I am working off of the NRF SDK Zephyr repository where I am using the NRF Security subsystem in order to use PSA for AES encrypt/decrypt. I need additional ciphers such as DES which the cryptocell on the nRF5340 does not support. MbedTLS has a software implementation of this and I believe should be able to connect to PSA. However, I'm having trouble configuring this correctly.
My Kconfig configuration for PSA looks identical to the samples/crypto/aes_cbc sample.
boards/nrf5340dk_nrf5340_cpuapp.conf
CONFIG_PSA_CRYPTO_DRIVER_OBERON=y CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y # Mbedtls configuration CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=8192
prj.conf
# The Zephyr CMSIS emulation assumes that ticks are ms, currently CONFIG_SYS_CLOCK_TICKS_PER_SEC=1000 CONFIG_MAIN_STACK_SIZE=4096 CONFIG_HEAP_MEM_POOL_SIZE=4096 # Enable logging CONFIG_CONSOLE=y CONFIG_LOG=y # Enable nordic security backend and PSA APIs CONFIG_NRF_SECURITY=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_PSA_WANT_GENERATE_RANDOM=y CONFIG_PSA_WANT_KEY_TYPE_AES=y CONFIG_PSA_WANT_ALG_CBC_NO_PADDING=y
What am I missing in order to get allow a DES cipher? Currently if I try to import a PSA_KEY_TYPE_DES key, I will get the PSA_ERROR_NOT_SUPPORTED response.