Crypto: Highlight unsafe NULL entropy more explicitly
The MBEDTLS_TEST_NULL_ENTROPY is only to used for test purposes and
production platforms must use a hardware entropy source for stronger
cryptographic security. Although there is a build warning message
from MbedCrypto regarding this, this patch makes this more explicit
by adding a runtime message and clarifying the integration guide.
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I773a3c509dafdd5ffcd46ae5227acbc84aa81129
diff --git a/docs/reference/services/tfm_crypto_integration_guide.rst b/docs/reference/services/tfm_crypto_integration_guide.rst
index 4065930..6eaa5e0 100644
--- a/docs/reference/services/tfm_crypto_integration_guide.rst
+++ b/docs/reference/services/tfm_crypto_integration_guide.rst
@@ -63,6 +63,27 @@
Mbed Crypto functions. Decryption code is skipped in AES CCM mode in Profile
Small by default.
+****************************
+Crypto Backend configuration
+****************************
+
+The Crypto service can use either a hardware crypto accelerator backend like
+CC-312 or a software crypto library which by default is MbedTLS. If using
+MbedTLS as backend, then the library configuration is supplied using the
+MBEDTLS_CONFIG_FILE header option. TF-M Crypto provides a default
+configuration header ``tfm_mbedcrypto_config.h`` and this can be overridden
+based on TF-M configuration or platform. Platforms can also use
+``MBEDTLS_USER_CONFIG_FILE`` to override specific options from default.
+
+.. Note::
+
+ The default entropy source configured for MbedTLS is
+ MBEDTLS_TEST_NULL_ENTROPY and this does not provide randomness
+ for production devices. It is must for production devices to select
+ either a hardware entropy source via MBEDTLS_ENTROPY_HARDWARE_ALT or
+ provision a unique seed for the device during production and use
+ MBEDTLS_ENTROPY_NV_SEED option.
+
**************************
Crypto service integration
**************************