24#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
25#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
27#if !defined(MBEDTLS_CONFIG_FILES_READ)
28#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
29 "up to and including runtime errors such as buffer overflows. " \
30 "If you're trying to fix a complaint from check_config.h, just remove " \
31 "it from your configuration file: since Mbed TLS 3.0, it is included " \
32 "automatically at the right point."
40#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900)
41#if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \
42 !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
43#define MBEDTLS_PLATFORM_SNPRINTF_ALT
45#if !defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && \
46 !defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
47#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
54#if defined(MBEDTLS_PSA_CRYPTO_C)
55#define MBEDTLS_PSA_CRYPTO_CLIENT
60#if defined(MBEDTLS_PSA_CRYPTO_C) && \
61 (defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
62 defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
63 defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
64 defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
65 defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
66 defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
67 defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
68 defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG) || \
69 defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC))
70#define MBEDTLS_CIPHER_C
76#if defined(MBEDTLS_MD_C)
77#define MBEDTLS_MD_LIGHT
83#if defined(MBEDTLS_ECJPAKE_C) || \
84 defined(MBEDTLS_PEM_PARSE_C) || \
85 defined(MBEDTLS_ENTROPY_C) || \
86 defined(MBEDTLS_PK_C) || \
87 defined(MBEDTLS_PKCS12_C) || \
88 defined(MBEDTLS_RSA_C) || \
89 defined(MBEDTLS_SSL_TLS_C) || \
90 defined(MBEDTLS_X509_USE_C) || \
91 defined(MBEDTLS_X509_CREATE_C)
92#define MBEDTLS_MD_LIGHT
95#if defined(MBEDTLS_MD_LIGHT)
111#if defined(MBEDTLS_PSA_CRYPTO_C)
113#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
114#define MBEDTLS_MD_CAN_MD5
115#define MBEDTLS_MD_MD5_VIA_PSA
116#define MBEDTLS_MD_SOME_PSA
118#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
119#define MBEDTLS_MD_CAN_SHA1
120#define MBEDTLS_MD_SHA1_VIA_PSA
121#define MBEDTLS_MD_SOME_PSA
123#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
124#define MBEDTLS_MD_CAN_SHA224
125#define MBEDTLS_MD_SHA224_VIA_PSA
126#define MBEDTLS_MD_SOME_PSA
128#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
129#define MBEDTLS_MD_CAN_SHA256
130#define MBEDTLS_MD_SHA256_VIA_PSA
131#define MBEDTLS_MD_SOME_PSA
133#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
134#define MBEDTLS_MD_CAN_SHA384
135#define MBEDTLS_MD_SHA384_VIA_PSA
136#define MBEDTLS_MD_SOME_PSA
138#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
139#define MBEDTLS_MD_CAN_SHA512
140#define MBEDTLS_MD_SHA512_VIA_PSA
141#define MBEDTLS_MD_SOME_PSA
143#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
144#define MBEDTLS_MD_CAN_RIPEMD160
145#define MBEDTLS_MD_RIPEMD160_VIA_PSA
146#define MBEDTLS_MD_SOME_PSA
148#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
149#define MBEDTLS_MD_CAN_SHA3_224
150#define MBEDTLS_MD_SHA3_224_VIA_PSA
151#define MBEDTLS_MD_SOME_PSA
153#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
154#define MBEDTLS_MD_CAN_SHA3_256
155#define MBEDTLS_MD_SHA3_256_VIA_PSA
156#define MBEDTLS_MD_SOME_PSA
158#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
159#define MBEDTLS_MD_CAN_SHA3_384
160#define MBEDTLS_MD_SHA3_384_VIA_PSA
161#define MBEDTLS_MD_SOME_PSA
163#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
164#define MBEDTLS_MD_CAN_SHA3_512
165#define MBEDTLS_MD_SHA3_512_VIA_PSA
166#define MBEDTLS_MD_SOME_PSA
169#elif defined(MBEDTLS_PSA_CRYPTO_CLIENT)
171#if defined(PSA_WANT_ALG_MD5)
172#define MBEDTLS_MD_CAN_MD5
173#define MBEDTLS_MD_MD5_VIA_PSA
174#define MBEDTLS_MD_SOME_PSA
176#if defined(PSA_WANT_ALG_SHA_1)
177#define MBEDTLS_MD_CAN_SHA1
178#define MBEDTLS_MD_SHA1_VIA_PSA
179#define MBEDTLS_MD_SOME_PSA
181#if defined(PSA_WANT_ALG_SHA_224)
182#define MBEDTLS_MD_CAN_SHA224
183#define MBEDTLS_MD_SHA224_VIA_PSA
184#define MBEDTLS_MD_SOME_PSA
186#if defined(PSA_WANT_ALG_SHA_256)
187#define MBEDTLS_MD_CAN_SHA256
188#define MBEDTLS_MD_SHA256_VIA_PSA
189#define MBEDTLS_MD_SOME_PSA
191#if defined(PSA_WANT_ALG_SHA_384)
192#define MBEDTLS_MD_CAN_SHA384
193#define MBEDTLS_MD_SHA384_VIA_PSA
194#define MBEDTLS_MD_SOME_PSA
196#if defined(PSA_WANT_ALG_SHA_512)
197#define MBEDTLS_MD_CAN_SHA512
198#define MBEDTLS_MD_SHA512_VIA_PSA
199#define MBEDTLS_MD_SOME_PSA
201#if defined(PSA_WANT_ALG_RIPEMD160)
202#define MBEDTLS_MD_CAN_RIPEMD160
203#define MBEDTLS_MD_RIPEMD160_VIA_PSA
204#define MBEDTLS_MD_SOME_PSA
206#if defined(PSA_WANT_ALG_SHA3_224)
207#define MBEDTLS_MD_CAN_SHA3_224
208#define MBEDTLS_MD_SHA3_224_VIA_PSA
209#define MBEDTLS_MD_SOME_PSA
211#if defined(PSA_WANT_ALG_SHA3_256)
212#define MBEDTLS_MD_CAN_SHA3_256
213#define MBEDTLS_MD_SHA3_256_VIA_PSA
214#define MBEDTLS_MD_SOME_PSA
216#if defined(PSA_WANT_ALG_SHA3_384)
217#define MBEDTLS_MD_CAN_SHA3_384
218#define MBEDTLS_MD_SHA3_384_VIA_PSA
219#define MBEDTLS_MD_SOME_PSA
221#if defined(PSA_WANT_ALG_SHA3_512)
222#define MBEDTLS_MD_CAN_SHA3_512
223#define MBEDTLS_MD_SHA3_512_VIA_PSA
224#define MBEDTLS_MD_SOME_PSA
230#if defined(MBEDTLS_MD5_C)
231#define MBEDTLS_MD_CAN_MD5
232#define MBEDTLS_MD_SOME_LEGACY
234#if defined(MBEDTLS_SHA1_C)
235#define MBEDTLS_MD_CAN_SHA1
236#define MBEDTLS_MD_SOME_LEGACY
238#if defined(MBEDTLS_SHA224_C)
239#define MBEDTLS_MD_CAN_SHA224
240#define MBEDTLS_MD_SOME_LEGACY
242#if defined(MBEDTLS_SHA256_C)
243#define MBEDTLS_MD_CAN_SHA256
244#define MBEDTLS_MD_SOME_LEGACY
246#if defined(MBEDTLS_SHA384_C)
247#define MBEDTLS_MD_CAN_SHA384
248#define MBEDTLS_MD_SOME_LEGACY
250#if defined(MBEDTLS_SHA512_C)
251#define MBEDTLS_MD_CAN_SHA512
252#define MBEDTLS_MD_SOME_LEGACY
254#if defined(MBEDTLS_SHA3_C)
255#define MBEDTLS_MD_CAN_SHA3_224
256#define MBEDTLS_MD_CAN_SHA3_256
257#define MBEDTLS_MD_CAN_SHA3_384
258#define MBEDTLS_MD_CAN_SHA3_512
259#define MBEDTLS_MD_SOME_LEGACY
261#if defined(MBEDTLS_RIPEMD160_C)
262#define MBEDTLS_MD_CAN_RIPEMD160
263#define MBEDTLS_MD_SOME_LEGACY
283#if defined(MBEDTLS_PSA_CRYPTO_C)
284#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
285#define MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA
286#define MBEDTLS_BLOCK_CIPHER_SOME_PSA
288#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
289#define MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA
290#define MBEDTLS_BLOCK_CIPHER_SOME_PSA
292#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
293#define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA
294#define MBEDTLS_BLOCK_CIPHER_SOME_PSA
298#if defined(MBEDTLS_AES_C)
299#define MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY
301#if defined(MBEDTLS_ARIA_C)
302#define MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY
304#if defined(MBEDTLS_CAMELLIA_C)
305#define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY
310#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA) || \
311 defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY)
312#define MBEDTLS_BLOCK_CIPHER_CAN_AES
314#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA) || \
315 defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY)
316#define MBEDTLS_BLOCK_CIPHER_CAN_ARIA
318#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA) || \
319 defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY)
320#define MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA
329#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \
330 (!defined(MBEDTLS_CIPHER_C) || defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA))
331#define MBEDTLS_BLOCK_CIPHER_C
335#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_AES_C)) || \
336 (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_AES))
337#define MBEDTLS_CCM_GCM_CAN_AES
340#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_ARIA_C)) || \
341 (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA))
342#define MBEDTLS_CCM_GCM_CAN_ARIA
345#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_CAMELLIA_C)) || \
346 (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA))
347#define MBEDTLS_CCM_GCM_CAN_CAMELLIA
366#if defined(MBEDTLS_ECP_C) || \
367 defined(MBEDTLS_PK_PARSE_EC_EXTENDED) || \
368 defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) || \
369 defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
370#define MBEDTLS_ECP_LIGHT
376#if defined(MBEDTLS_RSA_C)
377#define MBEDTLS_ASN1_PARSE_C
378#define MBEDTLS_ASN1_WRITE_C
386#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_ECP_C)
387#define MBEDTLS_PK_PARSE_EC_COMPRESSED
392#if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_ECDH)) || \
393 (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C))
394#define MBEDTLS_CAN_ECDH
401#if !defined(MBEDTLS_USE_PSA_CRYPTO)
402#if defined(MBEDTLS_ECDSA_C)
403#define MBEDTLS_PK_CAN_ECDSA_SIGN
404#define MBEDTLS_PK_CAN_ECDSA_VERIFY
407#if defined(PSA_WANT_ALG_ECDSA)
408#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
409#define MBEDTLS_PK_CAN_ECDSA_SIGN
411#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
412#define MBEDTLS_PK_CAN_ECDSA_VERIFY
417#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
418#define MBEDTLS_PK_CAN_ECDSA_SOME
422#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521)
423#define MBEDTLS_ECP_HAVE_SECP521R1
425#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
426#define MBEDTLS_ECP_HAVE_BP512R1
428#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448)
429#define MBEDTLS_ECP_HAVE_CURVE448
431#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
432#define MBEDTLS_ECP_HAVE_BP384R1
434#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384)
435#define MBEDTLS_ECP_HAVE_SECP384R1
437#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
438#define MBEDTLS_ECP_HAVE_BP256R1
440#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256)
441#define MBEDTLS_ECP_HAVE_SECP256K1
443#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256)
444#define MBEDTLS_ECP_HAVE_SECP256R1
446#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255)
447#define MBEDTLS_ECP_HAVE_CURVE25519
449#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224)
450#define MBEDTLS_ECP_HAVE_SECP224K1
452#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224)
453#define MBEDTLS_ECP_HAVE_SECP224R1
455#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192)
456#define MBEDTLS_ECP_HAVE_SECP192K1
458#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192)
459#define MBEDTLS_ECP_HAVE_SECP192R1
465#if defined(MBEDTLS_ECP_C) || \
466 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
467#define MBEDTLS_PK_HAVE_ECC_KEYS
474#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
475#define MBEDTLS_CIPHER_PADDING_PKCS7
480#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \
481 !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT)
482#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
484#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
485#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
490#if (defined(MBEDTLS_PSA_CRYPTO_CLIENT) && \
491 (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)))
492#define MBEDTLS_PSA_UTIL_HAVE_ECDSA
496#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \
497 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES))
498#define MBEDTLS_SSL_HAVE_AES
500#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ARIA_C)) || \
501 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ARIA))
502#define MBEDTLS_SSL_HAVE_ARIA
504#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CAMELLIA_C)) || \
505 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_CAMELLIA))
506#define MBEDTLS_SSL_HAVE_CAMELLIA
510#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \
511 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING))
512#define MBEDTLS_SSL_HAVE_CBC
515#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_GCM_C)) || \
516 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
517#define MBEDTLS_SSL_HAVE_GCM
520#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CCM_C)) || \
521 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM))
522#define MBEDTLS_SSL_HAVE_CCM
525#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CHACHAPOLY_C)) || \
526 (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305))
527#define MBEDTLS_SSL_HAVE_CHACHAPOLY
530#if defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_CCM) || \
531 defined(MBEDTLS_SSL_HAVE_CHACHAPOLY)
532#define MBEDTLS_SSL_HAVE_AEAD