Mbed TLS v3.6.1
Loading...
Searching...
No Matches
config_adjust_legacy_from_psa.h
Go to the documentation of this file.
1
13/*
14 * Copyright The Mbed TLS Contributors
15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
16 */
17
18#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
19#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
20
21#if !defined(MBEDTLS_CONFIG_FILES_READ)
22#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
23 "up to and including runtime errors such as buffer overflows. " \
24 "If you're trying to fix a complaint from check_config.h, just remove " \
25 "it from your configuration file: since Mbed TLS 3.0, it is included " \
26 "automatically at the right point."
27#endif /* */
28
29/* Define appropriate ACCEL macros for the p256-m driver.
30 * In the future, those should be generated from the drivers JSON description.
31 */
32#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
33#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256
34#define MBEDTLS_PSA_ACCEL_ALG_ECDSA
35#define MBEDTLS_PSA_ACCEL_ALG_ECDH
36#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
37#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC
38#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT
39#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT
40#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE
41#endif
42
43/*
44 * ECC: support for a feature is controlled by a triplet or a pair:
45 * (curve, key_type public/basic, alg) or (curve, key_type_<action>).
46 *
47 * A triplet/pair is accelerated if all of is components are accelerated;
48 * otherwise each component needs to be built in.
49 *
50 * We proceed in two passes:
51 * 1. Check if acceleration is complete for curves, key types, algs.
52 * 2. Then enable built-ins for each thing that's either not accelerated of
53 * doesn't have complete acceleration of the other triplet/pair components.
54 *
55 * Note: this needs psa/crypto_adjust_keypair_types.h to have been included
56 * already, so that we know the full set of key types that are requested.
57 */
58
59/* ECC: curves: is acceleration complete? */
60#if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \
61 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \
62 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \
63 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \
64 (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \
65 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \
66 (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \
67 (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \
68 (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \
69 (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \
70 (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \
71 (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \
72 (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \
73 (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256))
74#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
75#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
76#endif
77
78#if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \
79 (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448))
80#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
81#endif
82
83/* ECC: algs: is acceleration complete? */
84#if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \
85 (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \
86 (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
87 !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \
88 (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE))
89#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
90#endif
91
92/* ECC: key types: is acceleration complete? */
93#if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
94 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
95 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
96 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC))
97#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC
98#endif
99
100/* Special case: we don't support cooked key derivation in drivers yet */
101#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
102#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE
103#endif
104
105/* Note: the condition about key derivation is always true as DERIVE can't be
106 * accelerated yet */
107#if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
108 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
109 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
110 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \
111 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \
112 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \
113 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \
114 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \
115 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \
116 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \
117 (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \
118 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE))
119#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
120#endif
121
122/* ECC: curves: enable built-ins as needed.
123 *
124 * We need the curve built-in:
125 * - if it's not accelerated, or
126 * - if there's a key type with missing acceleration, or
127 * - if there's a alg with missing acceleration.
128 */
129#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
130#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \
131 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
132 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
133#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
134#define MBEDTLS_ECP_DP_BP256R1_ENABLED
135#endif /* missing accel */
136#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
137
138#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
139#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \
140 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
141 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
142#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
143#define MBEDTLS_ECP_DP_BP384R1_ENABLED
144#endif /* missing accel */
145#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
146
147#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
148#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
149 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
150 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
151#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
152#define MBEDTLS_ECP_DP_BP512R1_ENABLED
153#endif /* missing accel */
154#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
155
156#if defined(PSA_WANT_ECC_MONTGOMERY_255)
157#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
158 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
159 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
160#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
161#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
162#endif /* missing accel */
163#endif /* PSA_WANT_ECC_MONTGOMERY_255 */
164
165#if defined(PSA_WANT_ECC_MONTGOMERY_448)
166#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
167 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
168 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
169#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
170#define MBEDTLS_ECP_DP_CURVE448_ENABLED
171#endif /* missing accel */
172#endif /* PSA_WANT_ECC_MONTGOMERY_448 */
173
174#if defined(PSA_WANT_ECC_SECP_R1_192)
175#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
176 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
177 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
178#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
179#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
180#endif /* missing accel */
181#endif /* PSA_WANT_ECC_SECP_R1_192 */
182
183#if defined(PSA_WANT_ECC_SECP_R1_224)
184#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \
185 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
186 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
187#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
188#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
189#endif /* missing accel */
190#endif /* PSA_WANT_ECC_SECP_R1_224 */
191
192#if defined(PSA_WANT_ECC_SECP_R1_256)
193#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
194 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
195 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
196#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
197#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
198#endif /* missing accel */
199#endif /* PSA_WANT_ECC_SECP_R1_256 */
200
201#if defined(PSA_WANT_ECC_SECP_R1_384)
202#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
203 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
204 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
205#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
206#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
207#endif /* missing accel */
208#endif /* PSA_WANT_ECC_SECP_R1_384 */
209
210#if defined(PSA_WANT_ECC_SECP_R1_521)
211#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \
212 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
213 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
214#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
215#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
216#endif /* missing accel */
217#endif /* PSA_WANT_ECC_SECP_R1_521 */
218
219#if defined(PSA_WANT_ECC_SECP_K1_192)
220#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
221 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
222 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
223#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
224#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
225#endif /* missing accel */
226#endif /* PSA_WANT_ECC_SECP_K1_192 */
227
228#if defined(PSA_WANT_ECC_SECP_K1_224)
229#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \
230 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
231 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
232#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
233#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
234/* https://github.com/Mbed-TLS/mbedtls/issues/3541 */
235#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
236#endif /* missing accel */
237#endif /* PSA_WANT_ECC_SECP_K1_224 */
238
239#if defined(PSA_WANT_ECC_SECP_K1_256)
240#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
241 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
242 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
243#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
244#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
245#endif /* missing accel */
246#endif /* PSA_WANT_ECC_SECP_K1_256 */
247
248/* ECC: algs: enable built-ins as needed.
249 *
250 * We need the alg built-in:
251 * - if it's not accelerated, or
252 * - if there's a relevant curve (see below) with missing acceleration, or
253 * - if there's a key type among (public, basic) with missing acceleration.
254 *
255 * Relevant curves are:
256 * - all curves for ECDH
257 * - Weierstrass curves for (deterministic) ECDSA
258 * - secp256r1 for EC J-PAKE
259 */
260#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
261#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \
262 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
263 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
264#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
265#define MBEDTLS_ECDSA_DETERMINISTIC
266#define MBEDTLS_HMAC_DRBG_C
267#define MBEDTLS_MD_C
268#define MBEDTLS_ECDSA_C
269#define MBEDTLS_ECP_C
270#define MBEDTLS_BIGNUM_C
271#define MBEDTLS_ASN1_PARSE_C
272#define MBEDTLS_ASN1_WRITE_C
273#endif /* missing accel */
274#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
275
276#if defined(PSA_WANT_ALG_ECDH)
277#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \
278 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
279 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
280#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
281#define MBEDTLS_ECDH_C
282#define MBEDTLS_ECP_C
283#define MBEDTLS_BIGNUM_C
284#endif /* missing accel */
285#endif /* PSA_WANT_ALG_ECDH */
286
287#if defined(PSA_WANT_ALG_ECDSA)
288#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
289 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
290 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
291#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
292#define MBEDTLS_ECDSA_C
293#define MBEDTLS_ECP_C
294#define MBEDTLS_BIGNUM_C
295#define MBEDTLS_ASN1_PARSE_C
296#define MBEDTLS_ASN1_WRITE_C
297#endif /* missing accel */
298#endif /* PSA_WANT_ALG_ECDSA */
299
300#if defined(PSA_WANT_ALG_JPAKE)
301#if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \
302 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
303 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
304#define MBEDTLS_PSA_BUILTIN_PAKE 1
305#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
306#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
307#define MBEDTLS_BIGNUM_C
308#define MBEDTLS_ECP_C
309#define MBEDTLS_ECJPAKE_C
310#endif /* missing accel */
311#endif /* PSA_WANT_ALG_JPAKE */
312
313/* ECC: key types: enable built-ins as needed.
314 *
315 * We need the key type built-in:
316 * - if it's not accelerated, or
317 * - if there's a curve with missing acceleration, or
318 * - only for public/basic: if there's an alg with missing acceleration.
319 */
320#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
321#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
322 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
323 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
324#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
325#endif /* missing accel */
326#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
327
328#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
329#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
330 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
331 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
332#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
333#endif /* missing accel */
334#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
335
336#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
337#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
338 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
339#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
340#endif /* missing accel */
341#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
342
343#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
344#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
345 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
346#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
347#endif /* missing accel */
348#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
349
350#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
351#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \
352 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
353#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
354#endif /* missing accel */
355#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
356
357/* Note: the condition is always true as DERIVE can't be accelerated yet */
358#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
359#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \
360 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
361#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
362#endif /* missing accel */
363#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
364
365#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
366 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
367 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
368 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
369#define MBEDTLS_ECP_LIGHT
370#define MBEDTLS_BIGNUM_C
371#endif
372
373#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
374 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
375#define MBEDTLS_ECP_C
376#define MBEDTLS_BIGNUM_C
377#endif
378
379/* End of ECC section */
380
381/*
382 * DH key types follow the same pattern used above for EC keys. They are defined
383 * by a triplet (group, key_type, alg). A triplet is accelerated if all its
384 * component are accelerated, otherwise each component needs to be builtin.
385 */
386
387/* DH: groups: is acceleration complete? */
388#if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \
389 (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \
390 (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \
391 (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \
392 (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192))
393#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS
394#endif
395
396/* DH: algs: is acceleration complete? */
397#if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
398#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS
399#endif
400
401/* DH: key types: is acceleration complete? */
402#if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \
403 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \
404 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \
405 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \
406 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \
407 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \
408 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \
409 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \
410 (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \
411 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE))
412#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES
413#endif
414
415#if defined(PSA_WANT_DH_RFC7919_2048)
416#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \
417 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
418 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
419#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1
420#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */
421#endif /* PSA_WANT_DH_RFC7919_2048 */
422
423#if defined(PSA_WANT_DH_RFC7919_3072)
424#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \
425 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
426 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
427#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1
428#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */
429#endif /* PSA_WANT_DH_RFC7919_3072 */
430
431#if defined(PSA_WANT_DH_RFC7919_4096)
432#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \
433 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
434 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
435#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1
436#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */
437#endif /* PSA_WANT_DH_RFC7919_4096 */
438
439#if defined(PSA_WANT_DH_RFC7919_6144)
440#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \
441 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
442 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
443#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1
444#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */
445#endif /* PSA_WANT_DH_RFC7919_6144 */
446
447#if defined(PSA_WANT_DH_RFC7919_8192)
448#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \
449 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
450 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
451#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1
452#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */
453#endif /* PSA_WANT_DH_RFC7919_8192 */
454
455#if defined(PSA_WANT_ALG_FFDH)
456#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \
457 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
458 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
459#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
460#define MBEDTLS_BIGNUM_C
461#endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */
462#endif /* PSA_WANT_ALG_FFDH */
463
464#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
465#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \
466 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
467 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
468#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
469#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */
470#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */
471
472#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
473#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \
474 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
475 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
476#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
477#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */
478#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */
479
480#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
481#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
482#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
483#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */
484#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */
485
486#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
487#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \
488 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
489 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
490#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
491#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */
492#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */
493
494#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
495#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \
496 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
497 defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
498#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
499#define MBEDTLS_BIGNUM_C
500#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */
501#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */
502
503/* End of DH section */
504
505#if defined(PSA_WANT_ALG_HKDF)
506#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
507/*
508 * The PSA implementation has its own implementation of HKDF, separate from
509 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
510 */
511#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
512#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
513#endif /* PSA_WANT_ALG_HKDF */
514
515#if defined(PSA_WANT_ALG_HKDF_EXTRACT)
516#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
517/*
518 * The PSA implementation has its own implementation of HKDF, separate from
519 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
520 */
521#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
522#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
523#endif /* PSA_WANT_ALG_HKDF_EXTRACT */
524
525#if defined(PSA_WANT_ALG_HKDF_EXPAND)
526#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
527/*
528 * The PSA implementation has its own implementation of HKDF, separate from
529 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
530 */
531#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
532#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
533#endif /* PSA_WANT_ALG_HKDF_EXPAND */
534
535#if defined(PSA_WANT_ALG_HMAC)
536#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
537#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
538#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
539#endif /* PSA_WANT_ALG_HMAC */
540
541#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
542#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
543#define MBEDTLS_MD5_C
544#endif
545
546#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
547#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
548#define MBEDTLS_RIPEMD160_C
549#endif
550
551#if defined(PSA_WANT_ALG_RSA_OAEP)
552#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
553#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
554#define MBEDTLS_RSA_C
555#define MBEDTLS_BIGNUM_C
556#define MBEDTLS_OID_C
557#define MBEDTLS_PKCS1_V21
558#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
559#endif /* PSA_WANT_ALG_RSA_OAEP */
560
561#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
562#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
563#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
564#define MBEDTLS_RSA_C
565#define MBEDTLS_BIGNUM_C
566#define MBEDTLS_OID_C
567#define MBEDTLS_PKCS1_V15
568#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
569#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
570
571#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
572#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
573#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
574#define MBEDTLS_RSA_C
575#define MBEDTLS_BIGNUM_C
576#define MBEDTLS_OID_C
577#define MBEDTLS_PKCS1_V15
578#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
579#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
580
581#if defined(PSA_WANT_ALG_RSA_PSS)
582#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
583#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
584#define MBEDTLS_RSA_C
585#define MBEDTLS_BIGNUM_C
586#define MBEDTLS_OID_C
587#define MBEDTLS_PKCS1_V21
588#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
589#endif /* PSA_WANT_ALG_RSA_PSS */
590
591#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
592#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
593#define MBEDTLS_SHA1_C
594#endif
595
596#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
597#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
598#define MBEDTLS_SHA224_C
599#endif
600
601#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
602#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
603#define MBEDTLS_SHA256_C
604#endif
605
606#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
607#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
608#define MBEDTLS_SHA384_C
609#endif
610
611#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
612#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
613#define MBEDTLS_SHA512_C
614#endif
615
616#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
617#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
618#define MBEDTLS_SHA3_C
619#endif
620
621#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
622#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
623#define MBEDTLS_SHA3_C
624#endif
625
626#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
627#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
628#define MBEDTLS_SHA3_C
629#endif
630
631#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
632#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
633#define MBEDTLS_SHA3_C
634#endif
635
636#if defined(PSA_WANT_ALG_PBKDF2_HMAC)
637#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
638#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
639#define PSA_HAVE_SOFT_PBKDF2_HMAC 1
640#endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
641#endif /* PSA_WANT_ALG_PBKDF2_HMAC */
642
643#if defined(PSA_WANT_ALG_TLS12_PRF)
644#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
645#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
646#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
647#endif /* PSA_WANT_ALG_TLS12_PRF */
648
649#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
650#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
651#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
652#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
653#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
654
655#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
656#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
657#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
658#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
659#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
660
661#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
662#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
663#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
664#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
665#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
666
667#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
668#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
669#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
670#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
671#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
672
673#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
674#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
675#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
676#define MBEDTLS_GENPRIME
677#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
678#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
679
680#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
681#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
682#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
683#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */
684#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
685
686#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
687#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
688#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
689#define MBEDTLS_RSA_C
690#define MBEDTLS_BIGNUM_C
691#define MBEDTLS_OID_C
692#define MBEDTLS_ASN1_PARSE_C
693#define MBEDTLS_ASN1_WRITE_C
694#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
695#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
696
697/* If any of the block modes are requested that don't have an
698 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
699 * in the block cipher key types. */
700#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
701 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
702 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
703 (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \
704 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
705 (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
706 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
707#define PSA_HAVE_SOFT_BLOCK_MODE 1
708#endif
709
710#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
711#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
712#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
713#define PSA_HAVE_SOFT_PBKDF2_CMAC 1
714#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
715#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
716
717#if defined(PSA_WANT_KEY_TYPE_AES)
718#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
719#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
720#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
721#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
722 defined(PSA_HAVE_SOFT_BLOCK_MODE)
723#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
724#define MBEDTLS_AES_C
725#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
726#endif /* PSA_WANT_KEY_TYPE_AES */
727
728#if defined(PSA_WANT_KEY_TYPE_ARIA)
729#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
730#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
731#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
732#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
733 defined(PSA_HAVE_SOFT_BLOCK_MODE)
734#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
735#define MBEDTLS_ARIA_C
736#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
737#endif /* PSA_WANT_KEY_TYPE_ARIA */
738
739#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
740#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
741#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
742#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
743#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
744 defined(PSA_HAVE_SOFT_BLOCK_MODE)
745#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
746#define MBEDTLS_CAMELLIA_C
747#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
748#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
749
750#if defined(PSA_WANT_KEY_TYPE_DES)
751#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
752#define PSA_HAVE_SOFT_KEY_TYPE_DES 1
753#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
754#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
755 defined(PSA_HAVE_SOFT_BLOCK_MODE)
756#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
757#define MBEDTLS_DES_C
758#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
759#endif /* PSA_WANT_KEY_TYPE_DES */
760
761#if defined(PSA_WANT_ALG_STREAM_CIPHER)
762#if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER)
763#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
764#endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */
765#endif /* PSA_WANT_ALG_STREAM_CIPHER */
766
767#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
768#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \
769 defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER)
770#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
771#define MBEDTLS_CHACHA20_C
772#endif
773#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
774
775/* If any of the software block ciphers are selected, define
776 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
777 * situations. */
778#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
779 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
780 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
781 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
782#define PSA_HAVE_SOFT_BLOCK_CIPHER 1
783#endif
784
785#if defined(PSA_WANT_ALG_CBC_MAC)
786#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
787#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
788#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
789#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
790#endif /* PSA_WANT_ALG_CBC_MAC */
791
792#if defined(PSA_WANT_ALG_CMAC)
793#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
794 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
795#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
796#define MBEDTLS_CMAC_C
797#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
798#endif /* PSA_WANT_ALG_CMAC */
799
800#if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
801 defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
802#define PSA_HAVE_SOFT_PBKDF2 1
803#endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
804
805#if defined(PSA_WANT_ALG_CTR)
806#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
807 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
808#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
809#define MBEDTLS_CIPHER_MODE_CTR
810#endif
811#endif /* PSA_WANT_ALG_CTR */
812
813#if defined(PSA_WANT_ALG_CFB)
814#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
815 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
816#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
817#define MBEDTLS_CIPHER_MODE_CFB
818#endif
819#endif /* PSA_WANT_ALG_CFB */
820
821#if defined(PSA_WANT_ALG_OFB)
822#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
823 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
824#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
825#define MBEDTLS_CIPHER_MODE_OFB
826#endif
827#endif /* PSA_WANT_ALG_OFB */
828
829#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
830 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
831#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
832#endif
833
834#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
835#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
836 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
837#define MBEDTLS_CIPHER_MODE_CBC
838#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
839#endif
840#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
841
842#if defined(PSA_WANT_ALG_CBC_PKCS7)
843#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
844 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
845#define MBEDTLS_CIPHER_MODE_CBC
846#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
847#define MBEDTLS_CIPHER_PADDING_PKCS7
848#endif
849#endif /* PSA_WANT_ALG_CBC_PKCS7 */
850
851#if defined(PSA_WANT_ALG_CCM)
852#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
853 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
854 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
855 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
856#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
857#define MBEDTLS_CCM_C
858#endif
859#endif /* PSA_WANT_ALG_CCM */
860
861#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)
862#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \
863 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
864 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
865 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
866#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
867#define MBEDTLS_CCM_C
868#endif
869#endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */
870
871#if defined(PSA_WANT_ALG_GCM)
872#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
873 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
874 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
875 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
876#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
877#define MBEDTLS_GCM_C
878#endif
879#endif /* PSA_WANT_ALG_GCM */
880
881#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
882#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
883#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
884#define MBEDTLS_CHACHAPOLY_C
885#define MBEDTLS_CHACHA20_C
886#define MBEDTLS_POLY1305_C
887#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
888#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
889#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
890#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
891
892#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */