1 /*
2  * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 #ifndef MBEDTLS_CONFIG_H
7 #define MBEDTLS_CONFIG_H
8 
9 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
10 #define _CRT_SECURE_NO_DEPRECATE 1
11 #endif
12 
13 /**
14  * \name SECTION: System support
15  *
16  * This section sets system specific settings.
17  * \{
18  */
19 
20 /**
21  * \def MBEDTLS_HAVE_ASM
22  *
23  * The compiler has support for asm().
24  *
25  * Requires support for asm() in compiler.
26  *
27  * Used in:
28  *      library/aria.c
29  *      library/timing.c
30  *      include/mbedtls/bn_mul.h
31  *
32  * Required by:
33  *      MBEDTLS_AESNI_C
34  *      MBEDTLS_PADLOCK_C
35  *
36  * Comment to disable the use of assembly code.
37  */
38 #define MBEDTLS_HAVE_ASM
39 
40 /**
41  * \def MBEDTLS_NO_UDBL_DIVISION
42  *
43  * The platform lacks support for double-width integer division (64-bit
44  * division on a 32-bit platform, 128-bit division on a 64-bit platform).
45  *
46  * Used in:
47  *      include/mbedtls/bignum.h
48  *      library/bignum.c
49  *
50  * The bignum code uses double-width division to speed up some operations.
51  * Double-width division is often implemented in software that needs to
52  * be linked with the program. The presence of a double-width integer
53  * type is usually detected automatically through preprocessor macros,
54  * but the automatic detection cannot know whether the code needs to
55  * and can be linked with an implementation of division for that type.
56  * By default division is assumed to be usable if the type is present.
57  * Uncomment this option to prevent the use of double-width division.
58  *
59  * Note that division for the native integer type is always required.
60  * Furthermore, a 64-bit type is always required even on a 32-bit
61  * platform, but it need not support multiplication or division. In some
62  * cases it is also desirable to disable some double-width operations. For
63  * example, if double-width division is implemented in software, disabling
64  * it can reduce code size in some embedded targets.
65  */
66 //#define MBEDTLS_NO_UDBL_DIVISION
67 
68 /**
69  * \def MBEDTLS_NO_64BIT_MULTIPLICATION
70  *
71  * The platform lacks support for 32x32 -> 64-bit multiplication.
72  *
73  * Used in:
74  *      library/poly1305.c
75  *
76  * Some parts of the library may use multiplication of two unsigned 32-bit
77  * operands with a 64-bit result in order to speed up computations. On some
78  * platforms, this is not available in hardware and has to be implemented in
79  * software, usually in a library provided by the toolchain.
80  *
81  * Sometimes it is not desirable to have to link to that library. This option
82  * removes the dependency of that library on platforms that lack a hardware
83  * 64-bit multiplier by embedding a software implementation in Mbed TLS.
84  *
85  * Note that depending on the compiler, this may decrease performance compared
86  * to using the library function provided by the toolchain.
87  */
88 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
89 
90 /**
91  * \def MBEDTLS_HAVE_SSE2
92  *
93  * CPU supports SSE2 instruction set.
94  *
95  * Uncomment if the CPU supports SSE2 (IA-32 specific).
96  */
97 //#define MBEDTLS_HAVE_SSE2
98 
99 /**
100  * \def MBEDTLS_HAVE_TIME
101  *
102  * System has time.h and time().
103  * The time does not need to be correct, only time differences are used,
104  * by contrast with MBEDTLS_HAVE_TIME_DATE
105  *
106  * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
107  * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
108  * MBEDTLS_PLATFORM_STD_TIME.
109  *
110  * Comment if your system does not support time functions
111  */
112 #define MBEDTLS_HAVE_TIME
113 
114 /**
115  * \def MBEDTLS_HAVE_TIME_DATE
116  *
117  * System has time.h, time(), and an implementation for
118  * mbedtls_platform_gmtime_r() (see below).
119  * The time needs to be correct (not necesarily very accurate, but at least
120  * the date should be correct). This is used to verify the validity period of
121  * X.509 certificates.
122  *
123  * Comment if your system does not have a correct clock.
124  *
125  * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
126  * behaves similarly to the gmtime_r() function from the C standard. Refer to
127  * the documentation for mbedtls_platform_gmtime_r() for more information.
128  *
129  * \note It is possible to configure an implementation for
130  * mbedtls_platform_gmtime_r() at compile-time by using the macro
131  * MBEDTLS_PLATFORM_GMTIME_R_ALT.
132  */
133 #define MBEDTLS_HAVE_TIME_DATE
134 
135 /**
136  * \def MBEDTLS_PLATFORM_MEMORY
137  *
138  * Enable the memory allocation layer.
139  *
140  * By default mbed TLS uses the system-provided calloc() and free().
141  * This allows different allocators (self-implemented or provided) to be
142  * provided to the platform abstraction layer.
143  *
144  * Enabling MBEDTLS_PLATFORM_MEMORY without the
145  * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
146  * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
147  * free() function pointer at runtime.
148  *
149  * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
150  * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
151  * alternate function at compile time.
152  *
153  * Requires: MBEDTLS_PLATFORM_C
154  *
155  * Enable this layer to allow use of alternative memory allocators.
156  */
157 #define MBEDTLS_PLATFORM_MEMORY
158 
159 /**
160  * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
161  *
162  * Do not assign standard functions in the platform layer (e.g. calloc() to
163  * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
164  *
165  * This makes sure there are no linking errors on platforms that do not support
166  * these functions. You will HAVE to provide alternatives, either at runtime
167  * via the platform_set_xxx() functions or at compile time by setting
168  * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
169  * MBEDTLS_PLATFORM_XXX_MACRO.
170  *
171  * Requires: MBEDTLS_PLATFORM_C
172  *
173  * Uncomment to prevent default assignment of standard functions in the
174  * platform layer.
175  */
176 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
177 
178 /**
179  * \def MBEDTLS_PLATFORM_EXIT_ALT
180  *
181  * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
182  * function in the platform abstraction layer.
183  *
184  * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
185  * provide a function "mbedtls_platform_set_printf()" that allows you to set an
186  * alternative printf function pointer.
187  *
188  * All these define require MBEDTLS_PLATFORM_C to be defined!
189  *
190  * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
191  * it will be enabled automatically by check_config.h
192  *
193  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
194  * MBEDTLS_PLATFORM_XXX_MACRO!
195  *
196  * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
197  *
198  * Uncomment a macro to enable alternate implementation of specific base
199  * platform function
200  */
201 //#define MBEDTLS_PLATFORM_EXIT_ALT
202 //#define MBEDTLS_PLATFORM_TIME_ALT
203 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
204 //#define MBEDTLS_PLATFORM_PRINTF_ALT
205 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
206 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
207 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
208 
209 /**
210  * \def MBEDTLS_DEPRECATED_WARNING
211  *
212  * Mark deprecated functions so that they generate a warning if used.
213  * Functions deprecated in one version will usually be removed in the next
214  * version. You can enable this to help you prepare the transition to a new
215  * major version by making sure your code is not using these functions.
216  *
217  * This only works with GCC and Clang. With other compilers, you may want to
218  * use MBEDTLS_DEPRECATED_REMOVED
219  *
220  * Uncomment to get warnings on using deprecated functions.
221  */
222 //#define MBEDTLS_DEPRECATED_WARNING
223 
224 /**
225  * \def MBEDTLS_DEPRECATED_REMOVED
226  *
227  * Remove deprecated functions so that they generate an error if used.
228  * Functions deprecated in one version will usually be removed in the next
229  * version. You can enable this to help you prepare the transition to a new
230  * major version by making sure your code is not using these functions.
231  *
232  * Uncomment to get errors on using deprecated functions.
233  */
234 //#define MBEDTLS_DEPRECATED_REMOVED
235 
236 /**
237  * \def MBEDTLS_CHECK_PARAMS
238  *
239  * This configuration option controls whether the library validates more of
240  * the parameters passed to it.
241  *
242  * When this flag is not defined, the library only attempts to validate an
243  * input parameter if: (1) they may come from the outside world (such as the
244  * network, the filesystem, etc.) or (2) not validating them could result in
245  * internal memory errors such as overflowing a buffer controlled by the
246  * library. On the other hand, it doesn't attempt to validate parameters whose
247  * values are fully controlled by the application (such as pointers).
248  *
249  * When this flag is defined, the library additionally attempts to validate
250  * parameters that are fully controlled by the application, and should always
251  * be valid if the application code is fully correct and trusted.
252  *
253  * For example, when a function accepts as input a pointer to a buffer that may
254  * contain untrusted data, and its documentation mentions that this pointer
255  * must not be NULL:
256  * - the pointer is checked to be non-NULL only if this option is enabled
257  * - the content of the buffer is always validated
258  *
259  * When this flag is defined, if a library function receives a parameter that
260  * is invalid, it will:
261  * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a
262  *   call to the function mbedtls_param_failed()
263  * - immediately return (with a specific error code unless the function
264  *   returns void and can't communicate an error).
265  *
266  * When defining this flag, you also need to:
267  * - either provide a definition of the function mbedtls_param_failed() in
268  *   your application (see platform_util.h for its prototype) as the library
269  *   calls that function, but does not provide a default definition for it,
270  * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED()
271  *   below if the above mechanism is not flexible enough to suit your needs.
272  *   See the documentation of this macro later in this file.
273  *
274  * Uncomment to enable validation of application-controlled parameters.
275  */
276 //#define MBEDTLS_CHECK_PARAMS
277 
278 /* \} name SECTION: System support */
279 
280 /**
281  * \name SECTION: mbed TLS feature support
282  *
283  * This section sets support for features that are or are not needed
284  * within the modules that are enabled.
285  * \{
286  */
287 
288 /**
289  * \def MBEDTLS_TIMING_ALT
290  *
291  * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
292  * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
293  *
294  * Only works if you have MBEDTLS_TIMING_C enabled.
295  *
296  * You will need to provide a header "timing_alt.h" and an implementation at
297  * compile time.
298  */
299 //#define MBEDTLS_TIMING_ALT
300 
301 /**
302  * \def MBEDTLS_AES_ALT
303  *
304  * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
305  * alternate core implementation of a symmetric crypto, an arithmetic or hash
306  * module (e.g. platform specific assembly optimized implementations). Keep
307  * in mind that the function prototypes should remain the same.
308  *
309  * This replaces the whole module. If you only want to replace one of the
310  * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
311  *
312  * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
313  * provide the "struct mbedtls_aes_context" definition and omit the base function
314  * declarations and implementations. "aes_alt.h" will be included from
315  * "aes.h" to include the new function definitions.
316  *
317  * Uncomment a macro to enable alternate implementation of the corresponding
318  * module.
319  *
320  * \warning   MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
321  *            use constitutes a security risk. If possible, we recommend
322  *            avoiding dependencies on them, and considering stronger message
323  *            digests and ciphers instead.
324  *
325  */
326 #define MBEDTLS_AES_ALT
327 //#define MBEDTLS_ARC4_ALT
328 //#define MBEDTLS_ARIA_ALT
329 //#define MBEDTLS_BLOWFISH_ALT
330 //#define MBEDTLS_CAMELLIA_ALT
331 #define MBEDTLS_CCM_ALT
332 #define MBEDTLS_GCM_ALT
333 #define MBEDTLS_CHACHA20_ALT
334 #define MBEDTLS_CHACHAPOLY_ALT
335 #define MBEDTLS_CMAC_ALT
336 //#define MBEDTLS_DES_ALT
337 //#define MBEDTLS_ECJPAKE_ALT
338 //#define MBEDTLS_XTEA_ALT
339 //#define MBEDTLS_NIST_KW_ALT
340 //#define MBEDTLS_MD2_ALT
341 //#define MBEDTLS_MD4_ALT
342 //#define MBEDTLS_MD5_ALT
343 #define MBEDTLS_POLY1305_ALT
344 //#define MBEDTLS_RIPEMD160_ALT
345 //#define MBEDTLS_RIPEMD160_ALT
346 #define MBEDTLS_SHA1_ALT
347 #define MBEDTLS_SHA256_ALT
348 //#define MBEDTLS_SHA512_ALT
349 #define MBEDTLS_RSA_ALT
350 #define MBEDTLS_DHM_ALT
351 //#define MBEDTLS_XTEA_ALT
352 
353 /*
354  * When replacing the elliptic curve module, pleace consider, that it is
355  * implemented with two .c files:
356  *      - ecp.c
357  *      - ecp_curves.c
358  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
359  * macros as described above. The only difference is that you have to make sure
360  * that you provide functionality for both .c files.
361  */
362 //#define MBEDTLS_ECP_ALT
363 
364 
365 /**
366  * \def MBEDTLS_MD2_PROCESS_ALT
367  *
368  * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
369  * alternate core implementation of symmetric crypto or hash function. Keep in
370  * mind that function prototypes should remain the same.
371  *
372  * This replaces only one function. The header file from mbed TLS is still
373  * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
374  *
375  * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
376  * no longer provide the mbedtls_sha1_process() function, but it will still provide
377  * the other function (using your mbedtls_sha1_process() function) and the definition
378  * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
379  * with this definition.
380  *
381  * \note Because of a signature change, the core AES encryption and decryption routines are
382  *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
383  *       respectively. When setting up alternative implementations, these functions should
384  *       be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
385  *       must stay untouched.
386  *
387  * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
388  *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
389  *       tables.
390  *
391  * Uncomment a macro to enable alternate implementation of the corresponding
392  * function.
393  *
394  * \warning   MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
395  *            constitutes a security risk. If possible, we recommend avoiding
396  *            dependencies on them, and considering stronger message digests
397  *            and ciphers instead.
398  *
399  */
400 //#define MBEDTLS_MD2_PROCESS_ALT
401 //#define MBEDTLS_MD4_PROCESS_ALT
402 //#define MBEDTLS_MD5_PROCESS_ALT
403 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
404 //#define MBEDTLS_SHA1_PROCESS_ALT
405 //#define MBEDTLS_SHA256_PROCESS_ALT
406 //#define MBEDTLS_SHA512_PROCESS_ALT
407 //#define MBEDTLS_DES_SETKEY_ALT
408 //#define MBEDTLS_DES_CRYPT_ECB_ALT
409 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
410 //#define MBEDTLS_AES_SETKEY_ENC_ALT
411 //#define MBEDTLS_AES_SETKEY_DEC_ALT
412 //#define MBEDTLS_AES_ENCRYPT_ALT
413 //#define MBEDTLS_AES_DECRYPT_ALT
414 #define MBEDTLS_ECDH_GEN_PUBLIC_ALT
415 #define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
416 #define MBEDTLS_ECDSA_VERIFY_ALT
417 #define MBEDTLS_ECDSA_SIGN_ALT
418 #define MBEDTLS_ECDSA_GENKEY_ALT
419 /**
420  * \def MBEDTLS_ECP_INTERNAL_ALT
421  *
422  * Expose a part of the internal interface of the Elliptic Curve Point module.
423  *
424  * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
425  * alternative core implementation of elliptic curve arithmetic. Keep in mind
426  * that function prototypes should remain the same.
427  *
428  * This partially replaces one function. The header file from mbed TLS is still
429  * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
430  * is still present and it is used for group structures not supported by the
431  * alternative.
432  *
433  * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
434  * and implementing the following functions:
435  *      unsigned char mbedtls_internal_ecp_grp_capable(
436  *          const mbedtls_ecp_group *grp )
437  *      int  mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
438  *      void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
439  * The mbedtls_internal_ecp_grp_capable function should return 1 if the
440  * replacement functions implement arithmetic for the given group and 0
441  * otherwise.
442  * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
443  * called before and after each point operation and provide an opportunity to
444  * implement optimized set up and tear down instructions.
445  *
446  * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
447  * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
448  * function, but will use your mbedtls_internal_ecp_double_jac if the group is
449  * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
450  * receives it as an argument). If the group is not supported then the original
451  * implementation is used. The other functions and the definition of
452  * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
453  * implementation of mbedtls_internal_ecp_double_jac and
454  * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
455  *
456  * Uncomment a macro to enable alternate implementation of the corresponding
457  * function.
458  */
459 /* Required for all the functions in this section */
460 //#define MBEDTLS_ECP_INTERNAL_ALT
461 /* Support for Weierstrass curves with Jacobi representation */
462 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
463 //#define MBEDTLS_ECP_ADD_MIXED_ALT
464 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
465 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
466 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
467 /* Support for curves with Montgomery arithmetic */
468 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
469 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
470 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
471 
472 /**
473  * \def MBEDTLS_TEST_NULL_ENTROPY
474  *
475  * Enables testing and use of mbed TLS without any configured entropy sources.
476  * This permits use of the library on platforms before an entropy source has
477  * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
478  * MBEDTLS_ENTROPY_NV_SEED switches).
479  *
480  * WARNING! This switch MUST be disabled in production builds, and is suitable
481  * only for development.
482  * Enabling the switch negates any security provided by the library.
483  *
484  * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
485  *
486  */
487 //#define MBEDTLS_TEST_NULL_ENTROPY
488 
489 /**
490  * \def MBEDTLS_ENTROPY_HARDWARE_ALT
491  *
492  * Uncomment this macro to let mbed TLS use your own implementation of a
493  * hardware entropy collector.
494  *
495  * Your function must be called \c mbedtls_hardware_poll(), have the same
496  * prototype as declared in entropy_poll.h, and accept NULL as first argument.
497  *
498  * Uncomment to use your own hardware entropy collector.
499  */
500 #define MBEDTLS_ENTROPY_HARDWARE_ALT
501 
502 /**
503  * \def MBEDTLS_AES_ROM_TABLES
504  *
505  * Use precomputed AES tables stored in ROM.
506  *
507  * Uncomment this macro to use precomputed AES tables stored in ROM.
508  * Comment this macro to generate AES tables in RAM at runtime.
509  *
510  * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
511  * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
512  * initialization time before the first AES operation can be performed.
513  * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
514  * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
515  * performance if ROM access is slower than RAM access.
516  *
517  * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
518  *
519  */
520 //#define MBEDTLS_AES_ROM_TABLES
521 
522 /**
523  * \def MBEDTLS_AES_FEWER_TABLES
524  *
525  * Use less ROM/RAM for AES tables.
526  *
527  * Uncommenting this macro omits 75% of the AES tables from
528  * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
529  * by computing their values on the fly during operations
530  * (the tables are entry-wise rotations of one another).
531  *
532  * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
533  * by ~6kb but at the cost of more arithmetic operations during
534  * runtime. Specifically, one has to compare 4 accesses within
535  * different tables to 4 accesses with additional arithmetic
536  * operations within the same table. The performance gain/loss
537  * depends on the system and memory details.
538  *
539  * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
540  *
541  */
542 //#define MBEDTLS_AES_FEWER_TABLES
543 
544 /**
545  * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
546  *
547  * Use less ROM for the Camellia implementation (saves about 768 bytes).
548  *
549  * Uncomment this macro to use less memory for Camellia.
550  */
551 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
552 
553 /**
554  * \def MBEDTLS_CIPHER_MODE_CBC
555  *
556  * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
557  */
558 #define MBEDTLS_CIPHER_MODE_CBC
559 
560 /**
561  * \def MBEDTLS_CIPHER_MODE_CFB
562  *
563  * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
564  */
565 #define MBEDTLS_CIPHER_MODE_CFB
566 
567 /**
568  * \def MBEDTLS_CIPHER_MODE_CTR
569  *
570  * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
571  */
572 #define MBEDTLS_CIPHER_MODE_CTR
573 
574 /**
575  * \def MBEDTLS_CIPHER_MODE_OFB
576  *
577  * Enable Output Feedback mode (OFB) for symmetric ciphers.
578  */
579 #define MBEDTLS_CIPHER_MODE_OFB
580 
581 /**
582  * \def MBEDTLS_CIPHER_MODE_XTS
583  *
584  * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
585  */
586 //#define MBEDTLS_CIPHER_MODE_XTS
587 
588 /**
589  * \def MBEDTLS_CIPHER_NULL_CIPHER
590  *
591  * Enable NULL cipher.
592  * Warning: Only do so when you know what you are doing. This allows for
593  * encryption or channels without any security!
594  *
595  * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
596  * the following ciphersuites:
597  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
598  *      MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
599  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
600  *      MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
601  *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
602  *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
603  *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
604  *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
605  *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
606  *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
607  *      MBEDTLS_TLS_RSA_WITH_NULL_SHA256
608  *      MBEDTLS_TLS_RSA_WITH_NULL_SHA
609  *      MBEDTLS_TLS_RSA_WITH_NULL_MD5
610  *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
611  *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
612  *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
613  *      MBEDTLS_TLS_PSK_WITH_NULL_SHA384
614  *      MBEDTLS_TLS_PSK_WITH_NULL_SHA256
615  *      MBEDTLS_TLS_PSK_WITH_NULL_SHA
616  *
617  * Uncomment this macro to enable the NULL cipher and ciphersuites
618  */
619 //#define MBEDTLS_CIPHER_NULL_CIPHER
620 
621 /**
622  * \def MBEDTLS_CIPHER_PADDING_PKCS7
623  *
624  * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
625  * specific padding modes in the cipher layer with cipher modes that support
626  * padding (e.g. CBC)
627  *
628  * If you disable all padding modes, only full blocks can be used with CBC.
629  *
630  * Enable padding modes in the cipher layer.
631  */
632 #define MBEDTLS_CIPHER_PADDING_PKCS7
633 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
634 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
635 #define MBEDTLS_CIPHER_PADDING_ZEROS
636 
637 /**
638  * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
639  *
640  * Enable weak ciphersuites in SSL / TLS.
641  * Warning: Only do so when you know what you are doing. This allows for
642  * channels with virtually no security at all!
643  *
644  * This enables the following ciphersuites:
645  *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
646  *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
647  *
648  * Uncomment this macro to enable weak ciphersuites
649  *
650  * \warning   DES is considered a weak cipher and its use constitutes a
651  *            security risk. We recommend considering stronger ciphers instead.
652  */
653 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
654 
655 /**
656  * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
657  *
658  * Remove RC4 ciphersuites by default in SSL / TLS.
659  * This flag removes the ciphersuites based on RC4 from the default list as
660  * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
661  * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
662  * explicitly.
663  *
664  * Uncomment this macro to remove RC4 ciphersuites by default.
665  */
666 //#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
667 
668 /**
669  * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
670  *
671  * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
672  * module.  By default all supported curves are enabled.
673  *
674  * Comment macros to disable the curve and functions for it
675  */
676 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
677 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
678 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
679 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
680 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
681 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
682 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
683 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
684 /* CryptoCell only supports BP256R1 at this stage */
685 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
686 //#define MBEDTLS_ECP_DP_BP384R1_ENABLED
687 //#define MBEDTLS_ECP_DP_BP512R1_ENABLED
688 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
689 //#define MBEDTLS_ECP_DP_CURVE448_ENABLED
690 
691 /**
692  * \def MBEDTLS_ECP_NIST_OPTIM
693  *
694  * Enable specific 'modulo p' routines for each NIST prime.
695  * Depending on the prime and architecture, makes operations 4 to 8 times
696  * faster on the corresponding curve.
697  *
698  * Comment this macro to disable NIST curves optimisation.
699  */
700 #define MBEDTLS_ECP_NIST_OPTIM
701 
702 /**
703  * \def MBEDTLS_ECP_RESTARTABLE
704  *
705  * Enable "non-blocking" ECC operations that can return early and be resumed.
706  *
707  * This allows various functions to pause by returning
708  * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
709  * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
710  * order to further progress and eventually complete their operation. This is
711  * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
712  * number of ECC operations a function may perform before pausing; see
713  * mbedtls_ecp_set_max_ops() for more information.
714  *
715  * This is useful in non-threaded environments if you want to avoid blocking
716  * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
717  *
718  * Uncomment this macro to enable restartable ECC computations.
719  *
720  * \note  This option only works with the default software implementation of
721  *        elliptic curve functionality. It is incompatible with
722  *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
723  */
724 //#define MBEDTLS_ECP_RESTARTABLE
725 
726 /**
727  * \def MBEDTLS_ECDSA_DETERMINISTIC
728  *
729  * Enable deterministic ECDSA (RFC 6979).
730  * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
731  * may result in a compromise of the long-term signing key. This is avoided by
732  * the deterministic variant.
733  *
734  * Requires: MBEDTLS_HMAC_DRBG_C
735  *
736  * Comment this macro to disable deterministic ECDSA.
737  */
738 #define MBEDTLS_ECDSA_DETERMINISTIC
739 
740 
741 /**
742  * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
743  *
744  * Enable the PSK based ciphersuite modes in SSL / TLS.
745  *
746  * This enables the following ciphersuites (if other requisites are
747  * enabled as well):
748  *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
749  *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
750  *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
751  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
752  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
753  *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
754  *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
755  *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
756  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
757  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
758  *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
759  *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
760  */
761 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
762 
763 /**
764  * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
765  *
766  * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
767  *
768  * Requires: MBEDTLS_DHM_C
769  *
770  * This enables the following ciphersuites (if other requisites are
771  * enabled as well):
772  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
773  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
774  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
775  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
776  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
777  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
778  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
779  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
780  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
781  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
782  *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
783  *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
784  *
785  * \warning    Using DHE constitutes a security risk as it
786  *             is not possible to validate custom DH parameters.
787  *             If possible, it is recommended users should consider
788  *             preferring other methods of key exchange.
789  *             See dhm.h for more details.
790  *
791  */
792 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
793 
794 /**
795  * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
796  *
797  * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
798  *
799  * Requires: MBEDTLS_ECDH_C
800  *
801  * This enables the following ciphersuites (if other requisites are
802  * enabled as well):
803  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
804  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
805  *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
806  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
807  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
808  *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
809  *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
810  *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
811  */
812 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
813 
814 /**
815  * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
816  *
817  * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
818  *
819  * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
820  *           MBEDTLS_X509_CRT_PARSE_C
821  *
822  * This enables the following ciphersuites (if other requisites are
823  * enabled as well):
824  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
825  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
826  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
827  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
828  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
829  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
830  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
831  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
832  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
833  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
834  *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
835  *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
836  */
837 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
838 
839 /**
840  * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
841  *
842  * Enable the RSA-only based ciphersuite modes in SSL / TLS.
843  *
844  * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
845  *           MBEDTLS_X509_CRT_PARSE_C
846  *
847  * This enables the following ciphersuites (if other requisites are
848  * enabled as well):
849  *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
850  *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
851  *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
852  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
853  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
854  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
855  *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
856  *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
857  *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
858  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
859  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
860  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
861  *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
862  *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
863  *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
864  */
865 //#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
866 
867 /**
868  * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
869  *
870  * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
871  *
872  * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
873  *           MBEDTLS_X509_CRT_PARSE_C
874  *
875  * This enables the following ciphersuites (if other requisites are
876  * enabled as well):
877  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
878  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
879  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
880  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
881  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
882  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
883  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
884  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
885  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
886  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
887  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
888  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
889  *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
890  *
891  * \warning    Using DHE constitutes a security risk as it
892  *             is not possible to validate custom DH parameters.
893  *             If possible, it is recommended users should consider
894  *             preferring other methods of key exchange.
895  *             See dhm.h for more details.
896  *
897  */
898 //#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
899 
900 /**
901  * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
902  *
903  * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
904  *
905  * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
906  *           MBEDTLS_X509_CRT_PARSE_C
907  *
908  * This enables the following ciphersuites (if other requisites are
909  * enabled as well):
910  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
911  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
912  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
913  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
914  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
915  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
916  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
917  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
918  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
919  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
920  *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
921  *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
922  */
923 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
924 
925 /**
926  * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
927  *
928  * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
929  *
930  * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
931  *
932  * This enables the following ciphersuites (if other requisites are
933  * enabled as well):
934  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
935  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
936  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
937  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
938  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
939  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
940  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
941  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
942  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
943  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
944  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
945  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
946  */
947 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
948 
949 /**
950  * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
951  *
952  * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
953  *
954  * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
955  *
956  * This enables the following ciphersuites (if other requisites are
957  * enabled as well):
958  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
959  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
960  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
961  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
962  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
963  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
964  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
965  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
966  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
967  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
968  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
969  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
970  */
971 //#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
972 
973 /**
974  * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
975  *
976  * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
977  *
978  * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
979  *
980  * This enables the following ciphersuites (if other requisites are
981  * enabled as well):
982  *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
983  *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
984  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
985  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
986  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
987  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
988  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
989  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
990  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
991  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
992  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
993  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
994  */
995 //#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
996 
997 /**
998  * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
999  *
1000  * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
1001  *
1002  * \warning This is currently experimental. EC J-PAKE support is based on the
1003  * Thread v1.0.0 specification; incompatible changes to the specification
1004  * might still happen. For this reason, this is disabled by default.
1005  *
1006  * Requires: MBEDTLS_ECJPAKE_C
1007  *           MBEDTLS_SHA256_C
1008  *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
1009  *
1010  * This enables the following ciphersuites (if other requisites are
1011  * enabled as well):
1012  *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
1013  */
1014 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1015 
1016 /**
1017  * \def MBEDTLS_PK_PARSE_EC_EXTENDED
1018  *
1019  * Enhance support for reading EC keys using variants of SEC1 not allowed by
1020  * RFC 5915 and RFC 5480.
1021  *
1022  * Currently this means parsing the SpecifiedECDomain choice of EC
1023  * parameters (only known groups are supported, not arbitrary domains, to
1024  * avoid validation issues).
1025  *
1026  * Disable if you only need to support RFC 5915 + 5480 key formats.
1027  */
1028 //#define MBEDTLS_PK_PARSE_EC_EXTENDED
1029 
1030 /**
1031  * \def MBEDTLS_ERROR_STRERROR_DUMMY
1032  *
1033  * Enable a dummy error function to make use of mbedtls_strerror() in
1034  * third party libraries easier when MBEDTLS_ERROR_C is disabled
1035  * (no effect when MBEDTLS_ERROR_C is enabled).
1036  *
1037  * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
1038  * not using mbedtls_strerror() or error_strerror() in your application.
1039  *
1040  * Disable if you run into name conflicts and want to really remove the
1041  * mbedtls_strerror()
1042  */
1043 #define MBEDTLS_ERROR_STRERROR_DUMMY
1044 
1045 /**
1046  * \def MBEDTLS_GENPRIME
1047  *
1048  * Enable the prime-number generation code.
1049  *
1050  * Requires: MBEDTLS_BIGNUM_C
1051  */
1052 #define MBEDTLS_GENPRIME
1053 
1054 /**
1055  * \def MBEDTLS_FS_IO
1056  *
1057  * Enable functions that use the filesystem.
1058  */
1059 //#define MBEDTLS_FS_IO
1060 
1061 /**
1062  * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1063  *
1064  * Do not add default entropy sources. These are the platform specific,
1065  * mbedtls_timing_hardclock and HAVEGE based poll functions.
1066  *
1067  * This is useful to have more control over the added entropy sources in an
1068  * application.
1069  *
1070  * Uncomment this macro to prevent loading of default entropy functions.
1071  */
1072 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1073 
1074 /**
1075  * \def MBEDTLS_NO_PLATFORM_ENTROPY
1076  *
1077  * Do not use built-in platform entropy functions.
1078  * This is useful if your platform does not support
1079  * standards like the /dev/urandom or Windows CryptoAPI.
1080  *
1081  * Uncomment this macro to disable the built-in platform entropy functions.
1082  */
1083 #define MBEDTLS_NO_PLATFORM_ENTROPY
1084 
1085 /**
1086  * \def MBEDTLS_ENTROPY_FORCE_SHA256
1087  *
1088  * Force the entropy accumulator to use a SHA-256 accumulator instead of the
1089  * default SHA-512 based one (if both are available).
1090  *
1091  * Requires: MBEDTLS_SHA256_C
1092  *
1093  * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
1094  * if you have performance concerns.
1095  *
1096  * This option is only useful if both MBEDTLS_SHA256_C and
1097  * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
1098  */
1099 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1100 
1101 /**
1102  * \def MBEDTLS_ENTROPY_NV_SEED
1103  *
1104  * Enable the non-volatile (NV) seed file-based entropy source.
1105  * (Also enables the NV seed read/write functions in the platform layer)
1106  *
1107  * This is crucial (if not required) on systems that do not have a
1108  * cryptographic entropy source (in hardware or kernel) available.
1109  *
1110  * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
1111  *
1112  * \note The read/write functions that are used by the entropy source are
1113  *       determined in the platform layer, and can be modified at runtime and/or
1114  *       compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
1115  *
1116  * \note If you use the default implementation functions that read a seedfile
1117  *       with regular fopen(), please make sure you make a seedfile with the
1118  *       proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
1119  *       least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
1120  *       and written to or you will get an entropy source error! The default
1121  *       implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
1122  *       bytes from the file.
1123  *
1124  * \note The entropy collector will write to the seed file before entropy is
1125  *       given to an external source, to update it.
1126  */
1127 //#define MBEDTLS_ENTROPY_NV_SEED
1128 
1129 /**
1130  * \def MBEDTLS_MEMORY_DEBUG
1131  *
1132  * Enable debugging of buffer allocator memory issues. Automatically prints
1133  * (to stderr) all (fatal) messages on memory allocation issues. Enables
1134  * function for 'debug output' of allocated memory.
1135  *
1136  * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
1137  *
1138  * Uncomment this macro to let the buffer allocator print out error messages.
1139  */
1140 //#define MBEDTLS_MEMORY_DEBUG
1141 
1142 /**
1143  * \def MBEDTLS_MEMORY_BACKTRACE
1144  *
1145  * Include backtrace information with each allocated block.
1146  *
1147  * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
1148  *           GLIBC-compatible backtrace() an backtrace_symbols() support
1149  *
1150  * Uncomment this macro to include backtrace information
1151  */
1152 //#define MBEDTLS_MEMORY_BACKTRACE
1153 
1154 /**
1155  * \def MBEDTLS_PK_RSA_ALT_SUPPORT
1156  *
1157  * Support external private RSA keys (eg from a HSM) in the PK layer.
1158  *
1159  * Comment this macro to disable support for external private RSA keys.
1160  */
1161 //#define MBEDTLS_PK_RSA_ALT_SUPPORT
1162 
1163 /**
1164  * \def MBEDTLS_PKCS1_V15
1165  *
1166  * Enable support for PKCS#1 v1.5 encoding.
1167  *
1168  * Requires: MBEDTLS_RSA_C
1169  *
1170  * This enables support for PKCS#1 v1.5 operations.
1171  */
1172 #define MBEDTLS_PKCS1_V15
1173 
1174 /**
1175  * \def MBEDTLS_PKCS1_V21
1176  *
1177  * Enable support for PKCS#1 v2.1 encoding.
1178  *
1179  * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
1180  *
1181  * This enables support for RSAES-OAEP and RSASSA-PSS operations.
1182  */
1183 #define MBEDTLS_PKCS1_V21
1184 
1185 /**
1186  * \def MBEDTLS_PSA_CRYPTO_SPM
1187  *
1188  * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
1189  * Partition Manager) integration which separates the code into two parts: a
1190  * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
1191  * Environment).
1192  *
1193  * Module:  library/psa_crypto.c
1194  * Requires: MBEDTLS_PSA_CRYPTO_C
1195  *
1196  */
1197 #define MBEDTLS_PSA_CRYPTO_SPM
1198 
1199 /**
1200  * \def MBEDTLS_PSA_HAS_ITS_IO
1201  *
1202  * Enable the non-volatile secure storage usage.
1203  *
1204  * This is crucial on systems that do not have a HW TRNG support.
1205  *
1206  */
1207 //#define MBEDTLS_PSA_HAS_ITS_IO
1208 
1209 /**
1210  * \def MBEDTLS_RSA_NO_CRT
1211  *
1212  * Do not use the Chinese Remainder Theorem for the RSA private operation.
1213  *
1214  * Uncomment this macro to disable the use of CRT in RSA.
1215  *
1216  */
1217 //#define MBEDTLS_RSA_NO_CRT
1218 
1219 /**
1220  * \def MBEDTLS_SELF_TEST
1221  *
1222  * Enable the checkup functions (*_self_test).
1223  */
1224 #define MBEDTLS_SELF_TEST
1225 
1226 /**
1227  * \def MBEDTLS_SHA256_SMALLER
1228  *
1229  * Enable an implementation of SHA-256 that has lower ROM footprint but also
1230  * lower performance.
1231  *
1232  * The default implementation is meant to be a reasonnable compromise between
1233  * performance and size. This version optimizes more aggressively for size at
1234  * the expense of performance. Eg on Cortex-M4 it reduces the size of
1235  * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
1236  * 30%.
1237  *
1238  * Uncomment to enable the smaller implementation of SHA256.
1239  */
1240 //#define MBEDTLS_SHA256_SMALLER
1241 
1242 /**
1243  * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
1244  *
1245  * Enable sending of alert messages in case of encountered errors as per RFC.
1246  * If you choose not to send the alert messages, mbed TLS can still communicate
1247  * with other servers, only debugging of failures is harder.
1248  *
1249  * The advantage of not sending alert messages, is that no information is given
1250  * about reasons for failures thus preventing adversaries of gaining intel.
1251  *
1252  * Enable sending of all alert messages
1253  */
1254 //#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1255 /**
1256  * \def MBEDTLS_SSL_ASYNC_PRIVATE
1257  *
1258  * Enable asynchronous external private key operations in SSL. This allows
1259  * you to configure an SSL connection to call an external cryptographic
1260  * module to perform private key operations instead of performing the
1261  * operation inside the library.
1262  *
1263  */
1264 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1265 
1266 /**
1267  * \def MBEDTLS_SSL_DEBUG_ALL
1268  *
1269  * Enable the debug messages in SSL module for all issues.
1270  * Debug messages have been disabled in some places to prevent timing
1271  * attacks due to (unbalanced) debugging function calls.
1272  *
1273  * If you need all error reporting you should enable this during debugging,
1274  * but remove this for production servers that should log as well.
1275  *
1276  * Uncomment this macro to report all debug messages on errors introducing
1277  * a timing side-channel.
1278  *
1279  */
1280 //#define MBEDTLS_SSL_DEBUG_ALL
1281 
1282 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
1283  *
1284  * Enable support for Encrypt-then-MAC, RFC 7366.
1285  *
1286  * This allows peers that both support it to use a more robust protection for
1287  * ciphersuites using CBC, providing deep resistance against timing attacks
1288  * on the padding or underlying cipher.
1289  *
1290  * This only affects CBC ciphersuites, and is useless if none is defined.
1291  *
1292  * Requires: MBEDTLS_SSL_PROTO_TLS1    or
1293  *           MBEDTLS_SSL_PROTO_TLS1_1  or
1294  *           MBEDTLS_SSL_PROTO_TLS1_2
1295  *
1296  * Comment this macro to disable support for Encrypt-then-MAC
1297  */
1298 //#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1299 
1300 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1301  *
1302  * Enable support for Extended Master Secret, aka Session Hash
1303  * (draft-ietf-tls-session-hash-02).
1304  *
1305  * This was introduced as "the proper fix" to the Triple Handshake familiy of
1306  * attacks, but it is recommended to always use it (even if you disable
1307  * renegotiation), since it actually fixes a more fundamental issue in the
1308  * original SSL/TLS design, and has implications beyond Triple Handshake.
1309  *
1310  * Requires: MBEDTLS_SSL_PROTO_TLS1    or
1311  *           MBEDTLS_SSL_PROTO_TLS1_1  or
1312  *           MBEDTLS_SSL_PROTO_TLS1_2
1313  *
1314  * Comment this macro to disable support for Extended Master Secret.
1315  */
1316 //#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1317 
1318 /**
1319  * \def MBEDTLS_SSL_FALLBACK_SCSV
1320  *
1321  * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
1322  *
1323  * For servers, it is recommended to always enable this, unless you support
1324  * only one version of TLS, or know for sure that none of your clients
1325  * implements a fallback strategy.
1326  *
1327  * For clients, you only need this if you're using a fallback strategy, which
1328  * is not recommended in the first place, unless you absolutely need it to
1329  * interoperate with buggy (version-intolerant) servers.
1330  *
1331  * Comment this macro to disable support for FALLBACK_SCSV
1332  */
1333 //#define MBEDTLS_SSL_FALLBACK_SCSV
1334 
1335 /**
1336  * \def MBEDTLS_SSL_HW_RECORD_ACCEL
1337  *
1338  * Enable hooking functions in SSL module for hardware acceleration of
1339  * individual records.
1340  *
1341  * Uncomment this macro to enable hooking functions.
1342  */
1343 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1344 
1345 /**
1346  * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
1347  *
1348  * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
1349  *
1350  * This is a countermeasure to the BEAST attack, which also minimizes the risk
1351  * of interoperability issues compared to sending 0-length records.
1352  *
1353  * Comment this macro to disable 1/n-1 record splitting.
1354  */
1355 //#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1356 
1357 /**
1358  * \def MBEDTLS_SSL_RENEGOTIATION
1359  *
1360  * Enable support for TLS renegotiation.
1361  *
1362  * The two main uses of renegotiation are (1) refresh keys on long-lived
1363  * connections and (2) client authentication after the initial handshake.
1364  * If you don't need renegotiation, it's probably better to disable it, since
1365  * it has been associated with security issues in the past and is easy to
1366  * misuse/misunderstand.
1367  *
1368  * Comment this to disable support for renegotiation.
1369  *
1370  * \note   Even if this option is disabled, both client and server are aware
1371  *         of the Renegotiation Indication Extension (RFC 5746) used to
1372  *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
1373  *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
1374  *          configuration of this extension).
1375  *
1376  */
1377 //#define MBEDTLS_SSL_RENEGOTIATION
1378 
1379 /**
1380  * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1381  *
1382  * Enable support for receiving and parsing SSLv2 Client Hello messages for the
1383  * SSL Server module (MBEDTLS_SSL_SRV_C).
1384  *
1385  * Uncomment this macro to enable support for SSLv2 Client Hello messages.
1386  */
1387 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1388 
1389 /**
1390  * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1391  *
1392  * Pick the ciphersuite according to the client's preferences rather than ours
1393  * in the SSL Server module (MBEDTLS_SSL_SRV_C).
1394  *
1395  * Uncomment this macro to respect client's ciphersuite order
1396  */
1397 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1398 
1399 /**
1400  * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1401  *
1402  * Enable support for RFC 6066 max_fragment_length extension in SSL.
1403  *
1404  * Comment this macro to disable support for the max_fragment_length extension
1405  */
1406 //#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1407 
1408 /**
1409  * \def MBEDTLS_SSL_PROTO_SSL3
1410  *
1411  * Enable support for SSL 3.0.
1412  *
1413  * Requires: MBEDTLS_MD5_C
1414  *           MBEDTLS_SHA1_C
1415  *
1416  * Comment this macro to disable support for SSL 3.0
1417  */
1418 //#define MBEDTLS_SSL_PROTO_SSL3
1419 
1420 /**
1421  * \def MBEDTLS_SSL_PROTO_TLS1
1422  *
1423  * Enable support for TLS 1.0.
1424  *
1425  * Requires: MBEDTLS_MD5_C
1426  *           MBEDTLS_SHA1_C
1427  *
1428  * Comment this macro to disable support for TLS 1.0
1429  */
1430 //#define MBEDTLS_SSL_PROTO_TLS1
1431 
1432 /**
1433  * \def MBEDTLS_SSL_PROTO_TLS1_1
1434  *
1435  * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
1436  *
1437  * Requires: MBEDTLS_MD5_C
1438  *           MBEDTLS_SHA1_C
1439  *
1440  * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
1441  */
1442 //#define MBEDTLS_SSL_PROTO_TLS1_1
1443 
1444 /**
1445  * \def MBEDTLS_SSL_PROTO_TLS1_2
1446  *
1447  * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
1448  *
1449  * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
1450  *           (Depends on ciphersuites)
1451  *
1452  * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
1453  */
1454 //#define MBEDTLS_SSL_PROTO_TLS1_2
1455 
1456 /**
1457  * \def MBEDTLS_SSL_PROTO_DTLS
1458  *
1459  * Enable support for DTLS (all available versions).
1460  *
1461  * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
1462  * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
1463  *
1464  * Requires: MBEDTLS_SSL_PROTO_TLS1_1
1465  *        or MBEDTLS_SSL_PROTO_TLS1_2
1466  *
1467  * Comment this macro to disable support for DTLS
1468  */
1469 //#define MBEDTLS_SSL_PROTO_DTLS
1470 
1471 /**
1472  * \def MBEDTLS_SSL_ALPN
1473  *
1474  * Enable support for RFC 7301 Application Layer Protocol Negotiation.
1475  *
1476  * Comment this macro to disable support for ALPN.
1477  */
1478 //#define MBEDTLS_SSL_ALPN
1479 
1480 /**
1481  * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
1482  *
1483  * Enable support for the anti-replay mechanism in DTLS.
1484  *
1485  * Requires: MBEDTLS_SSL_TLS_C
1486  *           MBEDTLS_SSL_PROTO_DTLS
1487  *
1488  * \warning Disabling this is often a security risk!
1489  * See mbedtls_ssl_conf_dtls_anti_replay() for details.
1490  *
1491  * Comment this to disable anti-replay in DTLS.
1492  */
1493 //#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1494 
1495 /**
1496  * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
1497  *
1498  * Enable support for HelloVerifyRequest on DTLS servers.
1499  *
1500  * This feature is highly recommended to prevent DTLS servers being used as
1501  * amplifiers in DoS attacks against other hosts. It should always be enabled
1502  * unless you know for sure amplification cannot be a problem in the
1503  * environment in which your server operates.
1504  *
1505  * \warning Disabling this can ba a security risk! (see above)
1506  *
1507  * Requires: MBEDTLS_SSL_PROTO_DTLS
1508  *
1509  * Comment this to disable support for HelloVerifyRequest.
1510  */
1511 //#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1512 
1513 /**
1514  * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1515  *
1516  * Enable server-side support for clients that reconnect from the same port.
1517  *
1518  * Some clients unexpectedly close the connection and try to reconnect using the
1519  * same source port. This needs special support from the server to handle the
1520  * new connection securely, as described in section 4.2.8 of RFC 6347. This
1521  * flag enables that support.
1522  *
1523  * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
1524  *
1525  * Comment this to disable support for clients reusing the source port.
1526  */
1527 //#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1528 
1529 /**
1530  * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1531  *
1532  * Enable support for a limit of records with bad MAC.
1533  *
1534  * See mbedtls_ssl_conf_dtls_badmac_limit().
1535  *
1536  * Requires: MBEDTLS_SSL_PROTO_DTLS
1537  */
1538 //#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1539 
1540 /**
1541  * \def MBEDTLS_SSL_SESSION_TICKETS
1542  *
1543  * Enable support for RFC 5077 session tickets in SSL.
1544  * Client-side, provides full support for session tickets (maintainance of a
1545  * session store remains the responsibility of the application, though).
1546  * Server-side, you also need to provide callbacks for writing and parsing
1547  * tickets, including authenticated encryption and key management. Example
1548  * callbacks are provided by MBEDTLS_SSL_TICKET_C.
1549  *
1550  * Comment this macro to disable support for SSL session tickets
1551  */
1552 //#define MBEDTLS_SSL_SESSION_TICKETS
1553 
1554 /**
1555  * \def MBEDTLS_SSL_EXPORT_KEYS
1556  *
1557  * Enable support for exporting key block and master secret.
1558  * This is required for certain users of TLS, e.g. EAP-TLS.
1559  *
1560  * Comment this macro to disable support for key export
1561  */
1562 //#define MBEDTLS_SSL_EXPORT_KEYS
1563 
1564 /**
1565  * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
1566  *
1567  * Enable support for RFC 6066 server name indication (SNI) in SSL.
1568  *
1569  * Requires: MBEDTLS_X509_CRT_PARSE_C
1570  *
1571  * Comment this macro to disable support for server name indication in SSL
1572  */
1573 //#define MBEDTLS_SSL_SERVER_NAME_INDICATION
1574 
1575 /**
1576  * \def MBEDTLS_SSL_TRUNCATED_HMAC
1577  *
1578  * Enable support for RFC 6066 truncated HMAC in SSL.
1579  *
1580  * Comment this macro to disable support for truncated HMAC in SSL
1581  */
1582 //#define MBEDTLS_SSL_TRUNCATED_HMAC
1583 
1584 /**
1585  * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1586  *
1587  * Fallback to old (pre-2.7), non-conforming implementation of the truncated
1588  * HMAC extension which also truncates the HMAC key. Note that this option is
1589  * only meant for a transitory upgrade period and is likely to be removed in
1590  * a future version of the library.
1591  *
1592  * \warning The old implementation is non-compliant and has a security weakness
1593  *          (2^80 brute force attack on the HMAC key used for a single,
1594  *          uninterrupted connection). This should only be enabled temporarily
1595  *          when (1) the use of truncated HMAC is essential in order to save
1596  *          bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
1597  *          the fixed implementation yet (pre-2.7).
1598  *
1599  * \deprecated This option is deprecated and will likely be removed in a
1600  *             future version of Mbed TLS.
1601  *
1602  * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
1603  *
1604  * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
1605  */
1606 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1607 
1608 /**
1609  * \def MBEDTLS_THREADING_ALT
1610  *
1611  * Provide your own alternate threading implementation.
1612  *
1613  * Requires: MBEDTLS_THREADING_C
1614  *
1615  * Uncomment this to allow your own alternate threading implementation.
1616  */
1617 //#define MBEDTLS_THREADING_ALT
1618 
1619 /**
1620  * \def MBEDTLS_THREADING_PTHREAD
1621  *
1622  * Enable the pthread wrapper layer for the threading layer.
1623  *
1624  * Requires: MBEDTLS_THREADING_C
1625  *
1626  * Uncomment this to enable pthread mutexes.
1627  */
1628 //#define MBEDTLS_THREADING_PTHREAD
1629 
1630 /**
1631  * \def MBEDTLS_USE_PSA_CRYPTO
1632  *
1633  * Make the X.509 and TLS library use PSA for cryptographic operations, see
1634  * #MBEDTLS_PSA_CRYPTO_C.
1635  *
1636  * Note: this option is still in progress, the full X.509 and TLS modules are
1637  * not covered yet, but parts that are not ported to PSA yet will still work
1638  * as usual, so enabling this option should not break backwards compatibility.
1639  *
1640  * \warning  Support for PSA is still an experimental feature.
1641  *           Any public API that depends on this option may change
1642  *           at any time until this warning is removed.
1643  *
1644  * Requires: MBEDTLS_PSA_CRYPTO_C.
1645  */
1646 //#define MBEDTLS_USE_PSA_CRYPTO
1647 
1648 /**
1649  * \def MBEDTLS_VERSION_FEATURES
1650  *
1651  * Allow run-time checking of compile-time enabled features. Thus allowing users
1652  * to check at run-time if the library is for instance compiled with threading
1653  * support via mbedtls_version_check_feature().
1654  *
1655  * Requires: MBEDTLS_VERSION_C
1656  *
1657  * Comment this to disable run-time checking and save ROM space
1658  */
1659 #define MBEDTLS_VERSION_FEATURES
1660 
1661 /**
1662  * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1663  *
1664  * If set, the X509 parser will not break-off when parsing an X509 certificate
1665  * and encountering an extension in a v1 or v2 certificate.
1666  *
1667  * Uncomment to prevent an error.
1668  */
1669 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1670 
1671 /**
1672  * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1673  *
1674  * If set, the X509 parser will not break-off when parsing an X509 certificate
1675  * and encountering an unknown critical extension.
1676  *
1677  * \warning Depending on your PKI use, enabling this can be a security risk!
1678  *
1679  * Uncomment to prevent an error.
1680  */
1681 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1682 
1683 /**
1684  * \def MBEDTLS_X509_CHECK_KEY_USAGE
1685  *
1686  * Enable verification of the keyUsage extension (CA and leaf certificates).
1687  *
1688  * Disabling this avoids problems with mis-issued and/or misused
1689  * (intermediate) CA and leaf certificates.
1690  *
1691  * \warning Depending on your PKI use, disabling this can be a security risk!
1692  *
1693  * Comment to skip keyUsage checking for both CA and leaf certificates.
1694  */
1695 //#define MBEDTLS_X509_CHECK_KEY_USAGE
1696 
1697 /**
1698  * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1699  *
1700  * Enable verification of the extendedKeyUsage extension (leaf certificates).
1701  *
1702  * Disabling this avoids problems with mis-issued and/or misused certificates.
1703  *
1704  * \warning Depending on your PKI use, disabling this can be a security risk!
1705  *
1706  * Comment to skip extendedKeyUsage checking for certificates.
1707  */
1708 //#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1709 
1710 /**
1711  * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
1712  *
1713  * Enable parsing and verification of X.509 certificates, CRLs and CSRS
1714  * signed with RSASSA-PSS (aka PKCS#1 v2.1).
1715  *
1716  * Comment this macro to disallow using RSASSA-PSS in certificates.
1717  */
1718 //#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
1719 
1720 /**
1721  * \def MBEDTLS_ZLIB_SUPPORT
1722  *
1723  * If set, the SSL/TLS module uses ZLIB to support compression and
1724  * decompression of packet data.
1725  *
1726  * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
1727  * CRIME attack. Before enabling this option, you should examine with care if
1728  * CRIME or similar exploits may be a applicable to your use case.
1729  *
1730  * \note Currently compression can't be used with DTLS.
1731  *
1732  * \deprecated This feature is deprecated and will be removed
1733  *             in the next major revision of the library.
1734  *
1735  * Used in: library/ssl_tls.c
1736  *          library/ssl_cli.c
1737  *          library/ssl_srv.c
1738  *
1739  * This feature requires zlib library and headers to be present.
1740  *
1741  * Uncomment to enable use of ZLIB
1742  */
1743 //#define MBEDTLS_ZLIB_SUPPORT
1744 /* \} name SECTION: mbed TLS feature support */
1745 
1746 /**
1747  * \name SECTION: mbed TLS modules
1748  *
1749  * This section enables or disables entire modules in mbed TLS
1750  * \{
1751  */
1752 
1753 /**
1754  * \def MBEDTLS_AESNI_C
1755  *
1756  * Enable AES-NI support on x86-64.
1757  *
1758  * Module:  library/aesni.c
1759  * Caller:  library/aes.c
1760  *
1761  * Requires: MBEDTLS_HAVE_ASM
1762  *
1763  * This modules adds support for the AES-NI instructions on x86-64
1764  */
1765 //#define MBEDTLS_AESNI_C
1766 
1767 /**
1768  * \def MBEDTLS_AES_C
1769  *
1770  * Enable the AES block cipher.
1771  *
1772  * Module:  library/aes.c
1773  * Caller:  library/cipher.c
1774  *          library/pem.c
1775  *          library/ctr_drbg.c
1776  *
1777  * This module enables the following ciphersuites (if other requisites are
1778  * enabled as well):
1779  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
1780  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
1781  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
1782  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
1783  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
1784  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
1785  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
1786  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
1787  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
1788  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
1789  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
1790  *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
1791  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
1792  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
1793  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
1794  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
1795  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
1796  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
1797  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
1798  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
1799  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
1800  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
1801  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
1802  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
1803  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
1804  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
1805  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
1806  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
1807  *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
1808  *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
1809  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
1810  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
1811  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
1812  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
1813  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
1814  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
1815  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
1816  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
1817  *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
1818  *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
1819  *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
1820  *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
1821  *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
1822  *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
1823  *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
1824  *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
1825  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
1826  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
1827  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
1828  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
1829  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
1830  *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
1831  *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
1832  *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
1833  *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
1834  *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
1835  *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
1836  *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
1837  *
1838  * PEM_PARSE uses AES for decrypting encrypted keys.
1839  */
1840 #define MBEDTLS_AES_C
1841 
1842 /**
1843  * \def MBEDTLS_ARC4_C
1844  *
1845  * Enable the ARCFOUR stream cipher.
1846  *
1847  * Module:  library/arc4.c
1848  * Caller:  library/cipher.c
1849  *
1850  * This module enables the following ciphersuites (if other requisites are
1851  * enabled as well):
1852  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
1853  *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
1854  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
1855  *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
1856  *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
1857  *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
1858  *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
1859  *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
1860  *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
1861  *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
1862  *
1863  * \warning   ARC4 is considered a weak cipher and its use constitutes a
1864  *            security risk. If possible, we recommend avoidng dependencies on
1865  *            it, and considering stronger ciphers instead.
1866  *
1867  */
1868 //#define MBEDTLS_ARC4_C
1869 
1870 /**
1871  * \def MBEDTLS_ASN1_PARSE_C
1872  *
1873  * Enable the generic ASN1 parser.
1874  *
1875  * Module:  library/asn1.c
1876  * Caller:  library/x509.c
1877  *          library/dhm.c
1878  *          library/pkcs12.c
1879  *          library/pkcs5.c
1880  *          library/pkparse.c
1881  */
1882 #define MBEDTLS_ASN1_PARSE_C
1883 
1884 /**
1885  * \def MBEDTLS_ASN1_WRITE_C
1886  *
1887  * Enable the generic ASN1 writer.
1888  *
1889  * Module:  library/asn1write.c
1890  * Caller:  library/ecdsa.c
1891  *          library/pkwrite.c
1892  *          library/x509_create.c
1893  *          library/x509write_crt.c
1894  *          library/x509write_csr.c
1895  */
1896 #define MBEDTLS_ASN1_WRITE_C
1897 
1898 /**
1899  * \def MBEDTLS_BASE64_C
1900  *
1901  * Enable the Base64 module.
1902  *
1903  * Module:  library/base64.c
1904  * Caller:  library/pem.c
1905  *
1906  * This module is required for PEM support (required by X.509).
1907  */
1908 #define MBEDTLS_BASE64_C
1909 
1910 /**
1911  * \def MBEDTLS_BIGNUM_C
1912  *
1913  * Enable the multi-precision integer library.
1914  *
1915  * Module:  library/bignum.c
1916  * Caller:  library/dhm.c
1917  *          library/ecp.c
1918  *          library/ecdsa.c
1919  *          library/rsa.c
1920  *          library/rsa_internal.c
1921  *          library/ssl_tls.c
1922  *
1923  * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
1924  */
1925 #define MBEDTLS_BIGNUM_C
1926 
1927 /**
1928  * \def MBEDTLS_BLOWFISH_C
1929  *
1930  * Enable the Blowfish block cipher.
1931  *
1932  * Module:  library/blowfish.c
1933  */
1934 //#define MBEDTLS_BLOWFISH_C
1935 
1936 /**
1937  * \def MBEDTLS_CAMELLIA_C
1938  *
1939  * Enable the Camellia block cipher.
1940  *
1941  * Module:  library/camellia.c
1942  * Caller:  library/cipher.c
1943  *
1944  * This module enables the following ciphersuites (if other requisites are
1945  * enabled as well):
1946  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1947  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1948  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
1949  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
1950  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1951  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
1952  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
1953  *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
1954  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
1955  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
1956  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
1957  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1958  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
1959  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
1960  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
1961  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1962  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
1963  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
1964  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1965  *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
1966  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
1967  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
1968  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
1969  *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
1970  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
1971  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
1972  *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
1973  *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
1974  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
1975  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
1976  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
1977  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
1978  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
1979  *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
1980  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
1981  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
1982  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
1983  *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
1984  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
1985  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
1986  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
1987  *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
1988  */
1989 //#define MBEDTLS_CAMELLIA_C
1990 
1991 /**
1992  * \def MBEDTLS_ARIA_C
1993  *
1994  * Enable the ARIA block cipher.
1995  *
1996  * Module:  library/aria.c
1997  * Caller:  library/cipher.c
1998  *
1999  * This module enables the following ciphersuites (if other requisites are
2000  * enabled as well):
2001  *
2002  *      MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
2003  *      MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
2004  *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
2005  *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
2006  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
2007  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
2008  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
2009  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
2010  *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
2011  *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
2012  *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
2013  *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
2014  *      MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
2015  *      MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
2016  *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
2017  *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
2018  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
2019  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
2020  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
2021  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
2022  *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
2023  *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
2024  *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
2025  *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
2026  *      MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
2027  *      MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
2028  *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
2029  *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
2030  *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
2031  *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
2032  *      MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
2033  *      MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
2034  *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
2035  *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
2036  *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
2037  *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
2038  *      MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
2039  *      MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
2040  */
2041 //#define MBEDTLS_ARIA_C
2042 
2043 /**
2044  * \def MBEDTLS_CCM_C
2045  *
2046  * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
2047  *
2048  * Module:  library/ccm.c
2049  *
2050  * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
2051  *
2052  * This module enables the AES-CCM ciphersuites, if other requisites are
2053  * enabled as well.
2054  */
2055 #define MBEDTLS_CCM_C
2056 
2057 /**
2058  * \def MBEDTLS_CERTS_C
2059  *
2060  * Enable the test certificates.
2061  *
2062  * Module:  library/certs.c
2063  * Caller:
2064  *
2065  * This module is used for testing (ssl_client/server).
2066  */
2067 //#define MBEDTLS_CERTS_C
2068 
2069 /**
2070  * \def MBEDTLS_CHACHA20_C
2071  *
2072  * Enable the ChaCha20 stream cipher.
2073  *
2074  * Module:  library/chacha20.c
2075  */
2076 #define MBEDTLS_CHACHA20_C
2077 
2078 /**
2079  * \def MBEDTLS_CHACHAPOLY_C
2080  *
2081  * Enable the ChaCha20-Poly1305 AEAD algorithm.
2082  *
2083  * Module:  library/chachapoly.c
2084  *
2085  * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
2086  */
2087 #define MBEDTLS_CHACHAPOLY_C
2088 
2089 /**
2090  * \def MBEDTLS_CIPHER_C
2091  *
2092  * Enable the generic cipher layer.
2093  *
2094  * Module:  library/cipher.c
2095  * Caller:  library/ssl_tls.c
2096  *
2097  * Uncomment to enable generic cipher wrappers.
2098  */
2099 #define MBEDTLS_CIPHER_C
2100 
2101 /**
2102  * \def MBEDTLS_CMAC_C
2103  *
2104  * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
2105  * ciphers.
2106  *
2107  * Module:  library/cmac.c
2108  *
2109  * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
2110  *
2111  */
2112 #define MBEDTLS_CMAC_C
2113 
2114 /**
2115  * \def MBEDTLS_CTR_DRBG_C
2116  *
2117  * Enable the CTR_DRBG AES-based random generator.
2118  * The CTR_DRBG generator uses AES-256 by default.
2119  * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below.
2120  *
2121  * Module:  library/ctr_drbg.c
2122  * Caller:
2123  *
2124  * Requires: MBEDTLS_AES_C
2125  *
2126  * This module provides the CTR_DRBG AES random number generator.
2127  */
2128 #define MBEDTLS_CTR_DRBG_C
2129 
2130 /**
2131  * \def MBEDTLS_DEBUG_C
2132  *
2133  * Enable the debug functions.
2134  *
2135  * Module:  library/debug.c
2136  * Caller:  library/ssl_cli.c
2137  *          library/ssl_srv.c
2138  *          library/ssl_tls.c
2139  *
2140  * This module provides debugging functions.
2141  */
2142 //#define MBEDTLS_DEBUG_C
2143 
2144 /**
2145  * \def MBEDTLS_DES_C
2146  *
2147  * Enable the DES block cipher.
2148  *
2149  * Module:  library/des.c
2150  * Caller:  library/pem.c
2151  *          library/cipher.c
2152  *
2153  * This module enables the following ciphersuites (if other requisites are
2154  * enabled as well):
2155  *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
2156  *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
2157  *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
2158  *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
2159  *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2160  *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
2161  *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
2162  *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
2163  *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
2164  *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
2165  *
2166  * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
2167  *
2168  * \warning   DES is considered a weak cipher and its use constitutes a
2169  *            security risk. We recommend considering stronger ciphers instead.
2170  */
2171 //#define MBEDTLS_DES_C
2172 
2173 /**
2174  * \def MBEDTLS_DHM_C
2175  *
2176  * Enable the Diffie-Hellman-Merkle module.
2177  *
2178  * Module:  library/dhm.c
2179  * Caller:  library/ssl_cli.c
2180  *          library/ssl_srv.c
2181  *
2182  * This module is used by the following key exchanges:
2183  *      DHE-RSA, DHE-PSK
2184  *
2185  * \warning    Using DHE constitutes a security risk as it
2186  *             is not possible to validate custom DH parameters.
2187  *             If possible, it is recommended users should consider
2188  *             preferring other methods of key exchange.
2189  *             See dhm.h for more details.
2190  *
2191  */
2192 #define MBEDTLS_DHM_C
2193 
2194 /**
2195  * \def MBEDTLS_ECDH_C
2196  *
2197  * Enable the elliptic curve Diffie-Hellman library.
2198  *
2199  * Module:  library/ecdh.c
2200  * Caller:  library/ssl_cli.c
2201  *          library/ssl_srv.c
2202  *
2203  * This module is used by the following key exchanges:
2204  *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
2205  *
2206  * Requires: MBEDTLS_ECP_C
2207  */
2208 #define MBEDTLS_ECDH_C
2209 
2210 /**
2211  * \def MBEDTLS_ECDSA_C
2212  *
2213  * Enable the elliptic curve DSA library.
2214  *
2215  * Module:  library/ecdsa.c
2216  * Caller:
2217  *
2218  * This module is used by the following key exchanges:
2219  *      ECDHE-ECDSA
2220  *
2221  * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
2222  */
2223 #define MBEDTLS_ECDSA_C
2224 
2225 /**
2226  * \def MBEDTLS_ECJPAKE_C
2227  *
2228  * Enable the elliptic curve J-PAKE library.
2229  *
2230  * \warning This is currently experimental. EC J-PAKE support is based on the
2231  * Thread v1.0.0 specification; incompatible changes to the specification
2232  * might still happen. For this reason, this is disabled by default.
2233  *
2234  * Module:  library/ecjpake.c
2235  * Caller:
2236  *
2237  * This module is used by the following key exchanges:
2238  *      ECJPAKE
2239  *
2240  * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
2241  */
2242 //#define MBEDTLS_ECJPAKE_C
2243 
2244 /**
2245  * \def MBEDTLS_ECP_C
2246  *
2247  * Enable the elliptic curve over GF(p) library.
2248  *
2249  * Module:  library/ecp.c
2250  * Caller:  library/ecdh.c
2251  *          library/ecdsa.c
2252  *          library/ecjpake.c
2253  *
2254  * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
2255  */
2256 #define MBEDTLS_ECP_C
2257 
2258 /**
2259  * \def MBEDTLS_ENTROPY_C
2260  *
2261  * Enable the platform-specific entropy code.
2262  *
2263  * Module:  library/entropy.c
2264  * Caller:
2265  *
2266  * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
2267  *
2268  * This module provides a generic entropy pool
2269  */
2270 #define MBEDTLS_ENTROPY_C
2271 
2272 /**
2273  * \def MBEDTLS_ERROR_C
2274  *
2275  * Enable error code to error string conversion.
2276  *
2277  * Module:  library/error.c
2278  * Caller:
2279  *
2280  * This module enables mbedtls_strerror().
2281  */
2282 //#define MBEDTLS_ERROR_C
2283 
2284 /**
2285  * \def MBEDTLS_GCM_C
2286  *
2287  * Enable the Galois/Counter Mode (GCM) for AES.
2288  *
2289  * Module:  library/gcm.c
2290  *
2291  * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
2292  *
2293  * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
2294  * requisites are enabled as well.
2295  */
2296 #define MBEDTLS_GCM_C
2297 
2298 /**
2299  * \def MBEDTLS_HAVEGE_C
2300  *
2301  * Enable the HAVEGE random generator.
2302  *
2303  * Warning: the HAVEGE random generator is not suitable for virtualized
2304  *          environments
2305  *
2306  * Warning: the HAVEGE random generator is dependent on timing and specific
2307  *          processor traits. It is therefore not advised to use HAVEGE as
2308  *          your applications primary random generator or primary entropy pool
2309  *          input. As a secondary input to your entropy pool, it IS able add
2310  *          the (limited) extra entropy it provides.
2311  *
2312  * Module:  library/havege.c
2313  * Caller:
2314  *
2315  * Requires: MBEDTLS_TIMING_C
2316  *
2317  * Uncomment to enable the HAVEGE random generator.
2318  */
2319 //#define MBEDTLS_HAVEGE_C
2320 
2321 /**
2322  * \def MBEDTLS_HKDF_C
2323  *
2324  * Enable the HKDF algorithm (RFC 5869).
2325  *
2326  * Module:  library/hkdf.c
2327  * Caller:
2328  *
2329  * Requires: MBEDTLS_MD_C
2330  *
2331  * This module adds support for the Hashed Message Authentication Code
2332  * (HMAC)-based key derivation function (HKDF).
2333  */
2334 #define MBEDTLS_HKDF_C
2335 
2336 /**
2337  * \def MBEDTLS_HMAC_DRBG_C
2338  *
2339  * Enable the HMAC_DRBG random generator.
2340  *
2341  * Module:  library/hmac_drbg.c
2342  * Caller:
2343  *
2344  * Requires: MBEDTLS_MD_C
2345  *
2346  * Uncomment to enable the HMAC_DRBG random number geerator.
2347  */
2348 #define MBEDTLS_HMAC_DRBG_C
2349 
2350 /**
2351  * \def MBEDTLS_NIST_KW_C
2352  *
2353  * Enable the Key Wrapping mode for 128-bit block ciphers,
2354  * as defined in NIST SP 800-38F. Only KW and KWP modes
2355  * are supported. At the moment, only AES is approved by NIST.
2356  *
2357  * Module:  library/nist_kw.c
2358  *
2359  * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
2360  */
2361 #define MBEDTLS_NIST_KW_C
2362 
2363 /**
2364  * \def MBEDTLS_MD_C
2365  *
2366  * Enable the generic message digest layer.
2367  *
2368  * Module:  library/md.c
2369  * Caller:
2370  *
2371  * Uncomment to enable generic message digest wrappers.
2372  */
2373 #define MBEDTLS_MD_C
2374 
2375 /**
2376  * \def MBEDTLS_MD2_C
2377  *
2378  * Enable the MD2 hash algorithm.
2379  *
2380  * Module:  library/md2.c
2381  * Caller:
2382  *
2383  * Uncomment to enable support for (rare) MD2-signed X.509 certs.
2384  *
2385  * \warning   MD2 is considered a weak message digest and its use constitutes a
2386  *            security risk. If possible, we recommend avoiding dependencies on
2387  *            it, and considering stronger message digests instead.
2388  *
2389  */
2390 //#define MBEDTLS_MD2_C
2391 
2392 /**
2393  * \def MBEDTLS_MD4_C
2394  *
2395  * Enable the MD4 hash algorithm.
2396  *
2397  * Module:  library/md4.c
2398  * Caller:
2399  *
2400  * Uncomment to enable support for (rare) MD4-signed X.509 certs.
2401  *
2402  * \warning   MD4 is considered a weak message digest and its use constitutes a
2403  *            security risk. If possible, we recommend avoiding dependencies on
2404  *            it, and considering stronger message digests instead.
2405  *
2406  */
2407 //#define MBEDTLS_MD4_C
2408 
2409 /**
2410  * \def MBEDTLS_MD5_C
2411  *
2412  * Enable the MD5 hash algorithm.
2413  *
2414  * Module:  library/md5.c
2415  * Caller:  library/md.c
2416  *          library/pem.c
2417  *          library/ssl_tls.c
2418  *
2419  * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
2420  * depending on the handshake parameters. Further, it is used for checking
2421  * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
2422  * encrypted keys.
2423  *
2424  * \warning   MD5 is considered a weak message digest and its use constitutes a
2425  *            security risk. If possible, we recommend avoiding dependencies on
2426  *            it, and considering stronger message digests instead.
2427  *
2428  */
2429 //#define MBEDTLS_MD5_C
2430 
2431 /**
2432  * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
2433  *
2434  * Enable the buffer allocator implementation that makes use of a (stack)
2435  * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
2436  * calls)
2437  *
2438  * Module:  library/memory_buffer_alloc.c
2439  *
2440  * Requires: MBEDTLS_PLATFORM_C
2441  *           MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
2442  *
2443  * Enable this module to enable the buffer memory allocator.
2444  */
2445 #define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2446 
2447 /**
2448  * \def MBEDTLS_NET_C
2449  *
2450  * Enable the TCP and UDP over IPv6/IPv4 networking routines.
2451  *
2452  * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
2453  * and Windows. For other platforms, you'll want to disable it, and write your
2454  * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
2455  *
2456  * \note See also our Knowledge Base article about porting to a new
2457  * environment:
2458  * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
2459  *
2460  * Module:  library/net_sockets.c
2461  *
2462  * This module provides networking routines.
2463  */
2464 //#define MBEDTLS_NET_C
2465 
2466 /**
2467  * \def MBEDTLS_OID_C
2468  *
2469  * Enable the OID database.
2470  *
2471  * Module:  library/oid.c
2472  * Caller:  library/asn1write.c
2473  *          library/pkcs5.c
2474  *          library/pkparse.c
2475  *          library/pkwrite.c
2476  *          library/rsa.c
2477  *          library/x509.c
2478  *          library/x509_create.c
2479  *          library/x509_crl.c
2480  *          library/x509_crt.c
2481  *          library/x509_csr.c
2482  *          library/x509write_crt.c
2483  *          library/x509write_csr.c
2484  *
2485  * This modules translates between OIDs and internal values.
2486  */
2487 #define MBEDTLS_OID_C
2488 
2489 /**
2490  * \def MBEDTLS_PADLOCK_C
2491  *
2492  * Enable VIA Padlock support on x86.
2493  *
2494  * Module:  library/padlock.c
2495  * Caller:  library/aes.c
2496  *
2497  * Requires: MBEDTLS_HAVE_ASM
2498  *
2499  * This modules adds support for the VIA PadLock on x86.
2500  */
2501 //#define MBEDTLS_PADLOCK_C
2502 
2503 /**
2504  * \def MBEDTLS_PEM_PARSE_C
2505  *
2506  * Enable PEM decoding / parsing.
2507  *
2508  * Module:  library/pem.c
2509  * Caller:  library/dhm.c
2510  *          library/pkparse.c
2511  *          library/x509_crl.c
2512  *          library/x509_crt.c
2513  *          library/x509_csr.c
2514  *
2515  * Requires: MBEDTLS_BASE64_C
2516  *
2517  * This modules adds support for decoding / parsing PEM files.
2518  */
2519 #define MBEDTLS_PEM_PARSE_C
2520 
2521 /**
2522  * \def MBEDTLS_PEM_WRITE_C
2523  *
2524  * Enable PEM encoding / writing.
2525  *
2526  * Module:  library/pem.c
2527  * Caller:  library/pkwrite.c
2528  *          library/x509write_crt.c
2529  *          library/x509write_csr.c
2530  *
2531  * Requires: MBEDTLS_BASE64_C
2532  *
2533  * This modules adds support for encoding / writing PEM files.
2534  */
2535 #define MBEDTLS_PEM_WRITE_C
2536 
2537 /**
2538  * \def MBEDTLS_PK_C
2539  *
2540  * Enable the generic public (asymetric) key layer.
2541  *
2542  * Module:  library/pk.c
2543  * Caller:  library/ssl_tls.c
2544  *          library/ssl_cli.c
2545  *          library/ssl_srv.c
2546  *
2547  * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
2548  *
2549  * Uncomment to enable generic public key wrappers.
2550  */
2551 #define MBEDTLS_PK_C
2552 
2553 /**
2554  * \def MBEDTLS_PK_PARSE_C
2555  *
2556  * Enable the generic public (asymetric) key parser.
2557  *
2558  * Module:  library/pkparse.c
2559  * Caller:  library/x509_crt.c
2560  *          library/x509_csr.c
2561  *
2562  * Requires: MBEDTLS_PK_C
2563  *
2564  * Uncomment to enable generic public key parse functions.
2565  */
2566 #define MBEDTLS_PK_PARSE_C
2567 
2568 /**
2569  * \def MBEDTLS_PK_WRITE_C
2570  *
2571  * Enable the generic public (asymetric) key writer.
2572  *
2573  * Module:  library/pkwrite.c
2574  * Caller:  library/x509write.c
2575  *
2576  * Requires: MBEDTLS_PK_C
2577  *
2578  * Uncomment to enable generic public key write functions.
2579  */
2580 #define MBEDTLS_PK_WRITE_C
2581 
2582 /**
2583  * \def MBEDTLS_PKCS5_C
2584  *
2585  * Enable PKCS#5 functions.
2586  *
2587  * Module:  library/pkcs5.c
2588  *
2589  * Requires: MBEDTLS_MD_C
2590  *
2591  * This module adds support for the PKCS#5 functions.
2592  */
2593 #define MBEDTLS_PKCS5_C
2594 
2595 /**
2596  * \def MBEDTLS_PKCS11_C
2597  *
2598  * Enable wrapper for PKCS#11 smartcard support.
2599  *
2600  * Module:  library/pkcs11.c
2601  * Caller:  library/pk.c
2602  *
2603  * Requires: MBEDTLS_PK_C
2604  *
2605  * This module enables SSL/TLS PKCS #11 smartcard support.
2606  * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
2607  */
2608 //#define MBEDTLS_PKCS11_C
2609 
2610 /**
2611  * \def MBEDTLS_PKCS12_C
2612  *
2613  * Enable PKCS#12 PBE functions.
2614  * Adds algorithms for parsing PKCS#8 encrypted private keys
2615  *
2616  * Module:  library/pkcs12.c
2617  * Caller:  library/pkparse.c
2618  *
2619  * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
2620  * Can use:  MBEDTLS_ARC4_C
2621  *
2622  * This module enables PKCS#12 functions.
2623  */
2624 //#define MBEDTLS_PKCS12_C
2625 
2626 /**
2627  * \def MBEDTLS_PLATFORM_C
2628  *
2629  * Enable the platform abstraction layer that allows you to re-assign
2630  * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
2631  *
2632  * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
2633  * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
2634  * above to be specified at runtime or compile time respectively.
2635  *
2636  * \note This abstraction layer must be enabled on Windows (including MSYS2)
2637  * as other module rely on it for a fixed snprintf implementation.
2638  *
2639  * Module:  library/platform.c
2640  * Caller:  Most other .c files
2641  *
2642  * This module enables abstraction of common (libc) functions.
2643  */
2644 #define MBEDTLS_PLATFORM_C
2645 
2646 /**
2647  * \def MBEDTLS_POLY1305_C
2648  *
2649  * Enable the Poly1305 MAC algorithm.
2650  *
2651  * Module:  library/poly1305.c
2652  * Caller:  library/chachapoly.c
2653  */
2654 #define MBEDTLS_POLY1305_C
2655 
2656 /**
2657  * \def MBEDTLS_PSA_CRYPTO_C
2658  *
2659  * Enable the Platform Security Architecture cryptography API.
2660  *
2661  * Module:  library/psa_crypto.c
2662  *
2663  * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
2664  *
2665  */
2666 #define MBEDTLS_PSA_CRYPTO_C
2667 
2668 /**
2669  * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
2670  *
2671  * Enable the Platform Security Architecture persistent key storage.
2672  *
2673  * Module:  library/psa_crypto_storage.c
2674  *
2675  * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
2676  * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
2677  * (but not both)
2678  *
2679  */
2680 //#define MBEDTLS_PSA_CRYPTO_STORAGE_C
2681 
2682 /**
2683  * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
2684  *
2685  * Enable persistent key storage over files for the
2686  * Platform Security Architecture cryptography API.
2687  *
2688  * Module:  library/psa_crypto_storage_file.c
2689  *
2690  * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
2691  *
2692  */
2693 //#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
2694 
2695 /**
2696  * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
2697  *
2698  * Enable persistent key storage over PSA ITS for the
2699  * Platform Security Architecture cryptography API.
2700  *
2701  * Module:  library/psa_crypto_storage_its.c
2702  *
2703  * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
2704  *
2705  */
2706 //#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
2707 
2708 /**
2709  * \def MBEDTLS_RIPEMD160_C
2710  *
2711  * Enable the RIPEMD-160 hash algorithm.
2712  *
2713  * Module:  library/ripemd160.c
2714  * Caller:  library/md.c
2715  *
2716  */
2717 //#define MBEDTLS_RIPEMD160_C
2718 
2719 /**
2720  * \def MBEDTLS_RSA_C
2721  *
2722  * Enable the RSA public-key cryptosystem.
2723  *
2724  * Module:  library/rsa.c
2725  *          library/rsa_internal.c
2726  * Caller:  library/ssl_cli.c
2727  *          library/ssl_srv.c
2728  *          library/ssl_tls.c
2729  *          library/x509.c
2730  *
2731  * This module is used by the following key exchanges:
2732  *      RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
2733  *
2734  * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
2735  */
2736 #define MBEDTLS_RSA_C
2737 
2738 /**
2739  * \def MBEDTLS_SHA1_C
2740  *
2741  * Enable the SHA1 cryptographic hash algorithm.
2742  *
2743  * Module:  library/sha1.c
2744  * Caller:  library/md.c
2745  *          library/ssl_cli.c
2746  *          library/ssl_srv.c
2747  *          library/ssl_tls.c
2748  *          library/x509write_crt.c
2749  *
2750  * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
2751  * depending on the handshake parameters, and for SHA1-signed certificates.
2752  *
2753  * \warning   SHA-1 is considered a weak message digest and its use constitutes
2754  *            a security risk. If possible, we recommend avoiding dependencies
2755  *            on it, and considering stronger message digests instead.
2756  *
2757  */
2758 #define MBEDTLS_SHA1_C
2759 
2760 /**
2761  * \def MBEDTLS_SHA256_C
2762  *
2763  * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
2764  *
2765  * Module:  library/sha256.c
2766  * Caller:  library/entropy.c
2767  *          library/md.c
2768  *          library/ssl_cli.c
2769  *          library/ssl_srv.c
2770  *          library/ssl_tls.c
2771  *
2772  * This module adds support for SHA-224 and SHA-256.
2773  * This module is required for the SSL/TLS 1.2 PRF function.
2774  */
2775 #define MBEDTLS_SHA256_C
2776 
2777 /**
2778  * \def MBEDTLS_SHA512_C
2779  *
2780  * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
2781  *
2782  * Module:  library/sha512.c
2783  * Caller:  library/entropy.c
2784  *          library/md.c
2785  *          library/ssl_cli.c
2786  *          library/ssl_srv.c
2787  *
2788  * This module adds support for SHA-384 and SHA-512.
2789  */
2790 #define MBEDTLS_SHA512_C
2791 
2792 /**
2793  * \def MBEDTLS_SSL_CACHE_C
2794  *
2795  * Enable simple SSL cache implementation.
2796  *
2797  * Module:  library/ssl_cache.c
2798  * Caller:
2799  *
2800  * Requires: MBEDTLS_SSL_CACHE_C
2801  */
2802 //#define MBEDTLS_SSL_CACHE_C
2803 
2804 /**
2805  * \def MBEDTLS_SSL_COOKIE_C
2806  *
2807  * Enable basic implementation of DTLS cookies for hello verification.
2808  *
2809  * Module:  library/ssl_cookie.c
2810  * Caller:
2811  */
2812 //#define MBEDTLS_SSL_COOKIE_C
2813 
2814 /**
2815  * \def MBEDTLS_SSL_TICKET_C
2816  *
2817  * Enable an implementation of TLS server-side callbacks for session tickets.
2818  *
2819  * Module:  library/ssl_ticket.c
2820  * Caller:
2821  *
2822  * Requires: MBEDTLS_CIPHER_C
2823  */
2824 //#define MBEDTLS_SSL_TICKET_C
2825 
2826 /**
2827  * \def MBEDTLS_SSL_CLI_C
2828  *
2829  * Enable the SSL/TLS client code.
2830  *
2831  * Module:  library/ssl_cli.c
2832  * Caller:
2833  *
2834  * Requires: MBEDTLS_SSL_TLS_C
2835  *
2836  * This module is required for SSL/TLS client support.
2837  */
2838 //#define MBEDTLS_SSL_CLI_C
2839 
2840 /**
2841  * \def MBEDTLS_SSL_SRV_C
2842  *
2843  * Enable the SSL/TLS server code.
2844  *
2845  * Module:  library/ssl_srv.c
2846  * Caller:
2847  *
2848  * Requires: MBEDTLS_SSL_TLS_C
2849  *
2850  * This module is required for SSL/TLS server support.
2851  */
2852 //#define MBEDTLS_SSL_SRV_C
2853 
2854 /**
2855  * \def MBEDTLS_SSL_TLS_C
2856  *
2857  * Enable the generic SSL/TLS code.
2858  *
2859  * Module:  library/ssl_tls.c
2860  * Caller:  library/ssl_cli.c
2861  *          library/ssl_srv.c
2862  *
2863  * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
2864  *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
2865  *
2866  * This module is required for SSL/TLS.
2867  */
2868 //#define MBEDTLS_SSL_TLS_C
2869 
2870 /**
2871  * \def MBEDTLS_THREADING_C
2872  *
2873  * Enable the threading abstraction layer.
2874  * By default mbed TLS assumes it is used in a non-threaded environment or that
2875  * contexts are not shared between threads. If you do intend to use contexts
2876  * between threads, you will need to enable this layer to prevent race
2877  * conditions. See also our Knowledge Base article about threading:
2878  * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
2879  *
2880  * Module:  library/threading.c
2881  *
2882  * This allows different threading implementations (self-implemented or
2883  * provided).
2884  *
2885  * You will have to enable either MBEDTLS_THREADING_ALT or
2886  * MBEDTLS_THREADING_PTHREAD.
2887  *
2888  * Enable this layer to allow use of mutexes within mbed TLS
2889  */
2890 //#define MBEDTLS_THREADING_C
2891 
2892 /**
2893  * \def MBEDTLS_TIMING_C
2894  *
2895  * Enable the semi-portable timing interface.
2896  *
2897  * \note The provided implementation only works on POSIX/Unix (including Linux,
2898  * BSD and OS X) and Windows. On other platforms, you can either disable that
2899  * module and provide your own implementations of the callbacks needed by
2900  * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
2901  * your own implementation of the whole module by setting
2902  * \c MBEDTLS_TIMING_ALT in the current file.
2903  *
2904  * \note See also our Knowledge Base article about porting to a new
2905  * environment:
2906  * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
2907  *
2908  * Module:  library/timing.c
2909  * Caller:  library/havege.c
2910  *
2911  * This module is used by the HAVEGE random number generator.
2912  */
2913 //#define MBEDTLS_TIMING_C
2914 
2915 /**
2916  * \def MBEDTLS_VERSION_C
2917  *
2918  * Enable run-time version information.
2919  *
2920  * Module:  library/version.c
2921  *
2922  * This module provides run-time version information.
2923  */
2924 #define MBEDTLS_VERSION_C
2925 
2926 /**
2927  * \def MBEDTLS_X509_USE_C
2928  *
2929  * Enable X.509 core for using certificates.
2930  *
2931  * Module:  library/x509.c
2932  * Caller:  library/x509_crl.c
2933  *          library/x509_crt.c
2934  *          library/x509_csr.c
2935  *
2936  * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
2937  *           MBEDTLS_PK_PARSE_C
2938  *
2939  * This module is required for the X.509 parsing modules.
2940  */
2941 //#define MBEDTLS_X509_USE_C
2942 
2943 /**
2944  * \def MBEDTLS_X509_CRT_PARSE_C
2945  *
2946  * Enable X.509 certificate parsing.
2947  *
2948  * Module:  library/x509_crt.c
2949  * Caller:  library/ssl_cli.c
2950  *          library/ssl_srv.c
2951  *          library/ssl_tls.c
2952  *
2953  * Requires: MBEDTLS_X509_USE_C
2954  *
2955  * This module is required for X.509 certificate parsing.
2956  */
2957 //#define MBEDTLS_X509_CRT_PARSE_C
2958 
2959 /**
2960  * \def MBEDTLS_X509_CRL_PARSE_C
2961  *
2962  * Enable X.509 CRL parsing.
2963  *
2964  * Module:  library/x509_crl.c
2965  * Caller:  library/x509_crt.c
2966  *
2967  * Requires: MBEDTLS_X509_USE_C
2968  *
2969  * This module is required for X.509 CRL parsing.
2970  */
2971 //#define MBEDTLS_X509_CRL_PARSE_C
2972 
2973 /**
2974  * \def MBEDTLS_X509_CSR_PARSE_C
2975  *
2976  * Enable X.509 Certificate Signing Request (CSR) parsing.
2977  *
2978  * Module:  library/x509_csr.c
2979  * Caller:  library/x509_crt_write.c
2980  *
2981  * Requires: MBEDTLS_X509_USE_C
2982  *
2983  * This module is used for reading X.509 certificate request.
2984  */
2985 //#define MBEDTLS_X509_CSR_PARSE_C
2986 
2987 /**
2988  * \def MBEDTLS_X509_CREATE_C
2989  *
2990  * Enable X.509 core for creating certificates.
2991  *
2992  * Module:  library/x509_create.c
2993  *
2994  * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
2995  *
2996  * This module is the basis for creating X.509 certificates and CSRs.
2997  */
2998 //#define MBEDTLS_X509_CREATE_C
2999 
3000 /**
3001  * \def MBEDTLS_X509_CRT_WRITE_C
3002  *
3003  * Enable creating X.509 certificates.
3004  *
3005  * Module:  library/x509_crt_write.c
3006  *
3007  * Requires: MBEDTLS_X509_CREATE_C
3008  *
3009  * This module is required for X.509 certificate creation.
3010  */
3011 //#define MBEDTLS_X509_CRT_WRITE_C
3012 
3013 /**
3014  * \def MBEDTLS_X509_CSR_WRITE_C
3015  *
3016  * Enable creating X.509 Certificate Signing Requests (CSR).
3017  *
3018  * Module:  library/x509_csr_write.c
3019  *
3020  * Requires: MBEDTLS_X509_CREATE_C
3021  *
3022  * This module is required for X.509 certificate request writing.
3023  */
3024 //#define MBEDTLS_X509_CSR_WRITE_C
3025 
3026 /**
3027  * \def MBEDTLS_XTEA_C
3028  *
3029  * Enable the XTEA block cipher.
3030  *
3031  * Module:  library/xtea.c
3032  * Caller:
3033  */
3034 //#define MBEDTLS_XTEA_C
3035 
3036 /* \} name SECTION: mbed TLS modules */
3037 
3038 /**
3039  * \name SECTION: Module configuration options
3040  *
3041  * This section allows for the setting of module specific sizes and
3042  * configuration options. The default values are already present in the
3043  * relevant header files and should suffice for the regular use cases.
3044  *
3045  * Our advice is to enable options and change their values here
3046  * only if you have a good reason and know the consequences.
3047  *
3048  * Please check the respective header file for documentation on these
3049  * parameters (to prevent duplicate documentation).
3050  * \{
3051  */
3052 
3053 /* MPI / BIGNUM options */
3054 //#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
3055 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
3056 
3057 /* CTR_DRBG options */
3058 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3059 /*!  Maximal reseed counter - indicates maximal number of
3060 requests allowed between reseeds; according to NIST 800-90
3061 it is (2^48 - 1), our restriction is :  (int - 0xFFFF - 0xF ).*/
3062 #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL            0xFFF0 /**< Interval before reseed is performed by default */
3063 //#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
3064 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
3065 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */
3066 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY              /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */
3067 
3068 /* HMAC_DRBG options */
3069 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */
3070 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT           256 /**< Maximum number of additional input bytes */
3071 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST        1024 /**< Maximum number of requested bytes per call */
3072 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */
3073 
3074 /* ECP options */
3075 //#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
3076 //#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
3077 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */
3078 
3079 /* Entropy options */
3080 //#define MBEDTLS_ENTROPY_MAX_SOURCES                20 /**< Maximum number of sources supported */
3081 #define MBEDTLS_ENTROPY_MAX_GATHER                   144 /**< Maximum amount requested from entropy sources */
3082 //#define MBEDTLS_ENTROPY_MIN_HARDWARE               32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3083 
3084 /* Memory buffer allocator options */
3085 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */
3086 
3087 /* Platform options */
3088 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3089 //#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
3090 //#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
3091 
3092 //#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
3093 //#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3094 //#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */
3095 //#define MBEDTLS_PLATFORM_STD_PRINTF        printf /**< Default printf to use, can be undefined */
3096 /* Note: your snprintf must correclty zero-terminate the buffer! */
3097 //#define MBEDTLS_PLATFORM_STD_SNPRINTF    snprintf /**< Default snprintf to use, can be undefined */
3098 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS       0 /**< Default exit value to use, can be undefined */
3099 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE       1 /**< Default exit value to use, can be undefined */
3100 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3101 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3102 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
3103 
3104 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3105 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3106 //#define MBEDTLS_PLATFORM_CALLOC_MACRO          calloc /**< Default allocator macro to use, can be undefined */
3107 //#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
3108 #define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
3109 //#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3110 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3111 #define MBEDTLS_PLATFORM_FPRINTF_MACRO      fprintf /**< Default fprintf macro to use, can be undefined */
3112 #define MBEDTLS_PLATFORM_PRINTF_MACRO        printf /**< Default printf macro to use, can be undefined */
3113 /* Note: your snprintf must correclty zero-terminate the buffer! */
3114 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO    snprintf /**< Default snprintf macro to use, can be undefined */
3115 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3116 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3117 
3118 /**
3119  * \brief       This macro is invoked by the library when an invalid parameter
3120  *              is detected that is only checked with MBEDTLS_CHECK_PARAMS
3121  *              (see the documentation of that option for context).
3122  *
3123  *              When you leave this undefined here, a default definition is
3124  *              provided that invokes the function mbedtls_param_failed(),
3125  *              which is declared in platform_util.h for the benefit of the
3126  *              library, but that you need to define in your application.
3127  *
3128  *              When you define this here, this replaces the default
3129  *              definition in platform_util.h (which no longer declares the
3130  *              function mbedtls_param_failed()) and it is your responsibility
3131  *              to make sure this macro expands to something suitable (in
3132  *              particular, that all the necessary declarations are visible
3133  *              from within the library - you can ensure that by providing
3134  *              them in this file next to the macro definition).
3135  *
3136  *              Note that you may define this macro to expand to nothing, in
3137  *              which case you don't have to worry about declarations or
3138  *              definitions. However, you will then be notified about invalid
3139  *              parameters only in non-void functions, and void function will
3140  *              just silently return early on invalid parameters, which
3141  *              partially negates the benefits of enabling
3142  *              #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
3143  *
3144  * \param cond  The expression that should evaluate to true, but doesn't.
3145  */
3146 //#define MBEDTLS_PARAM_FAILED( cond )               assert( cond )
3147 
3148 /* SSL Cache options */
3149 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400 /**< 1 day  */
3150 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */
3151 
3152 /* SSL options */
3153 
3154 /** \def MBEDTLS_SSL_MAX_CONTENT_LEN
3155  *
3156  * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
3157  *
3158  * This determines the size of both the incoming and outgoing TLS I/O buffers
3159  * in such a way that both are capable of holding the specified amount of
3160  * plaintext data, regardless of the protection mechanism used.
3161  *
3162  * To configure incoming and outgoing I/O buffers separately, use
3163  * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
3164  * which overwrite the value set by this option.
3165  *
3166  * \note When using a value less than the default of 16KB on the client, it is
3167  *       recommended to use the Maximum Fragment Length (MFL) extension to
3168  *       inform the server about this limitation. On the server, there
3169  *       is no supported, standardized way of informing the client about
3170  *       restriction on the maximum size of incoming messages, and unless
3171  *       the limitation has been communicated by other means, it is recommended
3172  *       to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3173  *       while keeping the default value of 16KB for the incoming buffer.
3174  *
3175  * Uncomment to set the maximum plaintext size of both
3176  * incoming and outgoing I/O buffers.
3177  */
3178 //#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384
3179 
3180 /** \def MBEDTLS_SSL_IN_CONTENT_LEN
3181  *
3182  * Maximum length (in bytes) of incoming plaintext fragments.
3183  *
3184  * This determines the size of the incoming TLS I/O buffer in such a way
3185  * that it is capable of holding the specified amount of plaintext data,
3186  * regardless of the protection mechanism used.
3187  *
3188  * If this option is undefined, it inherits its value from
3189  * #MBEDTLS_SSL_MAX_CONTENT_LEN.
3190  *
3191  * \note When using a value less than the default of 16KB on the client, it is
3192  *       recommended to use the Maximum Fragment Length (MFL) extension to
3193  *       inform the server about this limitation. On the server, there
3194  *       is no supported, standardized way of informing the client about
3195  *       restriction on the maximum size of incoming messages, and unless
3196  *       the limitation has been communicated by other means, it is recommended
3197  *       to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3198  *       while keeping the default value of 16KB for the incoming buffer.
3199  *
3200  * Uncomment to set the maximum plaintext size of the incoming I/O buffer
3201  * independently of the outgoing I/O buffer.
3202  */
3203 //#define MBEDTLS_SSL_IN_CONTENT_LEN              16384
3204 
3205 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN
3206  *
3207  * Maximum length (in bytes) of outgoing plaintext fragments.
3208  *
3209  * This determines the size of the outgoing TLS I/O buffer in such a way
3210  * that it is capable of holding the specified amount of plaintext data,
3211  * regardless of the protection mechanism used.
3212  *
3213  * If this option undefined, it inherits its value from
3214  * #MBEDTLS_SSL_MAX_CONTENT_LEN.
3215  *
3216  * It is possible to save RAM by setting a smaller outward buffer, while keeping
3217  * the default inward 16384 byte buffer to conform to the TLS specification.
3218  *
3219  * The minimum required outward buffer size is determined by the handshake
3220  * protocol's usage. Handshaking will fail if the outward buffer is too small.
3221  * The specific size requirement depends on the configured ciphers and any
3222  * certificate data which is sent during the handshake.
3223  *
3224  * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
3225  * independently of the incoming I/O buffer.
3226  */
3227 //#define MBEDTLS_SSL_OUT_CONTENT_LEN             16384
3228 
3229 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
3230  *
3231  * Maximum number of heap-allocated bytes for the purpose of
3232  * DTLS handshake message reassembly and future message buffering.
3233  *
3234  * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
3235  * to account for a reassembled handshake message of maximum size,
3236  * together with its reassembly bitmap.
3237  *
3238  * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
3239  * should be sufficient for all practical situations as it allows
3240  * to reassembly a large handshake message (such as a certificate)
3241  * while buffering multiple smaller handshake messages.
3242  *
3243  */
3244 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING             32768
3245 
3246 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
3247 //#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
3248 //#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
3249 
3250 /**
3251  * Complete list of ciphersuites to use, in order of preference.
3252  *
3253  * \warning No dependency checking is done on that field! This option can only
3254  * be used to restrict the set of available ciphersuites. It is your
3255  * responsibility to make sure the needed modules are active.
3256  *
3257  * Use this to save a few hundred bytes of ROM (default ordering of all
3258  * available ciphersuites) and a few to a few hundred bytes of RAM.
3259  *
3260  * The value below is only an example, not the default.
3261  */
3262 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
3263 
3264 /* X509 options */
3265 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8   /**< Maximum number of intermediate CAs in a verification chain. */
3266 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
3267 
3268 /**
3269  * Allow SHA-1 in the default TLS configuration for certificate signing.
3270  * Without this build-time option, SHA-1 support must be activated explicitly
3271  * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
3272  * recommended because of it is possible to generate SHA-1 collisions, however
3273  * this may be safe for legacy infrastructure where additional controls apply.
3274  *
3275  * \warning   SHA-1 is considered a weak message digest and its use constitutes
3276  *            a security risk. If possible, we recommend avoiding dependencies
3277  *            on it, and considering stronger message digests instead.
3278  *
3279  */
3280 // #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
3281 
3282 /**
3283  * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
3284  * signature and ciphersuite selection. Without this build-time option, SHA-1
3285  * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
3286  * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
3287  * default. At the time of writing, there is no practical attack on the use
3288  * of SHA-1 in handshake signatures, hence this option is turned on by default
3289  * to preserve compatibility with existing peers, but the general
3290  * warning applies nonetheless:
3291  *
3292  * \warning   SHA-1 is considered a weak message digest and its use constitutes
3293  *            a security risk. If possible, we recommend avoiding dependencies
3294  *            on it, and considering stronger message digests instead.
3295  *
3296  */
3297 //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
3298 
3299 /**
3300  * Uncomment the macro to let mbed TLS use your alternate implementation of
3301  * mbedtls_platform_zeroize(). This replaces the default implementation in
3302  * platform_util.c.
3303  *
3304  * mbedtls_platform_zeroize() is a widely used function across the library to
3305  * zero a block of memory. The implementation is expected to be secure in the
3306  * sense that it has been written to prevent the compiler from removing calls
3307  * to mbedtls_platform_zeroize() as part of redundant code elimination
3308  * optimizations. However, it is difficult to guarantee that calls to
3309  * mbedtls_platform_zeroize() will not be optimized by the compiler as older
3310  * versions of the C language standards do not provide a secure implementation
3311  * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
3312  * configure their own implementation of mbedtls_platform_zeroize(), for
3313  * example by using directives specific to their compiler, features from newer
3314  * C standards (e.g using memset_s() in C11) or calling a secure memset() from
3315  * their system (e.g explicit_bzero() in BSD).
3316  */
3317 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
3318 
3319 /**
3320  * Uncomment the macro to let Mbed TLS use your alternate implementation of
3321  * mbedtls_platform_gmtime_r(). This replaces the default implementation in
3322  * platform_util.c.
3323  *
3324  * gmtime() is not a thread-safe function as defined in the C standard. The
3325  * library will try to use safer implementations of this function, such as
3326  * gmtime_r() when available. However, if Mbed TLS cannot identify the target
3327  * system, the implementation of mbedtls_platform_gmtime_r() will default to
3328  * using the standard gmtime(). In this case, calls from the library to
3329  * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
3330  * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
3331  * library are also guarded with this mutex to avoid race conditions. However,
3332  * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
3333  * unconditionally use the implementation for mbedtls_platform_gmtime_r()
3334  * supplied at compile time.
3335  */
3336 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
3337 
3338 /* \} name SECTION: Customisation configuration options */
3339 
3340 /*
3341  * Allow user to override any previous default.
3342  *
3343  * Use two macro names for that, as:
3344  * - with yotta the prefix YOTTA_CFG_ is forced
3345  * - without yotta is looks weird to have a YOTTA prefix.
3346  */
3347 #if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
3348 #include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
3349 #elif defined(MBEDTLS_USER_CONFIG_FILE)
3350 #include MBEDTLS_USER_CONFIG_FILE
3351 #endif
3352 
3353 #include "mbedtls/check_config.h"
3354 
3355 /* define memory related functions */
3356 #if !defined(DX_PLAT_MUSCA_B1)
3357 //#include "region_defs.h"
3358 #endif
3359 
3360 #endif /* MBEDTLS_CONFIG_H */
3361