mbedtls: use CSPRNG whenever possible as PSA random source

The main problem of MBEDTLS_PSA_CRYPTO_LEGACY_RNG is that it brings in some legacy modules (entropy + ctr_drbg/hmac_drbg) which means extra ROM/RAM footprint. MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG instead simply calls to the CSPRNG which makes it definitely smaller. Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2024-10-22 21:34:46 +02:00 · 2024-10-22 21:34:46 +02:00 · 08bd9c72bd
commit 08bd9c72bd
parent ac6d834272
12 changed files with 16 additions and 10 deletions
--- a/doc/releases/migration-guide-4.1.rst
+++ b/doc/releases/migration-guide-4.1.rst
@ -30,6 +30,12 @@ Modules
 Mbed TLS
 ========

+* If a platform has a CSPRNG source available (i.e. :kconfig:option:`CONFIG_CSPRNG_ENABLED`
+  is set), then the Kconfig option :kconfig:option:`CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG`
+  is the default choice for random number source instead of
+  :kconfig:option:`CONFIG_MBEDTLS_PSA_CRYPTO_LEGACY_RNG`. This helps in reducing
+  ROM/RAM footprint of the Mbed TLS library.
+
 Trusted Firmware-M
 ==================

--- a/modules/mbedtls/Kconfig.tls-generic
+++ b/modules/mbedtls/Kconfig.tls-generic
@ -481,6 +481,7 @@ config MBEDTLS_SSL_EXTENDED_MASTER_SECRET
 choice MBEDTLS_PSA_CRYPTO_RNG_SOURCE
 	prompt "Select random source for built-in PSA crypto"
 	depends on MBEDTLS_PSA_CRYPTO_C
+	default MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if CSPRNG_ENABLED
 	default MBEDTLS_PSA_CRYPTO_LEGACY_RNG

 config MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
--- a/samples/psa/its/overlay-entropy_driver.conf
+++ b/samples/psa/its/overlay-entropy_driver.conf
@ -1,4 +1,3 @@
 # SPDX-License-Identifier: Apache-2.0

 CONFIG_ENTROPY_GENERATOR=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
--- a/samples/psa/persistent_key/overlay-entropy_driver.conf
+++ b/samples/psa/persistent_key/overlay-entropy_driver.conf
@ -1,4 +1,3 @@
 # SPDX-License-Identifier: Apache-2.0

 CONFIG_ENTROPY_GENERATOR=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
--- a/tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf
+++ b/tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf
@ -4,4 +4,3 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_PSA_CRYPTO_ENABLE_ALL=y

 CONFIG_ENTROPY_GENERATOR=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
--- a/tests/bsim/bluetooth/ll/conn/psa_overlay.conf
+++ b/tests/bsim/bluetooth/ll/conn/psa_overlay.conf
@ -4,4 +4,3 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_PSA_CRYPTO_ENABLE_ALL=y

 CONFIG_ENTROPY_GENERATOR=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
--- a/tests/crypto/mbedtls_psa/prj.conf
+++ b/tests/crypto/mbedtls_psa/prj.conf
@ -3,4 +3,3 @@ CONFIG_ZTEST=y

 CONFIG_MBEDTLS=y
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
--- a/tests/crypto/mbedtls_psa/testcase.yaml
+++ b/tests/crypto/mbedtls_psa/testcase.yaml
@ -11,8 +11,6 @@
 # - no TF-M enabled devices because we assume that the TF-M implementation
 #   of PSA crypto is working fine on the platforms that support TF-M.
 # - platform should be testable by the CI.
-# - enable CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG in order to reduce as much
-#   as possible usage of legacy modules in Mbed TLS.
 # - pick 1 platform which supports entropy driver and 1 which does not. The
 #   latter case will allow to test
 #   CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG.
@ -34,8 +32,11 @@ tests:
    # Pick a platform which does not have an entropy driver. In this case we
    # enable the timer random generator because it's always available on all
    # platforms.
+    # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this is
+    # not "automatically selected" when there is no CSPRNG available.
    integration_platforms:
      - qemu_x86
    extra_configs:
+      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y
      - CONFIG_TEST_RANDOM_GENERATOR=y
--- a/tests/crypto/secp256r1/mbedtls.conf
+++ b/tests/crypto/secp256r1/mbedtls.conf
@ -1,5 +1,4 @@
 CONFIG_MBEDTLS=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED=y

--- a/tests/crypto/secp256r1/p256-m_raw.conf
+++ b/tests/crypto/secp256r1/p256-m_raw.conf
@ -1,5 +1,4 @@
 CONFIG_MBEDTLS=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED=y
 CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW=y
--- a/tests/net/socket/tls_configurations/prj.conf
+++ b/tests/net/socket/tls_configurations/prj.conf
@ -28,7 +28,6 @@ CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=2048
 CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=y
 # Build the PSA Crypto core so that the TLS stack uses the PSA crypto API.
 CONFIG_MBEDTLS_PSA_CRYPTO_C=y
-CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
 CONFIG_ENTROPY_GENERATOR=y

 # Disable some Kconfigs that are implied by CONFIG_NET_SOCKETS_SOCKOPT_TLS.
--- a/tests/subsys/jwt/testcase.yaml
+++ b/tests/subsys/jwt/testcase.yaml
@ -12,6 +12,9 @@ tests:
  libraries.encoding.jwt.ecdsa.psa:
    extra_configs:
      - CONFIG_JWT_SIGN_ECDSA_PSA=y
+      # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this
+      # is not automatically selected on platforms that do not have a CSPRNG
+      # source.
      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y
  libraries.encoding.jwt.rsa.legacy:
@ -21,5 +24,8 @@ tests:
  libraries.encoding.jwt.rsa.psa:
    extra_configs:
      - CONFIG_JWT_SIGN_RSA_PSA=y
+      # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this
+      # is not automatically selected on platforms that do not have a CSPRNG
+      # source.
      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y
      - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y