samples: net: lwm2m_client: Add missing PSA configs neeed for HS

Add missing PSA configs required for successful DTLS handshake with PSK.
Cert-based config also needed to enable some RSA support, as otherwise
mbed TLS throws errors about some undefined RSA error mapping.

Signed-off-by: Robert Lubos <[email protected]>

Author: rlubos

samples/net/lwm2m_client/overlay-dtls-cert.conf

@@ -18,17 +18,22 @@ CONFIG_MBEDTLS_CIPHER_GCM_ENABLED=y
 
 # Disable RSA, use only ECC certificates
 CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_ENABLED=n
+CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE=y # To avoid mbed TLS build error
 # Enable PSK and ECDHE_ECDSA
 CONFIG_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED=y
 CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=y
 # We only need prime256v1 curve
+CONFIG_PSA_CRYPTO=y
 CONFIG_PSA_WANT_ECC_SECP_R1_256=y
 CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y
 CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT=y
 CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y
 CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE=y
 CONFIG_PSA_WANT_ALG_ECDH=y
 CONFIG_PSA_WANT_ALG_ECDSA=y
+CONFIG_PSA_WANT_ALG_SHA_256=y
+CONFIG_PSA_WANT_ALG_TLS12_PRF=y
+CONFIG_PSA_WANT_ALG_TLS12_PSK_TO_MS=y
 # Optional: we could use just binary DER certificates
 CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=y
 

samples/net/lwm2m_client/overlay-dtls.conf

@@ -12,8 +12,12 @@ CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID=y
 CONFIG_MBEDTLS_ENABLE_HEAP=y
 CONFIG_MBEDTLS_HEAP_SIZE=8192
 CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=1500
+CONFIG_PSA_CRYPTO=y
 CONFIG_PSA_WANT_KEY_TYPE_AES=y
 CONFIG_PSA_WANT_ALG_CCM=y
+CONFIG_PSA_WANT_ALG_SHA_256=y
+CONFIG_PSA_WANT_ALG_TLS12_PRF=y
+CONFIG_PSA_WANT_ALG_TLS12_PSK_TO_MS=y
 
 # Disable RSA, we don't parse certs: saves flash/memory
 CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_ENABLED=n