• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * \file psa/crypto_config.h
3  * \brief PSA crypto configuration options (set of defines)
4  *
5  */
6 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
7 /**
8  * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h,
9  * this file determines which cryptographic mechanisms are enabled
10  * through the PSA Cryptography API (\c psa_xxx() functions).
11  *
12  * To enable a cryptographic mechanism, uncomment the definition of
13  * the corresponding \c PSA_WANT_xxx preprocessor symbol.
14  * To disable a cryptographic mechanism, comment out the definition of
15  * the corresponding \c PSA_WANT_xxx preprocessor symbol.
16  * The names of cryptographic mechanisms correspond to values
17  * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
18  * of \c PSA_.
19  *
20  * Note that many cryptographic mechanisms involve two symbols: one for
21  * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
22  * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
23  * additional symbols.
24  */
25 #else
26 /**
27  * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h,
28  * this file is not used, and cryptographic mechanisms are supported
29  * through the PSA API if and only if they are supported through the
30  * mbedtls_xxx API.
31  */
32 #endif
33 /*
34  *  Copyright The Mbed TLS Contributors
35  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
36  */
37 
38 #ifndef PSA_CRYPTO_CONFIG_H
39 #define PSA_CRYPTO_CONFIG_H
40 
41 /*
42  * CBC-MAC is not yet supported via the PSA API in Mbed TLS.
43  */
44 //#define PSA_WANT_ALG_CBC_MAC                    1
45 #define PSA_WANT_ALG_CBC_NO_PADDING             1
46 #define PSA_WANT_ALG_CBC_PKCS7                  1
47 #define PSA_WANT_ALG_CCM                        1
48 #define PSA_WANT_ALG_CMAC                       1
49 #define PSA_WANT_ALG_CFB                        1
50 #define PSA_WANT_ALG_CHACHA20_POLY1305          1
51 #define PSA_WANT_ALG_CTR                        1
52 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA        1
53 #define PSA_WANT_ALG_ECB_NO_PADDING             1
54 #define PSA_WANT_ALG_ECDH                       1
55 #define PSA_WANT_ALG_ECDSA                      1
56 #define PSA_WANT_ALG_GCM                        1
57 #define PSA_WANT_ALG_HKDF                       1
58 #define PSA_WANT_ALG_HMAC                       1
59 #define PSA_WANT_ALG_MD2                        1
60 #define PSA_WANT_ALG_MD4                        1
61 #define PSA_WANT_ALG_MD5                        1
62 #define PSA_WANT_ALG_OFB                        1
63 #define PSA_WANT_ALG_RIPEMD160                  1
64 #define PSA_WANT_ALG_RSA_OAEP                   1
65 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1
66 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN          1
67 #define PSA_WANT_ALG_RSA_PSS                    1
68 #define PSA_WANT_ALG_SHA_1                      1
69 #define PSA_WANT_ALG_SHA_224                    1
70 #define PSA_WANT_ALG_SHA_256                    1
71 #define PSA_WANT_ALG_SHA_384                    1
72 #define PSA_WANT_ALG_SHA_512                    1
73 #define PSA_WANT_ALG_STREAM_CIPHER              1
74 #define PSA_WANT_ALG_TLS12_PRF                  1
75 #define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
76 /* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
77  * Note: when adding support, also adjust include/mbedtls/config_psa.h */
78 //#define PSA_WANT_ALG_XTS                        1
79 
80 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256         1
81 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384         1
82 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512         1
83 #define PSA_WANT_ECC_MONTGOMERY_255             1
84 /*
85  * Curve448 is not yet supported via the PSA API in Mbed TLS
86  * (https://github.com/Mbed-TLS/mbedtls/issues/4249). Thus, do not enable it by
87  * default.
88  */
89 //#define PSA_WANT_ECC_MONTGOMERY_448             1
90 #define PSA_WANT_ECC_SECP_K1_192                1
91 /*
92  * SECP224K1 is buggy via the PSA API in Mbed TLS
93  * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by
94  * default.
95  */
96 //#define PSA_WANT_ECC_SECP_K1_224                1
97 #define PSA_WANT_ECC_SECP_K1_256                1
98 #define PSA_WANT_ECC_SECP_R1_192                1
99 #define PSA_WANT_ECC_SECP_R1_224                1
100 #define PSA_WANT_ECC_SECP_R1_256                1
101 #define PSA_WANT_ECC_SECP_R1_384                1
102 #define PSA_WANT_ECC_SECP_R1_521                1
103 
104 #define PSA_WANT_KEY_TYPE_DERIVE                1
105 #define PSA_WANT_KEY_TYPE_HMAC                  1
106 #define PSA_WANT_KEY_TYPE_AES                   1
107 #define PSA_WANT_KEY_TYPE_ARC4                  1
108 #define PSA_WANT_KEY_TYPE_ARIA                  1
109 #define PSA_WANT_KEY_TYPE_CAMELLIA              1
110 #define PSA_WANT_KEY_TYPE_CHACHA20              1
111 #define PSA_WANT_KEY_TYPE_DES                   1
112 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR          1
113 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1
114 #define PSA_WANT_KEY_TYPE_RAW_DATA              1
115 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR          1
116 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1
117 
118 #endif /* PSA_CRYPTO_CONFIG_H */
119