Mbed TLS v3.5.0
crypto_config.h
Go to the documentation of this file.
1 
6 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
25 #else
32 #endif
33 /*
34  * Copyright The Mbed TLS Contributors
35  * SPDX-License-Identifier: Apache-2.0
36  *
37  * Licensed under the Apache License, Version 2.0 (the "License"); you may
38  * not use this file except in compliance with the License.
39  * You may obtain a copy of the License at
40  *
41  * http://www.apache.org/licenses/LICENSE-2.0
42  *
43  * Unless required by applicable law or agreed to in writing, software
44  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
45  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
46  * See the License for the specific language governing permissions and
47  * limitations under the License.
48  */
49 
50 #ifndef PSA_CRYPTO_CONFIG_H
51 #define PSA_CRYPTO_CONFIG_H
52 
53 /*
54  * CBC-MAC is not yet supported via the PSA API in Mbed TLS.
55  */
56 //#define PSA_WANT_ALG_CBC_MAC 1
57 #define PSA_WANT_ALG_CBC_NO_PADDING 1
58 #define PSA_WANT_ALG_CBC_PKCS7 1
59 #define PSA_WANT_ALG_CCM 1
60 #define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
61 #define PSA_WANT_ALG_CMAC 1
62 #define PSA_WANT_ALG_CFB 1
63 #define PSA_WANT_ALG_CHACHA20_POLY1305 1
64 #define PSA_WANT_ALG_CTR 1
65 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
66 #define PSA_WANT_ALG_ECB_NO_PADDING 1
67 #define PSA_WANT_ALG_ECDH 1
68 #define PSA_WANT_ALG_FFDH 1
69 #define PSA_WANT_ALG_ECDSA 1
70 #define PSA_WANT_ALG_JPAKE 1
71 #define PSA_WANT_ALG_GCM 1
72 #define PSA_WANT_ALG_HKDF 1
73 #define PSA_WANT_ALG_HKDF_EXTRACT 1
74 #define PSA_WANT_ALG_HKDF_EXPAND 1
75 #define PSA_WANT_ALG_HMAC 1
76 #define PSA_WANT_ALG_MD5 1
77 #define PSA_WANT_ALG_OFB 1
78 #define PSA_WANT_ALG_PBKDF2_HMAC 1
79 #define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 1
80 #define PSA_WANT_ALG_RIPEMD160 1
81 #define PSA_WANT_ALG_RSA_OAEP 1
82 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
83 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
84 #define PSA_WANT_ALG_RSA_PSS 1
85 #define PSA_WANT_ALG_SHA_1 1
86 #define PSA_WANT_ALG_SHA_224 1
87 #define PSA_WANT_ALG_SHA_256 1
88 #define PSA_WANT_ALG_SHA_384 1
89 #define PSA_WANT_ALG_SHA_512 1
90 #define PSA_WANT_ALG_SHA3_224 1
91 #define PSA_WANT_ALG_SHA3_256 1
92 #define PSA_WANT_ALG_SHA3_384 1
93 #define PSA_WANT_ALG_SHA3_512 1
94 #define PSA_WANT_ALG_STREAM_CIPHER 1
95 #define PSA_WANT_ALG_TLS12_PRF 1
96 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
97 #define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
98 
99 /* XTS is not yet supported via the PSA API in Mbed TLS.
100  * Note: when adding support, also adjust include/mbedtls/config_psa.h */
101 //#define PSA_WANT_ALG_XTS 1
102 
103 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
104 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
105 #define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
106 #define PSA_WANT_ECC_MONTGOMERY_255 1
107 #define PSA_WANT_ECC_MONTGOMERY_448 1
108 #define PSA_WANT_ECC_SECP_K1_192 1
109 /*
110  * SECP224K1 is buggy via the PSA API in Mbed TLS
111  * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by
112  * default.
113  */
114 //#define PSA_WANT_ECC_SECP_K1_224 1
115 #define PSA_WANT_ECC_SECP_K1_256 1
116 #define PSA_WANT_ECC_SECP_R1_192 1
117 #define PSA_WANT_ECC_SECP_R1_224 1
118 /* For secp256r1, consider enabling #MBEDTLS_PSA_P256M_DRIVER_ENABLED
119  * (see the description in mbedtls/mbedtls_config.h for details). */
120 #define PSA_WANT_ECC_SECP_R1_256 1
121 #define PSA_WANT_ECC_SECP_R1_384 1
122 #define PSA_WANT_ECC_SECP_R1_521 1
123 
124 #define PSA_WANT_KEY_TYPE_DERIVE 1
125 #define PSA_WANT_KEY_TYPE_PASSWORD 1
126 #define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1
127 #define PSA_WANT_KEY_TYPE_HMAC 1
128 #define PSA_WANT_KEY_TYPE_AES 1
129 #define PSA_WANT_KEY_TYPE_ARIA 1
130 #define PSA_WANT_KEY_TYPE_CAMELLIA 1
131 #define PSA_WANT_KEY_TYPE_CHACHA20 1
132 #define PSA_WANT_KEY_TYPE_DES 1
133 //#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 /* Deprecated */
134 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
135 #define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
136 #define PSA_WANT_KEY_TYPE_RAW_DATA 1
137 //#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 /* Deprecated */
138 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
139 
140 /*
141  * The following symbols extend and deprecate the legacy
142  * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR ones. They include the usage of that key in
143  * the name's suffix. "_USE" is the most generic and it can be used to describe
144  * a generic suport, whereas other ones add more features on top of that and
145  * they are more specific.
146  */
147 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
148 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
149 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
150 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
151 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
152 
153 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
154 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
155 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
156 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
157 //#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */
158 
159 #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
160 #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
161 #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
162 #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
163 //#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 /* Not supported */
164 
165 #endif /* PSA_CRYPTO_CONFIG_H */