Mbed TLS v4.0.0
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
crypto_adjust_config_derived.h
Go to the documentation of this file.
1 
7 /*
8  * Copyright The Mbed TLS Contributors
9  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
10  */
11 
12 #ifndef PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H
13 #define PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H
14 
15 #if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
16 #error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
17  "up to and including runtime errors such as buffer overflows. " \
18  "If you're trying to fix a complaint from check_config.h, just remove " \
19  "it from your configuration file: since Mbed TLS 3.0, it is included " \
20  "automatically at the right point."
21 #endif /* */
22 
23 /* The number of "true" entropy sources (excluding NV seed).
24  * This must be consistent with mbedtls_entropy_init() in entropy.c.
25  */
26 /* Define auxiliary macros, because in standard C, defined(xxx) is only
27  * allowed directly on an #if or #elif line, not in recursive expansion. */
28 #if defined(MBEDTLS_PSA_BUILTIN_GET_ENTROPY)
29 #define MBEDTLS_PSA_BUILTIN_GET_ENTROPY_DEFINED 1
30 #else
31 #define MBEDTLS_PSA_BUILTIN_GET_ENTROPY_DEFINED 0
32 #endif
33 #if defined(MBEDTLS_PSA_DRIVER_GET_ENTROPY)
34 #define MBEDTLS_PSA_DRIVER_GET_ENTROPY_DEFINED 1
35 #else
36 #define MBEDTLS_PSA_DRIVER_GET_ENTROPY_DEFINED 0
37 #endif
38 
39 #define MBEDTLS_ENTROPY_TRUE_SOURCES ( \
40  MBEDTLS_PSA_BUILTIN_GET_ENTROPY_DEFINED + \
41  MBEDTLS_PSA_DRIVER_GET_ENTROPY_DEFINED + \
42  0)
43 
44 /* Whether there is at least one entropy source for the entropy module.
45  *
46  * Note that when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, the entropy
47  * module is unused and the configuration will typically not include any
48  * entropy source, so this macro will typically remain undefined.
49  */
50 #if defined(MBEDTLS_ENTROPY_NV_SEED)
51 #define MBEDTLS_ENTROPY_HAVE_SOURCES (MBEDTLS_ENTROPY_TRUE_SOURCES + 1)
52 #elif MBEDTLS_ENTROPY_TRUE_SOURCES != 0
53 #define MBEDTLS_ENTROPY_HAVE_SOURCES MBEDTLS_ENTROPY_TRUE_SOURCES
54 #else
55 #undef MBEDTLS_ENTROPY_HAVE_SOURCES
56 #endif
57 
58 #if defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
59 #define PSA_HAVE_ALG_SOME_ECDSA
60 #endif
61 
62 #if defined(PSA_HAVE_ALG_SOME_ECDSA) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC)
63 #define PSA_HAVE_ALG_ECDSA_SIGN
64 #endif
65 
66 #if defined(PSA_HAVE_ALG_SOME_ECDSA) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
67 #define PSA_HAVE_ALG_ECDSA_VERIFY
68 #endif
69 
70 #if defined(PSA_WANT_ALG_JPAKE)
71 #define PSA_WANT_ALG_SOME_PAKE 1
72 #endif
73 
74 /*
75  * If the RNG strength is not explicitly defined in the configuration, define
76  * it here to its default value. This ensures it is available for use in
77  * adjusting the configuration of RNG internal modules in
78  * config_adjust_legacy_crypto.h.
79  */
80 #if !defined(MBEDTLS_PSA_CRYPTO_RNG_STRENGTH)
81 #define MBEDTLS_PSA_CRYPTO_RNG_STRENGTH 256
82 #endif
83 
84 #if !defined(MBEDTLS_PSA_CRYPTO_RNG_HASH)
85 
86 #if defined(PSA_WANT_ALG_SHA_256)
87 #define MBEDTLS_PSA_CRYPTO_RNG_HASH PSA_ALG_SHA_256
88 #elif defined(PSA_WANT_ALG_SHA_512)
89 #define MBEDTLS_PSA_CRYPTO_RNG_HASH PSA_ALG_SHA_512
90 #else
91 #if (defined(MBEDTLS_PSA_CRYPTO_C) && !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG))
92 #error "Not able to define MBEDTLS_PSA_CRYPTO_RNG_HASH for the entropy module."
93 #endif
94 #if defined(MBEDTLS_HMAC_DRBG_C)
95 #error "Not able to define MBEDTLS_PSA_CRYPTO_RNG_HASH for HMAC_DRBG."
96 #endif
97 #endif /* !PSA_WANT_ALG_SHA_256, !PSA_WANT_ALG_SHA_512 */
98 
99 #endif /* !MBEDTLS_PSA_CRYPTO_RNG_HASH */
100 
101 #endif /* PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H */