1 /** 2 * \file mbedtls/config_adjust_legacy_from_psa.h 3 * \brief Adjust PSA configuration: activate legacy implementations 4 * 5 * This is an internal header. Do not include it directly. 6 * 7 * When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, activate legacy implementations 8 * of cryptographic mechanisms as needed to fulfill the needs of the PSA 9 * configuration. Generally speaking, we activate a legacy mechanism if 10 * it's needed for a requested PSA mechanism and there is no PSA driver 11 * for it. 12 */ 13 /* 14 * Copyright The Mbed TLS Contributors 15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 16 */ 17 18 #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H 19 #define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H 20 21 #if !defined(MBEDTLS_CONFIG_FILES_READ) 22 #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \ 23 "up to and including runtime errors such as buffer overflows. " \ 24 "If you're trying to fix a complaint from check_config.h, just remove " \ 25 "it from your configuration file: since Mbed TLS 3.0, it is included " \ 26 "automatically at the right point." 27 #endif /* */ 28 29 /* Define appropriate ACCEL macros for the p256-m driver. 30 * In the future, those should be generated from the drivers JSON description. 31 */ 32 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) 33 #define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 34 #define MBEDTLS_PSA_ACCEL_ALG_ECDSA 35 #define MBEDTLS_PSA_ACCEL_ALG_ECDH 36 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 37 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC 38 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT 39 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT 40 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE 41 #endif 42 43 /* 44 * ECC: support for a feature is controlled by a triplet or a pair: 45 * (curve, key_type public/basic, alg) or (curve, key_type_<action>). 46 * 47 * A triplet/pair is accelerated if all of is components are accelerated; 48 * otherwise each component needs to be built in. 49 * 50 * We proceed in two passes: 51 * 1. Check if acceleration is complete for curves, key types, algs. 52 * 2. Then enable built-ins for each thing that's either not accelerated of 53 * doesn't have complete acceleration of the other triplet/pair components. 54 * 55 * Note: this needs psa/crypto_adjust_keypair_types.h to have been included 56 * already, so that we know the full set of key types that are requested. 57 */ 58 59 /* ECC: curves: is acceleration complete? */ 60 #if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \ 61 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \ 62 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \ 63 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \ 64 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \ 65 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \ 66 (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \ 67 (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \ 68 (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \ 69 (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \ 70 (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \ 71 (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \ 72 (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \ 73 (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)) 74 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES 75 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES 76 #endif 77 78 #if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \ 79 (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)) 80 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES 81 #endif 82 83 /* ECC: algs: is acceleration complete? */ 84 #if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \ 85 (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \ 86 (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ 87 !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \ 88 (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)) 89 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS 90 #endif 91 92 /* ECC: key types: is acceleration complete? */ 93 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ 94 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ 95 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ 96 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) 97 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC 98 #endif 99 100 /* Special case: we don't support cooked key derivation in drivers yet */ 101 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) 102 #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE 103 #endif 104 105 /* Note: the condition about key derivation is always true as DERIVE can't be 106 * accelerated yet */ 107 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ 108 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ 109 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ 110 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \ 111 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \ 112 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \ 113 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \ 114 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \ 115 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \ 116 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \ 117 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \ 118 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)) 119 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES 120 #endif 121 122 /* ECC: curves: enable built-ins as needed. 123 * 124 * We need the curve built-in: 125 * - if it's not accelerated, or 126 * - if there's a key type with missing acceleration, or 127 * - if there's a alg with missing acceleration. 128 */ 129 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) 130 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \ 131 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 132 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 133 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 134 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 135 #endif /* missing accel */ 136 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ 137 138 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) 139 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \ 140 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 141 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 142 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 143 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 144 #endif /* missing accel */ 145 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ 146 147 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) 148 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \ 149 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 150 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 151 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 152 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 153 #endif /* missing accel */ 154 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ 155 156 #if defined(PSA_WANT_ECC_MONTGOMERY_255) 157 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \ 158 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 159 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 160 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 161 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 162 #endif /* missing accel */ 163 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */ 164 165 #if defined(PSA_WANT_ECC_MONTGOMERY_448) 166 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \ 167 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 168 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 169 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 170 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 171 #endif /* missing accel */ 172 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */ 173 174 #if defined(PSA_WANT_ECC_SECP_R1_192) 175 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \ 176 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 177 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 178 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 179 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 180 #endif /* missing accel */ 181 #endif /* PSA_WANT_ECC_SECP_R1_192 */ 182 183 #if defined(PSA_WANT_ECC_SECP_R1_224) 184 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \ 185 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 186 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 187 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 188 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 189 #endif /* missing accel */ 190 #endif /* PSA_WANT_ECC_SECP_R1_224 */ 191 192 #if defined(PSA_WANT_ECC_SECP_R1_256) 193 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ 194 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 195 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 196 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 197 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 198 #endif /* missing accel */ 199 #endif /* PSA_WANT_ECC_SECP_R1_256 */ 200 201 #if defined(PSA_WANT_ECC_SECP_R1_384) 202 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ 203 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 204 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 205 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 206 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 207 #endif /* missing accel */ 208 #endif /* PSA_WANT_ECC_SECP_R1_384 */ 209 210 #if defined(PSA_WANT_ECC_SECP_R1_521) 211 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \ 212 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 213 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 214 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 215 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 216 #endif /* missing accel */ 217 #endif /* PSA_WANT_ECC_SECP_R1_521 */ 218 219 #if defined(PSA_WANT_ECC_SECP_K1_192) 220 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \ 221 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 222 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 223 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 224 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 225 #endif /* missing accel */ 226 #endif /* PSA_WANT_ECC_SECP_K1_192 */ 227 228 #if defined(PSA_WANT_ECC_SECP_K1_224) 229 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \ 230 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 231 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 232 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 233 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 234 /* https://github.com/Mbed-TLS/mbedtls/issues/3541 */ 235 #error "SECP224K1 is buggy via the PSA API in Mbed TLS." 236 #endif /* missing accel */ 237 #endif /* PSA_WANT_ECC_SECP_K1_224 */ 238 239 #if defined(PSA_WANT_ECC_SECP_K1_256) 240 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \ 241 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ 242 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 243 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 244 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 245 #endif /* missing accel */ 246 #endif /* PSA_WANT_ECC_SECP_K1_256 */ 247 248 /* ECC: algs: enable built-ins as needed. 249 * 250 * We need the alg built-in: 251 * - if it's not accelerated, or 252 * - if there's a relevant curve (see below) with missing acceleration, or 253 * - if there's a key type among (public, basic) with missing acceleration. 254 * 255 * Relevant curves are: 256 * - all curves for ECDH 257 * - Weierstrass curves for (deterministic) ECDSA 258 * - secp256r1 for EC J-PAKE 259 */ 260 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) 261 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \ 262 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \ 263 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 264 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 265 #define MBEDTLS_ECDSA_DETERMINISTIC 266 #define MBEDTLS_HMAC_DRBG_C 267 #define MBEDTLS_MD_C 268 #define MBEDTLS_ECDSA_C 269 #define MBEDTLS_ECP_C 270 #define MBEDTLS_BIGNUM_C 271 #define MBEDTLS_ASN1_PARSE_C 272 #define MBEDTLS_ASN1_WRITE_C 273 #endif /* missing accel */ 274 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ 275 276 #if defined(PSA_WANT_ALG_ECDH) 277 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \ 278 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ 279 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 280 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 281 #define MBEDTLS_ECDH_C 282 #define MBEDTLS_ECP_C 283 #define MBEDTLS_BIGNUM_C 284 #endif /* missing accel */ 285 #endif /* PSA_WANT_ALG_ECDH */ 286 287 #if defined(PSA_WANT_ALG_ECDSA) 288 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ 289 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \ 290 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 291 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 292 #define MBEDTLS_ECDSA_C 293 #define MBEDTLS_ECP_C 294 #define MBEDTLS_BIGNUM_C 295 #define MBEDTLS_ASN1_PARSE_C 296 #define MBEDTLS_ASN1_WRITE_C 297 #endif /* missing accel */ 298 #endif /* PSA_WANT_ALG_ECDSA */ 299 300 #if defined(PSA_WANT_ALG_JPAKE) 301 #if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \ 302 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ 303 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) 304 #define MBEDTLS_PSA_BUILTIN_PAKE 1 305 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 306 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 307 #define MBEDTLS_BIGNUM_C 308 #define MBEDTLS_ECP_C 309 #define MBEDTLS_ECJPAKE_C 310 #endif /* missing accel */ 311 #endif /* PSA_WANT_ALG_JPAKE */ 312 313 /* ECC: key types: enable built-ins as needed. 314 * 315 * We need the key type built-in: 316 * - if it's not accelerated, or 317 * - if there's a curve with missing acceleration, or 318 * - only for public/basic: if there's an alg with missing acceleration. 319 */ 320 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 321 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ 322 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ 323 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 324 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 325 #endif /* missing accel */ 326 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ 327 328 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) 329 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ 330 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ 331 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) 332 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 333 #endif /* missing accel */ 334 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */ 335 336 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) 337 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 338 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 339 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 340 #endif /* missing accel */ 341 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */ 342 343 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) 344 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 345 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 346 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 347 #endif /* missing accel */ 348 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */ 349 350 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) 351 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \ 352 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 353 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 354 #endif /* missing accel */ 355 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */ 356 357 /* Note: the condition is always true as DERIVE can't be accelerated yet */ 358 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) 359 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ 360 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 361 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 362 #endif /* missing accel */ 363 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ 364 365 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ 366 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ 367 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ 368 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) 369 #define MBEDTLS_ECP_LIGHT 370 #define MBEDTLS_BIGNUM_C 371 #endif 372 373 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ 374 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) 375 #define MBEDTLS_ECP_C 376 #define MBEDTLS_BIGNUM_C 377 #endif 378 379 /* End of ECC section */ 380 381 /* 382 * DH key types follow the same pattern used above for EC keys. They are defined 383 * by a triplet (group, key_type, alg). A triplet is accelerated if all its 384 * component are accelerated, otherwise each component needs to be builtin. 385 */ 386 387 /* DH: groups: is acceleration complete? */ 388 #if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \ 389 (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \ 390 (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \ 391 (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \ 392 (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192)) 393 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS 394 #endif 395 396 /* DH: algs: is acceleration complete? */ 397 #if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) 398 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS 399 #endif 400 401 /* DH: key types: is acceleration complete? */ 402 #if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \ 403 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \ 404 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ 405 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \ 406 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \ 407 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \ 408 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \ 409 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \ 410 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \ 411 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)) 412 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES 413 #endif 414 415 #if defined(PSA_WANT_DH_RFC7919_2048) 416 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \ 417 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 418 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 419 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 420 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ 421 #endif /* PSA_WANT_DH_RFC7919_2048 */ 422 423 #if defined(PSA_WANT_DH_RFC7919_3072) 424 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \ 425 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 426 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 427 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 428 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ 429 #endif /* PSA_WANT_DH_RFC7919_3072 */ 430 431 #if defined(PSA_WANT_DH_RFC7919_4096) 432 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \ 433 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 434 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 435 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 436 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ 437 #endif /* PSA_WANT_DH_RFC7919_4096 */ 438 439 #if defined(PSA_WANT_DH_RFC7919_6144) 440 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \ 441 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 442 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 443 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 444 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ 445 #endif /* PSA_WANT_DH_RFC7919_6144 */ 446 447 #if defined(PSA_WANT_DH_RFC7919_8192) 448 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \ 449 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ 450 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 451 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 452 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ 453 #endif /* PSA_WANT_DH_RFC7919_8192 */ 454 455 #if defined(PSA_WANT_ALG_FFDH) 456 #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \ 457 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 458 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) 459 #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 460 #define MBEDTLS_BIGNUM_C 461 #endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */ 462 #endif /* PSA_WANT_ALG_FFDH */ 463 464 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) 465 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ 466 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 467 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 468 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 469 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */ 470 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */ 471 472 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) 473 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ 474 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 475 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 476 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 477 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */ 478 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */ 479 480 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) 481 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) 482 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 483 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */ 484 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */ 485 486 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) 487 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \ 488 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 489 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 490 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 491 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */ 492 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */ 493 494 #if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) 495 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \ 496 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ 497 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) 498 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 499 #define MBEDTLS_BIGNUM_C 500 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */ 501 #endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */ 502 503 /* End of DH section */ 504 505 #if defined(PSA_WANT_ALG_HKDF) 506 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) 507 /* 508 * The PSA implementation has its own implementation of HKDF, separate from 509 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 510 */ 511 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 512 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ 513 #endif /* PSA_WANT_ALG_HKDF */ 514 515 #if defined(PSA_WANT_ALG_HKDF_EXTRACT) 516 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) 517 /* 518 * The PSA implementation has its own implementation of HKDF, separate from 519 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 520 */ 521 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 522 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ 523 #endif /* PSA_WANT_ALG_HKDF_EXTRACT */ 524 525 #if defined(PSA_WANT_ALG_HKDF_EXPAND) 526 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) 527 /* 528 * The PSA implementation has its own implementation of HKDF, separate from 529 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 530 */ 531 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 532 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ 533 #endif /* PSA_WANT_ALG_HKDF_EXPAND */ 534 535 #if defined(PSA_WANT_ALG_HMAC) 536 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) 537 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 538 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ 539 #endif /* PSA_WANT_ALG_HMAC */ 540 541 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) 542 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 543 #define MBEDTLS_MD5_C 544 #endif 545 546 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) 547 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 548 #define MBEDTLS_RIPEMD160_C 549 #endif 550 551 #if defined(PSA_WANT_ALG_RSA_OAEP) 552 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) 553 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 554 #define MBEDTLS_RSA_C 555 #define MBEDTLS_BIGNUM_C 556 #define MBEDTLS_OID_C 557 #define MBEDTLS_PKCS1_V21 558 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ 559 #endif /* PSA_WANT_ALG_RSA_OAEP */ 560 561 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) 562 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) 563 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 564 #define MBEDTLS_RSA_C 565 #define MBEDTLS_BIGNUM_C 566 #define MBEDTLS_OID_C 567 #define MBEDTLS_PKCS1_V15 568 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ 569 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ 570 571 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 572 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) 573 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 574 #define MBEDTLS_RSA_C 575 #define MBEDTLS_BIGNUM_C 576 #define MBEDTLS_OID_C 577 #define MBEDTLS_PKCS1_V15 578 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ 579 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ 580 581 #if defined(PSA_WANT_ALG_RSA_PSS) 582 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) 583 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 584 #define MBEDTLS_RSA_C 585 #define MBEDTLS_BIGNUM_C 586 #define MBEDTLS_OID_C 587 #define MBEDTLS_PKCS1_V21 588 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ 589 #endif /* PSA_WANT_ALG_RSA_PSS */ 590 591 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) 592 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 593 #define MBEDTLS_SHA1_C 594 #endif 595 596 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) 597 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 598 #define MBEDTLS_SHA224_C 599 #endif 600 601 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) 602 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 603 #define MBEDTLS_SHA256_C 604 #endif 605 606 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) 607 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 608 #define MBEDTLS_SHA384_C 609 #endif 610 611 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) 612 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 613 #define MBEDTLS_SHA512_C 614 #endif 615 616 #if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) 617 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 618 #define MBEDTLS_SHA3_C 619 #endif 620 621 #if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) 622 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 623 #define MBEDTLS_SHA3_C 624 #endif 625 626 #if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) 627 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 628 #define MBEDTLS_SHA3_C 629 #endif 630 631 #if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) 632 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 633 #define MBEDTLS_SHA3_C 634 #endif 635 636 #if defined(PSA_WANT_ALG_PBKDF2_HMAC) 637 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC) 638 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1 639 #define PSA_HAVE_SOFT_PBKDF2_HMAC 1 640 #endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */ 641 #endif /* PSA_WANT_ALG_PBKDF2_HMAC */ 642 643 #if defined(PSA_WANT_ALG_TLS12_PRF) 644 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) 645 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 646 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ 647 #endif /* PSA_WANT_ALG_TLS12_PRF */ 648 649 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) 650 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) 651 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 652 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ 653 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ 654 655 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) 656 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) 657 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 658 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */ 659 #endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ 660 661 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) 662 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT) 663 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 664 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */ 665 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */ 666 667 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) 668 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT) 669 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 670 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */ 671 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */ 672 673 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 674 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE) 675 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 676 #define MBEDTLS_GENPRIME 677 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */ 678 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */ 679 680 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) 681 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC) 682 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 683 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */ 684 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ 685 686 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) 687 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) 688 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 689 #define MBEDTLS_RSA_C 690 #define MBEDTLS_BIGNUM_C 691 #define MBEDTLS_OID_C 692 #define MBEDTLS_ASN1_PARSE_C 693 #define MBEDTLS_ASN1_WRITE_C 694 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ 695 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ 696 697 /* If any of the block modes are requested that don't have an 698 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking 699 * in the block cipher key types. */ 700 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ 701 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ 702 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ 703 (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \ 704 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ 705 (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ 706 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) 707 #define PSA_HAVE_SOFT_BLOCK_MODE 1 708 #endif 709 710 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) 711 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128) 712 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1 713 #define PSA_HAVE_SOFT_PBKDF2_CMAC 1 714 #endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */ 715 #endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */ 716 717 #if defined(PSA_WANT_KEY_TYPE_AES) 718 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) 719 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1 720 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ 721 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 722 defined(PSA_HAVE_SOFT_BLOCK_MODE) 723 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 724 #define MBEDTLS_AES_C 725 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ 726 #endif /* PSA_WANT_KEY_TYPE_AES */ 727 728 #if defined(PSA_WANT_KEY_TYPE_ARIA) 729 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) 730 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 731 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ 732 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 733 defined(PSA_HAVE_SOFT_BLOCK_MODE) 734 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 735 #define MBEDTLS_ARIA_C 736 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ 737 #endif /* PSA_WANT_KEY_TYPE_ARIA */ 738 739 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) 740 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) 741 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 742 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ 743 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ 744 defined(PSA_HAVE_SOFT_BLOCK_MODE) 745 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 746 #define MBEDTLS_CAMELLIA_C 747 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ 748 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ 749 750 #if defined(PSA_WANT_KEY_TYPE_DES) 751 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) 752 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1 753 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ 754 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 755 defined(PSA_HAVE_SOFT_BLOCK_MODE) 756 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 757 #define MBEDTLS_DES_C 758 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ 759 #endif /* PSA_WANT_KEY_TYPE_DES */ 760 761 #if defined(PSA_WANT_ALG_STREAM_CIPHER) 762 #if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) 763 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 764 #endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */ 765 #endif /* PSA_WANT_ALG_STREAM_CIPHER */ 766 767 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 768 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \ 769 defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) 770 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 771 #define MBEDTLS_CHACHA20_C 772 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ 773 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 774 775 /* If any of the software block ciphers are selected, define 776 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these 777 * situations. */ 778 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 779 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 780 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 781 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 782 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 783 #endif 784 785 #if defined(PSA_WANT_ALG_CBC_MAC) 786 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) 787 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." 788 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 789 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ 790 #endif /* PSA_WANT_ALG_CBC_MAC */ 791 792 #if defined(PSA_WANT_ALG_CMAC) 793 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ 794 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 795 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 796 #define MBEDTLS_CMAC_C 797 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ 798 #endif /* PSA_WANT_ALG_CMAC */ 799 800 #if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \ 801 defined(PSA_HAVE_SOFT_PBKDF2_CMAC) 802 #define PSA_HAVE_SOFT_PBKDF2 1 803 #endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */ 804 805 #if defined(PSA_WANT_ALG_CTR) 806 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ 807 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 808 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 809 #define MBEDTLS_CIPHER_MODE_CTR 810 #endif 811 #endif /* PSA_WANT_ALG_CTR */ 812 813 #if defined(PSA_WANT_ALG_CFB) 814 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ 815 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 816 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 817 #define MBEDTLS_CIPHER_MODE_CFB 818 #endif 819 #endif /* PSA_WANT_ALG_CFB */ 820 821 #if defined(PSA_WANT_ALG_OFB) 822 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ 823 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 824 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 825 #define MBEDTLS_CIPHER_MODE_OFB 826 #endif 827 #endif /* PSA_WANT_ALG_OFB */ 828 829 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ 830 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) 831 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 832 #endif 833 834 #if defined(PSA_WANT_ALG_CBC_NO_PADDING) 835 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ 836 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 837 #define MBEDTLS_CIPHER_MODE_CBC 838 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 839 #endif 840 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ 841 842 #if defined(PSA_WANT_ALG_CBC_PKCS7) 843 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ 844 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 845 #define MBEDTLS_CIPHER_MODE_CBC 846 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 847 #define MBEDTLS_CIPHER_PADDING_PKCS7 848 #endif 849 #endif /* PSA_WANT_ALG_CBC_PKCS7 */ 850 851 #if defined(PSA_WANT_ALG_CCM) 852 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ 853 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 854 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 855 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 856 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 857 #define MBEDTLS_CCM_C 858 #endif 859 #endif /* PSA_WANT_ALG_CCM */ 860 861 #if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) 862 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \ 863 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 864 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 865 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 866 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 867 #define MBEDTLS_CCM_C 868 #endif 869 #endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */ 870 871 #if defined(PSA_WANT_ALG_GCM) 872 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ 873 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 874 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 875 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 876 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 877 #define MBEDTLS_GCM_C 878 #endif 879 #endif /* PSA_WANT_ALG_GCM */ 880 881 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) 882 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) 883 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 884 #define MBEDTLS_CHACHAPOLY_C 885 #define MBEDTLS_CHACHA20_C 886 #define MBEDTLS_POLY1305_C 887 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 888 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 889 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ 890 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ 891 892 #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */ 893
