Mbed TLS v3.6.1
config_adjust_legacy_from_psa.h
Go to the documentation of this file.
1 
13 /*
14  * Copyright The Mbed TLS Contributors
15  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
16  */
17 
18 #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
19 #define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
20 
21 #if !defined(MBEDTLS_CONFIG_FILES_READ)
22 #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
23  "up to and including runtime errors such as buffer overflows. " \
24  "If you're trying to fix a complaint from check_config.h, just remove " \
25  "it from your configuration file: since Mbed TLS 3.0, it is included " \
26  "automatically at the right point."
27 #endif /* */
28 
29 /* Define appropriate ACCEL macros for the p256-m driver.
30  * In the future, those should be generated from the drivers JSON description.
31  */
32 #if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)
33 #define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256
34 #define MBEDTLS_PSA_ACCEL_ALG_ECDSA
35 #define MBEDTLS_PSA_ACCEL_ALG_ECDH
36 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY
37 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC
38 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT
39 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT
40 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE
41 #endif
42 
43 /*
44  * ECC: support for a feature is controlled by a triplet or a pair:
45  * (curve, key_type public/basic, alg) or (curve, key_type_<action>).
46  *
47  * A triplet/pair is accelerated if all of is components are accelerated;
48  * otherwise each component needs to be built in.
49  *
50  * We proceed in two passes:
51  * 1. Check if acceleration is complete for curves, key types, algs.
52  * 2. Then enable built-ins for each thing that's either not accelerated of
53  * doesn't have complete acceleration of the other triplet/pair components.
54  *
55  * Note: this needs psa/crypto_adjust_keypair_types.h to have been included
56  * already, so that we know the full set of key types that are requested.
57  */
58 
59 /* ECC: curves: is acceleration complete? */
60 #if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \
61  !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \
62  (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \
63  !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \
64  (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \
65  !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \
66  (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \
67  (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \
68  (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \
69  (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \
70  (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \
71  (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \
72  (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \
73  (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256))
74 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
75 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES
76 #endif
77 
78 #if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \
79  (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448))
80 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES
81 #endif
82 
83 /* ECC: algs: is acceleration complete? */
84 #if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \
85  (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \
86  (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
87  !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \
88  (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE))
89 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS
90 #endif
91 
92 /* ECC: key types: is acceleration complete? */
93 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
94  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
95  (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
96  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC))
97 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC
98 #endif
99 
100 /* Special case: we don't support cooked key derivation in drivers yet */
101 #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
102 #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE
103 #endif
104 
105 /* Note: the condition about key derivation is always true as DERIVE can't be
106  * accelerated yet */
107 #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
108  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \
109  (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \
110  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \
111  (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \
112  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \
113  (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \
114  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \
115  (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \
116  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \
117  (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \
118  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE))
119 #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES
120 #endif
121 
122 /* ECC: curves: enable built-ins as needed.
123  *
124  * We need the curve built-in:
125  * - if it's not accelerated, or
126  * - if there's a key type with missing acceleration, or
127  * - if there's a alg with missing acceleration.
128  */
129 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
130 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \
131  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
132  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
133 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
134 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
135 #endif /* missing accel */
136 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */
137 
138 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
139 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \
140  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
141  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
142 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
143 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
144 #endif /* missing accel */
145 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */
146 
147 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
148 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
149  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
150  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
151 #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
152 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
153 #endif /* missing accel */
154 #endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */
155 
156 #if defined(PSA_WANT_ECC_MONTGOMERY_255)
157 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
158  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
159  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
160 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
161 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
162 #endif /* missing accel */
163 #endif /* PSA_WANT_ECC_MONTGOMERY_255 */
164 
165 #if defined(PSA_WANT_ECC_MONTGOMERY_448)
166 #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
167  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
168  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
169 #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
170 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
171 #endif /* missing accel */
172 #endif /* PSA_WANT_ECC_MONTGOMERY_448 */
173 
174 #if defined(PSA_WANT_ECC_SECP_R1_192)
175 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
176  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
177  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
178 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
179 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
180 #endif /* missing accel */
181 #endif /* PSA_WANT_ECC_SECP_R1_192 */
182 
183 #if defined(PSA_WANT_ECC_SECP_R1_224)
184 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \
185  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
186  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
187 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
188 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
189 #endif /* missing accel */
190 #endif /* PSA_WANT_ECC_SECP_R1_224 */
191 
192 #if defined(PSA_WANT_ECC_SECP_R1_256)
193 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
194  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
195  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
196 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
197 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
198 #endif /* missing accel */
199 #endif /* PSA_WANT_ECC_SECP_R1_256 */
200 
201 #if defined(PSA_WANT_ECC_SECP_R1_384)
202 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
203  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
204  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
205 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
206 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
207 #endif /* missing accel */
208 #endif /* PSA_WANT_ECC_SECP_R1_384 */
209 
210 #if defined(PSA_WANT_ECC_SECP_R1_521)
211 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \
212  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
213  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
214 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
215 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
216 #endif /* missing accel */
217 #endif /* PSA_WANT_ECC_SECP_R1_521 */
218 
219 #if defined(PSA_WANT_ECC_SECP_K1_192)
220 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
221  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
222  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
223 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
224 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
225 #endif /* missing accel */
226 #endif /* PSA_WANT_ECC_SECP_K1_192 */
227 
228 #if defined(PSA_WANT_ECC_SECP_K1_224)
229 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \
230  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
231  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
232 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
233 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
234 /* https://github.com/Mbed-TLS/mbedtls/issues/3541 */
235 #error "SECP224K1 is buggy via the PSA API in Mbed TLS."
236 #endif /* missing accel */
237 #endif /* PSA_WANT_ECC_SECP_K1_224 */
238 
239 #if defined(PSA_WANT_ECC_SECP_K1_256)
240 #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
241  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \
242  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
243 #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
244 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
245 #endif /* missing accel */
246 #endif /* PSA_WANT_ECC_SECP_K1_256 */
247 
248 /* ECC: algs: enable built-ins as needed.
249  *
250  * We need the alg built-in:
251  * - if it's not accelerated, or
252  * - if there's a relevant curve (see below) with missing acceleration, or
253  * - if there's a key type among (public, basic) with missing acceleration.
254  *
255  * Relevant curves are:
256  * - all curves for ECDH
257  * - Weierstrass curves for (deterministic) ECDSA
258  * - secp256r1 for EC J-PAKE
259  */
260 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
261 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \
262  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
263  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
264 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
265 #define MBEDTLS_ECDSA_DETERMINISTIC
266 #define MBEDTLS_HMAC_DRBG_C
267 #define MBEDTLS_MD_C
268 #define MBEDTLS_ECDSA_C
269 #define MBEDTLS_ECP_C
270 #define MBEDTLS_BIGNUM_C
271 #define MBEDTLS_ASN1_PARSE_C
272 #define MBEDTLS_ASN1_WRITE_C
273 #endif /* missing accel */
274 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
275 
276 #if defined(PSA_WANT_ALG_ECDH)
277 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \
278  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
279  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
280 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
281 #define MBEDTLS_ECDH_C
282 #define MBEDTLS_ECP_C
283 #define MBEDTLS_BIGNUM_C
284 #endif /* missing accel */
285 #endif /* PSA_WANT_ALG_ECDH */
286 
287 #if defined(PSA_WANT_ALG_ECDSA)
288 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
289  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \
290  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
291 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
292 #define MBEDTLS_ECDSA_C
293 #define MBEDTLS_ECP_C
294 #define MBEDTLS_BIGNUM_C
295 #define MBEDTLS_ASN1_PARSE_C
296 #define MBEDTLS_ASN1_WRITE_C
297 #endif /* missing accel */
298 #endif /* PSA_WANT_ALG_ECDSA */
299 
300 #if defined(PSA_WANT_ALG_JPAKE)
301 #if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \
302  !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
303  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC)
304 #define MBEDTLS_PSA_BUILTIN_PAKE 1
305 #define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1
306 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
307 #define MBEDTLS_BIGNUM_C
308 #define MBEDTLS_ECP_C
309 #define MBEDTLS_ECJPAKE_C
310 #endif /* missing accel */
311 #endif /* PSA_WANT_ALG_JPAKE */
312 
313 /* ECC: key types: enable built-ins as needed.
314  *
315  * We need the key type built-in:
316  * - if it's not accelerated, or
317  * - if there's a curve with missing acceleration, or
318  * - only for public/basic: if there's an alg with missing acceleration.
319  */
320 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
321 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
322  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
323  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
324 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
325 #endif /* missing accel */
326 #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */
327 
328 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
329 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
330  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \
331  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS)
332 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
333 #endif /* missing accel */
334 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */
335 
336 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
337 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
338  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
339 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
340 #endif /* missing accel */
341 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */
342 
343 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
344 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
345  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
346 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
347 #endif /* missing accel */
348 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */
349 
350 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
351 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \
352  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
353 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
354 #endif /* missing accel */
355 #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */
356 
357 /* Note: the condition is always true as DERIVE can't be accelerated yet */
358 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
359 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \
360  defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
361 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
362 #endif /* missing accel */
363 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */
364 
365 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
366  defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
367  defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
368  defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
369 #define MBEDTLS_ECP_LIGHT
370 #define MBEDTLS_BIGNUM_C
371 #endif
372 
373 #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \
374  defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
375 #define MBEDTLS_ECP_C
376 #define MBEDTLS_BIGNUM_C
377 #endif
378 
379 /* End of ECC section */
380 
381 /*
382  * DH key types follow the same pattern used above for EC keys. They are defined
383  * by a triplet (group, key_type, alg). A triplet is accelerated if all its
384  * component are accelerated, otherwise each component needs to be builtin.
385  */
386 
387 /* DH: groups: is acceleration complete? */
388 #if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \
389  (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \
390  (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \
391  (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \
392  (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192))
393 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS
394 #endif
395 
396 /* DH: algs: is acceleration complete? */
397 #if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH)
398 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS
399 #endif
400 
401 /* DH: key types: is acceleration complete? */
402 #if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \
403  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \
404  (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \
405  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \
406  (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \
407  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \
408  (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \
409  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \
410  (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \
411  !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE))
412 #define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES
413 #endif
414 
415 #if defined(PSA_WANT_DH_RFC7919_2048)
416 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \
417  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
418  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
419 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1
420 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */
421 #endif /* PSA_WANT_DH_RFC7919_2048 */
422 
423 #if defined(PSA_WANT_DH_RFC7919_3072)
424 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \
425  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
426  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
427 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1
428 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */
429 #endif /* PSA_WANT_DH_RFC7919_3072 */
430 
431 #if defined(PSA_WANT_DH_RFC7919_4096)
432 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \
433  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
434  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
435 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1
436 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */
437 #endif /* PSA_WANT_DH_RFC7919_4096 */
438 
439 #if defined(PSA_WANT_DH_RFC7919_6144)
440 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \
441  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
442  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
443 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1
444 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */
445 #endif /* PSA_WANT_DH_RFC7919_6144 */
446 
447 #if defined(PSA_WANT_DH_RFC7919_8192)
448 #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \
449  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \
450  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
451 #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1
452 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */
453 #endif /* PSA_WANT_DH_RFC7919_8192 */
454 
455 #if defined(PSA_WANT_ALG_FFDH)
456 #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \
457  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
458  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES)
459 #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1
460 #define MBEDTLS_BIGNUM_C
461 #endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */
462 #endif /* PSA_WANT_ALG_FFDH */
463 
464 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
465 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \
466  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
467  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
468 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
469 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */
470 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */
471 
472 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
473 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \
474  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
475  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
476 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
477 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */
478 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */
479 
480 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
481 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)
482 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
483 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */
484 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */
485 
486 #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
487 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \
488  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
489  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
490 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1
491 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */
492 #endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */
493 
494 #if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
495 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \
496  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \
497  defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS)
498 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1
499 #define MBEDTLS_BIGNUM_C
500 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */
501 #endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */
502 
503 /* End of DH section */
504 
505 #if defined(PSA_WANT_ALG_HKDF)
506 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
507 /*
508  * The PSA implementation has its own implementation of HKDF, separate from
509  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
510  */
511 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
512 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
513 #endif /* PSA_WANT_ALG_HKDF */
514 
515 #if defined(PSA_WANT_ALG_HKDF_EXTRACT)
516 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)
517 /*
518  * The PSA implementation has its own implementation of HKDF, separate from
519  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
520  */
521 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
522 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
523 #endif /* PSA_WANT_ALG_HKDF_EXTRACT */
524 
525 #if defined(PSA_WANT_ALG_HKDF_EXPAND)
526 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)
527 /*
528  * The PSA implementation has its own implementation of HKDF, separate from
529  * hkdf.c. No need to enable MBEDTLS_HKDF_C here.
530  */
531 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
532 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
533 #endif /* PSA_WANT_ALG_HKDF_EXPAND */
534 
535 #if defined(PSA_WANT_ALG_HMAC)
536 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
537 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
538 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
539 #endif /* PSA_WANT_ALG_HMAC */
540 
541 #if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
542 #define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
543 #define MBEDTLS_MD5_C
544 #endif
545 
546 #if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
547 #define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1
548 #define MBEDTLS_RIPEMD160_C
549 #endif
550 
551 #if defined(PSA_WANT_ALG_RSA_OAEP)
552 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
553 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
554 #define MBEDTLS_RSA_C
555 #define MBEDTLS_BIGNUM_C
556 #define MBEDTLS_OID_C
557 #define MBEDTLS_PKCS1_V21
558 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
559 #endif /* PSA_WANT_ALG_RSA_OAEP */
560 
561 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
562 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
563 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
564 #define MBEDTLS_RSA_C
565 #define MBEDTLS_BIGNUM_C
566 #define MBEDTLS_OID_C
567 #define MBEDTLS_PKCS1_V15
568 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
569 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
570 
571 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
572 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
573 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
574 #define MBEDTLS_RSA_C
575 #define MBEDTLS_BIGNUM_C
576 #define MBEDTLS_OID_C
577 #define MBEDTLS_PKCS1_V15
578 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
579 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
580 
581 #if defined(PSA_WANT_ALG_RSA_PSS)
582 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
583 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
584 #define MBEDTLS_RSA_C
585 #define MBEDTLS_BIGNUM_C
586 #define MBEDTLS_OID_C
587 #define MBEDTLS_PKCS1_V21
588 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
589 #endif /* PSA_WANT_ALG_RSA_PSS */
590 
591 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
592 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
593 #define MBEDTLS_SHA1_C
594 #endif
595 
596 #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
597 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1
598 #define MBEDTLS_SHA224_C
599 #endif
600 
601 #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
602 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
603 #define MBEDTLS_SHA256_C
604 #endif
605 
606 #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
607 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1
608 #define MBEDTLS_SHA384_C
609 #endif
610 
611 #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
612 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1
613 #define MBEDTLS_SHA512_C
614 #endif
615 
616 #if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
617 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
618 #define MBEDTLS_SHA3_C
619 #endif
620 
621 #if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
622 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
623 #define MBEDTLS_SHA3_C
624 #endif
625 
626 #if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
627 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
628 #define MBEDTLS_SHA3_C
629 #endif
630 
631 #if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
632 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
633 #define MBEDTLS_SHA3_C
634 #endif
635 
636 #if defined(PSA_WANT_ALG_PBKDF2_HMAC)
637 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
638 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
639 #define PSA_HAVE_SOFT_PBKDF2_HMAC 1
640 #endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
641 #endif /* PSA_WANT_ALG_PBKDF2_HMAC */
642 
643 #if defined(PSA_WANT_ALG_TLS12_PRF)
644 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
645 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
646 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
647 #endif /* PSA_WANT_ALG_TLS12_PRF */
648 
649 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
650 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
651 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
652 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
653 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
654 
655 #if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
656 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS)
657 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1
658 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */
659 #endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */
660 
661 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
662 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
663 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
664 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
665 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */
666 
667 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
668 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
669 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
670 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
671 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */
672 
673 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
674 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
675 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
676 #define MBEDTLS_GENPRIME
677 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
678 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */
679 
680 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
681 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC)
682 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
683 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */
684 #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */
685 
686 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
687 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
688 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
689 #define MBEDTLS_RSA_C
690 #define MBEDTLS_BIGNUM_C
691 #define MBEDTLS_OID_C
692 #define MBEDTLS_ASN1_PARSE_C
693 #define MBEDTLS_ASN1_WRITE_C
694 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
695 #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
696 
697 /* If any of the block modes are requested that don't have an
698  * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking
699  * in the block cipher key types. */
700 #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
701  (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
702  (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
703  (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \
704  (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
705  (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
706  (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
707 #define PSA_HAVE_SOFT_BLOCK_MODE 1
708 #endif
709 
710 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
711 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
712 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
713 #define PSA_HAVE_SOFT_PBKDF2_CMAC 1
714 #endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
715 #endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
716 
717 #if defined(PSA_WANT_KEY_TYPE_AES)
718 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
719 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1
720 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
721 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
722  defined(PSA_HAVE_SOFT_BLOCK_MODE)
723 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
724 #define MBEDTLS_AES_C
725 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
726 #endif /* PSA_WANT_KEY_TYPE_AES */
727 
728 #if defined(PSA_WANT_KEY_TYPE_ARIA)
729 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
730 #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1
731 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */
732 #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
733  defined(PSA_HAVE_SOFT_BLOCK_MODE)
734 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1
735 #define MBEDTLS_ARIA_C
736 #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */
737 #endif /* PSA_WANT_KEY_TYPE_ARIA */
738 
739 #if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
740 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
741 #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
742 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
743 #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
744  defined(PSA_HAVE_SOFT_BLOCK_MODE)
745 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
746 #define MBEDTLS_CAMELLIA_C
747 #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
748 #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
749 
750 #if defined(PSA_WANT_KEY_TYPE_DES)
751 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES)
752 #define PSA_HAVE_SOFT_KEY_TYPE_DES 1
753 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */
754 #if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
755  defined(PSA_HAVE_SOFT_BLOCK_MODE)
756 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1
757 #define MBEDTLS_DES_C
758 #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */
759 #endif /* PSA_WANT_KEY_TYPE_DES */
760 
761 #if defined(PSA_WANT_ALG_STREAM_CIPHER)
762 #if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER)
763 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
764 #endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */
765 #endif /* PSA_WANT_ALG_STREAM_CIPHER */
766 
767 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
768 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \
769  defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER)
770 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1
771 #define MBEDTLS_CHACHA20_C
772 #endif
773 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
774 
775 /* If any of the software block ciphers are selected, define
776  * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these
777  * situations. */
778 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
779  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
780  defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \
781  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
782 #define PSA_HAVE_SOFT_BLOCK_CIPHER 1
783 #endif
784 
785 #if defined(PSA_WANT_ALG_CBC_MAC)
786 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
787 #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
788 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
789 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
790 #endif /* PSA_WANT_ALG_CBC_MAC */
791 
792 #if defined(PSA_WANT_ALG_CMAC)
793 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
794  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
795 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
796 #define MBEDTLS_CMAC_C
797 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
798 #endif /* PSA_WANT_ALG_CMAC */
799 
800 #if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
801  defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
802 #define PSA_HAVE_SOFT_PBKDF2 1
803 #endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
804 
805 #if defined(PSA_WANT_ALG_CTR)
806 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
807  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
808 #define MBEDTLS_PSA_BUILTIN_ALG_CTR 1
809 #define MBEDTLS_CIPHER_MODE_CTR
810 #endif
811 #endif /* PSA_WANT_ALG_CTR */
812 
813 #if defined(PSA_WANT_ALG_CFB)
814 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \
815  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
816 #define MBEDTLS_PSA_BUILTIN_ALG_CFB 1
817 #define MBEDTLS_CIPHER_MODE_CFB
818 #endif
819 #endif /* PSA_WANT_ALG_CFB */
820 
821 #if defined(PSA_WANT_ALG_OFB)
822 #if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \
823  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
824 #define MBEDTLS_PSA_BUILTIN_ALG_OFB 1
825 #define MBEDTLS_CIPHER_MODE_OFB
826 #endif
827 #endif /* PSA_WANT_ALG_OFB */
828 
829 #if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
830  !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
831 #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
832 #endif
833 
834 #if defined(PSA_WANT_ALG_CBC_NO_PADDING)
835 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \
836  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
837 #define MBEDTLS_CIPHER_MODE_CBC
838 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1
839 #endif
840 #endif /* PSA_WANT_ALG_CBC_NO_PADDING */
841 
842 #if defined(PSA_WANT_ALG_CBC_PKCS7)
843 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \
844  defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
845 #define MBEDTLS_CIPHER_MODE_CBC
846 #define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1
847 #define MBEDTLS_CIPHER_PADDING_PKCS7
848 #endif
849 #endif /* PSA_WANT_ALG_CBC_PKCS7 */
850 
851 #if defined(PSA_WANT_ALG_CCM)
852 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
853  defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
854  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
855  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
856 #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
857 #define MBEDTLS_CCM_C
858 #endif
859 #endif /* PSA_WANT_ALG_CCM */
860 
861 #if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)
862 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \
863  defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
864  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
865  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
866 #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1
867 #define MBEDTLS_CCM_C
868 #endif
869 #endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */
870 
871 #if defined(PSA_WANT_ALG_GCM)
872 #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
873  defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
874  defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \
875  defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
876 #define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
877 #define MBEDTLS_GCM_C
878 #endif
879 #endif /* PSA_WANT_ALG_GCM */
880 
881 #if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
882 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
883 #if defined(PSA_WANT_KEY_TYPE_CHACHA20)
884 #define MBEDTLS_CHACHAPOLY_C
885 #define MBEDTLS_CHACHA20_C
886 #define MBEDTLS_POLY1305_C
887 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
888 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
889 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
890 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
891 
892 #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */