From 8de143e72d3e664950cdf81a3dca6f75e95c96d7 Mon Sep 17 00:00:00 2001 From: David Brown Date: Fri, 19 Feb 2021 14:08:00 -0700 Subject: [PATCH] Create PSA configs for ECC curves For each curve defined MBEDTLS_ECP_DP_xxx_ENABLED, we have a corrsponding PSA config define PSA_WANT_ECC_xxx. Along with that is a value MBEDTLS_PSA_ACCEL_ECC_xxx which can be used to allow HW acceleration of that particular curve. If the PSA config requests an unaccelerated curve, the corresponding MBEDTLS_PSA_BUILTIN_ECC_xxx will also be defined. This commit defines these for all curves currently defined, with the defines working in either direction, depending on whether MBEDTLS_PSA_CRYPTO_CONFIG is defined. Signed-off-by: David Brown --- include/mbedtls/config_psa.h | 149 +++++++++++++++++++++++++++++++++++ 1 file changed, 149 insertions(+) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 73a3ea356..7ecd97a65 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -355,6 +355,90 @@ extern "C" { #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ +#if defined(PSA_WANT_ECC_SECP192R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP192R1) +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP192R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP192R1 */ +#endif /* PSA_WANT_ECC_SECP192R1 */ + +#if defined(PSA_WANT_ECC_SECP224R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP224R1) +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP224R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP224R1 */ +#endif /* PSA_WANT_ECC_SECP224R1 */ + +#if defined(PSA_WANT_ECC_SECP256R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP256R1) +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP256R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP256R1 */ +#endif /* PSA_WANT_ECC_SECP256R1 */ + +#if defined(PSA_WANT_ECC_SECP384R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP384R1) +#define MBEDTLS_ECP_DP_SECP384K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP384R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP384R1 */ +#endif /* PSA_WANT_ECC_SECP384R1 */ + +#if defined(PSA_WANT_ECC_SECP521R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP521R1) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP521R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP521R1 */ +#endif /* PSA_WANT_ECC_SECP521R1 */ + +#if defined(PSA_WANT_ECC_SECP192K1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP192K1) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP192K1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP192K1 */ +#endif /* PSA_WANT_ECC_SECP192K1 */ + +#if defined(PSA_WANT_ECC_SECP224K1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP224K1) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_SECP224K1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP224K1 */ +#endif /* PSA_WANT_ECC_SECP224K1 */ + +#if defined(PSA_WANT_ECC_BP256R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_BP256R1) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_BP256R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_BP256R1 */ +#endif /* PSA_WANT_ECC_BP256R1 */ + +#if defined(PSA_WANT_ECC_BP384R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_BP384R1) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_BP384R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_BP384R1 */ +#endif /* PSA_WANT_ECC_BP384R1 */ + +#if defined(PSA_WANT_ECC_BP512R1) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_BP512R1) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_BP512R1 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_BP512R1 */ +#endif /* PSA_WANT_ECC_BP512R1 */ + +#if defined(PSA_WANT_ECC_CURVE25519) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_CURVE25519) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_CURVE25519 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_CURVE25519 */ +#endif /* PSA_WANT_ECC_CURVE25519 */ + +#if defined(PSA_WANT_ECC_CURVE448) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_CURVE448) +#define MBEDTLS_ECP_DP_SECP521K1_ENABLED +#define MBEDTLS_PSA_BUILTIN_ECC_CURVE448 1 +#endif /* !MBEDTLS_PSA_ACCEL_ECC_CURVE448 */ +#endif /* PSA_WANT_ECC_CURVE448 */ + #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ /* @@ -531,6 +615,71 @@ extern "C" { #define PSA_WANT_ALG_XTS 1 #endif +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP192R1 1 +#define PSA_WANT_ECC_SECP192R1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP224R1 1 +#define PSA_WANT_ECC_SECP224R1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP256R1 1 +#define PSA_WANT_ECC_SECP256R1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP384R1 1 +#define PSA_WANT_ECC_SECP384R1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP521R1 1 +#define PSA_WANT_ECC_SECP521R1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP192K1 1 +#define PSA_WANT_ECC_SECP192K1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP224K1 1 +#define PSA_WANT_ECC_SECP224K1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP256K1 1 +#define PSA_WANT_ECC_SECP256K1 +#endif + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_BP256R1 1 +#define PSA_WANT_ECC_BP256R1 +#endif + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_BP384R1 1 +#define PSA_WANT_ECC_BP384R1 +#endif + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_BP512R1 1 +#define PSA_WANT_ECC_BP512R1 +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_CURVE25519 1 +#define PSA_WANT_ECC_CURVE25519 +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_CURVE448 1 +#define PSA_WANT_ECC_CURVE448 +#endif + #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ /* These features are always enabled. */