Mbed TLS v2.28.5
config_psa.h
Go to the documentation of this file.
1 
13 /*
14  * Copyright The Mbed TLS Contributors
15  * SPDX-License-Identifier: Apache-2.0
16  *
17  * Licensed under the Apache License, Version 2.0 (the "License"); you may
18  * not use this file except in compliance with the License.
19  * You may obtain a copy of the License at
20  *
21  * http://www.apache.org/licenses/LICENSE-2.0
22  *
23  * Unless required by applicable law or agreed to in writing, software
24  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
25  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26  * See the License for the specific language governing permissions and
27  * limitations under the License.
28  */
29 
30 #ifndef MBEDTLS_CONFIG_PSA_H
31 #define MBEDTLS_CONFIG_PSA_H
32 
33 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
34 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
35 #include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
36 #else
37 #include "psa/crypto_config.h"
38 #endif
39 #endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
40 
41 #if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
42 #include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
43 #endif
44 
45 #ifdef __cplusplus
46 extern "C" {
47 #endif
48 
49 
50 
51 /****************************************************************/
52 /* De facto synonyms */
53 /****************************************************************/
54 
55 #if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA)
56 #define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY
57 #elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA)
58 #define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA
59 #endif
60 
61 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
62 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
63 #elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
64 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN
65 #endif
66 
67 #if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS)
68 #define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT
69 #elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS)
70 #define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS
71 #endif
72 
73 
74 
75 /****************************************************************/
76 /* Require built-in implementations based on PSA requirements */
77 /****************************************************************/
78 
79 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
80 
81 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
82 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
83 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
84 #define MBEDTLS_ECDSA_DETERMINISTIC
85 #define MBEDTLS_ECDSA_C
86 #define MBEDTLS_HMAC_DRBG_C
87 #define MBEDTLS_MD_C
88 #endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
89 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
90 
91 #if defined(PSA_WANT_ALG_ECDH)
92 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
93 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
94 #define MBEDTLS_ECDH_C
95 #define MBEDTLS_ECP_C
96 #define MBEDTLS_BIGNUM_C
97 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
98 #endif /* PSA_WANT_ALG_ECDH */
99 
100 #if defined(PSA_WANT_ALG_ECDSA)
101 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
102 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
103 #define MBEDTLS_ECDSA_C
104 #define MBEDTLS_ECP_C
105 #define MBEDTLS_BIGNUM_C
106 #define MBEDTLS_ASN1_PARSE_C
107 #define MBEDTLS_ASN1_WRITE_C
108 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
109 #endif /* PSA_WANT_ALG_ECDSA */
110 
111 #if defined(PSA_WANT_ALG_HKDF)
112 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
113 /*
114  * The PSA implementation has its own implementation of HKDF, separate from
115  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
116  */
117 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
118 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
119 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
120 #endif /* PSA_WANT_ALG_HKDF */
121 
122 #if defined(PSA_WANT_ALG_HMAC)
123 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
124 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
125 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
126 #endif /* PSA_WANT_ALG_HMAC */
127 
128 #if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
129 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
130 #define MBEDTLS_MD2_C
131 #endif
132 
133 #if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
134 #define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
135 #define MBEDTLS_MD4_C
136 #endif
137 
138 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
139 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
140 #define MBEDTLS_MD5_C
141 #endif
142 
143 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
144 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
145 #define MBEDTLS_RIPEMD160_C
146 #endif
147 
148 #if defined(PSA_WANT_ALG_RSA_OAEP)
149 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
150 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
151 #define MBEDTLS_RSA_C
152 #define MBEDTLS_BIGNUM_C
153 #define MBEDTLS_OID_C
154 #define MBEDTLS_PKCS1_V21
155 #define MBEDTLS_MD_C
156 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
157 #endif /* PSA_WANT_ALG_RSA_OAEP */
158 
159 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
160 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
161 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
162 #define MBEDTLS_RSA_C
163 #define MBEDTLS_BIGNUM_C
164 #define MBEDTLS_OID_C
165 #define MBEDTLS_PKCS1_V15
166 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
167 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
168 
169 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
170 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
171 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
172 #define MBEDTLS_RSA_C
173 #define MBEDTLS_BIGNUM_C
174 #define MBEDTLS_OID_C
175 #define MBEDTLS_PKCS1_V15
176 #define MBEDTLS_MD_C
177 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
178 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
179 
180 #if defined(PSA_WANT_ALG_RSA_PSS)
181 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
182 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
183 #define MBEDTLS_RSA_C
184 #define MBEDTLS_BIGNUM_C
185 #define MBEDTLS_OID_C
186 #define MBEDTLS_PKCS1_V21
187 #define MBEDTLS_MD_C
188 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
189 #endif /* PSA_WANT_ALG_RSA_PSS */
190 
191 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
192 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
193 #define MBEDTLS_SHA1_C
194 #endif
195 
196 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
197 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
198 #define MBEDTLS_SHA256_C
199 #endif
200 
201 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
202 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
203 #define MBEDTLS_SHA256_C
204 #endif
205 
206 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
207 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
208 #define MBEDTLS_SHA512_C
209 #endif
210 
211 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
212 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
213 #define MBEDTLS_SHA512_C
214 #endif
215 
216 #if defined(PSA_WANT_ALG_TLS12_PRF)
217 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
218 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
219 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
220 #endif /* PSA_WANT_ALG_TLS12_PRF */
221 
222 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
223 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
224 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
225 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
226 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
227 
228 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
229 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
230 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
231 #define MBEDTLS_ECP_C
232 #define MBEDTLS_BIGNUM_C
233 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */
234 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */
235 
236 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
237 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
238 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
239 #define MBEDTLS_ECP_C
240 #define MBEDTLS_BIGNUM_C
241 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
242 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
243 
244 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
245 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
246 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
247 #define MBEDTLS_RSA_C
248 #define MBEDTLS_BIGNUM_C
249 #define MBEDTLS_OID_C
250 #define MBEDTLS_GENPRIME
251 #define MBEDTLS_PK_PARSE_C
252 #define MBEDTLS_PK_WRITE_C
253 #define MBEDTLS_PK_C
254 #define MBEDTLS_ASN1_PARSE_C
255 #define MBEDTLS_ASN1_WRITE_C
256 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */
257 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
258 
259 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
260 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
261 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
262 #define MBEDTLS_RSA_C
263 #define MBEDTLS_BIGNUM_C
264 #define MBEDTLS_OID_C
265 #define MBEDTLS_PK_PARSE_C
266 #define MBEDTLS_PK_WRITE_C
267 #define MBEDTLS_PK_C
268 #define MBEDTLS_ASN1_PARSE_C
269 #define MBEDTLS_ASN1_WRITE_C
270 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
271 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
272 
273 /* If any of the block modes are requested that don't have an
274  * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
275  * in the block cipher key types. */
276 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
277  (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
278  (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
279  defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
280  (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
281  !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
282  (defined(PSA_WANT_ALG_CBC_PKCS7) && \
283  !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
284  (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
285 #define PSA_HAVE_SOFT_BLOCK_MODE 1
286 #endif
287 
288 #if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
289  (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
290 #define PSA_HAVE_SOFT_BLOCK_AEAD 1
291 #endif
292 
293 #if defined(PSA_WANT_KEY_TYPE_AES)
294 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
295 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1
296 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
297 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
298  defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
299  defined(PSA_HAVE_SOFT_BLOCK_AEAD)
300 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
301 #define MBEDTLS_AES_C
302 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
303 #endif /* PSA_WANT_KEY_TYPE_AES */
304 
305 #if defined(PSA_WANT_KEY_TYPE_ARC4)
306 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4)
307 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
308 #define MBEDTLS_ARC4_C
309 #endif
310 #endif /* PSA_WANT_KEY_TYPE_ARC4 */
311 
312 #if defined(PSA_WANT_KEY_TYPE_ARIA)
313 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
314 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
315 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
316 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
317  defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
318  defined(PSA_HAVE_SOFT_BLOCK_AEAD)
319 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
320 #define MBEDTLS_ARIA_C
321 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
322 #endif /* PSA_WANT_KEY_TYPE_ARIA */
323 
324 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
325 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
326 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
327 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
328 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
329  defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
330  defined(PSA_HAVE_SOFT_BLOCK_AEAD)
331 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
332 #define MBEDTLS_CAMELLIA_C
333 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
334 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
335 
336 #if defined(PSA_WANT_KEY_TYPE_DES)
337 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
338 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1
339 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
340 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
341  defined(PSA_HAVE_SOFT_BLOCK_MODE)
342 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
343 #define MBEDTLS_DES_C
344 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
345 #endif /* PSA_WANT_KEY_TYPE_DES */
346 
347 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
348 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
349 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
350 #define MBEDTLS_CHACHA20_C
351 #endif
352 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
353 
354 /* If any of the software block ciphers are selected, define
355  * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
356  * situations. */
357 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
358  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
359  defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
360  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
361 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1
362 #endif
363 
364 #if defined(PSA_WANT_ALG_STREAM_CIPHER)
365 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
366 #endif /* PSA_WANT_ALG_STREAM_CIPHER */
367 
368 #if defined(PSA_WANT_ALG_CBC_MAC)
369 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
370 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
371 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
372 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
373 #endif /* PSA_WANT_ALG_CBC_MAC */
374 
375 #if defined(PSA_WANT_ALG_CMAC)
376 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
377  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
378 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
379 #define MBEDTLS_CMAC_C
380 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
381 #endif /* PSA_WANT_ALG_CMAC */
382 
383 #if defined(PSA_WANT_ALG_CTR)
384 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
385  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
386 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
387 #define MBEDTLS_CIPHER_MODE_CTR
388 #endif
389 #endif /* PSA_WANT_ALG_CTR */
390 
391 #if defined(PSA_WANT_ALG_CFB)
392 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
393  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
394 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
395 #define MBEDTLS_CIPHER_MODE_CFB
396 #endif
397 #endif /* PSA_WANT_ALG_CFB */
398 
399 #if defined(PSA_WANT_ALG_OFB)
400 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
401  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
402 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
403 #define MBEDTLS_CIPHER_MODE_OFB
404 #endif
405 #endif /* PSA_WANT_ALG_OFB */
406 
407 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
408  !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
409 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
410 #endif
411 
412 #if defined(PSA_WANT_ALG_CBC_NO_PADDING)
413 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
414  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
415 #define MBEDTLS_CIPHER_MODE_CBC
416 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
417 #endif
418 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */
419 
420 #if defined(PSA_WANT_ALG_CBC_PKCS7)
421 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
422  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
423 #define MBEDTLS_CIPHER_MODE_CBC
424 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
425 #define MBEDTLS_CIPHER_PADDING_PKCS7
426 #endif
427 #endif /* PSA_WANT_ALG_CBC_PKCS7 */
428 
429 #if defined(PSA_WANT_ALG_CCM)
430 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
431  defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
432  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
433  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
434 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
435 #define MBEDTLS_CCM_C
436 #endif
437 #endif /* PSA_WANT_ALG_CCM */
438 
439 #if defined(PSA_WANT_ALG_GCM)
440 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
441  defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
442  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
443  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
444 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
445 #define MBEDTLS_GCM_C
446 #endif
447 #endif /* PSA_WANT_ALG_GCM */
448 
449 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
450 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
451 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
452 #define MBEDTLS_CHACHAPOLY_C
453 #define MBEDTLS_CHACHA20_C
454 #define MBEDTLS_POLY1305_C
455 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
456 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
457 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
458 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
459 
460 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
461 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
462 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
463 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
464 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */
465 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
466 
467 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
468 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
469 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
470 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
471 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */
472 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
473 
474 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
475 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
476 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
477 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
478 #endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */
479 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
480 
481 #if defined(PSA_WANT_ECC_MONTGOMERY_255)
482 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
483 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
484 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
485 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */
486 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */
487 
488 #if defined(PSA_WANT_ECC_MONTGOMERY_448)
489 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
490 /*
491  * Curve448 is not yet supported via the PSA API in Mbed TLS
492  * (https://github.com/Mbed-TLS/mbedtls/issues/4249).
493  */
494 #error "Curve448 is not yet supported via the PSA API in Mbed TLS."
495 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
496 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
497 #endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */
498 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */
499 
500 #if defined(PSA_WANT_ECC_SECP_R1_192)
501 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
502 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
503 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
504 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */
505 #endif /* PSA_WANT_ECC_SECP_R1_192 */
506 
507 #if defined(PSA_WANT_ECC_SECP_R1_224)
508 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
509 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
510 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
511 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */
512 #endif /* PSA_WANT_ECC_SECP_R1_224 */
513 
514 #if defined(PSA_WANT_ECC_SECP_R1_256)
515 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
516 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
517 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
518 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */
519 #endif /* PSA_WANT_ECC_SECP_R1_256 */
520 
521 #if defined(PSA_WANT_ECC_SECP_R1_384)
522 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
523 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
524 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
525 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */
526 #endif /* PSA_WANT_ECC_SECP_R1_384 */
527 
528 #if defined(PSA_WANT_ECC_SECP_R1_521)
529 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
530 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
531 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
532 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */
533 #endif /* PSA_WANT_ECC_SECP_R1_521 */
534 
535 #if defined(PSA_WANT_ECC_SECP_K1_192)
536 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
537 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
538 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
539 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */
540 #endif /* PSA_WANT_ECC_SECP_K1_192 */
541 
542 #if defined(PSA_WANT_ECC_SECP_K1_224)
543 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
544 /*
545  * SECP224K1 is buggy via the PSA API in Mbed TLS
546  * (https://github.com/Mbed-TLS/mbedtls/issues/3541).
547  */
548 #error "SECP224K1 is buggy via the PSA API in Mbed TLS."
549 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
550 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
551 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */
552 #endif /* PSA_WANT_ECC_SECP_K1_224 */
553 
554 #if defined(PSA_WANT_ECC_SECP_K1_256)
555 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
556 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
557 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
558 #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */
559 #endif /* PSA_WANT_ECC_SECP_K1_256 */
560 
561 
562 
563 /****************************************************************/
564 /* Infer PSA requirements from Mbed TLS capabilities */
565 /****************************************************************/
566 
567 #else /* MBEDTLS_PSA_CRYPTO_CONFIG */
568 
569 /*
570  * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
571  * is not defined
572  */
573 
574 #if defined(MBEDTLS_CCM_C)
575 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
576 #define PSA_WANT_ALG_CCM 1
577 #endif /* MBEDTLS_CCM_C */
578 
579 #if defined(MBEDTLS_CMAC_C)
580 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
581 #define PSA_WANT_ALG_CMAC 1
582 #endif /* MBEDTLS_CMAC_C */
583 
584 #if defined(MBEDTLS_ECDH_C)
585 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
586 #define PSA_WANT_ALG_ECDH 1
587 #endif /* MBEDTLS_ECDH_C */
588 
589 #if defined(MBEDTLS_ECDSA_C)
590 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
591 #define PSA_WANT_ALG_ECDSA 1
592 #define PSA_WANT_ALG_ECDSA_ANY 1
593 
594 // Only add in DETERMINISTIC support if ECDSA is also enabled
595 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
596 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
597 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
598 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
599 
600 #endif /* MBEDTLS_ECDSA_C */
601 
602 #if defined(MBEDTLS_ECP_C)
603 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
604 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
605 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
606 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
607 #endif /* MBEDTLS_ECP_C */
608 
609 #if defined(MBEDTLS_GCM_C)
610 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
611 #define PSA_WANT_ALG_GCM 1
612 #endif /* MBEDTLS_GCM_C */
613 
614 #if defined(MBEDTLS_HKDF_C)
615 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
616 #define PSA_WANT_ALG_HMAC 1
617 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
618 #define PSA_WANT_ALG_HKDF 1
619 #endif /* MBEDTLS_HKDF_C */
620 
621 #if defined(MBEDTLS_MD_C)
622 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
623 #define PSA_WANT_ALG_HMAC 1
624 #define PSA_WANT_KEY_TYPE_HMAC 1
625 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
626 #define PSA_WANT_ALG_TLS12_PRF 1
627 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
628 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
629 #endif /* MBEDTLS_MD_C */
630 
631 #if defined(MBEDTLS_MD2_C)
632 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
633 #define PSA_WANT_ALG_MD2 1
634 #endif
635 
636 #if defined(MBEDTLS_MD4_C)
637 #define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
638 #define PSA_WANT_ALG_MD4 1
639 #endif
640 
641 #if defined(MBEDTLS_MD5_C)
642 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
643 #define PSA_WANT_ALG_MD5 1
644 #endif
645 
646 #if defined(MBEDTLS_RIPEMD160_C)
647 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
648 #define PSA_WANT_ALG_RIPEMD160 1
649 #endif
650 
651 #if defined(MBEDTLS_RSA_C)
652 #if defined(MBEDTLS_PKCS1_V15)
653 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
654 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
655 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
656 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
657 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
658 #endif /* MBEDTLS_PKCS1_V15 */
659 #if defined(MBEDTLS_PKCS1_V21)
660 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
661 #define PSA_WANT_ALG_RSA_OAEP 1
662 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
663 #define PSA_WANT_ALG_RSA_PSS 1
664 #endif /* MBEDTLS_PKCS1_V21 */
665 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
666 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
667 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
668 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
669 #endif /* MBEDTLS_RSA_C */
670 
671 #if defined(MBEDTLS_SHA1_C)
672 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
673 #define PSA_WANT_ALG_SHA_1 1
674 #endif
675 
676 #if defined(MBEDTLS_SHA256_C)
677 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
678 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
679 #define PSA_WANT_ALG_SHA_224 1
680 #define PSA_WANT_ALG_SHA_256 1
681 #endif
682 
683 #if defined(MBEDTLS_SHA512_C)
684 #if !defined(MBEDTLS_SHA512_NO_SHA384)
685 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
686 #define PSA_WANT_ALG_SHA_384 1
687 #endif
688 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
689 #define PSA_WANT_ALG_SHA_512 1
690 #endif
691 
692 #if defined(MBEDTLS_AES_C)
693 #define PSA_WANT_KEY_TYPE_AES 1
694 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
695 #endif
696 
697 #if defined(MBEDTLS_ARC4_C)
698 #define PSA_WANT_KEY_TYPE_ARC4 1
699 #define PSA_WANT_ALG_STREAM_CIPHER 1
700 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
701 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
702 #endif
703 
704 #if defined(MBEDTLS_ARIA_C)
705 #define PSA_WANT_KEY_TYPE_ARIA 1
706 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
707 #endif
708 
709 #if defined(MBEDTLS_CAMELLIA_C)
710 #define PSA_WANT_KEY_TYPE_CAMELLIA 1
711 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
712 #endif
713 
714 #if defined(MBEDTLS_DES_C)
715 #define PSA_WANT_KEY_TYPE_DES 1
716 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
717 #endif
718 
719 #if defined(MBEDTLS_CHACHA20_C)
720 #define PSA_WANT_KEY_TYPE_CHACHA20 1
721 #define PSA_WANT_ALG_STREAM_CIPHER 1
722 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
723 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
724 #if defined(MBEDTLS_CHACHAPOLY_C)
725 #define PSA_WANT_ALG_CHACHA20_POLY1305 1
726 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
727 #endif
728 #endif
729 
730 #if defined(MBEDTLS_CIPHER_MODE_CBC)
731 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
732 #define PSA_WANT_ALG_CBC_NO_PADDING 1
733 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
734 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
735 #define PSA_WANT_ALG_CBC_PKCS7 1
736 #endif
737 #endif
738 
739 #if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \
740  defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)
741 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
742 #define PSA_WANT_ALG_ECB_NO_PADDING 1
743 #endif
744 
745 #if defined(MBEDTLS_CIPHER_MODE_CFB)
746 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
747 #define PSA_WANT_ALG_CFB 1
748 #endif
749 
750 #if defined(MBEDTLS_CIPHER_MODE_CTR)
751 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
752 #define PSA_WANT_ALG_CTR 1
753 #endif
754 
755 #if defined(MBEDTLS_CIPHER_MODE_OFB)
756 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
757 #define PSA_WANT_ALG_OFB 1
758 #endif
759 
760 #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
761 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
762 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
763 #endif
764 
765 #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
766 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
767 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
768 #endif
769 
770 #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
771 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
772 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
773 #endif
774 
775 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
776 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
777 #define PSA_WANT_ECC_MONTGOMERY_255 1
778 #endif
779 
780 /* Curve448 is not yet supported via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/4249) */
781 #if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
782 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
783 #define PSA_WANT_ECC_MONTGOMERY_448 1
784 #endif
785 
786 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
787 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
788 #define PSA_WANT_ECC_SECP_R1_192 1
789 #endif
790 
791 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
792 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
793 #define PSA_WANT_ECC_SECP_R1_224 1
794 #endif
795 
796 #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
797 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
798 #define PSA_WANT_ECC_SECP_R1_256 1
799 #endif
800 
801 #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
802 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
803 #define PSA_WANT_ECC_SECP_R1_384 1
804 #endif
805 
806 #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
807 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
808 #define PSA_WANT_ECC_SECP_R1_521 1
809 #endif
810 
811 #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
812 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
813 #define PSA_WANT_ECC_SECP_K1_192 1
814 #endif
815 
816 /* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
817 #if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
818 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
819 #define PSA_WANT_ECC_SECP_K1_224 1
820 #endif
821 
822 #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
823 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
824 #define PSA_WANT_ECC_SECP_K1_256 1
825 #endif
826 
827 #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
828 
829 /* These features are always enabled. */
830 #define PSA_WANT_KEY_TYPE_DERIVE 1
831 #define PSA_WANT_KEY_TYPE_RAW_DATA 1
832 
833 #ifdef __cplusplus
834 }
835 #endif
836 
837 #endif /* MBEDTLS_CONFIG_PSA_H */
PSA crypto configuration options (set of defines)