samples: net: wifi: shell: remove legacy Mbed TLS crypto

[valeriosetti]

Addresses on item from the todo list in #102005

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[MaochenWang1]

Hi @valeriosetti
Thanks for your PR. Any Configurations we need to add to replace these legacy Mbed TLS crypto?

[MaochenWang1]

We use wpa_supp_els_pkc_mbedtls_config.h as CONFIG_MBEDTLS_USER_CONFIG_FILE, the file locates in
https://github.com/zephyrproject-rtos/hal_nxp/blob/master/mcux/middleware/wifi_nxp/incl/port/mbedtls/wpa_supp_els_pkc_mbedtls_config.h.
Do we need also update this file to remove legacy Mbed TLS crypto?

[valeriosetti]

Likely yes. You can check the current state of crypto_config.h for available build symbols.

[MaochenWang1]

The available build symbols, you mean the configs without //?

[valeriosetti]

Acutally also the ones commented out are known to the tf-psa-crypto library, so those are fine

[valeriosetti]

Any Configurations we need to add to replace these legacy Mbed TLS crypto?

I don't think so. Hers's why:

• CONFIG_MBEDTLS_PSA_CRYPTO_C: those configuration files already enable CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA which select CONFIG_PSA_CRYPTO which itself enables CONFIG_MBEDTLS_PSA_CRYPTO_C is the PSA Crypto API are to be provided by Mbed TLS
• CONFIG_ENTROPY_GENERATOR: this is already handled by Mbed TLS, even though I know it's a bit tricky combination between Mbed TLS Kconfig and Random subsys ones.
• CONFIG_MBEDTLS_ENTROPY_C: this is also already handled by Mbed TLS Kconfigs when/if needed.

[MaochenWang1]

Add a label here, need more test before this can be merged.

[MaochenWang1]

Hi @jukkar please review