1 /** 2 * \file mbedtls/config_psa.h 3 * \brief PSA crypto configuration options (set of defines) 4 * 5 * This set of compile-time options takes settings defined in 6 * include/mbedtls/mbedtls_config.h and include/psa/crypto_config.h and uses 7 * those definitions to define symbols used in the library code. 8 * 9 * Users and integrators should not edit this file, please edit 10 * include/mbedtls/mbedtls_config.h for MBEDTLS_XXX settings or 11 * include/psa/crypto_config.h for PSA_WANT_XXX settings. 12 */ 13 /* 14 * Copyright The Mbed TLS Contributors 15 * SPDX-License-Identifier: Apache-2.0 16 * 17 * Licensed under the Apache License, Version 2.0 (the "License"); you may 18 * not use this file except in compliance with the License. 19 * You may obtain a copy of the License at 20 * 21 * http://www.apache.org/licenses/LICENSE-2.0 22 * 23 * Unless required by applicable law or agreed to in writing, software 24 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 25 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 26 * See the License for the specific language governing permissions and 27 * limitations under the License. 28 */ 29 30 #ifndef MBEDTLS_CONFIG_PSA_H 31 #define MBEDTLS_CONFIG_PSA_H 32 33 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 34 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) 35 #include MBEDTLS_PSA_CRYPTO_CONFIG_FILE 36 #else 37 #include "psa/crypto_config.h" 38 #endif 39 #endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */ 40 41 #if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) 42 #include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 43 #endif 44 45 #ifdef __cplusplus 46 extern "C" { 47 #endif 48 49 50 51 /****************************************************************/ 52 /* De facto synonyms */ 53 /****************************************************************/ 54 55 #if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA) 56 #define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY 57 #elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA) 58 #define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA 59 #endif 60 61 #if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && !defined(PSA_WANT_ALG_CCM) 62 #define PSA_WANT_ALG_CCM PSA_WANT_ALG_CCM_STAR_NO_TAG 63 #elif !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && defined(PSA_WANT_ALG_CCM) 64 #define PSA_WANT_ALG_CCM_STAR_NO_TAG PSA_WANT_ALG_CCM 65 #endif 66 67 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 68 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 69 #elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 70 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN 71 #endif 72 73 #if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS) 74 #define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT 75 #elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS) 76 #define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS 77 #endif 78 79 80 81 /****************************************************************/ 82 /* Require built-in implementations based on PSA requirements */ 83 /****************************************************************/ 84 85 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 86 87 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) 88 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) 89 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 90 #define MBEDTLS_ECDSA_DETERMINISTIC 91 #define MBEDTLS_ECDSA_C 92 #define MBEDTLS_HMAC_DRBG_C 93 #define MBEDTLS_MD_C 94 #endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */ 95 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ 96 97 #if defined(PSA_WANT_ALG_ECDH) 98 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) 99 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 100 #define MBEDTLS_ECDH_C 101 #define MBEDTLS_ECP_C 102 #define MBEDTLS_BIGNUM_C 103 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */ 104 #endif /* PSA_WANT_ALG_ECDH */ 105 106 #if defined(PSA_WANT_ALG_ECDSA) 107 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) 108 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 109 #define MBEDTLS_ECDSA_C 110 #define MBEDTLS_ECP_C 111 #define MBEDTLS_BIGNUM_C 112 #define MBEDTLS_ASN1_PARSE_C 113 #define MBEDTLS_ASN1_WRITE_C 114 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ 115 #endif /* PSA_WANT_ALG_ECDSA */ 116 117 #if defined(PSA_WANT_ALG_HKDF) 118 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) 119 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 120 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 121 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ 122 #endif /* PSA_WANT_ALG_HKDF */ 123 124 #if defined(PSA_WANT_ALG_HKDF_EXTRACT) 125 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) 126 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 127 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 128 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ 129 #endif /* PSA_WANT_ALG_HKDF_EXTRACT */ 130 131 #if defined(PSA_WANT_ALG_HKDF_EXPAND) 132 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) 133 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 134 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 135 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ 136 #endif /* PSA_WANT_ALG_HKDF_EXPAND */ 137 138 #if defined(PSA_WANT_ALG_HMAC) 139 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) 140 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 141 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ 142 #endif /* PSA_WANT_ALG_HMAC */ 143 144 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) 145 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 146 #define MBEDTLS_MD5_C 147 #endif 148 149 #if defined(PSA_WANT_ALG_JPAKE) 150 #if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) 151 #define MBEDTLS_PSA_BUILTIN_PAKE 1 152 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 153 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 154 #define MBEDTLS_BIGNUM_C 155 #define MBEDTLS_ECP_C 156 #define MBEDTLS_ECJPAKE_C 157 #endif /* MBEDTLS_PSA_ACCEL_ALG_JPAKE */ 158 #endif /* PSA_WANT_ALG_JPAKE */ 159 160 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) 161 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 162 #define MBEDTLS_RIPEMD160_C 163 #endif 164 165 #if defined(PSA_WANT_ALG_RSA_OAEP) 166 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) 167 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 168 #define MBEDTLS_RSA_C 169 #define MBEDTLS_BIGNUM_C 170 #define MBEDTLS_OID_C 171 #define MBEDTLS_PKCS1_V21 172 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ 173 #endif /* PSA_WANT_ALG_RSA_OAEP */ 174 175 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) 176 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) 177 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 178 #define MBEDTLS_RSA_C 179 #define MBEDTLS_BIGNUM_C 180 #define MBEDTLS_OID_C 181 #define MBEDTLS_PKCS1_V15 182 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ 183 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ 184 185 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 186 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) 187 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 188 #define MBEDTLS_RSA_C 189 #define MBEDTLS_BIGNUM_C 190 #define MBEDTLS_OID_C 191 #define MBEDTLS_PKCS1_V15 192 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ 193 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ 194 195 #if defined(PSA_WANT_ALG_RSA_PSS) 196 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) 197 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 198 #define MBEDTLS_RSA_C 199 #define MBEDTLS_BIGNUM_C 200 #define MBEDTLS_OID_C 201 #define MBEDTLS_PKCS1_V21 202 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ 203 #endif /* PSA_WANT_ALG_RSA_PSS */ 204 205 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) 206 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 207 #define MBEDTLS_SHA1_C 208 #endif 209 210 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) 211 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 212 #define MBEDTLS_SHA224_C 213 #endif 214 215 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) 216 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 217 #define MBEDTLS_SHA256_C 218 #endif 219 220 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) 221 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 222 #define MBEDTLS_SHA384_C 223 #endif 224 225 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) 226 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 227 #define MBEDTLS_SHA512_C 228 #endif 229 230 #if defined(PSA_WANT_ALG_TLS12_PRF) 231 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) 232 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 233 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ 234 #endif /* PSA_WANT_ALG_TLS12_PRF */ 235 236 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) 237 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) 238 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 239 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ 240 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ 241 242 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) 243 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) 244 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 245 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */ 246 #endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ 247 248 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) 249 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) 250 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 251 #define MBEDTLS_ECP_C 252 #define MBEDTLS_BIGNUM_C 253 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */ 254 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */ 255 256 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 257 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) 258 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 259 #define MBEDTLS_ECP_C 260 #define MBEDTLS_BIGNUM_C 261 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */ 262 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ 263 264 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) 265 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) 266 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 267 #define MBEDTLS_RSA_C 268 #define MBEDTLS_BIGNUM_C 269 #define MBEDTLS_OID_C 270 #define MBEDTLS_GENPRIME 271 #define MBEDTLS_PK_PARSE_C 272 #define MBEDTLS_PK_WRITE_C 273 #define MBEDTLS_PK_C 274 #define MBEDTLS_ASN1_PARSE_C 275 #define MBEDTLS_ASN1_WRITE_C 276 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */ 277 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ 278 279 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) 280 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) 281 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 282 #define MBEDTLS_RSA_C 283 #define MBEDTLS_BIGNUM_C 284 #define MBEDTLS_OID_C 285 #define MBEDTLS_PK_PARSE_C 286 #define MBEDTLS_PK_WRITE_C 287 #define MBEDTLS_PK_C 288 #define MBEDTLS_ASN1_PARSE_C 289 #define MBEDTLS_ASN1_WRITE_C 290 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ 291 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ 292 293 /* If any of the block modes are requested that don't have an 294 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking 295 * in the block cipher key types. */ 296 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ 297 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ 298 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ 299 defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ 300 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ 301 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ 302 (defined(PSA_WANT_ALG_CBC_PKCS7) && \ 303 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ 304 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) 305 #define PSA_HAVE_SOFT_BLOCK_MODE 1 306 #endif 307 308 #if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \ 309 (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM)) 310 #define PSA_HAVE_SOFT_BLOCK_AEAD 1 311 #endif 312 313 #if defined(PSA_WANT_KEY_TYPE_AES) 314 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) 315 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1 316 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ 317 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 318 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 319 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 320 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 321 #define MBEDTLS_AES_C 322 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ 323 #endif /* PSA_WANT_KEY_TYPE_AES */ 324 325 #if defined(PSA_WANT_KEY_TYPE_ARIA) 326 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) 327 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 328 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ 329 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 330 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 331 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 332 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 333 #define MBEDTLS_ARIA_C 334 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ 335 #endif /* PSA_WANT_KEY_TYPE_ARIA */ 336 337 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) 338 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) 339 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 340 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ 341 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ 342 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 343 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 344 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 345 #define MBEDTLS_CAMELLIA_C 346 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ 347 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ 348 349 #if defined(PSA_WANT_KEY_TYPE_DES) 350 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) 351 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1 352 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ 353 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 354 defined(PSA_HAVE_SOFT_BLOCK_MODE) 355 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 356 #define MBEDTLS_DES_C 357 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ 358 #endif /* PSA_WANT_KEY_TYPE_DES */ 359 360 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 361 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) 362 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 363 #define MBEDTLS_CHACHA20_C 364 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ 365 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 366 367 /* If any of the software block ciphers are selected, define 368 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these 369 * situations. */ 370 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 371 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 372 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 373 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 374 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 375 #endif 376 377 #if defined(PSA_WANT_ALG_STREAM_CIPHER) 378 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 379 #endif /* PSA_WANT_ALG_STREAM_CIPHER */ 380 381 #if defined(PSA_WANT_ALG_CBC_MAC) 382 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) 383 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." 384 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 385 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ 386 #endif /* PSA_WANT_ALG_CBC_MAC */ 387 388 #if defined(PSA_WANT_ALG_CMAC) 389 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ 390 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 391 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 392 #define MBEDTLS_CMAC_C 393 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ 394 #endif /* PSA_WANT_ALG_CMAC */ 395 396 #if defined(PSA_WANT_ALG_CTR) 397 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ 398 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 399 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 400 #define MBEDTLS_CIPHER_MODE_CTR 401 #endif 402 #endif /* PSA_WANT_ALG_CTR */ 403 404 #if defined(PSA_WANT_ALG_CFB) 405 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ 406 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 407 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 408 #define MBEDTLS_CIPHER_MODE_CFB 409 #endif 410 #endif /* PSA_WANT_ALG_CFB */ 411 412 #if defined(PSA_WANT_ALG_OFB) 413 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ 414 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 415 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 416 #define MBEDTLS_CIPHER_MODE_OFB 417 #endif 418 #endif /* PSA_WANT_ALG_OFB */ 419 420 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ 421 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) 422 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 423 #endif 424 425 #if defined(PSA_WANT_ALG_CBC_NO_PADDING) 426 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ 427 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 428 #define MBEDTLS_CIPHER_MODE_CBC 429 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 430 #endif 431 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ 432 433 #if defined(PSA_WANT_ALG_CBC_PKCS7) 434 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ 435 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 436 #define MBEDTLS_CIPHER_MODE_CBC 437 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 438 #define MBEDTLS_CIPHER_PADDING_PKCS7 439 #endif 440 #endif /* PSA_WANT_ALG_CBC_PKCS7 */ 441 442 #if defined(PSA_WANT_ALG_CCM) 443 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ 444 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 445 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 446 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 447 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 448 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 449 #define MBEDTLS_CCM_C 450 #endif 451 #endif /* PSA_WANT_ALG_CCM */ 452 453 #if defined(PSA_WANT_ALG_GCM) 454 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ 455 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 456 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 457 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 458 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 459 #define MBEDTLS_GCM_C 460 #endif 461 #endif /* PSA_WANT_ALG_GCM */ 462 463 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) 464 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) 465 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 466 #define MBEDTLS_CHACHAPOLY_C 467 #define MBEDTLS_CHACHA20_C 468 #define MBEDTLS_POLY1305_C 469 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 470 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 471 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ 472 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ 473 474 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) 475 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) 476 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 477 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 478 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */ 479 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ 480 481 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) 482 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) 483 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 484 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 485 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */ 486 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ 487 488 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) 489 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) 490 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 491 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 492 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */ 493 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ 494 495 #if defined(PSA_WANT_ECC_MONTGOMERY_255) 496 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) 497 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 498 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 499 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */ 500 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */ 501 502 #if defined(PSA_WANT_ECC_MONTGOMERY_448) 503 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) 504 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 505 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 506 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */ 507 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */ 508 509 #if defined(PSA_WANT_ECC_SECP_R1_192) 510 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) 511 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 512 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 513 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */ 514 #endif /* PSA_WANT_ECC_SECP_R1_192 */ 515 516 #if defined(PSA_WANT_ECC_SECP_R1_224) 517 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) 518 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 519 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 520 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */ 521 #endif /* PSA_WANT_ECC_SECP_R1_224 */ 522 523 #if defined(PSA_WANT_ECC_SECP_R1_256) 524 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) 525 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 526 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 527 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */ 528 #endif /* PSA_WANT_ECC_SECP_R1_256 */ 529 530 #if defined(PSA_WANT_ECC_SECP_R1_384) 531 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) 532 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 533 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 534 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */ 535 #endif /* PSA_WANT_ECC_SECP_R1_384 */ 536 537 #if defined(PSA_WANT_ECC_SECP_R1_521) 538 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) 539 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 540 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 541 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */ 542 #endif /* PSA_WANT_ECC_SECP_R1_521 */ 543 544 #if defined(PSA_WANT_ECC_SECP_K1_192) 545 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) 546 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 547 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 548 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */ 549 #endif /* PSA_WANT_ECC_SECP_K1_192 */ 550 551 #if defined(PSA_WANT_ECC_SECP_K1_224) 552 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) 553 /* 554 * SECP224K1 is buggy via the PSA API in Mbed TLS 555 * (https://github.com/Mbed-TLS/mbedtls/issues/3541). 556 */ 557 #error "SECP224K1 is buggy via the PSA API in Mbed TLS." 558 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 559 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 560 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */ 561 #endif /* PSA_WANT_ECC_SECP_K1_224 */ 562 563 #if defined(PSA_WANT_ECC_SECP_K1_256) 564 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) 565 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 566 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 567 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */ 568 #endif /* PSA_WANT_ECC_SECP_K1_256 */ 569 570 571 572 /****************************************************************/ 573 /* Infer PSA requirements from Mbed TLS capabilities */ 574 /****************************************************************/ 575 576 #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ 577 578 /* 579 * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG 580 * is not defined 581 */ 582 583 #if defined(MBEDTLS_CCM_C) 584 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 585 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 586 #define PSA_WANT_ALG_CCM 1 587 #define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 588 #endif /* MBEDTLS_CCM_C */ 589 590 #if defined(MBEDTLS_CMAC_C) 591 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 592 #define PSA_WANT_ALG_CMAC 1 593 #endif /* MBEDTLS_CMAC_C */ 594 595 #if defined(MBEDTLS_ECDH_C) 596 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 597 #define PSA_WANT_ALG_ECDH 1 598 #endif /* MBEDTLS_ECDH_C */ 599 600 #if defined(MBEDTLS_ECDSA_C) 601 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 602 #define PSA_WANT_ALG_ECDSA 1 603 #define PSA_WANT_ALG_ECDSA_ANY 1 604 605 // Only add in DETERMINISTIC support if ECDSA is also enabled 606 #if defined(MBEDTLS_ECDSA_DETERMINISTIC) 607 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 608 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 609 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ 610 611 #endif /* MBEDTLS_ECDSA_C */ 612 613 #if defined(MBEDTLS_ECP_C) 614 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 615 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 616 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 617 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 618 #endif /* MBEDTLS_ECP_C */ 619 620 #if defined(MBEDTLS_GCM_C) 621 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 622 #define PSA_WANT_ALG_GCM 1 623 #endif /* MBEDTLS_GCM_C */ 624 625 /* Enable PSA HKDF algorithm if mbedtls HKDF is supported. 626 * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when 627 * PSA HKDF is enabled, so enable both algorithms together 628 * with PSA HKDF. */ 629 #if defined(MBEDTLS_HKDF_C) 630 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 631 #define PSA_WANT_ALG_HMAC 1 632 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 633 #define PSA_WANT_ALG_HKDF 1 634 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 635 #define PSA_WANT_ALG_HKDF_EXTRACT 1 636 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 637 #define PSA_WANT_ALG_HKDF_EXPAND 1 638 #endif /* MBEDTLS_HKDF_C */ 639 640 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 641 #define PSA_WANT_ALG_HMAC 1 642 #define PSA_WANT_KEY_TYPE_HMAC 643 644 #if defined(MBEDTLS_MD_C) 645 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 646 #define PSA_WANT_ALG_TLS12_PRF 1 647 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 648 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 649 #endif /* MBEDTLS_MD_C */ 650 651 #if defined(MBEDTLS_MD5_C) 652 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 653 #define PSA_WANT_ALG_MD5 1 654 #endif 655 656 #if defined(MBEDTLS_ECJPAKE_C) 657 #define MBEDTLS_PSA_BUILTIN_PAKE 1 658 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 659 #define PSA_WANT_ALG_JPAKE 1 660 #endif 661 662 #if defined(MBEDTLS_RIPEMD160_C) 663 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 664 #define PSA_WANT_ALG_RIPEMD160 1 665 #endif 666 667 #if defined(MBEDTLS_RSA_C) 668 #if defined(MBEDTLS_PKCS1_V15) 669 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 670 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 671 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 672 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 673 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1 674 #endif /* MBEDTLS_PKCS1_V15 */ 675 #if defined(MBEDTLS_PKCS1_V21) 676 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 677 #define PSA_WANT_ALG_RSA_OAEP 1 678 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 679 #define PSA_WANT_ALG_RSA_PSS 1 680 #endif /* MBEDTLS_PKCS1_V21 */ 681 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 682 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 683 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 684 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 685 #endif /* MBEDTLS_RSA_C */ 686 687 #if defined(MBEDTLS_SHA1_C) 688 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 689 #define PSA_WANT_ALG_SHA_1 1 690 #endif 691 692 #if defined(MBEDTLS_SHA224_C) 693 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 694 #define PSA_WANT_ALG_SHA_224 1 695 #endif 696 697 #if defined(MBEDTLS_SHA256_C) 698 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 699 #define PSA_WANT_ALG_SHA_256 1 700 #endif 701 702 #if defined(MBEDTLS_SHA384_C) 703 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 704 #define PSA_WANT_ALG_SHA_384 1 705 #endif 706 707 #if defined(MBEDTLS_SHA512_C) 708 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 709 #define PSA_WANT_ALG_SHA_512 1 710 #endif 711 712 #if defined(MBEDTLS_AES_C) 713 #define PSA_WANT_KEY_TYPE_AES 1 714 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 715 #endif 716 717 #if defined(MBEDTLS_ARIA_C) 718 #define PSA_WANT_KEY_TYPE_ARIA 1 719 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 720 #endif 721 722 #if defined(MBEDTLS_CAMELLIA_C) 723 #define PSA_WANT_KEY_TYPE_CAMELLIA 1 724 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 725 #endif 726 727 #if defined(MBEDTLS_DES_C) 728 #define PSA_WANT_KEY_TYPE_DES 1 729 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 730 #endif 731 732 #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) 733 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 734 #define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1 735 #endif 736 737 #if defined(MBEDTLS_CHACHA20_C) 738 #define PSA_WANT_KEY_TYPE_CHACHA20 1 739 #define PSA_WANT_ALG_STREAM_CIPHER 1 740 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 741 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 742 #if defined(MBEDTLS_CHACHAPOLY_C) 743 #define PSA_WANT_ALG_CHACHA20_POLY1305 1 744 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 745 #endif 746 #endif 747 748 #if defined(MBEDTLS_CIPHER_MODE_CBC) 749 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 750 #define PSA_WANT_ALG_CBC_NO_PADDING 1 751 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) 752 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 753 #define PSA_WANT_ALG_CBC_PKCS7 1 754 #endif 755 #endif 756 757 #if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ 758 defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) 759 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 760 #define PSA_WANT_ALG_ECB_NO_PADDING 1 761 #endif 762 763 #if defined(MBEDTLS_CIPHER_MODE_CFB) 764 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 765 #define PSA_WANT_ALG_CFB 1 766 #endif 767 768 #if defined(MBEDTLS_CIPHER_MODE_CTR) 769 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 770 #define PSA_WANT_ALG_CTR 1 771 #endif 772 773 #if defined(MBEDTLS_CIPHER_MODE_OFB) 774 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 775 #define PSA_WANT_ALG_OFB 1 776 #endif 777 778 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) 779 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 780 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 781 #endif 782 783 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) 784 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 785 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 786 #endif 787 788 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) 789 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 790 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 791 #endif 792 793 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) 794 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 795 #define PSA_WANT_ECC_MONTGOMERY_255 796 #endif 797 798 #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) 799 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 800 #define PSA_WANT_ECC_MONTGOMERY_448 801 #endif 802 803 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) 804 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 805 #define PSA_WANT_ECC_SECP_R1_192 806 #endif 807 808 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) 809 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 810 #define PSA_WANT_ECC_SECP_R1_224 811 #endif 812 813 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) 814 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 815 #define PSA_WANT_ECC_SECP_R1_256 816 #endif 817 818 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) 819 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 820 #define PSA_WANT_ECC_SECP_R1_384 821 #endif 822 823 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) 824 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 825 #define PSA_WANT_ECC_SECP_R1_521 826 #endif 827 828 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) 829 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 830 #define PSA_WANT_ECC_SECP_K1_192 831 #endif 832 833 /* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ 834 #if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) 835 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 836 #define PSA_WANT_ECC_SECP_K1_224 837 #endif 838 839 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) 840 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 841 #define PSA_WANT_ECC_SECP_K1_256 842 #endif 843 844 #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ 845 846 #if defined(PSA_WANT_ALG_ECDSA) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \ 847 defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 848 #define PSA_HAVE_FULL_ECDSA 1 849 #endif 850 851 #if defined(PSA_WANT_ALG_JPAKE) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \ 852 defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 853 #define PSA_HAVE_FULL_JPAKE 1 854 #endif 855 856 /* These features are always enabled. */ 857 #define PSA_WANT_KEY_TYPE_DERIVE 1 858 #define PSA_WANT_KEY_TYPE_PASSWORD 1 859 #define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 860 #define PSA_WANT_KEY_TYPE_RAW_DATA 1 861 862 #ifdef __cplusplus 863 } 864 #endif 865 866 #endif /* MBEDTLS_CONFIG_PSA_H */ 867
