30 #ifndef MBEDTLS_CONFIG_PSA_H
31 #define MBEDTLS_CONFIG_PSA_H
33 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
41 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
43 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
44 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
45 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
46 #define MBEDTLS_ECDSA_DETERMINISTIC
47 #define MBEDTLS_ECDSA_C
48 #define MBEDTLS_HMAC_DRBG_C
53 #if defined(PSA_WANT_ALG_ECDH)
54 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
55 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
56 #define MBEDTLS_ECDH_C
58 #define MBEDTLS_BIGNUM_C
62 #if defined(PSA_WANT_ALG_ECDSA)
63 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
64 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
65 #define MBEDTLS_ECDSA_C
69 #if defined(PSA_WANT_ALG_HKDF)
70 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
71 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
72 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
76 #if defined(PSA_WANT_ALG_HMAC)
77 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
78 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
82 #if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
83 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
87 #if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
88 #define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
92 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
93 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
97 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
98 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
99 #define MBEDTLS_RIPEMD160_C
102 #if defined(PSA_WANT_ALG_RSA_OAEP)
103 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
104 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
105 #define MBEDTLS_RSA_C
106 #define MBEDTLS_BIGNUM_C
107 #define MBEDTLS_OID_C
108 #define MBEDTLS_PKCS1_V21
113 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
114 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
115 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
116 #define MBEDTLS_RSA_C
117 #define MBEDTLS_BIGNUM_C
118 #define MBEDTLS_OID_C
119 #define MBEDTLS_PKCS1_V15
123 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
124 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
125 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
126 #define MBEDTLS_RSA_C
127 #define MBEDTLS_BIGNUM_C
128 #define MBEDTLS_OID_C
129 #define MBEDTLS_PKCS1_V15
134 #if defined(PSA_WANT_ALG_RSA_PSS)
135 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
136 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
137 #define MBEDTLS_RSA_C
138 #define MBEDTLS_BIGNUM_C
139 #define MBEDTLS_OID_C
140 #define MBEDTLS_PKCS1_V21
145 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
146 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
147 #define MBEDTLS_SHA1_C
150 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
151 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
152 #define MBEDTLS_SHA256_C
155 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
156 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
157 #define MBEDTLS_SHA256_C
160 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
161 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
162 #define MBEDTLS_SHA512_C
165 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
166 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
167 #define MBEDTLS_SHA512_C
170 #if defined(PSA_WANT_ALG_TLS12_PRF)
171 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
172 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
176 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
177 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
178 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
182 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
183 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
184 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
185 #define MBEDTLS_ECP_C
186 #define MBEDTLS_BIGNUM_C
190 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
191 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
192 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
193 #define MBEDTLS_ECP_C
194 #define MBEDTLS_BIGNUM_C
198 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
199 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
200 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
201 #define MBEDTLS_RSA_C
202 #define MBEDTLS_BIGNUM_C
203 #define MBEDTLS_OID_C
204 #define MBEDTLS_GENPRIME
205 #define MBEDTLS_PK_PARSE_C
206 #define MBEDTLS_PK_WRITE_C
211 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
212 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
213 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
214 #define MBEDTLS_RSA_C
215 #define MBEDTLS_BIGNUM_C
216 #define MBEDTLS_OID_C
217 #define MBEDTLS_PK_PARSE_C
218 #define MBEDTLS_PK_WRITE_C
226 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
227 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
228 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
229 (defined(PSA_WANT_ALG_XTS) && !defined(MBEDTLS_PSA_ACCEL_ALG_XTS)) || \
230 defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
231 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
232 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
233 (defined(PSA_WANT_ALG_CBC_PKCS7) && \
234 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7))
235 #define PSA_HAVE_SOFT_BLOCK_MODE 1
238 #if defined(PSA_WANT_KEY_TYPE_AES)
239 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
240 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1
242 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
243 defined(PSA_HAVE_SOFT_BLOCK_MODE)
244 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
245 #define MBEDTLS_AES_C
249 #if defined(PSA_WANT_KEY_TYPE_ARC4)
250 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4)
251 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
252 #define MBEDTLS_ARC4_C
256 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
257 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
258 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
260 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
261 defined(PSA_HAVE_SOFT_BLOCK_MODE)
262 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
263 #define MBEDTLS_CAMELLIA_C
267 #if defined(PSA_WANT_KEY_TYPE_DES)
268 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
269 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1
271 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
272 defined(PSA_HAVE_SOFT_BLOCK_MODE)
273 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
274 #define MBEDTLS_DES_C
278 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
279 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
280 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
281 #define MBEDTLS_CHACHA20_C
288 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
289 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
290 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
291 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1
294 #if defined(PSA_WANT_ALG_STREAM_CIPHER)
295 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
298 #if defined(PSA_WANT_ALG_CTR)
299 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
300 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
301 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
302 #define MBEDTLS_CIPHER_MODE_CTR
306 #if defined(PSA_WANT_ALG_CFB)
307 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
308 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
309 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
310 #define MBEDTLS_CIPHER_MODE_CFB
314 #if defined(PSA_WANT_ALG_OFB)
315 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
316 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
317 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
318 #define MBEDTLS_CIPHER_MODE_OFB
322 #if defined(PSA_WANT_ALG_XTS)
323 #if !defined(MBEDTLS_PSA_ACCEL_ALG_XTS) || \
324 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
325 #define MBEDTLS_PSA_BUILTIN_ALG_XTS 1
326 #define MBEDTLS_CIPHER_MODE_XTS
330 #if defined(PSA_WANT_ALG_ECB_NO_PADDING)
331 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
334 #if defined(PSA_WANT_ALG_CBC_NO_PADDING)
335 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
336 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
337 #define MBEDTLS_CIPHER_MODE_CBC
338 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
342 #if defined(PSA_WANT_ALG_CBC_PKCS7)
343 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
344 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
345 #define MBEDTLS_CIPHER_MODE_CBC
346 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
347 #define MBEDTLS_CIPHER_PADDING_PKCS7
351 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
352 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
353 #define MBEDTLS_CHACHAPOLY_C
354 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
365 #if defined(MBEDTLS_ECDH_C)
366 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
367 #define PSA_WANT_ALG_ECDH 1
370 #if defined(MBEDTLS_ECDSA_C)
371 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
372 #define PSA_WANT_ALG_ECDSA 1
375 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
376 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
377 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
382 #if defined(MBEDTLS_ECP_C)
383 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
384 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
385 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
386 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
389 #if defined(MBEDTLS_HKDF_C)
390 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
391 #define PSA_WANT_ALG_HMAC 1
392 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
393 #define PSA_WANT_ALG_HKDF 1
396 #if defined(MBEDTLS_MD_C)
397 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
398 #define PSA_WANT_ALG_HMAC 1
399 #define PSA_WANT_KEY_TYPE_HMAC
400 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
401 #define PSA_WANT_ALG_TLS12_PRF 1
402 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
403 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
406 #if defined(MBEDTLS_MD2_C)
407 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
408 #define PSA_WANT_ALG_MD2 1
411 #if defined(MBEDTLS_MD4_C)
412 #define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
413 #define PSA_WANT_ALG_MD4 1
416 #if defined(MBEDTLS_MD5_C)
417 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
418 #define PSA_WANT_ALG_MD5 1
421 #if defined(MBEDTLS_RIPEMD160_C)
422 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
423 #define PSA_WANT_ALG_RIPEMD160 1
426 #if defined(MBEDTLS_RSA_C)
427 #if defined(MBEDTLS_PKCS1_V15)
428 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
429 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
430 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
431 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
433 #if defined(MBEDTLS_PKCS1_V21)
434 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
435 #define PSA_WANT_ALG_RSA_OAEP 1
436 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
437 #define PSA_WANT_ALG_RSA_PSS 1
439 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
440 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
441 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
442 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
445 #if defined(MBEDTLS_SHA1_C)
446 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
447 #define PSA_WANT_ALG_SHA_1 1
450 #if defined(MBEDTLS_SHA256_C)
451 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
452 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
453 #define PSA_WANT_ALG_SHA_224 1
454 #define PSA_WANT_ALG_SHA_256 1
457 #if defined(MBEDTLS_SHA512_C)
458 #if !defined(MBEDTLS_SHA512_NO_SHA384)
459 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
460 #define PSA_WANT_ALG_SHA_384 1
462 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
463 #define PSA_WANT_ALG_SHA_512 1
466 #if defined(MBEDTLS_AES_C)
467 #define PSA_WANT_KEY_TYPE_AES 1
468 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
471 #if defined(MBEDTLS_ARC4_C)
472 #define PSA_WANT_KEY_TYPE_ARC4 1
473 #define PSA_WANT_ALG_STREAM_CIPHER 1
474 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
475 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
478 #if defined(MBEDTLS_CAMELLIA_C)
479 #define PSA_WANT_KEY_TYPE_CAMELLIA 1
480 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
483 #if defined(MBEDTLS_DES_C)
484 #define PSA_WANT_KEY_TYPE_DES 1
485 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
488 #if defined(MBEDTLS_CHACHA20_C)
489 #define PSA_WANT_KEY_TYPE_CHACHA20 1
490 #define PSA_WANT_ALG_STREAM_CIPHER 1
491 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
492 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
493 #if defined(MBEDTLS_CHACHAPOLY_C)
494 #define PSA_WANT_ALG_CHACHA20_POLY1305 1
495 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
499 #if defined(MBEDTLS_CIPHER_MODE_CBC)
500 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
501 #define PSA_WANT_ALG_CBC_NO_PADDING 1
502 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
503 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
504 #define PSA_WANT_ALG_CBC_PKCS7 1
508 #if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
509 defined(MBEDTLS_CAMELLIA_C)
510 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
511 #define PSA_WANT_ALG_ECB_NO_PADDING 1
514 #if defined(MBEDTLS_CIPHER_MODE_CFB)
515 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
516 #define PSA_WANT_ALG_CFB 1
519 #if defined(MBEDTLS_CIPHER_MODE_CTR)
520 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
521 #define PSA_WANT_ALG_CTR 1
524 #if defined(MBEDTLS_CIPHER_MODE_OFB)
525 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
526 #define PSA_WANT_ALG_OFB 1
529 #if defined(MBEDTLS_CIPHER_MODE_XTS)
530 #define MBEDTLS_PSA_BUILTIN_ALG_XTS 1
531 #define PSA_WANT_ALG_XTS 1
537 #define PSA_WANT_KEY_TYPE_DERIVE 1
538 #define PSA_WANT_KEY_TYPE_RAW_DATA 1
PSA crypto configuration options (set of defines)