1 /** 2 * \file mbedtls_config.h 3 * 4 * \brief Configuration options (set of defines) 5 * 6 * This set of compile-time options may be used to enable 7 * or disable features selectively, and reduce the global 8 * memory footprint. 9 */ 10 /* 11 * Copyright The Mbed TLS Contributors 12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 13 */ 14 15 /** 16 * This is an optional version symbol that enables compatibility handling of 17 * config files. 18 * 19 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that 20 * introduced the config format we want to be compatible with. 21 */ 22 //#define MBEDTLS_CONFIG_VERSION 0x03000000 23 24 /** 25 * \name SECTION: System support 26 * 27 * This section sets system specific settings. 28 * \{ 29 */ 30 31 /** 32 * \def MBEDTLS_HAVE_ASM 33 * 34 * The compiler has support for asm(). 35 * 36 * Requires support for asm() in compiler. 37 * 38 * Used in: 39 * library/aesni.h 40 * library/aria.c 41 * library/bn_mul.h 42 * library/constant_time.c 43 * library/padlock.h 44 * 45 * Required by: 46 * MBEDTLS_AESCE_C 47 * MBEDTLS_AESNI_C (on some platforms) 48 * MBEDTLS_PADLOCK_C 49 * 50 * Comment to disable the use of assembly code. 51 */ 52 #define MBEDTLS_HAVE_ASM 53 54 /** 55 * \def MBEDTLS_NO_UDBL_DIVISION 56 * 57 * The platform lacks support for double-width integer division (64-bit 58 * division on a 32-bit platform, 128-bit division on a 64-bit platform). 59 * 60 * Used in: 61 * include/mbedtls/bignum.h 62 * library/bignum.c 63 * 64 * The bignum code uses double-width division to speed up some operations. 65 * Double-width division is often implemented in software that needs to 66 * be linked with the program. The presence of a double-width integer 67 * type is usually detected automatically through preprocessor macros, 68 * but the automatic detection cannot know whether the code needs to 69 * and can be linked with an implementation of division for that type. 70 * By default division is assumed to be usable if the type is present. 71 * Uncomment this option to prevent the use of double-width division. 72 * 73 * Note that division for the native integer type is always required. 74 * Furthermore, a 64-bit type is always required even on a 32-bit 75 * platform, but it need not support multiplication or division. In some 76 * cases it is also desirable to disable some double-width operations. For 77 * example, if double-width division is implemented in software, disabling 78 * it can reduce code size in some embedded targets. 79 */ 80 //#define MBEDTLS_NO_UDBL_DIVISION 81 82 /** 83 * \def MBEDTLS_NO_64BIT_MULTIPLICATION 84 * 85 * The platform lacks support for 32x32 -> 64-bit multiplication. 86 * 87 * Used in: 88 * library/poly1305.c 89 * 90 * Some parts of the library may use multiplication of two unsigned 32-bit 91 * operands with a 64-bit result in order to speed up computations. On some 92 * platforms, this is not available in hardware and has to be implemented in 93 * software, usually in a library provided by the toolchain. 94 * 95 * Sometimes it is not desirable to have to link to that library. This option 96 * removes the dependency of that library on platforms that lack a hardware 97 * 64-bit multiplier by embedding a software implementation in Mbed TLS. 98 * 99 * Note that depending on the compiler, this may decrease performance compared 100 * to using the library function provided by the toolchain. 101 */ 102 //#define MBEDTLS_NO_64BIT_MULTIPLICATION 103 104 /** 105 * \def MBEDTLS_HAVE_SSE2 106 * 107 * CPU supports SSE2 instruction set. 108 * 109 * Uncomment if the CPU supports SSE2 (IA-32 specific). 110 */ 111 //#define MBEDTLS_HAVE_SSE2 112 113 /** 114 * \def MBEDTLS_HAVE_TIME 115 * 116 * System has time.h and time(). 117 * The time does not need to be correct, only time differences are used, 118 * by contrast with MBEDTLS_HAVE_TIME_DATE 119 * 120 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, 121 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and 122 * MBEDTLS_PLATFORM_STD_TIME. 123 * 124 * Comment if your system does not support time functions. 125 * 126 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing 127 * interface - timing.c will include time.h on suitable platforms 128 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 129 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 130 */ 131 #define MBEDTLS_HAVE_TIME 132 133 /** 134 * \def MBEDTLS_HAVE_TIME_DATE 135 * 136 * System has time.h, time(), and an implementation for 137 * mbedtls_platform_gmtime_r() (see below). 138 * The time needs to be correct (not necessarily very accurate, but at least 139 * the date should be correct). This is used to verify the validity period of 140 * X.509 certificates. 141 * 142 * Comment if your system does not have a correct clock. 143 * 144 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that 145 * behaves similarly to the gmtime_r() function from the C standard. Refer to 146 * the documentation for mbedtls_platform_gmtime_r() for more information. 147 * 148 * \note It is possible to configure an implementation for 149 * mbedtls_platform_gmtime_r() at compile-time by using the macro 150 * MBEDTLS_PLATFORM_GMTIME_R_ALT. 151 */ 152 // #define MBEDTLS_HAVE_TIME_DATE 153 154 /** 155 * \def MBEDTLS_PLATFORM_MEMORY 156 * 157 * Enable the memory allocation layer. 158 * 159 * By default Mbed TLS uses the system-provided calloc() and free(). 160 * This allows different allocators (self-implemented or provided) to be 161 * provided to the platform abstraction layer. 162 * 163 * Enabling #MBEDTLS_PLATFORM_MEMORY without the 164 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide 165 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and 166 * free() function pointer at runtime. 167 * 168 * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying 169 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the 170 * alternate function at compile time. 171 * 172 * An overview of how the value of mbedtls_calloc is determined: 173 * 174 * - if !MBEDTLS_PLATFORM_MEMORY 175 * - mbedtls_calloc = calloc 176 * - if MBEDTLS_PLATFORM_MEMORY 177 * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): 178 * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO 179 * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): 180 * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. 181 * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? 182 * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: 183 * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; 184 * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; 185 * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: 186 * - if MBEDTLS_PLATFORM_STD_CALLOC is present: 187 * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; 188 * - if !MBEDTLS_PLATFORM_STD_CALLOC: 189 * - MBEDTLS_PLATFORM_STD_CALLOC = calloc 190 * 191 * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. 192 * - if !MBEDTLS_PLATFORM_STD_CALLOC 193 * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc 194 * 195 * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. 196 * 197 * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. 198 * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. 199 * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, 200 * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. 201 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. 202 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. 203 * 204 * Requires: MBEDTLS_PLATFORM_C 205 * 206 * Enable this layer to allow use of alternative memory allocators. 207 */ 208 #define MBEDTLS_PLATFORM_MEMORY 209 210 /** 211 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 212 * 213 * Do not assign standard functions in the platform layer (e.g. calloc() to 214 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) 215 * 216 * This makes sure there are no linking errors on platforms that do not support 217 * these functions. You will HAVE to provide alternatives, either at runtime 218 * via the platform_set_xxx() functions or at compile time by setting 219 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a 220 * MBEDTLS_PLATFORM_XXX_MACRO. 221 * 222 * Requires: MBEDTLS_PLATFORM_C 223 * 224 * Uncomment to prevent default assignment of standard functions in the 225 * platform layer. 226 */ 227 #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 228 229 /** 230 * \def MBEDTLS_PLATFORM_EXIT_ALT 231 * 232 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the 233 * function in the platform abstraction layer. 234 * 235 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will 236 * provide a function "mbedtls_platform_set_printf()" that allows you to set an 237 * alternative printf function pointer. 238 * 239 * All these define require MBEDTLS_PLATFORM_C to be defined! 240 * 241 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; 242 * it will be enabled automatically by check_config.h 243 * 244 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as 245 * MBEDTLS_PLATFORM_XXX_MACRO! 246 * 247 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME 248 * 249 * Uncomment a macro to enable alternate implementation of specific base 250 * platform function 251 */ 252 //#define MBEDTLS_PLATFORM_SETBUF_ALT 253 //#define MBEDTLS_PLATFORM_EXIT_ALT 254 #define MBEDTLS_PLATFORM_TIME_ALT 255 //#define MBEDTLS_PLATFORM_FPRINTF_ALT 256 //#define MBEDTLS_PLATFORM_PRINTF_ALT 257 #define MBEDTLS_PLATFORM_SNPRINTF_ALT 258 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT 259 //#define MBEDTLS_PLATFORM_NV_SEED_ALT 260 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT 261 //#define MBEDTLS_PLATFORM_MS_TIME_ALT 262 263 /** 264 * Uncomment the macro to let Mbed TLS use your alternate implementation of 265 * mbedtls_platform_gmtime_r(). This replaces the default implementation in 266 * platform_util.c. 267 * 268 * gmtime() is not a thread-safe function as defined in the C standard. The 269 * library will try to use safer implementations of this function, such as 270 * gmtime_r() when available. However, if Mbed TLS cannot identify the target 271 * system, the implementation of mbedtls_platform_gmtime_r() will default to 272 * using the standard gmtime(). In this case, calls from the library to 273 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex 274 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the 275 * library are also guarded with this mutex to avoid race conditions. However, 276 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will 277 * unconditionally use the implementation for mbedtls_platform_gmtime_r() 278 * supplied at compile time. 279 */ 280 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT 281 282 /** 283 * Uncomment the macro to let Mbed TLS use your alternate implementation of 284 * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces 285 * the default implementation in platform_util.c. 286 * 287 * By default, the library uses a system function such as memset_s() 288 * (optional feature of C11), explicit_bzero() (BSD and compatible), or 289 * SecureZeroMemory (Windows). If no such function is detected, the library 290 * falls back to a plain C implementation. Compilers are technically 291 * permitted to optimize this implementation out, meaning that the memory is 292 * not actually wiped. The library tries to prevent that, but the C language 293 * makes it impossible to guarantee that the memory will always be wiped. 294 * 295 * If your platform provides a guaranteed method to wipe memory which 296 * `platform_util.c` does not detect, define this macro to the name of 297 * a function that takes two arguments, a `void *` pointer and a length, 298 * and wipes that many bytes starting at the specified address. For example, 299 * if your platform has explicit_bzero() but `platform_util.c` does not 300 * detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be 301 * `explicit_bzero` to use that function as mbedtls_platform_zeroize(). 302 */ 303 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT 304 305 /** 306 * \def MBEDTLS_DEPRECATED_WARNING 307 * 308 * Mark deprecated functions and features so that they generate a warning if 309 * used. Functionality deprecated in one version will usually be removed in the 310 * next version. You can enable this to help you prepare the transition to a 311 * new major version by making sure your code is not using this functionality. 312 * 313 * This only works with GCC and Clang. With other compilers, you may want to 314 * use MBEDTLS_DEPRECATED_REMOVED 315 * 316 * Uncomment to get warnings on using deprecated functions and features. 317 */ 318 //#define MBEDTLS_DEPRECATED_WARNING 319 320 /** 321 * \def MBEDTLS_DEPRECATED_REMOVED 322 * 323 * Remove deprecated functions and features so that they generate an error if 324 * used. Functionality deprecated in one version will usually be removed in the 325 * next version. You can enable this to help you prepare the transition to a 326 * new major version by making sure your code is not using this functionality. 327 * 328 * Uncomment to get errors on using deprecated functions and features. 329 */ 330 //#define MBEDTLS_DEPRECATED_REMOVED 331 332 /** \} name SECTION: System support */ 333 334 /** 335 * \name SECTION: Mbed TLS feature support 336 * 337 * This section sets support for features that are or are not needed 338 * within the modules that are enabled. 339 * \{ 340 */ 341 342 /** 343 * \def MBEDTLS_TIMING_ALT 344 * 345 * Uncomment to provide your own alternate implementation for 346 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() 347 * 348 * Only works if you have MBEDTLS_TIMING_C enabled. 349 * 350 * You will need to provide a header "timing_alt.h" and an implementation at 351 * compile time. 352 */ 353 //#define MBEDTLS_TIMING_ALT 354 355 /** 356 * \def MBEDTLS_AES_ALT 357 * 358 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your 359 * alternate core implementation of a symmetric crypto, an arithmetic or hash 360 * module (e.g. platform specific assembly optimized implementations). Keep 361 * in mind that the function prototypes should remain the same. 362 * 363 * This replaces the whole module. If you only want to replace one of the 364 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. 365 * 366 * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer 367 * provide the "struct mbedtls_aes_context" definition and omit the base 368 * function declarations and implementations. "aes_alt.h" will be included from 369 * "aes.h" to include the new function definitions. 370 * 371 * Uncomment a macro to enable alternate implementation of the corresponding 372 * module. 373 * 374 * \warning MD5, DES and SHA-1 are considered weak and their 375 * use constitutes a security risk. If possible, we recommend 376 * avoiding dependencies on them, and considering stronger message 377 * digests and ciphers instead. 378 * 379 */ 380 //#define MBEDTLS_AES_ALT 381 //#define MBEDTLS_ARIA_ALT 382 //#define MBEDTLS_CAMELLIA_ALT 383 //#define MBEDTLS_CCM_ALT 384 //#define MBEDTLS_CHACHA20_ALT 385 //#define MBEDTLS_CHACHAPOLY_ALT 386 //#define MBEDTLS_CMAC_ALT 387 //#define MBEDTLS_DES_ALT 388 //#define MBEDTLS_DHM_ALT 389 //#define MBEDTLS_ECJPAKE_ALT 390 //#define MBEDTLS_GCM_ALT 391 //#define MBEDTLS_NIST_KW_ALT 392 //#define MBEDTLS_MD5_ALT 393 //#define MBEDTLS_POLY1305_ALT 394 //#define MBEDTLS_RIPEMD160_ALT 395 //#define MBEDTLS_RSA_ALT 396 //#define MBEDTLS_SHA1_ALT 397 //#define MBEDTLS_SHA256_ALT 398 //#define MBEDTLS_SHA512_ALT 399 400 /* 401 * When replacing the elliptic curve module, please consider, that it is 402 * implemented with two .c files: 403 * - ecp.c 404 * - ecp_curves.c 405 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT 406 * macros as described above. The only difference is that you have to make sure 407 * that you provide functionality for both .c files. 408 */ 409 //#define MBEDTLS_ECP_ALT 410 411 /** 412 * \def MBEDTLS_SHA256_PROCESS_ALT 413 * 414 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you 415 * alternate core implementation of symmetric crypto or hash function. Keep in 416 * mind that function prototypes should remain the same. 417 * 418 * This replaces only one function. The header file from Mbed TLS is still 419 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. 420 * 421 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will 422 * no longer provide the mbedtls_sha1_process() function, but it will still provide 423 * the other function (using your mbedtls_sha1_process() function) and the definition 424 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible 425 * with this definition. 426 * 427 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set 428 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES 429 * tables. 430 * 431 * Uncomment a macro to enable alternate implementation of the corresponding 432 * function. 433 * 434 * \warning MD5, DES and SHA-1 are considered weak and their use 435 * constitutes a security risk. If possible, we recommend avoiding 436 * dependencies on them, and considering stronger message digests 437 * and ciphers instead. 438 * 439 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are 440 * enabled, then the deterministic ECDH signature functions pass the 441 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore 442 * alternative implementations should use the RNG only for generating 443 * the ephemeral key and nothing else. If this is not possible, then 444 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative 445 * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). 446 * 447 */ 448 //#define MBEDTLS_MD5_PROCESS_ALT 449 //#define MBEDTLS_RIPEMD160_PROCESS_ALT 450 //#define MBEDTLS_SHA1_PROCESS_ALT 451 //#define MBEDTLS_SHA256_PROCESS_ALT 452 //#define MBEDTLS_SHA512_PROCESS_ALT 453 //#define MBEDTLS_DES_SETKEY_ALT 454 //#define MBEDTLS_DES_CRYPT_ECB_ALT 455 //#define MBEDTLS_DES3_CRYPT_ECB_ALT 456 //#define MBEDTLS_AES_SETKEY_ENC_ALT 457 //#define MBEDTLS_AES_SETKEY_DEC_ALT 458 //#define MBEDTLS_AES_ENCRYPT_ALT 459 //#define MBEDTLS_AES_DECRYPT_ALT 460 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT 461 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT 462 //#define MBEDTLS_ECDSA_VERIFY_ALT 463 //#define MBEDTLS_ECDSA_SIGN_ALT 464 //#define MBEDTLS_ECDSA_GENKEY_ALT 465 466 /** 467 * \def MBEDTLS_ECP_INTERNAL_ALT 468 * 469 * Expose a part of the internal interface of the Elliptic Curve Point module. 470 * 471 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your 472 * alternative core implementation of elliptic curve arithmetic. Keep in mind 473 * that function prototypes should remain the same. 474 * 475 * This partially replaces one function. The header file from Mbed TLS is still 476 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation 477 * is still present and it is used for group structures not supported by the 478 * alternative. 479 * 480 * The original implementation can in addition be removed by setting the 481 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the 482 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be 483 * able to fallback to curves not supported by the alternative implementation. 484 * 485 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT 486 * and implementing the following functions: 487 * unsigned char mbedtls_internal_ecp_grp_capable( 488 * const mbedtls_ecp_group *grp ) 489 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) 490 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) 491 * The mbedtls_internal_ecp_grp_capable function should return 1 if the 492 * replacement functions implement arithmetic for the given group and 0 493 * otherwise. 494 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are 495 * called before and after each point operation and provide an opportunity to 496 * implement optimized set up and tear down instructions. 497 * 498 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and 499 * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() 500 * function, but will use your mbedtls_internal_ecp_double_jac() if the group 501 * for the operation is supported by your implementation (i.e. your 502 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the 503 * group is not supported by your implementation, then the original Mbed TLS 504 * implementation of ecp_double_jac() is used instead, unless this fallback 505 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case 506 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). 507 * 508 * The function prototypes and the definition of mbedtls_ecp_group and 509 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your 510 * implementation of mbedtls_internal_ecp__function_name__ must be compatible 511 * with their definitions. 512 * 513 * Uncomment a macro to enable alternate implementation of the corresponding 514 * function. 515 */ 516 /* Required for all the functions in this section */ 517 //#define MBEDTLS_ECP_INTERNAL_ALT 518 /* Turn off software fallback for curves not supported in hardware */ 519 //#define MBEDTLS_ECP_NO_FALLBACK 520 /* Support for Weierstrass curves with Jacobi representation */ 521 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT 522 //#define MBEDTLS_ECP_ADD_MIXED_ALT 523 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT 524 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT 525 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT 526 /* Support for curves with Montgomery arithmetic */ 527 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT 528 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT 529 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT 530 531 /** 532 * \def MBEDTLS_ENTROPY_HARDWARE_ALT 533 * 534 * Uncomment this macro to let Mbed TLS use your own implementation of a 535 * hardware entropy collector. 536 * 537 * Your function must be called \c mbedtls_hardware_poll(), have the same 538 * prototype as declared in library/entropy_poll.h, and accept NULL as first 539 * argument. 540 * 541 * Uncomment to use your own hardware entropy collector. 542 */ 543 //#define MBEDTLS_ENTROPY_HARDWARE_ALT 544 545 /** 546 * \def MBEDTLS_AES_ROM_TABLES 547 * 548 * Use precomputed AES tables stored in ROM. 549 * 550 * Uncomment this macro to use precomputed AES tables stored in ROM. 551 * Comment this macro to generate AES tables in RAM at runtime. 552 * 553 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb 554 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the 555 * initialization time before the first AES operation can be performed. 556 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c 557 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded 558 * performance if ROM access is slower than RAM access. 559 * 560 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. 561 */ 562 #define MBEDTLS_AES_ROM_TABLES 563 564 /** 565 * \def MBEDTLS_AES_FEWER_TABLES 566 * 567 * Use less ROM/RAM for AES tables. 568 * 569 * Uncommenting this macro omits 75% of the AES tables from 570 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) 571 * by computing their values on the fly during operations 572 * (the tables are entry-wise rotations of one another). 573 * 574 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint 575 * by ~6kb but at the cost of more arithmetic operations during 576 * runtime. Specifically, one has to compare 4 accesses within 577 * different tables to 4 accesses with additional arithmetic 578 * operations within the same table. The performance gain/loss 579 * depends on the system and memory details. 580 * 581 * This option is independent of \c MBEDTLS_AES_ROM_TABLES. 582 */ 583 //#define MBEDTLS_AES_FEWER_TABLES 584 585 /** 586 * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 587 * 588 * Use only 128-bit keys in AES operations to save ROM. 589 * 590 * Uncomment this macro to remove support for AES operations that use 192- 591 * or 256-bit keys. 592 * 593 * Uncommenting this macro reduces the size of AES code by ~300 bytes 594 * on v8-M/Thumb2. 595 * 596 * Module: library/aes.c 597 * 598 * Requires: MBEDTLS_AES_C 599 */ 600 //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 601 602 /* 603 * Disable plain C implementation for AES. 604 * 605 * When the plain C implementation is enabled, and an implementation using a 606 * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime 607 * detection will be used to select between them. 608 * 609 * If only one implementation is present, runtime detection will not be used. 610 * This configuration will crash at runtime if running on a CPU without the 611 * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C 612 * and/or MBEDTLS_AESNI_C is enabled & present in the build. 613 */ 614 //#define MBEDTLS_AES_USE_HARDWARE_ONLY 615 616 /** 617 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY 618 * 619 * Use less ROM for the Camellia implementation (saves about 768 bytes). 620 * 621 * Uncomment this macro to use less memory for Camellia. 622 */ 623 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY 624 625 /** 626 * \def MBEDTLS_CHECK_RETURN_WARNING 627 * 628 * If this macro is defined, emit a compile-time warning if application code 629 * calls a function without checking its return value, but the return value 630 * should generally be checked in portable applications. 631 * 632 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is 633 * implemented. Otherwise this option has no effect. 634 * 635 * Uncomment to get warnings on using fallible functions without checking 636 * their return value. 637 * 638 * \note This feature is a work in progress. 639 * Warnings will be added to more functions in the future. 640 * 641 * \note A few functions are considered critical, and ignoring the return 642 * value of these functions will trigger a warning even if this 643 * macro is not defined. To completely disable return value check 644 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion. 645 */ 646 //#define MBEDTLS_CHECK_RETURN_WARNING 647 648 /** 649 * \def MBEDTLS_CIPHER_MODE_CBC 650 * 651 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. 652 */ 653 #define MBEDTLS_CIPHER_MODE_CBC 654 655 /** 656 * \def MBEDTLS_CIPHER_MODE_CFB 657 * 658 * Enable Cipher Feedback mode (CFB) for symmetric ciphers. 659 */ 660 #define MBEDTLS_CIPHER_MODE_CFB 661 662 /** 663 * \def MBEDTLS_CIPHER_MODE_CTR 664 * 665 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. 666 */ 667 #define MBEDTLS_CIPHER_MODE_CTR 668 669 /** 670 * \def MBEDTLS_CIPHER_MODE_OFB 671 * 672 * Enable Output Feedback mode (OFB) for symmetric ciphers. 673 */ 674 #define MBEDTLS_CIPHER_MODE_OFB 675 676 /** 677 * \def MBEDTLS_CIPHER_MODE_XTS 678 * 679 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. 680 */ 681 #define MBEDTLS_CIPHER_MODE_XTS 682 683 /** 684 * \def MBEDTLS_CIPHER_NULL_CIPHER 685 * 686 * Enable NULL cipher. 687 * Warning: Only do so when you know what you are doing. This allows for 688 * encryption or channels without any security! 689 * 690 * To enable the following ciphersuites: 691 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 692 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 693 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 694 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 695 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 696 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 697 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 698 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 699 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 700 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 701 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 702 * MBEDTLS_TLS_RSA_WITH_NULL_SHA 703 * MBEDTLS_TLS_RSA_WITH_NULL_MD5 704 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 705 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 706 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 707 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 708 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 709 * MBEDTLS_TLS_PSK_WITH_NULL_SHA 710 * 711 * Uncomment this macro to enable the NULL cipher and ciphersuites 712 */ 713 //#define MBEDTLS_CIPHER_NULL_CIPHER 714 715 /** 716 * \def MBEDTLS_CIPHER_PADDING_PKCS7 717 * 718 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for 719 * specific padding modes in the cipher layer with cipher modes that support 720 * padding (e.g. CBC) 721 * 722 * If you disable all padding modes, only full blocks can be used with CBC. 723 * 724 * Enable padding modes in the cipher layer. 725 */ 726 #define MBEDTLS_CIPHER_PADDING_PKCS7 727 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS 728 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN 729 #define MBEDTLS_CIPHER_PADDING_ZEROS 730 731 /** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 732 * 733 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. 734 * Without this, CTR_DRBG uses a 256-bit key 735 * unless \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. 736 */ 737 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 738 739 /** 740 * Enable the verified implementations of ECDH primitives from Project Everest 741 * (currently only Curve25519). This feature changes the layout of ECDH 742 * contexts and therefore is a compatibility break for applications that access 743 * fields of a mbedtls_ecdh_context structure directly. See also 744 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. 745 * 746 * The Everest code is provided under the Apache 2.0 license only; therefore enabling this 747 * option is not compatible with taking the library under the GPL v2.0-or-later license. 748 */ 749 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 750 751 /** 752 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED 753 * 754 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve 755 * module. By default all supported curves are enabled. 756 * 757 * Comment macros to disable the curve and functions for it 758 */ 759 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ 760 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 761 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 762 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 763 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 764 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 765 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 766 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 767 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 768 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 769 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 770 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 771 /* Montgomery curves (supporting ECP) */ 772 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 773 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 774 775 /** 776 * \def MBEDTLS_ECP_NIST_OPTIM 777 * 778 * Enable specific 'modulo p' routines for each NIST prime. 779 * Depending on the prime and architecture, makes operations 4 to 8 times 780 * faster on the corresponding curve. 781 * 782 * Comment this macro to disable NIST curves optimisation. 783 */ 784 #define MBEDTLS_ECP_NIST_OPTIM 785 786 /** 787 * \def MBEDTLS_ECP_RESTARTABLE 788 * 789 * Enable "non-blocking" ECC operations that can return early and be resumed. 790 * 791 * This allows various functions to pause by returning 792 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, 793 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in 794 * order to further progress and eventually complete their operation. This is 795 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum 796 * number of ECC operations a function may perform before pausing; see 797 * mbedtls_ecp_set_max_ops() for more information. 798 * 799 * This is useful in non-threaded environments if you want to avoid blocking 800 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. 801 * 802 * This option: 803 * - Adds xxx_restartable() variants of existing operations in the 804 * following modules, with corresponding restart context types: 805 * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), 806 * linear combination (muladd); 807 * - ECDSA: signature generation & verification; 808 * - PK: signature generation & verification; 809 * - X509: certificate chain verification. 810 * - Adds mbedtls_ecdh_enable_restart() in the ECDH module. 811 * - Changes the behaviour of TLS 1.2 clients (not servers) when using the 812 * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC 813 * computations restartable: 814 * - ECDH operations from the key exchange, only for Short Weierstrass 815 * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled. 816 * - verification of the server's key exchange signature; 817 * - verification of the server's certificate chain; 818 * - generation of the client's signature if client authentication is used, 819 * with an ECC key/certificate. 820 * 821 * \note In the cases above, the usual SSL/TLS functions, such as 822 * mbedtls_ssl_handshake(), can now return 823 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. 824 * 825 * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled, 826 * restartable operations in PK, X.509 and TLS (see above) are not 827 * using PSA. On the other hand, ECDH computations in TLS are using 828 * PSA, and are not restartable. These are temporary limitations that 829 * should be lifted in the future. 830 * 831 * \note This option only works with the default software implementation of 832 * elliptic curve functionality. It is incompatible with 833 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. 834 * 835 * Requires: MBEDTLS_ECP_C 836 * 837 * Uncomment this macro to enable restartable ECC computations. 838 */ 839 #define MBEDTLS_ECP_RESTARTABLE 840 841 /** 842 * Uncomment to enable using new bignum code in the ECC modules. 843 * 844 * \warning This is currently experimental, incomplete and therefore should not 845 * be used in production. 846 */ 847 //#define MBEDTLS_ECP_WITH_MPI_UINT 848 849 /** 850 * \def MBEDTLS_ECDSA_DETERMINISTIC 851 * 852 * Enable deterministic ECDSA (RFC 6979). 853 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing 854 * may result in a compromise of the long-term signing key. This is avoided by 855 * the deterministic variant. 856 * 857 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C 858 * 859 * Comment this macro to disable deterministic ECDSA. 860 */ 861 //#define MBEDTLS_ECDSA_DETERMINISTIC 862 863 /** 864 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 865 * 866 * Enable the PSK based ciphersuite modes in SSL / TLS. 867 * 868 * This enables the following ciphersuites (if other requisites are 869 * enabled as well): 870 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 871 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 872 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 873 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 874 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 875 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 876 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 877 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 878 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 879 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 880 */ 881 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 882 883 /** 884 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 885 * 886 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. 887 * 888 * Requires: MBEDTLS_DHM_C 889 * 890 * This enables the following ciphersuites (if other requisites are 891 * enabled as well): 892 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 893 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 894 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 895 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 896 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 897 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 898 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 899 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 900 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 901 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 902 * 903 * \warning Using DHE constitutes a security risk as it 904 * is not possible to validate custom DH parameters. 905 * If possible, it is recommended users should consider 906 * preferring other methods of key exchange. 907 * See dhm.h for more details. 908 * 909 */ 910 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 911 912 /** 913 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 914 * 915 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. 916 * 917 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 918 * 919 * This enables the following ciphersuites (if other requisites are 920 * enabled as well): 921 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 922 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 923 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 924 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 925 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 926 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 927 */ 928 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 929 930 /** 931 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 932 * 933 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. 934 * 935 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 936 * MBEDTLS_X509_CRT_PARSE_C 937 * 938 * This enables the following ciphersuites (if other requisites are 939 * enabled as well): 940 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 941 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 942 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 943 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 944 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 945 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 946 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 947 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 948 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 949 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 950 */ 951 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 952 953 /** 954 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 955 * 956 * Enable the RSA-only based ciphersuite modes in SSL / TLS. 957 * 958 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 959 * MBEDTLS_X509_CRT_PARSE_C 960 * 961 * This enables the following ciphersuites (if other requisites are 962 * enabled as well): 963 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 964 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 965 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 966 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 967 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 968 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 969 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 970 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 971 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 972 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 973 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 974 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 975 */ 976 //#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 977 978 /** 979 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 980 * 981 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. 982 * 983 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 984 * MBEDTLS_X509_CRT_PARSE_C 985 * 986 * This enables the following ciphersuites (if other requisites are 987 * enabled as well): 988 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 989 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 990 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 991 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 992 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 993 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 994 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 995 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 996 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 997 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 998 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 999 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 1000 * 1001 * \warning Using DHE constitutes a security risk as it 1002 * is not possible to validate custom DH parameters. 1003 * If possible, it is recommended users should consider 1004 * preferring other methods of key exchange. 1005 * See dhm.h for more details. 1006 * 1007 */ 1008 //#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 1009 1010 /** 1011 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1012 * 1013 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. 1014 * 1015 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1016 * MBEDTLS_RSA_C 1017 * MBEDTLS_PKCS1_V15 1018 * MBEDTLS_X509_CRT_PARSE_C 1019 * 1020 * This enables the following ciphersuites (if other requisites are 1021 * enabled as well): 1022 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 1023 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 1024 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 1025 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 1026 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 1027 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 1028 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 1029 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 1030 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 1031 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 1032 */ 1033 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1034 1035 /** 1036 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1037 * 1038 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. 1039 * 1040 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1041 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1042 * MBEDTLS_X509_CRT_PARSE_C 1043 * 1044 * This enables the following ciphersuites (if other requisites are 1045 * enabled as well): 1046 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 1047 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 1048 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 1049 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 1050 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 1051 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 1052 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 1053 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 1054 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 1055 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 1056 */ 1057 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1058 1059 /** 1060 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1061 * 1062 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. 1063 * 1064 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1065 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1066 * MBEDTLS_X509_CRT_PARSE_C 1067 * 1068 * This enables the following ciphersuites (if other requisites are 1069 * enabled as well): 1070 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 1071 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 1072 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 1073 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 1074 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 1075 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 1076 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 1077 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 1078 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 1079 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 1080 */ 1081 //#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1082 1083 /** 1084 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1085 * 1086 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. 1087 * 1088 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1089 * MBEDTLS_RSA_C 1090 * MBEDTLS_X509_CRT_PARSE_C 1091 * 1092 * This enables the following ciphersuites (if other requisites are 1093 * enabled as well): 1094 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 1095 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 1096 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 1097 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 1098 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 1099 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 1100 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 1101 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 1102 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 1103 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 1104 */ 1105 //#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1106 1107 /** 1108 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1109 * 1110 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. 1111 * 1112 * \warning This is currently experimental. EC J-PAKE support is based on the 1113 * Thread v1.0.0 specification; incompatible changes to the specification 1114 * might still happen. For this reason, this is disabled by default. 1115 * 1116 * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE) 1117 * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver) 1118 * MBEDTLS_ECP_DP_SECP256R1_ENABLED 1119 * 1120 * \warning If SHA-256 is provided only by a PSA driver, you must call 1121 * psa_crypto_init() before the first hanshake (even if 1122 * MBEDTLS_USE_PSA_CRYPTO is disabled). 1123 * 1124 * This enables the following ciphersuites (if other requisites are 1125 * enabled as well): 1126 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 1127 */ 1128 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1129 1130 /** 1131 * \def MBEDTLS_PK_PARSE_EC_EXTENDED 1132 * 1133 * Enhance support for reading EC keys using variants of SEC1 not allowed by 1134 * RFC 5915 and RFC 5480. 1135 * 1136 * Currently this means parsing the SpecifiedECDomain choice of EC 1137 * parameters (only known groups are supported, not arbitrary domains, to 1138 * avoid validation issues). 1139 * 1140 * Disable if you only need to support RFC 5915 + 5480 key formats. 1141 */ 1142 //#define MBEDTLS_PK_PARSE_EC_EXTENDED 1143 /** 1144 * \def MBEDTLS_PK_PARSE_EC_COMPRESSED 1145 * 1146 * Enable the support for parsing public keys of type Short Weierstrass 1147 * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the 1148 * compressed point format. This parsing is done through ECP module's functions. 1149 * 1150 * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h) 1151 * the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and 1152 * MBEDTLS_ECP_DP_SECP224K1. 1153 */ 1154 #define MBEDTLS_PK_PARSE_EC_COMPRESSED 1155 1156 /** 1157 * \def MBEDTLS_ERROR_STRERROR_DUMMY 1158 * 1159 * Enable a dummy error function to make use of mbedtls_strerror() in 1160 * third party libraries easier when MBEDTLS_ERROR_C is disabled 1161 * (no effect when MBEDTLS_ERROR_C is enabled). 1162 * 1163 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're 1164 * not using mbedtls_strerror() or error_strerror() in your application. 1165 * 1166 * Disable if you run into name conflicts and want to really remove the 1167 * mbedtls_strerror() 1168 */ 1169 #define MBEDTLS_ERROR_STRERROR_DUMMY 1170 1171 /** 1172 * \def MBEDTLS_GENPRIME 1173 * 1174 * Enable the prime-number generation code. 1175 * 1176 * Requires: MBEDTLS_BIGNUM_C 1177 */ 1178 #define MBEDTLS_GENPRIME 1179 1180 /** 1181 * \def MBEDTLS_FS_IO 1182 * 1183 * Enable functions that use the filesystem. 1184 */ 1185 #define MBEDTLS_FS_IO 1186 1187 /** 1188 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1189 * 1190 * Do not add default entropy sources in mbedtls_entropy_init(). 1191 * 1192 * This is useful to have more control over the added entropy sources in an 1193 * application. 1194 * 1195 * Uncomment this macro to prevent loading of default entropy functions. 1196 */ 1197 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1198 1199 /** 1200 * \def MBEDTLS_NO_PLATFORM_ENTROPY 1201 * 1202 * Do not use built-in platform entropy functions. 1203 * This is useful if your platform does not support 1204 * standards like the /dev/urandom or Windows CryptoAPI. 1205 * 1206 * Uncomment this macro to disable the built-in platform entropy functions. 1207 */ 1208 //#define MBEDTLS_NO_PLATFORM_ENTROPY 1209 1210 /** 1211 * \def MBEDTLS_ENTROPY_FORCE_SHA256 1212 * 1213 * Force the entropy accumulator to use a SHA-256 accumulator instead of the 1214 * default SHA-512 based one (if both are available). 1215 * 1216 * Requires: MBEDTLS_SHA256_C 1217 * 1218 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option 1219 * if you have performance concerns. 1220 * 1221 * This option is only useful if both MBEDTLS_SHA256_C and 1222 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. 1223 */ 1224 //#define MBEDTLS_ENTROPY_FORCE_SHA256 1225 1226 /** 1227 * \def MBEDTLS_ENTROPY_NV_SEED 1228 * 1229 * Enable the non-volatile (NV) seed file-based entropy source. 1230 * (Also enables the NV seed read/write functions in the platform layer) 1231 * 1232 * This is crucial (if not required) on systems that do not have a 1233 * cryptographic entropy source (in hardware or kernel) available. 1234 * 1235 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C 1236 * 1237 * \note The read/write functions that are used by the entropy source are 1238 * determined in the platform layer, and can be modified at runtime and/or 1239 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. 1240 * 1241 * \note If you use the default implementation functions that read a seedfile 1242 * with regular fopen(), please make sure you make a seedfile with the 1243 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at 1244 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from 1245 * and written to or you will get an entropy source error! The default 1246 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE 1247 * bytes from the file. 1248 * 1249 * \note The entropy collector will write to the seed file before entropy is 1250 * given to an external source, to update it. 1251 */ 1252 //#define MBEDTLS_ENTROPY_NV_SEED 1253 1254 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1255 * 1256 * Enable key identifiers that encode a key owner identifier. 1257 * 1258 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t 1259 * which is currently hard-coded to be int32_t. 1260 * 1261 * Note that this option is meant for internal use only and may be removed 1262 * without notice. 1263 */ 1264 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1265 1266 /** 1267 * \def MBEDTLS_MEMORY_DEBUG 1268 * 1269 * Enable debugging of buffer allocator memory issues. Automatically prints 1270 * (to stderr) all (fatal) messages on memory allocation issues. Enables 1271 * function for 'debug output' of allocated memory. 1272 * 1273 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1274 * 1275 * Uncomment this macro to let the buffer allocator print out error messages. 1276 */ 1277 //#define MBEDTLS_MEMORY_DEBUG 1278 1279 /** 1280 * \def MBEDTLS_MEMORY_BACKTRACE 1281 * 1282 * Include backtrace information with each allocated block. 1283 * 1284 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1285 * GLIBC-compatible backtrace() and backtrace_symbols() support 1286 * 1287 * Uncomment this macro to include backtrace information 1288 */ 1289 //#define MBEDTLS_MEMORY_BACKTRACE 1290 1291 /** 1292 * \def MBEDTLS_PK_RSA_ALT_SUPPORT 1293 * 1294 * Support external private RSA keys (eg from a HSM) in the PK layer. 1295 * 1296 * Comment this macro to disable support for external private RSA keys. 1297 */ 1298 #define MBEDTLS_PK_RSA_ALT_SUPPORT 1299 1300 /** 1301 * \def MBEDTLS_PKCS1_V15 1302 * 1303 * Enable support for PKCS#1 v1.5 encoding. 1304 * 1305 * Requires: MBEDTLS_RSA_C 1306 * 1307 * This enables support for PKCS#1 v1.5 operations. 1308 */ 1309 #define MBEDTLS_PKCS1_V15 1310 1311 /** 1312 * \def MBEDTLS_PKCS1_V21 1313 * 1314 * Enable support for PKCS#1 v2.1 encoding. 1315 * 1316 * Requires: MBEDTLS_RSA_C 1317 * 1318 * \warning If using a hash that is only provided by PSA drivers, you must 1319 * call psa_crypto_init() before doing any PKCS#1 v2.1 operation. 1320 * 1321 * This enables support for RSAES-OAEP and RSASSA-PSS operations. 1322 */ 1323 #define MBEDTLS_PKCS1_V21 1324 1325 /** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1326 * 1327 * Enable support for platform built-in keys. If you enable this feature, 1328 * you must implement the function mbedtls_psa_platform_get_builtin_key(). 1329 * See the documentation of that function for more information. 1330 * 1331 * Built-in keys are typically derived from a hardware unique key or 1332 * stored in a secure element. 1333 * 1334 * Requires: MBEDTLS_PSA_CRYPTO_C. 1335 * 1336 * \warning This interface is experimental and may change or be removed 1337 * without notice. 1338 */ 1339 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1340 1341 /** \def MBEDTLS_PSA_CRYPTO_CLIENT 1342 * 1343 * Enable support for PSA crypto client. 1344 * 1345 * \note This option allows to include the code necessary for a PSA 1346 * crypto client when the PSA crypto implementation is not included in 1347 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the 1348 * code to set and get PSA key attributes. 1349 * The development of PSA drivers partially relying on the library to 1350 * fulfill the hardware gaps is another possible usage of this option. 1351 * 1352 * \warning This interface is experimental and may change or be removed 1353 * without notice. 1354 */ 1355 //#define MBEDTLS_PSA_CRYPTO_CLIENT 1356 1357 /** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1358 * 1359 * Make the PSA Crypto module use an external random generator provided 1360 * by a driver, instead of Mbed TLS's entropy and DRBG modules. 1361 * 1362 * \note This random generator must deliver random numbers with cryptographic 1363 * quality and high performance. It must supply unpredictable numbers 1364 * with a uniform distribution. The implementation of this function 1365 * is responsible for ensuring that the random generator is seeded 1366 * with sufficient entropy. If you have a hardware TRNG which is slow 1367 * or delivers non-uniform output, declare it as an entropy source 1368 * with mbedtls_entropy_add_source() instead of enabling this option. 1369 * 1370 * If you enable this option, you must configure the type 1371 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h 1372 * and define a function called mbedtls_psa_external_get_random() 1373 * with the following prototype: 1374 * ``` 1375 * psa_status_t mbedtls_psa_external_get_random( 1376 * mbedtls_psa_external_random_context_t *context, 1377 * uint8_t *output, size_t output_size, size_t *output_length); 1378 * ); 1379 * ``` 1380 * The \c context value is initialized to 0 before the first call. 1381 * The function must fill the \c output buffer with \c output_size bytes 1382 * of random data and set \c *output_length to \c output_size. 1383 * 1384 * Requires: MBEDTLS_PSA_CRYPTO_C 1385 * 1386 * \warning If you enable this option, code that uses the PSA cryptography 1387 * interface will not use any of the entropy sources set up for 1388 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED 1389 * enables. 1390 * 1391 * \note This option is experimental and may be removed without notice. 1392 */ 1393 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1394 1395 /** 1396 * \def MBEDTLS_PSA_CRYPTO_SPM 1397 * 1398 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure 1399 * Partition Manager) integration which separates the code into two parts: a 1400 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process 1401 * Environment). 1402 * 1403 * If you enable this option, your build environment must include a header 1404 * file `"crypto_spe.h"` (either in the `psa` subdirectory of the Mbed TLS 1405 * header files, or in another directory on the compiler's include search 1406 * path). Alternatively, your platform may customize the header 1407 * `psa/crypto_platform.h`, in which case it can skip or replace the 1408 * inclusion of `"crypto_spe.h"`. 1409 * 1410 * Module: library/psa_crypto.c 1411 * Requires: MBEDTLS_PSA_CRYPTO_C 1412 * 1413 */ 1414 //#define MBEDTLS_PSA_CRYPTO_SPM 1415 1416 /** 1417 * Uncomment to enable p256-m. This is an alternative implementation of 1418 * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1. 1419 * Compared to the default implementation: 1420 * 1421 * - p256-m has a much smaller code size and RAM footprint. 1422 * - p256-m is only available via the PSA API. This includes the pk module 1423 * when #MBEDTLS_USE_PSA_CRYPTO is enabled. 1424 * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols 1425 * over the core arithmetic, or deterministic derivation of keys. 1426 * 1427 * We recommend enabling this option if your application uses the PSA API 1428 * and the only elliptic curve support it needs is ECDH and ECDSA over 1429 * SECP256R1. 1430 * 1431 * If you enable this option, you do not need to enable any ECC-related 1432 * MBEDTLS_xxx option. You do need to separately request support for the 1433 * cryptographic mechanisms through the PSA API: 1434 * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based 1435 * configuration; 1436 * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS; 1437 * - #PSA_WANT_ECC_SECP_R1_256; 1438 * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed; 1439 * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, 1440 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT, 1441 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or 1442 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed. 1443 * 1444 * \note To benefit from the smaller code size of p256-m, make sure that you 1445 * do not enable any ECC-related option not supported by p256-m: this 1446 * would cause the built-in ECC implementation to be built as well, in 1447 * order to provide the required option. 1448 * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and 1449 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than 1450 * SECP256R1 are disabled as they are not supported by this driver. 1451 * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or 1452 * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of 1453 * the built-in ECC implementation, see docs/driver-only-builds.md. 1454 */ 1455 //#define MBEDTLS_PSA_P256M_DRIVER_ENABLED 1456 1457 /** 1458 * \def MBEDTLS_PSA_INJECT_ENTROPY 1459 * 1460 * Enable support for entropy injection at first boot. This feature is 1461 * required on systems that do not have a built-in entropy source (TRNG). 1462 * This feature is currently not supported on systems that have a built-in 1463 * entropy source. 1464 * 1465 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED 1466 * 1467 */ 1468 //#define MBEDTLS_PSA_INJECT_ENTROPY 1469 1470 /** 1471 * \def MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 1472 * 1473 * Assume all buffers passed to PSA functions are owned exclusively by the 1474 * PSA function and are not stored in shared memory. 1475 * 1476 * This option may be enabled if all buffers passed to any PSA function reside 1477 * in memory that is accessible only to the PSA function during its execution. 1478 * 1479 * This option MUST be disabled whenever buffer arguments are in memory shared 1480 * with an untrusted party, for example where arguments to PSA calls are passed 1481 * across a trust boundary. 1482 * 1483 * \note Enabling this option reduces memory usage and code size. 1484 * 1485 * \note Enabling this option causes overlap of input and output buffers 1486 * not to be supported by PSA functions. 1487 */ 1488 //#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 1489 1490 /** 1491 * \def MBEDTLS_RSA_NO_CRT 1492 * 1493 * Do not use the Chinese Remainder Theorem 1494 * for the RSA private operation. 1495 * 1496 * Uncomment this macro to disable the use of CRT in RSA. 1497 * 1498 */ 1499 //#define MBEDTLS_RSA_NO_CRT 1500 1501 /** 1502 * \def MBEDTLS_SELF_TEST 1503 * 1504 * Enable the checkup functions (*_self_test). 1505 */ 1506 //#define MBEDTLS_SELF_TEST 1507 1508 /** 1509 * \def MBEDTLS_SHA256_SMALLER 1510 * 1511 * Enable an implementation of SHA-256 that has lower ROM footprint but also 1512 * lower performance. 1513 * 1514 * The default implementation is meant to be a reasonable compromise between 1515 * performance and size. This version optimizes more aggressively for size at 1516 * the expense of performance. Eg on Cortex-M4 it reduces the size of 1517 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 1518 * 30%. 1519 * 1520 * Uncomment to enable the smaller implementation of SHA256. 1521 */ 1522 //#define MBEDTLS_SHA256_SMALLER 1523 1524 /** 1525 * \def MBEDTLS_SHA512_SMALLER 1526 * 1527 * Enable an implementation of SHA-512 that has lower ROM footprint but also 1528 * lower performance. 1529 * 1530 * Uncomment to enable the smaller implementation of SHA512. 1531 */ 1532 //#define MBEDTLS_SHA512_SMALLER 1533 1534 /** 1535 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES 1536 * 1537 * Enable sending of alert messages in case of encountered errors as per RFC. 1538 * If you choose not to send the alert messages, Mbed TLS can still communicate 1539 * with other servers, only debugging of failures is harder. 1540 * 1541 * The advantage of not sending alert messages, is that no information is given 1542 * about reasons for failures thus preventing adversaries of gaining intel. 1543 * 1544 * Enable sending of all alert messages 1545 */ 1546 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES 1547 1548 /** 1549 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID 1550 * 1551 * Enable support for the DTLS Connection ID (CID) extension, 1552 * which allows to identify DTLS connections across changes 1553 * in the underlying transport. The CID functionality is described 1554 * in RFC 9146. 1555 * 1556 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, 1557 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and 1558 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for 1559 * more information. 1560 * 1561 * The maximum lengths of outgoing and incoming CIDs can be configured 1562 * through the options 1563 * - MBEDTLS_SSL_CID_OUT_LEN_MAX 1564 * - MBEDTLS_SSL_CID_IN_LEN_MAX. 1565 * 1566 * Requires: MBEDTLS_SSL_PROTO_DTLS 1567 * 1568 * Uncomment to enable the Connection ID extension. 1569 */ 1570 // #define MBEDTLS_SSL_DTLS_CONNECTION_ID 1571 1572 1573 /** 1574 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1575 * 1576 * Defines whether RFC 9146 (default) or the legacy version 1577 * (version draft-ietf-tls-dtls-connection-id-05, 1578 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) 1579 * is used. 1580 * 1581 * Set the value to 0 for the standard version, and 1582 * 1 for the legacy draft version. 1583 * 1584 * \deprecated Support for the legacy version of the DTLS 1585 * Connection ID feature is deprecated. Please 1586 * switch to the standardized version defined 1587 * in RFC 9146 enabled by utilizing 1588 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use 1589 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. 1590 * 1591 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID 1592 */ 1593 // #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 1594 1595 /** 1596 * \def MBEDTLS_SSL_ASYNC_PRIVATE 1597 * 1598 * Enable asynchronous external private key operations in SSL. This allows 1599 * you to configure an SSL connection to call an external cryptographic 1600 * module to perform private key operations instead of performing the 1601 * operation inside the library. 1602 * 1603 * Requires: MBEDTLS_X509_CRT_PARSE_C 1604 */ 1605 //#define MBEDTLS_SSL_ASYNC_PRIVATE 1606 1607 /** 1608 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION 1609 * 1610 * Enable serialization of the TLS context structures, through use of the 1611 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load(). 1612 * 1613 * This pair of functions allows one side of a connection to serialize the 1614 * context associated with the connection, then free or re-use that context 1615 * while the serialized state is persisted elsewhere, and finally deserialize 1616 * that state to a live context for resuming read/write operations on the 1617 * connection. From a protocol perspective, the state of the connection is 1618 * unaffected, in particular this is entirely transparent to the peer. 1619 * 1620 * Note: this is distinct from TLS session resumption, which is part of the 1621 * protocol and fully visible by the peer. TLS session resumption enables 1622 * establishing new connections associated to a saved session with shorter, 1623 * lighter handshakes, while context serialization is a local optimization in 1624 * handling a single, potentially long-lived connection. 1625 * 1626 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are 1627 * saved after the handshake to allow for more efficient serialization, so if 1628 * you don't need this feature you'll save RAM by disabling it. 1629 * 1630 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C 1631 * 1632 * Comment to disable the context serialization APIs. 1633 */ 1634 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION 1635 1636 /** 1637 * \def MBEDTLS_SSL_DEBUG_ALL 1638 * 1639 * Enable the debug messages in SSL module for all issues. 1640 * Debug messages have been disabled in some places to prevent timing 1641 * attacks due to (unbalanced) debugging function calls. 1642 * 1643 * If you need all error reporting you should enable this during debugging, 1644 * but remove this for production servers that should log as well. 1645 * 1646 * Uncomment this macro to report all debug messages on errors introducing 1647 * a timing side-channel. 1648 * 1649 */ 1650 //#define MBEDTLS_SSL_DEBUG_ALL 1651 1652 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC 1653 * 1654 * Enable support for Encrypt-then-MAC, RFC 7366. 1655 * 1656 * This allows peers that both support it to use a more robust protection for 1657 * ciphersuites using CBC, providing deep resistance against timing attacks 1658 * on the padding or underlying cipher. 1659 * 1660 * This only affects CBC ciphersuites, and is useless if none is defined. 1661 * 1662 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1663 * 1664 * Comment this macro to disable support for Encrypt-then-MAC 1665 */ 1666 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC 1667 1668 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1669 * 1670 * Enable support for RFC 7627: Session Hash and Extended Master Secret 1671 * Extension. 1672 * 1673 * This was introduced as "the proper fix" to the Triple Handshake family of 1674 * attacks, but it is recommended to always use it (even if you disable 1675 * renegotiation), since it actually fixes a more fundamental issue in the 1676 * original SSL/TLS design, and has implications beyond Triple Handshake. 1677 * 1678 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1679 * 1680 * Comment this macro to disable support for Extended Master Secret. 1681 */ 1682 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1683 1684 /** 1685 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1686 * 1687 * This option controls the availability of the API mbedtls_ssl_get_peer_cert() 1688 * giving access to the peer's certificate after completion of the handshake. 1689 * 1690 * Unless you need mbedtls_ssl_peer_cert() in your application, it is 1691 * recommended to disable this option for reduced RAM usage. 1692 * 1693 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still 1694 * defined, but always returns \c NULL. 1695 * 1696 * \note This option has no influence on the protection against the 1697 * triple handshake attack. Even if it is disabled, Mbed TLS will 1698 * still ensure that certificates do not change during renegotiation, 1699 * for example by keeping a hash of the peer's certificate. 1700 * 1701 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set. 1702 * 1703 * Comment this macro to disable storing the peer's certificate 1704 * after the handshake. 1705 */ 1706 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1707 1708 /** 1709 * \def MBEDTLS_SSL_RENEGOTIATION 1710 * 1711 * Enable support for TLS renegotiation. 1712 * 1713 * The two main uses of renegotiation are (1) refresh keys on long-lived 1714 * connections and (2) client authentication after the initial handshake. 1715 * If you don't need renegotiation, it's probably better to disable it, since 1716 * it has been associated with security issues in the past and is easy to 1717 * misuse/misunderstand. 1718 * 1719 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1720 * 1721 * Comment this to disable support for renegotiation. 1722 * 1723 * \note Even if this option is disabled, both client and server are aware 1724 * of the Renegotiation Indication Extension (RFC 5746) used to 1725 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). 1726 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the 1727 * configuration of this extension). 1728 * 1729 */ 1730 #define MBEDTLS_SSL_RENEGOTIATION 1731 1732 /** 1733 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1734 * 1735 * Enable support for RFC 6066 max_fragment_length extension in SSL. 1736 * 1737 * Comment this macro to disable support for the max_fragment_length extension 1738 */ 1739 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1740 1741 /** 1742 * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT 1743 * 1744 * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). 1745 * 1746 * Requires: MBEDTLS_SSL_PROTO_TLS1_3 1747 * 1748 * Uncomment this macro to enable support for the record_size_limit extension 1749 */ 1750 //#define MBEDTLS_SSL_RECORD_SIZE_LIMIT 1751 1752 /** 1753 * \def MBEDTLS_SSL_PROTO_TLS1_2 1754 * 1755 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). 1756 * 1757 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and 1758 * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or 1759 * SHA-256 or SHA-512 provided by a PSA driver) 1760 * With MBEDTLS_USE_PSA_CRYPTO: 1761 * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384 1762 * 1763 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used 1764 * are only provided by PSA drivers, you must call psa_crypto_init() before 1765 * doing any TLS operations. 1766 * 1767 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 1768 */ 1769 #define MBEDTLS_SSL_PROTO_TLS1_2 1770 1771 /** 1772 * \def MBEDTLS_SSL_PROTO_TLS1_3 1773 * 1774 * Enable support for TLS 1.3. 1775 * 1776 * \note See docs/architecture/tls13-support.md for a description of the TLS 1777 * 1.3 support that this option enables. 1778 * 1779 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1780 * Requires: MBEDTLS_PSA_CRYPTO_C 1781 * 1782 * \note TLS 1.3 uses PSA crypto for cryptographic operations that are 1783 * directly performed by TLS 1.3 code. As a consequence, you must 1784 * call psa_crypto_init() before the first TLS 1.3 handshake. 1785 * 1786 * \note Cryptographic operations performed indirectly via another module 1787 * (X.509, PK) or by code shared with TLS 1.2 (record protection, 1788 * running handshake hash) only use PSA crypto if 1789 * #MBEDTLS_USE_PSA_CRYPTO is enabled. 1790 * 1791 * Uncomment this macro to enable the support for TLS 1.3. 1792 */ 1793 #define MBEDTLS_SSL_PROTO_TLS1_3 1794 1795 /** 1796 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1797 * 1798 * Enable TLS 1.3 middlebox compatibility mode. 1799 * 1800 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility 1801 * mode to make a TLS 1.3 connection more likely to pass through middle boxes 1802 * expecting TLS 1.2 traffic. 1803 * 1804 * Turning on the compatibility mode comes at the cost of a few added bytes 1805 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations 1806 * that don't use it. Therefore, unless transmission bandwidth is critical and 1807 * you know that middlebox compatibility issues won't occur, it is therefore 1808 * recommended to set this option. 1809 * 1810 * Comment to disable compatibility mode for TLS 1.3. If 1811 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1812 * effect on the build. 1813 * 1814 */ 1815 #define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1816 1817 /** 1818 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1819 * 1820 * Enable TLS 1.3 PSK key exchange mode. 1821 * 1822 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If 1823 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1824 * effect on the build. 1825 * 1826 */ 1827 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1828 1829 /** 1830 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1831 * 1832 * Enable TLS 1.3 ephemeral key exchange mode. 1833 * 1834 * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH 1835 * MBEDTLS_X509_CRT_PARSE_C 1836 * and at least one of: 1837 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1838 * MBEDTLS_PKCS1_V21 1839 * 1840 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. 1841 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1842 * effect on the build. 1843 * 1844 */ 1845 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1846 1847 /** 1848 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1849 * 1850 * Enable TLS 1.3 PSK ephemeral key exchange mode. 1851 * 1852 * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH 1853 * 1854 * Comment to disable support for the PSK ephemeral key exchange mode in 1855 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not 1856 * have any effect on the build. 1857 * 1858 */ 1859 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1860 1861 /** 1862 * \def MBEDTLS_SSL_EARLY_DATA 1863 * 1864 * Enable support for RFC 8446 TLS 1.3 early data. 1865 * 1866 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either 1867 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or 1868 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1869 * 1870 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 1871 * is not enabled, this option does not have any effect on the build. 1872 * 1873 * \note The maximum amount of early data can be set with 1874 * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. 1875 * 1876 */ 1877 //#define MBEDTLS_SSL_EARLY_DATA 1878 1879 /** 1880 * \def MBEDTLS_SSL_PROTO_DTLS 1881 * 1882 * Enable support for DTLS (all available versions). 1883 * 1884 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. 1885 * 1886 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1887 * 1888 * Comment this macro to disable support for DTLS 1889 */ 1890 //#define MBEDTLS_SSL_PROTO_DTLS 1891 1892 /** 1893 * \def MBEDTLS_SSL_ALPN 1894 * 1895 * Enable support for RFC 7301 Application Layer Protocol Negotiation. 1896 * 1897 * Comment this macro to disable support for ALPN. 1898 */ 1899 #define MBEDTLS_SSL_ALPN 1900 1901 /** 1902 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY 1903 * 1904 * Enable support for the anti-replay mechanism in DTLS. 1905 * 1906 * Requires: MBEDTLS_SSL_TLS_C 1907 * MBEDTLS_SSL_PROTO_DTLS 1908 * 1909 * \warning Disabling this is often a security risk! 1910 * See mbedtls_ssl_conf_dtls_anti_replay() for details. 1911 * 1912 * Comment this to disable anti-replay in DTLS. 1913 */ 1914 //#define MBEDTLS_SSL_DTLS_ANTI_REPLAY 1915 1916 /** 1917 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY 1918 * 1919 * Enable support for HelloVerifyRequest on DTLS servers. 1920 * 1921 * This feature is highly recommended to prevent DTLS servers being used as 1922 * amplifiers in DoS attacks against other hosts. It should always be enabled 1923 * unless you know for sure amplification cannot be a problem in the 1924 * environment in which your server operates. 1925 * 1926 * \warning Disabling this can be a security risk! (see above) 1927 * 1928 * Requires: MBEDTLS_SSL_PROTO_DTLS 1929 * 1930 * Comment this to disable support for HelloVerifyRequest. 1931 */ 1932 //#define MBEDTLS_SSL_DTLS_HELLO_VERIFY 1933 1934 /** 1935 * \def MBEDTLS_SSL_DTLS_SRTP 1936 * 1937 * Enable support for negotiation of DTLS-SRTP (RFC 5764) 1938 * through the use_srtp extension. 1939 * 1940 * \note This feature provides the minimum functionality required 1941 * to negotiate the use of DTLS-SRTP and to allow the derivation of 1942 * the associated SRTP packet protection key material. 1943 * In particular, the SRTP packet protection itself, as well as the 1944 * demultiplexing of RTP and DTLS packets at the datagram layer 1945 * (see Section 5 of RFC 5764), are not handled by this feature. 1946 * Instead, after successful completion of a handshake negotiating 1947 * the use of DTLS-SRTP, the extended key exporter API 1948 * mbedtls_ssl_conf_export_keys_cb() should be used to implement 1949 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 1950 * (this is implemented in the SSL example programs). 1951 * The resulting key should then be passed to an SRTP stack. 1952 * 1953 * Setting this option enables the runtime API 1954 * mbedtls_ssl_conf_dtls_srtp_protection_profiles() 1955 * through which the supported DTLS-SRTP protection 1956 * profiles can be configured. You must call this API at 1957 * runtime if you wish to negotiate the use of DTLS-SRTP. 1958 * 1959 * Requires: MBEDTLS_SSL_PROTO_DTLS 1960 * 1961 * Uncomment this to enable support for use_srtp extension. 1962 */ 1963 //#define MBEDTLS_SSL_DTLS_SRTP 1964 1965 /** 1966 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1967 * 1968 * Enable server-side support for clients that reconnect from the same port. 1969 * 1970 * Some clients unexpectedly close the connection and try to reconnect using the 1971 * same source port. This needs special support from the server to handle the 1972 * new connection securely, as described in section 4.2.8 of RFC 6347. This 1973 * flag enables that support. 1974 * 1975 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY 1976 * 1977 * Comment this to disable support for clients reusing the source port. 1978 */ 1979 //#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1980 1981 /** 1982 * \def MBEDTLS_SSL_SESSION_TICKETS 1983 * 1984 * Enable support for RFC 5077 session tickets in SSL. 1985 * Client-side, provides full support for session tickets (maintenance of a 1986 * session store remains the responsibility of the application, though). 1987 * Server-side, you also need to provide callbacks for writing and parsing 1988 * tickets, including authenticated encryption and key management. Example 1989 * callbacks are provided by MBEDTLS_SSL_TICKET_C. 1990 * 1991 * Comment this macro to disable support for SSL session tickets 1992 */ 1993 #define MBEDTLS_SSL_SESSION_TICKETS 1994 1995 /** 1996 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION 1997 * 1998 * Enable support for RFC 6066 server name indication (SNI) in SSL. 1999 * 2000 * Requires: MBEDTLS_X509_CRT_PARSE_C 2001 * 2002 * Comment this macro to disable support for server name indication in SSL 2003 */ 2004 #define MBEDTLS_SSL_SERVER_NAME_INDICATION 2005 2006 /** 2007 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 2008 * 2009 * When this option is enabled, the SSL buffer will be resized automatically 2010 * based on the negotiated maximum fragment length in each direction. 2011 * 2012 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 2013 */ 2014 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 2015 2016 /** 2017 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 2018 * 2019 * Enable testing of the constant-flow nature of some sensitive functions with 2020 * clang's MemorySanitizer. This causes some existing tests to also test 2021 * this non-functional property of the code under test. 2022 * 2023 * This setting requires compiling with clang -fsanitize=memory. The test 2024 * suites can then be run normally. 2025 * 2026 * \warning This macro is only used for extended testing; it is not considered 2027 * part of the library's API, so it may change or disappear at any time. 2028 * 2029 * Uncomment to enable testing of the constant-flow nature of selected code. 2030 */ 2031 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 2032 2033 /** 2034 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 2035 * 2036 * Enable testing of the constant-flow nature of some sensitive functions with 2037 * valgrind's memcheck tool. This causes some existing tests to also test 2038 * this non-functional property of the code under test. 2039 * 2040 * This setting requires valgrind headers for building, and is only useful for 2041 * testing if the tests suites are run with valgrind's memcheck. This can be 2042 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when 2043 * using CMake, this can be done for all test suites with 'make memcheck'. 2044 * 2045 * \warning This macro is only used for extended testing; it is not considered 2046 * part of the library's API, so it may change or disappear at any time. 2047 * 2048 * Uncomment to enable testing of the constant-flow nature of selected code. 2049 */ 2050 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 2051 2052 /** 2053 * \def MBEDTLS_TEST_HOOKS 2054 * 2055 * Enable features for invasive testing such as introspection functions and 2056 * hooks for fault injection. This enables additional unit tests. 2057 * 2058 * Merely enabling this feature should not change the behavior of the product. 2059 * It only adds new code, and new branching points where the default behavior 2060 * is the same as when this feature is disabled. 2061 * However, this feature increases the attack surface: there is an added 2062 * risk of vulnerabilities, and more gadgets that can make exploits easier. 2063 * Therefore this feature must never be enabled in production. 2064 * 2065 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more 2066 * information. 2067 * 2068 * Uncomment to enable invasive tests. 2069 */ 2070 //#define MBEDTLS_TEST_HOOKS 2071 2072 /** 2073 * \def MBEDTLS_THREADING_ALT 2074 * 2075 * Provide your own alternate threading implementation. 2076 * 2077 * Requires: MBEDTLS_THREADING_C 2078 * 2079 * Uncomment this to allow your own alternate threading implementation. 2080 */ 2081 //#define MBEDTLS_THREADING_ALT 2082 2083 /** 2084 * \def MBEDTLS_THREADING_PTHREAD 2085 * 2086 * Enable the pthread wrapper layer for the threading layer. 2087 * 2088 * Requires: MBEDTLS_THREADING_C 2089 * 2090 * Uncomment this to enable pthread mutexes. 2091 */ 2092 //#define MBEDTLS_THREADING_PTHREAD 2093 2094 /** 2095 * \def MBEDTLS_USE_PSA_CRYPTO 2096 * 2097 * Make the X.509 and TLS libraries use PSA for cryptographic operations as 2098 * much as possible, and enable new APIs for using keys handled by PSA Crypto. 2099 * 2100 * \note Development of this option is currently in progress, and parts of Mbed 2101 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts 2102 * will still continue to work as usual, so enabling this option should not 2103 * break backwards compatibility. 2104 * 2105 * \warning If you enable this option, you need to call `psa_crypto_init()` 2106 * before calling any function from the SSL/TLS, X.509 or PK modules, except 2107 * for the various mbedtls_xxx_init() functions which can be called at any time. 2108 * 2109 * \note An important and desirable effect of this option is that it allows 2110 * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling 2111 * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in 2112 * those modules. However, note that even with this option disabled, some code 2113 * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it 2114 * can determine it's safe to do so; currently that's the case for hashes. 2115 * 2116 * \note See docs/use-psa-crypto.md for a complete description this option. 2117 * 2118 * Requires: MBEDTLS_PSA_CRYPTO_C. 2119 * 2120 * Uncomment this to enable internal use of PSA Crypto and new associated APIs. 2121 */ 2122 //#define MBEDTLS_USE_PSA_CRYPTO 2123 2124 /** 2125 * \def MBEDTLS_PSA_CRYPTO_CONFIG 2126 * 2127 * This setting allows support for cryptographic mechanisms through the PSA 2128 * API to be configured separately from support through the mbedtls API. 2129 * 2130 * When this option is disabled, the PSA API exposes the cryptographic 2131 * mechanisms that can be implemented on top of the `mbedtls_xxx` API 2132 * configured with `MBEDTLS_XXX` symbols. 2133 * 2134 * When this option is enabled, the PSA API exposes the cryptographic 2135 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in 2136 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are 2137 * automatically enabled if required (i.e. if no PSA driver provides the 2138 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols 2139 * in mbedtls_config.h. 2140 * 2141 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies 2142 * an alternative header to include instead of include/psa/crypto_config.h. 2143 * 2144 * \warning This option is experimental, in that the set of `PSA_WANT_XXX` 2145 * symbols is not completely finalized yet, and the configuration 2146 * tooling is not ideally adapted to having two separate configuration 2147 * files. 2148 * Future minor releases of Mbed TLS may make minor changes to those 2149 * symbols, but we will endeavor to provide a transition path. 2150 * Nonetheless, this option is considered mature enough to use in 2151 * production, as long as you accept that you may need to make 2152 * minor changes to psa/crypto_config.h when upgrading Mbed TLS. 2153 */ 2154 //#define MBEDTLS_PSA_CRYPTO_CONFIG 2155 2156 /** 2157 * \def MBEDTLS_VERSION_FEATURES 2158 * 2159 * Allow run-time checking of compile-time enabled features. Thus allowing users 2160 * to check at run-time if the library is for instance compiled with threading 2161 * support via mbedtls_version_check_feature(). 2162 * 2163 * Requires: MBEDTLS_VERSION_C 2164 * 2165 * Comment this to disable run-time checking and save ROM space 2166 */ 2167 //#define MBEDTLS_VERSION_FEATURES 2168 2169 /** 2170 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 2171 * 2172 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` 2173 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure 2174 * the set of trusted certificates through a callback instead of a linked 2175 * list. 2176 * 2177 * This is useful for example in environments where a large number of trusted 2178 * certificates is present and storing them in a linked list isn't efficient 2179 * enough, or when the set of trusted certificates changes frequently. 2180 * 2181 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and 2182 * `mbedtls_ssl_conf_ca_cb()` for more information. 2183 * 2184 * Requires: MBEDTLS_X509_CRT_PARSE_C 2185 * 2186 * Uncomment to enable trusted certificate callbacks. 2187 */ 2188 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 2189 2190 /** 2191 * \def MBEDTLS_X509_REMOVE_INFO 2192 * 2193 * Disable mbedtls_x509_*_info() and related APIs. 2194 * 2195 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() 2196 * and other functions/constants only used by these functions, thus reducing 2197 * the code footprint by several KB. 2198 */ 2199 //#define MBEDTLS_X509_REMOVE_INFO 2200 2201 /** 2202 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT 2203 * 2204 * Enable parsing and verification of X.509 certificates, CRLs and CSRS 2205 * signed with RSASSA-PSS (aka PKCS#1 v2.1). 2206 * 2207 * Requires: MBEDTLS_PKCS1_V21 2208 * 2209 * Comment this macro to disallow using RSASSA-PSS in certificates. 2210 */ 2211 //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT 2212 /** \} name SECTION: Mbed TLS feature support */ 2213 2214 /** 2215 * \name SECTION: Mbed TLS modules 2216 * 2217 * This section enables or disables entire modules in Mbed TLS 2218 * \{ 2219 */ 2220 2221 /** 2222 * \def MBEDTLS_AESNI_C 2223 * 2224 * Enable AES-NI support on x86-64 or x86-32. 2225 * 2226 * \note AESNI is only supported with certain compilers and target options: 2227 * - Visual Studio: supported 2228 * - GCC, x86-64, target not explicitly supporting AESNI: 2229 * requires MBEDTLS_HAVE_ASM. 2230 * - GCC, x86-32, target not explicitly supporting AESNI: 2231 * not supported. 2232 * - GCC, x86-64 or x86-32, target supporting AESNI: supported. 2233 * For this assembly-less implementation, you must currently compile 2234 * `library/aesni.c` and `library/aes.c` with machine options to enable 2235 * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or 2236 * `clang -maes -mpclmul`. 2237 * - Non-x86 targets: this option is silently ignored. 2238 * - Other compilers: this option is silently ignored. 2239 * 2240 * \note 2241 * Above, "GCC" includes compatible compilers such as Clang. 2242 * The limitations on target support are likely to be relaxed in the future. 2243 * 2244 * Module: library/aesni.c 2245 * Caller: library/aes.c 2246 * 2247 * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) 2248 * 2249 * This modules adds support for the AES-NI instructions on x86. 2250 */ 2251 //#define MBEDTLS_AESNI_C 2252 2253 /** 2254 * \def MBEDTLS_AESCE_C 2255 * 2256 * Enable AES cryptographic extension support on Armv8. 2257 * 2258 * Module: library/aesce.c 2259 * Caller: library/aes.c 2260 * 2261 * Requires: MBEDTLS_AES_C 2262 * 2263 * \warning Runtime detection only works on Linux. For non-Linux operating 2264 * system, Armv8-A Cryptographic Extensions must be supported by 2265 * the CPU when this option is enabled. 2266 * 2267 * \note Minimum compiler versions for this feature when targeting aarch64 2268 * are Clang 4.0; armclang 6.6; GCC 6.0; or MSVC 2019 version 16.11.2. 2269 * Minimum compiler versions for this feature when targeting 32-bit 2270 * Arm or Thumb are Clang 11.0; armclang 6.20; or GCC 6.0. 2271 * 2272 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 2273 * armclang <= 6.9 2274 * 2275 * This module adds support for the AES Armv8-A Cryptographic Extensions on Armv8 systems. 2276 */ 2277 // #define MBEDTLS_AESCE_C 2278 2279 /** 2280 * \def MBEDTLS_AES_C 2281 * 2282 * Enable the AES block cipher. 2283 * 2284 * Module: library/aes.c 2285 * Caller: library/cipher.c 2286 * library/pem.c 2287 * library/ctr_drbg.c 2288 * 2289 * This module enables the following ciphersuites (if other requisites are 2290 * enabled as well): 2291 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 2292 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 2293 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 2294 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 2295 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 2296 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 2297 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 2298 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 2299 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 2300 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 2301 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 2302 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 2303 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 2304 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 2305 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 2306 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 2307 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 2308 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 2309 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 2310 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 2311 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2312 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 2313 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 2314 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 2315 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 2316 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 2317 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 2318 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 2319 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 2320 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 2321 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 2322 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 2323 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 2324 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 2325 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 2326 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 2327 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 2328 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 2329 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 2330 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 2331 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 2332 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 2333 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 2334 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 2335 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 2336 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 2337 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 2338 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 2339 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 2340 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 2341 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 2342 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 2343 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 2344 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 2345 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 2346 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 2347 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 2348 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 2349 * 2350 * PEM_PARSE uses AES for decrypting encrypted keys. 2351 */ 2352 #define MBEDTLS_AES_C 2353 2354 /** 2355 * \def MBEDTLS_ASN1_PARSE_C 2356 * 2357 * Enable the generic ASN1 parser. 2358 * 2359 * Module: library/asn1.c 2360 * Caller: library/x509.c 2361 * library/dhm.c 2362 * library/pkcs12.c 2363 * library/pkcs5.c 2364 * library/pkparse.c 2365 */ 2366 #define MBEDTLS_ASN1_PARSE_C 2367 2368 /** 2369 * \def MBEDTLS_ASN1_WRITE_C 2370 * 2371 * Enable the generic ASN1 writer. 2372 * 2373 * Module: library/asn1write.c 2374 * Caller: library/ecdsa.c 2375 * library/pkwrite.c 2376 * library/x509_create.c 2377 * library/x509write_crt.c 2378 * library/x509write_csr.c 2379 */ 2380 #define MBEDTLS_ASN1_WRITE_C 2381 2382 /** 2383 * \def MBEDTLS_BASE64_C 2384 * 2385 * Enable the Base64 module. 2386 * 2387 * Module: library/base64.c 2388 * Caller: library/pem.c 2389 * 2390 * This module is required for PEM support (required by X.509). 2391 */ 2392 #define MBEDTLS_BASE64_C 2393 2394 /** 2395 * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 2396 * 2397 * Remove decryption operation for AES, ARIA and Camellia block cipher. 2398 * 2399 * \note This feature is incompatible with insecure block cipher, 2400 * MBEDTLS_DES_C, and cipher modes which always require decryption 2401 * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and 2402 * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, 2403 * this feature is incompatible with following supported PSA equivalence, 2404 * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING, 2405 * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES. 2406 * 2407 * Module: library/aes.c 2408 * library/aesce.c 2409 * library/aesni.c 2410 * library/aria.c 2411 * library/camellia.c 2412 * library/cipher.c 2413 */ 2414 //#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 2415 2416 /** 2417 * \def MBEDTLS_BIGNUM_C 2418 * 2419 * Enable the multi-precision integer library. 2420 * 2421 * Module: library/bignum.c 2422 * library/bignum_core.c 2423 * library/bignum_mod.c 2424 * library/bignum_mod_raw.c 2425 * Caller: library/dhm.c 2426 * library/ecp.c 2427 * library/ecdsa.c 2428 * library/rsa.c 2429 * library/rsa_alt_helpers.c 2430 * library/ssl_tls.c 2431 * 2432 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. 2433 */ 2434 #define MBEDTLS_BIGNUM_C 2435 2436 /** 2437 * \def MBEDTLS_CAMELLIA_C 2438 * 2439 * Enable the Camellia block cipher. 2440 * 2441 * Module: library/camellia.c 2442 * Caller: library/cipher.c 2443 * 2444 * This module enables the following ciphersuites (if other requisites are 2445 * enabled as well): 2446 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2447 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2448 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 2449 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 2450 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2451 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2452 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 2453 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 2454 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2455 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2456 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2457 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2458 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 2459 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 2460 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 2461 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2462 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2463 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2464 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2465 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2466 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2467 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 2468 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 2469 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2470 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2471 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 2472 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2473 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2474 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 2475 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 2476 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 2477 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 2478 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 2479 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 2480 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 2481 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 2482 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 2483 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 2484 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 2485 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 2486 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 2487 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 2488 */ 2489 //#define MBEDTLS_CAMELLIA_C 2490 2491 /** 2492 * \def MBEDTLS_ARIA_C 2493 * 2494 * Enable the ARIA block cipher. 2495 * 2496 * Module: library/aria.c 2497 * Caller: library/cipher.c 2498 * 2499 * This module enables the following ciphersuites (if other requisites are 2500 * enabled as well): 2501 * 2502 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 2503 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 2504 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 2505 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 2506 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 2507 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 2508 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 2509 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 2510 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 2511 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 2512 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 2513 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 2514 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 2515 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 2516 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 2517 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 2518 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 2519 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 2520 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 2521 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 2522 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 2523 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 2524 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 2525 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 2526 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 2527 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 2528 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 2529 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 2530 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 2531 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 2532 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 2533 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 2534 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 2535 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 2536 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 2537 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 2538 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 2539 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 2540 */ 2541 #define MBEDTLS_ARIA_C 2542 2543 /** 2544 * \def MBEDTLS_CCM_C 2545 * 2546 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. 2547 * 2548 * Module: library/ccm.c 2549 * 2550 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2551 * MBEDTLS_ARIA_C 2552 * 2553 * This module enables the AES-CCM ciphersuites, if other requisites are 2554 * enabled as well. 2555 */ 2556 //#define MBEDTLS_CCM_C 2557 2558 /** 2559 * \def MBEDTLS_CHACHA20_C 2560 * 2561 * Enable the ChaCha20 stream cipher. 2562 * 2563 * Module: library/chacha20.c 2564 */ 2565 #define MBEDTLS_CHACHA20_C 2566 2567 /** 2568 * \def MBEDTLS_CHACHAPOLY_C 2569 * 2570 * Enable the ChaCha20-Poly1305 AEAD algorithm. 2571 * 2572 * Module: library/chachapoly.c 2573 * 2574 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C 2575 */ 2576 #define MBEDTLS_CHACHAPOLY_C 2577 2578 /** 2579 * \def MBEDTLS_CIPHER_C 2580 * 2581 * Enable the generic cipher layer. 2582 * 2583 * Module: library/cipher.c 2584 * Caller: library/ccm.c 2585 * library/cmac.c 2586 * library/gcm.c 2587 * library/nist_kw.c 2588 * library/pkcs12.c 2589 * library/pkcs5.c 2590 * library/psa_crypto_aead.c 2591 * library/psa_crypto_mac.c 2592 * library/ssl_ciphersuites.c 2593 * library/ssl_msg.c 2594 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) 2595 * Auto-enabled by: MBEDTLS_PSA_CRYPTO_C depending on which ciphers are enabled 2596 * (see the documentation of that option for details). 2597 * 2598 * Uncomment to enable generic cipher wrappers. 2599 */ 2600 #define MBEDTLS_CIPHER_C 2601 2602 /** 2603 * \def MBEDTLS_CMAC_C 2604 * 2605 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block 2606 * ciphers. 2607 * 2608 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying 2609 * implementation of the CMAC algorithm is provided by an alternate 2610 * implementation, that alternate implementation may opt to not support 2611 * AES-192 or 3DES as underlying block ciphers for the CMAC operation. 2612 * 2613 * Module: library/cmac.c 2614 * 2615 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C 2616 * 2617 */ 2618 #define MBEDTLS_CMAC_C 2619 2620 /** 2621 * \def MBEDTLS_CTR_DRBG_C 2622 * 2623 * Enable the CTR_DRBG AES-based random generator. 2624 * The CTR_DRBG generator uses AES-256 by default. 2625 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. 2626 * 2627 * AES support can either be achived through builtin (MBEDTLS_AES_C) or PSA. 2628 * Builtin is the default option when MBEDTLS_AES_C is defined otherwise PSA 2629 * is used. 2630 * 2631 * \warning When using PSA, the user should call `psa_crypto_init()` before 2632 * using any CTR_DRBG operation (except `mbedtls_ctr_drbg_init()`). 2633 * 2634 * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. 2635 * 2636 * \note To achieve a 256-bit security strength with CTR_DRBG, 2637 * you must use AES-256 *and* use sufficient entropy. 2638 * See ctr_drbg.h for more details. 2639 * 2640 * Module: library/ctr_drbg.c 2641 * Caller: 2642 * 2643 * Requires: MBEDTLS_AES_C or 2644 * (PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING and 2645 * MBEDTLS_PSA_CRYPTO_C) 2646 * 2647 * This module provides the CTR_DRBG AES random number generator. 2648 */ 2649 #define MBEDTLS_CTR_DRBG_C 2650 2651 /** 2652 * \def MBEDTLS_DEBUG_C 2653 * 2654 * Enable the debug functions. 2655 * 2656 * Module: library/debug.c 2657 * Caller: library/ssl_msg.c 2658 * library/ssl_tls.c 2659 * library/ssl_tls12_*.c 2660 * library/ssl_tls13_*.c 2661 * 2662 * This module provides debugging functions. 2663 */ 2664 //#define MBEDTLS_DEBUG_C 2665 2666 /** 2667 * \def MBEDTLS_DES_C 2668 * 2669 * Enable the DES block cipher. 2670 * 2671 * Module: library/des.c 2672 * Caller: library/pem.c 2673 * library/cipher.c 2674 * 2675 * PEM_PARSE uses DES/3DES for decrypting encrypted keys. 2676 * 2677 * \warning DES/3DES are considered weak ciphers and their use constitutes a 2678 * security risk. We recommend considering stronger ciphers instead. 2679 */ 2680 #define MBEDTLS_DES_C 2681 2682 /** 2683 * \def MBEDTLS_DHM_C 2684 * 2685 * Enable the Diffie-Hellman-Merkle module. 2686 * 2687 * Module: library/dhm.c 2688 * Caller: library/ssl_tls.c 2689 * library/ssl*_client.c 2690 * library/ssl*_server.c 2691 * 2692 * This module is used by the following key exchanges: 2693 * DHE-RSA, DHE-PSK 2694 * 2695 * \warning Using DHE constitutes a security risk as it 2696 * is not possible to validate custom DH parameters. 2697 * If possible, it is recommended users should consider 2698 * preferring other methods of key exchange. 2699 * See dhm.h for more details. 2700 * 2701 */ 2702 //#define MBEDTLS_DHM_C 2703 2704 /** 2705 * \def MBEDTLS_ECDH_C 2706 * 2707 * Enable the elliptic curve Diffie-Hellman library. 2708 * 2709 * Module: library/ecdh.c 2710 * Caller: library/psa_crypto.c 2711 * library/ssl_tls.c 2712 * library/ssl*_client.c 2713 * library/ssl*_server.c 2714 * 2715 * This module is used by the following key exchanges: 2716 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK 2717 * 2718 * Requires: MBEDTLS_ECP_C 2719 */ 2720 #define MBEDTLS_ECDH_C 2721 2722 /** 2723 * \def MBEDTLS_ECDSA_C 2724 * 2725 * Enable the elliptic curve DSA library. 2726 * 2727 * Module: library/ecdsa.c 2728 * Caller: 2729 * 2730 * This module is used by the following key exchanges: 2731 * ECDHE-ECDSA 2732 * 2733 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, 2734 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a 2735 * short Weierstrass curve. 2736 */ 2737 #define MBEDTLS_ECDSA_C 2738 2739 /** 2740 * \def MBEDTLS_ECJPAKE_C 2741 * 2742 * Enable the elliptic curve J-PAKE library. 2743 * 2744 * \note EC J-PAKE support is based on the Thread v1.0.0 specification. 2745 * It has not been reviewed for compliance with newer standards such as 2746 * Thread v1.1 or RFC 8236. 2747 * 2748 * Module: library/ecjpake.c 2749 * Caller: 2750 * 2751 * This module is used by the following key exchanges: 2752 * ECJPAKE 2753 * 2754 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C 2755 * 2756 * \warning If using a hash that is only provided by PSA drivers, you must 2757 * call psa_crypto_init() before doing any EC J-PAKE operations. 2758 */ 2759 #define MBEDTLS_ECJPAKE_C 2760 2761 /** 2762 * \def MBEDTLS_ECP_C 2763 * 2764 * Enable the elliptic curve over GF(p) library. 2765 * 2766 * Module: library/ecp.c 2767 * Caller: library/ecdh.c 2768 * library/ecdsa.c 2769 * library/ecjpake.c 2770 * 2771 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED 2772 */ 2773 #define MBEDTLS_ECP_C 2774 2775 /** 2776 * \def MBEDTLS_ENTROPY_C 2777 * 2778 * Enable the platform-specific entropy code. 2779 * 2780 * Module: library/entropy.c 2781 * Caller: 2782 * 2783 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C 2784 * 2785 * This module provides a generic entropy pool 2786 */ 2787 #define MBEDTLS_ENTROPY_C 2788 2789 /** 2790 * \def MBEDTLS_ERROR_C 2791 * 2792 * Enable error code to error string conversion. 2793 * 2794 * Module: library/error.c 2795 * Caller: 2796 * 2797 * This module enables mbedtls_strerror(). 2798 */ 2799 //#define MBEDTLS_ERROR_C 2800 2801 /** 2802 * \def MBEDTLS_GCM_C 2803 * 2804 * Enable the Galois/Counter Mode (GCM). 2805 * 2806 * Module: library/gcm.c 2807 * 2808 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2809 * MBEDTLS_ARIA_C 2810 * 2811 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other 2812 * requisites are enabled as well. 2813 */ 2814 #define MBEDTLS_GCM_C 2815 2816 /** 2817 * \def MBEDTLS_GCM_LARGE_TABLE 2818 * 2819 * Enable large pre-computed tables for Galois/Counter Mode (GCM). 2820 * Can significantly increase throughput on systems without GCM hardware 2821 * acceleration (e.g., AESNI, AESCE). 2822 * 2823 * The mbedtls_gcm_context size will increase by 3840 bytes. 2824 * The code size will increase by roughly 344 bytes. 2825 * 2826 * Module: library/gcm.c 2827 * 2828 * Requires: MBEDTLS_GCM_C 2829 */ 2830 //#define MBEDTLS_GCM_LARGE_TABLE 2831 2832 /** 2833 * \def MBEDTLS_HKDF_C 2834 * 2835 * Enable the HKDF algorithm (RFC 5869). 2836 * 2837 * Module: library/hkdf.c 2838 * Caller: 2839 * 2840 * Requires: MBEDTLS_MD_C 2841 * 2842 * This module adds support for the Hashed Message Authentication Code 2843 * (HMAC)-based key derivation function (HKDF). 2844 */ 2845 #define MBEDTLS_HKDF_C 2846 2847 /** 2848 * \def MBEDTLS_HMAC_DRBG_C 2849 * 2850 * Enable the HMAC_DRBG random generator. 2851 * 2852 * Module: library/hmac_drbg.c 2853 * Caller: 2854 * 2855 * Requires: MBEDTLS_MD_C 2856 * 2857 * Uncomment to enable the HMAC_DRBG random number generator. 2858 */ 2859 //#define MBEDTLS_HMAC_DRBG_C 2860 2861 /** 2862 * \def MBEDTLS_LMS_C 2863 * 2864 * Enable the LMS stateful-hash asymmetric signature algorithm. 2865 * 2866 * Module: library/lms.c 2867 * Caller: 2868 * 2869 * Requires: MBEDTLS_PSA_CRYPTO_C 2870 * 2871 * Uncomment to enable the LMS verification algorithm and public key operations. 2872 */ 2873 #define MBEDTLS_LMS_C 2874 2875 /** 2876 * \def MBEDTLS_LMS_PRIVATE 2877 * 2878 * Enable LMS private-key operations and signing code. Functions enabled by this 2879 * option are experimental, and should not be used in production. 2880 * 2881 * Requires: MBEDTLS_LMS_C 2882 * 2883 * Uncomment to enable the LMS signature algorithm and private key operations. 2884 */ 2885 //#define MBEDTLS_LMS_PRIVATE 2886 2887 /** 2888 * \def MBEDTLS_NIST_KW_C 2889 * 2890 * Enable the Key Wrapping mode for 128-bit block ciphers, 2891 * as defined in NIST SP 800-38F. Only KW and KWP modes 2892 * are supported. At the moment, only AES is approved by NIST. 2893 * 2894 * Module: library/nist_kw.c 2895 * 2896 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C 2897 */ 2898 #define MBEDTLS_NIST_KW_C 2899 2900 /** 2901 * \def MBEDTLS_MD_C 2902 * 2903 * Enable the generic layer for message digest (hashing) and HMAC. 2904 * 2905 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, 2906 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, 2907 * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least 2908 * one hash. 2909 * Module: library/md.c 2910 * Caller: library/constant_time.c 2911 * library/ecdsa.c 2912 * library/ecjpake.c 2913 * library/hkdf.c 2914 * library/hmac_drbg.c 2915 * library/pk.c 2916 * library/pkcs5.c 2917 * library/pkcs12.c 2918 * library/psa_crypto_ecp.c 2919 * library/psa_crypto_rsa.c 2920 * library/rsa.c 2921 * library/ssl_cookie.c 2922 * library/ssl_msg.c 2923 * library/ssl_tls.c 2924 * library/x509.c 2925 * library/x509_crt.c 2926 * library/x509write_crt.c 2927 * library/x509write_csr.c 2928 * 2929 * Uncomment to enable generic message digest wrappers. 2930 */ 2931 #define MBEDTLS_MD_C 2932 2933 /** 2934 * \def MBEDTLS_MD5_C 2935 * 2936 * Enable the MD5 hash algorithm. 2937 * 2938 * Module: library/md5.c 2939 * Caller: library/md.c 2940 * library/pem.c 2941 * library/ssl_tls.c 2942 * 2943 * This module is required for TLS 1.2 depending on the handshake parameters. 2944 * Further, it is used for checking MD5-signed certificates, and for PBKDF1 2945 * when decrypting PEM-encoded encrypted keys. 2946 * 2947 * \warning MD5 is considered a weak message digest and its use constitutes a 2948 * security risk. If possible, we recommend avoiding dependencies on 2949 * it, and considering stronger message digests instead. 2950 * 2951 */ 2952 #define MBEDTLS_MD5_C 2953 2954 /** 2955 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C 2956 * 2957 * Enable the buffer allocator implementation that makes use of a (stack) 2958 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() 2959 * calls) 2960 * 2961 * Module: library/memory_buffer_alloc.c 2962 * 2963 * Requires: MBEDTLS_PLATFORM_C 2964 * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) 2965 * 2966 * Enable this module to enable the buffer memory allocator. 2967 */ 2968 #ifdef HILINK_E2E_SECURITY_CONFIG 2969 #define MBEDTLS_MEMORY_BUFFER_ALLOC_C 2970 #endif 2971 2972 /** 2973 * \def MBEDTLS_NET_C 2974 * 2975 * Enable the TCP and UDP over IPv6/IPv4 networking routines. 2976 * 2977 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) 2978 * and Windows. For other platforms, you'll want to disable it, and write your 2979 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). 2980 * 2981 * \note See also our Knowledge Base article about porting to a new 2982 * environment: 2983 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 2984 * 2985 * Module: library/net_sockets.c 2986 * 2987 * This module provides networking routines. 2988 */ 2989 #define MBEDTLS_NET_C 2990 2991 /** 2992 * \def MBEDTLS_OID_C 2993 * 2994 * Enable the OID database. 2995 * 2996 * Module: library/oid.c 2997 * Caller: library/asn1write.c 2998 * library/pkcs5.c 2999 * library/pkparse.c 3000 * library/pkwrite.c 3001 * library/rsa.c 3002 * library/x509.c 3003 * library/x509_create.c 3004 * library/x509_crl.c 3005 * library/x509_crt.c 3006 * library/x509_csr.c 3007 * library/x509write_crt.c 3008 * library/x509write_csr.c 3009 * 3010 * This modules translates between OIDs and internal values. 3011 */ 3012 #define MBEDTLS_OID_C 3013 3014 /** 3015 * \def MBEDTLS_PADLOCK_C 3016 * 3017 * Enable VIA Padlock support on x86. 3018 * 3019 * Module: library/padlock.c 3020 * Caller: library/aes.c 3021 * 3022 * Requires: MBEDTLS_HAVE_ASM 3023 * 3024 * This modules adds support for the VIA PadLock on x86. 3025 */ 3026 #define MBEDTLS_PADLOCK_C 3027 3028 /** 3029 * \def MBEDTLS_PEM_PARSE_C 3030 * 3031 * Enable PEM decoding / parsing. 3032 * 3033 * Module: library/pem.c 3034 * Caller: library/dhm.c 3035 * library/pkparse.c 3036 * library/x509_crl.c 3037 * library/x509_crt.c 3038 * library/x509_csr.c 3039 * 3040 * Requires: MBEDTLS_BASE64_C 3041 * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below) 3042 * 3043 * \warning When parsing password-protected files, if MD5 is provided only by 3044 * a PSA driver, you must call psa_crypto_init() before the first file. 3045 * 3046 * This modules adds support for decoding / parsing PEM files. 3047 */ 3048 #define MBEDTLS_PEM_PARSE_C 3049 3050 /** 3051 * \def MBEDTLS_PEM_WRITE_C 3052 * 3053 * Enable PEM encoding / writing. 3054 * 3055 * Module: library/pem.c 3056 * Caller: library/pkwrite.c 3057 * library/x509write_crt.c 3058 * library/x509write_csr.c 3059 * 3060 * Requires: MBEDTLS_BASE64_C 3061 * 3062 * This modules adds support for encoding / writing PEM files. 3063 */ 3064 #define MBEDTLS_PEM_WRITE_C 3065 3066 /** 3067 * \def MBEDTLS_PK_C 3068 * 3069 * Enable the generic public (asymmetric) key layer. 3070 * 3071 * Module: library/pk.c 3072 * Caller: library/psa_crypto_rsa.c 3073 * library/ssl_tls.c 3074 * library/ssl*_client.c 3075 * library/ssl*_server.c 3076 * library/x509.c 3077 * 3078 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C 3079 * 3080 * Uncomment to enable generic public key wrappers. 3081 */ 3082 #define MBEDTLS_PK_C 3083 3084 /** 3085 * \def MBEDTLS_PK_PARSE_C 3086 * 3087 * Enable the generic public (asymmetric) key parser. 3088 * 3089 * Module: library/pkparse.c 3090 * Caller: library/x509_crt.c 3091 * library/x509_csr.c 3092 * 3093 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_C 3094 * 3095 * Uncomment to enable generic public key parse functions. 3096 */ 3097 #define MBEDTLS_PK_PARSE_C 3098 3099 /** 3100 * \def MBEDTLS_PK_WRITE_C 3101 * 3102 * Enable the generic public (asymmetric) key writer. 3103 * 3104 * Module: library/pkwrite.c 3105 * Caller: library/x509write.c 3106 * 3107 * Requires: MBEDTLS_ASN1_WRITE_C, MBEDTLS_OID_C, MBEDTLS_PK_C 3108 * 3109 * Uncomment to enable generic public key write functions. 3110 */ 3111 #define MBEDTLS_PK_WRITE_C 3112 3113 /** 3114 * \def MBEDTLS_PKCS5_C 3115 * 3116 * Enable PKCS#5 functions. 3117 * 3118 * Module: library/pkcs5.c 3119 * 3120 * Auto-enables: MBEDTLS_MD_C 3121 * 3122 * \warning If using a hash that is only provided by PSA drivers, you must 3123 * call psa_crypto_init() before doing any PKCS5 operations. 3124 * 3125 * This module adds support for the PKCS#5 functions. 3126 */ 3127 #define MBEDTLS_PKCS5_C 3128 3129 /** 3130 * \def MBEDTLS_PKCS7_C 3131 * 3132 * Enable PKCS #7 core for using PKCS #7-formatted signatures. 3133 * RFC Link - https://tools.ietf.org/html/rfc2315 3134 * 3135 * Module: library/pkcs7.c 3136 * 3137 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3138 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, 3139 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C 3140 * 3141 * This module is required for the PKCS #7 parsing modules. 3142 */ 3143 #define MBEDTLS_PKCS7_C 3144 3145 /** 3146 * \def MBEDTLS_PKCS12_C 3147 * 3148 * Enable PKCS#12 PBE functions. 3149 * Adds algorithms for parsing PKCS#8 encrypted private keys 3150 * 3151 * Module: library/pkcs12.c 3152 * Caller: library/pkparse.c 3153 * 3154 * Requires: MBEDTLS_ASN1_PARSE_C and either MBEDTLS_MD_C or 3155 * MBEDTLS_PSA_CRYPTO_C. 3156 * 3157 * \warning If using a hash that is only provided by PSA drivers, you must 3158 * call psa_crypto_init() before doing any PKCS12 operations. 3159 * 3160 * This module enables PKCS#12 functions. 3161 */ 3162 //#define MBEDTLS_PKCS12_C 3163 3164 /** 3165 * \def MBEDTLS_PLATFORM_C 3166 * 3167 * Enable the platform abstraction layer that allows you to re-assign 3168 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). 3169 * 3170 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT 3171 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned 3172 * above to be specified at runtime or compile time respectively. 3173 * 3174 * \note This abstraction layer must be enabled on Windows (including MSYS2) 3175 * as other modules rely on it for a fixed snprintf implementation. 3176 * 3177 * Module: library/platform.c 3178 * Caller: Most other .c files 3179 * 3180 * This module enables abstraction of common (libc) functions. 3181 */ 3182 #define MBEDTLS_PLATFORM_C 3183 3184 /** 3185 * \def MBEDTLS_POLY1305_C 3186 * 3187 * Enable the Poly1305 MAC algorithm. 3188 * 3189 * Module: library/poly1305.c 3190 * Caller: library/chachapoly.c 3191 */ 3192 #define MBEDTLS_POLY1305_C 3193 3194 /** 3195 * \def MBEDTLS_PSA_CRYPTO_C 3196 * 3197 * Enable the Platform Security Architecture cryptography API. 3198 * 3199 * Module: library/psa_crypto.c 3200 * 3201 * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, 3202 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, 3203 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. 3204 * Auto-enables: MBEDTLS_CIPHER_C if any unauthenticated (ie, non-AEAD) cipher 3205 * is enabled in PSA (unless it's fully accelerated, see 3206 * docs/driver-only-builds.md about that). 3207 */ 3208 #define MBEDTLS_PSA_CRYPTO_C 3209 3210 /** 3211 * \def MBEDTLS_PSA_CRYPTO_SE_C 3212 * 3213 * Enable dynamic secure element support in the Platform Security Architecture 3214 * cryptography API. 3215 * 3216 * \deprecated This feature is deprecated. Please switch to the PSA driver 3217 * interface. 3218 * 3219 * \warning This feature is not thread-safe, and should not be used in a 3220 * multi-threaded environment. 3221 * 3222 * Module: library/psa_crypto_se.c 3223 * 3224 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C 3225 * 3226 */ 3227 //#define MBEDTLS_PSA_CRYPTO_SE_C 3228 3229 /** 3230 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C 3231 * 3232 * Enable the Platform Security Architecture persistent key storage. 3233 * 3234 * Module: library/psa_crypto_storage.c 3235 * 3236 * Requires: MBEDTLS_PSA_CRYPTO_C, 3237 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of 3238 * the PSA ITS interface 3239 */ 3240 #define MBEDTLS_PSA_CRYPTO_STORAGE_C 3241 3242 /** 3243 * \def MBEDTLS_PSA_ITS_FILE_C 3244 * 3245 * Enable the emulation of the Platform Security Architecture 3246 * Internal Trusted Storage (PSA ITS) over files. 3247 * 3248 * Module: library/psa_its_file.c 3249 * 3250 * Requires: MBEDTLS_FS_IO 3251 */ 3252 #define MBEDTLS_PSA_ITS_FILE_C 3253 3254 /** 3255 * \def MBEDTLS_RIPEMD160_C 3256 * 3257 * Enable the RIPEMD-160 hash algorithm. 3258 * 3259 * Module: library/ripemd160.c 3260 * Caller: library/md.c 3261 * 3262 */ 3263 //#define MBEDTLS_RIPEMD160_C 3264 3265 /** 3266 * \def MBEDTLS_RSA_C 3267 * 3268 * Enable the RSA public-key cryptosystem. 3269 * 3270 * Module: library/rsa.c 3271 * library/rsa_alt_helpers.c 3272 * Caller: library/pk.c 3273 * library/psa_crypto.c 3274 * library/ssl_tls.c 3275 * library/ssl*_client.c 3276 * library/ssl*_server.c 3277 * 3278 * This module is used by the following key exchanges: 3279 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK 3280 * 3281 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C 3282 */ 3283 #define MBEDTLS_RSA_C 3284 3285 /** 3286 * \def MBEDTLS_SHA1_C 3287 * 3288 * Enable the SHA1 cryptographic hash algorithm. 3289 * 3290 * Module: library/sha1.c 3291 * Caller: library/md.c 3292 * library/psa_crypto_hash.c 3293 * 3294 * This module is required for TLS 1.2 depending on the handshake parameters, 3295 * and for SHA1-signed certificates. 3296 * 3297 * \warning SHA-1 is considered a weak message digest and its use constitutes 3298 * a security risk. If possible, we recommend avoiding dependencies 3299 * on it, and considering stronger message digests instead. 3300 * 3301 */ 3302 #define MBEDTLS_SHA1_C 3303 3304 /** 3305 * \def MBEDTLS_SHA224_C 3306 * 3307 * Enable the SHA-224 cryptographic hash algorithm. 3308 * 3309 * Module: library/sha256.c 3310 * Caller: library/md.c 3311 * library/ssl_cookie.c 3312 * 3313 * This module adds support for SHA-224. 3314 */ 3315 #define MBEDTLS_SHA224_C 3316 3317 /** 3318 * \def MBEDTLS_SHA256_C 3319 * 3320 * Enable the SHA-256 cryptographic hash algorithm. 3321 * 3322 * Module: library/sha256.c 3323 * Caller: library/entropy.c 3324 * library/md.c 3325 * library/ssl_tls.c 3326 * library/ssl*_client.c 3327 * library/ssl*_server.c 3328 * 3329 * This module adds support for SHA-256. 3330 * This module is required for the SSL/TLS 1.2 PRF function. 3331 */ 3332 #define MBEDTLS_SHA256_C 3333 3334 /** 3335 * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT 3336 * 3337 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3338 * with the ARMv8 cryptographic extensions if they are available at runtime. 3339 * If not, the library will fall back to the C implementation. 3340 * 3341 * \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building 3342 * for a non-Armv8-A build it will be silently ignored. 3343 * 3344 * \note Minimum compiler versions for this feature are Clang 4.0, 3345 * armclang 6.6 or GCC 6.0. 3346 * 3347 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 3348 * armclang <= 6.9 3349 * 3350 * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. 3351 * That name is deprecated, but may still be used as an alternative form for this 3352 * option. 3353 * 3354 * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the 3355 * same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. 3356 * 3357 * Requires: MBEDTLS_SHA256_C. 3358 * 3359 * Module: library/sha256.c 3360 * 3361 * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions 3362 * and use them if available. 3363 */ 3364 //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT 3365 3366 /** 3367 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3368 * 3369 * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. 3370 * This name is now deprecated, but may still be used as an alternative form for 3371 * this option. 3372 */ 3373 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3374 3375 /** 3376 * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY 3377 * 3378 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3379 * with the ARMv8 cryptographic extensions, which must be available at runtime 3380 * or else an illegal instruction fault will occur. 3381 * 3382 * \note This allows builds with a smaller code size than with 3383 * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT 3384 * 3385 * \note Minimum compiler versions for this feature are Clang 4.0, 3386 * armclang 6.6 or GCC 6.0. 3387 * 3388 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 3389 * armclang <= 6.9 3390 * 3391 * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. 3392 * That name is deprecated, but may still be used as an alternative form for this 3393 * option. 3394 * 3395 * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same 3396 * time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. 3397 * 3398 * Requires: MBEDTLS_SHA256_C. 3399 * 3400 * Module: library/sha256.c 3401 * 3402 * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions 3403 * unconditionally. 3404 */ 3405 //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY 3406 3407 /** 3408 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3409 * 3410 * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. 3411 * This name is now deprecated, but may still be used as an alternative form for 3412 * this option. 3413 */ 3414 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3415 3416 /** 3417 * \def MBEDTLS_SHA384_C 3418 * 3419 * Enable the SHA-384 cryptographic hash algorithm. 3420 * 3421 * Module: library/sha512.c 3422 * Caller: library/md.c 3423 * library/psa_crypto_hash.c 3424 * library/ssl_tls.c 3425 * library/ssl*_client.c 3426 * library/ssl*_server.c 3427 * 3428 * Comment to disable SHA-384 3429 */ 3430 #define MBEDTLS_SHA384_C 3431 3432 /** 3433 * \def MBEDTLS_SHA512_C 3434 * 3435 * Enable SHA-512 cryptographic hash algorithms. 3436 * 3437 * Module: library/sha512.c 3438 * Caller: library/entropy.c 3439 * library/md.c 3440 * library/ssl_tls.c 3441 * library/ssl_cookie.c 3442 * 3443 * This module adds support for SHA-512. 3444 */ 3445 #define MBEDTLS_SHA512_C 3446 3447 /** 3448 * \def MBEDTLS_SHA3_C 3449 * 3450 * Enable the SHA3 cryptographic hash algorithm. 3451 * 3452 * Module: library/sha3.c 3453 * 3454 * This module adds support for SHA3. 3455 */ 3456 #define MBEDTLS_SHA3_C 3457 3458 /** 3459 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3460 * 3461 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3462 * with the ARMv8 cryptographic extensions if they are available at runtime. 3463 * If not, the library will fall back to the C implementation. 3464 * 3465 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building 3466 * for a non-Aarch64 build it will be silently ignored. 3467 * 3468 * \note Minimum compiler versions for this feature are Clang 7.0, 3469 * armclang 6.9 or GCC 8.0. 3470 * 3471 * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for 3472 * armclang 6.9 3473 * 3474 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3475 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. 3476 * 3477 * Requires: MBEDTLS_SHA512_C. 3478 * 3479 * Module: library/sha512.c 3480 * 3481 * Uncomment to have the library check for the A64 SHA-512 crypto extensions 3482 * and use them if available. 3483 */ 3484 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3485 3486 /** 3487 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3488 * 3489 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3490 * with the ARMv8 cryptographic extensions, which must be available at runtime 3491 * or else an illegal instruction fault will occur. 3492 * 3493 * \note This allows builds with a smaller code size than with 3494 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3495 * 3496 * \note Minimum compiler versions for this feature are Clang 7.0, 3497 * armclang 6.9 or GCC 8.0. 3498 * 3499 * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for 3500 * armclang 6.9 3501 * 3502 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same 3503 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. 3504 * 3505 * Requires: MBEDTLS_SHA512_C. 3506 * 3507 * Module: library/sha512.c 3508 * 3509 * Uncomment to have the library use the A64 SHA-512 crypto extensions 3510 * unconditionally. 3511 */ 3512 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3513 3514 /** 3515 * \def MBEDTLS_SSL_CACHE_C 3516 * 3517 * Enable simple SSL cache implementation. 3518 * 3519 * Module: library/ssl_cache.c 3520 * Caller: 3521 * 3522 * Requires: MBEDTLS_SSL_CACHE_C 3523 */ 3524 #define MBEDTLS_SSL_CACHE_C 3525 3526 /** 3527 * \def MBEDTLS_SSL_COOKIE_C 3528 * 3529 * Enable basic implementation of DTLS cookies for hello verification. 3530 * 3531 * Module: library/ssl_cookie.c 3532 * Caller: 3533 */ 3534 #define MBEDTLS_SSL_COOKIE_C 3535 3536 /** 3537 * \def MBEDTLS_SSL_TICKET_C 3538 * 3539 * Enable an implementation of TLS server-side callbacks for session tickets. 3540 * 3541 * Module: library/ssl_ticket.c 3542 * Caller: 3543 * 3544 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) && 3545 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) 3546 */ 3547 #define MBEDTLS_SSL_TICKET_C 3548 3549 /** 3550 * \def MBEDTLS_SSL_CLI_C 3551 * 3552 * Enable the SSL/TLS client code. 3553 * 3554 * Module: library/ssl*_client.c 3555 * Caller: 3556 * 3557 * Requires: MBEDTLS_SSL_TLS_C 3558 * 3559 * This module is required for SSL/TLS client support. 3560 */ 3561 #define MBEDTLS_SSL_CLI_C 3562 3563 /** 3564 * \def MBEDTLS_SSL_SRV_C 3565 * 3566 * Enable the SSL/TLS server code. 3567 * 3568 * Module: library/ssl*_server.c 3569 * Caller: 3570 * 3571 * Requires: MBEDTLS_SSL_TLS_C 3572 * 3573 * This module is required for SSL/TLS server support. 3574 */ 3575 //#define MBEDTLS_SSL_SRV_C 3576 3577 /** 3578 * \def MBEDTLS_SSL_TLS_C 3579 * 3580 * Enable the generic SSL/TLS code. 3581 * 3582 * Module: library/ssl_tls.c 3583 * Caller: library/ssl*_client.c 3584 * library/ssl*_server.c 3585 * 3586 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C 3587 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines 3588 * 3589 * This module is required for SSL/TLS. 3590 */ 3591 #define MBEDTLS_SSL_TLS_C 3592 3593 /** 3594 * \def MBEDTLS_THREADING_C 3595 * 3596 * Enable the threading abstraction layer. 3597 * By default Mbed TLS assumes it is used in a non-threaded environment or that 3598 * contexts are not shared between threads. If you do intend to use contexts 3599 * between threads, you will need to enable this layer to prevent race 3600 * conditions. See also our Knowledge Base article about threading: 3601 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading 3602 * 3603 * Module: library/threading.c 3604 * 3605 * This allows different threading implementations (self-implemented or 3606 * provided). 3607 * 3608 * You will have to enable either MBEDTLS_THREADING_ALT or 3609 * MBEDTLS_THREADING_PTHREAD. 3610 * 3611 * Enable this layer to allow use of mutexes within Mbed TLS 3612 */ 3613 //#define MBEDTLS_THREADING_C 3614 3615 /** 3616 * \def MBEDTLS_TIMING_C 3617 * 3618 * Enable the semi-portable timing interface. 3619 * 3620 * \note The provided implementation only works on POSIX/Unix (including Linux, 3621 * BSD and OS X) and Windows. On other platforms, you can either disable that 3622 * module and provide your own implementations of the callbacks needed by 3623 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide 3624 * your own implementation of the whole module by setting 3625 * \c MBEDTLS_TIMING_ALT in the current file. 3626 * 3627 * \note The timing module will include time.h on suitable platforms 3628 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 3629 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 3630 * 3631 * \note See also our Knowledge Base article about porting to a new 3632 * environment: 3633 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 3634 * 3635 * Module: library/timing.c 3636 */ 3637 #define MBEDTLS_TIMING_C 3638 3639 /** 3640 * \def MBEDTLS_VERSION_C 3641 * 3642 * Enable run-time version information. 3643 * 3644 * Module: library/version.c 3645 * 3646 * This module provides run-time version information. 3647 */ 3648 #define MBEDTLS_VERSION_C 3649 3650 /** 3651 * \def MBEDTLS_X509_USE_C 3652 * 3653 * Enable X.509 core for using certificates. 3654 * 3655 * Module: library/x509.c 3656 * Caller: library/x509_crl.c 3657 * library/x509_crt.c 3658 * library/x509_csr.c 3659 * 3660 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3661 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3662 * 3663 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3664 * psa_crypto_init() before doing any X.509 operation. 3665 * 3666 * This module is required for the X.509 parsing modules. 3667 */ 3668 #define MBEDTLS_X509_USE_C 3669 3670 /** 3671 * \def MBEDTLS_X509_CRT_PARSE_C 3672 * 3673 * Enable X.509 certificate parsing. 3674 * 3675 * Module: library/x509_crt.c 3676 * Caller: library/ssl_tls.c 3677 * library/ssl*_client.c 3678 * library/ssl*_server.c 3679 * 3680 * Requires: MBEDTLS_X509_USE_C 3681 * 3682 * This module is required for X.509 certificate parsing. 3683 */ 3684 #define MBEDTLS_X509_CRT_PARSE_C 3685 3686 /** 3687 * \def MBEDTLS_X509_CRL_PARSE_C 3688 * 3689 * Enable X.509 CRL parsing. 3690 * 3691 * Module: library/x509_crl.c 3692 * Caller: library/x509_crt.c 3693 * 3694 * Requires: MBEDTLS_X509_USE_C 3695 * 3696 * This module is required for X.509 CRL parsing. 3697 */ 3698 #define MBEDTLS_X509_CRL_PARSE_C 3699 3700 /** 3701 * \def MBEDTLS_X509_CSR_PARSE_C 3702 * 3703 * Enable X.509 Certificate Signing Request (CSR) parsing. 3704 * 3705 * Module: library/x509_csr.c 3706 * Caller: library/x509_crt_write.c 3707 * 3708 * Requires: MBEDTLS_X509_USE_C 3709 * 3710 * This module is used for reading X.509 certificate request. 3711 */ 3712 //#define MBEDTLS_X509_CSR_PARSE_C 3713 3714 /** 3715 * \def MBEDTLS_X509_CREATE_C 3716 * 3717 * Enable X.509 core for creating certificates. 3718 * 3719 * Module: library/x509_create.c 3720 * 3721 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3722 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3723 * 3724 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3725 * psa_crypto_init() before doing any X.509 create operation. 3726 * 3727 * This module is the basis for creating X.509 certificates and CSRs. 3728 */ 3729 //#define MBEDTLS_X509_CREATE_C 3730 3731 /** 3732 * \def MBEDTLS_X509_CRT_WRITE_C 3733 * 3734 * Enable creating X.509 certificates. 3735 * 3736 * Module: library/x509_crt_write.c m 3737 * 3738 * Requires: MBEDTLS_X509_CREATE_C 3739 * 3740 * This module is required for X.509 certificate creation. 3741 */ 3742 //#define MBEDTLS_X509_CRT_WRITE_C 3743 3744 /** 3745 * \def MBEDTLS_X509_CSR_WRITE_C 3746 * 3747 * Enable creating X.509 Certificate Signing Requests (CSR). 3748 * 3749 * Module: library/x509_csr_write.c 3750 * 3751 * Requires: MBEDTLS_X509_CREATE_C 3752 * 3753 * This module is required for X.509 certificate request writing. 3754 */ 3755 //#define MBEDTLS_X509_CSR_WRITE_C 3756 3757 /** \} name SECTION: Mbed TLS modules */ 3758 3759 /** 3760 * \name SECTION: General configuration options 3761 * 3762 * This section contains Mbed TLS build settings that are not associated 3763 * with a particular module. 3764 * 3765 * \{ 3766 */ 3767 3768 /** 3769 * \def MBEDTLS_CONFIG_FILE 3770 * 3771 * If defined, this is a header which will be included instead of 3772 * `"mbedtls/mbedtls_config.h"`. 3773 * This header file specifies the compile-time configuration of Mbed TLS. 3774 * Unlike other configuration options, this one must be defined on the 3775 * compiler command line: a definition in `mbedtls_config.h` would have 3776 * no effect. 3777 * 3778 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3779 * non-standard feature of the C language, so this feature is only available 3780 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3781 * 3782 * The value of this symbol is typically a path in double quotes, either 3783 * absolute or relative to a directory on the include search path. 3784 */ 3785 //#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" 3786 3787 /** 3788 * \def MBEDTLS_USER_CONFIG_FILE 3789 * 3790 * If defined, this is a header which will be included after 3791 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. 3792 * This allows you to modify the default configuration, including the ability 3793 * to undefine options that are enabled by default. 3794 * 3795 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3796 * non-standard feature of the C language, so this feature is only available 3797 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3798 * 3799 * The value of this symbol is typically a path in double quotes, either 3800 * absolute or relative to a directory on the include search path. 3801 */ 3802 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null" 3803 3804 /** 3805 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE 3806 * 3807 * If defined, this is a header which will be included instead of 3808 * `"psa/crypto_config.h"`. 3809 * This header file specifies which cryptographic mechanisms are available 3810 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and 3811 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. 3812 * 3813 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3814 * non-standard feature of the C language, so this feature is only available 3815 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3816 * 3817 * The value of this symbol is typically a path in double quotes, either 3818 * absolute or relative to a directory on the include search path. 3819 */ 3820 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" 3821 3822 /** 3823 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 3824 * 3825 * If defined, this is a header which will be included after 3826 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. 3827 * This allows you to modify the default configuration, including the ability 3828 * to undefine options that are enabled by default. 3829 * 3830 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3831 * non-standard feature of the C language, so this feature is only available 3832 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3833 * 3834 * The value of this symbol is typically a path in double quotes, either 3835 * absolute or relative to a directory on the include search path. 3836 */ 3837 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" 3838 3839 /** 3840 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE 3841 * 3842 * If defined, this is a header which will be included instead of 3843 * `"psa/crypto_platform.h"`. This file should declare the same identifiers 3844 * as the one in Mbed TLS, but with definitions adapted to the platform on 3845 * which the library code will run. 3846 * 3847 * \note The required content of this header can vary from one version of 3848 * Mbed TLS to the next. Integrators who provide an alternative file 3849 * should review the changes in the original file whenever they 3850 * upgrade Mbed TLS. 3851 * 3852 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3853 * non-standard feature of the C language, so this feature is only available 3854 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3855 * 3856 * The value of this symbol is typically a path in double quotes, either 3857 * absolute or relative to a directory on the include search path. 3858 */ 3859 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" 3860 3861 /** 3862 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE 3863 * 3864 * If defined, this is a header which will be included instead of 3865 * `"psa/crypto_struct.h"`. This file should declare the same identifiers 3866 * as the one in Mbed TLS, but with definitions adapted to the environment 3867 * in which the library code will run. The typical use for this feature 3868 * is to provide alternative type definitions on the client side in 3869 * client-server integrations of PSA crypto, where operation structures 3870 * contain handles instead of cryptographic data. 3871 * 3872 * \note The required content of this header can vary from one version of 3873 * Mbed TLS to the next. Integrators who provide an alternative file 3874 * should review the changes in the original file whenever they 3875 * upgrade Mbed TLS. 3876 * 3877 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3878 * non-standard feature of the C language, so this feature is only available 3879 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3880 * 3881 * The value of this symbol is typically a path in double quotes, either 3882 * absolute or relative to a directory on the include search path. 3883 */ 3884 //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" 3885 3886 /** \} name SECTION: General configuration options */ 3887 3888 /** 3889 * \name SECTION: Module configuration options 3890 * 3891 * This section allows for the setting of module specific sizes and 3892 * configuration options. The default values are already present in the 3893 * relevant header files and should suffice for the regular use cases. 3894 * 3895 * Our advice is to enable options and change their values here 3896 * only if you have a good reason and know the consequences. 3897 * \{ 3898 */ 3899 /* The Doxygen documentation here is used when a user comments out a 3900 * setting and runs doxygen themselves. On the other hand, when we typeset 3901 * the full documentation including disabled settings, the documentation 3902 * in specific modules' header files is used if present. When editing this 3903 * file, make sure that each option is documented in exactly one place, 3904 * plus optionally a same-line Doxygen comment here if there is a Doxygen 3905 * comment in the specific module. */ 3906 3907 /* MPI / BIGNUM options */ 3908 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ 3909 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ 3910 3911 /* CTR_DRBG options */ 3912 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ 3913 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3914 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3915 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3916 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3917 3918 /* HMAC_DRBG options */ 3919 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3920 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3921 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3922 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3923 3924 /* ECP options */ 3925 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */ 3926 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ 3927 3928 /* Entropy options */ 3929 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ 3930 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ 3931 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ 3932 3933 /* Memory buffer allocator options */ 3934 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ 3935 3936 /* Platform options */ 3937 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ 3938 #define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ 3939 #define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ 3940 //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ 3941 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ 3942 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3943 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ 3944 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ 3945 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3946 #define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ 3947 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ 3948 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ 3949 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3950 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3951 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ 3952 3953 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ 3954 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ 3955 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ 3956 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ 3957 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ 3958 //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ 3959 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3960 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3961 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ 3962 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ 3963 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3964 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ 3965 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ 3966 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3967 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3968 //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/ 3969 //#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */ 3970 3971 /** \def MBEDTLS_CHECK_RETURN 3972 * 3973 * This macro is used at the beginning of the declaration of a function 3974 * to indicate that its return value should be checked. It should 3975 * instruct the compiler to emit a warning or an error if the function 3976 * is called without checking its return value. 3977 * 3978 * There is a default implementation for popular compilers in platform_util.h. 3979 * You can override the default implementation by defining your own here. 3980 * 3981 * If the implementation here is empty, this will effectively disable the 3982 * checking of functions' return values. 3983 */ 3984 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) 3985 3986 /** \def MBEDTLS_IGNORE_RETURN 3987 * 3988 * This macro requires one argument, which should be a C function call. 3989 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this 3990 * warning is suppressed. 3991 */ 3992 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) 3993 3994 /* PSA options */ 3995 /** 3996 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the 3997 * PSA crypto subsystem. 3998 * 3999 * If this option is unset, the library chooses a hash (currently between 4000 * #MBEDTLS_MD_SHA512 and #MBEDTLS_MD_SHA256) based on availability and 4001 * unspecified heuristics. 4002 * 4003 * \note The PSA crypto subsystem uses the first available mechanism amongst 4004 * the following: 4005 * - #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if enabled; 4006 * - Entropy from #MBEDTLS_ENTROPY_C plus CTR_DRBG with AES 4007 * if #MBEDTLS_CTR_DRBG_C is enabled; 4008 * - Entropy from #MBEDTLS_ENTROPY_C plus HMAC_DRBG. 4009 * 4010 * A future version may reevaluate the prioritization of DRBG mechanisms. 4011 */ 4012 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 4013 4014 /** \def MBEDTLS_PSA_KEY_SLOT_COUNT 4015 * Restrict the PSA library to supporting a maximum amount of simultaneously 4016 * loaded keys. A loaded key is a key stored by the PSA Crypto core as a 4017 * volatile key, or a persistent key which is loaded temporarily by the 4018 * library as part of a crypto operation in flight. 4019 * 4020 * If this option is unset, the library will fall back to a default value of 4021 * 32 keys. 4022 */ 4023 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 4024 4025 /* RSA OPTIONS */ 4026 //#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ 4027 4028 /* SSL Cache options */ 4029 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ 4030 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ 4031 4032 /* SSL options */ 4033 4034 /** \def MBEDTLS_SSL_MAX_CONTENT_LEN 4035 * 4036 * Maximum length (in bytes) of incoming and outgoing plaintext fragments. 4037 * 4038 * This determines the size of both the incoming and outgoing TLS I/O buffers 4039 * in such a way that both are capable of holding the specified amount of 4040 * plaintext data, regardless of the protection mechanism used. 4041 * 4042 * To configure incoming and outgoing I/O buffers separately, use 4043 * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, 4044 * which overwrite the value set by this option. 4045 * 4046 * \note When using a value less than the default of 16KB on the client, it is 4047 * recommended to use the Maximum Fragment Length (MFL) extension to 4048 * inform the server about this limitation. On the server, there 4049 * is no supported, standardized way of informing the client about 4050 * restriction on the maximum size of incoming messages, and unless 4051 * the limitation has been communicated by other means, it is recommended 4052 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN 4053 * while keeping the default value of 16KB for the incoming buffer. 4054 * 4055 * Uncomment to set the maximum plaintext size of both 4056 * incoming and outgoing I/O buffers. 4057 */ 4058 #define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 4059 4060 /** \def MBEDTLS_SSL_IN_CONTENT_LEN 4061 * 4062 * Maximum length (in bytes) of incoming plaintext fragments. 4063 * 4064 * This determines the size of the incoming TLS I/O buffer in such a way 4065 * that it is capable of holding the specified amount of plaintext data, 4066 * regardless of the protection mechanism used. 4067 * 4068 * \note When using a value less than the default of 16KB on the client, it is 4069 * recommended to use the Maximum Fragment Length (MFL) extension to 4070 * inform the server about this limitation. On the server, there 4071 * is no supported, standardized way of informing the client about 4072 * restriction on the maximum size of incoming messages, and unless 4073 * the limitation has been communicated by other means, it is recommended 4074 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN 4075 * while keeping the default value of 16KB for the incoming buffer. 4076 * 4077 * Uncomment to set the maximum plaintext size of the incoming I/O buffer. 4078 */ 4079 #define MBEDTLS_SSL_IN_CONTENT_LEN 16384 4080 4081 /** \def MBEDTLS_SSL_CID_IN_LEN_MAX 4082 * 4083 * The maximum length of CIDs used for incoming DTLS messages. 4084 * 4085 */ 4086 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 4087 4088 /** \def MBEDTLS_SSL_CID_OUT_LEN_MAX 4089 * 4090 * The maximum length of CIDs used for outgoing DTLS messages. 4091 * 4092 */ 4093 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 4094 4095 /** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 4096 * 4097 * This option controls the use of record plaintext padding 4098 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. 4099 * 4100 * The padding will always be chosen so that the length of the 4101 * padded plaintext is a multiple of the value of this option. 4102 * 4103 * Note: A value of \c 1 means that no padding will be used 4104 * for outgoing records. 4105 * 4106 * Note: On systems lacking division instructions, 4107 * a power of two should be preferred. 4108 */ 4109 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 4110 4111 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN 4112 * 4113 * Maximum length (in bytes) of outgoing plaintext fragments. 4114 * 4115 * This determines the size of the outgoing TLS I/O buffer in such a way 4116 * that it is capable of holding the specified amount of plaintext data, 4117 * regardless of the protection mechanism used. 4118 * 4119 * It is possible to save RAM by setting a smaller outward buffer, while keeping 4120 * the default inward 16384 byte buffer to conform to the TLS specification. 4121 * 4122 * The minimum required outward buffer size is determined by the handshake 4123 * protocol's usage. Handshaking will fail if the outward buffer is too small. 4124 * The specific size requirement depends on the configured ciphers and any 4125 * certificate data which is sent during the handshake. 4126 * 4127 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. 4128 */ 4129 #define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 4130 4131 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING 4132 * 4133 * Maximum number of heap-allocated bytes for the purpose of 4134 * DTLS handshake message reassembly and future message buffering. 4135 * 4136 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN 4137 * to account for a reassembled handshake message of maximum size, 4138 * together with its reassembly bitmap. 4139 * 4140 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) 4141 * should be sufficient for all practical situations as it allows 4142 * to reassembly a large handshake message (such as a certificate) 4143 * while buffering multiple smaller handshake messages. 4144 * 4145 */ 4146 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 4147 4148 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */ 4149 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ 4150 4151 /** 4152 * Complete list of ciphersuites to use, in order of preference. 4153 * 4154 * \warning No dependency checking is done on that field! This option can only 4155 * be used to restrict the set of available ciphersuites. It is your 4156 * responsibility to make sure the needed modules are active. 4157 * 4158 * Use this to save a few hundred bytes of ROM (default ordering of all 4159 * available ciphersuites) and a few to a few hundred bytes of RAM. 4160 * 4161 * The value below is only an example, not the default. 4162 */ 4163 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 4164 4165 /** 4166 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 4167 * 4168 * The default maximum amount of 0-RTT data. See the documentation of 4169 * \c mbedtls_ssl_conf_max_early_data_size() for more information. 4170 * 4171 * It must be positive and smaller than UINT32_MAX. 4172 * 4173 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not 4174 * have any impact on the build. 4175 */ 4176 //#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 4177 4178 /** 4179 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 4180 * 4181 * Maximum allowed ticket age difference in milliseconds tolerated between 4182 * server and client. Default value is 6000. This is not used in TLS 1.2. 4183 * 4184 * - The client ticket age is the time difference between the time when the 4185 * client proposes to the server to use the ticket and the time the client 4186 * received the ticket from the server. 4187 * - The server ticket age is the time difference between the time when the 4188 * server receives a proposition from the client to use the ticket and the 4189 * time when the ticket was created by the server. 4190 * 4191 * The ages might be different due to the client and server clocks not running 4192 * at the same pace. The typical accuracy of an RTC crystal is ±100 to ±20 parts 4193 * per million (360 to 72 milliseconds per hour). Default tolerance window is 4194 * 6s, thus in the worst case clients and servers must sync up their system time 4195 * every 6000/360/2~=8 hours. 4196 * 4197 * See section 8.3 of the TLS 1.3 specification(RFC 8446) for more information. 4198 */ 4199 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 4200 4201 /** 4202 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 4203 * 4204 * Size in bytes of a ticket nonce. This is not used in TLS 1.2. 4205 * 4206 * This must be less than 256. 4207 */ 4208 //#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 4209 4210 /** 4211 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 4212 * 4213 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server 4214 * after handshake completion. This is not used in TLS 1.2 and relevant only if 4215 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. 4216 * 4217 */ 4218 //#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 4219 4220 /* X509 options */ 4221 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ 4222 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ 4223 4224 /** \} name SECTION: Module configuration options */ 4225 4226 4227