Toyomasa Watarai / Mbed OS Mbed-example-WS-W27

Dependencies:   MMA7660 LM75B

simple-mbed-cloud-client/mbed-cloud-client/mbed-client-pal/Configs/mbedTLS/mbedTLSConfig_Linux.h@0:119624335925, 2018-06-30 (annotated)

Committer:
MACRUM
Date:
Sat Jun 30 01:40:30 2018 +0000
Revision:
0:119624335925
Initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
MACRUM 0:119624335925 1 /**
MACRUM 0:119624335925 2 * \file config.h
MACRUM 0:119624335925 3 *
MACRUM 0:119624335925 4 * \brief Configuration options (set of defines)
MACRUM 0:119624335925 5 *
MACRUM 0:119624335925 6 * This set of compile-time options may be used to enable
MACRUM 0:119624335925 7 * or disable features selectively, and reduce the global
MACRUM 0:119624335925 8 * memory footprint.
MACRUM 0:119624335925 9 *
MACRUM 0:119624335925 10 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
MACRUM 0:119624335925 11 * SPDX-License-Identifier: Apache-2.0
MACRUM 0:119624335925 12 *
MACRUM 0:119624335925 13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
MACRUM 0:119624335925 14 * not use this file except in compliance with the License.
MACRUM 0:119624335925 15 * You may obtain a copy of the License at
MACRUM 0:119624335925 16 *
MACRUM 0:119624335925 17 * http://www.apache.org/licenses/LICENSE-2.0
MACRUM 0:119624335925 18 *
MACRUM 0:119624335925 19 * Unless required by applicable law or agreed to in writing, software
MACRUM 0:119624335925 20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
MACRUM 0:119624335925 21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
MACRUM 0:119624335925 22 * See the License for the specific language governing permissions and
MACRUM 0:119624335925 23 * limitations under the License.
MACRUM 0:119624335925 24 *
MACRUM 0:119624335925 25 * This file is part of mbed TLS (https://tls.mbed.org)
MACRUM 0:119624335925 26 */
MACRUM 0:119624335925 27
MACRUM 0:119624335925 28 #ifndef MBEDTLS_CONFIG_H
MACRUM 0:119624335925 29 #define MBEDTLS_CONFIG_H
MACRUM 0:119624335925 30
MACRUM 0:119624335925 31 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
MACRUM 0:119624335925 32 #define _CRT_SECURE_NO_DEPRECATE 1
MACRUM 0:119624335925 33 #endif
MACRUM 0:119624335925 34
MACRUM 0:119624335925 35 /**
MACRUM 0:119624335925 36 * \name SECTION: System support
MACRUM 0:119624335925 37 *
MACRUM 0:119624335925 38 * This section sets system specific settings.
MACRUM 0:119624335925 39 * \{
MACRUM 0:119624335925 40 */
MACRUM 0:119624335925 41
MACRUM 0:119624335925 42 /**
MACRUM 0:119624335925 43 * \def MBEDTLS_HAVE_ASM
MACRUM 0:119624335925 44 *
MACRUM 0:119624335925 45 * The compiler has support for asm().
MACRUM 0:119624335925 46 *
MACRUM 0:119624335925 47 * Requires support for asm() in compiler.
MACRUM 0:119624335925 48 *
MACRUM 0:119624335925 49 * Used in:
MACRUM 0:119624335925 50 * library/timing.c
MACRUM 0:119624335925 51 * library/padlock.c
MACRUM 0:119624335925 52 * include/mbedtls/bn_mul.h
MACRUM 0:119624335925 53 *
MACRUM 0:119624335925 54 * Comment to disable the use of assembly code.
MACRUM 0:119624335925 55 */
MACRUM 0:119624335925 56 #define MBEDTLS_HAVE_ASM
MACRUM 0:119624335925 57
MACRUM 0:119624335925 58 /**
MACRUM 0:119624335925 59 * \def MBEDTLS_HAVE_SSE2
MACRUM 0:119624335925 60 *
MACRUM 0:119624335925 61 * CPU supports SSE2 instruction set.
MACRUM 0:119624335925 62 *
MACRUM 0:119624335925 63 * Uncomment if the CPU supports SSE2 (IA-32 specific).
MACRUM 0:119624335925 64 */
MACRUM 0:119624335925 65 //#define MBEDTLS_HAVE_SSE2
MACRUM 0:119624335925 66
MACRUM 0:119624335925 67 /**
MACRUM 0:119624335925 68 * \def MBEDTLS_HAVE_TIME
MACRUM 0:119624335925 69 *
MACRUM 0:119624335925 70 * System has time.h and time().
MACRUM 0:119624335925 71 * The time does not need to be correct, only time differences are used,
MACRUM 0:119624335925 72 * by contrast with MBEDTLS_HAVE_TIME_DATE
MACRUM 0:119624335925 73 *
MACRUM 0:119624335925 74 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
MACRUM 0:119624335925 75 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
MACRUM 0:119624335925 76 * MBEDTLS_PLATFORM_STD_TIME.
MACRUM 0:119624335925 77 *
MACRUM 0:119624335925 78 * Comment if your system does not support time functions
MACRUM 0:119624335925 79 */
MACRUM 0:119624335925 80 #define MBEDTLS_HAVE_TIME
MACRUM 0:119624335925 81
MACRUM 0:119624335925 82 /**
MACRUM 0:119624335925 83 * \def MBEDTLS_HAVE_TIME_DATE
MACRUM 0:119624335925 84 *
MACRUM 0:119624335925 85 * System has time.h and time(), gmtime() and the clock is correct.
MACRUM 0:119624335925 86 * The time needs to be correct (not necesarily very accurate, but at least
MACRUM 0:119624335925 87 * the date should be correct). This is used to verify the validity period of
MACRUM 0:119624335925 88 * X.509 certificates.
MACRUM 0:119624335925 89 *
MACRUM 0:119624335925 90 * Comment if your system does not have a correct clock.
MACRUM 0:119624335925 91 */
MACRUM 0:119624335925 92 //#define MBEDTLS_HAVE_TIME_DATE
MACRUM 0:119624335925 93
MACRUM 0:119624335925 94 /**
MACRUM 0:119624335925 95 * \def MBEDTLS_PLATFORM_MEMORY
MACRUM 0:119624335925 96 *
MACRUM 0:119624335925 97 * Enable the memory allocation layer.
MACRUM 0:119624335925 98 *
MACRUM 0:119624335925 99 * By default mbed TLS uses the system-provided calloc() and free().
MACRUM 0:119624335925 100 * This allows different allocators (self-implemented or provided) to be
MACRUM 0:119624335925 101 * provided to the platform abstraction layer.
MACRUM 0:119624335925 102 *
MACRUM 0:119624335925 103 * Enabling MBEDTLS_PLATFORM_MEMORY without the
MACRUM 0:119624335925 104 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
MACRUM 0:119624335925 105 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
MACRUM 0:119624335925 106 * free() function pointer at runtime.
MACRUM 0:119624335925 107 *
MACRUM 0:119624335925 108 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
MACRUM 0:119624335925 109 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
MACRUM 0:119624335925 110 * alternate function at compile time.
MACRUM 0:119624335925 111 *
MACRUM 0:119624335925 112 * Requires: MBEDTLS_PLATFORM_C
MACRUM 0:119624335925 113 *
MACRUM 0:119624335925 114 * Enable this layer to allow use of alternative memory allocators.
MACRUM 0:119624335925 115 */
MACRUM 0:119624335925 116 //#define MBEDTLS_PLATFORM_MEMORY
MACRUM 0:119624335925 117
MACRUM 0:119624335925 118 /**
MACRUM 0:119624335925 119 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
MACRUM 0:119624335925 120 *
MACRUM 0:119624335925 121 * Do not assign standard functions in the platform layer (e.g. calloc() to
MACRUM 0:119624335925 122 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
MACRUM 0:119624335925 123 *
MACRUM 0:119624335925 124 * This makes sure there are no linking errors on platforms that do not support
MACRUM 0:119624335925 125 * these functions. You will HAVE to provide alternatives, either at runtime
MACRUM 0:119624335925 126 * via the platform_set_xxx() functions or at compile time by setting
MACRUM 0:119624335925 127 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
MACRUM 0:119624335925 128 * MBEDTLS_PLATFORM_XXX_MACRO.
MACRUM 0:119624335925 129 *
MACRUM 0:119624335925 130 * Requires: MBEDTLS_PLATFORM_C
MACRUM 0:119624335925 131 *
MACRUM 0:119624335925 132 * Uncomment to prevent default assignment of standard functions in the
MACRUM 0:119624335925 133 * platform layer.
MACRUM 0:119624335925 134 */
MACRUM 0:119624335925 135 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
MACRUM 0:119624335925 136
MACRUM 0:119624335925 137 /**
MACRUM 0:119624335925 138 * \def MBEDTLS_PLATFORM_EXIT_ALT
MACRUM 0:119624335925 139 *
MACRUM 0:119624335925 140 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
MACRUM 0:119624335925 141 * function in the platform abstraction layer.
MACRUM 0:119624335925 142 *
MACRUM 0:119624335925 143 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
MACRUM 0:119624335925 144 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
MACRUM 0:119624335925 145 * alternative printf function pointer.
MACRUM 0:119624335925 146 *
MACRUM 0:119624335925 147 * All these define require MBEDTLS_PLATFORM_C to be defined!
MACRUM 0:119624335925 148 *
MACRUM 0:119624335925 149 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
MACRUM 0:119624335925 150 * it will be enabled automatically by check_config.h
MACRUM 0:119624335925 151 *
MACRUM 0:119624335925 152 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
MACRUM 0:119624335925 153 * MBEDTLS_PLATFORM_XXX_MACRO!
MACRUM 0:119624335925 154 *
MACRUM 0:119624335925 155 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
MACRUM 0:119624335925 156 *
MACRUM 0:119624335925 157 * Uncomment a macro to enable alternate implementation of specific base
MACRUM 0:119624335925 158 * platform function
MACRUM 0:119624335925 159 */
MACRUM 0:119624335925 160 //#define MBEDTLS_PLATFORM_EXIT_ALT
MACRUM 0:119624335925 161 //#define MBEDTLS_PLATFORM_TIME_ALT
MACRUM 0:119624335925 162 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
MACRUM 0:119624335925 163 //#define MBEDTLS_PLATFORM_PRINTF_ALT
MACRUM 0:119624335925 164 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
MACRUM 0:119624335925 165 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
MACRUM 0:119624335925 166
MACRUM 0:119624335925 167 /**
MACRUM 0:119624335925 168 * \def MBEDTLS_DEPRECATED_WARNING
MACRUM 0:119624335925 169 *
MACRUM 0:119624335925 170 * Mark deprecated functions so that they generate a warning if used.
MACRUM 0:119624335925 171 * Functions deprecated in one version will usually be removed in the next
MACRUM 0:119624335925 172 * version. You can enable this to help you prepare the transition to a new
MACRUM 0:119624335925 173 * major version by making sure your code is not using these functions.
MACRUM 0:119624335925 174 *
MACRUM 0:119624335925 175 * This only works with GCC and Clang. With other compilers, you may want to
MACRUM 0:119624335925 176 * use MBEDTLS_DEPRECATED_REMOVED
MACRUM 0:119624335925 177 *
MACRUM 0:119624335925 178 * Uncomment to get warnings on using deprecated functions.
MACRUM 0:119624335925 179 */
MACRUM 0:119624335925 180 //#define MBEDTLS_DEPRECATED_WARNING
MACRUM 0:119624335925 181
MACRUM 0:119624335925 182 /**
MACRUM 0:119624335925 183 * \def MBEDTLS_DEPRECATED_REMOVED
MACRUM 0:119624335925 184 *
MACRUM 0:119624335925 185 * Remove deprecated functions so that they generate an error if used.
MACRUM 0:119624335925 186 * Functions deprecated in one version will usually be removed in the next
MACRUM 0:119624335925 187 * version. You can enable this to help you prepare the transition to a new
MACRUM 0:119624335925 188 * major version by making sure your code is not using these functions.
MACRUM 0:119624335925 189 *
MACRUM 0:119624335925 190 * Uncomment to get errors on using deprecated functions.
MACRUM 0:119624335925 191 */
MACRUM 0:119624335925 192 //#define MBEDTLS_DEPRECATED_REMOVED
MACRUM 0:119624335925 193
MACRUM 0:119624335925 194 /* \} name SECTION: System support */
MACRUM 0:119624335925 195
MACRUM 0:119624335925 196 /**
MACRUM 0:119624335925 197 * \name SECTION: mbed TLS feature support
MACRUM 0:119624335925 198 *
MACRUM 0:119624335925 199 * This section sets support for features that are or are not needed
MACRUM 0:119624335925 200 * within the modules that are enabled.
MACRUM 0:119624335925 201 * \{
MACRUM 0:119624335925 202 */
MACRUM 0:119624335925 203
MACRUM 0:119624335925 204 /**
MACRUM 0:119624335925 205 * \def MBEDTLS_TIMING_ALT
MACRUM 0:119624335925 206 *
MACRUM 0:119624335925 207 * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
MACRUM 0:119624335925 208 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
MACRUM 0:119624335925 209 *
MACRUM 0:119624335925 210 * Only works if you have MBEDTLS_TIMING_C enabled.
MACRUM 0:119624335925 211 *
MACRUM 0:119624335925 212 * You will need to provide a header "timing_alt.h" and an implementation at
MACRUM 0:119624335925 213 * compile time.
MACRUM 0:119624335925 214 */
MACRUM 0:119624335925 215 //#define MBEDTLS_TIMING_ALT
MACRUM 0:119624335925 216
MACRUM 0:119624335925 217 /**
MACRUM 0:119624335925 218 * \def MBEDTLS_AES_ALT
MACRUM 0:119624335925 219 *
MACRUM 0:119624335925 220 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
MACRUM 0:119624335925 221 * alternate core implementation of a symmetric crypto, an arithmetic or hash
MACRUM 0:119624335925 222 * module (e.g. platform specific assembly optimized implementations). Keep
MACRUM 0:119624335925 223 * in mind that the function prototypes should remain the same.
MACRUM 0:119624335925 224 *
MACRUM 0:119624335925 225 * This replaces the whole module. If you only want to replace one of the
MACRUM 0:119624335925 226 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
MACRUM 0:119624335925 227 *
MACRUM 0:119624335925 228 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
MACRUM 0:119624335925 229 * provide the "struct mbedtls_aes_context" definition and omit the base
MACRUM 0:119624335925 230 * function declarations and implementations. "aes_alt.h" will be included from
MACRUM 0:119624335925 231 * "aes.h" to include the new function definitions.
MACRUM 0:119624335925 232 *
MACRUM 0:119624335925 233 * Uncomment a macro to enable alternate implementation of the corresponding
MACRUM 0:119624335925 234 * module.
MACRUM 0:119624335925 235 */
MACRUM 0:119624335925 236 //#define MBEDTLS_AES_ALT
MACRUM 0:119624335925 237 //#define MBEDTLS_ARC4_ALT
MACRUM 0:119624335925 238 //#define MBEDTLS_BLOWFISH_ALT
MACRUM 0:119624335925 239 //#define MBEDTLS_CAMELLIA_ALT
MACRUM 0:119624335925 240 //#define MBEDTLS_DES_ALT
MACRUM 0:119624335925 241 //#define MBEDTLS_XTEA_ALT
MACRUM 0:119624335925 242 //#define MBEDTLS_MD2_ALT
MACRUM 0:119624335925 243 //#define MBEDTLS_MD4_ALT
MACRUM 0:119624335925 244 //#define MBEDTLS_MD5_ALT
MACRUM 0:119624335925 245 //#define MBEDTLS_RIPEMD160_ALT
MACRUM 0:119624335925 246 //#define MBEDTLS_SHA1_ALT
MACRUM 0:119624335925 247 //#define MBEDTLS_SHA256_ALT
MACRUM 0:119624335925 248 //#define MBEDTLS_SHA512_ALT
MACRUM 0:119624335925 249 /*
MACRUM 0:119624335925 250 * When replacing the elliptic curve module, pleace consider, that it is
MACRUM 0:119624335925 251 * implemented with two .c files:
MACRUM 0:119624335925 252 * - ecp.c
MACRUM 0:119624335925 253 * - ecp_curves.c
MACRUM 0:119624335925 254 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
MACRUM 0:119624335925 255 * macros as described above. The only difference is that you have to make sure
MACRUM 0:119624335925 256 * that you provide functionality for both .c files.
MACRUM 0:119624335925 257 */
MACRUM 0:119624335925 258 //#define MBEDTLS_ECP_ALT
MACRUM 0:119624335925 259
MACRUM 0:119624335925 260 /**
MACRUM 0:119624335925 261 * \def MBEDTLS_MD2_PROCESS_ALT
MACRUM 0:119624335925 262 *
MACRUM 0:119624335925 263 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
MACRUM 0:119624335925 264 * alternate core implementation of symmetric crypto or hash function. Keep in
MACRUM 0:119624335925 265 * mind that function prototypes should remain the same.
MACRUM 0:119624335925 266 *
MACRUM 0:119624335925 267 * This replaces only one function. The header file from mbed TLS is still
MACRUM 0:119624335925 268 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
MACRUM 0:119624335925 269 *
MACRUM 0:119624335925 270 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
MACRUM 0:119624335925 271 * no longer provide the mbedtls_sha1_process() function, but it will still provide
MACRUM 0:119624335925 272 * the other function (using your mbedtls_sha1_process() function) and the definition
MACRUM 0:119624335925 273 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
MACRUM 0:119624335925 274 * with this definition.
MACRUM 0:119624335925 275 *
MACRUM 0:119624335925 276 * Note: if you use the AES_xxx_ALT macros, then is is recommended to also set
MACRUM 0:119624335925 277 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
MACRUM 0:119624335925 278 * tables.
MACRUM 0:119624335925 279 *
MACRUM 0:119624335925 280 * Uncomment a macro to enable alternate implementation of the corresponding
MACRUM 0:119624335925 281 * function.
MACRUM 0:119624335925 282 */
MACRUM 0:119624335925 283 //#define MBEDTLS_MD2_PROCESS_ALT
MACRUM 0:119624335925 284 //#define MBEDTLS_MD4_PROCESS_ALT
MACRUM 0:119624335925 285 //#define MBEDTLS_MD5_PROCESS_ALT
MACRUM 0:119624335925 286 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
MACRUM 0:119624335925 287 //#define MBEDTLS_SHA1_PROCESS_ALT
MACRUM 0:119624335925 288 //#define MBEDTLS_SHA256_PROCESS_ALT
MACRUM 0:119624335925 289 //#define MBEDTLS_SHA512_PROCESS_ALT
MACRUM 0:119624335925 290 //#define MBEDTLS_DES_SETKEY_ALT
MACRUM 0:119624335925 291 //#define MBEDTLS_DES_CRYPT_ECB_ALT
MACRUM 0:119624335925 292 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
MACRUM 0:119624335925 293 //#define MBEDTLS_AES_SETKEY_ENC_ALT
MACRUM 0:119624335925 294 //#define MBEDTLS_AES_SETKEY_DEC_ALT
MACRUM 0:119624335925 295 //#define MBEDTLS_AES_ENCRYPT_ALT
MACRUM 0:119624335925 296 //#define MBEDTLS_AES_DECRYPT_ALT
MACRUM 0:119624335925 297
MACRUM 0:119624335925 298 /**
MACRUM 0:119624335925 299 * \def MBEDTLS_ECP_INTERNAL_ALT
MACRUM 0:119624335925 300 *
MACRUM 0:119624335925 301 * Expose a part of the internal interface of the Elliptic Curve Point module.
MACRUM 0:119624335925 302 *
MACRUM 0:119624335925 303 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
MACRUM 0:119624335925 304 * alternative core implementation of elliptic curve arithmetic. Keep in mind
MACRUM 0:119624335925 305 * that function prototypes should remain the same.
MACRUM 0:119624335925 306 *
MACRUM 0:119624335925 307 * This partially replaces one function. The header file from mbed TLS is still
MACRUM 0:119624335925 308 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
MACRUM 0:119624335925 309 * is still present and it is used for group structures not supported by the
MACRUM 0:119624335925 310 * alternative.
MACRUM 0:119624335925 311 *
MACRUM 0:119624335925 312 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
MACRUM 0:119624335925 313 * and implementing the following functions:
MACRUM 0:119624335925 314 * unsigned char mbedtls_internal_ecp_grp_capable(
MACRUM 0:119624335925 315 * const mbedtls_ecp_group *grp )
MACRUM 0:119624335925 316 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
MACRUM 0:119624335925 317 * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
MACRUM 0:119624335925 318 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
MACRUM 0:119624335925 319 * replacement functions implement arithmetic for the given group and 0
MACRUM 0:119624335925 320 * otherwise.
MACRUM 0:119624335925 321 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
MACRUM 0:119624335925 322 * called before and after each point operation and provide an opportunity to
MACRUM 0:119624335925 323 * implement optimized set up and tear down instructions.
MACRUM 0:119624335925 324 *
MACRUM 0:119624335925 325 * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
MACRUM 0:119624335925 326 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
MACRUM 0:119624335925 327 * function, but will use your mbedtls_internal_ecp_double_jac if the group is
MACRUM 0:119624335925 328 * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
MACRUM 0:119624335925 329 * receives it as an argument). If the group is not supported then the original
MACRUM 0:119624335925 330 * implementation is used. The other functions and the definition of
MACRUM 0:119624335925 331 * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
MACRUM 0:119624335925 332 * implementation of mbedtls_internal_ecp_double_jac and
MACRUM 0:119624335925 333 * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
MACRUM 0:119624335925 334 *
MACRUM 0:119624335925 335 * Uncomment a macro to enable alternate implementation of the corresponding
MACRUM 0:119624335925 336 * function.
MACRUM 0:119624335925 337 */
MACRUM 0:119624335925 338 /* Required for all the functions in this section */
MACRUM 0:119624335925 339 //#define MBEDTLS_ECP_INTERNAL_ALT
MACRUM 0:119624335925 340 /* Support for Weierstrass curves with Jacobi representation */
MACRUM 0:119624335925 341 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
MACRUM 0:119624335925 342 //#define MBEDTLS_ECP_ADD_MIXED_ALT
MACRUM 0:119624335925 343 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
MACRUM 0:119624335925 344 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
MACRUM 0:119624335925 345 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
MACRUM 0:119624335925 346 /* Support for curves with Montgomery arithmetic */
MACRUM 0:119624335925 347 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
MACRUM 0:119624335925 348 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
MACRUM 0:119624335925 349 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
MACRUM 0:119624335925 350
MACRUM 0:119624335925 351 /**
MACRUM 0:119624335925 352 * \def MBEDTLS_TEST_NULL_ENTROPY
MACRUM 0:119624335925 353 *
MACRUM 0:119624335925 354 * Enables testing and use of mbed TLS without any configured entropy sources.
MACRUM 0:119624335925 355 * This permits use of the library on platforms before an entropy source has
MACRUM 0:119624335925 356 * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
MACRUM 0:119624335925 357 * MBEDTLS_ENTROPY_NV_SEED switches).
MACRUM 0:119624335925 358 *
MACRUM 0:119624335925 359 * WARNING! This switch MUST be disabled in production builds, and is suitable
MACRUM 0:119624335925 360 * only for development.
MACRUM 0:119624335925 361 * Enabling the switch negates any security provided by the library.
MACRUM 0:119624335925 362 *
MACRUM 0:119624335925 363 * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
MACRUM 0:119624335925 364 *
MACRUM 0:119624335925 365 */
MACRUM 0:119624335925 366 //#define MBEDTLS_TEST_NULL_ENTROPY
MACRUM 0:119624335925 367
MACRUM 0:119624335925 368 /**
MACRUM 0:119624335925 369 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
MACRUM 0:119624335925 370 *
MACRUM 0:119624335925 371 * Uncomment this macro to let mbed TLS use your own implementation of a
MACRUM 0:119624335925 372 * hardware entropy collector.
MACRUM 0:119624335925 373 *
MACRUM 0:119624335925 374 * Your function must be called \c mbedtls_hardware_poll(), have the same
MACRUM 0:119624335925 375 * prototype as declared in entropy_poll.h, and accept NULL as first argument.
MACRUM 0:119624335925 376 *
MACRUM 0:119624335925 377 * Uncomment to use your own hardware entropy collector.
MACRUM 0:119624335925 378 */
MACRUM 0:119624335925 379 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
MACRUM 0:119624335925 380
MACRUM 0:119624335925 381 /**
MACRUM 0:119624335925 382 * \def MBEDTLS_AES_ROM_TABLES
MACRUM 0:119624335925 383 *
MACRUM 0:119624335925 384 * Store the AES tables in ROM.
MACRUM 0:119624335925 385 *
MACRUM 0:119624335925 386 * Uncomment this macro to store the AES tables in ROM.
MACRUM 0:119624335925 387 */
MACRUM 0:119624335925 388 //#define MBEDTLS_AES_ROM_TABLES
MACRUM 0:119624335925 389
MACRUM 0:119624335925 390 /**
MACRUM 0:119624335925 391 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
MACRUM 0:119624335925 392 *
MACRUM 0:119624335925 393 * Use less ROM for the Camellia implementation (saves about 768 bytes).
MACRUM 0:119624335925 394 *
MACRUM 0:119624335925 395 * Uncomment this macro to use less memory for Camellia.
MACRUM 0:119624335925 396 */
MACRUM 0:119624335925 397 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
MACRUM 0:119624335925 398
MACRUM 0:119624335925 399 /**
MACRUM 0:119624335925 400 * \def MBEDTLS_CIPHER_MODE_CBC
MACRUM 0:119624335925 401 *
MACRUM 0:119624335925 402 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
MACRUM 0:119624335925 403 */
MACRUM 0:119624335925 404 #define MBEDTLS_CIPHER_MODE_CBC
MACRUM 0:119624335925 405
MACRUM 0:119624335925 406 /**
MACRUM 0:119624335925 407 * \def MBEDTLS_CIPHER_MODE_CFB
MACRUM 0:119624335925 408 *
MACRUM 0:119624335925 409 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
MACRUM 0:119624335925 410 */
MACRUM 0:119624335925 411 //#define MBEDTLS_CIPHER_MODE_CFB
MACRUM 0:119624335925 412
MACRUM 0:119624335925 413 /**
MACRUM 0:119624335925 414 * \def MBEDTLS_CIPHER_MODE_CTR
MACRUM 0:119624335925 415 *
MACRUM 0:119624335925 416 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
MACRUM 0:119624335925 417 */
MACRUM 0:119624335925 418 #define MBEDTLS_CIPHER_MODE_CTR
MACRUM 0:119624335925 419
MACRUM 0:119624335925 420 /**
MACRUM 0:119624335925 421 * \def MBEDTLS_CIPHER_NULL_CIPHER
MACRUM 0:119624335925 422 *
MACRUM 0:119624335925 423 * Enable NULL cipher.
MACRUM 0:119624335925 424 * Warning: Only do so when you know what you are doing. This allows for
MACRUM 0:119624335925 425 * encryption or channels without any security!
MACRUM 0:119624335925 426 *
MACRUM 0:119624335925 427 * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
MACRUM 0:119624335925 428 * the following ciphersuites:
MACRUM 0:119624335925 429 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
MACRUM 0:119624335925 430 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
MACRUM 0:119624335925 431 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
MACRUM 0:119624335925 432 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
MACRUM 0:119624335925 433 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
MACRUM 0:119624335925 434 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
MACRUM 0:119624335925 435 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
MACRUM 0:119624335925 436 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
MACRUM 0:119624335925 437 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
MACRUM 0:119624335925 438 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
MACRUM 0:119624335925 439 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
MACRUM 0:119624335925 440 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
MACRUM 0:119624335925 441 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
MACRUM 0:119624335925 442 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
MACRUM 0:119624335925 443 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
MACRUM 0:119624335925 444 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
MACRUM 0:119624335925 445 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
MACRUM 0:119624335925 446 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
MACRUM 0:119624335925 447 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
MACRUM 0:119624335925 448 *
MACRUM 0:119624335925 449 * Uncomment this macro to enable the NULL cipher and ciphersuites
MACRUM 0:119624335925 450 */
MACRUM 0:119624335925 451 //#define MBEDTLS_CIPHER_NULL_CIPHER
MACRUM 0:119624335925 452
MACRUM 0:119624335925 453 /**
MACRUM 0:119624335925 454 * \def MBEDTLS_CIPHER_PADDING_PKCS7
MACRUM 0:119624335925 455 *
MACRUM 0:119624335925 456 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
MACRUM 0:119624335925 457 * specific padding modes in the cipher layer with cipher modes that support
MACRUM 0:119624335925 458 * padding (e.g. CBC)
MACRUM 0:119624335925 459 *
MACRUM 0:119624335925 460 * If you disable all padding modes, only full blocks can be used with CBC.
MACRUM 0:119624335925 461 *
MACRUM 0:119624335925 462 * Enable padding modes in the cipher layer.
MACRUM 0:119624335925 463 */
MACRUM 0:119624335925 464 #define MBEDTLS_CIPHER_PADDING_PKCS7
MACRUM 0:119624335925 465 //#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
MACRUM 0:119624335925 466 //#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
MACRUM 0:119624335925 467 //#define MBEDTLS_CIPHER_PADDING_ZEROS
MACRUM 0:119624335925 468
MACRUM 0:119624335925 469 /**
MACRUM 0:119624335925 470 * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
MACRUM 0:119624335925 471 *
MACRUM 0:119624335925 472 * Enable weak ciphersuites in SSL / TLS.
MACRUM 0:119624335925 473 * Warning: Only do so when you know what you are doing. This allows for
MACRUM 0:119624335925 474 * channels with virtually no security at all!
MACRUM 0:119624335925 475 *
MACRUM 0:119624335925 476 * This enables the following ciphersuites:
MACRUM 0:119624335925 477 * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
MACRUM 0:119624335925 478 * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
MACRUM 0:119624335925 479 *
MACRUM 0:119624335925 480 * Uncomment this macro to enable weak ciphersuites
MACRUM 0:119624335925 481 */
MACRUM 0:119624335925 482 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
MACRUM 0:119624335925 483
MACRUM 0:119624335925 484 /**
MACRUM 0:119624335925 485 * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
MACRUM 0:119624335925 486 *
MACRUM 0:119624335925 487 * Remove RC4 ciphersuites by default in SSL / TLS.
MACRUM 0:119624335925 488 * This flag removes the ciphersuites based on RC4 from the default list as
MACRUM 0:119624335925 489 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
MACRUM 0:119624335925 490 * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
MACRUM 0:119624335925 491 * explicitly.
MACRUM 0:119624335925 492 *
MACRUM 0:119624335925 493 * Uncomment this macro to remove RC4 ciphersuites by default.
MACRUM 0:119624335925 494 */
MACRUM 0:119624335925 495 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
MACRUM 0:119624335925 496
MACRUM 0:119624335925 497 /**
MACRUM 0:119624335925 498 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
MACRUM 0:119624335925 499 *
MACRUM 0:119624335925 500 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
MACRUM 0:119624335925 501 * module. By default all supported curves are enabled.
MACRUM 0:119624335925 502 *
MACRUM 0:119624335925 503 * Comment macros to disable the curve and functions for it
MACRUM 0:119624335925 504 */
MACRUM 0:119624335925 505 //#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
MACRUM 0:119624335925 506 //#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
MACRUM 0:119624335925 507 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
MACRUM 0:119624335925 508 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
MACRUM 0:119624335925 509 //#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
MACRUM 0:119624335925 510 //#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
MACRUM 0:119624335925 511 //#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
MACRUM 0:119624335925 512 //#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
MACRUM 0:119624335925 513 //#define MBEDTLS_ECP_DP_BP256R1_ENABLED
MACRUM 0:119624335925 514 //#define MBEDTLS_ECP_DP_BP384R1_ENABLED
MACRUM 0:119624335925 515 //#define MBEDTLS_ECP_DP_BP512R1_ENABLED
MACRUM 0:119624335925 516 //#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
MACRUM 0:119624335925 517
MACRUM 0:119624335925 518 /**
MACRUM 0:119624335925 519 * \def MBEDTLS_ECP_NIST_OPTIM
MACRUM 0:119624335925 520 *
MACRUM 0:119624335925 521 * Enable specific 'modulo p' routines for each NIST prime.
MACRUM 0:119624335925 522 * Depending on the prime and architecture, makes operations 4 to 8 times
MACRUM 0:119624335925 523 * faster on the corresponding curve.
MACRUM 0:119624335925 524 *
MACRUM 0:119624335925 525 * Comment this macro to disable NIST curves optimisation.
MACRUM 0:119624335925 526 */
MACRUM 0:119624335925 527 #define MBEDTLS_ECP_NIST_OPTIM
MACRUM 0:119624335925 528
MACRUM 0:119624335925 529 /**
MACRUM 0:119624335925 530 * \def MBEDTLS_ECDSA_DETERMINISTIC
MACRUM 0:119624335925 531 *
MACRUM 0:119624335925 532 * Enable deterministic ECDSA (RFC 6979).
MACRUM 0:119624335925 533 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
MACRUM 0:119624335925 534 * may result in a compromise of the long-term signing key. This is avoided by
MACRUM 0:119624335925 535 * the deterministic variant.
MACRUM 0:119624335925 536 *
MACRUM 0:119624335925 537 * Requires: MBEDTLS_HMAC_DRBG_C
MACRUM 0:119624335925 538 *
MACRUM 0:119624335925 539 * Comment this macro to disable deterministic ECDSA.
MACRUM 0:119624335925 540 */
MACRUM 0:119624335925 541 #define MBEDTLS_ECDSA_DETERMINISTIC
MACRUM 0:119624335925 542
MACRUM 0:119624335925 543 /**
MACRUM 0:119624335925 544 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
MACRUM 0:119624335925 545 *
MACRUM 0:119624335925 546 * Enable the PSK based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 547 *
MACRUM 0:119624335925 548 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 549 * enabled as well):
MACRUM 0:119624335925 550 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 551 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 552 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 553 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 554 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 555 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 556 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 557 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 558 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 559 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 560 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 561 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 562 */
MACRUM 0:119624335925 563 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
MACRUM 0:119624335925 564
MACRUM 0:119624335925 565 /**
MACRUM 0:119624335925 566 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
MACRUM 0:119624335925 567 *
MACRUM 0:119624335925 568 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 569 *
MACRUM 0:119624335925 570 * Requires: MBEDTLS_DHM_C
MACRUM 0:119624335925 571 *
MACRUM 0:119624335925 572 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 573 * enabled as well):
MACRUM 0:119624335925 574 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 575 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 576 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 577 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 578 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 579 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 580 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 581 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 582 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 583 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 584 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 585 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 586 */
MACRUM 0:119624335925 587 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
MACRUM 0:119624335925 588
MACRUM 0:119624335925 589 /**
MACRUM 0:119624335925 590 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
MACRUM 0:119624335925 591 *
MACRUM 0:119624335925 592 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 593 *
MACRUM 0:119624335925 594 * Requires: MBEDTLS_ECDH_C
MACRUM 0:119624335925 595 *
MACRUM 0:119624335925 596 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 597 * enabled as well):
MACRUM 0:119624335925 598 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 599 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 600 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 601 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 602 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 603 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 604 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 605 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 606 */
MACRUM 0:119624335925 607 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
MACRUM 0:119624335925 608
MACRUM 0:119624335925 609 /**
MACRUM 0:119624335925 610 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
MACRUM 0:119624335925 611 *
MACRUM 0:119624335925 612 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 613 *
MACRUM 0:119624335925 614 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
MACRUM 0:119624335925 615 * MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 616 *
MACRUM 0:119624335925 617 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 618 * enabled as well):
MACRUM 0:119624335925 619 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 620 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 621 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 622 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 623 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 624 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 625 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 626 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 627 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 628 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 629 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 630 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 631 */
MACRUM 0:119624335925 632 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
MACRUM 0:119624335925 633
MACRUM 0:119624335925 634 /**
MACRUM 0:119624335925 635 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
MACRUM 0:119624335925 636 *
MACRUM 0:119624335925 637 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 638 *
MACRUM 0:119624335925 639 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
MACRUM 0:119624335925 640 * MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 641 *
MACRUM 0:119624335925 642 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 643 * enabled as well):
MACRUM 0:119624335925 644 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 645 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
MACRUM 0:119624335925 646 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 647 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 648 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
MACRUM 0:119624335925 649 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
MACRUM 0:119624335925 650 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 651 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 652 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 653 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 654 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 655 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
MACRUM 0:119624335925 656 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 657 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 658 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
MACRUM 0:119624335925 659 */
MACRUM 0:119624335925 660 //#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
MACRUM 0:119624335925 661
MACRUM 0:119624335925 662 /**
MACRUM 0:119624335925 663 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
MACRUM 0:119624335925 664 *
MACRUM 0:119624335925 665 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 666 *
MACRUM 0:119624335925 667 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
MACRUM 0:119624335925 668 * MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 669 *
MACRUM 0:119624335925 670 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 671 * enabled as well):
MACRUM 0:119624335925 672 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 673 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
MACRUM 0:119624335925 674 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 675 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 676 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
MACRUM 0:119624335925 677 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
MACRUM 0:119624335925 678 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 679 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 680 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 681 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 682 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 683 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
MACRUM 0:119624335925 684 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 685 */
MACRUM 0:119624335925 686 //#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
MACRUM 0:119624335925 687
MACRUM 0:119624335925 688 /**
MACRUM 0:119624335925 689 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
MACRUM 0:119624335925 690 *
MACRUM 0:119624335925 691 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 692 *
MACRUM 0:119624335925 693 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
MACRUM 0:119624335925 694 * MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 695 *
MACRUM 0:119624335925 696 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 697 * enabled as well):
MACRUM 0:119624335925 698 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 699 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 700 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 701 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 702 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 703 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 704 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 705 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 706 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 707 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 708 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 709 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 710 */
MACRUM 0:119624335925 711 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
MACRUM 0:119624335925 712
MACRUM 0:119624335925 713 /**
MACRUM 0:119624335925 714 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
MACRUM 0:119624335925 715 *
MACRUM 0:119624335925 716 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 717 *
MACRUM 0:119624335925 718 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
MACRUM 0:119624335925 719 *
MACRUM 0:119624335925 720 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 721 * enabled as well):
MACRUM 0:119624335925 722 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 723 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 724 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 725 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 726 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 727 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 728 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 729 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 730 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 731 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 732 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 733 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 734 */
MACRUM 0:119624335925 735 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
MACRUM 0:119624335925 736
MACRUM 0:119624335925 737 /**
MACRUM 0:119624335925 738 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
MACRUM 0:119624335925 739 *
MACRUM 0:119624335925 740 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 741 *
MACRUM 0:119624335925 742 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 743 *
MACRUM 0:119624335925 744 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 745 * enabled as well):
MACRUM 0:119624335925 746 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 747 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 748 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 749 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 750 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 751 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 752 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 753 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 754 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 755 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 756 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 757 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 758 */
MACRUM 0:119624335925 759 //#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
MACRUM 0:119624335925 760
MACRUM 0:119624335925 761 /**
MACRUM 0:119624335925 762 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
MACRUM 0:119624335925 763 *
MACRUM 0:119624335925 764 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 765 *
MACRUM 0:119624335925 766 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 767 *
MACRUM 0:119624335925 768 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 769 * enabled as well):
MACRUM 0:119624335925 770 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 771 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 772 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 773 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 774 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 775 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 776 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 777 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 778 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 779 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 780 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 781 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 782 */
MACRUM 0:119624335925 783 //#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
MACRUM 0:119624335925 784
MACRUM 0:119624335925 785 /**
MACRUM 0:119624335925 786 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
MACRUM 0:119624335925 787 *
MACRUM 0:119624335925 788 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
MACRUM 0:119624335925 789 *
MACRUM 0:119624335925 790 * \warning This is currently experimental. EC J-PAKE support is based on the
MACRUM 0:119624335925 791 * Thread v1.0.0 specification; incompatible changes to the specification
MACRUM 0:119624335925 792 * might still happen. For this reason, this is disabled by default.
MACRUM 0:119624335925 793 *
MACRUM 0:119624335925 794 * Requires: MBEDTLS_ECJPAKE_C
MACRUM 0:119624335925 795 * MBEDTLS_SHA256_C
MACRUM 0:119624335925 796 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
MACRUM 0:119624335925 797 *
MACRUM 0:119624335925 798 * This enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 799 * enabled as well):
MACRUM 0:119624335925 800 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
MACRUM 0:119624335925 801 */
MACRUM 0:119624335925 802 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
MACRUM 0:119624335925 803
MACRUM 0:119624335925 804 /**
MACRUM 0:119624335925 805 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
MACRUM 0:119624335925 806 *
MACRUM 0:119624335925 807 * Enhance support for reading EC keys using variants of SEC1 not allowed by
MACRUM 0:119624335925 808 * RFC 5915 and RFC 5480.
MACRUM 0:119624335925 809 *
MACRUM 0:119624335925 810 * Currently this means parsing the SpecifiedECDomain choice of EC
MACRUM 0:119624335925 811 * parameters (only known groups are supported, not arbitrary domains, to
MACRUM 0:119624335925 812 * avoid validation issues).
MACRUM 0:119624335925 813 *
MACRUM 0:119624335925 814 * Disable if you only need to support RFC 5915 + 5480 key formats.
MACRUM 0:119624335925 815 */
MACRUM 0:119624335925 816 //#define MBEDTLS_PK_PARSE_EC_EXTENDED
MACRUM 0:119624335925 817
MACRUM 0:119624335925 818 /**
MACRUM 0:119624335925 819 * \def MBEDTLS_ERROR_STRERROR_DUMMY
MACRUM 0:119624335925 820 *
MACRUM 0:119624335925 821 * Enable a dummy error function to make use of mbedtls_strerror() in
MACRUM 0:119624335925 822 * third party libraries easier when MBEDTLS_ERROR_C is disabled
MACRUM 0:119624335925 823 * (no effect when MBEDTLS_ERROR_C is enabled).
MACRUM 0:119624335925 824 *
MACRUM 0:119624335925 825 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
MACRUM 0:119624335925 826 * not using mbedtls_strerror() or error_strerror() in your application.
MACRUM 0:119624335925 827 *
MACRUM 0:119624335925 828 * Disable if you run into name conflicts and want to really remove the
MACRUM 0:119624335925 829 * mbedtls_strerror()
MACRUM 0:119624335925 830 */
MACRUM 0:119624335925 831 //#define MBEDTLS_ERROR_STRERROR_DUMMY
MACRUM 0:119624335925 832
MACRUM 0:119624335925 833 /**
MACRUM 0:119624335925 834 * \def MBEDTLS_GENPRIME
MACRUM 0:119624335925 835 *
MACRUM 0:119624335925 836 * Enable the prime-number generation code.
MACRUM 0:119624335925 837 *
MACRUM 0:119624335925 838 * Requires: MBEDTLS_BIGNUM_C
MACRUM 0:119624335925 839 */
MACRUM 0:119624335925 840 //#define MBEDTLS_GENPRIME
MACRUM 0:119624335925 841
MACRUM 0:119624335925 842 /**
MACRUM 0:119624335925 843 * \def MBEDTLS_FS_IO
MACRUM 0:119624335925 844 *
MACRUM 0:119624335925 845 * Enable functions that use the filesystem.
MACRUM 0:119624335925 846 */
MACRUM 0:119624335925 847 //#define MBEDTLS_FS_IO
MACRUM 0:119624335925 848
MACRUM 0:119624335925 849 /**
MACRUM 0:119624335925 850 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
MACRUM 0:119624335925 851 *
MACRUM 0:119624335925 852 * Do not add default entropy sources. These are the platform specific,
MACRUM 0:119624335925 853 * mbedtls_timing_hardclock and HAVEGE based poll functions.
MACRUM 0:119624335925 854 *
MACRUM 0:119624335925 855 * This is useful to have more control over the added entropy sources in an
MACRUM 0:119624335925 856 * application.
MACRUM 0:119624335925 857 *
MACRUM 0:119624335925 858 * Uncomment this macro to prevent loading of default entropy functions.
MACRUM 0:119624335925 859 */
MACRUM 0:119624335925 860 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
MACRUM 0:119624335925 861
MACRUM 0:119624335925 862 /**
MACRUM 0:119624335925 863 * \def MBEDTLS_NO_PLATFORM_ENTROPY
MACRUM 0:119624335925 864 *
MACRUM 0:119624335925 865 * Do not use built-in platform entropy functions.
MACRUM 0:119624335925 866 * This is useful if your platform does not support
MACRUM 0:119624335925 867 * standards like the /dev/urandom or Windows CryptoAPI.
MACRUM 0:119624335925 868 *
MACRUM 0:119624335925 869 * Uncomment this macro to disable the built-in platform entropy functions.
MACRUM 0:119624335925 870 */
MACRUM 0:119624335925 871 //#define MBEDTLS_NO_PLATFORM_ENTROPY
MACRUM 0:119624335925 872
MACRUM 0:119624335925 873 /**
MACRUM 0:119624335925 874 * \def MBEDTLS_ENTROPY_FORCE_SHA256
MACRUM 0:119624335925 875 *
MACRUM 0:119624335925 876 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
MACRUM 0:119624335925 877 * default SHA-512 based one (if both are available).
MACRUM 0:119624335925 878 *
MACRUM 0:119624335925 879 * Requires: MBEDTLS_SHA256_C
MACRUM 0:119624335925 880 *
MACRUM 0:119624335925 881 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
MACRUM 0:119624335925 882 * if you have performance concerns.
MACRUM 0:119624335925 883 *
MACRUM 0:119624335925 884 * This option is only useful if both MBEDTLS_SHA256_C and
MACRUM 0:119624335925 885 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
MACRUM 0:119624335925 886 */
MACRUM 0:119624335925 887 //#define MBEDTLS_ENTROPY_FORCE_SHA256
MACRUM 0:119624335925 888
MACRUM 0:119624335925 889 /**
MACRUM 0:119624335925 890 * \def MBEDTLS_ENTROPY_NV_SEED
MACRUM 0:119624335925 891 *
MACRUM 0:119624335925 892 * Enable the non-volatile (NV) seed file-based entropy source.
MACRUM 0:119624335925 893 * (Also enables the NV seed read/write functions in the platform layer)
MACRUM 0:119624335925 894 *
MACRUM 0:119624335925 895 * This is crucial (if not required) on systems that do not have a
MACRUM 0:119624335925 896 * cryptographic entropy source (in hardware or kernel) available.
MACRUM 0:119624335925 897 *
MACRUM 0:119624335925 898 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
MACRUM 0:119624335925 899 *
MACRUM 0:119624335925 900 * \note The read/write functions that are used by the entropy source are
MACRUM 0:119624335925 901 * determined in the platform layer, and can be modified at runtime and/or
MACRUM 0:119624335925 902 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
MACRUM 0:119624335925 903 *
MACRUM 0:119624335925 904 * \note If you use the default implementation functions that read a seedfile
MACRUM 0:119624335925 905 * with regular fopen(), please make sure you make a seedfile with the
MACRUM 0:119624335925 906 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
MACRUM 0:119624335925 907 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
MACRUM 0:119624335925 908 * and written to or you will get an entropy source error! The default
MACRUM 0:119624335925 909 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
MACRUM 0:119624335925 910 * bytes from the file.
MACRUM 0:119624335925 911 *
MACRUM 0:119624335925 912 * \note The entropy collector will write to the seed file before entropy is
MACRUM 0:119624335925 913 * given to an external source, to update it.
MACRUM 0:119624335925 914 */
MACRUM 0:119624335925 915 //#define MBEDTLS_ENTROPY_NV_SEED
MACRUM 0:119624335925 916
MACRUM 0:119624335925 917 /**
MACRUM 0:119624335925 918 * \def MBEDTLS_MEMORY_DEBUG
MACRUM 0:119624335925 919 *
MACRUM 0:119624335925 920 * Enable debugging of buffer allocator memory issues. Automatically prints
MACRUM 0:119624335925 921 * (to stderr) all (fatal) messages on memory allocation issues. Enables
MACRUM 0:119624335925 922 * function for 'debug output' of allocated memory.
MACRUM 0:119624335925 923 *
MACRUM 0:119624335925 924 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
MACRUM 0:119624335925 925 *
MACRUM 0:119624335925 926 * Uncomment this macro to let the buffer allocator print out error messages.
MACRUM 0:119624335925 927 */
MACRUM 0:119624335925 928 //#define MBEDTLS_MEMORY_DEBUG
MACRUM 0:119624335925 929
MACRUM 0:119624335925 930 /**
MACRUM 0:119624335925 931 * \def MBEDTLS_MEMORY_BACKTRACE
MACRUM 0:119624335925 932 *
MACRUM 0:119624335925 933 * Include backtrace information with each allocated block.
MACRUM 0:119624335925 934 *
MACRUM 0:119624335925 935 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
MACRUM 0:119624335925 936 * GLIBC-compatible backtrace() an backtrace_symbols() support
MACRUM 0:119624335925 937 *
MACRUM 0:119624335925 938 * Uncomment this macro to include backtrace information
MACRUM 0:119624335925 939 */
MACRUM 0:119624335925 940 //#define MBEDTLS_MEMORY_BACKTRACE
MACRUM 0:119624335925 941
MACRUM 0:119624335925 942 /**
MACRUM 0:119624335925 943 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
MACRUM 0:119624335925 944 *
MACRUM 0:119624335925 945 * Support external private RSA keys (eg from a HSM) in the PK layer.
MACRUM 0:119624335925 946 *
MACRUM 0:119624335925 947 * Comment this macro to disable support for external private RSA keys.
MACRUM 0:119624335925 948 */
MACRUM 0:119624335925 949 //#define MBEDTLS_PK_RSA_ALT_SUPPORT
MACRUM 0:119624335925 950
MACRUM 0:119624335925 951 /**
MACRUM 0:119624335925 952 * \def MBEDTLS_PKCS1_V15
MACRUM 0:119624335925 953 *
MACRUM 0:119624335925 954 * Enable support for PKCS#1 v1.5 encoding.
MACRUM 0:119624335925 955 *
MACRUM 0:119624335925 956 * Requires: MBEDTLS_RSA_C
MACRUM 0:119624335925 957 *
MACRUM 0:119624335925 958 * This enables support for PKCS#1 v1.5 operations.
MACRUM 0:119624335925 959 */
MACRUM 0:119624335925 960 #define MBEDTLS_PKCS1_V15
MACRUM 0:119624335925 961
MACRUM 0:119624335925 962 /**
MACRUM 0:119624335925 963 * \def MBEDTLS_PKCS1_V21
MACRUM 0:119624335925 964 *
MACRUM 0:119624335925 965 * Enable support for PKCS#1 v2.1 encoding.
MACRUM 0:119624335925 966 *
MACRUM 0:119624335925 967 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
MACRUM 0:119624335925 968 *
MACRUM 0:119624335925 969 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
MACRUM 0:119624335925 970 */
MACRUM 0:119624335925 971 #define MBEDTLS_PKCS1_V21
MACRUM 0:119624335925 972
MACRUM 0:119624335925 973 /**
MACRUM 0:119624335925 974 * \def MBEDTLS_RSA_NO_CRT
MACRUM 0:119624335925 975 *
MACRUM 0:119624335925 976 * Do not use the Chinese Remainder Theorem for the RSA private operation.
MACRUM 0:119624335925 977 *
MACRUM 0:119624335925 978 * Uncomment this macro to disable the use of CRT in RSA.
MACRUM 0:119624335925 979 *
MACRUM 0:119624335925 980 */
MACRUM 0:119624335925 981 //#define MBEDTLS_RSA_NO_CRT
MACRUM 0:119624335925 982
MACRUM 0:119624335925 983 /**
MACRUM 0:119624335925 984 * \def MBEDTLS_SELF_TEST
MACRUM 0:119624335925 985 *
MACRUM 0:119624335925 986 * Enable the checkup functions (*_self_test).
MACRUM 0:119624335925 987 */
MACRUM 0:119624335925 988 //#define MBEDTLS_SELF_TEST
MACRUM 0:119624335925 989
MACRUM 0:119624335925 990 /**
MACRUM 0:119624335925 991 * \def MBEDTLS_SHA256_SMALLER
MACRUM 0:119624335925 992 *
MACRUM 0:119624335925 993 * Enable an implementation of SHA-256 that has lower ROM footprint but also
MACRUM 0:119624335925 994 * lower performance.
MACRUM 0:119624335925 995 *
MACRUM 0:119624335925 996 * The default implementation is meant to be a reasonnable compromise between
MACRUM 0:119624335925 997 * performance and size. This version optimizes more aggressively for size at
MACRUM 0:119624335925 998 * the expense of performance. Eg on Cortex-M4 it reduces the size of
MACRUM 0:119624335925 999 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
MACRUM 0:119624335925 1000 * 30%.
MACRUM 0:119624335925 1001 *
MACRUM 0:119624335925 1002 * Uncomment to enable the smaller implementation of SHA256.
MACRUM 0:119624335925 1003 */
MACRUM 0:119624335925 1004 //#define MBEDTLS_SHA256_SMALLER
MACRUM 0:119624335925 1005
MACRUM 0:119624335925 1006 /**
MACRUM 0:119624335925 1007 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
MACRUM 0:119624335925 1008 *
MACRUM 0:119624335925 1009 * Enable sending of alert messages in case of encountered errors as per RFC.
MACRUM 0:119624335925 1010 * If you choose not to send the alert messages, mbed TLS can still communicate
MACRUM 0:119624335925 1011 * with other servers, only debugging of failures is harder.
MACRUM 0:119624335925 1012 *
MACRUM 0:119624335925 1013 * The advantage of not sending alert messages, is that no information is given
MACRUM 0:119624335925 1014 * about reasons for failures thus preventing adversaries of gaining intel.
MACRUM 0:119624335925 1015 *
MACRUM 0:119624335925 1016 * Enable sending of all alert messages
MACRUM 0:119624335925 1017 */
MACRUM 0:119624335925 1018 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
MACRUM 0:119624335925 1019
MACRUM 0:119624335925 1020 /**
MACRUM 0:119624335925 1021 * \def MBEDTLS_SSL_DEBUG_ALL
MACRUM 0:119624335925 1022 *
MACRUM 0:119624335925 1023 * Enable the debug messages in SSL module for all issues.
MACRUM 0:119624335925 1024 * Debug messages have been disabled in some places to prevent timing
MACRUM 0:119624335925 1025 * attacks due to (unbalanced) debugging function calls.
MACRUM 0:119624335925 1026 *
MACRUM 0:119624335925 1027 * If you need all error reporting you should enable this during debugging,
MACRUM 0:119624335925 1028 * but remove this for production servers that should log as well.
MACRUM 0:119624335925 1029 *
MACRUM 0:119624335925 1030 * Uncomment this macro to report all debug messages on errors introducing
MACRUM 0:119624335925 1031 * a timing side-channel.
MACRUM 0:119624335925 1032 *
MACRUM 0:119624335925 1033 */
MACRUM 0:119624335925 1034 //#define MBEDTLS_SSL_DEBUG_ALL
MACRUM 0:119624335925 1035
MACRUM 0:119624335925 1036 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
MACRUM 0:119624335925 1037 *
MACRUM 0:119624335925 1038 * Enable support for Encrypt-then-MAC, RFC 7366.
MACRUM 0:119624335925 1039 *
MACRUM 0:119624335925 1040 * This allows peers that both support it to use a more robust protection for
MACRUM 0:119624335925 1041 * ciphersuites using CBC, providing deep resistance against timing attacks
MACRUM 0:119624335925 1042 * on the padding or underlying cipher.
MACRUM 0:119624335925 1043 *
MACRUM 0:119624335925 1044 * This only affects CBC ciphersuites, and is useless if none is defined.
MACRUM 0:119624335925 1045 *
MACRUM 0:119624335925 1046 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
MACRUM 0:119624335925 1047 * MBEDTLS_SSL_PROTO_TLS1_1 or
MACRUM 0:119624335925 1048 * MBEDTLS_SSL_PROTO_TLS1_2
MACRUM 0:119624335925 1049 *
MACRUM 0:119624335925 1050 * Comment this macro to disable support for Encrypt-then-MAC
MACRUM 0:119624335925 1051 */
MACRUM 0:119624335925 1052 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
MACRUM 0:119624335925 1053
MACRUM 0:119624335925 1054 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
MACRUM 0:119624335925 1055 *
MACRUM 0:119624335925 1056 * Enable support for Extended Master Secret, aka Session Hash
MACRUM 0:119624335925 1057 * (draft-ietf-tls-session-hash-02).
MACRUM 0:119624335925 1058 *
MACRUM 0:119624335925 1059 * This was introduced as "the proper fix" to the Triple Handshake familiy of
MACRUM 0:119624335925 1060 * attacks, but it is recommended to always use it (even if you disable
MACRUM 0:119624335925 1061 * renegotiation), since it actually fixes a more fundamental issue in the
MACRUM 0:119624335925 1062 * original SSL/TLS design, and has implications beyond Triple Handshake.
MACRUM 0:119624335925 1063 *
MACRUM 0:119624335925 1064 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
MACRUM 0:119624335925 1065 * MBEDTLS_SSL_PROTO_TLS1_1 or
MACRUM 0:119624335925 1066 * MBEDTLS_SSL_PROTO_TLS1_2
MACRUM 0:119624335925 1067 *
MACRUM 0:119624335925 1068 * Comment this macro to disable support for Extended Master Secret.
MACRUM 0:119624335925 1069 */
MACRUM 0:119624335925 1070 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
MACRUM 0:119624335925 1071
MACRUM 0:119624335925 1072 /**
MACRUM 0:119624335925 1073 * \def MBEDTLS_SSL_FALLBACK_SCSV
MACRUM 0:119624335925 1074 *
MACRUM 0:119624335925 1075 * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
MACRUM 0:119624335925 1076 *
MACRUM 0:119624335925 1077 * For servers, it is recommended to always enable this, unless you support
MACRUM 0:119624335925 1078 * only one version of TLS, or know for sure that none of your clients
MACRUM 0:119624335925 1079 * implements a fallback strategy.
MACRUM 0:119624335925 1080 *
MACRUM 0:119624335925 1081 * For clients, you only need this if you're using a fallback strategy, which
MACRUM 0:119624335925 1082 * is not recommended in the first place, unless you absolutely need it to
MACRUM 0:119624335925 1083 * interoperate with buggy (version-intolerant) servers.
MACRUM 0:119624335925 1084 *
MACRUM 0:119624335925 1085 * Comment this macro to disable support for FALLBACK_SCSV
MACRUM 0:119624335925 1086 */
MACRUM 0:119624335925 1087 //#define MBEDTLS_SSL_FALLBACK_SCSV
MACRUM 0:119624335925 1088
MACRUM 0:119624335925 1089 /**
MACRUM 0:119624335925 1090 * \def MBEDTLS_SSL_HW_RECORD_ACCEL
MACRUM 0:119624335925 1091 *
MACRUM 0:119624335925 1092 * Enable hooking functions in SSL module for hardware acceleration of
MACRUM 0:119624335925 1093 * individual records.
MACRUM 0:119624335925 1094 *
MACRUM 0:119624335925 1095 * Uncomment this macro to enable hooking functions.
MACRUM 0:119624335925 1096 */
MACRUM 0:119624335925 1097 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
MACRUM 0:119624335925 1098
MACRUM 0:119624335925 1099 /**
MACRUM 0:119624335925 1100 * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
MACRUM 0:119624335925 1101 *
MACRUM 0:119624335925 1102 * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
MACRUM 0:119624335925 1103 *
MACRUM 0:119624335925 1104 * This is a countermeasure to the BEAST attack, which also minimizes the risk
MACRUM 0:119624335925 1105 * of interoperability issues compared to sending 0-length records.
MACRUM 0:119624335925 1106 *
MACRUM 0:119624335925 1107 * Comment this macro to disable 1/n-1 record splitting.
MACRUM 0:119624335925 1108 */
MACRUM 0:119624335925 1109 //#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
MACRUM 0:119624335925 1110
MACRUM 0:119624335925 1111 /**
MACRUM 0:119624335925 1112 * \def MBEDTLS_SSL_RENEGOTIATION
MACRUM 0:119624335925 1113 *
MACRUM 0:119624335925 1114 * Disable support for TLS renegotiation.
MACRUM 0:119624335925 1115 *
MACRUM 0:119624335925 1116 * The two main uses of renegotiation are (1) refresh keys on long-lived
MACRUM 0:119624335925 1117 * connections and (2) client authentication after the initial handshake.
MACRUM 0:119624335925 1118 * If you don't need renegotiation, it's probably better to disable it, since
MACRUM 0:119624335925 1119 * it has been associated with security issues in the past and is easy to
MACRUM 0:119624335925 1120 * misuse/misunderstand.
MACRUM 0:119624335925 1121 *
MACRUM 0:119624335925 1122 * Comment this to disable support for renegotiation.
MACRUM 0:119624335925 1123 */
MACRUM 0:119624335925 1124 #define MBEDTLS_SSL_RENEGOTIATION
MACRUM 0:119624335925 1125
MACRUM 0:119624335925 1126 /**
MACRUM 0:119624335925 1127 * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
MACRUM 0:119624335925 1128 *
MACRUM 0:119624335925 1129 * Enable support for receiving and parsing SSLv2 Client Hello messages for the
MACRUM 0:119624335925 1130 * SSL Server module (MBEDTLS_SSL_SRV_C).
MACRUM 0:119624335925 1131 *
MACRUM 0:119624335925 1132 * Uncomment this macro to enable support for SSLv2 Client Hello messages.
MACRUM 0:119624335925 1133 */
MACRUM 0:119624335925 1134 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
MACRUM 0:119624335925 1135
MACRUM 0:119624335925 1136 /**
MACRUM 0:119624335925 1137 * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
MACRUM 0:119624335925 1138 *
MACRUM 0:119624335925 1139 * Pick the ciphersuite according to the client's preferences rather than ours
MACRUM 0:119624335925 1140 * in the SSL Server module (MBEDTLS_SSL_SRV_C).
MACRUM 0:119624335925 1141 *
MACRUM 0:119624335925 1142 * Uncomment this macro to respect client's ciphersuite order
MACRUM 0:119624335925 1143 */
MACRUM 0:119624335925 1144 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
MACRUM 0:119624335925 1145
MACRUM 0:119624335925 1146 /**
MACRUM 0:119624335925 1147 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
MACRUM 0:119624335925 1148 *
MACRUM 0:119624335925 1149 * Enable support for RFC 6066 max_fragment_length extension in SSL.
MACRUM 0:119624335925 1150 *
MACRUM 0:119624335925 1151 * Comment this macro to disable support for the max_fragment_length extension
MACRUM 0:119624335925 1152 */
MACRUM 0:119624335925 1153 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
MACRUM 0:119624335925 1154
MACRUM 0:119624335925 1155 /**
MACRUM 0:119624335925 1156 * \def MBEDTLS_SSL_PROTO_SSL3
MACRUM 0:119624335925 1157 *
MACRUM 0:119624335925 1158 * Enable support for SSL 3.0.
MACRUM 0:119624335925 1159 *
MACRUM 0:119624335925 1160 * Requires: MBEDTLS_MD5_C
MACRUM 0:119624335925 1161 * MBEDTLS_SHA1_C
MACRUM 0:119624335925 1162 *
MACRUM 0:119624335925 1163 * Comment this macro to disable support for SSL 3.0
MACRUM 0:119624335925 1164 */
MACRUM 0:119624335925 1165 //#define MBEDTLS_SSL_PROTO_SSL3
MACRUM 0:119624335925 1166
MACRUM 0:119624335925 1167 /**
MACRUM 0:119624335925 1168 * \def MBEDTLS_SSL_PROTO_TLS1
MACRUM 0:119624335925 1169 *
MACRUM 0:119624335925 1170 * Enable support for TLS 1.0.
MACRUM 0:119624335925 1171 *
MACRUM 0:119624335925 1172 * Requires: MBEDTLS_MD5_C
MACRUM 0:119624335925 1173 * MBEDTLS_SHA1_C
MACRUM 0:119624335925 1174 *
MACRUM 0:119624335925 1175 * Comment this macro to disable support for TLS 1.0
MACRUM 0:119624335925 1176 */
MACRUM 0:119624335925 1177 //#define MBEDTLS_SSL_PROTO_TLS1
MACRUM 0:119624335925 1178
MACRUM 0:119624335925 1179 /**
MACRUM 0:119624335925 1180 * \def MBEDTLS_SSL_PROTO_TLS1_1
MACRUM 0:119624335925 1181 *
MACRUM 0:119624335925 1182 * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
MACRUM 0:119624335925 1183 *
MACRUM 0:119624335925 1184 * Requires: MBEDTLS_MD5_C
MACRUM 0:119624335925 1185 * MBEDTLS_SHA1_C
MACRUM 0:119624335925 1186 *
MACRUM 0:119624335925 1187 * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
MACRUM 0:119624335925 1188 */
MACRUM 0:119624335925 1189 //#define MBEDTLS_SSL_PROTO_TLS1_1
MACRUM 0:119624335925 1190
MACRUM 0:119624335925 1191 /**
MACRUM 0:119624335925 1192 * \def MBEDTLS_SSL_PROTO_TLS1_2
MACRUM 0:119624335925 1193 *
MACRUM 0:119624335925 1194 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
MACRUM 0:119624335925 1195 *
MACRUM 0:119624335925 1196 * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
MACRUM 0:119624335925 1197 * (Depends on ciphersuites)
MACRUM 0:119624335925 1198 *
MACRUM 0:119624335925 1199 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
MACRUM 0:119624335925 1200 */
MACRUM 0:119624335925 1201 #define MBEDTLS_SSL_PROTO_TLS1_2
MACRUM 0:119624335925 1202
MACRUM 0:119624335925 1203 /**
MACRUM 0:119624335925 1204 * \def MBEDTLS_SSL_PROTO_DTLS
MACRUM 0:119624335925 1205 *
MACRUM 0:119624335925 1206 * Enable support for DTLS (all available versions).
MACRUM 0:119624335925 1207 *
MACRUM 0:119624335925 1208 * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
MACRUM 0:119624335925 1209 * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
MACRUM 0:119624335925 1210 *
MACRUM 0:119624335925 1211 * Requires: MBEDTLS_SSL_PROTO_TLS1_1
MACRUM 0:119624335925 1212 * or MBEDTLS_SSL_PROTO_TLS1_2
MACRUM 0:119624335925 1213 *
MACRUM 0:119624335925 1214 * Comment this macro to disable support for DTLS
MACRUM 0:119624335925 1215 */
MACRUM 0:119624335925 1216 #define MBEDTLS_SSL_PROTO_DTLS
MACRUM 0:119624335925 1217
MACRUM 0:119624335925 1218 /**
MACRUM 0:119624335925 1219 * \def MBEDTLS_SSL_ALPN
MACRUM 0:119624335925 1220 *
MACRUM 0:119624335925 1221 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
MACRUM 0:119624335925 1222 *
MACRUM 0:119624335925 1223 * Comment this macro to disable support for ALPN.
MACRUM 0:119624335925 1224 */
MACRUM 0:119624335925 1225 #define MBEDTLS_SSL_ALPN
MACRUM 0:119624335925 1226
MACRUM 0:119624335925 1227 /**
MACRUM 0:119624335925 1228 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
MACRUM 0:119624335925 1229 *
MACRUM 0:119624335925 1230 * Enable support for the anti-replay mechanism in DTLS.
MACRUM 0:119624335925 1231 *
MACRUM 0:119624335925 1232 * Requires: MBEDTLS_SSL_TLS_C
MACRUM 0:119624335925 1233 * MBEDTLS_SSL_PROTO_DTLS
MACRUM 0:119624335925 1234 *
MACRUM 0:119624335925 1235 * \warning Disabling this is often a security risk!
MACRUM 0:119624335925 1236 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
MACRUM 0:119624335925 1237 *
MACRUM 0:119624335925 1238 * Comment this to disable anti-replay in DTLS.
MACRUM 0:119624335925 1239 */
MACRUM 0:119624335925 1240 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
MACRUM 0:119624335925 1241
MACRUM 0:119624335925 1242 /**
MACRUM 0:119624335925 1243 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
MACRUM 0:119624335925 1244 *
MACRUM 0:119624335925 1245 * Enable support for HelloVerifyRequest on DTLS servers.
MACRUM 0:119624335925 1246 *
MACRUM 0:119624335925 1247 * This feature is highly recommended to prevent DTLS servers being used as
MACRUM 0:119624335925 1248 * amplifiers in DoS attacks against other hosts. It should always be enabled
MACRUM 0:119624335925 1249 * unless you know for sure amplification cannot be a problem in the
MACRUM 0:119624335925 1250 * environment in which your server operates.
MACRUM 0:119624335925 1251 *
MACRUM 0:119624335925 1252 * \warning Disabling this can ba a security risk! (see above)
MACRUM 0:119624335925 1253 *
MACRUM 0:119624335925 1254 * Requires: MBEDTLS_SSL_PROTO_DTLS
MACRUM 0:119624335925 1255 *
MACRUM 0:119624335925 1256 * Comment this to disable support for HelloVerifyRequest.
MACRUM 0:119624335925 1257 */
MACRUM 0:119624335925 1258 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
MACRUM 0:119624335925 1259
MACRUM 0:119624335925 1260 /**
MACRUM 0:119624335925 1261 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
MACRUM 0:119624335925 1262 *
MACRUM 0:119624335925 1263 * Enable server-side support for clients that reconnect from the same port.
MACRUM 0:119624335925 1264 *
MACRUM 0:119624335925 1265 * Some clients unexpectedly close the connection and try to reconnect using the
MACRUM 0:119624335925 1266 * same source port. This needs special support from the server to handle the
MACRUM 0:119624335925 1267 * new connection securely, as described in section 4.2.8 of RFC 6347. This
MACRUM 0:119624335925 1268 * flag enables that support.
MACRUM 0:119624335925 1269 *
MACRUM 0:119624335925 1270 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
MACRUM 0:119624335925 1271 *
MACRUM 0:119624335925 1272 * Comment this to disable support for clients reusing the source port.
MACRUM 0:119624335925 1273 */
MACRUM 0:119624335925 1274 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
MACRUM 0:119624335925 1275
MACRUM 0:119624335925 1276 /**
MACRUM 0:119624335925 1277 * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
MACRUM 0:119624335925 1278 *
MACRUM 0:119624335925 1279 * Enable support for a limit of records with bad MAC.
MACRUM 0:119624335925 1280 *
MACRUM 0:119624335925 1281 * See mbedtls_ssl_conf_dtls_badmac_limit().
MACRUM 0:119624335925 1282 *
MACRUM 0:119624335925 1283 * Requires: MBEDTLS_SSL_PROTO_DTLS
MACRUM 0:119624335925 1284 */
MACRUM 0:119624335925 1285 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
MACRUM 0:119624335925 1286
MACRUM 0:119624335925 1287 /**
MACRUM 0:119624335925 1288 * \def MBEDTLS_SSL_SESSION_TICKETS
MACRUM 0:119624335925 1289 *
MACRUM 0:119624335925 1290 * Enable support for RFC 5077 session tickets in SSL.
MACRUM 0:119624335925 1291 * Client-side, provides full support for session tickets (maintainance of a
MACRUM 0:119624335925 1292 * session store remains the responsibility of the application, though).
MACRUM 0:119624335925 1293 * Server-side, you also need to provide callbacks for writing and parsing
MACRUM 0:119624335925 1294 * tickets, including authenticated encryption and key management. Example
MACRUM 0:119624335925 1295 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
MACRUM 0:119624335925 1296 *
MACRUM 0:119624335925 1297 * Comment this macro to disable support for SSL session tickets
MACRUM 0:119624335925 1298 */
MACRUM 0:119624335925 1299 #define MBEDTLS_SSL_SESSION_TICKETS
MACRUM 0:119624335925 1300
MACRUM 0:119624335925 1301 /**
MACRUM 0:119624335925 1302 * \def MBEDTLS_SSL_EXPORT_KEYS
MACRUM 0:119624335925 1303 *
MACRUM 0:119624335925 1304 * Enable support for exporting key block and master secret.
MACRUM 0:119624335925 1305 * This is required for certain users of TLS, e.g. EAP-TLS.
MACRUM 0:119624335925 1306 *
MACRUM 0:119624335925 1307 * Comment this macro to disable support for key export
MACRUM 0:119624335925 1308 */
MACRUM 0:119624335925 1309 #define MBEDTLS_SSL_EXPORT_KEYS
MACRUM 0:119624335925 1310
MACRUM 0:119624335925 1311 /**
MACRUM 0:119624335925 1312 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
MACRUM 0:119624335925 1313 *
MACRUM 0:119624335925 1314 * Enable support for RFC 6066 server name indication (SNI) in SSL.
MACRUM 0:119624335925 1315 *
MACRUM 0:119624335925 1316 * Requires: MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 1317 *
MACRUM 0:119624335925 1318 * Comment this macro to disable support for server name indication in SSL
MACRUM 0:119624335925 1319 */
MACRUM 0:119624335925 1320 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
MACRUM 0:119624335925 1321
MACRUM 0:119624335925 1322 /**
MACRUM 0:119624335925 1323 * \def MBEDTLS_SSL_TRUNCATED_HMAC
MACRUM 0:119624335925 1324 *
MACRUM 0:119624335925 1325 * Enable support for RFC 6066 truncated HMAC in SSL.
MACRUM 0:119624335925 1326 *
MACRUM 0:119624335925 1327 * Comment this macro to disable support for truncated HMAC in SSL
MACRUM 0:119624335925 1328 */
MACRUM 0:119624335925 1329 //#define MBEDTLS_SSL_TRUNCATED_HMAC
MACRUM 0:119624335925 1330
MACRUM 0:119624335925 1331 /**
MACRUM 0:119624335925 1332 * \def MBEDTLS_THREADING_ALT
MACRUM 0:119624335925 1333 *
MACRUM 0:119624335925 1334 * Provide your own alternate threading implementation.
MACRUM 0:119624335925 1335 *
MACRUM 0:119624335925 1336 * Requires: MBEDTLS_THREADING_C
MACRUM 0:119624335925 1337 *
MACRUM 0:119624335925 1338 * Uncomment this to allow your own alternate threading implementation.
MACRUM 0:119624335925 1339 */
MACRUM 0:119624335925 1340 //#define MBEDTLS_THREADING_ALT
MACRUM 0:119624335925 1341
MACRUM 0:119624335925 1342 /**
MACRUM 0:119624335925 1343 * \def MBEDTLS_THREADING_PTHREAD
MACRUM 0:119624335925 1344 *
MACRUM 0:119624335925 1345 * Enable the pthread wrapper layer for the threading layer.
MACRUM 0:119624335925 1346 *
MACRUM 0:119624335925 1347 * Requires: MBEDTLS_THREADING_C
MACRUM 0:119624335925 1348 *
MACRUM 0:119624335925 1349 * Uncomment this to enable pthread mutexes.
MACRUM 0:119624335925 1350 */
MACRUM 0:119624335925 1351 //#define MBEDTLS_THREADING_PTHREAD
MACRUM 0:119624335925 1352
MACRUM 0:119624335925 1353 /**
MACRUM 0:119624335925 1354 * \def MBEDTLS_VERSION_FEATURES
MACRUM 0:119624335925 1355 *
MACRUM 0:119624335925 1356 * Allow run-time checking of compile-time enabled features. Thus allowing users
MACRUM 0:119624335925 1357 * to check at run-time if the library is for instance compiled with threading
MACRUM 0:119624335925 1358 * support via mbedtls_version_check_feature().
MACRUM 0:119624335925 1359 *
MACRUM 0:119624335925 1360 * Requires: MBEDTLS_VERSION_C
MACRUM 0:119624335925 1361 *
MACRUM 0:119624335925 1362 * Comment this to disable run-time checking and save ROM space
MACRUM 0:119624335925 1363 */
MACRUM 0:119624335925 1364 //#define MBEDTLS_VERSION_FEATURES
MACRUM 0:119624335925 1365
MACRUM 0:119624335925 1366 /**
MACRUM 0:119624335925 1367 * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
MACRUM 0:119624335925 1368 *
MACRUM 0:119624335925 1369 * If set, the X509 parser will not break-off when parsing an X509 certificate
MACRUM 0:119624335925 1370 * and encountering an extension in a v1 or v2 certificate.
MACRUM 0:119624335925 1371 *
MACRUM 0:119624335925 1372 * Uncomment to prevent an error.
MACRUM 0:119624335925 1373 */
MACRUM 0:119624335925 1374 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
MACRUM 0:119624335925 1375
MACRUM 0:119624335925 1376 /**
MACRUM 0:119624335925 1377 * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
MACRUM 0:119624335925 1378 *
MACRUM 0:119624335925 1379 * If set, the X509 parser will not break-off when parsing an X509 certificate
MACRUM 0:119624335925 1380 * and encountering an unknown critical extension.
MACRUM 0:119624335925 1381 *
MACRUM 0:119624335925 1382 * \warning Depending on your PKI use, enabling this can be a security risk!
MACRUM 0:119624335925 1383 *
MACRUM 0:119624335925 1384 * Uncomment to prevent an error.
MACRUM 0:119624335925 1385 */
MACRUM 0:119624335925 1386 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
MACRUM 0:119624335925 1387
MACRUM 0:119624335925 1388 /**
MACRUM 0:119624335925 1389 * \def MBEDTLS_X509_CHECK_KEY_USAGE
MACRUM 0:119624335925 1390 *
MACRUM 0:119624335925 1391 * Enable verification of the keyUsage extension (CA and leaf certificates).
MACRUM 0:119624335925 1392 *
MACRUM 0:119624335925 1393 * Disabling this avoids problems with mis-issued and/or misused
MACRUM 0:119624335925 1394 * (intermediate) CA and leaf certificates.
MACRUM 0:119624335925 1395 *
MACRUM 0:119624335925 1396 * \warning Depending on your PKI use, disabling this can be a security risk!
MACRUM 0:119624335925 1397 *
MACRUM 0:119624335925 1398 * Comment to skip keyUsage checking for both CA and leaf certificates.
MACRUM 0:119624335925 1399 */
MACRUM 0:119624335925 1400 #define MBEDTLS_X509_CHECK_KEY_USAGE
MACRUM 0:119624335925 1401
MACRUM 0:119624335925 1402 /**
MACRUM 0:119624335925 1403 * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
MACRUM 0:119624335925 1404 *
MACRUM 0:119624335925 1405 * Enable verification of the extendedKeyUsage extension (leaf certificates).
MACRUM 0:119624335925 1406 *
MACRUM 0:119624335925 1407 * Disabling this avoids problems with mis-issued and/or misused certificates.
MACRUM 0:119624335925 1408 *
MACRUM 0:119624335925 1409 * \warning Depending on your PKI use, disabling this can be a security risk!
MACRUM 0:119624335925 1410 *
MACRUM 0:119624335925 1411 * Comment to skip extendedKeyUsage checking for certificates.
MACRUM 0:119624335925 1412 */
MACRUM 0:119624335925 1413 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
MACRUM 0:119624335925 1414
MACRUM 0:119624335925 1415 /**
MACRUM 0:119624335925 1416 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
MACRUM 0:119624335925 1417 *
MACRUM 0:119624335925 1418 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
MACRUM 0:119624335925 1419 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
MACRUM 0:119624335925 1420 *
MACRUM 0:119624335925 1421 * Comment this macro to disallow using RSASSA-PSS in certificates.
MACRUM 0:119624335925 1422 */
MACRUM 0:119624335925 1423 //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
MACRUM 0:119624335925 1424
MACRUM 0:119624335925 1425 /**
MACRUM 0:119624335925 1426 * \def MBEDTLS_ZLIB_SUPPORT
MACRUM 0:119624335925 1427 *
MACRUM 0:119624335925 1428 * If set, the SSL/TLS module uses ZLIB to support compression and
MACRUM 0:119624335925 1429 * decompression of packet data.
MACRUM 0:119624335925 1430 *
MACRUM 0:119624335925 1431 * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
MACRUM 0:119624335925 1432 * CRIME attack. Before enabling this option, you should examine with care if
MACRUM 0:119624335925 1433 * CRIME or similar exploits may be a applicable to your use case.
MACRUM 0:119624335925 1434 *
MACRUM 0:119624335925 1435 * \note Currently compression can't be used with DTLS.
MACRUM 0:119624335925 1436 *
MACRUM 0:119624335925 1437 * Used in: library/ssl_tls.c
MACRUM 0:119624335925 1438 * library/ssl_cli.c
MACRUM 0:119624335925 1439 * library/ssl_srv.c
MACRUM 0:119624335925 1440 *
MACRUM 0:119624335925 1441 * This feature requires zlib library and headers to be present.
MACRUM 0:119624335925 1442 *
MACRUM 0:119624335925 1443 * Uncomment to enable use of ZLIB
MACRUM 0:119624335925 1444 */
MACRUM 0:119624335925 1445 //#define MBEDTLS_ZLIB_SUPPORT
MACRUM 0:119624335925 1446 /* \} name SECTION: mbed TLS feature support */
MACRUM 0:119624335925 1447
MACRUM 0:119624335925 1448 /**
MACRUM 0:119624335925 1449 * \name SECTION: mbed TLS modules
MACRUM 0:119624335925 1450 *
MACRUM 0:119624335925 1451 * This section enables or disables entire modules in mbed TLS
MACRUM 0:119624335925 1452 * \{
MACRUM 0:119624335925 1453 */
MACRUM 0:119624335925 1454
MACRUM 0:119624335925 1455 /**
MACRUM 0:119624335925 1456 * \def MBEDTLS_AESNI_C
MACRUM 0:119624335925 1457 *
MACRUM 0:119624335925 1458 * Enable AES-NI support on x86-64.
MACRUM 0:119624335925 1459 *
MACRUM 0:119624335925 1460 * Module: library/aesni.c
MACRUM 0:119624335925 1461 * Caller: library/aes.c
MACRUM 0:119624335925 1462 *
MACRUM 0:119624335925 1463 * Requires: MBEDTLS_HAVE_ASM
MACRUM 0:119624335925 1464 *
MACRUM 0:119624335925 1465 * This modules adds support for the AES-NI instructions on x86-64
MACRUM 0:119624335925 1466 */
MACRUM 0:119624335925 1467 //#define MBEDTLS_AESNI_C
MACRUM 0:119624335925 1468
MACRUM 0:119624335925 1469 /**
MACRUM 0:119624335925 1470 * \def MBEDTLS_AES_C
MACRUM 0:119624335925 1471 *
MACRUM 0:119624335925 1472 * Enable the AES block cipher.
MACRUM 0:119624335925 1473 *
MACRUM 0:119624335925 1474 * Module: library/aes.c
MACRUM 0:119624335925 1475 * Caller: library/ssl_tls.c
MACRUM 0:119624335925 1476 * library/pem.c
MACRUM 0:119624335925 1477 * library/ctr_drbg.c
MACRUM 0:119624335925 1478 *
MACRUM 0:119624335925 1479 * This module enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 1480 * enabled as well):
MACRUM 0:119624335925 1481 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1482 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1483 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1484 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1485 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1486 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1487 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1488 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1489 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1490 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1491 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1492 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1493 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1494 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1495 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1496 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1497 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1498 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
MACRUM 0:119624335925 1499 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1500 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1501 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1502 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1503 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1504 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1505 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1506 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1507 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1508 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1509 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1510 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1511 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1512 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1513 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1514 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1515 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1516 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1517 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1518 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1519 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1520 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1521 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1522 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
MACRUM 0:119624335925 1523 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1524 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1525 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1526 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1527 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1528 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1529 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1530 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1531 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1532 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1533 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
MACRUM 0:119624335925 1534 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
MACRUM 0:119624335925 1535 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
MACRUM 0:119624335925 1536 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
MACRUM 0:119624335925 1537 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 1538 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
MACRUM 0:119624335925 1539 *
MACRUM 0:119624335925 1540 * PEM_PARSE uses AES for decrypting encrypted keys.
MACRUM 0:119624335925 1541 */
MACRUM 0:119624335925 1542 #define MBEDTLS_AES_C
MACRUM 0:119624335925 1543
MACRUM 0:119624335925 1544 /**
MACRUM 0:119624335925 1545 * \def MBEDTLS_ARC4_C
MACRUM 0:119624335925 1546 *
MACRUM 0:119624335925 1547 * Enable the ARCFOUR stream cipher.
MACRUM 0:119624335925 1548 *
MACRUM 0:119624335925 1549 * Module: library/arc4.c
MACRUM 0:119624335925 1550 * Caller: library/ssl_tls.c
MACRUM 0:119624335925 1551 *
MACRUM 0:119624335925 1552 * This module enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 1553 * enabled as well):
MACRUM 0:119624335925 1554 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 1555 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 1556 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 1557 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 1558 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 1559 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 1560 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
MACRUM 0:119624335925 1561 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
MACRUM 0:119624335925 1562 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 1563 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
MACRUM 0:119624335925 1564 */
MACRUM 0:119624335925 1565 //#define MBEDTLS_ARC4_C
MACRUM 0:119624335925 1566
MACRUM 0:119624335925 1567 /**
MACRUM 0:119624335925 1568 * \def MBEDTLS_ASN1_PARSE_C
MACRUM 0:119624335925 1569 *
MACRUM 0:119624335925 1570 * Enable the generic ASN1 parser.
MACRUM 0:119624335925 1571 *
MACRUM 0:119624335925 1572 * Module: library/asn1.c
MACRUM 0:119624335925 1573 * Caller: library/x509.c
MACRUM 0:119624335925 1574 * library/dhm.c
MACRUM 0:119624335925 1575 * library/pkcs12.c
MACRUM 0:119624335925 1576 * library/pkcs5.c
MACRUM 0:119624335925 1577 * library/pkparse.c
MACRUM 0:119624335925 1578 */
MACRUM 0:119624335925 1579 #define MBEDTLS_ASN1_PARSE_C
MACRUM 0:119624335925 1580
MACRUM 0:119624335925 1581 /**
MACRUM 0:119624335925 1582 * \def MBEDTLS_ASN1_WRITE_C
MACRUM 0:119624335925 1583 *
MACRUM 0:119624335925 1584 * Enable the generic ASN1 writer.
MACRUM 0:119624335925 1585 *
MACRUM 0:119624335925 1586 * Module: library/asn1write.c
MACRUM 0:119624335925 1587 * Caller: library/ecdsa.c
MACRUM 0:119624335925 1588 * library/pkwrite.c
MACRUM 0:119624335925 1589 * library/x509_create.c
MACRUM 0:119624335925 1590 * library/x509write_crt.c
MACRUM 0:119624335925 1591 * library/x509write_csr.c
MACRUM 0:119624335925 1592 */
MACRUM 0:119624335925 1593 #define MBEDTLS_ASN1_WRITE_C
MACRUM 0:119624335925 1594
MACRUM 0:119624335925 1595 /**
MACRUM 0:119624335925 1596 * \def MBEDTLS_BASE64_C
MACRUM 0:119624335925 1597 *
MACRUM 0:119624335925 1598 * Enable the Base64 module.
MACRUM 0:119624335925 1599 *
MACRUM 0:119624335925 1600 * Module: library/base64.c
MACRUM 0:119624335925 1601 * Caller: library/pem.c
MACRUM 0:119624335925 1602 *
MACRUM 0:119624335925 1603 * This module is required for PEM support (required by X.509).
MACRUM 0:119624335925 1604 */
MACRUM 0:119624335925 1605 //#define MBEDTLS_BASE64_C
MACRUM 0:119624335925 1606
MACRUM 0:119624335925 1607 /**
MACRUM 0:119624335925 1608 * \def MBEDTLS_BIGNUM_C
MACRUM 0:119624335925 1609 *
MACRUM 0:119624335925 1610 * Enable the multi-precision integer library.
MACRUM 0:119624335925 1611 *
MACRUM 0:119624335925 1612 * Module: library/bignum.c
MACRUM 0:119624335925 1613 * Caller: library/dhm.c
MACRUM 0:119624335925 1614 * library/ecp.c
MACRUM 0:119624335925 1615 * library/ecdsa.c
MACRUM 0:119624335925 1616 * library/rsa.c
MACRUM 0:119624335925 1617 * library/ssl_tls.c
MACRUM 0:119624335925 1618 *
MACRUM 0:119624335925 1619 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
MACRUM 0:119624335925 1620 */
MACRUM 0:119624335925 1621 #define MBEDTLS_BIGNUM_C
MACRUM 0:119624335925 1622
MACRUM 0:119624335925 1623 /**
MACRUM 0:119624335925 1624 * \def MBEDTLS_BLOWFISH_C
MACRUM 0:119624335925 1625 *
MACRUM 0:119624335925 1626 * Enable the Blowfish block cipher.
MACRUM 0:119624335925 1627 *
MACRUM 0:119624335925 1628 * Module: library/blowfish.c
MACRUM 0:119624335925 1629 */
MACRUM 0:119624335925 1630 //#define MBEDTLS_BLOWFISH_C
MACRUM 0:119624335925 1631
MACRUM 0:119624335925 1632 /**
MACRUM 0:119624335925 1633 * \def MBEDTLS_CAMELLIA_C
MACRUM 0:119624335925 1634 *
MACRUM 0:119624335925 1635 * Enable the Camellia block cipher.
MACRUM 0:119624335925 1636 *
MACRUM 0:119624335925 1637 * Module: library/camellia.c
MACRUM 0:119624335925 1638 * Caller: library/ssl_tls.c
MACRUM 0:119624335925 1639 *
MACRUM 0:119624335925 1640 * This module enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 1641 * enabled as well):
MACRUM 0:119624335925 1642 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1643 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1644 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1645 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1646 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1647 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1648 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1649 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1650 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1651 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1652 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1653 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1654 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1655 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
MACRUM 0:119624335925 1656 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
MACRUM 0:119624335925 1657 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1658 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1659 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1660 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1661 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1662 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1663 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
MACRUM 0:119624335925 1664 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1665 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1666 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1667 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1668 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1669 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1670 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1671 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
MACRUM 0:119624335925 1672 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
MACRUM 0:119624335925 1673 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1674 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1675 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
MACRUM 0:119624335925 1676 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1677 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1678 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1679 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1680 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
MACRUM 0:119624335925 1681 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
MACRUM 0:119624335925 1682 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
MACRUM 0:119624335925 1683 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
MACRUM 0:119624335925 1684 */
MACRUM 0:119624335925 1685 //#define MBEDTLS_CAMELLIA_C
MACRUM 0:119624335925 1686
MACRUM 0:119624335925 1687 /**
MACRUM 0:119624335925 1688 * \def MBEDTLS_CCM_C
MACRUM 0:119624335925 1689 *
MACRUM 0:119624335925 1690 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
MACRUM 0:119624335925 1691 *
MACRUM 0:119624335925 1692 * Module: library/ccm.c
MACRUM 0:119624335925 1693 *
MACRUM 0:119624335925 1694 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
MACRUM 0:119624335925 1695 *
MACRUM 0:119624335925 1696 * This module enables the AES-CCM ciphersuites, if other requisites are
MACRUM 0:119624335925 1697 * enabled as well.
MACRUM 0:119624335925 1698 */
MACRUM 0:119624335925 1699 #define MBEDTLS_CCM_C
MACRUM 0:119624335925 1700
MACRUM 0:119624335925 1701 /**
MACRUM 0:119624335925 1702 * \def MBEDTLS_CERTS_C
MACRUM 0:119624335925 1703 *
MACRUM 0:119624335925 1704 * Enable the test certificates.
MACRUM 0:119624335925 1705 *
MACRUM 0:119624335925 1706 * Module: library/certs.c
MACRUM 0:119624335925 1707 * Caller:
MACRUM 0:119624335925 1708 *
MACRUM 0:119624335925 1709 * This module is used for testing (ssl_client/server).
MACRUM 0:119624335925 1710 */
MACRUM 0:119624335925 1711 //#define MBEDTLS_CERTS_C
MACRUM 0:119624335925 1712
MACRUM 0:119624335925 1713 /**
MACRUM 0:119624335925 1714 * \def MBEDTLS_CIPHER_C
MACRUM 0:119624335925 1715 *
MACRUM 0:119624335925 1716 * Enable the generic cipher layer.
MACRUM 0:119624335925 1717 *
MACRUM 0:119624335925 1718 * Module: library/cipher.c
MACRUM 0:119624335925 1719 * Caller: library/ssl_tls.c
MACRUM 0:119624335925 1720 *
MACRUM 0:119624335925 1721 * Uncomment to enable generic cipher wrappers.
MACRUM 0:119624335925 1722 */
MACRUM 0:119624335925 1723 #define MBEDTLS_CIPHER_C
MACRUM 0:119624335925 1724
MACRUM 0:119624335925 1725 /**
MACRUM 0:119624335925 1726 * \def MBEDTLS_CMAC_C
MACRUM 0:119624335925 1727 *
MACRUM 0:119624335925 1728 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
MACRUM 0:119624335925 1729 * ciphers.
MACRUM 0:119624335925 1730 *
MACRUM 0:119624335925 1731 * Module: library/cmac.c
MACRUM 0:119624335925 1732 *
MACRUM 0:119624335925 1733 * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
MACRUM 0:119624335925 1734 *
MACRUM 0:119624335925 1735 */
MACRUM 0:119624335925 1736 #define MBEDTLS_CMAC_C
MACRUM 0:119624335925 1737
MACRUM 0:119624335925 1738 /**
MACRUM 0:119624335925 1739 * \def MBEDTLS_CTR_DRBG_C
MACRUM 0:119624335925 1740 *
MACRUM 0:119624335925 1741 * Enable the CTR_DRBG AES-256-based random generator.
MACRUM 0:119624335925 1742 *
MACRUM 0:119624335925 1743 * Module: library/ctr_drbg.c
MACRUM 0:119624335925 1744 * Caller:
MACRUM 0:119624335925 1745 *
MACRUM 0:119624335925 1746 * Requires: MBEDTLS_AES_C
MACRUM 0:119624335925 1747 *
MACRUM 0:119624335925 1748 * This module provides the CTR_DRBG AES-256 random number generator.
MACRUM 0:119624335925 1749 */
MACRUM 0:119624335925 1750 #define MBEDTLS_CTR_DRBG_C
MACRUM 0:119624335925 1751
MACRUM 0:119624335925 1752 /**
MACRUM 0:119624335925 1753 * \def MBEDTLS_DEBUG_C
MACRUM 0:119624335925 1754 *
MACRUM 0:119624335925 1755 * Enable the debug functions.
MACRUM 0:119624335925 1756 *
MACRUM 0:119624335925 1757 * Module: library/debug.c
MACRUM 0:119624335925 1758 * Caller: library/ssl_cli.c
MACRUM 0:119624335925 1759 * library/ssl_srv.c
MACRUM 0:119624335925 1760 * library/ssl_tls.c
MACRUM 0:119624335925 1761 *
MACRUM 0:119624335925 1762 * This module provides debugging functions.
MACRUM 0:119624335925 1763 */
MACRUM 0:119624335925 1764 //#define MBEDTLS_DEBUG_C
MACRUM 0:119624335925 1765
MACRUM 0:119624335925 1766 /**
MACRUM 0:119624335925 1767 * \def MBEDTLS_DES_C
MACRUM 0:119624335925 1768 *
MACRUM 0:119624335925 1769 * Enable the DES block cipher.
MACRUM 0:119624335925 1770 *
MACRUM 0:119624335925 1771 * Module: library/des.c
MACRUM 0:119624335925 1772 * Caller: library/pem.c
MACRUM 0:119624335925 1773 * library/ssl_tls.c
MACRUM 0:119624335925 1774 *
MACRUM 0:119624335925 1775 * This module enables the following ciphersuites (if other requisites are
MACRUM 0:119624335925 1776 * enabled as well):
MACRUM 0:119624335925 1777 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1778 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1779 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1780 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1781 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1782 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1783 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1784 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1785 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1786 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
MACRUM 0:119624335925 1787 *
MACRUM 0:119624335925 1788 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
MACRUM 0:119624335925 1789 */
MACRUM 0:119624335925 1790 //#define MBEDTLS_DES_C
MACRUM 0:119624335925 1791
MACRUM 0:119624335925 1792 /**
MACRUM 0:119624335925 1793 * \def MBEDTLS_DHM_C
MACRUM 0:119624335925 1794 *
MACRUM 0:119624335925 1795 * Enable the Diffie-Hellman-Merkle module.
MACRUM 0:119624335925 1796 *
MACRUM 0:119624335925 1797 * Module: library/dhm.c
MACRUM 0:119624335925 1798 * Caller: library/ssl_cli.c
MACRUM 0:119624335925 1799 * library/ssl_srv.c
MACRUM 0:119624335925 1800 *
MACRUM 0:119624335925 1801 * This module is used by the following key exchanges:
MACRUM 0:119624335925 1802 * DHE-RSA, DHE-PSK
MACRUM 0:119624335925 1803 */
MACRUM 0:119624335925 1804 //#define MBEDTLS_DHM_C
MACRUM 0:119624335925 1805
MACRUM 0:119624335925 1806 /**
MACRUM 0:119624335925 1807 * \def MBEDTLS_ECDH_C
MACRUM 0:119624335925 1808 *
MACRUM 0:119624335925 1809 * Enable the elliptic curve Diffie-Hellman library.
MACRUM 0:119624335925 1810 *
MACRUM 0:119624335925 1811 * Module: library/ecdh.c
MACRUM 0:119624335925 1812 * Caller: library/ssl_cli.c
MACRUM 0:119624335925 1813 * library/ssl_srv.c
MACRUM 0:119624335925 1814 *
MACRUM 0:119624335925 1815 * This module is used by the following key exchanges:
MACRUM 0:119624335925 1816 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
MACRUM 0:119624335925 1817 *
MACRUM 0:119624335925 1818 * Requires: MBEDTLS_ECP_C
MACRUM 0:119624335925 1819 */
MACRUM 0:119624335925 1820 #define MBEDTLS_ECDH_C
MACRUM 0:119624335925 1821
MACRUM 0:119624335925 1822 /**
MACRUM 0:119624335925 1823 * \def MBEDTLS_ECDSA_C
MACRUM 0:119624335925 1824 *
MACRUM 0:119624335925 1825 * Enable the elliptic curve DSA library.
MACRUM 0:119624335925 1826 *
MACRUM 0:119624335925 1827 * Module: library/ecdsa.c
MACRUM 0:119624335925 1828 * Caller:
MACRUM 0:119624335925 1829 *
MACRUM 0:119624335925 1830 * This module is used by the following key exchanges:
MACRUM 0:119624335925 1831 * ECDHE-ECDSA
MACRUM 0:119624335925 1832 *
MACRUM 0:119624335925 1833 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
MACRUM 0:119624335925 1834 */
MACRUM 0:119624335925 1835 #define MBEDTLS_ECDSA_C
MACRUM 0:119624335925 1836
MACRUM 0:119624335925 1837 /**
MACRUM 0:119624335925 1838 * \def MBEDTLS_ECJPAKE_C
MACRUM 0:119624335925 1839 *
MACRUM 0:119624335925 1840 * Enable the elliptic curve J-PAKE library.
MACRUM 0:119624335925 1841 *
MACRUM 0:119624335925 1842 * \warning This is currently experimental. EC J-PAKE support is based on the
MACRUM 0:119624335925 1843 * Thread v1.0.0 specification; incompatible changes to the specification
MACRUM 0:119624335925 1844 * might still happen. For this reason, this is disabled by default.
MACRUM 0:119624335925 1845 *
MACRUM 0:119624335925 1846 * Module: library/ecjpake.c
MACRUM 0:119624335925 1847 * Caller:
MACRUM 0:119624335925 1848 *
MACRUM 0:119624335925 1849 * This module is used by the following key exchanges:
MACRUM 0:119624335925 1850 * ECJPAKE
MACRUM 0:119624335925 1851 *
MACRUM 0:119624335925 1852 * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
MACRUM 0:119624335925 1853 */
MACRUM 0:119624335925 1854 //#define MBEDTLS_ECJPAKE_C
MACRUM 0:119624335925 1855
MACRUM 0:119624335925 1856 /**
MACRUM 0:119624335925 1857 * \def MBEDTLS_ECP_C
MACRUM 0:119624335925 1858 *
MACRUM 0:119624335925 1859 * Enable the elliptic curve over GF(p) library.
MACRUM 0:119624335925 1860 *
MACRUM 0:119624335925 1861 * Module: library/ecp.c
MACRUM 0:119624335925 1862 * Caller: library/ecdh.c
MACRUM 0:119624335925 1863 * library/ecdsa.c
MACRUM 0:119624335925 1864 * library/ecjpake.c
MACRUM 0:119624335925 1865 *
MACRUM 0:119624335925 1866 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
MACRUM 0:119624335925 1867 */
MACRUM 0:119624335925 1868 #define MBEDTLS_ECP_C
MACRUM 0:119624335925 1869
MACRUM 0:119624335925 1870 /**
MACRUM 0:119624335925 1871 * \def MBEDTLS_ENTROPY_C
MACRUM 0:119624335925 1872 *
MACRUM 0:119624335925 1873 * Enable the platform-specific entropy code.
MACRUM 0:119624335925 1874 *
MACRUM 0:119624335925 1875 * Module: library/entropy.c
MACRUM 0:119624335925 1876 * Caller:
MACRUM 0:119624335925 1877 *
MACRUM 0:119624335925 1878 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
MACRUM 0:119624335925 1879 *
MACRUM 0:119624335925 1880 * This module provides a generic entropy pool
MACRUM 0:119624335925 1881 */
MACRUM 0:119624335925 1882 #define MBEDTLS_ENTROPY_C
MACRUM 0:119624335925 1883
MACRUM 0:119624335925 1884 /**
MACRUM 0:119624335925 1885 * \def MBEDTLS_ERROR_C
MACRUM 0:119624335925 1886 *
MACRUM 0:119624335925 1887 * Enable error code to error string conversion.
MACRUM 0:119624335925 1888 *
MACRUM 0:119624335925 1889 * Module: library/error.c
MACRUM 0:119624335925 1890 * Caller:
MACRUM 0:119624335925 1891 *
MACRUM 0:119624335925 1892 * This module enables mbedtls_strerror().
MACRUM 0:119624335925 1893 */
MACRUM 0:119624335925 1894 //#define MBEDTLS_ERROR_C
MACRUM 0:119624335925 1895
MACRUM 0:119624335925 1896 /**
MACRUM 0:119624335925 1897 * \def MBEDTLS_GCM_C
MACRUM 0:119624335925 1898 *
MACRUM 0:119624335925 1899 * Enable the Galois/Counter Mode (GCM) for AES.
MACRUM 0:119624335925 1900 *
MACRUM 0:119624335925 1901 * Module: library/gcm.c
MACRUM 0:119624335925 1902 *
MACRUM 0:119624335925 1903 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
MACRUM 0:119624335925 1904 *
MACRUM 0:119624335925 1905 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
MACRUM 0:119624335925 1906 * requisites are enabled as well.
MACRUM 0:119624335925 1907 */
MACRUM 0:119624335925 1908 //#define MBEDTLS_GCM_C
MACRUM 0:119624335925 1909
MACRUM 0:119624335925 1910 /**
MACRUM 0:119624335925 1911 * \def MBEDTLS_HAVEGE_C
MACRUM 0:119624335925 1912 *
MACRUM 0:119624335925 1913 * Enable the HAVEGE random generator.
MACRUM 0:119624335925 1914 *
MACRUM 0:119624335925 1915 * Warning: the HAVEGE random generator is not suitable for virtualized
MACRUM 0:119624335925 1916 * environments
MACRUM 0:119624335925 1917 *
MACRUM 0:119624335925 1918 * Warning: the HAVEGE random generator is dependent on timing and specific
MACRUM 0:119624335925 1919 * processor traits. It is therefore not advised to use HAVEGE as
MACRUM 0:119624335925 1920 * your applications primary random generator or primary entropy pool
MACRUM 0:119624335925 1921 * input. As a secondary input to your entropy pool, it IS able add
MACRUM 0:119624335925 1922 * the (limited) extra entropy it provides.
MACRUM 0:119624335925 1923 *
MACRUM 0:119624335925 1924 * Module: library/havege.c
MACRUM 0:119624335925 1925 * Caller:
MACRUM 0:119624335925 1926 *
MACRUM 0:119624335925 1927 * Requires: MBEDTLS_TIMING_C
MACRUM 0:119624335925 1928 *
MACRUM 0:119624335925 1929 * Uncomment to enable the HAVEGE random generator.
MACRUM 0:119624335925 1930 */
MACRUM 0:119624335925 1931 //#define MBEDTLS_HAVEGE_C
MACRUM 0:119624335925 1932
MACRUM 0:119624335925 1933 /**
MACRUM 0:119624335925 1934 * \def MBEDTLS_HMAC_DRBG_C
MACRUM 0:119624335925 1935 *
MACRUM 0:119624335925 1936 * Enable the HMAC_DRBG random generator.
MACRUM 0:119624335925 1937 *
MACRUM 0:119624335925 1938 * Module: library/hmac_drbg.c
MACRUM 0:119624335925 1939 * Caller:
MACRUM 0:119624335925 1940 *
MACRUM 0:119624335925 1941 * Requires: MBEDTLS_MD_C
MACRUM 0:119624335925 1942 *
MACRUM 0:119624335925 1943 * Uncomment to enable the HMAC_DRBG random number geerator.
MACRUM 0:119624335925 1944 */
MACRUM 0:119624335925 1945 #define MBEDTLS_HMAC_DRBG_C
MACRUM 0:119624335925 1946
MACRUM 0:119624335925 1947 /**
MACRUM 0:119624335925 1948 * \def MBEDTLS_MD_C
MACRUM 0:119624335925 1949 *
MACRUM 0:119624335925 1950 * Enable the generic message digest layer.
MACRUM 0:119624335925 1951 *
MACRUM 0:119624335925 1952 * Module: library/md.c
MACRUM 0:119624335925 1953 * Caller:
MACRUM 0:119624335925 1954 *
MACRUM 0:119624335925 1955 * Uncomment to enable generic message digest wrappers.
MACRUM 0:119624335925 1956 */
MACRUM 0:119624335925 1957 #define MBEDTLS_MD_C
MACRUM 0:119624335925 1958
MACRUM 0:119624335925 1959 /**
MACRUM 0:119624335925 1960 * \def MBEDTLS_MD2_C
MACRUM 0:119624335925 1961 *
MACRUM 0:119624335925 1962 * Enable the MD2 hash algorithm.
MACRUM 0:119624335925 1963 *
MACRUM 0:119624335925 1964 * Module: library/md2.c
MACRUM 0:119624335925 1965 * Caller:
MACRUM 0:119624335925 1966 *
MACRUM 0:119624335925 1967 * Uncomment to enable support for (rare) MD2-signed X.509 certs.
MACRUM 0:119624335925 1968 */
MACRUM 0:119624335925 1969 //#define MBEDTLS_MD2_C
MACRUM 0:119624335925 1970
MACRUM 0:119624335925 1971 /**
MACRUM 0:119624335925 1972 * \def MBEDTLS_MD4_C
MACRUM 0:119624335925 1973 *
MACRUM 0:119624335925 1974 * Enable the MD4 hash algorithm.
MACRUM 0:119624335925 1975 *
MACRUM 0:119624335925 1976 * Module: library/md4.c
MACRUM 0:119624335925 1977 * Caller:
MACRUM 0:119624335925 1978 *
MACRUM 0:119624335925 1979 * Uncomment to enable support for (rare) MD4-signed X.509 certs.
MACRUM 0:119624335925 1980 */
MACRUM 0:119624335925 1981 //#define MBEDTLS_MD4_C
MACRUM 0:119624335925 1982
MACRUM 0:119624335925 1983 /**
MACRUM 0:119624335925 1984 * \def MBEDTLS_MD5_C
MACRUM 0:119624335925 1985 *
MACRUM 0:119624335925 1986 * Enable the MD5 hash algorithm.
MACRUM 0:119624335925 1987 *
MACRUM 0:119624335925 1988 * Module: library/md5.c
MACRUM 0:119624335925 1989 * Caller: library/md.c
MACRUM 0:119624335925 1990 * library/pem.c
MACRUM 0:119624335925 1991 * library/ssl_tls.c
MACRUM 0:119624335925 1992 *
MACRUM 0:119624335925 1993 * This module is required for SSL/TLS and X.509.
MACRUM 0:119624335925 1994 * PEM_PARSE uses MD5 for decrypting encrypted keys.
MACRUM 0:119624335925 1995 */
MACRUM 0:119624335925 1996 //#define MBEDTLS_MD5_C
MACRUM 0:119624335925 1997
MACRUM 0:119624335925 1998 /**
MACRUM 0:119624335925 1999 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
MACRUM 0:119624335925 2000 *
MACRUM 0:119624335925 2001 * Enable the buffer allocator implementation that makes use of a (stack)
MACRUM 0:119624335925 2002 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
MACRUM 0:119624335925 2003 * calls)
MACRUM 0:119624335925 2004 *
MACRUM 0:119624335925 2005 * Module: library/memory_buffer_alloc.c
MACRUM 0:119624335925 2006 *
MACRUM 0:119624335925 2007 * Requires: MBEDTLS_PLATFORM_C
MACRUM 0:119624335925 2008 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
MACRUM 0:119624335925 2009 *
MACRUM 0:119624335925 2010 * Enable this module to enable the buffer memory allocator.
MACRUM 0:119624335925 2011 */
MACRUM 0:119624335925 2012 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
MACRUM 0:119624335925 2013
MACRUM 0:119624335925 2014 /**
MACRUM 0:119624335925 2015 * \def MBEDTLS_NET_C
MACRUM 0:119624335925 2016 *
MACRUM 0:119624335925 2017 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
MACRUM 0:119624335925 2018 *
MACRUM 0:119624335925 2019 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
MACRUM 0:119624335925 2020 * and Windows. For other platforms, you'll want to disable it, and write your
MACRUM 0:119624335925 2021 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
MACRUM 0:119624335925 2022 *
MACRUM 0:119624335925 2023 * \note See also our Knowledge Base article about porting to a new
MACRUM 0:119624335925 2024 * environment:
MACRUM 0:119624335925 2025 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
MACRUM 0:119624335925 2026 *
MACRUM 0:119624335925 2027 * Module: library/net_sockets.c
MACRUM 0:119624335925 2028 *
MACRUM 0:119624335925 2029 * This module provides networking routines.
MACRUM 0:119624335925 2030 */
MACRUM 0:119624335925 2031 //#define MBEDTLS_NET_C
MACRUM 0:119624335925 2032
MACRUM 0:119624335925 2033 /**
MACRUM 0:119624335925 2034 * \def MBEDTLS_OID_C
MACRUM 0:119624335925 2035 *
MACRUM 0:119624335925 2036 * Enable the OID database.
MACRUM 0:119624335925 2037 *
MACRUM 0:119624335925 2038 * Module: library/oid.c
MACRUM 0:119624335925 2039 * Caller: library/asn1write.c
MACRUM 0:119624335925 2040 * library/pkcs5.c
MACRUM 0:119624335925 2041 * library/pkparse.c
MACRUM 0:119624335925 2042 * library/pkwrite.c
MACRUM 0:119624335925 2043 * library/rsa.c
MACRUM 0:119624335925 2044 * library/x509.c
MACRUM 0:119624335925 2045 * library/x509_create.c
MACRUM 0:119624335925 2046 * library/x509_crl.c
MACRUM 0:119624335925 2047 * library/x509_crt.c
MACRUM 0:119624335925 2048 * library/x509_csr.c
MACRUM 0:119624335925 2049 * library/x509write_crt.c
MACRUM 0:119624335925 2050 * library/x509write_csr.c
MACRUM 0:119624335925 2051 *
MACRUM 0:119624335925 2052 * This modules translates between OIDs and internal values.
MACRUM 0:119624335925 2053 */
MACRUM 0:119624335925 2054 #define MBEDTLS_OID_C
MACRUM 0:119624335925 2055
MACRUM 0:119624335925 2056 /**
MACRUM 0:119624335925 2057 * \def MBEDTLS_PADLOCK_C
MACRUM 0:119624335925 2058 *
MACRUM 0:119624335925 2059 * Enable VIA Padlock support on x86.
MACRUM 0:119624335925 2060 *
MACRUM 0:119624335925 2061 * Module: library/padlock.c
MACRUM 0:119624335925 2062 * Caller: library/aes.c
MACRUM 0:119624335925 2063 *
MACRUM 0:119624335925 2064 * Requires: MBEDTLS_HAVE_ASM
MACRUM 0:119624335925 2065 *
MACRUM 0:119624335925 2066 * This modules adds support for the VIA PadLock on x86.
MACRUM 0:119624335925 2067 */
MACRUM 0:119624335925 2068 //#define MBEDTLS_PADLOCK_C
MACRUM 0:119624335925 2069
MACRUM 0:119624335925 2070 /**
MACRUM 0:119624335925 2071 * \def MBEDTLS_PEM_PARSE_C
MACRUM 0:119624335925 2072 *
MACRUM 0:119624335925 2073 * Enable PEM decoding / parsing.
MACRUM 0:119624335925 2074 *
MACRUM 0:119624335925 2075 * Module: library/pem.c
MACRUM 0:119624335925 2076 * Caller: library/dhm.c
MACRUM 0:119624335925 2077 * library/pkparse.c
MACRUM 0:119624335925 2078 * library/x509_crl.c
MACRUM 0:119624335925 2079 * library/x509_crt.c
MACRUM 0:119624335925 2080 * library/x509_csr.c
MACRUM 0:119624335925 2081 *
MACRUM 0:119624335925 2082 * Requires: MBEDTLS_BASE64_C
MACRUM 0:119624335925 2083 *
MACRUM 0:119624335925 2084 * This modules adds support for decoding / parsing PEM files.
MACRUM 0:119624335925 2085 */
MACRUM 0:119624335925 2086 //#define MBEDTLS_PEM_PARSE_C
MACRUM 0:119624335925 2087
MACRUM 0:119624335925 2088 /**
MACRUM 0:119624335925 2089 * \def MBEDTLS_PEM_WRITE_C
MACRUM 0:119624335925 2090 *
MACRUM 0:119624335925 2091 * Enable PEM encoding / writing.
MACRUM 0:119624335925 2092 *
MACRUM 0:119624335925 2093 * Module: library/pem.c
MACRUM 0:119624335925 2094 * Caller: library/pkwrite.c
MACRUM 0:119624335925 2095 * library/x509write_crt.c
MACRUM 0:119624335925 2096 * library/x509write_csr.c
MACRUM 0:119624335925 2097 *
MACRUM 0:119624335925 2098 * Requires: MBEDTLS_BASE64_C
MACRUM 0:119624335925 2099 *
MACRUM 0:119624335925 2100 * This modules adds support for encoding / writing PEM files.
MACRUM 0:119624335925 2101 */
MACRUM 0:119624335925 2102 //#define MBEDTLS_PEM_WRITE_C
MACRUM 0:119624335925 2103
MACRUM 0:119624335925 2104 /**
MACRUM 0:119624335925 2105 * \def MBEDTLS_PK_C
MACRUM 0:119624335925 2106 *
MACRUM 0:119624335925 2107 * Enable the generic public (asymetric) key layer.
MACRUM 0:119624335925 2108 *
MACRUM 0:119624335925 2109 * Module: library/pk.c
MACRUM 0:119624335925 2110 * Caller: library/ssl_tls.c
MACRUM 0:119624335925 2111 * library/ssl_cli.c
MACRUM 0:119624335925 2112 * library/ssl_srv.c
MACRUM 0:119624335925 2113 *
MACRUM 0:119624335925 2114 * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
MACRUM 0:119624335925 2115 *
MACRUM 0:119624335925 2116 * Uncomment to enable generic public key wrappers.
MACRUM 0:119624335925 2117 */
MACRUM 0:119624335925 2118 #define MBEDTLS_PK_C
MACRUM 0:119624335925 2119
MACRUM 0:119624335925 2120 /**
MACRUM 0:119624335925 2121 * \def MBEDTLS_PK_PARSE_C
MACRUM 0:119624335925 2122 *
MACRUM 0:119624335925 2123 * Enable the generic public (asymetric) key parser.
MACRUM 0:119624335925 2124 *
MACRUM 0:119624335925 2125 * Module: library/pkparse.c
MACRUM 0:119624335925 2126 * Caller: library/x509_crt.c
MACRUM 0:119624335925 2127 * library/x509_csr.c
MACRUM 0:119624335925 2128 *
MACRUM 0:119624335925 2129 * Requires: MBEDTLS_PK_C
MACRUM 0:119624335925 2130 *
MACRUM 0:119624335925 2131 * Uncomment to enable generic public key parse functions.
MACRUM 0:119624335925 2132 */
MACRUM 0:119624335925 2133 #define MBEDTLS_PK_PARSE_C
MACRUM 0:119624335925 2134
MACRUM 0:119624335925 2135 /**
MACRUM 0:119624335925 2136 * \def MBEDTLS_PK_WRITE_C
MACRUM 0:119624335925 2137 *
MACRUM 0:119624335925 2138 * Enable the generic public (asymetric) key writer.
MACRUM 0:119624335925 2139 *
MACRUM 0:119624335925 2140 * Module: library/pkwrite.c
MACRUM 0:119624335925 2141 * Caller: library/x509write.c
MACRUM 0:119624335925 2142 *
MACRUM 0:119624335925 2143 * Requires: MBEDTLS_PK_C
MACRUM 0:119624335925 2144 *
MACRUM 0:119624335925 2145 * Uncomment to enable generic public key write functions.
MACRUM 0:119624335925 2146 */
MACRUM 0:119624335925 2147 #define MBEDTLS_PK_WRITE_C
MACRUM 0:119624335925 2148
MACRUM 0:119624335925 2149 /**
MACRUM 0:119624335925 2150 * \def MBEDTLS_PKCS5_C
MACRUM 0:119624335925 2151 *
MACRUM 0:119624335925 2152 * Enable PKCS#5 functions.
MACRUM 0:119624335925 2153 *
MACRUM 0:119624335925 2154 * Module: library/pkcs5.c
MACRUM 0:119624335925 2155 *
MACRUM 0:119624335925 2156 * Requires: MBEDTLS_MD_C
MACRUM 0:119624335925 2157 *
MACRUM 0:119624335925 2158 * This module adds support for the PKCS#5 functions.
MACRUM 0:119624335925 2159 */
MACRUM 0:119624335925 2160 //#define MBEDTLS_PKCS5_C
MACRUM 0:119624335925 2161
MACRUM 0:119624335925 2162 /**
MACRUM 0:119624335925 2163 * \def MBEDTLS_PKCS11_C
MACRUM 0:119624335925 2164 *
MACRUM 0:119624335925 2165 * Enable wrapper for PKCS#11 smartcard support.
MACRUM 0:119624335925 2166 *
MACRUM 0:119624335925 2167 * Module: library/pkcs11.c
MACRUM 0:119624335925 2168 * Caller: library/pk.c
MACRUM 0:119624335925 2169 *
MACRUM 0:119624335925 2170 * Requires: MBEDTLS_PK_C
MACRUM 0:119624335925 2171 *
MACRUM 0:119624335925 2172 * This module enables SSL/TLS PKCS #11 smartcard support.
MACRUM 0:119624335925 2173 * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
MACRUM 0:119624335925 2174 */
MACRUM 0:119624335925 2175 //#define MBEDTLS_PKCS11_C
MACRUM 0:119624335925 2176
MACRUM 0:119624335925 2177 /**
MACRUM 0:119624335925 2178 * \def MBEDTLS_PKCS12_C
MACRUM 0:119624335925 2179 *
MACRUM 0:119624335925 2180 * Enable PKCS#12 PBE functions.
MACRUM 0:119624335925 2181 * Adds algorithms for parsing PKCS#8 encrypted private keys
MACRUM 0:119624335925 2182 *
MACRUM 0:119624335925 2183 * Module: library/pkcs12.c
MACRUM 0:119624335925 2184 * Caller: library/pkparse.c
MACRUM 0:119624335925 2185 *
MACRUM 0:119624335925 2186 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
MACRUM 0:119624335925 2187 * Can use: MBEDTLS_ARC4_C
MACRUM 0:119624335925 2188 *
MACRUM 0:119624335925 2189 * This module enables PKCS#12 functions.
MACRUM 0:119624335925 2190 */
MACRUM 0:119624335925 2191 //#define MBEDTLS_PKCS12_C
MACRUM 0:119624335925 2192
MACRUM 0:119624335925 2193 /**
MACRUM 0:119624335925 2194 * \def MBEDTLS_PLATFORM_C
MACRUM 0:119624335925 2195 *
MACRUM 0:119624335925 2196 * Enable the platform abstraction layer that allows you to re-assign
MACRUM 0:119624335925 2197 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
MACRUM 0:119624335925 2198 *
MACRUM 0:119624335925 2199 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
MACRUM 0:119624335925 2200 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
MACRUM 0:119624335925 2201 * above to be specified at runtime or compile time respectively.
MACRUM 0:119624335925 2202 *
MACRUM 0:119624335925 2203 * \note This abstraction layer must be enabled on Windows (including MSYS2)
MACRUM 0:119624335925 2204 * as other module rely on it for a fixed snprintf implementation.
MACRUM 0:119624335925 2205 *
MACRUM 0:119624335925 2206 * Module: library/platform.c
MACRUM 0:119624335925 2207 * Caller: Most other .c files
MACRUM 0:119624335925 2208 *
MACRUM 0:119624335925 2209 * This module enables abstraction of common (libc) functions.
MACRUM 0:119624335925 2210 */
MACRUM 0:119624335925 2211 #define MBEDTLS_PLATFORM_C
MACRUM 0:119624335925 2212
MACRUM 0:119624335925 2213 /**
MACRUM 0:119624335925 2214 * \def MBEDTLS_RIPEMD160_C
MACRUM 0:119624335925 2215 *
MACRUM 0:119624335925 2216 * Enable the RIPEMD-160 hash algorithm.
MACRUM 0:119624335925 2217 *
MACRUM 0:119624335925 2218 * Module: library/ripemd160.c
MACRUM 0:119624335925 2219 * Caller: library/md.c
MACRUM 0:119624335925 2220 *
MACRUM 0:119624335925 2221 */
MACRUM 0:119624335925 2222 //#define MBEDTLS_RIPEMD160_C
MACRUM 0:119624335925 2223
MACRUM 0:119624335925 2224 /**
MACRUM 0:119624335925 2225 * \def MBEDTLS_RSA_C
MACRUM 0:119624335925 2226 *
MACRUM 0:119624335925 2227 * Enable the RSA public-key cryptosystem.
MACRUM 0:119624335925 2228 *
MACRUM 0:119624335925 2229 * Module: library/rsa.c
MACRUM 0:119624335925 2230 * Caller: library/ssl_cli.c
MACRUM 0:119624335925 2231 * library/ssl_srv.c
MACRUM 0:119624335925 2232 * library/ssl_tls.c
MACRUM 0:119624335925 2233 * library/x509.c
MACRUM 0:119624335925 2234 *
MACRUM 0:119624335925 2235 * This module is used by the following key exchanges:
MACRUM 0:119624335925 2236 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
MACRUM 0:119624335925 2237 *
MACRUM 0:119624335925 2238 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
MACRUM 0:119624335925 2239 */
MACRUM 0:119624335925 2240 //#define MBEDTLS_RSA_C
MACRUM 0:119624335925 2241
MACRUM 0:119624335925 2242 /**
MACRUM 0:119624335925 2243 * \def MBEDTLS_SHA1_C
MACRUM 0:119624335925 2244 *
MACRUM 0:119624335925 2245 * Enable the SHA1 cryptographic hash algorithm.
MACRUM 0:119624335925 2246 *
MACRUM 0:119624335925 2247 * Module: library/sha1.c
MACRUM 0:119624335925 2248 * Caller: library/md.c
MACRUM 0:119624335925 2249 * library/ssl_cli.c
MACRUM 0:119624335925 2250 * library/ssl_srv.c
MACRUM 0:119624335925 2251 * library/ssl_tls.c
MACRUM 0:119624335925 2252 * library/x509write_crt.c
MACRUM 0:119624335925 2253 *
MACRUM 0:119624335925 2254 * This module is required for SSL/TLS and SHA1-signed certificates.
MACRUM 0:119624335925 2255 */
MACRUM 0:119624335925 2256 //#define MBEDTLS_SHA1_C
MACRUM 0:119624335925 2257
MACRUM 0:119624335925 2258 /**
MACRUM 0:119624335925 2259 * \def MBEDTLS_SHA256_C
MACRUM 0:119624335925 2260 *
MACRUM 0:119624335925 2261 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
MACRUM 0:119624335925 2262 *
MACRUM 0:119624335925 2263 * Module: library/sha256.c
MACRUM 0:119624335925 2264 * Caller: library/entropy.c
MACRUM 0:119624335925 2265 * library/md.c
MACRUM 0:119624335925 2266 * library/ssl_cli.c
MACRUM 0:119624335925 2267 * library/ssl_srv.c
MACRUM 0:119624335925 2268 * library/ssl_tls.c
MACRUM 0:119624335925 2269 *
MACRUM 0:119624335925 2270 * This module adds support for SHA-224 and SHA-256.
MACRUM 0:119624335925 2271 * This module is required for the SSL/TLS 1.2 PRF function.
MACRUM 0:119624335925 2272 */
MACRUM 0:119624335925 2273 #define MBEDTLS_SHA256_C
MACRUM 0:119624335925 2274
MACRUM 0:119624335925 2275 /**
MACRUM 0:119624335925 2276 * \def MBEDTLS_SHA512_C
MACRUM 0:119624335925 2277 *
MACRUM 0:119624335925 2278 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
MACRUM 0:119624335925 2279 *
MACRUM 0:119624335925 2280 * Module: library/sha512.c
MACRUM 0:119624335925 2281 * Caller: library/entropy.c
MACRUM 0:119624335925 2282 * library/md.c
MACRUM 0:119624335925 2283 * library/ssl_cli.c
MACRUM 0:119624335925 2284 * library/ssl_srv.c
MACRUM 0:119624335925 2285 *
MACRUM 0:119624335925 2286 * This module adds support for SHA-384 and SHA-512.
MACRUM 0:119624335925 2287 */
MACRUM 0:119624335925 2288 //#define MBEDTLS_SHA512_C
MACRUM 0:119624335925 2289
MACRUM 0:119624335925 2290 /**
MACRUM 0:119624335925 2291 * \def MBEDTLS_SSL_CACHE_C
MACRUM 0:119624335925 2292 *
MACRUM 0:119624335925 2293 * Enable simple SSL cache implementation.
MACRUM 0:119624335925 2294 *
MACRUM 0:119624335925 2295 * Module: library/ssl_cache.c
MACRUM 0:119624335925 2296 * Caller:
MACRUM 0:119624335925 2297 *
MACRUM 0:119624335925 2298 * Requires: MBEDTLS_SSL_CACHE_C
MACRUM 0:119624335925 2299 */
MACRUM 0:119624335925 2300 #define MBEDTLS_SSL_CACHE_C
MACRUM 0:119624335925 2301
MACRUM 0:119624335925 2302 /**
MACRUM 0:119624335925 2303 * \def MBEDTLS_SSL_COOKIE_C
MACRUM 0:119624335925 2304 *
MACRUM 0:119624335925 2305 * Enable basic implementation of DTLS cookies for hello verification.
MACRUM 0:119624335925 2306 *
MACRUM 0:119624335925 2307 * Module: library/ssl_cookie.c
MACRUM 0:119624335925 2308 * Caller:
MACRUM 0:119624335925 2309 */
MACRUM 0:119624335925 2310 #define MBEDTLS_SSL_COOKIE_C
MACRUM 0:119624335925 2311
MACRUM 0:119624335925 2312 /**
MACRUM 0:119624335925 2313 * \def MBEDTLS_SSL_TICKET_C
MACRUM 0:119624335925 2314 *
MACRUM 0:119624335925 2315 * Enable an implementation of TLS server-side callbacks for session tickets.
MACRUM 0:119624335925 2316 *
MACRUM 0:119624335925 2317 * Module: library/ssl_ticket.c
MACRUM 0:119624335925 2318 * Caller:
MACRUM 0:119624335925 2319 *
MACRUM 0:119624335925 2320 * Requires: MBEDTLS_CIPHER_C
MACRUM 0:119624335925 2321 */
MACRUM 0:119624335925 2322 #define MBEDTLS_SSL_TICKET_C
MACRUM 0:119624335925 2323
MACRUM 0:119624335925 2324 /**
MACRUM 0:119624335925 2325 * \def MBEDTLS_SSL_CLI_C
MACRUM 0:119624335925 2326 *
MACRUM 0:119624335925 2327 * Enable the SSL/TLS client code.
MACRUM 0:119624335925 2328 *
MACRUM 0:119624335925 2329 * Module: library/ssl_cli.c
MACRUM 0:119624335925 2330 * Caller:
MACRUM 0:119624335925 2331 *
MACRUM 0:119624335925 2332 * Requires: MBEDTLS_SSL_TLS_C
MACRUM 0:119624335925 2333 *
MACRUM 0:119624335925 2334 * This module is required for SSL/TLS client support.
MACRUM 0:119624335925 2335 */
MACRUM 0:119624335925 2336 #define MBEDTLS_SSL_CLI_C
MACRUM 0:119624335925 2337
MACRUM 0:119624335925 2338 /**
MACRUM 0:119624335925 2339 * \def MBEDTLS_SSL_SRV_C
MACRUM 0:119624335925 2340 *
MACRUM 0:119624335925 2341 * Enable the SSL/TLS server code.
MACRUM 0:119624335925 2342 *
MACRUM 0:119624335925 2343 * Module: library/ssl_srv.c
MACRUM 0:119624335925 2344 * Caller:
MACRUM 0:119624335925 2345 *
MACRUM 0:119624335925 2346 * Requires: MBEDTLS_SSL_TLS_C
MACRUM 0:119624335925 2347 *
MACRUM 0:119624335925 2348 * This module is required for SSL/TLS server support.
MACRUM 0:119624335925 2349 */
MACRUM 0:119624335925 2350 //#define MBEDTLS_SSL_SRV_C
MACRUM 0:119624335925 2351
MACRUM 0:119624335925 2352 /**
MACRUM 0:119624335925 2353 * \def MBEDTLS_SSL_TLS_C
MACRUM 0:119624335925 2354 *
MACRUM 0:119624335925 2355 * Enable the generic SSL/TLS code.
MACRUM 0:119624335925 2356 *
MACRUM 0:119624335925 2357 * Module: library/ssl_tls.c
MACRUM 0:119624335925 2358 * Caller: library/ssl_cli.c
MACRUM 0:119624335925 2359 * library/ssl_srv.c
MACRUM 0:119624335925 2360 *
MACRUM 0:119624335925 2361 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
MACRUM 0:119624335925 2362 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
MACRUM 0:119624335925 2363 *
MACRUM 0:119624335925 2364 * This module is required for SSL/TLS.
MACRUM 0:119624335925 2365 */
MACRUM 0:119624335925 2366 #define MBEDTLS_SSL_TLS_C
MACRUM 0:119624335925 2367
MACRUM 0:119624335925 2368 /**
MACRUM 0:119624335925 2369 * \def MBEDTLS_THREADING_C
MACRUM 0:119624335925 2370 *
MACRUM 0:119624335925 2371 * Enable the threading abstraction layer.
MACRUM 0:119624335925 2372 * By default mbed TLS assumes it is used in a non-threaded environment or that
MACRUM 0:119624335925 2373 * contexts are not shared between threads. If you do intend to use contexts
MACRUM 0:119624335925 2374 * between threads, you will need to enable this layer to prevent race
MACRUM 0:119624335925 2375 * conditions. See also our Knowledge Base article about threading:
MACRUM 0:119624335925 2376 * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
MACRUM 0:119624335925 2377 *
MACRUM 0:119624335925 2378 * Module: library/threading.c
MACRUM 0:119624335925 2379 *
MACRUM 0:119624335925 2380 * This allows different threading implementations (self-implemented or
MACRUM 0:119624335925 2381 * provided).
MACRUM 0:119624335925 2382 *
MACRUM 0:119624335925 2383 * You will have to enable either MBEDTLS_THREADING_ALT or
MACRUM 0:119624335925 2384 * MBEDTLS_THREADING_PTHREAD.
MACRUM 0:119624335925 2385 *
MACRUM 0:119624335925 2386 * Enable this layer to allow use of mutexes within mbed TLS
MACRUM 0:119624335925 2387 */
MACRUM 0:119624335925 2388 //#define MBEDTLS_THREADING_C
MACRUM 0:119624335925 2389
MACRUM 0:119624335925 2390 /**
MACRUM 0:119624335925 2391 * \def MBEDTLS_TIMING_C
MACRUM 0:119624335925 2392 *
MACRUM 0:119624335925 2393 * Enable the semi-portable timing interface.
MACRUM 0:119624335925 2394 *
MACRUM 0:119624335925 2395 * \note The provided implementation only works on POSIX/Unix (including Linux,
MACRUM 0:119624335925 2396 * BSD and OS X) and Windows. On other platforms, you can either disable that
MACRUM 0:119624335925 2397 * module and provide your own implementations of the callbacks needed by
MACRUM 0:119624335925 2398 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
MACRUM 0:119624335925 2399 * your own implementation of the whole module by setting
MACRUM 0:119624335925 2400 * \c MBEDTLS_TIMING_ALT in the current file.
MACRUM 0:119624335925 2401 *
MACRUM 0:119624335925 2402 * \note See also our Knowledge Base article about porting to a new
MACRUM 0:119624335925 2403 * environment:
MACRUM 0:119624335925 2404 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
MACRUM 0:119624335925 2405 *
MACRUM 0:119624335925 2406 * Module: library/timing.c
MACRUM 0:119624335925 2407 * Caller: library/havege.c
MACRUM 0:119624335925 2408 *
MACRUM 0:119624335925 2409 * This module is used by the HAVEGE random number generator.
MACRUM 0:119624335925 2410 */
MACRUM 0:119624335925 2411 //#define MBEDTLS_TIMING_C
MACRUM 0:119624335925 2412
MACRUM 0:119624335925 2413 /**
MACRUM 0:119624335925 2414 * \def MBEDTLS_VERSION_C
MACRUM 0:119624335925 2415 *
MACRUM 0:119624335925 2416 * Enable run-time version information.
MACRUM 0:119624335925 2417 *
MACRUM 0:119624335925 2418 * Module: library/version.c
MACRUM 0:119624335925 2419 *
MACRUM 0:119624335925 2420 * This module provides run-time version information.
MACRUM 0:119624335925 2421 */
MACRUM 0:119624335925 2422 #define MBEDTLS_VERSION_C
MACRUM 0:119624335925 2423
MACRUM 0:119624335925 2424 /**
MACRUM 0:119624335925 2425 * \def MBEDTLS_X509_USE_C
MACRUM 0:119624335925 2426 *
MACRUM 0:119624335925 2427 * Enable X.509 core for using certificates.
MACRUM 0:119624335925 2428 *
MACRUM 0:119624335925 2429 * Module: library/x509.c
MACRUM 0:119624335925 2430 * Caller: library/x509_crl.c
MACRUM 0:119624335925 2431 * library/x509_crt.c
MACRUM 0:119624335925 2432 * library/x509_csr.c
MACRUM 0:119624335925 2433 *
MACRUM 0:119624335925 2434 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
MACRUM 0:119624335925 2435 * MBEDTLS_PK_PARSE_C
MACRUM 0:119624335925 2436 *
MACRUM 0:119624335925 2437 * This module is required for the X.509 parsing modules.
MACRUM 0:119624335925 2438 */
MACRUM 0:119624335925 2439 #define MBEDTLS_X509_USE_C
MACRUM 0:119624335925 2440
MACRUM 0:119624335925 2441 /**
MACRUM 0:119624335925 2442 * \def MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 2443 *
MACRUM 0:119624335925 2444 * Enable X.509 certificate parsing.
MACRUM 0:119624335925 2445 *
MACRUM 0:119624335925 2446 * Module: library/x509_crt.c
MACRUM 0:119624335925 2447 * Caller: library/ssl_cli.c
MACRUM 0:119624335925 2448 * library/ssl_srv.c
MACRUM 0:119624335925 2449 * library/ssl_tls.c
MACRUM 0:119624335925 2450 *
MACRUM 0:119624335925 2451 * Requires: MBEDTLS_X509_USE_C
MACRUM 0:119624335925 2452 *
MACRUM 0:119624335925 2453 * This module is required for X.509 certificate parsing.
MACRUM 0:119624335925 2454 */
MACRUM 0:119624335925 2455 #define MBEDTLS_X509_CRT_PARSE_C
MACRUM 0:119624335925 2456
MACRUM 0:119624335925 2457 /**
MACRUM 0:119624335925 2458 * \def MBEDTLS_X509_CRL_PARSE_C
MACRUM 0:119624335925 2459 *
MACRUM 0:119624335925 2460 * Enable X.509 CRL parsing.
MACRUM 0:119624335925 2461 *
MACRUM 0:119624335925 2462 * Module: library/x509_crl.c
MACRUM 0:119624335925 2463 * Caller: library/x509_crt.c
MACRUM 0:119624335925 2464 *
MACRUM 0:119624335925 2465 * Requires: MBEDTLS_X509_USE_C
MACRUM 0:119624335925 2466 *
MACRUM 0:119624335925 2467 * This module is required for X.509 CRL parsing.
MACRUM 0:119624335925 2468 */
MACRUM 0:119624335925 2469 #define MBEDTLS_X509_CRL_PARSE_C
MACRUM 0:119624335925 2470
MACRUM 0:119624335925 2471 /**
MACRUM 0:119624335925 2472 * \def MBEDTLS_X509_CSR_PARSE_C
MACRUM 0:119624335925 2473 *
MACRUM 0:119624335925 2474 * Enable X.509 Certificate Signing Request (CSR) parsing.
MACRUM 0:119624335925 2475 *
MACRUM 0:119624335925 2476 * Module: library/x509_csr.c
MACRUM 0:119624335925 2477 * Caller: library/x509_crt_write.c
MACRUM 0:119624335925 2478 *
MACRUM 0:119624335925 2479 * Requires: MBEDTLS_X509_USE_C
MACRUM 0:119624335925 2480 *
MACRUM 0:119624335925 2481 * This module is used for reading X.509 certificate request.
MACRUM 0:119624335925 2482 */
MACRUM 0:119624335925 2483 #define MBEDTLS_X509_CSR_PARSE_C
MACRUM 0:119624335925 2484
MACRUM 0:119624335925 2485 /**
MACRUM 0:119624335925 2486 * \def MBEDTLS_X509_CREATE_C
MACRUM 0:119624335925 2487 *
MACRUM 0:119624335925 2488 * Enable X.509 core for creating certificates.
MACRUM 0:119624335925 2489 *
MACRUM 0:119624335925 2490 * Module: library/x509_create.c
MACRUM 0:119624335925 2491 *
MACRUM 0:119624335925 2492 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
MACRUM 0:119624335925 2493 *
MACRUM 0:119624335925 2494 * This module is the basis for creating X.509 certificates and CSRs.
MACRUM 0:119624335925 2495 */
MACRUM 0:119624335925 2496 #define MBEDTLS_X509_CREATE_C
MACRUM 0:119624335925 2497
MACRUM 0:119624335925 2498 /**
MACRUM 0:119624335925 2499 * \def MBEDTLS_X509_CRT_WRITE_C
MACRUM 0:119624335925 2500 *
MACRUM 0:119624335925 2501 * Enable creating X.509 certificates.
MACRUM 0:119624335925 2502 *
MACRUM 0:119624335925 2503 * Module: library/x509_crt_write.c
MACRUM 0:119624335925 2504 *
MACRUM 0:119624335925 2505 * Requires: MBEDTLS_X509_CREATE_C
MACRUM 0:119624335925 2506 *
MACRUM 0:119624335925 2507 * This module is required for X.509 certificate creation.
MACRUM 0:119624335925 2508 */
MACRUM 0:119624335925 2509 //#define MBEDTLS_X509_CRT_WRITE_C
MACRUM 0:119624335925 2510
MACRUM 0:119624335925 2511 /**
MACRUM 0:119624335925 2512 * \def MBEDTLS_X509_CSR_WRITE_C
MACRUM 0:119624335925 2513 *
MACRUM 0:119624335925 2514 * Enable creating X.509 Certificate Signing Requests (CSR).
MACRUM 0:119624335925 2515 *
MACRUM 0:119624335925 2516 * Module: library/x509_csr_write.c
MACRUM 0:119624335925 2517 *
MACRUM 0:119624335925 2518 * Requires: MBEDTLS_X509_CREATE_C
MACRUM 0:119624335925 2519 *
MACRUM 0:119624335925 2520 * This module is required for X.509 certificate request writing.
MACRUM 0:119624335925 2521 */
MACRUM 0:119624335925 2522 #define MBEDTLS_X509_CSR_WRITE_C
MACRUM 0:119624335925 2523
MACRUM 0:119624335925 2524 /**
MACRUM 0:119624335925 2525 * \def MBEDTLS_XTEA_C
MACRUM 0:119624335925 2526 *
MACRUM 0:119624335925 2527 * Enable the XTEA block cipher.
MACRUM 0:119624335925 2528 *
MACRUM 0:119624335925 2529 * Module: library/xtea.c
MACRUM 0:119624335925 2530 * Caller:
MACRUM 0:119624335925 2531 */
MACRUM 0:119624335925 2532 //#define MBEDTLS_XTEA_C
MACRUM 0:119624335925 2533
MACRUM 0:119624335925 2534 /* \} name SECTION: mbed TLS modules */
MACRUM 0:119624335925 2535
MACRUM 0:119624335925 2536 /**
MACRUM 0:119624335925 2537 * \name SECTION: Module configuration options
MACRUM 0:119624335925 2538 *
MACRUM 0:119624335925 2539 * This section allows for the setting of module specific sizes and
MACRUM 0:119624335925 2540 * configuration options. The default values are already present in the
MACRUM 0:119624335925 2541 * relevant header files and should suffice for the regular use cases.
MACRUM 0:119624335925 2542 *
MACRUM 0:119624335925 2543 * Our advice is to enable options and change their values here
MACRUM 0:119624335925 2544 * only if you have a good reason and know the consequences.
MACRUM 0:119624335925 2545 *
MACRUM 0:119624335925 2546 * Please check the respective header file for documentation on these
MACRUM 0:119624335925 2547 * parameters (to prevent duplicate documentation).
MACRUM 0:119624335925 2548 * \{
MACRUM 0:119624335925 2549 */
MACRUM 0:119624335925 2550
MACRUM 0:119624335925 2551 /* MPI / BIGNUM options */
MACRUM 0:119624335925 2552 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
MACRUM 0:119624335925 2553 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
MACRUM 0:119624335925 2554
MACRUM 0:119624335925 2555 /* CTR_DRBG options */
MACRUM 0:119624335925 2556 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
MACRUM 0:119624335925 2557 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
MACRUM 0:119624335925 2558 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
MACRUM 0:119624335925 2559 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
MACRUM 0:119624335925 2560 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
MACRUM 0:119624335925 2561
MACRUM 0:119624335925 2562 /* HMAC_DRBG options */
MACRUM 0:119624335925 2563 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
MACRUM 0:119624335925 2564 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
MACRUM 0:119624335925 2565 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
MACRUM 0:119624335925 2566 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
MACRUM 0:119624335925 2567
MACRUM 0:119624335925 2568 /* ECP options */
MACRUM 0:119624335925 2569 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
MACRUM 0:119624335925 2570 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
MACRUM 0:119624335925 2571 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
MACRUM 0:119624335925 2572
MACRUM 0:119624335925 2573 /* Entropy options */
MACRUM 0:119624335925 2574 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
MACRUM 0:119624335925 2575 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
MACRUM 0:119624335925 2576 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
MACRUM 0:119624335925 2577
MACRUM 0:119624335925 2578 /* Memory buffer allocator options */
MACRUM 0:119624335925 2579 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
MACRUM 0:119624335925 2580
MACRUM 0:119624335925 2581 /* Platform options */
MACRUM 0:119624335925 2582 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
MACRUM 0:119624335925 2583 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
MACRUM 0:119624335925 2584 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
MACRUM 0:119624335925 2585 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
MACRUM 0:119624335925 2586 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
MACRUM 0:119624335925 2587 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
MACRUM 0:119624335925 2588 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
MACRUM 0:119624335925 2589 /* Note: your snprintf must correclty zero-terminate the buffer! */
MACRUM 0:119624335925 2590 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
MACRUM 0:119624335925 2591 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
MACRUM 0:119624335925 2592 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
MACRUM 0:119624335925 2593 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
MACRUM 0:119624335925 2594 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
MACRUM 0:119624335925 2595 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
MACRUM 0:119624335925 2596
MACRUM 0:119624335925 2597 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
MACRUM 0:119624335925 2598 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
MACRUM 0:119624335925 2599 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
MACRUM 0:119624335925 2600 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
MACRUM 0:119624335925 2601 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
MACRUM 0:119624335925 2602 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
MACRUM 0:119624335925 2603 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
MACRUM 0:119624335925 2604 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
MACRUM 0:119624335925 2605 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
MACRUM 0:119624335925 2606 /* Note: your snprintf must correclty zero-terminate the buffer! */
MACRUM 0:119624335925 2607 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
MACRUM 0:119624335925 2608 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
MACRUM 0:119624335925 2609 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
MACRUM 0:119624335925 2610
MACRUM 0:119624335925 2611 /* SSL Cache options */
MACRUM 0:119624335925 2612 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
MACRUM 0:119624335925 2613 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
MACRUM 0:119624335925 2614
MACRUM 0:119624335925 2615 /* SSL options */
MACRUM 0:119624335925 2616 #define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
MACRUM 0:119624335925 2617 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
MACRUM 0:119624335925 2618 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
MACRUM 0:119624335925 2619 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
MACRUM 0:119624335925 2620
MACRUM 0:119624335925 2621 /**
MACRUM 0:119624335925 2622 * Complete list of ciphersuites to use, in order of preference.
MACRUM 0:119624335925 2623 *
MACRUM 0:119624335925 2624 * \warning No dependency checking is done on that field! This option can only
MACRUM 0:119624335925 2625 * be used to restrict the set of available ciphersuites. It is your
MACRUM 0:119624335925 2626 * responsibility to make sure the needed modules are active.
MACRUM 0:119624335925 2627 *
MACRUM 0:119624335925 2628 * Use this to save a few hundred bytes of ROM (default ordering of all
MACRUM 0:119624335925 2629 * available ciphersuites) and a few to a few hundred bytes of RAM.
MACRUM 0:119624335925 2630 *
MACRUM 0:119624335925 2631 * The value below is only an example, not the default.
MACRUM 0:119624335925 2632 */
MACRUM 0:119624335925 2633 #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, \
MACRUM 0:119624335925 2634 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, \
MACRUM 0:119624335925 2635 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
MACRUM 0:119624335925 2636 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, \
MACRUM 0:119624335925 2637 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
MACRUM 0:119624335925 2638 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
MACRUM 0:119624335925 2639 /* X509 options */
MACRUM 0:119624335925 2640 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
MACRUM 0:119624335925 2641 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
MACRUM 0:119624335925 2642
MACRUM 0:119624335925 2643 /* \} name SECTION: Customisation configuration options */
MACRUM 0:119624335925 2644
MACRUM 0:119624335925 2645 /* Target and application specific configurations */
MACRUM 0:119624335925 2646 //#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
MACRUM 0:119624335925 2647
MACRUM 0:119624335925 2648 #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
MACRUM 0:119624335925 2649 #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
MACRUM 0:119624335925 2650 #endif
MACRUM 0:119624335925 2651
MACRUM 0:119624335925 2652
MACRUM 0:119624335925 2653 #include "check_config.h"
MACRUM 0:119624335925 2654
MACRUM 0:119624335925 2655 #if defined(MBEDTLS_TEST_NULL_ENTROPY)
MACRUM 0:119624335925 2656 #warning "MBEDTLS_TEST_NULL_ENTROPY has been enabled. This " \
MACRUM 0:119624335925 2657 "configuration is not secure and is not suitable for production use"
MACRUM 0:119624335925 2658 #endif
MACRUM 0:119624335925 2659
MACRUM 0:119624335925 2660 #endif /* MBEDTLS_CONFIG_H */