diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 09bc32c73..48b2d3209 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -843,6 +843,8 @@ extern "C" { /* These features are always enabled. */ #define PSA_WANT_KEY_TYPE_DERIVE 1 +#define PSA_WANT_KEY_TYPE_PASSWORD 1 +#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 #define PSA_WANT_KEY_TYPE_RAW_DATA 1 #ifdef __cplusplus diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 7399a6220..e68fac8b4 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -116,6 +116,8 @@ #define PSA_WANT_ECC_SECP_R1_521 1 #define PSA_WANT_KEY_TYPE_DERIVE 1 +#define PSA_WANT_KEY_TYPE_PASSWORD 1 +#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 #define PSA_WANT_KEY_TYPE_HMAC 1 #define PSA_WANT_KEY_TYPE_AES 1 #define PSA_WANT_KEY_TYPE_ARIA 1 diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 171292ba7..d503aa846 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -159,6 +159,8 @@ class KeyTypeNotSupported: ALWAYS_SUPPORTED = frozenset([ 'PSA_KEY_TYPE_DERIVE', + 'PSA_KEY_TYPE_PASSWORD', + 'PSA_KEY_TYPE_PASSWORD_HASH', 'PSA_KEY_TYPE_RAW_DATA', 'PSA_KEY_TYPE_HMAC' ]) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index bf5f04e4f..aba512741 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -339,6 +339,12 @@ key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED Key type: secret for key derivation key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED +Key type: password +key_type:PSA_KEY_TYPE_PASSWORD:KEY_TYPE_IS_UNSTRUCTURED + +Key type: password hash +key_type:PSA_KEY_TYPE_PASSWORD_HASH:KEY_TYPE_IS_UNSTRUCTURED + Block cipher key type: AES depends_on:PSA_WANT_KEY_TYPE_AES block_cipher_key_type:PSA_KEY_TYPE_AES:16