nrf_security: auto-enable PSA_WANT_ALG_ECB_NO_PADDING

Auto-enable PSA_WANT_ALG_ECB_NO_PADDING when MBEDTLS_BUILTIN and CCM or
GCM is enabled and !MBEDTLS_FORCE_LEGACY_CIPHER.
ECB is needed by the block_cipher module in Mbed TLS when
MBEDTLS_BLOCK_CIPHER_SOME_PSA.
Because of a noup we have to enable that in our Mbed TLS fork, ECB ends
up needing to be enabled when using Mbed TLS' PSA API to encrypt/decrypt
data with CCM/GCM because the code goes to block_cipher.
Rather than having to enable that dependency everywhere it's needed,
auto-enable it in those conditions.

Also, move the PSA_WANT_ALG Kconfig options that were separate from
the others.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>

Author: tomi-font

subsys/nrf_security/Kconfig.psa.nordic

@@ -219,6 +219,42 @@ config PSA_WANT_ALG_XTS
 	bool "PSA XTS block cipher mode support" if !PSA_PROMPTLESS
 	default y if PSA_CRYPTO_ENABLE_ALL
 
+config PSA_WANT_ALG_ECB_NO_PADDING
+	bool "PSA ECB support" if !PSA_PROMPTLESS
+	default y if PSA_CRYPTO_ENABLE_ALL
+	default y if MBEDTLS_BUILTIN && !MBEDTLS_FORCE_LEGACY_CIPHER && \
+		     PSA_WANT_KEY_TYPE_AES && (PSA_WANT_ALG_GCM || PSA_WANT_ALG_CCM)
+
+config PSA_WANT_ALG_CHACHA20
+	bool "PSA CHACHA20 stream cipher support" if !PSA_PROMPTLESS
+	default y if PSA_CRYPTO_ENABLE_ALL
+
+config PSA_WANT_ALG_SHAKE256_512
+	bool "PSA SHAKE256 512 bits support" if !PSA_PROMPTLESS
+	default y if PSA_CRYPTO_ENABLE_ALL
+
+config PSA_WANT_ALG_AES_KW
+	bool "AES key wrap support (NIST-SP-800-38F and RFC3394)" if !MBEDTLS_PROMPTLESS
+	select EXPERIMENTAL
+
+config PSA_WANT_ALG_AES_KWP
+	bool "AES key wrap support (NIST-SP-800-38F and RFC5649)" if !MBEDTLS_PROMPTLESS
+	select EXPERIMENTAL
+
+config PSA_WANT_ALG_WPA3_SAE_PT
+	bool "WPA3-SAE-PT support" if !MBEDTLS_PROMPTLESS
+	select EXPERIMENTAL
+
+config PSA_WANT_ALG_WPA3_SAE
+	bool "WPA3-SAE support" if !MBEDTLS_PROMPTLESS
+	select EXPERIMENTAL
+
+config PSA_WANT_ALG_SP800_108_COUNTER_CMAC
+	bool "NIST SP 800-108 conformant CMAC based KDF" if !MBEDTLS_PROMPTLESS
+
+config PSA_WANT_ALG_SP800_108_COUNTER_HMAC
+	bool "NIST SP 800-108 conformant HMAC based KDF" if !MBEDTLS_PROMPTLESS
+
 comment "Nordic added ECC curve types"
 
 config PSA_WANT_ECC_BRAINPOOL_P_R1_160
@@ -298,36 +334,6 @@ config PSA_WANT_ECC_SECT_R2_163
 config PSA_WANT_ECC_FRP_V1_256
 	bool "PSA ECC FRP256v1 support" if !PSA_PROMPTLESS
 
-config PSA_WANT_ALG_CHACHA20
-	bool "PSA CHACHA20 stream cipher support" if !PSA_PROMPTLESS
-	default y if PSA_CRYPTO_ENABLE_ALL
-
-config PSA_WANT_ALG_SHAKE256_512
-	bool "PSA SHAKE256 512 bits support" if !PSA_PROMPTLESS
-	default y if PSA_CRYPTO_ENABLE_ALL
-
-config PSA_WANT_ALG_AES_KW
-	bool "AES key wrap support (NIST-SP-800-38F and RFC3394)" if !MBEDTLS_PROMPTLESS
-	select EXPERIMENTAL
-
-config PSA_WANT_ALG_AES_KWP
-	bool "AES key wrap support (NIST-SP-800-38F and RFC5649)" if !MBEDTLS_PROMPTLESS
-	select EXPERIMENTAL
-
-config PSA_WANT_ALG_WPA3_SAE_PT
-	bool "WPA3-SAE-PT support" if !MBEDTLS_PROMPTLESS
-	select EXPERIMENTAL
-
-config PSA_WANT_ALG_WPA3_SAE
-	bool "WPA3-SAE support" if !MBEDTLS_PROMPTLESS
-	select EXPERIMENTAL
-
-config PSA_WANT_ALG_SP800_108_COUNTER_CMAC
-	bool "NIST SP 800-108 conformant CMAC based KDF" if !MBEDTLS_PROMPTLESS
-
-config PSA_WANT_ALG_SP800_108_COUNTER_HMAC
-	bool "NIST SP 800-108 conformant HMAC based KDF" if !MBEDTLS_PROMPTLESS
-
 comment "Nordic addded RNG configuration"
 
 config PSA_WANT_GENERATE_RANDOM