michaelh/zephyr
1
0
Fork 0
Code Releases Activity

modules: tfm: add configuration for disabling the RNG module

Browse source 
A new configuration is available in TF-M, for disabling RNG
independent from key derivation. Introduce a corresponding
Kconfig option to control the RNG API enabling/disabling from
Zephyr.

Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no>
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit is contained in:
Håkon Øye Amundsen 2021-06-14 13:32:50 +02:00 committed by Ioannis Glaropoulos
commit 881b877eca
2 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/trusted-firmware-m/CMakeLists.txt
View file

@ -17,6 +17,7 @@ set(TFM_VALID_PARTITIONS
# List of all crypto modules that can be enabled/disabled # List of all crypto modules that can be enabled/disabled
# Corresponds to the *_MODULE_DISABLED configs in 'trusted-firmware-m/config/config_default.cmake' # Corresponds to the *_MODULE_DISABLED configs in 'trusted-firmware-m/config/config_default.cmake'
set(TFM_CRYPTO_MODULES set(TFM_CRYPTO_MODULES
CRYPTO_RNG_MODULE
CRYPTO_KEY_MODULE CRYPTO_KEY_MODULE
CRYPTO_AEAD_MODULE CRYPTO_AEAD_MODULE
CRYPTO_MAC_MODULE CRYPTO_MAC_MODULE

7
modules/trusted-firmware-m/Kconfig.tfm.crypto_modules
View file

@ -7,6 +7,13 @@ if BUILD_WITH_TFM
if TFM_PARTITION_CRYPTO if TFM_PARTITION_CRYPTO
config TFM_CRYPTO_RNG_MODULE_ENABLED
bool "Enable random number generator crypto module"
default y
help
Enables the random number generator module within the crypto partition.
Unset this option if 'psa_generate_random' is not used.
config TFM_CRYPTO_KEY_MODULE_ENABLED config TFM_CRYPTO_KEY_MODULE_ENABLED
bool "Enable KEY crypto module" bool "Enable KEY crypto module"
default y default y