@@ -448,14 +448,10 @@ config CHIP_WIFI
448448 select WIFI
449449 select WIFI_NM_WPA_SUPPLICANT
450450 select NETWORKING
451- imply NORDIC_SECURITY_BACKEND
452- imply MBEDTLS_ENTROPY_C
453- imply MBEDTLS_PSA_CRYPTO_C
454451 imply NET_STATISTICS
455452 imply NET_L2_ETHERNET
456453 imply NET_PKT_TXTIME
457454 imply NET_PKT_TIMESTAMP
458- imply MBEDTLS_PROMPTLESS
459455 imply BUILD_OUTPUT_META
460456 imply USE_DT_CODE_PARTITION # might be removed when the OTA is enabled
461457 imply NET_IPV6_ND # enable Neighbor Discovery to handle Router Advertisements
@@ -464,6 +460,37 @@ config CHIP_WIFI
464460 imply NET_STATISTICS_USER_API
465461 imply NET_CONFIG_NEED_IPV6
466462
463+ choice CHIP_WIFI_CRYPTO_BACKEND
464+ prompt "Wi-Fi crypto backend"
465+ default CHIP_WIFI_CRYPTO_BACKEND_PSA if CHIP_CRYPTO_PSA
466+ default CHIP_WIFI_CRYPTO_BACKEND_MBEDTLS
467+ depends on CHIP_WIFI
468+
469+ config CHIP_WIFI_CRYPTO_BACKEND_PSA
470+ bool "Matter WiFi PSA crypto backend"
471+ select PSA_WANT_ALG_ECDSA
472+ select PSA_WANT_ALG_ECDH
473+ select PSA_WANT_ECC_SECP_R1_256
474+ select PSA_WANT_ALG_HKDF
475+ select PSA_INTERNAL_TRUSTED_STORAGE
476+ select MBEDTLS_PSA_CRYPTO_STORAGE_C if !BUILD_WITH_TFM
477+ select TRUSTED_STORAGE if !BUILD_WITH_TFM
478+ select HW_UNIQUE_KEY_WRITE_ON_CRYPTO_INIT if (SOC_NRF5340_CPUAPP || SOC_SERIES_NRF54L)
479+ select MBEDTLS_PSA_CRYPTO_C
480+ select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE
481+ select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
482+ select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
483+ select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
484+
485+ config CHIP_WIFI_CRYPTO_BACKEND_MBEDTLS
486+ bool "Matter WiFi mbedTLS crypto backend"
487+ select MBEDTLS
488+ imply NORDIC_SECURITY_BACKEND
489+ imply MBEDTLS_PSA_CRYPTO_C
490+ imply MBEDTLS_PROMPTLESS
491+
492+ endchoice
493+
467494config CHIP_IM_PRETTY_PRINT
468495 bool "Detailed logging of Matter messages"
469496 depends on !CHIP_LOG_SIZE_OPTIMIZATION
0 commit comments