Mbed TLS v3.6.0
Loading...
Searching...
No Matches
config_adjust_legacy_from_psa.h
Go to the documentation of this file.
1
11/*
12 * Copyright The Mbed TLS Contributors
13 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
14 */
15
16#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
17#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
18
19/* Define appropriate ACCEL macros for the p256-m driver.
20 * In the future, those should be generated from the drivers JSON description.
21 */
22#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
23#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256
24#define MBEDTLS_PSA_ACCEL_ALG_ECDSA
25#define MBEDTLS_PSA_ACCEL_ALG_ECDH
26#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
27#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC
28#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT
29#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT
30#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE
31#endif
32
33/*
34 * ECC: support for a feature is controlled by a triplet or a pair:
35 * (curve, key_type public/basic, alg) or (curve, key_type_<action>).
36 *
37 * A triplet/pair is accelerated if all of is components are accelerated;
38 * otherwise each component needs to be built in.
39 *
40 * We proceed in two passes:
41 * 1. Check if acceleration is complete for curves, key types, algs.
42 * 2. Then enable built-ins for each thing that's either not accelerated of
43 * doesn't have complete acceleration of the other triplet/pair components.
44 *
45 * Note: this needs psa/crypto_adjust_keypair_types.h to have been included
46 * already, so that we know the full set of key types that are requested.
47 */
48
49/* ECC: curves: is acceleration complete? */
50#if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \
51 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \
52 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \
53 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \
54 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \
55 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \
56 (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \
57 (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \
58 (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \
59 (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \
60 (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \
61 (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \
62 (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \
63 (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256))
64#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
65#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
66#endif
67
68#if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \
69 (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448))
70#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
71#endif
72
73/* ECC: algs: is acceleration complete? */
74#if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \
75 (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \
76 (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
77 !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \
78 (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE))
79#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
80#endif
81
82/* ECC: key types: is acceleration complete? */
83#if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
84 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
85 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
86 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC))
87#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC
88#endif
89
90/* Special case: we don't support cooked key derivation in drivers yet */
91#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
92#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE
93#endif
94
95/* Note: the condition about key derivation is always true as DERIVE can't be
96 * accelerated yet */
97#if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
98 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
99 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
100 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \
101 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \
102 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \
103 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \
104 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \
105 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \
106 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \
107 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \
108 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE))
109#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
110#endif
111
112/* ECC: curves: enable built-ins as needed.
113 *
114 * We need the curve built-in:
115 * - if it's not accelerated, or
116 * - if there's a key type with missing acceleration, or
117 * - if there's a alg with missing acceleration.
118 */
119#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
120#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \
121 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
122 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
123#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
124#define MBEDTLS_ECP_DP_BP256R1_ENABLED
125#endif /* missing accel */
126#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
127
128#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
129#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \
130 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
131 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
132#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
133#define MBEDTLS_ECP_DP_BP384R1_ENABLED
134#endif /* missing accel */
135#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
136
137#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
138#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
139 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
140 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
141#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
142#define MBEDTLS_ECP_DP_BP512R1_ENABLED
143#endif /* missing accel */
144#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
145
146#if defined(PSA_WANT_ECC_MONTGOMERY_255)
147#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
148 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
149 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
150#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
151#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
152#endif /* missing accel */
153#endif /* PSA_WANT_ECC_MONTGOMERY_255 */
154
155#if defined(PSA_WANT_ECC_MONTGOMERY_448)
156#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
157 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
158 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
159#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
160#define MBEDTLS_ECP_DP_CURVE448_ENABLED
161#endif /* missing accel */
162#endif /* PSA_WANT_ECC_MONTGOMERY_448 */
163
164#if defined(PSA_WANT_ECC_SECP_R1_192)
165#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
166 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
167 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
168#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
169#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
170#endif /* missing accel */
171#endif /* PSA_WANT_ECC_SECP_R1_192 */
172
173#if defined(PSA_WANT_ECC_SECP_R1_224)
174#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \
175 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
176 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
177#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
178#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
179#endif /* missing accel */
180#endif /* PSA_WANT_ECC_SECP_R1_224 */
181
182#if defined(PSA_WANT_ECC_SECP_R1_256)
183#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
184 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
185 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
186#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
187#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
188#endif /* missing accel */
189#endif /* PSA_WANT_ECC_SECP_R1_256 */
190
191#if defined(PSA_WANT_ECC_SECP_R1_384)
192#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
193 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
194 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
195#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
196#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
197#endif /* missing accel */
198#endif /* PSA_WANT_ECC_SECP_R1_384 */
199
200#if defined(PSA_WANT_ECC_SECP_R1_521)
201#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \
202 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
203 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
204#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
205#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
206#endif /* missing accel */
207#endif /* PSA_WANT_ECC_SECP_R1_521 */
208
209#if defined(PSA_WANT_ECC_SECP_K1_192)
210#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
211 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
212 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
213#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
214#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
215#endif /* missing accel */
216#endif /* PSA_WANT_ECC_SECP_K1_192 */
217
218#if defined(PSA_WANT_ECC_SECP_K1_224)
219#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \
220 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
221 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
222#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
223#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
224/* https://github.com/Mbed-TLS/mbedtls/issues/3541 */
225#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
226#endif /* missing accel */
227#endif /* PSA_WANT_ECC_SECP_K1_224 */
228
229#if defined(PSA_WANT_ECC_SECP_K1_256)
230#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
231 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
232 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
233#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
234#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
235#endif /* missing accel */
236#endif /* PSA_WANT_ECC_SECP_K1_256 */
237
238/* ECC: algs: enable built-ins as needed.
239 *
240 * We need the alg built-in:
241 * - if it's not accelerated, or
242 * - if there's a relevant curve (see below) with missing acceleration, or
243 * - if there's a key type among (public, basic) with missing acceleration.
244 *
245 * Relevant curves are:
246 * - all curves for ECDH
247 * - Weierstrass curves for (deterministic) ECDSA
248 * - secp256r1 for EC J-PAKE
249 */
250#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
251#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \
252 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
253 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
254#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
255#define MBEDTLS_ECDSA_DETERMINISTIC
256#define MBEDTLS_HMAC_DRBG_C
257#define MBEDTLS_MD_C
258#define MBEDTLS_ECDSA_C
259#define MBEDTLS_ECP_C
260#define MBEDTLS_BIGNUM_C
261#define MBEDTLS_ASN1_PARSE_C
262#define MBEDTLS_ASN1_WRITE_C
263#endif /* missing accel */
264#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
265
266#if defined(PSA_WANT_ALG_ECDH)
267#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \
268 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
269 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
270#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
271#define MBEDTLS_ECDH_C
272#define MBEDTLS_ECP_C
273#define MBEDTLS_BIGNUM_C
274#endif /* missing accel */
275#endif /* PSA_WANT_ALG_ECDH */
276
277#if defined(PSA_WANT_ALG_ECDSA)
278#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
279 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
280 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
281#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
282#define MBEDTLS_ECDSA_C
283#define MBEDTLS_ECP_C
284#define MBEDTLS_BIGNUM_C
285#define MBEDTLS_ASN1_PARSE_C
286#define MBEDTLS_ASN1_WRITE_C
287#endif /* missing accel */
288#endif /* PSA_WANT_ALG_ECDSA */
289
290#if defined(PSA_WANT_ALG_JPAKE)
291#if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \
292 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
293 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
294#define MBEDTLS_PSA_BUILTIN_PAKE 1
295#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
296#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
297#define MBEDTLS_BIGNUM_C
298#define MBEDTLS_ECP_C
299#define MBEDTLS_ECJPAKE_C
300#endif /* missing accel */
301#endif /* PSA_WANT_ALG_JPAKE */
302
303/* ECC: key types: enable built-ins as needed.
304 *
305 * We need the key type built-in:
306 * - if it's not accelerated, or
307 * - if there's a curve with missing acceleration, or
308 * - only for public/basic: if there's an alg with missing acceleration.
309 */
310#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
311#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
312 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
313 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
314#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
315#endif /* missing accel */
316#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
317
318#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
319#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
320 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
321 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
322#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
323#endif /* missing accel */
324#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
325
326#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
327#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
328 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
329#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
330#endif /* missing accel */
331#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
332
333#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
334#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
335 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
336#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
337#endif /* missing accel */
338#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
339
340#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
341#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \
342 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
343#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
344#endif /* missing accel */
345#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
346
347/* Note: the condition is always true as DERIVE can't be accelerated yet */
348#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
349#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \
350 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
351#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
352#endif /* missing accel */
353#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
354
355#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
356 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
357 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
358 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
359#define MBEDTLS_ECP_LIGHT
360#define MBEDTLS_BIGNUM_C
361#endif
362
363#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
364 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
365#define MBEDTLS_ECP_C
366#define MBEDTLS_BIGNUM_C
367#endif
368
369/* End of ECC section */
370
371/*
372 * DH key types follow the same pattern used above for EC keys. They are defined
373 * by a triplet (group, key_type, alg). A triplet is accelerated if all its
374 * component are accelerated, otherwise each component needs to be builtin.
375 */
376
377/* DH: groups: is acceleration complete? */
378#if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \
379 (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \
380 (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \
381 (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \
382 (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192))
383#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS
384#endif
385
386/* DH: algs: is acceleration complete? */
387#if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
388#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS
389#endif
390
391/* DH: key types: is acceleration complete? */
392#if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \
393 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \
394 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \
395 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \
396 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \
397 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \
398 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \
399 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \
400 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \
401 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE))
402#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES
403#endif
404
405#if defined(PSA_WANT_DH_RFC7919_2048)
406#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \
407 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
408 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
409#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1
410#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */
411#endif /* PSA_WANT_DH_RFC7919_2048 */
412
413#if defined(PSA_WANT_DH_RFC7919_3072)
414#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \
415 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
416 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
417#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1
418#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */
419#endif /* PSA_WANT_DH_RFC7919_3072 */
420
421#if defined(PSA_WANT_DH_RFC7919_4096)
422#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \
423 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
424 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
425#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1
426#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */
427#endif /* PSA_WANT_DH_RFC7919_4096 */
428
429#if defined(PSA_WANT_DH_RFC7919_6144)
430#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \
431 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
432 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
433#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1
434#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */
435#endif /* PSA_WANT_DH_RFC7919_6144 */
436
437#if defined(PSA_WANT_DH_RFC7919_8192)
438#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \
439 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
440 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
441#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1
442#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */
443#endif /* PSA_WANT_DH_RFC7919_8192 */
444
445#if defined(PSA_WANT_ALG_FFDH)
446#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \
447 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
448 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
449#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
450#define MBEDTLS_BIGNUM_C
451#endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */
452#endif /* PSA_WANT_ALG_FFDH */
453
454#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
455#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \
456 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
457 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
458#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
459#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */
460#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */
461
462#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
463#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \
464 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
465 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
466#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
467#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */
468#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */
469
470#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
471#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
472#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
473#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */
474#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */
475
476#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
477#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \
478 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
479 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
480#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
481#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */
482#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */
483
484#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
485#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \
486 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
487 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
488#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
489#define MBEDTLS_BIGNUM_C
490#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */
491#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */
492
493/* End of DH section */
494
495#if defined(PSA_WANT_ALG_HKDF)
496#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
497/*
498 * The PSA implementation has its own implementation of HKDF, separate from
499 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
500 */
501#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
502#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
503#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
504#endif /* PSA_WANT_ALG_HKDF */
505
506#if defined(PSA_WANT_ALG_HKDF_EXTRACT)
507#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
508/*
509 * The PSA implementation has its own implementation of HKDF, separate from
510 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
511 */
512#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
513#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
514#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
515#endif /* PSA_WANT_ALG_HKDF_EXTRACT */
516
517#if defined(PSA_WANT_ALG_HKDF_EXPAND)
518#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
519/*
520 * The PSA implementation has its own implementation of HKDF, separate from
521 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
522 */
523#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
524#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
525#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
526#endif /* PSA_WANT_ALG_HKDF_EXPAND */
527
528#if defined(PSA_WANT_ALG_HMAC)
529#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
530#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
531#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
532#endif /* PSA_WANT_ALG_HMAC */
533
534#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
535#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
536#define MBEDTLS_MD5_C
537#endif
538
539#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
540#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
541#define MBEDTLS_RIPEMD160_C
542#endif
543
544#if defined(PSA_WANT_ALG_RSA_OAEP)
545#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
546#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
547#define MBEDTLS_RSA_C
548#define MBEDTLS_BIGNUM_C
549#define MBEDTLS_OID_C
550#define MBEDTLS_PKCS1_V21
551#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
552#endif /* PSA_WANT_ALG_RSA_OAEP */
553
554#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
555#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
556#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
557#define MBEDTLS_RSA_C
558#define MBEDTLS_BIGNUM_C
559#define MBEDTLS_OID_C
560#define MBEDTLS_PKCS1_V15
561#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
562#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
563
564#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
565#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
566#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
567#define MBEDTLS_RSA_C
568#define MBEDTLS_BIGNUM_C
569#define MBEDTLS_OID_C
570#define MBEDTLS_PKCS1_V15
571#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
572#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
573
574#if defined(PSA_WANT_ALG_RSA_PSS)
575#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
576#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
577#define MBEDTLS_RSA_C
578#define MBEDTLS_BIGNUM_C
579#define MBEDTLS_OID_C
580#define MBEDTLS_PKCS1_V21
581#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
582#endif /* PSA_WANT_ALG_RSA_PSS */
583
584#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
585#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
586#define MBEDTLS_SHA1_C
587#endif
588
589#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
590#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
591#define MBEDTLS_SHA224_C
592#endif
593
594#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
595#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
596#define MBEDTLS_SHA256_C
597#endif
598
599#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
600#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
601#define MBEDTLS_SHA384_C
602#endif
603
604#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
605#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
606#define MBEDTLS_SHA512_C
607#endif
608
609#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
610#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
611#define MBEDTLS_SHA3_C
612#endif
613
614#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
615#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
616#define MBEDTLS_SHA3_C
617#endif
618
619#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
620#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
621#define MBEDTLS_SHA3_C
622#endif
623
624#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
625#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
626#define MBEDTLS_SHA3_C
627#endif
628
629#if defined(PSA_WANT_ALG_PBKDF2_HMAC)
630#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
631#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
632#define PSA_HAVE_SOFT_PBKDF2_HMAC 1
633#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
634#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
635#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
636#endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
637#endif /* PSA_WANT_ALG_PBKDF2_HMAC */
638
639#if defined(PSA_WANT_ALG_TLS12_PRF)
640#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
641#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
642#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
643#endif /* PSA_WANT_ALG_TLS12_PRF */
644
645#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
646#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
647#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
648#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
649#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
650
651#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
652#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
653#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
654#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
655#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
656
657#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
658#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
659#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
660#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
661#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
662
663#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
664#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
665#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
666#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
667#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
668
669#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
670#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
671#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
672#define MBEDTLS_GENPRIME
673#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
674#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
675
676#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
677#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
678#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
679#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */
680#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
681
682#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
683#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
684#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
685#define MBEDTLS_RSA_C
686#define MBEDTLS_BIGNUM_C
687#define MBEDTLS_OID_C
688#define MBEDTLS_ASN1_PARSE_C
689#define MBEDTLS_ASN1_WRITE_C
690#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
691#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
692
693/* If any of the block modes are requested that don't have an
694 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
695 * in the block cipher key types. */
696#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
697 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
698 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
699 (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \
700 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
701 (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
702 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
703#define PSA_HAVE_SOFT_BLOCK_MODE 1
704#endif
705
706#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
707#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
708#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
709#define PSA_HAVE_SOFT_PBKDF2_CMAC 1
710#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
711#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
712
713#if defined(PSA_WANT_KEY_TYPE_AES)
714#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
715#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
716#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
717#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
718 defined(PSA_HAVE_SOFT_BLOCK_MODE)
719#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
720#define MBEDTLS_AES_C
721#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
722#endif /* PSA_WANT_KEY_TYPE_AES */
723
724#if defined(PSA_WANT_KEY_TYPE_ARIA)
725#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
726#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
727#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
728#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
729 defined(PSA_HAVE_SOFT_BLOCK_MODE)
730#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
731#define MBEDTLS_ARIA_C
732#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
733#endif /* PSA_WANT_KEY_TYPE_ARIA */
734
735#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
736#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
737#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
738#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
739#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
740 defined(PSA_HAVE_SOFT_BLOCK_MODE)
741#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
742#define MBEDTLS_CAMELLIA_C
743#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
744#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
745
746#if defined(PSA_WANT_KEY_TYPE_DES)
747#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
748#define PSA_HAVE_SOFT_KEY_TYPE_DES 1
749#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
750#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
751 defined(PSA_HAVE_SOFT_BLOCK_MODE)
752#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
753#define MBEDTLS_DES_C
754#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
755#endif /* PSA_WANT_KEY_TYPE_DES */
756
757#if defined(PSA_WANT_ALG_STREAM_CIPHER)
758#if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER)
759#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
760#endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */
761#endif /* PSA_WANT_ALG_STREAM_CIPHER */
762
763#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
764#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \
765 defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER)
766#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
767#define MBEDTLS_CHACHA20_C
768#endif
769#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
770
771/* If any of the software block ciphers are selected, define
772 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
773 * situations. */
774#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
775 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
776 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
777 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
778#define PSA_HAVE_SOFT_BLOCK_CIPHER 1
779#endif
780
781#if defined(PSA_WANT_ALG_CBC_MAC)
782#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
783#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
784#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
785#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
786#endif /* PSA_WANT_ALG_CBC_MAC */
787
788#if defined(PSA_WANT_ALG_CMAC)
789#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
790 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
791#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
792#define MBEDTLS_CMAC_C
793#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
794#endif /* PSA_WANT_ALG_CMAC */
795
796#if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
797 defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
798#define PSA_HAVE_SOFT_PBKDF2 1
799#endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
800
801#if defined(PSA_WANT_ALG_CTR)
802#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
803 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
804#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
805#define MBEDTLS_CIPHER_MODE_CTR
806#endif
807#endif /* PSA_WANT_ALG_CTR */
808
809#if defined(PSA_WANT_ALG_CFB)
810#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
811 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
812#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
813#define MBEDTLS_CIPHER_MODE_CFB
814#endif
815#endif /* PSA_WANT_ALG_CFB */
816
817#if defined(PSA_WANT_ALG_OFB)
818#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
819 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
820#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
821#define MBEDTLS_CIPHER_MODE_OFB
822#endif
823#endif /* PSA_WANT_ALG_OFB */
824
825#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
826 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
827#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
828#endif
829
830#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
831#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
832 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
833#define MBEDTLS_CIPHER_MODE_CBC
834#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
835#endif
836#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
837
838#if defined(PSA_WANT_ALG_CBC_PKCS7)
839#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
840 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
841#define MBEDTLS_CIPHER_MODE_CBC
842#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
843#define MBEDTLS_CIPHER_PADDING_PKCS7
844#endif
845#endif /* PSA_WANT_ALG_CBC_PKCS7 */
846
847#if defined(PSA_WANT_ALG_CCM)
848#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
849 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
850 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
851 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
852#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
853#define MBEDTLS_CCM_C
854#endif
855#endif /* PSA_WANT_ALG_CCM */
856
857#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)
858#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \
859 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
860 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
861 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
862#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
863#define MBEDTLS_CCM_C
864#endif
865#endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */
866
867#if defined(PSA_WANT_ALG_GCM)
868#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
869 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
870 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
871 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
872#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
873#define MBEDTLS_GCM_C
874#endif
875#endif /* PSA_WANT_ALG_GCM */
876
877#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
878#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
879#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
880#define MBEDTLS_CHACHAPOLY_C
881#define MBEDTLS_CHACHA20_C
882#define MBEDTLS_POLY1305_C
883#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
884#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
885#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
886#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
887
888#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */