Mbed TLS v3.6.0
Loading...
Searching...
No Matches
config_adjust_psa_from_legacy.h
Go to the documentation of this file.
1
13/*
14 * Copyright The Mbed TLS Contributors
15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
16 */
17
18#ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
19#define MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
20
21/*
22 * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
23 * is not defined
24 */
25
26#if defined(MBEDTLS_CCM_C)
27#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
28#define PSA_WANT_ALG_CCM 1
29#if defined(MBEDTLS_CIPHER_C)
30#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
31#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
32#endif /* MBEDTLS_CIPHER_C */
33#endif /* MBEDTLS_CCM_C */
34
35#if defined(MBEDTLS_CMAC_C)
36#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
37#define PSA_WANT_ALG_CMAC 1
38#endif /* MBEDTLS_CMAC_C */
39
40#if defined(MBEDTLS_ECDH_C)
41#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
42#define PSA_WANT_ALG_ECDH 1
43#endif /* MBEDTLS_ECDH_C */
44
45#if defined(MBEDTLS_ECDSA_C)
46#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
47#define PSA_WANT_ALG_ECDSA 1
48#define PSA_WANT_ALG_ECDSA_ANY 1
49
50// Only add in DETERMINISTIC support if ECDSA is also enabled
51#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
52#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
53#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
54#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
55
56#endif /* MBEDTLS_ECDSA_C */
57
58#if defined(MBEDTLS_ECP_C)
59#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
60#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
61#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
62#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
63/* Normally we wouldn't enable this because it's not implemented in ecp.c,
64 * but since it used to be available any time ECP_C was enabled, let's enable
65 * it anyway for the sake of backwards compatibility */
66#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
67#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
68#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
69#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
70#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
71/* See comment for PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE above. */
72#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
73#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
74#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
75#endif /* MBEDTLS_ECP_C */
76
77#if defined(MBEDTLS_DHM_C)
78#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
79#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
80#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
81#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
82#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
83#define PSA_WANT_ALG_FFDH 1
84#define PSA_WANT_DH_RFC7919_2048 1
85#define PSA_WANT_DH_RFC7919_3072 1
86#define PSA_WANT_DH_RFC7919_4096 1
87#define PSA_WANT_DH_RFC7919_6144 1
88#define PSA_WANT_DH_RFC7919_8192 1
89#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
90#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
91#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
92#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
93#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
94#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
95#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1
96#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1
97#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1
98#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1
99#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1
100#endif /* MBEDTLS_DHM_C */
101
102#if defined(MBEDTLS_GCM_C)
103#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
104#define PSA_WANT_ALG_GCM 1
105#endif /* MBEDTLS_GCM_C */
106
107/* Enable PSA HKDF algorithm if mbedtls HKDF is supported.
108 * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when
109 * PSA HKDF is enabled, so enable both algorithms together
110 * with PSA HKDF. */
111#if defined(MBEDTLS_HKDF_C)
112#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
113#define PSA_WANT_ALG_HMAC 1
114#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
115#define PSA_WANT_ALG_HKDF 1
116#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
117#define PSA_WANT_ALG_HKDF_EXTRACT 1
118#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
119#define PSA_WANT_ALG_HKDF_EXPAND 1
120#endif /* MBEDTLS_HKDF_C */
121
122#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
123#define PSA_WANT_ALG_HMAC 1
124#define PSA_WANT_KEY_TYPE_HMAC 1
125
126#if defined(MBEDTLS_MD_C)
127#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
128#define PSA_WANT_ALG_TLS12_PRF 1
129#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
130#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
131#endif /* MBEDTLS_MD_C */
132
133#if defined(MBEDTLS_MD5_C)
134#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
135#define PSA_WANT_ALG_MD5 1
136#endif
137
138#if defined(MBEDTLS_ECJPAKE_C)
139#define MBEDTLS_PSA_BUILTIN_PAKE 1
140#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
141#define PSA_WANT_ALG_JPAKE 1
142#endif
143
144#if defined(MBEDTLS_RIPEMD160_C)
145#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
146#define PSA_WANT_ALG_RIPEMD160 1
147#endif
148
149#if defined(MBEDTLS_RSA_C)
150#if defined(MBEDTLS_PKCS1_V15)
151#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
152#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
153#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
154#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
155#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
156#endif /* MBEDTLS_PKCS1_V15 */
157#if defined(MBEDTLS_PKCS1_V21)
158#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
159#define PSA_WANT_ALG_RSA_OAEP 1
160#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
161#define PSA_WANT_ALG_RSA_PSS 1
162#endif /* MBEDTLS_PKCS1_V21 */
163#if defined(MBEDTLS_GENPRIME)
164#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
165#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
166#endif /* MBEDTLS_GENPRIME */
167#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
168#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
169#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
170#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
171#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
172#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
173#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
174#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
175#endif /* MBEDTLS_RSA_C */
176
177#if defined(MBEDTLS_SHA1_C)
178#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
179#define PSA_WANT_ALG_SHA_1 1
180#endif
181
182#if defined(MBEDTLS_SHA224_C)
183#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
184#define PSA_WANT_ALG_SHA_224 1
185#endif
186
187#if defined(MBEDTLS_SHA256_C)
188#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
189#define PSA_WANT_ALG_SHA_256 1
190#endif
191
192#if defined(MBEDTLS_SHA384_C)
193#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
194#define PSA_WANT_ALG_SHA_384 1
195#endif
196
197#if defined(MBEDTLS_SHA512_C)
198#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
199#define PSA_WANT_ALG_SHA_512 1
200#endif
201
202#if defined(MBEDTLS_SHA3_C)
203#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
204#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
205#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
206#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
207#define PSA_WANT_ALG_SHA3_224 1
208#define PSA_WANT_ALG_SHA3_256 1
209#define PSA_WANT_ALG_SHA3_384 1
210#define PSA_WANT_ALG_SHA3_512 1
211#endif
212
213#if defined(MBEDTLS_AES_C)
214#define PSA_WANT_KEY_TYPE_AES 1
215#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
216#endif
217
218#if defined(MBEDTLS_ARIA_C)
219#define PSA_WANT_KEY_TYPE_ARIA 1
220#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
221#endif
222
223#if defined(MBEDTLS_CAMELLIA_C)
224#define PSA_WANT_KEY_TYPE_CAMELLIA 1
225#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
226#endif
227
228#if defined(MBEDTLS_DES_C)
229#define PSA_WANT_KEY_TYPE_DES 1
230#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
231#endif
232
233#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
234#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
235#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
236#endif
237
238#if defined(MBEDTLS_CHACHA20_C)
239#define PSA_WANT_KEY_TYPE_CHACHA20 1
240#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
241/* ALG_STREAM_CIPHER requires CIPHER_C in order to be supported in PSA */
242#if defined(MBEDTLS_CIPHER_C)
243#define PSA_WANT_ALG_STREAM_CIPHER 1
244#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
245#endif
246#if defined(MBEDTLS_CHACHAPOLY_C)
247#define PSA_WANT_ALG_CHACHA20_POLY1305 1
248#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
249#endif
250#endif
251
252#if defined(MBEDTLS_CIPHER_MODE_CBC)
253#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
254#define PSA_WANT_ALG_CBC_NO_PADDING 1
255#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
256#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
257#define PSA_WANT_ALG_CBC_PKCS7 1
258#endif
259#endif
260
261#if (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
262 defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)) && \
263 defined(MBEDTLS_CIPHER_C)
264#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
265#define PSA_WANT_ALG_ECB_NO_PADDING 1
266#endif
267
268#if defined(MBEDTLS_CIPHER_MODE_CFB)
269#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
270#define PSA_WANT_ALG_CFB 1
271#endif
272
273#if defined(MBEDTLS_CIPHER_MODE_CTR)
274#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
275#define PSA_WANT_ALG_CTR 1
276#endif
277
278#if defined(MBEDTLS_CIPHER_MODE_OFB)
279#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
280#define PSA_WANT_ALG_OFB 1
281#endif
282
283#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
284#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
285#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
286#endif
287
288#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
289#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
290#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
291#endif
292
293#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
294#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
295#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
296#endif
297
298#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
299#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
300#define PSA_WANT_ECC_MONTGOMERY_255 1
301#endif
302
303#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
304#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
305#define PSA_WANT_ECC_MONTGOMERY_448 1
306#endif
307
308#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
309#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
310#define PSA_WANT_ECC_SECP_R1_192 1
311#endif
312
313#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
314#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
315#define PSA_WANT_ECC_SECP_R1_224 1
316#endif
317
318#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
319#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
320#define PSA_WANT_ECC_SECP_R1_256 1
321#endif
322
323#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
324#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
325#define PSA_WANT_ECC_SECP_R1_384 1
326#endif
327
328#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
329#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
330#define PSA_WANT_ECC_SECP_R1_521 1
331#endif
332
333#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
334#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
335#define PSA_WANT_ECC_SECP_K1_192 1
336#endif
337
338/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
339#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
340#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
341#define PSA_WANT_ECC_SECP_K1_224 1
342#endif
343
344#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
345#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
346#define PSA_WANT_ECC_SECP_K1_256 1
347#endif
348
349#endif /* MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H */