include/psa/crypto_config.h

*32b31808SJens Wiklander/**
*32b31808SJens Wiklander * \file psa/crypto_config.h
*32b31808SJens Wiklander * \brief PSA crypto configuration options (set of defines)
*32b31808SJens Wiklander *
*32b31808SJens Wiklander */
*32b31808SJens Wiklander#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
*32b31808SJens Wiklander/**
*32b31808SJens Wiklander * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h,
*32b31808SJens Wiklander * this file determines which cryptographic mechanisms are enabled
*32b31808SJens Wiklander * through the PSA Cryptography API (\c psa_xxx() functions).
*32b31808SJens Wiklander *
*32b31808SJens Wiklander * To enable a cryptographic mechanism, uncomment the definition of
*32b31808SJens Wiklander * the corresponding \c PSA_WANT_xxx preprocessor symbol.
*32b31808SJens Wiklander * To disable a cryptographic mechanism, comment out the definition of
*32b31808SJens Wiklander * the corresponding \c PSA_WANT_xxx preprocessor symbol.
*32b31808SJens Wiklander * The names of cryptographic mechanisms correspond to values
*32b31808SJens Wiklander * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
*32b31808SJens Wiklander * of \c PSA_.
*32b31808SJens Wiklander *
*32b31808SJens Wiklander * Note that many cryptographic mechanisms involve two symbols: one for
*32b31808SJens Wiklander * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
*32b31808SJens Wiklander * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
*32b31808SJens Wiklander * additional symbols.
*32b31808SJens Wiklander */
*32b31808SJens Wiklander#else
*32b31808SJens Wiklander/**
*32b31808SJens Wiklander * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in mbedtls_config.h,
*32b31808SJens Wiklander * this file is not used, and cryptographic mechanisms are supported
*32b31808SJens Wiklander * through the PSA API if and only if they are supported through the
*32b31808SJens Wiklander * mbedtls_xxx API.
*32b31808SJens Wiklander */
*32b31808SJens Wiklander#endif
*32b31808SJens Wiklander/*
*32b31808SJens Wiklander *  Copyright The Mbed TLS Contributors
*32b31808SJens Wiklander *  SPDX-License-Identifier: Apache-2.0
*32b31808SJens Wiklander *
*32b31808SJens Wiklander *  Licensed under the Apache License, Version 2.0 (the "License"); you may
*32b31808SJens Wiklander *  not use this file except in compliance with the License.
*32b31808SJens Wiklander *  You may obtain a copy of the License at
*32b31808SJens Wiklander *
*32b31808SJens Wiklander *  http://www.apache.org/licenses/LICENSE-2.0
*32b31808SJens Wiklander *
*32b31808SJens Wiklander *  Unless required by applicable law or agreed to in writing, software
*32b31808SJens Wiklander *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
*32b31808SJens Wiklander *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*32b31808SJens Wiklander *  See the License for the specific language governing permissions and
*32b31808SJens Wiklander *  limitations under the License.
*32b31808SJens Wiklander */
*32b31808SJens Wiklander
*32b31808SJens Wiklander#ifndef PSA_CRYPTO_CONFIG_H
*32b31808SJens Wiklander#define PSA_CRYPTO_CONFIG_H
*32b31808SJens Wiklander
*32b31808SJens Wiklander/*
*32b31808SJens Wiklander * CBC-MAC is not yet supported via the PSA API in Mbed TLS.
*32b31808SJens Wiklander */
*32b31808SJens Wiklander//#define PSA_WANT_ALG_CBC_MAC                    1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CBC_NO_PADDING             1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CBC_PKCS7                  1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CCM                        1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CCM_STAR_NO_TAG            1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CMAC                       1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CFB                        1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CHACHA20_POLY1305          1
*32b31808SJens Wiklander#define PSA_WANT_ALG_CTR                        1
*32b31808SJens Wiklander#define PSA_WANT_ALG_DETERMINISTIC_ECDSA        1
*32b31808SJens Wiklander#define PSA_WANT_ALG_ECB_NO_PADDING             1
*32b31808SJens Wiklander#define PSA_WANT_ALG_ECDH                       1
*32b31808SJens Wiklander#define PSA_WANT_ALG_ECDSA                      1
*32b31808SJens Wiklander#define PSA_WANT_ALG_JPAKE                      1
*32b31808SJens Wiklander#define PSA_WANT_ALG_GCM                        1
*32b31808SJens Wiklander#define PSA_WANT_ALG_HKDF                       1
*32b31808SJens Wiklander#define PSA_WANT_ALG_HKDF_EXTRACT               1
*32b31808SJens Wiklander#define PSA_WANT_ALG_HKDF_EXPAND                1
*32b31808SJens Wiklander#define PSA_WANT_ALG_HMAC                       1
*32b31808SJens Wiklander#define PSA_WANT_ALG_MD5                        1
*32b31808SJens Wiklander#define PSA_WANT_ALG_OFB                        1
*32b31808SJens Wiklander/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
*32b31808SJens Wiklander * Note: when adding support, also adjust include/mbedtls/config_psa.h */
*32b31808SJens Wiklander//#define PSA_WANT_ALG_PBKDF2_HMAC                1
*32b31808SJens Wiklander#define PSA_WANT_ALG_RIPEMD160                  1
*32b31808SJens Wiklander#define PSA_WANT_ALG_RSA_OAEP                   1
*32b31808SJens Wiklander#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1
*32b31808SJens Wiklander#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN          1
*32b31808SJens Wiklander#define PSA_WANT_ALG_RSA_PSS                    1
*32b31808SJens Wiklander#define PSA_WANT_ALG_SHA_1                      1
*32b31808SJens Wiklander#define PSA_WANT_ALG_SHA_224                    1
*32b31808SJens Wiklander#define PSA_WANT_ALG_SHA_256                    1
*32b31808SJens Wiklander#define PSA_WANT_ALG_SHA_384                    1
*32b31808SJens Wiklander#define PSA_WANT_ALG_SHA_512                    1
*32b31808SJens Wiklander#define PSA_WANT_ALG_STREAM_CIPHER              1
*32b31808SJens Wiklander#define PSA_WANT_ALG_TLS12_PRF                  1
*32b31808SJens Wiklander#define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
*32b31808SJens Wiklander#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS       1
*32b31808SJens Wiklander
*32b31808SJens Wiklander/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
*32b31808SJens Wiklander * Note: when adding support, also adjust include/mbedtls/config_psa.h */
*32b31808SJens Wiklander//#define PSA_WANT_ALG_XTS                        1
*32b31808SJens Wiklander
*32b31808SJens Wiklander#define PSA_WANT_ECC_BRAINPOOL_P_R1_256         1
*32b31808SJens Wiklander#define PSA_WANT_ECC_BRAINPOOL_P_R1_384         1
*32b31808SJens Wiklander#define PSA_WANT_ECC_BRAINPOOL_P_R1_512         1
*32b31808SJens Wiklander#define PSA_WANT_ECC_MONTGOMERY_255             1
*32b31808SJens Wiklander#define PSA_WANT_ECC_MONTGOMERY_448             1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_K1_192                1
*32b31808SJens Wiklander/*
*32b31808SJens Wiklander * SECP224K1 is buggy via the PSA API in Mbed TLS
*32b31808SJens Wiklander * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by
*32b31808SJens Wiklander * default.
*32b31808SJens Wiklander */
*32b31808SJens Wiklander//#define PSA_WANT_ECC_SECP_K1_224                1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_K1_256                1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_R1_192                1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_R1_224                1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_R1_256                1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_R1_384                1
*32b31808SJens Wiklander#define PSA_WANT_ECC_SECP_R1_521                1
*32b31808SJens Wiklander
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_DERIVE                1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_PASSWORD              1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_PASSWORD_HASH         1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_HMAC                  1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_AES                   1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_ARIA                  1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_CAMELLIA              1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_CHACHA20              1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_DES                   1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR          1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_RAW_DATA              1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR          1
*32b31808SJens Wiklander#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1
*32b31808SJens Wiklander
*32b31808SJens Wiklander#endif /* PSA_CRYPTO_CONFIG_H */