leo hendrickson / Mbed OS example-Ethernet-mbed-Cloud-connect

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

simple-mbed-cloud-client/mbed-cloud-client/mbed-client-pal/Configs/mbedTLS/mbedTLSConfig_Linux.h@0:8f0bb79ddd48, 2021-05-04 (annotated)

Committer:
leothedragon
Date:
Tue May 04 08:55:12 2021 +0000
Revision:
0:8f0bb79ddd48
nmn

Who changed what in which revision?

UserRevisionLine numberNew contents of line
leothedragon 0:8f0bb79ddd48 1 // ----------------------------------------------------------------------------
leothedragon 0:8f0bb79ddd48 2 // Copyright 2016-2019 ARM Ltd.
leothedragon 0:8f0bb79ddd48 3 //
leothedragon 0:8f0bb79ddd48 4 // SPDX-License-Identifier: Apache-2.0
leothedragon 0:8f0bb79ddd48 5 //
leothedragon 0:8f0bb79ddd48 6 // Licensed under the Apache License, Version 2.0 (the "License");
leothedragon 0:8f0bb79ddd48 7 // you may not use this file except in compliance with the License.
leothedragon 0:8f0bb79ddd48 8 // You may obtain a copy of the License at
leothedragon 0:8f0bb79ddd48 9 //
leothedragon 0:8f0bb79ddd48 10 // http://www.apache.org/licenses/LICENSE-2.0
leothedragon 0:8f0bb79ddd48 11 //
leothedragon 0:8f0bb79ddd48 12 // Unless required by applicable law or agreed to in writing, software
leothedragon 0:8f0bb79ddd48 13 // distributed under the License is distributed on an "AS IS" BASIS,
leothedragon 0:8f0bb79ddd48 14 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
leothedragon 0:8f0bb79ddd48 15 // See the License for the specific language governing permissions and
leothedragon 0:8f0bb79ddd48 16 // limitations under the License.
leothedragon 0:8f0bb79ddd48 17 // ----------------------------------------------------------------------------
leothedragon 0:8f0bb79ddd48 18
leothedragon 0:8f0bb79ddd48 19 #ifndef MBEDTLS_CONFIG_H
leothedragon 0:8f0bb79ddd48 20 #define MBEDTLS_CONFIG_H
leothedragon 0:8f0bb79ddd48 21
leothedragon 0:8f0bb79ddd48 22
leothedragon 0:8f0bb79ddd48 23 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
leothedragon 0:8f0bb79ddd48 24 #define _CRT_SECURE_NO_DEPRECATE 1
leothedragon 0:8f0bb79ddd48 25 #endif
leothedragon 0:8f0bb79ddd48 26
leothedragon 0:8f0bb79ddd48 27 /**
leothedragon 0:8f0bb79ddd48 28 * \name SECTION: System support
leothedragon 0:8f0bb79ddd48 29 *
leothedragon 0:8f0bb79ddd48 30 * This section sets system specific settings.
leothedragon 0:8f0bb79ddd48 31 * \{
leothedragon 0:8f0bb79ddd48 32 */
leothedragon 0:8f0bb79ddd48 33 #if 1 //Please set to 1 if you are using secure time
leothedragon 0:8f0bb79ddd48 34 /**
leothedragon 0:8f0bb79ddd48 35 * \def MBEDTLS_HAVE_ASM
leothedragon 0:8f0bb79ddd48 36 *
leothedragon 0:8f0bb79ddd48 37 * The compiler has support for asm().
leothedragon 0:8f0bb79ddd48 38 *
leothedragon 0:8f0bb79ddd48 39 * Requires support for asm() in compiler.
leothedragon 0:8f0bb79ddd48 40 *
leothedragon 0:8f0bb79ddd48 41 * Used in:
leothedragon 0:8f0bb79ddd48 42 * library/timing.c
leothedragon 0:8f0bb79ddd48 43 * library/padlock.c
leothedragon 0:8f0bb79ddd48 44 * include/mbedtls/bn_mul.h
leothedragon 0:8f0bb79ddd48 45 *
leothedragon 0:8f0bb79ddd48 46 * Comment to disable the use of assembly code.
leothedragon 0:8f0bb79ddd48 47 */
leothedragon 0:8f0bb79ddd48 48 #define MBEDTLS_HAVE_ASM
leothedragon 0:8f0bb79ddd48 49
leothedragon 0:8f0bb79ddd48 50 /**
leothedragon 0:8f0bb79ddd48 51 * \def MBEDTLS_HAVE_SSE2
leothedragon 0:8f0bb79ddd48 52 *
leothedragon 0:8f0bb79ddd48 53 * CPU supports SSE2 instruction set.
leothedragon 0:8f0bb79ddd48 54 *
leothedragon 0:8f0bb79ddd48 55 * Uncomment if the CPU supports SSE2 (IA-32 specific).
leothedragon 0:8f0bb79ddd48 56 */
leothedragon 0:8f0bb79ddd48 57 //#define MBEDTLS_HAVE_SSE2
leothedragon 0:8f0bb79ddd48 58
leothedragon 0:8f0bb79ddd48 59 /**
leothedragon 0:8f0bb79ddd48 60 * \def MBEDTLS_HAVE_TIME
leothedragon 0:8f0bb79ddd48 61 *
leothedragon 0:8f0bb79ddd48 62 * System has time.h and time().
leothedragon 0:8f0bb79ddd48 63 * The time does not need to be correct, only time differences are used,
leothedragon 0:8f0bb79ddd48 64 * by contrast with MBEDTLS_HAVE_TIME_DATE
leothedragon 0:8f0bb79ddd48 65 *
leothedragon 0:8f0bb79ddd48 66 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
leothedragon 0:8f0bb79ddd48 67 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
leothedragon 0:8f0bb79ddd48 68 * MBEDTLS_PLATFORM_STD_TIME.
leothedragon 0:8f0bb79ddd48 69 *
leothedragon 0:8f0bb79ddd48 70 * Comment if your system does not support time functions
leothedragon 0:8f0bb79ddd48 71 */
leothedragon 0:8f0bb79ddd48 72 #define MBEDTLS_HAVE_TIME
leothedragon 0:8f0bb79ddd48 73
leothedragon 0:8f0bb79ddd48 74 /**
leothedragon 0:8f0bb79ddd48 75 * \def MBEDTLS_HAVE_TIME_DATE
leothedragon 0:8f0bb79ddd48 76 *
leothedragon 0:8f0bb79ddd48 77 * System has time.h and time(), gmtime() and the clock is correct.
leothedragon 0:8f0bb79ddd48 78 * The time needs to be correct (not necesarily very accurate, but at least
leothedragon 0:8f0bb79ddd48 79 * the date should be correct). This is used to verify the validity period of
leothedragon 0:8f0bb79ddd48 80 * X.509 certificates.
leothedragon 0:8f0bb79ddd48 81 *
leothedragon 0:8f0bb79ddd48 82 * Comment if your system does not have a correct clock.
leothedragon 0:8f0bb79ddd48 83 */
leothedragon 0:8f0bb79ddd48 84 #define MBEDTLS_HAVE_TIME_DATE
leothedragon 0:8f0bb79ddd48 85
leothedragon 0:8f0bb79ddd48 86 /**
leothedragon 0:8f0bb79ddd48 87 * \def MBEDTLS_PLATFORM_MEMORY
leothedragon 0:8f0bb79ddd48 88 *
leothedragon 0:8f0bb79ddd48 89 * Enable the memory allocation layer.
leothedragon 0:8f0bb79ddd48 90 *
leothedragon 0:8f0bb79ddd48 91 * By default mbed TLS uses the system-provided calloc() and free().
leothedragon 0:8f0bb79ddd48 92 * This allows different allocators (self-implemented or provided) to be
leothedragon 0:8f0bb79ddd48 93 * provided to the platform abstraction layer.
leothedragon 0:8f0bb79ddd48 94 *
leothedragon 0:8f0bb79ddd48 95 * Enabling MBEDTLS_PLATFORM_MEMORY without the
leothedragon 0:8f0bb79ddd48 96 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
leothedragon 0:8f0bb79ddd48 97 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
leothedragon 0:8f0bb79ddd48 98 * free() function pointer at runtime.
leothedragon 0:8f0bb79ddd48 99 *
leothedragon 0:8f0bb79ddd48 100 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
leothedragon 0:8f0bb79ddd48 101 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
leothedragon 0:8f0bb79ddd48 102 * alternate function at compile time.
leothedragon 0:8f0bb79ddd48 103 *
leothedragon 0:8f0bb79ddd48 104 * Requires: MBEDTLS_PLATFORM_C
leothedragon 0:8f0bb79ddd48 105 *
leothedragon 0:8f0bb79ddd48 106 * Enable this layer to allow use of alternative memory allocators.
leothedragon 0:8f0bb79ddd48 107 */
leothedragon 0:8f0bb79ddd48 108 //#define MBEDTLS_PLATFORM_MEMORY
leothedragon 0:8f0bb79ddd48 109
leothedragon 0:8f0bb79ddd48 110 /**
leothedragon 0:8f0bb79ddd48 111 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
leothedragon 0:8f0bb79ddd48 112 *
leothedragon 0:8f0bb79ddd48 113 * Do not assign standard functions in the platform layer (e.g. calloc() to
leothedragon 0:8f0bb79ddd48 114 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
leothedragon 0:8f0bb79ddd48 115 *
leothedragon 0:8f0bb79ddd48 116 * This makes sure there are no linking errors on platforms that do not support
leothedragon 0:8f0bb79ddd48 117 * these functions. You will HAVE to provide alternatives, either at runtime
leothedragon 0:8f0bb79ddd48 118 * via the platform_set_xxx() functions or at compile time by setting
leothedragon 0:8f0bb79ddd48 119 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
leothedragon 0:8f0bb79ddd48 120 * MBEDTLS_PLATFORM_XXX_MACRO.
leothedragon 0:8f0bb79ddd48 121 *
leothedragon 0:8f0bb79ddd48 122 * Requires: MBEDTLS_PLATFORM_C
leothedragon 0:8f0bb79ddd48 123 *
leothedragon 0:8f0bb79ddd48 124 * Uncomment to prevent default assignment of standard functions in the
leothedragon 0:8f0bb79ddd48 125 * platform layer.
leothedragon 0:8f0bb79ddd48 126 */
leothedragon 0:8f0bb79ddd48 127 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
leothedragon 0:8f0bb79ddd48 128
leothedragon 0:8f0bb79ddd48 129 /**
leothedragon 0:8f0bb79ddd48 130 * \def MBEDTLS_PLATFORM_EXIT_ALT
leothedragon 0:8f0bb79ddd48 131 *
leothedragon 0:8f0bb79ddd48 132 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
leothedragon 0:8f0bb79ddd48 133 * function in the platform abstraction layer.
leothedragon 0:8f0bb79ddd48 134 *
leothedragon 0:8f0bb79ddd48 135 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
leothedragon 0:8f0bb79ddd48 136 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
leothedragon 0:8f0bb79ddd48 137 * alternative printf function pointer.
leothedragon 0:8f0bb79ddd48 138 *
leothedragon 0:8f0bb79ddd48 139 * All these define require MBEDTLS_PLATFORM_C to be defined!
leothedragon 0:8f0bb79ddd48 140 *
leothedragon 0:8f0bb79ddd48 141 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
leothedragon 0:8f0bb79ddd48 142 * it will be enabled automatically by check_config.h
leothedragon 0:8f0bb79ddd48 143 *
leothedragon 0:8f0bb79ddd48 144 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
leothedragon 0:8f0bb79ddd48 145 * MBEDTLS_PLATFORM_XXX_MACRO!
leothedragon 0:8f0bb79ddd48 146 *
leothedragon 0:8f0bb79ddd48 147 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
leothedragon 0:8f0bb79ddd48 148 *
leothedragon 0:8f0bb79ddd48 149 * Uncomment a macro to enable alternate implementation of specific base
leothedragon 0:8f0bb79ddd48 150 * platform function
leothedragon 0:8f0bb79ddd48 151 */
leothedragon 0:8f0bb79ddd48 152 #define MBEDTLS_PLATFORM_TIME_ALT
leothedragon 0:8f0bb79ddd48 153 #endif //0
leothedragon 0:8f0bb79ddd48 154 //#define MBEDTLS_PLATFORM_EXIT_ALT
leothedragon 0:8f0bb79ddd48 155 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
leothedragon 0:8f0bb79ddd48 156 //#define MBEDTLS_PLATFORM_PRINTF_ALT
leothedragon 0:8f0bb79ddd48 157 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
leothedragon 0:8f0bb79ddd48 158 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
leothedragon 0:8f0bb79ddd48 159
leothedragon 0:8f0bb79ddd48 160 /**
leothedragon 0:8f0bb79ddd48 161 * \def MBEDTLS_DEPRECATED_WARNING
leothedragon 0:8f0bb79ddd48 162 *
leothedragon 0:8f0bb79ddd48 163 * Mark deprecated functions so that they generate a warning if used.
leothedragon 0:8f0bb79ddd48 164 * Functions deprecated in one version will usually be removed in the next
leothedragon 0:8f0bb79ddd48 165 * version. You can enable this to help you prepare the transition to a new
leothedragon 0:8f0bb79ddd48 166 * major version by making sure your code is not using these functions.
leothedragon 0:8f0bb79ddd48 167 *
leothedragon 0:8f0bb79ddd48 168 * This only works with GCC and Clang. With other compilers, you may want to
leothedragon 0:8f0bb79ddd48 169 * use MBEDTLS_DEPRECATED_REMOVED
leothedragon 0:8f0bb79ddd48 170 *
leothedragon 0:8f0bb79ddd48 171 * Uncomment to get warnings on using deprecated functions.
leothedragon 0:8f0bb79ddd48 172 */
leothedragon 0:8f0bb79ddd48 173 //#define MBEDTLS_DEPRECATED_WARNING
leothedragon 0:8f0bb79ddd48 174
leothedragon 0:8f0bb79ddd48 175 /**
leothedragon 0:8f0bb79ddd48 176 * \def MBEDTLS_DEPRECATED_REMOVED
leothedragon 0:8f0bb79ddd48 177 *
leothedragon 0:8f0bb79ddd48 178 * Remove deprecated functions so that they generate an error if used.
leothedragon 0:8f0bb79ddd48 179 * Functions deprecated in one version will usually be removed in the next
leothedragon 0:8f0bb79ddd48 180 * version. You can enable this to help you prepare the transition to a new
leothedragon 0:8f0bb79ddd48 181 * major version by making sure your code is not using these functions.
leothedragon 0:8f0bb79ddd48 182 *
leothedragon 0:8f0bb79ddd48 183 * Uncomment to get errors on using deprecated functions.
leothedragon 0:8f0bb79ddd48 184 */
leothedragon 0:8f0bb79ddd48 185 //#define MBEDTLS_DEPRECATED_REMOVED
leothedragon 0:8f0bb79ddd48 186
leothedragon 0:8f0bb79ddd48 187 /* \} name SECTION: System support */
leothedragon 0:8f0bb79ddd48 188
leothedragon 0:8f0bb79ddd48 189 /**
leothedragon 0:8f0bb79ddd48 190 * \name SECTION: mbed TLS feature support
leothedragon 0:8f0bb79ddd48 191 *
leothedragon 0:8f0bb79ddd48 192 * This section sets support for features that are or are not needed
leothedragon 0:8f0bb79ddd48 193 * within the modules that are enabled.
leothedragon 0:8f0bb79ddd48 194 * \{
leothedragon 0:8f0bb79ddd48 195 */
leothedragon 0:8f0bb79ddd48 196
leothedragon 0:8f0bb79ddd48 197 /**
leothedragon 0:8f0bb79ddd48 198 * \def MBEDTLS_TIMING_ALT
leothedragon 0:8f0bb79ddd48 199 *
leothedragon 0:8f0bb79ddd48 200 * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
leothedragon 0:8f0bb79ddd48 201 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
leothedragon 0:8f0bb79ddd48 202 *
leothedragon 0:8f0bb79ddd48 203 * Only works if you have MBEDTLS_TIMING_C enabled.
leothedragon 0:8f0bb79ddd48 204 *
leothedragon 0:8f0bb79ddd48 205 * You will need to provide a header "timing_alt.h" and an implementation at
leothedragon 0:8f0bb79ddd48 206 * compile time.
leothedragon 0:8f0bb79ddd48 207 */
leothedragon 0:8f0bb79ddd48 208 //#define MBEDTLS_TIMING_ALT
leothedragon 0:8f0bb79ddd48 209
leothedragon 0:8f0bb79ddd48 210 /**
leothedragon 0:8f0bb79ddd48 211 * \def MBEDTLS_AES_ALT
leothedragon 0:8f0bb79ddd48 212 *
leothedragon 0:8f0bb79ddd48 213 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
leothedragon 0:8f0bb79ddd48 214 * alternate core implementation of a symmetric crypto, an arithmetic or hash
leothedragon 0:8f0bb79ddd48 215 * module (e.g. platform specific assembly optimized implementations). Keep
leothedragon 0:8f0bb79ddd48 216 * in mind that the function prototypes should remain the same.
leothedragon 0:8f0bb79ddd48 217 *
leothedragon 0:8f0bb79ddd48 218 * This replaces the whole module. If you only want to replace one of the
leothedragon 0:8f0bb79ddd48 219 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
leothedragon 0:8f0bb79ddd48 220 *
leothedragon 0:8f0bb79ddd48 221 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
leothedragon 0:8f0bb79ddd48 222 * provide the "struct mbedtls_aes_context" definition and omit the base
leothedragon 0:8f0bb79ddd48 223 * function declarations and implementations. "aes_alt.h" will be included from
leothedragon 0:8f0bb79ddd48 224 * "aes.h" to include the new function definitions.
leothedragon 0:8f0bb79ddd48 225 *
leothedragon 0:8f0bb79ddd48 226 * Uncomment a macro to enable alternate implementation of the corresponding
leothedragon 0:8f0bb79ddd48 227 * module.
leothedragon 0:8f0bb79ddd48 228 */
leothedragon 0:8f0bb79ddd48 229 //#define MBEDTLS_AES_ALT
leothedragon 0:8f0bb79ddd48 230 //#define MBEDTLS_ARC4_ALT
leothedragon 0:8f0bb79ddd48 231 //#define MBEDTLS_BLOWFISH_ALT
leothedragon 0:8f0bb79ddd48 232 //#define MBEDTLS_CAMELLIA_ALT
leothedragon 0:8f0bb79ddd48 233 //#define MBEDTLS_DES_ALT
leothedragon 0:8f0bb79ddd48 234 //#define MBEDTLS_XTEA_ALT
leothedragon 0:8f0bb79ddd48 235 //#define MBEDTLS_MD2_ALT
leothedragon 0:8f0bb79ddd48 236 //#define MBEDTLS_MD4_ALT
leothedragon 0:8f0bb79ddd48 237 //#define MBEDTLS_MD5_ALT
leothedragon 0:8f0bb79ddd48 238 //#define MBEDTLS_RIPEMD160_ALT
leothedragon 0:8f0bb79ddd48 239 //#define MBEDTLS_SHA1_ALT
leothedragon 0:8f0bb79ddd48 240 //#define MBEDTLS_SHA256_ALT
leothedragon 0:8f0bb79ddd48 241 //#define MBEDTLS_SHA512_ALT
leothedragon 0:8f0bb79ddd48 242 /*
leothedragon 0:8f0bb79ddd48 243 * When replacing the elliptic curve module, pleace consider, that it is
leothedragon 0:8f0bb79ddd48 244 * implemented with two .c files:
leothedragon 0:8f0bb79ddd48 245 * - ecp.c
leothedragon 0:8f0bb79ddd48 246 * - ecp_curves.c
leothedragon 0:8f0bb79ddd48 247 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
leothedragon 0:8f0bb79ddd48 248 * macros as described above. The only difference is that you have to make sure
leothedragon 0:8f0bb79ddd48 249 * that you provide functionality for both .c files.
leothedragon 0:8f0bb79ddd48 250 */
leothedragon 0:8f0bb79ddd48 251 //#define MBEDTLS_ECP_ALT
leothedragon 0:8f0bb79ddd48 252
leothedragon 0:8f0bb79ddd48 253 /**
leothedragon 0:8f0bb79ddd48 254 * \def MBEDTLS_MD2_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 255 *
leothedragon 0:8f0bb79ddd48 256 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
leothedragon 0:8f0bb79ddd48 257 * alternate core implementation of symmetric crypto or hash function. Keep in
leothedragon 0:8f0bb79ddd48 258 * mind that function prototypes should remain the same.
leothedragon 0:8f0bb79ddd48 259 *
leothedragon 0:8f0bb79ddd48 260 * This replaces only one function. The header file from mbed TLS is still
leothedragon 0:8f0bb79ddd48 261 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
leothedragon 0:8f0bb79ddd48 262 *
leothedragon 0:8f0bb79ddd48 263 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
leothedragon 0:8f0bb79ddd48 264 * no longer provide the mbedtls_sha1_process() function, but it will still provide
leothedragon 0:8f0bb79ddd48 265 * the other function (using your mbedtls_sha1_process() function) and the definition
leothedragon 0:8f0bb79ddd48 266 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
leothedragon 0:8f0bb79ddd48 267 * with this definition.
leothedragon 0:8f0bb79ddd48 268 *
leothedragon 0:8f0bb79ddd48 269 * Note: if you use the AES_xxx_ALT macros, then is is recommended to also set
leothedragon 0:8f0bb79ddd48 270 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
leothedragon 0:8f0bb79ddd48 271 * tables.
leothedragon 0:8f0bb79ddd48 272 *
leothedragon 0:8f0bb79ddd48 273 * Uncomment a macro to enable alternate implementation of the corresponding
leothedragon 0:8f0bb79ddd48 274 * function.
leothedragon 0:8f0bb79ddd48 275 */
leothedragon 0:8f0bb79ddd48 276 //#define MBEDTLS_MD2_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 277 //#define MBEDTLS_MD4_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 278 //#define MBEDTLS_MD5_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 279 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 280 //#define MBEDTLS_SHA1_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 281 //#define MBEDTLS_SHA256_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 282 //#define MBEDTLS_SHA512_PROCESS_ALT
leothedragon 0:8f0bb79ddd48 283 //#define MBEDTLS_DES_SETKEY_ALT
leothedragon 0:8f0bb79ddd48 284 //#define MBEDTLS_DES_CRYPT_ECB_ALT
leothedragon 0:8f0bb79ddd48 285 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
leothedragon 0:8f0bb79ddd48 286 //#define MBEDTLS_AES_SETKEY_ENC_ALT
leothedragon 0:8f0bb79ddd48 287 //#define MBEDTLS_AES_SETKEY_DEC_ALT
leothedragon 0:8f0bb79ddd48 288 //#define MBEDTLS_AES_ENCRYPT_ALT
leothedragon 0:8f0bb79ddd48 289 //#define MBEDTLS_AES_DECRYPT_ALT
leothedragon 0:8f0bb79ddd48 290
leothedragon 0:8f0bb79ddd48 291 /**
leothedragon 0:8f0bb79ddd48 292 * \def MBEDTLS_ECP_INTERNAL_ALT
leothedragon 0:8f0bb79ddd48 293 *
leothedragon 0:8f0bb79ddd48 294 * Expose a part of the internal interface of the Elliptic Curve Point module.
leothedragon 0:8f0bb79ddd48 295 *
leothedragon 0:8f0bb79ddd48 296 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
leothedragon 0:8f0bb79ddd48 297 * alternative core implementation of elliptic curve arithmetic. Keep in mind
leothedragon 0:8f0bb79ddd48 298 * that function prototypes should remain the same.
leothedragon 0:8f0bb79ddd48 299 *
leothedragon 0:8f0bb79ddd48 300 * This partially replaces one function. The header file from mbed TLS is still
leothedragon 0:8f0bb79ddd48 301 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
leothedragon 0:8f0bb79ddd48 302 * is still present and it is used for group structures not supported by the
leothedragon 0:8f0bb79ddd48 303 * alternative.
leothedragon 0:8f0bb79ddd48 304 *
leothedragon 0:8f0bb79ddd48 305 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
leothedragon 0:8f0bb79ddd48 306 * and implementing the following functions:
leothedragon 0:8f0bb79ddd48 307 * unsigned char mbedtls_internal_ecp_grp_capable(
leothedragon 0:8f0bb79ddd48 308 * const mbedtls_ecp_group *grp )
leothedragon 0:8f0bb79ddd48 309 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
leothedragon 0:8f0bb79ddd48 310 * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
leothedragon 0:8f0bb79ddd48 311 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
leothedragon 0:8f0bb79ddd48 312 * replacement functions implement arithmetic for the given group and 0
leothedragon 0:8f0bb79ddd48 313 * otherwise.
leothedragon 0:8f0bb79ddd48 314 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
leothedragon 0:8f0bb79ddd48 315 * called before and after each point operation and provide an opportunity to
leothedragon 0:8f0bb79ddd48 316 * implement optimized set up and tear down instructions.
leothedragon 0:8f0bb79ddd48 317 *
leothedragon 0:8f0bb79ddd48 318 * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
leothedragon 0:8f0bb79ddd48 319 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
leothedragon 0:8f0bb79ddd48 320 * function, but will use your mbedtls_internal_ecp_double_jac if the group is
leothedragon 0:8f0bb79ddd48 321 * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
leothedragon 0:8f0bb79ddd48 322 * receives it as an argument). If the group is not supported then the original
leothedragon 0:8f0bb79ddd48 323 * implementation is used. The other functions and the definition of
leothedragon 0:8f0bb79ddd48 324 * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
leothedragon 0:8f0bb79ddd48 325 * implementation of mbedtls_internal_ecp_double_jac and
leothedragon 0:8f0bb79ddd48 326 * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
leothedragon 0:8f0bb79ddd48 327 *
leothedragon 0:8f0bb79ddd48 328 * Uncomment a macro to enable alternate implementation of the corresponding
leothedragon 0:8f0bb79ddd48 329 * function.
leothedragon 0:8f0bb79ddd48 330 */
leothedragon 0:8f0bb79ddd48 331 /* Required for all the functions in this section */
leothedragon 0:8f0bb79ddd48 332 //#define MBEDTLS_ECP_INTERNAL_ALT
leothedragon 0:8f0bb79ddd48 333 /* Support for Weierstrass curves with Jacobi representation */
leothedragon 0:8f0bb79ddd48 334 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
leothedragon 0:8f0bb79ddd48 335 //#define MBEDTLS_ECP_ADD_MIXED_ALT
leothedragon 0:8f0bb79ddd48 336 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
leothedragon 0:8f0bb79ddd48 337 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
leothedragon 0:8f0bb79ddd48 338 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
leothedragon 0:8f0bb79ddd48 339 /* Support for curves with Montgomery arithmetic */
leothedragon 0:8f0bb79ddd48 340 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
leothedragon 0:8f0bb79ddd48 341 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
leothedragon 0:8f0bb79ddd48 342 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
leothedragon 0:8f0bb79ddd48 343
leothedragon 0:8f0bb79ddd48 344 /**
leothedragon 0:8f0bb79ddd48 345 * \def MBEDTLS_TEST_NULL_ENTROPY
leothedragon 0:8f0bb79ddd48 346 *
leothedragon 0:8f0bb79ddd48 347 * Enables testing and use of mbed TLS without any configured entropy sources.
leothedragon 0:8f0bb79ddd48 348 * This permits use of the library on platforms before an entropy source has
leothedragon 0:8f0bb79ddd48 349 * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
leothedragon 0:8f0bb79ddd48 350 * MBEDTLS_ENTROPY_NV_SEED switches).
leothedragon 0:8f0bb79ddd48 351 *
leothedragon 0:8f0bb79ddd48 352 * WARNING! This switch MUST be disabled in production builds, and is suitable
leothedragon 0:8f0bb79ddd48 353 * only for development.
leothedragon 0:8f0bb79ddd48 354 * Enabling the switch negates any security provided by the library.
leothedragon 0:8f0bb79ddd48 355 *
leothedragon 0:8f0bb79ddd48 356 * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
leothedragon 0:8f0bb79ddd48 357 *
leothedragon 0:8f0bb79ddd48 358 */
leothedragon 0:8f0bb79ddd48 359 //#define MBEDTLS_TEST_NULL_ENTROPY
leothedragon 0:8f0bb79ddd48 360
leothedragon 0:8f0bb79ddd48 361 /**
leothedragon 0:8f0bb79ddd48 362 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
leothedragon 0:8f0bb79ddd48 363 *
leothedragon 0:8f0bb79ddd48 364 * Uncomment this macro to let mbed TLS use your own implementation of a
leothedragon 0:8f0bb79ddd48 365 * hardware entropy collector.
leothedragon 0:8f0bb79ddd48 366 *
leothedragon 0:8f0bb79ddd48 367 * Your function must be called \c mbedtls_hardware_poll(), have the same
leothedragon 0:8f0bb79ddd48 368 * prototype as declared in entropy_poll.h, and accept NULL as first argument.
leothedragon 0:8f0bb79ddd48 369 *
leothedragon 0:8f0bb79ddd48 370 * Uncomment to use your own hardware entropy collector.
leothedragon 0:8f0bb79ddd48 371 */
leothedragon 0:8f0bb79ddd48 372 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
leothedragon 0:8f0bb79ddd48 373
leothedragon 0:8f0bb79ddd48 374 /**
leothedragon 0:8f0bb79ddd48 375 * \def MBEDTLS_AES_ROM_TABLES
leothedragon 0:8f0bb79ddd48 376 *
leothedragon 0:8f0bb79ddd48 377 * Store the AES tables in ROM.
leothedragon 0:8f0bb79ddd48 378 *
leothedragon 0:8f0bb79ddd48 379 * Uncomment this macro to store the AES tables in ROM.
leothedragon 0:8f0bb79ddd48 380 */
leothedragon 0:8f0bb79ddd48 381 //#define MBEDTLS_AES_ROM_TABLES
leothedragon 0:8f0bb79ddd48 382
leothedragon 0:8f0bb79ddd48 383 /**
leothedragon 0:8f0bb79ddd48 384 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
leothedragon 0:8f0bb79ddd48 385 *
leothedragon 0:8f0bb79ddd48 386 * Use less ROM for the Camellia implementation (saves about 768 bytes).
leothedragon 0:8f0bb79ddd48 387 *
leothedragon 0:8f0bb79ddd48 388 * Uncomment this macro to use less memory for Camellia.
leothedragon 0:8f0bb79ddd48 389 */
leothedragon 0:8f0bb79ddd48 390 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
leothedragon 0:8f0bb79ddd48 391
leothedragon 0:8f0bb79ddd48 392 /**
leothedragon 0:8f0bb79ddd48 393 * \def MBEDTLS_CIPHER_MODE_CBC
leothedragon 0:8f0bb79ddd48 394 *
leothedragon 0:8f0bb79ddd48 395 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
leothedragon 0:8f0bb79ddd48 396 */
leothedragon 0:8f0bb79ddd48 397 #define MBEDTLS_CIPHER_MODE_CBC
leothedragon 0:8f0bb79ddd48 398
leothedragon 0:8f0bb79ddd48 399 /**
leothedragon 0:8f0bb79ddd48 400 * \def MBEDTLS_CIPHER_MODE_CFB
leothedragon 0:8f0bb79ddd48 401 *
leothedragon 0:8f0bb79ddd48 402 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
leothedragon 0:8f0bb79ddd48 403 */
leothedragon 0:8f0bb79ddd48 404 //#define MBEDTLS_CIPHER_MODE_CFB
leothedragon 0:8f0bb79ddd48 405
leothedragon 0:8f0bb79ddd48 406 /**
leothedragon 0:8f0bb79ddd48 407 * \def MBEDTLS_CIPHER_MODE_CTR
leothedragon 0:8f0bb79ddd48 408 *
leothedragon 0:8f0bb79ddd48 409 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
leothedragon 0:8f0bb79ddd48 410 */
leothedragon 0:8f0bb79ddd48 411 #define MBEDTLS_CIPHER_MODE_CTR
leothedragon 0:8f0bb79ddd48 412
leothedragon 0:8f0bb79ddd48 413 /**
leothedragon 0:8f0bb79ddd48 414 * \def MBEDTLS_CIPHER_NULL_CIPHER
leothedragon 0:8f0bb79ddd48 415 *
leothedragon 0:8f0bb79ddd48 416 * Enable NULL cipher.
leothedragon 0:8f0bb79ddd48 417 * Warning: Only do so when you know what you are doing. This allows for
leothedragon 0:8f0bb79ddd48 418 * encryption or channels without any security!
leothedragon 0:8f0bb79ddd48 419 *
leothedragon 0:8f0bb79ddd48 420 * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
leothedragon 0:8f0bb79ddd48 421 * the following ciphersuites:
leothedragon 0:8f0bb79ddd48 422 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 423 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 424 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 425 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 426 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
leothedragon 0:8f0bb79ddd48 427 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
leothedragon 0:8f0bb79ddd48 428 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 429 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
leothedragon 0:8f0bb79ddd48 430 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
leothedragon 0:8f0bb79ddd48 431 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 432 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
leothedragon 0:8f0bb79ddd48 433 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 434 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
leothedragon 0:8f0bb79ddd48 435 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
leothedragon 0:8f0bb79ddd48 436 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
leothedragon 0:8f0bb79ddd48 437 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 438 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
leothedragon 0:8f0bb79ddd48 439 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
leothedragon 0:8f0bb79ddd48 440 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
leothedragon 0:8f0bb79ddd48 441 *
leothedragon 0:8f0bb79ddd48 442 * Uncomment this macro to enable the NULL cipher and ciphersuites
leothedragon 0:8f0bb79ddd48 443 */
leothedragon 0:8f0bb79ddd48 444 //#define MBEDTLS_CIPHER_NULL_CIPHER
leothedragon 0:8f0bb79ddd48 445
leothedragon 0:8f0bb79ddd48 446 /**
leothedragon 0:8f0bb79ddd48 447 * \def MBEDTLS_CIPHER_PADDING_PKCS7
leothedragon 0:8f0bb79ddd48 448 *
leothedragon 0:8f0bb79ddd48 449 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
leothedragon 0:8f0bb79ddd48 450 * specific padding modes in the cipher layer with cipher modes that support
leothedragon 0:8f0bb79ddd48 451 * padding (e.g. CBC)
leothedragon 0:8f0bb79ddd48 452 *
leothedragon 0:8f0bb79ddd48 453 * If you disable all padding modes, only full blocks can be used with CBC.
leothedragon 0:8f0bb79ddd48 454 *
leothedragon 0:8f0bb79ddd48 455 * Enable padding modes in the cipher layer.
leothedragon 0:8f0bb79ddd48 456 */
leothedragon 0:8f0bb79ddd48 457 #define MBEDTLS_CIPHER_PADDING_PKCS7
leothedragon 0:8f0bb79ddd48 458 //#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
leothedragon 0:8f0bb79ddd48 459 //#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
leothedragon 0:8f0bb79ddd48 460 //#define MBEDTLS_CIPHER_PADDING_ZEROS
leothedragon 0:8f0bb79ddd48 461
leothedragon 0:8f0bb79ddd48 462 /**
leothedragon 0:8f0bb79ddd48 463 * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
leothedragon 0:8f0bb79ddd48 464 *
leothedragon 0:8f0bb79ddd48 465 * Enable weak ciphersuites in SSL / TLS.
leothedragon 0:8f0bb79ddd48 466 * Warning: Only do so when you know what you are doing. This allows for
leothedragon 0:8f0bb79ddd48 467 * channels with virtually no security at all!
leothedragon 0:8f0bb79ddd48 468 *
leothedragon 0:8f0bb79ddd48 469 * This enables the following ciphersuites:
leothedragon 0:8f0bb79ddd48 470 * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
leothedragon 0:8f0bb79ddd48 471 * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
leothedragon 0:8f0bb79ddd48 472 *
leothedragon 0:8f0bb79ddd48 473 * Uncomment this macro to enable weak ciphersuites
leothedragon 0:8f0bb79ddd48 474 */
leothedragon 0:8f0bb79ddd48 475 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
leothedragon 0:8f0bb79ddd48 476
leothedragon 0:8f0bb79ddd48 477 /**
leothedragon 0:8f0bb79ddd48 478 * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
leothedragon 0:8f0bb79ddd48 479 *
leothedragon 0:8f0bb79ddd48 480 * Remove RC4 ciphersuites by default in SSL / TLS.
leothedragon 0:8f0bb79ddd48 481 * This flag removes the ciphersuites based on RC4 from the default list as
leothedragon 0:8f0bb79ddd48 482 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
leothedragon 0:8f0bb79ddd48 483 * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
leothedragon 0:8f0bb79ddd48 484 * explicitly.
leothedragon 0:8f0bb79ddd48 485 *
leothedragon 0:8f0bb79ddd48 486 * Uncomment this macro to remove RC4 ciphersuites by default.
leothedragon 0:8f0bb79ddd48 487 */
leothedragon 0:8f0bb79ddd48 488 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
leothedragon 0:8f0bb79ddd48 489
leothedragon 0:8f0bb79ddd48 490 /**
leothedragon 0:8f0bb79ddd48 491 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
leothedragon 0:8f0bb79ddd48 492 *
leothedragon 0:8f0bb79ddd48 493 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
leothedragon 0:8f0bb79ddd48 494 * module. By default all supported curves are enabled.
leothedragon 0:8f0bb79ddd48 495 *
leothedragon 0:8f0bb79ddd48 496 * Comment macros to disable the curve and functions for it
leothedragon 0:8f0bb79ddd48 497 */
leothedragon 0:8f0bb79ddd48 498 //#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
leothedragon 0:8f0bb79ddd48 499 //#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
leothedragon 0:8f0bb79ddd48 500 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
leothedragon 0:8f0bb79ddd48 501 //#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
leothedragon 0:8f0bb79ddd48 502 //#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
leothedragon 0:8f0bb79ddd48 503 //#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
leothedragon 0:8f0bb79ddd48 504 //#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
leothedragon 0:8f0bb79ddd48 505 //#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
leothedragon 0:8f0bb79ddd48 506 //#define MBEDTLS_ECP_DP_BP256R1_ENABLED
leothedragon 0:8f0bb79ddd48 507 //#define MBEDTLS_ECP_DP_BP384R1_ENABLED
leothedragon 0:8f0bb79ddd48 508 //#define MBEDTLS_ECP_DP_BP512R1_ENABLED
leothedragon 0:8f0bb79ddd48 509 //#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
leothedragon 0:8f0bb79ddd48 510
leothedragon 0:8f0bb79ddd48 511 /**
leothedragon 0:8f0bb79ddd48 512 * \def MBEDTLS_ECP_NIST_OPTIM
leothedragon 0:8f0bb79ddd48 513 *
leothedragon 0:8f0bb79ddd48 514 * Enable specific 'modulo p' routines for each NIST prime.
leothedragon 0:8f0bb79ddd48 515 * Depending on the prime and architecture, makes operations 4 to 8 times
leothedragon 0:8f0bb79ddd48 516 * faster on the corresponding curve.
leothedragon 0:8f0bb79ddd48 517 *
leothedragon 0:8f0bb79ddd48 518 * Comment this macro to disable NIST curves optimisation.
leothedragon 0:8f0bb79ddd48 519 */
leothedragon 0:8f0bb79ddd48 520 #define MBEDTLS_ECP_NIST_OPTIM
leothedragon 0:8f0bb79ddd48 521
leothedragon 0:8f0bb79ddd48 522 /**
leothedragon 0:8f0bb79ddd48 523 * \def MBEDTLS_ECDSA_DETERMINISTIC
leothedragon 0:8f0bb79ddd48 524 *
leothedragon 0:8f0bb79ddd48 525 * Enable deterministic ECDSA (RFC 6979).
leothedragon 0:8f0bb79ddd48 526 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
leothedragon 0:8f0bb79ddd48 527 * may result in a compromise of the long-term signing key. This is avoided by
leothedragon 0:8f0bb79ddd48 528 * the deterministic variant.
leothedragon 0:8f0bb79ddd48 529 *
leothedragon 0:8f0bb79ddd48 530 * Requires: MBEDTLS_HMAC_DRBG_C
leothedragon 0:8f0bb79ddd48 531 *
leothedragon 0:8f0bb79ddd48 532 * Comment this macro to disable deterministic ECDSA.
leothedragon 0:8f0bb79ddd48 533 */
leothedragon 0:8f0bb79ddd48 534 #define MBEDTLS_ECDSA_DETERMINISTIC
leothedragon 0:8f0bb79ddd48 535 /**
leothedragon 0:8f0bb79ddd48 536 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 537 *
leothedragon 0:8f0bb79ddd48 538 * Enable the PSK based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 539 *
leothedragon 0:8f0bb79ddd48 540 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 541 * enabled as well):
leothedragon 0:8f0bb79ddd48 542 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 543 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 544 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 545 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 546 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 547 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 548 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 549 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 550 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 551 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 552 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 553 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 554 */
leothedragon 0:8f0bb79ddd48 555 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 556
leothedragon 0:8f0bb79ddd48 557 /**
leothedragon 0:8f0bb79ddd48 558 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 559 *
leothedragon 0:8f0bb79ddd48 560 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 561 *
leothedragon 0:8f0bb79ddd48 562 * Requires: MBEDTLS_DHM_C
leothedragon 0:8f0bb79ddd48 563 *
leothedragon 0:8f0bb79ddd48 564 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 565 * enabled as well):
leothedragon 0:8f0bb79ddd48 566 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 567 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 568 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 569 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 570 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 571 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 572 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 573 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 574 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 575 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 576 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 577 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 578 */
leothedragon 0:8f0bb79ddd48 579 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 580
leothedragon 0:8f0bb79ddd48 581 /**
leothedragon 0:8f0bb79ddd48 582 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 583 *
leothedragon 0:8f0bb79ddd48 584 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 585 *
leothedragon 0:8f0bb79ddd48 586 * Requires: MBEDTLS_ECDH_C
leothedragon 0:8f0bb79ddd48 587 *
leothedragon 0:8f0bb79ddd48 588 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 589 * enabled as well):
leothedragon 0:8f0bb79ddd48 590 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 591 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 592 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 593 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 594 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 595 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 596 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 597 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 598 */
leothedragon 0:8f0bb79ddd48 599 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 600
leothedragon 0:8f0bb79ddd48 601 /**
leothedragon 0:8f0bb79ddd48 602 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 603 *
leothedragon 0:8f0bb79ddd48 604 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 605 *
leothedragon 0:8f0bb79ddd48 606 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
leothedragon 0:8f0bb79ddd48 607 * MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 608 *
leothedragon 0:8f0bb79ddd48 609 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 610 * enabled as well):
leothedragon 0:8f0bb79ddd48 611 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 612 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 613 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 614 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 615 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 616 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 617 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 618 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 619 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 620 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 621 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 622 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 623 */
leothedragon 0:8f0bb79ddd48 624 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
leothedragon 0:8f0bb79ddd48 625
leothedragon 0:8f0bb79ddd48 626 /**
leothedragon 0:8f0bb79ddd48 627 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 628 *
leothedragon 0:8f0bb79ddd48 629 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 630 *
leothedragon 0:8f0bb79ddd48 631 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
leothedragon 0:8f0bb79ddd48 632 * MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 633 *
leothedragon 0:8f0bb79ddd48 634 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 635 * enabled as well):
leothedragon 0:8f0bb79ddd48 636 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 637 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 638 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 639 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 640 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 641 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 642 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 643 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 644 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 645 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 646 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 647 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 648 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 649 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 650 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
leothedragon 0:8f0bb79ddd48 651 */
leothedragon 0:8f0bb79ddd48 652 //#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 653
leothedragon 0:8f0bb79ddd48 654 /**
leothedragon 0:8f0bb79ddd48 655 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 656 *
leothedragon 0:8f0bb79ddd48 657 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 658 *
leothedragon 0:8f0bb79ddd48 659 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
leothedragon 0:8f0bb79ddd48 660 * MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 661 *
leothedragon 0:8f0bb79ddd48 662 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 663 * enabled as well):
leothedragon 0:8f0bb79ddd48 664 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 665 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 666 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 667 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 668 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 669 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 670 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 671 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 672 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 673 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 674 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 675 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 676 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 677 */
leothedragon 0:8f0bb79ddd48 678 //#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 679
leothedragon 0:8f0bb79ddd48 680 /**
leothedragon 0:8f0bb79ddd48 681 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 682 *
leothedragon 0:8f0bb79ddd48 683 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 684 *
leothedragon 0:8f0bb79ddd48 685 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
leothedragon 0:8f0bb79ddd48 686 * MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 687 *
leothedragon 0:8f0bb79ddd48 688 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 689 * enabled as well):
leothedragon 0:8f0bb79ddd48 690 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 691 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 692 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 693 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 694 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 695 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 696 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 697 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 698 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 699 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 700 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 701 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 702 */
leothedragon 0:8f0bb79ddd48 703 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 704
leothedragon 0:8f0bb79ddd48 705 /**
leothedragon 0:8f0bb79ddd48 706 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
leothedragon 0:8f0bb79ddd48 707 *
leothedragon 0:8f0bb79ddd48 708 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 709 *
leothedragon 0:8f0bb79ddd48 710 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
leothedragon 0:8f0bb79ddd48 711 *
leothedragon 0:8f0bb79ddd48 712 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 713 * enabled as well):
leothedragon 0:8f0bb79ddd48 714 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 715 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 716 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 717 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 718 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 719 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 720 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 721 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 722 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 723 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 724 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 725 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 726 */
leothedragon 0:8f0bb79ddd48 727 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
leothedragon 0:8f0bb79ddd48 728 /**
leothedragon 0:8f0bb79ddd48 729 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
leothedragon 0:8f0bb79ddd48 730 *
leothedragon 0:8f0bb79ddd48 731 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 732 *
leothedragon 0:8f0bb79ddd48 733 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 734 *
leothedragon 0:8f0bb79ddd48 735 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 736 * enabled as well):
leothedragon 0:8f0bb79ddd48 737 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 738 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 739 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 740 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 741 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 742 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 743 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 744 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 745 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 746 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 747 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 748 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 749 */
leothedragon 0:8f0bb79ddd48 750 //#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
leothedragon 0:8f0bb79ddd48 751
leothedragon 0:8f0bb79ddd48 752 /**
leothedragon 0:8f0bb79ddd48 753 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 754 *
leothedragon 0:8f0bb79ddd48 755 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 756 *
leothedragon 0:8f0bb79ddd48 757 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 758 *
leothedragon 0:8f0bb79ddd48 759 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 760 * enabled as well):
leothedragon 0:8f0bb79ddd48 761 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 762 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 763 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 764 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 765 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 766 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 767 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 768 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 769 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 770 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 771 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 772 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 773 */
leothedragon 0:8f0bb79ddd48 774 //#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
leothedragon 0:8f0bb79ddd48 775
leothedragon 0:8f0bb79ddd48 776 /**
leothedragon 0:8f0bb79ddd48 777 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
leothedragon 0:8f0bb79ddd48 778 *
leothedragon 0:8f0bb79ddd48 779 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
leothedragon 0:8f0bb79ddd48 780 *
leothedragon 0:8f0bb79ddd48 781 * \warning This is currently experimental. EC J-PAKE support is based on the
leothedragon 0:8f0bb79ddd48 782 * Thread v1.0.0 specification; incompatible changes to the specification
leothedragon 0:8f0bb79ddd48 783 * might still happen. For this reason, this is disabled by default.
leothedragon 0:8f0bb79ddd48 784 *
leothedragon 0:8f0bb79ddd48 785 * Requires: MBEDTLS_ECJPAKE_C
leothedragon 0:8f0bb79ddd48 786 * MBEDTLS_SHA256_C
leothedragon 0:8f0bb79ddd48 787 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
leothedragon 0:8f0bb79ddd48 788 *
leothedragon 0:8f0bb79ddd48 789 * This enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 790 * enabled as well):
leothedragon 0:8f0bb79ddd48 791 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
leothedragon 0:8f0bb79ddd48 792 */
leothedragon 0:8f0bb79ddd48 793 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
leothedragon 0:8f0bb79ddd48 794
leothedragon 0:8f0bb79ddd48 795 /**
leothedragon 0:8f0bb79ddd48 796 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
leothedragon 0:8f0bb79ddd48 797 *
leothedragon 0:8f0bb79ddd48 798 * Enhance support for reading EC keys using variants of SEC1 not allowed by
leothedragon 0:8f0bb79ddd48 799 * RFC 5915 and RFC 5480.
leothedragon 0:8f0bb79ddd48 800 *
leothedragon 0:8f0bb79ddd48 801 * Currently this means parsing the SpecifiedECDomain choice of EC
leothedragon 0:8f0bb79ddd48 802 * parameters (only known groups are supported, not arbitrary domains, to
leothedragon 0:8f0bb79ddd48 803 * avoid validation issues).
leothedragon 0:8f0bb79ddd48 804 *
leothedragon 0:8f0bb79ddd48 805 * Disable if you only need to support RFC 5915 + 5480 key formats.
leothedragon 0:8f0bb79ddd48 806 */
leothedragon 0:8f0bb79ddd48 807 //#define MBEDTLS_PK_PARSE_EC_EXTENDED
leothedragon 0:8f0bb79ddd48 808
leothedragon 0:8f0bb79ddd48 809 /**
leothedragon 0:8f0bb79ddd48 810 * \def MBEDTLS_ERROR_STRERROR_DUMMY
leothedragon 0:8f0bb79ddd48 811 *
leothedragon 0:8f0bb79ddd48 812 * Enable a dummy error function to make use of mbedtls_strerror() in
leothedragon 0:8f0bb79ddd48 813 * third party libraries easier when MBEDTLS_ERROR_C is disabled
leothedragon 0:8f0bb79ddd48 814 * (no effect when MBEDTLS_ERROR_C is enabled).
leothedragon 0:8f0bb79ddd48 815 *
leothedragon 0:8f0bb79ddd48 816 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
leothedragon 0:8f0bb79ddd48 817 * not using mbedtls_strerror() or error_strerror() in your application.
leothedragon 0:8f0bb79ddd48 818 *
leothedragon 0:8f0bb79ddd48 819 * Disable if you run into name conflicts and want to really remove the
leothedragon 0:8f0bb79ddd48 820 * mbedtls_strerror()
leothedragon 0:8f0bb79ddd48 821 */
leothedragon 0:8f0bb79ddd48 822 //#define MBEDTLS_ERROR_STRERROR_DUMMY
leothedragon 0:8f0bb79ddd48 823
leothedragon 0:8f0bb79ddd48 824 /**
leothedragon 0:8f0bb79ddd48 825 * \def MBEDTLS_GENPRIME
leothedragon 0:8f0bb79ddd48 826 *
leothedragon 0:8f0bb79ddd48 827 * Enable the prime-number generation code.
leothedragon 0:8f0bb79ddd48 828 *
leothedragon 0:8f0bb79ddd48 829 * Requires: MBEDTLS_BIGNUM_C
leothedragon 0:8f0bb79ddd48 830 */
leothedragon 0:8f0bb79ddd48 831 //#define MBEDTLS_GENPRIME
leothedragon 0:8f0bb79ddd48 832
leothedragon 0:8f0bb79ddd48 833 /**
leothedragon 0:8f0bb79ddd48 834 * \def MBEDTLS_FS_IO
leothedragon 0:8f0bb79ddd48 835 *
leothedragon 0:8f0bb79ddd48 836 * Enable functions that use the filesystem.
leothedragon 0:8f0bb79ddd48 837 */
leothedragon 0:8f0bb79ddd48 838 //#define MBEDTLS_FS_IO
leothedragon 0:8f0bb79ddd48 839
leothedragon 0:8f0bb79ddd48 840 /**
leothedragon 0:8f0bb79ddd48 841 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
leothedragon 0:8f0bb79ddd48 842 *
leothedragon 0:8f0bb79ddd48 843 * Do not add default entropy sources. These are the platform specific,
leothedragon 0:8f0bb79ddd48 844 * mbedtls_timing_hardclock and HAVEGE based poll functions.
leothedragon 0:8f0bb79ddd48 845 *
leothedragon 0:8f0bb79ddd48 846 * This is useful to have more control over the added entropy sources in an
leothedragon 0:8f0bb79ddd48 847 * application.
leothedragon 0:8f0bb79ddd48 848 *
leothedragon 0:8f0bb79ddd48 849 * Uncomment this macro to prevent loading of default entropy functions.
leothedragon 0:8f0bb79ddd48 850 */
leothedragon 0:8f0bb79ddd48 851 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
leothedragon 0:8f0bb79ddd48 852
leothedragon 0:8f0bb79ddd48 853 /**
leothedragon 0:8f0bb79ddd48 854 * \def MBEDTLS_NO_PLATFORM_ENTROPY
leothedragon 0:8f0bb79ddd48 855 *
leothedragon 0:8f0bb79ddd48 856 * Do not use built-in platform entropy functions.
leothedragon 0:8f0bb79ddd48 857 * This is useful if your platform does not support
leothedragon 0:8f0bb79ddd48 858 * standards like the /dev/urandom or Windows CryptoAPI.
leothedragon 0:8f0bb79ddd48 859 *
leothedragon 0:8f0bb79ddd48 860 * Uncomment this macro to disable the built-in platform entropy functions.
leothedragon 0:8f0bb79ddd48 861 */
leothedragon 0:8f0bb79ddd48 862 //#define MBEDTLS_NO_PLATFORM_ENTROPY
leothedragon 0:8f0bb79ddd48 863
leothedragon 0:8f0bb79ddd48 864 /**
leothedragon 0:8f0bb79ddd48 865 * \def MBEDTLS_ENTROPY_FORCE_SHA256
leothedragon 0:8f0bb79ddd48 866 *
leothedragon 0:8f0bb79ddd48 867 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
leothedragon 0:8f0bb79ddd48 868 * default SHA-512 based one (if both are available).
leothedragon 0:8f0bb79ddd48 869 *
leothedragon 0:8f0bb79ddd48 870 * Requires: MBEDTLS_SHA256_C
leothedragon 0:8f0bb79ddd48 871 *
leothedragon 0:8f0bb79ddd48 872 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
leothedragon 0:8f0bb79ddd48 873 * if you have performance concerns.
leothedragon 0:8f0bb79ddd48 874 *
leothedragon 0:8f0bb79ddd48 875 * This option is only useful if both MBEDTLS_SHA256_C and
leothedragon 0:8f0bb79ddd48 876 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
leothedragon 0:8f0bb79ddd48 877 */
leothedragon 0:8f0bb79ddd48 878 //#define MBEDTLS_ENTROPY_FORCE_SHA256
leothedragon 0:8f0bb79ddd48 879
leothedragon 0:8f0bb79ddd48 880 /**
leothedragon 0:8f0bb79ddd48 881 * \def MBEDTLS_ENTROPY_NV_SEED
leothedragon 0:8f0bb79ddd48 882 *
leothedragon 0:8f0bb79ddd48 883 * Enable the non-volatile (NV) seed file-based entropy source.
leothedragon 0:8f0bb79ddd48 884 * (Also enables the NV seed read/write functions in the platform layer)
leothedragon 0:8f0bb79ddd48 885 *
leothedragon 0:8f0bb79ddd48 886 * This is crucial (if not required) on systems that do not have a
leothedragon 0:8f0bb79ddd48 887 * cryptographic entropy source (in hardware or kernel) available.
leothedragon 0:8f0bb79ddd48 888 *
leothedragon 0:8f0bb79ddd48 889 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
leothedragon 0:8f0bb79ddd48 890 *
leothedragon 0:8f0bb79ddd48 891 * \note The read/write functions that are used by the entropy source are
leothedragon 0:8f0bb79ddd48 892 * determined in the platform layer, and can be modified at runtime and/or
leothedragon 0:8f0bb79ddd48 893 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
leothedragon 0:8f0bb79ddd48 894 *
leothedragon 0:8f0bb79ddd48 895 * \note If you use the default implementation functions that read a seedfile
leothedragon 0:8f0bb79ddd48 896 * with regular fopen(), please make sure you make a seedfile with the
leothedragon 0:8f0bb79ddd48 897 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
leothedragon 0:8f0bb79ddd48 898 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
leothedragon 0:8f0bb79ddd48 899 * and written to or you will get an entropy source error! The default
leothedragon 0:8f0bb79ddd48 900 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
leothedragon 0:8f0bb79ddd48 901 * bytes from the file.
leothedragon 0:8f0bb79ddd48 902 *
leothedragon 0:8f0bb79ddd48 903 * \note The entropy collector will write to the seed file before entropy is
leothedragon 0:8f0bb79ddd48 904 * given to an external source, to update it.
leothedragon 0:8f0bb79ddd48 905 */
leothedragon 0:8f0bb79ddd48 906 //#define MBEDTLS_ENTROPY_NV_SEED
leothedragon 0:8f0bb79ddd48 907
leothedragon 0:8f0bb79ddd48 908 /**
leothedragon 0:8f0bb79ddd48 909 * \def MBEDTLS_MEMORY_DEBUG
leothedragon 0:8f0bb79ddd48 910 *
leothedragon 0:8f0bb79ddd48 911 * Enable debugging of buffer allocator memory issues. Automatically prints
leothedragon 0:8f0bb79ddd48 912 * (to stderr) all (fatal) messages on memory allocation issues. Enables
leothedragon 0:8f0bb79ddd48 913 * function for 'debug output' of allocated memory.
leothedragon 0:8f0bb79ddd48 914 *
leothedragon 0:8f0bb79ddd48 915 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
leothedragon 0:8f0bb79ddd48 916 *
leothedragon 0:8f0bb79ddd48 917 * Uncomment this macro to let the buffer allocator print out error messages.
leothedragon 0:8f0bb79ddd48 918 */
leothedragon 0:8f0bb79ddd48 919 //#define MBEDTLS_MEMORY_DEBUG
leothedragon 0:8f0bb79ddd48 920
leothedragon 0:8f0bb79ddd48 921 /**
leothedragon 0:8f0bb79ddd48 922 * \def MBEDTLS_MEMORY_BACKTRACE
leothedragon 0:8f0bb79ddd48 923 *
leothedragon 0:8f0bb79ddd48 924 * Include backtrace information with each allocated block.
leothedragon 0:8f0bb79ddd48 925 *
leothedragon 0:8f0bb79ddd48 926 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
leothedragon 0:8f0bb79ddd48 927 * GLIBC-compatible backtrace() an backtrace_symbols() support
leothedragon 0:8f0bb79ddd48 928 *
leothedragon 0:8f0bb79ddd48 929 * Uncomment this macro to include backtrace information
leothedragon 0:8f0bb79ddd48 930 */
leothedragon 0:8f0bb79ddd48 931 //#define MBEDTLS_MEMORY_BACKTRACE
leothedragon 0:8f0bb79ddd48 932
leothedragon 0:8f0bb79ddd48 933 /**
leothedragon 0:8f0bb79ddd48 934 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
leothedragon 0:8f0bb79ddd48 935 *
leothedragon 0:8f0bb79ddd48 936 * Support external private RSA keys (eg from a HSM) in the PK layer.
leothedragon 0:8f0bb79ddd48 937 *
leothedragon 0:8f0bb79ddd48 938 * Comment this macro to disable support for external private RSA keys.
leothedragon 0:8f0bb79ddd48 939 */
leothedragon 0:8f0bb79ddd48 940 //#define MBEDTLS_PK_RSA_ALT_SUPPORT
leothedragon 0:8f0bb79ddd48 941
leothedragon 0:8f0bb79ddd48 942 /**
leothedragon 0:8f0bb79ddd48 943 * \def MBEDTLS_PKCS1_V15
leothedragon 0:8f0bb79ddd48 944 *
leothedragon 0:8f0bb79ddd48 945 * Enable support for PKCS#1 v1.5 encoding.
leothedragon 0:8f0bb79ddd48 946 *
leothedragon 0:8f0bb79ddd48 947 * Requires: MBEDTLS_RSA_C
leothedragon 0:8f0bb79ddd48 948 *
leothedragon 0:8f0bb79ddd48 949 * This enables support for PKCS#1 v1.5 operations.
leothedragon 0:8f0bb79ddd48 950 */
leothedragon 0:8f0bb79ddd48 951 #define MBEDTLS_PKCS1_V15
leothedragon 0:8f0bb79ddd48 952
leothedragon 0:8f0bb79ddd48 953 /**
leothedragon 0:8f0bb79ddd48 954 * \def MBEDTLS_PKCS1_V21
leothedragon 0:8f0bb79ddd48 955 *
leothedragon 0:8f0bb79ddd48 956 * Enable support for PKCS#1 v2.1 encoding.
leothedragon 0:8f0bb79ddd48 957 *
leothedragon 0:8f0bb79ddd48 958 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
leothedragon 0:8f0bb79ddd48 959 *
leothedragon 0:8f0bb79ddd48 960 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
leothedragon 0:8f0bb79ddd48 961 */
leothedragon 0:8f0bb79ddd48 962 #define MBEDTLS_PKCS1_V21
leothedragon 0:8f0bb79ddd48 963
leothedragon 0:8f0bb79ddd48 964 /**
leothedragon 0:8f0bb79ddd48 965 * \def MBEDTLS_RSA_NO_CRT
leothedragon 0:8f0bb79ddd48 966 *
leothedragon 0:8f0bb79ddd48 967 * Do not use the Chinese Remainder Theorem for the RSA private operation.
leothedragon 0:8f0bb79ddd48 968 *
leothedragon 0:8f0bb79ddd48 969 * Uncomment this macro to disable the use of CRT in RSA.
leothedragon 0:8f0bb79ddd48 970 *
leothedragon 0:8f0bb79ddd48 971 */
leothedragon 0:8f0bb79ddd48 972 //#define MBEDTLS_RSA_NO_CRT
leothedragon 0:8f0bb79ddd48 973
leothedragon 0:8f0bb79ddd48 974 /**
leothedragon 0:8f0bb79ddd48 975 * \def MBEDTLS_SELF_TEST
leothedragon 0:8f0bb79ddd48 976 *
leothedragon 0:8f0bb79ddd48 977 * Enable the checkup functions (*_self_test).
leothedragon 0:8f0bb79ddd48 978 */
leothedragon 0:8f0bb79ddd48 979 //#define MBEDTLS_SELF_TEST
leothedragon 0:8f0bb79ddd48 980
leothedragon 0:8f0bb79ddd48 981 /**
leothedragon 0:8f0bb79ddd48 982 * \def MBEDTLS_SHA256_SMALLER
leothedragon 0:8f0bb79ddd48 983 *
leothedragon 0:8f0bb79ddd48 984 * Enable an implementation of SHA-256 that has lower ROM footprint but also
leothedragon 0:8f0bb79ddd48 985 * lower performance.
leothedragon 0:8f0bb79ddd48 986 *
leothedragon 0:8f0bb79ddd48 987 * The default implementation is meant to be a reasonnable compromise between
leothedragon 0:8f0bb79ddd48 988 * performance and size. This version optimizes more aggressively for size at
leothedragon 0:8f0bb79ddd48 989 * the expense of performance. Eg on Cortex-M4 it reduces the size of
leothedragon 0:8f0bb79ddd48 990 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
leothedragon 0:8f0bb79ddd48 991 * 30%.
leothedragon 0:8f0bb79ddd48 992 *
leothedragon 0:8f0bb79ddd48 993 * Uncomment to enable the smaller implementation of SHA256.
leothedragon 0:8f0bb79ddd48 994 */
leothedragon 0:8f0bb79ddd48 995 //#define MBEDTLS_SHA256_SMALLER
leothedragon 0:8f0bb79ddd48 996
leothedragon 0:8f0bb79ddd48 997 /**
leothedragon 0:8f0bb79ddd48 998 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
leothedragon 0:8f0bb79ddd48 999 *
leothedragon 0:8f0bb79ddd48 1000 * Enable sending of alert messages in case of encountered errors as per RFC.
leothedragon 0:8f0bb79ddd48 1001 * If you choose not to send the alert messages, mbed TLS can still communicate
leothedragon 0:8f0bb79ddd48 1002 * with other servers, only debugging of failures is harder.
leothedragon 0:8f0bb79ddd48 1003 *
leothedragon 0:8f0bb79ddd48 1004 * The advantage of not sending alert messages, is that no information is given
leothedragon 0:8f0bb79ddd48 1005 * about reasons for failures thus preventing adversaries of gaining intel.
leothedragon 0:8f0bb79ddd48 1006 *
leothedragon 0:8f0bb79ddd48 1007 * Enable sending of all alert messages
leothedragon 0:8f0bb79ddd48 1008 */
leothedragon 0:8f0bb79ddd48 1009 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
leothedragon 0:8f0bb79ddd48 1010
leothedragon 0:8f0bb79ddd48 1011 /**
leothedragon 0:8f0bb79ddd48 1012 * \def MBEDTLS_SSL_DEBUG_ALL
leothedragon 0:8f0bb79ddd48 1013 *
leothedragon 0:8f0bb79ddd48 1014 * Enable the debug messages in SSL module for all issues.
leothedragon 0:8f0bb79ddd48 1015 * Debug messages have been disabled in some places to prevent timing
leothedragon 0:8f0bb79ddd48 1016 * attacks due to (unbalanced) debugging function calls.
leothedragon 0:8f0bb79ddd48 1017 *
leothedragon 0:8f0bb79ddd48 1018 * If you need all error reporting you should enable this during debugging,
leothedragon 0:8f0bb79ddd48 1019 * but remove this for production servers that should log as well.
leothedragon 0:8f0bb79ddd48 1020 *
leothedragon 0:8f0bb79ddd48 1021 * Uncomment this macro to report all debug messages on errors introducing
leothedragon 0:8f0bb79ddd48 1022 * a timing side-channel.
leothedragon 0:8f0bb79ddd48 1023 *
leothedragon 0:8f0bb79ddd48 1024 */
leothedragon 0:8f0bb79ddd48 1025 //#define MBEDTLS_SSL_DEBUG_ALL
leothedragon 0:8f0bb79ddd48 1026
leothedragon 0:8f0bb79ddd48 1027 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
leothedragon 0:8f0bb79ddd48 1028 *
leothedragon 0:8f0bb79ddd48 1029 * Enable support for Encrypt-then-MAC, RFC 7366.
leothedragon 0:8f0bb79ddd48 1030 *
leothedragon 0:8f0bb79ddd48 1031 * This allows peers that both support it to use a more robust protection for
leothedragon 0:8f0bb79ddd48 1032 * ciphersuites using CBC, providing deep resistance against timing attacks
leothedragon 0:8f0bb79ddd48 1033 * on the padding or underlying cipher.
leothedragon 0:8f0bb79ddd48 1034 *
leothedragon 0:8f0bb79ddd48 1035 * This only affects CBC ciphersuites, and is useless if none is defined.
leothedragon 0:8f0bb79ddd48 1036 *
leothedragon 0:8f0bb79ddd48 1037 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
leothedragon 0:8f0bb79ddd48 1038 * MBEDTLS_SSL_PROTO_TLS1_1 or
leothedragon 0:8f0bb79ddd48 1039 * MBEDTLS_SSL_PROTO_TLS1_2
leothedragon 0:8f0bb79ddd48 1040 *
leothedragon 0:8f0bb79ddd48 1041 * Comment this macro to disable support for Encrypt-then-MAC
leothedragon 0:8f0bb79ddd48 1042 */
leothedragon 0:8f0bb79ddd48 1043 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
leothedragon 0:8f0bb79ddd48 1044
leothedragon 0:8f0bb79ddd48 1045 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
leothedragon 0:8f0bb79ddd48 1046 *
leothedragon 0:8f0bb79ddd48 1047 * Enable support for Extended Master Secret, aka Session Hash
leothedragon 0:8f0bb79ddd48 1048 * (draft-ietf-tls-session-hash-02).
leothedragon 0:8f0bb79ddd48 1049 *
leothedragon 0:8f0bb79ddd48 1050 * This was introduced as "the proper fix" to the Triple Handshake familiy of
leothedragon 0:8f0bb79ddd48 1051 * attacks, but it is recommended to always use it (even if you disable
leothedragon 0:8f0bb79ddd48 1052 * renegotiation), since it actually fixes a more fundamental issue in the
leothedragon 0:8f0bb79ddd48 1053 * original SSL/TLS design, and has implications beyond Triple Handshake.
leothedragon 0:8f0bb79ddd48 1054 *
leothedragon 0:8f0bb79ddd48 1055 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
leothedragon 0:8f0bb79ddd48 1056 * MBEDTLS_SSL_PROTO_TLS1_1 or
leothedragon 0:8f0bb79ddd48 1057 * MBEDTLS_SSL_PROTO_TLS1_2
leothedragon 0:8f0bb79ddd48 1058 *
leothedragon 0:8f0bb79ddd48 1059 * Comment this macro to disable support for Extended Master Secret.
leothedragon 0:8f0bb79ddd48 1060 */
leothedragon 0:8f0bb79ddd48 1061 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
leothedragon 0:8f0bb79ddd48 1062
leothedragon 0:8f0bb79ddd48 1063 /**
leothedragon 0:8f0bb79ddd48 1064 * \def MBEDTLS_SSL_FALLBACK_SCSV
leothedragon 0:8f0bb79ddd48 1065 *
leothedragon 0:8f0bb79ddd48 1066 * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
leothedragon 0:8f0bb79ddd48 1067 *
leothedragon 0:8f0bb79ddd48 1068 * For servers, it is recommended to always enable this, unless you support
leothedragon 0:8f0bb79ddd48 1069 * only one version of TLS, or know for sure that none of your clients
leothedragon 0:8f0bb79ddd48 1070 * implements a fallback strategy.
leothedragon 0:8f0bb79ddd48 1071 *
leothedragon 0:8f0bb79ddd48 1072 * For clients, you only need this if you're using a fallback strategy, which
leothedragon 0:8f0bb79ddd48 1073 * is not recommended in the first place, unless you absolutely need it to
leothedragon 0:8f0bb79ddd48 1074 * interoperate with buggy (version-intolerant) servers.
leothedragon 0:8f0bb79ddd48 1075 *
leothedragon 0:8f0bb79ddd48 1076 * Comment this macro to disable support for FALLBACK_SCSV
leothedragon 0:8f0bb79ddd48 1077 */
leothedragon 0:8f0bb79ddd48 1078 //#define MBEDTLS_SSL_FALLBACK_SCSV
leothedragon 0:8f0bb79ddd48 1079
leothedragon 0:8f0bb79ddd48 1080 /**
leothedragon 0:8f0bb79ddd48 1081 * \def MBEDTLS_SSL_HW_RECORD_ACCEL
leothedragon 0:8f0bb79ddd48 1082 *
leothedragon 0:8f0bb79ddd48 1083 * Enable hooking functions in SSL module for hardware acceleration of
leothedragon 0:8f0bb79ddd48 1084 * individual records.
leothedragon 0:8f0bb79ddd48 1085 *
leothedragon 0:8f0bb79ddd48 1086 * Uncomment this macro to enable hooking functions.
leothedragon 0:8f0bb79ddd48 1087 */
leothedragon 0:8f0bb79ddd48 1088 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
leothedragon 0:8f0bb79ddd48 1089
leothedragon 0:8f0bb79ddd48 1090 /**
leothedragon 0:8f0bb79ddd48 1091 * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
leothedragon 0:8f0bb79ddd48 1092 *
leothedragon 0:8f0bb79ddd48 1093 * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
leothedragon 0:8f0bb79ddd48 1094 *
leothedragon 0:8f0bb79ddd48 1095 * This is a countermeasure to the BEAST attack, which also minimizes the risk
leothedragon 0:8f0bb79ddd48 1096 * of interoperability issues compared to sending 0-length records.
leothedragon 0:8f0bb79ddd48 1097 *
leothedragon 0:8f0bb79ddd48 1098 * Comment this macro to disable 1/n-1 record splitting.
leothedragon 0:8f0bb79ddd48 1099 */
leothedragon 0:8f0bb79ddd48 1100 //#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
leothedragon 0:8f0bb79ddd48 1101
leothedragon 0:8f0bb79ddd48 1102 /**
leothedragon 0:8f0bb79ddd48 1103 * \def MBEDTLS_SSL_RENEGOTIATION
leothedragon 0:8f0bb79ddd48 1104 *
leothedragon 0:8f0bb79ddd48 1105 * Enable support for TLS renegotiation.
leothedragon 0:8f0bb79ddd48 1106 *
leothedragon 0:8f0bb79ddd48 1107 * The two main uses of renegotiation are (1) refresh keys on long-lived
leothedragon 0:8f0bb79ddd48 1108 * connections and (2) client authentication after the initial handshake.
leothedragon 0:8f0bb79ddd48 1109 * If you don't need renegotiation, it's probably better to disable it, since
leothedragon 0:8f0bb79ddd48 1110 * it has been associated with security issues in the past and is easy to
leothedragon 0:8f0bb79ddd48 1111 * misuse/misunderstand.
leothedragon 0:8f0bb79ddd48 1112 *
leothedragon 0:8f0bb79ddd48 1113 * Comment this to disable support for renegotiation.
leothedragon 0:8f0bb79ddd48 1114 *
leothedragon 0:8f0bb79ddd48 1115 * \note Even if this option is disabled, both client and server are aware
leothedragon 0:8f0bb79ddd48 1116 * of the Renegotiation Indication Extension (RFC 5746) used to
leothedragon 0:8f0bb79ddd48 1117 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
leothedragon 0:8f0bb79ddd48 1118 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
leothedragon 0:8f0bb79ddd48 1119 * configuration of this extension).
leothedragon 0:8f0bb79ddd48 1120 *
leothedragon 0:8f0bb79ddd48 1121 * \note This feature is required by Device Management Client for Client-side
leothedragon 0:8f0bb79ddd48 1122 * certificate expiration verification. Disabling it will also require
leothedragon 0:8f0bb79ddd48 1123 * setting PAL_USE_SECURE_TIME to 0.
leothedragon 0:8f0bb79ddd48 1124 *
leothedragon 0:8f0bb79ddd48 1125 */
leothedragon 0:8f0bb79ddd48 1126 #define MBEDTLS_SSL_RENEGOTIATION
leothedragon 0:8f0bb79ddd48 1127
leothedragon 0:8f0bb79ddd48 1128 /**
leothedragon 0:8f0bb79ddd48 1129 * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
leothedragon 0:8f0bb79ddd48 1130 *
leothedragon 0:8f0bb79ddd48 1131 * Enable support for receiving and parsing SSLv2 Client Hello messages for the
leothedragon 0:8f0bb79ddd48 1132 * SSL Server module (MBEDTLS_SSL_SRV_C).
leothedragon 0:8f0bb79ddd48 1133 *
leothedragon 0:8f0bb79ddd48 1134 * Uncomment this macro to enable support for SSLv2 Client Hello messages.
leothedragon 0:8f0bb79ddd48 1135 */
leothedragon 0:8f0bb79ddd48 1136 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
leothedragon 0:8f0bb79ddd48 1137
leothedragon 0:8f0bb79ddd48 1138 /**
leothedragon 0:8f0bb79ddd48 1139 * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
leothedragon 0:8f0bb79ddd48 1140 *
leothedragon 0:8f0bb79ddd48 1141 * Pick the ciphersuite according to the client's preferences rather than ours
leothedragon 0:8f0bb79ddd48 1142 * in the SSL Server module (MBEDTLS_SSL_SRV_C).
leothedragon 0:8f0bb79ddd48 1143 *
leothedragon 0:8f0bb79ddd48 1144 * Uncomment this macro to respect client's ciphersuite order
leothedragon 0:8f0bb79ddd48 1145 */
leothedragon 0:8f0bb79ddd48 1146 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
leothedragon 0:8f0bb79ddd48 1147
leothedragon 0:8f0bb79ddd48 1148 /**
leothedragon 0:8f0bb79ddd48 1149 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
leothedragon 0:8f0bb79ddd48 1150 *
leothedragon 0:8f0bb79ddd48 1151 * Enable support for RFC 6066 max_fragment_length extension in SSL.
leothedragon 0:8f0bb79ddd48 1152 *
leothedragon 0:8f0bb79ddd48 1153 * Comment this macro to disable support for the max_fragment_length extension
leothedragon 0:8f0bb79ddd48 1154 */
leothedragon 0:8f0bb79ddd48 1155 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
leothedragon 0:8f0bb79ddd48 1156
leothedragon 0:8f0bb79ddd48 1157 /**
leothedragon 0:8f0bb79ddd48 1158 * \def MBEDTLS_SSL_PROTO_SSL3
leothedragon 0:8f0bb79ddd48 1159 *
leothedragon 0:8f0bb79ddd48 1160 * Enable support for SSL 3.0.
leothedragon 0:8f0bb79ddd48 1161 *
leothedragon 0:8f0bb79ddd48 1162 * Requires: MBEDTLS_MD5_C
leothedragon 0:8f0bb79ddd48 1163 * MBEDTLS_SHA1_C
leothedragon 0:8f0bb79ddd48 1164 *
leothedragon 0:8f0bb79ddd48 1165 * Comment this macro to disable support for SSL 3.0
leothedragon 0:8f0bb79ddd48 1166 */
leothedragon 0:8f0bb79ddd48 1167 //#define MBEDTLS_SSL_PROTO_SSL3
leothedragon 0:8f0bb79ddd48 1168
leothedragon 0:8f0bb79ddd48 1169 /**
leothedragon 0:8f0bb79ddd48 1170 * \def MBEDTLS_SSL_PROTO_TLS1
leothedragon 0:8f0bb79ddd48 1171 *
leothedragon 0:8f0bb79ddd48 1172 * Enable support for TLS 1.0.
leothedragon 0:8f0bb79ddd48 1173 *
leothedragon 0:8f0bb79ddd48 1174 * Requires: MBEDTLS_MD5_C
leothedragon 0:8f0bb79ddd48 1175 * MBEDTLS_SHA1_C
leothedragon 0:8f0bb79ddd48 1176 *
leothedragon 0:8f0bb79ddd48 1177 * Comment this macro to disable support for TLS 1.0
leothedragon 0:8f0bb79ddd48 1178 */
leothedragon 0:8f0bb79ddd48 1179 //#define MBEDTLS_SSL_PROTO_TLS1
leothedragon 0:8f0bb79ddd48 1180
leothedragon 0:8f0bb79ddd48 1181 /**
leothedragon 0:8f0bb79ddd48 1182 * \def MBEDTLS_SSL_PROTO_TLS1_1
leothedragon 0:8f0bb79ddd48 1183 *
leothedragon 0:8f0bb79ddd48 1184 * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
leothedragon 0:8f0bb79ddd48 1185 *
leothedragon 0:8f0bb79ddd48 1186 * Requires: MBEDTLS_MD5_C
leothedragon 0:8f0bb79ddd48 1187 * MBEDTLS_SHA1_C
leothedragon 0:8f0bb79ddd48 1188 *
leothedragon 0:8f0bb79ddd48 1189 * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
leothedragon 0:8f0bb79ddd48 1190 */
leothedragon 0:8f0bb79ddd48 1191 //#define MBEDTLS_SSL_PROTO_TLS1_1
leothedragon 0:8f0bb79ddd48 1192
leothedragon 0:8f0bb79ddd48 1193 /**
leothedragon 0:8f0bb79ddd48 1194 * \def MBEDTLS_SSL_PROTO_TLS1_2
leothedragon 0:8f0bb79ddd48 1195 *
leothedragon 0:8f0bb79ddd48 1196 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
leothedragon 0:8f0bb79ddd48 1197 *
leothedragon 0:8f0bb79ddd48 1198 * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
leothedragon 0:8f0bb79ddd48 1199 * (Depends on ciphersuites)
leothedragon 0:8f0bb79ddd48 1200 *
leothedragon 0:8f0bb79ddd48 1201 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
leothedragon 0:8f0bb79ddd48 1202 */
leothedragon 0:8f0bb79ddd48 1203 #define MBEDTLS_SSL_PROTO_TLS1_2
leothedragon 0:8f0bb79ddd48 1204
leothedragon 0:8f0bb79ddd48 1205 /**
leothedragon 0:8f0bb79ddd48 1206 * \def MBEDTLS_SSL_PROTO_DTLS
leothedragon 0:8f0bb79ddd48 1207 *
leothedragon 0:8f0bb79ddd48 1208 * Enable support for DTLS (all available versions).
leothedragon 0:8f0bb79ddd48 1209 *
leothedragon 0:8f0bb79ddd48 1210 * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
leothedragon 0:8f0bb79ddd48 1211 * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
leothedragon 0:8f0bb79ddd48 1212 *
leothedragon 0:8f0bb79ddd48 1213 * Requires: MBEDTLS_SSL_PROTO_TLS1_1
leothedragon 0:8f0bb79ddd48 1214 * or MBEDTLS_SSL_PROTO_TLS1_2
leothedragon 0:8f0bb79ddd48 1215 *
leothedragon 0:8f0bb79ddd48 1216 * Comment this macro to disable support for DTLS
leothedragon 0:8f0bb79ddd48 1217 */
leothedragon 0:8f0bb79ddd48 1218 #define MBEDTLS_SSL_PROTO_DTLS
leothedragon 0:8f0bb79ddd48 1219
leothedragon 0:8f0bb79ddd48 1220 /**
leothedragon 0:8f0bb79ddd48 1221 * \def MBEDTLS_SSL_ALPN
leothedragon 0:8f0bb79ddd48 1222 *
leothedragon 0:8f0bb79ddd48 1223 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
leothedragon 0:8f0bb79ddd48 1224 *
leothedragon 0:8f0bb79ddd48 1225 * Comment this macro to disable support for ALPN.
leothedragon 0:8f0bb79ddd48 1226 */
leothedragon 0:8f0bb79ddd48 1227 #define MBEDTLS_SSL_ALPN
leothedragon 0:8f0bb79ddd48 1228
leothedragon 0:8f0bb79ddd48 1229 /**
leothedragon 0:8f0bb79ddd48 1230 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
leothedragon 0:8f0bb79ddd48 1231 *
leothedragon 0:8f0bb79ddd48 1232 * Enable support for the anti-replay mechanism in DTLS.
leothedragon 0:8f0bb79ddd48 1233 *
leothedragon 0:8f0bb79ddd48 1234 * Requires: MBEDTLS_SSL_TLS_C
leothedragon 0:8f0bb79ddd48 1235 * MBEDTLS_SSL_PROTO_DTLS
leothedragon 0:8f0bb79ddd48 1236 *
leothedragon 0:8f0bb79ddd48 1237 * \warning Disabling this is often a security risk!
leothedragon 0:8f0bb79ddd48 1238 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
leothedragon 0:8f0bb79ddd48 1239 *
leothedragon 0:8f0bb79ddd48 1240 * Comment this to disable anti-replay in DTLS.
leothedragon 0:8f0bb79ddd48 1241 */
leothedragon 0:8f0bb79ddd48 1242 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
leothedragon 0:8f0bb79ddd48 1243
leothedragon 0:8f0bb79ddd48 1244 /**
leothedragon 0:8f0bb79ddd48 1245 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
leothedragon 0:8f0bb79ddd48 1246 *
leothedragon 0:8f0bb79ddd48 1247 * Enable support for HelloVerifyRequest on DTLS servers.
leothedragon 0:8f0bb79ddd48 1248 *
leothedragon 0:8f0bb79ddd48 1249 * This feature is highly recommended to prevent DTLS servers being used as
leothedragon 0:8f0bb79ddd48 1250 * amplifiers in DoS attacks against other hosts. It should always be enabled
leothedragon 0:8f0bb79ddd48 1251 * unless you know for sure amplification cannot be a problem in the
leothedragon 0:8f0bb79ddd48 1252 * environment in which your server operates.
leothedragon 0:8f0bb79ddd48 1253 *
leothedragon 0:8f0bb79ddd48 1254 * \warning Disabling this can ba a security risk! (see above)
leothedragon 0:8f0bb79ddd48 1255 *
leothedragon 0:8f0bb79ddd48 1256 * Requires: MBEDTLS_SSL_PROTO_DTLS
leothedragon 0:8f0bb79ddd48 1257 *
leothedragon 0:8f0bb79ddd48 1258 * Comment this to disable support for HelloVerifyRequest.
leothedragon 0:8f0bb79ddd48 1259 */
leothedragon 0:8f0bb79ddd48 1260 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
leothedragon 0:8f0bb79ddd48 1261
leothedragon 0:8f0bb79ddd48 1262 /**
leothedragon 0:8f0bb79ddd48 1263 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
leothedragon 0:8f0bb79ddd48 1264 *
leothedragon 0:8f0bb79ddd48 1265 * Enable server-side support for clients that reconnect from the same port.
leothedragon 0:8f0bb79ddd48 1266 *
leothedragon 0:8f0bb79ddd48 1267 * Some clients unexpectedly close the connection and try to reconnect using the
leothedragon 0:8f0bb79ddd48 1268 * same source port. This needs special support from the server to handle the
leothedragon 0:8f0bb79ddd48 1269 * new connection securely, as described in section 4.2.8 of RFC 6347. This
leothedragon 0:8f0bb79ddd48 1270 * flag enables that support.
leothedragon 0:8f0bb79ddd48 1271 *
leothedragon 0:8f0bb79ddd48 1272 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
leothedragon 0:8f0bb79ddd48 1273 *
leothedragon 0:8f0bb79ddd48 1274 * Comment this to disable support for clients reusing the source port.
leothedragon 0:8f0bb79ddd48 1275 */
leothedragon 0:8f0bb79ddd48 1276 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
leothedragon 0:8f0bb79ddd48 1277
leothedragon 0:8f0bb79ddd48 1278 /**
leothedragon 0:8f0bb79ddd48 1279 * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
leothedragon 0:8f0bb79ddd48 1280 *
leothedragon 0:8f0bb79ddd48 1281 * Enable support for a limit of records with bad MAC.
leothedragon 0:8f0bb79ddd48 1282 *
leothedragon 0:8f0bb79ddd48 1283 * See mbedtls_ssl_conf_dtls_badmac_limit().
leothedragon 0:8f0bb79ddd48 1284 *
leothedragon 0:8f0bb79ddd48 1285 * Requires: MBEDTLS_SSL_PROTO_DTLS
leothedragon 0:8f0bb79ddd48 1286 */
leothedragon 0:8f0bb79ddd48 1287 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
leothedragon 0:8f0bb79ddd48 1288
leothedragon 0:8f0bb79ddd48 1289 /**
leothedragon 0:8f0bb79ddd48 1290 * \def MBEDTLS_SSL_SESSION_TICKETS
leothedragon 0:8f0bb79ddd48 1291 *
leothedragon 0:8f0bb79ddd48 1292 * Enable support for RFC 5077 session tickets in SSL.
leothedragon 0:8f0bb79ddd48 1293 * Client-side, provides full support for session tickets (maintainance of a
leothedragon 0:8f0bb79ddd48 1294 * session store remains the responsibility of the application, though).
leothedragon 0:8f0bb79ddd48 1295 * Server-side, you also need to provide callbacks for writing and parsing
leothedragon 0:8f0bb79ddd48 1296 * tickets, including authenticated encryption and key management. Example
leothedragon 0:8f0bb79ddd48 1297 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
leothedragon 0:8f0bb79ddd48 1298 *
leothedragon 0:8f0bb79ddd48 1299 * Comment this macro to disable support for SSL session tickets
leothedragon 0:8f0bb79ddd48 1300 */
leothedragon 0:8f0bb79ddd48 1301 #define MBEDTLS_SSL_SESSION_TICKETS
leothedragon 0:8f0bb79ddd48 1302
leothedragon 0:8f0bb79ddd48 1303 /**
leothedragon 0:8f0bb79ddd48 1304 * \def MBEDTLS_SSL_EXPORT_KEYS
leothedragon 0:8f0bb79ddd48 1305 *
leothedragon 0:8f0bb79ddd48 1306 * Enable support for exporting key block and master secret.
leothedragon 0:8f0bb79ddd48 1307 * This is required for certain users of TLS, e.g. EAP-TLS.
leothedragon 0:8f0bb79ddd48 1308 *
leothedragon 0:8f0bb79ddd48 1309 * Comment this macro to disable support for key export
leothedragon 0:8f0bb79ddd48 1310 */
leothedragon 0:8f0bb79ddd48 1311 #define MBEDTLS_SSL_EXPORT_KEYS
leothedragon 0:8f0bb79ddd48 1312
leothedragon 0:8f0bb79ddd48 1313 /**
leothedragon 0:8f0bb79ddd48 1314 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
leothedragon 0:8f0bb79ddd48 1315 *
leothedragon 0:8f0bb79ddd48 1316 * Enable support for RFC 6066 server name indication (SNI) in SSL.
leothedragon 0:8f0bb79ddd48 1317 *
leothedragon 0:8f0bb79ddd48 1318 * Requires: MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 1319 *
leothedragon 0:8f0bb79ddd48 1320 * Comment this macro to disable support for server name indication in SSL
leothedragon 0:8f0bb79ddd48 1321 */
leothedragon 0:8f0bb79ddd48 1322 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
leothedragon 0:8f0bb79ddd48 1323 /** s
leothedragon 0:8f0bb79ddd48 1324 * \def MBEDTLS_SSL_TRUNCATED_HMAC
leothedragon 0:8f0bb79ddd48 1325 *
leothedragon 0:8f0bb79ddd48 1326 * Enable support for RFC 6066 truncated HMAC in SSL.
leothedragon 0:8f0bb79ddd48 1327 *
leothedragon 0:8f0bb79ddd48 1328 * Comment this macro to disable support for truncated HMAC in SSL
leothedragon 0:8f0bb79ddd48 1329 */
leothedragon 0:8f0bb79ddd48 1330 //#define MBEDTLS_SSL_TRUNCATED_HMAC
leothedragon 0:8f0bb79ddd48 1331
leothedragon 0:8f0bb79ddd48 1332 /**
leothedragon 0:8f0bb79ddd48 1333 * \def MBEDTLS_THREADING_ALT
leothedragon 0:8f0bb79ddd48 1334 *
leothedragon 0:8f0bb79ddd48 1335 * Provide your own alternate threading implementation.
leothedragon 0:8f0bb79ddd48 1336 *
leothedragon 0:8f0bb79ddd48 1337 * Requires: MBEDTLS_THREADING_C
leothedragon 0:8f0bb79ddd48 1338 *
leothedragon 0:8f0bb79ddd48 1339 * Uncomment this to allow your own alternate threading implementation.
leothedragon 0:8f0bb79ddd48 1340 */
leothedragon 0:8f0bb79ddd48 1341 //#define MBEDTLS_THREADING_ALT
leothedragon 0:8f0bb79ddd48 1342
leothedragon 0:8f0bb79ddd48 1343 /**
leothedragon 0:8f0bb79ddd48 1344 * \def MBEDTLS_THREADING_PTHREAD
leothedragon 0:8f0bb79ddd48 1345 *
leothedragon 0:8f0bb79ddd48 1346 * Enable the pthread wrapper layer for the threading layer.
leothedragon 0:8f0bb79ddd48 1347 *
leothedragon 0:8f0bb79ddd48 1348 * Requires: MBEDTLS_THREADING_C
leothedragon 0:8f0bb79ddd48 1349 *
leothedragon 0:8f0bb79ddd48 1350 * Uncomment this to enable pthread mutexes.
leothedragon 0:8f0bb79ddd48 1351 */
leothedragon 0:8f0bb79ddd48 1352 //#define MBEDTLS_THREADING_PTHREAD
leothedragon 0:8f0bb79ddd48 1353
leothedragon 0:8f0bb79ddd48 1354 /**
leothedragon 0:8f0bb79ddd48 1355 * \def MBEDTLS_VERSION_FEATURES
leothedragon 0:8f0bb79ddd48 1356 *
leothedragon 0:8f0bb79ddd48 1357 * Allow run-time checking of compile-time enabled features. Thus allowing users
leothedragon 0:8f0bb79ddd48 1358 * to check at run-time if the library is for instance compiled with threading
leothedragon 0:8f0bb79ddd48 1359 * support via mbedtls_version_check_feature().
leothedragon 0:8f0bb79ddd48 1360 *
leothedragon 0:8f0bb79ddd48 1361 * Requires: MBEDTLS_VERSION_C
leothedragon 0:8f0bb79ddd48 1362 *
leothedragon 0:8f0bb79ddd48 1363 * Comment this to disable run-time checking and save ROM space
leothedragon 0:8f0bb79ddd48 1364 */
leothedragon 0:8f0bb79ddd48 1365 //#define MBEDTLS_VERSION_FEATURES
leothedragon 0:8f0bb79ddd48 1366 /**
leothedragon 0:8f0bb79ddd48 1367 * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
leothedragon 0:8f0bb79ddd48 1368 *
leothedragon 0:8f0bb79ddd48 1369 * If set, the X509 parser will not break-off when parsing an X509 certificate
leothedragon 0:8f0bb79ddd48 1370 * and encountering an extension in a v1 or v2 certificate.
leothedragon 0:8f0bb79ddd48 1371 *
leothedragon 0:8f0bb79ddd48 1372 * Uncomment to prevent an error.
leothedragon 0:8f0bb79ddd48 1373 */
leothedragon 0:8f0bb79ddd48 1374 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
leothedragon 0:8f0bb79ddd48 1375
leothedragon 0:8f0bb79ddd48 1376 /**
leothedragon 0:8f0bb79ddd48 1377 * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
leothedragon 0:8f0bb79ddd48 1378 *
leothedragon 0:8f0bb79ddd48 1379 * If set, the X509 parser will not break-off when parsing an X509 certificate
leothedragon 0:8f0bb79ddd48 1380 * and encountering an unknown critical extension.
leothedragon 0:8f0bb79ddd48 1381 *
leothedragon 0:8f0bb79ddd48 1382 * \warning Depending on your PKI use, enabling this can be a security risk!
leothedragon 0:8f0bb79ddd48 1383 *
leothedragon 0:8f0bb79ddd48 1384 * Uncomment to prevent an error.
leothedragon 0:8f0bb79ddd48 1385 */
leothedragon 0:8f0bb79ddd48 1386 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
leothedragon 0:8f0bb79ddd48 1387
leothedragon 0:8f0bb79ddd48 1388 /**
leothedragon 0:8f0bb79ddd48 1389 * \def MBEDTLS_X509_CHECK_KEY_USAGE
leothedragon 0:8f0bb79ddd48 1390 *
leothedragon 0:8f0bb79ddd48 1391 * Enable verification of the keyUsage extension (CA and leaf certificates).
leothedragon 0:8f0bb79ddd48 1392 *
leothedragon 0:8f0bb79ddd48 1393 * Disabling this avoids problems with mis-issued and/or misused
leothedragon 0:8f0bb79ddd48 1394 * (intermediate) CA and leaf certificates.
leothedragon 0:8f0bb79ddd48 1395 *
leothedragon 0:8f0bb79ddd48 1396 * \warning Depending on your PKI use, disabling this can be a security risk!
leothedragon 0:8f0bb79ddd48 1397 *
leothedragon 0:8f0bb79ddd48 1398 * Comment to skip keyUsage checking for both CA and leaf certificates.
leothedragon 0:8f0bb79ddd48 1399 */
leothedragon 0:8f0bb79ddd48 1400 #define MBEDTLS_X509_CHECK_KEY_USAGE
leothedragon 0:8f0bb79ddd48 1401
leothedragon 0:8f0bb79ddd48 1402 /**
leothedragon 0:8f0bb79ddd48 1403 * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
leothedragon 0:8f0bb79ddd48 1404 *
leothedragon 0:8f0bb79ddd48 1405 * Enable verification of the extendedKeyUsage extension (leaf certificates).
leothedragon 0:8f0bb79ddd48 1406 *
leothedragon 0:8f0bb79ddd48 1407 * Disabling this avoids problems with mis-issued and/or misused certificates.
leothedragon 0:8f0bb79ddd48 1408 *
leothedragon 0:8f0bb79ddd48 1409 * \warning Depending on your PKI use, disabling this can be a security risk!
leothedragon 0:8f0bb79ddd48 1410 *
leothedragon 0:8f0bb79ddd48 1411 * Comment to skip extendedKeyUsage checking for certificates.
leothedragon 0:8f0bb79ddd48 1412 */
leothedragon 0:8f0bb79ddd48 1413 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
leothedragon 0:8f0bb79ddd48 1414
leothedragon 0:8f0bb79ddd48 1415 /**
leothedragon 0:8f0bb79ddd48 1416 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
leothedragon 0:8f0bb79ddd48 1417 *
leothedragon 0:8f0bb79ddd48 1418 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
leothedragon 0:8f0bb79ddd48 1419 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
leothedragon 0:8f0bb79ddd48 1420 *
leothedragon 0:8f0bb79ddd48 1421 * Comment this macro to disallow using RSASSA-PSS in certificates.
leothedragon 0:8f0bb79ddd48 1422 */
leothedragon 0:8f0bb79ddd48 1423 //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
leothedragon 0:8f0bb79ddd48 1424 /**
leothedragon 0:8f0bb79ddd48 1425 * \def MBEDTLS_ZLIB_SUPPORT
leothedragon 0:8f0bb79ddd48 1426 *
leothedragon 0:8f0bb79ddd48 1427 * If set, the SSL/TLS module uses ZLIB to support compression and
leothedragon 0:8f0bb79ddd48 1428 * decompression of packet data.
leothedragon 0:8f0bb79ddd48 1429 *
leothedragon 0:8f0bb79ddd48 1430 * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
leothedragon 0:8f0bb79ddd48 1431 * CRIME attack. Before enabling this option, you should examine with care if
leothedragon 0:8f0bb79ddd48 1432 * CRIME or similar exploits may be a applicable to your use case.
leothedragon 0:8f0bb79ddd48 1433 *
leothedragon 0:8f0bb79ddd48 1434 * \note Currently compression can't be used with DTLS.
leothedragon 0:8f0bb79ddd48 1435 *
leothedragon 0:8f0bb79ddd48 1436 * Used in: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1437 * library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 1438 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 1439 *
leothedragon 0:8f0bb79ddd48 1440 * This feature requires zlib library and headers to be present.
leothedragon 0:8f0bb79ddd48 1441 *
leothedragon 0:8f0bb79ddd48 1442 * Uncomment to enable use of ZLIB
leothedragon 0:8f0bb79ddd48 1443 */
leothedragon 0:8f0bb79ddd48 1444 //#define MBEDTLS_ZLIB_SUPPORT
leothedragon 0:8f0bb79ddd48 1445 /* \} name SECTION: mbed TLS feature support */
leothedragon 0:8f0bb79ddd48 1446
leothedragon 0:8f0bb79ddd48 1447 /**
leothedragon 0:8f0bb79ddd48 1448 * \name SECTION: mbed TLS modules
leothedragon 0:8f0bb79ddd48 1449 *
leothedragon 0:8f0bb79ddd48 1450 * This section enables or disables entire modules in mbed TLS
leothedragon 0:8f0bb79ddd48 1451 * \{
leothedragon 0:8f0bb79ddd48 1452 */
leothedragon 0:8f0bb79ddd48 1453
leothedragon 0:8f0bb79ddd48 1454 /**
leothedragon 0:8f0bb79ddd48 1455 * \def MBEDTLS_AESNI_C
leothedragon 0:8f0bb79ddd48 1456 *
leothedragon 0:8f0bb79ddd48 1457 * Enable AES-NI support on x86-64.
leothedragon 0:8f0bb79ddd48 1458 *
leothedragon 0:8f0bb79ddd48 1459 * Module: library/aesni.c
leothedragon 0:8f0bb79ddd48 1460 * Caller: library/aes.c
leothedragon 0:8f0bb79ddd48 1461 *
leothedragon 0:8f0bb79ddd48 1462 * Requires: MBEDTLS_HAVE_ASM
leothedragon 0:8f0bb79ddd48 1463 *
leothedragon 0:8f0bb79ddd48 1464 * This modules adds support for the AES-NI instructions on x86-64
leothedragon 0:8f0bb79ddd48 1465 */
leothedragon 0:8f0bb79ddd48 1466 //#define MBEDTLS_AESNI_C
leothedragon 0:8f0bb79ddd48 1467
leothedragon 0:8f0bb79ddd48 1468 /**
leothedragon 0:8f0bb79ddd48 1469 * \def MBEDTLS_AES_C
leothedragon 0:8f0bb79ddd48 1470 *
leothedragon 0:8f0bb79ddd48 1471 * Enable the AES block cipher.
leothedragon 0:8f0bb79ddd48 1472 *
leothedragon 0:8f0bb79ddd48 1473 * Module: library/aes.c
leothedragon 0:8f0bb79ddd48 1474 * Caller: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1475 * library/pem.c
leothedragon 0:8f0bb79ddd48 1476 * library/ctr_drbg.c
leothedragon 0:8f0bb79ddd48 1477 *
leothedragon 0:8f0bb79ddd48 1478 * This module enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 1479 * enabled as well):
leothedragon 0:8f0bb79ddd48 1480 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1481 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1482 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1483 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1484 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1485 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1486 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1487 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1488 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1489 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1490 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1491 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1492 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1493 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1494 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1495 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1496 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1497 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1498 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1499 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1500 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1501 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1502 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1503 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1504 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1505 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1506 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1507 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1508 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1509 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1510 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1511 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1512 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1513 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1514 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1515 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1516 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1517 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1518 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1519 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1520 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1521 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1522 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1523 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1524 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1525 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1526 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1527 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1528 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1529 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1530 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1531 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1532 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1533 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1534 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1535 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1536 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1537 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1538 *
leothedragon 0:8f0bb79ddd48 1539 * PEM_PARSE uses AES for decrypting encrypted keys.
leothedragon 0:8f0bb79ddd48 1540 */
leothedragon 0:8f0bb79ddd48 1541 #define MBEDTLS_AES_C
leothedragon 0:8f0bb79ddd48 1542
leothedragon 0:8f0bb79ddd48 1543 /**
leothedragon 0:8f0bb79ddd48 1544 * \def MBEDTLS_ARC4_C
leothedragon 0:8f0bb79ddd48 1545 *
leothedragon 0:8f0bb79ddd48 1546 * Enable the ARCFOUR stream cipher.
leothedragon 0:8f0bb79ddd48 1547 *
leothedragon 0:8f0bb79ddd48 1548 * Module: library/arc4.c
leothedragon 0:8f0bb79ddd48 1549 * Caller: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1550 *
leothedragon 0:8f0bb79ddd48 1551 * This module enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 1552 * enabled as well):
leothedragon 0:8f0bb79ddd48 1553 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1554 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1555 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1556 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1557 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1558 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1559 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1560 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
leothedragon 0:8f0bb79ddd48 1561 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1562 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
leothedragon 0:8f0bb79ddd48 1563 */
leothedragon 0:8f0bb79ddd48 1564 //#define MBEDTLS_ARC4_C
leothedragon 0:8f0bb79ddd48 1565
leothedragon 0:8f0bb79ddd48 1566 /**
leothedragon 0:8f0bb79ddd48 1567 * \def MBEDTLS_ASN1_PARSE_C
leothedragon 0:8f0bb79ddd48 1568 *
leothedragon 0:8f0bb79ddd48 1569 * Enable the generic ASN1 parser.
leothedragon 0:8f0bb79ddd48 1570 *
leothedragon 0:8f0bb79ddd48 1571 * Module: library/asn1.c
leothedragon 0:8f0bb79ddd48 1572 * Caller: library/x509.c
leothedragon 0:8f0bb79ddd48 1573 * library/dhm.c
leothedragon 0:8f0bb79ddd48 1574 * library/pkcs12.c
leothedragon 0:8f0bb79ddd48 1575 * library/pkcs5.c
leothedragon 0:8f0bb79ddd48 1576 * library/pkparse.c
leothedragon 0:8f0bb79ddd48 1577 */
leothedragon 0:8f0bb79ddd48 1578 #define MBEDTLS_ASN1_PARSE_C
leothedragon 0:8f0bb79ddd48 1579
leothedragon 0:8f0bb79ddd48 1580 /**
leothedragon 0:8f0bb79ddd48 1581 * \def MBEDTLS_ASN1_WRITE_C
leothedragon 0:8f0bb79ddd48 1582 *
leothedragon 0:8f0bb79ddd48 1583 * Enable the generic ASN1 writer.
leothedragon 0:8f0bb79ddd48 1584 *
leothedragon 0:8f0bb79ddd48 1585 * Module: library/asn1write.c
leothedragon 0:8f0bb79ddd48 1586 * Caller: library/ecdsa.c
leothedragon 0:8f0bb79ddd48 1587 * library/pkwrite.c
leothedragon 0:8f0bb79ddd48 1588 * library/x509_create.c
leothedragon 0:8f0bb79ddd48 1589 * library/x509write_crt.c
leothedragon 0:8f0bb79ddd48 1590 * library/x509write_csr.c
leothedragon 0:8f0bb79ddd48 1591 */
leothedragon 0:8f0bb79ddd48 1592 #define MBEDTLS_ASN1_WRITE_C
leothedragon 0:8f0bb79ddd48 1593
leothedragon 0:8f0bb79ddd48 1594 /**
leothedragon 0:8f0bb79ddd48 1595 * \def MBEDTLS_BASE64_C
leothedragon 0:8f0bb79ddd48 1596 *
leothedragon 0:8f0bb79ddd48 1597 * Enable the Base64 module.
leothedragon 0:8f0bb79ddd48 1598 *
leothedragon 0:8f0bb79ddd48 1599 * Module: library/base64.c
leothedragon 0:8f0bb79ddd48 1600 * Caller: library/pem.c
leothedragon 0:8f0bb79ddd48 1601 *
leothedragon 0:8f0bb79ddd48 1602 * This module is required for PEM support (required by X.509).
leothedragon 0:8f0bb79ddd48 1603 */
leothedragon 0:8f0bb79ddd48 1604 // needed for Base64 encoding Opaque data for
leothedragon 0:8f0bb79ddd48 1605 // registration payload, adds 500 bytes to flash.
leothedragon 0:8f0bb79ddd48 1606 #define MBEDTLS_BASE64_C
leothedragon 0:8f0bb79ddd48 1607
leothedragon 0:8f0bb79ddd48 1608 /**
leothedragon 0:8f0bb79ddd48 1609 * \def MBEDTLS_BIGNUM_C
leothedragon 0:8f0bb79ddd48 1610 *
leothedragon 0:8f0bb79ddd48 1611 * Enable the multi-precision integer library.
leothedragon 0:8f0bb79ddd48 1612 *
leothedragon 0:8f0bb79ddd48 1613 * Module: library/bignum.c
leothedragon 0:8f0bb79ddd48 1614 * Caller: library/dhm.c
leothedragon 0:8f0bb79ddd48 1615 * library/ecp.c
leothedragon 0:8f0bb79ddd48 1616 * library/ecdsa.c
leothedragon 0:8f0bb79ddd48 1617 * library/rsa.c
leothedragon 0:8f0bb79ddd48 1618 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1619 *
leothedragon 0:8f0bb79ddd48 1620 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
leothedragon 0:8f0bb79ddd48 1621 */
leothedragon 0:8f0bb79ddd48 1622 #define MBEDTLS_BIGNUM_C
leothedragon 0:8f0bb79ddd48 1623
leothedragon 0:8f0bb79ddd48 1624 /**
leothedragon 0:8f0bb79ddd48 1625 * \def MBEDTLS_BLOWFISH_C
leothedragon 0:8f0bb79ddd48 1626 *
leothedragon 0:8f0bb79ddd48 1627 * Enable the Blowfish block cipher.
leothedragon 0:8f0bb79ddd48 1628 *
leothedragon 0:8f0bb79ddd48 1629 * Module: library/blowfish.c
leothedragon 0:8f0bb79ddd48 1630 */
leothedragon 0:8f0bb79ddd48 1631 //#define MBEDTLS_BLOWFISH_C
leothedragon 0:8f0bb79ddd48 1632
leothedragon 0:8f0bb79ddd48 1633 /**
leothedragon 0:8f0bb79ddd48 1634 * \def MBEDTLS_CAMELLIA_C
leothedragon 0:8f0bb79ddd48 1635 *
leothedragon 0:8f0bb79ddd48 1636 * Enable the Camellia block cipher.
leothedragon 0:8f0bb79ddd48 1637 *
leothedragon 0:8f0bb79ddd48 1638 * Module: library/camellia.c
leothedragon 0:8f0bb79ddd48 1639 * Caller: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1640 *
leothedragon 0:8f0bb79ddd48 1641 * This module enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 1642 * enabled as well):
leothedragon 0:8f0bb79ddd48 1643 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1644 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1645 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1646 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1647 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1648 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1649 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1650 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1651 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1652 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1653 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1654 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1655 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1656 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1657 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1658 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1659 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1660 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1661 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1662 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1663 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1664 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1665 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1666 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1667 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1668 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1669 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1670 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1671 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1672 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1673 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
leothedragon 0:8f0bb79ddd48 1674 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1675 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1676 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
leothedragon 0:8f0bb79ddd48 1677 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1678 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1679 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1680 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1681 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
leothedragon 0:8f0bb79ddd48 1682 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
leothedragon 0:8f0bb79ddd48 1683 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 1684 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
leothedragon 0:8f0bb79ddd48 1685 */
leothedragon 0:8f0bb79ddd48 1686 //#define MBEDTLS_CAMELLIA_C
leothedragon 0:8f0bb79ddd48 1687
leothedragon 0:8f0bb79ddd48 1688 /**
leothedragon 0:8f0bb79ddd48 1689 * \def MBEDTLS_CCM_C
leothedragon 0:8f0bb79ddd48 1690 *
leothedragon 0:8f0bb79ddd48 1691 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
leothedragon 0:8f0bb79ddd48 1692 *
leothedragon 0:8f0bb79ddd48 1693 * Module: library/ccm.c
leothedragon 0:8f0bb79ddd48 1694 *
leothedragon 0:8f0bb79ddd48 1695 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
leothedragon 0:8f0bb79ddd48 1696 *
leothedragon 0:8f0bb79ddd48 1697 * This module enables the AES-CCM ciphersuites, if other requisites are
leothedragon 0:8f0bb79ddd48 1698 * enabled as well.
leothedragon 0:8f0bb79ddd48 1699 */
leothedragon 0:8f0bb79ddd48 1700 #define MBEDTLS_CCM_C
leothedragon 0:8f0bb79ddd48 1701
leothedragon 0:8f0bb79ddd48 1702 /**
leothedragon 0:8f0bb79ddd48 1703 * \def MBEDTLS_CERTS_C
leothedragon 0:8f0bb79ddd48 1704 *
leothedragon 0:8f0bb79ddd48 1705 * Enable the test certificates.
leothedragon 0:8f0bb79ddd48 1706 *
leothedragon 0:8f0bb79ddd48 1707 * Module: library/certs.c
leothedragon 0:8f0bb79ddd48 1708 * Caller:
leothedragon 0:8f0bb79ddd48 1709 *
leothedragon 0:8f0bb79ddd48 1710 * This module is used for testing (ssl_client/server).
leothedragon 0:8f0bb79ddd48 1711 */
leothedragon 0:8f0bb79ddd48 1712 //#define MBEDTLS_CERTS_C
leothedragon 0:8f0bb79ddd48 1713
leothedragon 0:8f0bb79ddd48 1714 /**
leothedragon 0:8f0bb79ddd48 1715 * \def MBEDTLS_CIPHER_C
leothedragon 0:8f0bb79ddd48 1716 *
leothedragon 0:8f0bb79ddd48 1717 * Enable the generic cipher layer.
leothedragon 0:8f0bb79ddd48 1718 *
leothedragon 0:8f0bb79ddd48 1719 * Module: library/cipher.c
leothedragon 0:8f0bb79ddd48 1720 * Caller: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1721 *
leothedragon 0:8f0bb79ddd48 1722 * Uncomment to enable generic cipher wrappers.
leothedragon 0:8f0bb79ddd48 1723 */
leothedragon 0:8f0bb79ddd48 1724 #define MBEDTLS_CIPHER_C
leothedragon 0:8f0bb79ddd48 1725
leothedragon 0:8f0bb79ddd48 1726 /**
leothedragon 0:8f0bb79ddd48 1727 * \def MBEDTLS_CMAC_C
leothedragon 0:8f0bb79ddd48 1728 *
leothedragon 0:8f0bb79ddd48 1729 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
leothedragon 0:8f0bb79ddd48 1730 * ciphers.
leothedragon 0:8f0bb79ddd48 1731 *
leothedragon 0:8f0bb79ddd48 1732 * Module: library/cmac.c
leothedragon 0:8f0bb79ddd48 1733 *
leothedragon 0:8f0bb79ddd48 1734 * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
leothedragon 0:8f0bb79ddd48 1735 *
leothedragon 0:8f0bb79ddd48 1736 */
leothedragon 0:8f0bb79ddd48 1737 #define MBEDTLS_CMAC_C
leothedragon 0:8f0bb79ddd48 1738
leothedragon 0:8f0bb79ddd48 1739 /**
leothedragon 0:8f0bb79ddd48 1740 * \def MBEDTLS_CTR_DRBG_C
leothedragon 0:8f0bb79ddd48 1741 *
leothedragon 0:8f0bb79ddd48 1742 * Enable the CTR_DRBG AES-256-based random generator.
leothedragon 0:8f0bb79ddd48 1743 *
leothedragon 0:8f0bb79ddd48 1744 * Module: library/ctr_drbg.c
leothedragon 0:8f0bb79ddd48 1745 * Caller:
leothedragon 0:8f0bb79ddd48 1746 *
leothedragon 0:8f0bb79ddd48 1747 * Requires: MBEDTLS_AES_C
leothedragon 0:8f0bb79ddd48 1748 *
leothedragon 0:8f0bb79ddd48 1749 * This module provides the CTR_DRBG AES-256 random number generator.
leothedragon 0:8f0bb79ddd48 1750 */
leothedragon 0:8f0bb79ddd48 1751 #define MBEDTLS_CTR_DRBG_C
leothedragon 0:8f0bb79ddd48 1752
leothedragon 0:8f0bb79ddd48 1753 /**
leothedragon 0:8f0bb79ddd48 1754 * \def MBEDTLS_DEBUG_C
leothedragon 0:8f0bb79ddd48 1755 *
leothedragon 0:8f0bb79ddd48 1756 * Enable the debug functions.
leothedragon 0:8f0bb79ddd48 1757 *
leothedragon 0:8f0bb79ddd48 1758 * Module: library/debug.c
leothedragon 0:8f0bb79ddd48 1759 * Caller: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 1760 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 1761 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1762 *
leothedragon 0:8f0bb79ddd48 1763 * This module provides debugging functions.
leothedragon 0:8f0bb79ddd48 1764 */
leothedragon 0:8f0bb79ddd48 1765 //#define MBEDTLS_DEBUG_C
leothedragon 0:8f0bb79ddd48 1766
leothedragon 0:8f0bb79ddd48 1767 /**
leothedragon 0:8f0bb79ddd48 1768 * \def MBEDTLS_DES_C
leothedragon 0:8f0bb79ddd48 1769 *
leothedragon 0:8f0bb79ddd48 1770 * Enable the DES block cipher.
leothedragon 0:8f0bb79ddd48 1771 *
leothedragon 0:8f0bb79ddd48 1772 * Module: library/des.c
leothedragon 0:8f0bb79ddd48 1773 * Caller: library/pem.c
leothedragon 0:8f0bb79ddd48 1774 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1775 *
leothedragon 0:8f0bb79ddd48 1776 * This module enables the following ciphersuites (if other requisites are
leothedragon 0:8f0bb79ddd48 1777 * enabled as well):
leothedragon 0:8f0bb79ddd48 1778 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1779 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1780 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1781 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1782 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1783 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1784 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1785 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1786 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1787 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
leothedragon 0:8f0bb79ddd48 1788 *
leothedragon 0:8f0bb79ddd48 1789 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
leothedragon 0:8f0bb79ddd48 1790 */
leothedragon 0:8f0bb79ddd48 1791 //#define MBEDTLS_DES_C
leothedragon 0:8f0bb79ddd48 1792
leothedragon 0:8f0bb79ddd48 1793 /**
leothedragon 0:8f0bb79ddd48 1794 * \def MBEDTLS_DHM_C
leothedragon 0:8f0bb79ddd48 1795 *
leothedragon 0:8f0bb79ddd48 1796 * Enable the Diffie-Hellman-Merkle module.
leothedragon 0:8f0bb79ddd48 1797 *
leothedragon 0:8f0bb79ddd48 1798 * Module: library/dhm.c
leothedragon 0:8f0bb79ddd48 1799 * Caller: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 1800 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 1801 *
leothedragon 0:8f0bb79ddd48 1802 * This module is used by the following key exchanges:
leothedragon 0:8f0bb79ddd48 1803 * DHE-RSA, DHE-PSK
leothedragon 0:8f0bb79ddd48 1804 */
leothedragon 0:8f0bb79ddd48 1805 //#define MBEDTLS_DHM_C
leothedragon 0:8f0bb79ddd48 1806
leothedragon 0:8f0bb79ddd48 1807 /**
leothedragon 0:8f0bb79ddd48 1808 * \def MBEDTLS_ECDH_C
leothedragon 0:8f0bb79ddd48 1809 *
leothedragon 0:8f0bb79ddd48 1810 * Enable the elliptic curve Diffie-Hellman library.
leothedragon 0:8f0bb79ddd48 1811 *
leothedragon 0:8f0bb79ddd48 1812 * Module: library/ecdh.c
leothedragon 0:8f0bb79ddd48 1813 * Caller: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 1814 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 1815 *
leothedragon 0:8f0bb79ddd48 1816 * This module is used by the following key exchanges:
leothedragon 0:8f0bb79ddd48 1817 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
leothedragon 0:8f0bb79ddd48 1818 *
leothedragon 0:8f0bb79ddd48 1819 * Requires: MBEDTLS_ECP_C
leothedragon 0:8f0bb79ddd48 1820 */
leothedragon 0:8f0bb79ddd48 1821 #define MBEDTLS_ECDH_C
leothedragon 0:8f0bb79ddd48 1822
leothedragon 0:8f0bb79ddd48 1823 /**
leothedragon 0:8f0bb79ddd48 1824 * \def MBEDTLS_ECDSA_C
leothedragon 0:8f0bb79ddd48 1825 *
leothedragon 0:8f0bb79ddd48 1826 * Enable the elliptic curve DSA library.
leothedragon 0:8f0bb79ddd48 1827 *
leothedragon 0:8f0bb79ddd48 1828 * Module: library/ecdsa.c
leothedragon 0:8f0bb79ddd48 1829 * Caller:
leothedragon 0:8f0bb79ddd48 1830 *
leothedragon 0:8f0bb79ddd48 1831 * This module is used by the following key exchanges:
leothedragon 0:8f0bb79ddd48 1832 * ECDHE-ECDSA
leothedragon 0:8f0bb79ddd48 1833 *
leothedragon 0:8f0bb79ddd48 1834 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
leothedragon 0:8f0bb79ddd48 1835 */
leothedragon 0:8f0bb79ddd48 1836 #define MBEDTLS_ECDSA_C
leothedragon 0:8f0bb79ddd48 1837
leothedragon 0:8f0bb79ddd48 1838 /**
leothedragon 0:8f0bb79ddd48 1839 * \def MBEDTLS_ECJPAKE_C
leothedragon 0:8f0bb79ddd48 1840 *
leothedragon 0:8f0bb79ddd48 1841 * Enable the elliptic curve J-PAKE library.
leothedragon 0:8f0bb79ddd48 1842 *
leothedragon 0:8f0bb79ddd48 1843 * \warning This is currently experimental. EC J-PAKE support is based on the
leothedragon 0:8f0bb79ddd48 1844 * Thread v1.0.0 specification; incompatible changes to the specification
leothedragon 0:8f0bb79ddd48 1845 * might still happen. For this reason, this is disabled by default.
leothedragon 0:8f0bb79ddd48 1846 *
leothedragon 0:8f0bb79ddd48 1847 * Module: library/ecjpake.c
leothedragon 0:8f0bb79ddd48 1848 * Caller:
leothedragon 0:8f0bb79ddd48 1849 *
leothedragon 0:8f0bb79ddd48 1850 * This module is used by the following key exchanges:
leothedragon 0:8f0bb79ddd48 1851 * ECJPAKE
leothedragon 0:8f0bb79ddd48 1852 *
leothedragon 0:8f0bb79ddd48 1853 * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 1854 */
leothedragon 0:8f0bb79ddd48 1855 //#define MBEDTLS_ECJPAKE_C
leothedragon 0:8f0bb79ddd48 1856
leothedragon 0:8f0bb79ddd48 1857 /**
leothedragon 0:8f0bb79ddd48 1858 * \def MBEDTLS_ECP_C
leothedragon 0:8f0bb79ddd48 1859 *
leothedragon 0:8f0bb79ddd48 1860 * Enable the elliptic curve over GF(p) library.
leothedragon 0:8f0bb79ddd48 1861 *
leothedragon 0:8f0bb79ddd48 1862 * Module: library/ecp.c
leothedragon 0:8f0bb79ddd48 1863 * Caller: library/ecdh.c
leothedragon 0:8f0bb79ddd48 1864 * library/ecdsa.c
leothedragon 0:8f0bb79ddd48 1865 * library/ecjpake.c
leothedragon 0:8f0bb79ddd48 1866 *
leothedragon 0:8f0bb79ddd48 1867 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
leothedragon 0:8f0bb79ddd48 1868 */
leothedragon 0:8f0bb79ddd48 1869 #define MBEDTLS_ECP_C
leothedragon 0:8f0bb79ddd48 1870
leothedragon 0:8f0bb79ddd48 1871 /**
leothedragon 0:8f0bb79ddd48 1872 * \def MBEDTLS_ENTROPY_C
leothedragon 0:8f0bb79ddd48 1873 *
leothedragon 0:8f0bb79ddd48 1874 * Enable the platform-specific entropy code.
leothedragon 0:8f0bb79ddd48 1875 *
leothedragon 0:8f0bb79ddd48 1876 * Module: library/entropy.c
leothedragon 0:8f0bb79ddd48 1877 * Caller:
leothedragon 0:8f0bb79ddd48 1878 *
leothedragon 0:8f0bb79ddd48 1879 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
leothedragon 0:8f0bb79ddd48 1880 *
leothedragon 0:8f0bb79ddd48 1881 * This module provides a generic entropy pool
leothedragon 0:8f0bb79ddd48 1882 */
leothedragon 0:8f0bb79ddd48 1883 #define MBEDTLS_ENTROPY_C
leothedragon 0:8f0bb79ddd48 1884
leothedragon 0:8f0bb79ddd48 1885 /**
leothedragon 0:8f0bb79ddd48 1886 * \def MBEDTLS_ERROR_C
leothedragon 0:8f0bb79ddd48 1887 *
leothedragon 0:8f0bb79ddd48 1888 * Enable error code to error string conversion.
leothedragon 0:8f0bb79ddd48 1889 *
leothedragon 0:8f0bb79ddd48 1890 * Module: library/error.c
leothedragon 0:8f0bb79ddd48 1891 * Caller:
leothedragon 0:8f0bb79ddd48 1892 *
leothedragon 0:8f0bb79ddd48 1893 * This module enables mbedtls_strerror().
leothedragon 0:8f0bb79ddd48 1894 */
leothedragon 0:8f0bb79ddd48 1895 //#define MBEDTLS_ERROR_C
leothedragon 0:8f0bb79ddd48 1896
leothedragon 0:8f0bb79ddd48 1897 /**
leothedragon 0:8f0bb79ddd48 1898 * \def MBEDTLS_GCM_C
leothedragon 0:8f0bb79ddd48 1899 *
leothedragon 0:8f0bb79ddd48 1900 * Enable the Galois/Counter Mode (GCM) for AES.
leothedragon 0:8f0bb79ddd48 1901 *
leothedragon 0:8f0bb79ddd48 1902 * Module: library/gcm.c
leothedragon 0:8f0bb79ddd48 1903 *
leothedragon 0:8f0bb79ddd48 1904 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
leothedragon 0:8f0bb79ddd48 1905 *
leothedragon 0:8f0bb79ddd48 1906 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
leothedragon 0:8f0bb79ddd48 1907 * requisites are enabled as well.
leothedragon 0:8f0bb79ddd48 1908 */
leothedragon 0:8f0bb79ddd48 1909 #define MBEDTLS_GCM_C
leothedragon 0:8f0bb79ddd48 1910
leothedragon 0:8f0bb79ddd48 1911 /**
leothedragon 0:8f0bb79ddd48 1912 * \def MBEDTLS_HAVEGE_C
leothedragon 0:8f0bb79ddd48 1913 *
leothedragon 0:8f0bb79ddd48 1914 * Enable the HAVEGE random generator.
leothedragon 0:8f0bb79ddd48 1915 *
leothedragon 0:8f0bb79ddd48 1916 * Warning: the HAVEGE random generator is not suitable for virtualized
leothedragon 0:8f0bb79ddd48 1917 * environments
leothedragon 0:8f0bb79ddd48 1918 *
leothedragon 0:8f0bb79ddd48 1919 * Warning: the HAVEGE random generator is dependent on timing and specific
leothedragon 0:8f0bb79ddd48 1920 * processor traits. It is therefore not advised to use HAVEGE as
leothedragon 0:8f0bb79ddd48 1921 * your applications primary random generator or primary entropy pool
leothedragon 0:8f0bb79ddd48 1922 * input. As a secondary input to your entropy pool, it IS able add
leothedragon 0:8f0bb79ddd48 1923 * the (limited) extra entropy it provides.
leothedragon 0:8f0bb79ddd48 1924 *
leothedragon 0:8f0bb79ddd48 1925 * Module: library/havege.c
leothedragon 0:8f0bb79ddd48 1926 * Caller:
leothedragon 0:8f0bb79ddd48 1927 *
leothedragon 0:8f0bb79ddd48 1928 * Requires: MBEDTLS_TIMING_C
leothedragon 0:8f0bb79ddd48 1929 *
leothedragon 0:8f0bb79ddd48 1930 * Uncomment to enable the HAVEGE random generator.
leothedragon 0:8f0bb79ddd48 1931 */
leothedragon 0:8f0bb79ddd48 1932 //#define MBEDTLS_HAVEGE_C
leothedragon 0:8f0bb79ddd48 1933
leothedragon 0:8f0bb79ddd48 1934 /**
leothedragon 0:8f0bb79ddd48 1935 * \def MBEDTLS_HMAC_DRBG_C
leothedragon 0:8f0bb79ddd48 1936 *
leothedragon 0:8f0bb79ddd48 1937 * Enable the HMAC_DRBG random generator.
leothedragon 0:8f0bb79ddd48 1938 *
leothedragon 0:8f0bb79ddd48 1939 * Module: library/hmac_drbg.c
leothedragon 0:8f0bb79ddd48 1940 * Caller:
leothedragon 0:8f0bb79ddd48 1941 *
leothedragon 0:8f0bb79ddd48 1942 * Requires: MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 1943 *
leothedragon 0:8f0bb79ddd48 1944 * Uncomment to enable the HMAC_DRBG random number geerator.
leothedragon 0:8f0bb79ddd48 1945 */
leothedragon 0:8f0bb79ddd48 1946 #define MBEDTLS_HMAC_DRBG_C
leothedragon 0:8f0bb79ddd48 1947
leothedragon 0:8f0bb79ddd48 1948 /**
leothedragon 0:8f0bb79ddd48 1949 * \def MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 1950 *
leothedragon 0:8f0bb79ddd48 1951 * Enable the generic message digest layer.
leothedragon 0:8f0bb79ddd48 1952 *
leothedragon 0:8f0bb79ddd48 1953 * Module: library/md.c
leothedragon 0:8f0bb79ddd48 1954 * Caller:
leothedragon 0:8f0bb79ddd48 1955 *
leothedragon 0:8f0bb79ddd48 1956 * Uncomment to enable generic message digest wrappers.
leothedragon 0:8f0bb79ddd48 1957 */
leothedragon 0:8f0bb79ddd48 1958 #define MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 1959
leothedragon 0:8f0bb79ddd48 1960 /**
leothedragon 0:8f0bb79ddd48 1961 * \def MBEDTLS_MD2_C
leothedragon 0:8f0bb79ddd48 1962 *
leothedragon 0:8f0bb79ddd48 1963 * Enable the MD2 hash algorithm.
leothedragon 0:8f0bb79ddd48 1964 *
leothedragon 0:8f0bb79ddd48 1965 * Module: library/md2.c
leothedragon 0:8f0bb79ddd48 1966 * Caller:
leothedragon 0:8f0bb79ddd48 1967 *
leothedragon 0:8f0bb79ddd48 1968 * Uncomment to enable support for (rare) MD2-signed X.509 certs.
leothedragon 0:8f0bb79ddd48 1969 */
leothedragon 0:8f0bb79ddd48 1970 //#define MBEDTLS_MD2_C
leothedragon 0:8f0bb79ddd48 1971
leothedragon 0:8f0bb79ddd48 1972 /**
leothedragon 0:8f0bb79ddd48 1973 * \def MBEDTLS_MD4_C
leothedragon 0:8f0bb79ddd48 1974 *
leothedragon 0:8f0bb79ddd48 1975 * Enable the MD4 hash algorithm.
leothedragon 0:8f0bb79ddd48 1976 *
leothedragon 0:8f0bb79ddd48 1977 * Module: library/md4.c
leothedragon 0:8f0bb79ddd48 1978 * Caller:
leothedragon 0:8f0bb79ddd48 1979 *
leothedragon 0:8f0bb79ddd48 1980 * Uncomment to enable support for (rare) MD4-signed X.509 certs.
leothedragon 0:8f0bb79ddd48 1981 */
leothedragon 0:8f0bb79ddd48 1982 //#define MBEDTLS_MD4_C
leothedragon 0:8f0bb79ddd48 1983
leothedragon 0:8f0bb79ddd48 1984 /**
leothedragon 0:8f0bb79ddd48 1985 * \def MBEDTLS_MD5_C
leothedragon 0:8f0bb79ddd48 1986 *
leothedragon 0:8f0bb79ddd48 1987 * Enable the MD5 hash algorithm.
leothedragon 0:8f0bb79ddd48 1988 *
leothedragon 0:8f0bb79ddd48 1989 * Module: library/md5.c
leothedragon 0:8f0bb79ddd48 1990 * Caller: library/md.c
leothedragon 0:8f0bb79ddd48 1991 * library/pem.c
leothedragon 0:8f0bb79ddd48 1992 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 1993 *
leothedragon 0:8f0bb79ddd48 1994 * This module is required for SSL/TLS and X.509.
leothedragon 0:8f0bb79ddd48 1995 * PEM_PARSE uses MD5 for decrypting encrypted keys.
leothedragon 0:8f0bb79ddd48 1996 */
leothedragon 0:8f0bb79ddd48 1997 //#define MBEDTLS_MD5_C
leothedragon 0:8f0bb79ddd48 1998
leothedragon 0:8f0bb79ddd48 1999 /**
leothedragon 0:8f0bb79ddd48 2000 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
leothedragon 0:8f0bb79ddd48 2001 *
leothedragon 0:8f0bb79ddd48 2002 * Enable the buffer allocator implementation that makes use of a (stack)
leothedragon 0:8f0bb79ddd48 2003 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
leothedragon 0:8f0bb79ddd48 2004 * calls)
leothedragon 0:8f0bb79ddd48 2005 *
leothedragon 0:8f0bb79ddd48 2006 * Module: library/memory_buffer_alloc.c
leothedragon 0:8f0bb79ddd48 2007 *
leothedragon 0:8f0bb79ddd48 2008 * Requires: MBEDTLS_PLATFORM_C
leothedragon 0:8f0bb79ddd48 2009 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
leothedragon 0:8f0bb79ddd48 2010 *
leothedragon 0:8f0bb79ddd48 2011 * Enable this module to enable the buffer memory allocator.
leothedragon 0:8f0bb79ddd48 2012 */
leothedragon 0:8f0bb79ddd48 2013 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
leothedragon 0:8f0bb79ddd48 2014
leothedragon 0:8f0bb79ddd48 2015 /**
leothedragon 0:8f0bb79ddd48 2016 * \def MBEDTLS_NET_C
leothedragon 0:8f0bb79ddd48 2017 *
leothedragon 0:8f0bb79ddd48 2018 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
leothedragon 0:8f0bb79ddd48 2019 *
leothedragon 0:8f0bb79ddd48 2020 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
leothedragon 0:8f0bb79ddd48 2021 * and Windows. For other platforms, you'll want to disable it, and write your
leothedragon 0:8f0bb79ddd48 2022 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
leothedragon 0:8f0bb79ddd48 2023 *
leothedragon 0:8f0bb79ddd48 2024 * \note See also our Knowledge Base article about porting to a new
leothedragon 0:8f0bb79ddd48 2025 * environment:
leothedragon 0:8f0bb79ddd48 2026 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
leothedragon 0:8f0bb79ddd48 2027 *
leothedragon 0:8f0bb79ddd48 2028 * Module: library/net_sockets.c
leothedragon 0:8f0bb79ddd48 2029 *
leothedragon 0:8f0bb79ddd48 2030 * This module provides networking routines.
leothedragon 0:8f0bb79ddd48 2031 */
leothedragon 0:8f0bb79ddd48 2032 //#define MBEDTLS_NET_C
leothedragon 0:8f0bb79ddd48 2033
leothedragon 0:8f0bb79ddd48 2034 /**
leothedragon 0:8f0bb79ddd48 2035 * \def MBEDTLS_OID_C
leothedragon 0:8f0bb79ddd48 2036 *
leothedragon 0:8f0bb79ddd48 2037 * Enable the OID database.
leothedragon 0:8f0bb79ddd48 2038 *
leothedragon 0:8f0bb79ddd48 2039 * Module: library/oid.c
leothedragon 0:8f0bb79ddd48 2040 * Caller: library/asn1write.c
leothedragon 0:8f0bb79ddd48 2041 * library/pkcs5.c
leothedragon 0:8f0bb79ddd48 2042 * library/pkparse.c
leothedragon 0:8f0bb79ddd48 2043 * library/pkwrite.c
leothedragon 0:8f0bb79ddd48 2044 * library/rsa.c
leothedragon 0:8f0bb79ddd48 2045 * library/x509.c
leothedragon 0:8f0bb79ddd48 2046 * library/x509_create.c
leothedragon 0:8f0bb79ddd48 2047 * library/x509_crl.c
leothedragon 0:8f0bb79ddd48 2048 * library/x509_crt.c
leothedragon 0:8f0bb79ddd48 2049 * library/x509_csr.c
leothedragon 0:8f0bb79ddd48 2050 * library/x509write_crt.c
leothedragon 0:8f0bb79ddd48 2051 * library/x509write_csr.c
leothedragon 0:8f0bb79ddd48 2052 *
leothedragon 0:8f0bb79ddd48 2053 * This modules translates between OIDs and internal values.
leothedragon 0:8f0bb79ddd48 2054 */
leothedragon 0:8f0bb79ddd48 2055 #define MBEDTLS_OID_C
leothedragon 0:8f0bb79ddd48 2056
leothedragon 0:8f0bb79ddd48 2057 /**
leothedragon 0:8f0bb79ddd48 2058 * \def MBEDTLS_PADLOCK_C
leothedragon 0:8f0bb79ddd48 2059 *
leothedragon 0:8f0bb79ddd48 2060 * Enable VIA Padlock support on x86.
leothedragon 0:8f0bb79ddd48 2061 *
leothedragon 0:8f0bb79ddd48 2062 * Module: library/padlock.c
leothedragon 0:8f0bb79ddd48 2063 * Caller: library/aes.c
leothedragon 0:8f0bb79ddd48 2064 *
leothedragon 0:8f0bb79ddd48 2065 * Requires: MBEDTLS_HAVE_ASM
leothedragon 0:8f0bb79ddd48 2066 *
leothedragon 0:8f0bb79ddd48 2067 * This modules adds support for the VIA PadLock on x86.
leothedragon 0:8f0bb79ddd48 2068 */
leothedragon 0:8f0bb79ddd48 2069 //#define MBEDTLS_PADLOCK_C
leothedragon 0:8f0bb79ddd48 2070
leothedragon 0:8f0bb79ddd48 2071 /**
leothedragon 0:8f0bb79ddd48 2072 * \def MBEDTLS_PEM_PARSE_C
leothedragon 0:8f0bb79ddd48 2073 *
leothedragon 0:8f0bb79ddd48 2074 * Enable PEM decoding / parsing.
leothedragon 0:8f0bb79ddd48 2075 *
leothedragon 0:8f0bb79ddd48 2076 * Module: library/pem.c
leothedragon 0:8f0bb79ddd48 2077 * Caller: library/dhm.c
leothedragon 0:8f0bb79ddd48 2078 * library/pkparse.c
leothedragon 0:8f0bb79ddd48 2079 * library/x509_crl.c
leothedragon 0:8f0bb79ddd48 2080 * library/x509_crt.c
leothedragon 0:8f0bb79ddd48 2081 * library/x509_csr.c
leothedragon 0:8f0bb79ddd48 2082 *
leothedragon 0:8f0bb79ddd48 2083 * Requires: MBEDTLS_BASE64_C
leothedragon 0:8f0bb79ddd48 2084 *
leothedragon 0:8f0bb79ddd48 2085 * This modules adds support for decoding / parsing PEM files.
leothedragon 0:8f0bb79ddd48 2086 */
leothedragon 0:8f0bb79ddd48 2087 //#define MBEDTLS_PEM_PARSE_C
leothedragon 0:8f0bb79ddd48 2088
leothedragon 0:8f0bb79ddd48 2089 /**
leothedragon 0:8f0bb79ddd48 2090 * \def MBEDTLS_PEM_WRITE_C
leothedragon 0:8f0bb79ddd48 2091 *
leothedragon 0:8f0bb79ddd48 2092 * Enable PEM encoding / writing.
leothedragon 0:8f0bb79ddd48 2093 *
leothedragon 0:8f0bb79ddd48 2094 * Module: library/pem.c
leothedragon 0:8f0bb79ddd48 2095 * Caller: library/pkwrite.c
leothedragon 0:8f0bb79ddd48 2096 * library/x509write_crt.c
leothedragon 0:8f0bb79ddd48 2097 * library/x509write_csr.c
leothedragon 0:8f0bb79ddd48 2098 *
leothedragon 0:8f0bb79ddd48 2099 * Requires: MBEDTLS_BASE64_C
leothedragon 0:8f0bb79ddd48 2100 *
leothedragon 0:8f0bb79ddd48 2101 * This modules adds support for encoding / writing PEM files.
leothedragon 0:8f0bb79ddd48 2102 */
leothedragon 0:8f0bb79ddd48 2103 //#define MBEDTLS_PEM_WRITE_C
leothedragon 0:8f0bb79ddd48 2104
leothedragon 0:8f0bb79ddd48 2105 /**
leothedragon 0:8f0bb79ddd48 2106 * \def MBEDTLS_PK_C
leothedragon 0:8f0bb79ddd48 2107 *
leothedragon 0:8f0bb79ddd48 2108 * Enable the generic public (asymetric) key layer.
leothedragon 0:8f0bb79ddd48 2109 *
leothedragon 0:8f0bb79ddd48 2110 * Module: library/pk.c
leothedragon 0:8f0bb79ddd48 2111 * Caller: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 2112 * library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2113 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2114 *
leothedragon 0:8f0bb79ddd48 2115 * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
leothedragon 0:8f0bb79ddd48 2116 *
leothedragon 0:8f0bb79ddd48 2117 * Uncomment to enable generic public key wrappers.
leothedragon 0:8f0bb79ddd48 2118 */
leothedragon 0:8f0bb79ddd48 2119 #define MBEDTLS_PK_C
leothedragon 0:8f0bb79ddd48 2120
leothedragon 0:8f0bb79ddd48 2121 /**
leothedragon 0:8f0bb79ddd48 2122 * \def MBEDTLS_PK_PARSE_C
leothedragon 0:8f0bb79ddd48 2123 *
leothedragon 0:8f0bb79ddd48 2124 * Enable the generic public (asymetric) key parser.
leothedragon 0:8f0bb79ddd48 2125 *
leothedragon 0:8f0bb79ddd48 2126 * Module: library/pkparse.c
leothedragon 0:8f0bb79ddd48 2127 * Caller: library/x509_crt.c
leothedragon 0:8f0bb79ddd48 2128 * library/x509_csr.c
leothedragon 0:8f0bb79ddd48 2129 *
leothedragon 0:8f0bb79ddd48 2130 * Requires: MBEDTLS_PK_C
leothedragon 0:8f0bb79ddd48 2131 *
leothedragon 0:8f0bb79ddd48 2132 * Uncomment to enable generic public key parse functions.
leothedragon 0:8f0bb79ddd48 2133 */
leothedragon 0:8f0bb79ddd48 2134 #define MBEDTLS_PK_PARSE_C
leothedragon 0:8f0bb79ddd48 2135
leothedragon 0:8f0bb79ddd48 2136 /**
leothedragon 0:8f0bb79ddd48 2137 * \def MBEDTLS_PK_WRITE_C
leothedragon 0:8f0bb79ddd48 2138 *
leothedragon 0:8f0bb79ddd48 2139 * Enable the generic public (asymetric) key writer.
leothedragon 0:8f0bb79ddd48 2140 *
leothedragon 0:8f0bb79ddd48 2141 * Module: library/pkwrite.c
leothedragon 0:8f0bb79ddd48 2142 * Caller: library/x509write.c
leothedragon 0:8f0bb79ddd48 2143 *
leothedragon 0:8f0bb79ddd48 2144 * Requires: MBEDTLS_PK_C
leothedragon 0:8f0bb79ddd48 2145 *
leothedragon 0:8f0bb79ddd48 2146 * Uncomment to enable generic public key write functions.
leothedragon 0:8f0bb79ddd48 2147 */
leothedragon 0:8f0bb79ddd48 2148 #define MBEDTLS_PK_WRITE_C
leothedragon 0:8f0bb79ddd48 2149
leothedragon 0:8f0bb79ddd48 2150 /**
leothedragon 0:8f0bb79ddd48 2151 * \def MBEDTLS_PKCS5_C
leothedragon 0:8f0bb79ddd48 2152 *
leothedragon 0:8f0bb79ddd48 2153 * Enable PKCS#5 functions.
leothedragon 0:8f0bb79ddd48 2154 *
leothedragon 0:8f0bb79ddd48 2155 * Module: library/pkcs5.c
leothedragon 0:8f0bb79ddd48 2156 *
leothedragon 0:8f0bb79ddd48 2157 * Requires: MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 2158 *
leothedragon 0:8f0bb79ddd48 2159 * This module adds support for the PKCS#5 functions.
leothedragon 0:8f0bb79ddd48 2160 */
leothedragon 0:8f0bb79ddd48 2161 //#define MBEDTLS_PKCS5_C
leothedragon 0:8f0bb79ddd48 2162
leothedragon 0:8f0bb79ddd48 2163 /**
leothedragon 0:8f0bb79ddd48 2164 * \def MBEDTLS_PKCS11_C
leothedragon 0:8f0bb79ddd48 2165 *
leothedragon 0:8f0bb79ddd48 2166 * Enable wrapper for PKCS#11 smartcard support.
leothedragon 0:8f0bb79ddd48 2167 *
leothedragon 0:8f0bb79ddd48 2168 * Module: library/pkcs11.c
leothedragon 0:8f0bb79ddd48 2169 * Caller: library/pk.c
leothedragon 0:8f0bb79ddd48 2170 *
leothedragon 0:8f0bb79ddd48 2171 * Requires: MBEDTLS_PK_C
leothedragon 0:8f0bb79ddd48 2172 *
leothedragon 0:8f0bb79ddd48 2173 * This module enables SSL/TLS PKCS #11 smartcard support.
leothedragon 0:8f0bb79ddd48 2174 * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
leothedragon 0:8f0bb79ddd48 2175 */
leothedragon 0:8f0bb79ddd48 2176 //#define MBEDTLS_PKCS11_C
leothedragon 0:8f0bb79ddd48 2177
leothedragon 0:8f0bb79ddd48 2178 /**
leothedragon 0:8f0bb79ddd48 2179 * \def MBEDTLS_PKCS12_C
leothedragon 0:8f0bb79ddd48 2180 *
leothedragon 0:8f0bb79ddd48 2181 * Enable PKCS#12 PBE functions.
leothedragon 0:8f0bb79ddd48 2182 * Adds algorithms for parsing PKCS#8 encrypted private keys
leothedragon 0:8f0bb79ddd48 2183 *
leothedragon 0:8f0bb79ddd48 2184 * Module: library/pkcs12.c
leothedragon 0:8f0bb79ddd48 2185 * Caller: library/pkparse.c
leothedragon 0:8f0bb79ddd48 2186 *
leothedragon 0:8f0bb79ddd48 2187 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 2188 * Can use: MBEDTLS_ARC4_C
leothedragon 0:8f0bb79ddd48 2189 *
leothedragon 0:8f0bb79ddd48 2190 * This module enables PKCS#12 functions.
leothedragon 0:8f0bb79ddd48 2191 */
leothedragon 0:8f0bb79ddd48 2192 //#define MBEDTLS_PKCS12_C
leothedragon 0:8f0bb79ddd48 2193
leothedragon 0:8f0bb79ddd48 2194 /**
leothedragon 0:8f0bb79ddd48 2195 * \def MBEDTLS_PLATFORM_C
leothedragon 0:8f0bb79ddd48 2196 *
leothedragon 0:8f0bb79ddd48 2197 * Enable the platform abstraction layer that allows you to re-assign
leothedragon 0:8f0bb79ddd48 2198 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
leothedragon 0:8f0bb79ddd48 2199 *
leothedragon 0:8f0bb79ddd48 2200 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
leothedragon 0:8f0bb79ddd48 2201 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
leothedragon 0:8f0bb79ddd48 2202 * above to be specified at runtime or compile time respectively.
leothedragon 0:8f0bb79ddd48 2203 *
leothedragon 0:8f0bb79ddd48 2204 * \note This abstraction layer must be enabled on Windows (including MSYS2)
leothedragon 0:8f0bb79ddd48 2205 * as other module rely on it for a fixed snprintf implementation.
leothedragon 0:8f0bb79ddd48 2206 *
leothedragon 0:8f0bb79ddd48 2207 * Module: library/platform.c
leothedragon 0:8f0bb79ddd48 2208 * Caller: Most other .c files
leothedragon 0:8f0bb79ddd48 2209 *
leothedragon 0:8f0bb79ddd48 2210 * This module enables abstraction of common (libc) functions.
leothedragon 0:8f0bb79ddd48 2211 */
leothedragon 0:8f0bb79ddd48 2212 #define MBEDTLS_PLATFORM_C
leothedragon 0:8f0bb79ddd48 2213
leothedragon 0:8f0bb79ddd48 2214 /**
leothedragon 0:8f0bb79ddd48 2215 * \def MBEDTLS_RIPEMD160_C
leothedragon 0:8f0bb79ddd48 2216 *
leothedragon 0:8f0bb79ddd48 2217 * Enable the RIPEMD-160 hash algorithm.
leothedragon 0:8f0bb79ddd48 2218 *
leothedragon 0:8f0bb79ddd48 2219 * Module: library/ripemd160.c
leothedragon 0:8f0bb79ddd48 2220 * Caller: library/md.c
leothedragon 0:8f0bb79ddd48 2221 *
leothedragon 0:8f0bb79ddd48 2222 */
leothedragon 0:8f0bb79ddd48 2223 //#define MBEDTLS_RIPEMD160_C
leothedragon 0:8f0bb79ddd48 2224
leothedragon 0:8f0bb79ddd48 2225 /**
leothedragon 0:8f0bb79ddd48 2226 * \def MBEDTLS_RSA_C
leothedragon 0:8f0bb79ddd48 2227 *
leothedragon 0:8f0bb79ddd48 2228 * Enable the RSA public-key cryptosystem.
leothedragon 0:8f0bb79ddd48 2229 *
leothedragon 0:8f0bb79ddd48 2230 * Module: library/rsa.c
leothedragon 0:8f0bb79ddd48 2231 * Caller: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2232 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2233 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 2234 * library/x509.c
leothedragon 0:8f0bb79ddd48 2235 *
leothedragon 0:8f0bb79ddd48 2236 * This module is used by the following key exchanges:
leothedragon 0:8f0bb79ddd48 2237 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
leothedragon 0:8f0bb79ddd48 2238 *
leothedragon 0:8f0bb79ddd48 2239 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
leothedragon 0:8f0bb79ddd48 2240 */
leothedragon 0:8f0bb79ddd48 2241 //#define MBEDTLS_RSA_C
leothedragon 0:8f0bb79ddd48 2242
leothedragon 0:8f0bb79ddd48 2243 /**
leothedragon 0:8f0bb79ddd48 2244 * \def MBEDTLS_SHA1_C
leothedragon 0:8f0bb79ddd48 2245 *
leothedragon 0:8f0bb79ddd48 2246 * Enable the SHA1 cryptographic hash algorithm.
leothedragon 0:8f0bb79ddd48 2247 *
leothedragon 0:8f0bb79ddd48 2248 * Module: library/sha1.c
leothedragon 0:8f0bb79ddd48 2249 * Caller: library/md.c
leothedragon 0:8f0bb79ddd48 2250 * library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2251 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2252 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 2253 * library/x509write_crt.c
leothedragon 0:8f0bb79ddd48 2254 *
leothedragon 0:8f0bb79ddd48 2255 * This module is required for SSL/TLS and SHA1-signed certificates.
leothedragon 0:8f0bb79ddd48 2256 */
leothedragon 0:8f0bb79ddd48 2257 //#define MBEDTLS_SHA1_C
leothedragon 0:8f0bb79ddd48 2258
leothedragon 0:8f0bb79ddd48 2259 /**
leothedragon 0:8f0bb79ddd48 2260 * \def MBEDTLS_SHA256_C
leothedragon 0:8f0bb79ddd48 2261 *
leothedragon 0:8f0bb79ddd48 2262 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
leothedragon 0:8f0bb79ddd48 2263 *
leothedragon 0:8f0bb79ddd48 2264 * Module: library/sha256.c
leothedragon 0:8f0bb79ddd48 2265 * Caller: library/entropy.c
leothedragon 0:8f0bb79ddd48 2266 * library/md.c
leothedragon 0:8f0bb79ddd48 2267 * library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2268 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2269 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 2270 *
leothedragon 0:8f0bb79ddd48 2271 * This module adds support for SHA-224 and SHA-256.
leothedragon 0:8f0bb79ddd48 2272 * This module is required for the SSL/TLS 1.2 PRF function.
leothedragon 0:8f0bb79ddd48 2273 */
leothedragon 0:8f0bb79ddd48 2274 #define MBEDTLS_SHA256_C
leothedragon 0:8f0bb79ddd48 2275
leothedragon 0:8f0bb79ddd48 2276 /**
leothedragon 0:8f0bb79ddd48 2277 * \def MBEDTLS_SHA512_C
leothedragon 0:8f0bb79ddd48 2278 *
leothedragon 0:8f0bb79ddd48 2279 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
leothedragon 0:8f0bb79ddd48 2280 *
leothedragon 0:8f0bb79ddd48 2281 * Module: library/sha512.c
leothedragon 0:8f0bb79ddd48 2282 * Caller: library/entropy.c
leothedragon 0:8f0bb79ddd48 2283 * library/md.c
leothedragon 0:8f0bb79ddd48 2284 * library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2285 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2286 *
leothedragon 0:8f0bb79ddd48 2287 * This module adds support for SHA-384 and SHA-512.
leothedragon 0:8f0bb79ddd48 2288 */
leothedragon 0:8f0bb79ddd48 2289 //#define MBEDTLS_SHA512_C
leothedragon 0:8f0bb79ddd48 2290
leothedragon 0:8f0bb79ddd48 2291 /**
leothedragon 0:8f0bb79ddd48 2292 * \def MBEDTLS_SSL_CACHE_C
leothedragon 0:8f0bb79ddd48 2293 *
leothedragon 0:8f0bb79ddd48 2294 * Enable simple SSL cache implementation.
leothedragon 0:8f0bb79ddd48 2295 *
leothedragon 0:8f0bb79ddd48 2296 * Module: library/ssl_cache.c
leothedragon 0:8f0bb79ddd48 2297 * Caller:
leothedragon 0:8f0bb79ddd48 2298 *
leothedragon 0:8f0bb79ddd48 2299 * Requires: MBEDTLS_SSL_CACHE_C
leothedragon 0:8f0bb79ddd48 2300 */
leothedragon 0:8f0bb79ddd48 2301 #define MBEDTLS_SSL_CACHE_C
leothedragon 0:8f0bb79ddd48 2302
leothedragon 0:8f0bb79ddd48 2303 /**
leothedragon 0:8f0bb79ddd48 2304 * \def MBEDTLS_SSL_COOKIE_C
leothedragon 0:8f0bb79ddd48 2305 *
leothedragon 0:8f0bb79ddd48 2306 * Enable basic implementation of DTLS cookies for hello verification.
leothedragon 0:8f0bb79ddd48 2307 *
leothedragon 0:8f0bb79ddd48 2308 * Module: library/ssl_cookie.c
leothedragon 0:8f0bb79ddd48 2309 * Caller:
leothedragon 0:8f0bb79ddd48 2310 */
leothedragon 0:8f0bb79ddd48 2311 #define MBEDTLS_SSL_COOKIE_C
leothedragon 0:8f0bb79ddd48 2312
leothedragon 0:8f0bb79ddd48 2313 /**
leothedragon 0:8f0bb79ddd48 2314 * \def MBEDTLS_SSL_TICKET_C
leothedragon 0:8f0bb79ddd48 2315 *
leothedragon 0:8f0bb79ddd48 2316 * Enable an implementation of TLS server-side callbacks for session tickets.
leothedragon 0:8f0bb79ddd48 2317 *
leothedragon 0:8f0bb79ddd48 2318 * Module: library/ssl_ticket.c
leothedragon 0:8f0bb79ddd48 2319 * Caller:
leothedragon 0:8f0bb79ddd48 2320 *
leothedragon 0:8f0bb79ddd48 2321 * Requires: MBEDTLS_CIPHER_C
leothedragon 0:8f0bb79ddd48 2322 */
leothedragon 0:8f0bb79ddd48 2323 #define MBEDTLS_SSL_TICKET_C
leothedragon 0:8f0bb79ddd48 2324
leothedragon 0:8f0bb79ddd48 2325 /**
leothedragon 0:8f0bb79ddd48 2326 * \def MBEDTLS_SSL_CLI_C
leothedragon 0:8f0bb79ddd48 2327 *
leothedragon 0:8f0bb79ddd48 2328 * Enable the SSL/TLS client code.
leothedragon 0:8f0bb79ddd48 2329 *
leothedragon 0:8f0bb79ddd48 2330 * Module: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2331 * Caller:
leothedragon 0:8f0bb79ddd48 2332 *
leothedragon 0:8f0bb79ddd48 2333 * Requires: MBEDTLS_SSL_TLS_C
leothedragon 0:8f0bb79ddd48 2334 *
leothedragon 0:8f0bb79ddd48 2335 * This module is required for SSL/TLS client support.
leothedragon 0:8f0bb79ddd48 2336 */
leothedragon 0:8f0bb79ddd48 2337 #define MBEDTLS_SSL_CLI_C
leothedragon 0:8f0bb79ddd48 2338
leothedragon 0:8f0bb79ddd48 2339 /**
leothedragon 0:8f0bb79ddd48 2340 * \def MBEDTLS_SSL_SRV_C
leothedragon 0:8f0bb79ddd48 2341 *
leothedragon 0:8f0bb79ddd48 2342 * Enable the SSL/TLS server code.
leothedragon 0:8f0bb79ddd48 2343 *
leothedragon 0:8f0bb79ddd48 2344 * Module: library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2345 * Caller:
leothedragon 0:8f0bb79ddd48 2346 *
leothedragon 0:8f0bb79ddd48 2347 * Requires: MBEDTLS_SSL_TLS_C
leothedragon 0:8f0bb79ddd48 2348 *
leothedragon 0:8f0bb79ddd48 2349 * This module is required for SSL/TLS server support.
leothedragon 0:8f0bb79ddd48 2350 */
leothedragon 0:8f0bb79ddd48 2351 //#define MBEDTLS_SSL_SRV_C
leothedragon 0:8f0bb79ddd48 2352
leothedragon 0:8f0bb79ddd48 2353 /**
leothedragon 0:8f0bb79ddd48 2354 * \def MBEDTLS_SSL_TLS_C
leothedragon 0:8f0bb79ddd48 2355 *
leothedragon 0:8f0bb79ddd48 2356 * Enable the generic SSL/TLS code.
leothedragon 0:8f0bb79ddd48 2357 *
leothedragon 0:8f0bb79ddd48 2358 * Module: library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 2359 * Caller: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2360 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2361 *
leothedragon 0:8f0bb79ddd48 2362 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
leothedragon 0:8f0bb79ddd48 2363 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
leothedragon 0:8f0bb79ddd48 2364 *
leothedragon 0:8f0bb79ddd48 2365 * This module is required for SSL/TLS.
leothedragon 0:8f0bb79ddd48 2366 */
leothedragon 0:8f0bb79ddd48 2367 #define MBEDTLS_SSL_TLS_C
leothedragon 0:8f0bb79ddd48 2368
leothedragon 0:8f0bb79ddd48 2369 /**
leothedragon 0:8f0bb79ddd48 2370 * \def MBEDTLS_THREADING_C
leothedragon 0:8f0bb79ddd48 2371 *
leothedragon 0:8f0bb79ddd48 2372 * Enable the threading abstraction layer.
leothedragon 0:8f0bb79ddd48 2373 * By default mbed TLS assumes it is used in a non-threaded environment or that
leothedragon 0:8f0bb79ddd48 2374 * contexts are not shared between threads. If you do intend to use contexts
leothedragon 0:8f0bb79ddd48 2375 * between threads, you will need to enable this layer to prevent race
leothedragon 0:8f0bb79ddd48 2376 * conditions. See also our Knowledge Base article about threading:
leothedragon 0:8f0bb79ddd48 2377 * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
leothedragon 0:8f0bb79ddd48 2378 *
leothedragon 0:8f0bb79ddd48 2379 * Module: library/threading.c
leothedragon 0:8f0bb79ddd48 2380 *
leothedragon 0:8f0bb79ddd48 2381 * This allows different threading implementations (self-implemented or
leothedragon 0:8f0bb79ddd48 2382 * provided).
leothedragon 0:8f0bb79ddd48 2383 *
leothedragon 0:8f0bb79ddd48 2384 * You will have to enable either MBEDTLS_THREADING_ALT or
leothedragon 0:8f0bb79ddd48 2385 * MBEDTLS_THREADING_PTHREAD.
leothedragon 0:8f0bb79ddd48 2386 *
leothedragon 0:8f0bb79ddd48 2387 * Enable this layer to allow use of mutexes within mbed TLS
leothedragon 0:8f0bb79ddd48 2388 */
leothedragon 0:8f0bb79ddd48 2389 //#define MBEDTLS_THREADING_C
leothedragon 0:8f0bb79ddd48 2390
leothedragon 0:8f0bb79ddd48 2391 /**
leothedragon 0:8f0bb79ddd48 2392 * \def MBEDTLS_TIMING_C
leothedragon 0:8f0bb79ddd48 2393 *
leothedragon 0:8f0bb79ddd48 2394 * Enable the semi-portable timing interface.
leothedragon 0:8f0bb79ddd48 2395 *
leothedragon 0:8f0bb79ddd48 2396 * \note The provided implementation only works on POSIX/Unix (including Linux,
leothedragon 0:8f0bb79ddd48 2397 * BSD and OS X) and Windows. On other platforms, you can either disable that
leothedragon 0:8f0bb79ddd48 2398 * module and provide your own implementations of the callbacks needed by
leothedragon 0:8f0bb79ddd48 2399 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
leothedragon 0:8f0bb79ddd48 2400 * your own implementation of the whole module by setting
leothedragon 0:8f0bb79ddd48 2401 * \c MBEDTLS_TIMING_ALT in the current file.
leothedragon 0:8f0bb79ddd48 2402 *
leothedragon 0:8f0bb79ddd48 2403 * \note See also our Knowledge Base article about porting to a new
leothedragon 0:8f0bb79ddd48 2404 * environment:
leothedragon 0:8f0bb79ddd48 2405 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
leothedragon 0:8f0bb79ddd48 2406 *
leothedragon 0:8f0bb79ddd48 2407 * Module: library/timing.c
leothedragon 0:8f0bb79ddd48 2408 * Caller: library/havege.c
leothedragon 0:8f0bb79ddd48 2409 *
leothedragon 0:8f0bb79ddd48 2410 * This module is used by the HAVEGE random number generator.
leothedragon 0:8f0bb79ddd48 2411 */
leothedragon 0:8f0bb79ddd48 2412 //#define MBEDTLS_TIMING_C
leothedragon 0:8f0bb79ddd48 2413
leothedragon 0:8f0bb79ddd48 2414 /**
leothedragon 0:8f0bb79ddd48 2415 * \def MBEDTLS_VERSION_C
leothedragon 0:8f0bb79ddd48 2416 *
leothedragon 0:8f0bb79ddd48 2417 * Enable run-time version information.
leothedragon 0:8f0bb79ddd48 2418 *
leothedragon 0:8f0bb79ddd48 2419 * Module: library/version.c
leothedragon 0:8f0bb79ddd48 2420 *
leothedragon 0:8f0bb79ddd48 2421 * This module provides run-time version information.
leothedragon 0:8f0bb79ddd48 2422 */
leothedragon 0:8f0bb79ddd48 2423 #define MBEDTLS_VERSION_C
leothedragon 0:8f0bb79ddd48 2424 /**
leothedragon 0:8f0bb79ddd48 2425 * \def MBEDTLS_X509_USE_C
leothedragon 0:8f0bb79ddd48 2426 *
leothedragon 0:8f0bb79ddd48 2427 * Enable X.509 core for using certificates.
leothedragon 0:8f0bb79ddd48 2428 *
leothedragon 0:8f0bb79ddd48 2429 * Module: library/x509.c
leothedragon 0:8f0bb79ddd48 2430 * Caller: library/x509_crl.c
leothedragon 0:8f0bb79ddd48 2431 * library/x509_crt.c
leothedragon 0:8f0bb79ddd48 2432 * library/x509_csr.c
leothedragon 0:8f0bb79ddd48 2433 *
leothedragon 0:8f0bb79ddd48 2434 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
leothedragon 0:8f0bb79ddd48 2435 * MBEDTLS_PK_PARSE_C
leothedragon 0:8f0bb79ddd48 2436 *
leothedragon 0:8f0bb79ddd48 2437 * This module is required for the X.509 parsing modules.
leothedragon 0:8f0bb79ddd48 2438 */
leothedragon 0:8f0bb79ddd48 2439 #define MBEDTLS_X509_USE_C
leothedragon 0:8f0bb79ddd48 2440
leothedragon 0:8f0bb79ddd48 2441 /**
leothedragon 0:8f0bb79ddd48 2442 * \def MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 2443 *
leothedragon 0:8f0bb79ddd48 2444 * Enable X.509 certificate parsing.
leothedragon 0:8f0bb79ddd48 2445 *
leothedragon 0:8f0bb79ddd48 2446 * Module: library/x509_crt.c
leothedragon 0:8f0bb79ddd48 2447 * Caller: library/ssl_cli.c
leothedragon 0:8f0bb79ddd48 2448 * library/ssl_srv.c
leothedragon 0:8f0bb79ddd48 2449 * library/ssl_tls.c
leothedragon 0:8f0bb79ddd48 2450 *
leothedragon 0:8f0bb79ddd48 2451 * Requires: MBEDTLS_X509_USE_C
leothedragon 0:8f0bb79ddd48 2452 *
leothedragon 0:8f0bb79ddd48 2453 * This module is required for X.509 certificate parsing.
leothedragon 0:8f0bb79ddd48 2454 */
leothedragon 0:8f0bb79ddd48 2455 #define MBEDTLS_X509_CRT_PARSE_C
leothedragon 0:8f0bb79ddd48 2456
leothedragon 0:8f0bb79ddd48 2457 /**
leothedragon 0:8f0bb79ddd48 2458 * \def MBEDTLS_X509_CRL_PARSE_C
leothedragon 0:8f0bb79ddd48 2459 *
leothedragon 0:8f0bb79ddd48 2460 * Enable X.509 CRL parsing.
leothedragon 0:8f0bb79ddd48 2461 *
leothedragon 0:8f0bb79ddd48 2462 * Module: library/x509_crl.c
leothedragon 0:8f0bb79ddd48 2463 * Caller: library/x509_crt.c
leothedragon 0:8f0bb79ddd48 2464 *
leothedragon 0:8f0bb79ddd48 2465 * Requires: MBEDTLS_X509_USE_C
leothedragon 0:8f0bb79ddd48 2466 *
leothedragon 0:8f0bb79ddd48 2467 * This module is required for X.509 CRL parsing.
leothedragon 0:8f0bb79ddd48 2468 */
leothedragon 0:8f0bb79ddd48 2469 #define MBEDTLS_X509_CRL_PARSE_C
leothedragon 0:8f0bb79ddd48 2470
leothedragon 0:8f0bb79ddd48 2471 /**
leothedragon 0:8f0bb79ddd48 2472 * \def MBEDTLS_X509_CSR_PARSE_C
leothedragon 0:8f0bb79ddd48 2473 *
leothedragon 0:8f0bb79ddd48 2474 * Enable X.509 Certificate Signing Request (CSR) parsing.
leothedragon 0:8f0bb79ddd48 2475 *
leothedragon 0:8f0bb79ddd48 2476 * Module: library/x509_csr.c
leothedragon 0:8f0bb79ddd48 2477 * Caller: library/x509_crt_write.c
leothedragon 0:8f0bb79ddd48 2478 *
leothedragon 0:8f0bb79ddd48 2479 * Requires: MBEDTLS_X509_USE_C
leothedragon 0:8f0bb79ddd48 2480 *
leothedragon 0:8f0bb79ddd48 2481 * This module is used for reading X.509 certificate request.
leothedragon 0:8f0bb79ddd48 2482 */
leothedragon 0:8f0bb79ddd48 2483 #define MBEDTLS_X509_CSR_PARSE_C
leothedragon 0:8f0bb79ddd48 2484
leothedragon 0:8f0bb79ddd48 2485 /**
leothedragon 0:8f0bb79ddd48 2486 * \def MBEDTLS_X509_CREATE_C
leothedragon 0:8f0bb79ddd48 2487 *
leothedragon 0:8f0bb79ddd48 2488 * Enable X.509 core for creating certificates.
leothedragon 0:8f0bb79ddd48 2489 *
leothedragon 0:8f0bb79ddd48 2490 * Module: library/x509_create.c
leothedragon 0:8f0bb79ddd48 2491 *
leothedragon 0:8f0bb79ddd48 2492 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
leothedragon 0:8f0bb79ddd48 2493 *
leothedragon 0:8f0bb79ddd48 2494 * This module is the basis for creating X.509 certificates and CSRs.
leothedragon 0:8f0bb79ddd48 2495 */
leothedragon 0:8f0bb79ddd48 2496 #define MBEDTLS_X509_CREATE_C
leothedragon 0:8f0bb79ddd48 2497
leothedragon 0:8f0bb79ddd48 2498 /**
leothedragon 0:8f0bb79ddd48 2499 * \def MBEDTLS_X509_CRT_WRITE_C
leothedragon 0:8f0bb79ddd48 2500 *
leothedragon 0:8f0bb79ddd48 2501 * Enable creating X.509 certificates.
leothedragon 0:8f0bb79ddd48 2502 *
leothedragon 0:8f0bb79ddd48 2503 * Module: library/x509_crt_write.c
leothedragon 0:8f0bb79ddd48 2504 *
leothedragon 0:8f0bb79ddd48 2505 * Requires: MBEDTLS_X509_CREATE_C
leothedragon 0:8f0bb79ddd48 2506 *
leothedragon 0:8f0bb79ddd48 2507 * This module is required for X.509 certificate creation.
leothedragon 0:8f0bb79ddd48 2508 */
leothedragon 0:8f0bb79ddd48 2509 //#define MBEDTLS_X509_CRT_WRITE_C
leothedragon 0:8f0bb79ddd48 2510
leothedragon 0:8f0bb79ddd48 2511 /**
leothedragon 0:8f0bb79ddd48 2512 * \def MBEDTLS_X509_CSR_WRITE_C
leothedragon 0:8f0bb79ddd48 2513 *
leothedragon 0:8f0bb79ddd48 2514 * Enable creating X.509 Certificate Signing Requests (CSR).
leothedragon 0:8f0bb79ddd48 2515 *
leothedragon 0:8f0bb79ddd48 2516 * Module: library/x509_csr_write.c
leothedragon 0:8f0bb79ddd48 2517 *
leothedragon 0:8f0bb79ddd48 2518 * Requires: MBEDTLS_X509_CREATE_C
leothedragon 0:8f0bb79ddd48 2519 *
leothedragon 0:8f0bb79ddd48 2520 * This module is required for X.509 certificate request writing.
leothedragon 0:8f0bb79ddd48 2521 */
leothedragon 0:8f0bb79ddd48 2522 #define MBEDTLS_X509_CSR_WRITE_C
leothedragon 0:8f0bb79ddd48 2523 /**
leothedragon 0:8f0bb79ddd48 2524 * \def MBEDTLS_XTEA_C
leothedragon 0:8f0bb79ddd48 2525 *
leothedragon 0:8f0bb79ddd48 2526 * Enable the XTEA block cipher.
leothedragon 0:8f0bb79ddd48 2527 *
leothedragon 0:8f0bb79ddd48 2528 * Module: library/xtea.c
leothedragon 0:8f0bb79ddd48 2529 * Caller:
leothedragon 0:8f0bb79ddd48 2530 */
leothedragon 0:8f0bb79ddd48 2531 //#define MBEDTLS_XTEA_C
leothedragon 0:8f0bb79ddd48 2532
leothedragon 0:8f0bb79ddd48 2533 /* \} name SECTION: mbed TLS modules */
leothedragon 0:8f0bb79ddd48 2534
leothedragon 0:8f0bb79ddd48 2535 /**
leothedragon 0:8f0bb79ddd48 2536 * \name SECTION: Module configuration options
leothedragon 0:8f0bb79ddd48 2537 *
leothedragon 0:8f0bb79ddd48 2538 * This section allows for the setting of module specific sizes and
leothedragon 0:8f0bb79ddd48 2539 * configuration options. The default values are already present in the
leothedragon 0:8f0bb79ddd48 2540 * relevant header files and should suffice for the regular use cases.
leothedragon 0:8f0bb79ddd48 2541 *
leothedragon 0:8f0bb79ddd48 2542 * Our advice is to enable options and change their values here
leothedragon 0:8f0bb79ddd48 2543 * only if you have a good reason and know the consequences.
leothedragon 0:8f0bb79ddd48 2544 *
leothedragon 0:8f0bb79ddd48 2545 * Please check the respective header file for documentation on these
leothedragon 0:8f0bb79ddd48 2546 * parameters (to prevent duplicate documentation).
leothedragon 0:8f0bb79ddd48 2547 * \{
leothedragon 0:8f0bb79ddd48 2548 */
leothedragon 0:8f0bb79ddd48 2549
leothedragon 0:8f0bb79ddd48 2550 /* MPI / BIGNUM options */
leothedragon 0:8f0bb79ddd48 2551 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
leothedragon 0:8f0bb79ddd48 2552 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
leothedragon 0:8f0bb79ddd48 2553
leothedragon 0:8f0bb79ddd48 2554 /* CTR_DRBG options */
leothedragon 0:8f0bb79ddd48 2555 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
leothedragon 0:8f0bb79ddd48 2556 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
leothedragon 0:8f0bb79ddd48 2557 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
leothedragon 0:8f0bb79ddd48 2558 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
leothedragon 0:8f0bb79ddd48 2559 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
leothedragon 0:8f0bb79ddd48 2560
leothedragon 0:8f0bb79ddd48 2561 /* HMAC_DRBG options */
leothedragon 0:8f0bb79ddd48 2562 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
leothedragon 0:8f0bb79ddd48 2563 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
leothedragon 0:8f0bb79ddd48 2564 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
leothedragon 0:8f0bb79ddd48 2565 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
leothedragon 0:8f0bb79ddd48 2566
leothedragon 0:8f0bb79ddd48 2567 /* ECP options */
leothedragon 0:8f0bb79ddd48 2568 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
leothedragon 0:8f0bb79ddd48 2569 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
leothedragon 0:8f0bb79ddd48 2570 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
leothedragon 0:8f0bb79ddd48 2571
leothedragon 0:8f0bb79ddd48 2572 /* Entropy options */
leothedragon 0:8f0bb79ddd48 2573 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
leothedragon 0:8f0bb79ddd48 2574 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
leothedragon 0:8f0bb79ddd48 2575 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
leothedragon 0:8f0bb79ddd48 2576
leothedragon 0:8f0bb79ddd48 2577 /* Memory buffer allocator options */
leothedragon 0:8f0bb79ddd48 2578 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
leothedragon 0:8f0bb79ddd48 2579
leothedragon 0:8f0bb79ddd48 2580 /* Platform options */
leothedragon 0:8f0bb79ddd48 2581 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
leothedragon 0:8f0bb79ddd48 2582 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2583 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2584 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2585 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
leothedragon 0:8f0bb79ddd48 2586 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2587 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2588 /* Note: your snprintf must correclty zero-terminate the buffer! */
leothedragon 0:8f0bb79ddd48 2589 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2590 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2591 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2592 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2593 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2594 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
leothedragon 0:8f0bb79ddd48 2595
leothedragon 0:8f0bb79ddd48 2596 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
leothedragon 0:8f0bb79ddd48 2597 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
leothedragon 0:8f0bb79ddd48 2598 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2599 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2600 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2601 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
leothedragon 0:8f0bb79ddd48 2602 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
leothedragon 0:8f0bb79ddd48 2603 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2604 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2605 /* Note: your snprintf must correclty zero-terminate the buffer! */
leothedragon 0:8f0bb79ddd48 2606 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2607 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2608 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
leothedragon 0:8f0bb79ddd48 2609
leothedragon 0:8f0bb79ddd48 2610 /* SSL Cache options */
leothedragon 0:8f0bb79ddd48 2611 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
leothedragon 0:8f0bb79ddd48 2612 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
leothedragon 0:8f0bb79ddd48 2613
leothedragon 0:8f0bb79ddd48 2614 /* SSL options */
leothedragon 0:8f0bb79ddd48 2615 #define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
leothedragon 0:8f0bb79ddd48 2616 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
leothedragon 0:8f0bb79ddd48 2617 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
leothedragon 0:8f0bb79ddd48 2618 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
leothedragon 0:8f0bb79ddd48 2619
leothedragon 0:8f0bb79ddd48 2620 /**
leothedragon 0:8f0bb79ddd48 2621 * Enable ARIA ciphersuites.
leothedragon 0:8f0bb79ddd48 2622 */
leothedragon 0:8f0bb79ddd48 2623
leothedragon 0:8f0bb79ddd48 2624 #define MBEDTLS_ARIA_C
leothedragon 0:8f0bb79ddd48 2625
leothedragon 0:8f0bb79ddd48 2626 /**
leothedragon 0:8f0bb79ddd48 2627 * Complete list of ciphersuites to use, in order of preference.
leothedragon 0:8f0bb79ddd48 2628 *
leothedragon 0:8f0bb79ddd48 2629 * \warning No dependency checking is done on that field! This option can only
leothedragon 0:8f0bb79ddd48 2630 * be used to restrict the set of available ciphersuites. It is your
leothedragon 0:8f0bb79ddd48 2631 * responsibility to make sure the needed modules are active.
leothedragon 0:8f0bb79ddd48 2632 *
leothedragon 0:8f0bb79ddd48 2633 * Use this to save a few hundred bytes of ROM (default ordering of all
leothedragon 0:8f0bb79ddd48 2634 * available ciphersuites) and a few to a few hundred bytes of RAM.
leothedragon 0:8f0bb79ddd48 2635 *
leothedragon 0:8f0bb79ddd48 2636 * The value below is only an example, not the default.
leothedragon 0:8f0bb79ddd48 2637 */
leothedragon 0:8f0bb79ddd48 2638 #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, \
leothedragon 0:8f0bb79ddd48 2639 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, \
leothedragon 0:8f0bb79ddd48 2640 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
leothedragon 0:8f0bb79ddd48 2641 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, \
leothedragon 0:8f0bb79ddd48 2642 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
leothedragon 0:8f0bb79ddd48 2643 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
leothedragon 0:8f0bb79ddd48 2644 /* X509 options */
leothedragon 0:8f0bb79ddd48 2645 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
leothedragon 0:8f0bb79ddd48 2646 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
leothedragon 0:8f0bb79ddd48 2647
leothedragon 0:8f0bb79ddd48 2648 /* \} name SECTION: Customisation configuration options */
leothedragon 0:8f0bb79ddd48 2649
leothedragon 0:8f0bb79ddd48 2650 // Reduces size particularly in case PSA crypto is used
leothedragon 0:8f0bb79ddd48 2651 #undef MBEDTLS_CHACHA20_C
leothedragon 0:8f0bb79ddd48 2652 #undef MBEDTLS_CHACHAPOLY_C
leothedragon 0:8f0bb79ddd48 2653 #undef MBEDTLS_POLY1305_C
leothedragon 0:8f0bb79ddd48 2654
leothedragon 0:8f0bb79ddd48 2655 #include "check_config.h"
leothedragon 0:8f0bb79ddd48 2656
leothedragon 0:8f0bb79ddd48 2657 #if defined(MBEDTLS_TEST_NULL_ENTROPY)
leothedragon 0:8f0bb79ddd48 2658 #warning "MBEDTLS_TEST_NULL_ENTROPY has been enabled. This " \
leothedragon 0:8f0bb79ddd48 2659 "configuration is not secure and is not suitable for production use"
leothedragon 0:8f0bb79ddd48 2660 #endif
leothedragon 0:8f0bb79ddd48 2661
leothedragon 0:8f0bb79ddd48 2662 #endif /* MBEDTLS_CONFIG_H */