1 /** 2 * \file mbedtls/config_psa.h 3 * \brief PSA crypto configuration options (set of defines) 4 * 5 * This set of compile-time options takes settings defined in 6 * include/mbedtls/mbedtls_config.h and include/psa/crypto_config.h and uses 7 * those definitions to define symbols used in the library code. 8 * 9 * Users and integrators should not edit this file, please edit 10 * include/mbedtls/mbedtls_config.h for MBEDTLS_XXX settings or 11 * include/psa/crypto_config.h for PSA_WANT_XXX settings. 12 */ 13 /* 14 * Copyright The Mbed TLS Contributors 15 * SPDX-License-Identifier: Apache-2.0 16 * 17 * Licensed under the Apache License, Version 2.0 (the "License"); you may 18 * not use this file except in compliance with the License. 19 * You may obtain a copy of the License at 20 * 21 * http://www.apache.org/licenses/LICENSE-2.0 22 * 23 * Unless required by applicable law or agreed to in writing, software 24 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 25 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 26 * See the License for the specific language governing permissions and 27 * limitations under the License. 28 */ 29 30 #ifndef MBEDTLS_CONFIG_PSA_H 31 #define MBEDTLS_CONFIG_PSA_H 32 33 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 34 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) 35 #include MBEDTLS_PSA_CRYPTO_CONFIG_FILE 36 #else 37 #include "psa/crypto_config.h" 38 #endif 39 #endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */ 40 41 #if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) 42 #include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 43 #endif 44 45 #ifdef __cplusplus 46 extern "C" { 47 #endif 48 49 50 51 /****************************************************************/ 52 /* De facto synonyms */ 53 /****************************************************************/ 54 55 #if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA) 56 #define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY 57 #elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA) 58 #define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA 59 #endif 60 61 #if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && !defined(PSA_WANT_ALG_CCM) 62 #define PSA_WANT_ALG_CCM PSA_WANT_ALG_CCM_STAR_NO_TAG 63 #elif !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && defined(PSA_WANT_ALG_CCM) 64 #define PSA_WANT_ALG_CCM_STAR_NO_TAG PSA_WANT_ALG_CCM 65 #endif 66 67 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 68 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 69 #elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 70 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN 71 #endif 72 73 #if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS) 74 #define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT 75 #elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS) 76 #define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS 77 #endif 78 79 80 81 /****************************************************************/ 82 /* Require built-in implementations based on PSA requirements */ 83 /****************************************************************/ 84 85 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 86 87 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) 88 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) 89 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 90 #define MBEDTLS_ECDSA_DETERMINISTIC 91 #define MBEDTLS_ECDSA_C 92 #define MBEDTLS_HMAC_DRBG_C 93 #define MBEDTLS_MD_C 94 #endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */ 95 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ 96 97 #if defined(PSA_WANT_ALG_ECDH) 98 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) 99 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 100 #define MBEDTLS_ECDH_C 101 #define MBEDTLS_ECP_C 102 #define MBEDTLS_BIGNUM_C 103 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */ 104 #endif /* PSA_WANT_ALG_ECDH */ 105 106 #if defined(PSA_WANT_ALG_ECDSA) 107 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) 108 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 109 #define MBEDTLS_ECDSA_C 110 #define MBEDTLS_ECP_C 111 #define MBEDTLS_BIGNUM_C 112 #define MBEDTLS_ASN1_PARSE_C 113 #define MBEDTLS_ASN1_WRITE_C 114 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ 115 #endif /* PSA_WANT_ALG_ECDSA */ 116 117 #if defined(PSA_WANT_ALG_HKDF) 118 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) 119 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 120 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 121 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ 122 #endif /* PSA_WANT_ALG_HKDF */ 123 124 #if defined(PSA_WANT_ALG_HKDF_EXTRACT) 125 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) 126 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 127 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 128 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ 129 #endif /* PSA_WANT_ALG_HKDF_EXTRACT */ 130 131 #if defined(PSA_WANT_ALG_HKDF_EXPAND) 132 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) 133 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 134 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 135 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ 136 #endif /* PSA_WANT_ALG_HKDF_EXPAND */ 137 138 #if defined(PSA_WANT_ALG_HMAC) 139 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) 140 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 141 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ 142 #endif /* PSA_WANT_ALG_HMAC */ 143 144 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) 145 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 146 #define MBEDTLS_MD5_C 147 #endif 148 149 #if defined(PSA_WANT_ALG_JPAKE) 150 #define MBEDTLS_PSA_BUILTIN_PAKE 1 151 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 152 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 153 #define MBEDTLS_BIGNUM_C 154 #define MBEDTLS_ECP_C 155 #define MBEDTLS_ECJPAKE_C 156 #endif /* PSA_WANT_ALG_JPAKE */ 157 158 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) 159 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 160 #define MBEDTLS_RIPEMD160_C 161 #endif 162 163 #if defined(PSA_WANT_ALG_RSA_OAEP) 164 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) 165 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 166 #define MBEDTLS_RSA_C 167 #define MBEDTLS_BIGNUM_C 168 #define MBEDTLS_OID_C 169 #define MBEDTLS_PKCS1_V21 170 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ 171 #endif /* PSA_WANT_ALG_RSA_OAEP */ 172 173 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) 174 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) 175 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 176 #define MBEDTLS_RSA_C 177 #define MBEDTLS_BIGNUM_C 178 #define MBEDTLS_OID_C 179 #define MBEDTLS_PKCS1_V15 180 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ 181 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ 182 183 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 184 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) 185 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 186 #define MBEDTLS_RSA_C 187 #define MBEDTLS_BIGNUM_C 188 #define MBEDTLS_OID_C 189 #define MBEDTLS_PKCS1_V15 190 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ 191 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ 192 193 #if defined(PSA_WANT_ALG_RSA_PSS) 194 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) 195 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 196 #define MBEDTLS_RSA_C 197 #define MBEDTLS_BIGNUM_C 198 #define MBEDTLS_OID_C 199 #define MBEDTLS_PKCS1_V21 200 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ 201 #endif /* PSA_WANT_ALG_RSA_PSS */ 202 203 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) 204 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 205 #define MBEDTLS_SHA1_C 206 #endif 207 208 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) 209 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 210 #define MBEDTLS_SHA224_C 211 #endif 212 213 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) 214 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 215 #define MBEDTLS_SHA256_C 216 #endif 217 218 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) 219 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 220 #define MBEDTLS_SHA384_C 221 #endif 222 223 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) 224 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 225 #define MBEDTLS_SHA512_C 226 #endif 227 228 #if defined(PSA_WANT_ALG_TLS12_PRF) 229 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) 230 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 231 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ 232 #endif /* PSA_WANT_ALG_TLS12_PRF */ 233 234 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) 235 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) 236 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 237 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ 238 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ 239 240 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) 241 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) 242 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 243 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */ 244 #endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ 245 246 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) 247 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) 248 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 249 #define MBEDTLS_ECP_C 250 #define MBEDTLS_BIGNUM_C 251 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */ 252 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */ 253 254 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 255 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) 256 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 257 #define MBEDTLS_ECP_C 258 #define MBEDTLS_BIGNUM_C 259 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */ 260 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ 261 262 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) 263 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) 264 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 265 #define MBEDTLS_RSA_C 266 #define MBEDTLS_BIGNUM_C 267 #define MBEDTLS_OID_C 268 #define MBEDTLS_GENPRIME 269 #define MBEDTLS_PK_PARSE_C 270 #define MBEDTLS_PK_WRITE_C 271 #define MBEDTLS_PK_C 272 #define MBEDTLS_ASN1_PARSE_C 273 #define MBEDTLS_ASN1_WRITE_C 274 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */ 275 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ 276 277 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) 278 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) 279 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 280 #define MBEDTLS_RSA_C 281 #define MBEDTLS_BIGNUM_C 282 #define MBEDTLS_OID_C 283 #define MBEDTLS_PK_PARSE_C 284 #define MBEDTLS_PK_WRITE_C 285 #define MBEDTLS_PK_C 286 #define MBEDTLS_ASN1_PARSE_C 287 #define MBEDTLS_ASN1_WRITE_C 288 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ 289 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ 290 291 /* If any of the block modes are requested that don't have an 292 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking 293 * in the block cipher key types. */ 294 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ 295 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ 296 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ 297 defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ 298 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ 299 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ 300 (defined(PSA_WANT_ALG_CBC_PKCS7) && \ 301 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ 302 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) 303 #define PSA_HAVE_SOFT_BLOCK_MODE 1 304 #endif 305 306 #if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \ 307 (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM)) 308 #define PSA_HAVE_SOFT_BLOCK_AEAD 1 309 #endif 310 311 #if defined(PSA_WANT_KEY_TYPE_AES) 312 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) 313 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1 314 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ 315 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 316 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 317 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 318 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 319 #define MBEDTLS_AES_C 320 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ 321 #endif /* PSA_WANT_KEY_TYPE_AES */ 322 323 #if defined(PSA_WANT_KEY_TYPE_ARIA) 324 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) 325 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 326 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ 327 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 328 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 329 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 330 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 331 #define MBEDTLS_ARIA_C 332 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ 333 #endif /* PSA_WANT_KEY_TYPE_ARIA */ 334 335 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) 336 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) 337 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 338 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ 339 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ 340 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 341 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 342 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 343 #define MBEDTLS_CAMELLIA_C 344 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ 345 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ 346 347 #if defined(PSA_WANT_KEY_TYPE_DES) 348 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) 349 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1 350 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ 351 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 352 defined(PSA_HAVE_SOFT_BLOCK_MODE) 353 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 354 #define MBEDTLS_DES_C 355 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ 356 #endif /* PSA_WANT_KEY_TYPE_DES */ 357 358 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 359 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) 360 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 361 #define MBEDTLS_CHACHA20_C 362 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ 363 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 364 365 /* If any of the software block ciphers are selected, define 366 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these 367 * situations. */ 368 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 369 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 370 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 371 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 372 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 373 #endif 374 375 #if defined(PSA_WANT_ALG_STREAM_CIPHER) 376 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 377 #endif /* PSA_WANT_ALG_STREAM_CIPHER */ 378 379 #if defined(PSA_WANT_ALG_CBC_MAC) 380 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) 381 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." 382 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 383 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ 384 #endif /* PSA_WANT_ALG_CBC_MAC */ 385 386 #if defined(PSA_WANT_ALG_CMAC) 387 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ 388 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 389 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 390 #define MBEDTLS_CMAC_C 391 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ 392 #endif /* PSA_WANT_ALG_CMAC */ 393 394 #if defined(PSA_WANT_ALG_CTR) 395 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ 396 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 397 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 398 #define MBEDTLS_CIPHER_MODE_CTR 399 #endif 400 #endif /* PSA_WANT_ALG_CTR */ 401 402 #if defined(PSA_WANT_ALG_CFB) 403 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ 404 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 405 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 406 #define MBEDTLS_CIPHER_MODE_CFB 407 #endif 408 #endif /* PSA_WANT_ALG_CFB */ 409 410 #if defined(PSA_WANT_ALG_OFB) 411 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ 412 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 413 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 414 #define MBEDTLS_CIPHER_MODE_OFB 415 #endif 416 #endif /* PSA_WANT_ALG_OFB */ 417 418 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ 419 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) 420 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 421 #endif 422 423 #if defined(PSA_WANT_ALG_CBC_NO_PADDING) 424 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ 425 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 426 #define MBEDTLS_CIPHER_MODE_CBC 427 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 428 #endif 429 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ 430 431 #if defined(PSA_WANT_ALG_CBC_PKCS7) 432 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ 433 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 434 #define MBEDTLS_CIPHER_MODE_CBC 435 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 436 #define MBEDTLS_CIPHER_PADDING_PKCS7 437 #endif 438 #endif /* PSA_WANT_ALG_CBC_PKCS7 */ 439 440 #if defined(PSA_WANT_ALG_CCM) 441 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ 442 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 443 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 444 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 445 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 446 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 447 #define MBEDTLS_CCM_C 448 #endif 449 #endif /* PSA_WANT_ALG_CCM */ 450 451 #if defined(PSA_WANT_ALG_GCM) 452 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ 453 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 454 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 455 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 456 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 457 #define MBEDTLS_GCM_C 458 #endif 459 #endif /* PSA_WANT_ALG_GCM */ 460 461 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) 462 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) 463 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 464 #define MBEDTLS_CHACHAPOLY_C 465 #define MBEDTLS_CHACHA20_C 466 #define MBEDTLS_POLY1305_C 467 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 468 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 469 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ 470 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ 471 472 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) 473 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) 474 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 475 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 476 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */ 477 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ 478 479 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) 480 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) 481 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 482 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 483 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */ 484 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ 485 486 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) 487 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) 488 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 489 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 490 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */ 491 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ 492 493 #if defined(PSA_WANT_ECC_MONTGOMERY_255) 494 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) 495 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 496 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 497 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */ 498 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */ 499 500 #if defined(PSA_WANT_ECC_MONTGOMERY_448) 501 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) 502 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 503 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 504 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */ 505 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */ 506 507 #if defined(PSA_WANT_ECC_SECP_R1_192) 508 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) 509 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 510 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 511 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */ 512 #endif /* PSA_WANT_ECC_SECP_R1_192 */ 513 514 #if defined(PSA_WANT_ECC_SECP_R1_224) 515 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) 516 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 517 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 518 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */ 519 #endif /* PSA_WANT_ECC_SECP_R1_224 */ 520 521 #if defined(PSA_WANT_ECC_SECP_R1_256) 522 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) 523 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 524 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 525 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */ 526 #endif /* PSA_WANT_ECC_SECP_R1_256 */ 527 528 #if defined(PSA_WANT_ECC_SECP_R1_384) 529 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) 530 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 531 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 532 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */ 533 #endif /* PSA_WANT_ECC_SECP_R1_384 */ 534 535 #if defined(PSA_WANT_ECC_SECP_R1_521) 536 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) 537 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 538 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 539 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */ 540 #endif /* PSA_WANT_ECC_SECP_R1_521 */ 541 542 #if defined(PSA_WANT_ECC_SECP_K1_192) 543 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) 544 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 545 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 546 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */ 547 #endif /* PSA_WANT_ECC_SECP_K1_192 */ 548 549 #if defined(PSA_WANT_ECC_SECP_K1_224) 550 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) 551 /* 552 * SECP224K1 is buggy via the PSA API in Mbed TLS 553 * (https://github.com/Mbed-TLS/mbedtls/issues/3541). 554 */ 555 #error "SECP224K1 is buggy via the PSA API in Mbed TLS." 556 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 557 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 558 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */ 559 #endif /* PSA_WANT_ECC_SECP_K1_224 */ 560 561 #if defined(PSA_WANT_ECC_SECP_K1_256) 562 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) 563 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 564 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 565 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */ 566 #endif /* PSA_WANT_ECC_SECP_K1_256 */ 567 568 569 570 /****************************************************************/ 571 /* Infer PSA requirements from Mbed TLS capabilities */ 572 /****************************************************************/ 573 574 #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ 575 576 /* 577 * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG 578 * is not defined 579 */ 580 581 #if defined(MBEDTLS_CCM_C) 582 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 583 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 584 #define PSA_WANT_ALG_CCM 1 585 #define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 586 #endif /* MBEDTLS_CCM_C */ 587 588 #if defined(MBEDTLS_CMAC_C) 589 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 590 #define PSA_WANT_ALG_CMAC 1 591 #endif /* MBEDTLS_CMAC_C */ 592 593 #if defined(MBEDTLS_ECDH_C) 594 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 595 #define PSA_WANT_ALG_ECDH 1 596 #endif /* MBEDTLS_ECDH_C */ 597 598 #if defined(MBEDTLS_ECDSA_C) 599 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 600 #define PSA_WANT_ALG_ECDSA 1 601 #define PSA_WANT_ALG_ECDSA_ANY 1 602 603 // Only add in DETERMINISTIC support if ECDSA is also enabled 604 #if defined(MBEDTLS_ECDSA_DETERMINISTIC) 605 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 606 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 607 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ 608 609 #endif /* MBEDTLS_ECDSA_C */ 610 611 #if defined(MBEDTLS_ECP_C) 612 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 613 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 614 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 615 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 616 #endif /* MBEDTLS_ECP_C */ 617 618 #if defined(MBEDTLS_GCM_C) 619 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 620 #define PSA_WANT_ALG_GCM 1 621 #endif /* MBEDTLS_GCM_C */ 622 623 /* Enable PSA HKDF algorithm if mbedtls HKDF is supported. 624 * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when 625 * PSA HKDF is enabled, so enable both algorithms together 626 * with PSA HKDF. */ 627 #if defined(MBEDTLS_HKDF_C) 628 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 629 #define PSA_WANT_ALG_HMAC 1 630 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 631 #define PSA_WANT_ALG_HKDF 1 632 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 633 #define PSA_WANT_ALG_HKDF_EXTRACT 1 634 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 635 #define PSA_WANT_ALG_HKDF_EXPAND 1 636 #endif /* MBEDTLS_HKDF_C */ 637 638 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 639 #define PSA_WANT_ALG_HMAC 1 640 #define PSA_WANT_KEY_TYPE_HMAC 641 642 #if defined(MBEDTLS_MD_C) 643 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 644 #define PSA_WANT_ALG_TLS12_PRF 1 645 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 646 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 647 #endif /* MBEDTLS_MD_C */ 648 649 #if defined(MBEDTLS_MD5_C) 650 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 651 #define PSA_WANT_ALG_MD5 1 652 #endif 653 654 #if defined(MBEDTLS_ECJPAKE_C) 655 #define MBEDTLS_PSA_BUILTIN_PAKE 1 656 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 657 #define PSA_WANT_ALG_JPAKE 1 658 #endif 659 660 #if defined(MBEDTLS_RIPEMD160_C) 661 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 662 #define PSA_WANT_ALG_RIPEMD160 1 663 #endif 664 665 #if defined(MBEDTLS_RSA_C) 666 #if defined(MBEDTLS_PKCS1_V15) 667 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 668 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 669 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 670 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 671 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1 672 #endif /* MBEDTLS_PKCS1_V15 */ 673 #if defined(MBEDTLS_PKCS1_V21) 674 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 675 #define PSA_WANT_ALG_RSA_OAEP 1 676 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 677 #define PSA_WANT_ALG_RSA_PSS 1 678 #endif /* MBEDTLS_PKCS1_V21 */ 679 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 680 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 681 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 682 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 683 #endif /* MBEDTLS_RSA_C */ 684 685 #if defined(MBEDTLS_SHA1_C) 686 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 687 #define PSA_WANT_ALG_SHA_1 1 688 #endif 689 690 #if defined(MBEDTLS_SHA224_C) 691 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 692 #define PSA_WANT_ALG_SHA_224 1 693 #endif 694 695 #if defined(MBEDTLS_SHA256_C) 696 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 697 #define PSA_WANT_ALG_SHA_256 1 698 #endif 699 700 #if defined(MBEDTLS_SHA384_C) 701 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 702 #define PSA_WANT_ALG_SHA_384 1 703 #endif 704 705 #if defined(MBEDTLS_SHA512_C) 706 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 707 #define PSA_WANT_ALG_SHA_512 1 708 #endif 709 710 #if defined(MBEDTLS_AES_C) 711 #define PSA_WANT_KEY_TYPE_AES 1 712 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 713 #endif 714 715 #if defined(MBEDTLS_ARIA_C) 716 #define PSA_WANT_KEY_TYPE_ARIA 1 717 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 718 #endif 719 720 #if defined(MBEDTLS_CAMELLIA_C) 721 #define PSA_WANT_KEY_TYPE_CAMELLIA 1 722 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 723 #endif 724 725 #if defined(MBEDTLS_DES_C) 726 #define PSA_WANT_KEY_TYPE_DES 1 727 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 728 #endif 729 730 #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) 731 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 732 #define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1 733 #endif 734 735 #if defined(MBEDTLS_CHACHA20_C) 736 #define PSA_WANT_KEY_TYPE_CHACHA20 1 737 #define PSA_WANT_ALG_STREAM_CIPHER 1 738 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 739 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 740 #if defined(MBEDTLS_CHACHAPOLY_C) 741 #define PSA_WANT_ALG_CHACHA20_POLY1305 1 742 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 743 #endif 744 #endif 745 746 #if defined(MBEDTLS_CIPHER_MODE_CBC) 747 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 748 #define PSA_WANT_ALG_CBC_NO_PADDING 1 749 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) 750 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 751 #define PSA_WANT_ALG_CBC_PKCS7 1 752 #endif 753 #endif 754 755 #if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ 756 defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) 757 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 758 #define PSA_WANT_ALG_ECB_NO_PADDING 1 759 #endif 760 761 #if defined(MBEDTLS_CIPHER_MODE_CFB) 762 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 763 #define PSA_WANT_ALG_CFB 1 764 #endif 765 766 #if defined(MBEDTLS_CIPHER_MODE_CTR) 767 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 768 #define PSA_WANT_ALG_CTR 1 769 #endif 770 771 #if defined(MBEDTLS_CIPHER_MODE_OFB) 772 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 773 #define PSA_WANT_ALG_OFB 1 774 #endif 775 776 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) 777 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 778 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 779 #endif 780 781 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) 782 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 783 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 784 #endif 785 786 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) 787 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 788 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 789 #endif 790 791 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) 792 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 793 #define PSA_WANT_ECC_MONTGOMERY_255 794 #endif 795 796 #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) 797 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 798 #define PSA_WANT_ECC_MONTGOMERY_448 799 #endif 800 801 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) 802 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 803 #define PSA_WANT_ECC_SECP_R1_192 804 #endif 805 806 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) 807 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 808 #define PSA_WANT_ECC_SECP_R1_224 809 #endif 810 811 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) 812 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 813 #define PSA_WANT_ECC_SECP_R1_256 814 #endif 815 816 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) 817 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 818 #define PSA_WANT_ECC_SECP_R1_384 819 #endif 820 821 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) 822 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 823 #define PSA_WANT_ECC_SECP_R1_521 824 #endif 825 826 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) 827 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 828 #define PSA_WANT_ECC_SECP_K1_192 829 #endif 830 831 /* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ 832 #if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) 833 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 834 #define PSA_WANT_ECC_SECP_K1_224 835 #endif 836 837 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) 838 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 839 #define PSA_WANT_ECC_SECP_K1_256 840 #endif 841 842 #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ 843 844 /* These features are always enabled. */ 845 #define PSA_WANT_KEY_TYPE_DERIVE 1 846 #define PSA_WANT_KEY_TYPE_RAW_DATA 1 847 848 #ifdef __cplusplus 849 } 850 #endif 851 852 #endif /* MBEDTLS_CONFIG_PSA_H */ 853
