/**
 *  Internal macros to express dependencies for code and tests
 *  that may use either the legacy API or PSA in various builds.
 *
 *  Copyright The Mbed TLS Contributors
 *  SPDX-License-Identifier: Apache-2.0
 *
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may
 *  not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *  http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

/*
 * These macros are for code that wants to use <crypto feature> and will do so
 * using <legacy API> or PSA depending on <condition>, where:
 * - <crypto feature> will generally be an algorithm (SHA-256, ECDH) but may
 *   also be a key type (AES, RSA, EC) or domain parameters (elliptic curve);
 * - <legacy API> will be either:
 *      - low-level module API (aes.h, sha256.h), or
 *      - an abstraction layer (md.h, cipher.h);
 * - <condition> will be either:
 *      - depending on what's available in the build:
 *          legacy API used if available, PSA otherwise
 *          (this is done to ensure backwards compatibility); or
 *      - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined.
 *
 * Examples:
 * - TLS 1.2 will compute hashes using either mbedtls_md_xxx() (and
 *   mbedtls_sha256_xxx()) or psa_aead_xxx() depending on whether
 *   MBEDTLS_USE_PSA_CRYPTO is defined;
 * - RSA PKCS#1 v2.1 will, in the near future*, compute hashes (for padding)
 *   using either `mbedtls_md()` if it's available, or `psa_hash_compute()`
 *   otherwise;
 * - PEM decoding of PEM-encrypted keys will, in the near future*, compute MD5
 *   hashes using either `mbedtls_md5_xxx()` if it's available, or
 *   `psa_hash_xxx()` otherwise.
 * *See docs/architecture/psa-migration/strategy.md, section "Supporting
 * builds with drivers without the software implementation", strategy for step
 * 1 (libmbedcrypto except the RNG subsystem).
 *
 * Note: the macros are essential to express test dependencies. Inside code,
 * we could instead just use the equivalent pre-processor condition, but
 * that's not possible in test dependencies where we need a single macro.
 * Hopefully, using these macros in code will also help with consistency.
 *
 * The naming scheme for these macros is:
 *      MBEDTLS_HAS_feature_VIA_legacy_OR_PSA(_condition)
 * where:
 * - feature is expressed the same way as in PSA_WANT macros, for example:
 *   KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256;
 * - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER;
 * - condition is omitted if it's based on availability, else it's
 *   BASED_ON_USE_PSA.
 *
 * Coming back to the examples above:
 * - TLS 1.2 will determine if it can use SHA-256 using
 *      MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 *   for the purposes of negotiation, and in test dependencies;
 * - RSA PKCS#1 v2.1 tests that used SHA-256 will depend on
 *      MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
 * - PEM decoding code and its associated tests will depend on
 *      MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
 *
 * Note: every time it's possible to use, say SHA-256, via the MD API, then
 * it's also possible to used it via the low-level API. So, code that wants to
 * use SHA-256 via both APIs only needs to depend on the MD macro. Also, it
 * just so happens that all the choosing which API to use based on
 * MBEDTLS_USE_PSA_CRYPTO (X.509, TLS 1.2/shared), always uses the abstraction
 * layer (sometimes in addition to the low-level API), so we don't need the
 * MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA_BASED_ON_USE_PSA macros.
 * (PK, while obeying MBEDTLS_USE_PSA_CRYPTO, doesn't compute hashes itself,
 * even less makes use of ciphers.)
 *
 * Note: the macros MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA are the minimal
 * condition for being able to use <feature> at all. As such, they should be
 * used for guarding data about <feature>, such as OIDs or size. For example,
 * OID values related to SHA-256 are only useful when SHA-256 can be used at
 * least in some way.
 */

#ifndef MBEDTLS_OR_PSA_HELPERS_H
#define MBEDTLS_OR_PSA_HELPERS_H

#include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "psa/crypto.h"
#endif /* MBEDTLS_PSA_CRYPTO_C */

/*
 * Hashes
 */

/* Hashes using low-level or PSA based on availability */
#if defined(MBEDTLS_MD5_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_RIPEMD160_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA1_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA224_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA256_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA384_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA512_C) || \
    ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
#endif

/* Hashes using MD or PSA based on availability */
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
#endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
    ( !defined(MBEDTLS_MD_C) && \
        defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
#endif

/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) )
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) )
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) )
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) )
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) )
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) )
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
        defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
    ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) )
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif

#endif /* MBEDTLS_OR_PSA_HELPERS_H */