1 /**
2  * \file mbedtls/config_adjust_legacy_from_psa.h
3  * \brief Adjust PSA configuration: activate legacy implementations
4  *
5  * When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, activate legacy implementations
6  * of cryptographic mechanisms as needed to fulfill the needs of the PSA
7  * configuration. Generally speaking, we activate a legacy mechanism if
8  * it's needed for a requested PSA mechanism and there is no PSA driver
9  * for it.
10  */
11 /*
12  *  Copyright The Mbed TLS Contributors
13  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
14  */
15 
16 #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
17 #define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
18 
19 /* Define appropriate ACCEL macros for the p256-m driver.
20  * In the future, those should be generated from the drivers JSON description.
21  */
22 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
23 #define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256
24 #define MBEDTLS_PSA_ACCEL_ALG_ECDSA
25 #define MBEDTLS_PSA_ACCEL_ALG_ECDH
26 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
27 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC
28 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT
29 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT
30 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE
31 #endif
32 
33 /*
34  * ECC: support for a feature is controlled by a triplet or a pair:
35  * (curve, key_type public/basic, alg) or (curve, key_type_<action>).
36  *
37  * A triplet/pair is accelerated if all of is components are accelerated;
38  * otherwise each component needs to be built in.
39  *
40  * We proceed in two passes:
41  * 1. Check if acceleration is complete for curves, key types, algs.
42  * 2. Then enable built-ins for each thing that's either not accelerated of
43  * doesn't have complete acceleration of the other triplet/pair components.
44  *
45  * Note: this needs psa/crypto_adjust_keypair_types.h to have been included
46  * already, so that we know the full set of key types that are requested.
47  */
48 
49 /* ECC: curves: is acceleration complete? */
50 #if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \
51     !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \
52     (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \
53     !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \
54     (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \
55     !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \
56     (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \
57     (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \
58     (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \
59     (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \
60     (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \
61     (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \
62     (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \
63     (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256))
64 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
65 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
66 #endif
67 
68 #if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \
69     (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448))
70 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
71 #endif
72 
73 /* ECC: algs: is acceleration complete? */
74 #if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \
75     (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \
76     (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
77     !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \
78     (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE))
79 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
80 #endif
81 
82 /* ECC: key types: is acceleration complete? */
83 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
84     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
85     (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
86     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC))
87 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC
88 #endif
89 
90 /* Special case: we don't support cooked key derivation in drivers yet */
91 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
92 #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE
93 #endif
94 
95 /* Note: the condition about key derivation is always true as DERIVE can't be
96  * accelerated yet */
97 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
98     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
99     (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
100     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \
101     (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \
102     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \
103     (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \
104     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \
105     (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \
106     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \
107     (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \
108     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE))
109 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
110 #endif
111 
112 /* ECC: curves: enable built-ins as needed.
113  *
114  * We need the curve built-in:
115  * - if it's not accelerated, or
116  * - if there's a key type with missing acceleration, or
117  * - if there's a alg with missing acceleration.
118  */
119 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
120 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \
121     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
122     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
123 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
124 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
125 #endif /* missing accel */
126 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
127 
128 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
129 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \
130     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
131     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
132 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
133 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
134 #endif /* missing accel */
135 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
136 
137 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
138 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
139     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
140     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
141 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
142 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
143 #endif /* missing accel */
144 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
145 
146 #if defined(PSA_WANT_ECC_MONTGOMERY_255)
147 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
148     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
149     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
150 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
151 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
152 #endif /* missing accel */
153 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */
154 
155 #if defined(PSA_WANT_ECC_MONTGOMERY_448)
156 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
157     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
158     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
159 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
160 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
161 #endif /* missing accel */
162 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */
163 
164 #if defined(PSA_WANT_ECC_SECP_R1_192)
165 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
166     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
167     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
168 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
169 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
170 #endif /* missing accel */
171 #endif /* PSA_WANT_ECC_SECP_R1_192 */
172 
173 #if defined(PSA_WANT_ECC_SECP_R1_224)
174 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \
175     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
176     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
177 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
178 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
179 #endif /* missing accel */
180 #endif /* PSA_WANT_ECC_SECP_R1_224 */
181 
182 #if defined(PSA_WANT_ECC_SECP_R1_256)
183 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
184     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
185     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
186 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
187 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
188 #endif /* missing accel */
189 #endif /* PSA_WANT_ECC_SECP_R1_256 */
190 
191 #if defined(PSA_WANT_ECC_SECP_R1_384)
192 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
193     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
194     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
195 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
196 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
197 #endif /* missing accel */
198 #endif /* PSA_WANT_ECC_SECP_R1_384 */
199 
200 #if defined(PSA_WANT_ECC_SECP_R1_521)
201 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \
202     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
203     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
204 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
205 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
206 #endif /* missing accel */
207 #endif /* PSA_WANT_ECC_SECP_R1_521 */
208 
209 #if defined(PSA_WANT_ECC_SECP_K1_192)
210 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
211     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
212     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
213 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
214 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
215 #endif /* missing accel */
216 #endif /* PSA_WANT_ECC_SECP_K1_192 */
217 
218 #if defined(PSA_WANT_ECC_SECP_K1_224)
219 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \
220     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
221     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
222 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
223 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
224 /* https://github.com/Mbed-TLS/mbedtls/issues/3541 */
225 #error "SECP224K1 is buggy via the PSA API in Mbed TLS."
226 #endif /* missing accel */
227 #endif /* PSA_WANT_ECC_SECP_K1_224 */
228 
229 #if defined(PSA_WANT_ECC_SECP_K1_256)
230 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
231     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
232     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
233 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
234 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
235 #endif /* missing accel */
236 #endif /* PSA_WANT_ECC_SECP_K1_256 */
237 
238 /* ECC: algs: enable built-ins as needed.
239  *
240  * We need the alg built-in:
241  * - if it's not accelerated, or
242  * - if there's a relevant curve (see below) with missing acceleration, or
243  * - if there's a key type among (public, basic) with missing acceleration.
244  *
245  * Relevant curves are:
246  * - all curves for ECDH
247  * - Weierstrass curves for (deterministic) ECDSA
248  * - secp256r1 for EC J-PAKE
249  */
250 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
251 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \
252     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
253     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
254 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
255 #define MBEDTLS_ECDSA_DETERMINISTIC
256 #define MBEDTLS_HMAC_DRBG_C
257 #define MBEDTLS_MD_C
258 #define MBEDTLS_ECDSA_C
259 #define MBEDTLS_ECP_C
260 #define MBEDTLS_BIGNUM_C
261 #define MBEDTLS_ASN1_PARSE_C
262 #define MBEDTLS_ASN1_WRITE_C
263 #endif /* missing accel */
264 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
265 
266 #if defined(PSA_WANT_ALG_ECDH)
267 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \
268     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
269     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
270 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
271 #define MBEDTLS_ECDH_C
272 #define MBEDTLS_ECP_C
273 #define MBEDTLS_BIGNUM_C
274 #endif /* missing accel */
275 #endif /* PSA_WANT_ALG_ECDH */
276 
277 #if defined(PSA_WANT_ALG_ECDSA)
278 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
279     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
280     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
281 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
282 #define MBEDTLS_ECDSA_C
283 #define MBEDTLS_ECP_C
284 #define MBEDTLS_BIGNUM_C
285 #define MBEDTLS_ASN1_PARSE_C
286 #define MBEDTLS_ASN1_WRITE_C
287 #endif /* missing accel */
288 #endif /* PSA_WANT_ALG_ECDSA */
289 
290 #if defined(PSA_WANT_ALG_JPAKE)
291 #if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \
292     !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
293     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
294 #define MBEDTLS_PSA_BUILTIN_PAKE 1
295 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
296 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
297 #define MBEDTLS_BIGNUM_C
298 #define MBEDTLS_ECP_C
299 #define MBEDTLS_ECJPAKE_C
300 #endif /* missing accel */
301 #endif /* PSA_WANT_ALG_JPAKE */
302 
303 /* ECC: key types: enable built-ins as needed.
304  *
305  * We need the key type built-in:
306  * - if it's not accelerated, or
307  * - if there's a curve with missing acceleration, or
308  * - only for public/basic: if there's an alg with missing acceleration.
309  */
310 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
311 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
312     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
313     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
314 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
315 #endif /* missing accel */
316 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
317 
318 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
319 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
320     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
321     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
322 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
323 #endif /* missing accel */
324 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
325 
326 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
327 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
328     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
329 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
330 #endif /* missing accel */
331 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
332 
333 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
334 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
335     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
336 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
337 #endif /* missing accel */
338 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
339 
340 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
341 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \
342     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
343 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
344 #endif /* missing accel */
345 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
346 
347 /* Note: the condition is always true as DERIVE can't be accelerated yet */
348 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
349 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \
350     defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
351 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
352 #endif /* missing accel */
353 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
354 
355 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
356     defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
357     defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
358     defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
359 #define MBEDTLS_ECP_LIGHT
360 #define MBEDTLS_BIGNUM_C
361 #endif
362 
363 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
364     defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
365 #define MBEDTLS_ECP_C
366 #define MBEDTLS_BIGNUM_C
367 #endif
368 
369 /* End of ECC section */
370 
371 /*
372  * DH key types follow the same pattern used above for EC keys. They are defined
373  * by a triplet (group, key_type, alg). A triplet is accelerated if all its
374  * component are accelerated, otherwise each component needs to be builtin.
375  */
376 
377 /* DH: groups: is acceleration complete? */
378 #if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \
379     (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \
380     (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \
381     (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \
382     (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192))
383 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS
384 #endif
385 
386 /* DH: algs: is acceleration complete? */
387 #if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
388 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS
389 #endif
390 
391 /* DH: key types: is acceleration complete? */
392 #if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \
393     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \
394     (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \
395     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \
396     (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \
397     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \
398     (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \
399     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \
400     (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \
401     !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE))
402 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES
403 #endif
404 
405 #if defined(PSA_WANT_DH_RFC7919_2048)
406 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \
407     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
408     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
409 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1
410 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */
411 #endif /* PSA_WANT_DH_RFC7919_2048 */
412 
413 #if defined(PSA_WANT_DH_RFC7919_3072)
414 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \
415     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
416     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
417 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1
418 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */
419 #endif /* PSA_WANT_DH_RFC7919_3072 */
420 
421 #if defined(PSA_WANT_DH_RFC7919_4096)
422 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \
423     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
424     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
425 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1
426 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */
427 #endif /* PSA_WANT_DH_RFC7919_4096 */
428 
429 #if defined(PSA_WANT_DH_RFC7919_6144)
430 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \
431     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
432     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
433 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1
434 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */
435 #endif /* PSA_WANT_DH_RFC7919_6144 */
436 
437 #if defined(PSA_WANT_DH_RFC7919_8192)
438 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \
439     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
440     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
441 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1
442 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */
443 #endif /* PSA_WANT_DH_RFC7919_8192 */
444 
445 #if defined(PSA_WANT_ALG_FFDH)
446 #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \
447     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
448     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
449 #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
450 #define MBEDTLS_BIGNUM_C
451 #endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */
452 #endif /* PSA_WANT_ALG_FFDH */
453 
454 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
455 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \
456     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
457     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
458 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
459 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */
460 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */
461 
462 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
463 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \
464     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
465     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
466 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
467 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */
468 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */
469 
470 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
471 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
472 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
473 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */
474 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */
475 
476 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
477 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \
478     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
479     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
480 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
481 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */
482 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */
483 
484 #if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
485 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \
486     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
487     defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
488 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
489 #define MBEDTLS_BIGNUM_C
490 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */
491 #endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */
492 
493 /* End of DH section */
494 
495 #if defined(PSA_WANT_ALG_HKDF)
496 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
497 /*
498  * The PSA implementation has its own implementation of HKDF, separate from
499  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
500  */
501 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
502 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
503 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
504 #endif /* PSA_WANT_ALG_HKDF */
505 
506 #if defined(PSA_WANT_ALG_HKDF_EXTRACT)
507 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
508 /*
509  * The PSA implementation has its own implementation of HKDF, separate from
510  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
511  */
512 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
513 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
514 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
515 #endif /* PSA_WANT_ALG_HKDF_EXTRACT */
516 
517 #if defined(PSA_WANT_ALG_HKDF_EXPAND)
518 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
519 /*
520  * The PSA implementation has its own implementation of HKDF, separate from
521  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
522  */
523 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
524 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
525 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
526 #endif /* PSA_WANT_ALG_HKDF_EXPAND */
527 
528 #if defined(PSA_WANT_ALG_HMAC)
529 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
530 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
531 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
532 #endif /* PSA_WANT_ALG_HMAC */
533 
534 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
535 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
536 #define MBEDTLS_MD5_C
537 #endif
538 
539 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
540 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
541 #define MBEDTLS_RIPEMD160_C
542 #endif
543 
544 #if defined(PSA_WANT_ALG_RSA_OAEP)
545 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
546 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
547 #define MBEDTLS_RSA_C
548 #define MBEDTLS_BIGNUM_C
549 #define MBEDTLS_OID_C
550 #define MBEDTLS_PKCS1_V21
551 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
552 #endif /* PSA_WANT_ALG_RSA_OAEP */
553 
554 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
555 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
556 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
557 #define MBEDTLS_RSA_C
558 #define MBEDTLS_BIGNUM_C
559 #define MBEDTLS_OID_C
560 #define MBEDTLS_PKCS1_V15
561 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
562 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
563 
564 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
565 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
566 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
567 #define MBEDTLS_RSA_C
568 #define MBEDTLS_BIGNUM_C
569 #define MBEDTLS_OID_C
570 #define MBEDTLS_PKCS1_V15
571 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
572 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
573 
574 #if defined(PSA_WANT_ALG_RSA_PSS)
575 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
576 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
577 #define MBEDTLS_RSA_C
578 #define MBEDTLS_BIGNUM_C
579 #define MBEDTLS_OID_C
580 #define MBEDTLS_PKCS1_V21
581 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
582 #endif /* PSA_WANT_ALG_RSA_PSS */
583 
584 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
585 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
586 #define MBEDTLS_SHA1_C
587 #endif
588 
589 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
590 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
591 #define MBEDTLS_SHA224_C
592 #endif
593 
594 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
595 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
596 #define MBEDTLS_SHA256_C
597 #endif
598 
599 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
600 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
601 #define MBEDTLS_SHA384_C
602 #endif
603 
604 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
605 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
606 #define MBEDTLS_SHA512_C
607 #endif
608 
609 #if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
610 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
611 #define MBEDTLS_SHA3_C
612 #endif
613 
614 #if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
615 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
616 #define MBEDTLS_SHA3_C
617 #endif
618 
619 #if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
620 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
621 #define MBEDTLS_SHA3_C
622 #endif
623 
624 #if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
625 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
626 #define MBEDTLS_SHA3_C
627 #endif
628 
629 #if defined(PSA_WANT_ALG_PBKDF2_HMAC)
630 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
631 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
632 #define PSA_HAVE_SOFT_PBKDF2_HMAC 1
633 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
634 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
635 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
636 #endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
637 #endif /* PSA_WANT_ALG_PBKDF2_HMAC */
638 
639 #if defined(PSA_WANT_ALG_TLS12_PRF)
640 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
641 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
642 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
643 #endif /* PSA_WANT_ALG_TLS12_PRF */
644 
645 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
646 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
647 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
648 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
649 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
650 
651 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
652 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
653 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
654 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
655 #endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
656 
657 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
658 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
659 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
660 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
661 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
662 
663 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
664 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
665 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
666 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
667 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
668 
669 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
670 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
671 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
672 #define MBEDTLS_GENPRIME
673 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
674 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
675 
676 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
677 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
678 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
679 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */
680 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
681 
682 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
683 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
684 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
685 #define MBEDTLS_RSA_C
686 #define MBEDTLS_BIGNUM_C
687 #define MBEDTLS_OID_C
688 #define MBEDTLS_ASN1_PARSE_C
689 #define MBEDTLS_ASN1_WRITE_C
690 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
691 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
692 
693 /* If any of the block modes are requested that don't have an
694  * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
695  * in the block cipher key types. */
696 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
697     (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
698     (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
699     (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \
700     (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
701     (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
702     (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
703 #define PSA_HAVE_SOFT_BLOCK_MODE 1
704 #endif
705 
706 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
707 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
708 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
709 #define PSA_HAVE_SOFT_PBKDF2_CMAC 1
710 #endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
711 #endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
712 
713 #if defined(PSA_WANT_KEY_TYPE_AES)
714 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
715 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1
716 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
717 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
718     defined(PSA_HAVE_SOFT_BLOCK_MODE)
719 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
720 #define MBEDTLS_AES_C
721 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
722 #endif /* PSA_WANT_KEY_TYPE_AES */
723 
724 #if defined(PSA_WANT_KEY_TYPE_ARIA)
725 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
726 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
727 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
728 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
729     defined(PSA_HAVE_SOFT_BLOCK_MODE)
730 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
731 #define MBEDTLS_ARIA_C
732 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
733 #endif /* PSA_WANT_KEY_TYPE_ARIA */
734 
735 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
736 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
737 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
738 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
739 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
740     defined(PSA_HAVE_SOFT_BLOCK_MODE)
741 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
742 #define MBEDTLS_CAMELLIA_C
743 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
744 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
745 
746 #if defined(PSA_WANT_KEY_TYPE_DES)
747 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
748 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1
749 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
750 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
751     defined(PSA_HAVE_SOFT_BLOCK_MODE)
752 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
753 #define MBEDTLS_DES_C
754 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
755 #endif /* PSA_WANT_KEY_TYPE_DES */
756 
757 #if defined(PSA_WANT_ALG_STREAM_CIPHER)
758 #if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER)
759 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
760 #endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */
761 #endif /* PSA_WANT_ALG_STREAM_CIPHER */
762 
763 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
764 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \
765     defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER)
766 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
767 #define MBEDTLS_CHACHA20_C
768 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */
769 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
770 
771 /* If any of the software block ciphers are selected, define
772  * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
773  * situations. */
774 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
775     defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
776     defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
777     defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
778 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1
779 #endif
780 
781 #if defined(PSA_WANT_ALG_CBC_MAC)
782 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
783 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
784 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
785 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
786 #endif /* PSA_WANT_ALG_CBC_MAC */
787 
788 #if defined(PSA_WANT_ALG_CMAC)
789 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
790     defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
791 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
792 #define MBEDTLS_CMAC_C
793 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
794 #endif /* PSA_WANT_ALG_CMAC */
795 
796 #if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
797     defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
798 #define PSA_HAVE_SOFT_PBKDF2 1
799 #endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
800 
801 #if defined(PSA_WANT_ALG_CTR)
802 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
803     defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
804 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
805 #define MBEDTLS_CIPHER_MODE_CTR
806 #endif
807 #endif /* PSA_WANT_ALG_CTR */
808 
809 #if defined(PSA_WANT_ALG_CFB)
810 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
811     defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
812 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
813 #define MBEDTLS_CIPHER_MODE_CFB
814 #endif
815 #endif /* PSA_WANT_ALG_CFB */
816 
817 #if defined(PSA_WANT_ALG_OFB)
818 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
819     defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
820 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
821 #define MBEDTLS_CIPHER_MODE_OFB
822 #endif
823 #endif /* PSA_WANT_ALG_OFB */
824 
825 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) &&     \
826     !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
827 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
828 #endif
829 
830 #if defined(PSA_WANT_ALG_CBC_NO_PADDING)
831 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
832     defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
833 #define MBEDTLS_CIPHER_MODE_CBC
834 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
835 #endif
836 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */
837 
838 #if defined(PSA_WANT_ALG_CBC_PKCS7)
839 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
840     defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
841 #define MBEDTLS_CIPHER_MODE_CBC
842 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
843 #define MBEDTLS_CIPHER_PADDING_PKCS7
844 #endif
845 #endif /* PSA_WANT_ALG_CBC_PKCS7 */
846 
847 #if defined(PSA_WANT_ALG_CCM)
848 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
849     defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
850     defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
851     defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
852 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
853 #define MBEDTLS_CCM_C
854 #endif
855 #endif /* PSA_WANT_ALG_CCM */
856 
857 #if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)
858 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \
859     defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
860     defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
861     defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
862 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
863 #define MBEDTLS_CCM_C
864 #endif
865 #endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */
866 
867 #if defined(PSA_WANT_ALG_GCM)
868 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
869     defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
870     defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
871     defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
872 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
873 #define MBEDTLS_GCM_C
874 #endif
875 #endif /* PSA_WANT_ALG_GCM */
876 
877 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
878 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
879 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
880 #define MBEDTLS_CHACHAPOLY_C
881 #define MBEDTLS_CHACHA20_C
882 #define MBEDTLS_POLY1305_C
883 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
884 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
885 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
886 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
887 
888 #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */
889