nrf_security: auto-enable PSA_WANT_ALG_ECB_NO_PADDING

Auto-enable PSA_WANT_ALG_ECB_NO_PADDING when MBEDTLS_BUILTIN and CCM or
GCM is enabled and !MBEDTLS_FORCE_LEGACY_CIPHER.
ECB is needed by the block_cipher module in Mbed TLS when
MBEDTLS_BLOCK_CIPHER_SOME_PSA.
Because of a noup we have to enable that in our Mbed TLS fork, ECB ends
up needing to be enabled when using Mbed TLS' PSA API to encrypt/decrypt
data with CCM/GCM because the code goes to block_cipher.
Rather than having to enable that dependency everywhere it's needed,
auto-enable it in those conditions.

Also, move the PSA_WANT_ALG Kconfig options that were separate from
the others.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>

Author: tomi-font

subsys/nrf_security/Kconfig.psa.nordic

@@ -219,6 +219,20 @@ config PSA_WANT_ALG_XTS
 	bool "PSA XTS block cipher mode support" if !PSA_PROMPTLESS
 	default y if PSA_CRYPTO_ENABLE_ALL
 
+config PSA_WANT_ALG_CHACHA20
+	bool "PSA CHACHA20 stream cipher support" if !PSA_PROMPTLESS
+	default y if PSA_CRYPTO_ENABLE_ALL
+
+config PSA_WANT_ALG_SHAKE256_512
+	bool "PSA SHAKE256 512 bits support" if !PSA_PROMPTLESS
+	default y if PSA_CRYPTO_ENABLE_ALL
+
+config PSA_WANT_ALG_ECB_NO_PADDING
+	bool "PSA ECB support" if !PSA_PROMPTLESS
+	default y if PSA_CRYPTO_ENABLE_ALL
+	default y if MBEDTLS_BUILTIN && !MBEDTLS_FORCE_LEGACY_CIPHER && \
+		     PSA_WANT_KEY_TYPE_AES && (PSA_WANT_ALG_GCM || PSA_WANT_ALG_CCM)
+
 comment "Nordic added ECC curve types"
 
 config PSA_WANT_ECC_BRAINPOOL_P_R1_160
@@ -298,14 +312,6 @@ config PSA_WANT_ECC_SECT_R2_163
 config PSA_WANT_ECC_FRP_V1_256
 	bool "PSA ECC FRP256v1 support" if !PSA_PROMPTLESS
 
-config PSA_WANT_ALG_CHACHA20
-	bool "PSA CHACHA20 stream cipher support" if !PSA_PROMPTLESS
-	default y if PSA_CRYPTO_ENABLE_ALL
-
-config PSA_WANT_ALG_SHAKE256_512
-	bool "PSA SHAKE256 512 bits support" if !PSA_PROMPTLESS
-	default y if PSA_CRYPTO_ENABLE_ALL
-
 comment "Nordic addded RNG configuration"
 
 config PSA_WANT_GENERATE_RANDOM