mbedtls: add configuration file for PSA features

Adding a Kconfig and a header file to control which PSA features
are to be used from MbedTLS:

- new kconfig symbols are placed in a separate header file
  (Kconfig.psa) and are guarded by MBEDTLS_PSA_CRYPTO_CLIENT. The
  reason for this is that TLS/X509 can either rely on PSA functions
  provided by MbedTLS (when MBEDTLS_PSA_CRYPTO_C is defined) or
  TFM (when BUILD_WITH_TFM is selected). Therefore we could
  not make these new Kconfigs depending on MBEDTLS_PSA_CRYPTO_C.

- by default all PSA symbols are enabled, but they can be
  disabled by respective Kconfigs in order to reduce the image
  size.

- the new header file (config-psa-generic.h) mimics what
  config-tls-generic.h does for MbedTLS builtin symbols: it
  enables a build symbol for every Kconfig one. The name is
  kept identical in the 2 cases (a part from the initial CONFIG_
  in order to simplify the mechanism).

- MBEDTLS_PSA_CRYPTO_CONFIG is finally enabled whenever there
  is any PSA crypto provider (either MBEDTLS_PSA_CRYPTO_C or
  TFM)

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti 2024-05-03 06:00:05 +02:00 committed by Anas Nashif
commit e58ebe12f4
4 changed files with 696 additions and 5 deletions

View file

@ -1,6 +1,10 @@
# Copyright (c) 2024 Nordic Semiconductor ASA
# SPDX-License-Identifier: Apache-2.0
# This file was automatically generated by create_psa_files.py
# from: ../../../modules/crypto/mbedtls/include/psa/crypto_config.h.
# Do not edit it manually.
config MBEDTLS_PSA_CRYPTO_CLIENT
bool
default y
@ -8,7 +12,343 @@ config MBEDTLS_PSA_CRYPTO_CLIENT
if MBEDTLS_PSA_CRYPTO_CLIENT
config PSA_CRYPTO_ENABLE_ALL
bool "All PSA crypto features"
config PSA_WANT_ALG_CBC_NO_PADDING
bool "PSA_WANT_ALG_CBC_NO_PADDING" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CBC_PKCS7
bool "PSA_WANT_ALG_CBC_PKCS7" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CCM
bool "PSA_WANT_ALG_CCM" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CCM_STAR_NO_TAG
bool "PSA_WANT_ALG_CCM_STAR_NO_TAG" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CMAC
bool "PSA_WANT_ALG_CMAC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CFB
bool "PSA_WANT_ALG_CFB" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CHACHA20_POLY1305
bool "PSA_WANT_ALG_CHACHA20_POLY1305" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_CTR
bool "PSA_WANT_ALG_CTR" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_DETERMINISTIC_ECDSA
bool "PSA_WANT_ALG_DETERMINISTIC_ECDSA" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_ECB_NO_PADDING
bool "PSA_WANT_ALG_ECB_NO_PADDING" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_ECDH
bool "PSA_WANT_ALG_ECDH" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_FFDH
bool "PSA_WANT_ALG_FFDH" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_ECDSA
bool "PSA_WANT_ALG_ECDSA" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_JPAKE
bool "PSA_WANT_ALG_JPAKE" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_GCM
bool "PSA_WANT_ALG_GCM" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_HKDF
bool "PSA_WANT_ALG_HKDF" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_HKDF_EXTRACT
bool "PSA_WANT_ALG_HKDF_EXTRACT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_HKDF_EXPAND
bool "PSA_WANT_ALG_HKDF_EXPAND" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_HMAC
bool "PSA_WANT_ALG_HMAC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_MD5
bool "PSA_WANT_ALG_MD5" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_OFB
bool "PSA_WANT_ALG_OFB" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_PBKDF2_HMAC
bool "PSA_WANT_ALG_PBKDF2_HMAC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128
bool "PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_RIPEMD160
bool "PSA_WANT_ALG_RIPEMD160" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_RSA_OAEP
bool "PSA_WANT_ALG_RSA_OAEP" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
bool "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_RSA_PKCS1V15_SIGN
bool "PSA_WANT_ALG_RSA_PKCS1V15_SIGN" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_RSA_PSS
bool "PSA_WANT_ALG_RSA_PSS" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA_1
bool "PSA_WANT_ALG_SHA_1" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA_224
bool "PSA_WANT_ALG_SHA_224" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA_256
bool "SHA-256 hash algorithm through PSA"
bool "PSA_WANT_ALG_SHA_256" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA_384
bool "PSA_WANT_ALG_SHA_384" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA_512
bool "PSA_WANT_ALG_SHA_512" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA3_224
bool "PSA_WANT_ALG_SHA3_224" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA3_256
bool "PSA_WANT_ALG_SHA3_256" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA3_384
bool "PSA_WANT_ALG_SHA3_384" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_SHA3_512
bool "PSA_WANT_ALG_SHA3_512" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_STREAM_CIPHER
bool "PSA_WANT_ALG_STREAM_CIPHER" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_TLS12_PRF
bool "PSA_WANT_ALG_TLS12_PRF" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_TLS12_PSK_TO_MS
bool "PSA_WANT_ALG_TLS12_PSK_TO_MS" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS
bool "PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_BRAINPOOL_P_R1_256
bool "PSA_WANT_ECC_BRAINPOOL_P_R1_256" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_BRAINPOOL_P_R1_384
bool "PSA_WANT_ECC_BRAINPOOL_P_R1_384" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_BRAINPOOL_P_R1_512
bool "PSA_WANT_ECC_BRAINPOOL_P_R1_512" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_MONTGOMERY_255
bool "PSA_WANT_ECC_MONTGOMERY_255" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_MONTGOMERY_448
bool "PSA_WANT_ECC_MONTGOMERY_448" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_K1_192
bool "PSA_WANT_ECC_SECP_K1_192" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_K1_256
bool "PSA_WANT_ECC_SECP_K1_256" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_R1_192
bool "PSA_WANT_ECC_SECP_R1_192" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_R1_224
bool "PSA_WANT_ECC_SECP_R1_224" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_R1_256
bool "PSA_WANT_ECC_SECP_R1_256" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_R1_384
bool "PSA_WANT_ECC_SECP_R1_384" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_ECC_SECP_R1_521
bool "PSA_WANT_ECC_SECP_R1_521" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_DH_RFC7919_2048
bool "PSA_WANT_DH_RFC7919_2048" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_DH_RFC7919_3072
bool "PSA_WANT_DH_RFC7919_3072" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_DH_RFC7919_4096
bool "PSA_WANT_DH_RFC7919_4096" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_DH_RFC7919_6144
bool "PSA_WANT_DH_RFC7919_6144" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_DH_RFC7919_8192
bool "PSA_WANT_DH_RFC7919_8192" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DERIVE
bool "PSA_WANT_KEY_TYPE_DERIVE" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_PASSWORD
bool "PSA_WANT_KEY_TYPE_PASSWORD" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_PASSWORD_HASH
bool "PSA_WANT_KEY_TYPE_PASSWORD_HASH" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_HMAC
bool "PSA_WANT_KEY_TYPE_HMAC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_AES
bool "PSA_WANT_KEY_TYPE_AES" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ARIA
bool "PSA_WANT_KEY_TYPE_ARIA" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_CAMELLIA
bool "PSA_WANT_KEY_TYPE_CAMELLIA" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_CHACHA20
bool "PSA_WANT_KEY_TYPE_CHACHA20" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DES
bool "PSA_WANT_KEY_TYPE_DES" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY
bool "PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY
bool "PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_RAW_DATA
bool "PSA_WANT_KEY_TYPE_RAW_DATA" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
bool "PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE
bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE
bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS
default y if PSA_CRYPTO_ENABLE_ALL
endif # MBEDTLS_PSA_CRYPTO_CLIENT

View file

@ -0,0 +1,351 @@
/*
* Copyright (c) 2024 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: Apache-2.0
*/
/* This file was automatically generated by create_psa_files.py
* from: ../../../modules/crypto/mbedtls/include/psa/crypto_config.h
* Do not edit it manually.
*/
#ifndef CONFIG_PSA_H
#define CONFIG_PSA_H
#if defined(CONFIG_PSA_WANT_ALG_CBC_NO_PADDING)
#define PSA_WANT_ALG_CBC_NO_PADDING 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CBC_PKCS7)
#define PSA_WANT_ALG_CBC_PKCS7 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CCM)
#define PSA_WANT_ALG_CCM 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CCM_STAR_NO_TAG)
#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CMAC)
#define PSA_WANT_ALG_CMAC 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CFB)
#define PSA_WANT_ALG_CFB 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CHACHA20_POLY1305)
#define PSA_WANT_ALG_CHACHA20_POLY1305 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_CTR)
#define PSA_WANT_ALG_CTR 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA)
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_ECB_NO_PADDING)
#define PSA_WANT_ALG_ECB_NO_PADDING 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_ECDH)
#define PSA_WANT_ALG_ECDH 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_FFDH)
#define PSA_WANT_ALG_FFDH 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_ECDSA)
#define PSA_WANT_ALG_ECDSA 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_JPAKE)
#define PSA_WANT_ALG_JPAKE 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_GCM)
#define PSA_WANT_ALG_GCM 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_HKDF)
#define PSA_WANT_ALG_HKDF 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_HKDF_EXTRACT)
#define PSA_WANT_ALG_HKDF_EXTRACT 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_HKDF_EXPAND)
#define PSA_WANT_ALG_HKDF_EXPAND 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_HMAC)
#define PSA_WANT_ALG_HMAC 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_MD5)
#define PSA_WANT_ALG_MD5 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_OFB)
#define PSA_WANT_ALG_OFB 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_PBKDF2_HMAC)
#define PSA_WANT_ALG_PBKDF2_HMAC 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
#define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_RIPEMD160)
#define PSA_WANT_ALG_RIPEMD160 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_RSA_OAEP)
#define PSA_WANT_ALG_RSA_OAEP 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_RSA_PSS)
#define PSA_WANT_ALG_RSA_PSS 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA_1)
#define PSA_WANT_ALG_SHA_1 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA_224)
#define PSA_WANT_ALG_SHA_224 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA_256)
#define PSA_WANT_ALG_SHA_256 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA_384)
#define PSA_WANT_ALG_SHA_384 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA_512)
#define PSA_WANT_ALG_SHA_512 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA3_224)
#define PSA_WANT_ALG_SHA3_224 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA3_256)
#define PSA_WANT_ALG_SHA3_256 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA3_384)
#define PSA_WANT_ALG_SHA3_384 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA3_512)
#define PSA_WANT_ALG_SHA3_512 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_STREAM_CIPHER)
#define PSA_WANT_ALG_STREAM_CIPHER 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_TLS12_PRF)
#define PSA_WANT_ALG_TLS12_PRF 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_TLS12_PSK_TO_MS)
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
#endif
#if defined(CONFIG_PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS)
#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_256)
#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_384)
#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_512)
#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_MONTGOMERY_255)
#define PSA_WANT_ECC_MONTGOMERY_255 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_MONTGOMERY_448)
#define PSA_WANT_ECC_MONTGOMERY_448 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_K1_192)
#define PSA_WANT_ECC_SECP_K1_192 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_K1_256)
#define PSA_WANT_ECC_SECP_K1_256 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_192)
#define PSA_WANT_ECC_SECP_R1_192 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_224)
#define PSA_WANT_ECC_SECP_R1_224 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_256)
#define PSA_WANT_ECC_SECP_R1_256 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_384)
#define PSA_WANT_ECC_SECP_R1_384 1
#endif
#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_521)
#define PSA_WANT_ECC_SECP_R1_521 1
#endif
#if defined(CONFIG_PSA_WANT_DH_RFC7919_2048)
#define PSA_WANT_DH_RFC7919_2048 1
#endif
#if defined(CONFIG_PSA_WANT_DH_RFC7919_3072)
#define PSA_WANT_DH_RFC7919_3072 1
#endif
#if defined(CONFIG_PSA_WANT_DH_RFC7919_4096)
#define PSA_WANT_DH_RFC7919_4096 1
#endif
#if defined(CONFIG_PSA_WANT_DH_RFC7919_6144)
#define PSA_WANT_DH_RFC7919_6144 1
#endif
#if defined(CONFIG_PSA_WANT_DH_RFC7919_8192)
#define PSA_WANT_DH_RFC7919_8192 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DERIVE)
#define PSA_WANT_KEY_TYPE_DERIVE 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_PASSWORD)
#define PSA_WANT_KEY_TYPE_PASSWORD 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_PASSWORD_HASH)
#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_HMAC)
#define PSA_WANT_KEY_TYPE_HMAC 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_AES)
#define PSA_WANT_KEY_TYPE_AES 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ARIA)
#define PSA_WANT_KEY_TYPE_ARIA 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_CAMELLIA)
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_CHACHA20)
#define PSA_WANT_KEY_TYPE_CHACHA20 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DES)
#define PSA_WANT_KEY_TYPE_DES 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY)
#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RAW_DATA)
#define PSA_WANT_KEY_TYPE_RAW_DATA 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT)
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE)
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)
#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC)
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT)
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT)
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC)
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT)
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT)
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1
#endif
#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)
#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1
#endif
#endif /* CONFIG_PSA_H */

View file

@ -489,6 +489,9 @@
#if defined(CONFIG_MBEDTLS_PSA_CRYPTO_CLIENT)
#define MBEDTLS_PSA_CRYPTO_CLIENT
#define MBEDTLS_PSA_CRYPTO_CONFIG
#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "config-psa.h"
#endif
#if defined(CONFIG_MBEDTLS_TLS_VERSION_1_2) && defined(CONFIG_MBEDTLS_PSA_CRYPTO_C)
@ -507,8 +510,4 @@
#undef MBEDTLS_PSA_CRYPTO_C
#endif
#if defined(CONFIG_PSA_WANT_ALG_SHA_256)
#define PSA_WANT_ALG_SHA_256 1
#endif
#endif /* MBEDTLS_CONFIG_H */

View file

@ -910,6 +910,7 @@ flagged.
"OPT",
"OPT_0",
"PEDO_THS_MIN",
"PSA_H", # This is used in config-psa.h as guard for the header file
"REG1",
"REG2",
"RIMAGE_SIGNING_SCHEMA", # Optional module