| Aditya Deshpande | 16a62e3 | 2023-04-11 16:25:02 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2018-2022, Arm Limited. All rights reserved. |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | * |
| 6 | */ |
| 7 | /** |
| 8 | * \file psa/crypto_config.h |
| 9 | * \brief PSA crypto configuration options (set of defines) |
| 10 | * |
| 11 | */ |
| 12 | #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) |
| 13 | /** |
| 14 | * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h, |
| 15 | * this file determines which cryptographic mechanisms are enabled |
| 16 | * through the PSA Cryptography API (\c psa_xxx() functions). |
| 17 | * |
| 18 | * To enable a cryptographic mechanism, uncomment the definition of |
| 19 | * the corresponding \c PSA_WANT_xxx preprocessor symbol. |
| 20 | * To disable a cryptographic mechanism, comment out the definition of |
| 21 | * the corresponding \c PSA_WANT_xxx preprocessor symbol. |
| 22 | * The names of cryptographic mechanisms correspond to values |
| 23 | * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead |
| 24 | * of \c PSA_. |
| 25 | * |
| 26 | * Note that many cryptographic mechanisms involve two symbols: one for |
| 27 | * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm |
| 28 | * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve |
| 29 | * additional symbols. |
| 30 | */ |
| 31 | #else |
| 32 | /** |
| 33 | * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in mbedtls_config.h, |
| 34 | * this file is not used, and cryptographic mechanisms are supported |
| 35 | * through the PSA API if and only if they are supported through the |
| 36 | * mbedtls_xxx API. |
| 37 | */ |
| 38 | #endif |
| 39 | |
| 40 | #ifndef PROFILE_M_PSA_CRYPTO_CONFIG_H |
| 41 | #define PROFILE_M_PSA_CRYPTO_CONFIG_H |
| 42 | |
| 43 | /* |
| 44 | * CBC-MAC is not yet supported via the PSA API in Mbed TLS. |
| 45 | */ |
| 46 | //#define PSA_WANT_ALG_CBC_MAC 1 |
| 47 | //#define PSA_WANT_ALG_CBC_NO_PADDING 1 |
| 48 | //#define PSA_WANT_ALG_CBC_PKCS7 1 |
| 49 | #define PSA_WANT_ALG_CCM 1 |
| 50 | //#define PSA_WANT_ALG_CMAC 1 |
| 51 | //#define PSA_WANT_ALG_CFB 1 |
| 52 | //#define PSA_WANT_ALG_CHACHA20_POLY1305 1 |
| 53 | //#define PSA_WANT_ALG_CTR 1 |
| 54 | #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 |
| 55 | //#define PSA_WANT_ALG_ECB_NO_PADDING 1 |
| 56 | #define PSA_WANT_ALG_ECDH 1 |
| 57 | #define PSA_WANT_ALG_ECDSA 1 |
| 58 | //#define PSA_WANT_ALG_GCM 1 |
| 59 | #define PSA_WANT_ALG_HKDF 1 |
| 60 | #define PSA_WANT_ALG_HMAC 1 |
| 61 | //#define PSA_WANT_ALG_MD5 1 |
| 62 | //#define PSA_WANT_ALG_OFB 1 |
| 63 | /* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. |
| 64 | * Note: when adding support, also adjust include/mbedtls/config_psa.h */ |
| 65 | //#define PSA_WANT_ALG_PBKDF2_HMAC 1 |
| 66 | //#define PSA_WANT_ALG_RIPEMD160 1 |
| 67 | //#define PSA_WANT_ALG_RSA_OAEP 1 |
| 68 | //#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 |
| 69 | //#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 |
| 70 | //#define PSA_WANT_ALG_RSA_PSS 1 |
| 71 | //#define PSA_WANT_ALG_SHA_1 1 |
| 72 | #define PSA_WANT_ALG_SHA_224 1 |
| 73 | #define PSA_WANT_ALG_SHA_256 1 |
| 74 | //#define PSA_WANT_ALG_SHA_384 1 |
| 75 | //#define PSA_WANT_ALG_SHA_512 1 |
| 76 | //#define PSA_WANT_ALG_STREAM_CIPHER 1 |
| 77 | #define PSA_WANT_ALG_TLS12_PRF 1 |
| 78 | #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 |
| 79 | /* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. |
| 80 | * Note: when adding support, also adjust include/mbedtls/config_psa.h */ |
| 81 | //#define PSA_WANT_ALG_XTS 1 |
| 82 | |
| 83 | //#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 |
| 84 | //#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 |
| 85 | //#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 |
| 86 | //#define PSA_WANT_ECC_MONTGOMERY_255 1 |
| 87 | //#define PSA_WANT_ECC_MONTGOMERY_448 1 |
| 88 | //#define PSA_WANT_ECC_SECP_K1_192 1 |
| 89 | /* |
| 90 | * SECP224K1 is buggy via the PSA API in Mbed TLS |
| 91 | * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by |
| 92 | * default. |
| 93 | */ |
| 94 | //#define PSA_WANT_ECC_SECP_K1_224 1 |
| 95 | //#define PSA_WANT_ECC_SECP_K1_256 1 |
| 96 | //#define PSA_WANT_ECC_SECP_R1_192 1 |
| 97 | //#define PSA_WANT_ECC_SECP_R1_224 1 |
| 98 | #define PSA_WANT_ECC_SECP_R1_256 1 |
| 99 | //#define PSA_WANT_ECC_SECP_R1_384 1 |
| 100 | //#define PSA_WANT_ECC_SECP_R1_521 1 |
| 101 | |
| 102 | #define PSA_WANT_KEY_TYPE_DERIVE 1 |
| 103 | #define PSA_WANT_KEY_TYPE_HMAC 1 |
| 104 | #define PSA_WANT_KEY_TYPE_AES 1 |
| 105 | //#define PSA_WANT_KEY_TYPE_ARIA 1 |
| 106 | //#define PSA_WANT_KEY_TYPE_CAMELLIA 1 |
| 107 | //#define PSA_WANT_KEY_TYPE_CHACHA20 1 |
| 108 | //#define PSA_WANT_KEY_TYPE_DES 1 |
| Valerio Setti | ae06443 | 2023-06-26 12:13:38 +0200 | [diff] [blame^] | 109 | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 |
| 110 | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 |
| 111 | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 |
| 112 | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 |
| 113 | #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 |
| Aditya Deshpande | 16a62e3 | 2023-04-11 16:25:02 +0100 | [diff] [blame] | 114 | #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 |
| 115 | #define PSA_WANT_KEY_TYPE_RAW_DATA 1 |
| 116 | //#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 |
| 117 | //#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 |
| 118 | |
| 119 | #endif /* PROFILE_M_PSA_CRYPTO_CONFIG_H */ |