1 /** 2 * \file psa/crypto_config.h 3 * \brief PSA crypto configuration options (set of defines) 4 * 5 */ 6 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 7 /** 8 * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h, 9 * this file determines which cryptographic mechanisms are enabled 10 * through the PSA Cryptography API (\c psa_xxx() functions). 11 * 12 * To enable a cryptographic mechanism, uncomment the definition of 13 * the corresponding \c PSA_WANT_xxx preprocessor symbol. 14 * To disable a cryptographic mechanism, comment out the definition of 15 * the corresponding \c PSA_WANT_xxx preprocessor symbol. 16 * The names of cryptographic mechanisms correspond to values 17 * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead 18 * of \c PSA_. 19 * 20 * Note that many cryptographic mechanisms involve two symbols: one for 21 * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm 22 * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve 23 * additional symbols. 24 */ 25 #else 26 /** 27 * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h, 28 * this file is not used, and cryptographic mechanisms are supported 29 * through the PSA API if and only if they are supported through the 30 * mbedtls_xxx API. 31 */ 32 #endif 33 /* 34 * Copyright The Mbed TLS Contributors 35 * SPDX-License-Identifier: Apache-2.0 36 * 37 * Licensed under the Apache License, Version 2.0 (the "License"); you may 38 * not use this file except in compliance with the License. 39 * You may obtain a copy of the License at 40 * 41 * http://www.apache.org/licenses/LICENSE-2.0 42 * 43 * Unless required by applicable law or agreed to in writing, software 44 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 45 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 46 * See the License for the specific language governing permissions and 47 * limitations under the License. 48 */ 49 50 #ifndef PSA_CRYPTO_CONFIG_H 51 #define PSA_CRYPTO_CONFIG_H 52 53 /* 54 * CBC-MAC is not yet supported via the PSA API in Mbed TLS. 55 */ 56 //#define PSA_WANT_ALG_CBC_MAC 1 57 #define PSA_WANT_ALG_CBC_NO_PADDING 1 58 #define PSA_WANT_ALG_CBC_PKCS7 1 59 #define PSA_WANT_ALG_CCM 1 60 #define PSA_WANT_ALG_CMAC 1 61 #define PSA_WANT_ALG_CFB 1 62 #define PSA_WANT_ALG_CHACHA20_POLY1305 1 63 #define PSA_WANT_ALG_CMAC 1 64 #define PSA_WANT_ALG_CTR 1 65 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 66 #define PSA_WANT_ALG_ECB_NO_PADDING 1 67 #define PSA_WANT_ALG_ECDH 1 68 #define PSA_WANT_ALG_ECDSA 1 69 #define PSA_WANT_ALG_GCM 1 70 #define PSA_WANT_ALG_HKDF 1 71 #define PSA_WANT_ALG_HMAC 1 72 #define PSA_WANT_ALG_MD2 1 73 #define PSA_WANT_ALG_MD4 1 74 #define PSA_WANT_ALG_MD5 1 75 #define PSA_WANT_ALG_OFB 1 76 #define PSA_WANT_ALG_RIPEMD160 1 77 #define PSA_WANT_ALG_RSA_OAEP 1 78 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 79 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 80 #define PSA_WANT_ALG_RSA_PSS 1 81 #define PSA_WANT_ALG_SHA_1 1 82 #define PSA_WANT_ALG_SHA_224 1 83 #define PSA_WANT_ALG_SHA_256 1 84 #define PSA_WANT_ALG_SHA_384 1 85 #define PSA_WANT_ALG_SHA_512 1 86 #define PSA_WANT_ALG_STREAM_CIPHER 1 87 #define PSA_WANT_ALG_TLS12_PRF 1 88 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 89 #define PSA_WANT_ALG_XTS 1 90 91 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 92 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 93 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 94 #define PSA_WANT_ECC_MONTGOMERY_255 1 95 /* 96 * Curve448 is not yet supported via the PSA API in Mbed TLS 97 * (https://github.com/ARMmbed/mbedtls/issues/4249). Thus, do not enable it by 98 * default. 99 */ 100 //#define PSA_WANT_ECC_MONTGOMERY_448 1 101 #define PSA_WANT_ECC_SECP_K1_192 1 102 /* 103 * SECP224K1 is buggy via the PSA API in Mbed TLS 104 * (https://github.com/ARMmbed/mbedtls/issues/3541). Thus, do not enable it by 105 * default. 106 */ 107 //#define PSA_WANT_ECC_SECP_K1_224 1 108 #define PSA_WANT_ECC_SECP_K1_256 1 109 #define PSA_WANT_ECC_SECP_R1_192 1 110 #define PSA_WANT_ECC_SECP_R1_224 1 111 #define PSA_WANT_ECC_SECP_R1_256 1 112 #define PSA_WANT_ECC_SECP_R1_384 1 113 #define PSA_WANT_ECC_SECP_R1_521 1 114 115 #define PSA_WANT_KEY_TYPE_DERIVE 1 116 #define PSA_WANT_KEY_TYPE_HMAC 1 117 #define PSA_WANT_KEY_TYPE_AES 1 118 #define PSA_WANT_KEY_TYPE_ARC4 1 119 #define PSA_WANT_KEY_TYPE_ARIA 1 120 #define PSA_WANT_KEY_TYPE_CAMELLIA 1 121 #define PSA_WANT_KEY_TYPE_CHACHA20 1 122 #define PSA_WANT_KEY_TYPE_DES 1 123 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 124 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 125 #define PSA_WANT_KEY_TYPE_RAW_DATA 1 126 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 127 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 128 129 #endif /* PSA_CRYPTO_CONFIG_H */ 130