mgmt: mcumgr: remove usage of legacy Mbed TLS crypto for hash in favor of PSA API #97625
+17
−52
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zephyrbot
added
area: Tests
jhedberg
previously approved these changes
Oct 15, 2025
nordicjm
reviewed
Oct 15, 2025
valeriosetti
force-pushed
the
mcumgr-remove-legacy-crypto
branch
from
bc6f52f to
68069e7
Compare
de-nordic
previously approved these changes
Oct 16, 2025
jhedberg
previously approved these changes
Oct 16, 2025
valeriosetti
force-pushed
the
mcumgr-remove-legacy-crypto
branch
from
68069e7 to
e0dae6b
Compare
valeriosetti
force-pushed
the
mcumgr-remove-legacy-crypto
branch
from
e0dae6b to
73fa9dc
Compare
|
The double force push is intentional:
|
jhedberg
previously approved these changes
Oct 17, 2025
de-nordic
previously approved these changes
Oct 17, 2025
tomi-font
requested changes
Oct 20, 2025
subsys/mgmt/mcumgr/grp/fs_mgmt/src/fs_mgmt_hash_checksum_sha256.c
Outdated
Show resolved
Hide resolved
valeriosetti
force-pushed
the
mcumgr-remove-legacy-crypto
branch
from
73fa9dc to
cffb9be
Compare
tomi-font
reviewed
Oct 20, 2025
subsys/mgmt/mcumgr/grp/fs_mgmt/src/fs_mgmt_hash_checksum_sha256.c
Outdated
Show resolved
Hide resolved
The long-term goal of Zephyr is to rely exclusively on PSA Crypto API for crypto support. At the same time Mbed TLS is going to remove legacy crypto support starting from the next relase (v4.0). Therefore this commit removes usage of legacy Mbed TLS crypto in favor of PSA Crypto API. Mbed TLS will still be used in case of a build where TF-M is not enabled. Signed-off-by: Valerio Setti <[email protected]>
MCUMGR_GRP_FS_HASH_SHA256 now already selects Mbed TLS and its PSA Crypto support if TF-M is not enabled in the build, so there is no need to do that in test configuration files. Signed-off-by: Valerio Setti <[email protected]>
Add note for the removal of Mbed TLS' legacy crypto support in favor of PSA API. Signed-off-by: Valerio Setti <[email protected]>
valeriosetti
force-pushed
the
mcumgr-remove-legacy-crypto
branch
from
cffb9be to
401efba
Compare
tomi-font
approved these changes
Oct 20, 2025
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The long-term plan of Zephyr is to rely exclusively on PSA Crypto API for crypto support and, in parallel, Mbed TLS is removing legacy crypto support from its next release (v4.0). Therefore this PR removes usage of legacy Mbed TLS crypto from McuMGR, leaving PSA API as the only option. Mbed TLS is still used to provide a PSA Crypto implementation in case TF-M is not enabled in the build.