
3838

39-
config PSA_WANT_ALG_CFB
40-
bool "PSA_WANT_ALG_CFB" if !MBEDTLS_PROMPTLESS
41-
default y if PSA_CRYPTO_ENABLE_ALL
42-
4339
config PSA_WANT_ALG_CHACHA20_POLY1305
4440
bool "PSA_WANT_ALG_CHACHA20_POLY1305" if !MBEDTLS_PROMPTLESS
4541
default y if PSA_CRYPTO_ENABLE_ALL
@@ -60,10 +56,6 @@ config PSA_WANT_ALG_ECDH
6056
bool "PSA_WANT_ALG_ECDH" if !MBEDTLS_PROMPTLESS
6157
default y if PSA_CRYPTO_ENABLE_ALL
6258

63-
config PSA_WANT_ALG_FFDH
64-
bool "PSA_WANT_ALG_FFDH" if !MBEDTLS_PROMPTLESS
65-
default y if PSA_CRYPTO_ENABLE_ALL
66-
6759
config PSA_WANT_ALG_ECDSA
6860
bool "PSA_WANT_ALG_ECDSA" if !MBEDTLS_PROMPTLESS
6961
default y if PSA_CRYPTO_ENABLE_ALL
@@ -96,9 +88,6 @@ config PSA_WANT_ALG_MD5
9688
bool "PSA_WANT_ALG_MD5" if !MBEDTLS_PROMPTLESS
9789
default y if PSA_CRYPTO_ENABLE_ALL
9890

99-
config PSA_WANT_ALG_OFB
100-
bool "PSA_WANT_ALG_OFB" if !MBEDTLS_PROMPTLESS
101-
default y if PSA_CRYPTO_ENABLE_ALL
10291

10392
config PSA_WANT_ALG_PBKDF2_HMAC
10493
bool "PSA_WANT_ALG_PBKDF2_HMAC" if !MBEDTLS_PROMPTLESS
@@ -108,9 +97,6 @@ config PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128
10897
bool "PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128" if !MBEDTLS_PROMPTLESS
10998
default y if PSA_CRYPTO_ENABLE_ALL
11099

111-
config PSA_WANT_ALG_RIPEMD160
112-
bool "PSA_WANT_ALG_RIPEMD160" if !MBEDTLS_PROMPTLESS
113-
default y if PSA_CRYPTO_ENABLE_ALL
114100

115101
config PSA_WANT_ALG_RSA_OAEP
116102
bool "PSA_WANT_ALG_RSA_OAEP" if !MBEDTLS_PROMPTLESS
@@ -228,26 +214,6 @@ config PSA_WANT_ECC_SECP_R1_521
228214
bool "PSA_WANT_ECC_SECP_R1_521" if !MBEDTLS_PROMPTLESS
229215
default y if PSA_CRYPTO_ENABLE_ALL
230216

231-
config PSA_WANT_DH_RFC7919_2048
232-
bool "PSA_WANT_DH_RFC7919_2048" if !MBEDTLS_PROMPTLESS
233-
default y if PSA_CRYPTO_ENABLE_ALL
234-
235-
config PSA_WANT_DH_RFC7919_3072
236-
bool "PSA_WANT_DH_RFC7919_3072" if !MBEDTLS_PROMPTLESS
237-
default y if PSA_CRYPTO_ENABLE_ALL
238-
239-
config PSA_WANT_DH_RFC7919_4096
240-
bool "PSA_WANT_DH_RFC7919_4096" if !MBEDTLS_PROMPTLESS
241-
default y if PSA_CRYPTO_ENABLE_ALL
242-
243-
config PSA_WANT_DH_RFC7919_6144
244-
bool "PSA_WANT_DH_RFC7919_6144" if !MBEDTLS_PROMPTLESS
245-
default y if PSA_CRYPTO_ENABLE_ALL
246-
247-
config PSA_WANT_DH_RFC7919_8192
248-
bool "PSA_WANT_DH_RFC7919_8192" if !MBEDTLS_PROMPTLESS
249-
default y if PSA_CRYPTO_ENABLE_ALL
250-
251217
config PSA_WANT_KEY_TYPE_DERIVE
252218
bool "PSA_WANT_KEY_TYPE_DERIVE" if !MBEDTLS_PROMPTLESS
253219
default y if PSA_CRYPTO_ENABLE_ALL
@@ -268,30 +234,15 @@ config PSA_WANT_KEY_TYPE_AES
268234
bool "PSA_WANT_KEY_TYPE_AES" if !MBEDTLS_PROMPTLESS
269235
default y if PSA_CRYPTO_ENABLE_ALL
270236

271-
config PSA_WANT_KEY_TYPE_ARIA
272-
bool "PSA_WANT_KEY_TYPE_ARIA" if !MBEDTLS_PROMPTLESS
273-
default y if PSA_CRYPTO_ENABLE_ALL
274-
275-
config PSA_WANT_KEY_TYPE_CAMELLIA
276-
bool "PSA_WANT_KEY_TYPE_CAMELLIA" if !MBEDTLS_PROMPTLESS
277-
default y if PSA_CRYPTO_ENABLE_ALL
278-
279237
config PSA_WANT_KEY_TYPE_CHACHA20
280238
bool "PSA_WANT_KEY_TYPE_CHACHA20" if !MBEDTLS_PROMPTLESS
281239
default y if PSA_CRYPTO_ENABLE_ALL
282240

283-
config PSA_WANT_KEY_TYPE_DES
284-
bool "PSA_WANT_KEY_TYPE_DES" if !MBEDTLS_PROMPTLESS
285-
default y if PSA_CRYPTO_ENABLE_ALL
286241

287242
config PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
288243
bool "PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
289244
default y if PSA_CRYPTO_ENABLE_ALL
290245

291-
config PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY
292-
bool "PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
293-
default y if PSA_CRYPTO_ENABLE_ALL
294-
295246
config PSA_WANT_KEY_TYPE_RAW_DATA
296247
bool "PSA_WANT_KEY_TYPE_RAW_DATA" if !MBEDTLS_PROMPTLESS
297248
default y if PSA_CRYPTO_ENABLE_ALL
@@ -336,20 +287,4 @@ config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE
336287
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
337288
default y if PSA_CRYPTO_ENABLE_ALL
338289

339-
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC
340-
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
341-
default y if PSA_CRYPTO_ENABLE_ALL
342-
343-
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT
344-
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
345-
default y if PSA_CRYPTO_ENABLE_ALL
346-
347-
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT
348-
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
349-
default y if PSA_CRYPTO_ENABLE_ALL
350-
351-
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE
352-
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
353-
default y if PSA_CRYPTO_ENABLE_ALL
354-
355290
endif # PSA_CRYPTO_CLIENT

0 commit comments

Comments
 (0)