1 /** 2 * \file mbedtls/config_adjust_legacy_from_psa.h 3 * \brief Adjust PSA configuration: activate legacy implementations 4 * 5 * When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, activate legacy implementations 6 * of cryptographic mechanisms as needed to fulfill the needs of the PSA 7 * configuration. Generally speaking, we activate a legacy mechanism if 8 * it's needed for a requested PSA mechanism and there is no PSA driver 9 * for it. 10 */ 11 /* 12 * Copyright The Mbed TLS Contributors 13 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 14 */ 15 16 #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H 17 #define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H 18 19 /* Define appropriate ACCEL macros for the p256-m driver. 20 * In the future, those should be generated from the drivers JSON description. 21 */ 22 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 23 #define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 24 #define MBEDTLS_PSA_ACCEL_ALG_ECDSA 25 #define MBEDTLS_PSA_ACCEL_ALG_ECDH 26 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 27 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC 28 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT 29 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT 30 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE 31 #endif 32 33 /* 34 * ECC: support for a feature is controlled by a triplet or a pair: 35 * (curve, key_type public/basic, alg) or (curve, key_type_<action>). 36 * 37 * A triplet/pair is accelerated if all of is components are accelerated; 38 * otherwise each component needs to be built in. 39 * 40 * We proceed in two passes: 41 * 1. Check if acceleration is complete for curves, key types, algs. 42 * 2. Then enable built-ins for each thing that's either not accelerated of 43 * doesn't have complete acceleration of the other triplet/pair components. 44 * 45 * Note: this needs psa/crypto_adjust_keypair_types.h to have been included 46 * already, so that we know the full set of key types that are requested. 47 */ 48 49 /* ECC: curves: is acceleration complete? */ 50 #if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \ 51 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \ 52 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \ 53 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \ 54 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \ 55 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \ 56 (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \ 57 (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \ 58 (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \ 59 (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \ 60 (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \ 61 (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \ 62 (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \ 63 (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)) 64 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES 65 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES 66 #endif 67 68 #if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \ 69 (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)) 70 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES 71 #endif 72 73 /* ECC: algs: is acceleration complete? */ 74 #if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \ 75 (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \ 76 (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ 77 !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \ 78 (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)) 79 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS 80 #endif 81 82 /* ECC: key types: is acceleration complete? */ 83 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ 84 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ 85 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ 86 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) 87 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC 88 #endif 89 90 /* Special case: we don't support cooked key derivation in drivers yet */ 91 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) 92 #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE 93 #endif 94 95 /* Note: the condition about key derivation is always true as DERIVE can't be 96 * accelerated yet */ 97 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ 98 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ 99 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ 100 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \ 101 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \ 102 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \ 103 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \ 104 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \ 105 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \ 106 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \ 107 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \ 108 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)) 109 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES 110 #endif 111 112 /* ECC: curves: enable built-ins as needed. 113 * 114 * We need the curve built-in: 115 * - if it's not accelerated, or 116 * - if there's a key type with missing acceleration, or 117 * - if there's a alg with missing acceleration. 118 */ 119 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) 120 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \ 121 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 122 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 123 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 124 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 125 #endif /* missing accel */ 126 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ 127 128 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) 129 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \ 130 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 131 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 132 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 133 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 134 #endif /* missing accel */ 135 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ 136 137 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) 138 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \ 139 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 140 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 141 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 142 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 143 #endif /* missing accel */ 144 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ 145 146 #if defined(PSA_WANT_ECC_MONTGOMERY_255) 147 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \ 148 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 149 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 150 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 151 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 152 #endif /* missing accel */ 153 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */ 154 155 #if defined(PSA_WANT_ECC_MONTGOMERY_448) 156 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \ 157 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 158 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 159 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 160 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 161 #endif /* missing accel */ 162 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */ 163 164 #if defined(PSA_WANT_ECC_SECP_R1_192) 165 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \ 166 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 167 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 168 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 169 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 170 #endif /* missing accel */ 171 #endif /* PSA_WANT_ECC_SECP_R1_192 */ 172 173 #if defined(PSA_WANT_ECC_SECP_R1_224) 174 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \ 175 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 176 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 177 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 178 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 179 #endif /* missing accel */ 180 #endif /* PSA_WANT_ECC_SECP_R1_224 */ 181 182 #if defined(PSA_WANT_ECC_SECP_R1_256) 183 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ 184 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 185 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 186 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 187 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 188 #endif /* missing accel */ 189 #endif /* PSA_WANT_ECC_SECP_R1_256 */ 190 191 #if defined(PSA_WANT_ECC_SECP_R1_384) 192 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ 193 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 194 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 195 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 196 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 197 #endif /* missing accel */ 198 #endif /* PSA_WANT_ECC_SECP_R1_384 */ 199 200 #if defined(PSA_WANT_ECC_SECP_R1_521) 201 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \ 202 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 203 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 204 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 205 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 206 #endif /* missing accel */ 207 #endif /* PSA_WANT_ECC_SECP_R1_521 */ 208 209 #if defined(PSA_WANT_ECC_SECP_K1_192) 210 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \ 211 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 212 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 213 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 214 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 215 #endif /* missing accel */ 216 #endif /* PSA_WANT_ECC_SECP_K1_192 */ 217 218 #if defined(PSA_WANT_ECC_SECP_K1_224) 219 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \ 220 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 221 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 222 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 223 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 224 /* https://github.com/Mbed-TLS/mbedtls/issues/3541 */ 225 #error "SECP224K1 is buggy via the PSA API in Mbed TLS." 226 #endif /* missing accel */ 227 #endif /* PSA_WANT_ECC_SECP_K1_224 */ 228 229 #if defined(PSA_WANT_ECC_SECP_K1_256) 230 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \ 231 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 232 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 233 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 234 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 235 #endif /* missing accel */ 236 #endif /* PSA_WANT_ECC_SECP_K1_256 */ 237 238 /* ECC: algs: enable built-ins as needed. 239 * 240 * We need the alg built-in: 241 * - if it's not accelerated, or 242 * - if there's a relevant curve (see below) with missing acceleration, or 243 * - if there's a key type among (public, basic) with missing acceleration. 244 * 245 * Relevant curves are: 246 * - all curves for ECDH 247 * - Weierstrass curves for (deterministic) ECDSA 248 * - secp256r1 for EC J-PAKE 249 */ 250 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) 251 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \ 252 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \ 253 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 254 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 255 #define MBEDTLS_ECDSA_DETERMINISTIC 256 #define MBEDTLS_HMAC_DRBG_C 257 #define MBEDTLS_MD_C 258 #define MBEDTLS_ECDSA_C 259 #define MBEDTLS_ECP_C 260 #define MBEDTLS_BIGNUM_C 261 #define MBEDTLS_ASN1_PARSE_C 262 #define MBEDTLS_ASN1_WRITE_C 263 #endif /* missing accel */ 264 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ 265 266 #if defined(PSA_WANT_ALG_ECDH) 267 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \ 268 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ 269 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 270 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 271 #define MBEDTLS_ECDH_C 272 #define MBEDTLS_ECP_C 273 #define MBEDTLS_BIGNUM_C 274 #endif /* missing accel */ 275 #endif /* PSA_WANT_ALG_ECDH */ 276 277 #if defined(PSA_WANT_ALG_ECDSA) 278 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ 279 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \ 280 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 281 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 282 #define MBEDTLS_ECDSA_C 283 #define MBEDTLS_ECP_C 284 #define MBEDTLS_BIGNUM_C 285 #define MBEDTLS_ASN1_PARSE_C 286 #define MBEDTLS_ASN1_WRITE_C 287 #endif /* missing accel */ 288 #endif /* PSA_WANT_ALG_ECDSA */ 289 290 #if defined(PSA_WANT_ALG_JPAKE) 291 #if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \ 292 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ 293 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 294 #define MBEDTLS_PSA_BUILTIN_PAKE 1 295 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 296 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 297 #define MBEDTLS_BIGNUM_C 298 #define MBEDTLS_ECP_C 299 #define MBEDTLS_ECJPAKE_C 300 #endif /* missing accel */ 301 #endif /* PSA_WANT_ALG_JPAKE */ 302 303 /* ECC: key types: enable built-ins as needed. 304 * 305 * We need the key type built-in: 306 * - if it's not accelerated, or 307 * - if there's a curve with missing acceleration, or 308 * - only for public/basic: if there's an alg with missing acceleration. 309 */ 310 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 311 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ 312 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ 313 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 314 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 315 #endif /* missing accel */ 316 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ 317 318 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) 319 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ 320 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ 321 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 322 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 323 #endif /* missing accel */ 324 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */ 325 326 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) 327 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 328 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 329 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 330 #endif /* missing accel */ 331 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */ 332 333 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) 334 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 335 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 336 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 337 #endif /* missing accel */ 338 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */ 339 340 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) 341 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \ 342 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 343 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 344 #endif /* missing accel */ 345 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */ 346 347 /* Note: the condition is always true as DERIVE can't be accelerated yet */ 348 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) 349 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ 350 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 351 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 352 #endif /* missing accel */ 353 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ 354 355 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ 356 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ 357 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 358 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) 359 #define MBEDTLS_ECP_LIGHT 360 #define MBEDTLS_BIGNUM_C 361 #endif 362 363 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 364 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) 365 #define MBEDTLS_ECP_C 366 #define MBEDTLS_BIGNUM_C 367 #endif 368 369 /* End of ECC section */ 370 371 /* 372 * DH key types follow the same pattern used above for EC keys. They are defined 373 * by a triplet (group, key_type, alg). A triplet is accelerated if all its 374 * component are accelerated, otherwise each component needs to be builtin. 375 */ 376 377 /* DH: groups: is acceleration complete? */ 378 #if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \ 379 (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \ 380 (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \ 381 (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \ 382 (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192)) 383 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS 384 #endif 385 386 /* DH: algs: is acceleration complete? */ 387 #if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) 388 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS 389 #endif 390 391 /* DH: key types: is acceleration complete? */ 392 #if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \ 393 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \ 394 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ 395 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \ 396 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \ 397 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \ 398 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \ 399 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \ 400 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \ 401 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)) 402 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES 403 #endif 404 405 #if defined(PSA_WANT_DH_RFC7919_2048) 406 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \ 407 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 408 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 409 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 410 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ 411 #endif /* PSA_WANT_DH_RFC7919_2048 */ 412 413 #if defined(PSA_WANT_DH_RFC7919_3072) 414 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \ 415 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 416 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 417 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 418 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ 419 #endif /* PSA_WANT_DH_RFC7919_3072 */ 420 421 #if defined(PSA_WANT_DH_RFC7919_4096) 422 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \ 423 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 424 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 425 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 426 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ 427 #endif /* PSA_WANT_DH_RFC7919_4096 */ 428 429 #if defined(PSA_WANT_DH_RFC7919_6144) 430 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \ 431 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 432 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 433 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 434 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ 435 #endif /* PSA_WANT_DH_RFC7919_6144 */ 436 437 #if defined(PSA_WANT_DH_RFC7919_8192) 438 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \ 439 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 440 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 441 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 442 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ 443 #endif /* PSA_WANT_DH_RFC7919_8192 */ 444 445 #if defined(PSA_WANT_ALG_FFDH) 446 #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \ 447 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 448 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 449 #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 450 #define MBEDTLS_BIGNUM_C 451 #endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */ 452 #endif /* PSA_WANT_ALG_FFDH */ 453 454 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) 455 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ 456 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 457 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 458 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 459 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */ 460 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */ 461 462 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) 463 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ 464 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 465 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 466 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 467 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */ 468 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */ 469 470 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) 471 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) 472 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 473 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */ 474 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */ 475 476 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) 477 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \ 478 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 479 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 480 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 481 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */ 482 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */ 483 484 #if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) 485 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \ 486 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 487 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 488 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 489 #define MBEDTLS_BIGNUM_C 490 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */ 491 #endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */ 492 493 /* End of DH section */ 494 495 #if defined(PSA_WANT_ALG_HKDF) 496 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) 497 /* 498 * The PSA implementation has its own implementation of HKDF, separate from 499 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 500 */ 501 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 502 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 503 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ 504 #endif /* PSA_WANT_ALG_HKDF */ 505 506 #if defined(PSA_WANT_ALG_HKDF_EXTRACT) 507 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) 508 /* 509 * The PSA implementation has its own implementation of HKDF, separate from 510 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 511 */ 512 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 513 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 514 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ 515 #endif /* PSA_WANT_ALG_HKDF_EXTRACT */ 516 517 #if defined(PSA_WANT_ALG_HKDF_EXPAND) 518 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) 519 /* 520 * The PSA implementation has its own implementation of HKDF, separate from 521 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 522 */ 523 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 524 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 525 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ 526 #endif /* PSA_WANT_ALG_HKDF_EXPAND */ 527 528 #if defined(PSA_WANT_ALG_HMAC) 529 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) 530 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 531 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ 532 #endif /* PSA_WANT_ALG_HMAC */ 533 534 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) 535 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 536 #define MBEDTLS_MD5_C 537 #endif 538 539 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) 540 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 541 #define MBEDTLS_RIPEMD160_C 542 #endif 543 544 #if defined(PSA_WANT_ALG_RSA_OAEP) 545 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) 546 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 547 #define MBEDTLS_RSA_C 548 #define MBEDTLS_BIGNUM_C 549 #define MBEDTLS_OID_C 550 #define MBEDTLS_PKCS1_V21 551 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ 552 #endif /* PSA_WANT_ALG_RSA_OAEP */ 553 554 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) 555 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) 556 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 557 #define MBEDTLS_RSA_C 558 #define MBEDTLS_BIGNUM_C 559 #define MBEDTLS_OID_C 560 #define MBEDTLS_PKCS1_V15 561 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ 562 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ 563 564 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 565 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) 566 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 567 #define MBEDTLS_RSA_C 568 #define MBEDTLS_BIGNUM_C 569 #define MBEDTLS_OID_C 570 #define MBEDTLS_PKCS1_V15 571 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ 572 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ 573 574 #if defined(PSA_WANT_ALG_RSA_PSS) 575 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) 576 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 577 #define MBEDTLS_RSA_C 578 #define MBEDTLS_BIGNUM_C 579 #define MBEDTLS_OID_C 580 #define MBEDTLS_PKCS1_V21 581 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ 582 #endif /* PSA_WANT_ALG_RSA_PSS */ 583 584 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) 585 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 586 #define MBEDTLS_SHA1_C 587 #endif 588 589 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) 590 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 591 #define MBEDTLS_SHA224_C 592 #endif 593 594 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) 595 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 596 #define MBEDTLS_SHA256_C 597 #endif 598 599 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) 600 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 601 #define MBEDTLS_SHA384_C 602 #endif 603 604 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) 605 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 606 #define MBEDTLS_SHA512_C 607 #endif 608 609 #if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) 610 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 611 #define MBEDTLS_SHA3_C 612 #endif 613 614 #if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) 615 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 616 #define MBEDTLS_SHA3_C 617 #endif 618 619 #if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) 620 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 621 #define MBEDTLS_SHA3_C 622 #endif 623 624 #if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) 625 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 626 #define MBEDTLS_SHA3_C 627 #endif 628 629 #if defined(PSA_WANT_ALG_PBKDF2_HMAC) 630 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC) 631 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1 632 #define PSA_HAVE_SOFT_PBKDF2_HMAC 1 633 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) 634 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 635 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ 636 #endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */ 637 #endif /* PSA_WANT_ALG_PBKDF2_HMAC */ 638 639 #if defined(PSA_WANT_ALG_TLS12_PRF) 640 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) 641 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 642 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ 643 #endif /* PSA_WANT_ALG_TLS12_PRF */ 644 645 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) 646 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) 647 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 648 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ 649 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ 650 651 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) 652 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) 653 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 654 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */ 655 #endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ 656 657 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) 658 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT) 659 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 660 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */ 661 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */ 662 663 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) 664 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT) 665 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 666 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */ 667 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */ 668 669 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 670 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 671 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 672 #define MBEDTLS_GENPRIME 673 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */ 674 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */ 675 676 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) 677 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC) 678 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 679 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */ 680 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ 681 682 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) 683 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) 684 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 685 #define MBEDTLS_RSA_C 686 #define MBEDTLS_BIGNUM_C 687 #define MBEDTLS_OID_C 688 #define MBEDTLS_ASN1_PARSE_C 689 #define MBEDTLS_ASN1_WRITE_C 690 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ 691 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ 692 693 /* If any of the block modes are requested that don't have an 694 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking 695 * in the block cipher key types. */ 696 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ 697 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ 698 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ 699 (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \ 700 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ 701 (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ 702 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) 703 #define PSA_HAVE_SOFT_BLOCK_MODE 1 704 #endif 705 706 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) 707 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128) 708 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1 709 #define PSA_HAVE_SOFT_PBKDF2_CMAC 1 710 #endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */ 711 #endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */ 712 713 #if defined(PSA_WANT_KEY_TYPE_AES) 714 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) 715 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1 716 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ 717 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 718 defined(PSA_HAVE_SOFT_BLOCK_MODE) 719 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 720 #define MBEDTLS_AES_C 721 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ 722 #endif /* PSA_WANT_KEY_TYPE_AES */ 723 724 #if defined(PSA_WANT_KEY_TYPE_ARIA) 725 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) 726 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 727 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ 728 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 729 defined(PSA_HAVE_SOFT_BLOCK_MODE) 730 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 731 #define MBEDTLS_ARIA_C 732 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ 733 #endif /* PSA_WANT_KEY_TYPE_ARIA */ 734 735 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) 736 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) 737 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 738 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ 739 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ 740 defined(PSA_HAVE_SOFT_BLOCK_MODE) 741 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 742 #define MBEDTLS_CAMELLIA_C 743 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ 744 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ 745 746 #if defined(PSA_WANT_KEY_TYPE_DES) 747 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) 748 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1 749 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ 750 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 751 defined(PSA_HAVE_SOFT_BLOCK_MODE) 752 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 753 #define MBEDTLS_DES_C 754 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ 755 #endif /* PSA_WANT_KEY_TYPE_DES */ 756 757 #if defined(PSA_WANT_ALG_STREAM_CIPHER) 758 #if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) 759 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 760 #endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */ 761 #endif /* PSA_WANT_ALG_STREAM_CIPHER */ 762 763 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 764 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \ 765 defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) 766 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 767 #define MBEDTLS_CHACHA20_C 768 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ 769 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 770 771 /* If any of the software block ciphers are selected, define 772 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these 773 * situations. */ 774 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 775 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 776 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 777 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 778 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 779 #endif 780 781 #if defined(PSA_WANT_ALG_CBC_MAC) 782 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) 783 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." 784 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 785 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ 786 #endif /* PSA_WANT_ALG_CBC_MAC */ 787 788 #if defined(PSA_WANT_ALG_CMAC) 789 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ 790 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 791 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 792 #define MBEDTLS_CMAC_C 793 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ 794 #endif /* PSA_WANT_ALG_CMAC */ 795 796 #if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \ 797 defined(PSA_HAVE_SOFT_PBKDF2_CMAC) 798 #define PSA_HAVE_SOFT_PBKDF2 1 799 #endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */ 800 801 #if defined(PSA_WANT_ALG_CTR) 802 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ 803 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 804 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 805 #define MBEDTLS_CIPHER_MODE_CTR 806 #endif 807 #endif /* PSA_WANT_ALG_CTR */ 808 809 #if defined(PSA_WANT_ALG_CFB) 810 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ 811 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 812 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 813 #define MBEDTLS_CIPHER_MODE_CFB 814 #endif 815 #endif /* PSA_WANT_ALG_CFB */ 816 817 #if defined(PSA_WANT_ALG_OFB) 818 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ 819 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 820 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 821 #define MBEDTLS_CIPHER_MODE_OFB 822 #endif 823 #endif /* PSA_WANT_ALG_OFB */ 824 825 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ 826 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) 827 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 828 #endif 829 830 #if defined(PSA_WANT_ALG_CBC_NO_PADDING) 831 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ 832 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 833 #define MBEDTLS_CIPHER_MODE_CBC 834 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 835 #endif 836 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ 837 838 #if defined(PSA_WANT_ALG_CBC_PKCS7) 839 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ 840 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 841 #define MBEDTLS_CIPHER_MODE_CBC 842 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 843 #define MBEDTLS_CIPHER_PADDING_PKCS7 844 #endif 845 #endif /* PSA_WANT_ALG_CBC_PKCS7 */ 846 847 #if defined(PSA_WANT_ALG_CCM) 848 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ 849 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 850 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 851 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 852 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 853 #define MBEDTLS_CCM_C 854 #endif 855 #endif /* PSA_WANT_ALG_CCM */ 856 857 #if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) 858 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \ 859 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 860 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 861 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 862 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 863 #define MBEDTLS_CCM_C 864 #endif 865 #endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */ 866 867 #if defined(PSA_WANT_ALG_GCM) 868 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ 869 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 870 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 871 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 872 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 873 #define MBEDTLS_GCM_C 874 #endif 875 #endif /* PSA_WANT_ALG_GCM */ 876 877 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) 878 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) 879 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 880 #define MBEDTLS_CHACHAPOLY_C 881 #define MBEDTLS_CHACHA20_C 882 #define MBEDTLS_POLY1305_C 883 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 884 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 885 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ 886 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ 887 888 #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */ 889