ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

crypto: Remove PSA Crypto API from targets without entropy 

An entropy source is required in order to use the PSA Crypto API. The
only devices Mbed OS knows are guaranteed by default to have an entropy
source are those devices with a TRNG. Don't enable the PSA Crypto API by
default for devices that Mbed OS can't know have an entropy source. This
avoids run-time errors when an entropy source is not present on these
targets.

Applications can add their own entropy source by place entropy into
their systems, implementing their own NV Seed read and write callbacks,
and then enabling the MBEDTLS_ENTROPY_NV_SEED configuration option to
notify the PSA Crypto implementation that an entropy source is present
and how to use it.

See https://os.mbed.com/docs/mbed-os/v5.11/porting/entropy-sources.html
for the background on why entropy is fundamental to system security and
how to inject entropy into systems that lack an on-board source of
entropy.
pull/9710/head
Jaeden Amero 2019-02-13 15:04:43 +00:00
parent a477354292
commit 326b119fa1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
targets/targets.json
View File

@ -2439,7 +2439,7 @@
"macro_name": "CLOCK_SOURCE_USB" "macro_name": "CLOCK_SOURCE_USB"
} }
}, },
"macros_add": ["USB_STM_HAL", "USBHOST_OTHER", "MBEDTLS_PSA_CRYPTO_C", "MBEDTLS_ENTROPY_NV_SEED"], "macros_add": ["USB_STM_HAL", "USBHOST_OTHER"],
"device_has_add": [ "device_has_add": [
"SERIAL_ASYNCH", "SERIAL_ASYNCH",
"FLASH", "FLASH",