Mbed TLS v3.5.0
config_adjust_psa_from_legacy.h
Go to the documentation of this file.
1
13/*
14 * Copyright The Mbed TLS Contributors
15 * SPDX-License-Identifier: Apache-2.0
16 *
17 * Licensed under the Apache License, Version 2.0 (the "License"); you may
18 * not use this file except in compliance with the License.
19 * You may obtain a copy of the License at
20 *
21 * http://www.apache.org/licenses/LICENSE-2.0
22 *
23 * Unless required by applicable law or agreed to in writing, software
24 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
25 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26 * See the License for the specific language governing permissions and
27 * limitations under the License.
28 */
29
30#ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
31#define MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
32
33/*
34 * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
35 * is not defined
36 */
37
38#if defined(MBEDTLS_CCM_C)
39#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
40#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
41#define PSA_WANT_ALG_CCM 1
42#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
43#endif /* MBEDTLS_CCM_C */
44
45#if defined(MBEDTLS_CMAC_C)
46#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
47#define PSA_WANT_ALG_CMAC 1
48#endif /* MBEDTLS_CMAC_C */
49
50#if defined(MBEDTLS_ECDH_C)
51#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
52#define PSA_WANT_ALG_ECDH 1
53#endif /* MBEDTLS_ECDH_C */
54
55#if defined(MBEDTLS_ECDSA_C)
56#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
57#define PSA_WANT_ALG_ECDSA 1
58#define PSA_WANT_ALG_ECDSA_ANY 1
59
60// Only add in DETERMINISTIC support if ECDSA is also enabled
61#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
62#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
63#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
64#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
65
66#endif /* MBEDTLS_ECDSA_C */
67
68#if defined(MBEDTLS_ECP_C)
69#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
70#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
71#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
72#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
73/* Normally we wouldn't enable this because it's not implemented in ecp.c,
74 * but since it used to be available any time ECP_C was enabled, let's enable
75 * it anyway for the sake of backwards compatibility */
76#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
77#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
78#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
79#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
80#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
81/* See comment for PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE above. */
82#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
83#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
84#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
85#endif /* MBEDTLS_ECP_C */
86
87#if defined(MBEDTLS_DHM_C)
88#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
89#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
90#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
91#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
92#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
93#define PSA_WANT_ALG_FFDH 1
94#define PSA_WANT_DH_FAMILY_RFC7919 1
95#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
96#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
97#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
98#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
99#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
100#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
101#endif /* MBEDTLS_DHM_C */
102
103#if defined(MBEDTLS_GCM_C)
104#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
105#define PSA_WANT_ALG_GCM 1
106#endif /* MBEDTLS_GCM_C */
107
108/* Enable PSA HKDF algorithm if mbedtls HKDF is supported.
109 * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when
110 * PSA HKDF is enabled, so enable both algorithms together
111 * with PSA HKDF. */
112#if defined(MBEDTLS_HKDF_C)
113#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
114#define PSA_WANT_ALG_HMAC 1
115#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
116#define PSA_WANT_ALG_HKDF 1
117#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
118#define PSA_WANT_ALG_HKDF_EXTRACT 1
119#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
120#define PSA_WANT_ALG_HKDF_EXPAND 1
121#endif /* MBEDTLS_HKDF_C */
122
123#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
124#define PSA_WANT_ALG_HMAC 1
125#define PSA_WANT_KEY_TYPE_HMAC 1
126
127#if defined(MBEDTLS_MD_C)
128#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
129#define PSA_WANT_ALG_TLS12_PRF 1
130#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
131#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
132#endif /* MBEDTLS_MD_C */
133
134#if defined(MBEDTLS_MD5_C)
135#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
136#define PSA_WANT_ALG_MD5 1
137#endif
138
139#if defined(MBEDTLS_ECJPAKE_C)
140#define MBEDTLS_PSA_BUILTIN_PAKE 1
141#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
142#define PSA_WANT_ALG_JPAKE 1
143#endif
144
145#if defined(MBEDTLS_RIPEMD160_C)
146#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
147#define PSA_WANT_ALG_RIPEMD160 1
148#endif
149
150#if defined(MBEDTLS_RSA_C)
151#if defined(MBEDTLS_PKCS1_V15)
152#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
153#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
154#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
155#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
156#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
157#endif /* MBEDTLS_PKCS1_V15 */
158#if defined(MBEDTLS_PKCS1_V21)
159#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
160#define PSA_WANT_ALG_RSA_OAEP 1
161#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
162#define PSA_WANT_ALG_RSA_PSS 1
163#endif /* MBEDTLS_PKCS1_V21 */
164#if defined(MBEDTLS_GENPRIME)
165#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
166#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
167#endif /* MBEDTLS_GENPRIME */
168#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
169#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
170#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
171#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
172#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
173#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
174#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
175#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
176#endif /* MBEDTLS_RSA_C */
177
178#if defined(MBEDTLS_SHA1_C)
179#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
180#define PSA_WANT_ALG_SHA_1 1
181#endif
182
183#if defined(MBEDTLS_SHA224_C)
184#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
185#define PSA_WANT_ALG_SHA_224 1
186#endif
187
188#if defined(MBEDTLS_SHA256_C)
189#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
190#define PSA_WANT_ALG_SHA_256 1
191#endif
192
193#if defined(MBEDTLS_SHA384_C)
194#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
195#define PSA_WANT_ALG_SHA_384 1
196#endif
197
198#if defined(MBEDTLS_SHA512_C)
199#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
200#define PSA_WANT_ALG_SHA_512 1
201#endif
202
203#if defined(MBEDTLS_SHA3_C)
204#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
205#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
206#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
207#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
208#define PSA_WANT_ALG_SHA3_224 1
209#define PSA_WANT_ALG_SHA3_256 1
210#define PSA_WANT_ALG_SHA3_384 1
211#define PSA_WANT_ALG_SHA3_512 1
212#endif
213
214#if defined(MBEDTLS_AES_C)
215#define PSA_WANT_KEY_TYPE_AES 1
216#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
217#endif
218
219#if defined(MBEDTLS_ARIA_C)
220#define PSA_WANT_KEY_TYPE_ARIA 1
221#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
222#endif
223
224#if defined(MBEDTLS_CAMELLIA_C)
225#define PSA_WANT_KEY_TYPE_CAMELLIA 1
226#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
227#endif
228
229#if defined(MBEDTLS_DES_C)
230#define PSA_WANT_KEY_TYPE_DES 1
231#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
232#endif
233
234#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
235#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
236#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
237#endif
238
239#if defined(MBEDTLS_CHACHA20_C)
240#define PSA_WANT_KEY_TYPE_CHACHA20 1
241#define PSA_WANT_ALG_STREAM_CIPHER 1
242#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
243#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
244#if defined(MBEDTLS_CHACHAPOLY_C)
245#define PSA_WANT_ALG_CHACHA20_POLY1305 1
246#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
247#endif
248#endif
249
250#if defined(MBEDTLS_CIPHER_MODE_CBC)
251#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
252#define PSA_WANT_ALG_CBC_NO_PADDING 1
253#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
254#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
255#define PSA_WANT_ALG_CBC_PKCS7 1
256#endif
257#endif
258
259#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
260 defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
261#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
262#define PSA_WANT_ALG_ECB_NO_PADDING 1
263#endif
264
265#if defined(MBEDTLS_CIPHER_MODE_CFB)
266#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
267#define PSA_WANT_ALG_CFB 1
268#endif
269
270#if defined(MBEDTLS_CIPHER_MODE_CTR)
271#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
272#define PSA_WANT_ALG_CTR 1
273#endif
274
275#if defined(MBEDTLS_CIPHER_MODE_OFB)
276#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
277#define PSA_WANT_ALG_OFB 1
278#endif
279
280#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
281#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
282#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
283#endif
284
285#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
286#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
287#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
288#endif
289
290#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
291#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
292#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
293#endif
294
295#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
296#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
297#define PSA_WANT_ECC_MONTGOMERY_255 1
298#endif
299
300#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
301#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
302#define PSA_WANT_ECC_MONTGOMERY_448 1
303#endif
304
305#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
306#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
307#define PSA_WANT_ECC_SECP_R1_192 1
308#endif
309
310#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
311#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
312#define PSA_WANT_ECC_SECP_R1_224 1
313#endif
314
315#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
316#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
317#define PSA_WANT_ECC_SECP_R1_256 1
318#endif
319
320#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
321#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
322#define PSA_WANT_ECC_SECP_R1_384 1
323#endif
324
325#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
326#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
327#define PSA_WANT_ECC_SECP_R1_521 1
328#endif
329
330#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
331#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
332#define PSA_WANT_ECC_SECP_K1_192 1
333#endif
334
335/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
336#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
337#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
338#define PSA_WANT_ECC_SECP_K1_224 1
339#endif
340
341#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
342#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
343#define PSA_WANT_ECC_SECP_K1_256 1
344#endif
345
346#endif /* MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H */