gps_accelerometer - getting location and activity

Users » kimutaingetich » Code » gps_accelerometer

kimutai ngetich / Mbed OS gps_accelerometer

getting location and activity

inc/mbedtls_lora_config.h@0:68ca78749806, 2019-03-11 (annotated)

Committer:: kimutaingetich
Date:: Mon Mar 11 09:24:37 2019 +0000
Revision:: 0:68ca78749806

time changes

Who changed what in which revision?

User	Revision	Line number	New contents of line
kimutaingetich	0:68ca78749806	1	/**
kimutaingetich	0:68ca78749806	2	* \file config.h
kimutaingetich	0:68ca78749806	3	*
kimutaingetich	0:68ca78749806	4	* \brief Configuration options (set of defines)
kimutaingetich	0:68ca78749806	5	*
kimutaingetich	0:68ca78749806	6	* This set of compile-time options may be used to enable
kimutaingetich	0:68ca78749806	7	* or disable features selectively, and reduce the global
kimutaingetich	0:68ca78749806	8	* memory footprint.
kimutaingetich	0:68ca78749806	9	*
kimutaingetich	0:68ca78749806	10	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
kimutaingetich	0:68ca78749806	11	* SPDX-License-Identifier: Apache-2.0
kimutaingetich	0:68ca78749806	12	*
kimutaingetich	0:68ca78749806	13	* Licensed under the Apache License, Version 2.0 (the "License"); you may
kimutaingetich	0:68ca78749806	14	* not use this file except in compliance with the License.
kimutaingetich	0:68ca78749806	15	* You may obtain a copy of the License at
kimutaingetich	0:68ca78749806	16	*
kimutaingetich	0:68ca78749806	17	* http://www.apache.org/licenses/LICENSE-2.0
kimutaingetich	0:68ca78749806	18	*
kimutaingetich	0:68ca78749806	19	* Unless required by applicable law or agreed to in writing, software
kimutaingetich	0:68ca78749806	20	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
kimutaingetich	0:68ca78749806	21	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
kimutaingetich	0:68ca78749806	22	* See the License for the specific language governing permissions and
kimutaingetich	0:68ca78749806	23	* limitations under the License.
kimutaingetich	0:68ca78749806	24	*
kimutaingetich	0:68ca78749806	25	* This file is part of mbed TLS (https://tls.mbed.org)
kimutaingetich	0:68ca78749806	26	*/
kimutaingetich	0:68ca78749806	27
kimutaingetich	0:68ca78749806	28	#ifndef MBEDTLS_LORA_CONFIG_H
kimutaingetich	0:68ca78749806	29	#define MBEDTLS_LORA_CONFIG_H
kimutaingetich	0:68ca78749806	30
kimutaingetich	0:68ca78749806	31	/**
kimutaingetich	0:68ca78749806	32	* \name SECTION: System support
kimutaingetich	0:68ca78749806	33	*
kimutaingetich	0:68ca78749806	34	* This section sets system specific settings.
kimutaingetich	0:68ca78749806	35	* \{
kimutaingetich	0:68ca78749806	36	*/
kimutaingetich	0:68ca78749806	37
kimutaingetich	0:68ca78749806	38	/**
kimutaingetich	0:68ca78749806	39	* \def MBEDTLS_HAVE_ASM
kimutaingetich	0:68ca78749806	40	*
kimutaingetich	0:68ca78749806	41	* The compiler has support for asm().
kimutaingetich	0:68ca78749806	42	*
kimutaingetich	0:68ca78749806	43	* Requires support for asm() in compiler.
kimutaingetich	0:68ca78749806	44	*
kimutaingetich	0:68ca78749806	45	* Used in:
kimutaingetich	0:68ca78749806	46	* library/timing.c
kimutaingetich	0:68ca78749806	47	* library/padlock.c
kimutaingetich	0:68ca78749806	48	* include/mbedtls/bn_mul.h
kimutaingetich	0:68ca78749806	49	*
kimutaingetich	0:68ca78749806	50	* Comment to disable the use of assembly code.
kimutaingetich	0:68ca78749806	51	*/
kimutaingetich	0:68ca78749806	52	#define MBEDTLS_HAVE_ASM
kimutaingetich	0:68ca78749806	53
kimutaingetich	0:68ca78749806	54	/**
kimutaingetich	0:68ca78749806	55	* \def MBEDTLS_NO_UDBL_DIVISION
kimutaingetich	0:68ca78749806	56	*
kimutaingetich	0:68ca78749806	57	* The platform lacks support for double-width integer division (64-bit
kimutaingetich	0:68ca78749806	58	* division on a 32-bit platform, 128-bit division on a 64-bit platform).
kimutaingetich	0:68ca78749806	59	*
kimutaingetich	0:68ca78749806	60	* Used in:
kimutaingetich	0:68ca78749806	61	* include/mbedtls/bignum.h
kimutaingetich	0:68ca78749806	62	* library/bignum.c
kimutaingetich	0:68ca78749806	63	*
kimutaingetich	0:68ca78749806	64	* The bignum code uses double-width division to speed up some operations.
kimutaingetich	0:68ca78749806	65	* Double-width division is often implemented in software that needs to
kimutaingetich	0:68ca78749806	66	* be linked with the program. The presence of a double-width integer
kimutaingetich	0:68ca78749806	67	* type is usually detected automatically through preprocessor macros,
kimutaingetich	0:68ca78749806	68	* but the automatic detection cannot know whether the code needs to
kimutaingetich	0:68ca78749806	69	* and can be linked with an implementation of division for that type.
kimutaingetich	0:68ca78749806	70	* By default division is assumed to be usable if the type is present.
kimutaingetich	0:68ca78749806	71	* Uncomment this option to prevent the use of double-width division.
kimutaingetich	0:68ca78749806	72	*
kimutaingetich	0:68ca78749806	73	* Note that division for the native integer type is always required.
kimutaingetich	0:68ca78749806	74	* Furthermore, a 64-bit type is always required even on a 32-bit
kimutaingetich	0:68ca78749806	75	* platform, but it need not support multiplication or division. In some
kimutaingetich	0:68ca78749806	76	* cases it is also desirable to disable some double-width operations. For
kimutaingetich	0:68ca78749806	77	* example, if double-width division is implemented in software, disabling
kimutaingetich	0:68ca78749806	78	* it can reduce code size in some embedded targets.
kimutaingetich	0:68ca78749806	79	*/
kimutaingetich	0:68ca78749806	80	//#define MBEDTLS_NO_UDBL_DIVISION
kimutaingetich	0:68ca78749806	81
kimutaingetich	0:68ca78749806	82	/**
kimutaingetich	0:68ca78749806	83	* \def MBEDTLS_HAVE_SSE2
kimutaingetich	0:68ca78749806	84	*
kimutaingetich	0:68ca78749806	85	* CPU supports SSE2 instruction set.
kimutaingetich	0:68ca78749806	86	*
kimutaingetich	0:68ca78749806	87	* Uncomment if the CPU supports SSE2 (IA-32 specific).
kimutaingetich	0:68ca78749806	88	*/
kimutaingetich	0:68ca78749806	89	//#define MBEDTLS_HAVE_SSE2
kimutaingetich	0:68ca78749806	90
kimutaingetich	0:68ca78749806	91	/**
kimutaingetich	0:68ca78749806	92	* \def MBEDTLS_HAVE_TIME
kimutaingetich	0:68ca78749806	93	*
kimutaingetich	0:68ca78749806	94	* System has time.h and time().
kimutaingetich	0:68ca78749806	95	* The time does not need to be correct, only time differences are used,
kimutaingetich	0:68ca78749806	96	* by contrast with MBEDTLS_HAVE_TIME_DATE
kimutaingetich	0:68ca78749806	97	*
kimutaingetich	0:68ca78749806	98	* Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
kimutaingetich	0:68ca78749806	99	* MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
kimutaingetich	0:68ca78749806	100	* MBEDTLS_PLATFORM_STD_TIME.
kimutaingetich	0:68ca78749806	101	*
kimutaingetich	0:68ca78749806	102	* Comment if your system does not support time functions
kimutaingetich	0:68ca78749806	103	*/
kimutaingetich	0:68ca78749806	104	//#define MBEDTLS_HAVE_TIME
kimutaingetich	0:68ca78749806	105
kimutaingetich	0:68ca78749806	106	/**
kimutaingetich	0:68ca78749806	107	* \def MBEDTLS_HAVE_TIME_DATE
kimutaingetich	0:68ca78749806	108	*
kimutaingetich	0:68ca78749806	109	* System has time.h and time(), gmtime() and the clock is correct.
kimutaingetich	0:68ca78749806	110	* The time needs to be correct (not necesarily very accurate, but at least
kimutaingetich	0:68ca78749806	111	* the date should be correct). This is used to verify the validity period of
kimutaingetich	0:68ca78749806	112	* X.509 certificates.
kimutaingetich	0:68ca78749806	113	*
kimutaingetich	0:68ca78749806	114	* Comment if your system does not have a correct clock.
kimutaingetich	0:68ca78749806	115	*/
kimutaingetich	0:68ca78749806	116	//#define MBEDTLS_HAVE_TIME_DATE
kimutaingetich	0:68ca78749806	117
kimutaingetich	0:68ca78749806	118	/**
kimutaingetich	0:68ca78749806	119	* \def MBEDTLS_PLATFORM_MEMORY
kimutaingetich	0:68ca78749806	120	*
kimutaingetich	0:68ca78749806	121	* Enable the memory allocation layer.
kimutaingetich	0:68ca78749806	122	*
kimutaingetich	0:68ca78749806	123	* By default mbed TLS uses the system-provided calloc() and free().
kimutaingetich	0:68ca78749806	124	* This allows different allocators (self-implemented or provided) to be
kimutaingetich	0:68ca78749806	125	* provided to the platform abstraction layer.
kimutaingetich	0:68ca78749806	126	*
kimutaingetich	0:68ca78749806	127	* Enabling MBEDTLS_PLATFORM_MEMORY without the
kimutaingetich	0:68ca78749806	128	* MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
kimutaingetich	0:68ca78749806	129	* "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
kimutaingetich	0:68ca78749806	130	* free() function pointer at runtime.
kimutaingetich	0:68ca78749806	131	*
kimutaingetich	0:68ca78749806	132	* Enabling MBEDTLS_PLATFORM_MEMORY and specifying
kimutaingetich	0:68ca78749806	133	* MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
kimutaingetich	0:68ca78749806	134	* alternate function at compile time.
kimutaingetich	0:68ca78749806	135	*
kimutaingetich	0:68ca78749806	136	* Requires: MBEDTLS_PLATFORM_C
kimutaingetich	0:68ca78749806	137	*
kimutaingetich	0:68ca78749806	138	* Enable this layer to allow use of alternative memory allocators.
kimutaingetich	0:68ca78749806	139	*/
kimutaingetich	0:68ca78749806	140	//#define MBEDTLS_PLATFORM_MEMORY
kimutaingetich	0:68ca78749806	141
kimutaingetich	0:68ca78749806	142	/**
kimutaingetich	0:68ca78749806	143	* \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
kimutaingetich	0:68ca78749806	144	*
kimutaingetich	0:68ca78749806	145	* Do not assign standard functions in the platform layer (e.g. calloc() to
kimutaingetich	0:68ca78749806	146	* MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
kimutaingetich	0:68ca78749806	147	*
kimutaingetich	0:68ca78749806	148	* This makes sure there are no linking errors on platforms that do not support
kimutaingetich	0:68ca78749806	149	* these functions. You will HAVE to provide alternatives, either at runtime
kimutaingetich	0:68ca78749806	150	* via the platform_set_xxx() functions or at compile time by setting
kimutaingetich	0:68ca78749806	151	* the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
kimutaingetich	0:68ca78749806	152	* MBEDTLS_PLATFORM_XXX_MACRO.
kimutaingetich	0:68ca78749806	153	*
kimutaingetich	0:68ca78749806	154	* Requires: MBEDTLS_PLATFORM_C
kimutaingetich	0:68ca78749806	155	*
kimutaingetich	0:68ca78749806	156	* Uncomment to prevent default assignment of standard functions in the
kimutaingetich	0:68ca78749806	157	* platform layer.
kimutaingetich	0:68ca78749806	158	*/
kimutaingetich	0:68ca78749806	159	//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
kimutaingetich	0:68ca78749806	160
kimutaingetich	0:68ca78749806	161	/**
kimutaingetich	0:68ca78749806	162	* \def MBEDTLS_PLATFORM_EXIT_ALT
kimutaingetich	0:68ca78749806	163	*
kimutaingetich	0:68ca78749806	164	* MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
kimutaingetich	0:68ca78749806	165	* function in the platform abstraction layer.
kimutaingetich	0:68ca78749806	166	*
kimutaingetich	0:68ca78749806	167	* Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
kimutaingetich	0:68ca78749806	168	* provide a function "mbedtls_platform_set_printf()" that allows you to set an
kimutaingetich	0:68ca78749806	169	* alternative printf function pointer.
kimutaingetich	0:68ca78749806	170	*
kimutaingetich	0:68ca78749806	171	* All these define require MBEDTLS_PLATFORM_C to be defined!
kimutaingetich	0:68ca78749806	172	*
kimutaingetich	0:68ca78749806	173	* \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
kimutaingetich	0:68ca78749806	174	* it will be enabled automatically by check_config.h
kimutaingetich	0:68ca78749806	175	*
kimutaingetich	0:68ca78749806	176	* \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
kimutaingetich	0:68ca78749806	177	* MBEDTLS_PLATFORM_XXX_MACRO!
kimutaingetich	0:68ca78749806	178	*
kimutaingetich	0:68ca78749806	179	* Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
kimutaingetich	0:68ca78749806	180	*
kimutaingetich	0:68ca78749806	181	* Uncomment a macro to enable alternate implementation of specific base
kimutaingetich	0:68ca78749806	182	* platform function
kimutaingetich	0:68ca78749806	183	*/
kimutaingetich	0:68ca78749806	184	//#define MBEDTLS_PLATFORM_EXIT_ALT
kimutaingetich	0:68ca78749806	185	//#define MBEDTLS_PLATFORM_TIME_ALT
kimutaingetich	0:68ca78749806	186	//#define MBEDTLS_PLATFORM_FPRINTF_ALT
kimutaingetich	0:68ca78749806	187	//#define MBEDTLS_PLATFORM_PRINTF_ALT
kimutaingetich	0:68ca78749806	188	//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
kimutaingetich	0:68ca78749806	189	//#define MBEDTLS_PLATFORM_NV_SEED_ALT
kimutaingetich	0:68ca78749806	190	//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
kimutaingetich	0:68ca78749806	191
kimutaingetich	0:68ca78749806	192	/**
kimutaingetich	0:68ca78749806	193	* \def MBEDTLS_DEPRECATED_WARNING
kimutaingetich	0:68ca78749806	194	*
kimutaingetich	0:68ca78749806	195	* Mark deprecated functions so that they generate a warning if used.
kimutaingetich	0:68ca78749806	196	* Functions deprecated in one version will usually be removed in the next
kimutaingetich	0:68ca78749806	197	* version. You can enable this to help you prepare the transition to a new
kimutaingetich	0:68ca78749806	198	* major version by making sure your code is not using these functions.
kimutaingetich	0:68ca78749806	199	*
kimutaingetich	0:68ca78749806	200	* This only works with GCC and Clang. With other compilers, you may want to
kimutaingetich	0:68ca78749806	201	* use MBEDTLS_DEPRECATED_REMOVED
kimutaingetich	0:68ca78749806	202	*
kimutaingetich	0:68ca78749806	203	* Uncomment to get warnings on using deprecated functions.
kimutaingetich	0:68ca78749806	204	*/
kimutaingetich	0:68ca78749806	205	//#define MBEDTLS_DEPRECATED_WARNING
kimutaingetich	0:68ca78749806	206
kimutaingetich	0:68ca78749806	207	/**
kimutaingetich	0:68ca78749806	208	* \def MBEDTLS_DEPRECATED_REMOVED
kimutaingetich	0:68ca78749806	209	*
kimutaingetich	0:68ca78749806	210	* Remove deprecated functions so that they generate an error if used.
kimutaingetich	0:68ca78749806	211	* Functions deprecated in one version will usually be removed in the next
kimutaingetich	0:68ca78749806	212	* version. You can enable this to help you prepare the transition to a new
kimutaingetich	0:68ca78749806	213	* major version by making sure your code is not using these functions.
kimutaingetich	0:68ca78749806	214	*
kimutaingetich	0:68ca78749806	215	* Uncomment to get errors on using deprecated functions.
kimutaingetich	0:68ca78749806	216	*/
kimutaingetich	0:68ca78749806	217	//#define MBEDTLS_DEPRECATED_REMOVED
kimutaingetich	0:68ca78749806	218
kimutaingetich	0:68ca78749806	219	/* \} name SECTION: System support */
kimutaingetich	0:68ca78749806	220
kimutaingetich	0:68ca78749806	221	/**
kimutaingetich	0:68ca78749806	222	* \name SECTION: mbed TLS feature support
kimutaingetich	0:68ca78749806	223	*
kimutaingetich	0:68ca78749806	224	* This section sets support for features that are or are not needed
kimutaingetich	0:68ca78749806	225	* within the modules that are enabled.
kimutaingetich	0:68ca78749806	226	* \{
kimutaingetich	0:68ca78749806	227	*/
kimutaingetich	0:68ca78749806	228
kimutaingetich	0:68ca78749806	229	/**
kimutaingetich	0:68ca78749806	230	* \def MBEDTLS_TIMING_ALT
kimutaingetich	0:68ca78749806	231	*
kimutaingetich	0:68ca78749806	232	* Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
kimutaingetich	0:68ca78749806	233	* mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
kimutaingetich	0:68ca78749806	234	*
kimutaingetich	0:68ca78749806	235	* Only works if you have MBEDTLS_TIMING_C enabled.
kimutaingetich	0:68ca78749806	236	*
kimutaingetich	0:68ca78749806	237	* You will need to provide a header "timing_alt.h" and an implementation at
kimutaingetich	0:68ca78749806	238	* compile time.
kimutaingetich	0:68ca78749806	239	*/
kimutaingetich	0:68ca78749806	240	//#define MBEDTLS_TIMING_ALT
kimutaingetich	0:68ca78749806	241
kimutaingetich	0:68ca78749806	242	/**
kimutaingetich	0:68ca78749806	243	* \def MBEDTLS_AES_ALT
kimutaingetich	0:68ca78749806	244	*
kimutaingetich	0:68ca78749806	245	* MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
kimutaingetich	0:68ca78749806	246	* alternate core implementation of a symmetric crypto, an arithmetic or hash
kimutaingetich	0:68ca78749806	247	* module (e.g. platform specific assembly optimized implementations). Keep
kimutaingetich	0:68ca78749806	248	* in mind that the function prototypes should remain the same.
kimutaingetich	0:68ca78749806	249	*
kimutaingetich	0:68ca78749806	250	* This replaces the whole module. If you only want to replace one of the
kimutaingetich	0:68ca78749806	251	* functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
kimutaingetich	0:68ca78749806	252	*
kimutaingetich	0:68ca78749806	253	* Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
kimutaingetich	0:68ca78749806	254	* provide the "struct mbedtls_aes_context" definition and omit the base
kimutaingetich	0:68ca78749806	255	* function declarations and implementations. "aes_alt.h" will be included from
kimutaingetich	0:68ca78749806	256	* "aes.h" to include the new function definitions.
kimutaingetich	0:68ca78749806	257	*
kimutaingetich	0:68ca78749806	258	* Uncomment a macro to enable alternate implementation of the corresponding
kimutaingetich	0:68ca78749806	259	* module.
kimutaingetich	0:68ca78749806	260	*/
kimutaingetich	0:68ca78749806	261	//#define MBEDTLS_AES_ALT
kimutaingetich	0:68ca78749806	262	//#define MBEDTLS_ARC4_ALT
kimutaingetich	0:68ca78749806	263	//#define MBEDTLS_BLOWFISH_ALT
kimutaingetich	0:68ca78749806	264	//#define MBEDTLS_CAMELLIA_ALT
kimutaingetich	0:68ca78749806	265	//#define MBEDTLS_DES_ALT
kimutaingetich	0:68ca78749806	266	//#define MBEDTLS_XTEA_ALT
kimutaingetich	0:68ca78749806	267	//#define MBEDTLS_MD2_ALT
kimutaingetich	0:68ca78749806	268	//#define MBEDTLS_MD4_ALT
kimutaingetich	0:68ca78749806	269	//#define MBEDTLS_MD5_ALT
kimutaingetich	0:68ca78749806	270	//#define MBEDTLS_RIPEMD160_ALT
kimutaingetich	0:68ca78749806	271	//#define MBEDTLS_SHA1_ALT
kimutaingetich	0:68ca78749806	272	//#define MBEDTLS_SHA256_ALT
kimutaingetich	0:68ca78749806	273	//#define MBEDTLS_SHA512_ALT
kimutaingetich	0:68ca78749806	274	/*
kimutaingetich	0:68ca78749806	275	* When replacing the elliptic curve module, pleace consider, that it is
kimutaingetich	0:68ca78749806	276	* implemented with two .c files:
kimutaingetich	0:68ca78749806	277	* - ecp.c
kimutaingetich	0:68ca78749806	278	* - ecp_curves.c
kimutaingetich	0:68ca78749806	279	* You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
kimutaingetich	0:68ca78749806	280	* macros as described above. The only difference is that you have to make sure
kimutaingetich	0:68ca78749806	281	* that you provide functionality for both .c files.
kimutaingetich	0:68ca78749806	282	*/
kimutaingetich	0:68ca78749806	283	//#define MBEDTLS_ECP_ALT
kimutaingetich	0:68ca78749806	284
kimutaingetich	0:68ca78749806	285	/**
kimutaingetich	0:68ca78749806	286	* \def MBEDTLS_MD2_PROCESS_ALT
kimutaingetich	0:68ca78749806	287	*
kimutaingetich	0:68ca78749806	288	* MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
kimutaingetich	0:68ca78749806	289	* alternate core implementation of symmetric crypto or hash function. Keep in
kimutaingetich	0:68ca78749806	290	* mind that function prototypes should remain the same.
kimutaingetich	0:68ca78749806	291	*
kimutaingetich	0:68ca78749806	292	* This replaces only one function. The header file from mbed TLS is still
kimutaingetich	0:68ca78749806	293	* used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
kimutaingetich	0:68ca78749806	294	*
kimutaingetich	0:68ca78749806	295	* Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
kimutaingetich	0:68ca78749806	296	* no longer provide the mbedtls_sha1_process() function, but it will still provide
kimutaingetich	0:68ca78749806	297	* the other function (using your mbedtls_sha1_process() function) and the definition
kimutaingetich	0:68ca78749806	298	* of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
kimutaingetich	0:68ca78749806	299	* with this definition.
kimutaingetich	0:68ca78749806	300	*
kimutaingetich	0:68ca78749806	301	* \note Because of a signature change, the core AES encryption and decryption routines are
kimutaingetich	0:68ca78749806	302	* currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
kimutaingetich	0:68ca78749806	303	* respectively. When setting up alternative implementations, these functions should
kimutaingetich	0:68ca78749806	304	* be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
kimutaingetich	0:68ca78749806	305	* must stay untouched.
kimutaingetich	0:68ca78749806	306	*
kimutaingetich	0:68ca78749806	307	* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
kimutaingetich	0:68ca78749806	308	* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
kimutaingetich	0:68ca78749806	309	* tables.
kimutaingetich	0:68ca78749806	310	*
kimutaingetich	0:68ca78749806	311	* Uncomment a macro to enable alternate implementation of the corresponding
kimutaingetich	0:68ca78749806	312	* function.
kimutaingetich	0:68ca78749806	313	*/
kimutaingetich	0:68ca78749806	314	//#define MBEDTLS_MD2_PROCESS_ALT
kimutaingetich	0:68ca78749806	315	//#define MBEDTLS_MD4_PROCESS_ALT
kimutaingetich	0:68ca78749806	316	//#define MBEDTLS_MD5_PROCESS_ALT
kimutaingetich	0:68ca78749806	317	//#define MBEDTLS_RIPEMD160_PROCESS_ALT
kimutaingetich	0:68ca78749806	318	//#define MBEDTLS_SHA1_PROCESS_ALT
kimutaingetich	0:68ca78749806	319	//#define MBEDTLS_SHA256_PROCESS_ALT
kimutaingetich	0:68ca78749806	320	//#define MBEDTLS_SHA512_PROCESS_ALT
kimutaingetich	0:68ca78749806	321	//#define MBEDTLS_DES_SETKEY_ALT
kimutaingetich	0:68ca78749806	322	//#define MBEDTLS_DES_CRYPT_ECB_ALT
kimutaingetich	0:68ca78749806	323	//#define MBEDTLS_DES3_CRYPT_ECB_ALT
kimutaingetich	0:68ca78749806	324	//#define MBEDTLS_AES_SETKEY_ENC_ALT
kimutaingetich	0:68ca78749806	325	//#define MBEDTLS_AES_SETKEY_DEC_ALT
kimutaingetich	0:68ca78749806	326	//#define MBEDTLS_AES_ENCRYPT_ALT
kimutaingetich	0:68ca78749806	327	//#define MBEDTLS_AES_DECRYPT_ALT
kimutaingetich	0:68ca78749806	328
kimutaingetich	0:68ca78749806	329	/**
kimutaingetich	0:68ca78749806	330	* \def MBEDTLS_ECP_INTERNAL_ALT
kimutaingetich	0:68ca78749806	331	*
kimutaingetich	0:68ca78749806	332	* Expose a part of the internal interface of the Elliptic Curve Point module.
kimutaingetich	0:68ca78749806	333	*
kimutaingetich	0:68ca78749806	334	* MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
kimutaingetich	0:68ca78749806	335	* alternative core implementation of elliptic curve arithmetic. Keep in mind
kimutaingetich	0:68ca78749806	336	* that function prototypes should remain the same.
kimutaingetich	0:68ca78749806	337	*
kimutaingetich	0:68ca78749806	338	* This partially replaces one function. The header file from mbed TLS is still
kimutaingetich	0:68ca78749806	339	* used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
kimutaingetich	0:68ca78749806	340	* is still present and it is used for group structures not supported by the
kimutaingetich	0:68ca78749806	341	* alternative.
kimutaingetich	0:68ca78749806	342	*
kimutaingetich	0:68ca78749806	343	* Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
kimutaingetich	0:68ca78749806	344	* and implementing the following functions:
kimutaingetich	0:68ca78749806	345	* unsigned char mbedtls_internal_ecp_grp_capable(
kimutaingetich	0:68ca78749806	346	* const mbedtls_ecp_group *grp )
kimutaingetich	0:68ca78749806	347	* int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
kimutaingetich	0:68ca78749806	348	* void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
kimutaingetich	0:68ca78749806	349	* The mbedtls_internal_ecp_grp_capable function should return 1 if the
kimutaingetich	0:68ca78749806	350	* replacement functions implement arithmetic for the given group and 0
kimutaingetich	0:68ca78749806	351	* otherwise.
kimutaingetich	0:68ca78749806	352	* The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
kimutaingetich	0:68ca78749806	353	* called before and after each point operation and provide an opportunity to
kimutaingetich	0:68ca78749806	354	* implement optimized set up and tear down instructions.
kimutaingetich	0:68ca78749806	355	*
kimutaingetich	0:68ca78749806	356	* Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
kimutaingetich	0:68ca78749806	357	* MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
kimutaingetich	0:68ca78749806	358	* function, but will use your mbedtls_internal_ecp_double_jac if the group is
kimutaingetich	0:68ca78749806	359	* supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
kimutaingetich	0:68ca78749806	360	* receives it as an argument). If the group is not supported then the original
kimutaingetich	0:68ca78749806	361	* implementation is used. The other functions and the definition of
kimutaingetich	0:68ca78749806	362	* mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
kimutaingetich	0:68ca78749806	363	* implementation of mbedtls_internal_ecp_double_jac and
kimutaingetich	0:68ca78749806	364	* mbedtls_internal_ecp_grp_capable must be compatible with this definition.
kimutaingetich	0:68ca78749806	365	*
kimutaingetich	0:68ca78749806	366	* Uncomment a macro to enable alternate implementation of the corresponding
kimutaingetich	0:68ca78749806	367	* function.
kimutaingetich	0:68ca78749806	368	*/
kimutaingetich	0:68ca78749806	369	/* Required for all the functions in this section */
kimutaingetich	0:68ca78749806	370	//#define MBEDTLS_ECP_INTERNAL_ALT
kimutaingetich	0:68ca78749806	371	/* Support for Weierstrass curves with Jacobi representation */
kimutaingetich	0:68ca78749806	372	//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
kimutaingetich	0:68ca78749806	373	//#define MBEDTLS_ECP_ADD_MIXED_ALT
kimutaingetich	0:68ca78749806	374	//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
kimutaingetich	0:68ca78749806	375	//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
kimutaingetich	0:68ca78749806	376	//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
kimutaingetich	0:68ca78749806	377	/* Support for curves with Montgomery arithmetic */
kimutaingetich	0:68ca78749806	378	//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
kimutaingetich	0:68ca78749806	379	//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
kimutaingetich	0:68ca78749806	380	//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
kimutaingetich	0:68ca78749806	381
kimutaingetich	0:68ca78749806	382	/**
kimutaingetich	0:68ca78749806	383	* \def MBEDTLS_TEST_NULL_ENTROPY
kimutaingetich	0:68ca78749806	384	*
kimutaingetich	0:68ca78749806	385	* Enables testing and use of mbed TLS without any configured entropy sources.
kimutaingetich	0:68ca78749806	386	* This permits use of the library on platforms before an entropy source has
kimutaingetich	0:68ca78749806	387	* been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
kimutaingetich	0:68ca78749806	388	* MBEDTLS_ENTROPY_NV_SEED switches).
kimutaingetich	0:68ca78749806	389	*
kimutaingetich	0:68ca78749806	390	* WARNING! This switch MUST be disabled in production builds, and is suitable
kimutaingetich	0:68ca78749806	391	* only for development.
kimutaingetich	0:68ca78749806	392	* Enabling the switch negates any security provided by the library.
kimutaingetich	0:68ca78749806	393	*
kimutaingetich	0:68ca78749806	394	* Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
kimutaingetich	0:68ca78749806	395	*
kimutaingetich	0:68ca78749806	396	*/
kimutaingetich	0:68ca78749806	397	//#define MBEDTLS_TEST_NULL_ENTROPY
kimutaingetich	0:68ca78749806	398
kimutaingetich	0:68ca78749806	399	/**
kimutaingetich	0:68ca78749806	400	* \def MBEDTLS_ENTROPY_HARDWARE_ALT
kimutaingetich	0:68ca78749806	401	*
kimutaingetich	0:68ca78749806	402	* Uncomment this macro to let mbed TLS use your own implementation of a
kimutaingetich	0:68ca78749806	403	* hardware entropy collector.
kimutaingetich	0:68ca78749806	404	*
kimutaingetich	0:68ca78749806	405	* Your function must be called \c mbedtls_hardware_poll(), have the same
kimutaingetich	0:68ca78749806	406	* prototype as declared in entropy_poll.h, and accept NULL as first argument.
kimutaingetich	0:68ca78749806	407	*
kimutaingetich	0:68ca78749806	408	* Uncomment to use your own hardware entropy collector.
kimutaingetich	0:68ca78749806	409	*/
kimutaingetich	0:68ca78749806	410	//#define MBEDTLS_ENTROPY_HARDWARE_ALT
kimutaingetich	0:68ca78749806	411
kimutaingetich	0:68ca78749806	412	/**
kimutaingetich	0:68ca78749806	413	* \def MBEDTLS_AES_ROM_TABLES
kimutaingetich	0:68ca78749806	414	*
kimutaingetich	0:68ca78749806	415	* Store the AES tables in ROM.
kimutaingetich	0:68ca78749806	416	*
kimutaingetich	0:68ca78749806	417	* Uncomment this macro to store the AES tables in ROM.
kimutaingetich	0:68ca78749806	418	*/
kimutaingetich	0:68ca78749806	419	#define MBEDTLS_AES_ROM_TABLES
kimutaingetich	0:68ca78749806	420
kimutaingetich	0:68ca78749806	421	/**
kimutaingetich	0:68ca78749806	422	* \def MBEDTLS_CAMELLIA_SMALL_MEMORY
kimutaingetich	0:68ca78749806	423	*
kimutaingetich	0:68ca78749806	424	* Use less ROM for the Camellia implementation (saves about 768 bytes).
kimutaingetich	0:68ca78749806	425	*
kimutaingetich	0:68ca78749806	426	* Uncomment this macro to use less memory for Camellia.
kimutaingetich	0:68ca78749806	427	*/
kimutaingetich	0:68ca78749806	428	//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
kimutaingetich	0:68ca78749806	429
kimutaingetich	0:68ca78749806	430	/**
kimutaingetich	0:68ca78749806	431	* \def MBEDTLS_CIPHER_MODE_CBC
kimutaingetich	0:68ca78749806	432	*
kimutaingetich	0:68ca78749806	433	* Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
kimutaingetich	0:68ca78749806	434	*/
kimutaingetich	0:68ca78749806	435	//#define MBEDTLS_CIPHER_MODE_CBC
kimutaingetich	0:68ca78749806	436
kimutaingetich	0:68ca78749806	437	/**
kimutaingetich	0:68ca78749806	438	* \def MBEDTLS_CIPHER_MODE_CFB
kimutaingetich	0:68ca78749806	439	*
kimutaingetich	0:68ca78749806	440	* Enable Cipher Feedback mode (CFB) for symmetric ciphers.
kimutaingetich	0:68ca78749806	441	*/
kimutaingetich	0:68ca78749806	442	//#define MBEDTLS_CIPHER_MODE_CFB
kimutaingetich	0:68ca78749806	443
kimutaingetich	0:68ca78749806	444	/**
kimutaingetich	0:68ca78749806	445	* \def MBEDTLS_CIPHER_MODE_CTR
kimutaingetich	0:68ca78749806	446	*
kimutaingetich	0:68ca78749806	447	* Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
kimutaingetich	0:68ca78749806	448	*/
kimutaingetich	0:68ca78749806	449	//#define MBEDTLS_CIPHER_MODE_CTR
kimutaingetich	0:68ca78749806	450
kimutaingetich	0:68ca78749806	451	/**
kimutaingetich	0:68ca78749806	452	* \def MBEDTLS_CIPHER_NULL_CIPHER
kimutaingetich	0:68ca78749806	453	*
kimutaingetich	0:68ca78749806	454	* Enable NULL cipher.
kimutaingetich	0:68ca78749806	455	* Warning: Only do so when you know what you are doing. This allows for
kimutaingetich	0:68ca78749806	456	* encryption or channels without any security!
kimutaingetich	0:68ca78749806	457	*
kimutaingetich	0:68ca78749806	458	* Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
kimutaingetich	0:68ca78749806	459	* the following ciphersuites:
kimutaingetich	0:68ca78749806	460	* MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	461	* MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	462	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	463	* MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	464	* MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
kimutaingetich	0:68ca78749806	465	* MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
kimutaingetich	0:68ca78749806	466	* MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	467	* MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
kimutaingetich	0:68ca78749806	468	* MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
kimutaingetich	0:68ca78749806	469	* MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	470	* MBEDTLS_TLS_RSA_WITH_NULL_SHA256
kimutaingetich	0:68ca78749806	471	* MBEDTLS_TLS_RSA_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	472	* MBEDTLS_TLS_RSA_WITH_NULL_MD5
kimutaingetich	0:68ca78749806	473	* MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
kimutaingetich	0:68ca78749806	474	* MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
kimutaingetich	0:68ca78749806	475	* MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	476	* MBEDTLS_TLS_PSK_WITH_NULL_SHA384
kimutaingetich	0:68ca78749806	477	* MBEDTLS_TLS_PSK_WITH_NULL_SHA256
kimutaingetich	0:68ca78749806	478	* MBEDTLS_TLS_PSK_WITH_NULL_SHA
kimutaingetich	0:68ca78749806	479	*
kimutaingetich	0:68ca78749806	480	* Uncomment this macro to enable the NULL cipher and ciphersuites
kimutaingetich	0:68ca78749806	481	*/
kimutaingetich	0:68ca78749806	482	//#define MBEDTLS_CIPHER_NULL_CIPHER
kimutaingetich	0:68ca78749806	483
kimutaingetich	0:68ca78749806	484	/**
kimutaingetich	0:68ca78749806	485	* \def MBEDTLS_CIPHER_PADDING_PKCS7
kimutaingetich	0:68ca78749806	486	*
kimutaingetich	0:68ca78749806	487	* MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
kimutaingetich	0:68ca78749806	488	* specific padding modes in the cipher layer with cipher modes that support
kimutaingetich	0:68ca78749806	489	* padding (e.g. CBC)
kimutaingetich	0:68ca78749806	490	*
kimutaingetich	0:68ca78749806	491	* If you disable all padding modes, only full blocks can be used with CBC.
kimutaingetich	0:68ca78749806	492	*
kimutaingetich	0:68ca78749806	493	* Enable padding modes in the cipher layer.
kimutaingetich	0:68ca78749806	494	*/
kimutaingetich	0:68ca78749806	495	//#define MBEDTLS_CIPHER_PADDING_PKCS7
kimutaingetich	0:68ca78749806	496	//#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
kimutaingetich	0:68ca78749806	497	//#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
kimutaingetich	0:68ca78749806	498	//#define MBEDTLS_CIPHER_PADDING_ZEROS
kimutaingetich	0:68ca78749806	499
kimutaingetich	0:68ca78749806	500	/**
kimutaingetich	0:68ca78749806	501	* \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
kimutaingetich	0:68ca78749806	502	*
kimutaingetich	0:68ca78749806	503	* Enable weak ciphersuites in SSL / TLS.
kimutaingetich	0:68ca78749806	504	* Warning: Only do so when you know what you are doing. This allows for
kimutaingetich	0:68ca78749806	505	* channels with virtually no security at all!
kimutaingetich	0:68ca78749806	506	*
kimutaingetich	0:68ca78749806	507	* This enables the following ciphersuites:
kimutaingetich	0:68ca78749806	508	* MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
kimutaingetich	0:68ca78749806	509	* MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
kimutaingetich	0:68ca78749806	510	*
kimutaingetich	0:68ca78749806	511	* Uncomment this macro to enable weak ciphersuites
kimutaingetich	0:68ca78749806	512	*/
kimutaingetich	0:68ca78749806	513	//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
kimutaingetich	0:68ca78749806	514
kimutaingetich	0:68ca78749806	515	/**
kimutaingetich	0:68ca78749806	516	* \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
kimutaingetich	0:68ca78749806	517	*
kimutaingetich	0:68ca78749806	518	* Remove RC4 ciphersuites by default in SSL / TLS.
kimutaingetich	0:68ca78749806	519	* This flag removes the ciphersuites based on RC4 from the default list as
kimutaingetich	0:68ca78749806	520	* returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
kimutaingetich	0:68ca78749806	521	* enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
kimutaingetich	0:68ca78749806	522	* explicitly.
kimutaingetich	0:68ca78749806	523	*
kimutaingetich	0:68ca78749806	524	* Uncomment this macro to remove RC4 ciphersuites by default.
kimutaingetich	0:68ca78749806	525	*/
kimutaingetich	0:68ca78749806	526	//#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
kimutaingetich	0:68ca78749806	527
kimutaingetich	0:68ca78749806	528	/**
kimutaingetich	0:68ca78749806	529	* \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
kimutaingetich	0:68ca78749806	530	*
kimutaingetich	0:68ca78749806	531	* MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
kimutaingetich	0:68ca78749806	532	* module. By default all supported curves are enabled.
kimutaingetich	0:68ca78749806	533	*
kimutaingetich	0:68ca78749806	534	* Comment macros to disable the curve and functions for it
kimutaingetich	0:68ca78749806	535	*/
kimutaingetich	0:68ca78749806	536	//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
kimutaingetich	0:68ca78749806	537	//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
kimutaingetich	0:68ca78749806	538	//#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
kimutaingetich	0:68ca78749806	539	//#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
kimutaingetich	0:68ca78749806	540	//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
kimutaingetich	0:68ca78749806	541	//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
kimutaingetich	0:68ca78749806	542	//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
kimutaingetich	0:68ca78749806	543	//#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
kimutaingetich	0:68ca78749806	544	//#define MBEDTLS_ECP_DP_BP256R1_ENABLED
kimutaingetich	0:68ca78749806	545	//#define MBEDTLS_ECP_DP_BP384R1_ENABLED
kimutaingetich	0:68ca78749806	546	//#define MBEDTLS_ECP_DP_BP512R1_ENABLED
kimutaingetich	0:68ca78749806	547	//#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
kimutaingetich	0:68ca78749806	548
kimutaingetich	0:68ca78749806	549	/**
kimutaingetich	0:68ca78749806	550	* \def MBEDTLS_ECP_NIST_OPTIM
kimutaingetich	0:68ca78749806	551	*
kimutaingetich	0:68ca78749806	552	* Enable specific 'modulo p' routines for each NIST prime.
kimutaingetich	0:68ca78749806	553	* Depending on the prime and architecture, makes operations 4 to 8 times
kimutaingetich	0:68ca78749806	554	* faster on the corresponding curve.
kimutaingetich	0:68ca78749806	555	*
kimutaingetich	0:68ca78749806	556	* Comment this macro to disable NIST curves optimisation.
kimutaingetich	0:68ca78749806	557	*/
kimutaingetich	0:68ca78749806	558	//#define MBEDTLS_ECP_NIST_OPTIM
kimutaingetich	0:68ca78749806	559
kimutaingetich	0:68ca78749806	560	/**
kimutaingetich	0:68ca78749806	561	* \def MBEDTLS_ECDSA_DETERMINISTIC
kimutaingetich	0:68ca78749806	562	*
kimutaingetich	0:68ca78749806	563	* Enable deterministic ECDSA (RFC 6979).
kimutaingetich	0:68ca78749806	564	* Standard ECDSA is "fragile" in the sense that lack of entropy when signing
kimutaingetich	0:68ca78749806	565	* may result in a compromise of the long-term signing key. This is avoided by
kimutaingetich	0:68ca78749806	566	* the deterministic variant.
kimutaingetich	0:68ca78749806	567	*
kimutaingetich	0:68ca78749806	568	* Requires: MBEDTLS_HMAC_DRBG_C
kimutaingetich	0:68ca78749806	569	*
kimutaingetich	0:68ca78749806	570	* Comment this macro to disable deterministic ECDSA.
kimutaingetich	0:68ca78749806	571	*/
kimutaingetich	0:68ca78749806	572	//#define MBEDTLS_ECDSA_DETERMINISTIC
kimutaingetich	0:68ca78749806	573
kimutaingetich	0:68ca78749806	574	/**
kimutaingetich	0:68ca78749806	575	* \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
kimutaingetich	0:68ca78749806	576	*
kimutaingetich	0:68ca78749806	577	* Enable the PSK based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	578	*
kimutaingetich	0:68ca78749806	579	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	580	* enabled as well):
kimutaingetich	0:68ca78749806	581	* MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	582	* MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	583	* MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	584	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	585	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	586	* MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	587	* MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	588	* MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	589	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	590	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	591	* MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	592	* MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	593	*/
kimutaingetich	0:68ca78749806	594	//#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
kimutaingetich	0:68ca78749806	595
kimutaingetich	0:68ca78749806	596	/**
kimutaingetich	0:68ca78749806	597	* \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
kimutaingetich	0:68ca78749806	598	*
kimutaingetich	0:68ca78749806	599	* Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	600	*
kimutaingetich	0:68ca78749806	601	* Requires: MBEDTLS_DHM_C
kimutaingetich	0:68ca78749806	602	*
kimutaingetich	0:68ca78749806	603	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	604	* enabled as well):
kimutaingetich	0:68ca78749806	605	* MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	606	* MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	607	* MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	608	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	609	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	610	* MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	611	* MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	612	* MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	613	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	614	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	615	* MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	616	* MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	617	*/
kimutaingetich	0:68ca78749806	618	//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
kimutaingetich	0:68ca78749806	619
kimutaingetich	0:68ca78749806	620	/**
kimutaingetich	0:68ca78749806	621	* \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
kimutaingetich	0:68ca78749806	622	*
kimutaingetich	0:68ca78749806	623	* Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	624	*
kimutaingetich	0:68ca78749806	625	* Requires: MBEDTLS_ECDH_C
kimutaingetich	0:68ca78749806	626	*
kimutaingetich	0:68ca78749806	627	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	628	* enabled as well):
kimutaingetich	0:68ca78749806	629	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	630	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	631	* MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	632	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	633	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	634	* MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	635	* MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	636	* MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	637	*/
kimutaingetich	0:68ca78749806	638	//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
kimutaingetich	0:68ca78749806	639
kimutaingetich	0:68ca78749806	640	/**
kimutaingetich	0:68ca78749806	641	* \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
kimutaingetich	0:68ca78749806	642	*
kimutaingetich	0:68ca78749806	643	* Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	644	*
kimutaingetich	0:68ca78749806	645	* Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
kimutaingetich	0:68ca78749806	646	* MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	647	*
kimutaingetich	0:68ca78749806	648	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	649	* enabled as well):
kimutaingetich	0:68ca78749806	650	* MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	651	* MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	652	* MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	653	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	654	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	655	* MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	656	* MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	657	* MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	658	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	659	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	660	* MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	661	* MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	662	*/
kimutaingetich	0:68ca78749806	663	//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
kimutaingetich	0:68ca78749806	664
kimutaingetich	0:68ca78749806	665	/**
kimutaingetich	0:68ca78749806	666	* \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
kimutaingetich	0:68ca78749806	667	*
kimutaingetich	0:68ca78749806	668	* Enable the RSA-only based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	669	*
kimutaingetich	0:68ca78749806	670	* Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
kimutaingetich	0:68ca78749806	671	* MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	672	*
kimutaingetich	0:68ca78749806	673	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	674	* enabled as well):
kimutaingetich	0:68ca78749806	675	* MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	676	* MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
kimutaingetich	0:68ca78749806	677	* MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	678	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	679	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
kimutaingetich	0:68ca78749806	680	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
kimutaingetich	0:68ca78749806	681	* MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	682	* MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	683	* MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	684	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	685	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	686	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
kimutaingetich	0:68ca78749806	687	* MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	688	* MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	689	* MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
kimutaingetich	0:68ca78749806	690	*/
kimutaingetich	0:68ca78749806	691	//#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
kimutaingetich	0:68ca78749806	692
kimutaingetich	0:68ca78749806	693	/**
kimutaingetich	0:68ca78749806	694	* \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
kimutaingetich	0:68ca78749806	695	*
kimutaingetich	0:68ca78749806	696	* Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	697	*
kimutaingetich	0:68ca78749806	698	* Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
kimutaingetich	0:68ca78749806	699	* MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	700	*
kimutaingetich	0:68ca78749806	701	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	702	* enabled as well):
kimutaingetich	0:68ca78749806	703	* MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	704	* MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
kimutaingetich	0:68ca78749806	705	* MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	706	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	707	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
kimutaingetich	0:68ca78749806	708	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
kimutaingetich	0:68ca78749806	709	* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	710	* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	711	* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	712	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	713	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	714	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
kimutaingetich	0:68ca78749806	715	* MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	716	*/
kimutaingetich	0:68ca78749806	717	//#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
kimutaingetich	0:68ca78749806	718
kimutaingetich	0:68ca78749806	719	/**
kimutaingetich	0:68ca78749806	720	* \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
kimutaingetich	0:68ca78749806	721	*
kimutaingetich	0:68ca78749806	722	* Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	723	*
kimutaingetich	0:68ca78749806	724	* Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
kimutaingetich	0:68ca78749806	725	* MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	726	*
kimutaingetich	0:68ca78749806	727	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	728	* enabled as well):
kimutaingetich	0:68ca78749806	729	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	730	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	731	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	732	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	733	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	734	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	735	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	736	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	737	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	738	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	739	* MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	740	* MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	741	*/
kimutaingetich	0:68ca78749806	742	//#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
kimutaingetich	0:68ca78749806	743
kimutaingetich	0:68ca78749806	744	/**
kimutaingetich	0:68ca78749806	745	* \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
kimutaingetich	0:68ca78749806	746	*
kimutaingetich	0:68ca78749806	747	* Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	748	*
kimutaingetich	0:68ca78749806	749	* Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
kimutaingetich	0:68ca78749806	750	*
kimutaingetich	0:68ca78749806	751	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	752	* enabled as well):
kimutaingetich	0:68ca78749806	753	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	754	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	755	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	756	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	757	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	758	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	759	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	760	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	761	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	762	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	763	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	764	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	765	*/
kimutaingetich	0:68ca78749806	766	//#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
kimutaingetich	0:68ca78749806	767
kimutaingetich	0:68ca78749806	768	/**
kimutaingetich	0:68ca78749806	769	* \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
kimutaingetich	0:68ca78749806	770	*
kimutaingetich	0:68ca78749806	771	* Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	772	*
kimutaingetich	0:68ca78749806	773	* Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	774	*
kimutaingetich	0:68ca78749806	775	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	776	* enabled as well):
kimutaingetich	0:68ca78749806	777	* MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	778	* MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	779	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	780	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	781	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	782	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	783	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	784	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	785	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	786	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	787	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	788	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	789	*/
kimutaingetich	0:68ca78749806	790	//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
kimutaingetich	0:68ca78749806	791
kimutaingetich	0:68ca78749806	792	/**
kimutaingetich	0:68ca78749806	793	* \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
kimutaingetich	0:68ca78749806	794	*
kimutaingetich	0:68ca78749806	795	* Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	796	*
kimutaingetich	0:68ca78749806	797	* Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	798	*
kimutaingetich	0:68ca78749806	799	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	800	* enabled as well):
kimutaingetich	0:68ca78749806	801	* MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	802	* MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	803	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	804	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	805	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	806	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	807	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	808	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	809	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	810	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	811	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	812	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	813	*/
kimutaingetich	0:68ca78749806	814	//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
kimutaingetich	0:68ca78749806	815
kimutaingetich	0:68ca78749806	816	/**
kimutaingetich	0:68ca78749806	817	* \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
kimutaingetich	0:68ca78749806	818	*
kimutaingetich	0:68ca78749806	819	* Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
kimutaingetich	0:68ca78749806	820	*
kimutaingetich	0:68ca78749806	821	* \warning This is currently experimental. EC J-PAKE support is based on the
kimutaingetich	0:68ca78749806	822	* Thread v1.0.0 specification; incompatible changes to the specification
kimutaingetich	0:68ca78749806	823	* might still happen. For this reason, this is disabled by default.
kimutaingetich	0:68ca78749806	824	*
kimutaingetich	0:68ca78749806	825	* Requires: MBEDTLS_ECJPAKE_C
kimutaingetich	0:68ca78749806	826	* MBEDTLS_SHA256_C
kimutaingetich	0:68ca78749806	827	* MBEDTLS_ECP_DP_SECP256R1_ENABLED
kimutaingetich	0:68ca78749806	828	*
kimutaingetich	0:68ca78749806	829	* This enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	830	* enabled as well):
kimutaingetich	0:68ca78749806	831	* MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
kimutaingetich	0:68ca78749806	832	*/
kimutaingetich	0:68ca78749806	833	//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
kimutaingetich	0:68ca78749806	834
kimutaingetich	0:68ca78749806	835	/**
kimutaingetich	0:68ca78749806	836	* \def MBEDTLS_PK_PARSE_EC_EXTENDED
kimutaingetich	0:68ca78749806	837	*
kimutaingetich	0:68ca78749806	838	* Enhance support for reading EC keys using variants of SEC1 not allowed by
kimutaingetich	0:68ca78749806	839	* RFC 5915 and RFC 5480.
kimutaingetich	0:68ca78749806	840	*
kimutaingetich	0:68ca78749806	841	* Currently this means parsing the SpecifiedECDomain choice of EC
kimutaingetich	0:68ca78749806	842	* parameters (only known groups are supported, not arbitrary domains, to
kimutaingetich	0:68ca78749806	843	* avoid validation issues).
kimutaingetich	0:68ca78749806	844	*
kimutaingetich	0:68ca78749806	845	* Disable if you only need to support RFC 5915 + 5480 key formats.
kimutaingetich	0:68ca78749806	846	*/
kimutaingetich	0:68ca78749806	847	//#define MBEDTLS_PK_PARSE_EC_EXTENDED
kimutaingetich	0:68ca78749806	848
kimutaingetich	0:68ca78749806	849	/**
kimutaingetich	0:68ca78749806	850	* \def MBEDTLS_ERROR_STRERROR_DUMMY
kimutaingetich	0:68ca78749806	851	*
kimutaingetich	0:68ca78749806	852	* Enable a dummy error function to make use of mbedtls_strerror() in
kimutaingetich	0:68ca78749806	853	* third party libraries easier when MBEDTLS_ERROR_C is disabled
kimutaingetich	0:68ca78749806	854	* (no effect when MBEDTLS_ERROR_C is enabled).
kimutaingetich	0:68ca78749806	855	*
kimutaingetich	0:68ca78749806	856	* You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
kimutaingetich	0:68ca78749806	857	* not using mbedtls_strerror() or error_strerror() in your application.
kimutaingetich	0:68ca78749806	858	*
kimutaingetich	0:68ca78749806	859	* Disable if you run into name conflicts and want to really remove the
kimutaingetich	0:68ca78749806	860	* mbedtls_strerror()
kimutaingetich	0:68ca78749806	861	*/
kimutaingetich	0:68ca78749806	862	//#define MBEDTLS_ERROR_STRERROR_DUMMY
kimutaingetich	0:68ca78749806	863
kimutaingetich	0:68ca78749806	864	/**
kimutaingetich	0:68ca78749806	865	* \def MBEDTLS_GENPRIME
kimutaingetich	0:68ca78749806	866	*
kimutaingetich	0:68ca78749806	867	* Enable the prime-number generation code.
kimutaingetich	0:68ca78749806	868	*
kimutaingetich	0:68ca78749806	869	* Requires: MBEDTLS_BIGNUM_C
kimutaingetich	0:68ca78749806	870	*/
kimutaingetich	0:68ca78749806	871	//#define MBEDTLS_GENPRIME
kimutaingetich	0:68ca78749806	872
kimutaingetich	0:68ca78749806	873	/**
kimutaingetich	0:68ca78749806	874	* \def MBEDTLS_FS_IO
kimutaingetich	0:68ca78749806	875	*
kimutaingetich	0:68ca78749806	876	* Enable functions that use the filesystem.
kimutaingetich	0:68ca78749806	877	*/
kimutaingetich	0:68ca78749806	878	//#define MBEDTLS_FS_IO
kimutaingetich	0:68ca78749806	879
kimutaingetich	0:68ca78749806	880	/**
kimutaingetich	0:68ca78749806	881	* \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
kimutaingetich	0:68ca78749806	882	*
kimutaingetich	0:68ca78749806	883	* Do not add default entropy sources. These are the platform specific,
kimutaingetich	0:68ca78749806	884	* mbedtls_timing_hardclock and HAVEGE based poll functions.
kimutaingetich	0:68ca78749806	885	*
kimutaingetich	0:68ca78749806	886	* This is useful to have more control over the added entropy sources in an
kimutaingetich	0:68ca78749806	887	* application.
kimutaingetich	0:68ca78749806	888	*
kimutaingetich	0:68ca78749806	889	* Uncomment this macro to prevent loading of default entropy functions.
kimutaingetich	0:68ca78749806	890	*/
kimutaingetich	0:68ca78749806	891	//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
kimutaingetich	0:68ca78749806	892
kimutaingetich	0:68ca78749806	893	/**
kimutaingetich	0:68ca78749806	894	* \def MBEDTLS_NO_PLATFORM_ENTROPY
kimutaingetich	0:68ca78749806	895	*
kimutaingetich	0:68ca78749806	896	* Do not use built-in platform entropy functions.
kimutaingetich	0:68ca78749806	897	* This is useful if your platform does not support
kimutaingetich	0:68ca78749806	898	* standards like the /dev/urandom or Windows CryptoAPI.
kimutaingetich	0:68ca78749806	899	*
kimutaingetich	0:68ca78749806	900	* Uncomment this macro to disable the built-in platform entropy functions.
kimutaingetich	0:68ca78749806	901	*/
kimutaingetich	0:68ca78749806	902	#define MBEDTLS_NO_PLATFORM_ENTROPY
kimutaingetich	0:68ca78749806	903
kimutaingetich	0:68ca78749806	904	/**
kimutaingetich	0:68ca78749806	905	* \def MBEDTLS_ENTROPY_FORCE_SHA256
kimutaingetich	0:68ca78749806	906	*
kimutaingetich	0:68ca78749806	907	* Force the entropy accumulator to use a SHA-256 accumulator instead of the
kimutaingetich	0:68ca78749806	908	* default SHA-512 based one (if both are available).
kimutaingetich	0:68ca78749806	909	*
kimutaingetich	0:68ca78749806	910	* Requires: MBEDTLS_SHA256_C
kimutaingetich	0:68ca78749806	911	*
kimutaingetich	0:68ca78749806	912	* On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
kimutaingetich	0:68ca78749806	913	* if you have performance concerns.
kimutaingetich	0:68ca78749806	914	*
kimutaingetich	0:68ca78749806	915	* This option is only useful if both MBEDTLS_SHA256_C and
kimutaingetich	0:68ca78749806	916	* MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
kimutaingetich	0:68ca78749806	917	*/
kimutaingetich	0:68ca78749806	918	//#define MBEDTLS_ENTROPY_FORCE_SHA256
kimutaingetich	0:68ca78749806	919
kimutaingetich	0:68ca78749806	920	/**
kimutaingetich	0:68ca78749806	921	* \def MBEDTLS_ENTROPY_NV_SEED
kimutaingetich	0:68ca78749806	922	*
kimutaingetich	0:68ca78749806	923	* Enable the non-volatile (NV) seed file-based entropy source.
kimutaingetich	0:68ca78749806	924	* (Also enables the NV seed read/write functions in the platform layer)
kimutaingetich	0:68ca78749806	925	*
kimutaingetich	0:68ca78749806	926	* This is crucial (if not required) on systems that do not have a
kimutaingetich	0:68ca78749806	927	* cryptographic entropy source (in hardware or kernel) available.
kimutaingetich	0:68ca78749806	928	*
kimutaingetich	0:68ca78749806	929	* Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
kimutaingetich	0:68ca78749806	930	*
kimutaingetich	0:68ca78749806	931	* \note The read/write functions that are used by the entropy source are
kimutaingetich	0:68ca78749806	932	* determined in the platform layer, and can be modified at runtime and/or
kimutaingetich	0:68ca78749806	933	* compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
kimutaingetich	0:68ca78749806	934	*
kimutaingetich	0:68ca78749806	935	* \note If you use the default implementation functions that read a seedfile
kimutaingetich	0:68ca78749806	936	* with regular fopen(), please make sure you make a seedfile with the
kimutaingetich	0:68ca78749806	937	* proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
kimutaingetich	0:68ca78749806	938	* least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
kimutaingetich	0:68ca78749806	939	* and written to or you will get an entropy source error! The default
kimutaingetich	0:68ca78749806	940	* implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
kimutaingetich	0:68ca78749806	941	* bytes from the file.
kimutaingetich	0:68ca78749806	942	*
kimutaingetich	0:68ca78749806	943	* \note The entropy collector will write to the seed file before entropy is
kimutaingetich	0:68ca78749806	944	* given to an external source, to update it.
kimutaingetich	0:68ca78749806	945	*/
kimutaingetich	0:68ca78749806	946	//#define MBEDTLS_ENTROPY_NV_SEED
kimutaingetich	0:68ca78749806	947
kimutaingetich	0:68ca78749806	948	/**
kimutaingetich	0:68ca78749806	949	* \def MBEDTLS_MEMORY_DEBUG
kimutaingetich	0:68ca78749806	950	*
kimutaingetich	0:68ca78749806	951	* Enable debugging of buffer allocator memory issues. Automatically prints
kimutaingetich	0:68ca78749806	952	* (to stderr) all (fatal) messages on memory allocation issues. Enables
kimutaingetich	0:68ca78749806	953	* function for 'debug output' of allocated memory.
kimutaingetich	0:68ca78749806	954	*
kimutaingetich	0:68ca78749806	955	* Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
kimutaingetich	0:68ca78749806	956	*
kimutaingetich	0:68ca78749806	957	* Uncomment this macro to let the buffer allocator print out error messages.
kimutaingetich	0:68ca78749806	958	*/
kimutaingetich	0:68ca78749806	959	//#define MBEDTLS_MEMORY_DEBUG
kimutaingetich	0:68ca78749806	960
kimutaingetich	0:68ca78749806	961	/**
kimutaingetich	0:68ca78749806	962	* \def MBEDTLS_MEMORY_BACKTRACE
kimutaingetich	0:68ca78749806	963	*
kimutaingetich	0:68ca78749806	964	* Include backtrace information with each allocated block.
kimutaingetich	0:68ca78749806	965	*
kimutaingetich	0:68ca78749806	966	* Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
kimutaingetich	0:68ca78749806	967	* GLIBC-compatible backtrace() an backtrace_symbols() support
kimutaingetich	0:68ca78749806	968	*
kimutaingetich	0:68ca78749806	969	* Uncomment this macro to include backtrace information
kimutaingetich	0:68ca78749806	970	*/
kimutaingetich	0:68ca78749806	971	//#define MBEDTLS_MEMORY_BACKTRACE
kimutaingetich	0:68ca78749806	972
kimutaingetich	0:68ca78749806	973	/**
kimutaingetich	0:68ca78749806	974	* \def MBEDTLS_PK_RSA_ALT_SUPPORT
kimutaingetich	0:68ca78749806	975	*
kimutaingetich	0:68ca78749806	976	* Support external private RSA keys (eg from a HSM) in the PK layer.
kimutaingetich	0:68ca78749806	977	*
kimutaingetich	0:68ca78749806	978	* Comment this macro to disable support for external private RSA keys.
kimutaingetich	0:68ca78749806	979	*/
kimutaingetich	0:68ca78749806	980	//#define MBEDTLS_PK_RSA_ALT_SUPPORT
kimutaingetich	0:68ca78749806	981
kimutaingetich	0:68ca78749806	982	/**
kimutaingetich	0:68ca78749806	983	* \def MBEDTLS_PKCS1_V15
kimutaingetich	0:68ca78749806	984	*
kimutaingetich	0:68ca78749806	985	* Enable support for PKCS#1 v1.5 encoding.
kimutaingetich	0:68ca78749806	986	*
kimutaingetich	0:68ca78749806	987	* Requires: MBEDTLS_RSA_C
kimutaingetich	0:68ca78749806	988	*
kimutaingetich	0:68ca78749806	989	* This enables support for PKCS#1 v1.5 operations.
kimutaingetich	0:68ca78749806	990	*/
kimutaingetich	0:68ca78749806	991	//#define MBEDTLS_PKCS1_V15
kimutaingetich	0:68ca78749806	992
kimutaingetich	0:68ca78749806	993	/**
kimutaingetich	0:68ca78749806	994	* \def MBEDTLS_PKCS1_V21
kimutaingetich	0:68ca78749806	995	*
kimutaingetich	0:68ca78749806	996	* Enable support for PKCS#1 v2.1 encoding.
kimutaingetich	0:68ca78749806	997	*
kimutaingetich	0:68ca78749806	998	* Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
kimutaingetich	0:68ca78749806	999	*
kimutaingetich	0:68ca78749806	1000	* This enables support for RSAES-OAEP and RSASSA-PSS operations.
kimutaingetich	0:68ca78749806	1001	*/
kimutaingetich	0:68ca78749806	1002	//#define MBEDTLS_PKCS1_V21
kimutaingetich	0:68ca78749806	1003
kimutaingetich	0:68ca78749806	1004	/**
kimutaingetich	0:68ca78749806	1005	* \def MBEDTLS_RSA_NO_CRT
kimutaingetich	0:68ca78749806	1006	*
kimutaingetich	0:68ca78749806	1007	* Do not use the Chinese Remainder Theorem for the RSA private operation.
kimutaingetich	0:68ca78749806	1008	*
kimutaingetich	0:68ca78749806	1009	* Uncomment this macro to disable the use of CRT in RSA.
kimutaingetich	0:68ca78749806	1010	*
kimutaingetich	0:68ca78749806	1011	*/
kimutaingetich	0:68ca78749806	1012	//#define MBEDTLS_RSA_NO_CRT
kimutaingetich	0:68ca78749806	1013
kimutaingetich	0:68ca78749806	1014	/**
kimutaingetich	0:68ca78749806	1015	* \def MBEDTLS_SELF_TEST
kimutaingetich	0:68ca78749806	1016	*
kimutaingetich	0:68ca78749806	1017	* Enable the checkup functions (*_self_test).
kimutaingetich	0:68ca78749806	1018	*/
kimutaingetich	0:68ca78749806	1019	//#define MBEDTLS_SELF_TEST
kimutaingetich	0:68ca78749806	1020
kimutaingetich	0:68ca78749806	1021	/**
kimutaingetich	0:68ca78749806	1022	* \def MBEDTLS_SHA256_SMALLER
kimutaingetich	0:68ca78749806	1023	*
kimutaingetich	0:68ca78749806	1024	* Enable an implementation of SHA-256 that has lower ROM footprint but also
kimutaingetich	0:68ca78749806	1025	* lower performance.
kimutaingetich	0:68ca78749806	1026	*
kimutaingetich	0:68ca78749806	1027	* The default implementation is meant to be a reasonnable compromise between
kimutaingetich	0:68ca78749806	1028	* performance and size. This version optimizes more aggressively for size at
kimutaingetich	0:68ca78749806	1029	* the expense of performance. Eg on Cortex-M4 it reduces the size of
kimutaingetich	0:68ca78749806	1030	* mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
kimutaingetich	0:68ca78749806	1031	* 30%.
kimutaingetich	0:68ca78749806	1032	*
kimutaingetich	0:68ca78749806	1033	* Uncomment to enable the smaller implementation of SHA256.
kimutaingetich	0:68ca78749806	1034	*/
kimutaingetich	0:68ca78749806	1035	//#define MBEDTLS_SHA256_SMALLER
kimutaingetich	0:68ca78749806	1036
kimutaingetich	0:68ca78749806	1037	/**
kimutaingetich	0:68ca78749806	1038	* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
kimutaingetich	0:68ca78749806	1039	*
kimutaingetich	0:68ca78749806	1040	* Enable sending of alert messages in case of encountered errors as per RFC.
kimutaingetich	0:68ca78749806	1041	* If you choose not to send the alert messages, mbed TLS can still communicate
kimutaingetich	0:68ca78749806	1042	* with other servers, only debugging of failures is harder.
kimutaingetich	0:68ca78749806	1043	*
kimutaingetich	0:68ca78749806	1044	* The advantage of not sending alert messages, is that no information is given
kimutaingetich	0:68ca78749806	1045	* about reasons for failures thus preventing adversaries of gaining intel.
kimutaingetich	0:68ca78749806	1046	*
kimutaingetich	0:68ca78749806	1047	* Enable sending of all alert messages
kimutaingetich	0:68ca78749806	1048	*/
kimutaingetich	0:68ca78749806	1049	//#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
kimutaingetich	0:68ca78749806	1050
kimutaingetich	0:68ca78749806	1051	/**
kimutaingetich	0:68ca78749806	1052	* \def MBEDTLS_SSL_DEBUG_ALL
kimutaingetich	0:68ca78749806	1053	*
kimutaingetich	0:68ca78749806	1054	* Enable the debug messages in SSL module for all issues.
kimutaingetich	0:68ca78749806	1055	* Debug messages have been disabled in some places to prevent timing
kimutaingetich	0:68ca78749806	1056	* attacks due to (unbalanced) debugging function calls.
kimutaingetich	0:68ca78749806	1057	*
kimutaingetich	0:68ca78749806	1058	* If you need all error reporting you should enable this during debugging,
kimutaingetich	0:68ca78749806	1059	* but remove this for production servers that should log as well.
kimutaingetich	0:68ca78749806	1060	*
kimutaingetich	0:68ca78749806	1061	* Uncomment this macro to report all debug messages on errors introducing
kimutaingetich	0:68ca78749806	1062	* a timing side-channel.
kimutaingetich	0:68ca78749806	1063	*
kimutaingetich	0:68ca78749806	1064	*/
kimutaingetich	0:68ca78749806	1065	//#define MBEDTLS_SSL_DEBUG_ALL
kimutaingetich	0:68ca78749806	1066
kimutaingetich	0:68ca78749806	1067	/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
kimutaingetich	0:68ca78749806	1068	*
kimutaingetich	0:68ca78749806	1069	* Enable support for Encrypt-then-MAC, RFC 7366.
kimutaingetich	0:68ca78749806	1070	*
kimutaingetich	0:68ca78749806	1071	* This allows peers that both support it to use a more robust protection for
kimutaingetich	0:68ca78749806	1072	* ciphersuites using CBC, providing deep resistance against timing attacks
kimutaingetich	0:68ca78749806	1073	* on the padding or underlying cipher.
kimutaingetich	0:68ca78749806	1074	*
kimutaingetich	0:68ca78749806	1075	* This only affects CBC ciphersuites, and is useless if none is defined.
kimutaingetich	0:68ca78749806	1076	*
kimutaingetich	0:68ca78749806	1077	* Requires: MBEDTLS_SSL_PROTO_TLS1 or
kimutaingetich	0:68ca78749806	1078	* MBEDTLS_SSL_PROTO_TLS1_1 or
kimutaingetich	0:68ca78749806	1079	* MBEDTLS_SSL_PROTO_TLS1_2
kimutaingetich	0:68ca78749806	1080	*
kimutaingetich	0:68ca78749806	1081	* Comment this macro to disable support for Encrypt-then-MAC
kimutaingetich	0:68ca78749806	1082	*/
kimutaingetich	0:68ca78749806	1083	//#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
kimutaingetich	0:68ca78749806	1084
kimutaingetich	0:68ca78749806	1085	/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
kimutaingetich	0:68ca78749806	1086	*
kimutaingetich	0:68ca78749806	1087	* Enable support for Extended Master Secret, aka Session Hash
kimutaingetich	0:68ca78749806	1088	* (draft-ietf-tls-session-hash-02).
kimutaingetich	0:68ca78749806	1089	*
kimutaingetich	0:68ca78749806	1090	* This was introduced as "the proper fix" to the Triple Handshake familiy of
kimutaingetich	0:68ca78749806	1091	* attacks, but it is recommended to always use it (even if you disable
kimutaingetich	0:68ca78749806	1092	* renegotiation), since it actually fixes a more fundamental issue in the
kimutaingetich	0:68ca78749806	1093	* original SSL/TLS design, and has implications beyond Triple Handshake.
kimutaingetich	0:68ca78749806	1094	*
kimutaingetich	0:68ca78749806	1095	* Requires: MBEDTLS_SSL_PROTO_TLS1 or
kimutaingetich	0:68ca78749806	1096	* MBEDTLS_SSL_PROTO_TLS1_1 or
kimutaingetich	0:68ca78749806	1097	* MBEDTLS_SSL_PROTO_TLS1_2
kimutaingetich	0:68ca78749806	1098	*
kimutaingetich	0:68ca78749806	1099	* Comment this macro to disable support for Extended Master Secret.
kimutaingetich	0:68ca78749806	1100	*/
kimutaingetich	0:68ca78749806	1101	//#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
kimutaingetich	0:68ca78749806	1102
kimutaingetich	0:68ca78749806	1103	/**
kimutaingetich	0:68ca78749806	1104	* \def MBEDTLS_SSL_FALLBACK_SCSV
kimutaingetich	0:68ca78749806	1105	*
kimutaingetich	0:68ca78749806	1106	* Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
kimutaingetich	0:68ca78749806	1107	*
kimutaingetich	0:68ca78749806	1108	* For servers, it is recommended to always enable this, unless you support
kimutaingetich	0:68ca78749806	1109	* only one version of TLS, or know for sure that none of your clients
kimutaingetich	0:68ca78749806	1110	* implements a fallback strategy.
kimutaingetich	0:68ca78749806	1111	*
kimutaingetich	0:68ca78749806	1112	* For clients, you only need this if you're using a fallback strategy, which
kimutaingetich	0:68ca78749806	1113	* is not recommended in the first place, unless you absolutely need it to
kimutaingetich	0:68ca78749806	1114	* interoperate with buggy (version-intolerant) servers.
kimutaingetich	0:68ca78749806	1115	*
kimutaingetich	0:68ca78749806	1116	* Comment this macro to disable support for FALLBACK_SCSV
kimutaingetich	0:68ca78749806	1117	*/
kimutaingetich	0:68ca78749806	1118	//#define MBEDTLS_SSL_FALLBACK_SCSV
kimutaingetich	0:68ca78749806	1119
kimutaingetich	0:68ca78749806	1120	/**
kimutaingetich	0:68ca78749806	1121	* \def MBEDTLS_SSL_HW_RECORD_ACCEL
kimutaingetich	0:68ca78749806	1122	*
kimutaingetich	0:68ca78749806	1123	* Enable hooking functions in SSL module for hardware acceleration of
kimutaingetich	0:68ca78749806	1124	* individual records.
kimutaingetich	0:68ca78749806	1125	*
kimutaingetich	0:68ca78749806	1126	* Uncomment this macro to enable hooking functions.
kimutaingetich	0:68ca78749806	1127	*/
kimutaingetich	0:68ca78749806	1128	//#define MBEDTLS_SSL_HW_RECORD_ACCEL
kimutaingetich	0:68ca78749806	1129
kimutaingetich	0:68ca78749806	1130	/**
kimutaingetich	0:68ca78749806	1131	* \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
kimutaingetich	0:68ca78749806	1132	*
kimutaingetich	0:68ca78749806	1133	* Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
kimutaingetich	0:68ca78749806	1134	*
kimutaingetich	0:68ca78749806	1135	* This is a countermeasure to the BEAST attack, which also minimizes the risk
kimutaingetich	0:68ca78749806	1136	* of interoperability issues compared to sending 0-length records.
kimutaingetich	0:68ca78749806	1137	*
kimutaingetich	0:68ca78749806	1138	* Comment this macro to disable 1/n-1 record splitting.
kimutaingetich	0:68ca78749806	1139	*/
kimutaingetich	0:68ca78749806	1140	//#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
kimutaingetich	0:68ca78749806	1141
kimutaingetich	0:68ca78749806	1142	/**
kimutaingetich	0:68ca78749806	1143	* \def MBEDTLS_SSL_RENEGOTIATION
kimutaingetich	0:68ca78749806	1144	*
kimutaingetich	0:68ca78749806	1145	* Disable support for TLS renegotiation.
kimutaingetich	0:68ca78749806	1146	*
kimutaingetich	0:68ca78749806	1147	* The two main uses of renegotiation are (1) refresh keys on long-lived
kimutaingetich	0:68ca78749806	1148	* connections and (2) client authentication after the initial handshake.
kimutaingetich	0:68ca78749806	1149	* If you don't need renegotiation, it's probably better to disable it, since
kimutaingetich	0:68ca78749806	1150	* it has been associated with security issues in the past and is easy to
kimutaingetich	0:68ca78749806	1151	* misuse/misunderstand.
kimutaingetich	0:68ca78749806	1152	*
kimutaingetich	0:68ca78749806	1153	* Comment this to disable support for renegotiation.
kimutaingetich	0:68ca78749806	1154	*/
kimutaingetich	0:68ca78749806	1155	//#define MBEDTLS_SSL_RENEGOTIATION
kimutaingetich	0:68ca78749806	1156
kimutaingetich	0:68ca78749806	1157	/**
kimutaingetich	0:68ca78749806	1158	* \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
kimutaingetich	0:68ca78749806	1159	*
kimutaingetich	0:68ca78749806	1160	* Enable support for receiving and parsing SSLv2 Client Hello messages for the
kimutaingetich	0:68ca78749806	1161	* SSL Server module (MBEDTLS_SSL_SRV_C).
kimutaingetich	0:68ca78749806	1162	*
kimutaingetich	0:68ca78749806	1163	* Uncomment this macro to enable support for SSLv2 Client Hello messages.
kimutaingetich	0:68ca78749806	1164	*/
kimutaingetich	0:68ca78749806	1165	//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
kimutaingetich	0:68ca78749806	1166
kimutaingetich	0:68ca78749806	1167	/**
kimutaingetich	0:68ca78749806	1168	* \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
kimutaingetich	0:68ca78749806	1169	*
kimutaingetich	0:68ca78749806	1170	* Pick the ciphersuite according to the client's preferences rather than ours
kimutaingetich	0:68ca78749806	1171	* in the SSL Server module (MBEDTLS_SSL_SRV_C).
kimutaingetich	0:68ca78749806	1172	*
kimutaingetich	0:68ca78749806	1173	* Uncomment this macro to respect client's ciphersuite order
kimutaingetich	0:68ca78749806	1174	*/
kimutaingetich	0:68ca78749806	1175	//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
kimutaingetich	0:68ca78749806	1176
kimutaingetich	0:68ca78749806	1177	/**
kimutaingetich	0:68ca78749806	1178	* \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
kimutaingetich	0:68ca78749806	1179	*
kimutaingetich	0:68ca78749806	1180	* Enable support for RFC 6066 max_fragment_length extension in SSL.
kimutaingetich	0:68ca78749806	1181	*
kimutaingetich	0:68ca78749806	1182	* Comment this macro to disable support for the max_fragment_length extension
kimutaingetich	0:68ca78749806	1183	*/
kimutaingetich	0:68ca78749806	1184	//#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
kimutaingetich	0:68ca78749806	1185
kimutaingetich	0:68ca78749806	1186	/**
kimutaingetich	0:68ca78749806	1187	* \def MBEDTLS_SSL_PROTO_SSL3
kimutaingetich	0:68ca78749806	1188	*
kimutaingetich	0:68ca78749806	1189	* Enable support for SSL 3.0.
kimutaingetich	0:68ca78749806	1190	*
kimutaingetich	0:68ca78749806	1191	* Requires: MBEDTLS_MD5_C
kimutaingetich	0:68ca78749806	1192	* MBEDTLS_SHA1_C
kimutaingetich	0:68ca78749806	1193	*
kimutaingetich	0:68ca78749806	1194	* Comment this macro to disable support for SSL 3.0
kimutaingetich	0:68ca78749806	1195	*/
kimutaingetich	0:68ca78749806	1196	//#define MBEDTLS_SSL_PROTO_SSL3
kimutaingetich	0:68ca78749806	1197
kimutaingetich	0:68ca78749806	1198	/**
kimutaingetich	0:68ca78749806	1199	* \def MBEDTLS_SSL_PROTO_TLS1
kimutaingetich	0:68ca78749806	1200	*
kimutaingetich	0:68ca78749806	1201	* Enable support for TLS 1.0.
kimutaingetich	0:68ca78749806	1202	*
kimutaingetich	0:68ca78749806	1203	* Requires: MBEDTLS_MD5_C
kimutaingetich	0:68ca78749806	1204	* MBEDTLS_SHA1_C
kimutaingetich	0:68ca78749806	1205	*
kimutaingetich	0:68ca78749806	1206	* Comment this macro to disable support for TLS 1.0
kimutaingetich	0:68ca78749806	1207	*/
kimutaingetich	0:68ca78749806	1208	//#define MBEDTLS_SSL_PROTO_TLS1
kimutaingetich	0:68ca78749806	1209
kimutaingetich	0:68ca78749806	1210	/**
kimutaingetich	0:68ca78749806	1211	* \def MBEDTLS_SSL_PROTO_TLS1_1
kimutaingetich	0:68ca78749806	1212	*
kimutaingetich	0:68ca78749806	1213	* Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
kimutaingetich	0:68ca78749806	1214	*
kimutaingetich	0:68ca78749806	1215	* Requires: MBEDTLS_MD5_C
kimutaingetich	0:68ca78749806	1216	* MBEDTLS_SHA1_C
kimutaingetich	0:68ca78749806	1217	*
kimutaingetich	0:68ca78749806	1218	* Comment this macro to disable support for TLS 1.1 / DTLS 1.0
kimutaingetich	0:68ca78749806	1219	*/
kimutaingetich	0:68ca78749806	1220	//#define MBEDTLS_SSL_PROTO_TLS1_1
kimutaingetich	0:68ca78749806	1221
kimutaingetich	0:68ca78749806	1222	/**
kimutaingetich	0:68ca78749806	1223	* \def MBEDTLS_SSL_PROTO_TLS1_2
kimutaingetich	0:68ca78749806	1224	*
kimutaingetich	0:68ca78749806	1225	* Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
kimutaingetich	0:68ca78749806	1226	*
kimutaingetich	0:68ca78749806	1227	* Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
kimutaingetich	0:68ca78749806	1228	* (Depends on ciphersuites)
kimutaingetich	0:68ca78749806	1229	*
kimutaingetich	0:68ca78749806	1230	* Comment this macro to disable support for TLS 1.2 / DTLS 1.2
kimutaingetich	0:68ca78749806	1231	*/
kimutaingetich	0:68ca78749806	1232	//#define MBEDTLS_SSL_PROTO_TLS1_2
kimutaingetich	0:68ca78749806	1233
kimutaingetich	0:68ca78749806	1234	/**
kimutaingetich	0:68ca78749806	1235	* \def MBEDTLS_SSL_PROTO_DTLS
kimutaingetich	0:68ca78749806	1236	*
kimutaingetich	0:68ca78749806	1237	* Enable support for DTLS (all available versions).
kimutaingetich	0:68ca78749806	1238	*
kimutaingetich	0:68ca78749806	1239	* Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
kimutaingetich	0:68ca78749806	1240	* and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
kimutaingetich	0:68ca78749806	1241	*
kimutaingetich	0:68ca78749806	1242	* Requires: MBEDTLS_SSL_PROTO_TLS1_1
kimutaingetich	0:68ca78749806	1243	* or MBEDTLS_SSL_PROTO_TLS1_2
kimutaingetich	0:68ca78749806	1244	*
kimutaingetich	0:68ca78749806	1245	* Comment this macro to disable support for DTLS
kimutaingetich	0:68ca78749806	1246	*/
kimutaingetich	0:68ca78749806	1247	//#define MBEDTLS_SSL_PROTO_DTLS
kimutaingetich	0:68ca78749806	1248
kimutaingetich	0:68ca78749806	1249	/**
kimutaingetich	0:68ca78749806	1250	* \def MBEDTLS_SSL_ALPN
kimutaingetich	0:68ca78749806	1251	*
kimutaingetich	0:68ca78749806	1252	* Enable support for RFC 7301 Application Layer Protocol Negotiation.
kimutaingetich	0:68ca78749806	1253	*
kimutaingetich	0:68ca78749806	1254	* Comment this macro to disable support for ALPN.
kimutaingetich	0:68ca78749806	1255	*/
kimutaingetich	0:68ca78749806	1256	//#define MBEDTLS_SSL_ALPN
kimutaingetich	0:68ca78749806	1257
kimutaingetich	0:68ca78749806	1258	/**
kimutaingetich	0:68ca78749806	1259	* \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
kimutaingetich	0:68ca78749806	1260	*
kimutaingetich	0:68ca78749806	1261	* Enable support for the anti-replay mechanism in DTLS.
kimutaingetich	0:68ca78749806	1262	*
kimutaingetich	0:68ca78749806	1263	* Requires: MBEDTLS_SSL_TLS_C
kimutaingetich	0:68ca78749806	1264	* MBEDTLS_SSL_PROTO_DTLS
kimutaingetich	0:68ca78749806	1265	*
kimutaingetich	0:68ca78749806	1266	* \warning Disabling this is often a security risk!
kimutaingetich	0:68ca78749806	1267	* See mbedtls_ssl_conf_dtls_anti_replay() for details.
kimutaingetich	0:68ca78749806	1268	*
kimutaingetich	0:68ca78749806	1269	* Comment this to disable anti-replay in DTLS.
kimutaingetich	0:68ca78749806	1270	*/
kimutaingetich	0:68ca78749806	1271	//#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
kimutaingetich	0:68ca78749806	1272
kimutaingetich	0:68ca78749806	1273	/**
kimutaingetich	0:68ca78749806	1274	* \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
kimutaingetich	0:68ca78749806	1275	*
kimutaingetich	0:68ca78749806	1276	* Enable support for HelloVerifyRequest on DTLS servers.
kimutaingetich	0:68ca78749806	1277	*
kimutaingetich	0:68ca78749806	1278	* This feature is highly recommended to prevent DTLS servers being used as
kimutaingetich	0:68ca78749806	1279	* amplifiers in DoS attacks against other hosts. It should always be enabled
kimutaingetich	0:68ca78749806	1280	* unless you know for sure amplification cannot be a problem in the
kimutaingetich	0:68ca78749806	1281	* environment in which your server operates.
kimutaingetich	0:68ca78749806	1282	*
kimutaingetich	0:68ca78749806	1283	* \warning Disabling this can ba a security risk! (see above)
kimutaingetich	0:68ca78749806	1284	*
kimutaingetich	0:68ca78749806	1285	* Requires: MBEDTLS_SSL_PROTO_DTLS
kimutaingetich	0:68ca78749806	1286	*
kimutaingetich	0:68ca78749806	1287	* Comment this to disable support for HelloVerifyRequest.
kimutaingetich	0:68ca78749806	1288	*/
kimutaingetich	0:68ca78749806	1289	//#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
kimutaingetich	0:68ca78749806	1290
kimutaingetich	0:68ca78749806	1291	/**
kimutaingetich	0:68ca78749806	1292	* \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
kimutaingetich	0:68ca78749806	1293	*
kimutaingetich	0:68ca78749806	1294	* Enable server-side support for clients that reconnect from the same port.
kimutaingetich	0:68ca78749806	1295	*
kimutaingetich	0:68ca78749806	1296	* Some clients unexpectedly close the connection and try to reconnect using the
kimutaingetich	0:68ca78749806	1297	* same source port. This needs special support from the server to handle the
kimutaingetich	0:68ca78749806	1298	* new connection securely, as described in section 4.2.8 of RFC 6347. This
kimutaingetich	0:68ca78749806	1299	* flag enables that support.
kimutaingetich	0:68ca78749806	1300	*
kimutaingetich	0:68ca78749806	1301	* Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
kimutaingetich	0:68ca78749806	1302	*
kimutaingetich	0:68ca78749806	1303	* Comment this to disable support for clients reusing the source port.
kimutaingetich	0:68ca78749806	1304	*/
kimutaingetich	0:68ca78749806	1305	//#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
kimutaingetich	0:68ca78749806	1306
kimutaingetich	0:68ca78749806	1307	/**
kimutaingetich	0:68ca78749806	1308	* \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
kimutaingetich	0:68ca78749806	1309	*
kimutaingetich	0:68ca78749806	1310	* Enable support for a limit of records with bad MAC.
kimutaingetich	0:68ca78749806	1311	*
kimutaingetich	0:68ca78749806	1312	* See mbedtls_ssl_conf_dtls_badmac_limit().
kimutaingetich	0:68ca78749806	1313	*
kimutaingetich	0:68ca78749806	1314	* Requires: MBEDTLS_SSL_PROTO_DTLS
kimutaingetich	0:68ca78749806	1315	*/
kimutaingetich	0:68ca78749806	1316	//#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
kimutaingetich	0:68ca78749806	1317
kimutaingetich	0:68ca78749806	1318	/**
kimutaingetich	0:68ca78749806	1319	* \def MBEDTLS_SSL_SESSION_TICKETS
kimutaingetich	0:68ca78749806	1320	*
kimutaingetich	0:68ca78749806	1321	* Enable support for RFC 5077 session tickets in SSL.
kimutaingetich	0:68ca78749806	1322	* Client-side, provides full support for session tickets (maintainance of a
kimutaingetich	0:68ca78749806	1323	* session store remains the responsibility of the application, though).
kimutaingetich	0:68ca78749806	1324	* Server-side, you also need to provide callbacks for writing and parsing
kimutaingetich	0:68ca78749806	1325	* tickets, including authenticated encryption and key management. Example
kimutaingetich	0:68ca78749806	1326	* callbacks are provided by MBEDTLS_SSL_TICKET_C.
kimutaingetich	0:68ca78749806	1327	*
kimutaingetich	0:68ca78749806	1328	* Comment this macro to disable support for SSL session tickets
kimutaingetich	0:68ca78749806	1329	*/
kimutaingetich	0:68ca78749806	1330	//#define MBEDTLS_SSL_SESSION_TICKETS
kimutaingetich	0:68ca78749806	1331
kimutaingetich	0:68ca78749806	1332	/**
kimutaingetich	0:68ca78749806	1333	* \def MBEDTLS_SSL_EXPORT_KEYS
kimutaingetich	0:68ca78749806	1334	*
kimutaingetich	0:68ca78749806	1335	* Enable support for exporting key block and master secret.
kimutaingetich	0:68ca78749806	1336	* This is required for certain users of TLS, e.g. EAP-TLS.
kimutaingetich	0:68ca78749806	1337	*
kimutaingetich	0:68ca78749806	1338	* Comment this macro to disable support for key export
kimutaingetich	0:68ca78749806	1339	*/
kimutaingetich	0:68ca78749806	1340	//#define MBEDTLS_SSL_EXPORT_KEYS
kimutaingetich	0:68ca78749806	1341
kimutaingetich	0:68ca78749806	1342	/**
kimutaingetich	0:68ca78749806	1343	* \def MBEDTLS_SSL_SERVER_NAME_INDICATION
kimutaingetich	0:68ca78749806	1344	*
kimutaingetich	0:68ca78749806	1345	* Enable support for RFC 6066 server name indication (SNI) in SSL.
kimutaingetich	0:68ca78749806	1346	*
kimutaingetich	0:68ca78749806	1347	* Requires: MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	1348	*
kimutaingetich	0:68ca78749806	1349	* Comment this macro to disable support for server name indication in SSL
kimutaingetich	0:68ca78749806	1350	*/
kimutaingetich	0:68ca78749806	1351	//#define MBEDTLS_SSL_SERVER_NAME_INDICATION
kimutaingetich	0:68ca78749806	1352
kimutaingetich	0:68ca78749806	1353	/**
kimutaingetich	0:68ca78749806	1354	* \def MBEDTLS_SSL_TRUNCATED_HMAC
kimutaingetich	0:68ca78749806	1355	*
kimutaingetich	0:68ca78749806	1356	* Enable support for RFC 6066 truncated HMAC in SSL.
kimutaingetich	0:68ca78749806	1357	*
kimutaingetich	0:68ca78749806	1358	* Comment this macro to disable support for truncated HMAC in SSL
kimutaingetich	0:68ca78749806	1359	*/
kimutaingetich	0:68ca78749806	1360	//#define MBEDTLS_SSL_TRUNCATED_HMAC
kimutaingetich	0:68ca78749806	1361
kimutaingetich	0:68ca78749806	1362	/**
kimutaingetich	0:68ca78749806	1363	* \def MBEDTLS_THREADING_ALT
kimutaingetich	0:68ca78749806	1364	*
kimutaingetich	0:68ca78749806	1365	* Provide your own alternate threading implementation.
kimutaingetich	0:68ca78749806	1366	*
kimutaingetich	0:68ca78749806	1367	* Requires: MBEDTLS_THREADING_C
kimutaingetich	0:68ca78749806	1368	*
kimutaingetich	0:68ca78749806	1369	* Uncomment this to allow your own alternate threading implementation.
kimutaingetich	0:68ca78749806	1370	*/
kimutaingetich	0:68ca78749806	1371	//#define MBEDTLS_THREADING_ALT
kimutaingetich	0:68ca78749806	1372
kimutaingetich	0:68ca78749806	1373	/**
kimutaingetich	0:68ca78749806	1374	* \def MBEDTLS_THREADING_PTHREAD
kimutaingetich	0:68ca78749806	1375	*
kimutaingetich	0:68ca78749806	1376	* Enable the pthread wrapper layer for the threading layer.
kimutaingetich	0:68ca78749806	1377	*
kimutaingetich	0:68ca78749806	1378	* Requires: MBEDTLS_THREADING_C
kimutaingetich	0:68ca78749806	1379	*
kimutaingetich	0:68ca78749806	1380	* Uncomment this to enable pthread mutexes.
kimutaingetich	0:68ca78749806	1381	*/
kimutaingetich	0:68ca78749806	1382	//#define MBEDTLS_THREADING_PTHREAD
kimutaingetich	0:68ca78749806	1383
kimutaingetich	0:68ca78749806	1384	/**
kimutaingetich	0:68ca78749806	1385	* \def MBEDTLS_VERSION_FEATURES
kimutaingetich	0:68ca78749806	1386	*
kimutaingetich	0:68ca78749806	1387	* Allow run-time checking of compile-time enabled features. Thus allowing users
kimutaingetich	0:68ca78749806	1388	* to check at run-time if the library is for instance compiled with threading
kimutaingetich	0:68ca78749806	1389	* support via mbedtls_version_check_feature().
kimutaingetich	0:68ca78749806	1390	*
kimutaingetich	0:68ca78749806	1391	* Requires: MBEDTLS_VERSION_C
kimutaingetich	0:68ca78749806	1392	*
kimutaingetich	0:68ca78749806	1393	* Comment this to disable run-time checking and save ROM space
kimutaingetich	0:68ca78749806	1394	*/
kimutaingetich	0:68ca78749806	1395	//#define MBEDTLS_VERSION_FEATURES
kimutaingetich	0:68ca78749806	1396
kimutaingetich	0:68ca78749806	1397	/**
kimutaingetich	0:68ca78749806	1398	* \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
kimutaingetich	0:68ca78749806	1399	*
kimutaingetich	0:68ca78749806	1400	* If set, the X509 parser will not break-off when parsing an X509 certificate
kimutaingetich	0:68ca78749806	1401	* and encountering an extension in a v1 or v2 certificate.
kimutaingetich	0:68ca78749806	1402	*
kimutaingetich	0:68ca78749806	1403	* Uncomment to prevent an error.
kimutaingetich	0:68ca78749806	1404	*/
kimutaingetich	0:68ca78749806	1405	//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
kimutaingetich	0:68ca78749806	1406
kimutaingetich	0:68ca78749806	1407	/**
kimutaingetich	0:68ca78749806	1408	* \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
kimutaingetich	0:68ca78749806	1409	*
kimutaingetich	0:68ca78749806	1410	* If set, the X509 parser will not break-off when parsing an X509 certificate
kimutaingetich	0:68ca78749806	1411	* and encountering an unknown critical extension.
kimutaingetich	0:68ca78749806	1412	*
kimutaingetich	0:68ca78749806	1413	* \warning Depending on your PKI use, enabling this can be a security risk!
kimutaingetich	0:68ca78749806	1414	*
kimutaingetich	0:68ca78749806	1415	* Uncomment to prevent an error.
kimutaingetich	0:68ca78749806	1416	*/
kimutaingetich	0:68ca78749806	1417	//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
kimutaingetich	0:68ca78749806	1418
kimutaingetich	0:68ca78749806	1419	/**
kimutaingetich	0:68ca78749806	1420	* \def MBEDTLS_X509_CHECK_KEY_USAGE
kimutaingetich	0:68ca78749806	1421	*
kimutaingetich	0:68ca78749806	1422	* Enable verification of the keyUsage extension (CA and leaf certificates).
kimutaingetich	0:68ca78749806	1423	*
kimutaingetich	0:68ca78749806	1424	* Disabling this avoids problems with mis-issued and/or misused
kimutaingetich	0:68ca78749806	1425	* (intermediate) CA and leaf certificates.
kimutaingetich	0:68ca78749806	1426	*
kimutaingetich	0:68ca78749806	1427	* \warning Depending on your PKI use, disabling this can be a security risk!
kimutaingetich	0:68ca78749806	1428	*
kimutaingetich	0:68ca78749806	1429	* Comment to skip keyUsage checking for both CA and leaf certificates.
kimutaingetich	0:68ca78749806	1430	*/
kimutaingetich	0:68ca78749806	1431	//#define MBEDTLS_X509_CHECK_KEY_USAGE
kimutaingetich	0:68ca78749806	1432
kimutaingetich	0:68ca78749806	1433	/**
kimutaingetich	0:68ca78749806	1434	* \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
kimutaingetich	0:68ca78749806	1435	*
kimutaingetich	0:68ca78749806	1436	* Enable verification of the extendedKeyUsage extension (leaf certificates).
kimutaingetich	0:68ca78749806	1437	*
kimutaingetich	0:68ca78749806	1438	* Disabling this avoids problems with mis-issued and/or misused certificates.
kimutaingetich	0:68ca78749806	1439	*
kimutaingetich	0:68ca78749806	1440	* \warning Depending on your PKI use, disabling this can be a security risk!
kimutaingetich	0:68ca78749806	1441	*
kimutaingetich	0:68ca78749806	1442	* Comment to skip extendedKeyUsage checking for certificates.
kimutaingetich	0:68ca78749806	1443	*/
kimutaingetich	0:68ca78749806	1444	//#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
kimutaingetich	0:68ca78749806	1445
kimutaingetich	0:68ca78749806	1446	/**
kimutaingetich	0:68ca78749806	1447	* \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
kimutaingetich	0:68ca78749806	1448	*
kimutaingetich	0:68ca78749806	1449	* Enable parsing and verification of X.509 certificates, CRLs and CSRS
kimutaingetich	0:68ca78749806	1450	* signed with RSASSA-PSS (aka PKCS#1 v2.1).
kimutaingetich	0:68ca78749806	1451	*
kimutaingetich	0:68ca78749806	1452	* Comment this macro to disallow using RSASSA-PSS in certificates.
kimutaingetich	0:68ca78749806	1453	*/
kimutaingetich	0:68ca78749806	1454	//#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
kimutaingetich	0:68ca78749806	1455
kimutaingetich	0:68ca78749806	1456	/**
kimutaingetich	0:68ca78749806	1457	* \def MBEDTLS_ZLIB_SUPPORT
kimutaingetich	0:68ca78749806	1458	*
kimutaingetich	0:68ca78749806	1459	* If set, the SSL/TLS module uses ZLIB to support compression and
kimutaingetich	0:68ca78749806	1460	* decompression of packet data.
kimutaingetich	0:68ca78749806	1461	*
kimutaingetich	0:68ca78749806	1462	* \warning TLS-level compression MAY REDUCE SECURITY! See for example the
kimutaingetich	0:68ca78749806	1463	* CRIME attack. Before enabling this option, you should examine with care if
kimutaingetich	0:68ca78749806	1464	* CRIME or similar exploits may be a applicable to your use case.
kimutaingetich	0:68ca78749806	1465	*
kimutaingetich	0:68ca78749806	1466	* \note Currently compression can't be used with DTLS.
kimutaingetich	0:68ca78749806	1467	*
kimutaingetich	0:68ca78749806	1468	* Used in: library/ssl_tls.c
kimutaingetich	0:68ca78749806	1469	* library/ssl_cli.c
kimutaingetich	0:68ca78749806	1470	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	1471	*
kimutaingetich	0:68ca78749806	1472	* This feature requires zlib library and headers to be present.
kimutaingetich	0:68ca78749806	1473	*
kimutaingetich	0:68ca78749806	1474	* Uncomment to enable use of ZLIB
kimutaingetich	0:68ca78749806	1475	*/
kimutaingetich	0:68ca78749806	1476	//#define MBEDTLS_ZLIB_SUPPORT
kimutaingetich	0:68ca78749806	1477	/* \} name SECTION: mbed TLS feature support */
kimutaingetich	0:68ca78749806	1478
kimutaingetich	0:68ca78749806	1479	/**
kimutaingetich	0:68ca78749806	1480	* \name SECTION: mbed TLS modules
kimutaingetich	0:68ca78749806	1481	*
kimutaingetich	0:68ca78749806	1482	* This section enables or disables entire modules in mbed TLS
kimutaingetich	0:68ca78749806	1483	* \{
kimutaingetich	0:68ca78749806	1484	*/
kimutaingetich	0:68ca78749806	1485
kimutaingetich	0:68ca78749806	1486	/**
kimutaingetich	0:68ca78749806	1487	* \def MBEDTLS_AESNI_C
kimutaingetich	0:68ca78749806	1488	*
kimutaingetich	0:68ca78749806	1489	* Enable AES-NI support on x86-64.
kimutaingetich	0:68ca78749806	1490	*
kimutaingetich	0:68ca78749806	1491	* Module: library/aesni.c
kimutaingetich	0:68ca78749806	1492	* Caller: library/aes.c
kimutaingetich	0:68ca78749806	1493	*
kimutaingetich	0:68ca78749806	1494	* Requires: MBEDTLS_HAVE_ASM
kimutaingetich	0:68ca78749806	1495	*
kimutaingetich	0:68ca78749806	1496	* This modules adds support for the AES-NI instructions on x86-64
kimutaingetich	0:68ca78749806	1497	*/
kimutaingetich	0:68ca78749806	1498	//#define MBEDTLS_AESNI_C
kimutaingetich	0:68ca78749806	1499
kimutaingetich	0:68ca78749806	1500	/**
kimutaingetich	0:68ca78749806	1501	* \def MBEDTLS_AES_C
kimutaingetich	0:68ca78749806	1502	*
kimutaingetich	0:68ca78749806	1503	* Enable the AES block cipher.
kimutaingetich	0:68ca78749806	1504	*
kimutaingetich	0:68ca78749806	1505	* Module: library/aes.c
kimutaingetich	0:68ca78749806	1506	* Caller: library/ssl_tls.c
kimutaingetich	0:68ca78749806	1507	* library/pem.c
kimutaingetich	0:68ca78749806	1508	* library/ctr_drbg.c
kimutaingetich	0:68ca78749806	1509	*
kimutaingetich	0:68ca78749806	1510	* This module enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	1511	* enabled as well):
kimutaingetich	0:68ca78749806	1512	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1513	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1514	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1515	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1516	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1517	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1518	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1519	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1520	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1521	* MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1522	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1523	* MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1524	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1525	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1526	* MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1527	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1528	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1529	* MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
kimutaingetich	0:68ca78749806	1530	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1531	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1532	* MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1533	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1534	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1535	* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1536	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1537	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1538	* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1539	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1540	* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1541	* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1542	* MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1543	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1544	* MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1545	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1546	* MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1547	* MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1548	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1549	* MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1550	* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1551	* MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1552	* MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1553	* MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
kimutaingetich	0:68ca78749806	1554	* MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1555	* MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1556	* MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1557	* MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1558	* MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1559	* MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1560	* MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1561	* MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1562	* MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1563	* MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1564	* MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1565	* MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1566	* MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
kimutaingetich	0:68ca78749806	1567	* MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1568	* MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1569	* MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
kimutaingetich	0:68ca78749806	1570	*
kimutaingetich	0:68ca78749806	1571	* PEM_PARSE uses AES for decrypting encrypted keys.
kimutaingetich	0:68ca78749806	1572	*/
kimutaingetich	0:68ca78749806	1573	#define MBEDTLS_AES_C
kimutaingetich	0:68ca78749806	1574
kimutaingetich	0:68ca78749806	1575	/**
kimutaingetich	0:68ca78749806	1576	* \def MBEDTLS_ARC4_C
kimutaingetich	0:68ca78749806	1577	*
kimutaingetich	0:68ca78749806	1578	* Enable the ARCFOUR stream cipher.
kimutaingetich	0:68ca78749806	1579	*
kimutaingetich	0:68ca78749806	1580	* Module: library/arc4.c
kimutaingetich	0:68ca78749806	1581	* Caller: library/ssl_tls.c
kimutaingetich	0:68ca78749806	1582	*
kimutaingetich	0:68ca78749806	1583	* This module enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	1584	* enabled as well):
kimutaingetich	0:68ca78749806	1585	* MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1586	* MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1587	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1588	* MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1589	* MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1590	* MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1591	* MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1592	* MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
kimutaingetich	0:68ca78749806	1593	* MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1594	* MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
kimutaingetich	0:68ca78749806	1595	*/
kimutaingetich	0:68ca78749806	1596	//#define MBEDTLS_ARC4_C
kimutaingetich	0:68ca78749806	1597
kimutaingetich	0:68ca78749806	1598	/**
kimutaingetich	0:68ca78749806	1599	* \def MBEDTLS_ASN1_PARSE_C
kimutaingetich	0:68ca78749806	1600	*
kimutaingetich	0:68ca78749806	1601	* Enable the generic ASN1 parser.
kimutaingetich	0:68ca78749806	1602	*
kimutaingetich	0:68ca78749806	1603	* Module: library/asn1.c
kimutaingetich	0:68ca78749806	1604	* Caller: library/x509.c
kimutaingetich	0:68ca78749806	1605	* library/dhm.c
kimutaingetich	0:68ca78749806	1606	* library/pkcs12.c
kimutaingetich	0:68ca78749806	1607	* library/pkcs5.c
kimutaingetich	0:68ca78749806	1608	* library/pkparse.c
kimutaingetich	0:68ca78749806	1609	*/
kimutaingetich	0:68ca78749806	1610	//#define MBEDTLS_ASN1_PARSE_C
kimutaingetich	0:68ca78749806	1611
kimutaingetich	0:68ca78749806	1612	/**
kimutaingetich	0:68ca78749806	1613	* \def MBEDTLS_ASN1_WRITE_C
kimutaingetich	0:68ca78749806	1614	*
kimutaingetich	0:68ca78749806	1615	* Enable the generic ASN1 writer.
kimutaingetich	0:68ca78749806	1616	*
kimutaingetich	0:68ca78749806	1617	* Module: library/asn1write.c
kimutaingetich	0:68ca78749806	1618	* Caller: library/ecdsa.c
kimutaingetich	0:68ca78749806	1619	* library/pkwrite.c
kimutaingetich	0:68ca78749806	1620	* library/x509_create.c
kimutaingetich	0:68ca78749806	1621	* library/x509write_crt.c
kimutaingetich	0:68ca78749806	1622	* library/x509write_csr.c
kimutaingetich	0:68ca78749806	1623	*/
kimutaingetich	0:68ca78749806	1624	//#define MBEDTLS_ASN1_WRITE_C
kimutaingetich	0:68ca78749806	1625
kimutaingetich	0:68ca78749806	1626	/**
kimutaingetich	0:68ca78749806	1627	* \def MBEDTLS_BASE64_C
kimutaingetich	0:68ca78749806	1628	*
kimutaingetich	0:68ca78749806	1629	* Enable the Base64 module.
kimutaingetich	0:68ca78749806	1630	*
kimutaingetich	0:68ca78749806	1631	* Module: library/base64.c
kimutaingetich	0:68ca78749806	1632	* Caller: library/pem.c
kimutaingetich	0:68ca78749806	1633	*
kimutaingetich	0:68ca78749806	1634	* This module is required for PEM support (required by X.509).
kimutaingetich	0:68ca78749806	1635	*/
kimutaingetich	0:68ca78749806	1636	#define MBEDTLS_BASE64_C
kimutaingetich	0:68ca78749806	1637
kimutaingetich	0:68ca78749806	1638	/**
kimutaingetich	0:68ca78749806	1639	* \def MBEDTLS_BIGNUM_C
kimutaingetich	0:68ca78749806	1640	*
kimutaingetich	0:68ca78749806	1641	* Enable the multi-precision integer library.
kimutaingetich	0:68ca78749806	1642	*
kimutaingetich	0:68ca78749806	1643	* Module: library/bignum.c
kimutaingetich	0:68ca78749806	1644	* Caller: library/dhm.c
kimutaingetich	0:68ca78749806	1645	* library/ecp.c
kimutaingetich	0:68ca78749806	1646	* library/ecdsa.c
kimutaingetich	0:68ca78749806	1647	* library/rsa.c
kimutaingetich	0:68ca78749806	1648	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	1649	*
kimutaingetich	0:68ca78749806	1650	* This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
kimutaingetich	0:68ca78749806	1651	*/
kimutaingetich	0:68ca78749806	1652	//#define MBEDTLS_BIGNUM_C
kimutaingetich	0:68ca78749806	1653
kimutaingetich	0:68ca78749806	1654	/**
kimutaingetich	0:68ca78749806	1655	* \def MBEDTLS_BLOWFISH_C
kimutaingetich	0:68ca78749806	1656	*
kimutaingetich	0:68ca78749806	1657	* Enable the Blowfish block cipher.
kimutaingetich	0:68ca78749806	1658	*
kimutaingetich	0:68ca78749806	1659	* Module: library/blowfish.c
kimutaingetich	0:68ca78749806	1660	*/
kimutaingetich	0:68ca78749806	1661	//#define MBEDTLS_BLOWFISH_C
kimutaingetich	0:68ca78749806	1662
kimutaingetich	0:68ca78749806	1663	/**
kimutaingetich	0:68ca78749806	1664	* \def MBEDTLS_CAMELLIA_C
kimutaingetich	0:68ca78749806	1665	*
kimutaingetich	0:68ca78749806	1666	* Enable the Camellia block cipher.
kimutaingetich	0:68ca78749806	1667	*
kimutaingetich	0:68ca78749806	1668	* Module: library/camellia.c
kimutaingetich	0:68ca78749806	1669	* Caller: library/ssl_tls.c
kimutaingetich	0:68ca78749806	1670	*
kimutaingetich	0:68ca78749806	1671	* This module enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	1672	* enabled as well):
kimutaingetich	0:68ca78749806	1673	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1674	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1675	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1676	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1677	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1678	* MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1679	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1680	* MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1681	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1682	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1683	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1684	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1685	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1686	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
kimutaingetich	0:68ca78749806	1687	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
kimutaingetich	0:68ca78749806	1688	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1689	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1690	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1691	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1692	* MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1693	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1694	* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
kimutaingetich	0:68ca78749806	1695	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1696	* MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1697	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1698	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1699	* MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1700	* MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1701	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1702	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
kimutaingetich	0:68ca78749806	1703	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
kimutaingetich	0:68ca78749806	1704	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1705	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1706	* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
kimutaingetich	0:68ca78749806	1707	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1708	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1709	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1710	* MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1711	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
kimutaingetich	0:68ca78749806	1712	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
kimutaingetich	0:68ca78749806	1713	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
kimutaingetich	0:68ca78749806	1714	* MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
kimutaingetich	0:68ca78749806	1715	*/
kimutaingetich	0:68ca78749806	1716	//#define MBEDTLS_CAMELLIA_C
kimutaingetich	0:68ca78749806	1717
kimutaingetich	0:68ca78749806	1718	/**
kimutaingetich	0:68ca78749806	1719	* \def MBEDTLS_CCM_C
kimutaingetich	0:68ca78749806	1720	*
kimutaingetich	0:68ca78749806	1721	* Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
kimutaingetich	0:68ca78749806	1722	*
kimutaingetich	0:68ca78749806	1723	* Module: library/ccm.c
kimutaingetich	0:68ca78749806	1724	*
kimutaingetich	0:68ca78749806	1725	* Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
kimutaingetich	0:68ca78749806	1726	*
kimutaingetich	0:68ca78749806	1727	* This module enables the AES-CCM ciphersuites, if other requisites are
kimutaingetich	0:68ca78749806	1728	* enabled as well.
kimutaingetich	0:68ca78749806	1729	*/
kimutaingetich	0:68ca78749806	1730	//#define MBEDTLS_CCM_C
kimutaingetich	0:68ca78749806	1731
kimutaingetich	0:68ca78749806	1732	/**
kimutaingetich	0:68ca78749806	1733	* \def MBEDTLS_CERTS_C
kimutaingetich	0:68ca78749806	1734	*
kimutaingetich	0:68ca78749806	1735	* Enable the test certificates.
kimutaingetich	0:68ca78749806	1736	*
kimutaingetich	0:68ca78749806	1737	* Module: library/certs.c
kimutaingetich	0:68ca78749806	1738	* Caller:
kimutaingetich	0:68ca78749806	1739	*
kimutaingetich	0:68ca78749806	1740	* This module is used for testing (ssl_client/server).
kimutaingetich	0:68ca78749806	1741	*/
kimutaingetich	0:68ca78749806	1742	//#define MBEDTLS_CERTS_C
kimutaingetich	0:68ca78749806	1743
kimutaingetich	0:68ca78749806	1744	/**
kimutaingetich	0:68ca78749806	1745	* \def MBEDTLS_CIPHER_C
kimutaingetich	0:68ca78749806	1746	*
kimutaingetich	0:68ca78749806	1747	* Enable the generic cipher layer.
kimutaingetich	0:68ca78749806	1748	*
kimutaingetich	0:68ca78749806	1749	* Module: library/cipher.c
kimutaingetich	0:68ca78749806	1750	* Caller: library/ssl_tls.c
kimutaingetich	0:68ca78749806	1751	*
kimutaingetich	0:68ca78749806	1752	* Uncomment to enable generic cipher wrappers.
kimutaingetich	0:68ca78749806	1753	*/
kimutaingetich	0:68ca78749806	1754	#define MBEDTLS_CIPHER_C
kimutaingetich	0:68ca78749806	1755
kimutaingetich	0:68ca78749806	1756	/**
kimutaingetich	0:68ca78749806	1757	* \def MBEDTLS_CMAC_C
kimutaingetich	0:68ca78749806	1758	*
kimutaingetich	0:68ca78749806	1759	* Enable the CMAC (Cipher-based Message Authentication Code) mode for block
kimutaingetich	0:68ca78749806	1760	* ciphers.
kimutaingetich	0:68ca78749806	1761	*
kimutaingetich	0:68ca78749806	1762	* Module: library/cmac.c
kimutaingetich	0:68ca78749806	1763	*
kimutaingetich	0:68ca78749806	1764	* Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
kimutaingetich	0:68ca78749806	1765	*
kimutaingetich	0:68ca78749806	1766	*/
kimutaingetich	0:68ca78749806	1767	#define MBEDTLS_CMAC_C
kimutaingetich	0:68ca78749806	1768
kimutaingetich	0:68ca78749806	1769	/**
kimutaingetich	0:68ca78749806	1770	* \def MBEDTLS_CTR_DRBG_C
kimutaingetich	0:68ca78749806	1771	*
kimutaingetich	0:68ca78749806	1772	* Enable the CTR_DRBG AES-256-based random generator.
kimutaingetich	0:68ca78749806	1773	*
kimutaingetich	0:68ca78749806	1774	* Module: library/ctr_drbg.c
kimutaingetich	0:68ca78749806	1775	* Caller:
kimutaingetich	0:68ca78749806	1776	*
kimutaingetich	0:68ca78749806	1777	* Requires: MBEDTLS_AES_C
kimutaingetich	0:68ca78749806	1778	*
kimutaingetich	0:68ca78749806	1779	* This module provides the CTR_DRBG AES-256 random number generator.
kimutaingetich	0:68ca78749806	1780	*/
kimutaingetich	0:68ca78749806	1781	//#define MBEDTLS_CTR_DRBG_C
kimutaingetich	0:68ca78749806	1782
kimutaingetich	0:68ca78749806	1783	/**
kimutaingetich	0:68ca78749806	1784	* \def MBEDTLS_DEBUG_C
kimutaingetich	0:68ca78749806	1785	*
kimutaingetich	0:68ca78749806	1786	* Enable the debug functions.
kimutaingetich	0:68ca78749806	1787	*
kimutaingetich	0:68ca78749806	1788	* Module: library/debug.c
kimutaingetich	0:68ca78749806	1789	* Caller: library/ssl_cli.c
kimutaingetich	0:68ca78749806	1790	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	1791	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	1792	*
kimutaingetich	0:68ca78749806	1793	* This module provides debugging functions.
kimutaingetich	0:68ca78749806	1794	*/
kimutaingetich	0:68ca78749806	1795	//#define MBEDTLS_DEBUG_C
kimutaingetich	0:68ca78749806	1796
kimutaingetich	0:68ca78749806	1797	/**
kimutaingetich	0:68ca78749806	1798	* \def MBEDTLS_DES_C
kimutaingetich	0:68ca78749806	1799	*
kimutaingetich	0:68ca78749806	1800	* Enable the DES block cipher.
kimutaingetich	0:68ca78749806	1801	*
kimutaingetich	0:68ca78749806	1802	* Module: library/des.c
kimutaingetich	0:68ca78749806	1803	* Caller: library/pem.c
kimutaingetich	0:68ca78749806	1804	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	1805	*
kimutaingetich	0:68ca78749806	1806	* This module enables the following ciphersuites (if other requisites are
kimutaingetich	0:68ca78749806	1807	* enabled as well):
kimutaingetich	0:68ca78749806	1808	* MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1809	* MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1810	* MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1811	* MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1812	* MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1813	* MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1814	* MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1815	* MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1816	* MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1817	* MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
kimutaingetich	0:68ca78749806	1818	*
kimutaingetich	0:68ca78749806	1819	* PEM_PARSE uses DES/3DES for decrypting encrypted keys.
kimutaingetich	0:68ca78749806	1820	*/
kimutaingetich	0:68ca78749806	1821	//#define MBEDTLS_DES_C
kimutaingetich	0:68ca78749806	1822
kimutaingetich	0:68ca78749806	1823	/**
kimutaingetich	0:68ca78749806	1824	* \def MBEDTLS_DHM_C
kimutaingetich	0:68ca78749806	1825	*
kimutaingetich	0:68ca78749806	1826	* Enable the Diffie-Hellman-Merkle module.
kimutaingetich	0:68ca78749806	1827	*
kimutaingetich	0:68ca78749806	1828	* Module: library/dhm.c
kimutaingetich	0:68ca78749806	1829	* Caller: library/ssl_cli.c
kimutaingetich	0:68ca78749806	1830	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	1831	*
kimutaingetich	0:68ca78749806	1832	* This module is used by the following key exchanges:
kimutaingetich	0:68ca78749806	1833	* DHE-RSA, DHE-PSK
kimutaingetich	0:68ca78749806	1834	*/
kimutaingetich	0:68ca78749806	1835	//#define MBEDTLS_DHM_C
kimutaingetich	0:68ca78749806	1836
kimutaingetich	0:68ca78749806	1837	/**
kimutaingetich	0:68ca78749806	1838	* \def MBEDTLS_ECDH_C
kimutaingetich	0:68ca78749806	1839	*
kimutaingetich	0:68ca78749806	1840	* Enable the elliptic curve Diffie-Hellman library.
kimutaingetich	0:68ca78749806	1841	*
kimutaingetich	0:68ca78749806	1842	* Module: library/ecdh.c
kimutaingetich	0:68ca78749806	1843	* Caller: library/ssl_cli.c
kimutaingetich	0:68ca78749806	1844	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	1845	*
kimutaingetich	0:68ca78749806	1846	* This module is used by the following key exchanges:
kimutaingetich	0:68ca78749806	1847	* ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
kimutaingetich	0:68ca78749806	1848	*
kimutaingetich	0:68ca78749806	1849	* Requires: MBEDTLS_ECP_C
kimutaingetich	0:68ca78749806	1850	*/
kimutaingetich	0:68ca78749806	1851	//#define MBEDTLS_ECDH_C
kimutaingetich	0:68ca78749806	1852
kimutaingetich	0:68ca78749806	1853	/**
kimutaingetich	0:68ca78749806	1854	* \def MBEDTLS_ECDSA_C
kimutaingetich	0:68ca78749806	1855	*
kimutaingetich	0:68ca78749806	1856	* Enable the elliptic curve DSA library.
kimutaingetich	0:68ca78749806	1857	*
kimutaingetich	0:68ca78749806	1858	* Module: library/ecdsa.c
kimutaingetich	0:68ca78749806	1859	* Caller:
kimutaingetich	0:68ca78749806	1860	*
kimutaingetich	0:68ca78749806	1861	* This module is used by the following key exchanges:
kimutaingetich	0:68ca78749806	1862	* ECDHE-ECDSA
kimutaingetich	0:68ca78749806	1863	*
kimutaingetich	0:68ca78749806	1864	* Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
kimutaingetich	0:68ca78749806	1865	*/
kimutaingetich	0:68ca78749806	1866	//#define MBEDTLS_ECDSA_C
kimutaingetich	0:68ca78749806	1867
kimutaingetich	0:68ca78749806	1868	/**
kimutaingetich	0:68ca78749806	1869	* \def MBEDTLS_ECJPAKE_C
kimutaingetich	0:68ca78749806	1870	*
kimutaingetich	0:68ca78749806	1871	* Enable the elliptic curve J-PAKE library.
kimutaingetich	0:68ca78749806	1872	*
kimutaingetich	0:68ca78749806	1873	* \warning This is currently experimental. EC J-PAKE support is based on the
kimutaingetich	0:68ca78749806	1874	* Thread v1.0.0 specification; incompatible changes to the specification
kimutaingetich	0:68ca78749806	1875	* might still happen. For this reason, this is disabled by default.
kimutaingetich	0:68ca78749806	1876	*
kimutaingetich	0:68ca78749806	1877	* Module: library/ecjpake.c
kimutaingetich	0:68ca78749806	1878	* Caller:
kimutaingetich	0:68ca78749806	1879	*
kimutaingetich	0:68ca78749806	1880	* This module is used by the following key exchanges:
kimutaingetich	0:68ca78749806	1881	* ECJPAKE
kimutaingetich	0:68ca78749806	1882	*
kimutaingetich	0:68ca78749806	1883	* Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	1884	*/
kimutaingetich	0:68ca78749806	1885	//#define MBEDTLS_ECJPAKE_C
kimutaingetich	0:68ca78749806	1886
kimutaingetich	0:68ca78749806	1887	/**
kimutaingetich	0:68ca78749806	1888	* \def MBEDTLS_ECP_C
kimutaingetich	0:68ca78749806	1889	*
kimutaingetich	0:68ca78749806	1890	* Enable the elliptic curve over GF(p) library.
kimutaingetich	0:68ca78749806	1891	*
kimutaingetich	0:68ca78749806	1892	* Module: library/ecp.c
kimutaingetich	0:68ca78749806	1893	* Caller: library/ecdh.c
kimutaingetich	0:68ca78749806	1894	* library/ecdsa.c
kimutaingetich	0:68ca78749806	1895	* library/ecjpake.c
kimutaingetich	0:68ca78749806	1896	*
kimutaingetich	0:68ca78749806	1897	* Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
kimutaingetich	0:68ca78749806	1898	*/
kimutaingetich	0:68ca78749806	1899	//#define MBEDTLS_ECP_C
kimutaingetich	0:68ca78749806	1900
kimutaingetich	0:68ca78749806	1901	/**
kimutaingetich	0:68ca78749806	1902	* \def MBEDTLS_ENTROPY_C
kimutaingetich	0:68ca78749806	1903	*
kimutaingetich	0:68ca78749806	1904	* Enable the platform-specific entropy code.
kimutaingetich	0:68ca78749806	1905	*
kimutaingetich	0:68ca78749806	1906	* Module: library/entropy.c
kimutaingetich	0:68ca78749806	1907	* Caller:
kimutaingetich	0:68ca78749806	1908	*
kimutaingetich	0:68ca78749806	1909	* Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
kimutaingetich	0:68ca78749806	1910	*
kimutaingetich	0:68ca78749806	1911	* This module provides a generic entropy pool
kimutaingetich	0:68ca78749806	1912	*/
kimutaingetich	0:68ca78749806	1913	//#define MBEDTLS_ENTROPY_C
kimutaingetich	0:68ca78749806	1914
kimutaingetich	0:68ca78749806	1915	/**
kimutaingetich	0:68ca78749806	1916	* \def MBEDTLS_ERROR_C
kimutaingetich	0:68ca78749806	1917	*
kimutaingetich	0:68ca78749806	1918	* Enable error code to error string conversion.
kimutaingetich	0:68ca78749806	1919	*
kimutaingetich	0:68ca78749806	1920	* Module: library/error.c
kimutaingetich	0:68ca78749806	1921	* Caller:
kimutaingetich	0:68ca78749806	1922	*
kimutaingetich	0:68ca78749806	1923	* This module enables mbedtls_strerror().
kimutaingetich	0:68ca78749806	1924	*/
kimutaingetich	0:68ca78749806	1925	//#define MBEDTLS_ERROR_C
kimutaingetich	0:68ca78749806	1926
kimutaingetich	0:68ca78749806	1927	/**
kimutaingetich	0:68ca78749806	1928	* \def MBEDTLS_GCM_C
kimutaingetich	0:68ca78749806	1929	*
kimutaingetich	0:68ca78749806	1930	* Enable the Galois/Counter Mode (GCM) for AES.
kimutaingetich	0:68ca78749806	1931	*
kimutaingetich	0:68ca78749806	1932	* Module: library/gcm.c
kimutaingetich	0:68ca78749806	1933	*
kimutaingetich	0:68ca78749806	1934	* Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
kimutaingetich	0:68ca78749806	1935	*
kimutaingetich	0:68ca78749806	1936	* This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
kimutaingetich	0:68ca78749806	1937	* requisites are enabled as well.
kimutaingetich	0:68ca78749806	1938	*/
kimutaingetich	0:68ca78749806	1939	//#define MBEDTLS_GCM_C
kimutaingetich	0:68ca78749806	1940
kimutaingetich	0:68ca78749806	1941	/**
kimutaingetich	0:68ca78749806	1942	* \def MBEDTLS_HAVEGE_C
kimutaingetich	0:68ca78749806	1943	*
kimutaingetich	0:68ca78749806	1944	* Enable the HAVEGE random generator.
kimutaingetich	0:68ca78749806	1945	*
kimutaingetich	0:68ca78749806	1946	* Warning: the HAVEGE random generator is not suitable for virtualized
kimutaingetich	0:68ca78749806	1947	* environments
kimutaingetich	0:68ca78749806	1948	*
kimutaingetich	0:68ca78749806	1949	* Warning: the HAVEGE random generator is dependent on timing and specific
kimutaingetich	0:68ca78749806	1950	* processor traits. It is therefore not advised to use HAVEGE as
kimutaingetich	0:68ca78749806	1951	* your applications primary random generator or primary entropy pool
kimutaingetich	0:68ca78749806	1952	* input. As a secondary input to your entropy pool, it IS able add
kimutaingetich	0:68ca78749806	1953	* the (limited) extra entropy it provides.
kimutaingetich	0:68ca78749806	1954	*
kimutaingetich	0:68ca78749806	1955	* Module: library/havege.c
kimutaingetich	0:68ca78749806	1956	* Caller:
kimutaingetich	0:68ca78749806	1957	*
kimutaingetich	0:68ca78749806	1958	* Requires: MBEDTLS_TIMING_C
kimutaingetich	0:68ca78749806	1959	*
kimutaingetich	0:68ca78749806	1960	* Uncomment to enable the HAVEGE random generator.
kimutaingetich	0:68ca78749806	1961	*/
kimutaingetich	0:68ca78749806	1962	//#define MBEDTLS_HAVEGE_C
kimutaingetich	0:68ca78749806	1963
kimutaingetich	0:68ca78749806	1964	/**
kimutaingetich	0:68ca78749806	1965	* \def MBEDTLS_HMAC_DRBG_C
kimutaingetich	0:68ca78749806	1966	*
kimutaingetich	0:68ca78749806	1967	* Enable the HMAC_DRBG random generator.
kimutaingetich	0:68ca78749806	1968	*
kimutaingetich	0:68ca78749806	1969	* Module: library/hmac_drbg.c
kimutaingetich	0:68ca78749806	1970	* Caller:
kimutaingetich	0:68ca78749806	1971	*
kimutaingetich	0:68ca78749806	1972	* Requires: MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	1973	*
kimutaingetich	0:68ca78749806	1974	* Uncomment to enable the HMAC_DRBG random number geerator.
kimutaingetich	0:68ca78749806	1975	*/
kimutaingetich	0:68ca78749806	1976	//#define MBEDTLS_HMAC_DRBG_C
kimutaingetich	0:68ca78749806	1977
kimutaingetich	0:68ca78749806	1978	/**
kimutaingetich	0:68ca78749806	1979	* \def MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	1980	*
kimutaingetich	0:68ca78749806	1981	* Enable the generic message digest layer.
kimutaingetich	0:68ca78749806	1982	*
kimutaingetich	0:68ca78749806	1983	* Module: library/md.c
kimutaingetich	0:68ca78749806	1984	* Caller:
kimutaingetich	0:68ca78749806	1985	*
kimutaingetich	0:68ca78749806	1986	* Uncomment to enable generic message digest wrappers.
kimutaingetich	0:68ca78749806	1987	*/
kimutaingetich	0:68ca78749806	1988	//#define MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	1989
kimutaingetich	0:68ca78749806	1990	/**
kimutaingetich	0:68ca78749806	1991	* \def MBEDTLS_MD2_C
kimutaingetich	0:68ca78749806	1992	*
kimutaingetich	0:68ca78749806	1993	* Enable the MD2 hash algorithm.
kimutaingetich	0:68ca78749806	1994	*
kimutaingetich	0:68ca78749806	1995	* Module: library/md2.c
kimutaingetich	0:68ca78749806	1996	* Caller:
kimutaingetich	0:68ca78749806	1997	*
kimutaingetich	0:68ca78749806	1998	* Uncomment to enable support for (rare) MD2-signed X.509 certs.
kimutaingetich	0:68ca78749806	1999	*/
kimutaingetich	0:68ca78749806	2000	//#define MBEDTLS_MD2_C
kimutaingetich	0:68ca78749806	2001
kimutaingetich	0:68ca78749806	2002	/**
kimutaingetich	0:68ca78749806	2003	* \def MBEDTLS_MD4_C
kimutaingetich	0:68ca78749806	2004	*
kimutaingetich	0:68ca78749806	2005	* Enable the MD4 hash algorithm.
kimutaingetich	0:68ca78749806	2006	*
kimutaingetich	0:68ca78749806	2007	* Module: library/md4.c
kimutaingetich	0:68ca78749806	2008	* Caller:
kimutaingetich	0:68ca78749806	2009	*
kimutaingetich	0:68ca78749806	2010	* Uncomment to enable support for (rare) MD4-signed X.509 certs.
kimutaingetich	0:68ca78749806	2011	*/
kimutaingetich	0:68ca78749806	2012	//#define MBEDTLS_MD4_C
kimutaingetich	0:68ca78749806	2013
kimutaingetich	0:68ca78749806	2014	/**
kimutaingetich	0:68ca78749806	2015	* \def MBEDTLS_MD5_C
kimutaingetich	0:68ca78749806	2016	*
kimutaingetich	0:68ca78749806	2017	* Enable the MD5 hash algorithm.
kimutaingetich	0:68ca78749806	2018	*
kimutaingetich	0:68ca78749806	2019	* Module: library/md5.c
kimutaingetich	0:68ca78749806	2020	* Caller: library/md.c
kimutaingetich	0:68ca78749806	2021	* library/pem.c
kimutaingetich	0:68ca78749806	2022	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	2023	*
kimutaingetich	0:68ca78749806	2024	* This module is required for SSL/TLS and X.509.
kimutaingetich	0:68ca78749806	2025	* PEM_PARSE uses MD5 for decrypting encrypted keys.
kimutaingetich	0:68ca78749806	2026	*/
kimutaingetich	0:68ca78749806	2027	//#define MBEDTLS_MD5_C
kimutaingetich	0:68ca78749806	2028
kimutaingetich	0:68ca78749806	2029	/**
kimutaingetich	0:68ca78749806	2030	* \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
kimutaingetich	0:68ca78749806	2031	*
kimutaingetich	0:68ca78749806	2032	* Enable the buffer allocator implementation that makes use of a (stack)
kimutaingetich	0:68ca78749806	2033	* based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
kimutaingetich	0:68ca78749806	2034	* calls)
kimutaingetich	0:68ca78749806	2035	*
kimutaingetich	0:68ca78749806	2036	* Module: library/memory_buffer_alloc.c
kimutaingetich	0:68ca78749806	2037	*
kimutaingetich	0:68ca78749806	2038	* Requires: MBEDTLS_PLATFORM_C
kimutaingetich	0:68ca78749806	2039	* MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
kimutaingetich	0:68ca78749806	2040	*
kimutaingetich	0:68ca78749806	2041	* Enable this module to enable the buffer memory allocator.
kimutaingetich	0:68ca78749806	2042	*/
kimutaingetich	0:68ca78749806	2043	//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
kimutaingetich	0:68ca78749806	2044
kimutaingetich	0:68ca78749806	2045	/**
kimutaingetich	0:68ca78749806	2046	* \def MBEDTLS_NET_C
kimutaingetich	0:68ca78749806	2047	*
kimutaingetich	0:68ca78749806	2048	* Enable the TCP and UDP over IPv6/IPv4 networking routines.
kimutaingetich	0:68ca78749806	2049	*
kimutaingetich	0:68ca78749806	2050	* \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
kimutaingetich	0:68ca78749806	2051	* and Windows. For other platforms, you'll want to disable it, and write your
kimutaingetich	0:68ca78749806	2052	* own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
kimutaingetich	0:68ca78749806	2053	*
kimutaingetich	0:68ca78749806	2054	* \note See also our Knowledge Base article about porting to a new
kimutaingetich	0:68ca78749806	2055	* environment:
kimutaingetich	0:68ca78749806	2056	* https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
kimutaingetich	0:68ca78749806	2057	*
kimutaingetich	0:68ca78749806	2058	* Module: library/net_sockets.c
kimutaingetich	0:68ca78749806	2059	*
kimutaingetich	0:68ca78749806	2060	* This module provides networking routines.
kimutaingetich	0:68ca78749806	2061	*/
kimutaingetich	0:68ca78749806	2062	//#define MBEDTLS_NET_C
kimutaingetich	0:68ca78749806	2063
kimutaingetich	0:68ca78749806	2064	/**
kimutaingetich	0:68ca78749806	2065	* \def MBEDTLS_OID_C
kimutaingetich	0:68ca78749806	2066	*
kimutaingetich	0:68ca78749806	2067	* Enable the OID database.
kimutaingetich	0:68ca78749806	2068	*
kimutaingetich	0:68ca78749806	2069	* Module: library/oid.c
kimutaingetich	0:68ca78749806	2070	* Caller: library/asn1write.c
kimutaingetich	0:68ca78749806	2071	* library/pkcs5.c
kimutaingetich	0:68ca78749806	2072	* library/pkparse.c
kimutaingetich	0:68ca78749806	2073	* library/pkwrite.c
kimutaingetich	0:68ca78749806	2074	* library/rsa.c
kimutaingetich	0:68ca78749806	2075	* library/x509.c
kimutaingetich	0:68ca78749806	2076	* library/x509_create.c
kimutaingetich	0:68ca78749806	2077	* library/x509_crl.c
kimutaingetich	0:68ca78749806	2078	* library/x509_crt.c
kimutaingetich	0:68ca78749806	2079	* library/x509_csr.c
kimutaingetich	0:68ca78749806	2080	* library/x509write_crt.c
kimutaingetich	0:68ca78749806	2081	* library/x509write_csr.c
kimutaingetich	0:68ca78749806	2082	*
kimutaingetich	0:68ca78749806	2083	* This modules translates between OIDs and internal values.
kimutaingetich	0:68ca78749806	2084	*/
kimutaingetich	0:68ca78749806	2085	//#define MBEDTLS_OID_C
kimutaingetich	0:68ca78749806	2086
kimutaingetich	0:68ca78749806	2087	/**
kimutaingetich	0:68ca78749806	2088	* \def MBEDTLS_PADLOCK_C
kimutaingetich	0:68ca78749806	2089	*
kimutaingetich	0:68ca78749806	2090	* Enable VIA Padlock support on x86.
kimutaingetich	0:68ca78749806	2091	*
kimutaingetich	0:68ca78749806	2092	* Module: library/padlock.c
kimutaingetich	0:68ca78749806	2093	* Caller: library/aes.c
kimutaingetich	0:68ca78749806	2094	*
kimutaingetich	0:68ca78749806	2095	* Requires: MBEDTLS_HAVE_ASM
kimutaingetich	0:68ca78749806	2096	*
kimutaingetich	0:68ca78749806	2097	* This modules adds support for the VIA PadLock on x86.
kimutaingetich	0:68ca78749806	2098	*/
kimutaingetich	0:68ca78749806	2099	//#define MBEDTLS_PADLOCK_C
kimutaingetich	0:68ca78749806	2100
kimutaingetich	0:68ca78749806	2101	/**
kimutaingetich	0:68ca78749806	2102	* \def MBEDTLS_PEM_PARSE_C
kimutaingetich	0:68ca78749806	2103	*
kimutaingetich	0:68ca78749806	2104	* Enable PEM decoding / parsing.
kimutaingetich	0:68ca78749806	2105	*
kimutaingetich	0:68ca78749806	2106	* Module: library/pem.c
kimutaingetich	0:68ca78749806	2107	* Caller: library/dhm.c
kimutaingetich	0:68ca78749806	2108	* library/pkparse.c
kimutaingetich	0:68ca78749806	2109	* library/x509_crl.c
kimutaingetich	0:68ca78749806	2110	* library/x509_crt.c
kimutaingetich	0:68ca78749806	2111	* library/x509_csr.c
kimutaingetich	0:68ca78749806	2112	*
kimutaingetich	0:68ca78749806	2113	* Requires: MBEDTLS_BASE64_C
kimutaingetich	0:68ca78749806	2114	*
kimutaingetich	0:68ca78749806	2115	* This modules adds support for decoding / parsing PEM files.
kimutaingetich	0:68ca78749806	2116	*/
kimutaingetich	0:68ca78749806	2117	//#define MBEDTLS_PEM_PARSE_C
kimutaingetich	0:68ca78749806	2118
kimutaingetich	0:68ca78749806	2119	/**
kimutaingetich	0:68ca78749806	2120	* \def MBEDTLS_PEM_WRITE_C
kimutaingetich	0:68ca78749806	2121	*
kimutaingetich	0:68ca78749806	2122	* Enable PEM encoding / writing.
kimutaingetich	0:68ca78749806	2123	*
kimutaingetich	0:68ca78749806	2124	* Module: library/pem.c
kimutaingetich	0:68ca78749806	2125	* Caller: library/pkwrite.c
kimutaingetich	0:68ca78749806	2126	* library/x509write_crt.c
kimutaingetich	0:68ca78749806	2127	* library/x509write_csr.c
kimutaingetich	0:68ca78749806	2128	*
kimutaingetich	0:68ca78749806	2129	* Requires: MBEDTLS_BASE64_C
kimutaingetich	0:68ca78749806	2130	*
kimutaingetich	0:68ca78749806	2131	* This modules adds support for encoding / writing PEM files.
kimutaingetich	0:68ca78749806	2132	*/
kimutaingetich	0:68ca78749806	2133	//#define MBEDTLS_PEM_WRITE_C
kimutaingetich	0:68ca78749806	2134
kimutaingetich	0:68ca78749806	2135	/**
kimutaingetich	0:68ca78749806	2136	* \def MBEDTLS_PK_C
kimutaingetich	0:68ca78749806	2137	*
kimutaingetich	0:68ca78749806	2138	* Enable the generic public (asymetric) key layer.
kimutaingetich	0:68ca78749806	2139	*
kimutaingetich	0:68ca78749806	2140	* Module: library/pk.c
kimutaingetich	0:68ca78749806	2141	* Caller: library/ssl_tls.c
kimutaingetich	0:68ca78749806	2142	* library/ssl_cli.c
kimutaingetich	0:68ca78749806	2143	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2144	*
kimutaingetich	0:68ca78749806	2145	* Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
kimutaingetich	0:68ca78749806	2146	*
kimutaingetich	0:68ca78749806	2147	* Uncomment to enable generic public key wrappers.
kimutaingetich	0:68ca78749806	2148	*/
kimutaingetich	0:68ca78749806	2149	//#define MBEDTLS_PK_C
kimutaingetich	0:68ca78749806	2150
kimutaingetich	0:68ca78749806	2151	/**
kimutaingetich	0:68ca78749806	2152	* \def MBEDTLS_PK_PARSE_C
kimutaingetich	0:68ca78749806	2153	*
kimutaingetich	0:68ca78749806	2154	* Enable the generic public (asymetric) key parser.
kimutaingetich	0:68ca78749806	2155	*
kimutaingetich	0:68ca78749806	2156	* Module: library/pkparse.c
kimutaingetich	0:68ca78749806	2157	* Caller: library/x509_crt.c
kimutaingetich	0:68ca78749806	2158	* library/x509_csr.c
kimutaingetich	0:68ca78749806	2159	*
kimutaingetich	0:68ca78749806	2160	* Requires: MBEDTLS_PK_C
kimutaingetich	0:68ca78749806	2161	*
kimutaingetich	0:68ca78749806	2162	* Uncomment to enable generic public key parse functions.
kimutaingetich	0:68ca78749806	2163	*/
kimutaingetich	0:68ca78749806	2164	//#define MBEDTLS_PK_PARSE_C
kimutaingetich	0:68ca78749806	2165
kimutaingetich	0:68ca78749806	2166	/**
kimutaingetich	0:68ca78749806	2167	* \def MBEDTLS_PK_WRITE_C
kimutaingetich	0:68ca78749806	2168	*
kimutaingetich	0:68ca78749806	2169	* Enable the generic public (asymetric) key writer.
kimutaingetich	0:68ca78749806	2170	*
kimutaingetich	0:68ca78749806	2171	* Module: library/pkwrite.c
kimutaingetich	0:68ca78749806	2172	* Caller: library/x509write.c
kimutaingetich	0:68ca78749806	2173	*
kimutaingetich	0:68ca78749806	2174	* Requires: MBEDTLS_PK_C
kimutaingetich	0:68ca78749806	2175	*
kimutaingetich	0:68ca78749806	2176	* Uncomment to enable generic public key write functions.
kimutaingetich	0:68ca78749806	2177	*/
kimutaingetich	0:68ca78749806	2178	//#define MBEDTLS_PK_WRITE_C
kimutaingetich	0:68ca78749806	2179
kimutaingetich	0:68ca78749806	2180	/**
kimutaingetich	0:68ca78749806	2181	* \def MBEDTLS_PKCS5_C
kimutaingetich	0:68ca78749806	2182	*
kimutaingetich	0:68ca78749806	2183	* Enable PKCS#5 functions.
kimutaingetich	0:68ca78749806	2184	*
kimutaingetich	0:68ca78749806	2185	* Module: library/pkcs5.c
kimutaingetich	0:68ca78749806	2186	*
kimutaingetich	0:68ca78749806	2187	* Requires: MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	2188	*
kimutaingetich	0:68ca78749806	2189	* This module adds support for the PKCS#5 functions.
kimutaingetich	0:68ca78749806	2190	*/
kimutaingetich	0:68ca78749806	2191	//#define MBEDTLS_PKCS5_C
kimutaingetich	0:68ca78749806	2192
kimutaingetich	0:68ca78749806	2193	/**
kimutaingetich	0:68ca78749806	2194	* \def MBEDTLS_PKCS11_C
kimutaingetich	0:68ca78749806	2195	*
kimutaingetich	0:68ca78749806	2196	* Enable wrapper for PKCS#11 smartcard support.
kimutaingetich	0:68ca78749806	2197	*
kimutaingetich	0:68ca78749806	2198	* Module: library/pkcs11.c
kimutaingetich	0:68ca78749806	2199	* Caller: library/pk.c
kimutaingetich	0:68ca78749806	2200	*
kimutaingetich	0:68ca78749806	2201	* Requires: MBEDTLS_PK_C
kimutaingetich	0:68ca78749806	2202	*
kimutaingetich	0:68ca78749806	2203	* This module enables SSL/TLS PKCS #11 smartcard support.
kimutaingetich	0:68ca78749806	2204	* Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
kimutaingetich	0:68ca78749806	2205	*/
kimutaingetich	0:68ca78749806	2206	//#define MBEDTLS_PKCS11_C
kimutaingetich	0:68ca78749806	2207
kimutaingetich	0:68ca78749806	2208	/**
kimutaingetich	0:68ca78749806	2209	* \def MBEDTLS_PKCS12_C
kimutaingetich	0:68ca78749806	2210	*
kimutaingetich	0:68ca78749806	2211	* Enable PKCS#12 PBE functions.
kimutaingetich	0:68ca78749806	2212	* Adds algorithms for parsing PKCS#8 encrypted private keys
kimutaingetich	0:68ca78749806	2213	*
kimutaingetich	0:68ca78749806	2214	* Module: library/pkcs12.c
kimutaingetich	0:68ca78749806	2215	* Caller: library/pkparse.c
kimutaingetich	0:68ca78749806	2216	*
kimutaingetich	0:68ca78749806	2217	* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	2218	* Can use: MBEDTLS_ARC4_C
kimutaingetich	0:68ca78749806	2219	*
kimutaingetich	0:68ca78749806	2220	* This module enables PKCS#12 functions.
kimutaingetich	0:68ca78749806	2221	*/
kimutaingetich	0:68ca78749806	2222	//#define MBEDTLS_PKCS12_C
kimutaingetich	0:68ca78749806	2223
kimutaingetich	0:68ca78749806	2224	/**
kimutaingetich	0:68ca78749806	2225	* \def MBEDTLS_PLATFORM_C
kimutaingetich	0:68ca78749806	2226	*
kimutaingetich	0:68ca78749806	2227	* Enable the platform abstraction layer that allows you to re-assign
kimutaingetich	0:68ca78749806	2228	* functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
kimutaingetich	0:68ca78749806	2229	*
kimutaingetich	0:68ca78749806	2230	* Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
kimutaingetich	0:68ca78749806	2231	* or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
kimutaingetich	0:68ca78749806	2232	* above to be specified at runtime or compile time respectively.
kimutaingetich	0:68ca78749806	2233	*
kimutaingetich	0:68ca78749806	2234	* \note This abstraction layer must be enabled on Windows (including MSYS2)
kimutaingetich	0:68ca78749806	2235	* as other module rely on it for a fixed snprintf implementation.
kimutaingetich	0:68ca78749806	2236	*
kimutaingetich	0:68ca78749806	2237	* Module: library/platform.c
kimutaingetich	0:68ca78749806	2238	* Caller: Most other .c files
kimutaingetich	0:68ca78749806	2239	*
kimutaingetich	0:68ca78749806	2240	* This module enables abstraction of common (libc) functions.
kimutaingetich	0:68ca78749806	2241	*/
kimutaingetich	0:68ca78749806	2242	//#define MBEDTLS_PLATFORM_C
kimutaingetich	0:68ca78749806	2243
kimutaingetich	0:68ca78749806	2244	/**
kimutaingetich	0:68ca78749806	2245	* \def MBEDTLS_RIPEMD160_C
kimutaingetich	0:68ca78749806	2246	*
kimutaingetich	0:68ca78749806	2247	* Enable the RIPEMD-160 hash algorithm.
kimutaingetich	0:68ca78749806	2248	*
kimutaingetich	0:68ca78749806	2249	* Module: library/ripemd160.c
kimutaingetich	0:68ca78749806	2250	* Caller: library/md.c
kimutaingetich	0:68ca78749806	2251	*
kimutaingetich	0:68ca78749806	2252	*/
kimutaingetich	0:68ca78749806	2253	//#define MBEDTLS_RIPEMD160_C
kimutaingetich	0:68ca78749806	2254
kimutaingetich	0:68ca78749806	2255	/**
kimutaingetich	0:68ca78749806	2256	* \def MBEDTLS_RSA_C
kimutaingetich	0:68ca78749806	2257	*
kimutaingetich	0:68ca78749806	2258	* Enable the RSA public-key cryptosystem.
kimutaingetich	0:68ca78749806	2259	*
kimutaingetich	0:68ca78749806	2260	* Module: library/rsa.c
kimutaingetich	0:68ca78749806	2261	* Caller: library/ssl_cli.c
kimutaingetich	0:68ca78749806	2262	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2263	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	2264	* library/x509.c
kimutaingetich	0:68ca78749806	2265	*
kimutaingetich	0:68ca78749806	2266	* This module is used by the following key exchanges:
kimutaingetich	0:68ca78749806	2267	* RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
kimutaingetich	0:68ca78749806	2268	*
kimutaingetich	0:68ca78749806	2269	* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
kimutaingetich	0:68ca78749806	2270	*/
kimutaingetich	0:68ca78749806	2271	//#define MBEDTLS_RSA_C
kimutaingetich	0:68ca78749806	2272
kimutaingetich	0:68ca78749806	2273	/**
kimutaingetich	0:68ca78749806	2274	* \def MBEDTLS_SHA1_C
kimutaingetich	0:68ca78749806	2275	*
kimutaingetich	0:68ca78749806	2276	* Enable the SHA1 cryptographic hash algorithm.
kimutaingetich	0:68ca78749806	2277	*
kimutaingetich	0:68ca78749806	2278	* Module: library/sha1.c
kimutaingetich	0:68ca78749806	2279	* Caller: library/md.c
kimutaingetich	0:68ca78749806	2280	* library/ssl_cli.c
kimutaingetich	0:68ca78749806	2281	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2282	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	2283	* library/x509write_crt.c
kimutaingetich	0:68ca78749806	2284	*
kimutaingetich	0:68ca78749806	2285	* This module is required for SSL/TLS up to version 1.1, for TLS 1.2
kimutaingetich	0:68ca78749806	2286	* depending on the handshake parameters, and for SHA1-signed certificates.
kimutaingetich	0:68ca78749806	2287	*/
kimutaingetich	0:68ca78749806	2288	//#define MBEDTLS_SHA1_C
kimutaingetich	0:68ca78749806	2289
kimutaingetich	0:68ca78749806	2290	/**
kimutaingetich	0:68ca78749806	2291	* \def MBEDTLS_SHA256_C
kimutaingetich	0:68ca78749806	2292	*
kimutaingetich	0:68ca78749806	2293	* Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
kimutaingetich	0:68ca78749806	2294	*
kimutaingetich	0:68ca78749806	2295	* Module: library/sha256.c
kimutaingetich	0:68ca78749806	2296	* Caller: library/entropy.c
kimutaingetich	0:68ca78749806	2297	* library/md.c
kimutaingetich	0:68ca78749806	2298	* library/ssl_cli.c
kimutaingetich	0:68ca78749806	2299	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2300	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	2301	*
kimutaingetich	0:68ca78749806	2302	* This module adds support for SHA-224 and SHA-256.
kimutaingetich	0:68ca78749806	2303	* This module is required for the SSL/TLS 1.2 PRF function.
kimutaingetich	0:68ca78749806	2304	*/
kimutaingetich	0:68ca78749806	2305	//#define MBEDTLS_SHA256_C
kimutaingetich	0:68ca78749806	2306
kimutaingetich	0:68ca78749806	2307	/**
kimutaingetich	0:68ca78749806	2308	* \def MBEDTLS_SHA512_C
kimutaingetich	0:68ca78749806	2309	*
kimutaingetich	0:68ca78749806	2310	* Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
kimutaingetich	0:68ca78749806	2311	*
kimutaingetich	0:68ca78749806	2312	* Module: library/sha512.c
kimutaingetich	0:68ca78749806	2313	* Caller: library/entropy.c
kimutaingetich	0:68ca78749806	2314	* library/md.c
kimutaingetich	0:68ca78749806	2315	* library/ssl_cli.c
kimutaingetich	0:68ca78749806	2316	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2317	*
kimutaingetich	0:68ca78749806	2318	* This module adds support for SHA-384 and SHA-512.
kimutaingetich	0:68ca78749806	2319	*/
kimutaingetich	0:68ca78749806	2320	//#define MBEDTLS_SHA512_C
kimutaingetich	0:68ca78749806	2321
kimutaingetich	0:68ca78749806	2322	/**
kimutaingetich	0:68ca78749806	2323	* \def MBEDTLS_SSL_CACHE_C
kimutaingetich	0:68ca78749806	2324	*
kimutaingetich	0:68ca78749806	2325	* Enable simple SSL cache implementation.
kimutaingetich	0:68ca78749806	2326	*
kimutaingetich	0:68ca78749806	2327	* Module: library/ssl_cache.c
kimutaingetich	0:68ca78749806	2328	* Caller:
kimutaingetich	0:68ca78749806	2329	*
kimutaingetich	0:68ca78749806	2330	* Requires: MBEDTLS_SSL_CACHE_C
kimutaingetich	0:68ca78749806	2331	*/
kimutaingetich	0:68ca78749806	2332	//#define MBEDTLS_SSL_CACHE_C
kimutaingetich	0:68ca78749806	2333
kimutaingetich	0:68ca78749806	2334	/**
kimutaingetich	0:68ca78749806	2335	* \def MBEDTLS_SSL_COOKIE_C
kimutaingetich	0:68ca78749806	2336	*
kimutaingetich	0:68ca78749806	2337	* Enable basic implementation of DTLS cookies for hello verification.
kimutaingetich	0:68ca78749806	2338	*
kimutaingetich	0:68ca78749806	2339	* Module: library/ssl_cookie.c
kimutaingetich	0:68ca78749806	2340	* Caller:
kimutaingetich	0:68ca78749806	2341	*/
kimutaingetich	0:68ca78749806	2342	//#define MBEDTLS_SSL_COOKIE_C
kimutaingetich	0:68ca78749806	2343
kimutaingetich	0:68ca78749806	2344	/**
kimutaingetich	0:68ca78749806	2345	* \def MBEDTLS_SSL_TICKET_C
kimutaingetich	0:68ca78749806	2346	*
kimutaingetich	0:68ca78749806	2347	* Enable an implementation of TLS server-side callbacks for session tickets.
kimutaingetich	0:68ca78749806	2348	*
kimutaingetich	0:68ca78749806	2349	* Module: library/ssl_ticket.c
kimutaingetich	0:68ca78749806	2350	* Caller:
kimutaingetich	0:68ca78749806	2351	*
kimutaingetich	0:68ca78749806	2352	* Requires: MBEDTLS_CIPHER_C
kimutaingetich	0:68ca78749806	2353	*/
kimutaingetich	0:68ca78749806	2354	//#define MBEDTLS_SSL_TICKET_C
kimutaingetich	0:68ca78749806	2355
kimutaingetich	0:68ca78749806	2356	/**
kimutaingetich	0:68ca78749806	2357	* \def MBEDTLS_SSL_CLI_C
kimutaingetich	0:68ca78749806	2358	*
kimutaingetich	0:68ca78749806	2359	* Enable the SSL/TLS client code.
kimutaingetich	0:68ca78749806	2360	*
kimutaingetich	0:68ca78749806	2361	* Module: library/ssl_cli.c
kimutaingetich	0:68ca78749806	2362	* Caller:
kimutaingetich	0:68ca78749806	2363	*
kimutaingetich	0:68ca78749806	2364	* Requires: MBEDTLS_SSL_TLS_C
kimutaingetich	0:68ca78749806	2365	*
kimutaingetich	0:68ca78749806	2366	* This module is required for SSL/TLS client support.
kimutaingetich	0:68ca78749806	2367	*/
kimutaingetich	0:68ca78749806	2368	//#define MBEDTLS_SSL_CLI_C
kimutaingetich	0:68ca78749806	2369
kimutaingetich	0:68ca78749806	2370	/**
kimutaingetich	0:68ca78749806	2371	* \def MBEDTLS_SSL_SRV_C
kimutaingetich	0:68ca78749806	2372	*
kimutaingetich	0:68ca78749806	2373	* Enable the SSL/TLS server code.
kimutaingetich	0:68ca78749806	2374	*
kimutaingetich	0:68ca78749806	2375	* Module: library/ssl_srv.c
kimutaingetich	0:68ca78749806	2376	* Caller:
kimutaingetich	0:68ca78749806	2377	*
kimutaingetich	0:68ca78749806	2378	* Requires: MBEDTLS_SSL_TLS_C
kimutaingetich	0:68ca78749806	2379	*
kimutaingetich	0:68ca78749806	2380	* This module is required for SSL/TLS server support.
kimutaingetich	0:68ca78749806	2381	*/
kimutaingetich	0:68ca78749806	2382	//#define MBEDTLS_SSL_SRV_C
kimutaingetich	0:68ca78749806	2383
kimutaingetich	0:68ca78749806	2384	/**
kimutaingetich	0:68ca78749806	2385	* \def MBEDTLS_SSL_TLS_C
kimutaingetich	0:68ca78749806	2386	*
kimutaingetich	0:68ca78749806	2387	* Enable the generic SSL/TLS code.
kimutaingetich	0:68ca78749806	2388	*
kimutaingetich	0:68ca78749806	2389	* Module: library/ssl_tls.c
kimutaingetich	0:68ca78749806	2390	* Caller: library/ssl_cli.c
kimutaingetich	0:68ca78749806	2391	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2392	*
kimutaingetich	0:68ca78749806	2393	* Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
kimutaingetich	0:68ca78749806	2394	* and at least one of the MBEDTLS_SSL_PROTO_XXX defines
kimutaingetich	0:68ca78749806	2395	*
kimutaingetich	0:68ca78749806	2396	* This module is required for SSL/TLS.
kimutaingetich	0:68ca78749806	2397	*/
kimutaingetich	0:68ca78749806	2398	//#define MBEDTLS_SSL_TLS_C
kimutaingetich	0:68ca78749806	2399
kimutaingetich	0:68ca78749806	2400	/**
kimutaingetich	0:68ca78749806	2401	* \def MBEDTLS_THREADING_C
kimutaingetich	0:68ca78749806	2402	*
kimutaingetich	0:68ca78749806	2403	* Enable the threading abstraction layer.
kimutaingetich	0:68ca78749806	2404	* By default mbed TLS assumes it is used in a non-threaded environment or that
kimutaingetich	0:68ca78749806	2405	* contexts are not shared between threads. If you do intend to use contexts
kimutaingetich	0:68ca78749806	2406	* between threads, you will need to enable this layer to prevent race
kimutaingetich	0:68ca78749806	2407	* conditions. See also our Knowledge Base article about threading:
kimutaingetich	0:68ca78749806	2408	* https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
kimutaingetich	0:68ca78749806	2409	*
kimutaingetich	0:68ca78749806	2410	* Module: library/threading.c
kimutaingetich	0:68ca78749806	2411	*
kimutaingetich	0:68ca78749806	2412	* This allows different threading implementations (self-implemented or
kimutaingetich	0:68ca78749806	2413	* provided).
kimutaingetich	0:68ca78749806	2414	*
kimutaingetich	0:68ca78749806	2415	* You will have to enable either MBEDTLS_THREADING_ALT or
kimutaingetich	0:68ca78749806	2416	* MBEDTLS_THREADING_PTHREAD.
kimutaingetich	0:68ca78749806	2417	*
kimutaingetich	0:68ca78749806	2418	* Enable this layer to allow use of mutexes within mbed TLS
kimutaingetich	0:68ca78749806	2419	*/
kimutaingetich	0:68ca78749806	2420	//#define MBEDTLS_THREADING_C
kimutaingetich	0:68ca78749806	2421
kimutaingetich	0:68ca78749806	2422	/**
kimutaingetich	0:68ca78749806	2423	* \def MBEDTLS_TIMING_C
kimutaingetich	0:68ca78749806	2424	*
kimutaingetich	0:68ca78749806	2425	* Enable the semi-portable timing interface.
kimutaingetich	0:68ca78749806	2426	*
kimutaingetich	0:68ca78749806	2427	* \note The provided implementation only works on POSIX/Unix (including Linux,
kimutaingetich	0:68ca78749806	2428	* BSD and OS X) and Windows. On other platforms, you can either disable that
kimutaingetich	0:68ca78749806	2429	* module and provide your own implementations of the callbacks needed by
kimutaingetich	0:68ca78749806	2430	* \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
kimutaingetich	0:68ca78749806	2431	* your own implementation of the whole module by setting
kimutaingetich	0:68ca78749806	2432	* \c MBEDTLS_TIMING_ALT in the current file.
kimutaingetich	0:68ca78749806	2433	*
kimutaingetich	0:68ca78749806	2434	* \note See also our Knowledge Base article about porting to a new
kimutaingetich	0:68ca78749806	2435	* environment:
kimutaingetich	0:68ca78749806	2436	* https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
kimutaingetich	0:68ca78749806	2437	*
kimutaingetich	0:68ca78749806	2438	* Module: library/timing.c
kimutaingetich	0:68ca78749806	2439	* Caller: library/havege.c
kimutaingetich	0:68ca78749806	2440	*
kimutaingetich	0:68ca78749806	2441	* This module is used by the HAVEGE random number generator.
kimutaingetich	0:68ca78749806	2442	*/
kimutaingetich	0:68ca78749806	2443	//#define MBEDTLS_TIMING_C
kimutaingetich	0:68ca78749806	2444
kimutaingetich	0:68ca78749806	2445	/**
kimutaingetich	0:68ca78749806	2446	* \def MBEDTLS_VERSION_C
kimutaingetich	0:68ca78749806	2447	*
kimutaingetich	0:68ca78749806	2448	* Enable run-time version information.
kimutaingetich	0:68ca78749806	2449	*
kimutaingetich	0:68ca78749806	2450	* Module: library/version.c
kimutaingetich	0:68ca78749806	2451	*
kimutaingetich	0:68ca78749806	2452	* This module provides run-time version information.
kimutaingetich	0:68ca78749806	2453	*/
kimutaingetich	0:68ca78749806	2454	//#define MBEDTLS_VERSION_C
kimutaingetich	0:68ca78749806	2455
kimutaingetich	0:68ca78749806	2456	/**
kimutaingetich	0:68ca78749806	2457	* \def MBEDTLS_X509_USE_C
kimutaingetich	0:68ca78749806	2458	*
kimutaingetich	0:68ca78749806	2459	* Enable X.509 core for using certificates.
kimutaingetich	0:68ca78749806	2460	*
kimutaingetich	0:68ca78749806	2461	* Module: library/x509.c
kimutaingetich	0:68ca78749806	2462	* Caller: library/x509_crl.c
kimutaingetich	0:68ca78749806	2463	* library/x509_crt.c
kimutaingetich	0:68ca78749806	2464	* library/x509_csr.c
kimutaingetich	0:68ca78749806	2465	*
kimutaingetich	0:68ca78749806	2466	* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
kimutaingetich	0:68ca78749806	2467	* MBEDTLS_PK_PARSE_C
kimutaingetich	0:68ca78749806	2468	*
kimutaingetich	0:68ca78749806	2469	* This module is required for the X.509 parsing modules.
kimutaingetich	0:68ca78749806	2470	*/
kimutaingetich	0:68ca78749806	2471	//#define MBEDTLS_X509_USE_C
kimutaingetich	0:68ca78749806	2472
kimutaingetich	0:68ca78749806	2473	/**
kimutaingetich	0:68ca78749806	2474	* \def MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	2475	*
kimutaingetich	0:68ca78749806	2476	* Enable X.509 certificate parsing.
kimutaingetich	0:68ca78749806	2477	*
kimutaingetich	0:68ca78749806	2478	* Module: library/x509_crt.c
kimutaingetich	0:68ca78749806	2479	* Caller: library/ssl_cli.c
kimutaingetich	0:68ca78749806	2480	* library/ssl_srv.c
kimutaingetich	0:68ca78749806	2481	* library/ssl_tls.c
kimutaingetich	0:68ca78749806	2482	*
kimutaingetich	0:68ca78749806	2483	* Requires: MBEDTLS_X509_USE_C
kimutaingetich	0:68ca78749806	2484	*
kimutaingetich	0:68ca78749806	2485	* This module is required for X.509 certificate parsing.
kimutaingetich	0:68ca78749806	2486	*/
kimutaingetich	0:68ca78749806	2487	//#define MBEDTLS_X509_CRT_PARSE_C
kimutaingetich	0:68ca78749806	2488
kimutaingetich	0:68ca78749806	2489	/**
kimutaingetich	0:68ca78749806	2490	* \def MBEDTLS_X509_CRL_PARSE_C
kimutaingetich	0:68ca78749806	2491	*
kimutaingetich	0:68ca78749806	2492	* Enable X.509 CRL parsing.
kimutaingetich	0:68ca78749806	2493	*
kimutaingetich	0:68ca78749806	2494	* Module: library/x509_crl.c
kimutaingetich	0:68ca78749806	2495	* Caller: library/x509_crt.c
kimutaingetich	0:68ca78749806	2496	*
kimutaingetich	0:68ca78749806	2497	* Requires: MBEDTLS_X509_USE_C
kimutaingetich	0:68ca78749806	2498	*
kimutaingetich	0:68ca78749806	2499	* This module is required for X.509 CRL parsing.
kimutaingetich	0:68ca78749806	2500	*/
kimutaingetich	0:68ca78749806	2501	//#define MBEDTLS_X509_CRL_PARSE_C
kimutaingetich	0:68ca78749806	2502
kimutaingetich	0:68ca78749806	2503	/**
kimutaingetich	0:68ca78749806	2504	* \def MBEDTLS_X509_CSR_PARSE_C
kimutaingetich	0:68ca78749806	2505	*
kimutaingetich	0:68ca78749806	2506	* Enable X.509 Certificate Signing Request (CSR) parsing.
kimutaingetich	0:68ca78749806	2507	*
kimutaingetich	0:68ca78749806	2508	* Module: library/x509_csr.c
kimutaingetich	0:68ca78749806	2509	* Caller: library/x509_crt_write.c
kimutaingetich	0:68ca78749806	2510	*
kimutaingetich	0:68ca78749806	2511	* Requires: MBEDTLS_X509_USE_C
kimutaingetich	0:68ca78749806	2512	*
kimutaingetich	0:68ca78749806	2513	* This module is used for reading X.509 certificate request.
kimutaingetich	0:68ca78749806	2514	*/
kimutaingetich	0:68ca78749806	2515	//#define MBEDTLS_X509_CSR_PARSE_C
kimutaingetich	0:68ca78749806	2516
kimutaingetich	0:68ca78749806	2517	/**
kimutaingetich	0:68ca78749806	2518	* \def MBEDTLS_X509_CREATE_C
kimutaingetich	0:68ca78749806	2519	*
kimutaingetich	0:68ca78749806	2520	* Enable X.509 core for creating certificates.
kimutaingetich	0:68ca78749806	2521	*
kimutaingetich	0:68ca78749806	2522	* Module: library/x509_create.c
kimutaingetich	0:68ca78749806	2523	*
kimutaingetich	0:68ca78749806	2524	* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
kimutaingetich	0:68ca78749806	2525	*
kimutaingetich	0:68ca78749806	2526	* This module is the basis for creating X.509 certificates and CSRs.
kimutaingetich	0:68ca78749806	2527	*/
kimutaingetich	0:68ca78749806	2528	//#define MBEDTLS_X509_CREATE_C
kimutaingetich	0:68ca78749806	2529
kimutaingetich	0:68ca78749806	2530	/**
kimutaingetich	0:68ca78749806	2531	* \def MBEDTLS_X509_CRT_WRITE_C
kimutaingetich	0:68ca78749806	2532	*
kimutaingetich	0:68ca78749806	2533	* Enable creating X.509 certificates.
kimutaingetich	0:68ca78749806	2534	*
kimutaingetich	0:68ca78749806	2535	* Module: library/x509_crt_write.c
kimutaingetich	0:68ca78749806	2536	*
kimutaingetich	0:68ca78749806	2537	* Requires: MBEDTLS_X509_CREATE_C
kimutaingetich	0:68ca78749806	2538	*
kimutaingetich	0:68ca78749806	2539	* This module is required for X.509 certificate creation.
kimutaingetich	0:68ca78749806	2540	*/
kimutaingetich	0:68ca78749806	2541	//#define MBEDTLS_X509_CRT_WRITE_C
kimutaingetich	0:68ca78749806	2542
kimutaingetich	0:68ca78749806	2543	/**
kimutaingetich	0:68ca78749806	2544	* \def MBEDTLS_X509_CSR_WRITE_C
kimutaingetich	0:68ca78749806	2545	*
kimutaingetich	0:68ca78749806	2546	* Enable creating X.509 Certificate Signing Requests (CSR).
kimutaingetich	0:68ca78749806	2547	*
kimutaingetich	0:68ca78749806	2548	* Module: library/x509_csr_write.c
kimutaingetich	0:68ca78749806	2549	*
kimutaingetich	0:68ca78749806	2550	* Requires: MBEDTLS_X509_CREATE_C
kimutaingetich	0:68ca78749806	2551	*
kimutaingetich	0:68ca78749806	2552	* This module is required for X.509 certificate request writing.
kimutaingetich	0:68ca78749806	2553	*/
kimutaingetich	0:68ca78749806	2554	//#define MBEDTLS_X509_CSR_WRITE_C
kimutaingetich	0:68ca78749806	2555
kimutaingetich	0:68ca78749806	2556	/**
kimutaingetich	0:68ca78749806	2557	* \def MBEDTLS_XTEA_C
kimutaingetich	0:68ca78749806	2558	*
kimutaingetich	0:68ca78749806	2559	* Enable the XTEA block cipher.
kimutaingetich	0:68ca78749806	2560	*
kimutaingetich	0:68ca78749806	2561	* Module: library/xtea.c
kimutaingetich	0:68ca78749806	2562	* Caller:
kimutaingetich	0:68ca78749806	2563	*/
kimutaingetich	0:68ca78749806	2564	//#define MBEDTLS_XTEA_C
kimutaingetich	0:68ca78749806	2565
kimutaingetich	0:68ca78749806	2566	/* \} name SECTION: mbed TLS modules */
kimutaingetich	0:68ca78749806	2567
kimutaingetich	0:68ca78749806	2568	/**
kimutaingetich	0:68ca78749806	2569	* \name SECTION: Module configuration options
kimutaingetich	0:68ca78749806	2570	*
kimutaingetich	0:68ca78749806	2571	* This section allows for the setting of module specific sizes and
kimutaingetich	0:68ca78749806	2572	* configuration options. The default values are already present in the
kimutaingetich	0:68ca78749806	2573	* relevant header files and should suffice for the regular use cases.
kimutaingetich	0:68ca78749806	2574	*
kimutaingetich	0:68ca78749806	2575	* Our advice is to enable options and change their values here
kimutaingetich	0:68ca78749806	2576	* only if you have a good reason and know the consequences.
kimutaingetich	0:68ca78749806	2577	*
kimutaingetich	0:68ca78749806	2578	* Please check the respective header file for documentation on these
kimutaingetich	0:68ca78749806	2579	* parameters (to prevent duplicate documentation).
kimutaingetich	0:68ca78749806	2580	* \{
kimutaingetich	0:68ca78749806	2581	*/
kimutaingetich	0:68ca78749806	2582
kimutaingetich	0:68ca78749806	2583	/* MPI / BIGNUM options */
kimutaingetich	0:68ca78749806	2584	//#define MBEDTLS_MPI_WINDOW_SIZE 6 /*< Maximum windows size used. /
kimutaingetich	0:68ca78749806	2585	//#define MBEDTLS_MPI_MAX_SIZE 1024 /*< Maximum number of bytes for usable MPIs. /
kimutaingetich	0:68ca78749806	2586
kimutaingetich	0:68ca78749806	2587	/* CTR_DRBG options */
kimutaingetich	0:68ca78749806	2588	//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /*< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) /
kimutaingetich	0:68ca78749806	2589	//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /*< Interval before reseed is performed by default /
kimutaingetich	0:68ca78749806	2590	//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /*< Maximum number of additional input bytes /
kimutaingetich	0:68ca78749806	2591	//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /*< Maximum number of requested bytes per call /
kimutaingetich	0:68ca78749806	2592	//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /*< Maximum size of (re)seed buffer /
kimutaingetich	0:68ca78749806	2593
kimutaingetich	0:68ca78749806	2594	/* HMAC_DRBG options */
kimutaingetich	0:68ca78749806	2595	//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /*< Interval before reseed is performed by default /
kimutaingetich	0:68ca78749806	2596	//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /*< Maximum number of additional input bytes /
kimutaingetich	0:68ca78749806	2597	//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /*< Maximum number of requested bytes per call /
kimutaingetich	0:68ca78749806	2598	//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /*< Maximum size of (re)seed buffer /
kimutaingetich	0:68ca78749806	2599
kimutaingetich	0:68ca78749806	2600	/* ECP options */
kimutaingetich	0:68ca78749806	2601	//#define MBEDTLS_ECP_MAX_BITS 521 /*< Maximum bit size of groups /
kimutaingetich	0:68ca78749806	2602	//#define MBEDTLS_ECP_WINDOW_SIZE 6 /*< Maximum window size used /
kimutaingetich	0:68ca78749806	2603	//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /*< Enable fixed-point speed-up /
kimutaingetich	0:68ca78749806	2604
kimutaingetich	0:68ca78749806	2605	/* Entropy options */
kimutaingetich	0:68ca78749806	2606	//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /*< Maximum number of sources supported /
kimutaingetich	0:68ca78749806	2607	//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /*< Maximum amount requested from entropy sources /
kimutaingetich	0:68ca78749806	2608	//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /*< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released /
kimutaingetich	0:68ca78749806	2609
kimutaingetich	0:68ca78749806	2610	/* Memory buffer allocator options */
kimutaingetich	0:68ca78749806	2611	//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /*< Align on multiples of this value /
kimutaingetich	0:68ca78749806	2612
kimutaingetich	0:68ca78749806	2613	/* Platform options */
kimutaingetich	0:68ca78749806	2614	//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /*< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. /
kimutaingetich	0:68ca78749806	2615	//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /*< Default allocator to use, can be undefined /
kimutaingetich	0:68ca78749806	2616	//#define MBEDTLS_PLATFORM_STD_FREE free /*< Default free to use, can be undefined /
kimutaingetich	0:68ca78749806	2617	//#define MBEDTLS_PLATFORM_STD_EXIT exit /*< Default exit to use, can be undefined /
kimutaingetich	0:68ca78749806	2618	//#define MBEDTLS_PLATFORM_STD_TIME time /*< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled /
kimutaingetich	0:68ca78749806	2619	//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /*< Default fprintf to use, can be undefined /
kimutaingetich	0:68ca78749806	2620	//#define MBEDTLS_PLATFORM_STD_PRINTF printf /*< Default printf to use, can be undefined /
kimutaingetich	0:68ca78749806	2621	/* Note: your snprintf must correclty zero-terminate the buffer! */
kimutaingetich	0:68ca78749806	2622	//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /*< Default snprintf to use, can be undefined /
kimutaingetich	0:68ca78749806	2623	//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /*< Default exit value to use, can be undefined /
kimutaingetich	0:68ca78749806	2624	//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /*< Default exit value to use, can be undefined /
kimutaingetich	0:68ca78749806	2625	//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /*< Default nv_seed_read function to use, can be undefined /
kimutaingetich	0:68ca78749806	2626	//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /*< Default nv_seed_write function to use, can be undefined /
kimutaingetich	0:68ca78749806	2627	//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /*< Seed file to read/write with default implementation /
kimutaingetich	0:68ca78749806	2628
kimutaingetich	0:68ca78749806	2629	/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
kimutaingetich	0:68ca78749806	2630	/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
kimutaingetich	0:68ca78749806	2631	//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /*< Default allocator macro to use, can be undefined /
kimutaingetich	0:68ca78749806	2632	//#define MBEDTLS_PLATFORM_FREE_MACRO free /*< Default free macro to use, can be undefined /
kimutaingetich	0:68ca78749806	2633	//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /*< Default exit macro to use, can be undefined /
kimutaingetich	0:68ca78749806	2634	//#define MBEDTLS_PLATFORM_TIME_MACRO time /*< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled /
kimutaingetich	0:68ca78749806	2635	//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /*< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled /
kimutaingetich	0:68ca78749806	2636	//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /*< Default fprintf macro to use, can be undefined /
kimutaingetich	0:68ca78749806	2637	//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /*< Default printf macro to use, can be undefined /
kimutaingetich	0:68ca78749806	2638	/* Note: your snprintf must correclty zero-terminate the buffer! */
kimutaingetich	0:68ca78749806	2639	//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /*< Default snprintf macro to use, can be undefined /
kimutaingetich	0:68ca78749806	2640	//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /*< Default nv_seed_read function to use, can be undefined /
kimutaingetich	0:68ca78749806	2641	//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /*< Default nv_seed_write function to use, can be undefined /
kimutaingetich	0:68ca78749806	2642
kimutaingetich	0:68ca78749806	2643	/* SSL Cache options */
kimutaingetich	0:68ca78749806	2644	//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*< 1 day /
kimutaingetich	0:68ca78749806	2645	//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*< Maximum entries in cache /
kimutaingetich	0:68ca78749806	2646
kimutaingetich	0:68ca78749806	2647	/* SSL options */
kimutaingetich	0:68ca78749806	2648	//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /*< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers /
kimutaingetich	0:68ca78749806	2649	//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /*< Lifetime of session tickets (if enabled) /
kimutaingetich	0:68ca78749806	2650	//#define MBEDTLS_PSK_MAX_LEN 32 /*< Max size of TLS pre-shared keys, in bytes (default 256 bits) /
kimutaingetich	0:68ca78749806	2651	//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /*< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued /
kimutaingetich	0:68ca78749806	2652
kimutaingetich	0:68ca78749806	2653	/**
kimutaingetich	0:68ca78749806	2654	* Complete list of ciphersuites to use, in order of preference.
kimutaingetich	0:68ca78749806	2655	*
kimutaingetich	0:68ca78749806	2656	* \warning No dependency checking is done on that field! This option can only
kimutaingetich	0:68ca78749806	2657	* be used to restrict the set of available ciphersuites. It is your
kimutaingetich	0:68ca78749806	2658	* responsibility to make sure the needed modules are active.
kimutaingetich	0:68ca78749806	2659	*
kimutaingetich	0:68ca78749806	2660	* Use this to save a few hundred bytes of ROM (default ordering of all
kimutaingetich	0:68ca78749806	2661	* available ciphersuites) and a few to a few hundred bytes of RAM.
kimutaingetich	0:68ca78749806	2662	*
kimutaingetich	0:68ca78749806	2663	* The value below is only an example, not the default.
kimutaingetich	0:68ca78749806	2664	*/
kimutaingetich	0:68ca78749806	2665	//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
kimutaingetich	0:68ca78749806	2666
kimutaingetich	0:68ca78749806	2667	/* X509 options */
kimutaingetich	0:68ca78749806	2668	//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /*< Maximum number of intermediate CAs in a verification chain. /
kimutaingetich	0:68ca78749806	2669	//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /*< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). /
kimutaingetich	0:68ca78749806	2670
kimutaingetich	0:68ca78749806	2671	/**
kimutaingetich	0:68ca78749806	2672	* Allow SHA-1 in the default TLS configuration for certificate signing.
kimutaingetich	0:68ca78749806	2673	* Without this build-time option, SHA-1 support must be activated explicitly
kimutaingetich	0:68ca78749806	2674	* through mbedtls_ssl_conf_cert_profile. Turning on this option is not
kimutaingetich	0:68ca78749806	2675	* recommended because of it is possible to generte SHA-1 collisions, however
kimutaingetich	0:68ca78749806	2676	* this may be safe for legacy infrastructure where additional controls apply.
kimutaingetich	0:68ca78749806	2677	*/
kimutaingetich	0:68ca78749806	2678	// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
kimutaingetich	0:68ca78749806	2679
kimutaingetich	0:68ca78749806	2680	/**
kimutaingetich	0:68ca78749806	2681	* Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
kimutaingetich	0:68ca78749806	2682	* signature and ciphersuite selection. Without this build-time option, SHA-1
kimutaingetich	0:68ca78749806	2683	* support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
kimutaingetich	0:68ca78749806	2684	* The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
kimutaingetich	0:68ca78749806	2685	* default. At the time of writing, there is no practical attack on the use
kimutaingetich	0:68ca78749806	2686	* of SHA-1 in handshake signatures, hence this option is turned on by default
kimutaingetich	0:68ca78749806	2687	* for compatibility with existing peers.
kimutaingetich	0:68ca78749806	2688	*/
kimutaingetich	0:68ca78749806	2689	//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
kimutaingetich	0:68ca78749806	2690
kimutaingetich	0:68ca78749806	2691
kimutaingetich	0:68ca78749806	2692	#include "check_config.h"
kimutaingetich	0:68ca78749806	2693
kimutaingetich	0:68ca78749806	2694	#endif /* MBEDTLS_LORA_CONFIG_H */

Repository toolbox

Export to desktop IDE

Build repository

Repository details

Type:	Program
Mbed OS support:	Mbed OS
Created:	11 Mar 2019
Imports:	6
Forks:	0
Commits:	1
Dependents:	0
Dependencies:	2
Followers:	1

The code in this repository is Apache licensed.

inc/mbedtls_lora_config.h@0:68ca78749806, 2019-03-11 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning