soc: arm: nxp_imx: rt: Configure settings for TRNG IP

RT platforms that support TRNG IP (rt10xx and rt6xx) need to set
RNG and CSRNG to Xoroshiro and CTR_DRBG respectively instead of
using TRNG as random source.

Fixes: #37307

Signed-off-by: David Leach <david.leach@nxp.com>
This commit is contained in:
David Leach 2021-08-02 17:21:16 -05:00 committed by Christopher Friedt
commit 569a1a0a5d
3 changed files with 52 additions and 0 deletions

View file

@ -26,3 +26,19 @@ config ENTROPY_MCUX_RNG
help help
This option enables the true random number generator (TRNG) This option enables the true random number generator (TRNG)
driver based on the MCUX RNG driver on LPC Family. driver based on the MCUX RNG driver on LPC Family.
#
# Don't use use the MCUX TRNG as a random source as it is not designed
# to supply a continuous random stream. Instead, it is used to provide
# a seed to RNG generator.
#
# Use the software implemented xoroshiro RNG.
# Use CSPRNG for cryptographically secure RNG source.
#
choice RNG_GENERATOR_CHOICE
default XOSHIRO_RANDOM_GENERATOR if ENTROPY_MCUX_TRNG
endchoice
choice CSPRNG_GENERATOR_CHOICE
default CTR_DRBG_CSPRNG_GENERATOR if ENTROPY_MCUX_TRNG
endchoice

View file

@ -152,6 +152,24 @@ choice SEGGER_SYSVIEW_SECTION
depends on SEGGER_SYSTEMVIEW depends on SEGGER_SYSTEMVIEW
endchoice endchoice
#
# MBEDTLS is larger but much faster than TinyCrypt so choose wisely
#
config MBEDTLS
#config TINYCRYPT
default y if CSPRING_ENABLED
depends on ENTROPY_GENERATOR
if MBEDTLS
#
# MBEDTLS CTR_DRBG code path needs extra stack space for initialization than
# what the ztest_thread_stack defaults to.
#
config TEST_EXTRA_STACKSIZE
int
default 1024
endif # MBEDTLS
source "soc/arm/nxp_imx/rt/Kconfig.defconfig.mimxrt*" source "soc/arm/nxp_imx/rt/Kconfig.defconfig.mimxrt*"
endif # SOC_SERIES_IMX_RT endif # SOC_SERIES_IMX_RT

View file

@ -27,6 +27,24 @@ config ENTROPY_MCUX_TRNG
default y if HAS_MCUX_TRNG default y if HAS_MCUX_TRNG
depends on ENTROPY_GENERATOR depends on ENTROPY_GENERATOR
#
# MBEDTLS is larger but much faster than TinyCrypt so choose wisely
#
config MBEDTLS
#config TINYCRYPT
default y if CSPRING_ENABLED
depends on ENTROPY_GENERATOR
if MBEDTLS
#
# MBEDTLS CTR_DRBG code path needs extra stack space for initialization than
# what the ztest_thread_stack defaults to.
#
config TEST_EXTRA_STACKSIZE
int
default 1024
endif # MBEDTLS
source "soc/arm/nxp_imx/rt6xx/Kconfig.defconfig.mimxrt6*" source "soc/arm/nxp_imx/rt6xx/Kconfig.defconfig.mimxrt6*"
endif # SOC_SERIES_MIMXRT6XX endif # SOC_SERIES_MIMXRT6XX