1 /***************************************************************************//** 2 * \file cy_crypto_config.h 3 * \version 2.120 4 * 5 * \brief 6 * This file provides default configuration parameters 7 * for the Crypto driver. 8 * 9 ******************************************************************************** 10 * Copyright 2016-2022 Cypress Semiconductor Corporation 11 * SPDX-License-Identifier: Apache-2.0 12 * 13 * Licensed under the Apache License, Version 2.0 (the "License"); 14 * you may not use this file except in compliance with the License. 15 * You may obtain a copy of the License at 16 * 17 * http://www.apache.org/licenses/LICENSE-2.0 18 * 19 * Unless required by applicable law or agreed to in writing, software 20 * distributed under the License is distributed on an "AS IS" BASIS, 21 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 22 * See the License for the specific language governing permissions and 23 * limitations under the License. 24 *******************************************************************************/ 25 26 27 #if !defined(CY_CRYPTO_CONFIG_H) 28 #define CY_CRYPTO_CONFIG_H 29 30 #include "cy_device.h" 31 #include "cy_device_headers.h" 32 33 #if defined (CY_IP_MXCRYPTO) 34 35 #include "cy_syslib.h" 36 37 CY_MISRA_DEVIATE_BLOCK_START('MISRA C-2012 Rule 20.5', 2, \ 38 'Since hardware configurations are decided by CRYPTO hardware IP version, use of #undef will not make it ambiguous that which macros exist at a particular point within a translation unit.') 39 40 #if defined(CY_CRYPTO_USER_CONFIG_FILE) 41 #include CY_CRYPTO_USER_CONFIG_FILE 42 #else 43 44 /* 45 * Use hardware specific model instead of PDL device agnostic model. 46 * Disabled by default. 47 */ 48 #define CY_CRYPTO_CFG_HW_USE_MPN_SPECIFIC 49 50 /* CRYPTO hardware version 1 support */ 51 #define CY_CRYPTO_CFG_HW_V1_ENABLE 52 53 /* CRYPTO hardware version 2 support */ 54 #define CY_CRYPTO_CFG_HW_V2_ENABLE 55 56 /* Default configuration: 57 * 58 * - SHA1 59 * - SHA256 60 * - SHA512 61 * - HMAC 62 * - AES ECB 63 * - AES CBC 64 * - AES CFB 65 * - AES CTR 66 * - CMAC 67 * - CRC 68 * - PRNG 69 * - TRNG 70 * - DES/TDES 71 * - RSA encrypt/decrypt 72 * - RSA PKCS#1.l5 verification 73 * - ECP multiplication 74 * - ECDSA key generation 75 * - ECDSA sign 76 * - ECDSA verification 77 */ 78 79 #define CY_CRYPTO_CFG_CRC_C 80 #define CY_CRYPTO_CFG_DES_C 81 #define CY_CRYPTO_CFG_PRNG_C 82 #define CY_CRYPTO_CFG_TRNG_C 83 84 /* Currently this driver supports CBC, CFB, CTR cipher modes */ 85 #define CY_CRYPTO_CFG_AES_C 86 #define CY_CRYPTO_CFG_CMAC_C 87 #define CY_CRYPTO_CFG_GCM_C 88 #define CY_CRYPTO_CFG_CCM_C 89 #define CY_CRYPTO_CFG_CBC_MAC_C 90 91 92 /* AES Cipher modes */ 93 #define CY_CRYPTO_CFG_CIPHER_MODE_CBC 94 #define CY_CRYPTO_CFG_CIPHER_MODE_CFB 95 #define CY_CRYPTO_CFG_CIPHER_MODE_CTR 96 97 /* Currently OFB, XTS cipher modes are not implemented */ 98 // #define CY_CRYPTO_CFG_CIPHER_MODE_OFB 99 // #define CY_CRYPTO_CFG_CIPHER_MODE_XTS 100 101 #define CY_CRYPTO_CFG_SHA_C 102 #define CY_CRYPTO_CFG_HMAC_C 103 #define CY_CRYPTO_CFG_HKDF_C 104 105 #define CY_CRYPTO_CFG_SHA1_ENABLED 106 #define CY_CRYPTO_CFG_SHA2_256_ENABLED 107 #define CY_CRYPTO_CFG_SHA2_512_ENABLED 108 #define CY_CRYPTO_CFG_SHA3_ENABLED 109 110 /* RSA functionality */ 111 #define CY_CRYPTO_CFG_RSA_C 112 /* RSA PKCS 1.5 verification */ 113 #define CY_CRYPTO_CFG_RSA_VERIFY_ENABLED 114 115 /* RSA PKCS 1.5 signing */ 116 #define CY_CRYPTO_CFG_RSA_SIGN_ENABLED 117 118 /* Only NIST-P curves are currently supported */ 119 #define CY_CRYPTO_CFG_ECP_C 120 121 #define CY_CRYPTO_CFG_ECP_DP_SECP192R1_ENABLED 122 #define CY_CRYPTO_CFG_ECP_DP_SECP224R1_ENABLED 123 #define CY_CRYPTO_CFG_ECP_DP_SECP256R1_ENABLED 124 #define CY_CRYPTO_CFG_ECP_DP_SECP384R1_ENABLED 125 #define CY_CRYPTO_CFG_ECP_DP_SECP521R1_ENABLED 126 #define CY_CRYPTO_CFG_ECP_DP_ED25519_ENABLED 127 128 /* Currently CURVE25519 support is not implemented */ 129 // #define CY_CRYPTO_CFG_ECP_DP_CURVE25519_ENABLED 130 131 /* ECDSA functionality */ 132 #define CY_CRYPTO_CFG_ECDSA_C 133 134 /* ECDSA key generation */ 135 #define CY_CRYPTO_CFG_ECDSA_GENKEY_C 136 /* ECDSA sign */ 137 #define CY_CRYPTO_CFG_ECDSA_SIGN_C 138 /* ECDSA verification */ 139 #define CY_CRYPTO_CFG_ECDSA_VERIFY_C 140 /* EDDSA functionality */ 141 #define CY_CRYPTO_CFG_EDDSA_C 142 /* EDDSA sign */ 143 #define CY_CRYPTO_CFG_EDDSA_SIGN_C 144 /* EDDSA verify */ 145 #define CY_CRYPTO_CFG_EDDSA_VERIFY_C 146 /* EDDSA key generation */ 147 #define CY_CRYPTO_CFG_EDDSA_GENKEY_C 148 149 /* External memory use */ 150 //#define CY_CRYPTO_CFG_EXTERNAL_MEMORY_ENABLE 151 152 #if (CY_IP_MXCRYPTO_VERSION == 2u) 153 /* Disabled chacha20 functionality */ 154 //#define CY_CRYPTO_CFG_CHACHA_ENABLED 155 156 /* Disabled poly1305 functionality */ 157 //#define CY_CRYPTO_CFG_POLY1305_ENABLED 158 #endif 159 160 #endif 161 162 /* Check hardware configuration */ 163 #if defined(CY_CRYPTO_CFG_HW_USE_MPN_SPECIFIC) 164 #undef CY_CRYPTO_CFG_HW_V1_ENABLE 165 #undef CY_CRYPTO_CFG_HW_V2_ENABLE 166 167 #if (CY_IP_MXCRYPTO_VERSION == 1u) 168 /* CRYPTO hardware version 1 support */ 169 #define CY_CRYPTO_CFG_HW_V1_ENABLE 170 #endif 171 172 #if (CY_IP_MXCRYPTO_VERSION == 2u) 173 /* CRYPTO hardware version 2 support */ 174 #define CY_CRYPTO_CFG_HW_V2_ENABLE 175 #endif 176 #else 177 #if !defined(CY_CRYPTO_CFG_HW_V1_ENABLE) && !defined(CY_CRYPTO_CFG_HW_V2_ENABLE) 178 #error "Select proper hardware configuration (CY_CRYPTO_CFG_HW_V1_ENABLE or CY_CRYPTO_CFG_HW_V2_ENABLE)" 179 #endif /* !defined(CY_CRYPTO_CFG_HW_V1_ENABLE) && !defined(CY_CRYPTO_CFG_HW_V2_ENABLE) */ 180 181 #endif 182 183 /* Check AES configuration */ 184 #if (defined(CY_CRYPTO_CFG_CIPHER_MODE_CBC) || \ 185 defined(CY_CRYPTO_CFG_CIPHER_MODE_CFB) || \ 186 defined(CY_CRYPTO_CFG_CIPHER_MODE_CTR)) \ 187 && !defined(CY_CRYPTO_CFG_AES_C) 188 #error "CY_CRYPTO_CFG_AES_C is not defined to use any AES ciphers" 189 #endif 190 191 /* Check CMAC configuration */ 192 #if defined(CY_CRYPTO_CFG_CMAC_C) && !defined(CY_CRYPTO_CFG_AES_C) 193 #error "CY_CRYPTO_CFG_AES_C is not defined to use CMAC calculation" 194 #endif /* defined(CY_CRYPTO_CFG_CMAC_C) && !defined(CY_CRYPTO_CFG_AES_C) */ 195 196 /* Check CBC-MAC configuration */ 197 #if defined(CY_CRYPTO_CFG_CBC_MAC_C) && !defined(CY_CRYPTO_CFG_CIPHER_MODE_CBC) 198 #error "CY_CRYPTO_CFG_CIPHER_MODE_CBC is not defined to use CBC-MAC calculation" 199 #endif /* defined(CY_CRYPTO_CFG_CBC_MAC_C) && !defined(CY_CRYPTO_CFG_CIPHER_MODE_CBC) */ 200 201 /* Check GCM configuration */ 202 #if defined(CY_CRYPTO_CFG_GCM_C) && !defined(CY_CRYPTO_CFG_AES_C) 203 #error "CY_CRYPTO_CFG_AES_C is not defined to use GCM calculation" 204 #endif /* defined(CY_CRYPTO_CFG_GCM_C) && !defined(CY_CRYPTO_CFG_AES_C) */ 205 206 /* Check SHA configuration */ 207 #if (defined(CY_CRYPTO_CFG_SHA1_ENABLED) || \ 208 defined(CY_CRYPTO_CFG_SHA2_256_ENABLED) || \ 209 defined(CY_CRYPTO_CFG_SHA2_512_ENABLED) || \ 210 defined(CY_CRYPTO_CFG_SHA3_ENABLED)) \ 211 && !defined(CY_CRYPTO_CFG_SHA_C) 212 #error "CY_CRYPTO_CFG_SHA_C is not defined to use SHA digests" 213 #endif 214 215 #if defined(CY_CRYPTO_CFG_SHA_C) && (!defined(CY_CRYPTO_CFG_SHA1_ENABLED) && \ 216 !defined(CY_CRYPTO_CFG_SHA2_256_ENABLED) && !defined(CY_CRYPTO_CFG_SHA3_ENABLED) &&\ 217 !defined(CY_CRYPTO_CFG_SHA2_512_ENABLED)) 218 #error "CY_CRYPTO_CFG_SHA_C is defined but no SHA mode is selected" 219 #endif 220 221 222 /* Check HMAC configuration */ 223 #if defined(CY_CRYPTO_CFG_HMAC_C) && !defined(CY_CRYPTO_CFG_SHA_C) 224 #error "CY_CRYPTO_CFG_SHA_C is not defined to use HMAC calculation" 225 #endif /* defined(CY_CRYPTO_CFG_HMAC_C) && !defined(CY_CRYPTO_CFG_SHA_C) */ 226 227 /* Check HKDF configuration */ 228 #if defined(CY_CRYPTO_CFG_HKDF_C) && (!defined(CY_CRYPTO_CFG_HMAC_C) || !defined(CY_CRYPTO_CFG_SHA_C)) 229 #error "CY_CRYPTO_CFG_HMAC_C & CY_CRYPTO_CFG_SHA_C is not defined to use HKDF calculation" 230 #endif /* defined(CY_CRYPTO_CFG_HKDF_C) && (!defined(CY_CRYPTO_CFG_HMAC_C) || !defined(CY_CRYPTO_CFG_SHA_C)) */ 231 232 /* Check RSA verify configuration */ 233 #if defined(CY_CRYPTO_CFG_RSA_VERIFY_ENABLED) && !defined(CY_CRYPTO_CFG_RSA_C) 234 #error "CY_CRYPTO_CFG_RSA_C is not defined to use RSA verification functionality" 235 #endif 236 237 #if defined(CY_CRYPTO_CFG_RSA_VERIFY_ENABLED) && !defined(CY_CRYPTO_CFG_SHA_C) 238 #error "CY_CRYPTO_CFG_SHA_C is not defined to use RSA verification functionality" 239 #endif 240 241 /* Check ECDSA configuration */ 242 #if (defined(CY_CRYPTO_CFG_ECDSA_GENKEY_C) || defined(CY_CRYPTO_CFG_ECDSA_SIGN_C) || \ 243 defined(CY_CRYPTO_CFG_ECDSA_VERIFY_C)) && !defined(CY_CRYPTO_CFG_ECDSA_C) 244 #error "CY_CRYPTO_CFG_ECDSA_C is not defined to use ECDSA functionalities" 245 #endif 246 247 #if !(defined(CY_CRYPTO_CFG_ECDSA_GENKEY_C) || defined(CY_CRYPTO_CFG_ECDSA_SIGN_C) || \ 248 defined(CY_CRYPTO_CFG_ECDSA_VERIFY_C)) && defined(CY_CRYPTO_CFG_ECDSA_C) 249 #error "CY_CRYPTO_CFG_ECDSA_C is defined but no ECDSA functionality is selected" 250 #endif 251 252 #if defined(CY_CRYPTO_CFG_ECDSA_C) && !defined(CY_CRYPTO_CFG_ECP_C) 253 #define CY_CRYPTO_CFG_ECP_C 254 #endif /* defined(CY_CRYPTO_CFG_ECDSA_C) && !defined(CY_CRYPTO_CFG_ECP_C) */ 255 256 /* Check ECP configuration */ 257 #if !(defined(CY_CRYPTO_CFG_ECP_DP_SECP192R1_ENABLED) || \ 258 defined(CY_CRYPTO_CFG_ECP_DP_SECP224R1_ENABLED) || \ 259 defined(CY_CRYPTO_CFG_ECP_DP_SECP256R1_ENABLED) || \ 260 defined(CY_CRYPTO_CFG_ECP_DP_SECP384R1_ENABLED) || \ 261 defined(CY_CRYPTO_CFG_ECP_DP_SECP521R1_ENABLED)) \ 262 && defined(CY_CRYPTO_CFG_ECP_C) 263 #error "CY_CRYPTO_CFG_ECP_C is defined but no curve is selected" 264 #endif 265 266 #if (defined(CY_CRYPTO_CFG_ECP_DP_SECP192R1_ENABLED) || \ 267 defined(CY_CRYPTO_CFG_ECP_DP_SECP224R1_ENABLED) || \ 268 defined(CY_CRYPTO_CFG_ECP_DP_SECP256R1_ENABLED) || \ 269 defined(CY_CRYPTO_CFG_ECP_DP_SECP384R1_ENABLED) || \ 270 defined(CY_CRYPTO_CFG_ECP_DP_SECP521R1_ENABLED)) \ 271 && !defined(CY_CRYPTO_CFG_ECP_C) 272 #error "CY_CRYPTO_CFG_ECP_C is not defined to use ECP functionality" 273 #endif 274 275 #if defined(CY_CRYPTO_CFG_CHACHA_ENABLED) && defined(CY_CRYPTO_CFG_HW_V1_ENABLE) 276 #error "CHACHA functionality is not available in HW_V1" 277 #endif 278 279 CY_MISRA_BLOCK_END('MISRA C-2012 Rule 20.5') 280 281 #endif /* CY_IP_MXCRYPTO */ 282 283 #endif /* #if !defined(CY_CRYPTO_CONFIG_H) */ 284 285 /* [] END OF FILE */ 286
