Mbed TLS v3.5.2
Loading...
Searching...
No Matches
config_adjust_psa_from_legacy.h
Go to the documentation of this file.
1
13/*
14 * Copyright The Mbed TLS Contributors
15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
16 */
17
18#ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
19#define MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
20
21/*
22 * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
23 * is not defined
24 */
25
26#if defined(MBEDTLS_CCM_C)
27#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
28#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
29#define PSA_WANT_ALG_CCM 1
30#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
31#endif /* MBEDTLS_CCM_C */
32
33#if defined(MBEDTLS_CMAC_C)
34#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
35#define PSA_WANT_ALG_CMAC 1
36#endif /* MBEDTLS_CMAC_C */
37
38#if defined(MBEDTLS_ECDH_C)
39#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
40#define PSA_WANT_ALG_ECDH 1
41#endif /* MBEDTLS_ECDH_C */
42
43#if defined(MBEDTLS_ECDSA_C)
44#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
45#define PSA_WANT_ALG_ECDSA 1
46#define PSA_WANT_ALG_ECDSA_ANY 1
47
48// Only add in DETERMINISTIC support if ECDSA is also enabled
49#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
50#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
51#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
52#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
53
54#endif /* MBEDTLS_ECDSA_C */
55
56#if defined(MBEDTLS_ECP_C)
57#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
58#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
59#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
60#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
61/* Normally we wouldn't enable this because it's not implemented in ecp.c,
62 * but since it used to be available any time ECP_C was enabled, let's enable
63 * it anyway for the sake of backwards compatibility */
64#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
65#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
66#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
67#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
68#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
69/* See comment for PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE above. */
70#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
71#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
72#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
73#endif /* MBEDTLS_ECP_C */
74
75#if defined(MBEDTLS_DHM_C)
76#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
77#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
78#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
79#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
80#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
81#define PSA_WANT_ALG_FFDH 1
82#define PSA_WANT_DH_FAMILY_RFC7919 1
83#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
84#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
85#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
86#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
87#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
88#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
89#endif /* MBEDTLS_DHM_C */
90
91#if defined(MBEDTLS_GCM_C)
92#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
93#define PSA_WANT_ALG_GCM 1
94#endif /* MBEDTLS_GCM_C */
95
96/* Enable PSA HKDF algorithm if mbedtls HKDF is supported.
97 * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when
98 * PSA HKDF is enabled, so enable both algorithms together
99 * with PSA HKDF. */
100#if defined(MBEDTLS_HKDF_C)
101#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
102#define PSA_WANT_ALG_HMAC 1
103#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
104#define PSA_WANT_ALG_HKDF 1
105#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
106#define PSA_WANT_ALG_HKDF_EXTRACT 1
107#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
108#define PSA_WANT_ALG_HKDF_EXPAND 1
109#endif /* MBEDTLS_HKDF_C */
110
111#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
112#define PSA_WANT_ALG_HMAC 1
113#define PSA_WANT_KEY_TYPE_HMAC 1
114
115#if defined(MBEDTLS_MD_C)
116#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
117#define PSA_WANT_ALG_TLS12_PRF 1
118#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
119#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
120#endif /* MBEDTLS_MD_C */
121
122#if defined(MBEDTLS_MD5_C)
123#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
124#define PSA_WANT_ALG_MD5 1
125#endif
126
127#if defined(MBEDTLS_ECJPAKE_C)
128#define MBEDTLS_PSA_BUILTIN_PAKE 1
129#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
130#define PSA_WANT_ALG_JPAKE 1
131#endif
132
133#if defined(MBEDTLS_RIPEMD160_C)
134#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
135#define PSA_WANT_ALG_RIPEMD160 1
136#endif
137
138#if defined(MBEDTLS_RSA_C)
139#if defined(MBEDTLS_PKCS1_V15)
140#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
141#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
142#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
143#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
144#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
145#endif /* MBEDTLS_PKCS1_V15 */
146#if defined(MBEDTLS_PKCS1_V21)
147#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
148#define PSA_WANT_ALG_RSA_OAEP 1
149#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
150#define PSA_WANT_ALG_RSA_PSS 1
151#endif /* MBEDTLS_PKCS1_V21 */
152#if defined(MBEDTLS_GENPRIME)
153#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
154#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
155#endif /* MBEDTLS_GENPRIME */
156#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
157#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
158#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
159#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
160#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
161#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
162#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
163#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
164#endif /* MBEDTLS_RSA_C */
165
166#if defined(MBEDTLS_SHA1_C)
167#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
168#define PSA_WANT_ALG_SHA_1 1
169#endif
170
171#if defined(MBEDTLS_SHA224_C)
172#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
173#define PSA_WANT_ALG_SHA_224 1
174#endif
175
176#if defined(MBEDTLS_SHA256_C)
177#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
178#define PSA_WANT_ALG_SHA_256 1
179#endif
180
181#if defined(MBEDTLS_SHA384_C)
182#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
183#define PSA_WANT_ALG_SHA_384 1
184#endif
185
186#if defined(MBEDTLS_SHA512_C)
187#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
188#define PSA_WANT_ALG_SHA_512 1
189#endif
190
191#if defined(MBEDTLS_SHA3_C)
192#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
193#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
194#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
195#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
196#define PSA_WANT_ALG_SHA3_224 1
197#define PSA_WANT_ALG_SHA3_256 1
198#define PSA_WANT_ALG_SHA3_384 1
199#define PSA_WANT_ALG_SHA3_512 1
200#endif
201
202#if defined(MBEDTLS_AES_C)
203#define PSA_WANT_KEY_TYPE_AES 1
204#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
205#endif
206
207#if defined(MBEDTLS_ARIA_C)
208#define PSA_WANT_KEY_TYPE_ARIA 1
209#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
210#endif
211
212#if defined(MBEDTLS_CAMELLIA_C)
213#define PSA_WANT_KEY_TYPE_CAMELLIA 1
214#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
215#endif
216
217#if defined(MBEDTLS_DES_C)
218#define PSA_WANT_KEY_TYPE_DES 1
219#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
220#endif
221
222#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
223#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
224#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
225#endif
226
227#if defined(MBEDTLS_CHACHA20_C)
228#define PSA_WANT_KEY_TYPE_CHACHA20 1
229#define PSA_WANT_ALG_STREAM_CIPHER 1
230#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
231#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
232#if defined(MBEDTLS_CHACHAPOLY_C)
233#define PSA_WANT_ALG_CHACHA20_POLY1305 1
234#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
235#endif
236#endif
237
238#if defined(MBEDTLS_CIPHER_MODE_CBC)
239#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
240#define PSA_WANT_ALG_CBC_NO_PADDING 1
241#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
242#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
243#define PSA_WANT_ALG_CBC_PKCS7 1
244#endif
245#endif
246
247#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
248 defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
249#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
250#define PSA_WANT_ALG_ECB_NO_PADDING 1
251#endif
252
253#if defined(MBEDTLS_CIPHER_MODE_CFB)
254#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
255#define PSA_WANT_ALG_CFB 1
256#endif
257
258#if defined(MBEDTLS_CIPHER_MODE_CTR)
259#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
260#define PSA_WANT_ALG_CTR 1
261#endif
262
263#if defined(MBEDTLS_CIPHER_MODE_OFB)
264#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
265#define PSA_WANT_ALG_OFB 1
266#endif
267
268#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
269#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
270#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
271#endif
272
273#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
274#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
275#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
276#endif
277
278#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
279#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
280#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
281#endif
282
283#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
284#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
285#define PSA_WANT_ECC_MONTGOMERY_255 1
286#endif
287
288#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
289#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
290#define PSA_WANT_ECC_MONTGOMERY_448 1
291#endif
292
293#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
294#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
295#define PSA_WANT_ECC_SECP_R1_192 1
296#endif
297
298#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
299#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
300#define PSA_WANT_ECC_SECP_R1_224 1
301#endif
302
303#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
304#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
305#define PSA_WANT_ECC_SECP_R1_256 1
306#endif
307
308#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
309#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
310#define PSA_WANT_ECC_SECP_R1_384 1
311#endif
312
313#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
314#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
315#define PSA_WANT_ECC_SECP_R1_521 1
316#endif
317
318#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
319#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
320#define PSA_WANT_ECC_SECP_K1_192 1
321#endif
322
323/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
324#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
325#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
326#define PSA_WANT_ECC_SECP_K1_224 1
327#endif
328
329#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
330#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
331#define PSA_WANT_ECC_SECP_K1_256 1
332#endif
333
334#endif /* MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H */