Mayank Gupta / Mbed OS pelion-example-frdm

Example

Dependencies:   FXAS21002 FXOS8700Q

simple-mbed-cloud-client/mbed-cloud-client/mbed-client-pal/Configs/mbedTLS/mbedTLSConfig_Linux.h@0:11cc2b7889af, 2019-11-19 (annotated)

Committer:
maygup01
Date:
Tue Nov 19 09:49:38 2019 +0000
Revision:
0:11cc2b7889af
Example

Who changed what in which revision?

UserRevisionLine numberNew contents of line
maygup01 0:11cc2b7889af 1 // ----------------------------------------------------------------------------
maygup01 0:11cc2b7889af 2 // Copyright 2016-2019 ARM Ltd.
maygup01 0:11cc2b7889af 3 //
maygup01 0:11cc2b7889af 4 // SPDX-License-Identifier: Apache-2.0
maygup01 0:11cc2b7889af 5 //
maygup01 0:11cc2b7889af 6 // Licensed under the Apache License, Version 2.0 (the "License");
maygup01 0:11cc2b7889af 7 // you may not use this file except in compliance with the License.
maygup01 0:11cc2b7889af 8 // You may obtain a copy of the License at
maygup01 0:11cc2b7889af 9 //
maygup01 0:11cc2b7889af 10 // http://www.apache.org/licenses/LICENSE-2.0
maygup01 0:11cc2b7889af 11 //
maygup01 0:11cc2b7889af 12 // Unless required by applicable law or agreed to in writing, software
maygup01 0:11cc2b7889af 13 // distributed under the License is distributed on an "AS IS" BASIS,
maygup01 0:11cc2b7889af 14 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
maygup01 0:11cc2b7889af 15 // See the License for the specific language governing permissions and
maygup01 0:11cc2b7889af 16 // limitations under the License.
maygup01 0:11cc2b7889af 17 // ----------------------------------------------------------------------------
maygup01 0:11cc2b7889af 18
maygup01 0:11cc2b7889af 19 #ifndef MBEDTLS_CONFIG_H
maygup01 0:11cc2b7889af 20 #define MBEDTLS_CONFIG_H
maygup01 0:11cc2b7889af 21
maygup01 0:11cc2b7889af 22
maygup01 0:11cc2b7889af 23 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
maygup01 0:11cc2b7889af 24 #define _CRT_SECURE_NO_DEPRECATE 1
maygup01 0:11cc2b7889af 25 #endif
maygup01 0:11cc2b7889af 26
maygup01 0:11cc2b7889af 27 /**
maygup01 0:11cc2b7889af 28 * \name SECTION: System support
maygup01 0:11cc2b7889af 29 *
maygup01 0:11cc2b7889af 30 * This section sets system specific settings.
maygup01 0:11cc2b7889af 31 * \{
maygup01 0:11cc2b7889af 32 */
maygup01 0:11cc2b7889af 33 #if 1 //Please set to 1 if you are using secure time
maygup01 0:11cc2b7889af 34 /**
maygup01 0:11cc2b7889af 35 * \def MBEDTLS_HAVE_ASM
maygup01 0:11cc2b7889af 36 *
maygup01 0:11cc2b7889af 37 * The compiler has support for asm().
maygup01 0:11cc2b7889af 38 *
maygup01 0:11cc2b7889af 39 * Requires support for asm() in compiler.
maygup01 0:11cc2b7889af 40 *
maygup01 0:11cc2b7889af 41 * Used in:
maygup01 0:11cc2b7889af 42 * library/timing.c
maygup01 0:11cc2b7889af 43 * library/padlock.c
maygup01 0:11cc2b7889af 44 * include/mbedtls/bn_mul.h
maygup01 0:11cc2b7889af 45 *
maygup01 0:11cc2b7889af 46 * Comment to disable the use of assembly code.
maygup01 0:11cc2b7889af 47 */
maygup01 0:11cc2b7889af 48 #define MBEDTLS_HAVE_ASM
maygup01 0:11cc2b7889af 49
maygup01 0:11cc2b7889af 50 /**
maygup01 0:11cc2b7889af 51 * \def MBEDTLS_HAVE_SSE2
maygup01 0:11cc2b7889af 52 *
maygup01 0:11cc2b7889af 53 * CPU supports SSE2 instruction set.
maygup01 0:11cc2b7889af 54 *
maygup01 0:11cc2b7889af 55 * Uncomment if the CPU supports SSE2 (IA-32 specific).
maygup01 0:11cc2b7889af 56 */
maygup01 0:11cc2b7889af 57 //#define MBEDTLS_HAVE_SSE2
maygup01 0:11cc2b7889af 58
maygup01 0:11cc2b7889af 59 /**
maygup01 0:11cc2b7889af 60 * \def MBEDTLS_HAVE_TIME
maygup01 0:11cc2b7889af 61 *
maygup01 0:11cc2b7889af 62 * System has time.h and time().
maygup01 0:11cc2b7889af 63 * The time does not need to be correct, only time differences are used,
maygup01 0:11cc2b7889af 64 * by contrast with MBEDTLS_HAVE_TIME_DATE
maygup01 0:11cc2b7889af 65 *
maygup01 0:11cc2b7889af 66 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
maygup01 0:11cc2b7889af 67 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
maygup01 0:11cc2b7889af 68 * MBEDTLS_PLATFORM_STD_TIME.
maygup01 0:11cc2b7889af 69 *
maygup01 0:11cc2b7889af 70 * Comment if your system does not support time functions
maygup01 0:11cc2b7889af 71 */
maygup01 0:11cc2b7889af 72 #define MBEDTLS_HAVE_TIME
maygup01 0:11cc2b7889af 73
maygup01 0:11cc2b7889af 74 /**
maygup01 0:11cc2b7889af 75 * \def MBEDTLS_HAVE_TIME_DATE
maygup01 0:11cc2b7889af 76 *
maygup01 0:11cc2b7889af 77 * System has time.h and time(), gmtime() and the clock is correct.
maygup01 0:11cc2b7889af 78 * The time needs to be correct (not necesarily very accurate, but at least
maygup01 0:11cc2b7889af 79 * the date should be correct). This is used to verify the validity period of
maygup01 0:11cc2b7889af 80 * X.509 certificates.
maygup01 0:11cc2b7889af 81 *
maygup01 0:11cc2b7889af 82 * Comment if your system does not have a correct clock.
maygup01 0:11cc2b7889af 83 */
maygup01 0:11cc2b7889af 84 #define MBEDTLS_HAVE_TIME_DATE
maygup01 0:11cc2b7889af 85
maygup01 0:11cc2b7889af 86 /**
maygup01 0:11cc2b7889af 87 * \def MBEDTLS_PLATFORM_MEMORY
maygup01 0:11cc2b7889af 88 *
maygup01 0:11cc2b7889af 89 * Enable the memory allocation layer.
maygup01 0:11cc2b7889af 90 *
maygup01 0:11cc2b7889af 91 * By default mbed TLS uses the system-provided calloc() and free().
maygup01 0:11cc2b7889af 92 * This allows different allocators (self-implemented or provided) to be
maygup01 0:11cc2b7889af 93 * provided to the platform abstraction layer.
maygup01 0:11cc2b7889af 94 *
maygup01 0:11cc2b7889af 95 * Enabling MBEDTLS_PLATFORM_MEMORY without the
maygup01 0:11cc2b7889af 96 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
maygup01 0:11cc2b7889af 97 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
maygup01 0:11cc2b7889af 98 * free() function pointer at runtime.
maygup01 0:11cc2b7889af 99 *
maygup01 0:11cc2b7889af 100 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
maygup01 0:11cc2b7889af 101 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
maygup01 0:11cc2b7889af 102 * alternate function at compile time.
maygup01 0:11cc2b7889af 103 *
maygup01 0:11cc2b7889af 104 * Requires: MBEDTLS_PLATFORM_C
maygup01 0:11cc2b7889af 105 *
maygup01 0:11cc2b7889af 106 * Enable this layer to allow use of alternative memory allocators.
maygup01 0:11cc2b7889af 107 */
maygup01 0:11cc2b7889af 108 //#define MBEDTLS_PLATFORM_MEMORY
maygup01 0:11cc2b7889af 109
maygup01 0:11cc2b7889af 110 /**
maygup01 0:11cc2b7889af 111 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
maygup01 0:11cc2b7889af 112 *
maygup01 0:11cc2b7889af 113 * Do not assign standard functions in the platform layer (e.g. calloc() to
maygup01 0:11cc2b7889af 114 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
maygup01 0:11cc2b7889af 115 *
maygup01 0:11cc2b7889af 116 * This makes sure there are no linking errors on platforms that do not support
maygup01 0:11cc2b7889af 117 * these functions. You will HAVE to provide alternatives, either at runtime
maygup01 0:11cc2b7889af 118 * via the platform_set_xxx() functions or at compile time by setting
maygup01 0:11cc2b7889af 119 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
maygup01 0:11cc2b7889af 120 * MBEDTLS_PLATFORM_XXX_MACRO.
maygup01 0:11cc2b7889af 121 *
maygup01 0:11cc2b7889af 122 * Requires: MBEDTLS_PLATFORM_C
maygup01 0:11cc2b7889af 123 *
maygup01 0:11cc2b7889af 124 * Uncomment to prevent default assignment of standard functions in the
maygup01 0:11cc2b7889af 125 * platform layer.
maygup01 0:11cc2b7889af 126 */
maygup01 0:11cc2b7889af 127 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
maygup01 0:11cc2b7889af 128
maygup01 0:11cc2b7889af 129 /**
maygup01 0:11cc2b7889af 130 * \def MBEDTLS_PLATFORM_EXIT_ALT
maygup01 0:11cc2b7889af 131 *
maygup01 0:11cc2b7889af 132 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
maygup01 0:11cc2b7889af 133 * function in the platform abstraction layer.
maygup01 0:11cc2b7889af 134 *
maygup01 0:11cc2b7889af 135 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
maygup01 0:11cc2b7889af 136 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
maygup01 0:11cc2b7889af 137 * alternative printf function pointer.
maygup01 0:11cc2b7889af 138 *
maygup01 0:11cc2b7889af 139 * All these define require MBEDTLS_PLATFORM_C to be defined!
maygup01 0:11cc2b7889af 140 *
maygup01 0:11cc2b7889af 141 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
maygup01 0:11cc2b7889af 142 * it will be enabled automatically by check_config.h
maygup01 0:11cc2b7889af 143 *
maygup01 0:11cc2b7889af 144 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
maygup01 0:11cc2b7889af 145 * MBEDTLS_PLATFORM_XXX_MACRO!
maygup01 0:11cc2b7889af 146 *
maygup01 0:11cc2b7889af 147 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
maygup01 0:11cc2b7889af 148 *
maygup01 0:11cc2b7889af 149 * Uncomment a macro to enable alternate implementation of specific base
maygup01 0:11cc2b7889af 150 * platform function
maygup01 0:11cc2b7889af 151 */
maygup01 0:11cc2b7889af 152 #define MBEDTLS_PLATFORM_TIME_ALT
maygup01 0:11cc2b7889af 153 #endif //0
maygup01 0:11cc2b7889af 154 //#define MBEDTLS_PLATFORM_EXIT_ALT
maygup01 0:11cc2b7889af 155 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
maygup01 0:11cc2b7889af 156 //#define MBEDTLS_PLATFORM_PRINTF_ALT
maygup01 0:11cc2b7889af 157 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
maygup01 0:11cc2b7889af 158 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
maygup01 0:11cc2b7889af 159
maygup01 0:11cc2b7889af 160 /**
maygup01 0:11cc2b7889af 161 * \def MBEDTLS_DEPRECATED_WARNING
maygup01 0:11cc2b7889af 162 *
maygup01 0:11cc2b7889af 163 * Mark deprecated functions so that they generate a warning if used.
maygup01 0:11cc2b7889af 164 * Functions deprecated in one version will usually be removed in the next
maygup01 0:11cc2b7889af 165 * version. You can enable this to help you prepare the transition to a new
maygup01 0:11cc2b7889af 166 * major version by making sure your code is not using these functions.
maygup01 0:11cc2b7889af 167 *
maygup01 0:11cc2b7889af 168 * This only works with GCC and Clang. With other compilers, you may want to
maygup01 0:11cc2b7889af 169 * use MBEDTLS_DEPRECATED_REMOVED
maygup01 0:11cc2b7889af 170 *
maygup01 0:11cc2b7889af 171 * Uncomment to get warnings on using deprecated functions.
maygup01 0:11cc2b7889af 172 */
maygup01 0:11cc2b7889af 173 //#define MBEDTLS_DEPRECATED_WARNING
maygup01 0:11cc2b7889af 174
maygup01 0:11cc2b7889af 175 /**
maygup01 0:11cc2b7889af 176 * \def MBEDTLS_DEPRECATED_REMOVED
maygup01 0:11cc2b7889af 177 *
maygup01 0:11cc2b7889af 178 * Remove deprecated functions so that they generate an error if used.
maygup01 0:11cc2b7889af 179 * Functions deprecated in one version will usually be removed in the next
maygup01 0:11cc2b7889af 180 * version. You can enable this to help you prepare the transition to a new
maygup01 0:11cc2b7889af 181 * major version by making sure your code is not using these functions.
maygup01 0:11cc2b7889af 182 *
maygup01 0:11cc2b7889af 183 * Uncomment to get errors on using deprecated functions.
maygup01 0:11cc2b7889af 184 */
maygup01 0:11cc2b7889af 185 //#define MBEDTLS_DEPRECATED_REMOVED
maygup01 0:11cc2b7889af 186
maygup01 0:11cc2b7889af 187 /* \} name SECTION: System support */
maygup01 0:11cc2b7889af 188
maygup01 0:11cc2b7889af 189 /**
maygup01 0:11cc2b7889af 190 * \name SECTION: mbed TLS feature support
maygup01 0:11cc2b7889af 191 *
maygup01 0:11cc2b7889af 192 * This section sets support for features that are or are not needed
maygup01 0:11cc2b7889af 193 * within the modules that are enabled.
maygup01 0:11cc2b7889af 194 * \{
maygup01 0:11cc2b7889af 195 */
maygup01 0:11cc2b7889af 196
maygup01 0:11cc2b7889af 197 /**
maygup01 0:11cc2b7889af 198 * \def MBEDTLS_TIMING_ALT
maygup01 0:11cc2b7889af 199 *
maygup01 0:11cc2b7889af 200 * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
maygup01 0:11cc2b7889af 201 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
maygup01 0:11cc2b7889af 202 *
maygup01 0:11cc2b7889af 203 * Only works if you have MBEDTLS_TIMING_C enabled.
maygup01 0:11cc2b7889af 204 *
maygup01 0:11cc2b7889af 205 * You will need to provide a header "timing_alt.h" and an implementation at
maygup01 0:11cc2b7889af 206 * compile time.
maygup01 0:11cc2b7889af 207 */
maygup01 0:11cc2b7889af 208 //#define MBEDTLS_TIMING_ALT
maygup01 0:11cc2b7889af 209
maygup01 0:11cc2b7889af 210 /**
maygup01 0:11cc2b7889af 211 * \def MBEDTLS_AES_ALT
maygup01 0:11cc2b7889af 212 *
maygup01 0:11cc2b7889af 213 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
maygup01 0:11cc2b7889af 214 * alternate core implementation of a symmetric crypto, an arithmetic or hash
maygup01 0:11cc2b7889af 215 * module (e.g. platform specific assembly optimized implementations). Keep
maygup01 0:11cc2b7889af 216 * in mind that the function prototypes should remain the same.
maygup01 0:11cc2b7889af 217 *
maygup01 0:11cc2b7889af 218 * This replaces the whole module. If you only want to replace one of the
maygup01 0:11cc2b7889af 219 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
maygup01 0:11cc2b7889af 220 *
maygup01 0:11cc2b7889af 221 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
maygup01 0:11cc2b7889af 222 * provide the "struct mbedtls_aes_context" definition and omit the base
maygup01 0:11cc2b7889af 223 * function declarations and implementations. "aes_alt.h" will be included from
maygup01 0:11cc2b7889af 224 * "aes.h" to include the new function definitions.
maygup01 0:11cc2b7889af 225 *
maygup01 0:11cc2b7889af 226 * Uncomment a macro to enable alternate implementation of the corresponding
maygup01 0:11cc2b7889af 227 * module.
maygup01 0:11cc2b7889af 228 */
maygup01 0:11cc2b7889af 229 //#define MBEDTLS_AES_ALT
maygup01 0:11cc2b7889af 230 //#define MBEDTLS_ARC4_ALT
maygup01 0:11cc2b7889af 231 //#define MBEDTLS_BLOWFISH_ALT
maygup01 0:11cc2b7889af 232 //#define MBEDTLS_CAMELLIA_ALT
maygup01 0:11cc2b7889af 233 //#define MBEDTLS_DES_ALT
maygup01 0:11cc2b7889af 234 //#define MBEDTLS_XTEA_ALT
maygup01 0:11cc2b7889af 235 //#define MBEDTLS_MD2_ALT
maygup01 0:11cc2b7889af 236 //#define MBEDTLS_MD4_ALT
maygup01 0:11cc2b7889af 237 //#define MBEDTLS_MD5_ALT
maygup01 0:11cc2b7889af 238 //#define MBEDTLS_RIPEMD160_ALT
maygup01 0:11cc2b7889af 239 //#define MBEDTLS_SHA1_ALT
maygup01 0:11cc2b7889af 240 //#define MBEDTLS_SHA256_ALT
maygup01 0:11cc2b7889af 241 //#define MBEDTLS_SHA512_ALT
maygup01 0:11cc2b7889af 242 /*
maygup01 0:11cc2b7889af 243 * When replacing the elliptic curve module, pleace consider, that it is
maygup01 0:11cc2b7889af 244 * implemented with two .c files:
maygup01 0:11cc2b7889af 245 * - ecp.c
maygup01 0:11cc2b7889af 246 * - ecp_curves.c
maygup01 0:11cc2b7889af 247 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
maygup01 0:11cc2b7889af 248 * macros as described above. The only difference is that you have to make sure
maygup01 0:11cc2b7889af 249 * that you provide functionality for both .c files.
maygup01 0:11cc2b7889af 250 */
maygup01 0:11cc2b7889af 251 //#define MBEDTLS_ECP_ALT
maygup01 0:11cc2b7889af 252
maygup01 0:11cc2b7889af 253 /**
maygup01 0:11cc2b7889af 254 * \def MBEDTLS_MD2_PROCESS_ALT
maygup01 0:11cc2b7889af 255 *
maygup01 0:11cc2b7889af 256 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
maygup01 0:11cc2b7889af 257 * alternate core implementation of symmetric crypto or hash function. Keep in
maygup01 0:11cc2b7889af 258 * mind that function prototypes should remain the same.
maygup01 0:11cc2b7889af 259 *
maygup01 0:11cc2b7889af 260 * This replaces only one function. The header file from mbed TLS is still
maygup01 0:11cc2b7889af 261 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
maygup01 0:11cc2b7889af 262 *
maygup01 0:11cc2b7889af 263 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
maygup01 0:11cc2b7889af 264 * no longer provide the mbedtls_sha1_process() function, but it will still provide
maygup01 0:11cc2b7889af 265 * the other function (using your mbedtls_sha1_process() function) and the definition
maygup01 0:11cc2b7889af 266 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
maygup01 0:11cc2b7889af 267 * with this definition.
maygup01 0:11cc2b7889af 268 *
maygup01 0:11cc2b7889af 269 * Note: if you use the AES_xxx_ALT macros, then is is recommended to also set
maygup01 0:11cc2b7889af 270 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
maygup01 0:11cc2b7889af 271 * tables.
maygup01 0:11cc2b7889af 272 *
maygup01 0:11cc2b7889af 273 * Uncomment a macro to enable alternate implementation of the corresponding
maygup01 0:11cc2b7889af 274 * function.
maygup01 0:11cc2b7889af 275 */
maygup01 0:11cc2b7889af 276 //#define MBEDTLS_MD2_PROCESS_ALT
maygup01 0:11cc2b7889af 277 //#define MBEDTLS_MD4_PROCESS_ALT
maygup01 0:11cc2b7889af 278 //#define MBEDTLS_MD5_PROCESS_ALT
maygup01 0:11cc2b7889af 279 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
maygup01 0:11cc2b7889af 280 //#define MBEDTLS_SHA1_PROCESS_ALT
maygup01 0:11cc2b7889af 281 //#define MBEDTLS_SHA256_PROCESS_ALT
maygup01 0:11cc2b7889af 282 //#define MBEDTLS_SHA512_PROCESS_ALT
maygup01 0:11cc2b7889af 283 //#define MBEDTLS_DES_SETKEY_ALT
maygup01 0:11cc2b7889af 284 //#define MBEDTLS_DES_CRYPT_ECB_ALT
maygup01 0:11cc2b7889af 285 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
maygup01 0:11cc2b7889af 286 //#define MBEDTLS_AES_SETKEY_ENC_ALT
maygup01 0:11cc2b7889af 287 //#define MBEDTLS_AES_SETKEY_DEC_ALT
maygup01 0:11cc2b7889af 288 //#define MBEDTLS_AES_ENCRYPT_ALT
maygup01 0:11cc2b7889af 289 //#define MBEDTLS_AES_DECRYPT_ALT
maygup01 0:11cc2b7889af 290
maygup01 0:11cc2b7889af 291 /**
maygup01 0:11cc2b7889af 292 * \def MBEDTLS_ECP_INTERNAL_ALT
maygup01 0:11cc2b7889af 293 *
maygup01 0:11cc2b7889af 294 * Expose a part of the internal interface of the Elliptic Curve Point module.
maygup01 0:11cc2b7889af 295 *
maygup01 0:11cc2b7889af 296 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
maygup01 0:11cc2b7889af 297 * alternative core implementation of elliptic curve arithmetic. Keep in mind
maygup01 0:11cc2b7889af 298 * that function prototypes should remain the same.
maygup01 0:11cc2b7889af 299 *
maygup01 0:11cc2b7889af 300 * This partially replaces one function. The header file from mbed TLS is still
maygup01 0:11cc2b7889af 301 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
maygup01 0:11cc2b7889af 302 * is still present and it is used for group structures not supported by the
maygup01 0:11cc2b7889af 303 * alternative.
maygup01 0:11cc2b7889af 304 *
maygup01 0:11cc2b7889af 305 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
maygup01 0:11cc2b7889af 306 * and implementing the following functions:
maygup01 0:11cc2b7889af 307 * unsigned char mbedtls_internal_ecp_grp_capable(
maygup01 0:11cc2b7889af 308 * const mbedtls_ecp_group *grp )
maygup01 0:11cc2b7889af 309 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
maygup01 0:11cc2b7889af 310 * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
maygup01 0:11cc2b7889af 311 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
maygup01 0:11cc2b7889af 312 * replacement functions implement arithmetic for the given group and 0
maygup01 0:11cc2b7889af 313 * otherwise.
maygup01 0:11cc2b7889af 314 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
maygup01 0:11cc2b7889af 315 * called before and after each point operation and provide an opportunity to
maygup01 0:11cc2b7889af 316 * implement optimized set up and tear down instructions.
maygup01 0:11cc2b7889af 317 *
maygup01 0:11cc2b7889af 318 * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
maygup01 0:11cc2b7889af 319 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
maygup01 0:11cc2b7889af 320 * function, but will use your mbedtls_internal_ecp_double_jac if the group is
maygup01 0:11cc2b7889af 321 * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
maygup01 0:11cc2b7889af 322 * receives it as an argument). If the group is not supported then the original
maygup01 0:11cc2b7889af 323 * implementation is used. The other functions and the definition of
maygup01 0:11cc2b7889af 324 * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
maygup01 0:11cc2b7889af 325 * implementation of mbedtls_internal_ecp_double_jac and
maygup01 0:11cc2b7889af 326 * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
maygup01 0:11cc2b7889af 327 *
maygup01 0:11cc2b7889af 328 * Uncomment a macro to enable alternate implementation of the corresponding
maygup01 0:11cc2b7889af 329 * function.
maygup01 0:11cc2b7889af 330 */
maygup01 0:11cc2b7889af 331 /* Required for all the functions in this section */
maygup01 0:11cc2b7889af 332 //#define MBEDTLS_ECP_INTERNAL_ALT
maygup01 0:11cc2b7889af 333 /* Support for Weierstrass curves with Jacobi representation */
maygup01 0:11cc2b7889af 334 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
maygup01 0:11cc2b7889af 335 //#define MBEDTLS_ECP_ADD_MIXED_ALT
maygup01 0:11cc2b7889af 336 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
maygup01 0:11cc2b7889af 337 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
maygup01 0:11cc2b7889af 338 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
maygup01 0:11cc2b7889af 339 /* Support for curves with Montgomery arithmetic */
maygup01 0:11cc2b7889af 340 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
maygup01 0:11cc2b7889af 341 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
maygup01 0:11cc2b7889af 342 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
maygup01 0:11cc2b7889af 343
maygup01 0:11cc2b7889af 344 /**
maygup01 0:11cc2b7889af 345 * \def MBEDTLS_TEST_NULL_ENTROPY
maygup01 0:11cc2b7889af 346 *
maygup01 0:11cc2b7889af 347 * Enables testing and use of mbed TLS without any configured entropy sources.
maygup01 0:11cc2b7889af 348 * This permits use of the library on platforms before an entropy source has
maygup01 0:11cc2b7889af 349 * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
maygup01 0:11cc2b7889af 350 * MBEDTLS_ENTROPY_NV_SEED switches).
maygup01 0:11cc2b7889af 351 *
maygup01 0:11cc2b7889af 352 * WARNING! This switch MUST be disabled in production builds, and is suitable
maygup01 0:11cc2b7889af 353 * only for development.
maygup01 0:11cc2b7889af 354 * Enabling the switch negates any security provided by the library.
maygup01 0:11cc2b7889af 355 *
maygup01 0:11cc2b7889af 356 * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
maygup01 0:11cc2b7889af 357 *
maygup01 0:11cc2b7889af 358 */
maygup01 0:11cc2b7889af 359 //#define MBEDTLS_TEST_NULL_ENTROPY
maygup01 0:11cc2b7889af 360
maygup01 0:11cc2b7889af 361 /**
maygup01 0:11cc2b7889af 362 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
maygup01 0:11cc2b7889af 363 *
maygup01 0:11cc2b7889af 364 * Uncomment this macro to let mbed TLS use your own implementation of a
maygup01 0:11cc2b7889af 365 * hardware entropy collector.
maygup01 0:11cc2b7889af 366 *
maygup01 0:11cc2b7889af 367 * Your function must be called \c mbedtls_hardware_poll(), have the same
maygup01 0:11cc2b7889af 368 * prototype as declared in entropy_poll.h, and accept NULL as first argument.
maygup01 0:11cc2b7889af 369 *
maygup01 0:11cc2b7889af 370 * Uncomment to use your own hardware entropy collector.
maygup01 0:11cc2b7889af 371 */
maygup01 0:11cc2b7889af 372 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
maygup01 0:11cc2b7889af 373
maygup01 0:11cc2b7889af 374 /**
maygup01 0:11cc2b7889af 375 * \def MBEDTLS_AES_ROM_TABLES
maygup01 0:11cc2b7889af 376 *
maygup01 0:11cc2b7889af 377 * Store the AES tables in ROM.
maygup01 0:11cc2b7889af 378 *
maygup01 0:11cc2b7889af 379 * Uncomment this macro to store the AES tables in ROM.
maygup01 0:11cc2b7889af 380 */
maygup01 0:11cc2b7889af 381 //#define MBEDTLS_AES_ROM_TABLES
maygup01 0:11cc2b7889af 382
maygup01 0:11cc2b7889af 383 /**
maygup01 0:11cc2b7889af 384 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
maygup01 0:11cc2b7889af 385 *
maygup01 0:11cc2b7889af 386 * Use less ROM for the Camellia implementation (saves about 768 bytes).
maygup01 0:11cc2b7889af 387 *
maygup01 0:11cc2b7889af 388 * Uncomment this macro to use less memory for Camellia.
maygup01 0:11cc2b7889af 389 */
maygup01 0:11cc2b7889af 390 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
maygup01 0:11cc2b7889af 391
maygup01 0:11cc2b7889af 392 /**
maygup01 0:11cc2b7889af 393 * \def MBEDTLS_CIPHER_MODE_CBC
maygup01 0:11cc2b7889af 394 *
maygup01 0:11cc2b7889af 395 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
maygup01 0:11cc2b7889af 396 */
maygup01 0:11cc2b7889af 397 #define MBEDTLS_CIPHER_MODE_CBC
maygup01 0:11cc2b7889af 398
maygup01 0:11cc2b7889af 399 /**
maygup01 0:11cc2b7889af 400 * \def MBEDTLS_CIPHER_MODE_CFB
maygup01 0:11cc2b7889af 401 *
maygup01 0:11cc2b7889af 402 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
maygup01 0:11cc2b7889af 403 */
maygup01 0:11cc2b7889af 404 //#define MBEDTLS_CIPHER_MODE_CFB
maygup01 0:11cc2b7889af 405
maygup01 0:11cc2b7889af 406 /**
maygup01 0:11cc2b7889af 407 * \def MBEDTLS_CIPHER_MODE_CTR
maygup01 0:11cc2b7889af 408 *
maygup01 0:11cc2b7889af 409 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
maygup01 0:11cc2b7889af 410 */
maygup01 0:11cc2b7889af 411 #define MBEDTLS_CIPHER_MODE_CTR
maygup01 0:11cc2b7889af 412
maygup01 0:11cc2b7889af 413 /**
maygup01 0:11cc2b7889af 414 * \def MBEDTLS_CIPHER_NULL_CIPHER
maygup01 0:11cc2b7889af 415 *
maygup01 0:11cc2b7889af 416 * Enable NULL cipher.
maygup01 0:11cc2b7889af 417 * Warning: Only do so when you know what you are doing. This allows for
maygup01 0:11cc2b7889af 418 * encryption or channels without any security!
maygup01 0:11cc2b7889af 419 *
maygup01 0:11cc2b7889af 420 * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
maygup01 0:11cc2b7889af 421 * the following ciphersuites:
maygup01 0:11cc2b7889af 422 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
maygup01 0:11cc2b7889af 423 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
maygup01 0:11cc2b7889af 424 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
maygup01 0:11cc2b7889af 425 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
maygup01 0:11cc2b7889af 426 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
maygup01 0:11cc2b7889af 427 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
maygup01 0:11cc2b7889af 428 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
maygup01 0:11cc2b7889af 429 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
maygup01 0:11cc2b7889af 430 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
maygup01 0:11cc2b7889af 431 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
maygup01 0:11cc2b7889af 432 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
maygup01 0:11cc2b7889af 433 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
maygup01 0:11cc2b7889af 434 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
maygup01 0:11cc2b7889af 435 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
maygup01 0:11cc2b7889af 436 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
maygup01 0:11cc2b7889af 437 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
maygup01 0:11cc2b7889af 438 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
maygup01 0:11cc2b7889af 439 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
maygup01 0:11cc2b7889af 440 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
maygup01 0:11cc2b7889af 441 *
maygup01 0:11cc2b7889af 442 * Uncomment this macro to enable the NULL cipher and ciphersuites
maygup01 0:11cc2b7889af 443 */
maygup01 0:11cc2b7889af 444 //#define MBEDTLS_CIPHER_NULL_CIPHER
maygup01 0:11cc2b7889af 445
maygup01 0:11cc2b7889af 446 /**
maygup01 0:11cc2b7889af 447 * \def MBEDTLS_CIPHER_PADDING_PKCS7
maygup01 0:11cc2b7889af 448 *
maygup01 0:11cc2b7889af 449 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
maygup01 0:11cc2b7889af 450 * specific padding modes in the cipher layer with cipher modes that support
maygup01 0:11cc2b7889af 451 * padding (e.g. CBC)
maygup01 0:11cc2b7889af 452 *
maygup01 0:11cc2b7889af 453 * If you disable all padding modes, only full blocks can be used with CBC.
maygup01 0:11cc2b7889af 454 *
maygup01 0:11cc2b7889af 455 * Enable padding modes in the cipher layer.
maygup01 0:11cc2b7889af 456 */
maygup01 0:11cc2b7889af 457 #define MBEDTLS_CIPHER_PADDING_PKCS7
maygup01 0:11cc2b7889af 458 //#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
maygup01 0:11cc2b7889af 459 //#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
maygup01 0:11cc2b7889af 460 //#define MBEDTLS_CIPHER_PADDING_ZEROS
maygup01 0:11cc2b7889af 461
maygup01 0:11cc2b7889af 462 /**
maygup01 0:11cc2b7889af 463 * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
maygup01 0:11cc2b7889af 464 *
maygup01 0:11cc2b7889af 465 * Enable weak ciphersuites in SSL / TLS.
maygup01 0:11cc2b7889af 466 * Warning: Only do so when you know what you are doing. This allows for
maygup01 0:11cc2b7889af 467 * channels with virtually no security at all!
maygup01 0:11cc2b7889af 468 *
maygup01 0:11cc2b7889af 469 * This enables the following ciphersuites:
maygup01 0:11cc2b7889af 470 * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
maygup01 0:11cc2b7889af 471 * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
maygup01 0:11cc2b7889af 472 *
maygup01 0:11cc2b7889af 473 * Uncomment this macro to enable weak ciphersuites
maygup01 0:11cc2b7889af 474 */
maygup01 0:11cc2b7889af 475 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
maygup01 0:11cc2b7889af 476
maygup01 0:11cc2b7889af 477 /**
maygup01 0:11cc2b7889af 478 * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
maygup01 0:11cc2b7889af 479 *
maygup01 0:11cc2b7889af 480 * Remove RC4 ciphersuites by default in SSL / TLS.
maygup01 0:11cc2b7889af 481 * This flag removes the ciphersuites based on RC4 from the default list as
maygup01 0:11cc2b7889af 482 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
maygup01 0:11cc2b7889af 483 * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
maygup01 0:11cc2b7889af 484 * explicitly.
maygup01 0:11cc2b7889af 485 *
maygup01 0:11cc2b7889af 486 * Uncomment this macro to remove RC4 ciphersuites by default.
maygup01 0:11cc2b7889af 487 */
maygup01 0:11cc2b7889af 488 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
maygup01 0:11cc2b7889af 489
maygup01 0:11cc2b7889af 490 /**
maygup01 0:11cc2b7889af 491 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
maygup01 0:11cc2b7889af 492 *
maygup01 0:11cc2b7889af 493 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
maygup01 0:11cc2b7889af 494 * module. By default all supported curves are enabled.
maygup01 0:11cc2b7889af 495 *
maygup01 0:11cc2b7889af 496 * Comment macros to disable the curve and functions for it
maygup01 0:11cc2b7889af 497 */
maygup01 0:11cc2b7889af 498 //#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
maygup01 0:11cc2b7889af 499 //#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
maygup01 0:11cc2b7889af 500 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
maygup01 0:11cc2b7889af 501 //#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
maygup01 0:11cc2b7889af 502 //#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
maygup01 0:11cc2b7889af 503 //#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
maygup01 0:11cc2b7889af 504 //#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
maygup01 0:11cc2b7889af 505 //#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
maygup01 0:11cc2b7889af 506 //#define MBEDTLS_ECP_DP_BP256R1_ENABLED
maygup01 0:11cc2b7889af 507 //#define MBEDTLS_ECP_DP_BP384R1_ENABLED
maygup01 0:11cc2b7889af 508 //#define MBEDTLS_ECP_DP_BP512R1_ENABLED
maygup01 0:11cc2b7889af 509 //#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
maygup01 0:11cc2b7889af 510
maygup01 0:11cc2b7889af 511 /**
maygup01 0:11cc2b7889af 512 * \def MBEDTLS_ECP_NIST_OPTIM
maygup01 0:11cc2b7889af 513 *
maygup01 0:11cc2b7889af 514 * Enable specific 'modulo p' routines for each NIST prime.
maygup01 0:11cc2b7889af 515 * Depending on the prime and architecture, makes operations 4 to 8 times
maygup01 0:11cc2b7889af 516 * faster on the corresponding curve.
maygup01 0:11cc2b7889af 517 *
maygup01 0:11cc2b7889af 518 * Comment this macro to disable NIST curves optimisation.
maygup01 0:11cc2b7889af 519 */
maygup01 0:11cc2b7889af 520 #define MBEDTLS_ECP_NIST_OPTIM
maygup01 0:11cc2b7889af 521
maygup01 0:11cc2b7889af 522 /**
maygup01 0:11cc2b7889af 523 * \def MBEDTLS_ECDSA_DETERMINISTIC
maygup01 0:11cc2b7889af 524 *
maygup01 0:11cc2b7889af 525 * Enable deterministic ECDSA (RFC 6979).
maygup01 0:11cc2b7889af 526 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
maygup01 0:11cc2b7889af 527 * may result in a compromise of the long-term signing key. This is avoided by
maygup01 0:11cc2b7889af 528 * the deterministic variant.
maygup01 0:11cc2b7889af 529 *
maygup01 0:11cc2b7889af 530 * Requires: MBEDTLS_HMAC_DRBG_C
maygup01 0:11cc2b7889af 531 *
maygup01 0:11cc2b7889af 532 * Comment this macro to disable deterministic ECDSA.
maygup01 0:11cc2b7889af 533 */
maygup01 0:11cc2b7889af 534 #define MBEDTLS_ECDSA_DETERMINISTIC
maygup01 0:11cc2b7889af 535 /**
maygup01 0:11cc2b7889af 536 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
maygup01 0:11cc2b7889af 537 *
maygup01 0:11cc2b7889af 538 * Enable the PSK based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 539 *
maygup01 0:11cc2b7889af 540 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 541 * enabled as well):
maygup01 0:11cc2b7889af 542 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 543 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 544 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 545 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 546 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 547 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 548 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 549 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 550 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 551 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 552 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 553 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 554 */
maygup01 0:11cc2b7889af 555 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
maygup01 0:11cc2b7889af 556
maygup01 0:11cc2b7889af 557 /**
maygup01 0:11cc2b7889af 558 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
maygup01 0:11cc2b7889af 559 *
maygup01 0:11cc2b7889af 560 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 561 *
maygup01 0:11cc2b7889af 562 * Requires: MBEDTLS_DHM_C
maygup01 0:11cc2b7889af 563 *
maygup01 0:11cc2b7889af 564 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 565 * enabled as well):
maygup01 0:11cc2b7889af 566 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 567 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 568 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 569 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 570 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 571 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 572 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 573 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 574 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 575 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 576 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 577 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 578 */
maygup01 0:11cc2b7889af 579 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
maygup01 0:11cc2b7889af 580
maygup01 0:11cc2b7889af 581 /**
maygup01 0:11cc2b7889af 582 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
maygup01 0:11cc2b7889af 583 *
maygup01 0:11cc2b7889af 584 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 585 *
maygup01 0:11cc2b7889af 586 * Requires: MBEDTLS_ECDH_C
maygup01 0:11cc2b7889af 587 *
maygup01 0:11cc2b7889af 588 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 589 * enabled as well):
maygup01 0:11cc2b7889af 590 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 591 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 592 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 593 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 594 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 595 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 596 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 597 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 598 */
maygup01 0:11cc2b7889af 599 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
maygup01 0:11cc2b7889af 600
maygup01 0:11cc2b7889af 601 /**
maygup01 0:11cc2b7889af 602 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
maygup01 0:11cc2b7889af 603 *
maygup01 0:11cc2b7889af 604 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 605 *
maygup01 0:11cc2b7889af 606 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
maygup01 0:11cc2b7889af 607 * MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 608 *
maygup01 0:11cc2b7889af 609 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 610 * enabled as well):
maygup01 0:11cc2b7889af 611 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 612 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 613 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 614 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 615 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 616 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 617 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 618 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 619 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 620 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 621 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 622 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 623 */
maygup01 0:11cc2b7889af 624 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
maygup01 0:11cc2b7889af 625
maygup01 0:11cc2b7889af 626 /**
maygup01 0:11cc2b7889af 627 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
maygup01 0:11cc2b7889af 628 *
maygup01 0:11cc2b7889af 629 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 630 *
maygup01 0:11cc2b7889af 631 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
maygup01 0:11cc2b7889af 632 * MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 633 *
maygup01 0:11cc2b7889af 634 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 635 * enabled as well):
maygup01 0:11cc2b7889af 636 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 637 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
maygup01 0:11cc2b7889af 638 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 639 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 640 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
maygup01 0:11cc2b7889af 641 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
maygup01 0:11cc2b7889af 642 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 643 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 644 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 645 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 646 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 647 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
maygup01 0:11cc2b7889af 648 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 649 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 650 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
maygup01 0:11cc2b7889af 651 */
maygup01 0:11cc2b7889af 652 //#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
maygup01 0:11cc2b7889af 653
maygup01 0:11cc2b7889af 654 /**
maygup01 0:11cc2b7889af 655 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
maygup01 0:11cc2b7889af 656 *
maygup01 0:11cc2b7889af 657 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 658 *
maygup01 0:11cc2b7889af 659 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
maygup01 0:11cc2b7889af 660 * MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 661 *
maygup01 0:11cc2b7889af 662 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 663 * enabled as well):
maygup01 0:11cc2b7889af 664 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 665 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
maygup01 0:11cc2b7889af 666 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 667 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 668 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
maygup01 0:11cc2b7889af 669 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
maygup01 0:11cc2b7889af 670 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 671 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 672 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 673 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 674 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 675 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
maygup01 0:11cc2b7889af 676 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 677 */
maygup01 0:11cc2b7889af 678 //#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
maygup01 0:11cc2b7889af 679
maygup01 0:11cc2b7889af 680 /**
maygup01 0:11cc2b7889af 681 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
maygup01 0:11cc2b7889af 682 *
maygup01 0:11cc2b7889af 683 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 684 *
maygup01 0:11cc2b7889af 685 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
maygup01 0:11cc2b7889af 686 * MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 687 *
maygup01 0:11cc2b7889af 688 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 689 * enabled as well):
maygup01 0:11cc2b7889af 690 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 691 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 692 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 693 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 694 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 695 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 696 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 697 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 698 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 699 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 700 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 701 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 702 */
maygup01 0:11cc2b7889af 703 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
maygup01 0:11cc2b7889af 704
maygup01 0:11cc2b7889af 705 /**
maygup01 0:11cc2b7889af 706 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
maygup01 0:11cc2b7889af 707 *
maygup01 0:11cc2b7889af 708 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 709 *
maygup01 0:11cc2b7889af 710 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
maygup01 0:11cc2b7889af 711 *
maygup01 0:11cc2b7889af 712 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 713 * enabled as well):
maygup01 0:11cc2b7889af 714 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 715 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 716 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 717 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 718 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 719 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 720 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 721 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 722 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 723 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 724 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 725 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 726 */
maygup01 0:11cc2b7889af 727 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
maygup01 0:11cc2b7889af 728 /**
maygup01 0:11cc2b7889af 729 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
maygup01 0:11cc2b7889af 730 *
maygup01 0:11cc2b7889af 731 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 732 *
maygup01 0:11cc2b7889af 733 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 734 *
maygup01 0:11cc2b7889af 735 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 736 * enabled as well):
maygup01 0:11cc2b7889af 737 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 738 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 739 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 740 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 741 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 742 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 743 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 744 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 745 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 746 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 747 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 748 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 749 */
maygup01 0:11cc2b7889af 750 //#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
maygup01 0:11cc2b7889af 751
maygup01 0:11cc2b7889af 752 /**
maygup01 0:11cc2b7889af 753 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
maygup01 0:11cc2b7889af 754 *
maygup01 0:11cc2b7889af 755 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 756 *
maygup01 0:11cc2b7889af 757 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 758 *
maygup01 0:11cc2b7889af 759 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 760 * enabled as well):
maygup01 0:11cc2b7889af 761 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 762 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 763 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 764 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 765 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 766 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 767 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 768 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 769 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 770 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 771 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 772 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 773 */
maygup01 0:11cc2b7889af 774 //#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
maygup01 0:11cc2b7889af 775
maygup01 0:11cc2b7889af 776 /**
maygup01 0:11cc2b7889af 777 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
maygup01 0:11cc2b7889af 778 *
maygup01 0:11cc2b7889af 779 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
maygup01 0:11cc2b7889af 780 *
maygup01 0:11cc2b7889af 781 * \warning This is currently experimental. EC J-PAKE support is based on the
maygup01 0:11cc2b7889af 782 * Thread v1.0.0 specification; incompatible changes to the specification
maygup01 0:11cc2b7889af 783 * might still happen. For this reason, this is disabled by default.
maygup01 0:11cc2b7889af 784 *
maygup01 0:11cc2b7889af 785 * Requires: MBEDTLS_ECJPAKE_C
maygup01 0:11cc2b7889af 786 * MBEDTLS_SHA256_C
maygup01 0:11cc2b7889af 787 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
maygup01 0:11cc2b7889af 788 *
maygup01 0:11cc2b7889af 789 * This enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 790 * enabled as well):
maygup01 0:11cc2b7889af 791 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
maygup01 0:11cc2b7889af 792 */
maygup01 0:11cc2b7889af 793 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
maygup01 0:11cc2b7889af 794
maygup01 0:11cc2b7889af 795 /**
maygup01 0:11cc2b7889af 796 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
maygup01 0:11cc2b7889af 797 *
maygup01 0:11cc2b7889af 798 * Enhance support for reading EC keys using variants of SEC1 not allowed by
maygup01 0:11cc2b7889af 799 * RFC 5915 and RFC 5480.
maygup01 0:11cc2b7889af 800 *
maygup01 0:11cc2b7889af 801 * Currently this means parsing the SpecifiedECDomain choice of EC
maygup01 0:11cc2b7889af 802 * parameters (only known groups are supported, not arbitrary domains, to
maygup01 0:11cc2b7889af 803 * avoid validation issues).
maygup01 0:11cc2b7889af 804 *
maygup01 0:11cc2b7889af 805 * Disable if you only need to support RFC 5915 + 5480 key formats.
maygup01 0:11cc2b7889af 806 */
maygup01 0:11cc2b7889af 807 //#define MBEDTLS_PK_PARSE_EC_EXTENDED
maygup01 0:11cc2b7889af 808
maygup01 0:11cc2b7889af 809 /**
maygup01 0:11cc2b7889af 810 * \def MBEDTLS_ERROR_STRERROR_DUMMY
maygup01 0:11cc2b7889af 811 *
maygup01 0:11cc2b7889af 812 * Enable a dummy error function to make use of mbedtls_strerror() in
maygup01 0:11cc2b7889af 813 * third party libraries easier when MBEDTLS_ERROR_C is disabled
maygup01 0:11cc2b7889af 814 * (no effect when MBEDTLS_ERROR_C is enabled).
maygup01 0:11cc2b7889af 815 *
maygup01 0:11cc2b7889af 816 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
maygup01 0:11cc2b7889af 817 * not using mbedtls_strerror() or error_strerror() in your application.
maygup01 0:11cc2b7889af 818 *
maygup01 0:11cc2b7889af 819 * Disable if you run into name conflicts and want to really remove the
maygup01 0:11cc2b7889af 820 * mbedtls_strerror()
maygup01 0:11cc2b7889af 821 */
maygup01 0:11cc2b7889af 822 //#define MBEDTLS_ERROR_STRERROR_DUMMY
maygup01 0:11cc2b7889af 823
maygup01 0:11cc2b7889af 824 /**
maygup01 0:11cc2b7889af 825 * \def MBEDTLS_GENPRIME
maygup01 0:11cc2b7889af 826 *
maygup01 0:11cc2b7889af 827 * Enable the prime-number generation code.
maygup01 0:11cc2b7889af 828 *
maygup01 0:11cc2b7889af 829 * Requires: MBEDTLS_BIGNUM_C
maygup01 0:11cc2b7889af 830 */
maygup01 0:11cc2b7889af 831 //#define MBEDTLS_GENPRIME
maygup01 0:11cc2b7889af 832
maygup01 0:11cc2b7889af 833 /**
maygup01 0:11cc2b7889af 834 * \def MBEDTLS_FS_IO
maygup01 0:11cc2b7889af 835 *
maygup01 0:11cc2b7889af 836 * Enable functions that use the filesystem.
maygup01 0:11cc2b7889af 837 */
maygup01 0:11cc2b7889af 838 //#define MBEDTLS_FS_IO
maygup01 0:11cc2b7889af 839
maygup01 0:11cc2b7889af 840 /**
maygup01 0:11cc2b7889af 841 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
maygup01 0:11cc2b7889af 842 *
maygup01 0:11cc2b7889af 843 * Do not add default entropy sources. These are the platform specific,
maygup01 0:11cc2b7889af 844 * mbedtls_timing_hardclock and HAVEGE based poll functions.
maygup01 0:11cc2b7889af 845 *
maygup01 0:11cc2b7889af 846 * This is useful to have more control over the added entropy sources in an
maygup01 0:11cc2b7889af 847 * application.
maygup01 0:11cc2b7889af 848 *
maygup01 0:11cc2b7889af 849 * Uncomment this macro to prevent loading of default entropy functions.
maygup01 0:11cc2b7889af 850 */
maygup01 0:11cc2b7889af 851 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
maygup01 0:11cc2b7889af 852
maygup01 0:11cc2b7889af 853 /**
maygup01 0:11cc2b7889af 854 * \def MBEDTLS_NO_PLATFORM_ENTROPY
maygup01 0:11cc2b7889af 855 *
maygup01 0:11cc2b7889af 856 * Do not use built-in platform entropy functions.
maygup01 0:11cc2b7889af 857 * This is useful if your platform does not support
maygup01 0:11cc2b7889af 858 * standards like the /dev/urandom or Windows CryptoAPI.
maygup01 0:11cc2b7889af 859 *
maygup01 0:11cc2b7889af 860 * Uncomment this macro to disable the built-in platform entropy functions.
maygup01 0:11cc2b7889af 861 */
maygup01 0:11cc2b7889af 862 //#define MBEDTLS_NO_PLATFORM_ENTROPY
maygup01 0:11cc2b7889af 863
maygup01 0:11cc2b7889af 864 /**
maygup01 0:11cc2b7889af 865 * \def MBEDTLS_ENTROPY_FORCE_SHA256
maygup01 0:11cc2b7889af 866 *
maygup01 0:11cc2b7889af 867 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
maygup01 0:11cc2b7889af 868 * default SHA-512 based one (if both are available).
maygup01 0:11cc2b7889af 869 *
maygup01 0:11cc2b7889af 870 * Requires: MBEDTLS_SHA256_C
maygup01 0:11cc2b7889af 871 *
maygup01 0:11cc2b7889af 872 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
maygup01 0:11cc2b7889af 873 * if you have performance concerns.
maygup01 0:11cc2b7889af 874 *
maygup01 0:11cc2b7889af 875 * This option is only useful if both MBEDTLS_SHA256_C and
maygup01 0:11cc2b7889af 876 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
maygup01 0:11cc2b7889af 877 */
maygup01 0:11cc2b7889af 878 //#define MBEDTLS_ENTROPY_FORCE_SHA256
maygup01 0:11cc2b7889af 879
maygup01 0:11cc2b7889af 880 /**
maygup01 0:11cc2b7889af 881 * \def MBEDTLS_ENTROPY_NV_SEED
maygup01 0:11cc2b7889af 882 *
maygup01 0:11cc2b7889af 883 * Enable the non-volatile (NV) seed file-based entropy source.
maygup01 0:11cc2b7889af 884 * (Also enables the NV seed read/write functions in the platform layer)
maygup01 0:11cc2b7889af 885 *
maygup01 0:11cc2b7889af 886 * This is crucial (if not required) on systems that do not have a
maygup01 0:11cc2b7889af 887 * cryptographic entropy source (in hardware or kernel) available.
maygup01 0:11cc2b7889af 888 *
maygup01 0:11cc2b7889af 889 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
maygup01 0:11cc2b7889af 890 *
maygup01 0:11cc2b7889af 891 * \note The read/write functions that are used by the entropy source are
maygup01 0:11cc2b7889af 892 * determined in the platform layer, and can be modified at runtime and/or
maygup01 0:11cc2b7889af 893 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
maygup01 0:11cc2b7889af 894 *
maygup01 0:11cc2b7889af 895 * \note If you use the default implementation functions that read a seedfile
maygup01 0:11cc2b7889af 896 * with regular fopen(), please make sure you make a seedfile with the
maygup01 0:11cc2b7889af 897 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
maygup01 0:11cc2b7889af 898 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
maygup01 0:11cc2b7889af 899 * and written to or you will get an entropy source error! The default
maygup01 0:11cc2b7889af 900 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
maygup01 0:11cc2b7889af 901 * bytes from the file.
maygup01 0:11cc2b7889af 902 *
maygup01 0:11cc2b7889af 903 * \note The entropy collector will write to the seed file before entropy is
maygup01 0:11cc2b7889af 904 * given to an external source, to update it.
maygup01 0:11cc2b7889af 905 */
maygup01 0:11cc2b7889af 906 //#define MBEDTLS_ENTROPY_NV_SEED
maygup01 0:11cc2b7889af 907
maygup01 0:11cc2b7889af 908 /**
maygup01 0:11cc2b7889af 909 * \def MBEDTLS_MEMORY_DEBUG
maygup01 0:11cc2b7889af 910 *
maygup01 0:11cc2b7889af 911 * Enable debugging of buffer allocator memory issues. Automatically prints
maygup01 0:11cc2b7889af 912 * (to stderr) all (fatal) messages on memory allocation issues. Enables
maygup01 0:11cc2b7889af 913 * function for 'debug output' of allocated memory.
maygup01 0:11cc2b7889af 914 *
maygup01 0:11cc2b7889af 915 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
maygup01 0:11cc2b7889af 916 *
maygup01 0:11cc2b7889af 917 * Uncomment this macro to let the buffer allocator print out error messages.
maygup01 0:11cc2b7889af 918 */
maygup01 0:11cc2b7889af 919 //#define MBEDTLS_MEMORY_DEBUG
maygup01 0:11cc2b7889af 920
maygup01 0:11cc2b7889af 921 /**
maygup01 0:11cc2b7889af 922 * \def MBEDTLS_MEMORY_BACKTRACE
maygup01 0:11cc2b7889af 923 *
maygup01 0:11cc2b7889af 924 * Include backtrace information with each allocated block.
maygup01 0:11cc2b7889af 925 *
maygup01 0:11cc2b7889af 926 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
maygup01 0:11cc2b7889af 927 * GLIBC-compatible backtrace() an backtrace_symbols() support
maygup01 0:11cc2b7889af 928 *
maygup01 0:11cc2b7889af 929 * Uncomment this macro to include backtrace information
maygup01 0:11cc2b7889af 930 */
maygup01 0:11cc2b7889af 931 //#define MBEDTLS_MEMORY_BACKTRACE
maygup01 0:11cc2b7889af 932
maygup01 0:11cc2b7889af 933 /**
maygup01 0:11cc2b7889af 934 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
maygup01 0:11cc2b7889af 935 *
maygup01 0:11cc2b7889af 936 * Support external private RSA keys (eg from a HSM) in the PK layer.
maygup01 0:11cc2b7889af 937 *
maygup01 0:11cc2b7889af 938 * Comment this macro to disable support for external private RSA keys.
maygup01 0:11cc2b7889af 939 */
maygup01 0:11cc2b7889af 940 //#define MBEDTLS_PK_RSA_ALT_SUPPORT
maygup01 0:11cc2b7889af 941
maygup01 0:11cc2b7889af 942 /**
maygup01 0:11cc2b7889af 943 * \def MBEDTLS_PKCS1_V15
maygup01 0:11cc2b7889af 944 *
maygup01 0:11cc2b7889af 945 * Enable support for PKCS#1 v1.5 encoding.
maygup01 0:11cc2b7889af 946 *
maygup01 0:11cc2b7889af 947 * Requires: MBEDTLS_RSA_C
maygup01 0:11cc2b7889af 948 *
maygup01 0:11cc2b7889af 949 * This enables support for PKCS#1 v1.5 operations.
maygup01 0:11cc2b7889af 950 */
maygup01 0:11cc2b7889af 951 #define MBEDTLS_PKCS1_V15
maygup01 0:11cc2b7889af 952
maygup01 0:11cc2b7889af 953 /**
maygup01 0:11cc2b7889af 954 * \def MBEDTLS_PKCS1_V21
maygup01 0:11cc2b7889af 955 *
maygup01 0:11cc2b7889af 956 * Enable support for PKCS#1 v2.1 encoding.
maygup01 0:11cc2b7889af 957 *
maygup01 0:11cc2b7889af 958 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
maygup01 0:11cc2b7889af 959 *
maygup01 0:11cc2b7889af 960 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
maygup01 0:11cc2b7889af 961 */
maygup01 0:11cc2b7889af 962 #define MBEDTLS_PKCS1_V21
maygup01 0:11cc2b7889af 963
maygup01 0:11cc2b7889af 964 /**
maygup01 0:11cc2b7889af 965 * \def MBEDTLS_RSA_NO_CRT
maygup01 0:11cc2b7889af 966 *
maygup01 0:11cc2b7889af 967 * Do not use the Chinese Remainder Theorem for the RSA private operation.
maygup01 0:11cc2b7889af 968 *
maygup01 0:11cc2b7889af 969 * Uncomment this macro to disable the use of CRT in RSA.
maygup01 0:11cc2b7889af 970 *
maygup01 0:11cc2b7889af 971 */
maygup01 0:11cc2b7889af 972 //#define MBEDTLS_RSA_NO_CRT
maygup01 0:11cc2b7889af 973
maygup01 0:11cc2b7889af 974 /**
maygup01 0:11cc2b7889af 975 * \def MBEDTLS_SELF_TEST
maygup01 0:11cc2b7889af 976 *
maygup01 0:11cc2b7889af 977 * Enable the checkup functions (*_self_test).
maygup01 0:11cc2b7889af 978 */
maygup01 0:11cc2b7889af 979 //#define MBEDTLS_SELF_TEST
maygup01 0:11cc2b7889af 980
maygup01 0:11cc2b7889af 981 /**
maygup01 0:11cc2b7889af 982 * \def MBEDTLS_SHA256_SMALLER
maygup01 0:11cc2b7889af 983 *
maygup01 0:11cc2b7889af 984 * Enable an implementation of SHA-256 that has lower ROM footprint but also
maygup01 0:11cc2b7889af 985 * lower performance.
maygup01 0:11cc2b7889af 986 *
maygup01 0:11cc2b7889af 987 * The default implementation is meant to be a reasonnable compromise between
maygup01 0:11cc2b7889af 988 * performance and size. This version optimizes more aggressively for size at
maygup01 0:11cc2b7889af 989 * the expense of performance. Eg on Cortex-M4 it reduces the size of
maygup01 0:11cc2b7889af 990 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
maygup01 0:11cc2b7889af 991 * 30%.
maygup01 0:11cc2b7889af 992 *
maygup01 0:11cc2b7889af 993 * Uncomment to enable the smaller implementation of SHA256.
maygup01 0:11cc2b7889af 994 */
maygup01 0:11cc2b7889af 995 //#define MBEDTLS_SHA256_SMALLER
maygup01 0:11cc2b7889af 996
maygup01 0:11cc2b7889af 997 /**
maygup01 0:11cc2b7889af 998 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
maygup01 0:11cc2b7889af 999 *
maygup01 0:11cc2b7889af 1000 * Enable sending of alert messages in case of encountered errors as per RFC.
maygup01 0:11cc2b7889af 1001 * If you choose not to send the alert messages, mbed TLS can still communicate
maygup01 0:11cc2b7889af 1002 * with other servers, only debugging of failures is harder.
maygup01 0:11cc2b7889af 1003 *
maygup01 0:11cc2b7889af 1004 * The advantage of not sending alert messages, is that no information is given
maygup01 0:11cc2b7889af 1005 * about reasons for failures thus preventing adversaries of gaining intel.
maygup01 0:11cc2b7889af 1006 *
maygup01 0:11cc2b7889af 1007 * Enable sending of all alert messages
maygup01 0:11cc2b7889af 1008 */
maygup01 0:11cc2b7889af 1009 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
maygup01 0:11cc2b7889af 1010
maygup01 0:11cc2b7889af 1011 /**
maygup01 0:11cc2b7889af 1012 * \def MBEDTLS_SSL_DEBUG_ALL
maygup01 0:11cc2b7889af 1013 *
maygup01 0:11cc2b7889af 1014 * Enable the debug messages in SSL module for all issues.
maygup01 0:11cc2b7889af 1015 * Debug messages have been disabled in some places to prevent timing
maygup01 0:11cc2b7889af 1016 * attacks due to (unbalanced) debugging function calls.
maygup01 0:11cc2b7889af 1017 *
maygup01 0:11cc2b7889af 1018 * If you need all error reporting you should enable this during debugging,
maygup01 0:11cc2b7889af 1019 * but remove this for production servers that should log as well.
maygup01 0:11cc2b7889af 1020 *
maygup01 0:11cc2b7889af 1021 * Uncomment this macro to report all debug messages on errors introducing
maygup01 0:11cc2b7889af 1022 * a timing side-channel.
maygup01 0:11cc2b7889af 1023 *
maygup01 0:11cc2b7889af 1024 */
maygup01 0:11cc2b7889af 1025 //#define MBEDTLS_SSL_DEBUG_ALL
maygup01 0:11cc2b7889af 1026
maygup01 0:11cc2b7889af 1027 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
maygup01 0:11cc2b7889af 1028 *
maygup01 0:11cc2b7889af 1029 * Enable support for Encrypt-then-MAC, RFC 7366.
maygup01 0:11cc2b7889af 1030 *
maygup01 0:11cc2b7889af 1031 * This allows peers that both support it to use a more robust protection for
maygup01 0:11cc2b7889af 1032 * ciphersuites using CBC, providing deep resistance against timing attacks
maygup01 0:11cc2b7889af 1033 * on the padding or underlying cipher.
maygup01 0:11cc2b7889af 1034 *
maygup01 0:11cc2b7889af 1035 * This only affects CBC ciphersuites, and is useless if none is defined.
maygup01 0:11cc2b7889af 1036 *
maygup01 0:11cc2b7889af 1037 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
maygup01 0:11cc2b7889af 1038 * MBEDTLS_SSL_PROTO_TLS1_1 or
maygup01 0:11cc2b7889af 1039 * MBEDTLS_SSL_PROTO_TLS1_2
maygup01 0:11cc2b7889af 1040 *
maygup01 0:11cc2b7889af 1041 * Comment this macro to disable support for Encrypt-then-MAC
maygup01 0:11cc2b7889af 1042 */
maygup01 0:11cc2b7889af 1043 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
maygup01 0:11cc2b7889af 1044
maygup01 0:11cc2b7889af 1045 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
maygup01 0:11cc2b7889af 1046 *
maygup01 0:11cc2b7889af 1047 * Enable support for Extended Master Secret, aka Session Hash
maygup01 0:11cc2b7889af 1048 * (draft-ietf-tls-session-hash-02).
maygup01 0:11cc2b7889af 1049 *
maygup01 0:11cc2b7889af 1050 * This was introduced as "the proper fix" to the Triple Handshake familiy of
maygup01 0:11cc2b7889af 1051 * attacks, but it is recommended to always use it (even if you disable
maygup01 0:11cc2b7889af 1052 * renegotiation), since it actually fixes a more fundamental issue in the
maygup01 0:11cc2b7889af 1053 * original SSL/TLS design, and has implications beyond Triple Handshake.
maygup01 0:11cc2b7889af 1054 *
maygup01 0:11cc2b7889af 1055 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
maygup01 0:11cc2b7889af 1056 * MBEDTLS_SSL_PROTO_TLS1_1 or
maygup01 0:11cc2b7889af 1057 * MBEDTLS_SSL_PROTO_TLS1_2
maygup01 0:11cc2b7889af 1058 *
maygup01 0:11cc2b7889af 1059 * Comment this macro to disable support for Extended Master Secret.
maygup01 0:11cc2b7889af 1060 */
maygup01 0:11cc2b7889af 1061 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
maygup01 0:11cc2b7889af 1062
maygup01 0:11cc2b7889af 1063 /**
maygup01 0:11cc2b7889af 1064 * \def MBEDTLS_SSL_FALLBACK_SCSV
maygup01 0:11cc2b7889af 1065 *
maygup01 0:11cc2b7889af 1066 * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
maygup01 0:11cc2b7889af 1067 *
maygup01 0:11cc2b7889af 1068 * For servers, it is recommended to always enable this, unless you support
maygup01 0:11cc2b7889af 1069 * only one version of TLS, or know for sure that none of your clients
maygup01 0:11cc2b7889af 1070 * implements a fallback strategy.
maygup01 0:11cc2b7889af 1071 *
maygup01 0:11cc2b7889af 1072 * For clients, you only need this if you're using a fallback strategy, which
maygup01 0:11cc2b7889af 1073 * is not recommended in the first place, unless you absolutely need it to
maygup01 0:11cc2b7889af 1074 * interoperate with buggy (version-intolerant) servers.
maygup01 0:11cc2b7889af 1075 *
maygup01 0:11cc2b7889af 1076 * Comment this macro to disable support for FALLBACK_SCSV
maygup01 0:11cc2b7889af 1077 */
maygup01 0:11cc2b7889af 1078 //#define MBEDTLS_SSL_FALLBACK_SCSV
maygup01 0:11cc2b7889af 1079
maygup01 0:11cc2b7889af 1080 /**
maygup01 0:11cc2b7889af 1081 * \def MBEDTLS_SSL_HW_RECORD_ACCEL
maygup01 0:11cc2b7889af 1082 *
maygup01 0:11cc2b7889af 1083 * Enable hooking functions in SSL module for hardware acceleration of
maygup01 0:11cc2b7889af 1084 * individual records.
maygup01 0:11cc2b7889af 1085 *
maygup01 0:11cc2b7889af 1086 * Uncomment this macro to enable hooking functions.
maygup01 0:11cc2b7889af 1087 */
maygup01 0:11cc2b7889af 1088 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
maygup01 0:11cc2b7889af 1089
maygup01 0:11cc2b7889af 1090 /**
maygup01 0:11cc2b7889af 1091 * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
maygup01 0:11cc2b7889af 1092 *
maygup01 0:11cc2b7889af 1093 * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
maygup01 0:11cc2b7889af 1094 *
maygup01 0:11cc2b7889af 1095 * This is a countermeasure to the BEAST attack, which also minimizes the risk
maygup01 0:11cc2b7889af 1096 * of interoperability issues compared to sending 0-length records.
maygup01 0:11cc2b7889af 1097 *
maygup01 0:11cc2b7889af 1098 * Comment this macro to disable 1/n-1 record splitting.
maygup01 0:11cc2b7889af 1099 */
maygup01 0:11cc2b7889af 1100 //#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
maygup01 0:11cc2b7889af 1101
maygup01 0:11cc2b7889af 1102 /**
maygup01 0:11cc2b7889af 1103 * \def MBEDTLS_SSL_RENEGOTIATION
maygup01 0:11cc2b7889af 1104 *
maygup01 0:11cc2b7889af 1105 * Enable support for TLS renegotiation.
maygup01 0:11cc2b7889af 1106 *
maygup01 0:11cc2b7889af 1107 * The two main uses of renegotiation are (1) refresh keys on long-lived
maygup01 0:11cc2b7889af 1108 * connections and (2) client authentication after the initial handshake.
maygup01 0:11cc2b7889af 1109 * If you don't need renegotiation, it's probably better to disable it, since
maygup01 0:11cc2b7889af 1110 * it has been associated with security issues in the past and is easy to
maygup01 0:11cc2b7889af 1111 * misuse/misunderstand.
maygup01 0:11cc2b7889af 1112 *
maygup01 0:11cc2b7889af 1113 * Comment this to disable support for renegotiation.
maygup01 0:11cc2b7889af 1114 *
maygup01 0:11cc2b7889af 1115 * \note Even if this option is disabled, both client and server are aware
maygup01 0:11cc2b7889af 1116 * of the Renegotiation Indication Extension (RFC 5746) used to
maygup01 0:11cc2b7889af 1117 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
maygup01 0:11cc2b7889af 1118 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
maygup01 0:11cc2b7889af 1119 * configuration of this extension).
maygup01 0:11cc2b7889af 1120 *
maygup01 0:11cc2b7889af 1121 * \note This feature is required by Device Management Client for Client-side
maygup01 0:11cc2b7889af 1122 * certificate expiration verification. Disabling it will also require
maygup01 0:11cc2b7889af 1123 * setting PAL_USE_SECURE_TIME to 0.
maygup01 0:11cc2b7889af 1124 *
maygup01 0:11cc2b7889af 1125 */
maygup01 0:11cc2b7889af 1126 #define MBEDTLS_SSL_RENEGOTIATION
maygup01 0:11cc2b7889af 1127
maygup01 0:11cc2b7889af 1128 /**
maygup01 0:11cc2b7889af 1129 * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
maygup01 0:11cc2b7889af 1130 *
maygup01 0:11cc2b7889af 1131 * Enable support for receiving and parsing SSLv2 Client Hello messages for the
maygup01 0:11cc2b7889af 1132 * SSL Server module (MBEDTLS_SSL_SRV_C).
maygup01 0:11cc2b7889af 1133 *
maygup01 0:11cc2b7889af 1134 * Uncomment this macro to enable support for SSLv2 Client Hello messages.
maygup01 0:11cc2b7889af 1135 */
maygup01 0:11cc2b7889af 1136 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
maygup01 0:11cc2b7889af 1137
maygup01 0:11cc2b7889af 1138 /**
maygup01 0:11cc2b7889af 1139 * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
maygup01 0:11cc2b7889af 1140 *
maygup01 0:11cc2b7889af 1141 * Pick the ciphersuite according to the client's preferences rather than ours
maygup01 0:11cc2b7889af 1142 * in the SSL Server module (MBEDTLS_SSL_SRV_C).
maygup01 0:11cc2b7889af 1143 *
maygup01 0:11cc2b7889af 1144 * Uncomment this macro to respect client's ciphersuite order
maygup01 0:11cc2b7889af 1145 */
maygup01 0:11cc2b7889af 1146 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
maygup01 0:11cc2b7889af 1147
maygup01 0:11cc2b7889af 1148 /**
maygup01 0:11cc2b7889af 1149 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
maygup01 0:11cc2b7889af 1150 *
maygup01 0:11cc2b7889af 1151 * Enable support for RFC 6066 max_fragment_length extension in SSL.
maygup01 0:11cc2b7889af 1152 *
maygup01 0:11cc2b7889af 1153 * Comment this macro to disable support for the max_fragment_length extension
maygup01 0:11cc2b7889af 1154 */
maygup01 0:11cc2b7889af 1155 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
maygup01 0:11cc2b7889af 1156
maygup01 0:11cc2b7889af 1157 /**
maygup01 0:11cc2b7889af 1158 * \def MBEDTLS_SSL_PROTO_SSL3
maygup01 0:11cc2b7889af 1159 *
maygup01 0:11cc2b7889af 1160 * Enable support for SSL 3.0.
maygup01 0:11cc2b7889af 1161 *
maygup01 0:11cc2b7889af 1162 * Requires: MBEDTLS_MD5_C
maygup01 0:11cc2b7889af 1163 * MBEDTLS_SHA1_C
maygup01 0:11cc2b7889af 1164 *
maygup01 0:11cc2b7889af 1165 * Comment this macro to disable support for SSL 3.0
maygup01 0:11cc2b7889af 1166 */
maygup01 0:11cc2b7889af 1167 //#define MBEDTLS_SSL_PROTO_SSL3
maygup01 0:11cc2b7889af 1168
maygup01 0:11cc2b7889af 1169 /**
maygup01 0:11cc2b7889af 1170 * \def MBEDTLS_SSL_PROTO_TLS1
maygup01 0:11cc2b7889af 1171 *
maygup01 0:11cc2b7889af 1172 * Enable support for TLS 1.0.
maygup01 0:11cc2b7889af 1173 *
maygup01 0:11cc2b7889af 1174 * Requires: MBEDTLS_MD5_C
maygup01 0:11cc2b7889af 1175 * MBEDTLS_SHA1_C
maygup01 0:11cc2b7889af 1176 *
maygup01 0:11cc2b7889af 1177 * Comment this macro to disable support for TLS 1.0
maygup01 0:11cc2b7889af 1178 */
maygup01 0:11cc2b7889af 1179 //#define MBEDTLS_SSL_PROTO_TLS1
maygup01 0:11cc2b7889af 1180
maygup01 0:11cc2b7889af 1181 /**
maygup01 0:11cc2b7889af 1182 * \def MBEDTLS_SSL_PROTO_TLS1_1
maygup01 0:11cc2b7889af 1183 *
maygup01 0:11cc2b7889af 1184 * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
maygup01 0:11cc2b7889af 1185 *
maygup01 0:11cc2b7889af 1186 * Requires: MBEDTLS_MD5_C
maygup01 0:11cc2b7889af 1187 * MBEDTLS_SHA1_C
maygup01 0:11cc2b7889af 1188 *
maygup01 0:11cc2b7889af 1189 * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
maygup01 0:11cc2b7889af 1190 */
maygup01 0:11cc2b7889af 1191 //#define MBEDTLS_SSL_PROTO_TLS1_1
maygup01 0:11cc2b7889af 1192
maygup01 0:11cc2b7889af 1193 /**
maygup01 0:11cc2b7889af 1194 * \def MBEDTLS_SSL_PROTO_TLS1_2
maygup01 0:11cc2b7889af 1195 *
maygup01 0:11cc2b7889af 1196 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
maygup01 0:11cc2b7889af 1197 *
maygup01 0:11cc2b7889af 1198 * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
maygup01 0:11cc2b7889af 1199 * (Depends on ciphersuites)
maygup01 0:11cc2b7889af 1200 *
maygup01 0:11cc2b7889af 1201 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
maygup01 0:11cc2b7889af 1202 */
maygup01 0:11cc2b7889af 1203 #define MBEDTLS_SSL_PROTO_TLS1_2
maygup01 0:11cc2b7889af 1204
maygup01 0:11cc2b7889af 1205 /**
maygup01 0:11cc2b7889af 1206 * \def MBEDTLS_SSL_PROTO_DTLS
maygup01 0:11cc2b7889af 1207 *
maygup01 0:11cc2b7889af 1208 * Enable support for DTLS (all available versions).
maygup01 0:11cc2b7889af 1209 *
maygup01 0:11cc2b7889af 1210 * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
maygup01 0:11cc2b7889af 1211 * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
maygup01 0:11cc2b7889af 1212 *
maygup01 0:11cc2b7889af 1213 * Requires: MBEDTLS_SSL_PROTO_TLS1_1
maygup01 0:11cc2b7889af 1214 * or MBEDTLS_SSL_PROTO_TLS1_2
maygup01 0:11cc2b7889af 1215 *
maygup01 0:11cc2b7889af 1216 * Comment this macro to disable support for DTLS
maygup01 0:11cc2b7889af 1217 */
maygup01 0:11cc2b7889af 1218 #define MBEDTLS_SSL_PROTO_DTLS
maygup01 0:11cc2b7889af 1219
maygup01 0:11cc2b7889af 1220 /**
maygup01 0:11cc2b7889af 1221 * \def MBEDTLS_SSL_ALPN
maygup01 0:11cc2b7889af 1222 *
maygup01 0:11cc2b7889af 1223 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
maygup01 0:11cc2b7889af 1224 *
maygup01 0:11cc2b7889af 1225 * Comment this macro to disable support for ALPN.
maygup01 0:11cc2b7889af 1226 */
maygup01 0:11cc2b7889af 1227 #define MBEDTLS_SSL_ALPN
maygup01 0:11cc2b7889af 1228
maygup01 0:11cc2b7889af 1229 /**
maygup01 0:11cc2b7889af 1230 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
maygup01 0:11cc2b7889af 1231 *
maygup01 0:11cc2b7889af 1232 * Enable support for the anti-replay mechanism in DTLS.
maygup01 0:11cc2b7889af 1233 *
maygup01 0:11cc2b7889af 1234 * Requires: MBEDTLS_SSL_TLS_C
maygup01 0:11cc2b7889af 1235 * MBEDTLS_SSL_PROTO_DTLS
maygup01 0:11cc2b7889af 1236 *
maygup01 0:11cc2b7889af 1237 * \warning Disabling this is often a security risk!
maygup01 0:11cc2b7889af 1238 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
maygup01 0:11cc2b7889af 1239 *
maygup01 0:11cc2b7889af 1240 * Comment this to disable anti-replay in DTLS.
maygup01 0:11cc2b7889af 1241 */
maygup01 0:11cc2b7889af 1242 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
maygup01 0:11cc2b7889af 1243
maygup01 0:11cc2b7889af 1244 /**
maygup01 0:11cc2b7889af 1245 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
maygup01 0:11cc2b7889af 1246 *
maygup01 0:11cc2b7889af 1247 * Enable support for HelloVerifyRequest on DTLS servers.
maygup01 0:11cc2b7889af 1248 *
maygup01 0:11cc2b7889af 1249 * This feature is highly recommended to prevent DTLS servers being used as
maygup01 0:11cc2b7889af 1250 * amplifiers in DoS attacks against other hosts. It should always be enabled
maygup01 0:11cc2b7889af 1251 * unless you know for sure amplification cannot be a problem in the
maygup01 0:11cc2b7889af 1252 * environment in which your server operates.
maygup01 0:11cc2b7889af 1253 *
maygup01 0:11cc2b7889af 1254 * \warning Disabling this can ba a security risk! (see above)
maygup01 0:11cc2b7889af 1255 *
maygup01 0:11cc2b7889af 1256 * Requires: MBEDTLS_SSL_PROTO_DTLS
maygup01 0:11cc2b7889af 1257 *
maygup01 0:11cc2b7889af 1258 * Comment this to disable support for HelloVerifyRequest.
maygup01 0:11cc2b7889af 1259 */
maygup01 0:11cc2b7889af 1260 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
maygup01 0:11cc2b7889af 1261
maygup01 0:11cc2b7889af 1262 /**
maygup01 0:11cc2b7889af 1263 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
maygup01 0:11cc2b7889af 1264 *
maygup01 0:11cc2b7889af 1265 * Enable server-side support for clients that reconnect from the same port.
maygup01 0:11cc2b7889af 1266 *
maygup01 0:11cc2b7889af 1267 * Some clients unexpectedly close the connection and try to reconnect using the
maygup01 0:11cc2b7889af 1268 * same source port. This needs special support from the server to handle the
maygup01 0:11cc2b7889af 1269 * new connection securely, as described in section 4.2.8 of RFC 6347. This
maygup01 0:11cc2b7889af 1270 * flag enables that support.
maygup01 0:11cc2b7889af 1271 *
maygup01 0:11cc2b7889af 1272 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
maygup01 0:11cc2b7889af 1273 *
maygup01 0:11cc2b7889af 1274 * Comment this to disable support for clients reusing the source port.
maygup01 0:11cc2b7889af 1275 */
maygup01 0:11cc2b7889af 1276 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
maygup01 0:11cc2b7889af 1277
maygup01 0:11cc2b7889af 1278 /**
maygup01 0:11cc2b7889af 1279 * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
maygup01 0:11cc2b7889af 1280 *
maygup01 0:11cc2b7889af 1281 * Enable support for a limit of records with bad MAC.
maygup01 0:11cc2b7889af 1282 *
maygup01 0:11cc2b7889af 1283 * See mbedtls_ssl_conf_dtls_badmac_limit().
maygup01 0:11cc2b7889af 1284 *
maygup01 0:11cc2b7889af 1285 * Requires: MBEDTLS_SSL_PROTO_DTLS
maygup01 0:11cc2b7889af 1286 */
maygup01 0:11cc2b7889af 1287 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
maygup01 0:11cc2b7889af 1288
maygup01 0:11cc2b7889af 1289 /**
maygup01 0:11cc2b7889af 1290 * \def MBEDTLS_SSL_SESSION_TICKETS
maygup01 0:11cc2b7889af 1291 *
maygup01 0:11cc2b7889af 1292 * Enable support for RFC 5077 session tickets in SSL.
maygup01 0:11cc2b7889af 1293 * Client-side, provides full support for session tickets (maintainance of a
maygup01 0:11cc2b7889af 1294 * session store remains the responsibility of the application, though).
maygup01 0:11cc2b7889af 1295 * Server-side, you also need to provide callbacks for writing and parsing
maygup01 0:11cc2b7889af 1296 * tickets, including authenticated encryption and key management. Example
maygup01 0:11cc2b7889af 1297 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
maygup01 0:11cc2b7889af 1298 *
maygup01 0:11cc2b7889af 1299 * Comment this macro to disable support for SSL session tickets
maygup01 0:11cc2b7889af 1300 */
maygup01 0:11cc2b7889af 1301 #define MBEDTLS_SSL_SESSION_TICKETS
maygup01 0:11cc2b7889af 1302
maygup01 0:11cc2b7889af 1303 /**
maygup01 0:11cc2b7889af 1304 * \def MBEDTLS_SSL_EXPORT_KEYS
maygup01 0:11cc2b7889af 1305 *
maygup01 0:11cc2b7889af 1306 * Enable support for exporting key block and master secret.
maygup01 0:11cc2b7889af 1307 * This is required for certain users of TLS, e.g. EAP-TLS.
maygup01 0:11cc2b7889af 1308 *
maygup01 0:11cc2b7889af 1309 * Comment this macro to disable support for key export
maygup01 0:11cc2b7889af 1310 */
maygup01 0:11cc2b7889af 1311 #define MBEDTLS_SSL_EXPORT_KEYS
maygup01 0:11cc2b7889af 1312
maygup01 0:11cc2b7889af 1313 /**
maygup01 0:11cc2b7889af 1314 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
maygup01 0:11cc2b7889af 1315 *
maygup01 0:11cc2b7889af 1316 * Enable support for RFC 6066 server name indication (SNI) in SSL.
maygup01 0:11cc2b7889af 1317 *
maygup01 0:11cc2b7889af 1318 * Requires: MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 1319 *
maygup01 0:11cc2b7889af 1320 * Comment this macro to disable support for server name indication in SSL
maygup01 0:11cc2b7889af 1321 */
maygup01 0:11cc2b7889af 1322 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
maygup01 0:11cc2b7889af 1323 /** s
maygup01 0:11cc2b7889af 1324 * \def MBEDTLS_SSL_TRUNCATED_HMAC
maygup01 0:11cc2b7889af 1325 *
maygup01 0:11cc2b7889af 1326 * Enable support for RFC 6066 truncated HMAC in SSL.
maygup01 0:11cc2b7889af 1327 *
maygup01 0:11cc2b7889af 1328 * Comment this macro to disable support for truncated HMAC in SSL
maygup01 0:11cc2b7889af 1329 */
maygup01 0:11cc2b7889af 1330 //#define MBEDTLS_SSL_TRUNCATED_HMAC
maygup01 0:11cc2b7889af 1331
maygup01 0:11cc2b7889af 1332 /**
maygup01 0:11cc2b7889af 1333 * \def MBEDTLS_THREADING_ALT
maygup01 0:11cc2b7889af 1334 *
maygup01 0:11cc2b7889af 1335 * Provide your own alternate threading implementation.
maygup01 0:11cc2b7889af 1336 *
maygup01 0:11cc2b7889af 1337 * Requires: MBEDTLS_THREADING_C
maygup01 0:11cc2b7889af 1338 *
maygup01 0:11cc2b7889af 1339 * Uncomment this to allow your own alternate threading implementation.
maygup01 0:11cc2b7889af 1340 */
maygup01 0:11cc2b7889af 1341 //#define MBEDTLS_THREADING_ALT
maygup01 0:11cc2b7889af 1342
maygup01 0:11cc2b7889af 1343 /**
maygup01 0:11cc2b7889af 1344 * \def MBEDTLS_THREADING_PTHREAD
maygup01 0:11cc2b7889af 1345 *
maygup01 0:11cc2b7889af 1346 * Enable the pthread wrapper layer for the threading layer.
maygup01 0:11cc2b7889af 1347 *
maygup01 0:11cc2b7889af 1348 * Requires: MBEDTLS_THREADING_C
maygup01 0:11cc2b7889af 1349 *
maygup01 0:11cc2b7889af 1350 * Uncomment this to enable pthread mutexes.
maygup01 0:11cc2b7889af 1351 */
maygup01 0:11cc2b7889af 1352 //#define MBEDTLS_THREADING_PTHREAD
maygup01 0:11cc2b7889af 1353
maygup01 0:11cc2b7889af 1354 /**
maygup01 0:11cc2b7889af 1355 * \def MBEDTLS_VERSION_FEATURES
maygup01 0:11cc2b7889af 1356 *
maygup01 0:11cc2b7889af 1357 * Allow run-time checking of compile-time enabled features. Thus allowing users
maygup01 0:11cc2b7889af 1358 * to check at run-time if the library is for instance compiled with threading
maygup01 0:11cc2b7889af 1359 * support via mbedtls_version_check_feature().
maygup01 0:11cc2b7889af 1360 *
maygup01 0:11cc2b7889af 1361 * Requires: MBEDTLS_VERSION_C
maygup01 0:11cc2b7889af 1362 *
maygup01 0:11cc2b7889af 1363 * Comment this to disable run-time checking and save ROM space
maygup01 0:11cc2b7889af 1364 */
maygup01 0:11cc2b7889af 1365 //#define MBEDTLS_VERSION_FEATURES
maygup01 0:11cc2b7889af 1366 /**
maygup01 0:11cc2b7889af 1367 * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
maygup01 0:11cc2b7889af 1368 *
maygup01 0:11cc2b7889af 1369 * If set, the X509 parser will not break-off when parsing an X509 certificate
maygup01 0:11cc2b7889af 1370 * and encountering an extension in a v1 or v2 certificate.
maygup01 0:11cc2b7889af 1371 *
maygup01 0:11cc2b7889af 1372 * Uncomment to prevent an error.
maygup01 0:11cc2b7889af 1373 */
maygup01 0:11cc2b7889af 1374 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
maygup01 0:11cc2b7889af 1375
maygup01 0:11cc2b7889af 1376 /**
maygup01 0:11cc2b7889af 1377 * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
maygup01 0:11cc2b7889af 1378 *
maygup01 0:11cc2b7889af 1379 * If set, the X509 parser will not break-off when parsing an X509 certificate
maygup01 0:11cc2b7889af 1380 * and encountering an unknown critical extension.
maygup01 0:11cc2b7889af 1381 *
maygup01 0:11cc2b7889af 1382 * \warning Depending on your PKI use, enabling this can be a security risk!
maygup01 0:11cc2b7889af 1383 *
maygup01 0:11cc2b7889af 1384 * Uncomment to prevent an error.
maygup01 0:11cc2b7889af 1385 */
maygup01 0:11cc2b7889af 1386 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
maygup01 0:11cc2b7889af 1387
maygup01 0:11cc2b7889af 1388 /**
maygup01 0:11cc2b7889af 1389 * \def MBEDTLS_X509_CHECK_KEY_USAGE
maygup01 0:11cc2b7889af 1390 *
maygup01 0:11cc2b7889af 1391 * Enable verification of the keyUsage extension (CA and leaf certificates).
maygup01 0:11cc2b7889af 1392 *
maygup01 0:11cc2b7889af 1393 * Disabling this avoids problems with mis-issued and/or misused
maygup01 0:11cc2b7889af 1394 * (intermediate) CA and leaf certificates.
maygup01 0:11cc2b7889af 1395 *
maygup01 0:11cc2b7889af 1396 * \warning Depending on your PKI use, disabling this can be a security risk!
maygup01 0:11cc2b7889af 1397 *
maygup01 0:11cc2b7889af 1398 * Comment to skip keyUsage checking for both CA and leaf certificates.
maygup01 0:11cc2b7889af 1399 */
maygup01 0:11cc2b7889af 1400 #define MBEDTLS_X509_CHECK_KEY_USAGE
maygup01 0:11cc2b7889af 1401
maygup01 0:11cc2b7889af 1402 /**
maygup01 0:11cc2b7889af 1403 * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
maygup01 0:11cc2b7889af 1404 *
maygup01 0:11cc2b7889af 1405 * Enable verification of the extendedKeyUsage extension (leaf certificates).
maygup01 0:11cc2b7889af 1406 *
maygup01 0:11cc2b7889af 1407 * Disabling this avoids problems with mis-issued and/or misused certificates.
maygup01 0:11cc2b7889af 1408 *
maygup01 0:11cc2b7889af 1409 * \warning Depending on your PKI use, disabling this can be a security risk!
maygup01 0:11cc2b7889af 1410 *
maygup01 0:11cc2b7889af 1411 * Comment to skip extendedKeyUsage checking for certificates.
maygup01 0:11cc2b7889af 1412 */
maygup01 0:11cc2b7889af 1413 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
maygup01 0:11cc2b7889af 1414
maygup01 0:11cc2b7889af 1415 /**
maygup01 0:11cc2b7889af 1416 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
maygup01 0:11cc2b7889af 1417 *
maygup01 0:11cc2b7889af 1418 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
maygup01 0:11cc2b7889af 1419 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
maygup01 0:11cc2b7889af 1420 *
maygup01 0:11cc2b7889af 1421 * Comment this macro to disallow using RSASSA-PSS in certificates.
maygup01 0:11cc2b7889af 1422 */
maygup01 0:11cc2b7889af 1423 //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
maygup01 0:11cc2b7889af 1424 /**
maygup01 0:11cc2b7889af 1425 * \def MBEDTLS_ZLIB_SUPPORT
maygup01 0:11cc2b7889af 1426 *
maygup01 0:11cc2b7889af 1427 * If set, the SSL/TLS module uses ZLIB to support compression and
maygup01 0:11cc2b7889af 1428 * decompression of packet data.
maygup01 0:11cc2b7889af 1429 *
maygup01 0:11cc2b7889af 1430 * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
maygup01 0:11cc2b7889af 1431 * CRIME attack. Before enabling this option, you should examine with care if
maygup01 0:11cc2b7889af 1432 * CRIME or similar exploits may be a applicable to your use case.
maygup01 0:11cc2b7889af 1433 *
maygup01 0:11cc2b7889af 1434 * \note Currently compression can't be used with DTLS.
maygup01 0:11cc2b7889af 1435 *
maygup01 0:11cc2b7889af 1436 * Used in: library/ssl_tls.c
maygup01 0:11cc2b7889af 1437 * library/ssl_cli.c
maygup01 0:11cc2b7889af 1438 * library/ssl_srv.c
maygup01 0:11cc2b7889af 1439 *
maygup01 0:11cc2b7889af 1440 * This feature requires zlib library and headers to be present.
maygup01 0:11cc2b7889af 1441 *
maygup01 0:11cc2b7889af 1442 * Uncomment to enable use of ZLIB
maygup01 0:11cc2b7889af 1443 */
maygup01 0:11cc2b7889af 1444 //#define MBEDTLS_ZLIB_SUPPORT
maygup01 0:11cc2b7889af 1445 /* \} name SECTION: mbed TLS feature support */
maygup01 0:11cc2b7889af 1446
maygup01 0:11cc2b7889af 1447 /**
maygup01 0:11cc2b7889af 1448 * \name SECTION: mbed TLS modules
maygup01 0:11cc2b7889af 1449 *
maygup01 0:11cc2b7889af 1450 * This section enables or disables entire modules in mbed TLS
maygup01 0:11cc2b7889af 1451 * \{
maygup01 0:11cc2b7889af 1452 */
maygup01 0:11cc2b7889af 1453
maygup01 0:11cc2b7889af 1454 /**
maygup01 0:11cc2b7889af 1455 * \def MBEDTLS_AESNI_C
maygup01 0:11cc2b7889af 1456 *
maygup01 0:11cc2b7889af 1457 * Enable AES-NI support on x86-64.
maygup01 0:11cc2b7889af 1458 *
maygup01 0:11cc2b7889af 1459 * Module: library/aesni.c
maygup01 0:11cc2b7889af 1460 * Caller: library/aes.c
maygup01 0:11cc2b7889af 1461 *
maygup01 0:11cc2b7889af 1462 * Requires: MBEDTLS_HAVE_ASM
maygup01 0:11cc2b7889af 1463 *
maygup01 0:11cc2b7889af 1464 * This modules adds support for the AES-NI instructions on x86-64
maygup01 0:11cc2b7889af 1465 */
maygup01 0:11cc2b7889af 1466 //#define MBEDTLS_AESNI_C
maygup01 0:11cc2b7889af 1467
maygup01 0:11cc2b7889af 1468 /**
maygup01 0:11cc2b7889af 1469 * \def MBEDTLS_AES_C
maygup01 0:11cc2b7889af 1470 *
maygup01 0:11cc2b7889af 1471 * Enable the AES block cipher.
maygup01 0:11cc2b7889af 1472 *
maygup01 0:11cc2b7889af 1473 * Module: library/aes.c
maygup01 0:11cc2b7889af 1474 * Caller: library/ssl_tls.c
maygup01 0:11cc2b7889af 1475 * library/pem.c
maygup01 0:11cc2b7889af 1476 * library/ctr_drbg.c
maygup01 0:11cc2b7889af 1477 *
maygup01 0:11cc2b7889af 1478 * This module enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 1479 * enabled as well):
maygup01 0:11cc2b7889af 1480 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1481 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1482 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1483 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1484 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1485 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1486 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1487 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1488 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1489 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1490 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1491 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1492 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1493 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1494 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1495 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1496 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1497 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
maygup01 0:11cc2b7889af 1498 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1499 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1500 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1501 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1502 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1503 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1504 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1505 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1506 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1507 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1508 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1509 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1510 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1511 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1512 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1513 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1514 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1515 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1516 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1517 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1518 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1519 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1520 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1521 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
maygup01 0:11cc2b7889af 1522 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1523 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1524 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1525 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1526 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1527 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1528 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1529 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1530 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1531 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1532 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
maygup01 0:11cc2b7889af 1533 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
maygup01 0:11cc2b7889af 1534 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
maygup01 0:11cc2b7889af 1535 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
maygup01 0:11cc2b7889af 1536 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
maygup01 0:11cc2b7889af 1537 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
maygup01 0:11cc2b7889af 1538 *
maygup01 0:11cc2b7889af 1539 * PEM_PARSE uses AES for decrypting encrypted keys.
maygup01 0:11cc2b7889af 1540 */
maygup01 0:11cc2b7889af 1541 #define MBEDTLS_AES_C
maygup01 0:11cc2b7889af 1542
maygup01 0:11cc2b7889af 1543 /**
maygup01 0:11cc2b7889af 1544 * \def MBEDTLS_ARC4_C
maygup01 0:11cc2b7889af 1545 *
maygup01 0:11cc2b7889af 1546 * Enable the ARCFOUR stream cipher.
maygup01 0:11cc2b7889af 1547 *
maygup01 0:11cc2b7889af 1548 * Module: library/arc4.c
maygup01 0:11cc2b7889af 1549 * Caller: library/ssl_tls.c
maygup01 0:11cc2b7889af 1550 *
maygup01 0:11cc2b7889af 1551 * This module enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 1552 * enabled as well):
maygup01 0:11cc2b7889af 1553 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1554 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1555 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1556 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1557 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1558 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1559 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1560 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
maygup01 0:11cc2b7889af 1561 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1562 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
maygup01 0:11cc2b7889af 1563 */
maygup01 0:11cc2b7889af 1564 //#define MBEDTLS_ARC4_C
maygup01 0:11cc2b7889af 1565
maygup01 0:11cc2b7889af 1566 /**
maygup01 0:11cc2b7889af 1567 * \def MBEDTLS_ASN1_PARSE_C
maygup01 0:11cc2b7889af 1568 *
maygup01 0:11cc2b7889af 1569 * Enable the generic ASN1 parser.
maygup01 0:11cc2b7889af 1570 *
maygup01 0:11cc2b7889af 1571 * Module: library/asn1.c
maygup01 0:11cc2b7889af 1572 * Caller: library/x509.c
maygup01 0:11cc2b7889af 1573 * library/dhm.c
maygup01 0:11cc2b7889af 1574 * library/pkcs12.c
maygup01 0:11cc2b7889af 1575 * library/pkcs5.c
maygup01 0:11cc2b7889af 1576 * library/pkparse.c
maygup01 0:11cc2b7889af 1577 */
maygup01 0:11cc2b7889af 1578 #define MBEDTLS_ASN1_PARSE_C
maygup01 0:11cc2b7889af 1579
maygup01 0:11cc2b7889af 1580 /**
maygup01 0:11cc2b7889af 1581 * \def MBEDTLS_ASN1_WRITE_C
maygup01 0:11cc2b7889af 1582 *
maygup01 0:11cc2b7889af 1583 * Enable the generic ASN1 writer.
maygup01 0:11cc2b7889af 1584 *
maygup01 0:11cc2b7889af 1585 * Module: library/asn1write.c
maygup01 0:11cc2b7889af 1586 * Caller: library/ecdsa.c
maygup01 0:11cc2b7889af 1587 * library/pkwrite.c
maygup01 0:11cc2b7889af 1588 * library/x509_create.c
maygup01 0:11cc2b7889af 1589 * library/x509write_crt.c
maygup01 0:11cc2b7889af 1590 * library/x509write_csr.c
maygup01 0:11cc2b7889af 1591 */
maygup01 0:11cc2b7889af 1592 #define MBEDTLS_ASN1_WRITE_C
maygup01 0:11cc2b7889af 1593
maygup01 0:11cc2b7889af 1594 /**
maygup01 0:11cc2b7889af 1595 * \def MBEDTLS_BASE64_C
maygup01 0:11cc2b7889af 1596 *
maygup01 0:11cc2b7889af 1597 * Enable the Base64 module.
maygup01 0:11cc2b7889af 1598 *
maygup01 0:11cc2b7889af 1599 * Module: library/base64.c
maygup01 0:11cc2b7889af 1600 * Caller: library/pem.c
maygup01 0:11cc2b7889af 1601 *
maygup01 0:11cc2b7889af 1602 * This module is required for PEM support (required by X.509).
maygup01 0:11cc2b7889af 1603 */
maygup01 0:11cc2b7889af 1604 // needed for Base64 encoding Opaque data for
maygup01 0:11cc2b7889af 1605 // registration payload, adds 500 bytes to flash.
maygup01 0:11cc2b7889af 1606 #define MBEDTLS_BASE64_C
maygup01 0:11cc2b7889af 1607
maygup01 0:11cc2b7889af 1608 /**
maygup01 0:11cc2b7889af 1609 * \def MBEDTLS_BIGNUM_C
maygup01 0:11cc2b7889af 1610 *
maygup01 0:11cc2b7889af 1611 * Enable the multi-precision integer library.
maygup01 0:11cc2b7889af 1612 *
maygup01 0:11cc2b7889af 1613 * Module: library/bignum.c
maygup01 0:11cc2b7889af 1614 * Caller: library/dhm.c
maygup01 0:11cc2b7889af 1615 * library/ecp.c
maygup01 0:11cc2b7889af 1616 * library/ecdsa.c
maygup01 0:11cc2b7889af 1617 * library/rsa.c
maygup01 0:11cc2b7889af 1618 * library/ssl_tls.c
maygup01 0:11cc2b7889af 1619 *
maygup01 0:11cc2b7889af 1620 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
maygup01 0:11cc2b7889af 1621 */
maygup01 0:11cc2b7889af 1622 #define MBEDTLS_BIGNUM_C
maygup01 0:11cc2b7889af 1623
maygup01 0:11cc2b7889af 1624 /**
maygup01 0:11cc2b7889af 1625 * \def MBEDTLS_BLOWFISH_C
maygup01 0:11cc2b7889af 1626 *
maygup01 0:11cc2b7889af 1627 * Enable the Blowfish block cipher.
maygup01 0:11cc2b7889af 1628 *
maygup01 0:11cc2b7889af 1629 * Module: library/blowfish.c
maygup01 0:11cc2b7889af 1630 */
maygup01 0:11cc2b7889af 1631 //#define MBEDTLS_BLOWFISH_C
maygup01 0:11cc2b7889af 1632
maygup01 0:11cc2b7889af 1633 /**
maygup01 0:11cc2b7889af 1634 * \def MBEDTLS_CAMELLIA_C
maygup01 0:11cc2b7889af 1635 *
maygup01 0:11cc2b7889af 1636 * Enable the Camellia block cipher.
maygup01 0:11cc2b7889af 1637 *
maygup01 0:11cc2b7889af 1638 * Module: library/camellia.c
maygup01 0:11cc2b7889af 1639 * Caller: library/ssl_tls.c
maygup01 0:11cc2b7889af 1640 *
maygup01 0:11cc2b7889af 1641 * This module enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 1642 * enabled as well):
maygup01 0:11cc2b7889af 1643 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1644 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1645 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1646 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1647 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1648 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1649 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1650 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1651 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1652 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1653 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1654 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1655 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1656 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
maygup01 0:11cc2b7889af 1657 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
maygup01 0:11cc2b7889af 1658 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1659 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1660 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1661 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1662 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1663 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1664 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
maygup01 0:11cc2b7889af 1665 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1666 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1667 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1668 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1669 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1670 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1671 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1672 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
maygup01 0:11cc2b7889af 1673 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
maygup01 0:11cc2b7889af 1674 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1675 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1676 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
maygup01 0:11cc2b7889af 1677 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1678 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1679 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1680 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1681 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
maygup01 0:11cc2b7889af 1682 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
maygup01 0:11cc2b7889af 1683 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 1684 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
maygup01 0:11cc2b7889af 1685 */
maygup01 0:11cc2b7889af 1686 //#define MBEDTLS_CAMELLIA_C
maygup01 0:11cc2b7889af 1687
maygup01 0:11cc2b7889af 1688 /**
maygup01 0:11cc2b7889af 1689 * \def MBEDTLS_CCM_C
maygup01 0:11cc2b7889af 1690 *
maygup01 0:11cc2b7889af 1691 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
maygup01 0:11cc2b7889af 1692 *
maygup01 0:11cc2b7889af 1693 * Module: library/ccm.c
maygup01 0:11cc2b7889af 1694 *
maygup01 0:11cc2b7889af 1695 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
maygup01 0:11cc2b7889af 1696 *
maygup01 0:11cc2b7889af 1697 * This module enables the AES-CCM ciphersuites, if other requisites are
maygup01 0:11cc2b7889af 1698 * enabled as well.
maygup01 0:11cc2b7889af 1699 */
maygup01 0:11cc2b7889af 1700 #define MBEDTLS_CCM_C
maygup01 0:11cc2b7889af 1701
maygup01 0:11cc2b7889af 1702 /**
maygup01 0:11cc2b7889af 1703 * \def MBEDTLS_CERTS_C
maygup01 0:11cc2b7889af 1704 *
maygup01 0:11cc2b7889af 1705 * Enable the test certificates.
maygup01 0:11cc2b7889af 1706 *
maygup01 0:11cc2b7889af 1707 * Module: library/certs.c
maygup01 0:11cc2b7889af 1708 * Caller:
maygup01 0:11cc2b7889af 1709 *
maygup01 0:11cc2b7889af 1710 * This module is used for testing (ssl_client/server).
maygup01 0:11cc2b7889af 1711 */
maygup01 0:11cc2b7889af 1712 //#define MBEDTLS_CERTS_C
maygup01 0:11cc2b7889af 1713
maygup01 0:11cc2b7889af 1714 /**
maygup01 0:11cc2b7889af 1715 * \def MBEDTLS_CIPHER_C
maygup01 0:11cc2b7889af 1716 *
maygup01 0:11cc2b7889af 1717 * Enable the generic cipher layer.
maygup01 0:11cc2b7889af 1718 *
maygup01 0:11cc2b7889af 1719 * Module: library/cipher.c
maygup01 0:11cc2b7889af 1720 * Caller: library/ssl_tls.c
maygup01 0:11cc2b7889af 1721 *
maygup01 0:11cc2b7889af 1722 * Uncomment to enable generic cipher wrappers.
maygup01 0:11cc2b7889af 1723 */
maygup01 0:11cc2b7889af 1724 #define MBEDTLS_CIPHER_C
maygup01 0:11cc2b7889af 1725
maygup01 0:11cc2b7889af 1726 /**
maygup01 0:11cc2b7889af 1727 * \def MBEDTLS_CMAC_C
maygup01 0:11cc2b7889af 1728 *
maygup01 0:11cc2b7889af 1729 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
maygup01 0:11cc2b7889af 1730 * ciphers.
maygup01 0:11cc2b7889af 1731 *
maygup01 0:11cc2b7889af 1732 * Module: library/cmac.c
maygup01 0:11cc2b7889af 1733 *
maygup01 0:11cc2b7889af 1734 * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
maygup01 0:11cc2b7889af 1735 *
maygup01 0:11cc2b7889af 1736 */
maygup01 0:11cc2b7889af 1737 #define MBEDTLS_CMAC_C
maygup01 0:11cc2b7889af 1738
maygup01 0:11cc2b7889af 1739 /**
maygup01 0:11cc2b7889af 1740 * \def MBEDTLS_CTR_DRBG_C
maygup01 0:11cc2b7889af 1741 *
maygup01 0:11cc2b7889af 1742 * Enable the CTR_DRBG AES-256-based random generator.
maygup01 0:11cc2b7889af 1743 *
maygup01 0:11cc2b7889af 1744 * Module: library/ctr_drbg.c
maygup01 0:11cc2b7889af 1745 * Caller:
maygup01 0:11cc2b7889af 1746 *
maygup01 0:11cc2b7889af 1747 * Requires: MBEDTLS_AES_C
maygup01 0:11cc2b7889af 1748 *
maygup01 0:11cc2b7889af 1749 * This module provides the CTR_DRBG AES-256 random number generator.
maygup01 0:11cc2b7889af 1750 */
maygup01 0:11cc2b7889af 1751 #define MBEDTLS_CTR_DRBG_C
maygup01 0:11cc2b7889af 1752
maygup01 0:11cc2b7889af 1753 /**
maygup01 0:11cc2b7889af 1754 * \def MBEDTLS_DEBUG_C
maygup01 0:11cc2b7889af 1755 *
maygup01 0:11cc2b7889af 1756 * Enable the debug functions.
maygup01 0:11cc2b7889af 1757 *
maygup01 0:11cc2b7889af 1758 * Module: library/debug.c
maygup01 0:11cc2b7889af 1759 * Caller: library/ssl_cli.c
maygup01 0:11cc2b7889af 1760 * library/ssl_srv.c
maygup01 0:11cc2b7889af 1761 * library/ssl_tls.c
maygup01 0:11cc2b7889af 1762 *
maygup01 0:11cc2b7889af 1763 * This module provides debugging functions.
maygup01 0:11cc2b7889af 1764 */
maygup01 0:11cc2b7889af 1765 //#define MBEDTLS_DEBUG_C
maygup01 0:11cc2b7889af 1766
maygup01 0:11cc2b7889af 1767 /**
maygup01 0:11cc2b7889af 1768 * \def MBEDTLS_DES_C
maygup01 0:11cc2b7889af 1769 *
maygup01 0:11cc2b7889af 1770 * Enable the DES block cipher.
maygup01 0:11cc2b7889af 1771 *
maygup01 0:11cc2b7889af 1772 * Module: library/des.c
maygup01 0:11cc2b7889af 1773 * Caller: library/pem.c
maygup01 0:11cc2b7889af 1774 * library/ssl_tls.c
maygup01 0:11cc2b7889af 1775 *
maygup01 0:11cc2b7889af 1776 * This module enables the following ciphersuites (if other requisites are
maygup01 0:11cc2b7889af 1777 * enabled as well):
maygup01 0:11cc2b7889af 1778 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1779 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1780 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1781 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1782 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1783 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1784 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1785 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1786 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1787 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
maygup01 0:11cc2b7889af 1788 *
maygup01 0:11cc2b7889af 1789 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
maygup01 0:11cc2b7889af 1790 */
maygup01 0:11cc2b7889af 1791 //#define MBEDTLS_DES_C
maygup01 0:11cc2b7889af 1792
maygup01 0:11cc2b7889af 1793 /**
maygup01 0:11cc2b7889af 1794 * \def MBEDTLS_DHM_C
maygup01 0:11cc2b7889af 1795 *
maygup01 0:11cc2b7889af 1796 * Enable the Diffie-Hellman-Merkle module.
maygup01 0:11cc2b7889af 1797 *
maygup01 0:11cc2b7889af 1798 * Module: library/dhm.c
maygup01 0:11cc2b7889af 1799 * Caller: library/ssl_cli.c
maygup01 0:11cc2b7889af 1800 * library/ssl_srv.c
maygup01 0:11cc2b7889af 1801 *
maygup01 0:11cc2b7889af 1802 * This module is used by the following key exchanges:
maygup01 0:11cc2b7889af 1803 * DHE-RSA, DHE-PSK
maygup01 0:11cc2b7889af 1804 */
maygup01 0:11cc2b7889af 1805 //#define MBEDTLS_DHM_C
maygup01 0:11cc2b7889af 1806
maygup01 0:11cc2b7889af 1807 /**
maygup01 0:11cc2b7889af 1808 * \def MBEDTLS_ECDH_C
maygup01 0:11cc2b7889af 1809 *
maygup01 0:11cc2b7889af 1810 * Enable the elliptic curve Diffie-Hellman library.
maygup01 0:11cc2b7889af 1811 *
maygup01 0:11cc2b7889af 1812 * Module: library/ecdh.c
maygup01 0:11cc2b7889af 1813 * Caller: library/ssl_cli.c
maygup01 0:11cc2b7889af 1814 * library/ssl_srv.c
maygup01 0:11cc2b7889af 1815 *
maygup01 0:11cc2b7889af 1816 * This module is used by the following key exchanges:
maygup01 0:11cc2b7889af 1817 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
maygup01 0:11cc2b7889af 1818 *
maygup01 0:11cc2b7889af 1819 * Requires: MBEDTLS_ECP_C
maygup01 0:11cc2b7889af 1820 */
maygup01 0:11cc2b7889af 1821 #define MBEDTLS_ECDH_C
maygup01 0:11cc2b7889af 1822
maygup01 0:11cc2b7889af 1823 /**
maygup01 0:11cc2b7889af 1824 * \def MBEDTLS_ECDSA_C
maygup01 0:11cc2b7889af 1825 *
maygup01 0:11cc2b7889af 1826 * Enable the elliptic curve DSA library.
maygup01 0:11cc2b7889af 1827 *
maygup01 0:11cc2b7889af 1828 * Module: library/ecdsa.c
maygup01 0:11cc2b7889af 1829 * Caller:
maygup01 0:11cc2b7889af 1830 *
maygup01 0:11cc2b7889af 1831 * This module is used by the following key exchanges:
maygup01 0:11cc2b7889af 1832 * ECDHE-ECDSA
maygup01 0:11cc2b7889af 1833 *
maygup01 0:11cc2b7889af 1834 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
maygup01 0:11cc2b7889af 1835 */
maygup01 0:11cc2b7889af 1836 #define MBEDTLS_ECDSA_C
maygup01 0:11cc2b7889af 1837
maygup01 0:11cc2b7889af 1838 /**
maygup01 0:11cc2b7889af 1839 * \def MBEDTLS_ECJPAKE_C
maygup01 0:11cc2b7889af 1840 *
maygup01 0:11cc2b7889af 1841 * Enable the elliptic curve J-PAKE library.
maygup01 0:11cc2b7889af 1842 *
maygup01 0:11cc2b7889af 1843 * \warning This is currently experimental. EC J-PAKE support is based on the
maygup01 0:11cc2b7889af 1844 * Thread v1.0.0 specification; incompatible changes to the specification
maygup01 0:11cc2b7889af 1845 * might still happen. For this reason, this is disabled by default.
maygup01 0:11cc2b7889af 1846 *
maygup01 0:11cc2b7889af 1847 * Module: library/ecjpake.c
maygup01 0:11cc2b7889af 1848 * Caller:
maygup01 0:11cc2b7889af 1849 *
maygup01 0:11cc2b7889af 1850 * This module is used by the following key exchanges:
maygup01 0:11cc2b7889af 1851 * ECJPAKE
maygup01 0:11cc2b7889af 1852 *
maygup01 0:11cc2b7889af 1853 * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
maygup01 0:11cc2b7889af 1854 */
maygup01 0:11cc2b7889af 1855 //#define MBEDTLS_ECJPAKE_C
maygup01 0:11cc2b7889af 1856
maygup01 0:11cc2b7889af 1857 /**
maygup01 0:11cc2b7889af 1858 * \def MBEDTLS_ECP_C
maygup01 0:11cc2b7889af 1859 *
maygup01 0:11cc2b7889af 1860 * Enable the elliptic curve over GF(p) library.
maygup01 0:11cc2b7889af 1861 *
maygup01 0:11cc2b7889af 1862 * Module: library/ecp.c
maygup01 0:11cc2b7889af 1863 * Caller: library/ecdh.c
maygup01 0:11cc2b7889af 1864 * library/ecdsa.c
maygup01 0:11cc2b7889af 1865 * library/ecjpake.c
maygup01 0:11cc2b7889af 1866 *
maygup01 0:11cc2b7889af 1867 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
maygup01 0:11cc2b7889af 1868 */
maygup01 0:11cc2b7889af 1869 #define MBEDTLS_ECP_C
maygup01 0:11cc2b7889af 1870
maygup01 0:11cc2b7889af 1871 /**
maygup01 0:11cc2b7889af 1872 * \def MBEDTLS_ENTROPY_C
maygup01 0:11cc2b7889af 1873 *
maygup01 0:11cc2b7889af 1874 * Enable the platform-specific entropy code.
maygup01 0:11cc2b7889af 1875 *
maygup01 0:11cc2b7889af 1876 * Module: library/entropy.c
maygup01 0:11cc2b7889af 1877 * Caller:
maygup01 0:11cc2b7889af 1878 *
maygup01 0:11cc2b7889af 1879 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
maygup01 0:11cc2b7889af 1880 *
maygup01 0:11cc2b7889af 1881 * This module provides a generic entropy pool
maygup01 0:11cc2b7889af 1882 */
maygup01 0:11cc2b7889af 1883 #define MBEDTLS_ENTROPY_C
maygup01 0:11cc2b7889af 1884
maygup01 0:11cc2b7889af 1885 /**
maygup01 0:11cc2b7889af 1886 * \def MBEDTLS_ERROR_C
maygup01 0:11cc2b7889af 1887 *
maygup01 0:11cc2b7889af 1888 * Enable error code to error string conversion.
maygup01 0:11cc2b7889af 1889 *
maygup01 0:11cc2b7889af 1890 * Module: library/error.c
maygup01 0:11cc2b7889af 1891 * Caller:
maygup01 0:11cc2b7889af 1892 *
maygup01 0:11cc2b7889af 1893 * This module enables mbedtls_strerror().
maygup01 0:11cc2b7889af 1894 */
maygup01 0:11cc2b7889af 1895 //#define MBEDTLS_ERROR_C
maygup01 0:11cc2b7889af 1896
maygup01 0:11cc2b7889af 1897 /**
maygup01 0:11cc2b7889af 1898 * \def MBEDTLS_GCM_C
maygup01 0:11cc2b7889af 1899 *
maygup01 0:11cc2b7889af 1900 * Enable the Galois/Counter Mode (GCM) for AES.
maygup01 0:11cc2b7889af 1901 *
maygup01 0:11cc2b7889af 1902 * Module: library/gcm.c
maygup01 0:11cc2b7889af 1903 *
maygup01 0:11cc2b7889af 1904 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
maygup01 0:11cc2b7889af 1905 *
maygup01 0:11cc2b7889af 1906 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
maygup01 0:11cc2b7889af 1907 * requisites are enabled as well.
maygup01 0:11cc2b7889af 1908 */
maygup01 0:11cc2b7889af 1909 #define MBEDTLS_GCM_C
maygup01 0:11cc2b7889af 1910
maygup01 0:11cc2b7889af 1911 /**
maygup01 0:11cc2b7889af 1912 * \def MBEDTLS_HAVEGE_C
maygup01 0:11cc2b7889af 1913 *
maygup01 0:11cc2b7889af 1914 * Enable the HAVEGE random generator.
maygup01 0:11cc2b7889af 1915 *
maygup01 0:11cc2b7889af 1916 * Warning: the HAVEGE random generator is not suitable for virtualized
maygup01 0:11cc2b7889af 1917 * environments
maygup01 0:11cc2b7889af 1918 *
maygup01 0:11cc2b7889af 1919 * Warning: the HAVEGE random generator is dependent on timing and specific
maygup01 0:11cc2b7889af 1920 * processor traits. It is therefore not advised to use HAVEGE as
maygup01 0:11cc2b7889af 1921 * your applications primary random generator or primary entropy pool
maygup01 0:11cc2b7889af 1922 * input. As a secondary input to your entropy pool, it IS able add
maygup01 0:11cc2b7889af 1923 * the (limited) extra entropy it provides.
maygup01 0:11cc2b7889af 1924 *
maygup01 0:11cc2b7889af 1925 * Module: library/havege.c
maygup01 0:11cc2b7889af 1926 * Caller:
maygup01 0:11cc2b7889af 1927 *
maygup01 0:11cc2b7889af 1928 * Requires: MBEDTLS_TIMING_C
maygup01 0:11cc2b7889af 1929 *
maygup01 0:11cc2b7889af 1930 * Uncomment to enable the HAVEGE random generator.
maygup01 0:11cc2b7889af 1931 */
maygup01 0:11cc2b7889af 1932 //#define MBEDTLS_HAVEGE_C
maygup01 0:11cc2b7889af 1933
maygup01 0:11cc2b7889af 1934 /**
maygup01 0:11cc2b7889af 1935 * \def MBEDTLS_HMAC_DRBG_C
maygup01 0:11cc2b7889af 1936 *
maygup01 0:11cc2b7889af 1937 * Enable the HMAC_DRBG random generator.
maygup01 0:11cc2b7889af 1938 *
maygup01 0:11cc2b7889af 1939 * Module: library/hmac_drbg.c
maygup01 0:11cc2b7889af 1940 * Caller:
maygup01 0:11cc2b7889af 1941 *
maygup01 0:11cc2b7889af 1942 * Requires: MBEDTLS_MD_C
maygup01 0:11cc2b7889af 1943 *
maygup01 0:11cc2b7889af 1944 * Uncomment to enable the HMAC_DRBG random number geerator.
maygup01 0:11cc2b7889af 1945 */
maygup01 0:11cc2b7889af 1946 #define MBEDTLS_HMAC_DRBG_C
maygup01 0:11cc2b7889af 1947
maygup01 0:11cc2b7889af 1948 /**
maygup01 0:11cc2b7889af 1949 * \def MBEDTLS_MD_C
maygup01 0:11cc2b7889af 1950 *
maygup01 0:11cc2b7889af 1951 * Enable the generic message digest layer.
maygup01 0:11cc2b7889af 1952 *
maygup01 0:11cc2b7889af 1953 * Module: library/md.c
maygup01 0:11cc2b7889af 1954 * Caller:
maygup01 0:11cc2b7889af 1955 *
maygup01 0:11cc2b7889af 1956 * Uncomment to enable generic message digest wrappers.
maygup01 0:11cc2b7889af 1957 */
maygup01 0:11cc2b7889af 1958 #define MBEDTLS_MD_C
maygup01 0:11cc2b7889af 1959
maygup01 0:11cc2b7889af 1960 /**
maygup01 0:11cc2b7889af 1961 * \def MBEDTLS_MD2_C
maygup01 0:11cc2b7889af 1962 *
maygup01 0:11cc2b7889af 1963 * Enable the MD2 hash algorithm.
maygup01 0:11cc2b7889af 1964 *
maygup01 0:11cc2b7889af 1965 * Module: library/md2.c
maygup01 0:11cc2b7889af 1966 * Caller:
maygup01 0:11cc2b7889af 1967 *
maygup01 0:11cc2b7889af 1968 * Uncomment to enable support for (rare) MD2-signed X.509 certs.
maygup01 0:11cc2b7889af 1969 */
maygup01 0:11cc2b7889af 1970 //#define MBEDTLS_MD2_C
maygup01 0:11cc2b7889af 1971
maygup01 0:11cc2b7889af 1972 /**
maygup01 0:11cc2b7889af 1973 * \def MBEDTLS_MD4_C
maygup01 0:11cc2b7889af 1974 *
maygup01 0:11cc2b7889af 1975 * Enable the MD4 hash algorithm.
maygup01 0:11cc2b7889af 1976 *
maygup01 0:11cc2b7889af 1977 * Module: library/md4.c
maygup01 0:11cc2b7889af 1978 * Caller:
maygup01 0:11cc2b7889af 1979 *
maygup01 0:11cc2b7889af 1980 * Uncomment to enable support for (rare) MD4-signed X.509 certs.
maygup01 0:11cc2b7889af 1981 */
maygup01 0:11cc2b7889af 1982 //#define MBEDTLS_MD4_C
maygup01 0:11cc2b7889af 1983
maygup01 0:11cc2b7889af 1984 /**
maygup01 0:11cc2b7889af 1985 * \def MBEDTLS_MD5_C
maygup01 0:11cc2b7889af 1986 *
maygup01 0:11cc2b7889af 1987 * Enable the MD5 hash algorithm.
maygup01 0:11cc2b7889af 1988 *
maygup01 0:11cc2b7889af 1989 * Module: library/md5.c
maygup01 0:11cc2b7889af 1990 * Caller: library/md.c
maygup01 0:11cc2b7889af 1991 * library/pem.c
maygup01 0:11cc2b7889af 1992 * library/ssl_tls.c
maygup01 0:11cc2b7889af 1993 *
maygup01 0:11cc2b7889af 1994 * This module is required for SSL/TLS and X.509.
maygup01 0:11cc2b7889af 1995 * PEM_PARSE uses MD5 for decrypting encrypted keys.
maygup01 0:11cc2b7889af 1996 */
maygup01 0:11cc2b7889af 1997 //#define MBEDTLS_MD5_C
maygup01 0:11cc2b7889af 1998
maygup01 0:11cc2b7889af 1999 /**
maygup01 0:11cc2b7889af 2000 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
maygup01 0:11cc2b7889af 2001 *
maygup01 0:11cc2b7889af 2002 * Enable the buffer allocator implementation that makes use of a (stack)
maygup01 0:11cc2b7889af 2003 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
maygup01 0:11cc2b7889af 2004 * calls)
maygup01 0:11cc2b7889af 2005 *
maygup01 0:11cc2b7889af 2006 * Module: library/memory_buffer_alloc.c
maygup01 0:11cc2b7889af 2007 *
maygup01 0:11cc2b7889af 2008 * Requires: MBEDTLS_PLATFORM_C
maygup01 0:11cc2b7889af 2009 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
maygup01 0:11cc2b7889af 2010 *
maygup01 0:11cc2b7889af 2011 * Enable this module to enable the buffer memory allocator.
maygup01 0:11cc2b7889af 2012 */
maygup01 0:11cc2b7889af 2013 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
maygup01 0:11cc2b7889af 2014
maygup01 0:11cc2b7889af 2015 /**
maygup01 0:11cc2b7889af 2016 * \def MBEDTLS_NET_C
maygup01 0:11cc2b7889af 2017 *
maygup01 0:11cc2b7889af 2018 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
maygup01 0:11cc2b7889af 2019 *
maygup01 0:11cc2b7889af 2020 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
maygup01 0:11cc2b7889af 2021 * and Windows. For other platforms, you'll want to disable it, and write your
maygup01 0:11cc2b7889af 2022 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
maygup01 0:11cc2b7889af 2023 *
maygup01 0:11cc2b7889af 2024 * \note See also our Knowledge Base article about porting to a new
maygup01 0:11cc2b7889af 2025 * environment:
maygup01 0:11cc2b7889af 2026 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
maygup01 0:11cc2b7889af 2027 *
maygup01 0:11cc2b7889af 2028 * Module: library/net_sockets.c
maygup01 0:11cc2b7889af 2029 *
maygup01 0:11cc2b7889af 2030 * This module provides networking routines.
maygup01 0:11cc2b7889af 2031 */
maygup01 0:11cc2b7889af 2032 //#define MBEDTLS_NET_C
maygup01 0:11cc2b7889af 2033
maygup01 0:11cc2b7889af 2034 /**
maygup01 0:11cc2b7889af 2035 * \def MBEDTLS_OID_C
maygup01 0:11cc2b7889af 2036 *
maygup01 0:11cc2b7889af 2037 * Enable the OID database.
maygup01 0:11cc2b7889af 2038 *
maygup01 0:11cc2b7889af 2039 * Module: library/oid.c
maygup01 0:11cc2b7889af 2040 * Caller: library/asn1write.c
maygup01 0:11cc2b7889af 2041 * library/pkcs5.c
maygup01 0:11cc2b7889af 2042 * library/pkparse.c
maygup01 0:11cc2b7889af 2043 * library/pkwrite.c
maygup01 0:11cc2b7889af 2044 * library/rsa.c
maygup01 0:11cc2b7889af 2045 * library/x509.c
maygup01 0:11cc2b7889af 2046 * library/x509_create.c
maygup01 0:11cc2b7889af 2047 * library/x509_crl.c
maygup01 0:11cc2b7889af 2048 * library/x509_crt.c
maygup01 0:11cc2b7889af 2049 * library/x509_csr.c
maygup01 0:11cc2b7889af 2050 * library/x509write_crt.c
maygup01 0:11cc2b7889af 2051 * library/x509write_csr.c
maygup01 0:11cc2b7889af 2052 *
maygup01 0:11cc2b7889af 2053 * This modules translates between OIDs and internal values.
maygup01 0:11cc2b7889af 2054 */
maygup01 0:11cc2b7889af 2055 #define MBEDTLS_OID_C
maygup01 0:11cc2b7889af 2056
maygup01 0:11cc2b7889af 2057 /**
maygup01 0:11cc2b7889af 2058 * \def MBEDTLS_PADLOCK_C
maygup01 0:11cc2b7889af 2059 *
maygup01 0:11cc2b7889af 2060 * Enable VIA Padlock support on x86.
maygup01 0:11cc2b7889af 2061 *
maygup01 0:11cc2b7889af 2062 * Module: library/padlock.c
maygup01 0:11cc2b7889af 2063 * Caller: library/aes.c
maygup01 0:11cc2b7889af 2064 *
maygup01 0:11cc2b7889af 2065 * Requires: MBEDTLS_HAVE_ASM
maygup01 0:11cc2b7889af 2066 *
maygup01 0:11cc2b7889af 2067 * This modules adds support for the VIA PadLock on x86.
maygup01 0:11cc2b7889af 2068 */
maygup01 0:11cc2b7889af 2069 //#define MBEDTLS_PADLOCK_C
maygup01 0:11cc2b7889af 2070
maygup01 0:11cc2b7889af 2071 /**
maygup01 0:11cc2b7889af 2072 * \def MBEDTLS_PEM_PARSE_C
maygup01 0:11cc2b7889af 2073 *
maygup01 0:11cc2b7889af 2074 * Enable PEM decoding / parsing.
maygup01 0:11cc2b7889af 2075 *
maygup01 0:11cc2b7889af 2076 * Module: library/pem.c
maygup01 0:11cc2b7889af 2077 * Caller: library/dhm.c
maygup01 0:11cc2b7889af 2078 * library/pkparse.c
maygup01 0:11cc2b7889af 2079 * library/x509_crl.c
maygup01 0:11cc2b7889af 2080 * library/x509_crt.c
maygup01 0:11cc2b7889af 2081 * library/x509_csr.c
maygup01 0:11cc2b7889af 2082 *
maygup01 0:11cc2b7889af 2083 * Requires: MBEDTLS_BASE64_C
maygup01 0:11cc2b7889af 2084 *
maygup01 0:11cc2b7889af 2085 * This modules adds support for decoding / parsing PEM files.
maygup01 0:11cc2b7889af 2086 */
maygup01 0:11cc2b7889af 2087 //#define MBEDTLS_PEM_PARSE_C
maygup01 0:11cc2b7889af 2088
maygup01 0:11cc2b7889af 2089 /**
maygup01 0:11cc2b7889af 2090 * \def MBEDTLS_PEM_WRITE_C
maygup01 0:11cc2b7889af 2091 *
maygup01 0:11cc2b7889af 2092 * Enable PEM encoding / writing.
maygup01 0:11cc2b7889af 2093 *
maygup01 0:11cc2b7889af 2094 * Module: library/pem.c
maygup01 0:11cc2b7889af 2095 * Caller: library/pkwrite.c
maygup01 0:11cc2b7889af 2096 * library/x509write_crt.c
maygup01 0:11cc2b7889af 2097 * library/x509write_csr.c
maygup01 0:11cc2b7889af 2098 *
maygup01 0:11cc2b7889af 2099 * Requires: MBEDTLS_BASE64_C
maygup01 0:11cc2b7889af 2100 *
maygup01 0:11cc2b7889af 2101 * This modules adds support for encoding / writing PEM files.
maygup01 0:11cc2b7889af 2102 */
maygup01 0:11cc2b7889af 2103 //#define MBEDTLS_PEM_WRITE_C
maygup01 0:11cc2b7889af 2104
maygup01 0:11cc2b7889af 2105 /**
maygup01 0:11cc2b7889af 2106 * \def MBEDTLS_PK_C
maygup01 0:11cc2b7889af 2107 *
maygup01 0:11cc2b7889af 2108 * Enable the generic public (asymetric) key layer.
maygup01 0:11cc2b7889af 2109 *
maygup01 0:11cc2b7889af 2110 * Module: library/pk.c
maygup01 0:11cc2b7889af 2111 * Caller: library/ssl_tls.c
maygup01 0:11cc2b7889af 2112 * library/ssl_cli.c
maygup01 0:11cc2b7889af 2113 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2114 *
maygup01 0:11cc2b7889af 2115 * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
maygup01 0:11cc2b7889af 2116 *
maygup01 0:11cc2b7889af 2117 * Uncomment to enable generic public key wrappers.
maygup01 0:11cc2b7889af 2118 */
maygup01 0:11cc2b7889af 2119 #define MBEDTLS_PK_C
maygup01 0:11cc2b7889af 2120
maygup01 0:11cc2b7889af 2121 /**
maygup01 0:11cc2b7889af 2122 * \def MBEDTLS_PK_PARSE_C
maygup01 0:11cc2b7889af 2123 *
maygup01 0:11cc2b7889af 2124 * Enable the generic public (asymetric) key parser.
maygup01 0:11cc2b7889af 2125 *
maygup01 0:11cc2b7889af 2126 * Module: library/pkparse.c
maygup01 0:11cc2b7889af 2127 * Caller: library/x509_crt.c
maygup01 0:11cc2b7889af 2128 * library/x509_csr.c
maygup01 0:11cc2b7889af 2129 *
maygup01 0:11cc2b7889af 2130 * Requires: MBEDTLS_PK_C
maygup01 0:11cc2b7889af 2131 *
maygup01 0:11cc2b7889af 2132 * Uncomment to enable generic public key parse functions.
maygup01 0:11cc2b7889af 2133 */
maygup01 0:11cc2b7889af 2134 #define MBEDTLS_PK_PARSE_C
maygup01 0:11cc2b7889af 2135
maygup01 0:11cc2b7889af 2136 /**
maygup01 0:11cc2b7889af 2137 * \def MBEDTLS_PK_WRITE_C
maygup01 0:11cc2b7889af 2138 *
maygup01 0:11cc2b7889af 2139 * Enable the generic public (asymetric) key writer.
maygup01 0:11cc2b7889af 2140 *
maygup01 0:11cc2b7889af 2141 * Module: library/pkwrite.c
maygup01 0:11cc2b7889af 2142 * Caller: library/x509write.c
maygup01 0:11cc2b7889af 2143 *
maygup01 0:11cc2b7889af 2144 * Requires: MBEDTLS_PK_C
maygup01 0:11cc2b7889af 2145 *
maygup01 0:11cc2b7889af 2146 * Uncomment to enable generic public key write functions.
maygup01 0:11cc2b7889af 2147 */
maygup01 0:11cc2b7889af 2148 #define MBEDTLS_PK_WRITE_C
maygup01 0:11cc2b7889af 2149
maygup01 0:11cc2b7889af 2150 /**
maygup01 0:11cc2b7889af 2151 * \def MBEDTLS_PKCS5_C
maygup01 0:11cc2b7889af 2152 *
maygup01 0:11cc2b7889af 2153 * Enable PKCS#5 functions.
maygup01 0:11cc2b7889af 2154 *
maygup01 0:11cc2b7889af 2155 * Module: library/pkcs5.c
maygup01 0:11cc2b7889af 2156 *
maygup01 0:11cc2b7889af 2157 * Requires: MBEDTLS_MD_C
maygup01 0:11cc2b7889af 2158 *
maygup01 0:11cc2b7889af 2159 * This module adds support for the PKCS#5 functions.
maygup01 0:11cc2b7889af 2160 */
maygup01 0:11cc2b7889af 2161 //#define MBEDTLS_PKCS5_C
maygup01 0:11cc2b7889af 2162
maygup01 0:11cc2b7889af 2163 /**
maygup01 0:11cc2b7889af 2164 * \def MBEDTLS_PKCS11_C
maygup01 0:11cc2b7889af 2165 *
maygup01 0:11cc2b7889af 2166 * Enable wrapper for PKCS#11 smartcard support.
maygup01 0:11cc2b7889af 2167 *
maygup01 0:11cc2b7889af 2168 * Module: library/pkcs11.c
maygup01 0:11cc2b7889af 2169 * Caller: library/pk.c
maygup01 0:11cc2b7889af 2170 *
maygup01 0:11cc2b7889af 2171 * Requires: MBEDTLS_PK_C
maygup01 0:11cc2b7889af 2172 *
maygup01 0:11cc2b7889af 2173 * This module enables SSL/TLS PKCS #11 smartcard support.
maygup01 0:11cc2b7889af 2174 * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
maygup01 0:11cc2b7889af 2175 */
maygup01 0:11cc2b7889af 2176 //#define MBEDTLS_PKCS11_C
maygup01 0:11cc2b7889af 2177
maygup01 0:11cc2b7889af 2178 /**
maygup01 0:11cc2b7889af 2179 * \def MBEDTLS_PKCS12_C
maygup01 0:11cc2b7889af 2180 *
maygup01 0:11cc2b7889af 2181 * Enable PKCS#12 PBE functions.
maygup01 0:11cc2b7889af 2182 * Adds algorithms for parsing PKCS#8 encrypted private keys
maygup01 0:11cc2b7889af 2183 *
maygup01 0:11cc2b7889af 2184 * Module: library/pkcs12.c
maygup01 0:11cc2b7889af 2185 * Caller: library/pkparse.c
maygup01 0:11cc2b7889af 2186 *
maygup01 0:11cc2b7889af 2187 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
maygup01 0:11cc2b7889af 2188 * Can use: MBEDTLS_ARC4_C
maygup01 0:11cc2b7889af 2189 *
maygup01 0:11cc2b7889af 2190 * This module enables PKCS#12 functions.
maygup01 0:11cc2b7889af 2191 */
maygup01 0:11cc2b7889af 2192 //#define MBEDTLS_PKCS12_C
maygup01 0:11cc2b7889af 2193
maygup01 0:11cc2b7889af 2194 /**
maygup01 0:11cc2b7889af 2195 * \def MBEDTLS_PLATFORM_C
maygup01 0:11cc2b7889af 2196 *
maygup01 0:11cc2b7889af 2197 * Enable the platform abstraction layer that allows you to re-assign
maygup01 0:11cc2b7889af 2198 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
maygup01 0:11cc2b7889af 2199 *
maygup01 0:11cc2b7889af 2200 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
maygup01 0:11cc2b7889af 2201 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
maygup01 0:11cc2b7889af 2202 * above to be specified at runtime or compile time respectively.
maygup01 0:11cc2b7889af 2203 *
maygup01 0:11cc2b7889af 2204 * \note This abstraction layer must be enabled on Windows (including MSYS2)
maygup01 0:11cc2b7889af 2205 * as other module rely on it for a fixed snprintf implementation.
maygup01 0:11cc2b7889af 2206 *
maygup01 0:11cc2b7889af 2207 * Module: library/platform.c
maygup01 0:11cc2b7889af 2208 * Caller: Most other .c files
maygup01 0:11cc2b7889af 2209 *
maygup01 0:11cc2b7889af 2210 * This module enables abstraction of common (libc) functions.
maygup01 0:11cc2b7889af 2211 */
maygup01 0:11cc2b7889af 2212 #define MBEDTLS_PLATFORM_C
maygup01 0:11cc2b7889af 2213
maygup01 0:11cc2b7889af 2214 /**
maygup01 0:11cc2b7889af 2215 * \def MBEDTLS_RIPEMD160_C
maygup01 0:11cc2b7889af 2216 *
maygup01 0:11cc2b7889af 2217 * Enable the RIPEMD-160 hash algorithm.
maygup01 0:11cc2b7889af 2218 *
maygup01 0:11cc2b7889af 2219 * Module: library/ripemd160.c
maygup01 0:11cc2b7889af 2220 * Caller: library/md.c
maygup01 0:11cc2b7889af 2221 *
maygup01 0:11cc2b7889af 2222 */
maygup01 0:11cc2b7889af 2223 //#define MBEDTLS_RIPEMD160_C
maygup01 0:11cc2b7889af 2224
maygup01 0:11cc2b7889af 2225 /**
maygup01 0:11cc2b7889af 2226 * \def MBEDTLS_RSA_C
maygup01 0:11cc2b7889af 2227 *
maygup01 0:11cc2b7889af 2228 * Enable the RSA public-key cryptosystem.
maygup01 0:11cc2b7889af 2229 *
maygup01 0:11cc2b7889af 2230 * Module: library/rsa.c
maygup01 0:11cc2b7889af 2231 * Caller: library/ssl_cli.c
maygup01 0:11cc2b7889af 2232 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2233 * library/ssl_tls.c
maygup01 0:11cc2b7889af 2234 * library/x509.c
maygup01 0:11cc2b7889af 2235 *
maygup01 0:11cc2b7889af 2236 * This module is used by the following key exchanges:
maygup01 0:11cc2b7889af 2237 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
maygup01 0:11cc2b7889af 2238 *
maygup01 0:11cc2b7889af 2239 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
maygup01 0:11cc2b7889af 2240 */
maygup01 0:11cc2b7889af 2241 //#define MBEDTLS_RSA_C
maygup01 0:11cc2b7889af 2242
maygup01 0:11cc2b7889af 2243 /**
maygup01 0:11cc2b7889af 2244 * \def MBEDTLS_SHA1_C
maygup01 0:11cc2b7889af 2245 *
maygup01 0:11cc2b7889af 2246 * Enable the SHA1 cryptographic hash algorithm.
maygup01 0:11cc2b7889af 2247 *
maygup01 0:11cc2b7889af 2248 * Module: library/sha1.c
maygup01 0:11cc2b7889af 2249 * Caller: library/md.c
maygup01 0:11cc2b7889af 2250 * library/ssl_cli.c
maygup01 0:11cc2b7889af 2251 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2252 * library/ssl_tls.c
maygup01 0:11cc2b7889af 2253 * library/x509write_crt.c
maygup01 0:11cc2b7889af 2254 *
maygup01 0:11cc2b7889af 2255 * This module is required for SSL/TLS and SHA1-signed certificates.
maygup01 0:11cc2b7889af 2256 */
maygup01 0:11cc2b7889af 2257 //#define MBEDTLS_SHA1_C
maygup01 0:11cc2b7889af 2258
maygup01 0:11cc2b7889af 2259 /**
maygup01 0:11cc2b7889af 2260 * \def MBEDTLS_SHA256_C
maygup01 0:11cc2b7889af 2261 *
maygup01 0:11cc2b7889af 2262 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
maygup01 0:11cc2b7889af 2263 *
maygup01 0:11cc2b7889af 2264 * Module: library/sha256.c
maygup01 0:11cc2b7889af 2265 * Caller: library/entropy.c
maygup01 0:11cc2b7889af 2266 * library/md.c
maygup01 0:11cc2b7889af 2267 * library/ssl_cli.c
maygup01 0:11cc2b7889af 2268 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2269 * library/ssl_tls.c
maygup01 0:11cc2b7889af 2270 *
maygup01 0:11cc2b7889af 2271 * This module adds support for SHA-224 and SHA-256.
maygup01 0:11cc2b7889af 2272 * This module is required for the SSL/TLS 1.2 PRF function.
maygup01 0:11cc2b7889af 2273 */
maygup01 0:11cc2b7889af 2274 #define MBEDTLS_SHA256_C
maygup01 0:11cc2b7889af 2275
maygup01 0:11cc2b7889af 2276 /**
maygup01 0:11cc2b7889af 2277 * \def MBEDTLS_SHA512_C
maygup01 0:11cc2b7889af 2278 *
maygup01 0:11cc2b7889af 2279 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
maygup01 0:11cc2b7889af 2280 *
maygup01 0:11cc2b7889af 2281 * Module: library/sha512.c
maygup01 0:11cc2b7889af 2282 * Caller: library/entropy.c
maygup01 0:11cc2b7889af 2283 * library/md.c
maygup01 0:11cc2b7889af 2284 * library/ssl_cli.c
maygup01 0:11cc2b7889af 2285 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2286 *
maygup01 0:11cc2b7889af 2287 * This module adds support for SHA-384 and SHA-512.
maygup01 0:11cc2b7889af 2288 */
maygup01 0:11cc2b7889af 2289 //#define MBEDTLS_SHA512_C
maygup01 0:11cc2b7889af 2290
maygup01 0:11cc2b7889af 2291 /**
maygup01 0:11cc2b7889af 2292 * \def MBEDTLS_SSL_CACHE_C
maygup01 0:11cc2b7889af 2293 *
maygup01 0:11cc2b7889af 2294 * Enable simple SSL cache implementation.
maygup01 0:11cc2b7889af 2295 *
maygup01 0:11cc2b7889af 2296 * Module: library/ssl_cache.c
maygup01 0:11cc2b7889af 2297 * Caller:
maygup01 0:11cc2b7889af 2298 *
maygup01 0:11cc2b7889af 2299 * Requires: MBEDTLS_SSL_CACHE_C
maygup01 0:11cc2b7889af 2300 */
maygup01 0:11cc2b7889af 2301 #define MBEDTLS_SSL_CACHE_C
maygup01 0:11cc2b7889af 2302
maygup01 0:11cc2b7889af 2303 /**
maygup01 0:11cc2b7889af 2304 * \def MBEDTLS_SSL_COOKIE_C
maygup01 0:11cc2b7889af 2305 *
maygup01 0:11cc2b7889af 2306 * Enable basic implementation of DTLS cookies for hello verification.
maygup01 0:11cc2b7889af 2307 *
maygup01 0:11cc2b7889af 2308 * Module: library/ssl_cookie.c
maygup01 0:11cc2b7889af 2309 * Caller:
maygup01 0:11cc2b7889af 2310 */
maygup01 0:11cc2b7889af 2311 #define MBEDTLS_SSL_COOKIE_C
maygup01 0:11cc2b7889af 2312
maygup01 0:11cc2b7889af 2313 /**
maygup01 0:11cc2b7889af 2314 * \def MBEDTLS_SSL_TICKET_C
maygup01 0:11cc2b7889af 2315 *
maygup01 0:11cc2b7889af 2316 * Enable an implementation of TLS server-side callbacks for session tickets.
maygup01 0:11cc2b7889af 2317 *
maygup01 0:11cc2b7889af 2318 * Module: library/ssl_ticket.c
maygup01 0:11cc2b7889af 2319 * Caller:
maygup01 0:11cc2b7889af 2320 *
maygup01 0:11cc2b7889af 2321 * Requires: MBEDTLS_CIPHER_C
maygup01 0:11cc2b7889af 2322 */
maygup01 0:11cc2b7889af 2323 #define MBEDTLS_SSL_TICKET_C
maygup01 0:11cc2b7889af 2324
maygup01 0:11cc2b7889af 2325 /**
maygup01 0:11cc2b7889af 2326 * \def MBEDTLS_SSL_CLI_C
maygup01 0:11cc2b7889af 2327 *
maygup01 0:11cc2b7889af 2328 * Enable the SSL/TLS client code.
maygup01 0:11cc2b7889af 2329 *
maygup01 0:11cc2b7889af 2330 * Module: library/ssl_cli.c
maygup01 0:11cc2b7889af 2331 * Caller:
maygup01 0:11cc2b7889af 2332 *
maygup01 0:11cc2b7889af 2333 * Requires: MBEDTLS_SSL_TLS_C
maygup01 0:11cc2b7889af 2334 *
maygup01 0:11cc2b7889af 2335 * This module is required for SSL/TLS client support.
maygup01 0:11cc2b7889af 2336 */
maygup01 0:11cc2b7889af 2337 #define MBEDTLS_SSL_CLI_C
maygup01 0:11cc2b7889af 2338
maygup01 0:11cc2b7889af 2339 /**
maygup01 0:11cc2b7889af 2340 * \def MBEDTLS_SSL_SRV_C
maygup01 0:11cc2b7889af 2341 *
maygup01 0:11cc2b7889af 2342 * Enable the SSL/TLS server code.
maygup01 0:11cc2b7889af 2343 *
maygup01 0:11cc2b7889af 2344 * Module: library/ssl_srv.c
maygup01 0:11cc2b7889af 2345 * Caller:
maygup01 0:11cc2b7889af 2346 *
maygup01 0:11cc2b7889af 2347 * Requires: MBEDTLS_SSL_TLS_C
maygup01 0:11cc2b7889af 2348 *
maygup01 0:11cc2b7889af 2349 * This module is required for SSL/TLS server support.
maygup01 0:11cc2b7889af 2350 */
maygup01 0:11cc2b7889af 2351 //#define MBEDTLS_SSL_SRV_C
maygup01 0:11cc2b7889af 2352
maygup01 0:11cc2b7889af 2353 /**
maygup01 0:11cc2b7889af 2354 * \def MBEDTLS_SSL_TLS_C
maygup01 0:11cc2b7889af 2355 *
maygup01 0:11cc2b7889af 2356 * Enable the generic SSL/TLS code.
maygup01 0:11cc2b7889af 2357 *
maygup01 0:11cc2b7889af 2358 * Module: library/ssl_tls.c
maygup01 0:11cc2b7889af 2359 * Caller: library/ssl_cli.c
maygup01 0:11cc2b7889af 2360 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2361 *
maygup01 0:11cc2b7889af 2362 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
maygup01 0:11cc2b7889af 2363 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
maygup01 0:11cc2b7889af 2364 *
maygup01 0:11cc2b7889af 2365 * This module is required for SSL/TLS.
maygup01 0:11cc2b7889af 2366 */
maygup01 0:11cc2b7889af 2367 #define MBEDTLS_SSL_TLS_C
maygup01 0:11cc2b7889af 2368
maygup01 0:11cc2b7889af 2369 /**
maygup01 0:11cc2b7889af 2370 * \def MBEDTLS_THREADING_C
maygup01 0:11cc2b7889af 2371 *
maygup01 0:11cc2b7889af 2372 * Enable the threading abstraction layer.
maygup01 0:11cc2b7889af 2373 * By default mbed TLS assumes it is used in a non-threaded environment or that
maygup01 0:11cc2b7889af 2374 * contexts are not shared between threads. If you do intend to use contexts
maygup01 0:11cc2b7889af 2375 * between threads, you will need to enable this layer to prevent race
maygup01 0:11cc2b7889af 2376 * conditions. See also our Knowledge Base article about threading:
maygup01 0:11cc2b7889af 2377 * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
maygup01 0:11cc2b7889af 2378 *
maygup01 0:11cc2b7889af 2379 * Module: library/threading.c
maygup01 0:11cc2b7889af 2380 *
maygup01 0:11cc2b7889af 2381 * This allows different threading implementations (self-implemented or
maygup01 0:11cc2b7889af 2382 * provided).
maygup01 0:11cc2b7889af 2383 *
maygup01 0:11cc2b7889af 2384 * You will have to enable either MBEDTLS_THREADING_ALT or
maygup01 0:11cc2b7889af 2385 * MBEDTLS_THREADING_PTHREAD.
maygup01 0:11cc2b7889af 2386 *
maygup01 0:11cc2b7889af 2387 * Enable this layer to allow use of mutexes within mbed TLS
maygup01 0:11cc2b7889af 2388 */
maygup01 0:11cc2b7889af 2389 //#define MBEDTLS_THREADING_C
maygup01 0:11cc2b7889af 2390
maygup01 0:11cc2b7889af 2391 /**
maygup01 0:11cc2b7889af 2392 * \def MBEDTLS_TIMING_C
maygup01 0:11cc2b7889af 2393 *
maygup01 0:11cc2b7889af 2394 * Enable the semi-portable timing interface.
maygup01 0:11cc2b7889af 2395 *
maygup01 0:11cc2b7889af 2396 * \note The provided implementation only works on POSIX/Unix (including Linux,
maygup01 0:11cc2b7889af 2397 * BSD and OS X) and Windows. On other platforms, you can either disable that
maygup01 0:11cc2b7889af 2398 * module and provide your own implementations of the callbacks needed by
maygup01 0:11cc2b7889af 2399 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
maygup01 0:11cc2b7889af 2400 * your own implementation of the whole module by setting
maygup01 0:11cc2b7889af 2401 * \c MBEDTLS_TIMING_ALT in the current file.
maygup01 0:11cc2b7889af 2402 *
maygup01 0:11cc2b7889af 2403 * \note See also our Knowledge Base article about porting to a new
maygup01 0:11cc2b7889af 2404 * environment:
maygup01 0:11cc2b7889af 2405 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
maygup01 0:11cc2b7889af 2406 *
maygup01 0:11cc2b7889af 2407 * Module: library/timing.c
maygup01 0:11cc2b7889af 2408 * Caller: library/havege.c
maygup01 0:11cc2b7889af 2409 *
maygup01 0:11cc2b7889af 2410 * This module is used by the HAVEGE random number generator.
maygup01 0:11cc2b7889af 2411 */
maygup01 0:11cc2b7889af 2412 //#define MBEDTLS_TIMING_C
maygup01 0:11cc2b7889af 2413
maygup01 0:11cc2b7889af 2414 /**
maygup01 0:11cc2b7889af 2415 * \def MBEDTLS_VERSION_C
maygup01 0:11cc2b7889af 2416 *
maygup01 0:11cc2b7889af 2417 * Enable run-time version information.
maygup01 0:11cc2b7889af 2418 *
maygup01 0:11cc2b7889af 2419 * Module: library/version.c
maygup01 0:11cc2b7889af 2420 *
maygup01 0:11cc2b7889af 2421 * This module provides run-time version information.
maygup01 0:11cc2b7889af 2422 */
maygup01 0:11cc2b7889af 2423 #define MBEDTLS_VERSION_C
maygup01 0:11cc2b7889af 2424 /**
maygup01 0:11cc2b7889af 2425 * \def MBEDTLS_X509_USE_C
maygup01 0:11cc2b7889af 2426 *
maygup01 0:11cc2b7889af 2427 * Enable X.509 core for using certificates.
maygup01 0:11cc2b7889af 2428 *
maygup01 0:11cc2b7889af 2429 * Module: library/x509.c
maygup01 0:11cc2b7889af 2430 * Caller: library/x509_crl.c
maygup01 0:11cc2b7889af 2431 * library/x509_crt.c
maygup01 0:11cc2b7889af 2432 * library/x509_csr.c
maygup01 0:11cc2b7889af 2433 *
maygup01 0:11cc2b7889af 2434 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
maygup01 0:11cc2b7889af 2435 * MBEDTLS_PK_PARSE_C
maygup01 0:11cc2b7889af 2436 *
maygup01 0:11cc2b7889af 2437 * This module is required for the X.509 parsing modules.
maygup01 0:11cc2b7889af 2438 */
maygup01 0:11cc2b7889af 2439 #define MBEDTLS_X509_USE_C
maygup01 0:11cc2b7889af 2440
maygup01 0:11cc2b7889af 2441 /**
maygup01 0:11cc2b7889af 2442 * \def MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 2443 *
maygup01 0:11cc2b7889af 2444 * Enable X.509 certificate parsing.
maygup01 0:11cc2b7889af 2445 *
maygup01 0:11cc2b7889af 2446 * Module: library/x509_crt.c
maygup01 0:11cc2b7889af 2447 * Caller: library/ssl_cli.c
maygup01 0:11cc2b7889af 2448 * library/ssl_srv.c
maygup01 0:11cc2b7889af 2449 * library/ssl_tls.c
maygup01 0:11cc2b7889af 2450 *
maygup01 0:11cc2b7889af 2451 * Requires: MBEDTLS_X509_USE_C
maygup01 0:11cc2b7889af 2452 *
maygup01 0:11cc2b7889af 2453 * This module is required for X.509 certificate parsing.
maygup01 0:11cc2b7889af 2454 */
maygup01 0:11cc2b7889af 2455 #define MBEDTLS_X509_CRT_PARSE_C
maygup01 0:11cc2b7889af 2456
maygup01 0:11cc2b7889af 2457 /**
maygup01 0:11cc2b7889af 2458 * \def MBEDTLS_X509_CRL_PARSE_C
maygup01 0:11cc2b7889af 2459 *
maygup01 0:11cc2b7889af 2460 * Enable X.509 CRL parsing.
maygup01 0:11cc2b7889af 2461 *
maygup01 0:11cc2b7889af 2462 * Module: library/x509_crl.c
maygup01 0:11cc2b7889af 2463 * Caller: library/x509_crt.c
maygup01 0:11cc2b7889af 2464 *
maygup01 0:11cc2b7889af 2465 * Requires: MBEDTLS_X509_USE_C
maygup01 0:11cc2b7889af 2466 *
maygup01 0:11cc2b7889af 2467 * This module is required for X.509 CRL parsing.
maygup01 0:11cc2b7889af 2468 */
maygup01 0:11cc2b7889af 2469 #define MBEDTLS_X509_CRL_PARSE_C
maygup01 0:11cc2b7889af 2470
maygup01 0:11cc2b7889af 2471 /**
maygup01 0:11cc2b7889af 2472 * \def MBEDTLS_X509_CSR_PARSE_C
maygup01 0:11cc2b7889af 2473 *
maygup01 0:11cc2b7889af 2474 * Enable X.509 Certificate Signing Request (CSR) parsing.
maygup01 0:11cc2b7889af 2475 *
maygup01 0:11cc2b7889af 2476 * Module: library/x509_csr.c
maygup01 0:11cc2b7889af 2477 * Caller: library/x509_crt_write.c
maygup01 0:11cc2b7889af 2478 *
maygup01 0:11cc2b7889af 2479 * Requires: MBEDTLS_X509_USE_C
maygup01 0:11cc2b7889af 2480 *
maygup01 0:11cc2b7889af 2481 * This module is used for reading X.509 certificate request.
maygup01 0:11cc2b7889af 2482 */
maygup01 0:11cc2b7889af 2483 #define MBEDTLS_X509_CSR_PARSE_C
maygup01 0:11cc2b7889af 2484
maygup01 0:11cc2b7889af 2485 /**
maygup01 0:11cc2b7889af 2486 * \def MBEDTLS_X509_CREATE_C
maygup01 0:11cc2b7889af 2487 *
maygup01 0:11cc2b7889af 2488 * Enable X.509 core for creating certificates.
maygup01 0:11cc2b7889af 2489 *
maygup01 0:11cc2b7889af 2490 * Module: library/x509_create.c
maygup01 0:11cc2b7889af 2491 *
maygup01 0:11cc2b7889af 2492 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
maygup01 0:11cc2b7889af 2493 *
maygup01 0:11cc2b7889af 2494 * This module is the basis for creating X.509 certificates and CSRs.
maygup01 0:11cc2b7889af 2495 */
maygup01 0:11cc2b7889af 2496 #define MBEDTLS_X509_CREATE_C
maygup01 0:11cc2b7889af 2497
maygup01 0:11cc2b7889af 2498 /**
maygup01 0:11cc2b7889af 2499 * \def MBEDTLS_X509_CRT_WRITE_C
maygup01 0:11cc2b7889af 2500 *
maygup01 0:11cc2b7889af 2501 * Enable creating X.509 certificates.
maygup01 0:11cc2b7889af 2502 *
maygup01 0:11cc2b7889af 2503 * Module: library/x509_crt_write.c
maygup01 0:11cc2b7889af 2504 *
maygup01 0:11cc2b7889af 2505 * Requires: MBEDTLS_X509_CREATE_C
maygup01 0:11cc2b7889af 2506 *
maygup01 0:11cc2b7889af 2507 * This module is required for X.509 certificate creation.
maygup01 0:11cc2b7889af 2508 */
maygup01 0:11cc2b7889af 2509 //#define MBEDTLS_X509_CRT_WRITE_C
maygup01 0:11cc2b7889af 2510
maygup01 0:11cc2b7889af 2511 /**
maygup01 0:11cc2b7889af 2512 * \def MBEDTLS_X509_CSR_WRITE_C
maygup01 0:11cc2b7889af 2513 *
maygup01 0:11cc2b7889af 2514 * Enable creating X.509 Certificate Signing Requests (CSR).
maygup01 0:11cc2b7889af 2515 *
maygup01 0:11cc2b7889af 2516 * Module: library/x509_csr_write.c
maygup01 0:11cc2b7889af 2517 *
maygup01 0:11cc2b7889af 2518 * Requires: MBEDTLS_X509_CREATE_C
maygup01 0:11cc2b7889af 2519 *
maygup01 0:11cc2b7889af 2520 * This module is required for X.509 certificate request writing.
maygup01 0:11cc2b7889af 2521 */
maygup01 0:11cc2b7889af 2522 #define MBEDTLS_X509_CSR_WRITE_C
maygup01 0:11cc2b7889af 2523 /**
maygup01 0:11cc2b7889af 2524 * \def MBEDTLS_XTEA_C
maygup01 0:11cc2b7889af 2525 *
maygup01 0:11cc2b7889af 2526 * Enable the XTEA block cipher.
maygup01 0:11cc2b7889af 2527 *
maygup01 0:11cc2b7889af 2528 * Module: library/xtea.c
maygup01 0:11cc2b7889af 2529 * Caller:
maygup01 0:11cc2b7889af 2530 */
maygup01 0:11cc2b7889af 2531 //#define MBEDTLS_XTEA_C
maygup01 0:11cc2b7889af 2532
maygup01 0:11cc2b7889af 2533 /* \} name SECTION: mbed TLS modules */
maygup01 0:11cc2b7889af 2534
maygup01 0:11cc2b7889af 2535 /**
maygup01 0:11cc2b7889af 2536 * \name SECTION: Module configuration options
maygup01 0:11cc2b7889af 2537 *
maygup01 0:11cc2b7889af 2538 * This section allows for the setting of module specific sizes and
maygup01 0:11cc2b7889af 2539 * configuration options. The default values are already present in the
maygup01 0:11cc2b7889af 2540 * relevant header files and should suffice for the regular use cases.
maygup01 0:11cc2b7889af 2541 *
maygup01 0:11cc2b7889af 2542 * Our advice is to enable options and change their values here
maygup01 0:11cc2b7889af 2543 * only if you have a good reason and know the consequences.
maygup01 0:11cc2b7889af 2544 *
maygup01 0:11cc2b7889af 2545 * Please check the respective header file for documentation on these
maygup01 0:11cc2b7889af 2546 * parameters (to prevent duplicate documentation).
maygup01 0:11cc2b7889af 2547 * \{
maygup01 0:11cc2b7889af 2548 */
maygup01 0:11cc2b7889af 2549
maygup01 0:11cc2b7889af 2550 /* MPI / BIGNUM options */
maygup01 0:11cc2b7889af 2551 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
maygup01 0:11cc2b7889af 2552 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
maygup01 0:11cc2b7889af 2553
maygup01 0:11cc2b7889af 2554 /* CTR_DRBG options */
maygup01 0:11cc2b7889af 2555 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
maygup01 0:11cc2b7889af 2556 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
maygup01 0:11cc2b7889af 2557 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
maygup01 0:11cc2b7889af 2558 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
maygup01 0:11cc2b7889af 2559 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
maygup01 0:11cc2b7889af 2560
maygup01 0:11cc2b7889af 2561 /* HMAC_DRBG options */
maygup01 0:11cc2b7889af 2562 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
maygup01 0:11cc2b7889af 2563 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
maygup01 0:11cc2b7889af 2564 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
maygup01 0:11cc2b7889af 2565 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
maygup01 0:11cc2b7889af 2566
maygup01 0:11cc2b7889af 2567 /* ECP options */
maygup01 0:11cc2b7889af 2568 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
maygup01 0:11cc2b7889af 2569 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
maygup01 0:11cc2b7889af 2570 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
maygup01 0:11cc2b7889af 2571
maygup01 0:11cc2b7889af 2572 /* Entropy options */
maygup01 0:11cc2b7889af 2573 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
maygup01 0:11cc2b7889af 2574 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
maygup01 0:11cc2b7889af 2575 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
maygup01 0:11cc2b7889af 2576
maygup01 0:11cc2b7889af 2577 /* Memory buffer allocator options */
maygup01 0:11cc2b7889af 2578 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
maygup01 0:11cc2b7889af 2579
maygup01 0:11cc2b7889af 2580 /* Platform options */
maygup01 0:11cc2b7889af 2581 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
maygup01 0:11cc2b7889af 2582 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
maygup01 0:11cc2b7889af 2583 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
maygup01 0:11cc2b7889af 2584 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
maygup01 0:11cc2b7889af 2585 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
maygup01 0:11cc2b7889af 2586 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
maygup01 0:11cc2b7889af 2587 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
maygup01 0:11cc2b7889af 2588 /* Note: your snprintf must correclty zero-terminate the buffer! */
maygup01 0:11cc2b7889af 2589 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
maygup01 0:11cc2b7889af 2590 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
maygup01 0:11cc2b7889af 2591 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
maygup01 0:11cc2b7889af 2592 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
maygup01 0:11cc2b7889af 2593 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
maygup01 0:11cc2b7889af 2594 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
maygup01 0:11cc2b7889af 2595
maygup01 0:11cc2b7889af 2596 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
maygup01 0:11cc2b7889af 2597 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
maygup01 0:11cc2b7889af 2598 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
maygup01 0:11cc2b7889af 2599 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
maygup01 0:11cc2b7889af 2600 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
maygup01 0:11cc2b7889af 2601 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
maygup01 0:11cc2b7889af 2602 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
maygup01 0:11cc2b7889af 2603 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
maygup01 0:11cc2b7889af 2604 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
maygup01 0:11cc2b7889af 2605 /* Note: your snprintf must correclty zero-terminate the buffer! */
maygup01 0:11cc2b7889af 2606 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
maygup01 0:11cc2b7889af 2607 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
maygup01 0:11cc2b7889af 2608 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
maygup01 0:11cc2b7889af 2609
maygup01 0:11cc2b7889af 2610 /* SSL Cache options */
maygup01 0:11cc2b7889af 2611 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
maygup01 0:11cc2b7889af 2612 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
maygup01 0:11cc2b7889af 2613
maygup01 0:11cc2b7889af 2614 /* SSL options */
maygup01 0:11cc2b7889af 2615 #define MBEDTLS_SSL_MAX_CONTENT_LEN 4096 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
maygup01 0:11cc2b7889af 2616 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
maygup01 0:11cc2b7889af 2617 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
maygup01 0:11cc2b7889af 2618 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
maygup01 0:11cc2b7889af 2619
maygup01 0:11cc2b7889af 2620 /**
maygup01 0:11cc2b7889af 2621 * Enable ARIA ciphersuites.
maygup01 0:11cc2b7889af 2622 */
maygup01 0:11cc2b7889af 2623
maygup01 0:11cc2b7889af 2624 #define MBEDTLS_ARIA_C
maygup01 0:11cc2b7889af 2625
maygup01 0:11cc2b7889af 2626 /**
maygup01 0:11cc2b7889af 2627 * Complete list of ciphersuites to use, in order of preference.
maygup01 0:11cc2b7889af 2628 *
maygup01 0:11cc2b7889af 2629 * \warning No dependency checking is done on that field! This option can only
maygup01 0:11cc2b7889af 2630 * be used to restrict the set of available ciphersuites. It is your
maygup01 0:11cc2b7889af 2631 * responsibility to make sure the needed modules are active.
maygup01 0:11cc2b7889af 2632 *
maygup01 0:11cc2b7889af 2633 * Use this to save a few hundred bytes of ROM (default ordering of all
maygup01 0:11cc2b7889af 2634 * available ciphersuites) and a few to a few hundred bytes of RAM.
maygup01 0:11cc2b7889af 2635 *
maygup01 0:11cc2b7889af 2636 * The value below is only an example, not the default.
maygup01 0:11cc2b7889af 2637 */
maygup01 0:11cc2b7889af 2638 #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, \
maygup01 0:11cc2b7889af 2639 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, \
maygup01 0:11cc2b7889af 2640 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
maygup01 0:11cc2b7889af 2641 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, \
maygup01 0:11cc2b7889af 2642 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
maygup01 0:11cc2b7889af 2643 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
maygup01 0:11cc2b7889af 2644 /* X509 options */
maygup01 0:11cc2b7889af 2645 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
maygup01 0:11cc2b7889af 2646 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
maygup01 0:11cc2b7889af 2647
maygup01 0:11cc2b7889af 2648 /* \} name SECTION: Customisation configuration options */
maygup01 0:11cc2b7889af 2649
maygup01 0:11cc2b7889af 2650 // Reduces size particularly in case PSA crypto is used
maygup01 0:11cc2b7889af 2651 #undef MBEDTLS_CHACHA20_C
maygup01 0:11cc2b7889af 2652 #undef MBEDTLS_CHACHAPOLY_C
maygup01 0:11cc2b7889af 2653 #undef MBEDTLS_POLY1305_C
maygup01 0:11cc2b7889af 2654
maygup01 0:11cc2b7889af 2655 #include "check_config.h"
maygup01 0:11cc2b7889af 2656
maygup01 0:11cc2b7889af 2657 #if defined(MBEDTLS_TEST_NULL_ENTROPY)
maygup01 0:11cc2b7889af 2658 #warning "MBEDTLS_TEST_NULL_ENTROPY has been enabled. This " \
maygup01 0:11cc2b7889af 2659 "configuration is not secure and is not suitable for production use"
maygup01 0:11cc2b7889af 2660 #endif
maygup01 0:11cc2b7889af 2661
maygup01 0:11cc2b7889af 2662 #endif /* MBEDTLS_CONFIG_H */