Minor updates to address review comments

Removed unecessary checks on the ALG_SHA_224 and ALG_SHA_384 since those are handled in config_psa.h by ensuring the correct _C is included. Reformatted config_psa.h to be alphabetical and made the assignments line up correctly for consistency. Fixed the guards for ALG_SHA_224 and ALG_SHA_384 to be correct in the crypto library source. Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-11-30 21:06:05 -08:00 · 2020-11-30 21:06:05 -08:00 · d62b678473
commit d62b678473
parent 1b7ee05461
3 changed files with 163 additions and 181 deletions
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@ -40,6 +40,45 @@ extern "C" {
 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
 #define MBEDTLS_ECDSA_DETERMINISTIC
 #define MBEDTLS_ECDSA_C
 #define MBEDTLS_HMAC_DRBG_C
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
 #if defined(PSA_WANT_ALG_ECDH)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
 #define MBEDTLS_ECDH_C
 #define MBEDTLS_ECP_C
 #define MBEDTLS_BIGNUM_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
 #endif /* PSA_WANT_ALG_ECDH */
 #if defined(PSA_WANT_ALG_ECDSA)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
 #define MBEDTLS_ECDSA_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
 #endif /* PSA_WANT_ALG_ECDSA */
 #if defined(PSA_WANT_ALG_HKDF)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
 #endif /* PSA_WANT_ALG_HKDF */
 #if defined(PSA_WANT_ALG_HMAC)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
 #endif /* PSA_WANT_ALG_HMAC */
 #if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
 #define MBEDTLS_MD2_C
@ -60,6 +99,49 @@ extern "C" {
 #define MBEDTLS_RIPEMD160_C
 #endif
 #if defined(PSA_WANT_ALG_RSA_OAEP)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V21
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
 #endif /* PSA_WANT_ALG_RSA_OAEP */
 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V15
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V15
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
 #if defined(PSA_WANT_ALG_RSA_PSS)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V21
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
 #endif /* PSA_WANT_ALG_RSA_PSS */
 #if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
 #define MBEDTLS_SHA1_C
@ -85,103 +167,21 @@ extern "C" {
 #define MBEDTLS_SHA512_C
 #endif
 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA     1
 #define MBEDTLS_ECDSA_DETERMINISTIC
 #define MBEDTLS_ECDSA_C
 #define MBEDTLS_HMAC_DRBG_C
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
 #endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
 #if defined(PSA_WANT_ALG_ECDH)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH                    1
 #define MBEDTLS_ECDH_C
 #define MBEDTLS_ECP_C
 #define MBEDTLS_BIGNUM_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */
 #endif /* PSA_WANT_ALG_ECDH */
 #if defined(PSA_WANT_ALG_ECDSA)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA                   1
 #define MBEDTLS_ECDSA_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
 #endif /* PSA_WANT_ALG_ECDSA */
 #if defined(PSA_WANT_ALG_HKDF)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC                    1
 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF                    1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
 #endif /* PSA_WANT_ALG_HKDF */
 #if defined(PSA_WANT_ALG_HMAC)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC                    1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
 #endif /* PSA_WANT_ALG_HMAC */
 #if defined(PSA_WANT_ALG_RSA_OAEP)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP                1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V21
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */
 #endif /* PSA_WANT_ALG_RSA_OAEP */
 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT      1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V15
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */
 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */
 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN       1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V15
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */
 #endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */
 #if defined(PSA_WANT_ALG_RSA_PSS)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS                 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
 #define MBEDTLS_PKCS1_V21
 #define MBEDTLS_MD_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */
 #endif /* PSA_WANT_ALG_RSA_PSS */
 #if defined(PSA_WANT_ALG_TLS12_PRF)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)
-#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF               1
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */
 #endif /* PSA_WANT_ALG_TLS12_PRF */
 #if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)
-#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS         1
+#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */
 #endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */
 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR       1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
 #define MBEDTLS_ECP_C
 #define MBEDTLS_BIGNUM_C
 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */
@ -189,7 +189,7 @@ extern "C" {
 #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY     1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
 #define MBEDTLS_ECP_C
 #define MBEDTLS_BIGNUM_C
 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */
@ -197,7 +197,7 @@ extern "C" {
 #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR       1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
@ -210,7 +210,7 @@ extern "C" {
 #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY     1
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
 #define MBEDTLS_RSA_C
 #define MBEDTLS_BIGNUM_C
 #define MBEDTLS_OID_C
@ -227,6 +227,46 @@ extern "C" {
 * is not defined
 */
 #if defined(MBEDTLS_ECDH_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
 #define PSA_WANT_ALG_ECDH 1
 #endif /* MBEDTLS_ECDH_C */
 #if defined(MBEDTLS_ECDSA_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
 #define PSA_WANT_ALG_ECDSA 1
 // Only add in DETERMINISTIC support if ECDSA is also enabled
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
 #endif /* MBEDTLS_ECDSA_C */
 #if defined(MBEDTLS_ECP_C)
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
 #endif /* MBEDTLS_ECP_C */
 #if defined(MBEDTLS_HKDF_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
 #define PSA_WANT_ALG_HMAC 1
 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
 #define PSA_WANT_ALG_HKDF 1
 #endif /* MBEDTLS_HKDF_C */
 #if defined(MBEDTLS_MD_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
 #define PSA_WANT_ALG_HMAC 1
 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1
 #define PSA_WANT_ALG_TLS12_PRF 1
 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
 #endif /* MBEDTLS_MD_C */
 #if defined(MBEDTLS_MD2_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
 #define PSA_WANT_ALG_MD2 1
@ -247,6 +287,25 @@ extern "C" {
 #define PSA_WANT_ALG_RIPEMD160 1
 #endif
 #if defined(MBEDTLS_RSA_C)
 #if defined(MBEDTLS_PKCS1_V15)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1
 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
 #endif /* MBEDTLSS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
 #define PSA_WANT_ALG_RSA_OAEP 1
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1
 #define PSA_WANT_ALG_RSA_PSS 1
 #endif /* MBEDTLS_PKCS1_V21 */
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_SHA1_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1
 #define PSA_WANT_ALG_SHA_1 1
@ -267,65 +326,6 @@ extern "C" {
 #define PSA_WANT_ALG_SHA_512 1
 #endif
 #if defined(MBEDTLS_ECDH_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDH                    1
 #define PSA_WANT_ALG_ECDH 1
 #endif /* MBEDTLS_ECDH_C */
 #if defined(MBEDTLS_ECDSA_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA                   1
 #define PSA_WANT_ALG_ECDSA 1
 // Only add in DETERMINISTIC support if ECDSA is also enabled
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
 #define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA     1
 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
 #endif /* MBEDTLS_ECDSA_C */
 #if defined(MBEDTLS_ECP_C)
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR       1
 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY     1
 #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
 #endif /* MBEDTLS_ECP_C */
 #if defined(MBEDTLS_HKDF_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC                    1
 #define PSA_WANT_ALG_HMAC 1
 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF                    1
 #define PSA_WANT_ALG_HKDF 1
 #endif /* MBEDTLS_HKDF_C */
 #if defined(MBEDTLS_MD_C)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC                    1
 #define PSA_WANT_ALG_HMAC 1
 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF               1
 #define PSA_WANT_ALG_TLS12_PRF 1
 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS         1
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
 #endif /* MBEDTLS_MD_C */
 #if defined(MBEDTLS_RSA_C)
 #if defined(MBEDTLS_PKCS1_V15)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT      1
 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN       1
 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
 #endif /* MBEDTLSS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP                1
 #define PSA_WANT_ALG_RSA_OAEP 1
 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS                 1
 #define PSA_WANT_ALG_RSA_PSS 1
 #endif /* MBEDTLS_PKCS1_V21 */
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR       1
 #define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY     1
 #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1
 #endif /* MBEDTLS_RSA_C */
 #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
 #ifdef __cplusplus
--- a/library/check_crypto_config.h
+++ b/library/check_crypto_config.h
@ -64,16 +64,6 @@
 #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
 #endif
 #if defined(PSA_WANT_ALG_SHA_224) && \
    !( defined(PSA_WANT_ALG_SHA_256) )
 #error "PSA_WANT_ALG_SHA224 defined, but not all prerequisites"
 #endif
 #if defined(PSA_WANT_ALG_SHA_384) && \
    !( defined(PSA_WANT_ALG_SHA_512) )
 #error "PSA_WANT_ALG_SHA384 defined, but not all prerequisites"
 #endif
 #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \
    !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
 #error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites"
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -2546,18 +2546,16 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
            mbedtls_sha1_free( &operation->ctx.sha1 );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
        case PSA_ALG_SHA_224:
 #endif
        case PSA_ALG_SHA_256:
            mbedtls_sha256_free( &operation->ctx.sha256 );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
        case PSA_ALG_SHA_384:
 #endif
        case PSA_ALG_SHA_512:
            mbedtls_sha512_free( &operation->ctx.sha512 );
            break;
@ -2691,19 +2689,17 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation,
                                           input, input_length );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
        case PSA_ALG_SHA_224:
 #endif
        case PSA_ALG_SHA_256:
            ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
                                             input, input_length );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
        case PSA_ALG_SHA_384:
 #endif
        case PSA_ALG_SHA_512:
            ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
                                             input, input_length );
@ -2770,18 +2766,16 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
            ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
        case PSA_ALG_SHA_224:
 #endif
        case PSA_ALG_SHA_256:
            ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
        case PSA_ALG_SHA_384:
 #endif
        case PSA_ALG_SHA_512:
            ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
            break;
@ -2914,19 +2908,17 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation,
                                &source_operation->ctx.sha1 );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
        case PSA_ALG_SHA_224:
 #endif
        case PSA_ALG_SHA_256:
            mbedtls_sha256_clone( &target_operation->ctx.sha256,
                                  &source_operation->ctx.sha256 );
            break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
        case PSA_ALG_SHA_384:
 #endif
        case PSA_ALG_SHA_512:
            mbedtls_sha512_clone( &target_operation->ctx.sha512,
                                  &source_operation->ctx.sha512 );