1 /*
2  * Copyright (c) 2024, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 /**
8  * \file psa/crypto_config.h
9  * \brief PSA crypto configuration options (set of defines)
10  *
11  */
12 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
13 /**
14  * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h,
15  * this file determines which cryptographic mechanisms are enabled
16  * through the PSA Cryptography API (\c psa_xxx() functions).
17  *
18  * To enable a cryptographic mechanism, uncomment the definition of
19  * the corresponding \c PSA_WANT_xxx preprocessor symbol.
20  * To disable a cryptographic mechanism, comment out the definition of
21  * the corresponding \c PSA_WANT_xxx preprocessor symbol.
22  * The names of cryptographic mechanisms correspond to values
23  * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
24  * of \c PSA_.
25  *
26  * Note that many cryptographic mechanisms involve two symbols: one for
27  * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
28  * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
29  * additional symbols.
30  */
31 #else
32 /**
33  * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in mbedtls_config.h,
34  * this file is not used, and cryptographic mechanisms are supported
35  * through the PSA API if and only if they are supported through the
36  * mbedtls_xxx API.
37  */
38 #endif
39 
40 #ifndef MCUBOOT_CRYPTO_CONFIG_H
41 #define MCUBOOT_CRYPTO_CONFIG_H
42 
43 /* Hashing algorithms */
44 #if defined(MCUBOOT_SIGN_EC384)
45 #define PSA_WANT_ALG_SHA_384                    1
46 #else
47 #define PSA_WANT_ALG_SHA_256                    1
48 #endif
49 
50 /* Signature verification algorithms */
51 #if defined(MCUBOOT_SIGN_RSA)
52 #define PSA_WANT_ALG_RSA_PSS                    1
53 #else
54 #define PSA_WANT_ALG_ECDSA                      1
55 /* Curves supported for ECDSA */
56 #if defined(MCUBOOT_SIGN_EC384)
57 #define PSA_WANT_ECC_SECP_R1_384                1
58 #else
59 #define PSA_WANT_ECC_SECP_R1_256                1
60 #endif
61 #endif
62 
63 /* Key types supported */
64 #if defined(MCUBOOT_SIGN_RSA)
65 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1
66 #else
67 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1
68 #endif
69 
70 #ifdef CRYPTO_HW_ACCELERATOR
71 #include MBEDTLS_ACCELERATOR_PSA_CRYPTO_CONFIG_FILE
72 #endif
73 
74 #endif /* MCUBOOT_CRYPTO_CONFIG_H */
75