mbedtls: add configuration file for PSA features
Adding a Kconfig and a header file to control which PSA features are to be used from MbedTLS: - new kconfig symbols are placed in a separate header file (Kconfig.psa) and are guarded by MBEDTLS_PSA_CRYPTO_CLIENT. The reason for this is that TLS/X509 can either rely on PSA functions provided by MbedTLS (when MBEDTLS_PSA_CRYPTO_C is defined) or TFM (when BUILD_WITH_TFM is selected). Therefore we could not make these new Kconfigs depending on MBEDTLS_PSA_CRYPTO_C. - by default all PSA symbols are enabled, but they can be disabled by respective Kconfigs in order to reduce the image size. - the new header file (config-psa-generic.h) mimics what config-tls-generic.h does for MbedTLS builtin symbols: it enables a build symbol for every Kconfig one. The name is kept identical in the 2 cases (a part from the initial CONFIG_ in order to simplify the mechanism). - MBEDTLS_PSA_CRYPTO_CONFIG is finally enabled whenever there is any PSA crypto provider (either MBEDTLS_PSA_CRYPTO_C or TFM) Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
parent
266fb4c73a
commit
e58ebe12f4
4 changed files with 696 additions and 5 deletions
|
@ -1,6 +1,10 @@
|
|||
# Copyright (c) 2024 Nordic Semiconductor ASA
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
# This file was automatically generated by create_psa_files.py
|
||||
# from: ../../../modules/crypto/mbedtls/include/psa/crypto_config.h.
|
||||
# Do not edit it manually.
|
||||
|
||||
config MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
bool
|
||||
default y
|
||||
|
@ -8,7 +12,343 @@ config MBEDTLS_PSA_CRYPTO_CLIENT
|
|||
|
||||
if MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
|
||||
config PSA_CRYPTO_ENABLE_ALL
|
||||
bool "All PSA crypto features"
|
||||
|
||||
config PSA_WANT_ALG_CBC_NO_PADDING
|
||||
bool "PSA_WANT_ALG_CBC_NO_PADDING" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CBC_PKCS7
|
||||
bool "PSA_WANT_ALG_CBC_PKCS7" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CCM
|
||||
bool "PSA_WANT_ALG_CCM" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CCM_STAR_NO_TAG
|
||||
bool "PSA_WANT_ALG_CCM_STAR_NO_TAG" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CMAC
|
||||
bool "PSA_WANT_ALG_CMAC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CFB
|
||||
bool "PSA_WANT_ALG_CFB" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CHACHA20_POLY1305
|
||||
bool "PSA_WANT_ALG_CHACHA20_POLY1305" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_CTR
|
||||
bool "PSA_WANT_ALG_CTR" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_DETERMINISTIC_ECDSA
|
||||
bool "PSA_WANT_ALG_DETERMINISTIC_ECDSA" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_ECB_NO_PADDING
|
||||
bool "PSA_WANT_ALG_ECB_NO_PADDING" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_ECDH
|
||||
bool "PSA_WANT_ALG_ECDH" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_FFDH
|
||||
bool "PSA_WANT_ALG_FFDH" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_ECDSA
|
||||
bool "PSA_WANT_ALG_ECDSA" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_JPAKE
|
||||
bool "PSA_WANT_ALG_JPAKE" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_GCM
|
||||
bool "PSA_WANT_ALG_GCM" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_HKDF
|
||||
bool "PSA_WANT_ALG_HKDF" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_HKDF_EXTRACT
|
||||
bool "PSA_WANT_ALG_HKDF_EXTRACT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_HKDF_EXPAND
|
||||
bool "PSA_WANT_ALG_HKDF_EXPAND" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_HMAC
|
||||
bool "PSA_WANT_ALG_HMAC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_MD5
|
||||
bool "PSA_WANT_ALG_MD5" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_OFB
|
||||
bool "PSA_WANT_ALG_OFB" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_PBKDF2_HMAC
|
||||
bool "PSA_WANT_ALG_PBKDF2_HMAC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128
|
||||
bool "PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_RIPEMD160
|
||||
bool "PSA_WANT_ALG_RIPEMD160" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_RSA_OAEP
|
||||
bool "PSA_WANT_ALG_RSA_OAEP" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
|
||||
bool "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_RSA_PKCS1V15_SIGN
|
||||
bool "PSA_WANT_ALG_RSA_PKCS1V15_SIGN" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_RSA_PSS
|
||||
bool "PSA_WANT_ALG_RSA_PSS" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA_1
|
||||
bool "PSA_WANT_ALG_SHA_1" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA_224
|
||||
bool "PSA_WANT_ALG_SHA_224" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA_256
|
||||
bool "SHA-256 hash algorithm through PSA"
|
||||
bool "PSA_WANT_ALG_SHA_256" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA_384
|
||||
bool "PSA_WANT_ALG_SHA_384" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA_512
|
||||
bool "PSA_WANT_ALG_SHA_512" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA3_224
|
||||
bool "PSA_WANT_ALG_SHA3_224" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA3_256
|
||||
bool "PSA_WANT_ALG_SHA3_256" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA3_384
|
||||
bool "PSA_WANT_ALG_SHA3_384" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_SHA3_512
|
||||
bool "PSA_WANT_ALG_SHA3_512" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_STREAM_CIPHER
|
||||
bool "PSA_WANT_ALG_STREAM_CIPHER" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_TLS12_PRF
|
||||
bool "PSA_WANT_ALG_TLS12_PRF" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_TLS12_PSK_TO_MS
|
||||
bool "PSA_WANT_ALG_TLS12_PSK_TO_MS" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS
|
||||
bool "PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_BRAINPOOL_P_R1_256
|
||||
bool "PSA_WANT_ECC_BRAINPOOL_P_R1_256" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_BRAINPOOL_P_R1_384
|
||||
bool "PSA_WANT_ECC_BRAINPOOL_P_R1_384" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_BRAINPOOL_P_R1_512
|
||||
bool "PSA_WANT_ECC_BRAINPOOL_P_R1_512" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_MONTGOMERY_255
|
||||
bool "PSA_WANT_ECC_MONTGOMERY_255" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_MONTGOMERY_448
|
||||
bool "PSA_WANT_ECC_MONTGOMERY_448" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_K1_192
|
||||
bool "PSA_WANT_ECC_SECP_K1_192" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_K1_256
|
||||
bool "PSA_WANT_ECC_SECP_K1_256" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_R1_192
|
||||
bool "PSA_WANT_ECC_SECP_R1_192" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_R1_224
|
||||
bool "PSA_WANT_ECC_SECP_R1_224" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_R1_256
|
||||
bool "PSA_WANT_ECC_SECP_R1_256" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_R1_384
|
||||
bool "PSA_WANT_ECC_SECP_R1_384" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_ECC_SECP_R1_521
|
||||
bool "PSA_WANT_ECC_SECP_R1_521" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_DH_RFC7919_2048
|
||||
bool "PSA_WANT_DH_RFC7919_2048" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_DH_RFC7919_3072
|
||||
bool "PSA_WANT_DH_RFC7919_3072" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_DH_RFC7919_4096
|
||||
bool "PSA_WANT_DH_RFC7919_4096" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_DH_RFC7919_6144
|
||||
bool "PSA_WANT_DH_RFC7919_6144" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_DH_RFC7919_8192
|
||||
bool "PSA_WANT_DH_RFC7919_8192" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DERIVE
|
||||
bool "PSA_WANT_KEY_TYPE_DERIVE" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_PASSWORD
|
||||
bool "PSA_WANT_KEY_TYPE_PASSWORD" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_PASSWORD_HASH
|
||||
bool "PSA_WANT_KEY_TYPE_PASSWORD_HASH" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_HMAC
|
||||
bool "PSA_WANT_KEY_TYPE_HMAC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_AES
|
||||
bool "PSA_WANT_KEY_TYPE_AES" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ARIA
|
||||
bool "PSA_WANT_KEY_TYPE_ARIA" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_CAMELLIA
|
||||
bool "PSA_WANT_KEY_TYPE_CAMELLIA" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_CHACHA20
|
||||
bool "PSA_WANT_KEY_TYPE_CHACHA20" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DES
|
||||
bool "PSA_WANT_KEY_TYPE_DES" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
|
||||
bool "PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY
|
||||
bool "PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_RAW_DATA
|
||||
bool "PSA_WANT_KEY_TYPE_RAW_DATA" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
|
||||
bool "PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC
|
||||
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
|
||||
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
|
||||
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE
|
||||
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
|
||||
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC
|
||||
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT
|
||||
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT
|
||||
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE
|
||||
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC
|
||||
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT
|
||||
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT
|
||||
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE
|
||||
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
|
||||
default y if PSA_CRYPTO_ENABLE_ALL
|
||||
|
||||
endif # MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
|
|
351
modules/mbedtls/configs/config-psa.h
Normal file
351
modules/mbedtls/configs/config-psa.h
Normal file
|
@ -0,0 +1,351 @@
|
|||
/*
|
||||
* Copyright (c) 2024 Nordic Semiconductor ASA
|
||||
*
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*/
|
||||
|
||||
/* This file was automatically generated by create_psa_files.py
|
||||
* from: ../../../modules/crypto/mbedtls/include/psa/crypto_config.h
|
||||
* Do not edit it manually.
|
||||
*/
|
||||
|
||||
#ifndef CONFIG_PSA_H
|
||||
#define CONFIG_PSA_H
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CBC_NO_PADDING)
|
||||
#define PSA_WANT_ALG_CBC_NO_PADDING 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CBC_PKCS7)
|
||||
#define PSA_WANT_ALG_CBC_PKCS7 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CCM)
|
||||
#define PSA_WANT_ALG_CCM 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CCM_STAR_NO_TAG)
|
||||
#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CMAC)
|
||||
#define PSA_WANT_ALG_CMAC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CFB)
|
||||
#define PSA_WANT_ALG_CFB 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CHACHA20_POLY1305)
|
||||
#define PSA_WANT_ALG_CHACHA20_POLY1305 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_CTR)
|
||||
#define PSA_WANT_ALG_CTR 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA)
|
||||
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_ECB_NO_PADDING)
|
||||
#define PSA_WANT_ALG_ECB_NO_PADDING 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_ECDH)
|
||||
#define PSA_WANT_ALG_ECDH 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_FFDH)
|
||||
#define PSA_WANT_ALG_FFDH 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_ECDSA)
|
||||
#define PSA_WANT_ALG_ECDSA 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_JPAKE)
|
||||
#define PSA_WANT_ALG_JPAKE 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_GCM)
|
||||
#define PSA_WANT_ALG_GCM 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_HKDF)
|
||||
#define PSA_WANT_ALG_HKDF 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_HKDF_EXTRACT)
|
||||
#define PSA_WANT_ALG_HKDF_EXTRACT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_HKDF_EXPAND)
|
||||
#define PSA_WANT_ALG_HKDF_EXPAND 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_HMAC)
|
||||
#define PSA_WANT_ALG_HMAC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_MD5)
|
||||
#define PSA_WANT_ALG_MD5 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_OFB)
|
||||
#define PSA_WANT_ALG_OFB 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_PBKDF2_HMAC)
|
||||
#define PSA_WANT_ALG_PBKDF2_HMAC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
|
||||
#define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_RIPEMD160)
|
||||
#define PSA_WANT_ALG_RIPEMD160 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_RSA_OAEP)
|
||||
#define PSA_WANT_ALG_RSA_OAEP 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
|
||||
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_RSA_PSS)
|
||||
#define PSA_WANT_ALG_RSA_PSS 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA_1)
|
||||
#define PSA_WANT_ALG_SHA_1 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA_224)
|
||||
#define PSA_WANT_ALG_SHA_224 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA_256)
|
||||
#define PSA_WANT_ALG_SHA_256 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA_384)
|
||||
#define PSA_WANT_ALG_SHA_384 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA_512)
|
||||
#define PSA_WANT_ALG_SHA_512 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA3_224)
|
||||
#define PSA_WANT_ALG_SHA3_224 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA3_256)
|
||||
#define PSA_WANT_ALG_SHA3_256 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA3_384)
|
||||
#define PSA_WANT_ALG_SHA3_384 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA3_512)
|
||||
#define PSA_WANT_ALG_SHA3_512 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_STREAM_CIPHER)
|
||||
#define PSA_WANT_ALG_STREAM_CIPHER 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_TLS12_PRF)
|
||||
#define PSA_WANT_ALG_TLS12_PRF 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_TLS12_PSK_TO_MS)
|
||||
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
|
||||
#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_256)
|
||||
#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_384)
|
||||
#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_512)
|
||||
#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_MONTGOMERY_255)
|
||||
#define PSA_WANT_ECC_MONTGOMERY_255 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_MONTGOMERY_448)
|
||||
#define PSA_WANT_ECC_MONTGOMERY_448 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_K1_192)
|
||||
#define PSA_WANT_ECC_SECP_K1_192 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_K1_256)
|
||||
#define PSA_WANT_ECC_SECP_K1_256 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_192)
|
||||
#define PSA_WANT_ECC_SECP_R1_192 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_224)
|
||||
#define PSA_WANT_ECC_SECP_R1_224 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_256)
|
||||
#define PSA_WANT_ECC_SECP_R1_256 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_384)
|
||||
#define PSA_WANT_ECC_SECP_R1_384 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_521)
|
||||
#define PSA_WANT_ECC_SECP_R1_521 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_DH_RFC7919_2048)
|
||||
#define PSA_WANT_DH_RFC7919_2048 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_DH_RFC7919_3072)
|
||||
#define PSA_WANT_DH_RFC7919_3072 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_DH_RFC7919_4096)
|
||||
#define PSA_WANT_DH_RFC7919_4096 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_DH_RFC7919_6144)
|
||||
#define PSA_WANT_DH_RFC7919_6144 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_DH_RFC7919_8192)
|
||||
#define PSA_WANT_DH_RFC7919_8192 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DERIVE)
|
||||
#define PSA_WANT_KEY_TYPE_DERIVE 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_PASSWORD)
|
||||
#define PSA_WANT_KEY_TYPE_PASSWORD 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_PASSWORD_HASH)
|
||||
#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_HMAC)
|
||||
#define PSA_WANT_KEY_TYPE_HMAC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_AES)
|
||||
#define PSA_WANT_KEY_TYPE_AES 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ARIA)
|
||||
#define PSA_WANT_KEY_TYPE_ARIA 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_CAMELLIA)
|
||||
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_CHACHA20)
|
||||
#define PSA_WANT_KEY_TYPE_CHACHA20 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DES)
|
||||
#define PSA_WANT_KEY_TYPE_DES 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
|
||||
#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RAW_DATA)
|
||||
#define PSA_WANT_KEY_TYPE_RAW_DATA 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
|
||||
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
|
||||
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
|
||||
#endif
|
||||
|
||||
#endif /* CONFIG_PSA_H */
|
|
@ -489,6 +489,9 @@
|
|||
|
||||
#if defined(CONFIG_MBEDTLS_PSA_CRYPTO_CLIENT)
|
||||
#define MBEDTLS_PSA_CRYPTO_CLIENT
|
||||
#define MBEDTLS_PSA_CRYPTO_CONFIG
|
||||
#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "config-psa.h"
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_MBEDTLS_TLS_VERSION_1_2) && defined(CONFIG_MBEDTLS_PSA_CRYPTO_C)
|
||||
|
@ -507,8 +510,4 @@
|
|||
#undef MBEDTLS_PSA_CRYPTO_C
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_PSA_WANT_ALG_SHA_256)
|
||||
#define PSA_WANT_ALG_SHA_256 1
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_CONFIG_H */
|
||||
|
|
|
@ -910,6 +910,7 @@ flagged.
|
|||
"OPT",
|
||||
"OPT_0",
|
||||
"PEDO_THS_MIN",
|
||||
"PSA_H", # This is used in config-psa.h as guard for the header file
|
||||
"REG1",
|
||||
"REG2",
|
||||
"RIMAGE_SIGNING_SCHEMA", # Optional module
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue