iv123 lin
sample_pir-lights_rgb
lighting-system-firmware/mbedtls_mbed_client_config.h@0:7a352727249b, 2017-06-18 (annotated)
- Committer:
- iv123
- Date:
- Sun Jun 18 10:14:56 2017 +0000
- Revision:
- 0:7a352727249b
Initial commit
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| iv123 | 0:7a352727249b | 1 | /** |
| iv123 | 0:7a352727249b | 2 | * Minimal configuration for using mbedtls as part of mbed-client |
| iv123 | 0:7a352727249b | 3 | * |
| iv123 | 0:7a352727249b | 4 | * NOTE! This is an optimized, minimal configuration for mbed Client. |
| iv123 | 0:7a352727249b | 5 | * We know it works with mbed Client but if you want to add more |
| iv123 | 0:7a352727249b | 6 | * services/communications to the application yourself - please ensure |
| iv123 | 0:7a352727249b | 7 | * you update this configuration accordingly. The default configuration |
| iv123 | 0:7a352727249b | 8 | * can be found from mbedTLS Github: |
| iv123 | 0:7a352727249b | 9 | * |
| iv123 | 0:7a352727249b | 10 | * https://github.com/ARMmbed/mbedtls/blob/development/include/mbedtls/config.h |
| iv123 | 0:7a352727249b | 11 | * |
| iv123 | 0:7a352727249b | 12 | * |
| iv123 | 0:7a352727249b | 13 | * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved |
| iv123 | 0:7a352727249b | 14 | * SPDX-License-Identifier: Apache-2.0 |
| iv123 | 0:7a352727249b | 15 | * |
| iv123 | 0:7a352727249b | 16 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| iv123 | 0:7a352727249b | 17 | * not use this file except in compliance with the License. |
| iv123 | 0:7a352727249b | 18 | * You may obtain a copy of the License at |
| iv123 | 0:7a352727249b | 19 | * |
| iv123 | 0:7a352727249b | 20 | * http://www.apache.org/licenses/LICENSE-2.0 |
| iv123 | 0:7a352727249b | 21 | * |
| iv123 | 0:7a352727249b | 22 | * Unless required by applicable law or agreed to in writing, software |
| iv123 | 0:7a352727249b | 23 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| iv123 | 0:7a352727249b | 24 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| iv123 | 0:7a352727249b | 25 | * See the License for the specific language governing permissions and |
| iv123 | 0:7a352727249b | 26 | * limitations under the License. |
| iv123 | 0:7a352727249b | 27 | * |
| iv123 | 0:7a352727249b | 28 | * This file is part of mbed TLS (https://tls.mbed.org) |
| iv123 | 0:7a352727249b | 29 | */ |
| iv123 | 0:7a352727249b | 30 | |
| iv123 | 0:7a352727249b | 31 | |
| iv123 | 0:7a352727249b | 32 | #ifndef MBEDTLS_CUSTOM_CONFIG_H |
| iv123 | 0:7a352727249b | 33 | #define MBEDTLS_CUSTOM_CONFIG_H |
| iv123 | 0:7a352727249b | 34 | |
| iv123 | 0:7a352727249b | 35 | /* Enable entropy for K64F and K22F. This means entropy is disabled for all other targets. */ |
| iv123 | 0:7a352727249b | 36 | /* Do **NOT** deploy this code in production on other targets! */ |
| iv123 | 0:7a352727249b | 37 | /* See https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool */ |
| iv123 | 0:7a352727249b | 38 | #if defined(TARGET_K64F) || defined(TARGET_K22F) |
| iv123 | 0:7a352727249b | 39 | #undef MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
| iv123 | 0:7a352727249b | 40 | #undef MBEDTLS_TEST_NULL_ENTROPY |
| iv123 | 0:7a352727249b | 41 | #endif |
| iv123 | 0:7a352727249b | 42 | |
| iv123 | 0:7a352727249b | 43 | /* System support */ |
| iv123 | 0:7a352727249b | 44 | #define MBEDTLS_HAVE_ASM |
| iv123 | 0:7a352727249b | 45 | |
| iv123 | 0:7a352727249b | 46 | /* mbed TLS feature support */ |
| iv123 | 0:7a352727249b | 47 | #define MBEDTLS_ECP_DP_SECP256R1_ENABLED |
| iv123 | 0:7a352727249b | 48 | #define MBEDTLS_ECP_NIST_OPTIM |
| iv123 | 0:7a352727249b | 49 | #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH |
| iv123 | 0:7a352727249b | 50 | #define MBEDTLS_SSL_PROTO_TLS1_2 |
| iv123 | 0:7a352727249b | 51 | #define MBEDTLS_SSL_PROTO_DTLS |
| iv123 | 0:7a352727249b | 52 | #define MBEDTLS_SSL_DTLS_ANTI_REPLAY |
| iv123 | 0:7a352727249b | 53 | #define MBEDTLS_SSL_DTLS_HELLO_VERIFY |
| iv123 | 0:7a352727249b | 54 | #define MBEDTLS_SSL_EXPORT_KEYS |
| iv123 | 0:7a352727249b | 55 | |
| iv123 | 0:7a352727249b | 56 | /* mbed TLS modules */ |
| iv123 | 0:7a352727249b | 57 | #define MBEDTLS_AES_C |
| iv123 | 0:7a352727249b | 58 | #define MBEDTLS_ASN1_PARSE_C |
| iv123 | 0:7a352727249b | 59 | #define MBEDTLS_ASN1_WRITE_C |
| iv123 | 0:7a352727249b | 60 | #define MBEDTLS_BIGNUM_C |
| iv123 | 0:7a352727249b | 61 | #define MBEDTLS_CIPHER_C |
| iv123 | 0:7a352727249b | 62 | #define MBEDTLS_CTR_DRBG_C |
| iv123 | 0:7a352727249b | 63 | #define MBEDTLS_ECP_C |
| iv123 | 0:7a352727249b | 64 | #define MBEDTLS_ENTROPY_C |
| iv123 | 0:7a352727249b | 65 | #define MBEDTLS_MD_C |
| iv123 | 0:7a352727249b | 66 | #define MBEDTLS_OID_C |
| iv123 | 0:7a352727249b | 67 | #define MBEDTLS_PK_C |
| iv123 | 0:7a352727249b | 68 | #define MBEDTLS_PK_PARSE_C |
| iv123 | 0:7a352727249b | 69 | #define MBEDTLS_SHA256_C |
| iv123 | 0:7a352727249b | 70 | #define MBEDTLS_SSL_COOKIE_C |
| iv123 | 0:7a352727249b | 71 | #define MBEDTLS_SSL_CLI_C |
| iv123 | 0:7a352727249b | 72 | #define MBEDTLS_SSL_SRV_C |
| iv123 | 0:7a352727249b | 73 | #define MBEDTLS_SSL_TLS_C |
| iv123 | 0:7a352727249b | 74 | |
| iv123 | 0:7a352727249b | 75 | // XXX mbedclient needs these: mbedtls_x509_crt_free, mbedtls_x509_crt_init, mbedtls_x509_crt_parse |
| iv123 | 0:7a352727249b | 76 | #define MBEDTLS_X509_USE_C |
| iv123 | 0:7a352727249b | 77 | #define MBEDTLS_X509_CRT_PARSE_C |
| iv123 | 0:7a352727249b | 78 | |
| iv123 | 0:7a352727249b | 79 | // XXX: clean these up!! |
| iv123 | 0:7a352727249b | 80 | #define MBEDTLS_SHA512_C |
| iv123 | 0:7a352727249b | 81 | #define MBEDTLS_ECDH_C |
| iv123 | 0:7a352727249b | 82 | #define MBEDTLS_GCM_C |
| iv123 | 0:7a352727249b | 83 | |
| iv123 | 0:7a352727249b | 84 | #define MBEDTLS_ECDH_C |
| iv123 | 0:7a352727249b | 85 | #define MBEDTLS_ECDSA_C |
| iv123 | 0:7a352727249b | 86 | #define MBEDTLS_X509_CRT_PARSE_C |
| iv123 | 0:7a352727249b | 87 | |
| iv123 | 0:7a352727249b | 88 | // Remove RSA, save 20KB at total |
| iv123 | 0:7a352727249b | 89 | #undef MBEDTLS_RSA_C |
| iv123 | 0:7a352727249b | 90 | #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
| iv123 | 0:7a352727249b | 91 | |
| iv123 | 0:7a352727249b | 92 | // Remove error messages, save 10KB of ROM |
| iv123 | 0:7a352727249b | 93 | #undef MBEDTLS_ERROR_C |
| iv123 | 0:7a352727249b | 94 | |
| iv123 | 0:7a352727249b | 95 | // Remove selftesting and save 11KB of ROM |
| iv123 | 0:7a352727249b | 96 | #undef MBEDTLS_SELF_TEST |
| iv123 | 0:7a352727249b | 97 | |
| iv123 | 0:7a352727249b | 98 | // Reduces ROM size by 30 kB |
| iv123 | 0:7a352727249b | 99 | #undef MBEDTLS_ERROR_STRERROR_DUMMY |
| iv123 | 0:7a352727249b | 100 | #undef MBEDTLS_VERSION_FEATURES |
| iv123 | 0:7a352727249b | 101 | #undef MBEDTLS_DEBUG_C |
| iv123 | 0:7a352727249b | 102 | |
| iv123 | 0:7a352727249b | 103 | // needed for parsing the certificates |
| iv123 | 0:7a352727249b | 104 | #define MBEDTLS_PEM_PARSE_C |
| iv123 | 0:7a352727249b | 105 | // dep of the previous |
| iv123 | 0:7a352727249b | 106 | #define MBEDTLS_BASE64_C |
| iv123 | 0:7a352727249b | 107 | |
| iv123 | 0:7a352727249b | 108 | // Reduce IO buffer to save RAM, default is 16KB |
| iv123 | 0:7a352727249b | 109 | #define MBEDTLS_SSL_MAX_CONTENT_LEN 2048 |
| iv123 | 0:7a352727249b | 110 | |
| iv123 | 0:7a352727249b | 111 | // define to save 8KB RAM at the expense of ROM |
| iv123 | 0:7a352727249b | 112 | #undef MBEDTLS_AES_ROM_TABLES |
| iv123 | 0:7a352727249b | 113 | |
| iv123 | 0:7a352727249b | 114 | // Save ROM and a few bytes of RAM by specifying our own ciphersuite list |
| iv123 | 0:7a352727249b | 115 | #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
| iv123 | 0:7a352727249b | 116 | |
| iv123 | 0:7a352727249b | 117 | #include "mbedtls/check_config.h" |
| iv123 | 0:7a352727249b | 118 | |
| iv123 | 0:7a352727249b | 119 | #endif /* MBEDTLS_CUSTOM_CONFIG_H */ |