1 // Copyright 2021 The Pigweed Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); you may not 4 // use this file except in compliance with the License. You may obtain a copy of 5 // the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 11 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 12 // License for the specific language governing permissions and limitations under 13 // the License. 14 15 // Some common configs for using mbedtls in Pigweed. These include disabling of 16 // file system, socket and linux/windows specific features. See 17 // include/mbedtls/config.h for a detail explanation of these configurations. 18 19 #pragma once 20 21 // No file system support. 22 #undef MBEDTLS_FS_IO 23 // No posix socket support 24 #undef MBEDTLS_NET_C 25 // This feature requires file system support. 26 #undef MBEDTLS_PSA_ITS_FILE_C 27 // The following two require MBEDTLS_PSA_ITS_FILE_C 28 #undef MBEDTLS_PSA_CRYPTO_C 29 #undef MBEDTLS_PSA_CRYPTO_STORAGE_C 30 // This feature only works on Unix/Windows 31 #undef MBEDTLS_TIMING_C 32 // Use a custom entropy generator 33 #define MBEDTLS_NO_PLATFORM_ENTROPY 34 // Error string support for debugging 35 #define MBEDTLS_ERROR_C 36 // This feature requires MBEDTLS_PSA_CRYPTO_C. 37 #undef MBEDTLS_LMS_C 38 39 // This feature is required to support AES-CMAC. 40 #define MBEDTLS_CMAC_C 41 42 // Disable a number of TLS related features as we are not maintaining the TLS 43 // support. 44 #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 45 #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 46 #undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 47 #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 48 #undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 49 #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 50 #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 51 #undef MBEDTLS_HAVE_TIME 52 #undef MBEDTLS_HAVE_TIME_DATE 53 #undef MBEDTLS_ECJPAKE_C 54 #undef MBEDTLS_ENTROPY_C 55 #undef MBEDTLS_GCM_C 56 #undef MBEDTLS_MD_C 57 #undef MBEDTLS_SSL_PROTO_TLS1_3 58 #undef MBEDTLS_SSL_TLS_C 59 #undef MBEDTLS_SSL_TICKET_C 60 #undef MBEDTLS_SSL_CONTEXT_SERIALIZATION 61 #undef MBEDTLS_CCM_C 62 #undef MBEDTLS_HKDF_C 63 #undef MBEDTLS_HMAC_DRBG_C 64 #undef MBEDTLS_SSL_CLI_C 65 #undef MBEDTLS_SSL_SRV_C 66 #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY 67 #undef MBEDTLS_SSL_DTLS_CONNECTION_ID 68 #undef MBEDTLS_X509_USE_C 69 #undef MBEDTLS_X509_CREATE_C 70 #undef MBEDTLS_ECDSA_DETERMINISTIC 71 #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 72 #undef MBEDTLS_X509_CRT_PARSE_C 73 #undef MBEDTLS_X509_CRL_PARSE_C 74 #undef MBEDTLS_X509_CSR_PARSE_C 75 #undef MBEDTLS_X509_CRT_WRITE_C 76 #undef MBEDTLS_X509_CSR_WRITE_C 77 #undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 78 #undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 79 #undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 80 #undef MBEDTLS_SSL_SERVER_NAME_INDICATION 81 #undef MBEDTLS_PKCS7_C 82 83 #if defined(_PW_MBEDTLS_IS_HOST) && !_PW_MBEDTLS_IS_HOST 84 #define MBEDTLS_PLATFORM_MEMORY 85 #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 86 87 #include <stdio.h> 88 #define MBEDTLS_PLATFORM_SNPRINTF_ALT 89 #define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf 90 #define MBEDTLS_PLATFORM_VSNPRINTF_ALT 91 #define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf 92 93 #define MBEDTLS_PLATFORM_FPRINTF_MACRO(stream, format, ...) (0) 94 #define MBEDTLS_PLATFORM_PRINTF_MACRO(format, ...) (0) 95 #define MBEDTLS_PLATFORM_EXIT_MACRO(exit_code) 96 97 #elif defined(_PW_MBEDTLS_IS_HOST) && _PW_MBEDTLS_IS_HOST 98 // Needed for Picotool. 99 #define MBEDTLS_FS_IO 100 #endif // defined(_PW_MBEDTLS_IS_HOST) && !_PW_MBEDTLS_IS_HOST 101 102 #include "mbedtls/check_config.h" 103