| Matthew Dalzell | 34d5a69 | 2023-06-28 09:41:39 +0100 | [diff] [blame] | 1 | /* |
| 2 | * SPDX-License-Identifier: Apache-2.0 |
| 3 | * |
| 4 | * Copyright (c) 2023 Arm Limited |
| 5 | */ |
| 6 | |
| 7 | #ifndef MCUBOOT_MBEDTLS_CONFIG_ADD_PSA_CRYPTO_H |
| 8 | #define MCUBOOT_MBEDTLS_CONFIG_ADD_PSA_CRYPTO_H |
| 9 | |
| 10 | #include "mbedtls/build_info.h" |
| 11 | |
| 12 | /* Enable PSA Crypto Core without support for the permanent storage |
| 13 | * Don't define MBEDTLS_PSA_CRYPTO_STORAGE_C to make sure that support |
| 14 | * for permanent keys is not enabled, as it is not usually required during boot |
| 15 | */ |
| 16 | #define MBEDTLS_PSA_CRYPTO_C |
| 17 | #define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG |
| 18 | |
| 19 | #if defined(MCUBOOT_ENCRYPT_RSA) || defined(MCUBOOT_SIGN_RSA) |
| 20 | #define MBEDTLS_PK_C |
| 21 | #define MBEDTLS_CTR_DRBG_C |
| 22 | #define MBEDTLS_CIPHER_C |
| 23 | #define MBEDTLS_ENTROPY_C |
| 24 | #define MBEDTLS_PK_PARSE_C |
| 25 | #define MBEDTLS_PK_WRITE_C |
| 26 | #endif /* MCUBOOT_ENCRYPT_RSA || MCUBOOT_SIGN_RSA */ |
| 27 | |
| 28 | #if defined(MCUBOOT_ENCRYPT_EC256) || defined(MCUBOOT_ENCRYPT_X25519) |
| 29 | #define MBEDTLS_PLATFORM_FREE_MACRO free |
| 30 | #define MBEDTLS_PLATFORM_CALLOC_MACRO calloc |
| 31 | #endif /* MCUBOOT_ENCRYPT_EC256 || MCUBOOT_ENCRYPT_X25519 */ |
| 32 | |
| 33 | #if !defined(MCUBOOT_ENCRYPT_X25519) |
| 34 | #define MBEDTLS_PSA_BUILTIN_CIPHER 1 |
| 35 | #endif /* MCUBOOT_ENCRYPT_X25519 */ |
| 36 | |
| 37 | #if defined(MCUBOOT_ENCRYPT_KW) |
| 38 | #define MBEDTLS_PSA_CRYPTO_CONFIG |
| 39 | #define MBEDTLS_POLY1305_C |
| 40 | #endif /* MCUBOOT_ENCRYPT_KW */ |
| 41 | |
| 42 | #if MBEDTLS_VERSION_NUMBER == 0x03000000 |
| 43 | /* This PSA define is available only with more recent versions of 3.x */ |
| 44 | #define PSA_KEY_ID_NULL ((psa_key_id_t)0) // not overly happy with this being here |
| 45 | #endif /* MBEDTLS_VERSION_NUMBER == 0x03000000 */ |
| 46 | |
| 47 | #endif /* MCUBOOT_MBEDTLS_CONFIG_ADD_PSA_CRYPTO_H */ |