Mbed TLS v3.5.0
config_adjust_legacy_from_psa.h
Go to the documentation of this file.
1
11/*
12 * Copyright The Mbed TLS Contributors
13 * SPDX-License-Identifier: Apache-2.0
14 *
15 * Licensed under the Apache License, Version 2.0 (the "License"); you may
16 * not use this file except in compliance with the License.
17 * You may obtain a copy of the License at
18 *
19 * http://www.apache.org/licenses/LICENSE-2.0
20 *
21 * Unless required by applicable law or agreed to in writing, software
22 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24 * See the License for the specific language governing permissions and
25 * limitations under the License.
26 */
27
28#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
29#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
30
31/* Define appropriate ACCEL macros for the p256-m driver.
32 * In the future, those should be generated from the drivers JSON description.
33 */
34#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
35#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256
36#define MBEDTLS_PSA_ACCEL_ALG_ECDSA
37#define MBEDTLS_PSA_ACCEL_ALG_ECDH
38#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
39#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC
40#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT
41#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT
42#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE
43#endif
44
45/*
46 * ECC: support for a feature is controlled by a triplet or a pair:
47 * (curve, key_type public/basic, alg) or (curve, key_type_<action>).
48 *
49 * A triplet/pair is accelerated if all of is components are accelerated;
50 * otherwise each component needs to be built in.
51 *
52 * We proceed in two passes:
53 * 1. Check if acceleration is complete for curves, key types, algs.
54 * 2. Then enable built-ins for each thing that's either not accelerated of
55 * doesn't have complete acceleration of the other triplet/pair components.
56 *
57 * Note: this needs psa/crypto_adjust_keypair_types.h to have been included
58 * already, so that we know the full set of key types that are requested.
59 */
60
61/* ECC: curves: is acceleration complete? */
62#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \
63 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
64#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
65#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
66#endif
67
68#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \
69 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
70#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
71#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
72#endif
73
74#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \
75 !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
76#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
77#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
78#endif
79
80#if defined(PSA_WANT_ECC_MONTGOMERY_255) && \
81 !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
82#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
83#endif
84
85#if defined(PSA_WANT_ECC_MONTGOMERY_448) && \
86 !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
87#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
88#endif
89
90#if defined(PSA_WANT_ECC_SECP_R1_192) && \
91 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
92#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
93#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
94#endif
95
96#if defined(PSA_WANT_ECC_SECP_R1_224) && \
97 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
98#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
99#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
100#endif
101
102#if defined(PSA_WANT_ECC_SECP_R1_256) && \
103 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
104#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
105#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
106#endif
107
108#if defined(PSA_WANT_ECC_SECP_R1_384) && \
109 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
110#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
111#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
112#endif
113
114#if defined(PSA_WANT_ECC_SECP_R1_521) && \
115 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
116#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
117#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
118#endif
119
120#if defined(PSA_WANT_ECC_SECP_K1_192) && \
121 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
122#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
123#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
124#endif
125
126#if defined(PSA_WANT_ECC_SECP_K1_224) && \
127 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
128#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
129#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
130#endif
131
132#if defined(PSA_WANT_ECC_SECP_K1_256) && \
133 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
134#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
135#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
136#endif
137
138/* ECC: algs: is acceleration complete? */
139#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
140 !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
141#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
142#endif
143
144#if defined(PSA_WANT_ALG_ECDH) && \
145 !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
146#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
147#endif
148
149#if defined(PSA_WANT_ALG_ECDSA) && \
150 !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
151#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
152#endif
153
154#if defined(PSA_WANT_ALG_JPAKE) && \
155 !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)
156#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
157#endif
158
159/* ECC: key types: is acceleration complete? */
160#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
161 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
162#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
163#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC
164#endif
165
166#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
167 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)
168#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
169#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC
170#endif
171
172#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \
173 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
174#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
175#endif
176
177#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \
178 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
179#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
180#endif
181
182#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \
183 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
184#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
185#endif
186
187/* Special case: we don't support cooked key derivation in drivers yet */
188#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
189#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE
190#endif
191
192/* Note: the condition is always true as DERIVE can't be accelerated yet */
193#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \
194 !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
195#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
196#endif
197
198/* ECC: curves: enable built-ins as needed.
199 *
200 * We need the curve built-in:
201 * - if it's not accelerated, or
202 * - if there's a key type with missing acceleration, or
203 * - if there's a alg with missing acceleration.
204 */
205#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
206#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \
207 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
208 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
209#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
210#define MBEDTLS_ECP_DP_BP256R1_ENABLED
211#endif /* missing accel */
212#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
213
214#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
215#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \
216 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
217 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
218#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
219#define MBEDTLS_ECP_DP_BP384R1_ENABLED
220#endif /* missing accel */
221#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
222
223#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
224#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
225 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
226 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
227#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
228#define MBEDTLS_ECP_DP_BP512R1_ENABLED
229#endif /* missing accel */
230#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
231
232#if defined(PSA_WANT_ECC_MONTGOMERY_255)
233#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
234 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
235 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
236#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
237#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
238#endif /* missing accel */
239#endif /* PSA_WANT_ECC_MONTGOMERY_255 */
240
241#if defined(PSA_WANT_ECC_MONTGOMERY_448)
242#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
243 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
244 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
245#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
246#define MBEDTLS_ECP_DP_CURVE448_ENABLED
247#endif /* missing accel */
248#endif /* PSA_WANT_ECC_MONTGOMERY_448 */
249
250#if defined(PSA_WANT_ECC_SECP_R1_192)
251#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
252 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
253 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
254#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
255#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
256#endif /* missing accel */
257#endif /* PSA_WANT_ECC_SECP_R1_192 */
258
259#if defined(PSA_WANT_ECC_SECP_R1_224)
260#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \
261 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
262 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
263#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
264#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
265#endif /* missing accel */
266#endif /* PSA_WANT_ECC_SECP_R1_224 */
267
268#if defined(PSA_WANT_ECC_SECP_R1_256)
269#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
270 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
271 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
272#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
273#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
274#endif /* missing accel */
275#endif /* PSA_WANT_ECC_SECP_R1_256 */
276
277#if defined(PSA_WANT_ECC_SECP_R1_384)
278#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
279 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
280 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
281#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
282#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
283#endif /* missing accel */
284#endif /* PSA_WANT_ECC_SECP_R1_384 */
285
286#if defined(PSA_WANT_ECC_SECP_R1_521)
287#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \
288 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
289 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
290#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
291#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
292#endif /* missing accel */
293#endif /* PSA_WANT_ECC_SECP_R1_521 */
294
295#if defined(PSA_WANT_ECC_SECP_K1_192)
296#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
297 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
298 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
299#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
300#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
301#endif /* missing accel */
302#endif /* PSA_WANT_ECC_SECP_K1_192 */
303
304#if defined(PSA_WANT_ECC_SECP_K1_224)
305#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \
306 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
307 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
308#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
309#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
310/* https://github.com/Mbed-TLS/mbedtls/issues/3541 */
311#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
312#endif /* missing accel */
313#endif /* PSA_WANT_ECC_SECP_K1_224 */
314
315#if defined(PSA_WANT_ECC_SECP_K1_256)
316#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
317 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
318 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
319#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
320#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
321#endif /* missing accel */
322#endif /* PSA_WANT_ECC_SECP_K1_256 */
323
324/* ECC: algs: enable built-ins as needed.
325 *
326 * We need the alg built-in:
327 * - if it's not accelerated, or
328 * - if there's a relevant curve (see below) with missing acceleration, or
329 * - if there's a key type among (public, basic) with missing acceleration.
330 *
331 * Relevant curves are:
332 * - all curves for ECDH
333 * - Weierstrass curves for (deterministic) ECDSA
334 * - secp256r1 for EC J-PAKE
335 */
336#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
337#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \
338 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
339 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
340#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
341#define MBEDTLS_ECDSA_DETERMINISTIC
342#define MBEDTLS_HMAC_DRBG_C
343#define MBEDTLS_MD_C
344#define MBEDTLS_ECDSA_C
345#define MBEDTLS_ECP_C
346#define MBEDTLS_BIGNUM_C
347#define MBEDTLS_ASN1_PARSE_C
348#define MBEDTLS_ASN1_WRITE_C
349#endif /* missing accel */
350#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
351
352#if defined(PSA_WANT_ALG_ECDH)
353#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \
354 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
355 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
356#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
357#define MBEDTLS_ECDH_C
358#define MBEDTLS_ECP_C
359#define MBEDTLS_BIGNUM_C
360#endif /* missing accel */
361#endif /* PSA_WANT_ALG_ECDH */
362
363#if defined(PSA_WANT_ALG_ECDSA)
364#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
365 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
366 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
367#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
368#define MBEDTLS_ECDSA_C
369#define MBEDTLS_ECP_C
370#define MBEDTLS_BIGNUM_C
371#define MBEDTLS_ASN1_PARSE_C
372#define MBEDTLS_ASN1_WRITE_C
373#endif /* missing accel */
374#endif /* PSA_WANT_ALG_ECDSA */
375
376#if defined(PSA_WANT_ALG_JPAKE)
377#if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \
378 !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
379 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
380#define MBEDTLS_PSA_BUILTIN_PAKE 1
381#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
382#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
383#define MBEDTLS_BIGNUM_C
384#define MBEDTLS_ECP_C
385#define MBEDTLS_ECJPAKE_C
386#endif /* missing accel */
387#endif /* PSA_WANT_ALG_JPAKE */
388
389/* ECC: key types: enable built-ins as needed.
390 *
391 * We need the key type built-in:
392 * - if it's not accelerated, or
393 * - if there's a curve with missing acceleration, or
394 * - only for public/basic: if there's an alg with missing acceleration.
395 */
396#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
397#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
398 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
399 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
400#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
401#define MBEDTLS_ECP_LIGHT
402#define MBEDTLS_BIGNUM_C
403#endif /* missing accel */
404#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
405
406#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
407#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
408 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
409 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
410#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
411#define MBEDTLS_ECP_LIGHT
412#define MBEDTLS_BIGNUM_C
413#endif /* missing accel */
414#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
415
416#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
417#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
418 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
419#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
420#define MBEDTLS_ECP_LIGHT
421#define MBEDTLS_BIGNUM_C
422#endif /* missing accel */
423#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
424
425#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
426#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
427 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
428#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
429#define MBEDTLS_ECP_C
430#define MBEDTLS_BIGNUM_C
431#endif /* missing accel */
432#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
433
434#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
435#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \
436 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
437#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
438#define MBEDTLS_ECP_C
439#define MBEDTLS_BIGNUM_C
440#endif /* missing accel */
441#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
442
443/* Note: the condition is always true as DERIVE can't be accelerated yet */
444#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
445#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \
446 defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
447#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
448#define MBEDTLS_ECP_LIGHT
449#define MBEDTLS_BIGNUM_C
450#endif /* missing accel */
451#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
452
453/* End of ECC section */
454
455#if defined(PSA_WANT_ALG_FFDH)
456#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
457#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
458#define MBEDTLS_BIGNUM_C
459#endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */
460#endif /* PSA_WANT_ALG_FFDH */
461
462#if defined(PSA_WANT_ALG_HKDF)
463#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
464/*
465 * The PSA implementation has its own implementation of HKDF, separate from
466 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
467 */
468#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
469#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
470#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
471#endif /* PSA_WANT_ALG_HKDF */
472
473#if defined(PSA_WANT_ALG_HKDF_EXTRACT)
474#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
475/*
476 * The PSA implementation has its own implementation of HKDF, separate from
477 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
478 */
479#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
480#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
481#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
482#endif /* PSA_WANT_ALG_HKDF_EXTRACT */
483
484#if defined(PSA_WANT_ALG_HKDF_EXPAND)
485#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
486/*
487 * The PSA implementation has its own implementation of HKDF, separate from
488 * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
489 */
490#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
491#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
492#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
493#endif /* PSA_WANT_ALG_HKDF_EXPAND */
494
495#if defined(PSA_WANT_ALG_HMAC)
496#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
497#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
498#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
499#endif /* PSA_WANT_ALG_HMAC */
500
501#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
502#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
503#define MBEDTLS_MD5_C
504#endif
505
506#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
507#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
508#define MBEDTLS_RIPEMD160_C
509#endif
510
511#if defined(PSA_WANT_ALG_RSA_OAEP)
512#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
513#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
514#define MBEDTLS_RSA_C
515#define MBEDTLS_BIGNUM_C
516#define MBEDTLS_OID_C
517#define MBEDTLS_PKCS1_V21
518#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
519#endif /* PSA_WANT_ALG_RSA_OAEP */
520
521#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
522#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
523#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
524#define MBEDTLS_RSA_C
525#define MBEDTLS_BIGNUM_C
526#define MBEDTLS_OID_C
527#define MBEDTLS_PKCS1_V15
528#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
529#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
530
531#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
532#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
533#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
534#define MBEDTLS_RSA_C
535#define MBEDTLS_BIGNUM_C
536#define MBEDTLS_OID_C
537#define MBEDTLS_PKCS1_V15
538#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
539#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
540
541#if defined(PSA_WANT_ALG_RSA_PSS)
542#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
543#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
544#define MBEDTLS_RSA_C
545#define MBEDTLS_BIGNUM_C
546#define MBEDTLS_OID_C
547#define MBEDTLS_PKCS1_V21
548#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
549#endif /* PSA_WANT_ALG_RSA_PSS */
550
551#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
552#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
553#define MBEDTLS_SHA1_C
554#endif
555
556#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
557#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
558#define MBEDTLS_SHA224_C
559#endif
560
561#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
562#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
563#define MBEDTLS_SHA256_C
564#endif
565
566#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
567#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
568#define MBEDTLS_SHA384_C
569#endif
570
571#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
572#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
573#define MBEDTLS_SHA512_C
574#endif
575
576#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
577#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
578#define MBEDTLS_SHA3_C
579#endif
580
581#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
582#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
583#define MBEDTLS_SHA3_C
584#endif
585
586#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
587#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
588#define MBEDTLS_SHA3_C
589#endif
590
591#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
592#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
593#define MBEDTLS_SHA3_C
594#endif
595
596#if defined(PSA_WANT_ALG_PBKDF2_HMAC)
597#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
598#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
599#define PSA_HAVE_SOFT_PBKDF2_HMAC 1
600#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
601#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
602#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
603#endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
604#endif /* PSA_WANT_ALG_PBKDF2_HMAC */
605
606#if defined(PSA_WANT_ALG_TLS12_PRF)
607#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
608#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
609#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
610#endif /* PSA_WANT_ALG_TLS12_PRF */
611
612#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
613#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
614#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
615#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
616#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
617
618#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
619#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
620#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
621#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
622#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
623
624#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
625#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
626#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
627#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
628#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
629
630#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
631#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
632#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
633#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
634#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
635
636#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
637#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
638#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
639#define MBEDTLS_GENPRIME
640#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
641#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
642
643#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
644#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
645#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
646#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */
647#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
648
649#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
650#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)
651#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
652#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */
653#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */
654
655#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
656#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)
657#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
658#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */
659#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */
660
661#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
662#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
663#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
664#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */
665#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */
666
667#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
668#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)
669#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
670#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */
671#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */
672
673#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
674#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)
675#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
676#define MBEDTLS_BIGNUM_C
677#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */
678#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */
679
680#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
681#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
682#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
683#define MBEDTLS_RSA_C
684#define MBEDTLS_BIGNUM_C
685#define MBEDTLS_OID_C
686#define MBEDTLS_PK_PARSE_C
687#define MBEDTLS_PK_WRITE_C
688#define MBEDTLS_PK_C
689#define MBEDTLS_ASN1_PARSE_C
690#define MBEDTLS_ASN1_WRITE_C
691#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
692#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
693
694/* If any of the block modes are requested that don't have an
695 * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
696 * in the block cipher key types. */
697#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
698 (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
699 (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
700 defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
701 (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
702 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
703 (defined(PSA_WANT_ALG_CBC_PKCS7) && \
704 !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
705 (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
706#define PSA_HAVE_SOFT_BLOCK_MODE 1
707#endif
708
709#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
710 (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
711#define PSA_HAVE_SOFT_BLOCK_AEAD 1
712#endif
713
714#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
715#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
716#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
717#define PSA_HAVE_SOFT_PBKDF2_CMAC 1
718#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
719#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
720
721#if defined(PSA_WANT_KEY_TYPE_AES)
722#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
723#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
724#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
725#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
726 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
727 defined(PSA_HAVE_SOFT_BLOCK_AEAD) || \
728 defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
729#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
730#define MBEDTLS_AES_C
731#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
732#endif /* PSA_WANT_KEY_TYPE_AES */
733
734#if defined(PSA_WANT_KEY_TYPE_ARIA)
735#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
736#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
737#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
738#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
739 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
740 defined(PSA_HAVE_SOFT_BLOCK_AEAD)
741#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
742#define MBEDTLS_ARIA_C
743#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
744#endif /* PSA_WANT_KEY_TYPE_ARIA */
745
746#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
747#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
748#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
749#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
750#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
751 defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
752 defined(PSA_HAVE_SOFT_BLOCK_AEAD)
753#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
754#define MBEDTLS_CAMELLIA_C
755#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
756#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
757
758#if defined(PSA_WANT_KEY_TYPE_DES)
759#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
760#define PSA_HAVE_SOFT_KEY_TYPE_DES 1
761#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
762#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
763 defined(PSA_HAVE_SOFT_BLOCK_MODE)
764#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
765#define MBEDTLS_DES_C
766#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
767#endif /* PSA_WANT_KEY_TYPE_DES */
768
769#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
770#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
771#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
772#define MBEDTLS_CHACHA20_C
773#endif
774#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
775
776/* If any of the software block ciphers are selected, define
777 * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
778 * situations. */
779#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
780 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
781 defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
782 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
783#define PSA_HAVE_SOFT_BLOCK_CIPHER 1
784#endif
785
786#if defined(PSA_WANT_ALG_STREAM_CIPHER)
787#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
788#endif /* PSA_WANT_ALG_STREAM_CIPHER */
789
790#if defined(PSA_WANT_ALG_CBC_MAC)
791#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
792#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
793#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
794#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
795#endif /* PSA_WANT_ALG_CBC_MAC */
796
797#if defined(PSA_WANT_ALG_CMAC)
798#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
799 defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || \
800 defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
801#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
802#define MBEDTLS_CMAC_C
803#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
804#endif /* PSA_WANT_ALG_CMAC */
805
806#if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
807 defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
808#define PSA_HAVE_SOFT_PBKDF2 1
809#endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
810
811#if defined(PSA_WANT_ALG_CTR)
812#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
813 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
814#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
815#define MBEDTLS_CIPHER_MODE_CTR
816#endif
817#endif /* PSA_WANT_ALG_CTR */
818
819#if defined(PSA_WANT_ALG_CFB)
820#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
821 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
822#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
823#define MBEDTLS_CIPHER_MODE_CFB
824#endif
825#endif /* PSA_WANT_ALG_CFB */
826
827#if defined(PSA_WANT_ALG_OFB)
828#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
829 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
830#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
831#define MBEDTLS_CIPHER_MODE_OFB
832#endif
833#endif /* PSA_WANT_ALG_OFB */
834
835#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
836 !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
837#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
838#endif
839
840#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
841#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
842 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
843#define MBEDTLS_CIPHER_MODE_CBC
844#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
845#endif
846#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
847
848#if defined(PSA_WANT_ALG_CBC_PKCS7)
849#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
850 defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
851#define MBEDTLS_CIPHER_MODE_CBC
852#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
853#define MBEDTLS_CIPHER_PADDING_PKCS7
854#endif
855#endif /* PSA_WANT_ALG_CBC_PKCS7 */
856
857#if defined(PSA_WANT_ALG_CCM)
858#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
859 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
860 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
861 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
862#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
863#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
864#define MBEDTLS_CCM_C
865#endif
866#endif /* PSA_WANT_ALG_CCM */
867
868#if defined(PSA_WANT_ALG_GCM)
869#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
870 defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
871 defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
872 defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
873#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
874#define MBEDTLS_GCM_C
875#endif
876#endif /* PSA_WANT_ALG_GCM */
877
878#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
879#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
880#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
881#define MBEDTLS_CHACHAPOLY_C
882#define MBEDTLS_CHACHA20_C
883#define MBEDTLS_POLY1305_C
884#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
885#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
886#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
887#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
888
889#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */