crypto: Remove PSA Crypto API from targets without entropy

Patater · Patater · commit 326b119fa15e · 2019-02-13T15:04:43.000Z
An entropy source is required in order to use the PSA Crypto API. The only devices Mbed OS knows are guaranteed by default to have an entropy source are those devices with a TRNG. Don't enable the PSA Crypto API by default for devices that Mbed OS can't know have an entropy source. This avoids run-time errors when an entropy source is not present on these targets. Applications can add their own entropy source by place entropy into their systems, implementing their own NV Seed read and write callbacks, and then enabling the MBEDTLS_ENTROPY_NV_SEED configuration option to notify the PSA Crypto implementation that an entropy source is present and how to use it. See https://os.mbed.com/docs/mbed-os/v5.11/porting/entropy-sources.html for the background on why entropy is fundamental to system security and how to inject entropy into systems that lack an on-board source of entropy.
diff --git a/targets/targets.json b/targets/targets.json
@@ -2439,7 +2439,7 @@
                 "macro_name": "CLOCK_SOURCE_USB"
             }
         },
-        "macros_add": ["USB_STM_HAL", "USBHOST_OTHER", "MBEDTLS_PSA_CRYPTO_C", "MBEDTLS_ENTROPY_NV_SEED"],
+        "macros_add": ["USB_STM_HAL", "USBHOST_OTHER"],
         "device_has_add": [
             "SERIAL_ASYNCH",
             "FLASH",

Original file line number	Diff line number	Diff line change
`@@ -2439,7 +2439,7 @@`
`2439`	`2439`	`"macro_name": "CLOCK_SOURCE_USB"`
`2440`	`2440`	`}`
`2441`	`2441`	`},`
`2442`		`- "macros_add": ["USB_STM_HAL", "USBHOST_OTHER", "MBEDTLS_PSA_CRYPTO_C", "MBEDTLS_ENTROPY_NV_SEED"],`
	`2442`	`+ "macros_add": ["USB_STM_HAL", "USBHOST_OTHER"],`
`2443`	`2443`	`"device_has_add": [`
`2444`	`2444`	`"SERIAL_ASYNCH",`
`2445`	`2445`	`"FLASH",`