1 /** 2 * \file mbedtls/config_psa.h 3 * \brief PSA crypto configuration options (set of defines) 4 * 5 * This set of compile-time options takes settings defined in 6 * include/mbedtls/config.h and include/psa/crypto_config.h and uses 7 * those definitions to define symbols used in the library code. 8 * 9 * Users and integrators should not edit this file, please edit 10 * include/mbedtls/config.h for MBEDTLS_XXX settings or 11 * include/psa/crypto_config.h for PSA_WANT_XXX settings. 12 */ 13 /* 14 * Copyright The Mbed TLS Contributors 15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 16 */ 17 18 #ifndef MBEDTLS_CONFIG_PSA_H 19 #define MBEDTLS_CONFIG_PSA_H 20 21 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 22 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) 23 #include MBEDTLS_PSA_CRYPTO_CONFIG_FILE 24 #else 25 #include "psa/crypto_config.h" 26 #endif 27 #endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */ 28 29 #if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) 30 #include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 31 #endif 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 38 39 /****************************************************************/ 40 /* De facto synonyms */ 41 /****************************************************************/ 42 43 #if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA) 44 #define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY 45 #elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA) 46 #define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA 47 #endif 48 49 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 50 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 51 #elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 52 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN 53 #endif 54 55 #if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS) 56 #define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT 57 #elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS) 58 #define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS 59 #endif 60 61 62 63 /****************************************************************/ 64 /* Require built-in implementations based on PSA requirements */ 65 /****************************************************************/ 66 67 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) 68 69 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) 70 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) 71 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 72 #define MBEDTLS_ECDSA_DETERMINISTIC 73 #define MBEDTLS_ECDSA_C 74 #define MBEDTLS_HMAC_DRBG_C 75 #define MBEDTLS_MD_C 76 #endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */ 77 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ 78 79 #if defined(PSA_WANT_ALG_ECDH) 80 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) 81 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 82 #define MBEDTLS_ECDH_C 83 #define MBEDTLS_ECP_C 84 #define MBEDTLS_BIGNUM_C 85 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */ 86 #endif /* PSA_WANT_ALG_ECDH */ 87 88 #if defined(PSA_WANT_ALG_ECDSA) 89 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) 90 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 91 #define MBEDTLS_ECDSA_C 92 #define MBEDTLS_ECP_C 93 #define MBEDTLS_BIGNUM_C 94 #define MBEDTLS_ASN1_PARSE_C 95 #define MBEDTLS_ASN1_WRITE_C 96 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ 97 #endif /* PSA_WANT_ALG_ECDSA */ 98 99 #if defined(PSA_WANT_ALG_HKDF) 100 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) 101 /* 102 * The PSA implementation has its own implementation of HKDF, separate from 103 * hkdf.c. No need to enable MBEDTLS_HKDF_C here. 104 */ 105 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 106 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 107 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ 108 #endif /* PSA_WANT_ALG_HKDF */ 109 110 #if defined(PSA_WANT_ALG_HMAC) 111 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) 112 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 113 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ 114 #endif /* PSA_WANT_ALG_HMAC */ 115 116 #if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2) 117 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1 118 #define MBEDTLS_MD2_C 119 #endif 120 121 #if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4) 122 #define MBEDTLS_PSA_BUILTIN_ALG_MD4 1 123 #define MBEDTLS_MD4_C 124 #endif 125 126 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) 127 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 128 #define MBEDTLS_MD5_C 129 #endif 130 131 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) 132 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 133 #define MBEDTLS_RIPEMD160_C 134 #endif 135 136 #if defined(PSA_WANT_ALG_RSA_OAEP) 137 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) 138 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 139 #define MBEDTLS_RSA_C 140 #define MBEDTLS_BIGNUM_C 141 #define MBEDTLS_OID_C 142 #define MBEDTLS_PKCS1_V21 143 #define MBEDTLS_MD_C 144 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ 145 #endif /* PSA_WANT_ALG_RSA_OAEP */ 146 147 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) 148 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) 149 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 150 #define MBEDTLS_RSA_C 151 #define MBEDTLS_BIGNUM_C 152 #define MBEDTLS_OID_C 153 #define MBEDTLS_PKCS1_V15 154 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ 155 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ 156 157 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) 158 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) 159 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 160 #define MBEDTLS_RSA_C 161 #define MBEDTLS_BIGNUM_C 162 #define MBEDTLS_OID_C 163 #define MBEDTLS_PKCS1_V15 164 #define MBEDTLS_MD_C 165 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ 166 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ 167 168 #if defined(PSA_WANT_ALG_RSA_PSS) 169 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) 170 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 171 #define MBEDTLS_RSA_C 172 #define MBEDTLS_BIGNUM_C 173 #define MBEDTLS_OID_C 174 #define MBEDTLS_PKCS1_V21 175 #define MBEDTLS_MD_C 176 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ 177 #endif /* PSA_WANT_ALG_RSA_PSS */ 178 179 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) 180 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 181 #define MBEDTLS_SHA1_C 182 #endif 183 184 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) 185 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 186 #define MBEDTLS_SHA256_C 187 #endif 188 189 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) 190 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 191 #define MBEDTLS_SHA256_C 192 #endif 193 194 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) 195 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 196 #define MBEDTLS_SHA512_C 197 #endif 198 199 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) 200 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 201 #define MBEDTLS_SHA512_C 202 #endif 203 204 #if defined(PSA_WANT_ALG_TLS12_PRF) 205 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) 206 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 207 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ 208 #endif /* PSA_WANT_ALG_TLS12_PRF */ 209 210 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) 211 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) 212 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 213 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ 214 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ 215 216 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) 217 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) 218 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 219 #define MBEDTLS_ECP_C 220 #define MBEDTLS_BIGNUM_C 221 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */ 222 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */ 223 224 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) 225 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) 226 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 227 #define MBEDTLS_ECP_C 228 #define MBEDTLS_BIGNUM_C 229 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */ 230 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ 231 232 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) 233 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) 234 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 235 #define MBEDTLS_RSA_C 236 #define MBEDTLS_BIGNUM_C 237 #define MBEDTLS_OID_C 238 #define MBEDTLS_GENPRIME 239 #define MBEDTLS_PK_PARSE_C 240 #define MBEDTLS_PK_WRITE_C 241 #define MBEDTLS_PK_C 242 #define MBEDTLS_ASN1_PARSE_C 243 #define MBEDTLS_ASN1_WRITE_C 244 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */ 245 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ 246 247 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) 248 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) 249 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 250 #define MBEDTLS_RSA_C 251 #define MBEDTLS_BIGNUM_C 252 #define MBEDTLS_OID_C 253 #define MBEDTLS_PK_PARSE_C 254 #define MBEDTLS_PK_WRITE_C 255 #define MBEDTLS_PK_C 256 #define MBEDTLS_ASN1_PARSE_C 257 #define MBEDTLS_ASN1_WRITE_C 258 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ 259 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ 260 261 /* If any of the block modes are requested that don't have an 262 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking 263 * in the block cipher key types. */ 264 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ 265 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ 266 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ 267 defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ 268 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ 269 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ 270 (defined(PSA_WANT_ALG_CBC_PKCS7) && \ 271 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ 272 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) 273 #define PSA_HAVE_SOFT_BLOCK_MODE 1 274 #endif 275 276 #if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \ 277 (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM)) 278 #define PSA_HAVE_SOFT_BLOCK_AEAD 1 279 #endif 280 281 #if defined(PSA_WANT_KEY_TYPE_AES) 282 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) 283 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1 284 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ 285 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 286 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 287 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 288 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 289 #define MBEDTLS_AES_C 290 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ 291 #endif /* PSA_WANT_KEY_TYPE_AES */ 292 293 #if defined(PSA_WANT_KEY_TYPE_ARC4) 294 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4) 295 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1 296 #define MBEDTLS_ARC4_C 297 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 */ 298 #endif /* PSA_WANT_KEY_TYPE_ARC4 */ 299 300 #if defined(PSA_WANT_KEY_TYPE_ARIA) 301 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) 302 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 303 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ 304 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 305 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 306 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 307 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 308 #define MBEDTLS_ARIA_C 309 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ 310 #endif /* PSA_WANT_KEY_TYPE_ARIA */ 311 312 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) 313 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) 314 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 315 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ 316 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ 317 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ 318 defined(PSA_HAVE_SOFT_BLOCK_AEAD) 319 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 320 #define MBEDTLS_CAMELLIA_C 321 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ 322 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ 323 324 #if defined(PSA_WANT_KEY_TYPE_DES) 325 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) 326 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1 327 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ 328 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 329 defined(PSA_HAVE_SOFT_BLOCK_MODE) 330 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 331 #define MBEDTLS_DES_C 332 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ 333 #endif /* PSA_WANT_KEY_TYPE_DES */ 334 335 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 336 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) 337 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 338 #define MBEDTLS_CHACHA20_C 339 #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ 340 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 341 342 /* If any of the software block ciphers are selected, define 343 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these 344 * situations. */ 345 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 346 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 347 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ 348 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 349 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 350 #endif 351 352 #if defined(PSA_WANT_ALG_STREAM_CIPHER) 353 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 354 #endif /* PSA_WANT_ALG_STREAM_CIPHER */ 355 356 #if defined(PSA_WANT_ALG_CBC_MAC) 357 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) 358 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." 359 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 360 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ 361 #endif /* PSA_WANT_ALG_CBC_MAC */ 362 363 #if defined(PSA_WANT_ALG_CMAC) 364 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ 365 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 366 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 367 #define MBEDTLS_CMAC_C 368 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ 369 #endif /* PSA_WANT_ALG_CMAC */ 370 371 #if defined(PSA_WANT_ALG_CTR) 372 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ 373 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 374 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 375 #define MBEDTLS_CIPHER_MODE_CTR 376 #endif 377 #endif /* PSA_WANT_ALG_CTR */ 378 379 #if defined(PSA_WANT_ALG_CFB) 380 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ 381 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 382 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 383 #define MBEDTLS_CIPHER_MODE_CFB 384 #endif 385 #endif /* PSA_WANT_ALG_CFB */ 386 387 #if defined(PSA_WANT_ALG_OFB) 388 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ 389 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 390 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 391 #define MBEDTLS_CIPHER_MODE_OFB 392 #endif 393 #endif /* PSA_WANT_ALG_OFB */ 394 395 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ 396 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) 397 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 398 #endif 399 400 #if defined(PSA_WANT_ALG_CBC_NO_PADDING) 401 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ 402 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 403 #define MBEDTLS_CIPHER_MODE_CBC 404 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 405 #endif 406 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ 407 408 #if defined(PSA_WANT_ALG_CBC_PKCS7) 409 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ 410 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) 411 #define MBEDTLS_CIPHER_MODE_CBC 412 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 413 #define MBEDTLS_CIPHER_PADDING_PKCS7 414 #endif 415 #endif /* PSA_WANT_ALG_CBC_PKCS7 */ 416 417 #if defined(PSA_WANT_ALG_CCM) 418 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ 419 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 420 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 421 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 422 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 423 #define MBEDTLS_CCM_C 424 #endif 425 #endif /* PSA_WANT_ALG_CCM */ 426 427 #if defined(PSA_WANT_ALG_GCM) 428 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ 429 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ 430 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ 431 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) 432 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 433 #define MBEDTLS_GCM_C 434 #endif 435 #endif /* PSA_WANT_ALG_GCM */ 436 437 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) 438 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) 439 #if defined(PSA_WANT_KEY_TYPE_CHACHA20) 440 #define MBEDTLS_CHACHAPOLY_C 441 #define MBEDTLS_CHACHA20_C 442 #define MBEDTLS_POLY1305_C 443 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 444 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ 445 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ 446 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ 447 448 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) 449 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) 450 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 451 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 452 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */ 453 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ 454 455 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) 456 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) 457 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 458 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 459 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */ 460 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ 461 462 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) 463 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) 464 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 465 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 466 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */ 467 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ 468 469 #if defined(PSA_WANT_ECC_MONTGOMERY_255) 470 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) 471 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 472 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 473 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */ 474 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */ 475 476 #if defined(PSA_WANT_ECC_MONTGOMERY_448) 477 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) 478 /* 479 * Curve448 is not yet supported via the PSA API in Mbed TLS 480 * (https://github.com/Mbed-TLS/mbedtls/issues/4249). 481 */ 482 #error "Curve448 is not yet supported via the PSA API in Mbed TLS." 483 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 484 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 485 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */ 486 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */ 487 488 #if defined(PSA_WANT_ECC_SECP_R1_192) 489 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) 490 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 491 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 492 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */ 493 #endif /* PSA_WANT_ECC_SECP_R1_192 */ 494 495 #if defined(PSA_WANT_ECC_SECP_R1_224) 496 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) 497 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 498 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 499 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */ 500 #endif /* PSA_WANT_ECC_SECP_R1_224 */ 501 502 #if defined(PSA_WANT_ECC_SECP_R1_256) 503 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) 504 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 505 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 506 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */ 507 #endif /* PSA_WANT_ECC_SECP_R1_256 */ 508 509 #if defined(PSA_WANT_ECC_SECP_R1_384) 510 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) 511 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 512 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 513 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */ 514 #endif /* PSA_WANT_ECC_SECP_R1_384 */ 515 516 #if defined(PSA_WANT_ECC_SECP_R1_521) 517 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) 518 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 519 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 520 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */ 521 #endif /* PSA_WANT_ECC_SECP_R1_521 */ 522 523 #if defined(PSA_WANT_ECC_SECP_K1_192) 524 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) 525 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 526 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 527 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */ 528 #endif /* PSA_WANT_ECC_SECP_K1_192 */ 529 530 #if defined(PSA_WANT_ECC_SECP_K1_224) 531 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) 532 /* 533 * SECP224K1 is buggy via the PSA API in Mbed TLS 534 * (https://github.com/Mbed-TLS/mbedtls/issues/3541). 535 */ 536 #error "SECP224K1 is buggy via the PSA API in Mbed TLS." 537 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 538 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 539 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */ 540 #endif /* PSA_WANT_ECC_SECP_K1_224 */ 541 542 #if defined(PSA_WANT_ECC_SECP_K1_256) 543 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) 544 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 545 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 546 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */ 547 #endif /* PSA_WANT_ECC_SECP_K1_256 */ 548 549 550 551 /****************************************************************/ 552 /* Infer PSA requirements from Mbed TLS capabilities */ 553 /****************************************************************/ 554 555 #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ 556 557 /* 558 * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG 559 * is not defined 560 */ 561 562 #if defined(MBEDTLS_CCM_C) 563 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 564 #define PSA_WANT_ALG_CCM 1 565 #endif /* MBEDTLS_CCM_C */ 566 567 #if defined(MBEDTLS_CMAC_C) 568 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 569 #define PSA_WANT_ALG_CMAC 1 570 #endif /* MBEDTLS_CMAC_C */ 571 572 #if defined(MBEDTLS_ECDH_C) 573 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 574 #define PSA_WANT_ALG_ECDH 1 575 #endif /* MBEDTLS_ECDH_C */ 576 577 #if defined(MBEDTLS_ECDSA_C) 578 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 579 #define PSA_WANT_ALG_ECDSA 1 580 #define PSA_WANT_ALG_ECDSA_ANY 1 581 582 // Only add in DETERMINISTIC support if ECDSA is also enabled 583 #if defined(MBEDTLS_ECDSA_DETERMINISTIC) 584 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 585 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 586 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ 587 588 #endif /* MBEDTLS_ECDSA_C */ 589 590 #if defined(MBEDTLS_ECP_C) 591 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 592 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 593 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 594 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 595 #endif /* MBEDTLS_ECP_C */ 596 597 #if defined(MBEDTLS_GCM_C) 598 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 599 #define PSA_WANT_ALG_GCM 1 600 #endif /* MBEDTLS_GCM_C */ 601 602 #if defined(MBEDTLS_HKDF_C) 603 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 604 #define PSA_WANT_ALG_HMAC 1 605 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 606 #define PSA_WANT_ALG_HKDF 1 607 #endif /* MBEDTLS_HKDF_C */ 608 609 #if defined(MBEDTLS_MD_C) 610 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 611 #define PSA_WANT_ALG_HMAC 1 612 #define PSA_WANT_KEY_TYPE_HMAC 1 613 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 614 #define PSA_WANT_ALG_TLS12_PRF 1 615 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 616 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 617 #endif /* MBEDTLS_MD_C */ 618 619 #if defined(MBEDTLS_MD2_C) 620 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1 621 #define PSA_WANT_ALG_MD2 1 622 #endif 623 624 #if defined(MBEDTLS_MD4_C) 625 #define MBEDTLS_PSA_BUILTIN_ALG_MD4 1 626 #define PSA_WANT_ALG_MD4 1 627 #endif 628 629 #if defined(MBEDTLS_MD5_C) 630 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 631 #define PSA_WANT_ALG_MD5 1 632 #endif 633 634 #if defined(MBEDTLS_RIPEMD160_C) 635 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 636 #define PSA_WANT_ALG_RIPEMD160 1 637 #endif 638 639 #if defined(MBEDTLS_RSA_C) 640 #if defined(MBEDTLS_PKCS1_V15) 641 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 642 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 643 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 644 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 645 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1 646 #endif /* MBEDTLS_PKCS1_V15 */ 647 #if defined(MBEDTLS_PKCS1_V21) 648 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 649 #define PSA_WANT_ALG_RSA_OAEP 1 650 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 651 #define PSA_WANT_ALG_RSA_PSS 1 652 #endif /* MBEDTLS_PKCS1_V21 */ 653 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 654 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 655 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 656 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 657 #endif /* MBEDTLS_RSA_C */ 658 659 #if defined(MBEDTLS_SHA1_C) 660 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 661 #define PSA_WANT_ALG_SHA_1 1 662 #endif 663 664 #if defined(MBEDTLS_SHA256_C) 665 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 666 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 667 #define PSA_WANT_ALG_SHA_224 1 668 #define PSA_WANT_ALG_SHA_256 1 669 #endif 670 671 #if defined(MBEDTLS_SHA512_C) 672 #if !defined(MBEDTLS_SHA512_NO_SHA384) 673 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 674 #define PSA_WANT_ALG_SHA_384 1 675 #endif 676 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 677 #define PSA_WANT_ALG_SHA_512 1 678 #endif 679 680 #if defined(MBEDTLS_AES_C) 681 #define PSA_WANT_KEY_TYPE_AES 1 682 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 683 #endif 684 685 #if defined(MBEDTLS_ARC4_C) 686 #define PSA_WANT_KEY_TYPE_ARC4 1 687 #define PSA_WANT_ALG_STREAM_CIPHER 1 688 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1 689 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 690 #endif 691 692 #if defined(MBEDTLS_ARIA_C) 693 #define PSA_WANT_KEY_TYPE_ARIA 1 694 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 695 #endif 696 697 #if defined(MBEDTLS_CAMELLIA_C) 698 #define PSA_WANT_KEY_TYPE_CAMELLIA 1 699 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 700 #endif 701 702 #if defined(MBEDTLS_DES_C) 703 #define PSA_WANT_KEY_TYPE_DES 1 704 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 705 #endif 706 707 #if defined(MBEDTLS_CHACHA20_C) 708 #define PSA_WANT_KEY_TYPE_CHACHA20 1 709 #define PSA_WANT_ALG_STREAM_CIPHER 1 710 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 711 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 712 #if defined(MBEDTLS_CHACHAPOLY_C) 713 #define PSA_WANT_ALG_CHACHA20_POLY1305 1 714 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 715 #endif 716 #endif 717 718 #if defined(MBEDTLS_CIPHER_MODE_CBC) 719 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 720 #define PSA_WANT_ALG_CBC_NO_PADDING 1 721 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) 722 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 723 #define PSA_WANT_ALG_CBC_PKCS7 1 724 #endif 725 #endif 726 727 #if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ 728 defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) 729 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 730 #define PSA_WANT_ALG_ECB_NO_PADDING 1 731 #endif 732 733 #if defined(MBEDTLS_CIPHER_MODE_CFB) 734 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 735 #define PSA_WANT_ALG_CFB 1 736 #endif 737 738 #if defined(MBEDTLS_CIPHER_MODE_CTR) 739 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 740 #define PSA_WANT_ALG_CTR 1 741 #endif 742 743 #if defined(MBEDTLS_CIPHER_MODE_OFB) 744 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 745 #define PSA_WANT_ALG_OFB 1 746 #endif 747 748 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) 749 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 750 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 751 #endif 752 753 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) 754 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 755 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 756 #endif 757 758 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) 759 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 760 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 761 #endif 762 763 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) 764 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 765 #define PSA_WANT_ECC_MONTGOMERY_255 1 766 #endif 767 768 /* Curve448 is not yet supported via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/4249) */ 769 #if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) 770 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 771 #define PSA_WANT_ECC_MONTGOMERY_448 1 772 #endif 773 774 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) 775 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 776 #define PSA_WANT_ECC_SECP_R1_192 1 777 #endif 778 779 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) 780 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 781 #define PSA_WANT_ECC_SECP_R1_224 1 782 #endif 783 784 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) 785 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 786 #define PSA_WANT_ECC_SECP_R1_256 1 787 #endif 788 789 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) 790 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 791 #define PSA_WANT_ECC_SECP_R1_384 1 792 #endif 793 794 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) 795 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 796 #define PSA_WANT_ECC_SECP_R1_521 1 797 #endif 798 799 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) 800 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 801 #define PSA_WANT_ECC_SECP_K1_192 1 802 #endif 803 804 /* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ 805 #if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) 806 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 807 #define PSA_WANT_ECC_SECP_K1_224 1 808 #endif 809 810 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) 811 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 812 #define PSA_WANT_ECC_SECP_K1_256 1 813 #endif 814 815 #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ 816 817 /* These features are always enabled. */ 818 #define PSA_WANT_KEY_TYPE_DERIVE 1 819 #define PSA_WANT_KEY_TYPE_RAW_DATA 1 820 821 #ifdef __cplusplus 822 } 823 #endif 824 825 #endif /* MBEDTLS_CONFIG_PSA_H */ 826