bt: crypto/host: remove CONFIG_BT_USE_PSA_API symbol

As part of the deprecation process of TinyCrypt in Zephyr codebase
(#79566) this commit removes CONFIG_BT_USE_PSA_API symbol. This
was used in BT crypto/host modules to select PSA crypto API over
TinyCrypt (which was the default until now). Since TinyCrypt is
removed and PSA crypto API is the new standard library for crypto
operations, CONFIG_BT_USE_PSA_API is no more needed.

Signed-off-by: Valerio Setti <[email protected]>

subsys/bluetooth/Kconfig

@@ -241,13 +241,6 @@ config BT_SHELL
 	  Activate shell module that provides Bluetooth commands to the
 	  console.
 
-config BT_USE_PSA_API
-	bool "Use PSA APIs instead of TinyCrypt for crypto operations"
-	depends on BT_CRYPTO || BT_HOST_CRYPTO || BT_ECC
-	depends on PSA_CRYPTO_CLIENT
-	help
-	  Use PSA APIs instead of TinyCrypt for crypto operations
-
 endif # BT_HCI
 
 config BT_COMPANY_ID

subsys/bluetooth/controller/hci/hci.c

@@ -1036,9 +1036,9 @@ static void read_supported_commands(struct net_buf *buf, struct net_buf **evt)
 
 #endif /* CONFIG_BT_CTLR_DF */
 
-#if defined(CONFIG_BT_HCI_RAW) && defined(CONFIG_BT_TINYCRYPT_ECC)
+#if defined(CONFIG_BT_HCI_RAW) && defined(CONFIG_BT_HCI_ECC)
 	bt_hci_ecc_supported_commands(rp->commands);
-#endif /* CONFIG_BT_HCI_RAW && CONFIG_BT_TINYCRYPT_ECC */
+#endif /* CONFIG_BT_HCI_RAW && CONFIG_BT_HCI_ECC */
 
 	/* LE Read TX Power. */
 	rp->commands[38] |= BIT(7);

subsys/bluetooth/crypto/CMakeLists.txt

@@ -4,15 +4,11 @@ zephyr_library()
 
 zephyr_library_sources(bt_crypto.c)
 
-if(CONFIG_BT_USE_PSA_API)
-    zephyr_library_sources(bt_crypto_psa.c)
-    zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
-    zephyr_library_include_directories_ifdef(CONFIG_BUILD_WITH_TFM
-        $<TARGET_PROPERTY:tfm,TFM_BINARY_DIR>/api_ns/interface/include
-    )
-else()
-    zephyr_library_sources(bt_crypto_tc.c)
-endif()
+zephyr_library_sources(bt_crypto_psa.c)
+zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
+zephyr_library_include_directories_ifdef(CONFIG_BUILD_WITH_TFM
+    $<TARGET_PROPERTY:tfm,TFM_BINARY_DIR>/api_ns/interface/include
+)
 
 if(CONFIG_BT_CRYPTO_LOG_LEVEL_DBG)
     message(WARNING "CONFIG_BT_CRYPTO_LOG_LEVEL_DBG is enabled.

subsys/bluetooth/crypto/Kconfig

@@ -3,10 +3,9 @@
 
 config BT_CRYPTO
 	bool
-	select TINYCRYPT if !BT_USE_PSA_API
-	select TINYCRYPT_AES if !BT_USE_PSA_API
-	select TINYCRYPT_AES_CMAC if !BT_USE_PSA_API
-	select PSA_WANT_KEY_TYPE_AES if BT_USE_PSA_API
-	select PSA_WANT_ALG_CMAC if BT_USE_PSA_API
+	select MBEDTLS if !BUILD_WITH_TFM
+	select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM
+	select PSA_WANT_KEY_TYPE_AES
+	select PSA_WANT_ALG_CMAC
 	help
 	  This option enables the Bluetooth Cryptographic Toolbox.

subsys/bluetooth/crypto/bt_crypto.c

@@ -7,12 +7,7 @@
 
 #include <zephyr/sys/byteorder.h>
 
-#if defined(CONFIG_BT_USE_PSA_API)
 #include "psa/crypto.h"
-#else
-#include <tinycrypt/cmac_mode.h>
-#include <tinycrypt/constants.h>
-#endif
 
 #include "common/bt_str.h"
 #include "bt_crypto.h"

subsys/bluetooth/host/CMakeLists.txt

@@ -8,7 +8,7 @@ add_subdirectory_ifdef(CONFIG_BT_SHELL shell)
 
 zephyr_library_sources_ifdef(CONFIG_BT_HCI_RAW          hci_raw.c hci_common.c)
 zephyr_library_sources_ifdef(CONFIG_BT_MONITOR          monitor.c)
-zephyr_library_sources_ifdef(CONFIG_BT_TINYCRYPT_ECC    hci_ecc.c)
+zephyr_library_sources_ifdef(CONFIG_BT_HCI_ECC          hci_ecc.c)
 zephyr_library_sources_ifdef(CONFIG_BT_SETTINGS         settings.c)
 zephyr_library_sources_ifdef(CONFIG_BT_HOST_CCM         aes_ccm.c)
 zephyr_library_sources_ifdef(CONFIG_BT_LONG_WQ          long_wq.c)
@@ -32,11 +32,10 @@ if(CONFIG_BT_HCI_HOST)
     scan.c
     )
 
-  if(CONFIG_BT_USE_PSA_API)
-    zephyr_library_sources_ifdef(CONFIG_BT_HOST_CRYPTO    crypto_psa.c)
-  else()
-    zephyr_library_sources_ifdef(CONFIG_BT_HOST_CRYPTO    crypto_tc.c)
-  endif()
+  zephyr_library_sources_ifdef(
+    CONFIG_BT_HOST_CRYPTO
+    crypto_psa.c
+    )
 
   zephyr_library_sources_ifdef(
     CONFIG_BT_ECC
@@ -116,12 +115,10 @@ if(CONFIG_BT_CONN_DISABLE_SECURITY)
     )
 endif()
 
-if(CONFIG_BT_USE_PSA_API)
-    zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
-    zephyr_library_include_directories_ifdef(CONFIG_BUILD_WITH_TFM
-      $<TARGET_PROPERTY:tfm,TFM_BINARY_DIR>/api_ns/interface/include
-    )
-endif()
+zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
+zephyr_library_include_directories_ifdef(CONFIG_BUILD_WITH_TFM
+  $<TARGET_PROPERTY:tfm,TFM_BINARY_DIR>/api_ns/interface/include
+)
 
 # Bluetooth Mesh has test dependencies in the host.
 # In order to compile Bsim tests with these test features

subsys/bluetooth/host/Kconfig

@@ -16,7 +16,7 @@ config BT_LONG_WQ_STACK_SIZE
 	# requirements.
 	int
 	default 1300 if BT_GATT_CACHING
-	default 1140 if BT_TINYCRYPT_ECC
+	default 1140 if BT_HCI_ECC
 	default 1024
 
 config BT_LONG_WQ_PRIO
@@ -168,22 +168,22 @@ rsource "../audio/Kconfig"
 config BT_HOST_CRYPTO
 	bool "Use crypto functionality implemented in the Bluetooth host"
 	default y if !BT_CTLR_CRYPTO
-	select TINYCRYPT if !BT_USE_PSA_API
-	select TINYCRYPT_AES if !BT_USE_PSA_API
-	select PSA_WANT_KEY_TYPE_AES if BT_USE_PSA_API
+	select MBEDTLS if !BUILT_WITH_TFM
+	select MBEDTLS_PSA_CRYPTO_C if !BUILT_WITH_TFM
+	select PSA_WANT_KEY_TYPE_AES
 	help
-	  The option adds the AES encryption support using TinyCrypt
+	  The option adds the AES encryption support using PSA Crypto API
 	  library if this is not provided by the controller implementation.
 
 config BT_HOST_CRYPTO_PRNG
-	bool "Use Tinycrypt library for random number generation"
+	bool "Use PSA crypto API library for random number generation"
 	default y
-	select TINYCRYPT_SHA256 if !BT_USE_PSA_API
-	select TINYCRYPT_SHA256_HMAC if !BT_USE_PSA_API
-	select TINYCRYPT_SHA256_HMAC_PRNG if !BT_USE_PSA_API
+	select PSA_WANT_ALG_SHA_256
+	select PSA_WANT_KEY_TYPE_HMAC
+	select PSA_WANT_ALG_HMAC
 	depends on BT_HOST_CRYPTO
 	help
-	  When selected, will use tinycrypt library for random number generation.
+	  When selected, will use PSA Crypto API library for random number generation.
 	  This will consume additional ram, but may speed up the generation of random
 	  numbers.
 
@@ -987,15 +987,17 @@ config BT_ECC
 	help
 	  This option adds support for ECDH HCI commands.
 
-config BT_TINYCRYPT_ECC
-	bool "Emulate ECDH in the Host using TinyCrypt library"
-	select TINYCRYPT
-	select TINYCRYPT_ECC_DH
+config BT_HCI_ECC
+	bool "Emulate ECDH in the Host using PSA Crypto API library"
+	select MBEDTLS if !BUILT_WITH_TFM
+	select MBEDTLS_PSA_CRYPTO_C if !BUILT_WITH_TFM
+	select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE
+	select PSA_WANT_ECC_SECP_R1_256
 	select BT_LONG_WQ
 	depends on BT_ECC && (BT_HCI_RAW || BT_HCI_HOST)
 	default y if BT_CTLR && !BT_CTLR_ECDH
 	help
-	  If this option is set TinyCrypt library is used for emulating the
+	  If this option is set PSA Crypto API library is used for emulating the
 	  ECDH HCI commands and events needed by e.g. LE Secure Connections.
 	  In builds including the BLE Host, if not set the controller crypto is
 	  used for ECDH and if the controller doesn't support the required HCI

subsys/bluetooth/host/Kconfig.gatt

@@ -115,11 +115,9 @@ config BT_GATT_CACHING
 	bool "GATT Caching support"
 	default y
 	depends on BT_GATT_SERVICE_CHANGED
-	select TINYCRYPT if !BT_USE_PSA_API
-	select TINYCRYPT_AES if !BT_USE_PSA_API
-	select TINYCRYPT_AES_CMAC if !BT_USE_PSA_API
-	select PSA_WANT_KEY_TYPE_AES if BT_USE_PSA_API
-	select PSA_WANT_ALG_CMAC if BT_USE_PSA_API
+	depends on PSA_CRYPTO_CLIENT
+	select PSA_WANT_KEY_TYPE_AES
+	select PSA_WANT_ALG_CMAC
 	help
 	  This option enables support for GATT Caching. When enabled the stack
 	  will register Client Supported Features and Database Hash