Mbed TLS v3.6.2
Loading...
Searching...
No Matches
crypto_config.h
Go to the documentation of this file.
1
6#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
25#else
32#endif
33/*
34 * Copyright The Mbed TLS Contributors
35 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
36 */
37
38#ifndef PSA_CRYPTO_CONFIG_H
39#define PSA_CRYPTO_CONFIG_H
40
41/*
42 * CBC-MAC is not yet supported via the PSA API in Mbed TLS.
43 */
44//#define PSA_WANT_ALG_CBC_MAC 1
45#define PSA_WANT_ALG_CBC_NO_PADDING 1
46#define PSA_WANT_ALG_CBC_PKCS7 1
47#define PSA_WANT_ALG_CCM 1
48#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
49#define PSA_WANT_ALG_CMAC 1
50#define PSA_WANT_ALG_CFB 1
51#define PSA_WANT_ALG_CHACHA20_POLY1305 1
52#define PSA_WANT_ALG_CTR 1
53#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
54#define PSA_WANT_ALG_ECB_NO_PADDING 1
55#define PSA_WANT_ALG_ECDH 1
56#define PSA_WANT_ALG_FFDH 1
57#define PSA_WANT_ALG_ECDSA 1
58#define PSA_WANT_ALG_JPAKE 1
59#define PSA_WANT_ALG_GCM 1
60#define PSA_WANT_ALG_HKDF 1
61#define PSA_WANT_ALG_HKDF_EXTRACT 1
62#define PSA_WANT_ALG_HKDF_EXPAND 1
63#define PSA_WANT_ALG_HMAC 1
64#define PSA_WANT_ALG_MD5 1
65#define PSA_WANT_ALG_OFB 1
66#define PSA_WANT_ALG_PBKDF2_HMAC 1
67#define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 1
68#define PSA_WANT_ALG_RIPEMD160 1
69#define PSA_WANT_ALG_RSA_OAEP 1
70#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
71#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
72#define PSA_WANT_ALG_RSA_PSS 1
73#define PSA_WANT_ALG_SHA_1 1
74#define PSA_WANT_ALG_SHA_224 1
75#define PSA_WANT_ALG_SHA_256 1
76#define PSA_WANT_ALG_SHA_384 1
77#define PSA_WANT_ALG_SHA_512 1
78#define PSA_WANT_ALG_SHA3_224 1
79#define PSA_WANT_ALG_SHA3_256 1
80#define PSA_WANT_ALG_SHA3_384 1
81#define PSA_WANT_ALG_SHA3_512 1
82#define PSA_WANT_ALG_STREAM_CIPHER 1
83#define PSA_WANT_ALG_TLS12_PRF 1
84#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
85#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
86
87/* XTS is not yet supported via the PSA API in Mbed TLS.
88 * Note: when adding support, also adjust include/mbedtls/config_psa.h */
89//#define PSA_WANT_ALG_XTS 1
90
91#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
92#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
93#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
94#define PSA_WANT_ECC_MONTGOMERY_255 1
95#define PSA_WANT_ECC_MONTGOMERY_448 1
96#define PSA_WANT_ECC_SECP_K1_192 1
97/*
98 * SECP224K1 is buggy via the PSA API in Mbed TLS
99 * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by
100 * default.
101 */
102//#define PSA_WANT_ECC_SECP_K1_224 1
103#define PSA_WANT_ECC_SECP_K1_256 1
104#define PSA_WANT_ECC_SECP_R1_192 1
105#define PSA_WANT_ECC_SECP_R1_224 1
106/* For secp256r1, consider enabling #MBEDTLS_PSA_P256M_DRIVER_ENABLED
107 * (see the description in mbedtls/mbedtls_config.h for details). */
108#define PSA_WANT_ECC_SECP_R1_256 1
109#define PSA_WANT_ECC_SECP_R1_384 1
110#define PSA_WANT_ECC_SECP_R1_521 1
111
112#define PSA_WANT_DH_RFC7919_2048 1
113#define PSA_WANT_DH_RFC7919_3072 1
114#define PSA_WANT_DH_RFC7919_4096 1
115#define PSA_WANT_DH_RFC7919_6144 1
116#define PSA_WANT_DH_RFC7919_8192 1
117
118#define PSA_WANT_KEY_TYPE_DERIVE 1
119#define PSA_WANT_KEY_TYPE_PASSWORD 1
120#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1
121#define PSA_WANT_KEY_TYPE_HMAC 1
122#define PSA_WANT_KEY_TYPE_AES 1
123#define PSA_WANT_KEY_TYPE_ARIA 1
124#define PSA_WANT_KEY_TYPE_CAMELLIA 1
125#define PSA_WANT_KEY_TYPE_CHACHA20 1
126#define PSA_WANT_KEY_TYPE_DES 1
127//#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 /* Deprecated */
128#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
129#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
130#define PSA_WANT_KEY_TYPE_RAW_DATA 1
131//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 /* Deprecated */
132#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
133
134/*
135 * The following symbols extend and deprecate the legacy
136 * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR ones. They include the usage of that key in
137 * the name's suffix. "_USE" is the most generic and it can be used to describe
138 * a generic suport, whereas other ones add more features on top of that and
139 * they are more specific.
140 */
141#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
142#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
143#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
144#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
145#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
146
147#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
148#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
149#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
150#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
151//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */
152
153#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
154#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
155#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
156#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
157//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 /* Not supported */
158
159#endif /* PSA_CRYPTO_CONFIG_H */