|  | /** | 
|  | * \file psa/crypto_config.h | 
|  | * \brief PSA crypto configuration options (set of defines) | 
|  | * | 
|  | */ | 
|  | #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) | 
|  | /** | 
|  | * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h, | 
|  | * this file determines which cryptographic mechanisms are enabled | 
|  | * through the PSA Cryptography API (\c psa_xxx() functions). | 
|  | * | 
|  | * To enable a cryptographic mechanism, uncomment the definition of | 
|  | * the corresponding \c PSA_WANT_xxx preprocessor symbol. | 
|  | * To disable a cryptographic mechanism, comment out the definition of | 
|  | * the corresponding \c PSA_WANT_xxx preprocessor symbol. | 
|  | * The names of cryptographic mechanisms correspond to values | 
|  | * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead | 
|  | * of \c PSA_. | 
|  | * | 
|  | * Note that many cryptographic mechanisms involve two symbols: one for | 
|  | * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm | 
|  | * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve | 
|  | * additional symbols. | 
|  | */ | 
|  | #else | 
|  | /** | 
|  | * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in mbedtls_config.h, | 
|  | * this file is not used, and cryptographic mechanisms are supported | 
|  | * through the PSA API if and only if they are supported through the | 
|  | * mbedtls_xxx API. | 
|  | */ | 
|  | #endif | 
|  | /* | 
|  | *  Copyright The Mbed TLS Contributors | 
|  | *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later | 
|  | */ | 
|  |  | 
|  | #ifndef PSA_CRYPTO_CONFIG_H | 
|  | #define PSA_CRYPTO_CONFIG_H | 
|  |  | 
|  | /* | 
|  | * CBC-MAC is not yet supported via the PSA API in Mbed TLS. | 
|  | */ | 
|  | //#define PSA_WANT_ALG_CBC_MAC                    1 | 
|  | #define PSA_WANT_ALG_CBC_NO_PADDING             1 | 
|  | #define PSA_WANT_ALG_CBC_PKCS7                  1 | 
|  | #define PSA_WANT_ALG_CCM                        1 | 
|  | #define PSA_WANT_ALG_CCM_STAR_NO_TAG            1 | 
|  | #define PSA_WANT_ALG_CMAC                       1 | 
|  | #define PSA_WANT_ALG_CFB                        1 | 
|  | #define PSA_WANT_ALG_CHACHA20_POLY1305          1 | 
|  | #define PSA_WANT_ALG_CTR                        1 | 
|  | #define PSA_WANT_ALG_DETERMINISTIC_ECDSA        1 | 
|  | #define PSA_WANT_ALG_ECB_NO_PADDING             1 | 
|  | #define PSA_WANT_ALG_ECDH                       1 | 
|  | #define PSA_WANT_ALG_FFDH                       1 | 
|  | #define PSA_WANT_ALG_ECDSA                      1 | 
|  | #define PSA_WANT_ALG_JPAKE                      1 | 
|  | #define PSA_WANT_ALG_GCM                        1 | 
|  | #define PSA_WANT_ALG_HKDF                       1 | 
|  | #define PSA_WANT_ALG_HKDF_EXTRACT               1 | 
|  | #define PSA_WANT_ALG_HKDF_EXPAND                1 | 
|  | #define PSA_WANT_ALG_HMAC                       1 | 
|  | #define PSA_WANT_ALG_MD5                        1 | 
|  | #define PSA_WANT_ALG_OFB                        1 | 
|  | #define PSA_WANT_ALG_PBKDF2_HMAC                1 | 
|  | #define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128    1 | 
|  | #define PSA_WANT_ALG_RIPEMD160                  1 | 
|  | #define PSA_WANT_ALG_RSA_OAEP                   1 | 
|  | #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1 | 
|  | #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN          1 | 
|  | #define PSA_WANT_ALG_RSA_PSS                    1 | 
|  | #define PSA_WANT_ALG_SHA_1                      1 | 
|  | #define PSA_WANT_ALG_SHA_224                    1 | 
|  | #define PSA_WANT_ALG_SHA_256                    1 | 
|  | #define PSA_WANT_ALG_SHA_384                    1 | 
|  | #define PSA_WANT_ALG_SHA_512                    1 | 
|  | #define PSA_WANT_ALG_SHA3_224                   1 | 
|  | #define PSA_WANT_ALG_SHA3_256                   1 | 
|  | #define PSA_WANT_ALG_SHA3_384                   1 | 
|  | #define PSA_WANT_ALG_SHA3_512                   1 | 
|  | #define PSA_WANT_ALG_STREAM_CIPHER              1 | 
|  | #define PSA_WANT_ALG_TLS12_PRF                  1 | 
|  | #define PSA_WANT_ALG_TLS12_PSK_TO_MS            1 | 
|  | #define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS       1 | 
|  |  | 
|  | /* XTS is not yet supported via the PSA API in Mbed TLS. | 
|  | * Note: when adding support, also adjust include/mbedtls/config_psa.h */ | 
|  | //#define PSA_WANT_ALG_XTS                        1 | 
|  |  | 
|  | #define PSA_WANT_ECC_BRAINPOOL_P_R1_256         1 | 
|  | #define PSA_WANT_ECC_BRAINPOOL_P_R1_384         1 | 
|  | #define PSA_WANT_ECC_BRAINPOOL_P_R1_512         1 | 
|  | #define PSA_WANT_ECC_MONTGOMERY_255             1 | 
|  | #define PSA_WANT_ECC_MONTGOMERY_448             1 | 
|  | #define PSA_WANT_ECC_SECP_K1_192                1 | 
|  | /* | 
|  | * SECP224K1 is buggy via the PSA API in Mbed TLS | 
|  | * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by | 
|  | * default. | 
|  | */ | 
|  | //#define PSA_WANT_ECC_SECP_K1_224                1 | 
|  | #define PSA_WANT_ECC_SECP_K1_256                1 | 
|  | #define PSA_WANT_ECC_SECP_R1_192                1 | 
|  | #define PSA_WANT_ECC_SECP_R1_224                1 | 
|  | /* For secp256r1, consider enabling #MBEDTLS_PSA_P256M_DRIVER_ENABLED | 
|  | * (see the description in mbedtls/mbedtls_config.h for details). */ | 
|  | #define PSA_WANT_ECC_SECP_R1_256                1 | 
|  | #define PSA_WANT_ECC_SECP_R1_384                1 | 
|  | #define PSA_WANT_ECC_SECP_R1_521                1 | 
|  |  | 
|  | #define PSA_WANT_KEY_TYPE_DERIVE                1 | 
|  | #define PSA_WANT_KEY_TYPE_PASSWORD              1 | 
|  | #define PSA_WANT_KEY_TYPE_PASSWORD_HASH         1 | 
|  | #define PSA_WANT_KEY_TYPE_HMAC                  1 | 
|  | #define PSA_WANT_KEY_TYPE_AES                   1 | 
|  | #define PSA_WANT_KEY_TYPE_ARIA                  1 | 
|  | #define PSA_WANT_KEY_TYPE_CAMELLIA              1 | 
|  | #define PSA_WANT_KEY_TYPE_CHACHA20              1 | 
|  | #define PSA_WANT_KEY_TYPE_DES                   1 | 
|  | //#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR          1 /* Deprecated */ | 
|  | #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1 | 
|  | #define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY         1 | 
|  | #define PSA_WANT_KEY_TYPE_RAW_DATA              1 | 
|  | //#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR          1 /* Deprecated */ | 
|  | #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1 | 
|  |  | 
|  | /* | 
|  | * The following symbols extend and deprecate the legacy | 
|  | * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR ones. They include the usage of that key in | 
|  | * the name's suffix. "_USE" is the most generic and it can be used to describe | 
|  | * a generic suport, whereas other ones add more features on top of that and | 
|  | * they are more specific. | 
|  | */ | 
|  | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC      1 | 
|  | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT   1 | 
|  | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT   1 | 
|  | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 | 
|  | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE   1 | 
|  |  | 
|  | #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC      1 | 
|  | #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT   1 | 
|  | #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT   1 | 
|  | #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 | 
|  | //#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE   1 /* Not supported */ | 
|  |  | 
|  | #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC       1 | 
|  | #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT    1 | 
|  | #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT    1 | 
|  | #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE  1 | 
|  | //#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE    1 /* Not supported */ | 
|  |  | 
|  | #endif /* PSA_CRYPTO_CONFIG_H */ |