diff --git a/modules/mbedtls/Kconfig.psa b/modules/mbedtls/Kconfig.psa index 35200a9d2f4..e6121ed9173 100644 --- a/modules/mbedtls/Kconfig.psa +++ b/modules/mbedtls/Kconfig.psa @@ -1,6 +1,10 @@ # Copyright (c) 2024 Nordic Semiconductor ASA # SPDX-License-Identifier: Apache-2.0 +# This file was automatically generated by create_psa_files.py +# from: ../../../modules/crypto/mbedtls/include/psa/crypto_config.h. +# Do not edit it manually. + config MBEDTLS_PSA_CRYPTO_CLIENT bool default y @@ -8,7 +12,343 @@ config MBEDTLS_PSA_CRYPTO_CLIENT if MBEDTLS_PSA_CRYPTO_CLIENT +config PSA_CRYPTO_ENABLE_ALL + bool "All PSA crypto features" + +config PSA_WANT_ALG_CBC_NO_PADDING + bool "PSA_WANT_ALG_CBC_NO_PADDING" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CBC_PKCS7 + bool "PSA_WANT_ALG_CBC_PKCS7" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CCM + bool "PSA_WANT_ALG_CCM" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CCM_STAR_NO_TAG + bool "PSA_WANT_ALG_CCM_STAR_NO_TAG" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CMAC + bool "PSA_WANT_ALG_CMAC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CFB + bool "PSA_WANT_ALG_CFB" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CHACHA20_POLY1305 + bool "PSA_WANT_ALG_CHACHA20_POLY1305" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_CTR + bool "PSA_WANT_ALG_CTR" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_DETERMINISTIC_ECDSA + bool "PSA_WANT_ALG_DETERMINISTIC_ECDSA" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_ECB_NO_PADDING + bool "PSA_WANT_ALG_ECB_NO_PADDING" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_ECDH + bool "PSA_WANT_ALG_ECDH" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_FFDH + bool "PSA_WANT_ALG_FFDH" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_ECDSA + bool "PSA_WANT_ALG_ECDSA" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_JPAKE + bool "PSA_WANT_ALG_JPAKE" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_GCM + bool "PSA_WANT_ALG_GCM" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_HKDF + bool "PSA_WANT_ALG_HKDF" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_HKDF_EXTRACT + bool "PSA_WANT_ALG_HKDF_EXTRACT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_HKDF_EXPAND + bool "PSA_WANT_ALG_HKDF_EXPAND" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_HMAC + bool "PSA_WANT_ALG_HMAC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_MD5 + bool "PSA_WANT_ALG_MD5" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_OFB + bool "PSA_WANT_ALG_OFB" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_PBKDF2_HMAC + bool "PSA_WANT_ALG_PBKDF2_HMAC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 + bool "PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_RIPEMD160 + bool "PSA_WANT_ALG_RIPEMD160" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_RSA_OAEP + bool "PSA_WANT_ALG_RSA_OAEP" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + bool "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_RSA_PKCS1V15_SIGN + bool "PSA_WANT_ALG_RSA_PKCS1V15_SIGN" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_RSA_PSS + bool "PSA_WANT_ALG_RSA_PSS" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA_1 + bool "PSA_WANT_ALG_SHA_1" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA_224 + bool "PSA_WANT_ALG_SHA_224" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + config PSA_WANT_ALG_SHA_256 - bool "SHA-256 hash algorithm through PSA" + bool "PSA_WANT_ALG_SHA_256" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA_384 + bool "PSA_WANT_ALG_SHA_384" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA_512 + bool "PSA_WANT_ALG_SHA_512" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA3_224 + bool "PSA_WANT_ALG_SHA3_224" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA3_256 + bool "PSA_WANT_ALG_SHA3_256" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA3_384 + bool "PSA_WANT_ALG_SHA3_384" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_SHA3_512 + bool "PSA_WANT_ALG_SHA3_512" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_STREAM_CIPHER + bool "PSA_WANT_ALG_STREAM_CIPHER" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_TLS12_PRF + bool "PSA_WANT_ALG_TLS12_PRF" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_TLS12_PSK_TO_MS + bool "PSA_WANT_ALG_TLS12_PSK_TO_MS" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + bool "PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_BRAINPOOL_P_R1_256 + bool "PSA_WANT_ECC_BRAINPOOL_P_R1_256" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_BRAINPOOL_P_R1_384 + bool "PSA_WANT_ECC_BRAINPOOL_P_R1_384" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_BRAINPOOL_P_R1_512 + bool "PSA_WANT_ECC_BRAINPOOL_P_R1_512" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_MONTGOMERY_255 + bool "PSA_WANT_ECC_MONTGOMERY_255" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_MONTGOMERY_448 + bool "PSA_WANT_ECC_MONTGOMERY_448" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_K1_192 + bool "PSA_WANT_ECC_SECP_K1_192" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_K1_256 + bool "PSA_WANT_ECC_SECP_K1_256" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_R1_192 + bool "PSA_WANT_ECC_SECP_R1_192" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_R1_224 + bool "PSA_WANT_ECC_SECP_R1_224" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_R1_256 + bool "PSA_WANT_ECC_SECP_R1_256" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_R1_384 + bool "PSA_WANT_ECC_SECP_R1_384" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_ECC_SECP_R1_521 + bool "PSA_WANT_ECC_SECP_R1_521" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_DH_RFC7919_2048 + bool "PSA_WANT_DH_RFC7919_2048" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_DH_RFC7919_3072 + bool "PSA_WANT_DH_RFC7919_3072" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_DH_RFC7919_4096 + bool "PSA_WANT_DH_RFC7919_4096" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_DH_RFC7919_6144 + bool "PSA_WANT_DH_RFC7919_6144" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_DH_RFC7919_8192 + bool "PSA_WANT_DH_RFC7919_8192" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DERIVE + bool "PSA_WANT_KEY_TYPE_DERIVE" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_PASSWORD + bool "PSA_WANT_KEY_TYPE_PASSWORD" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_PASSWORD_HASH + bool "PSA_WANT_KEY_TYPE_PASSWORD_HASH" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_HMAC + bool "PSA_WANT_KEY_TYPE_HMAC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_AES + bool "PSA_WANT_KEY_TYPE_AES" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ARIA + bool "PSA_WANT_KEY_TYPE_ARIA" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_CAMELLIA + bool "PSA_WANT_KEY_TYPE_CAMELLIA" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_CHACHA20 + bool "PSA_WANT_KEY_TYPE_CHACHA20" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DES + bool "PSA_WANT_KEY_TYPE_DES" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY + bool "PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY + bool "PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_RAW_DATA + bool "PSA_WANT_KEY_TYPE_RAW_DATA" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + bool "PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC + bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT + bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT + bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE + bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + bool "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC + bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT + bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT + bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE + bool "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC + bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT + bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT + bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL + +config PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE + bool "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE" if !MBEDTLS_PROMPTLESS + default y if PSA_CRYPTO_ENABLE_ALL endif # MBEDTLS_PSA_CRYPTO_CLIENT diff --git a/modules/mbedtls/configs/config-psa.h b/modules/mbedtls/configs/config-psa.h new file mode 100644 index 00000000000..e0278f761b8 --- /dev/null +++ b/modules/mbedtls/configs/config-psa.h @@ -0,0 +1,351 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/* This file was automatically generated by create_psa_files.py + * from: ../../../modules/crypto/mbedtls/include/psa/crypto_config.h + * Do not edit it manually. + */ + +#ifndef CONFIG_PSA_H +#define CONFIG_PSA_H + +#if defined(CONFIG_PSA_WANT_ALG_CBC_NO_PADDING) +#define PSA_WANT_ALG_CBC_NO_PADDING 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CBC_PKCS7) +#define PSA_WANT_ALG_CBC_PKCS7 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CCM) +#define PSA_WANT_ALG_CCM 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CCM_STAR_NO_TAG) +#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CMAC) +#define PSA_WANT_ALG_CMAC 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CFB) +#define PSA_WANT_ALG_CFB 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CHACHA20_POLY1305) +#define PSA_WANT_ALG_CHACHA20_POLY1305 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_CTR) +#define PSA_WANT_ALG_CTR 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_DETERMINISTIC_ECDSA) +#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_ECB_NO_PADDING) +#define PSA_WANT_ALG_ECB_NO_PADDING 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_ECDH) +#define PSA_WANT_ALG_ECDH 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_FFDH) +#define PSA_WANT_ALG_FFDH 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_ECDSA) +#define PSA_WANT_ALG_ECDSA 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_JPAKE) +#define PSA_WANT_ALG_JPAKE 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_GCM) +#define PSA_WANT_ALG_GCM 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_HKDF) +#define PSA_WANT_ALG_HKDF 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_HKDF_EXTRACT) +#define PSA_WANT_ALG_HKDF_EXTRACT 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_HKDF_EXPAND) +#define PSA_WANT_ALG_HKDF_EXPAND 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_HMAC) +#define PSA_WANT_ALG_HMAC 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_MD5) +#define PSA_WANT_ALG_MD5 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_OFB) +#define PSA_WANT_ALG_OFB 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_PBKDF2_HMAC) +#define PSA_WANT_ALG_PBKDF2_HMAC 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) +#define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_RIPEMD160) +#define PSA_WANT_ALG_RIPEMD160 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_RSA_OAEP) +#define PSA_WANT_ALG_RSA_OAEP 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) +#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_RSA_PSS) +#define PSA_WANT_ALG_RSA_PSS 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA_1) +#define PSA_WANT_ALG_SHA_1 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA_224) +#define PSA_WANT_ALG_SHA_224 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA_256) +#define PSA_WANT_ALG_SHA_256 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA_384) +#define PSA_WANT_ALG_SHA_384 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA_512) +#define PSA_WANT_ALG_SHA_512 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA3_224) +#define PSA_WANT_ALG_SHA3_224 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA3_256) +#define PSA_WANT_ALG_SHA3_256 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA3_384) +#define PSA_WANT_ALG_SHA3_384 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_SHA3_512) +#define PSA_WANT_ALG_SHA3_512 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_STREAM_CIPHER) +#define PSA_WANT_ALG_STREAM_CIPHER 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_TLS12_PRF) +#define PSA_WANT_ALG_TLS12_PRF 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_TLS12_PSK_TO_MS) +#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 +#endif + +#if defined(CONFIG_PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) +#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_MONTGOMERY_255) +#define PSA_WANT_ECC_MONTGOMERY_255 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_MONTGOMERY_448) +#define PSA_WANT_ECC_MONTGOMERY_448 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_K1_192) +#define PSA_WANT_ECC_SECP_K1_192 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_K1_256) +#define PSA_WANT_ECC_SECP_K1_256 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_192) +#define PSA_WANT_ECC_SECP_R1_192 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_224) +#define PSA_WANT_ECC_SECP_R1_224 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_256) +#define PSA_WANT_ECC_SECP_R1_256 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_384) +#define PSA_WANT_ECC_SECP_R1_384 1 +#endif + +#if defined(CONFIG_PSA_WANT_ECC_SECP_R1_521) +#define PSA_WANT_ECC_SECP_R1_521 1 +#endif + +#if defined(CONFIG_PSA_WANT_DH_RFC7919_2048) +#define PSA_WANT_DH_RFC7919_2048 1 +#endif + +#if defined(CONFIG_PSA_WANT_DH_RFC7919_3072) +#define PSA_WANT_DH_RFC7919_3072 1 +#endif + +#if defined(CONFIG_PSA_WANT_DH_RFC7919_4096) +#define PSA_WANT_DH_RFC7919_4096 1 +#endif + +#if defined(CONFIG_PSA_WANT_DH_RFC7919_6144) +#define PSA_WANT_DH_RFC7919_6144 1 +#endif + +#if defined(CONFIG_PSA_WANT_DH_RFC7919_8192) +#define PSA_WANT_DH_RFC7919_8192 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DERIVE) +#define PSA_WANT_KEY_TYPE_DERIVE 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_PASSWORD) +#define PSA_WANT_KEY_TYPE_PASSWORD 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_PASSWORD_HASH) +#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_HMAC) +#define PSA_WANT_KEY_TYPE_HMAC 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_AES) +#define PSA_WANT_KEY_TYPE_AES 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ARIA) +#define PSA_WANT_KEY_TYPE_ARIA 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_CAMELLIA) +#define PSA_WANT_KEY_TYPE_CAMELLIA 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_CHACHA20) +#define PSA_WANT_KEY_TYPE_CHACHA20 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DES) +#define PSA_WANT_KEY_TYPE_DES 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) +#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_RAW_DATA) +#define PSA_WANT_KEY_TYPE_RAW_DATA 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) +#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#endif + +#if defined(CONFIG_PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#endif + +#endif /* CONFIG_PSA_H */ diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h index 6a731d4f61a..2750bab09bc 100644 --- a/modules/mbedtls/configs/config-tls-generic.h +++ b/modules/mbedtls/configs/config-tls-generic.h @@ -489,6 +489,9 @@ #if defined(CONFIG_MBEDTLS_PSA_CRYPTO_CLIENT) #define MBEDTLS_PSA_CRYPTO_CLIENT +#define MBEDTLS_PSA_CRYPTO_CONFIG +#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "config-psa.h" + #endif #if defined(CONFIG_MBEDTLS_TLS_VERSION_1_2) && defined(CONFIG_MBEDTLS_PSA_CRYPTO_C) @@ -507,8 +510,4 @@ #undef MBEDTLS_PSA_CRYPTO_C #endif -#if defined(CONFIG_PSA_WANT_ALG_SHA_256) -#define PSA_WANT_ALG_SHA_256 1 -#endif - #endif /* MBEDTLS_CONFIG_H */ diff --git a/scripts/ci/check_compliance.py b/scripts/ci/check_compliance.py index e82e7f95ac1..090559e2049 100755 --- a/scripts/ci/check_compliance.py +++ b/scripts/ci/check_compliance.py @@ -910,6 +910,7 @@ flagged. "OPT", "OPT_0", "PEDO_THS_MIN", + "PSA_H", # This is used in config-psa.h as guard for the header file "REG1", "REG2", "RIMAGE_SIGNING_SCHEMA", # Optional module