Supachai Vorapojpisut
mbed LoRaWAN stack
mbedtls_lora_config.h@2:bbb1f6ce5970, 2018-06-05 (annotated)
- Committer:
- vsupacha
- Date:
- Tue Jun 05 08:29:27 2018 +0000
- Revision:
- 2:bbb1f6ce5970
- Parent:
- 0:3ddbd7a98a2d
Add trace feature
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| vsupacha | 0:3ddbd7a98a2d | 1 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2 | * \file config.h |
| vsupacha | 0:3ddbd7a98a2d | 3 | * |
| vsupacha | 0:3ddbd7a98a2d | 4 | * \brief Configuration options (set of defines) |
| vsupacha | 0:3ddbd7a98a2d | 5 | * |
| vsupacha | 0:3ddbd7a98a2d | 6 | * This set of compile-time options may be used to enable |
| vsupacha | 0:3ddbd7a98a2d | 7 | * or disable features selectively, and reduce the global |
| vsupacha | 0:3ddbd7a98a2d | 8 | * memory footprint. |
| vsupacha | 0:3ddbd7a98a2d | 9 | * |
| vsupacha | 0:3ddbd7a98a2d | 10 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| vsupacha | 0:3ddbd7a98a2d | 11 | * SPDX-License-Identifier: Apache-2.0 |
| vsupacha | 0:3ddbd7a98a2d | 12 | * |
| vsupacha | 0:3ddbd7a98a2d | 13 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| vsupacha | 0:3ddbd7a98a2d | 14 | * not use this file except in compliance with the License. |
| vsupacha | 0:3ddbd7a98a2d | 15 | * You may obtain a copy of the License at |
| vsupacha | 0:3ddbd7a98a2d | 16 | * |
| vsupacha | 0:3ddbd7a98a2d | 17 | * http://www.apache.org/licenses/LICENSE-2.0 |
| vsupacha | 0:3ddbd7a98a2d | 18 | * |
| vsupacha | 0:3ddbd7a98a2d | 19 | * Unless required by applicable law or agreed to in writing, software |
| vsupacha | 0:3ddbd7a98a2d | 20 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| vsupacha | 0:3ddbd7a98a2d | 21 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| vsupacha | 0:3ddbd7a98a2d | 22 | * See the License for the specific language governing permissions and |
| vsupacha | 0:3ddbd7a98a2d | 23 | * limitations under the License. |
| vsupacha | 0:3ddbd7a98a2d | 24 | * |
| vsupacha | 0:3ddbd7a98a2d | 25 | * This file is part of mbed TLS (https://tls.mbed.org) |
| vsupacha | 0:3ddbd7a98a2d | 26 | */ |
| vsupacha | 0:3ddbd7a98a2d | 27 | |
| vsupacha | 0:3ddbd7a98a2d | 28 | #ifndef MBEDTLS_LORA_CONFIG_H |
| vsupacha | 0:3ddbd7a98a2d | 29 | #define MBEDTLS_LORA_CONFIG_H |
| vsupacha | 0:3ddbd7a98a2d | 30 | |
| vsupacha | 0:3ddbd7a98a2d | 31 | |
| vsupacha | 0:3ddbd7a98a2d | 32 | /** |
| vsupacha | 0:3ddbd7a98a2d | 33 | * \name SECTION: System support |
| vsupacha | 0:3ddbd7a98a2d | 34 | * |
| vsupacha | 0:3ddbd7a98a2d | 35 | * This section sets system specific settings. |
| vsupacha | 0:3ddbd7a98a2d | 36 | * \{ |
| vsupacha | 0:3ddbd7a98a2d | 37 | */ |
| vsupacha | 0:3ddbd7a98a2d | 38 | |
| vsupacha | 0:3ddbd7a98a2d | 39 | /** |
| vsupacha | 0:3ddbd7a98a2d | 40 | * \def MBEDTLS_HAVE_ASM |
| vsupacha | 0:3ddbd7a98a2d | 41 | * |
| vsupacha | 0:3ddbd7a98a2d | 42 | * The compiler has support for asm(). |
| vsupacha | 0:3ddbd7a98a2d | 43 | * |
| vsupacha | 0:3ddbd7a98a2d | 44 | * Requires support for asm() in compiler. |
| vsupacha | 0:3ddbd7a98a2d | 45 | * |
| vsupacha | 0:3ddbd7a98a2d | 46 | * Used in: |
| vsupacha | 0:3ddbd7a98a2d | 47 | * library/timing.c |
| vsupacha | 0:3ddbd7a98a2d | 48 | * library/padlock.c |
| vsupacha | 0:3ddbd7a98a2d | 49 | * include/mbedtls/bn_mul.h |
| vsupacha | 0:3ddbd7a98a2d | 50 | * |
| vsupacha | 0:3ddbd7a98a2d | 51 | * Comment to disable the use of assembly code. |
| vsupacha | 0:3ddbd7a98a2d | 52 | */ |
| vsupacha | 0:3ddbd7a98a2d | 53 | #define MBEDTLS_HAVE_ASM |
| vsupacha | 0:3ddbd7a98a2d | 54 | |
| vsupacha | 0:3ddbd7a98a2d | 55 | /** |
| vsupacha | 0:3ddbd7a98a2d | 56 | * \def MBEDTLS_NO_UDBL_DIVISION |
| vsupacha | 0:3ddbd7a98a2d | 57 | * |
| vsupacha | 0:3ddbd7a98a2d | 58 | * The platform lacks support for double-width integer division (64-bit |
| vsupacha | 0:3ddbd7a98a2d | 59 | * division on a 32-bit platform, 128-bit division on a 64-bit platform). |
| vsupacha | 0:3ddbd7a98a2d | 60 | * |
| vsupacha | 0:3ddbd7a98a2d | 61 | * Used in: |
| vsupacha | 0:3ddbd7a98a2d | 62 | * include/mbedtls/bignum.h |
| vsupacha | 0:3ddbd7a98a2d | 63 | * library/bignum.c |
| vsupacha | 0:3ddbd7a98a2d | 64 | * |
| vsupacha | 0:3ddbd7a98a2d | 65 | * The bignum code uses double-width division to speed up some operations. |
| vsupacha | 0:3ddbd7a98a2d | 66 | * Double-width division is often implemented in software that needs to |
| vsupacha | 0:3ddbd7a98a2d | 67 | * be linked with the program. The presence of a double-width integer |
| vsupacha | 0:3ddbd7a98a2d | 68 | * type is usually detected automatically through preprocessor macros, |
| vsupacha | 0:3ddbd7a98a2d | 69 | * but the automatic detection cannot know whether the code needs to |
| vsupacha | 0:3ddbd7a98a2d | 70 | * and can be linked with an implementation of division for that type. |
| vsupacha | 0:3ddbd7a98a2d | 71 | * By default division is assumed to be usable if the type is present. |
| vsupacha | 0:3ddbd7a98a2d | 72 | * Uncomment this option to prevent the use of double-width division. |
| vsupacha | 0:3ddbd7a98a2d | 73 | * |
| vsupacha | 0:3ddbd7a98a2d | 74 | * Note that division for the native integer type is always required. |
| vsupacha | 0:3ddbd7a98a2d | 75 | * Furthermore, a 64-bit type is always required even on a 32-bit |
| vsupacha | 0:3ddbd7a98a2d | 76 | * platform, but it need not support multiplication or division. In some |
| vsupacha | 0:3ddbd7a98a2d | 77 | * cases it is also desirable to disable some double-width operations. For |
| vsupacha | 0:3ddbd7a98a2d | 78 | * example, if double-width division is implemented in software, disabling |
| vsupacha | 0:3ddbd7a98a2d | 79 | * it can reduce code size in some embedded targets. |
| vsupacha | 0:3ddbd7a98a2d | 80 | */ |
| vsupacha | 0:3ddbd7a98a2d | 81 | //#define MBEDTLS_NO_UDBL_DIVISION |
| vsupacha | 0:3ddbd7a98a2d | 82 | |
| vsupacha | 0:3ddbd7a98a2d | 83 | /** |
| vsupacha | 0:3ddbd7a98a2d | 84 | * \def MBEDTLS_HAVE_SSE2 |
| vsupacha | 0:3ddbd7a98a2d | 85 | * |
| vsupacha | 0:3ddbd7a98a2d | 86 | * CPU supports SSE2 instruction set. |
| vsupacha | 0:3ddbd7a98a2d | 87 | * |
| vsupacha | 0:3ddbd7a98a2d | 88 | * Uncomment if the CPU supports SSE2 (IA-32 specific). |
| vsupacha | 0:3ddbd7a98a2d | 89 | */ |
| vsupacha | 0:3ddbd7a98a2d | 90 | //#define MBEDTLS_HAVE_SSE2 |
| vsupacha | 0:3ddbd7a98a2d | 91 | |
| vsupacha | 0:3ddbd7a98a2d | 92 | /** |
| vsupacha | 0:3ddbd7a98a2d | 93 | * \def MBEDTLS_HAVE_TIME |
| vsupacha | 0:3ddbd7a98a2d | 94 | * |
| vsupacha | 0:3ddbd7a98a2d | 95 | * System has time.h and time(). |
| vsupacha | 0:3ddbd7a98a2d | 96 | * The time does not need to be correct, only time differences are used, |
| vsupacha | 0:3ddbd7a98a2d | 97 | * by contrast with MBEDTLS_HAVE_TIME_DATE |
| vsupacha | 0:3ddbd7a98a2d | 98 | * |
| vsupacha | 0:3ddbd7a98a2d | 99 | * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, |
| vsupacha | 0:3ddbd7a98a2d | 100 | * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and |
| vsupacha | 0:3ddbd7a98a2d | 101 | * MBEDTLS_PLATFORM_STD_TIME. |
| vsupacha | 0:3ddbd7a98a2d | 102 | * |
| vsupacha | 0:3ddbd7a98a2d | 103 | * Comment if your system does not support time functions |
| vsupacha | 0:3ddbd7a98a2d | 104 | */ |
| vsupacha | 0:3ddbd7a98a2d | 105 | //#define MBEDTLS_HAVE_TIME |
| vsupacha | 0:3ddbd7a98a2d | 106 | |
| vsupacha | 0:3ddbd7a98a2d | 107 | /** |
| vsupacha | 0:3ddbd7a98a2d | 108 | * \def MBEDTLS_HAVE_TIME_DATE |
| vsupacha | 0:3ddbd7a98a2d | 109 | * |
| vsupacha | 0:3ddbd7a98a2d | 110 | * System has time.h and time(), gmtime() and the clock is correct. |
| vsupacha | 0:3ddbd7a98a2d | 111 | * The time needs to be correct (not necesarily very accurate, but at least |
| vsupacha | 0:3ddbd7a98a2d | 112 | * the date should be correct). This is used to verify the validity period of |
| vsupacha | 0:3ddbd7a98a2d | 113 | * X.509 certificates. |
| vsupacha | 0:3ddbd7a98a2d | 114 | * |
| vsupacha | 0:3ddbd7a98a2d | 115 | * Comment if your system does not have a correct clock. |
| vsupacha | 0:3ddbd7a98a2d | 116 | */ |
| vsupacha | 0:3ddbd7a98a2d | 117 | //#define MBEDTLS_HAVE_TIME_DATE |
| vsupacha | 0:3ddbd7a98a2d | 118 | |
| vsupacha | 0:3ddbd7a98a2d | 119 | /** |
| vsupacha | 0:3ddbd7a98a2d | 120 | * \def MBEDTLS_PLATFORM_MEMORY |
| vsupacha | 0:3ddbd7a98a2d | 121 | * |
| vsupacha | 0:3ddbd7a98a2d | 122 | * Enable the memory allocation layer. |
| vsupacha | 0:3ddbd7a98a2d | 123 | * |
| vsupacha | 0:3ddbd7a98a2d | 124 | * By default mbed TLS uses the system-provided calloc() and free(). |
| vsupacha | 0:3ddbd7a98a2d | 125 | * This allows different allocators (self-implemented or provided) to be |
| vsupacha | 0:3ddbd7a98a2d | 126 | * provided to the platform abstraction layer. |
| vsupacha | 0:3ddbd7a98a2d | 127 | * |
| vsupacha | 0:3ddbd7a98a2d | 128 | * Enabling MBEDTLS_PLATFORM_MEMORY without the |
| vsupacha | 0:3ddbd7a98a2d | 129 | * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide |
| vsupacha | 0:3ddbd7a98a2d | 130 | * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and |
| vsupacha | 0:3ddbd7a98a2d | 131 | * free() function pointer at runtime. |
| vsupacha | 0:3ddbd7a98a2d | 132 | * |
| vsupacha | 0:3ddbd7a98a2d | 133 | * Enabling MBEDTLS_PLATFORM_MEMORY and specifying |
| vsupacha | 0:3ddbd7a98a2d | 134 | * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the |
| vsupacha | 0:3ddbd7a98a2d | 135 | * alternate function at compile time. |
| vsupacha | 0:3ddbd7a98a2d | 136 | * |
| vsupacha | 0:3ddbd7a98a2d | 137 | * Requires: MBEDTLS_PLATFORM_C |
| vsupacha | 0:3ddbd7a98a2d | 138 | * |
| vsupacha | 0:3ddbd7a98a2d | 139 | * Enable this layer to allow use of alternative memory allocators. |
| vsupacha | 0:3ddbd7a98a2d | 140 | */ |
| vsupacha | 0:3ddbd7a98a2d | 141 | //#define MBEDTLS_PLATFORM_MEMORY |
| vsupacha | 0:3ddbd7a98a2d | 142 | |
| vsupacha | 0:3ddbd7a98a2d | 143 | /** |
| vsupacha | 0:3ddbd7a98a2d | 144 | * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS |
| vsupacha | 0:3ddbd7a98a2d | 145 | * |
| vsupacha | 0:3ddbd7a98a2d | 146 | * Do not assign standard functions in the platform layer (e.g. calloc() to |
| vsupacha | 0:3ddbd7a98a2d | 147 | * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) |
| vsupacha | 0:3ddbd7a98a2d | 148 | * |
| vsupacha | 0:3ddbd7a98a2d | 149 | * This makes sure there are no linking errors on platforms that do not support |
| vsupacha | 0:3ddbd7a98a2d | 150 | * these functions. You will HAVE to provide alternatives, either at runtime |
| vsupacha | 0:3ddbd7a98a2d | 151 | * via the platform_set_xxx() functions or at compile time by setting |
| vsupacha | 0:3ddbd7a98a2d | 152 | * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a |
| vsupacha | 0:3ddbd7a98a2d | 153 | * MBEDTLS_PLATFORM_XXX_MACRO. |
| vsupacha | 0:3ddbd7a98a2d | 154 | * |
| vsupacha | 0:3ddbd7a98a2d | 155 | * Requires: MBEDTLS_PLATFORM_C |
| vsupacha | 0:3ddbd7a98a2d | 156 | * |
| vsupacha | 0:3ddbd7a98a2d | 157 | * Uncomment to prevent default assignment of standard functions in the |
| vsupacha | 0:3ddbd7a98a2d | 158 | * platform layer. |
| vsupacha | 0:3ddbd7a98a2d | 159 | */ |
| vsupacha | 0:3ddbd7a98a2d | 160 | //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS |
| vsupacha | 0:3ddbd7a98a2d | 161 | |
| vsupacha | 0:3ddbd7a98a2d | 162 | /** |
| vsupacha | 0:3ddbd7a98a2d | 163 | * \def MBEDTLS_PLATFORM_EXIT_ALT |
| vsupacha | 0:3ddbd7a98a2d | 164 | * |
| vsupacha | 0:3ddbd7a98a2d | 165 | * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the |
| vsupacha | 0:3ddbd7a98a2d | 166 | * function in the platform abstraction layer. |
| vsupacha | 0:3ddbd7a98a2d | 167 | * |
| vsupacha | 0:3ddbd7a98a2d | 168 | * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will |
| vsupacha | 0:3ddbd7a98a2d | 169 | * provide a function "mbedtls_platform_set_printf()" that allows you to set an |
| vsupacha | 0:3ddbd7a98a2d | 170 | * alternative printf function pointer. |
| vsupacha | 0:3ddbd7a98a2d | 171 | * |
| vsupacha | 0:3ddbd7a98a2d | 172 | * All these define require MBEDTLS_PLATFORM_C to be defined! |
| vsupacha | 0:3ddbd7a98a2d | 173 | * |
| vsupacha | 0:3ddbd7a98a2d | 174 | * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; |
| vsupacha | 0:3ddbd7a98a2d | 175 | * it will be enabled automatically by check_config.h |
| vsupacha | 0:3ddbd7a98a2d | 176 | * |
| vsupacha | 0:3ddbd7a98a2d | 177 | * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as |
| vsupacha | 0:3ddbd7a98a2d | 178 | * MBEDTLS_PLATFORM_XXX_MACRO! |
| vsupacha | 0:3ddbd7a98a2d | 179 | * |
| vsupacha | 0:3ddbd7a98a2d | 180 | * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME |
| vsupacha | 0:3ddbd7a98a2d | 181 | * |
| vsupacha | 0:3ddbd7a98a2d | 182 | * Uncomment a macro to enable alternate implementation of specific base |
| vsupacha | 0:3ddbd7a98a2d | 183 | * platform function |
| vsupacha | 0:3ddbd7a98a2d | 184 | */ |
| vsupacha | 0:3ddbd7a98a2d | 185 | //#define MBEDTLS_PLATFORM_EXIT_ALT |
| vsupacha | 0:3ddbd7a98a2d | 186 | //#define MBEDTLS_PLATFORM_TIME_ALT |
| vsupacha | 0:3ddbd7a98a2d | 187 | //#define MBEDTLS_PLATFORM_FPRINTF_ALT |
| vsupacha | 0:3ddbd7a98a2d | 188 | //#define MBEDTLS_PLATFORM_PRINTF_ALT |
| vsupacha | 0:3ddbd7a98a2d | 189 | //#define MBEDTLS_PLATFORM_SNPRINTF_ALT |
| vsupacha | 0:3ddbd7a98a2d | 190 | //#define MBEDTLS_PLATFORM_NV_SEED_ALT |
| vsupacha | 0:3ddbd7a98a2d | 191 | //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT |
| vsupacha | 0:3ddbd7a98a2d | 192 | |
| vsupacha | 0:3ddbd7a98a2d | 193 | /** |
| vsupacha | 0:3ddbd7a98a2d | 194 | * \def MBEDTLS_DEPRECATED_WARNING |
| vsupacha | 0:3ddbd7a98a2d | 195 | * |
| vsupacha | 0:3ddbd7a98a2d | 196 | * Mark deprecated functions so that they generate a warning if used. |
| vsupacha | 0:3ddbd7a98a2d | 197 | * Functions deprecated in one version will usually be removed in the next |
| vsupacha | 0:3ddbd7a98a2d | 198 | * version. You can enable this to help you prepare the transition to a new |
| vsupacha | 0:3ddbd7a98a2d | 199 | * major version by making sure your code is not using these functions. |
| vsupacha | 0:3ddbd7a98a2d | 200 | * |
| vsupacha | 0:3ddbd7a98a2d | 201 | * This only works with GCC and Clang. With other compilers, you may want to |
| vsupacha | 0:3ddbd7a98a2d | 202 | * use MBEDTLS_DEPRECATED_REMOVED |
| vsupacha | 0:3ddbd7a98a2d | 203 | * |
| vsupacha | 0:3ddbd7a98a2d | 204 | * Uncomment to get warnings on using deprecated functions. |
| vsupacha | 0:3ddbd7a98a2d | 205 | */ |
| vsupacha | 0:3ddbd7a98a2d | 206 | //#define MBEDTLS_DEPRECATED_WARNING |
| vsupacha | 0:3ddbd7a98a2d | 207 | |
| vsupacha | 0:3ddbd7a98a2d | 208 | /** |
| vsupacha | 0:3ddbd7a98a2d | 209 | * \def MBEDTLS_DEPRECATED_REMOVED |
| vsupacha | 0:3ddbd7a98a2d | 210 | * |
| vsupacha | 0:3ddbd7a98a2d | 211 | * Remove deprecated functions so that they generate an error if used. |
| vsupacha | 0:3ddbd7a98a2d | 212 | * Functions deprecated in one version will usually be removed in the next |
| vsupacha | 0:3ddbd7a98a2d | 213 | * version. You can enable this to help you prepare the transition to a new |
| vsupacha | 0:3ddbd7a98a2d | 214 | * major version by making sure your code is not using these functions. |
| vsupacha | 0:3ddbd7a98a2d | 215 | * |
| vsupacha | 0:3ddbd7a98a2d | 216 | * Uncomment to get errors on using deprecated functions. |
| vsupacha | 0:3ddbd7a98a2d | 217 | */ |
| vsupacha | 0:3ddbd7a98a2d | 218 | //#define MBEDTLS_DEPRECATED_REMOVED |
| vsupacha | 0:3ddbd7a98a2d | 219 | |
| vsupacha | 0:3ddbd7a98a2d | 220 | /* \} name SECTION: System support */ |
| vsupacha | 0:3ddbd7a98a2d | 221 | |
| vsupacha | 0:3ddbd7a98a2d | 222 | /** |
| vsupacha | 0:3ddbd7a98a2d | 223 | * \name SECTION: mbed TLS feature support |
| vsupacha | 0:3ddbd7a98a2d | 224 | * |
| vsupacha | 0:3ddbd7a98a2d | 225 | * This section sets support for features that are or are not needed |
| vsupacha | 0:3ddbd7a98a2d | 226 | * within the modules that are enabled. |
| vsupacha | 0:3ddbd7a98a2d | 227 | * \{ |
| vsupacha | 0:3ddbd7a98a2d | 228 | */ |
| vsupacha | 0:3ddbd7a98a2d | 229 | |
| vsupacha | 0:3ddbd7a98a2d | 230 | /** |
| vsupacha | 0:3ddbd7a98a2d | 231 | * \def MBEDTLS_TIMING_ALT |
| vsupacha | 0:3ddbd7a98a2d | 232 | * |
| vsupacha | 0:3ddbd7a98a2d | 233 | * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), |
| vsupacha | 0:3ddbd7a98a2d | 234 | * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() |
| vsupacha | 0:3ddbd7a98a2d | 235 | * |
| vsupacha | 0:3ddbd7a98a2d | 236 | * Only works if you have MBEDTLS_TIMING_C enabled. |
| vsupacha | 0:3ddbd7a98a2d | 237 | * |
| vsupacha | 0:3ddbd7a98a2d | 238 | * You will need to provide a header "timing_alt.h" and an implementation at |
| vsupacha | 0:3ddbd7a98a2d | 239 | * compile time. |
| vsupacha | 0:3ddbd7a98a2d | 240 | */ |
| vsupacha | 0:3ddbd7a98a2d | 241 | //#define MBEDTLS_TIMING_ALT |
| vsupacha | 0:3ddbd7a98a2d | 242 | |
| vsupacha | 0:3ddbd7a98a2d | 243 | /** |
| vsupacha | 0:3ddbd7a98a2d | 244 | * \def MBEDTLS_AES_ALT |
| vsupacha | 0:3ddbd7a98a2d | 245 | * |
| vsupacha | 0:3ddbd7a98a2d | 246 | * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your |
| vsupacha | 0:3ddbd7a98a2d | 247 | * alternate core implementation of a symmetric crypto, an arithmetic or hash |
| vsupacha | 0:3ddbd7a98a2d | 248 | * module (e.g. platform specific assembly optimized implementations). Keep |
| vsupacha | 0:3ddbd7a98a2d | 249 | * in mind that the function prototypes should remain the same. |
| vsupacha | 0:3ddbd7a98a2d | 250 | * |
| vsupacha | 0:3ddbd7a98a2d | 251 | * This replaces the whole module. If you only want to replace one of the |
| vsupacha | 0:3ddbd7a98a2d | 252 | * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. |
| vsupacha | 0:3ddbd7a98a2d | 253 | * |
| vsupacha | 0:3ddbd7a98a2d | 254 | * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer |
| vsupacha | 0:3ddbd7a98a2d | 255 | * provide the "struct mbedtls_aes_context" definition and omit the base |
| vsupacha | 0:3ddbd7a98a2d | 256 | * function declarations and implementations. "aes_alt.h" will be included from |
| vsupacha | 0:3ddbd7a98a2d | 257 | * "aes.h" to include the new function definitions. |
| vsupacha | 0:3ddbd7a98a2d | 258 | * |
| vsupacha | 0:3ddbd7a98a2d | 259 | * Uncomment a macro to enable alternate implementation of the corresponding |
| vsupacha | 0:3ddbd7a98a2d | 260 | * module. |
| vsupacha | 0:3ddbd7a98a2d | 261 | */ |
| vsupacha | 0:3ddbd7a98a2d | 262 | //#define MBEDTLS_AES_ALT |
| vsupacha | 0:3ddbd7a98a2d | 263 | //#define MBEDTLS_ARC4_ALT |
| vsupacha | 0:3ddbd7a98a2d | 264 | //#define MBEDTLS_BLOWFISH_ALT |
| vsupacha | 0:3ddbd7a98a2d | 265 | //#define MBEDTLS_CAMELLIA_ALT |
| vsupacha | 0:3ddbd7a98a2d | 266 | //#define MBEDTLS_DES_ALT |
| vsupacha | 0:3ddbd7a98a2d | 267 | //#define MBEDTLS_XTEA_ALT |
| vsupacha | 0:3ddbd7a98a2d | 268 | //#define MBEDTLS_MD2_ALT |
| vsupacha | 0:3ddbd7a98a2d | 269 | //#define MBEDTLS_MD4_ALT |
| vsupacha | 0:3ddbd7a98a2d | 270 | //#define MBEDTLS_MD5_ALT |
| vsupacha | 0:3ddbd7a98a2d | 271 | //#define MBEDTLS_RIPEMD160_ALT |
| vsupacha | 0:3ddbd7a98a2d | 272 | //#define MBEDTLS_SHA1_ALT |
| vsupacha | 0:3ddbd7a98a2d | 273 | //#define MBEDTLS_SHA256_ALT |
| vsupacha | 0:3ddbd7a98a2d | 274 | //#define MBEDTLS_SHA512_ALT |
| vsupacha | 0:3ddbd7a98a2d | 275 | /* |
| vsupacha | 0:3ddbd7a98a2d | 276 | * When replacing the elliptic curve module, pleace consider, that it is |
| vsupacha | 0:3ddbd7a98a2d | 277 | * implemented with two .c files: |
| vsupacha | 0:3ddbd7a98a2d | 278 | * - ecp.c |
| vsupacha | 0:3ddbd7a98a2d | 279 | * - ecp_curves.c |
| vsupacha | 0:3ddbd7a98a2d | 280 | * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT |
| vsupacha | 0:3ddbd7a98a2d | 281 | * macros as described above. The only difference is that you have to make sure |
| vsupacha | 0:3ddbd7a98a2d | 282 | * that you provide functionality for both .c files. |
| vsupacha | 0:3ddbd7a98a2d | 283 | */ |
| vsupacha | 0:3ddbd7a98a2d | 284 | //#define MBEDTLS_ECP_ALT |
| vsupacha | 0:3ddbd7a98a2d | 285 | |
| vsupacha | 0:3ddbd7a98a2d | 286 | /** |
| vsupacha | 0:3ddbd7a98a2d | 287 | * \def MBEDTLS_MD2_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 288 | * |
| vsupacha | 0:3ddbd7a98a2d | 289 | * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you |
| vsupacha | 0:3ddbd7a98a2d | 290 | * alternate core implementation of symmetric crypto or hash function. Keep in |
| vsupacha | 0:3ddbd7a98a2d | 291 | * mind that function prototypes should remain the same. |
| vsupacha | 0:3ddbd7a98a2d | 292 | * |
| vsupacha | 0:3ddbd7a98a2d | 293 | * This replaces only one function. The header file from mbed TLS is still |
| vsupacha | 0:3ddbd7a98a2d | 294 | * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. |
| vsupacha | 0:3ddbd7a98a2d | 295 | * |
| vsupacha | 0:3ddbd7a98a2d | 296 | * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will |
| vsupacha | 0:3ddbd7a98a2d | 297 | * no longer provide the mbedtls_sha1_process() function, but it will still provide |
| vsupacha | 0:3ddbd7a98a2d | 298 | * the other function (using your mbedtls_sha1_process() function) and the definition |
| vsupacha | 0:3ddbd7a98a2d | 299 | * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible |
| vsupacha | 0:3ddbd7a98a2d | 300 | * with this definition. |
| vsupacha | 0:3ddbd7a98a2d | 301 | * |
| vsupacha | 0:3ddbd7a98a2d | 302 | * \note Because of a signature change, the core AES encryption and decryption routines are |
| vsupacha | 0:3ddbd7a98a2d | 303 | * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, |
| vsupacha | 0:3ddbd7a98a2d | 304 | * respectively. When setting up alternative implementations, these functions should |
| vsupacha | 0:3ddbd7a98a2d | 305 | * be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt |
| vsupacha | 0:3ddbd7a98a2d | 306 | * must stay untouched. |
| vsupacha | 0:3ddbd7a98a2d | 307 | * |
| vsupacha | 0:3ddbd7a98a2d | 308 | * \note If you use the AES_xxx_ALT macros, then is is recommended to also set |
| vsupacha | 0:3ddbd7a98a2d | 309 | * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES |
| vsupacha | 0:3ddbd7a98a2d | 310 | * tables. |
| vsupacha | 0:3ddbd7a98a2d | 311 | * |
| vsupacha | 0:3ddbd7a98a2d | 312 | * Uncomment a macro to enable alternate implementation of the corresponding |
| vsupacha | 0:3ddbd7a98a2d | 313 | * function. |
| vsupacha | 0:3ddbd7a98a2d | 314 | */ |
| vsupacha | 0:3ddbd7a98a2d | 315 | //#define MBEDTLS_MD2_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 316 | //#define MBEDTLS_MD4_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 317 | //#define MBEDTLS_MD5_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 318 | //#define MBEDTLS_RIPEMD160_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 319 | //#define MBEDTLS_SHA1_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 320 | //#define MBEDTLS_SHA256_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 321 | //#define MBEDTLS_SHA512_PROCESS_ALT |
| vsupacha | 0:3ddbd7a98a2d | 322 | //#define MBEDTLS_DES_SETKEY_ALT |
| vsupacha | 0:3ddbd7a98a2d | 323 | //#define MBEDTLS_DES_CRYPT_ECB_ALT |
| vsupacha | 0:3ddbd7a98a2d | 324 | //#define MBEDTLS_DES3_CRYPT_ECB_ALT |
| vsupacha | 0:3ddbd7a98a2d | 325 | //#define MBEDTLS_AES_SETKEY_ENC_ALT |
| vsupacha | 0:3ddbd7a98a2d | 326 | //#define MBEDTLS_AES_SETKEY_DEC_ALT |
| vsupacha | 0:3ddbd7a98a2d | 327 | //#define MBEDTLS_AES_ENCRYPT_ALT |
| vsupacha | 0:3ddbd7a98a2d | 328 | //#define MBEDTLS_AES_DECRYPT_ALT |
| vsupacha | 0:3ddbd7a98a2d | 329 | |
| vsupacha | 0:3ddbd7a98a2d | 330 | /** |
| vsupacha | 0:3ddbd7a98a2d | 331 | * \def MBEDTLS_ECP_INTERNAL_ALT |
| vsupacha | 0:3ddbd7a98a2d | 332 | * |
| vsupacha | 0:3ddbd7a98a2d | 333 | * Expose a part of the internal interface of the Elliptic Curve Point module. |
| vsupacha | 0:3ddbd7a98a2d | 334 | * |
| vsupacha | 0:3ddbd7a98a2d | 335 | * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your |
| vsupacha | 0:3ddbd7a98a2d | 336 | * alternative core implementation of elliptic curve arithmetic. Keep in mind |
| vsupacha | 0:3ddbd7a98a2d | 337 | * that function prototypes should remain the same. |
| vsupacha | 0:3ddbd7a98a2d | 338 | * |
| vsupacha | 0:3ddbd7a98a2d | 339 | * This partially replaces one function. The header file from mbed TLS is still |
| vsupacha | 0:3ddbd7a98a2d | 340 | * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation |
| vsupacha | 0:3ddbd7a98a2d | 341 | * is still present and it is used for group structures not supported by the |
| vsupacha | 0:3ddbd7a98a2d | 342 | * alternative. |
| vsupacha | 0:3ddbd7a98a2d | 343 | * |
| vsupacha | 0:3ddbd7a98a2d | 344 | * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT |
| vsupacha | 0:3ddbd7a98a2d | 345 | * and implementing the following functions: |
| vsupacha | 0:3ddbd7a98a2d | 346 | * unsigned char mbedtls_internal_ecp_grp_capable( |
| vsupacha | 0:3ddbd7a98a2d | 347 | * const mbedtls_ecp_group *grp ) |
| vsupacha | 0:3ddbd7a98a2d | 348 | * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) |
| vsupacha | 0:3ddbd7a98a2d | 349 | * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp ) |
| vsupacha | 0:3ddbd7a98a2d | 350 | * The mbedtls_internal_ecp_grp_capable function should return 1 if the |
| vsupacha | 0:3ddbd7a98a2d | 351 | * replacement functions implement arithmetic for the given group and 0 |
| vsupacha | 0:3ddbd7a98a2d | 352 | * otherwise. |
| vsupacha | 0:3ddbd7a98a2d | 353 | * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are |
| vsupacha | 0:3ddbd7a98a2d | 354 | * called before and after each point operation and provide an opportunity to |
| vsupacha | 0:3ddbd7a98a2d | 355 | * implement optimized set up and tear down instructions. |
| vsupacha | 0:3ddbd7a98a2d | 356 | * |
| vsupacha | 0:3ddbd7a98a2d | 357 | * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and |
| vsupacha | 0:3ddbd7a98a2d | 358 | * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac |
| vsupacha | 0:3ddbd7a98a2d | 359 | * function, but will use your mbedtls_internal_ecp_double_jac if the group is |
| vsupacha | 0:3ddbd7a98a2d | 360 | * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when |
| vsupacha | 0:3ddbd7a98a2d | 361 | * receives it as an argument). If the group is not supported then the original |
| vsupacha | 0:3ddbd7a98a2d | 362 | * implementation is used. The other functions and the definition of |
| vsupacha | 0:3ddbd7a98a2d | 363 | * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your |
| vsupacha | 0:3ddbd7a98a2d | 364 | * implementation of mbedtls_internal_ecp_double_jac and |
| vsupacha | 0:3ddbd7a98a2d | 365 | * mbedtls_internal_ecp_grp_capable must be compatible with this definition. |
| vsupacha | 0:3ddbd7a98a2d | 366 | * |
| vsupacha | 0:3ddbd7a98a2d | 367 | * Uncomment a macro to enable alternate implementation of the corresponding |
| vsupacha | 0:3ddbd7a98a2d | 368 | * function. |
| vsupacha | 0:3ddbd7a98a2d | 369 | */ |
| vsupacha | 0:3ddbd7a98a2d | 370 | /* Required for all the functions in this section */ |
| vsupacha | 0:3ddbd7a98a2d | 371 | //#define MBEDTLS_ECP_INTERNAL_ALT |
| vsupacha | 0:3ddbd7a98a2d | 372 | /* Support for Weierstrass curves with Jacobi representation */ |
| vsupacha | 0:3ddbd7a98a2d | 373 | //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT |
| vsupacha | 0:3ddbd7a98a2d | 374 | //#define MBEDTLS_ECP_ADD_MIXED_ALT |
| vsupacha | 0:3ddbd7a98a2d | 375 | //#define MBEDTLS_ECP_DOUBLE_JAC_ALT |
| vsupacha | 0:3ddbd7a98a2d | 376 | //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT |
| vsupacha | 0:3ddbd7a98a2d | 377 | //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT |
| vsupacha | 0:3ddbd7a98a2d | 378 | /* Support for curves with Montgomery arithmetic */ |
| vsupacha | 0:3ddbd7a98a2d | 379 | //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT |
| vsupacha | 0:3ddbd7a98a2d | 380 | //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT |
| vsupacha | 0:3ddbd7a98a2d | 381 | //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT |
| vsupacha | 0:3ddbd7a98a2d | 382 | |
| vsupacha | 0:3ddbd7a98a2d | 383 | /** |
| vsupacha | 0:3ddbd7a98a2d | 384 | * \def MBEDTLS_TEST_NULL_ENTROPY |
| vsupacha | 0:3ddbd7a98a2d | 385 | * |
| vsupacha | 0:3ddbd7a98a2d | 386 | * Enables testing and use of mbed TLS without any configured entropy sources. |
| vsupacha | 0:3ddbd7a98a2d | 387 | * This permits use of the library on platforms before an entropy source has |
| vsupacha | 0:3ddbd7a98a2d | 388 | * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the |
| vsupacha | 0:3ddbd7a98a2d | 389 | * MBEDTLS_ENTROPY_NV_SEED switches). |
| vsupacha | 0:3ddbd7a98a2d | 390 | * |
| vsupacha | 0:3ddbd7a98a2d | 391 | * WARNING! This switch MUST be disabled in production builds, and is suitable |
| vsupacha | 0:3ddbd7a98a2d | 392 | * only for development. |
| vsupacha | 0:3ddbd7a98a2d | 393 | * Enabling the switch negates any security provided by the library. |
| vsupacha | 0:3ddbd7a98a2d | 394 | * |
| vsupacha | 0:3ddbd7a98a2d | 395 | * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
| vsupacha | 0:3ddbd7a98a2d | 396 | * |
| vsupacha | 0:3ddbd7a98a2d | 397 | */ |
| vsupacha | 0:3ddbd7a98a2d | 398 | //#define MBEDTLS_TEST_NULL_ENTROPY |
| vsupacha | 0:3ddbd7a98a2d | 399 | |
| vsupacha | 0:3ddbd7a98a2d | 400 | /** |
| vsupacha | 0:3ddbd7a98a2d | 401 | * \def MBEDTLS_ENTROPY_HARDWARE_ALT |
| vsupacha | 0:3ddbd7a98a2d | 402 | * |
| vsupacha | 0:3ddbd7a98a2d | 403 | * Uncomment this macro to let mbed TLS use your own implementation of a |
| vsupacha | 0:3ddbd7a98a2d | 404 | * hardware entropy collector. |
| vsupacha | 0:3ddbd7a98a2d | 405 | * |
| vsupacha | 0:3ddbd7a98a2d | 406 | * Your function must be called \c mbedtls_hardware_poll(), have the same |
| vsupacha | 0:3ddbd7a98a2d | 407 | * prototype as declared in entropy_poll.h, and accept NULL as first argument. |
| vsupacha | 0:3ddbd7a98a2d | 408 | * |
| vsupacha | 0:3ddbd7a98a2d | 409 | * Uncomment to use your own hardware entropy collector. |
| vsupacha | 0:3ddbd7a98a2d | 410 | */ |
| vsupacha | 0:3ddbd7a98a2d | 411 | //#define MBEDTLS_ENTROPY_HARDWARE_ALT |
| vsupacha | 0:3ddbd7a98a2d | 412 | |
| vsupacha | 0:3ddbd7a98a2d | 413 | /** |
| vsupacha | 0:3ddbd7a98a2d | 414 | * \def MBEDTLS_AES_ROM_TABLES |
| vsupacha | 0:3ddbd7a98a2d | 415 | * |
| vsupacha | 0:3ddbd7a98a2d | 416 | * Store the AES tables in ROM. |
| vsupacha | 0:3ddbd7a98a2d | 417 | * |
| vsupacha | 0:3ddbd7a98a2d | 418 | * Uncomment this macro to store the AES tables in ROM. |
| vsupacha | 0:3ddbd7a98a2d | 419 | */ |
| vsupacha | 0:3ddbd7a98a2d | 420 | #define MBEDTLS_AES_ROM_TABLES |
| vsupacha | 0:3ddbd7a98a2d | 421 | |
| vsupacha | 0:3ddbd7a98a2d | 422 | /** |
| vsupacha | 0:3ddbd7a98a2d | 423 | * \def MBEDTLS_CAMELLIA_SMALL_MEMORY |
| vsupacha | 0:3ddbd7a98a2d | 424 | * |
| vsupacha | 0:3ddbd7a98a2d | 425 | * Use less ROM for the Camellia implementation (saves about 768 bytes). |
| vsupacha | 0:3ddbd7a98a2d | 426 | * |
| vsupacha | 0:3ddbd7a98a2d | 427 | * Uncomment this macro to use less memory for Camellia. |
| vsupacha | 0:3ddbd7a98a2d | 428 | */ |
| vsupacha | 0:3ddbd7a98a2d | 429 | //#define MBEDTLS_CAMELLIA_SMALL_MEMORY |
| vsupacha | 0:3ddbd7a98a2d | 430 | |
| vsupacha | 0:3ddbd7a98a2d | 431 | /** |
| vsupacha | 0:3ddbd7a98a2d | 432 | * \def MBEDTLS_CIPHER_MODE_CBC |
| vsupacha | 0:3ddbd7a98a2d | 433 | * |
| vsupacha | 0:3ddbd7a98a2d | 434 | * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. |
| vsupacha | 0:3ddbd7a98a2d | 435 | */ |
| vsupacha | 0:3ddbd7a98a2d | 436 | //#define MBEDTLS_CIPHER_MODE_CBC |
| vsupacha | 0:3ddbd7a98a2d | 437 | |
| vsupacha | 0:3ddbd7a98a2d | 438 | /** |
| vsupacha | 0:3ddbd7a98a2d | 439 | * \def MBEDTLS_CIPHER_MODE_CFB |
| vsupacha | 0:3ddbd7a98a2d | 440 | * |
| vsupacha | 0:3ddbd7a98a2d | 441 | * Enable Cipher Feedback mode (CFB) for symmetric ciphers. |
| vsupacha | 0:3ddbd7a98a2d | 442 | */ |
| vsupacha | 0:3ddbd7a98a2d | 443 | //#define MBEDTLS_CIPHER_MODE_CFB |
| vsupacha | 0:3ddbd7a98a2d | 444 | |
| vsupacha | 0:3ddbd7a98a2d | 445 | /** |
| vsupacha | 0:3ddbd7a98a2d | 446 | * \def MBEDTLS_CIPHER_MODE_CTR |
| vsupacha | 0:3ddbd7a98a2d | 447 | * |
| vsupacha | 0:3ddbd7a98a2d | 448 | * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. |
| vsupacha | 0:3ddbd7a98a2d | 449 | */ |
| vsupacha | 0:3ddbd7a98a2d | 450 | //#define MBEDTLS_CIPHER_MODE_CTR |
| vsupacha | 0:3ddbd7a98a2d | 451 | |
| vsupacha | 0:3ddbd7a98a2d | 452 | /** |
| vsupacha | 0:3ddbd7a98a2d | 453 | * \def MBEDTLS_CIPHER_NULL_CIPHER |
| vsupacha | 0:3ddbd7a98a2d | 454 | * |
| vsupacha | 0:3ddbd7a98a2d | 455 | * Enable NULL cipher. |
| vsupacha | 0:3ddbd7a98a2d | 456 | * Warning: Only do so when you know what you are doing. This allows for |
| vsupacha | 0:3ddbd7a98a2d | 457 | * encryption or channels without any security! |
| vsupacha | 0:3ddbd7a98a2d | 458 | * |
| vsupacha | 0:3ddbd7a98a2d | 459 | * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable |
| vsupacha | 0:3ddbd7a98a2d | 460 | * the following ciphersuites: |
| vsupacha | 0:3ddbd7a98a2d | 461 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 462 | * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 463 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 464 | * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 465 | * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 466 | * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 467 | * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 468 | * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 469 | * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 470 | * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 471 | * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 472 | * MBEDTLS_TLS_RSA_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 473 | * MBEDTLS_TLS_RSA_WITH_NULL_MD5 |
| vsupacha | 0:3ddbd7a98a2d | 474 | * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 475 | * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 476 | * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 477 | * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 478 | * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 479 | * MBEDTLS_TLS_PSK_WITH_NULL_SHA |
| vsupacha | 0:3ddbd7a98a2d | 480 | * |
| vsupacha | 0:3ddbd7a98a2d | 481 | * Uncomment this macro to enable the NULL cipher and ciphersuites |
| vsupacha | 0:3ddbd7a98a2d | 482 | */ |
| vsupacha | 0:3ddbd7a98a2d | 483 | //#define MBEDTLS_CIPHER_NULL_CIPHER |
| vsupacha | 0:3ddbd7a98a2d | 484 | |
| vsupacha | 0:3ddbd7a98a2d | 485 | /** |
| vsupacha | 0:3ddbd7a98a2d | 486 | * \def MBEDTLS_CIPHER_PADDING_PKCS7 |
| vsupacha | 0:3ddbd7a98a2d | 487 | * |
| vsupacha | 0:3ddbd7a98a2d | 488 | * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for |
| vsupacha | 0:3ddbd7a98a2d | 489 | * specific padding modes in the cipher layer with cipher modes that support |
| vsupacha | 0:3ddbd7a98a2d | 490 | * padding (e.g. CBC) |
| vsupacha | 0:3ddbd7a98a2d | 491 | * |
| vsupacha | 0:3ddbd7a98a2d | 492 | * If you disable all padding modes, only full blocks can be used with CBC. |
| vsupacha | 0:3ddbd7a98a2d | 493 | * |
| vsupacha | 0:3ddbd7a98a2d | 494 | * Enable padding modes in the cipher layer. |
| vsupacha | 0:3ddbd7a98a2d | 495 | */ |
| vsupacha | 0:3ddbd7a98a2d | 496 | //#define MBEDTLS_CIPHER_PADDING_PKCS7 |
| vsupacha | 0:3ddbd7a98a2d | 497 | //#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS |
| vsupacha | 0:3ddbd7a98a2d | 498 | //#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN |
| vsupacha | 0:3ddbd7a98a2d | 499 | //#define MBEDTLS_CIPHER_PADDING_ZEROS |
| vsupacha | 0:3ddbd7a98a2d | 500 | |
| vsupacha | 0:3ddbd7a98a2d | 501 | /** |
| vsupacha | 0:3ddbd7a98a2d | 502 | * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES |
| vsupacha | 0:3ddbd7a98a2d | 503 | * |
| vsupacha | 0:3ddbd7a98a2d | 504 | * Enable weak ciphersuites in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 505 | * Warning: Only do so when you know what you are doing. This allows for |
| vsupacha | 0:3ddbd7a98a2d | 506 | * channels with virtually no security at all! |
| vsupacha | 0:3ddbd7a98a2d | 507 | * |
| vsupacha | 0:3ddbd7a98a2d | 508 | * This enables the following ciphersuites: |
| vsupacha | 0:3ddbd7a98a2d | 509 | * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 510 | * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 511 | * |
| vsupacha | 0:3ddbd7a98a2d | 512 | * Uncomment this macro to enable weak ciphersuites |
| vsupacha | 0:3ddbd7a98a2d | 513 | */ |
| vsupacha | 0:3ddbd7a98a2d | 514 | //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES |
| vsupacha | 0:3ddbd7a98a2d | 515 | |
| vsupacha | 0:3ddbd7a98a2d | 516 | /** |
| vsupacha | 0:3ddbd7a98a2d | 517 | * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES |
| vsupacha | 0:3ddbd7a98a2d | 518 | * |
| vsupacha | 0:3ddbd7a98a2d | 519 | * Remove RC4 ciphersuites by default in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 520 | * This flag removes the ciphersuites based on RC4 from the default list as |
| vsupacha | 0:3ddbd7a98a2d | 521 | * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to |
| vsupacha | 0:3ddbd7a98a2d | 522 | * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them |
| vsupacha | 0:3ddbd7a98a2d | 523 | * explicitly. |
| vsupacha | 0:3ddbd7a98a2d | 524 | * |
| vsupacha | 0:3ddbd7a98a2d | 525 | * Uncomment this macro to remove RC4 ciphersuites by default. |
| vsupacha | 0:3ddbd7a98a2d | 526 | */ |
| vsupacha | 0:3ddbd7a98a2d | 527 | //#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES |
| vsupacha | 0:3ddbd7a98a2d | 528 | |
| vsupacha | 0:3ddbd7a98a2d | 529 | /** |
| vsupacha | 0:3ddbd7a98a2d | 530 | * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 531 | * |
| vsupacha | 0:3ddbd7a98a2d | 532 | * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve |
| vsupacha | 0:3ddbd7a98a2d | 533 | * module. By default all supported curves are enabled. |
| vsupacha | 0:3ddbd7a98a2d | 534 | * |
| vsupacha | 0:3ddbd7a98a2d | 535 | * Comment macros to disable the curve and functions for it |
| vsupacha | 0:3ddbd7a98a2d | 536 | */ |
| vsupacha | 0:3ddbd7a98a2d | 537 | //#define MBEDTLS_ECP_DP_SECP192R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 538 | //#define MBEDTLS_ECP_DP_SECP224R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 539 | //#define MBEDTLS_ECP_DP_SECP256R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 540 | //#define MBEDTLS_ECP_DP_SECP384R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 541 | //#define MBEDTLS_ECP_DP_SECP521R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 542 | //#define MBEDTLS_ECP_DP_SECP192K1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 543 | //#define MBEDTLS_ECP_DP_SECP224K1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 544 | //#define MBEDTLS_ECP_DP_SECP256K1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 545 | //#define MBEDTLS_ECP_DP_BP256R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 546 | //#define MBEDTLS_ECP_DP_BP384R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 547 | //#define MBEDTLS_ECP_DP_BP512R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 548 | //#define MBEDTLS_ECP_DP_CURVE25519_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 549 | |
| vsupacha | 0:3ddbd7a98a2d | 550 | /** |
| vsupacha | 0:3ddbd7a98a2d | 551 | * \def MBEDTLS_ECP_NIST_OPTIM |
| vsupacha | 0:3ddbd7a98a2d | 552 | * |
| vsupacha | 0:3ddbd7a98a2d | 553 | * Enable specific 'modulo p' routines for each NIST prime. |
| vsupacha | 0:3ddbd7a98a2d | 554 | * Depending on the prime and architecture, makes operations 4 to 8 times |
| vsupacha | 0:3ddbd7a98a2d | 555 | * faster on the corresponding curve. |
| vsupacha | 0:3ddbd7a98a2d | 556 | * |
| vsupacha | 0:3ddbd7a98a2d | 557 | * Comment this macro to disable NIST curves optimisation. |
| vsupacha | 0:3ddbd7a98a2d | 558 | */ |
| vsupacha | 0:3ddbd7a98a2d | 559 | //#define MBEDTLS_ECP_NIST_OPTIM |
| vsupacha | 0:3ddbd7a98a2d | 560 | |
| vsupacha | 0:3ddbd7a98a2d | 561 | /** |
| vsupacha | 0:3ddbd7a98a2d | 562 | * \def MBEDTLS_ECDSA_DETERMINISTIC |
| vsupacha | 0:3ddbd7a98a2d | 563 | * |
| vsupacha | 0:3ddbd7a98a2d | 564 | * Enable deterministic ECDSA (RFC 6979). |
| vsupacha | 0:3ddbd7a98a2d | 565 | * Standard ECDSA is "fragile" in the sense that lack of entropy when signing |
| vsupacha | 0:3ddbd7a98a2d | 566 | * may result in a compromise of the long-term signing key. This is avoided by |
| vsupacha | 0:3ddbd7a98a2d | 567 | * the deterministic variant. |
| vsupacha | 0:3ddbd7a98a2d | 568 | * |
| vsupacha | 0:3ddbd7a98a2d | 569 | * Requires: MBEDTLS_HMAC_DRBG_C |
| vsupacha | 0:3ddbd7a98a2d | 570 | * |
| vsupacha | 0:3ddbd7a98a2d | 571 | * Comment this macro to disable deterministic ECDSA. |
| vsupacha | 0:3ddbd7a98a2d | 572 | */ |
| vsupacha | 0:3ddbd7a98a2d | 573 | //#define MBEDTLS_ECDSA_DETERMINISTIC |
| vsupacha | 0:3ddbd7a98a2d | 574 | |
| vsupacha | 0:3ddbd7a98a2d | 575 | /** |
| vsupacha | 0:3ddbd7a98a2d | 576 | * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 577 | * |
| vsupacha | 0:3ddbd7a98a2d | 578 | * Enable the PSK based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 579 | * |
| vsupacha | 0:3ddbd7a98a2d | 580 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 581 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 582 | * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 583 | * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 584 | * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 585 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 586 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 587 | * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 588 | * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 589 | * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 590 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 591 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 592 | * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 593 | * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 594 | */ |
| vsupacha | 0:3ddbd7a98a2d | 595 | //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 596 | |
| vsupacha | 0:3ddbd7a98a2d | 597 | /** |
| vsupacha | 0:3ddbd7a98a2d | 598 | * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 599 | * |
| vsupacha | 0:3ddbd7a98a2d | 600 | * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 601 | * |
| vsupacha | 0:3ddbd7a98a2d | 602 | * Requires: MBEDTLS_DHM_C |
| vsupacha | 0:3ddbd7a98a2d | 603 | * |
| vsupacha | 0:3ddbd7a98a2d | 604 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 605 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 606 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 607 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 608 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 609 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 610 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 611 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 612 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 613 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 614 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 615 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 616 | * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 617 | * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 618 | */ |
| vsupacha | 0:3ddbd7a98a2d | 619 | //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 620 | |
| vsupacha | 0:3ddbd7a98a2d | 621 | /** |
| vsupacha | 0:3ddbd7a98a2d | 622 | * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 623 | * |
| vsupacha | 0:3ddbd7a98a2d | 624 | * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 625 | * |
| vsupacha | 0:3ddbd7a98a2d | 626 | * Requires: MBEDTLS_ECDH_C |
| vsupacha | 0:3ddbd7a98a2d | 627 | * |
| vsupacha | 0:3ddbd7a98a2d | 628 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 629 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 630 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 631 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 632 | * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 633 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 634 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 635 | * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 636 | * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 637 | * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 638 | */ |
| vsupacha | 0:3ddbd7a98a2d | 639 | //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 640 | |
| vsupacha | 0:3ddbd7a98a2d | 641 | /** |
| vsupacha | 0:3ddbd7a98a2d | 642 | * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 643 | * |
| vsupacha | 0:3ddbd7a98a2d | 644 | * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 645 | * |
| vsupacha | 0:3ddbd7a98a2d | 646 | * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, |
| vsupacha | 0:3ddbd7a98a2d | 647 | * MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 648 | * |
| vsupacha | 0:3ddbd7a98a2d | 649 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 650 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 651 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 652 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 653 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 654 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 655 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 656 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 657 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 658 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 659 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 660 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 661 | * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 662 | * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 663 | */ |
| vsupacha | 0:3ddbd7a98a2d | 664 | //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 665 | |
| vsupacha | 0:3ddbd7a98a2d | 666 | /** |
| vsupacha | 0:3ddbd7a98a2d | 667 | * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 668 | * |
| vsupacha | 0:3ddbd7a98a2d | 669 | * Enable the RSA-only based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 670 | * |
| vsupacha | 0:3ddbd7a98a2d | 671 | * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, |
| vsupacha | 0:3ddbd7a98a2d | 672 | * MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 673 | * |
| vsupacha | 0:3ddbd7a98a2d | 674 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 675 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 676 | * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 677 | * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 678 | * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 679 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 680 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 681 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 682 | * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 683 | * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 684 | * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 685 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 686 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 687 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 688 | * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 689 | * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 690 | * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 |
| vsupacha | 0:3ddbd7a98a2d | 691 | */ |
| vsupacha | 0:3ddbd7a98a2d | 692 | //#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 693 | |
| vsupacha | 0:3ddbd7a98a2d | 694 | /** |
| vsupacha | 0:3ddbd7a98a2d | 695 | * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 696 | * |
| vsupacha | 0:3ddbd7a98a2d | 697 | * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 698 | * |
| vsupacha | 0:3ddbd7a98a2d | 699 | * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, |
| vsupacha | 0:3ddbd7a98a2d | 700 | * MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 701 | * |
| vsupacha | 0:3ddbd7a98a2d | 702 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 703 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 704 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 705 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 706 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 707 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 708 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 709 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 710 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 711 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 712 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 713 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 714 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 715 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 716 | * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 717 | */ |
| vsupacha | 0:3ddbd7a98a2d | 718 | //#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 719 | |
| vsupacha | 0:3ddbd7a98a2d | 720 | /** |
| vsupacha | 0:3ddbd7a98a2d | 721 | * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 722 | * |
| vsupacha | 0:3ddbd7a98a2d | 723 | * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 724 | * |
| vsupacha | 0:3ddbd7a98a2d | 725 | * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, |
| vsupacha | 0:3ddbd7a98a2d | 726 | * MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 727 | * |
| vsupacha | 0:3ddbd7a98a2d | 728 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 729 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 730 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 731 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 732 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 733 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 734 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 735 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 736 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 737 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 738 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 739 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 740 | * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 741 | * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 742 | */ |
| vsupacha | 0:3ddbd7a98a2d | 743 | //#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 744 | |
| vsupacha | 0:3ddbd7a98a2d | 745 | /** |
| vsupacha | 0:3ddbd7a98a2d | 746 | * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 747 | * |
| vsupacha | 0:3ddbd7a98a2d | 748 | * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 749 | * |
| vsupacha | 0:3ddbd7a98a2d | 750 | * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, |
| vsupacha | 0:3ddbd7a98a2d | 751 | * |
| vsupacha | 0:3ddbd7a98a2d | 752 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 753 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 754 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 755 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 756 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 757 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 758 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 759 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 760 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 761 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 762 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 763 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 764 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 765 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 766 | */ |
| vsupacha | 0:3ddbd7a98a2d | 767 | //#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 768 | |
| vsupacha | 0:3ddbd7a98a2d | 769 | /** |
| vsupacha | 0:3ddbd7a98a2d | 770 | * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 771 | * |
| vsupacha | 0:3ddbd7a98a2d | 772 | * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 773 | * |
| vsupacha | 0:3ddbd7a98a2d | 774 | * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 775 | * |
| vsupacha | 0:3ddbd7a98a2d | 776 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 777 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 778 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 779 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 780 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 781 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 782 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 783 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 784 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 785 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 786 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 787 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 788 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 789 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 790 | */ |
| vsupacha | 0:3ddbd7a98a2d | 791 | //#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 792 | |
| vsupacha | 0:3ddbd7a98a2d | 793 | /** |
| vsupacha | 0:3ddbd7a98a2d | 794 | * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 795 | * |
| vsupacha | 0:3ddbd7a98a2d | 796 | * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 797 | * |
| vsupacha | 0:3ddbd7a98a2d | 798 | * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 799 | * |
| vsupacha | 0:3ddbd7a98a2d | 800 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 801 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 802 | * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 803 | * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 804 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 805 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 806 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 807 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 808 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 809 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 810 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 811 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 812 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 813 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 814 | */ |
| vsupacha | 0:3ddbd7a98a2d | 815 | //#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 816 | |
| vsupacha | 0:3ddbd7a98a2d | 817 | /** |
| vsupacha | 0:3ddbd7a98a2d | 818 | * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 819 | * |
| vsupacha | 0:3ddbd7a98a2d | 820 | * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. |
| vsupacha | 0:3ddbd7a98a2d | 821 | * |
| vsupacha | 0:3ddbd7a98a2d | 822 | * \warning This is currently experimental. EC J-PAKE support is based on the |
| vsupacha | 0:3ddbd7a98a2d | 823 | * Thread v1.0.0 specification; incompatible changes to the specification |
| vsupacha | 0:3ddbd7a98a2d | 824 | * might still happen. For this reason, this is disabled by default. |
| vsupacha | 0:3ddbd7a98a2d | 825 | * |
| vsupacha | 0:3ddbd7a98a2d | 826 | * Requires: MBEDTLS_ECJPAKE_C |
| vsupacha | 0:3ddbd7a98a2d | 827 | * MBEDTLS_SHA256_C |
| vsupacha | 0:3ddbd7a98a2d | 828 | * MBEDTLS_ECP_DP_SECP256R1_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 829 | * |
| vsupacha | 0:3ddbd7a98a2d | 830 | * This enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 831 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 832 | * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 |
| vsupacha | 0:3ddbd7a98a2d | 833 | */ |
| vsupacha | 0:3ddbd7a98a2d | 834 | //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 835 | |
| vsupacha | 0:3ddbd7a98a2d | 836 | /** |
| vsupacha | 0:3ddbd7a98a2d | 837 | * \def MBEDTLS_PK_PARSE_EC_EXTENDED |
| vsupacha | 0:3ddbd7a98a2d | 838 | * |
| vsupacha | 0:3ddbd7a98a2d | 839 | * Enhance support for reading EC keys using variants of SEC1 not allowed by |
| vsupacha | 0:3ddbd7a98a2d | 840 | * RFC 5915 and RFC 5480. |
| vsupacha | 0:3ddbd7a98a2d | 841 | * |
| vsupacha | 0:3ddbd7a98a2d | 842 | * Currently this means parsing the SpecifiedECDomain choice of EC |
| vsupacha | 0:3ddbd7a98a2d | 843 | * parameters (only known groups are supported, not arbitrary domains, to |
| vsupacha | 0:3ddbd7a98a2d | 844 | * avoid validation issues). |
| vsupacha | 0:3ddbd7a98a2d | 845 | * |
| vsupacha | 0:3ddbd7a98a2d | 846 | * Disable if you only need to support RFC 5915 + 5480 key formats. |
| vsupacha | 0:3ddbd7a98a2d | 847 | */ |
| vsupacha | 0:3ddbd7a98a2d | 848 | //#define MBEDTLS_PK_PARSE_EC_EXTENDED |
| vsupacha | 0:3ddbd7a98a2d | 849 | |
| vsupacha | 0:3ddbd7a98a2d | 850 | /** |
| vsupacha | 0:3ddbd7a98a2d | 851 | * \def MBEDTLS_ERROR_STRERROR_DUMMY |
| vsupacha | 0:3ddbd7a98a2d | 852 | * |
| vsupacha | 0:3ddbd7a98a2d | 853 | * Enable a dummy error function to make use of mbedtls_strerror() in |
| vsupacha | 0:3ddbd7a98a2d | 854 | * third party libraries easier when MBEDTLS_ERROR_C is disabled |
| vsupacha | 0:3ddbd7a98a2d | 855 | * (no effect when MBEDTLS_ERROR_C is enabled). |
| vsupacha | 0:3ddbd7a98a2d | 856 | * |
| vsupacha | 0:3ddbd7a98a2d | 857 | * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're |
| vsupacha | 0:3ddbd7a98a2d | 858 | * not using mbedtls_strerror() or error_strerror() in your application. |
| vsupacha | 0:3ddbd7a98a2d | 859 | * |
| vsupacha | 0:3ddbd7a98a2d | 860 | * Disable if you run into name conflicts and want to really remove the |
| vsupacha | 0:3ddbd7a98a2d | 861 | * mbedtls_strerror() |
| vsupacha | 0:3ddbd7a98a2d | 862 | */ |
| vsupacha | 0:3ddbd7a98a2d | 863 | //#define MBEDTLS_ERROR_STRERROR_DUMMY |
| vsupacha | 0:3ddbd7a98a2d | 864 | |
| vsupacha | 0:3ddbd7a98a2d | 865 | /** |
| vsupacha | 0:3ddbd7a98a2d | 866 | * \def MBEDTLS_GENPRIME |
| vsupacha | 0:3ddbd7a98a2d | 867 | * |
| vsupacha | 0:3ddbd7a98a2d | 868 | * Enable the prime-number generation code. |
| vsupacha | 0:3ddbd7a98a2d | 869 | * |
| vsupacha | 0:3ddbd7a98a2d | 870 | * Requires: MBEDTLS_BIGNUM_C |
| vsupacha | 0:3ddbd7a98a2d | 871 | */ |
| vsupacha | 0:3ddbd7a98a2d | 872 | //#define MBEDTLS_GENPRIME |
| vsupacha | 0:3ddbd7a98a2d | 873 | |
| vsupacha | 0:3ddbd7a98a2d | 874 | /** |
| vsupacha | 0:3ddbd7a98a2d | 875 | * \def MBEDTLS_FS_IO |
| vsupacha | 0:3ddbd7a98a2d | 876 | * |
| vsupacha | 0:3ddbd7a98a2d | 877 | * Enable functions that use the filesystem. |
| vsupacha | 0:3ddbd7a98a2d | 878 | */ |
| vsupacha | 0:3ddbd7a98a2d | 879 | //#define MBEDTLS_FS_IO |
| vsupacha | 0:3ddbd7a98a2d | 880 | |
| vsupacha | 0:3ddbd7a98a2d | 881 | /** |
| vsupacha | 0:3ddbd7a98a2d | 882 | * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
| vsupacha | 0:3ddbd7a98a2d | 883 | * |
| vsupacha | 0:3ddbd7a98a2d | 884 | * Do not add default entropy sources. These are the platform specific, |
| vsupacha | 0:3ddbd7a98a2d | 885 | * mbedtls_timing_hardclock and HAVEGE based poll functions. |
| vsupacha | 0:3ddbd7a98a2d | 886 | * |
| vsupacha | 0:3ddbd7a98a2d | 887 | * This is useful to have more control over the added entropy sources in an |
| vsupacha | 0:3ddbd7a98a2d | 888 | * application. |
| vsupacha | 0:3ddbd7a98a2d | 889 | * |
| vsupacha | 0:3ddbd7a98a2d | 890 | * Uncomment this macro to prevent loading of default entropy functions. |
| vsupacha | 0:3ddbd7a98a2d | 891 | */ |
| vsupacha | 0:3ddbd7a98a2d | 892 | //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
| vsupacha | 0:3ddbd7a98a2d | 893 | |
| vsupacha | 0:3ddbd7a98a2d | 894 | /** |
| vsupacha | 0:3ddbd7a98a2d | 895 | * \def MBEDTLS_NO_PLATFORM_ENTROPY |
| vsupacha | 0:3ddbd7a98a2d | 896 | * |
| vsupacha | 0:3ddbd7a98a2d | 897 | * Do not use built-in platform entropy functions. |
| vsupacha | 0:3ddbd7a98a2d | 898 | * This is useful if your platform does not support |
| vsupacha | 0:3ddbd7a98a2d | 899 | * standards like the /dev/urandom or Windows CryptoAPI. |
| vsupacha | 0:3ddbd7a98a2d | 900 | * |
| vsupacha | 0:3ddbd7a98a2d | 901 | * Uncomment this macro to disable the built-in platform entropy functions. |
| vsupacha | 0:3ddbd7a98a2d | 902 | */ |
| vsupacha | 0:3ddbd7a98a2d | 903 | #define MBEDTLS_NO_PLATFORM_ENTROPY |
| vsupacha | 0:3ddbd7a98a2d | 904 | |
| vsupacha | 0:3ddbd7a98a2d | 905 | /** |
| vsupacha | 0:3ddbd7a98a2d | 906 | * \def MBEDTLS_ENTROPY_FORCE_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 907 | * |
| vsupacha | 0:3ddbd7a98a2d | 908 | * Force the entropy accumulator to use a SHA-256 accumulator instead of the |
| vsupacha | 0:3ddbd7a98a2d | 909 | * default SHA-512 based one (if both are available). |
| vsupacha | 0:3ddbd7a98a2d | 910 | * |
| vsupacha | 0:3ddbd7a98a2d | 911 | * Requires: MBEDTLS_SHA256_C |
| vsupacha | 0:3ddbd7a98a2d | 912 | * |
| vsupacha | 0:3ddbd7a98a2d | 913 | * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option |
| vsupacha | 0:3ddbd7a98a2d | 914 | * if you have performance concerns. |
| vsupacha | 0:3ddbd7a98a2d | 915 | * |
| vsupacha | 0:3ddbd7a98a2d | 916 | * This option is only useful if both MBEDTLS_SHA256_C and |
| vsupacha | 0:3ddbd7a98a2d | 917 | * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. |
| vsupacha | 0:3ddbd7a98a2d | 918 | */ |
| vsupacha | 0:3ddbd7a98a2d | 919 | //#define MBEDTLS_ENTROPY_FORCE_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 920 | |
| vsupacha | 0:3ddbd7a98a2d | 921 | /** |
| vsupacha | 0:3ddbd7a98a2d | 922 | * \def MBEDTLS_ENTROPY_NV_SEED |
| vsupacha | 0:3ddbd7a98a2d | 923 | * |
| vsupacha | 0:3ddbd7a98a2d | 924 | * Enable the non-volatile (NV) seed file-based entropy source. |
| vsupacha | 0:3ddbd7a98a2d | 925 | * (Also enables the NV seed read/write functions in the platform layer) |
| vsupacha | 0:3ddbd7a98a2d | 926 | * |
| vsupacha | 0:3ddbd7a98a2d | 927 | * This is crucial (if not required) on systems that do not have a |
| vsupacha | 0:3ddbd7a98a2d | 928 | * cryptographic entropy source (in hardware or kernel) available. |
| vsupacha | 0:3ddbd7a98a2d | 929 | * |
| vsupacha | 0:3ddbd7a98a2d | 930 | * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C |
| vsupacha | 0:3ddbd7a98a2d | 931 | * |
| vsupacha | 0:3ddbd7a98a2d | 932 | * \note The read/write functions that are used by the entropy source are |
| vsupacha | 0:3ddbd7a98a2d | 933 | * determined in the platform layer, and can be modified at runtime and/or |
| vsupacha | 0:3ddbd7a98a2d | 934 | * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. |
| vsupacha | 0:3ddbd7a98a2d | 935 | * |
| vsupacha | 0:3ddbd7a98a2d | 936 | * \note If you use the default implementation functions that read a seedfile |
| vsupacha | 0:3ddbd7a98a2d | 937 | * with regular fopen(), please make sure you make a seedfile with the |
| vsupacha | 0:3ddbd7a98a2d | 938 | * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at |
| vsupacha | 0:3ddbd7a98a2d | 939 | * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from |
| vsupacha | 0:3ddbd7a98a2d | 940 | * and written to or you will get an entropy source error! The default |
| vsupacha | 0:3ddbd7a98a2d | 941 | * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE |
| vsupacha | 0:3ddbd7a98a2d | 942 | * bytes from the file. |
| vsupacha | 0:3ddbd7a98a2d | 943 | * |
| vsupacha | 0:3ddbd7a98a2d | 944 | * \note The entropy collector will write to the seed file before entropy is |
| vsupacha | 0:3ddbd7a98a2d | 945 | * given to an external source, to update it. |
| vsupacha | 0:3ddbd7a98a2d | 946 | */ |
| vsupacha | 0:3ddbd7a98a2d | 947 | //#define MBEDTLS_ENTROPY_NV_SEED |
| vsupacha | 0:3ddbd7a98a2d | 948 | |
| vsupacha | 0:3ddbd7a98a2d | 949 | /** |
| vsupacha | 0:3ddbd7a98a2d | 950 | * \def MBEDTLS_MEMORY_DEBUG |
| vsupacha | 0:3ddbd7a98a2d | 951 | * |
| vsupacha | 0:3ddbd7a98a2d | 952 | * Enable debugging of buffer allocator memory issues. Automatically prints |
| vsupacha | 0:3ddbd7a98a2d | 953 | * (to stderr) all (fatal) messages on memory allocation issues. Enables |
| vsupacha | 0:3ddbd7a98a2d | 954 | * function for 'debug output' of allocated memory. |
| vsupacha | 0:3ddbd7a98a2d | 955 | * |
| vsupacha | 0:3ddbd7a98a2d | 956 | * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C |
| vsupacha | 0:3ddbd7a98a2d | 957 | * |
| vsupacha | 0:3ddbd7a98a2d | 958 | * Uncomment this macro to let the buffer allocator print out error messages. |
| vsupacha | 0:3ddbd7a98a2d | 959 | */ |
| vsupacha | 0:3ddbd7a98a2d | 960 | //#define MBEDTLS_MEMORY_DEBUG |
| vsupacha | 0:3ddbd7a98a2d | 961 | |
| vsupacha | 0:3ddbd7a98a2d | 962 | /** |
| vsupacha | 0:3ddbd7a98a2d | 963 | * \def MBEDTLS_MEMORY_BACKTRACE |
| vsupacha | 0:3ddbd7a98a2d | 964 | * |
| vsupacha | 0:3ddbd7a98a2d | 965 | * Include backtrace information with each allocated block. |
| vsupacha | 0:3ddbd7a98a2d | 966 | * |
| vsupacha | 0:3ddbd7a98a2d | 967 | * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C |
| vsupacha | 0:3ddbd7a98a2d | 968 | * GLIBC-compatible backtrace() an backtrace_symbols() support |
| vsupacha | 0:3ddbd7a98a2d | 969 | * |
| vsupacha | 0:3ddbd7a98a2d | 970 | * Uncomment this macro to include backtrace information |
| vsupacha | 0:3ddbd7a98a2d | 971 | */ |
| vsupacha | 0:3ddbd7a98a2d | 972 | //#define MBEDTLS_MEMORY_BACKTRACE |
| vsupacha | 0:3ddbd7a98a2d | 973 | |
| vsupacha | 0:3ddbd7a98a2d | 974 | /** |
| vsupacha | 0:3ddbd7a98a2d | 975 | * \def MBEDTLS_PK_RSA_ALT_SUPPORT |
| vsupacha | 0:3ddbd7a98a2d | 976 | * |
| vsupacha | 0:3ddbd7a98a2d | 977 | * Support external private RSA keys (eg from a HSM) in the PK layer. |
| vsupacha | 0:3ddbd7a98a2d | 978 | * |
| vsupacha | 0:3ddbd7a98a2d | 979 | * Comment this macro to disable support for external private RSA keys. |
| vsupacha | 0:3ddbd7a98a2d | 980 | */ |
| vsupacha | 0:3ddbd7a98a2d | 981 | //#define MBEDTLS_PK_RSA_ALT_SUPPORT |
| vsupacha | 0:3ddbd7a98a2d | 982 | |
| vsupacha | 0:3ddbd7a98a2d | 983 | /** |
| vsupacha | 0:3ddbd7a98a2d | 984 | * \def MBEDTLS_PKCS1_V15 |
| vsupacha | 0:3ddbd7a98a2d | 985 | * |
| vsupacha | 0:3ddbd7a98a2d | 986 | * Enable support for PKCS#1 v1.5 encoding. |
| vsupacha | 0:3ddbd7a98a2d | 987 | * |
| vsupacha | 0:3ddbd7a98a2d | 988 | * Requires: MBEDTLS_RSA_C |
| vsupacha | 0:3ddbd7a98a2d | 989 | * |
| vsupacha | 0:3ddbd7a98a2d | 990 | * This enables support for PKCS#1 v1.5 operations. |
| vsupacha | 0:3ddbd7a98a2d | 991 | */ |
| vsupacha | 0:3ddbd7a98a2d | 992 | //#define MBEDTLS_PKCS1_V15 |
| vsupacha | 0:3ddbd7a98a2d | 993 | |
| vsupacha | 0:3ddbd7a98a2d | 994 | /** |
| vsupacha | 0:3ddbd7a98a2d | 995 | * \def MBEDTLS_PKCS1_V21 |
| vsupacha | 0:3ddbd7a98a2d | 996 | * |
| vsupacha | 0:3ddbd7a98a2d | 997 | * Enable support for PKCS#1 v2.1 encoding. |
| vsupacha | 0:3ddbd7a98a2d | 998 | * |
| vsupacha | 0:3ddbd7a98a2d | 999 | * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C |
| vsupacha | 0:3ddbd7a98a2d | 1000 | * |
| vsupacha | 0:3ddbd7a98a2d | 1001 | * This enables support for RSAES-OAEP and RSASSA-PSS operations. |
| vsupacha | 0:3ddbd7a98a2d | 1002 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1003 | //#define MBEDTLS_PKCS1_V21 |
| vsupacha | 0:3ddbd7a98a2d | 1004 | |
| vsupacha | 0:3ddbd7a98a2d | 1005 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1006 | * \def MBEDTLS_RSA_NO_CRT |
| vsupacha | 0:3ddbd7a98a2d | 1007 | * |
| vsupacha | 0:3ddbd7a98a2d | 1008 | * Do not use the Chinese Remainder Theorem for the RSA private operation. |
| vsupacha | 0:3ddbd7a98a2d | 1009 | * |
| vsupacha | 0:3ddbd7a98a2d | 1010 | * Uncomment this macro to disable the use of CRT in RSA. |
| vsupacha | 0:3ddbd7a98a2d | 1011 | * |
| vsupacha | 0:3ddbd7a98a2d | 1012 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1013 | //#define MBEDTLS_RSA_NO_CRT |
| vsupacha | 0:3ddbd7a98a2d | 1014 | |
| vsupacha | 0:3ddbd7a98a2d | 1015 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1016 | * \def MBEDTLS_SELF_TEST |
| vsupacha | 0:3ddbd7a98a2d | 1017 | * |
| vsupacha | 0:3ddbd7a98a2d | 1018 | * Enable the checkup functions (*_self_test). |
| vsupacha | 0:3ddbd7a98a2d | 1019 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1020 | //#define MBEDTLS_SELF_TEST |
| vsupacha | 0:3ddbd7a98a2d | 1021 | |
| vsupacha | 0:3ddbd7a98a2d | 1022 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1023 | * \def MBEDTLS_SHA256_SMALLER |
| vsupacha | 0:3ddbd7a98a2d | 1024 | * |
| vsupacha | 0:3ddbd7a98a2d | 1025 | * Enable an implementation of SHA-256 that has lower ROM footprint but also |
| vsupacha | 0:3ddbd7a98a2d | 1026 | * lower performance. |
| vsupacha | 0:3ddbd7a98a2d | 1027 | * |
| vsupacha | 0:3ddbd7a98a2d | 1028 | * The default implementation is meant to be a reasonnable compromise between |
| vsupacha | 0:3ddbd7a98a2d | 1029 | * performance and size. This version optimizes more aggressively for size at |
| vsupacha | 0:3ddbd7a98a2d | 1030 | * the expense of performance. Eg on Cortex-M4 it reduces the size of |
| vsupacha | 0:3ddbd7a98a2d | 1031 | * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about |
| vsupacha | 0:3ddbd7a98a2d | 1032 | * 30%. |
| vsupacha | 0:3ddbd7a98a2d | 1033 | * |
| vsupacha | 0:3ddbd7a98a2d | 1034 | * Uncomment to enable the smaller implementation of SHA256. |
| vsupacha | 0:3ddbd7a98a2d | 1035 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1036 | //#define MBEDTLS_SHA256_SMALLER |
| vsupacha | 0:3ddbd7a98a2d | 1037 | |
| vsupacha | 0:3ddbd7a98a2d | 1038 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1039 | * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES |
| vsupacha | 0:3ddbd7a98a2d | 1040 | * |
| vsupacha | 0:3ddbd7a98a2d | 1041 | * Enable sending of alert messages in case of encountered errors as per RFC. |
| vsupacha | 0:3ddbd7a98a2d | 1042 | * If you choose not to send the alert messages, mbed TLS can still communicate |
| vsupacha | 0:3ddbd7a98a2d | 1043 | * with other servers, only debugging of failures is harder. |
| vsupacha | 0:3ddbd7a98a2d | 1044 | * |
| vsupacha | 0:3ddbd7a98a2d | 1045 | * The advantage of not sending alert messages, is that no information is given |
| vsupacha | 0:3ddbd7a98a2d | 1046 | * about reasons for failures thus preventing adversaries of gaining intel. |
| vsupacha | 0:3ddbd7a98a2d | 1047 | * |
| vsupacha | 0:3ddbd7a98a2d | 1048 | * Enable sending of all alert messages |
| vsupacha | 0:3ddbd7a98a2d | 1049 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1050 | //#define MBEDTLS_SSL_ALL_ALERT_MESSAGES |
| vsupacha | 0:3ddbd7a98a2d | 1051 | |
| vsupacha | 0:3ddbd7a98a2d | 1052 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1053 | * \def MBEDTLS_SSL_DEBUG_ALL |
| vsupacha | 0:3ddbd7a98a2d | 1054 | * |
| vsupacha | 0:3ddbd7a98a2d | 1055 | * Enable the debug messages in SSL module for all issues. |
| vsupacha | 0:3ddbd7a98a2d | 1056 | * Debug messages have been disabled in some places to prevent timing |
| vsupacha | 0:3ddbd7a98a2d | 1057 | * attacks due to (unbalanced) debugging function calls. |
| vsupacha | 0:3ddbd7a98a2d | 1058 | * |
| vsupacha | 0:3ddbd7a98a2d | 1059 | * If you need all error reporting you should enable this during debugging, |
| vsupacha | 0:3ddbd7a98a2d | 1060 | * but remove this for production servers that should log as well. |
| vsupacha | 0:3ddbd7a98a2d | 1061 | * |
| vsupacha | 0:3ddbd7a98a2d | 1062 | * Uncomment this macro to report all debug messages on errors introducing |
| vsupacha | 0:3ddbd7a98a2d | 1063 | * a timing side-channel. |
| vsupacha | 0:3ddbd7a98a2d | 1064 | * |
| vsupacha | 0:3ddbd7a98a2d | 1065 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1066 | //#define MBEDTLS_SSL_DEBUG_ALL |
| vsupacha | 0:3ddbd7a98a2d | 1067 | |
| vsupacha | 0:3ddbd7a98a2d | 1068 | /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC |
| vsupacha | 0:3ddbd7a98a2d | 1069 | * |
| vsupacha | 0:3ddbd7a98a2d | 1070 | * Enable support for Encrypt-then-MAC, RFC 7366. |
| vsupacha | 0:3ddbd7a98a2d | 1071 | * |
| vsupacha | 0:3ddbd7a98a2d | 1072 | * This allows peers that both support it to use a more robust protection for |
| vsupacha | 0:3ddbd7a98a2d | 1073 | * ciphersuites using CBC, providing deep resistance against timing attacks |
| vsupacha | 0:3ddbd7a98a2d | 1074 | * on the padding or underlying cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1075 | * |
| vsupacha | 0:3ddbd7a98a2d | 1076 | * This only affects CBC ciphersuites, and is useless if none is defined. |
| vsupacha | 0:3ddbd7a98a2d | 1077 | * |
| vsupacha | 0:3ddbd7a98a2d | 1078 | * Requires: MBEDTLS_SSL_PROTO_TLS1 or |
| vsupacha | 0:3ddbd7a98a2d | 1079 | * MBEDTLS_SSL_PROTO_TLS1_1 or |
| vsupacha | 0:3ddbd7a98a2d | 1080 | * MBEDTLS_SSL_PROTO_TLS1_2 |
| vsupacha | 0:3ddbd7a98a2d | 1081 | * |
| vsupacha | 0:3ddbd7a98a2d | 1082 | * Comment this macro to disable support for Encrypt-then-MAC |
| vsupacha | 0:3ddbd7a98a2d | 1083 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1084 | //#define MBEDTLS_SSL_ENCRYPT_THEN_MAC |
| vsupacha | 0:3ddbd7a98a2d | 1085 | |
| vsupacha | 0:3ddbd7a98a2d | 1086 | /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET |
| vsupacha | 0:3ddbd7a98a2d | 1087 | * |
| vsupacha | 0:3ddbd7a98a2d | 1088 | * Enable support for Extended Master Secret, aka Session Hash |
| vsupacha | 0:3ddbd7a98a2d | 1089 | * (draft-ietf-tls-session-hash-02). |
| vsupacha | 0:3ddbd7a98a2d | 1090 | * |
| vsupacha | 0:3ddbd7a98a2d | 1091 | * This was introduced as "the proper fix" to the Triple Handshake familiy of |
| vsupacha | 0:3ddbd7a98a2d | 1092 | * attacks, but it is recommended to always use it (even if you disable |
| vsupacha | 0:3ddbd7a98a2d | 1093 | * renegotiation), since it actually fixes a more fundamental issue in the |
| vsupacha | 0:3ddbd7a98a2d | 1094 | * original SSL/TLS design, and has implications beyond Triple Handshake. |
| vsupacha | 0:3ddbd7a98a2d | 1095 | * |
| vsupacha | 0:3ddbd7a98a2d | 1096 | * Requires: MBEDTLS_SSL_PROTO_TLS1 or |
| vsupacha | 0:3ddbd7a98a2d | 1097 | * MBEDTLS_SSL_PROTO_TLS1_1 or |
| vsupacha | 0:3ddbd7a98a2d | 1098 | * MBEDTLS_SSL_PROTO_TLS1_2 |
| vsupacha | 0:3ddbd7a98a2d | 1099 | * |
| vsupacha | 0:3ddbd7a98a2d | 1100 | * Comment this macro to disable support for Extended Master Secret. |
| vsupacha | 0:3ddbd7a98a2d | 1101 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1102 | //#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET |
| vsupacha | 0:3ddbd7a98a2d | 1103 | |
| vsupacha | 0:3ddbd7a98a2d | 1104 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1105 | * \def MBEDTLS_SSL_FALLBACK_SCSV |
| vsupacha | 0:3ddbd7a98a2d | 1106 | * |
| vsupacha | 0:3ddbd7a98a2d | 1107 | * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). |
| vsupacha | 0:3ddbd7a98a2d | 1108 | * |
| vsupacha | 0:3ddbd7a98a2d | 1109 | * For servers, it is recommended to always enable this, unless you support |
| vsupacha | 0:3ddbd7a98a2d | 1110 | * only one version of TLS, or know for sure that none of your clients |
| vsupacha | 0:3ddbd7a98a2d | 1111 | * implements a fallback strategy. |
| vsupacha | 0:3ddbd7a98a2d | 1112 | * |
| vsupacha | 0:3ddbd7a98a2d | 1113 | * For clients, you only need this if you're using a fallback strategy, which |
| vsupacha | 0:3ddbd7a98a2d | 1114 | * is not recommended in the first place, unless you absolutely need it to |
| vsupacha | 0:3ddbd7a98a2d | 1115 | * interoperate with buggy (version-intolerant) servers. |
| vsupacha | 0:3ddbd7a98a2d | 1116 | * |
| vsupacha | 0:3ddbd7a98a2d | 1117 | * Comment this macro to disable support for FALLBACK_SCSV |
| vsupacha | 0:3ddbd7a98a2d | 1118 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1119 | //#define MBEDTLS_SSL_FALLBACK_SCSV |
| vsupacha | 0:3ddbd7a98a2d | 1120 | |
| vsupacha | 0:3ddbd7a98a2d | 1121 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1122 | * \def MBEDTLS_SSL_HW_RECORD_ACCEL |
| vsupacha | 0:3ddbd7a98a2d | 1123 | * |
| vsupacha | 0:3ddbd7a98a2d | 1124 | * Enable hooking functions in SSL module for hardware acceleration of |
| vsupacha | 0:3ddbd7a98a2d | 1125 | * individual records. |
| vsupacha | 0:3ddbd7a98a2d | 1126 | * |
| vsupacha | 0:3ddbd7a98a2d | 1127 | * Uncomment this macro to enable hooking functions. |
| vsupacha | 0:3ddbd7a98a2d | 1128 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1129 | //#define MBEDTLS_SSL_HW_RECORD_ACCEL |
| vsupacha | 0:3ddbd7a98a2d | 1130 | |
| vsupacha | 0:3ddbd7a98a2d | 1131 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1132 | * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING |
| vsupacha | 0:3ddbd7a98a2d | 1133 | * |
| vsupacha | 0:3ddbd7a98a2d | 1134 | * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. |
| vsupacha | 0:3ddbd7a98a2d | 1135 | * |
| vsupacha | 0:3ddbd7a98a2d | 1136 | * This is a countermeasure to the BEAST attack, which also minimizes the risk |
| vsupacha | 0:3ddbd7a98a2d | 1137 | * of interoperability issues compared to sending 0-length records. |
| vsupacha | 0:3ddbd7a98a2d | 1138 | * |
| vsupacha | 0:3ddbd7a98a2d | 1139 | * Comment this macro to disable 1/n-1 record splitting. |
| vsupacha | 0:3ddbd7a98a2d | 1140 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1141 | //#define MBEDTLS_SSL_CBC_RECORD_SPLITTING |
| vsupacha | 0:3ddbd7a98a2d | 1142 | |
| vsupacha | 0:3ddbd7a98a2d | 1143 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1144 | * \def MBEDTLS_SSL_RENEGOTIATION |
| vsupacha | 0:3ddbd7a98a2d | 1145 | * |
| vsupacha | 0:3ddbd7a98a2d | 1146 | * Disable support for TLS renegotiation. |
| vsupacha | 0:3ddbd7a98a2d | 1147 | * |
| vsupacha | 0:3ddbd7a98a2d | 1148 | * The two main uses of renegotiation are (1) refresh keys on long-lived |
| vsupacha | 0:3ddbd7a98a2d | 1149 | * connections and (2) client authentication after the initial handshake. |
| vsupacha | 0:3ddbd7a98a2d | 1150 | * If you don't need renegotiation, it's probably better to disable it, since |
| vsupacha | 0:3ddbd7a98a2d | 1151 | * it has been associated with security issues in the past and is easy to |
| vsupacha | 0:3ddbd7a98a2d | 1152 | * misuse/misunderstand. |
| vsupacha | 0:3ddbd7a98a2d | 1153 | * |
| vsupacha | 0:3ddbd7a98a2d | 1154 | * Comment this to disable support for renegotiation. |
| vsupacha | 0:3ddbd7a98a2d | 1155 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1156 | //#define MBEDTLS_SSL_RENEGOTIATION |
| vsupacha | 0:3ddbd7a98a2d | 1157 | |
| vsupacha | 0:3ddbd7a98a2d | 1158 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1159 | * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
| vsupacha | 0:3ddbd7a98a2d | 1160 | * |
| vsupacha | 0:3ddbd7a98a2d | 1161 | * Enable support for receiving and parsing SSLv2 Client Hello messages for the |
| vsupacha | 0:3ddbd7a98a2d | 1162 | * SSL Server module (MBEDTLS_SSL_SRV_C). |
| vsupacha | 0:3ddbd7a98a2d | 1163 | * |
| vsupacha | 0:3ddbd7a98a2d | 1164 | * Uncomment this macro to enable support for SSLv2 Client Hello messages. |
| vsupacha | 0:3ddbd7a98a2d | 1165 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1166 | //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
| vsupacha | 0:3ddbd7a98a2d | 1167 | |
| vsupacha | 0:3ddbd7a98a2d | 1168 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1169 | * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE |
| vsupacha | 0:3ddbd7a98a2d | 1170 | * |
| vsupacha | 0:3ddbd7a98a2d | 1171 | * Pick the ciphersuite according to the client's preferences rather than ours |
| vsupacha | 0:3ddbd7a98a2d | 1172 | * in the SSL Server module (MBEDTLS_SSL_SRV_C). |
| vsupacha | 0:3ddbd7a98a2d | 1173 | * |
| vsupacha | 0:3ddbd7a98a2d | 1174 | * Uncomment this macro to respect client's ciphersuite order |
| vsupacha | 0:3ddbd7a98a2d | 1175 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1176 | //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE |
| vsupacha | 0:3ddbd7a98a2d | 1177 | |
| vsupacha | 0:3ddbd7a98a2d | 1178 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1179 | * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH |
| vsupacha | 0:3ddbd7a98a2d | 1180 | * |
| vsupacha | 0:3ddbd7a98a2d | 1181 | * Enable support for RFC 6066 max_fragment_length extension in SSL. |
| vsupacha | 0:3ddbd7a98a2d | 1182 | * |
| vsupacha | 0:3ddbd7a98a2d | 1183 | * Comment this macro to disable support for the max_fragment_length extension |
| vsupacha | 0:3ddbd7a98a2d | 1184 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1185 | //#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH |
| vsupacha | 0:3ddbd7a98a2d | 1186 | |
| vsupacha | 0:3ddbd7a98a2d | 1187 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1188 | * \def MBEDTLS_SSL_PROTO_SSL3 |
| vsupacha | 0:3ddbd7a98a2d | 1189 | * |
| vsupacha | 0:3ddbd7a98a2d | 1190 | * Enable support for SSL 3.0. |
| vsupacha | 0:3ddbd7a98a2d | 1191 | * |
| vsupacha | 0:3ddbd7a98a2d | 1192 | * Requires: MBEDTLS_MD5_C |
| vsupacha | 0:3ddbd7a98a2d | 1193 | * MBEDTLS_SHA1_C |
| vsupacha | 0:3ddbd7a98a2d | 1194 | * |
| vsupacha | 0:3ddbd7a98a2d | 1195 | * Comment this macro to disable support for SSL 3.0 |
| vsupacha | 0:3ddbd7a98a2d | 1196 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1197 | //#define MBEDTLS_SSL_PROTO_SSL3 |
| vsupacha | 0:3ddbd7a98a2d | 1198 | |
| vsupacha | 0:3ddbd7a98a2d | 1199 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1200 | * \def MBEDTLS_SSL_PROTO_TLS1 |
| vsupacha | 0:3ddbd7a98a2d | 1201 | * |
| vsupacha | 0:3ddbd7a98a2d | 1202 | * Enable support for TLS 1.0. |
| vsupacha | 0:3ddbd7a98a2d | 1203 | * |
| vsupacha | 0:3ddbd7a98a2d | 1204 | * Requires: MBEDTLS_MD5_C |
| vsupacha | 0:3ddbd7a98a2d | 1205 | * MBEDTLS_SHA1_C |
| vsupacha | 0:3ddbd7a98a2d | 1206 | * |
| vsupacha | 0:3ddbd7a98a2d | 1207 | * Comment this macro to disable support for TLS 1.0 |
| vsupacha | 0:3ddbd7a98a2d | 1208 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1209 | //#define MBEDTLS_SSL_PROTO_TLS1 |
| vsupacha | 0:3ddbd7a98a2d | 1210 | |
| vsupacha | 0:3ddbd7a98a2d | 1211 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1212 | * \def MBEDTLS_SSL_PROTO_TLS1_1 |
| vsupacha | 0:3ddbd7a98a2d | 1213 | * |
| vsupacha | 0:3ddbd7a98a2d | 1214 | * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). |
| vsupacha | 0:3ddbd7a98a2d | 1215 | * |
| vsupacha | 0:3ddbd7a98a2d | 1216 | * Requires: MBEDTLS_MD5_C |
| vsupacha | 0:3ddbd7a98a2d | 1217 | * MBEDTLS_SHA1_C |
| vsupacha | 0:3ddbd7a98a2d | 1218 | * |
| vsupacha | 0:3ddbd7a98a2d | 1219 | * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 |
| vsupacha | 0:3ddbd7a98a2d | 1220 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1221 | //#define MBEDTLS_SSL_PROTO_TLS1_1 |
| vsupacha | 0:3ddbd7a98a2d | 1222 | |
| vsupacha | 0:3ddbd7a98a2d | 1223 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1224 | * \def MBEDTLS_SSL_PROTO_TLS1_2 |
| vsupacha | 0:3ddbd7a98a2d | 1225 | * |
| vsupacha | 0:3ddbd7a98a2d | 1226 | * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). |
| vsupacha | 0:3ddbd7a98a2d | 1227 | * |
| vsupacha | 0:3ddbd7a98a2d | 1228 | * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C |
| vsupacha | 0:3ddbd7a98a2d | 1229 | * (Depends on ciphersuites) |
| vsupacha | 0:3ddbd7a98a2d | 1230 | * |
| vsupacha | 0:3ddbd7a98a2d | 1231 | * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 |
| vsupacha | 0:3ddbd7a98a2d | 1232 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1233 | //#define MBEDTLS_SSL_PROTO_TLS1_2 |
| vsupacha | 0:3ddbd7a98a2d | 1234 | |
| vsupacha | 0:3ddbd7a98a2d | 1235 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1236 | * \def MBEDTLS_SSL_PROTO_DTLS |
| vsupacha | 0:3ddbd7a98a2d | 1237 | * |
| vsupacha | 0:3ddbd7a98a2d | 1238 | * Enable support for DTLS (all available versions). |
| vsupacha | 0:3ddbd7a98a2d | 1239 | * |
| vsupacha | 0:3ddbd7a98a2d | 1240 | * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, |
| vsupacha | 0:3ddbd7a98a2d | 1241 | * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. |
| vsupacha | 0:3ddbd7a98a2d | 1242 | * |
| vsupacha | 0:3ddbd7a98a2d | 1243 | * Requires: MBEDTLS_SSL_PROTO_TLS1_1 |
| vsupacha | 0:3ddbd7a98a2d | 1244 | * or MBEDTLS_SSL_PROTO_TLS1_2 |
| vsupacha | 0:3ddbd7a98a2d | 1245 | * |
| vsupacha | 0:3ddbd7a98a2d | 1246 | * Comment this macro to disable support for DTLS |
| vsupacha | 0:3ddbd7a98a2d | 1247 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1248 | //#define MBEDTLS_SSL_PROTO_DTLS |
| vsupacha | 0:3ddbd7a98a2d | 1249 | |
| vsupacha | 0:3ddbd7a98a2d | 1250 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1251 | * \def MBEDTLS_SSL_ALPN |
| vsupacha | 0:3ddbd7a98a2d | 1252 | * |
| vsupacha | 0:3ddbd7a98a2d | 1253 | * Enable support for RFC 7301 Application Layer Protocol Negotiation. |
| vsupacha | 0:3ddbd7a98a2d | 1254 | * |
| vsupacha | 0:3ddbd7a98a2d | 1255 | * Comment this macro to disable support for ALPN. |
| vsupacha | 0:3ddbd7a98a2d | 1256 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1257 | //#define MBEDTLS_SSL_ALPN |
| vsupacha | 0:3ddbd7a98a2d | 1258 | |
| vsupacha | 0:3ddbd7a98a2d | 1259 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1260 | * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY |
| vsupacha | 0:3ddbd7a98a2d | 1261 | * |
| vsupacha | 0:3ddbd7a98a2d | 1262 | * Enable support for the anti-replay mechanism in DTLS. |
| vsupacha | 0:3ddbd7a98a2d | 1263 | * |
| vsupacha | 0:3ddbd7a98a2d | 1264 | * Requires: MBEDTLS_SSL_TLS_C |
| vsupacha | 0:3ddbd7a98a2d | 1265 | * MBEDTLS_SSL_PROTO_DTLS |
| vsupacha | 0:3ddbd7a98a2d | 1266 | * |
| vsupacha | 0:3ddbd7a98a2d | 1267 | * \warning Disabling this is often a security risk! |
| vsupacha | 0:3ddbd7a98a2d | 1268 | * See mbedtls_ssl_conf_dtls_anti_replay() for details. |
| vsupacha | 0:3ddbd7a98a2d | 1269 | * |
| vsupacha | 0:3ddbd7a98a2d | 1270 | * Comment this to disable anti-replay in DTLS. |
| vsupacha | 0:3ddbd7a98a2d | 1271 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1272 | //#define MBEDTLS_SSL_DTLS_ANTI_REPLAY |
| vsupacha | 0:3ddbd7a98a2d | 1273 | |
| vsupacha | 0:3ddbd7a98a2d | 1274 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1275 | * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY |
| vsupacha | 0:3ddbd7a98a2d | 1276 | * |
| vsupacha | 0:3ddbd7a98a2d | 1277 | * Enable support for HelloVerifyRequest on DTLS servers. |
| vsupacha | 0:3ddbd7a98a2d | 1278 | * |
| vsupacha | 0:3ddbd7a98a2d | 1279 | * This feature is highly recommended to prevent DTLS servers being used as |
| vsupacha | 0:3ddbd7a98a2d | 1280 | * amplifiers in DoS attacks against other hosts. It should always be enabled |
| vsupacha | 0:3ddbd7a98a2d | 1281 | * unless you know for sure amplification cannot be a problem in the |
| vsupacha | 0:3ddbd7a98a2d | 1282 | * environment in which your server operates. |
| vsupacha | 0:3ddbd7a98a2d | 1283 | * |
| vsupacha | 0:3ddbd7a98a2d | 1284 | * \warning Disabling this can ba a security risk! (see above) |
| vsupacha | 0:3ddbd7a98a2d | 1285 | * |
| vsupacha | 0:3ddbd7a98a2d | 1286 | * Requires: MBEDTLS_SSL_PROTO_DTLS |
| vsupacha | 0:3ddbd7a98a2d | 1287 | * |
| vsupacha | 0:3ddbd7a98a2d | 1288 | * Comment this to disable support for HelloVerifyRequest. |
| vsupacha | 0:3ddbd7a98a2d | 1289 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1290 | //#define MBEDTLS_SSL_DTLS_HELLO_VERIFY |
| vsupacha | 0:3ddbd7a98a2d | 1291 | |
| vsupacha | 0:3ddbd7a98a2d | 1292 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1293 | * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE |
| vsupacha | 0:3ddbd7a98a2d | 1294 | * |
| vsupacha | 0:3ddbd7a98a2d | 1295 | * Enable server-side support for clients that reconnect from the same port. |
| vsupacha | 0:3ddbd7a98a2d | 1296 | * |
| vsupacha | 0:3ddbd7a98a2d | 1297 | * Some clients unexpectedly close the connection and try to reconnect using the |
| vsupacha | 0:3ddbd7a98a2d | 1298 | * same source port. This needs special support from the server to handle the |
| vsupacha | 0:3ddbd7a98a2d | 1299 | * new connection securely, as described in section 4.2.8 of RFC 6347. This |
| vsupacha | 0:3ddbd7a98a2d | 1300 | * flag enables that support. |
| vsupacha | 0:3ddbd7a98a2d | 1301 | * |
| vsupacha | 0:3ddbd7a98a2d | 1302 | * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY |
| vsupacha | 0:3ddbd7a98a2d | 1303 | * |
| vsupacha | 0:3ddbd7a98a2d | 1304 | * Comment this to disable support for clients reusing the source port. |
| vsupacha | 0:3ddbd7a98a2d | 1305 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1306 | //#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE |
| vsupacha | 0:3ddbd7a98a2d | 1307 | |
| vsupacha | 0:3ddbd7a98a2d | 1308 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1309 | * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT |
| vsupacha | 0:3ddbd7a98a2d | 1310 | * |
| vsupacha | 0:3ddbd7a98a2d | 1311 | * Enable support for a limit of records with bad MAC. |
| vsupacha | 0:3ddbd7a98a2d | 1312 | * |
| vsupacha | 0:3ddbd7a98a2d | 1313 | * See mbedtls_ssl_conf_dtls_badmac_limit(). |
| vsupacha | 0:3ddbd7a98a2d | 1314 | * |
| vsupacha | 0:3ddbd7a98a2d | 1315 | * Requires: MBEDTLS_SSL_PROTO_DTLS |
| vsupacha | 0:3ddbd7a98a2d | 1316 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1317 | //#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT |
| vsupacha | 0:3ddbd7a98a2d | 1318 | |
| vsupacha | 0:3ddbd7a98a2d | 1319 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1320 | * \def MBEDTLS_SSL_SESSION_TICKETS |
| vsupacha | 0:3ddbd7a98a2d | 1321 | * |
| vsupacha | 0:3ddbd7a98a2d | 1322 | * Enable support for RFC 5077 session tickets in SSL. |
| vsupacha | 0:3ddbd7a98a2d | 1323 | * Client-side, provides full support for session tickets (maintainance of a |
| vsupacha | 0:3ddbd7a98a2d | 1324 | * session store remains the responsibility of the application, though). |
| vsupacha | 0:3ddbd7a98a2d | 1325 | * Server-side, you also need to provide callbacks for writing and parsing |
| vsupacha | 0:3ddbd7a98a2d | 1326 | * tickets, including authenticated encryption and key management. Example |
| vsupacha | 0:3ddbd7a98a2d | 1327 | * callbacks are provided by MBEDTLS_SSL_TICKET_C. |
| vsupacha | 0:3ddbd7a98a2d | 1328 | * |
| vsupacha | 0:3ddbd7a98a2d | 1329 | * Comment this macro to disable support for SSL session tickets |
| vsupacha | 0:3ddbd7a98a2d | 1330 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1331 | //#define MBEDTLS_SSL_SESSION_TICKETS |
| vsupacha | 0:3ddbd7a98a2d | 1332 | |
| vsupacha | 0:3ddbd7a98a2d | 1333 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1334 | * \def MBEDTLS_SSL_EXPORT_KEYS |
| vsupacha | 0:3ddbd7a98a2d | 1335 | * |
| vsupacha | 0:3ddbd7a98a2d | 1336 | * Enable support for exporting key block and master secret. |
| vsupacha | 0:3ddbd7a98a2d | 1337 | * This is required for certain users of TLS, e.g. EAP-TLS. |
| vsupacha | 0:3ddbd7a98a2d | 1338 | * |
| vsupacha | 0:3ddbd7a98a2d | 1339 | * Comment this macro to disable support for key export |
| vsupacha | 0:3ddbd7a98a2d | 1340 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1341 | //#define MBEDTLS_SSL_EXPORT_KEYS |
| vsupacha | 0:3ddbd7a98a2d | 1342 | |
| vsupacha | 0:3ddbd7a98a2d | 1343 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1344 | * \def MBEDTLS_SSL_SERVER_NAME_INDICATION |
| vsupacha | 0:3ddbd7a98a2d | 1345 | * |
| vsupacha | 0:3ddbd7a98a2d | 1346 | * Enable support for RFC 6066 server name indication (SNI) in SSL. |
| vsupacha | 0:3ddbd7a98a2d | 1347 | * |
| vsupacha | 0:3ddbd7a98a2d | 1348 | * Requires: MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 1349 | * |
| vsupacha | 0:3ddbd7a98a2d | 1350 | * Comment this macro to disable support for server name indication in SSL |
| vsupacha | 0:3ddbd7a98a2d | 1351 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1352 | //#define MBEDTLS_SSL_SERVER_NAME_INDICATION |
| vsupacha | 0:3ddbd7a98a2d | 1353 | |
| vsupacha | 0:3ddbd7a98a2d | 1354 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1355 | * \def MBEDTLS_SSL_TRUNCATED_HMAC |
| vsupacha | 0:3ddbd7a98a2d | 1356 | * |
| vsupacha | 0:3ddbd7a98a2d | 1357 | * Enable support for RFC 6066 truncated HMAC in SSL. |
| vsupacha | 0:3ddbd7a98a2d | 1358 | * |
| vsupacha | 0:3ddbd7a98a2d | 1359 | * Comment this macro to disable support for truncated HMAC in SSL |
| vsupacha | 0:3ddbd7a98a2d | 1360 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1361 | //#define MBEDTLS_SSL_TRUNCATED_HMAC |
| vsupacha | 0:3ddbd7a98a2d | 1362 | |
| vsupacha | 0:3ddbd7a98a2d | 1363 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1364 | * \def MBEDTLS_THREADING_ALT |
| vsupacha | 0:3ddbd7a98a2d | 1365 | * |
| vsupacha | 0:3ddbd7a98a2d | 1366 | * Provide your own alternate threading implementation. |
| vsupacha | 0:3ddbd7a98a2d | 1367 | * |
| vsupacha | 0:3ddbd7a98a2d | 1368 | * Requires: MBEDTLS_THREADING_C |
| vsupacha | 0:3ddbd7a98a2d | 1369 | * |
| vsupacha | 0:3ddbd7a98a2d | 1370 | * Uncomment this to allow your own alternate threading implementation. |
| vsupacha | 0:3ddbd7a98a2d | 1371 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1372 | //#define MBEDTLS_THREADING_ALT |
| vsupacha | 0:3ddbd7a98a2d | 1373 | |
| vsupacha | 0:3ddbd7a98a2d | 1374 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1375 | * \def MBEDTLS_THREADING_PTHREAD |
| vsupacha | 0:3ddbd7a98a2d | 1376 | * |
| vsupacha | 0:3ddbd7a98a2d | 1377 | * Enable the pthread wrapper layer for the threading layer. |
| vsupacha | 0:3ddbd7a98a2d | 1378 | * |
| vsupacha | 0:3ddbd7a98a2d | 1379 | * Requires: MBEDTLS_THREADING_C |
| vsupacha | 0:3ddbd7a98a2d | 1380 | * |
| vsupacha | 0:3ddbd7a98a2d | 1381 | * Uncomment this to enable pthread mutexes. |
| vsupacha | 0:3ddbd7a98a2d | 1382 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1383 | //#define MBEDTLS_THREADING_PTHREAD |
| vsupacha | 0:3ddbd7a98a2d | 1384 | |
| vsupacha | 0:3ddbd7a98a2d | 1385 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1386 | * \def MBEDTLS_VERSION_FEATURES |
| vsupacha | 0:3ddbd7a98a2d | 1387 | * |
| vsupacha | 0:3ddbd7a98a2d | 1388 | * Allow run-time checking of compile-time enabled features. Thus allowing users |
| vsupacha | 0:3ddbd7a98a2d | 1389 | * to check at run-time if the library is for instance compiled with threading |
| vsupacha | 0:3ddbd7a98a2d | 1390 | * support via mbedtls_version_check_feature(). |
| vsupacha | 0:3ddbd7a98a2d | 1391 | * |
| vsupacha | 0:3ddbd7a98a2d | 1392 | * Requires: MBEDTLS_VERSION_C |
| vsupacha | 0:3ddbd7a98a2d | 1393 | * |
| vsupacha | 0:3ddbd7a98a2d | 1394 | * Comment this to disable run-time checking and save ROM space |
| vsupacha | 0:3ddbd7a98a2d | 1395 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1396 | //#define MBEDTLS_VERSION_FEATURES |
| vsupacha | 0:3ddbd7a98a2d | 1397 | |
| vsupacha | 0:3ddbd7a98a2d | 1398 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1399 | * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
| vsupacha | 0:3ddbd7a98a2d | 1400 | * |
| vsupacha | 0:3ddbd7a98a2d | 1401 | * If set, the X509 parser will not break-off when parsing an X509 certificate |
| vsupacha | 0:3ddbd7a98a2d | 1402 | * and encountering an extension in a v1 or v2 certificate. |
| vsupacha | 0:3ddbd7a98a2d | 1403 | * |
| vsupacha | 0:3ddbd7a98a2d | 1404 | * Uncomment to prevent an error. |
| vsupacha | 0:3ddbd7a98a2d | 1405 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1406 | //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
| vsupacha | 0:3ddbd7a98a2d | 1407 | |
| vsupacha | 0:3ddbd7a98a2d | 1408 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1409 | * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
| vsupacha | 0:3ddbd7a98a2d | 1410 | * |
| vsupacha | 0:3ddbd7a98a2d | 1411 | * If set, the X509 parser will not break-off when parsing an X509 certificate |
| vsupacha | 0:3ddbd7a98a2d | 1412 | * and encountering an unknown critical extension. |
| vsupacha | 0:3ddbd7a98a2d | 1413 | * |
| vsupacha | 0:3ddbd7a98a2d | 1414 | * \warning Depending on your PKI use, enabling this can be a security risk! |
| vsupacha | 0:3ddbd7a98a2d | 1415 | * |
| vsupacha | 0:3ddbd7a98a2d | 1416 | * Uncomment to prevent an error. |
| vsupacha | 0:3ddbd7a98a2d | 1417 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1418 | //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
| vsupacha | 0:3ddbd7a98a2d | 1419 | |
| vsupacha | 0:3ddbd7a98a2d | 1420 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1421 | * \def MBEDTLS_X509_CHECK_KEY_USAGE |
| vsupacha | 0:3ddbd7a98a2d | 1422 | * |
| vsupacha | 0:3ddbd7a98a2d | 1423 | * Enable verification of the keyUsage extension (CA and leaf certificates). |
| vsupacha | 0:3ddbd7a98a2d | 1424 | * |
| vsupacha | 0:3ddbd7a98a2d | 1425 | * Disabling this avoids problems with mis-issued and/or misused |
| vsupacha | 0:3ddbd7a98a2d | 1426 | * (intermediate) CA and leaf certificates. |
| vsupacha | 0:3ddbd7a98a2d | 1427 | * |
| vsupacha | 0:3ddbd7a98a2d | 1428 | * \warning Depending on your PKI use, disabling this can be a security risk! |
| vsupacha | 0:3ddbd7a98a2d | 1429 | * |
| vsupacha | 0:3ddbd7a98a2d | 1430 | * Comment to skip keyUsage checking for both CA and leaf certificates. |
| vsupacha | 0:3ddbd7a98a2d | 1431 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1432 | //#define MBEDTLS_X509_CHECK_KEY_USAGE |
| vsupacha | 0:3ddbd7a98a2d | 1433 | |
| vsupacha | 0:3ddbd7a98a2d | 1434 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1435 | * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE |
| vsupacha | 0:3ddbd7a98a2d | 1436 | * |
| vsupacha | 0:3ddbd7a98a2d | 1437 | * Enable verification of the extendedKeyUsage extension (leaf certificates). |
| vsupacha | 0:3ddbd7a98a2d | 1438 | * |
| vsupacha | 0:3ddbd7a98a2d | 1439 | * Disabling this avoids problems with mis-issued and/or misused certificates. |
| vsupacha | 0:3ddbd7a98a2d | 1440 | * |
| vsupacha | 0:3ddbd7a98a2d | 1441 | * \warning Depending on your PKI use, disabling this can be a security risk! |
| vsupacha | 0:3ddbd7a98a2d | 1442 | * |
| vsupacha | 0:3ddbd7a98a2d | 1443 | * Comment to skip extendedKeyUsage checking for certificates. |
| vsupacha | 0:3ddbd7a98a2d | 1444 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1445 | //#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE |
| vsupacha | 0:3ddbd7a98a2d | 1446 | |
| vsupacha | 0:3ddbd7a98a2d | 1447 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1448 | * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT |
| vsupacha | 0:3ddbd7a98a2d | 1449 | * |
| vsupacha | 0:3ddbd7a98a2d | 1450 | * Enable parsing and verification of X.509 certificates, CRLs and CSRS |
| vsupacha | 0:3ddbd7a98a2d | 1451 | * signed with RSASSA-PSS (aka PKCS#1 v2.1). |
| vsupacha | 0:3ddbd7a98a2d | 1452 | * |
| vsupacha | 0:3ddbd7a98a2d | 1453 | * Comment this macro to disallow using RSASSA-PSS in certificates. |
| vsupacha | 0:3ddbd7a98a2d | 1454 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1455 | //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT |
| vsupacha | 0:3ddbd7a98a2d | 1456 | |
| vsupacha | 0:3ddbd7a98a2d | 1457 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1458 | * \def MBEDTLS_ZLIB_SUPPORT |
| vsupacha | 0:3ddbd7a98a2d | 1459 | * |
| vsupacha | 0:3ddbd7a98a2d | 1460 | * If set, the SSL/TLS module uses ZLIB to support compression and |
| vsupacha | 0:3ddbd7a98a2d | 1461 | * decompression of packet data. |
| vsupacha | 0:3ddbd7a98a2d | 1462 | * |
| vsupacha | 0:3ddbd7a98a2d | 1463 | * \warning TLS-level compression MAY REDUCE SECURITY! See for example the |
| vsupacha | 0:3ddbd7a98a2d | 1464 | * CRIME attack. Before enabling this option, you should examine with care if |
| vsupacha | 0:3ddbd7a98a2d | 1465 | * CRIME or similar exploits may be a applicable to your use case. |
| vsupacha | 0:3ddbd7a98a2d | 1466 | * |
| vsupacha | 0:3ddbd7a98a2d | 1467 | * \note Currently compression can't be used with DTLS. |
| vsupacha | 0:3ddbd7a98a2d | 1468 | * |
| vsupacha | 0:3ddbd7a98a2d | 1469 | * Used in: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1470 | * library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 1471 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 1472 | * |
| vsupacha | 0:3ddbd7a98a2d | 1473 | * This feature requires zlib library and headers to be present. |
| vsupacha | 0:3ddbd7a98a2d | 1474 | * |
| vsupacha | 0:3ddbd7a98a2d | 1475 | * Uncomment to enable use of ZLIB |
| vsupacha | 0:3ddbd7a98a2d | 1476 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1477 | //#define MBEDTLS_ZLIB_SUPPORT |
| vsupacha | 0:3ddbd7a98a2d | 1478 | /* \} name SECTION: mbed TLS feature support */ |
| vsupacha | 0:3ddbd7a98a2d | 1479 | |
| vsupacha | 0:3ddbd7a98a2d | 1480 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1481 | * \name SECTION: mbed TLS modules |
| vsupacha | 0:3ddbd7a98a2d | 1482 | * |
| vsupacha | 0:3ddbd7a98a2d | 1483 | * This section enables or disables entire modules in mbed TLS |
| vsupacha | 0:3ddbd7a98a2d | 1484 | * \{ |
| vsupacha | 0:3ddbd7a98a2d | 1485 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1486 | |
| vsupacha | 0:3ddbd7a98a2d | 1487 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1488 | * \def MBEDTLS_AESNI_C |
| vsupacha | 0:3ddbd7a98a2d | 1489 | * |
| vsupacha | 0:3ddbd7a98a2d | 1490 | * Enable AES-NI support on x86-64. |
| vsupacha | 0:3ddbd7a98a2d | 1491 | * |
| vsupacha | 0:3ddbd7a98a2d | 1492 | * Module: library/aesni.c |
| vsupacha | 0:3ddbd7a98a2d | 1493 | * Caller: library/aes.c |
| vsupacha | 0:3ddbd7a98a2d | 1494 | * |
| vsupacha | 0:3ddbd7a98a2d | 1495 | * Requires: MBEDTLS_HAVE_ASM |
| vsupacha | 0:3ddbd7a98a2d | 1496 | * |
| vsupacha | 0:3ddbd7a98a2d | 1497 | * This modules adds support for the AES-NI instructions on x86-64 |
| vsupacha | 0:3ddbd7a98a2d | 1498 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1499 | //#define MBEDTLS_AESNI_C |
| vsupacha | 0:3ddbd7a98a2d | 1500 | |
| vsupacha | 0:3ddbd7a98a2d | 1501 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1502 | * \def MBEDTLS_AES_C |
| vsupacha | 0:3ddbd7a98a2d | 1503 | * |
| vsupacha | 0:3ddbd7a98a2d | 1504 | * Enable the AES block cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1505 | * |
| vsupacha | 0:3ddbd7a98a2d | 1506 | * Module: library/aes.c |
| vsupacha | 0:3ddbd7a98a2d | 1507 | * Caller: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1508 | * library/pem.c |
| vsupacha | 0:3ddbd7a98a2d | 1509 | * library/ctr_drbg.c |
| vsupacha | 0:3ddbd7a98a2d | 1510 | * |
| vsupacha | 0:3ddbd7a98a2d | 1511 | * This module enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 1512 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 1513 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1514 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1515 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1516 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1517 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1518 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1519 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1520 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1521 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1522 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1523 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1524 | * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1525 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1526 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1527 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1528 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1529 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1530 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1531 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1532 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1533 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1534 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1535 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1536 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1537 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1538 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1539 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1540 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1541 | * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1542 | * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1543 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1544 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1545 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1546 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1547 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1548 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1549 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1550 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1551 | * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1552 | * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1553 | * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1554 | * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1555 | * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1556 | * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1557 | * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1558 | * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1559 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1560 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1561 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1562 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1563 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1564 | * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1565 | * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1566 | * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1567 | * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1568 | * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1569 | * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1570 | * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1571 | * |
| vsupacha | 0:3ddbd7a98a2d | 1572 | * PEM_PARSE uses AES for decrypting encrypted keys. |
| vsupacha | 0:3ddbd7a98a2d | 1573 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1574 | #define MBEDTLS_AES_C |
| vsupacha | 0:3ddbd7a98a2d | 1575 | |
| vsupacha | 0:3ddbd7a98a2d | 1576 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1577 | * \def MBEDTLS_ARC4_C |
| vsupacha | 0:3ddbd7a98a2d | 1578 | * |
| vsupacha | 0:3ddbd7a98a2d | 1579 | * Enable the ARCFOUR stream cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1580 | * |
| vsupacha | 0:3ddbd7a98a2d | 1581 | * Module: library/arc4.c |
| vsupacha | 0:3ddbd7a98a2d | 1582 | * Caller: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1583 | * |
| vsupacha | 0:3ddbd7a98a2d | 1584 | * This module enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 1585 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 1586 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1587 | * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1588 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1589 | * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1590 | * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1591 | * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1592 | * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1593 | * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 |
| vsupacha | 0:3ddbd7a98a2d | 1594 | * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1595 | * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1596 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1597 | //#define MBEDTLS_ARC4_C |
| vsupacha | 0:3ddbd7a98a2d | 1598 | |
| vsupacha | 0:3ddbd7a98a2d | 1599 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1600 | * \def MBEDTLS_ASN1_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 1601 | * |
| vsupacha | 0:3ddbd7a98a2d | 1602 | * Enable the generic ASN1 parser. |
| vsupacha | 0:3ddbd7a98a2d | 1603 | * |
| vsupacha | 0:3ddbd7a98a2d | 1604 | * Module: library/asn1.c |
| vsupacha | 0:3ddbd7a98a2d | 1605 | * Caller: library/x509.c |
| vsupacha | 0:3ddbd7a98a2d | 1606 | * library/dhm.c |
| vsupacha | 0:3ddbd7a98a2d | 1607 | * library/pkcs12.c |
| vsupacha | 0:3ddbd7a98a2d | 1608 | * library/pkcs5.c |
| vsupacha | 0:3ddbd7a98a2d | 1609 | * library/pkparse.c |
| vsupacha | 0:3ddbd7a98a2d | 1610 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1611 | //#define MBEDTLS_ASN1_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 1612 | |
| vsupacha | 0:3ddbd7a98a2d | 1613 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1614 | * \def MBEDTLS_ASN1_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 1615 | * |
| vsupacha | 0:3ddbd7a98a2d | 1616 | * Enable the generic ASN1 writer. |
| vsupacha | 0:3ddbd7a98a2d | 1617 | * |
| vsupacha | 0:3ddbd7a98a2d | 1618 | * Module: library/asn1write.c |
| vsupacha | 0:3ddbd7a98a2d | 1619 | * Caller: library/ecdsa.c |
| vsupacha | 0:3ddbd7a98a2d | 1620 | * library/pkwrite.c |
| vsupacha | 0:3ddbd7a98a2d | 1621 | * library/x509_create.c |
| vsupacha | 0:3ddbd7a98a2d | 1622 | * library/x509write_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 1623 | * library/x509write_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 1624 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1625 | //#define MBEDTLS_ASN1_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 1626 | |
| vsupacha | 0:3ddbd7a98a2d | 1627 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1628 | * \def MBEDTLS_BASE64_C |
| vsupacha | 0:3ddbd7a98a2d | 1629 | * |
| vsupacha | 0:3ddbd7a98a2d | 1630 | * Enable the Base64 module. |
| vsupacha | 0:3ddbd7a98a2d | 1631 | * |
| vsupacha | 0:3ddbd7a98a2d | 1632 | * Module: library/base64.c |
| vsupacha | 0:3ddbd7a98a2d | 1633 | * Caller: library/pem.c |
| vsupacha | 0:3ddbd7a98a2d | 1634 | * |
| vsupacha | 0:3ddbd7a98a2d | 1635 | * This module is required for PEM support (required by X.509). |
| vsupacha | 0:3ddbd7a98a2d | 1636 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1637 | #define MBEDTLS_BASE64_C |
| vsupacha | 0:3ddbd7a98a2d | 1638 | |
| vsupacha | 0:3ddbd7a98a2d | 1639 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1640 | * \def MBEDTLS_BIGNUM_C |
| vsupacha | 0:3ddbd7a98a2d | 1641 | * |
| vsupacha | 0:3ddbd7a98a2d | 1642 | * Enable the multi-precision integer library. |
| vsupacha | 0:3ddbd7a98a2d | 1643 | * |
| vsupacha | 0:3ddbd7a98a2d | 1644 | * Module: library/bignum.c |
| vsupacha | 0:3ddbd7a98a2d | 1645 | * Caller: library/dhm.c |
| vsupacha | 0:3ddbd7a98a2d | 1646 | * library/ecp.c |
| vsupacha | 0:3ddbd7a98a2d | 1647 | * library/ecdsa.c |
| vsupacha | 0:3ddbd7a98a2d | 1648 | * library/rsa.c |
| vsupacha | 0:3ddbd7a98a2d | 1649 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1650 | * |
| vsupacha | 0:3ddbd7a98a2d | 1651 | * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. |
| vsupacha | 0:3ddbd7a98a2d | 1652 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1653 | //#define MBEDTLS_BIGNUM_C |
| vsupacha | 0:3ddbd7a98a2d | 1654 | |
| vsupacha | 0:3ddbd7a98a2d | 1655 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1656 | * \def MBEDTLS_BLOWFISH_C |
| vsupacha | 0:3ddbd7a98a2d | 1657 | * |
| vsupacha | 0:3ddbd7a98a2d | 1658 | * Enable the Blowfish block cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1659 | * |
| vsupacha | 0:3ddbd7a98a2d | 1660 | * Module: library/blowfish.c |
| vsupacha | 0:3ddbd7a98a2d | 1661 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1662 | //#define MBEDTLS_BLOWFISH_C |
| vsupacha | 0:3ddbd7a98a2d | 1663 | |
| vsupacha | 0:3ddbd7a98a2d | 1664 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1665 | * \def MBEDTLS_CAMELLIA_C |
| vsupacha | 0:3ddbd7a98a2d | 1666 | * |
| vsupacha | 0:3ddbd7a98a2d | 1667 | * Enable the Camellia block cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1668 | * |
| vsupacha | 0:3ddbd7a98a2d | 1669 | * Module: library/camellia.c |
| vsupacha | 0:3ddbd7a98a2d | 1670 | * Caller: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1671 | * |
| vsupacha | 0:3ddbd7a98a2d | 1672 | * This module enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 1673 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 1674 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1675 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1676 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1677 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1678 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1679 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1680 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1681 | * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1682 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1683 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1684 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1685 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1686 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1687 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1688 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1689 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1690 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1691 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1692 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1693 | * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1694 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1695 | * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1696 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1697 | * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1698 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1699 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1700 | * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1701 | * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1702 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1703 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1704 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1705 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1706 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1707 | * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1708 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1709 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1710 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1711 | * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1712 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1713 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
| vsupacha | 0:3ddbd7a98a2d | 1714 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1715 | * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 1716 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1717 | //#define MBEDTLS_CAMELLIA_C |
| vsupacha | 0:3ddbd7a98a2d | 1718 | |
| vsupacha | 0:3ddbd7a98a2d | 1719 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1720 | * \def MBEDTLS_CCM_C |
| vsupacha | 0:3ddbd7a98a2d | 1721 | * |
| vsupacha | 0:3ddbd7a98a2d | 1722 | * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1723 | * |
| vsupacha | 0:3ddbd7a98a2d | 1724 | * Module: library/ccm.c |
| vsupacha | 0:3ddbd7a98a2d | 1725 | * |
| vsupacha | 0:3ddbd7a98a2d | 1726 | * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C |
| vsupacha | 0:3ddbd7a98a2d | 1727 | * |
| vsupacha | 0:3ddbd7a98a2d | 1728 | * This module enables the AES-CCM ciphersuites, if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 1729 | * enabled as well. |
| vsupacha | 0:3ddbd7a98a2d | 1730 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1731 | //#define MBEDTLS_CCM_C |
| vsupacha | 0:3ddbd7a98a2d | 1732 | |
| vsupacha | 0:3ddbd7a98a2d | 1733 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1734 | * \def MBEDTLS_CERTS_C |
| vsupacha | 0:3ddbd7a98a2d | 1735 | * |
| vsupacha | 0:3ddbd7a98a2d | 1736 | * Enable the test certificates. |
| vsupacha | 0:3ddbd7a98a2d | 1737 | * |
| vsupacha | 0:3ddbd7a98a2d | 1738 | * Module: library/certs.c |
| vsupacha | 0:3ddbd7a98a2d | 1739 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1740 | * |
| vsupacha | 0:3ddbd7a98a2d | 1741 | * This module is used for testing (ssl_client/server). |
| vsupacha | 0:3ddbd7a98a2d | 1742 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1743 | //#define MBEDTLS_CERTS_C |
| vsupacha | 0:3ddbd7a98a2d | 1744 | |
| vsupacha | 0:3ddbd7a98a2d | 1745 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1746 | * \def MBEDTLS_CIPHER_C |
| vsupacha | 0:3ddbd7a98a2d | 1747 | * |
| vsupacha | 0:3ddbd7a98a2d | 1748 | * Enable the generic cipher layer. |
| vsupacha | 0:3ddbd7a98a2d | 1749 | * |
| vsupacha | 0:3ddbd7a98a2d | 1750 | * Module: library/cipher.c |
| vsupacha | 0:3ddbd7a98a2d | 1751 | * Caller: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1752 | * |
| vsupacha | 0:3ddbd7a98a2d | 1753 | * Uncomment to enable generic cipher wrappers. |
| vsupacha | 0:3ddbd7a98a2d | 1754 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1755 | #define MBEDTLS_CIPHER_C |
| vsupacha | 0:3ddbd7a98a2d | 1756 | |
| vsupacha | 0:3ddbd7a98a2d | 1757 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1758 | * \def MBEDTLS_CMAC_C |
| vsupacha | 0:3ddbd7a98a2d | 1759 | * |
| vsupacha | 0:3ddbd7a98a2d | 1760 | * Enable the CMAC (Cipher-based Message Authentication Code) mode for block |
| vsupacha | 0:3ddbd7a98a2d | 1761 | * ciphers. |
| vsupacha | 0:3ddbd7a98a2d | 1762 | * |
| vsupacha | 0:3ddbd7a98a2d | 1763 | * Module: library/cmac.c |
| vsupacha | 0:3ddbd7a98a2d | 1764 | * |
| vsupacha | 0:3ddbd7a98a2d | 1765 | * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C |
| vsupacha | 0:3ddbd7a98a2d | 1766 | * |
| vsupacha | 0:3ddbd7a98a2d | 1767 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1768 | #define MBEDTLS_CMAC_C |
| vsupacha | 0:3ddbd7a98a2d | 1769 | |
| vsupacha | 0:3ddbd7a98a2d | 1770 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1771 | * \def MBEDTLS_CTR_DRBG_C |
| vsupacha | 0:3ddbd7a98a2d | 1772 | * |
| vsupacha | 0:3ddbd7a98a2d | 1773 | * Enable the CTR_DRBG AES-256-based random generator. |
| vsupacha | 0:3ddbd7a98a2d | 1774 | * |
| vsupacha | 0:3ddbd7a98a2d | 1775 | * Module: library/ctr_drbg.c |
| vsupacha | 0:3ddbd7a98a2d | 1776 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1777 | * |
| vsupacha | 0:3ddbd7a98a2d | 1778 | * Requires: MBEDTLS_AES_C |
| vsupacha | 0:3ddbd7a98a2d | 1779 | * |
| vsupacha | 0:3ddbd7a98a2d | 1780 | * This module provides the CTR_DRBG AES-256 random number generator. |
| vsupacha | 0:3ddbd7a98a2d | 1781 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1782 | //#define MBEDTLS_CTR_DRBG_C |
| vsupacha | 0:3ddbd7a98a2d | 1783 | |
| vsupacha | 0:3ddbd7a98a2d | 1784 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1785 | * \def MBEDTLS_DEBUG_C |
| vsupacha | 0:3ddbd7a98a2d | 1786 | * |
| vsupacha | 0:3ddbd7a98a2d | 1787 | * Enable the debug functions. |
| vsupacha | 0:3ddbd7a98a2d | 1788 | * |
| vsupacha | 0:3ddbd7a98a2d | 1789 | * Module: library/debug.c |
| vsupacha | 0:3ddbd7a98a2d | 1790 | * Caller: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 1791 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 1792 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1793 | * |
| vsupacha | 0:3ddbd7a98a2d | 1794 | * This module provides debugging functions. |
| vsupacha | 0:3ddbd7a98a2d | 1795 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1796 | //#define MBEDTLS_DEBUG_C |
| vsupacha | 0:3ddbd7a98a2d | 1797 | |
| vsupacha | 0:3ddbd7a98a2d | 1798 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1799 | * \def MBEDTLS_DES_C |
| vsupacha | 0:3ddbd7a98a2d | 1800 | * |
| vsupacha | 0:3ddbd7a98a2d | 1801 | * Enable the DES block cipher. |
| vsupacha | 0:3ddbd7a98a2d | 1802 | * |
| vsupacha | 0:3ddbd7a98a2d | 1803 | * Module: library/des.c |
| vsupacha | 0:3ddbd7a98a2d | 1804 | * Caller: library/pem.c |
| vsupacha | 0:3ddbd7a98a2d | 1805 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 1806 | * |
| vsupacha | 0:3ddbd7a98a2d | 1807 | * This module enables the following ciphersuites (if other requisites are |
| vsupacha | 0:3ddbd7a98a2d | 1808 | * enabled as well): |
| vsupacha | 0:3ddbd7a98a2d | 1809 | * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1810 | * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1811 | * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1812 | * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1813 | * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1814 | * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1815 | * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1816 | * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1817 | * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1818 | * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA |
| vsupacha | 0:3ddbd7a98a2d | 1819 | * |
| vsupacha | 0:3ddbd7a98a2d | 1820 | * PEM_PARSE uses DES/3DES for decrypting encrypted keys. |
| vsupacha | 0:3ddbd7a98a2d | 1821 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1822 | //#define MBEDTLS_DES_C |
| vsupacha | 0:3ddbd7a98a2d | 1823 | |
| vsupacha | 0:3ddbd7a98a2d | 1824 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1825 | * \def MBEDTLS_DHM_C |
| vsupacha | 0:3ddbd7a98a2d | 1826 | * |
| vsupacha | 0:3ddbd7a98a2d | 1827 | * Enable the Diffie-Hellman-Merkle module. |
| vsupacha | 0:3ddbd7a98a2d | 1828 | * |
| vsupacha | 0:3ddbd7a98a2d | 1829 | * Module: library/dhm.c |
| vsupacha | 0:3ddbd7a98a2d | 1830 | * Caller: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 1831 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 1832 | * |
| vsupacha | 0:3ddbd7a98a2d | 1833 | * This module is used by the following key exchanges: |
| vsupacha | 0:3ddbd7a98a2d | 1834 | * DHE-RSA, DHE-PSK |
| vsupacha | 0:3ddbd7a98a2d | 1835 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1836 | //#define MBEDTLS_DHM_C |
| vsupacha | 0:3ddbd7a98a2d | 1837 | |
| vsupacha | 0:3ddbd7a98a2d | 1838 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1839 | * \def MBEDTLS_ECDH_C |
| vsupacha | 0:3ddbd7a98a2d | 1840 | * |
| vsupacha | 0:3ddbd7a98a2d | 1841 | * Enable the elliptic curve Diffie-Hellman library. |
| vsupacha | 0:3ddbd7a98a2d | 1842 | * |
| vsupacha | 0:3ddbd7a98a2d | 1843 | * Module: library/ecdh.c |
| vsupacha | 0:3ddbd7a98a2d | 1844 | * Caller: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 1845 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 1846 | * |
| vsupacha | 0:3ddbd7a98a2d | 1847 | * This module is used by the following key exchanges: |
| vsupacha | 0:3ddbd7a98a2d | 1848 | * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK |
| vsupacha | 0:3ddbd7a98a2d | 1849 | * |
| vsupacha | 0:3ddbd7a98a2d | 1850 | * Requires: MBEDTLS_ECP_C |
| vsupacha | 0:3ddbd7a98a2d | 1851 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1852 | //#define MBEDTLS_ECDH_C |
| vsupacha | 0:3ddbd7a98a2d | 1853 | |
| vsupacha | 0:3ddbd7a98a2d | 1854 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1855 | * \def MBEDTLS_ECDSA_C |
| vsupacha | 0:3ddbd7a98a2d | 1856 | * |
| vsupacha | 0:3ddbd7a98a2d | 1857 | * Enable the elliptic curve DSA library. |
| vsupacha | 0:3ddbd7a98a2d | 1858 | * |
| vsupacha | 0:3ddbd7a98a2d | 1859 | * Module: library/ecdsa.c |
| vsupacha | 0:3ddbd7a98a2d | 1860 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1861 | * |
| vsupacha | 0:3ddbd7a98a2d | 1862 | * This module is used by the following key exchanges: |
| vsupacha | 0:3ddbd7a98a2d | 1863 | * ECDHE-ECDSA |
| vsupacha | 0:3ddbd7a98a2d | 1864 | * |
| vsupacha | 0:3ddbd7a98a2d | 1865 | * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 1866 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1867 | //#define MBEDTLS_ECDSA_C |
| vsupacha | 0:3ddbd7a98a2d | 1868 | |
| vsupacha | 0:3ddbd7a98a2d | 1869 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1870 | * \def MBEDTLS_ECJPAKE_C |
| vsupacha | 0:3ddbd7a98a2d | 1871 | * |
| vsupacha | 0:3ddbd7a98a2d | 1872 | * Enable the elliptic curve J-PAKE library. |
| vsupacha | 0:3ddbd7a98a2d | 1873 | * |
| vsupacha | 0:3ddbd7a98a2d | 1874 | * \warning This is currently experimental. EC J-PAKE support is based on the |
| vsupacha | 0:3ddbd7a98a2d | 1875 | * Thread v1.0.0 specification; incompatible changes to the specification |
| vsupacha | 0:3ddbd7a98a2d | 1876 | * might still happen. For this reason, this is disabled by default. |
| vsupacha | 0:3ddbd7a98a2d | 1877 | * |
| vsupacha | 0:3ddbd7a98a2d | 1878 | * Module: library/ecjpake.c |
| vsupacha | 0:3ddbd7a98a2d | 1879 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1880 | * |
| vsupacha | 0:3ddbd7a98a2d | 1881 | * This module is used by the following key exchanges: |
| vsupacha | 0:3ddbd7a98a2d | 1882 | * ECJPAKE |
| vsupacha | 0:3ddbd7a98a2d | 1883 | * |
| vsupacha | 0:3ddbd7a98a2d | 1884 | * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 1885 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1886 | //#define MBEDTLS_ECJPAKE_C |
| vsupacha | 0:3ddbd7a98a2d | 1887 | |
| vsupacha | 0:3ddbd7a98a2d | 1888 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1889 | * \def MBEDTLS_ECP_C |
| vsupacha | 0:3ddbd7a98a2d | 1890 | * |
| vsupacha | 0:3ddbd7a98a2d | 1891 | * Enable the elliptic curve over GF(p) library. |
| vsupacha | 0:3ddbd7a98a2d | 1892 | * |
| vsupacha | 0:3ddbd7a98a2d | 1893 | * Module: library/ecp.c |
| vsupacha | 0:3ddbd7a98a2d | 1894 | * Caller: library/ecdh.c |
| vsupacha | 0:3ddbd7a98a2d | 1895 | * library/ecdsa.c |
| vsupacha | 0:3ddbd7a98a2d | 1896 | * library/ecjpake.c |
| vsupacha | 0:3ddbd7a98a2d | 1897 | * |
| vsupacha | 0:3ddbd7a98a2d | 1898 | * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED |
| vsupacha | 0:3ddbd7a98a2d | 1899 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1900 | //#define MBEDTLS_ECP_C |
| vsupacha | 0:3ddbd7a98a2d | 1901 | |
| vsupacha | 0:3ddbd7a98a2d | 1902 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1903 | * \def MBEDTLS_ENTROPY_C |
| vsupacha | 0:3ddbd7a98a2d | 1904 | * |
| vsupacha | 0:3ddbd7a98a2d | 1905 | * Enable the platform-specific entropy code. |
| vsupacha | 0:3ddbd7a98a2d | 1906 | * |
| vsupacha | 0:3ddbd7a98a2d | 1907 | * Module: library/entropy.c |
| vsupacha | 0:3ddbd7a98a2d | 1908 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1909 | * |
| vsupacha | 0:3ddbd7a98a2d | 1910 | * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C |
| vsupacha | 0:3ddbd7a98a2d | 1911 | * |
| vsupacha | 0:3ddbd7a98a2d | 1912 | * This module provides a generic entropy pool |
| vsupacha | 0:3ddbd7a98a2d | 1913 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1914 | //#define MBEDTLS_ENTROPY_C |
| vsupacha | 0:3ddbd7a98a2d | 1915 | |
| vsupacha | 0:3ddbd7a98a2d | 1916 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1917 | * \def MBEDTLS_ERROR_C |
| vsupacha | 0:3ddbd7a98a2d | 1918 | * |
| vsupacha | 0:3ddbd7a98a2d | 1919 | * Enable error code to error string conversion. |
| vsupacha | 0:3ddbd7a98a2d | 1920 | * |
| vsupacha | 0:3ddbd7a98a2d | 1921 | * Module: library/error.c |
| vsupacha | 0:3ddbd7a98a2d | 1922 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1923 | * |
| vsupacha | 0:3ddbd7a98a2d | 1924 | * This module enables mbedtls_strerror(). |
| vsupacha | 0:3ddbd7a98a2d | 1925 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1926 | //#define MBEDTLS_ERROR_C |
| vsupacha | 0:3ddbd7a98a2d | 1927 | |
| vsupacha | 0:3ddbd7a98a2d | 1928 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1929 | * \def MBEDTLS_GCM_C |
| vsupacha | 0:3ddbd7a98a2d | 1930 | * |
| vsupacha | 0:3ddbd7a98a2d | 1931 | * Enable the Galois/Counter Mode (GCM) for AES. |
| vsupacha | 0:3ddbd7a98a2d | 1932 | * |
| vsupacha | 0:3ddbd7a98a2d | 1933 | * Module: library/gcm.c |
| vsupacha | 0:3ddbd7a98a2d | 1934 | * |
| vsupacha | 0:3ddbd7a98a2d | 1935 | * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C |
| vsupacha | 0:3ddbd7a98a2d | 1936 | * |
| vsupacha | 0:3ddbd7a98a2d | 1937 | * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other |
| vsupacha | 0:3ddbd7a98a2d | 1938 | * requisites are enabled as well. |
| vsupacha | 0:3ddbd7a98a2d | 1939 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1940 | //#define MBEDTLS_GCM_C |
| vsupacha | 0:3ddbd7a98a2d | 1941 | |
| vsupacha | 0:3ddbd7a98a2d | 1942 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1943 | * \def MBEDTLS_HAVEGE_C |
| vsupacha | 0:3ddbd7a98a2d | 1944 | * |
| vsupacha | 0:3ddbd7a98a2d | 1945 | * Enable the HAVEGE random generator. |
| vsupacha | 0:3ddbd7a98a2d | 1946 | * |
| vsupacha | 0:3ddbd7a98a2d | 1947 | * Warning: the HAVEGE random generator is not suitable for virtualized |
| vsupacha | 0:3ddbd7a98a2d | 1948 | * environments |
| vsupacha | 0:3ddbd7a98a2d | 1949 | * |
| vsupacha | 0:3ddbd7a98a2d | 1950 | * Warning: the HAVEGE random generator is dependent on timing and specific |
| vsupacha | 0:3ddbd7a98a2d | 1951 | * processor traits. It is therefore not advised to use HAVEGE as |
| vsupacha | 0:3ddbd7a98a2d | 1952 | * your applications primary random generator or primary entropy pool |
| vsupacha | 0:3ddbd7a98a2d | 1953 | * input. As a secondary input to your entropy pool, it IS able add |
| vsupacha | 0:3ddbd7a98a2d | 1954 | * the (limited) extra entropy it provides. |
| vsupacha | 0:3ddbd7a98a2d | 1955 | * |
| vsupacha | 0:3ddbd7a98a2d | 1956 | * Module: library/havege.c |
| vsupacha | 0:3ddbd7a98a2d | 1957 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1958 | * |
| vsupacha | 0:3ddbd7a98a2d | 1959 | * Requires: MBEDTLS_TIMING_C |
| vsupacha | 0:3ddbd7a98a2d | 1960 | * |
| vsupacha | 0:3ddbd7a98a2d | 1961 | * Uncomment to enable the HAVEGE random generator. |
| vsupacha | 0:3ddbd7a98a2d | 1962 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1963 | //#define MBEDTLS_HAVEGE_C |
| vsupacha | 0:3ddbd7a98a2d | 1964 | |
| vsupacha | 0:3ddbd7a98a2d | 1965 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1966 | * \def MBEDTLS_HMAC_DRBG_C |
| vsupacha | 0:3ddbd7a98a2d | 1967 | * |
| vsupacha | 0:3ddbd7a98a2d | 1968 | * Enable the HMAC_DRBG random generator. |
| vsupacha | 0:3ddbd7a98a2d | 1969 | * |
| vsupacha | 0:3ddbd7a98a2d | 1970 | * Module: library/hmac_drbg.c |
| vsupacha | 0:3ddbd7a98a2d | 1971 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1972 | * |
| vsupacha | 0:3ddbd7a98a2d | 1973 | * Requires: MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 1974 | * |
| vsupacha | 0:3ddbd7a98a2d | 1975 | * Uncomment to enable the HMAC_DRBG random number geerator. |
| vsupacha | 0:3ddbd7a98a2d | 1976 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1977 | //#define MBEDTLS_HMAC_DRBG_C |
| vsupacha | 0:3ddbd7a98a2d | 1978 | |
| vsupacha | 0:3ddbd7a98a2d | 1979 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1980 | * \def MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 1981 | * |
| vsupacha | 0:3ddbd7a98a2d | 1982 | * Enable the generic message digest layer. |
| vsupacha | 0:3ddbd7a98a2d | 1983 | * |
| vsupacha | 0:3ddbd7a98a2d | 1984 | * Module: library/md.c |
| vsupacha | 0:3ddbd7a98a2d | 1985 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1986 | * |
| vsupacha | 0:3ddbd7a98a2d | 1987 | * Uncomment to enable generic message digest wrappers. |
| vsupacha | 0:3ddbd7a98a2d | 1988 | */ |
| vsupacha | 0:3ddbd7a98a2d | 1989 | //#define MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 1990 | |
| vsupacha | 0:3ddbd7a98a2d | 1991 | /** |
| vsupacha | 0:3ddbd7a98a2d | 1992 | * \def MBEDTLS_MD2_C |
| vsupacha | 0:3ddbd7a98a2d | 1993 | * |
| vsupacha | 0:3ddbd7a98a2d | 1994 | * Enable the MD2 hash algorithm. |
| vsupacha | 0:3ddbd7a98a2d | 1995 | * |
| vsupacha | 0:3ddbd7a98a2d | 1996 | * Module: library/md2.c |
| vsupacha | 0:3ddbd7a98a2d | 1997 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 1998 | * |
| vsupacha | 0:3ddbd7a98a2d | 1999 | * Uncomment to enable support for (rare) MD2-signed X.509 certs. |
| vsupacha | 0:3ddbd7a98a2d | 2000 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2001 | //#define MBEDTLS_MD2_C |
| vsupacha | 0:3ddbd7a98a2d | 2002 | |
| vsupacha | 0:3ddbd7a98a2d | 2003 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2004 | * \def MBEDTLS_MD4_C |
| vsupacha | 0:3ddbd7a98a2d | 2005 | * |
| vsupacha | 0:3ddbd7a98a2d | 2006 | * Enable the MD4 hash algorithm. |
| vsupacha | 0:3ddbd7a98a2d | 2007 | * |
| vsupacha | 0:3ddbd7a98a2d | 2008 | * Module: library/md4.c |
| vsupacha | 0:3ddbd7a98a2d | 2009 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2010 | * |
| vsupacha | 0:3ddbd7a98a2d | 2011 | * Uncomment to enable support for (rare) MD4-signed X.509 certs. |
| vsupacha | 0:3ddbd7a98a2d | 2012 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2013 | //#define MBEDTLS_MD4_C |
| vsupacha | 0:3ddbd7a98a2d | 2014 | |
| vsupacha | 0:3ddbd7a98a2d | 2015 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2016 | * \def MBEDTLS_MD5_C |
| vsupacha | 0:3ddbd7a98a2d | 2017 | * |
| vsupacha | 0:3ddbd7a98a2d | 2018 | * Enable the MD5 hash algorithm. |
| vsupacha | 0:3ddbd7a98a2d | 2019 | * |
| vsupacha | 0:3ddbd7a98a2d | 2020 | * Module: library/md5.c |
| vsupacha | 0:3ddbd7a98a2d | 2021 | * Caller: library/md.c |
| vsupacha | 0:3ddbd7a98a2d | 2022 | * library/pem.c |
| vsupacha | 0:3ddbd7a98a2d | 2023 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2024 | * |
| vsupacha | 0:3ddbd7a98a2d | 2025 | * This module is required for SSL/TLS and X.509. |
| vsupacha | 0:3ddbd7a98a2d | 2026 | * PEM_PARSE uses MD5 for decrypting encrypted keys. |
| vsupacha | 0:3ddbd7a98a2d | 2027 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2028 | //#define MBEDTLS_MD5_C |
| vsupacha | 0:3ddbd7a98a2d | 2029 | |
| vsupacha | 0:3ddbd7a98a2d | 2030 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2031 | * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C |
| vsupacha | 0:3ddbd7a98a2d | 2032 | * |
| vsupacha | 0:3ddbd7a98a2d | 2033 | * Enable the buffer allocator implementation that makes use of a (stack) |
| vsupacha | 0:3ddbd7a98a2d | 2034 | * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() |
| vsupacha | 0:3ddbd7a98a2d | 2035 | * calls) |
| vsupacha | 0:3ddbd7a98a2d | 2036 | * |
| vsupacha | 0:3ddbd7a98a2d | 2037 | * Module: library/memory_buffer_alloc.c |
| vsupacha | 0:3ddbd7a98a2d | 2038 | * |
| vsupacha | 0:3ddbd7a98a2d | 2039 | * Requires: MBEDTLS_PLATFORM_C |
| vsupacha | 0:3ddbd7a98a2d | 2040 | * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) |
| vsupacha | 0:3ddbd7a98a2d | 2041 | * |
| vsupacha | 0:3ddbd7a98a2d | 2042 | * Enable this module to enable the buffer memory allocator. |
| vsupacha | 0:3ddbd7a98a2d | 2043 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2044 | //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C |
| vsupacha | 0:3ddbd7a98a2d | 2045 | |
| vsupacha | 0:3ddbd7a98a2d | 2046 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2047 | * \def MBEDTLS_NET_C |
| vsupacha | 0:3ddbd7a98a2d | 2048 | * |
| vsupacha | 0:3ddbd7a98a2d | 2049 | * Enable the TCP and UDP over IPv6/IPv4 networking routines. |
| vsupacha | 0:3ddbd7a98a2d | 2050 | * |
| vsupacha | 0:3ddbd7a98a2d | 2051 | * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) |
| vsupacha | 0:3ddbd7a98a2d | 2052 | * and Windows. For other platforms, you'll want to disable it, and write your |
| vsupacha | 0:3ddbd7a98a2d | 2053 | * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). |
| vsupacha | 0:3ddbd7a98a2d | 2054 | * |
| vsupacha | 0:3ddbd7a98a2d | 2055 | * \note See also our Knowledge Base article about porting to a new |
| vsupacha | 0:3ddbd7a98a2d | 2056 | * environment: |
| vsupacha | 0:3ddbd7a98a2d | 2057 | * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS |
| vsupacha | 0:3ddbd7a98a2d | 2058 | * |
| vsupacha | 0:3ddbd7a98a2d | 2059 | * Module: library/net_sockets.c |
| vsupacha | 0:3ddbd7a98a2d | 2060 | * |
| vsupacha | 0:3ddbd7a98a2d | 2061 | * This module provides networking routines. |
| vsupacha | 0:3ddbd7a98a2d | 2062 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2063 | //#define MBEDTLS_NET_C |
| vsupacha | 0:3ddbd7a98a2d | 2064 | |
| vsupacha | 0:3ddbd7a98a2d | 2065 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2066 | * \def MBEDTLS_OID_C |
| vsupacha | 0:3ddbd7a98a2d | 2067 | * |
| vsupacha | 0:3ddbd7a98a2d | 2068 | * Enable the OID database. |
| vsupacha | 0:3ddbd7a98a2d | 2069 | * |
| vsupacha | 0:3ddbd7a98a2d | 2070 | * Module: library/oid.c |
| vsupacha | 0:3ddbd7a98a2d | 2071 | * Caller: library/asn1write.c |
| vsupacha | 0:3ddbd7a98a2d | 2072 | * library/pkcs5.c |
| vsupacha | 0:3ddbd7a98a2d | 2073 | * library/pkparse.c |
| vsupacha | 0:3ddbd7a98a2d | 2074 | * library/pkwrite.c |
| vsupacha | 0:3ddbd7a98a2d | 2075 | * library/rsa.c |
| vsupacha | 0:3ddbd7a98a2d | 2076 | * library/x509.c |
| vsupacha | 0:3ddbd7a98a2d | 2077 | * library/x509_create.c |
| vsupacha | 0:3ddbd7a98a2d | 2078 | * library/x509_crl.c |
| vsupacha | 0:3ddbd7a98a2d | 2079 | * library/x509_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2080 | * library/x509_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2081 | * library/x509write_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2082 | * library/x509write_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2083 | * |
| vsupacha | 0:3ddbd7a98a2d | 2084 | * This modules translates between OIDs and internal values. |
| vsupacha | 0:3ddbd7a98a2d | 2085 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2086 | //#define MBEDTLS_OID_C |
| vsupacha | 0:3ddbd7a98a2d | 2087 | |
| vsupacha | 0:3ddbd7a98a2d | 2088 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2089 | * \def MBEDTLS_PADLOCK_C |
| vsupacha | 0:3ddbd7a98a2d | 2090 | * |
| vsupacha | 0:3ddbd7a98a2d | 2091 | * Enable VIA Padlock support on x86. |
| vsupacha | 0:3ddbd7a98a2d | 2092 | * |
| vsupacha | 0:3ddbd7a98a2d | 2093 | * Module: library/padlock.c |
| vsupacha | 0:3ddbd7a98a2d | 2094 | * Caller: library/aes.c |
| vsupacha | 0:3ddbd7a98a2d | 2095 | * |
| vsupacha | 0:3ddbd7a98a2d | 2096 | * Requires: MBEDTLS_HAVE_ASM |
| vsupacha | 0:3ddbd7a98a2d | 2097 | * |
| vsupacha | 0:3ddbd7a98a2d | 2098 | * This modules adds support for the VIA PadLock on x86. |
| vsupacha | 0:3ddbd7a98a2d | 2099 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2100 | //#define MBEDTLS_PADLOCK_C |
| vsupacha | 0:3ddbd7a98a2d | 2101 | |
| vsupacha | 0:3ddbd7a98a2d | 2102 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2103 | * \def MBEDTLS_PEM_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2104 | * |
| vsupacha | 0:3ddbd7a98a2d | 2105 | * Enable PEM decoding / parsing. |
| vsupacha | 0:3ddbd7a98a2d | 2106 | * |
| vsupacha | 0:3ddbd7a98a2d | 2107 | * Module: library/pem.c |
| vsupacha | 0:3ddbd7a98a2d | 2108 | * Caller: library/dhm.c |
| vsupacha | 0:3ddbd7a98a2d | 2109 | * library/pkparse.c |
| vsupacha | 0:3ddbd7a98a2d | 2110 | * library/x509_crl.c |
| vsupacha | 0:3ddbd7a98a2d | 2111 | * library/x509_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2112 | * library/x509_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2113 | * |
| vsupacha | 0:3ddbd7a98a2d | 2114 | * Requires: MBEDTLS_BASE64_C |
| vsupacha | 0:3ddbd7a98a2d | 2115 | * |
| vsupacha | 0:3ddbd7a98a2d | 2116 | * This modules adds support for decoding / parsing PEM files. |
| vsupacha | 0:3ddbd7a98a2d | 2117 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2118 | //#define MBEDTLS_PEM_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2119 | |
| vsupacha | 0:3ddbd7a98a2d | 2120 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2121 | * \def MBEDTLS_PEM_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2122 | * |
| vsupacha | 0:3ddbd7a98a2d | 2123 | * Enable PEM encoding / writing. |
| vsupacha | 0:3ddbd7a98a2d | 2124 | * |
| vsupacha | 0:3ddbd7a98a2d | 2125 | * Module: library/pem.c |
| vsupacha | 0:3ddbd7a98a2d | 2126 | * Caller: library/pkwrite.c |
| vsupacha | 0:3ddbd7a98a2d | 2127 | * library/x509write_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2128 | * library/x509write_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2129 | * |
| vsupacha | 0:3ddbd7a98a2d | 2130 | * Requires: MBEDTLS_BASE64_C |
| vsupacha | 0:3ddbd7a98a2d | 2131 | * |
| vsupacha | 0:3ddbd7a98a2d | 2132 | * This modules adds support for encoding / writing PEM files. |
| vsupacha | 0:3ddbd7a98a2d | 2133 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2134 | //#define MBEDTLS_PEM_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2135 | |
| vsupacha | 0:3ddbd7a98a2d | 2136 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2137 | * \def MBEDTLS_PK_C |
| vsupacha | 0:3ddbd7a98a2d | 2138 | * |
| vsupacha | 0:3ddbd7a98a2d | 2139 | * Enable the generic public (asymetric) key layer. |
| vsupacha | 0:3ddbd7a98a2d | 2140 | * |
| vsupacha | 0:3ddbd7a98a2d | 2141 | * Module: library/pk.c |
| vsupacha | 0:3ddbd7a98a2d | 2142 | * Caller: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2143 | * library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2144 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2145 | * |
| vsupacha | 0:3ddbd7a98a2d | 2146 | * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C |
| vsupacha | 0:3ddbd7a98a2d | 2147 | * |
| vsupacha | 0:3ddbd7a98a2d | 2148 | * Uncomment to enable generic public key wrappers. |
| vsupacha | 0:3ddbd7a98a2d | 2149 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2150 | //#define MBEDTLS_PK_C |
| vsupacha | 0:3ddbd7a98a2d | 2151 | |
| vsupacha | 0:3ddbd7a98a2d | 2152 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2153 | * \def MBEDTLS_PK_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2154 | * |
| vsupacha | 0:3ddbd7a98a2d | 2155 | * Enable the generic public (asymetric) key parser. |
| vsupacha | 0:3ddbd7a98a2d | 2156 | * |
| vsupacha | 0:3ddbd7a98a2d | 2157 | * Module: library/pkparse.c |
| vsupacha | 0:3ddbd7a98a2d | 2158 | * Caller: library/x509_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2159 | * library/x509_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2160 | * |
| vsupacha | 0:3ddbd7a98a2d | 2161 | * Requires: MBEDTLS_PK_C |
| vsupacha | 0:3ddbd7a98a2d | 2162 | * |
| vsupacha | 0:3ddbd7a98a2d | 2163 | * Uncomment to enable generic public key parse functions. |
| vsupacha | 0:3ddbd7a98a2d | 2164 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2165 | //#define MBEDTLS_PK_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2166 | |
| vsupacha | 0:3ddbd7a98a2d | 2167 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2168 | * \def MBEDTLS_PK_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2169 | * |
| vsupacha | 0:3ddbd7a98a2d | 2170 | * Enable the generic public (asymetric) key writer. |
| vsupacha | 0:3ddbd7a98a2d | 2171 | * |
| vsupacha | 0:3ddbd7a98a2d | 2172 | * Module: library/pkwrite.c |
| vsupacha | 0:3ddbd7a98a2d | 2173 | * Caller: library/x509write.c |
| vsupacha | 0:3ddbd7a98a2d | 2174 | * |
| vsupacha | 0:3ddbd7a98a2d | 2175 | * Requires: MBEDTLS_PK_C |
| vsupacha | 0:3ddbd7a98a2d | 2176 | * |
| vsupacha | 0:3ddbd7a98a2d | 2177 | * Uncomment to enable generic public key write functions. |
| vsupacha | 0:3ddbd7a98a2d | 2178 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2179 | //#define MBEDTLS_PK_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2180 | |
| vsupacha | 0:3ddbd7a98a2d | 2181 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2182 | * \def MBEDTLS_PKCS5_C |
| vsupacha | 0:3ddbd7a98a2d | 2183 | * |
| vsupacha | 0:3ddbd7a98a2d | 2184 | * Enable PKCS#5 functions. |
| vsupacha | 0:3ddbd7a98a2d | 2185 | * |
| vsupacha | 0:3ddbd7a98a2d | 2186 | * Module: library/pkcs5.c |
| vsupacha | 0:3ddbd7a98a2d | 2187 | * |
| vsupacha | 0:3ddbd7a98a2d | 2188 | * Requires: MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 2189 | * |
| vsupacha | 0:3ddbd7a98a2d | 2190 | * This module adds support for the PKCS#5 functions. |
| vsupacha | 0:3ddbd7a98a2d | 2191 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2192 | //#define MBEDTLS_PKCS5_C |
| vsupacha | 0:3ddbd7a98a2d | 2193 | |
| vsupacha | 0:3ddbd7a98a2d | 2194 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2195 | * \def MBEDTLS_PKCS11_C |
| vsupacha | 0:3ddbd7a98a2d | 2196 | * |
| vsupacha | 0:3ddbd7a98a2d | 2197 | * Enable wrapper for PKCS#11 smartcard support. |
| vsupacha | 0:3ddbd7a98a2d | 2198 | * |
| vsupacha | 0:3ddbd7a98a2d | 2199 | * Module: library/pkcs11.c |
| vsupacha | 0:3ddbd7a98a2d | 2200 | * Caller: library/pk.c |
| vsupacha | 0:3ddbd7a98a2d | 2201 | * |
| vsupacha | 0:3ddbd7a98a2d | 2202 | * Requires: MBEDTLS_PK_C |
| vsupacha | 0:3ddbd7a98a2d | 2203 | * |
| vsupacha | 0:3ddbd7a98a2d | 2204 | * This module enables SSL/TLS PKCS #11 smartcard support. |
| vsupacha | 0:3ddbd7a98a2d | 2205 | * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) |
| vsupacha | 0:3ddbd7a98a2d | 2206 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2207 | //#define MBEDTLS_PKCS11_C |
| vsupacha | 0:3ddbd7a98a2d | 2208 | |
| vsupacha | 0:3ddbd7a98a2d | 2209 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2210 | * \def MBEDTLS_PKCS12_C |
| vsupacha | 0:3ddbd7a98a2d | 2211 | * |
| vsupacha | 0:3ddbd7a98a2d | 2212 | * Enable PKCS#12 PBE functions. |
| vsupacha | 0:3ddbd7a98a2d | 2213 | * Adds algorithms for parsing PKCS#8 encrypted private keys |
| vsupacha | 0:3ddbd7a98a2d | 2214 | * |
| vsupacha | 0:3ddbd7a98a2d | 2215 | * Module: library/pkcs12.c |
| vsupacha | 0:3ddbd7a98a2d | 2216 | * Caller: library/pkparse.c |
| vsupacha | 0:3ddbd7a98a2d | 2217 | * |
| vsupacha | 0:3ddbd7a98a2d | 2218 | * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 2219 | * Can use: MBEDTLS_ARC4_C |
| vsupacha | 0:3ddbd7a98a2d | 2220 | * |
| vsupacha | 0:3ddbd7a98a2d | 2221 | * This module enables PKCS#12 functions. |
| vsupacha | 0:3ddbd7a98a2d | 2222 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2223 | //#define MBEDTLS_PKCS12_C |
| vsupacha | 0:3ddbd7a98a2d | 2224 | |
| vsupacha | 0:3ddbd7a98a2d | 2225 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2226 | * \def MBEDTLS_PLATFORM_C |
| vsupacha | 0:3ddbd7a98a2d | 2227 | * |
| vsupacha | 0:3ddbd7a98a2d | 2228 | * Enable the platform abstraction layer that allows you to re-assign |
| vsupacha | 0:3ddbd7a98a2d | 2229 | * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). |
| vsupacha | 0:3ddbd7a98a2d | 2230 | * |
| vsupacha | 0:3ddbd7a98a2d | 2231 | * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT |
| vsupacha | 0:3ddbd7a98a2d | 2232 | * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned |
| vsupacha | 0:3ddbd7a98a2d | 2233 | * above to be specified at runtime or compile time respectively. |
| vsupacha | 0:3ddbd7a98a2d | 2234 | * |
| vsupacha | 0:3ddbd7a98a2d | 2235 | * \note This abstraction layer must be enabled on Windows (including MSYS2) |
| vsupacha | 0:3ddbd7a98a2d | 2236 | * as other module rely on it for a fixed snprintf implementation. |
| vsupacha | 0:3ddbd7a98a2d | 2237 | * |
| vsupacha | 0:3ddbd7a98a2d | 2238 | * Module: library/platform.c |
| vsupacha | 0:3ddbd7a98a2d | 2239 | * Caller: Most other .c files |
| vsupacha | 0:3ddbd7a98a2d | 2240 | * |
| vsupacha | 0:3ddbd7a98a2d | 2241 | * This module enables abstraction of common (libc) functions. |
| vsupacha | 0:3ddbd7a98a2d | 2242 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2243 | //#define MBEDTLS_PLATFORM_C |
| vsupacha | 0:3ddbd7a98a2d | 2244 | |
| vsupacha | 0:3ddbd7a98a2d | 2245 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2246 | * \def MBEDTLS_RIPEMD160_C |
| vsupacha | 0:3ddbd7a98a2d | 2247 | * |
| vsupacha | 0:3ddbd7a98a2d | 2248 | * Enable the RIPEMD-160 hash algorithm. |
| vsupacha | 0:3ddbd7a98a2d | 2249 | * |
| vsupacha | 0:3ddbd7a98a2d | 2250 | * Module: library/ripemd160.c |
| vsupacha | 0:3ddbd7a98a2d | 2251 | * Caller: library/md.c |
| vsupacha | 0:3ddbd7a98a2d | 2252 | * |
| vsupacha | 0:3ddbd7a98a2d | 2253 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2254 | //#define MBEDTLS_RIPEMD160_C |
| vsupacha | 0:3ddbd7a98a2d | 2255 | |
| vsupacha | 0:3ddbd7a98a2d | 2256 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2257 | * \def MBEDTLS_RSA_C |
| vsupacha | 0:3ddbd7a98a2d | 2258 | * |
| vsupacha | 0:3ddbd7a98a2d | 2259 | * Enable the RSA public-key cryptosystem. |
| vsupacha | 0:3ddbd7a98a2d | 2260 | * |
| vsupacha | 0:3ddbd7a98a2d | 2261 | * Module: library/rsa.c |
| vsupacha | 0:3ddbd7a98a2d | 2262 | * Caller: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2263 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2264 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2265 | * library/x509.c |
| vsupacha | 0:3ddbd7a98a2d | 2266 | * |
| vsupacha | 0:3ddbd7a98a2d | 2267 | * This module is used by the following key exchanges: |
| vsupacha | 0:3ddbd7a98a2d | 2268 | * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK |
| vsupacha | 0:3ddbd7a98a2d | 2269 | * |
| vsupacha | 0:3ddbd7a98a2d | 2270 | * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C |
| vsupacha | 0:3ddbd7a98a2d | 2271 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2272 | //#define MBEDTLS_RSA_C |
| vsupacha | 0:3ddbd7a98a2d | 2273 | |
| vsupacha | 0:3ddbd7a98a2d | 2274 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2275 | * \def MBEDTLS_SHA1_C |
| vsupacha | 0:3ddbd7a98a2d | 2276 | * |
| vsupacha | 0:3ddbd7a98a2d | 2277 | * Enable the SHA1 cryptographic hash algorithm. |
| vsupacha | 0:3ddbd7a98a2d | 2278 | * |
| vsupacha | 0:3ddbd7a98a2d | 2279 | * Module: library/sha1.c |
| vsupacha | 0:3ddbd7a98a2d | 2280 | * Caller: library/md.c |
| vsupacha | 0:3ddbd7a98a2d | 2281 | * library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2282 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2283 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2284 | * library/x509write_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2285 | * |
| vsupacha | 0:3ddbd7a98a2d | 2286 | * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 |
| vsupacha | 0:3ddbd7a98a2d | 2287 | * depending on the handshake parameters, and for SHA1-signed certificates. |
| vsupacha | 0:3ddbd7a98a2d | 2288 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2289 | //#define MBEDTLS_SHA1_C |
| vsupacha | 0:3ddbd7a98a2d | 2290 | |
| vsupacha | 0:3ddbd7a98a2d | 2291 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2292 | * \def MBEDTLS_SHA256_C |
| vsupacha | 0:3ddbd7a98a2d | 2293 | * |
| vsupacha | 0:3ddbd7a98a2d | 2294 | * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. |
| vsupacha | 0:3ddbd7a98a2d | 2295 | * |
| vsupacha | 0:3ddbd7a98a2d | 2296 | * Module: library/sha256.c |
| vsupacha | 0:3ddbd7a98a2d | 2297 | * Caller: library/entropy.c |
| vsupacha | 0:3ddbd7a98a2d | 2298 | * library/md.c |
| vsupacha | 0:3ddbd7a98a2d | 2299 | * library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2300 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2301 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2302 | * |
| vsupacha | 0:3ddbd7a98a2d | 2303 | * This module adds support for SHA-224 and SHA-256. |
| vsupacha | 0:3ddbd7a98a2d | 2304 | * This module is required for the SSL/TLS 1.2 PRF function. |
| vsupacha | 0:3ddbd7a98a2d | 2305 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2306 | //#define MBEDTLS_SHA256_C |
| vsupacha | 0:3ddbd7a98a2d | 2307 | |
| vsupacha | 0:3ddbd7a98a2d | 2308 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2309 | * \def MBEDTLS_SHA512_C |
| vsupacha | 0:3ddbd7a98a2d | 2310 | * |
| vsupacha | 0:3ddbd7a98a2d | 2311 | * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. |
| vsupacha | 0:3ddbd7a98a2d | 2312 | * |
| vsupacha | 0:3ddbd7a98a2d | 2313 | * Module: library/sha512.c |
| vsupacha | 0:3ddbd7a98a2d | 2314 | * Caller: library/entropy.c |
| vsupacha | 0:3ddbd7a98a2d | 2315 | * library/md.c |
| vsupacha | 0:3ddbd7a98a2d | 2316 | * library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2317 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2318 | * |
| vsupacha | 0:3ddbd7a98a2d | 2319 | * This module adds support for SHA-384 and SHA-512. |
| vsupacha | 0:3ddbd7a98a2d | 2320 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2321 | //#define MBEDTLS_SHA512_C |
| vsupacha | 0:3ddbd7a98a2d | 2322 | |
| vsupacha | 0:3ddbd7a98a2d | 2323 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2324 | * \def MBEDTLS_SSL_CACHE_C |
| vsupacha | 0:3ddbd7a98a2d | 2325 | * |
| vsupacha | 0:3ddbd7a98a2d | 2326 | * Enable simple SSL cache implementation. |
| vsupacha | 0:3ddbd7a98a2d | 2327 | * |
| vsupacha | 0:3ddbd7a98a2d | 2328 | * Module: library/ssl_cache.c |
| vsupacha | 0:3ddbd7a98a2d | 2329 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2330 | * |
| vsupacha | 0:3ddbd7a98a2d | 2331 | * Requires: MBEDTLS_SSL_CACHE_C |
| vsupacha | 0:3ddbd7a98a2d | 2332 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2333 | //#define MBEDTLS_SSL_CACHE_C |
| vsupacha | 0:3ddbd7a98a2d | 2334 | |
| vsupacha | 0:3ddbd7a98a2d | 2335 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2336 | * \def MBEDTLS_SSL_COOKIE_C |
| vsupacha | 0:3ddbd7a98a2d | 2337 | * |
| vsupacha | 0:3ddbd7a98a2d | 2338 | * Enable basic implementation of DTLS cookies for hello verification. |
| vsupacha | 0:3ddbd7a98a2d | 2339 | * |
| vsupacha | 0:3ddbd7a98a2d | 2340 | * Module: library/ssl_cookie.c |
| vsupacha | 0:3ddbd7a98a2d | 2341 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2342 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2343 | //#define MBEDTLS_SSL_COOKIE_C |
| vsupacha | 0:3ddbd7a98a2d | 2344 | |
| vsupacha | 0:3ddbd7a98a2d | 2345 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2346 | * \def MBEDTLS_SSL_TICKET_C |
| vsupacha | 0:3ddbd7a98a2d | 2347 | * |
| vsupacha | 0:3ddbd7a98a2d | 2348 | * Enable an implementation of TLS server-side callbacks for session tickets. |
| vsupacha | 0:3ddbd7a98a2d | 2349 | * |
| vsupacha | 0:3ddbd7a98a2d | 2350 | * Module: library/ssl_ticket.c |
| vsupacha | 0:3ddbd7a98a2d | 2351 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2352 | * |
| vsupacha | 0:3ddbd7a98a2d | 2353 | * Requires: MBEDTLS_CIPHER_C |
| vsupacha | 0:3ddbd7a98a2d | 2354 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2355 | //#define MBEDTLS_SSL_TICKET_C |
| vsupacha | 0:3ddbd7a98a2d | 2356 | |
| vsupacha | 0:3ddbd7a98a2d | 2357 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2358 | * \def MBEDTLS_SSL_CLI_C |
| vsupacha | 0:3ddbd7a98a2d | 2359 | * |
| vsupacha | 0:3ddbd7a98a2d | 2360 | * Enable the SSL/TLS client code. |
| vsupacha | 0:3ddbd7a98a2d | 2361 | * |
| vsupacha | 0:3ddbd7a98a2d | 2362 | * Module: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2363 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2364 | * |
| vsupacha | 0:3ddbd7a98a2d | 2365 | * Requires: MBEDTLS_SSL_TLS_C |
| vsupacha | 0:3ddbd7a98a2d | 2366 | * |
| vsupacha | 0:3ddbd7a98a2d | 2367 | * This module is required for SSL/TLS client support. |
| vsupacha | 0:3ddbd7a98a2d | 2368 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2369 | //#define MBEDTLS_SSL_CLI_C |
| vsupacha | 0:3ddbd7a98a2d | 2370 | |
| vsupacha | 0:3ddbd7a98a2d | 2371 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2372 | * \def MBEDTLS_SSL_SRV_C |
| vsupacha | 0:3ddbd7a98a2d | 2373 | * |
| vsupacha | 0:3ddbd7a98a2d | 2374 | * Enable the SSL/TLS server code. |
| vsupacha | 0:3ddbd7a98a2d | 2375 | * |
| vsupacha | 0:3ddbd7a98a2d | 2376 | * Module: library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2377 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2378 | * |
| vsupacha | 0:3ddbd7a98a2d | 2379 | * Requires: MBEDTLS_SSL_TLS_C |
| vsupacha | 0:3ddbd7a98a2d | 2380 | * |
| vsupacha | 0:3ddbd7a98a2d | 2381 | * This module is required for SSL/TLS server support. |
| vsupacha | 0:3ddbd7a98a2d | 2382 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2383 | //#define MBEDTLS_SSL_SRV_C |
| vsupacha | 0:3ddbd7a98a2d | 2384 | |
| vsupacha | 0:3ddbd7a98a2d | 2385 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2386 | * \def MBEDTLS_SSL_TLS_C |
| vsupacha | 0:3ddbd7a98a2d | 2387 | * |
| vsupacha | 0:3ddbd7a98a2d | 2388 | * Enable the generic SSL/TLS code. |
| vsupacha | 0:3ddbd7a98a2d | 2389 | * |
| vsupacha | 0:3ddbd7a98a2d | 2390 | * Module: library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2391 | * Caller: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2392 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2393 | * |
| vsupacha | 0:3ddbd7a98a2d | 2394 | * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C |
| vsupacha | 0:3ddbd7a98a2d | 2395 | * and at least one of the MBEDTLS_SSL_PROTO_XXX defines |
| vsupacha | 0:3ddbd7a98a2d | 2396 | * |
| vsupacha | 0:3ddbd7a98a2d | 2397 | * This module is required for SSL/TLS. |
| vsupacha | 0:3ddbd7a98a2d | 2398 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2399 | //#define MBEDTLS_SSL_TLS_C |
| vsupacha | 0:3ddbd7a98a2d | 2400 | |
| vsupacha | 0:3ddbd7a98a2d | 2401 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2402 | * \def MBEDTLS_THREADING_C |
| vsupacha | 0:3ddbd7a98a2d | 2403 | * |
| vsupacha | 0:3ddbd7a98a2d | 2404 | * Enable the threading abstraction layer. |
| vsupacha | 0:3ddbd7a98a2d | 2405 | * By default mbed TLS assumes it is used in a non-threaded environment or that |
| vsupacha | 0:3ddbd7a98a2d | 2406 | * contexts are not shared between threads. If you do intend to use contexts |
| vsupacha | 0:3ddbd7a98a2d | 2407 | * between threads, you will need to enable this layer to prevent race |
| vsupacha | 0:3ddbd7a98a2d | 2408 | * conditions. See also our Knowledge Base article about threading: |
| vsupacha | 0:3ddbd7a98a2d | 2409 | * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading |
| vsupacha | 0:3ddbd7a98a2d | 2410 | * |
| vsupacha | 0:3ddbd7a98a2d | 2411 | * Module: library/threading.c |
| vsupacha | 0:3ddbd7a98a2d | 2412 | * |
| vsupacha | 0:3ddbd7a98a2d | 2413 | * This allows different threading implementations (self-implemented or |
| vsupacha | 0:3ddbd7a98a2d | 2414 | * provided). |
| vsupacha | 0:3ddbd7a98a2d | 2415 | * |
| vsupacha | 0:3ddbd7a98a2d | 2416 | * You will have to enable either MBEDTLS_THREADING_ALT or |
| vsupacha | 0:3ddbd7a98a2d | 2417 | * MBEDTLS_THREADING_PTHREAD. |
| vsupacha | 0:3ddbd7a98a2d | 2418 | * |
| vsupacha | 0:3ddbd7a98a2d | 2419 | * Enable this layer to allow use of mutexes within mbed TLS |
| vsupacha | 0:3ddbd7a98a2d | 2420 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2421 | //#define MBEDTLS_THREADING_C |
| vsupacha | 0:3ddbd7a98a2d | 2422 | |
| vsupacha | 0:3ddbd7a98a2d | 2423 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2424 | * \def MBEDTLS_TIMING_C |
| vsupacha | 0:3ddbd7a98a2d | 2425 | * |
| vsupacha | 0:3ddbd7a98a2d | 2426 | * Enable the semi-portable timing interface. |
| vsupacha | 0:3ddbd7a98a2d | 2427 | * |
| vsupacha | 0:3ddbd7a98a2d | 2428 | * \note The provided implementation only works on POSIX/Unix (including Linux, |
| vsupacha | 0:3ddbd7a98a2d | 2429 | * BSD and OS X) and Windows. On other platforms, you can either disable that |
| vsupacha | 0:3ddbd7a98a2d | 2430 | * module and provide your own implementations of the callbacks needed by |
| vsupacha | 0:3ddbd7a98a2d | 2431 | * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide |
| vsupacha | 0:3ddbd7a98a2d | 2432 | * your own implementation of the whole module by setting |
| vsupacha | 0:3ddbd7a98a2d | 2433 | * \c MBEDTLS_TIMING_ALT in the current file. |
| vsupacha | 0:3ddbd7a98a2d | 2434 | * |
| vsupacha | 0:3ddbd7a98a2d | 2435 | * \note See also our Knowledge Base article about porting to a new |
| vsupacha | 0:3ddbd7a98a2d | 2436 | * environment: |
| vsupacha | 0:3ddbd7a98a2d | 2437 | * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS |
| vsupacha | 0:3ddbd7a98a2d | 2438 | * |
| vsupacha | 0:3ddbd7a98a2d | 2439 | * Module: library/timing.c |
| vsupacha | 0:3ddbd7a98a2d | 2440 | * Caller: library/havege.c |
| vsupacha | 0:3ddbd7a98a2d | 2441 | * |
| vsupacha | 0:3ddbd7a98a2d | 2442 | * This module is used by the HAVEGE random number generator. |
| vsupacha | 0:3ddbd7a98a2d | 2443 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2444 | //#define MBEDTLS_TIMING_C |
| vsupacha | 0:3ddbd7a98a2d | 2445 | |
| vsupacha | 0:3ddbd7a98a2d | 2446 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2447 | * \def MBEDTLS_VERSION_C |
| vsupacha | 0:3ddbd7a98a2d | 2448 | * |
| vsupacha | 0:3ddbd7a98a2d | 2449 | * Enable run-time version information. |
| vsupacha | 0:3ddbd7a98a2d | 2450 | * |
| vsupacha | 0:3ddbd7a98a2d | 2451 | * Module: library/version.c |
| vsupacha | 0:3ddbd7a98a2d | 2452 | * |
| vsupacha | 0:3ddbd7a98a2d | 2453 | * This module provides run-time version information. |
| vsupacha | 0:3ddbd7a98a2d | 2454 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2455 | //#define MBEDTLS_VERSION_C |
| vsupacha | 0:3ddbd7a98a2d | 2456 | |
| vsupacha | 0:3ddbd7a98a2d | 2457 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2458 | * \def MBEDTLS_X509_USE_C |
| vsupacha | 0:3ddbd7a98a2d | 2459 | * |
| vsupacha | 0:3ddbd7a98a2d | 2460 | * Enable X.509 core for using certificates. |
| vsupacha | 0:3ddbd7a98a2d | 2461 | * |
| vsupacha | 0:3ddbd7a98a2d | 2462 | * Module: library/x509.c |
| vsupacha | 0:3ddbd7a98a2d | 2463 | * Caller: library/x509_crl.c |
| vsupacha | 0:3ddbd7a98a2d | 2464 | * library/x509_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2465 | * library/x509_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2466 | * |
| vsupacha | 0:3ddbd7a98a2d | 2467 | * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, |
| vsupacha | 0:3ddbd7a98a2d | 2468 | * MBEDTLS_PK_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2469 | * |
| vsupacha | 0:3ddbd7a98a2d | 2470 | * This module is required for the X.509 parsing modules. |
| vsupacha | 0:3ddbd7a98a2d | 2471 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2472 | //#define MBEDTLS_X509_USE_C |
| vsupacha | 0:3ddbd7a98a2d | 2473 | |
| vsupacha | 0:3ddbd7a98a2d | 2474 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2475 | * \def MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2476 | * |
| vsupacha | 0:3ddbd7a98a2d | 2477 | * Enable X.509 certificate parsing. |
| vsupacha | 0:3ddbd7a98a2d | 2478 | * |
| vsupacha | 0:3ddbd7a98a2d | 2479 | * Module: library/x509_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2480 | * Caller: library/ssl_cli.c |
| vsupacha | 0:3ddbd7a98a2d | 2481 | * library/ssl_srv.c |
| vsupacha | 0:3ddbd7a98a2d | 2482 | * library/ssl_tls.c |
| vsupacha | 0:3ddbd7a98a2d | 2483 | * |
| vsupacha | 0:3ddbd7a98a2d | 2484 | * Requires: MBEDTLS_X509_USE_C |
| vsupacha | 0:3ddbd7a98a2d | 2485 | * |
| vsupacha | 0:3ddbd7a98a2d | 2486 | * This module is required for X.509 certificate parsing. |
| vsupacha | 0:3ddbd7a98a2d | 2487 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2488 | //#define MBEDTLS_X509_CRT_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2489 | |
| vsupacha | 0:3ddbd7a98a2d | 2490 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2491 | * \def MBEDTLS_X509_CRL_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2492 | * |
| vsupacha | 0:3ddbd7a98a2d | 2493 | * Enable X.509 CRL parsing. |
| vsupacha | 0:3ddbd7a98a2d | 2494 | * |
| vsupacha | 0:3ddbd7a98a2d | 2495 | * Module: library/x509_crl.c |
| vsupacha | 0:3ddbd7a98a2d | 2496 | * Caller: library/x509_crt.c |
| vsupacha | 0:3ddbd7a98a2d | 2497 | * |
| vsupacha | 0:3ddbd7a98a2d | 2498 | * Requires: MBEDTLS_X509_USE_C |
| vsupacha | 0:3ddbd7a98a2d | 2499 | * |
| vsupacha | 0:3ddbd7a98a2d | 2500 | * This module is required for X.509 CRL parsing. |
| vsupacha | 0:3ddbd7a98a2d | 2501 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2502 | //#define MBEDTLS_X509_CRL_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2503 | |
| vsupacha | 0:3ddbd7a98a2d | 2504 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2505 | * \def MBEDTLS_X509_CSR_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2506 | * |
| vsupacha | 0:3ddbd7a98a2d | 2507 | * Enable X.509 Certificate Signing Request (CSR) parsing. |
| vsupacha | 0:3ddbd7a98a2d | 2508 | * |
| vsupacha | 0:3ddbd7a98a2d | 2509 | * Module: library/x509_csr.c |
| vsupacha | 0:3ddbd7a98a2d | 2510 | * Caller: library/x509_crt_write.c |
| vsupacha | 0:3ddbd7a98a2d | 2511 | * |
| vsupacha | 0:3ddbd7a98a2d | 2512 | * Requires: MBEDTLS_X509_USE_C |
| vsupacha | 0:3ddbd7a98a2d | 2513 | * |
| vsupacha | 0:3ddbd7a98a2d | 2514 | * This module is used for reading X.509 certificate request. |
| vsupacha | 0:3ddbd7a98a2d | 2515 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2516 | //#define MBEDTLS_X509_CSR_PARSE_C |
| vsupacha | 0:3ddbd7a98a2d | 2517 | |
| vsupacha | 0:3ddbd7a98a2d | 2518 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2519 | * \def MBEDTLS_X509_CREATE_C |
| vsupacha | 0:3ddbd7a98a2d | 2520 | * |
| vsupacha | 0:3ddbd7a98a2d | 2521 | * Enable X.509 core for creating certificates. |
| vsupacha | 0:3ddbd7a98a2d | 2522 | * |
| vsupacha | 0:3ddbd7a98a2d | 2523 | * Module: library/x509_create.c |
| vsupacha | 0:3ddbd7a98a2d | 2524 | * |
| vsupacha | 0:3ddbd7a98a2d | 2525 | * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2526 | * |
| vsupacha | 0:3ddbd7a98a2d | 2527 | * This module is the basis for creating X.509 certificates and CSRs. |
| vsupacha | 0:3ddbd7a98a2d | 2528 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2529 | //#define MBEDTLS_X509_CREATE_C |
| vsupacha | 0:3ddbd7a98a2d | 2530 | |
| vsupacha | 0:3ddbd7a98a2d | 2531 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2532 | * \def MBEDTLS_X509_CRT_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2533 | * |
| vsupacha | 0:3ddbd7a98a2d | 2534 | * Enable creating X.509 certificates. |
| vsupacha | 0:3ddbd7a98a2d | 2535 | * |
| vsupacha | 0:3ddbd7a98a2d | 2536 | * Module: library/x509_crt_write.c |
| vsupacha | 0:3ddbd7a98a2d | 2537 | * |
| vsupacha | 0:3ddbd7a98a2d | 2538 | * Requires: MBEDTLS_X509_CREATE_C |
| vsupacha | 0:3ddbd7a98a2d | 2539 | * |
| vsupacha | 0:3ddbd7a98a2d | 2540 | * This module is required for X.509 certificate creation. |
| vsupacha | 0:3ddbd7a98a2d | 2541 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2542 | //#define MBEDTLS_X509_CRT_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2543 | |
| vsupacha | 0:3ddbd7a98a2d | 2544 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2545 | * \def MBEDTLS_X509_CSR_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2546 | * |
| vsupacha | 0:3ddbd7a98a2d | 2547 | * Enable creating X.509 Certificate Signing Requests (CSR). |
| vsupacha | 0:3ddbd7a98a2d | 2548 | * |
| vsupacha | 0:3ddbd7a98a2d | 2549 | * Module: library/x509_csr_write.c |
| vsupacha | 0:3ddbd7a98a2d | 2550 | * |
| vsupacha | 0:3ddbd7a98a2d | 2551 | * Requires: MBEDTLS_X509_CREATE_C |
| vsupacha | 0:3ddbd7a98a2d | 2552 | * |
| vsupacha | 0:3ddbd7a98a2d | 2553 | * This module is required for X.509 certificate request writing. |
| vsupacha | 0:3ddbd7a98a2d | 2554 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2555 | //#define MBEDTLS_X509_CSR_WRITE_C |
| vsupacha | 0:3ddbd7a98a2d | 2556 | |
| vsupacha | 0:3ddbd7a98a2d | 2557 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2558 | * \def MBEDTLS_XTEA_C |
| vsupacha | 0:3ddbd7a98a2d | 2559 | * |
| vsupacha | 0:3ddbd7a98a2d | 2560 | * Enable the XTEA block cipher. |
| vsupacha | 0:3ddbd7a98a2d | 2561 | * |
| vsupacha | 0:3ddbd7a98a2d | 2562 | * Module: library/xtea.c |
| vsupacha | 0:3ddbd7a98a2d | 2563 | * Caller: |
| vsupacha | 0:3ddbd7a98a2d | 2564 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2565 | //#define MBEDTLS_XTEA_C |
| vsupacha | 0:3ddbd7a98a2d | 2566 | |
| vsupacha | 0:3ddbd7a98a2d | 2567 | /* \} name SECTION: mbed TLS modules */ |
| vsupacha | 0:3ddbd7a98a2d | 2568 | |
| vsupacha | 0:3ddbd7a98a2d | 2569 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2570 | * \name SECTION: Module configuration options |
| vsupacha | 0:3ddbd7a98a2d | 2571 | * |
| vsupacha | 0:3ddbd7a98a2d | 2572 | * This section allows for the setting of module specific sizes and |
| vsupacha | 0:3ddbd7a98a2d | 2573 | * configuration options. The default values are already present in the |
| vsupacha | 0:3ddbd7a98a2d | 2574 | * relevant header files and should suffice for the regular use cases. |
| vsupacha | 0:3ddbd7a98a2d | 2575 | * |
| vsupacha | 0:3ddbd7a98a2d | 2576 | * Our advice is to enable options and change their values here |
| vsupacha | 0:3ddbd7a98a2d | 2577 | * only if you have a good reason and know the consequences. |
| vsupacha | 0:3ddbd7a98a2d | 2578 | * |
| vsupacha | 0:3ddbd7a98a2d | 2579 | * Please check the respective header file for documentation on these |
| vsupacha | 0:3ddbd7a98a2d | 2580 | * parameters (to prevent duplicate documentation). |
| vsupacha | 0:3ddbd7a98a2d | 2581 | * \{ |
| vsupacha | 0:3ddbd7a98a2d | 2582 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2583 | |
| vsupacha | 0:3ddbd7a98a2d | 2584 | /* MPI / BIGNUM options */ |
| vsupacha | 0:3ddbd7a98a2d | 2585 | //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ |
| vsupacha | 0:3ddbd7a98a2d | 2586 | //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ |
| vsupacha | 0:3ddbd7a98a2d | 2587 | |
| vsupacha | 0:3ddbd7a98a2d | 2588 | /* CTR_DRBG options */ |
| vsupacha | 0:3ddbd7a98a2d | 2589 | //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ |
| vsupacha | 0:3ddbd7a98a2d | 2590 | //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ |
| vsupacha | 0:3ddbd7a98a2d | 2591 | //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ |
| vsupacha | 0:3ddbd7a98a2d | 2592 | //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ |
| vsupacha | 0:3ddbd7a98a2d | 2593 | //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ |
| vsupacha | 0:3ddbd7a98a2d | 2594 | |
| vsupacha | 0:3ddbd7a98a2d | 2595 | /* HMAC_DRBG options */ |
| vsupacha | 0:3ddbd7a98a2d | 2596 | //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ |
| vsupacha | 0:3ddbd7a98a2d | 2597 | //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ |
| vsupacha | 0:3ddbd7a98a2d | 2598 | //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ |
| vsupacha | 0:3ddbd7a98a2d | 2599 | //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ |
| vsupacha | 0:3ddbd7a98a2d | 2600 | |
| vsupacha | 0:3ddbd7a98a2d | 2601 | /* ECP options */ |
| vsupacha | 0:3ddbd7a98a2d | 2602 | //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ |
| vsupacha | 0:3ddbd7a98a2d | 2603 | //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ |
| vsupacha | 0:3ddbd7a98a2d | 2604 | //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ |
| vsupacha | 0:3ddbd7a98a2d | 2605 | |
| vsupacha | 0:3ddbd7a98a2d | 2606 | /* Entropy options */ |
| vsupacha | 0:3ddbd7a98a2d | 2607 | //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ |
| vsupacha | 0:3ddbd7a98a2d | 2608 | //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ |
| vsupacha | 0:3ddbd7a98a2d | 2609 | //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ |
| vsupacha | 0:3ddbd7a98a2d | 2610 | |
| vsupacha | 0:3ddbd7a98a2d | 2611 | /* Memory buffer allocator options */ |
| vsupacha | 0:3ddbd7a98a2d | 2612 | //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ |
| vsupacha | 0:3ddbd7a98a2d | 2613 | |
| vsupacha | 0:3ddbd7a98a2d | 2614 | /* Platform options */ |
| vsupacha | 0:3ddbd7a98a2d | 2615 | //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ |
| vsupacha | 0:3ddbd7a98a2d | 2616 | //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2617 | //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2618 | //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2619 | //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ |
| vsupacha | 0:3ddbd7a98a2d | 2620 | //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2621 | //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2622 | /* Note: your snprintf must correclty zero-terminate the buffer! */ |
| vsupacha | 0:3ddbd7a98a2d | 2623 | //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2624 | //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2625 | //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2626 | //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2627 | //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2628 | //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ |
| vsupacha | 0:3ddbd7a98a2d | 2629 | |
| vsupacha | 0:3ddbd7a98a2d | 2630 | /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ |
| vsupacha | 0:3ddbd7a98a2d | 2631 | /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ |
| vsupacha | 0:3ddbd7a98a2d | 2632 | //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2633 | //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2634 | //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2635 | //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ |
| vsupacha | 0:3ddbd7a98a2d | 2636 | //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ |
| vsupacha | 0:3ddbd7a98a2d | 2637 | //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2638 | //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2639 | /* Note: your snprintf must correclty zero-terminate the buffer! */ |
| vsupacha | 0:3ddbd7a98a2d | 2640 | //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2641 | //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2642 | //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ |
| vsupacha | 0:3ddbd7a98a2d | 2643 | |
| vsupacha | 0:3ddbd7a98a2d | 2644 | /* SSL Cache options */ |
| vsupacha | 0:3ddbd7a98a2d | 2645 | //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ |
| vsupacha | 0:3ddbd7a98a2d | 2646 | //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ |
| vsupacha | 0:3ddbd7a98a2d | 2647 | |
| vsupacha | 0:3ddbd7a98a2d | 2648 | /* SSL options */ |
| vsupacha | 0:3ddbd7a98a2d | 2649 | //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */ |
| vsupacha | 0:3ddbd7a98a2d | 2650 | //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ |
| vsupacha | 0:3ddbd7a98a2d | 2651 | //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ |
| vsupacha | 0:3ddbd7a98a2d | 2652 | //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ |
| vsupacha | 0:3ddbd7a98a2d | 2653 | |
| vsupacha | 0:3ddbd7a98a2d | 2654 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2655 | * Complete list of ciphersuites to use, in order of preference. |
| vsupacha | 0:3ddbd7a98a2d | 2656 | * |
| vsupacha | 0:3ddbd7a98a2d | 2657 | * \warning No dependency checking is done on that field! This option can only |
| vsupacha | 0:3ddbd7a98a2d | 2658 | * be used to restrict the set of available ciphersuites. It is your |
| vsupacha | 0:3ddbd7a98a2d | 2659 | * responsibility to make sure the needed modules are active. |
| vsupacha | 0:3ddbd7a98a2d | 2660 | * |
| vsupacha | 0:3ddbd7a98a2d | 2661 | * Use this to save a few hundred bytes of ROM (default ordering of all |
| vsupacha | 0:3ddbd7a98a2d | 2662 | * available ciphersuites) and a few to a few hundred bytes of RAM. |
| vsupacha | 0:3ddbd7a98a2d | 2663 | * |
| vsupacha | 0:3ddbd7a98a2d | 2664 | * The value below is only an example, not the default. |
| vsupacha | 0:3ddbd7a98a2d | 2665 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2666 | //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
| vsupacha | 0:3ddbd7a98a2d | 2667 | |
| vsupacha | 0:3ddbd7a98a2d | 2668 | /* X509 options */ |
| vsupacha | 0:3ddbd7a98a2d | 2669 | //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ |
| vsupacha | 0:3ddbd7a98a2d | 2670 | //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ |
| vsupacha | 0:3ddbd7a98a2d | 2671 | |
| vsupacha | 0:3ddbd7a98a2d | 2672 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2673 | * Allow SHA-1 in the default TLS configuration for certificate signing. |
| vsupacha | 0:3ddbd7a98a2d | 2674 | * Without this build-time option, SHA-1 support must be activated explicitly |
| vsupacha | 0:3ddbd7a98a2d | 2675 | * through mbedtls_ssl_conf_cert_profile. Turning on this option is not |
| vsupacha | 0:3ddbd7a98a2d | 2676 | * recommended because of it is possible to generte SHA-1 collisions, however |
| vsupacha | 0:3ddbd7a98a2d | 2677 | * this may be safe for legacy infrastructure where additional controls apply. |
| vsupacha | 0:3ddbd7a98a2d | 2678 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2679 | // #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES |
| vsupacha | 0:3ddbd7a98a2d | 2680 | |
| vsupacha | 0:3ddbd7a98a2d | 2681 | /** |
| vsupacha | 0:3ddbd7a98a2d | 2682 | * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake |
| vsupacha | 0:3ddbd7a98a2d | 2683 | * signature and ciphersuite selection. Without this build-time option, SHA-1 |
| vsupacha | 0:3ddbd7a98a2d | 2684 | * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. |
| vsupacha | 0:3ddbd7a98a2d | 2685 | * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by |
| vsupacha | 0:3ddbd7a98a2d | 2686 | * default. At the time of writing, there is no practical attack on the use |
| vsupacha | 0:3ddbd7a98a2d | 2687 | * of SHA-1 in handshake signatures, hence this option is turned on by default |
| vsupacha | 0:3ddbd7a98a2d | 2688 | * for compatibility with existing peers. |
| vsupacha | 0:3ddbd7a98a2d | 2689 | */ |
| vsupacha | 0:3ddbd7a98a2d | 2690 | //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE |
| vsupacha | 0:3ddbd7a98a2d | 2691 | |
| vsupacha | 0:3ddbd7a98a2d | 2692 | |
| vsupacha | 0:3ddbd7a98a2d | 2693 | #include "check_config.h" |
| vsupacha | 0:3ddbd7a98a2d | 2694 | |
| vsupacha | 0:3ddbd7a98a2d | 2695 | #endif /* MBEDTLS_LORA_CONFIG_H */ |