1 /** 2 * \file mbedtls_config.h 3 * 4 * \brief Configuration options (set of defines) 5 * 6 * This set of compile-time options may be used to enable 7 * or disable features selectively, and reduce the global 8 * memory footprint. 9 */ 10 /* 11 * Copyright The Mbed TLS Contributors 12 * SPDX-License-Identifier: Apache-2.0 13 * 14 * Licensed under the Apache License, Version 2.0 (the "License"); you may 15 * not use this file except in compliance with the License. 16 * You may obtain a copy of the License at 17 * 18 * http://www.apache.org/licenses/LICENSE-2.0 19 * 20 * Unless required by applicable law or agreed to in writing, software 21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 23 * See the License for the specific language governing permissions and 24 * limitations under the License. 25 */ 26 27 /** 28 * This is an optional version symbol that enables compatibility handling of 29 * config files. 30 * 31 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that 32 * introduced the config format we want to be compatible with. 33 */ 34 //#define MBEDTLS_CONFIG_VERSION 0x03000000 35 36 /** 37 * \name SECTION: System support 38 * 39 * This section sets system specific settings. 40 * \{ 41 */ 42 43 /** 44 * \def MBEDTLS_HAVE_ASM 45 * 46 * The compiler has support for asm(). 47 * 48 * Requires support for asm() in compiler. 49 * 50 * Used in: 51 * library/aesni.h 52 * library/aria.c 53 * library/bn_mul.h 54 * library/constant_time.c 55 * library/padlock.h 56 * 57 * Required by: 58 * MBEDTLS_AESCE_C 59 * MBEDTLS_AESNI_C (on some platforms) 60 * MBEDTLS_PADLOCK_C 61 * 62 * Comment to disable the use of assembly code. 63 */ 64 #define MBEDTLS_HAVE_ASM 65 66 /** 67 * \def MBEDTLS_NO_UDBL_DIVISION 68 * 69 * The platform lacks support for double-width integer division (64-bit 70 * division on a 32-bit platform, 128-bit division on a 64-bit platform). 71 * 72 * Used in: 73 * include/mbedtls/bignum.h 74 * library/bignum.c 75 * 76 * The bignum code uses double-width division to speed up some operations. 77 * Double-width division is often implemented in software that needs to 78 * be linked with the program. The presence of a double-width integer 79 * type is usually detected automatically through preprocessor macros, 80 * but the automatic detection cannot know whether the code needs to 81 * and can be linked with an implementation of division for that type. 82 * By default division is assumed to be usable if the type is present. 83 * Uncomment this option to prevent the use of double-width division. 84 * 85 * Note that division for the native integer type is always required. 86 * Furthermore, a 64-bit type is always required even on a 32-bit 87 * platform, but it need not support multiplication or division. In some 88 * cases it is also desirable to disable some double-width operations. For 89 * example, if double-width division is implemented in software, disabling 90 * it can reduce code size in some embedded targets. 91 */ 92 //#define MBEDTLS_NO_UDBL_DIVISION 93 94 /** 95 * \def MBEDTLS_NO_64BIT_MULTIPLICATION 96 * 97 * The platform lacks support for 32x32 -> 64-bit multiplication. 98 * 99 * Used in: 100 * library/poly1305.c 101 * 102 * Some parts of the library may use multiplication of two unsigned 32-bit 103 * operands with a 64-bit result in order to speed up computations. On some 104 * platforms, this is not available in hardware and has to be implemented in 105 * software, usually in a library provided by the toolchain. 106 * 107 * Sometimes it is not desirable to have to link to that library. This option 108 * removes the dependency of that library on platforms that lack a hardware 109 * 64-bit multiplier by embedding a software implementation in Mbed TLS. 110 * 111 * Note that depending on the compiler, this may decrease performance compared 112 * to using the library function provided by the toolchain. 113 */ 114 //#define MBEDTLS_NO_64BIT_MULTIPLICATION 115 116 /** 117 * \def MBEDTLS_HAVE_SSE2 118 * 119 * CPU supports SSE2 instruction set. 120 * 121 * Uncomment if the CPU supports SSE2 (IA-32 specific). 122 */ 123 //#define MBEDTLS_HAVE_SSE2 124 125 /** 126 * \def MBEDTLS_HAVE_TIME 127 * 128 * System has time.h and time(). 129 * The time does not need to be correct, only time differences are used, 130 * by contrast with MBEDTLS_HAVE_TIME_DATE 131 * 132 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, 133 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and 134 * MBEDTLS_PLATFORM_STD_TIME. 135 * 136 * Comment if your system does not support time functions. 137 * 138 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing 139 * interface - timing.c will include time.h on suitable platforms 140 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 141 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 142 */ 143 #define MBEDTLS_HAVE_TIME 144 145 /** 146 * \def MBEDTLS_HAVE_TIME_DATE 147 * 148 * System has time.h, time(), and an implementation for 149 * mbedtls_platform_gmtime_r() (see below). 150 * The time needs to be correct (not necessarily very accurate, but at least 151 * the date should be correct). This is used to verify the validity period of 152 * X.509 certificates. 153 * 154 * Comment if your system does not have a correct clock. 155 * 156 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that 157 * behaves similarly to the gmtime_r() function from the C standard. Refer to 158 * the documentation for mbedtls_platform_gmtime_r() for more information. 159 * 160 * \note It is possible to configure an implementation for 161 * mbedtls_platform_gmtime_r() at compile-time by using the macro 162 * MBEDTLS_PLATFORM_GMTIME_R_ALT. 163 */ 164 #define MBEDTLS_HAVE_TIME_DATE 165 166 /** 167 * \def MBEDTLS_PLATFORM_MEMORY 168 * 169 * Enable the memory allocation layer. 170 * 171 * By default mbed TLS uses the system-provided calloc() and free(). 172 * This allows different allocators (self-implemented or provided) to be 173 * provided to the platform abstraction layer. 174 * 175 * Enabling MBEDTLS_PLATFORM_MEMORY without the 176 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide 177 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and 178 * free() function pointer at runtime. 179 * 180 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying 181 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the 182 * alternate function at compile time. 183 * 184 * Requires: MBEDTLS_PLATFORM_C 185 * 186 * Enable this layer to allow use of alternative memory allocators. 187 */ 188 //#define MBEDTLS_PLATFORM_MEMORY 189 190 /** 191 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 192 * 193 * Do not assign standard functions in the platform layer (e.g. calloc() to 194 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) 195 * 196 * This makes sure there are no linking errors on platforms that do not support 197 * these functions. You will HAVE to provide alternatives, either at runtime 198 * via the platform_set_xxx() functions or at compile time by setting 199 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a 200 * MBEDTLS_PLATFORM_XXX_MACRO. 201 * 202 * Requires: MBEDTLS_PLATFORM_C 203 * 204 * Uncomment to prevent default assignment of standard functions in the 205 * platform layer. 206 */ 207 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 208 209 /** 210 * \def MBEDTLS_PLATFORM_EXIT_ALT 211 * 212 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the 213 * function in the platform abstraction layer. 214 * 215 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will 216 * provide a function "mbedtls_platform_set_printf()" that allows you to set an 217 * alternative printf function pointer. 218 * 219 * All these define require MBEDTLS_PLATFORM_C to be defined! 220 * 221 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; 222 * it will be enabled automatically by check_config.h 223 * 224 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as 225 * MBEDTLS_PLATFORM_XXX_MACRO! 226 * 227 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME 228 * 229 * Uncomment a macro to enable alternate implementation of specific base 230 * platform function 231 */ 232 //#define MBEDTLS_PLATFORM_SETBUF_ALT 233 //#define MBEDTLS_PLATFORM_EXIT_ALT 234 //#define MBEDTLS_PLATFORM_TIME_ALT 235 //#define MBEDTLS_PLATFORM_FPRINTF_ALT 236 //#define MBEDTLS_PLATFORM_PRINTF_ALT 237 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT 238 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT 239 //#define MBEDTLS_PLATFORM_NV_SEED_ALT 240 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT 241 242 /** 243 * \def MBEDTLS_DEPRECATED_WARNING 244 * 245 * Mark deprecated functions and features so that they generate a warning if 246 * used. Functionality deprecated in one version will usually be removed in the 247 * next version. You can enable this to help you prepare the transition to a 248 * new major version by making sure your code is not using this functionality. 249 * 250 * This only works with GCC and Clang. With other compilers, you may want to 251 * use MBEDTLS_DEPRECATED_REMOVED 252 * 253 * Uncomment to get warnings on using deprecated functions and features. 254 */ 255 //#define MBEDTLS_DEPRECATED_WARNING 256 257 /** 258 * \def MBEDTLS_DEPRECATED_REMOVED 259 * 260 * Remove deprecated functions and features so that they generate an error if 261 * used. Functionality deprecated in one version will usually be removed in the 262 * next version. You can enable this to help you prepare the transition to a 263 * new major version by making sure your code is not using this functionality. 264 * 265 * Uncomment to get errors on using deprecated functions and features. 266 */ 267 //#define MBEDTLS_DEPRECATED_REMOVED 268 269 /** \} name SECTION: System support */ 270 271 /** 272 * \name SECTION: mbed TLS feature support 273 * 274 * This section sets support for features that are or are not needed 275 * within the modules that are enabled. 276 * \{ 277 */ 278 279 /** 280 * \def MBEDTLS_TIMING_ALT 281 * 282 * Uncomment to provide your own alternate implementation for 283 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() 284 * 285 * Only works if you have MBEDTLS_TIMING_C enabled. 286 * 287 * You will need to provide a header "timing_alt.h" and an implementation at 288 * compile time. 289 */ 290 //#define MBEDTLS_TIMING_ALT 291 292 /** 293 * \def MBEDTLS_AES_ALT 294 * 295 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your 296 * alternate core implementation of a symmetric crypto, an arithmetic or hash 297 * module (e.g. platform specific assembly optimized implementations). Keep 298 * in mind that the function prototypes should remain the same. 299 * 300 * This replaces the whole module. If you only want to replace one of the 301 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. 302 * 303 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer 304 * provide the "struct mbedtls_aes_context" definition and omit the base 305 * function declarations and implementations. "aes_alt.h" will be included from 306 * "aes.h" to include the new function definitions. 307 * 308 * Uncomment a macro to enable alternate implementation of the corresponding 309 * module. 310 * 311 * \warning MD5, DES and SHA-1 are considered weak and their 312 * use constitutes a security risk. If possible, we recommend 313 * avoiding dependencies on them, and considering stronger message 314 * digests and ciphers instead. 315 * 316 */ 317 //#define MBEDTLS_AES_ALT 318 //#define MBEDTLS_ARIA_ALT 319 //#define MBEDTLS_CAMELLIA_ALT 320 //#define MBEDTLS_CCM_ALT 321 //#define MBEDTLS_CHACHA20_ALT 322 //#define MBEDTLS_CHACHAPOLY_ALT 323 //#define MBEDTLS_CMAC_ALT 324 //#define MBEDTLS_DES_ALT 325 //#define MBEDTLS_DHM_ALT 326 //#define MBEDTLS_ECJPAKE_ALT 327 //#define MBEDTLS_GCM_ALT 328 //#define MBEDTLS_NIST_KW_ALT 329 //#define MBEDTLS_MD5_ALT 330 //#define MBEDTLS_POLY1305_ALT 331 //#define MBEDTLS_RIPEMD160_ALT 332 //#define MBEDTLS_RSA_ALT 333 //#define MBEDTLS_SHA1_ALT 334 //#define MBEDTLS_SHA256_ALT 335 //#define MBEDTLS_SHA512_ALT 336 337 /* 338 * When replacing the elliptic curve module, please consider, that it is 339 * implemented with two .c files: 340 * - ecp.c 341 * - ecp_curves.c 342 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT 343 * macros as described above. The only difference is that you have to make sure 344 * that you provide functionality for both .c files. 345 */ 346 //#define MBEDTLS_ECP_ALT 347 348 /** 349 * \def MBEDTLS_SHA256_PROCESS_ALT 350 * 351 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you 352 * alternate core implementation of symmetric crypto or hash function. Keep in 353 * mind that function prototypes should remain the same. 354 * 355 * This replaces only one function. The header file from mbed TLS is still 356 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. 357 * 358 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will 359 * no longer provide the mbedtls_sha1_process() function, but it will still provide 360 * the other function (using your mbedtls_sha1_process() function) and the definition 361 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible 362 * with this definition. 363 * 364 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set 365 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES 366 * tables. 367 * 368 * Uncomment a macro to enable alternate implementation of the corresponding 369 * function. 370 * 371 * \warning MD5, DES and SHA-1 are considered weak and their use 372 * constitutes a security risk. If possible, we recommend avoiding 373 * dependencies on them, and considering stronger message digests 374 * and ciphers instead. 375 * 376 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are 377 * enabled, then the deterministic ECDH signature functions pass the 378 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore 379 * alternative implementations should use the RNG only for generating 380 * the ephemeral key and nothing else. If this is not possible, then 381 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative 382 * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). 383 * 384 */ 385 //#define MBEDTLS_MD5_PROCESS_ALT 386 //#define MBEDTLS_RIPEMD160_PROCESS_ALT 387 //#define MBEDTLS_SHA1_PROCESS_ALT 388 //#define MBEDTLS_SHA256_PROCESS_ALT 389 //#define MBEDTLS_SHA512_PROCESS_ALT 390 //#define MBEDTLS_DES_SETKEY_ALT 391 //#define MBEDTLS_DES_CRYPT_ECB_ALT 392 //#define MBEDTLS_DES3_CRYPT_ECB_ALT 393 //#define MBEDTLS_AES_SETKEY_ENC_ALT 394 //#define MBEDTLS_AES_SETKEY_DEC_ALT 395 //#define MBEDTLS_AES_ENCRYPT_ALT 396 //#define MBEDTLS_AES_DECRYPT_ALT 397 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT 398 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT 399 //#define MBEDTLS_ECDSA_VERIFY_ALT 400 //#define MBEDTLS_ECDSA_SIGN_ALT 401 //#define MBEDTLS_ECDSA_GENKEY_ALT 402 403 /** 404 * \def MBEDTLS_ECP_INTERNAL_ALT 405 * 406 * Expose a part of the internal interface of the Elliptic Curve Point module. 407 * 408 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your 409 * alternative core implementation of elliptic curve arithmetic. Keep in mind 410 * that function prototypes should remain the same. 411 * 412 * This partially replaces one function. The header file from mbed TLS is still 413 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation 414 * is still present and it is used for group structures not supported by the 415 * alternative. 416 * 417 * The original implementation can in addition be removed by setting the 418 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the 419 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be 420 * able to fallback to curves not supported by the alternative implementation. 421 * 422 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT 423 * and implementing the following functions: 424 * unsigned char mbedtls_internal_ecp_grp_capable( 425 * const mbedtls_ecp_group *grp ) 426 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) 427 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) 428 * The mbedtls_internal_ecp_grp_capable function should return 1 if the 429 * replacement functions implement arithmetic for the given group and 0 430 * otherwise. 431 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are 432 * called before and after each point operation and provide an opportunity to 433 * implement optimized set up and tear down instructions. 434 * 435 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and 436 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac() 437 * function, but will use your mbedtls_internal_ecp_double_jac() if the group 438 * for the operation is supported by your implementation (i.e. your 439 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the 440 * group is not supported by your implementation, then the original mbed TLS 441 * implementation of ecp_double_jac() is used instead, unless this fallback 442 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case 443 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). 444 * 445 * The function prototypes and the definition of mbedtls_ecp_group and 446 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your 447 * implementation of mbedtls_internal_ecp__function_name__ must be compatible 448 * with their definitions. 449 * 450 * Uncomment a macro to enable alternate implementation of the corresponding 451 * function. 452 */ 453 /* Required for all the functions in this section */ 454 //#define MBEDTLS_ECP_INTERNAL_ALT 455 /* Turn off software fallback for curves not supported in hardware */ 456 //#define MBEDTLS_ECP_NO_FALLBACK 457 /* Support for Weierstrass curves with Jacobi representation */ 458 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT 459 //#define MBEDTLS_ECP_ADD_MIXED_ALT 460 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT 461 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT 462 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT 463 /* Support for curves with Montgomery arithmetic */ 464 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT 465 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT 466 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT 467 468 /** 469 * \def MBEDTLS_ENTROPY_HARDWARE_ALT 470 * 471 * Uncomment this macro to let mbed TLS use your own implementation of a 472 * hardware entropy collector. 473 * 474 * Your function must be called \c mbedtls_hardware_poll(), have the same 475 * prototype as declared in library/entropy_poll.h, and accept NULL as first 476 * argument. 477 * 478 * Uncomment to use your own hardware entropy collector. 479 */ 480 //#define MBEDTLS_ENTROPY_HARDWARE_ALT 481 482 /** 483 * \def MBEDTLS_AES_ROM_TABLES 484 * 485 * Use precomputed AES tables stored in ROM. 486 * 487 * Uncomment this macro to use precomputed AES tables stored in ROM. 488 * Comment this macro to generate AES tables in RAM at runtime. 489 * 490 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb 491 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the 492 * initialization time before the first AES operation can be performed. 493 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c 494 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded 495 * performance if ROM access is slower than RAM access. 496 * 497 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. 498 * 499 */ 500 //#define MBEDTLS_AES_ROM_TABLES 501 502 /** 503 * \def MBEDTLS_AES_FEWER_TABLES 504 * 505 * Use less ROM/RAM for AES tables. 506 * 507 * Uncommenting this macro omits 75% of the AES tables from 508 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) 509 * by computing their values on the fly during operations 510 * (the tables are entry-wise rotations of one another). 511 * 512 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint 513 * by ~6kb but at the cost of more arithmetic operations during 514 * runtime. Specifically, one has to compare 4 accesses within 515 * different tables to 4 accesses with additional arithmetic 516 * operations within the same table. The performance gain/loss 517 * depends on the system and memory details. 518 * 519 * This option is independent of \c MBEDTLS_AES_ROM_TABLES. 520 * 521 */ 522 //#define MBEDTLS_AES_FEWER_TABLES 523 524 /** 525 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY 526 * 527 * Use less ROM for the Camellia implementation (saves about 768 bytes). 528 * 529 * Uncomment this macro to use less memory for Camellia. 530 */ 531 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY 532 533 /** 534 * \def MBEDTLS_CHECK_RETURN_WARNING 535 * 536 * If this macro is defined, emit a compile-time warning if application code 537 * calls a function without checking its return value, but the return value 538 * should generally be checked in portable applications. 539 * 540 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is 541 * implemented. Otherwise this option has no effect. 542 * 543 * Uncomment to get warnings on using fallible functions without checking 544 * their return value. 545 * 546 * \note This feature is a work in progress. 547 * Warnings will be added to more functions in the future. 548 * 549 * \note A few functions are considered critical, and ignoring the return 550 * value of these functions will trigger a warning even if this 551 * macro is not defined. To completely disable return value check 552 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion. 553 */ 554 //#define MBEDTLS_CHECK_RETURN_WARNING 555 556 /** 557 * \def MBEDTLS_CIPHER_MODE_CBC 558 * 559 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. 560 */ 561 #define MBEDTLS_CIPHER_MODE_CBC 562 563 /** 564 * \def MBEDTLS_CIPHER_MODE_CFB 565 * 566 * Enable Cipher Feedback mode (CFB) for symmetric ciphers. 567 */ 568 #define MBEDTLS_CIPHER_MODE_CFB 569 570 /** 571 * \def MBEDTLS_CIPHER_MODE_CTR 572 * 573 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. 574 */ 575 #define MBEDTLS_CIPHER_MODE_CTR 576 577 /** 578 * \def MBEDTLS_CIPHER_MODE_OFB 579 * 580 * Enable Output Feedback mode (OFB) for symmetric ciphers. 581 */ 582 #define MBEDTLS_CIPHER_MODE_OFB 583 584 /** 585 * \def MBEDTLS_CIPHER_MODE_XTS 586 * 587 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. 588 */ 589 #define MBEDTLS_CIPHER_MODE_XTS 590 591 /** 592 * \def MBEDTLS_CIPHER_NULL_CIPHER 593 * 594 * Enable NULL cipher. 595 * Warning: Only do so when you know what you are doing. This allows for 596 * encryption or channels without any security! 597 * 598 * To enable the following ciphersuites: 599 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 600 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 601 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 602 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 603 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 604 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 605 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 606 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 607 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 608 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 609 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 610 * MBEDTLS_TLS_RSA_WITH_NULL_SHA 611 * MBEDTLS_TLS_RSA_WITH_NULL_MD5 612 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 613 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 614 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 615 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 616 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 617 * MBEDTLS_TLS_PSK_WITH_NULL_SHA 618 * 619 * Uncomment this macro to enable the NULL cipher and ciphersuites 620 */ 621 //#define MBEDTLS_CIPHER_NULL_CIPHER 622 623 /** 624 * \def MBEDTLS_CIPHER_PADDING_PKCS7 625 * 626 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for 627 * specific padding modes in the cipher layer with cipher modes that support 628 * padding (e.g. CBC) 629 * 630 * If you disable all padding modes, only full blocks can be used with CBC. 631 * 632 * Enable padding modes in the cipher layer. 633 */ 634 #define MBEDTLS_CIPHER_PADDING_PKCS7 635 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS 636 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN 637 #define MBEDTLS_CIPHER_PADDING_ZEROS 638 639 /** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 640 * 641 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. 642 * By default, CTR_DRBG uses a 256-bit key. 643 */ 644 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 645 646 /** 647 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED 648 * 649 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve 650 * module. By default all supported curves are enabled. 651 * 652 * Comment macros to disable the curve and functions for it 653 */ 654 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ 655 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 656 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 657 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 658 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 659 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 660 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 661 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 662 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 663 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 664 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 665 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 666 /* Montgomery curves (supporting ECP) */ 667 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 668 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 669 670 /** 671 * \def MBEDTLS_ECP_NIST_OPTIM 672 * 673 * Enable specific 'modulo p' routines for each NIST prime. 674 * Depending on the prime and architecture, makes operations 4 to 8 times 675 * faster on the corresponding curve. 676 * 677 * Comment this macro to disable NIST curves optimisation. 678 */ 679 #define MBEDTLS_ECP_NIST_OPTIM 680 681 /** 682 * \def MBEDTLS_ECP_RESTARTABLE 683 * 684 * Enable "non-blocking" ECC operations that can return early and be resumed. 685 * 686 * This allows various functions to pause by returning 687 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, 688 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in 689 * order to further progress and eventually complete their operation. This is 690 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum 691 * number of ECC operations a function may perform before pausing; see 692 * mbedtls_ecp_set_max_ops() for more information. 693 * 694 * This is useful in non-threaded environments if you want to avoid blocking 695 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. 696 * 697 * This option: 698 * - Adds xxx_restartable() variants of existing operations in the 699 * following modules, with corresponding restart context types: 700 * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), 701 * linear combination (muladd); 702 * - ECDSA: signature generation & verification; 703 * - PK: signature generation & verification; 704 * - X509: certificate chain verification. 705 * - Adds mbedtls_ecdh_enable_restart() in the ECDH module. 706 * - Changes the behaviour of TLS 1.2 clients (not servers) when using the 707 * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC 708 * computations restartable: 709 * - ECDH operations from the key exchange, only for Short Weierstrass 710 * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled. 711 * - verification of the server's key exchange signature; 712 * - verification of the server's certificate chain; 713 * - generation of the client's signature if client authentication is used, 714 * with an ECC key/certificate. 715 * 716 * \note In the cases above, the usual SSL/TLS functions, such as 717 * mbedtls_ssl_handshake(), can now return 718 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. 719 * 720 * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled, 721 * restartable operations in PK, X.509 and TLS (see above) are not 722 * using PSA. On the other hand, ECDH computations in TLS are using 723 * PSA, and are not restartable. These are temporary limitations that 724 * should be lifted in the future. 725 * 726 * \note This option only works with the default software implementation of 727 * elliptic curve functionality. It is incompatible with 728 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. 729 * 730 * Requires: MBEDTLS_ECP_C 731 * 732 * Uncomment this macro to enable restartable ECC computations. 733 */ 734 //#define MBEDTLS_ECP_RESTARTABLE 735 736 /** 737 * \def MBEDTLS_ECDSA_DETERMINISTIC 738 * 739 * Enable deterministic ECDSA (RFC 6979). 740 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing 741 * may result in a compromise of the long-term signing key. This is avoided by 742 * the deterministic variant. 743 * 744 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C 745 * 746 * Comment this macro to disable deterministic ECDSA. 747 */ 748 #define MBEDTLS_ECDSA_DETERMINISTIC 749 750 /** 751 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 752 * 753 * Enable the PSK based ciphersuite modes in SSL / TLS. 754 * 755 * This enables the following ciphersuites (if other requisites are 756 * enabled as well): 757 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 758 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 759 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 760 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 761 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 762 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 763 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 764 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 765 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 766 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 767 */ 768 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 769 770 /** 771 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 772 * 773 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. 774 * 775 * Requires: MBEDTLS_DHM_C 776 * 777 * This enables the following ciphersuites (if other requisites are 778 * enabled as well): 779 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 780 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 781 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 782 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 783 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 784 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 785 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 786 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 787 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 788 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 789 * 790 * \warning Using DHE constitutes a security risk as it 791 * is not possible to validate custom DH parameters. 792 * If possible, it is recommended users should consider 793 * preferring other methods of key exchange. 794 * See dhm.h for more details. 795 * 796 */ 797 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 798 799 /** 800 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 801 * 802 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. 803 * 804 * Requires: MBEDTLS_ECDH_C 805 * 806 * This enables the following ciphersuites (if other requisites are 807 * enabled as well): 808 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 809 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 810 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 811 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 812 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 813 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 814 */ 815 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 816 817 /** 818 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 819 * 820 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. 821 * 822 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 823 * MBEDTLS_X509_CRT_PARSE_C 824 * 825 * This enables the following ciphersuites (if other requisites are 826 * enabled as well): 827 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 828 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 829 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 830 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 831 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 832 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 833 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 834 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 835 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 836 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 837 */ 838 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 839 840 /** 841 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 842 * 843 * Enable the RSA-only based ciphersuite modes in SSL / TLS. 844 * 845 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 846 * MBEDTLS_X509_CRT_PARSE_C 847 * 848 * This enables the following ciphersuites (if other requisites are 849 * enabled as well): 850 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 851 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 852 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 853 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 854 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 855 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 856 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 857 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 858 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 859 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 860 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 861 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 862 */ 863 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 864 865 /** 866 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 867 * 868 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. 869 * 870 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 871 * MBEDTLS_X509_CRT_PARSE_C 872 * 873 * This enables the following ciphersuites (if other requisites are 874 * enabled as well): 875 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 876 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 877 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 878 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 879 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 880 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 881 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 882 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 883 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 884 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 885 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 886 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 887 * 888 * \warning Using DHE constitutes a security risk as it 889 * is not possible to validate custom DH parameters. 890 * If possible, it is recommended users should consider 891 * preferring other methods of key exchange. 892 * See dhm.h for more details. 893 * 894 */ 895 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 896 897 /** 898 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 899 * 900 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. 901 * 902 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 903 * MBEDTLS_X509_CRT_PARSE_C 904 * 905 * This enables the following ciphersuites (if other requisites are 906 * enabled as well): 907 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 908 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 909 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 910 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 911 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 912 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 913 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 914 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 915 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 916 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 917 */ 918 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 919 920 /** 921 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 922 * 923 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. 924 * 925 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, 926 * 927 * This enables the following ciphersuites (if other requisites are 928 * enabled as well): 929 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 930 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 931 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 932 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 933 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 934 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 935 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 936 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 937 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 938 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 939 */ 940 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 941 942 /** 943 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 944 * 945 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. 946 * 947 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C 948 * 949 * This enables the following ciphersuites (if other requisites are 950 * enabled as well): 951 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 952 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 953 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 954 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 955 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 956 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 957 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 958 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 959 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 960 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 961 */ 962 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 963 964 /** 965 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 966 * 967 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. 968 * 969 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C 970 * 971 * This enables the following ciphersuites (if other requisites are 972 * enabled as well): 973 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 974 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 975 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 976 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 977 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 978 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 979 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 980 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 981 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 982 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 983 */ 984 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 985 986 /** 987 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 988 * 989 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. 990 * 991 * \warning This is currently experimental. EC J-PAKE support is based on the 992 * Thread v1.0.0 specification; incompatible changes to the specification 993 * might still happen. For this reason, this is disabled by default. 994 * 995 * Requires: MBEDTLS_ECJPAKE_C 996 * SHA-256 (via MD if present, or via PSA, see MBEDTLS_ECJPAKE_C) 997 * MBEDTLS_ECP_DP_SECP256R1_ENABLED 998 * 999 * This enables the following ciphersuites (if other requisites are 1000 * enabled as well): 1001 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 1002 */ 1003 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1004 1005 /** 1006 * \def MBEDTLS_PK_PARSE_EC_EXTENDED 1007 * 1008 * Enhance support for reading EC keys using variants of SEC1 not allowed by 1009 * RFC 5915 and RFC 5480. 1010 * 1011 * Currently this means parsing the SpecifiedECDomain choice of EC 1012 * parameters (only known groups are supported, not arbitrary domains, to 1013 * avoid validation issues). 1014 * 1015 * Disable if you only need to support RFC 5915 + 5480 key formats. 1016 */ 1017 #define MBEDTLS_PK_PARSE_EC_EXTENDED 1018 1019 /** 1020 * \def MBEDTLS_ERROR_STRERROR_DUMMY 1021 * 1022 * Enable a dummy error function to make use of mbedtls_strerror() in 1023 * third party libraries easier when MBEDTLS_ERROR_C is disabled 1024 * (no effect when MBEDTLS_ERROR_C is enabled). 1025 * 1026 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're 1027 * not using mbedtls_strerror() or error_strerror() in your application. 1028 * 1029 * Disable if you run into name conflicts and want to really remove the 1030 * mbedtls_strerror() 1031 */ 1032 #define MBEDTLS_ERROR_STRERROR_DUMMY 1033 1034 /** 1035 * \def MBEDTLS_GENPRIME 1036 * 1037 * Enable the prime-number generation code. 1038 * 1039 * Requires: MBEDTLS_BIGNUM_C 1040 */ 1041 #define MBEDTLS_GENPRIME 1042 1043 /** 1044 * \def MBEDTLS_FS_IO 1045 * 1046 * Enable functions that use the filesystem. 1047 */ 1048 #define MBEDTLS_FS_IO 1049 1050 /** 1051 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1052 * 1053 * Do not add default entropy sources in mbedtls_entropy_init(). 1054 * 1055 * This is useful to have more control over the added entropy sources in an 1056 * application. 1057 * 1058 * Uncomment this macro to prevent loading of default entropy functions. 1059 */ 1060 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1061 1062 /** 1063 * \def MBEDTLS_NO_PLATFORM_ENTROPY 1064 * 1065 * Do not use built-in platform entropy functions. 1066 * This is useful if your platform does not support 1067 * standards like the /dev/urandom or Windows CryptoAPI. 1068 * 1069 * Uncomment this macro to disable the built-in platform entropy functions. 1070 */ 1071 //#define MBEDTLS_NO_PLATFORM_ENTROPY 1072 1073 /** 1074 * \def MBEDTLS_ENTROPY_FORCE_SHA256 1075 * 1076 * Force the entropy accumulator to use a SHA-256 accumulator instead of the 1077 * default SHA-512 based one (if both are available). 1078 * 1079 * Requires: MBEDTLS_SHA256_C 1080 * 1081 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option 1082 * if you have performance concerns. 1083 * 1084 * This option is only useful if both MBEDTLS_SHA256_C and 1085 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. 1086 */ 1087 //#define MBEDTLS_ENTROPY_FORCE_SHA256 1088 1089 /** 1090 * \def MBEDTLS_ENTROPY_NV_SEED 1091 * 1092 * Enable the non-volatile (NV) seed file-based entropy source. 1093 * (Also enables the NV seed read/write functions in the platform layer) 1094 * 1095 * This is crucial (if not required) on systems that do not have a 1096 * cryptographic entropy source (in hardware or kernel) available. 1097 * 1098 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C 1099 * 1100 * \note The read/write functions that are used by the entropy source are 1101 * determined in the platform layer, and can be modified at runtime and/or 1102 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. 1103 * 1104 * \note If you use the default implementation functions that read a seedfile 1105 * with regular fopen(), please make sure you make a seedfile with the 1106 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at 1107 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from 1108 * and written to or you will get an entropy source error! The default 1109 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE 1110 * bytes from the file. 1111 * 1112 * \note The entropy collector will write to the seed file before entropy is 1113 * given to an external source, to update it. 1114 */ 1115 //#define MBEDTLS_ENTROPY_NV_SEED 1116 1117 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1118 * 1119 * Enable key identifiers that encode a key owner identifier. 1120 * 1121 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t 1122 * which is currently hard-coded to be int32_t. 1123 * 1124 * Note that this option is meant for internal use only and may be removed 1125 * without notice. 1126 */ 1127 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1128 1129 /** 1130 * \def MBEDTLS_MEMORY_DEBUG 1131 * 1132 * Enable debugging of buffer allocator memory issues. Automatically prints 1133 * (to stderr) all (fatal) messages on memory allocation issues. Enables 1134 * function for 'debug output' of allocated memory. 1135 * 1136 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1137 * 1138 * Uncomment this macro to let the buffer allocator print out error messages. 1139 */ 1140 //#define MBEDTLS_MEMORY_DEBUG 1141 1142 /** 1143 * \def MBEDTLS_MEMORY_BACKTRACE 1144 * 1145 * Include backtrace information with each allocated block. 1146 * 1147 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1148 * GLIBC-compatible backtrace() and backtrace_symbols() support 1149 * 1150 * Uncomment this macro to include backtrace information 1151 */ 1152 //#define MBEDTLS_MEMORY_BACKTRACE 1153 1154 /** 1155 * \def MBEDTLS_PK_RSA_ALT_SUPPORT 1156 * 1157 * Support external private RSA keys (eg from a HSM) in the PK layer. 1158 * 1159 * Comment this macro to disable support for external private RSA keys. 1160 */ 1161 #define MBEDTLS_PK_RSA_ALT_SUPPORT 1162 1163 /** 1164 * \def MBEDTLS_PKCS1_V15 1165 * 1166 * Enable support for PKCS#1 v1.5 encoding. 1167 * 1168 * Requires: MBEDTLS_RSA_C 1169 * 1170 * This enables support for PKCS#1 v1.5 operations. 1171 */ 1172 #define MBEDTLS_PKCS1_V15 1173 1174 /** 1175 * \def MBEDTLS_PKCS1_V21 1176 * 1177 * Enable support for PKCS#1 v2.1 encoding. 1178 * 1179 * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C). 1180 * 1181 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 1182 * before doing any PKCS#1 v2.1 operation. 1183 * 1184 * \warning When building with MBEDTLS_MD_C, all hashes used with this 1185 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 1186 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 1187 * this module in builds where MBEDTLS_MD_C is disabled. 1188 * 1189 * This enables support for RSAES-OAEP and RSASSA-PSS operations. 1190 */ 1191 #define MBEDTLS_PKCS1_V21 1192 1193 /** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1194 * 1195 * Enable support for platform built-in keys. If you enable this feature, 1196 * you must implement the function mbedtls_psa_platform_get_builtin_key(). 1197 * See the documentation of that function for more information. 1198 * 1199 * Built-in keys are typically derived from a hardware unique key or 1200 * stored in a secure element. 1201 * 1202 * Requires: MBEDTLS_PSA_CRYPTO_C. 1203 * 1204 * \warning This interface is experimental and may change or be removed 1205 * without notice. 1206 */ 1207 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1208 1209 /** \def MBEDTLS_PSA_CRYPTO_CLIENT 1210 * 1211 * Enable support for PSA crypto client. 1212 * 1213 * \note This option allows to include the code necessary for a PSA 1214 * crypto client when the PSA crypto implementation is not included in 1215 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the 1216 * code to set and get PSA key attributes. 1217 * The development of PSA drivers partially relying on the library to 1218 * fulfill the hardware gaps is another possible usage of this option. 1219 * 1220 * \warning This interface is experimental and may change or be removed 1221 * without notice. 1222 */ 1223 //#define MBEDTLS_PSA_CRYPTO_CLIENT 1224 1225 /** \def MBEDTLS_PSA_CRYPTO_DRIVERS 1226 * 1227 * Enable support for the experimental PSA crypto driver interface. 1228 * 1229 * Requires: MBEDTLS_PSA_CRYPTO_C 1230 * 1231 * \warning This interface is experimental. We intend to maintain backward 1232 * compatibility with application code that relies on drivers, 1233 * but the driver interfaces may change without notice. 1234 */ 1235 //#define MBEDTLS_PSA_CRYPTO_DRIVERS 1236 1237 /** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1238 * 1239 * Make the PSA Crypto module use an external random generator provided 1240 * by a driver, instead of Mbed TLS's entropy and DRBG modules. 1241 * 1242 * \note This random generator must deliver random numbers with cryptographic 1243 * quality and high performance. It must supply unpredictable numbers 1244 * with a uniform distribution. The implementation of this function 1245 * is responsible for ensuring that the random generator is seeded 1246 * with sufficient entropy. If you have a hardware TRNG which is slow 1247 * or delivers non-uniform output, declare it as an entropy source 1248 * with mbedtls_entropy_add_source() instead of enabling this option. 1249 * 1250 * If you enable this option, you must configure the type 1251 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h 1252 * and define a function called mbedtls_psa_external_get_random() 1253 * with the following prototype: 1254 * ``` 1255 * psa_status_t mbedtls_psa_external_get_random( 1256 * mbedtls_psa_external_random_context_t *context, 1257 * uint8_t *output, size_t output_size, size_t *output_length); 1258 * ); 1259 * ``` 1260 * The \c context value is initialized to 0 before the first call. 1261 * The function must fill the \c output buffer with \p output_size bytes 1262 * of random data and set \c *output_length to \p output_size. 1263 * 1264 * Requires: MBEDTLS_PSA_CRYPTO_C 1265 * 1266 * \warning If you enable this option, code that uses the PSA cryptography 1267 * interface will not use any of the entropy sources set up for 1268 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED 1269 * enables. 1270 * 1271 * \note This option is experimental and may be removed without notice. 1272 */ 1273 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1274 1275 /** 1276 * \def MBEDTLS_PSA_CRYPTO_SPM 1277 * 1278 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure 1279 * Partition Manager) integration which separates the code into two parts: a 1280 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process 1281 * Environment). 1282 * 1283 * Module: library/psa_crypto.c 1284 * Requires: MBEDTLS_PSA_CRYPTO_C 1285 * 1286 */ 1287 //#define MBEDTLS_PSA_CRYPTO_SPM 1288 1289 /** 1290 * \def MBEDTLS_PSA_INJECT_ENTROPY 1291 * 1292 * Enable support for entropy injection at first boot. This feature is 1293 * required on systems that do not have a built-in entropy source (TRNG). 1294 * This feature is currently not supported on systems that have a built-in 1295 * entropy source. 1296 * 1297 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED 1298 * 1299 */ 1300 //#define MBEDTLS_PSA_INJECT_ENTROPY 1301 1302 /** 1303 * \def MBEDTLS_RSA_NO_CRT 1304 * 1305 * Do not use the Chinese Remainder Theorem 1306 * for the RSA private operation. 1307 * 1308 * Uncomment this macro to disable the use of CRT in RSA. 1309 * 1310 */ 1311 //#define MBEDTLS_RSA_NO_CRT 1312 1313 /** 1314 * \def MBEDTLS_SELF_TEST 1315 * 1316 * Enable the checkup functions (*_self_test). 1317 */ 1318 #define MBEDTLS_SELF_TEST 1319 1320 /** 1321 * \def MBEDTLS_SHA256_SMALLER 1322 * 1323 * Enable an implementation of SHA-256 that has lower ROM footprint but also 1324 * lower performance. 1325 * 1326 * The default implementation is meant to be a reasonable compromise between 1327 * performance and size. This version optimizes more aggressively for size at 1328 * the expense of performance. Eg on Cortex-M4 it reduces the size of 1329 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 1330 * 30%. 1331 * 1332 * Uncomment to enable the smaller implementation of SHA256. 1333 */ 1334 //#define MBEDTLS_SHA256_SMALLER 1335 1336 /** 1337 * \def MBEDTLS_SHA512_SMALLER 1338 * 1339 * Enable an implementation of SHA-512 that has lower ROM footprint but also 1340 * lower performance. 1341 * 1342 * Uncomment to enable the smaller implementation of SHA512. 1343 */ 1344 //#define MBEDTLS_SHA512_SMALLER 1345 1346 /** 1347 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES 1348 * 1349 * Enable sending of alert messages in case of encountered errors as per RFC. 1350 * If you choose not to send the alert messages, mbed TLS can still communicate 1351 * with other servers, only debugging of failures is harder. 1352 * 1353 * The advantage of not sending alert messages, is that no information is given 1354 * about reasons for failures thus preventing adversaries of gaining intel. 1355 * 1356 * Enable sending of all alert messages 1357 */ 1358 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES 1359 1360 /** 1361 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID 1362 * 1363 * Enable support for the DTLS Connection ID (CID) extension, 1364 * which allows to identify DTLS connections across changes 1365 * in the underlying transport. The CID functionality is described 1366 * in RFC 9146. 1367 * 1368 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, 1369 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and 1370 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for 1371 * more information. 1372 * 1373 * The maximum lengths of outgoing and incoming CIDs can be configured 1374 * through the options 1375 * - MBEDTLS_SSL_CID_OUT_LEN_MAX 1376 * - MBEDTLS_SSL_CID_IN_LEN_MAX. 1377 * 1378 * Requires: MBEDTLS_SSL_PROTO_DTLS 1379 * 1380 * Uncomment to enable the Connection ID extension. 1381 */ 1382 #define MBEDTLS_SSL_DTLS_CONNECTION_ID 1383 1384 1385 /** 1386 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1387 * 1388 * Defines whether RFC 9146 (default) or the legacy version 1389 * (version draft-ietf-tls-dtls-connection-id-05, 1390 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) 1391 * is used. 1392 * 1393 * Set the value to 0 for the standard version, and 1394 * 1 for the legacy draft version. 1395 * 1396 * \deprecated Support for the legacy version of the DTLS 1397 * Connection ID feature is deprecated. Please 1398 * switch to the standardized version defined 1399 * in RFC 9146 enabled by utilizing 1400 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use 1401 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. 1402 * 1403 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID 1404 */ 1405 #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 1406 1407 /** 1408 * \def MBEDTLS_SSL_ASYNC_PRIVATE 1409 * 1410 * Enable asynchronous external private key operations in SSL. This allows 1411 * you to configure an SSL connection to call an external cryptographic 1412 * module to perform private key operations instead of performing the 1413 * operation inside the library. 1414 * 1415 * Requires: MBEDTLS_X509_CRT_PARSE_C 1416 */ 1417 //#define MBEDTLS_SSL_ASYNC_PRIVATE 1418 1419 /** 1420 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION 1421 * 1422 * Enable serialization of the TLS context structures, through use of the 1423 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load(). 1424 * 1425 * This pair of functions allows one side of a connection to serialize the 1426 * context associated with the connection, then free or re-use that context 1427 * while the serialized state is persisted elsewhere, and finally deserialize 1428 * that state to a live context for resuming read/write operations on the 1429 * connection. From a protocol perspective, the state of the connection is 1430 * unaffected, in particular this is entirely transparent to the peer. 1431 * 1432 * Note: this is distinct from TLS session resumption, which is part of the 1433 * protocol and fully visible by the peer. TLS session resumption enables 1434 * establishing new connections associated to a saved session with shorter, 1435 * lighter handshakes, while context serialization is a local optimization in 1436 * handling a single, potentially long-lived connection. 1437 * 1438 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are 1439 * saved after the handshake to allow for more efficient serialization, so if 1440 * you don't need this feature you'll save RAM by disabling it. 1441 * 1442 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C 1443 * 1444 * Comment to disable the context serialization APIs. 1445 */ 1446 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION 1447 1448 /** 1449 * \def MBEDTLS_SSL_DEBUG_ALL 1450 * 1451 * Enable the debug messages in SSL module for all issues. 1452 * Debug messages have been disabled in some places to prevent timing 1453 * attacks due to (unbalanced) debugging function calls. 1454 * 1455 * If you need all error reporting you should enable this during debugging, 1456 * but remove this for production servers that should log as well. 1457 * 1458 * Uncomment this macro to report all debug messages on errors introducing 1459 * a timing side-channel. 1460 * 1461 */ 1462 //#define MBEDTLS_SSL_DEBUG_ALL 1463 1464 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC 1465 * 1466 * Enable support for Encrypt-then-MAC, RFC 7366. 1467 * 1468 * This allows peers that both support it to use a more robust protection for 1469 * ciphersuites using CBC, providing deep resistance against timing attacks 1470 * on the padding or underlying cipher. 1471 * 1472 * This only affects CBC ciphersuites, and is useless if none is defined. 1473 * 1474 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1475 * 1476 * Comment this macro to disable support for Encrypt-then-MAC 1477 */ 1478 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC 1479 1480 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1481 * 1482 * Enable support for RFC 7627: Session Hash and Extended Master Secret 1483 * Extension. 1484 * 1485 * This was introduced as "the proper fix" to the Triple Handshake family of 1486 * attacks, but it is recommended to always use it (even if you disable 1487 * renegotiation), since it actually fixes a more fundamental issue in the 1488 * original SSL/TLS design, and has implications beyond Triple Handshake. 1489 * 1490 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1491 * 1492 * Comment this macro to disable support for Extended Master Secret. 1493 */ 1494 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1495 1496 /** 1497 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1498 * 1499 * This option controls the availability of the API mbedtls_ssl_get_peer_cert() 1500 * giving access to the peer's certificate after completion of the handshake. 1501 * 1502 * Unless you need mbedtls_ssl_peer_cert() in your application, it is 1503 * recommended to disable this option for reduced RAM usage. 1504 * 1505 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still 1506 * defined, but always returns \c NULL. 1507 * 1508 * \note This option has no influence on the protection against the 1509 * triple handshake attack. Even if it is disabled, Mbed TLS will 1510 * still ensure that certificates do not change during renegotiation, 1511 * for example by keeping a hash of the peer's certificate. 1512 * 1513 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set. 1514 * 1515 * Comment this macro to disable storing the peer's certificate 1516 * after the handshake. 1517 */ 1518 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1519 1520 /** 1521 * \def MBEDTLS_SSL_RENEGOTIATION 1522 * 1523 * Enable support for TLS renegotiation. 1524 * 1525 * The two main uses of renegotiation are (1) refresh keys on long-lived 1526 * connections and (2) client authentication after the initial handshake. 1527 * If you don't need renegotiation, it's probably better to disable it, since 1528 * it has been associated with security issues in the past and is easy to 1529 * misuse/misunderstand. 1530 * 1531 * Comment this to disable support for renegotiation. 1532 * 1533 * \note Even if this option is disabled, both client and server are aware 1534 * of the Renegotiation Indication Extension (RFC 5746) used to 1535 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). 1536 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the 1537 * configuration of this extension). 1538 * 1539 */ 1540 #define MBEDTLS_SSL_RENEGOTIATION 1541 1542 /** 1543 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1544 * 1545 * Enable support for RFC 6066 max_fragment_length extension in SSL. 1546 * 1547 * Comment this macro to disable support for the max_fragment_length extension 1548 */ 1549 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1550 1551 /** 1552 * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT 1553 * 1554 * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). 1555 * 1556 * \warning This extension is currently in development and must NOT be used except 1557 * for testing purposes. 1558 * 1559 * Requires: MBEDTLS_SSL_PROTO_TLS1_3 1560 * 1561 * Uncomment this macro to enable support for the record_size_limit extension 1562 */ 1563 //#define MBEDTLS_SSL_RECORD_SIZE_LIMIT 1564 1565 /** 1566 * \def MBEDTLS_SSL_PROTO_TLS1_2 1567 * 1568 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). 1569 * 1570 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and 1571 * (MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C) 1572 * With MBEDTLS_USE_PSA_CRYPTO: 1573 * PSA_WANT_ALG_SHA_1 or PSA_WANT_ALG_SHA_256 or 1574 * PSA_WANT_ALG_SHA_512 1575 * 1576 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 1577 * psa_crypto_init() before doing any TLS operations. 1578 * 1579 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 1580 */ 1581 #define MBEDTLS_SSL_PROTO_TLS1_2 1582 1583 /** 1584 * \def MBEDTLS_SSL_PROTO_TLS1_3 1585 * 1586 * Enable support for TLS 1.3. 1587 * 1588 * \note The support for TLS 1.3 is not comprehensive yet, in particular 1589 * pre-shared keys are not supported. 1590 * See docs/architecture/tls13-support.md for a description of the TLS 1591 * 1.3 support that this option enables. 1592 * 1593 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1594 * Requires: MBEDTLS_PSA_CRYPTO_C 1595 * 1596 * \note TLS 1.3 uses PSA crypto for cryptographic operations that are 1597 * directly performed by TLS 1.3 code. As a consequence, you must 1598 * call psa_crypto_init() before the first TLS 1.3 handshake. 1599 * 1600 * \note Cryptographic operations performed indirectly via another module 1601 * (X.509, PK) or by code shared with TLS 1.2 (record protection, 1602 * running handshake hash) only use PSA crypto if 1603 * #MBEDTLS_USE_PSA_CRYPTO is enabled. 1604 * 1605 * Uncomment this macro to enable the support for TLS 1.3. 1606 */ 1607 //#define MBEDTLS_SSL_PROTO_TLS1_3 1608 1609 /** 1610 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1611 * 1612 * Enable TLS 1.3 middlebox compatibility mode. 1613 * 1614 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility 1615 * mode to make a TLS 1.3 connection more likely to pass through middle boxes 1616 * expecting TLS 1.2 traffic. 1617 * 1618 * Turning on the compatibility mode comes at the cost of a few added bytes 1619 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations 1620 * that don't use it. Therefore, unless transmission bandwidth is critical and 1621 * you know that middlebox compatibility issues won't occur, it is therefore 1622 * recommended to set this option. 1623 * 1624 * Comment to disable compatibility mode for TLS 1.3. If 1625 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1626 * effect on the build. 1627 * 1628 */ 1629 //#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1630 1631 /** 1632 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1633 * 1634 * Enable TLS 1.3 PSK key exchange mode. 1635 * 1636 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If 1637 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1638 * effect on the build. 1639 * 1640 */ 1641 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1642 1643 /** 1644 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1645 * 1646 * Enable TLS 1.3 ephemeral key exchange mode. 1647 * 1648 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C, MBEDTLS_ECDSA_C or 1649 * MBEDTLS_PKCS1_V21 1650 * 1651 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. 1652 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1653 * effect on the build. 1654 * 1655 */ 1656 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1657 1658 /** 1659 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1660 * 1661 * Enable TLS 1.3 PSK ephemeral key exchange mode. 1662 * 1663 * Requires: MBEDTLS_ECDH_C 1664 * 1665 * Comment to disable support for the PSK ephemeral key exchange mode in 1666 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not 1667 * have any effect on the build. 1668 * 1669 */ 1670 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1671 1672 /** 1673 * \def MBEDTLS_SSL_EARLY_DATA 1674 * 1675 * Enable support for RFC 8446 TLS 1.3 early data. 1676 * 1677 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either 1678 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or 1679 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1680 * 1681 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 1682 * is not enabled, this option does not have any effect on the build. 1683 * 1684 * This feature is experimental, not completed and thus not ready for 1685 * production. 1686 * 1687 */ 1688 //#define MBEDTLS_SSL_EARLY_DATA 1689 1690 /** 1691 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1692 * 1693 * The default maximum amount of 0-RTT data. See the documentation of 1694 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. 1695 * 1696 * It must be positive and smaller than UINT32_MAX. 1697 * 1698 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not 1699 * have any impact on the build. 1700 * 1701 * This feature is experimental, not completed and thus not ready for 1702 * production. 1703 * 1704 */ 1705 #define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 1706 1707 /** 1708 * \def MBEDTLS_SSL_PROTO_DTLS 1709 * 1710 * Enable support for DTLS (all available versions). 1711 * 1712 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. 1713 * 1714 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1715 * 1716 * Comment this macro to disable support for DTLS 1717 */ 1718 #define MBEDTLS_SSL_PROTO_DTLS 1719 1720 /** 1721 * \def MBEDTLS_SSL_ALPN 1722 * 1723 * Enable support for RFC 7301 Application Layer Protocol Negotiation. 1724 * 1725 * Comment this macro to disable support for ALPN. 1726 */ 1727 #define MBEDTLS_SSL_ALPN 1728 1729 /** 1730 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY 1731 * 1732 * Enable support for the anti-replay mechanism in DTLS. 1733 * 1734 * Requires: MBEDTLS_SSL_TLS_C 1735 * MBEDTLS_SSL_PROTO_DTLS 1736 * 1737 * \warning Disabling this is often a security risk! 1738 * See mbedtls_ssl_conf_dtls_anti_replay() for details. 1739 * 1740 * Comment this to disable anti-replay in DTLS. 1741 */ 1742 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY 1743 1744 /** 1745 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY 1746 * 1747 * Enable support for HelloVerifyRequest on DTLS servers. 1748 * 1749 * This feature is highly recommended to prevent DTLS servers being used as 1750 * amplifiers in DoS attacks against other hosts. It should always be enabled 1751 * unless you know for sure amplification cannot be a problem in the 1752 * environment in which your server operates. 1753 * 1754 * \warning Disabling this can be a security risk! (see above) 1755 * 1756 * Requires: MBEDTLS_SSL_PROTO_DTLS 1757 * 1758 * Comment this to disable support for HelloVerifyRequest. 1759 */ 1760 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY 1761 1762 /** 1763 * \def MBEDTLS_SSL_DTLS_SRTP 1764 * 1765 * Enable support for negotiation of DTLS-SRTP (RFC 5764) 1766 * through the use_srtp extension. 1767 * 1768 * \note This feature provides the minimum functionality required 1769 * to negotiate the use of DTLS-SRTP and to allow the derivation of 1770 * the associated SRTP packet protection key material. 1771 * In particular, the SRTP packet protection itself, as well as the 1772 * demultiplexing of RTP and DTLS packets at the datagram layer 1773 * (see Section 5 of RFC 5764), are not handled by this feature. 1774 * Instead, after successful completion of a handshake negotiating 1775 * the use of DTLS-SRTP, the extended key exporter API 1776 * mbedtls_ssl_conf_export_keys_cb() should be used to implement 1777 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 1778 * (this is implemented in the SSL example programs). 1779 * The resulting key should then be passed to an SRTP stack. 1780 * 1781 * Setting this option enables the runtime API 1782 * mbedtls_ssl_conf_dtls_srtp_protection_profiles() 1783 * through which the supported DTLS-SRTP protection 1784 * profiles can be configured. You must call this API at 1785 * runtime if you wish to negotiate the use of DTLS-SRTP. 1786 * 1787 * Requires: MBEDTLS_SSL_PROTO_DTLS 1788 * 1789 * Uncomment this to enable support for use_srtp extension. 1790 */ 1791 //#define MBEDTLS_SSL_DTLS_SRTP 1792 1793 /** 1794 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1795 * 1796 * Enable server-side support for clients that reconnect from the same port. 1797 * 1798 * Some clients unexpectedly close the connection and try to reconnect using the 1799 * same source port. This needs special support from the server to handle the 1800 * new connection securely, as described in section 4.2.8 of RFC 6347. This 1801 * flag enables that support. 1802 * 1803 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY 1804 * 1805 * Comment this to disable support for clients reusing the source port. 1806 */ 1807 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1808 1809 /** 1810 * \def MBEDTLS_SSL_SESSION_TICKETS 1811 * 1812 * Enable support for RFC 5077 session tickets in SSL. 1813 * Client-side, provides full support for session tickets (maintenance of a 1814 * session store remains the responsibility of the application, though). 1815 * Server-side, you also need to provide callbacks for writing and parsing 1816 * tickets, including authenticated encryption and key management. Example 1817 * callbacks are provided by MBEDTLS_SSL_TICKET_C. 1818 * 1819 * Comment this macro to disable support for SSL session tickets 1820 */ 1821 #define MBEDTLS_SSL_SESSION_TICKETS 1822 1823 /** 1824 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION 1825 * 1826 * Enable support for RFC 6066 server name indication (SNI) in SSL. 1827 * 1828 * Requires: MBEDTLS_X509_CRT_PARSE_C 1829 * 1830 * Comment this macro to disable support for server name indication in SSL 1831 */ 1832 #define MBEDTLS_SSL_SERVER_NAME_INDICATION 1833 1834 /** 1835 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 1836 * 1837 * When this option is enabled, the SSL buffer will be resized automatically 1838 * based on the negotiated maximum fragment length in each direction. 1839 * 1840 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1841 */ 1842 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 1843 1844 /** 1845 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1846 * 1847 * Enable testing of the constant-flow nature of some sensitive functions with 1848 * clang's MemorySanitizer. This causes some existing tests to also test 1849 * this non-functional property of the code under test. 1850 * 1851 * This setting requires compiling with clang -fsanitize=memory. The test 1852 * suites can then be run normally. 1853 * 1854 * \warning This macro is only used for extended testing; it is not considered 1855 * part of the library's API, so it may change or disappear at any time. 1856 * 1857 * Uncomment to enable testing of the constant-flow nature of selected code. 1858 */ 1859 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1860 1861 /** 1862 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1863 * 1864 * Enable testing of the constant-flow nature of some sensitive functions with 1865 * valgrind's memcheck tool. This causes some existing tests to also test 1866 * this non-functional property of the code under test. 1867 * 1868 * This setting requires valgrind headers for building, and is only useful for 1869 * testing if the tests suites are run with valgrind's memcheck. This can be 1870 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when 1871 * using CMake, this can be done for all test suites with 'make memcheck'. 1872 * 1873 * \warning This macro is only used for extended testing; it is not considered 1874 * part of the library's API, so it may change or disappear at any time. 1875 * 1876 * Uncomment to enable testing of the constant-flow nature of selected code. 1877 */ 1878 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1879 1880 /** 1881 * \def MBEDTLS_TEST_HOOKS 1882 * 1883 * Enable features for invasive testing such as introspection functions and 1884 * hooks for fault injection. This enables additional unit tests. 1885 * 1886 * Merely enabling this feature should not change the behavior of the product. 1887 * It only adds new code, and new branching points where the default behavior 1888 * is the same as when this feature is disabled. 1889 * However, this feature increases the attack surface: there is an added 1890 * risk of vulnerabilities, and more gadgets that can make exploits easier. 1891 * Therefore this feature must never be enabled in production. 1892 * 1893 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more 1894 * information. 1895 * 1896 * Uncomment to enable invasive tests. 1897 */ 1898 //#define MBEDTLS_TEST_HOOKS 1899 1900 /** 1901 * \def MBEDTLS_THREADING_ALT 1902 * 1903 * Provide your own alternate threading implementation. 1904 * 1905 * Requires: MBEDTLS_THREADING_C 1906 * 1907 * Uncomment this to allow your own alternate threading implementation. 1908 */ 1909 //#define MBEDTLS_THREADING_ALT 1910 1911 /** 1912 * \def MBEDTLS_THREADING_PTHREAD 1913 * 1914 * Enable the pthread wrapper layer for the threading layer. 1915 * 1916 * Requires: MBEDTLS_THREADING_C 1917 * 1918 * Uncomment this to enable pthread mutexes. 1919 */ 1920 //#define MBEDTLS_THREADING_PTHREAD 1921 1922 /** 1923 * \def MBEDTLS_USE_PSA_CRYPTO 1924 * 1925 * Make the X.509 and TLS library use PSA for cryptographic operations, and 1926 * enable new APIs for using keys handled by PSA Crypto. 1927 * 1928 * \note Development of this option is currently in progress, and parts of Mbed 1929 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts 1930 * will still continue to work as usual, so enabling this option should not 1931 * break backwards compatibility. 1932 * 1933 * \note See docs/use-psa-crypto.md for a complete description of what this 1934 * option currently does, and of parts that are not affected by it so far. 1935 * 1936 * \warning If you enable this option, you need to call `psa_crypto_init()` 1937 * before calling any function from the SSL/TLS, X.509 or PK modules. 1938 * 1939 * Requires: MBEDTLS_PSA_CRYPTO_C. 1940 * 1941 * Uncomment this to enable internal use of PSA Crypto and new associated APIs. 1942 */ 1943 //#define MBEDTLS_USE_PSA_CRYPTO 1944 1945 /** 1946 * \def MBEDTLS_PSA_CRYPTO_CONFIG 1947 * 1948 * This setting allows support for cryptographic mechanisms through the PSA 1949 * API to be configured separately from support through the mbedtls API. 1950 * 1951 * When this option is disabled, the PSA API exposes the cryptographic 1952 * mechanisms that can be implemented on top of the `mbedtls_xxx` API 1953 * configured with `MBEDTLS_XXX` symbols. 1954 * 1955 * When this option is enabled, the PSA API exposes the cryptographic 1956 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in 1957 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are 1958 * automatically enabled if required (i.e. if no PSA driver provides the 1959 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols 1960 * in mbedtls_config.h. 1961 * 1962 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies 1963 * an alternative header to include instead of include/psa/crypto_config.h. 1964 * 1965 * This feature is still experimental and is not ready for production since 1966 * it is not completed. 1967 */ 1968 //#define MBEDTLS_PSA_CRYPTO_CONFIG 1969 1970 /** 1971 * \def MBEDTLS_VERSION_FEATURES 1972 * 1973 * Allow run-time checking of compile-time enabled features. Thus allowing users 1974 * to check at run-time if the library is for instance compiled with threading 1975 * support via mbedtls_version_check_feature(). 1976 * 1977 * Requires: MBEDTLS_VERSION_C 1978 * 1979 * Comment this to disable run-time checking and save ROM space 1980 */ 1981 #define MBEDTLS_VERSION_FEATURES 1982 1983 /** 1984 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 1985 * 1986 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` 1987 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure 1988 * the set of trusted certificates through a callback instead of a linked 1989 * list. 1990 * 1991 * This is useful for example in environments where a large number of trusted 1992 * certificates is present and storing them in a linked list isn't efficient 1993 * enough, or when the set of trusted certificates changes frequently. 1994 * 1995 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and 1996 * `mbedtls_ssl_conf_ca_cb()` for more information. 1997 * 1998 * Requires: MBEDTLS_X509_CRT_PARSE_C 1999 * 2000 * Uncomment to enable trusted certificate callbacks. 2001 */ 2002 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 2003 2004 /** 2005 * \def MBEDTLS_X509_REMOVE_INFO 2006 * 2007 * Disable mbedtls_x509_*_info() and related APIs. 2008 * 2009 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() 2010 * and other functions/constants only used by these functions, thus reducing 2011 * the code footprint by several KB. 2012 */ 2013 //#define MBEDTLS_X509_REMOVE_INFO 2014 2015 /** 2016 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT 2017 * 2018 * Enable parsing and verification of X.509 certificates, CRLs and CSRS 2019 * signed with RSASSA-PSS (aka PKCS#1 v2.1). 2020 * 2021 * Comment this macro to disallow using RSASSA-PSS in certificates. 2022 */ 2023 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT 2024 /** \} name SECTION: mbed TLS feature support */ 2025 2026 /** 2027 * \name SECTION: mbed TLS modules 2028 * 2029 * This section enables or disables entire modules in mbed TLS 2030 * \{ 2031 */ 2032 2033 /** 2034 * \def MBEDTLS_AESNI_C 2035 * 2036 * Enable AES-NI support on x86-64 or x86-32. 2037 * 2038 * \note AESNI is only supported with certain compilers and target options: 2039 * - Visual Studio 2013: supported. 2040 * - GCC, x86-64, target not explicitly supporting AESNI: 2041 * requires MBEDTLS_HAVE_ASM. 2042 * - GCC, x86-32, target not explicitly supporting AESNI: 2043 * not supported. 2044 * - GCC, x86-64 or x86-32, target supporting AESNI: supported. 2045 * For this assembly-less implementation, you must currently compile 2046 * `library/aesni.c` and `library/aes.c` with machine options to enable 2047 * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or 2048 * `clang -maes -mpclmul`. 2049 * - Non-x86 targets: this option is silently ignored. 2050 * - Other compilers: this option is silently ignored. 2051 * 2052 * \note 2053 * Above, "GCC" includes compatible compilers such as Clang. 2054 * The limitations on target support are likely to be relaxed in the future. 2055 * 2056 * Module: library/aesni.c 2057 * Caller: library/aes.c 2058 * 2059 * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) 2060 * 2061 * This modules adds support for the AES-NI instructions on x86. 2062 */ 2063 #define MBEDTLS_AESNI_C 2064 2065 /** 2066 * \def MBEDTLS_AESCE_C 2067 * 2068 * Enable AES cryptographic extension support on 64-bit Arm. 2069 * 2070 * Module: library/aesce.c 2071 * Caller: library/aes.c 2072 * 2073 * Requires: MBEDTLS_HAVE_ASM, MBEDTLS_AES_C 2074 * 2075 * \warning Runtime detection only works on Linux. For non-Linux operating 2076 * system, Armv8-A Cryptographic Extensions must be supported by 2077 * the CPU when this option is enabled. 2078 * 2079 * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems. 2080 */ 2081 #define MBEDTLS_AESCE_C 2082 2083 /** 2084 * \def MBEDTLS_AES_C 2085 * 2086 * Enable the AES block cipher. 2087 * 2088 * Module: library/aes.c 2089 * Caller: library/cipher.c 2090 * library/pem.c 2091 * library/ctr_drbg.c 2092 * 2093 * This module enables the following ciphersuites (if other requisites are 2094 * enabled as well): 2095 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 2096 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 2097 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 2098 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 2099 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 2100 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 2101 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 2102 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 2103 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 2104 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 2105 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 2106 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 2107 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 2108 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 2109 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 2110 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 2111 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 2112 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 2113 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 2114 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 2115 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2116 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 2117 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 2118 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 2119 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 2120 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 2121 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 2122 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 2123 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 2124 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 2125 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 2126 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 2127 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 2128 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 2129 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 2130 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 2131 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 2132 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 2133 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 2134 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 2135 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 2136 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 2137 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 2138 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 2139 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 2140 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 2141 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 2142 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 2143 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 2144 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 2145 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 2146 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 2147 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 2148 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 2149 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 2150 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 2151 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 2152 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 2153 * 2154 * PEM_PARSE uses AES for decrypting encrypted keys. 2155 */ 2156 #define MBEDTLS_AES_C 2157 2158 /** 2159 * \def MBEDTLS_ASN1_PARSE_C 2160 * 2161 * Enable the generic ASN1 parser. 2162 * 2163 * Module: library/asn1.c 2164 * Caller: library/x509.c 2165 * library/dhm.c 2166 * library/pkcs12.c 2167 * library/pkcs5.c 2168 * library/pkparse.c 2169 */ 2170 #define MBEDTLS_ASN1_PARSE_C 2171 2172 /** 2173 * \def MBEDTLS_ASN1_WRITE_C 2174 * 2175 * Enable the generic ASN1 writer. 2176 * 2177 * Module: library/asn1write.c 2178 * Caller: library/ecdsa.c 2179 * library/pkwrite.c 2180 * library/x509_create.c 2181 * library/x509write_crt.c 2182 * library/x509write_csr.c 2183 */ 2184 #define MBEDTLS_ASN1_WRITE_C 2185 2186 /** 2187 * \def MBEDTLS_BASE64_C 2188 * 2189 * Enable the Base64 module. 2190 * 2191 * Module: library/base64.c 2192 * Caller: library/pem.c 2193 * 2194 * This module is required for PEM support (required by X.509). 2195 */ 2196 #define MBEDTLS_BASE64_C 2197 2198 /** 2199 * \def MBEDTLS_BIGNUM_C 2200 * 2201 * Enable the multi-precision integer library. 2202 * 2203 * Module: library/bignum.c 2204 * library/bignum_core.c 2205 * library/bignum_mod.c 2206 * library/bignum_mod_raw.c 2207 * Caller: library/dhm.c 2208 * library/ecp.c 2209 * library/ecdsa.c 2210 * library/rsa.c 2211 * library/rsa_alt_helpers.c 2212 * library/ssl_tls.c 2213 * 2214 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. 2215 */ 2216 #define MBEDTLS_BIGNUM_C 2217 2218 /** 2219 * \def MBEDTLS_CAMELLIA_C 2220 * 2221 * Enable the Camellia block cipher. 2222 * 2223 * Module: library/camellia.c 2224 * Caller: library/cipher.c 2225 * 2226 * This module enables the following ciphersuites (if other requisites are 2227 * enabled as well): 2228 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2229 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2230 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 2231 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 2232 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2233 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2234 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 2235 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 2236 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2237 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2238 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2239 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2240 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 2241 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 2242 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 2243 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2244 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2245 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2246 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2247 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2248 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2249 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 2250 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 2251 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2252 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2253 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 2254 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2255 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2256 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 2257 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 2258 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 2259 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 2260 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 2261 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 2262 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 2263 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 2264 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 2265 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 2266 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 2267 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 2268 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 2269 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 2270 */ 2271 #define MBEDTLS_CAMELLIA_C 2272 2273 /** 2274 * \def MBEDTLS_ARIA_C 2275 * 2276 * Enable the ARIA block cipher. 2277 * 2278 * Module: library/aria.c 2279 * Caller: library/cipher.c 2280 * 2281 * This module enables the following ciphersuites (if other requisites are 2282 * enabled as well): 2283 * 2284 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 2285 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 2286 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 2287 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 2288 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 2289 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 2290 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 2291 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 2292 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 2293 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 2294 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 2295 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 2296 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 2297 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 2298 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 2299 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 2300 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 2301 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 2302 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 2303 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 2304 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 2305 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 2306 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 2307 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 2308 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 2309 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 2310 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 2311 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 2312 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 2313 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 2314 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 2315 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 2316 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 2317 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 2318 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 2319 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 2320 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 2321 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 2322 */ 2323 #define MBEDTLS_ARIA_C 2324 2325 /** 2326 * \def MBEDTLS_CCM_C 2327 * 2328 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. 2329 * 2330 * Module: library/ccm.c 2331 * 2332 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2333 * MBEDTLS_ARIA_C 2334 * 2335 * This module enables the AES-CCM ciphersuites, if other requisites are 2336 * enabled as well. 2337 */ 2338 #define MBEDTLS_CCM_C 2339 2340 /** 2341 * \def MBEDTLS_CHACHA20_C 2342 * 2343 * Enable the ChaCha20 stream cipher. 2344 * 2345 * Module: library/chacha20.c 2346 */ 2347 #define MBEDTLS_CHACHA20_C 2348 2349 /** 2350 * \def MBEDTLS_CHACHAPOLY_C 2351 * 2352 * Enable the ChaCha20-Poly1305 AEAD algorithm. 2353 * 2354 * Module: library/chachapoly.c 2355 * 2356 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C 2357 */ 2358 #define MBEDTLS_CHACHAPOLY_C 2359 2360 /** 2361 * \def MBEDTLS_CIPHER_C 2362 * 2363 * Enable the generic cipher layer. 2364 * 2365 * Module: library/cipher.c 2366 * Caller: library/ccm.c 2367 * library/cmac.c 2368 * library/gcm.c 2369 * library/nist_kw.c 2370 * library/pkcs12.c 2371 * library/pkcs5.c 2372 * library/psa_crypto_aead.c 2373 * library/psa_crypto_mac.c 2374 * library/ssl_ciphersuites.c 2375 * library/ssl_msg.c 2376 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) 2377 * 2378 * Uncomment to enable generic cipher wrappers. 2379 */ 2380 #define MBEDTLS_CIPHER_C 2381 2382 /** 2383 * \def MBEDTLS_CMAC_C 2384 * 2385 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block 2386 * ciphers. 2387 * 2388 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying 2389 * implementation of the CMAC algorithm is provided by an alternate 2390 * implementation, that alternate implementation may opt to not support 2391 * AES-192 or 3DES as underlying block ciphers for the CMAC operation. 2392 * 2393 * Module: library/cmac.c 2394 * 2395 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C 2396 * 2397 */ 2398 #define MBEDTLS_CMAC_C 2399 2400 /** 2401 * \def MBEDTLS_CTR_DRBG_C 2402 * 2403 * Enable the CTR_DRBG AES-based random generator. 2404 * The CTR_DRBG generator uses AES-256 by default. 2405 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. 2406 * 2407 * \note To achieve a 256-bit security strength with CTR_DRBG, 2408 * you must use AES-256 *and* use sufficient entropy. 2409 * See ctr_drbg.h for more details. 2410 * 2411 * Module: library/ctr_drbg.c 2412 * Caller: 2413 * 2414 * Requires: MBEDTLS_AES_C 2415 * 2416 * This module provides the CTR_DRBG AES random number generator. 2417 */ 2418 #define MBEDTLS_CTR_DRBG_C 2419 2420 /** 2421 * \def MBEDTLS_DEBUG_C 2422 * 2423 * Enable the debug functions. 2424 * 2425 * Module: library/debug.c 2426 * Caller: library/ssl_msg.c 2427 * library/ssl_tls.c 2428 * library/ssl_tls12_*.c 2429 * library/ssl_tls13_*.c 2430 * 2431 * This module provides debugging functions. 2432 */ 2433 #define MBEDTLS_DEBUG_C 2434 2435 /** 2436 * \def MBEDTLS_DES_C 2437 * 2438 * Enable the DES block cipher. 2439 * 2440 * Module: library/des.c 2441 * Caller: library/pem.c 2442 * library/cipher.c 2443 * 2444 * PEM_PARSE uses DES/3DES for decrypting encrypted keys. 2445 * 2446 * \warning DES/3DES are considered weak ciphers and their use constitutes a 2447 * security risk. We recommend considering stronger ciphers instead. 2448 */ 2449 #define MBEDTLS_DES_C 2450 2451 /** 2452 * \def MBEDTLS_DHM_C 2453 * 2454 * Enable the Diffie-Hellman-Merkle module. 2455 * 2456 * Module: library/dhm.c 2457 * Caller: library/ssl_tls.c 2458 * library/ssl*_client.c 2459 * library/ssl*_server.c 2460 * 2461 * This module is used by the following key exchanges: 2462 * DHE-RSA, DHE-PSK 2463 * 2464 * \warning Using DHE constitutes a security risk as it 2465 * is not possible to validate custom DH parameters. 2466 * If possible, it is recommended users should consider 2467 * preferring other methods of key exchange. 2468 * See dhm.h for more details. 2469 * 2470 */ 2471 #define MBEDTLS_DHM_C 2472 2473 /** 2474 * \def MBEDTLS_ECDH_C 2475 * 2476 * Enable the elliptic curve Diffie-Hellman library. 2477 * 2478 * Module: library/ecdh.c 2479 * Caller: library/psa_crypto.c 2480 * library/ssl_tls.c 2481 * library/ssl*_client.c 2482 * library/ssl*_server.c 2483 * 2484 * This module is used by the following key exchanges: 2485 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK 2486 * 2487 * Requires: MBEDTLS_ECP_C 2488 */ 2489 #define MBEDTLS_ECDH_C 2490 2491 /** 2492 * \def MBEDTLS_ECDSA_C 2493 * 2494 * Enable the elliptic curve DSA library. 2495 * 2496 * Module: library/ecdsa.c 2497 * Caller: 2498 * 2499 * This module is used by the following key exchanges: 2500 * ECDHE-ECDSA 2501 * 2502 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, 2503 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a 2504 * short Weierstrass curve. 2505 */ 2506 #define MBEDTLS_ECDSA_C 2507 2508 /** 2509 * \def MBEDTLS_ECJPAKE_C 2510 * 2511 * Enable the elliptic curve J-PAKE library. 2512 * 2513 * \note EC J-PAKE support is based on the Thread v1.0.0 specification. 2514 * It has not been reviewed for compliance with newer standards such as 2515 * Thread v1.1 or RFC 8236. 2516 * 2517 * Module: library/ecjpake.c 2518 * Caller: 2519 * 2520 * This module is used by the following key exchanges: 2521 * ECJPAKE 2522 * 2523 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C 2524 * 2525 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 2526 * before doing any EC J-PAKE operations. 2527 * 2528 * \warning When building with MBEDTLS_MD_C, all hashes used with this 2529 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 2530 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 2531 * this module in builds where MBEDTLS_MD_C is disabled. 2532 */ 2533 #define MBEDTLS_ECJPAKE_C 2534 2535 /** 2536 * \def MBEDTLS_ECP_C 2537 * 2538 * Enable the elliptic curve over GF(p) library. 2539 * 2540 * Module: library/ecp.c 2541 * Caller: library/ecdh.c 2542 * library/ecdsa.c 2543 * library/ecjpake.c 2544 * 2545 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED 2546 */ 2547 #define MBEDTLS_ECP_C 2548 2549 /** 2550 * \def MBEDTLS_ENTROPY_C 2551 * 2552 * Enable the platform-specific entropy code. 2553 * 2554 * Module: library/entropy.c 2555 * Caller: 2556 * 2557 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C 2558 * 2559 * This module provides a generic entropy pool 2560 */ 2561 #define MBEDTLS_ENTROPY_C 2562 2563 /** 2564 * \def MBEDTLS_ERROR_C 2565 * 2566 * Enable error code to error string conversion. 2567 * 2568 * Module: library/error.c 2569 * Caller: 2570 * 2571 * This module enables mbedtls_strerror(). 2572 */ 2573 #define MBEDTLS_ERROR_C 2574 2575 /** 2576 * \def MBEDTLS_GCM_C 2577 * 2578 * Enable the Galois/Counter Mode (GCM). 2579 * 2580 * Module: library/gcm.c 2581 * 2582 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2583 * MBEDTLS_ARIA_C 2584 * 2585 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other 2586 * requisites are enabled as well. 2587 */ 2588 #define MBEDTLS_GCM_C 2589 2590 /** 2591 * \def MBEDTLS_HKDF_C 2592 * 2593 * Enable the HKDF algorithm (RFC 5869). 2594 * 2595 * Module: library/hkdf.c 2596 * Caller: 2597 * 2598 * Requires: MBEDTLS_MD_C 2599 * 2600 * This module adds support for the Hashed Message Authentication Code 2601 * (HMAC)-based key derivation function (HKDF). 2602 */ 2603 #define MBEDTLS_HKDF_C 2604 2605 /** 2606 * \def MBEDTLS_HMAC_DRBG_C 2607 * 2608 * Enable the HMAC_DRBG random generator. 2609 * 2610 * Module: library/hmac_drbg.c 2611 * Caller: 2612 * 2613 * Requires: MBEDTLS_MD_C 2614 * 2615 * Uncomment to enable the HMAC_DRBG random number generator. 2616 */ 2617 #define MBEDTLS_HMAC_DRBG_C 2618 2619 /** 2620 * \def MBEDTLS_LMS_C 2621 * 2622 * Enable the LMS stateful-hash asymmetric signature algorithm. 2623 * 2624 * Module: library/lms.c 2625 * Caller: 2626 * 2627 * Requires: MBEDTLS_PSA_CRYPTO_C 2628 * 2629 * Uncomment to enable the LMS verification algorithm and public key operations. 2630 */ 2631 #define MBEDTLS_LMS_C 2632 2633 /** 2634 * \def MBEDTLS_LMS_PRIVATE 2635 * 2636 * Enable LMS private-key operations and signing code. Functions enabled by this 2637 * option are experimental, and should not be used in production. 2638 * 2639 * Requires: MBEDTLS_LMS_C 2640 * 2641 * Uncomment to enable the LMS signature algorithm and private key operations. 2642 */ 2643 //#define MBEDTLS_LMS_PRIVATE 2644 2645 /** 2646 * \def MBEDTLS_NIST_KW_C 2647 * 2648 * Enable the Key Wrapping mode for 128-bit block ciphers, 2649 * as defined in NIST SP 800-38F. Only KW and KWP modes 2650 * are supported. At the moment, only AES is approved by NIST. 2651 * 2652 * Module: library/nist_kw.c 2653 * 2654 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C 2655 */ 2656 #define MBEDTLS_NIST_KW_C 2657 2658 /** 2659 * \def MBEDTLS_MD_C 2660 * 2661 * Enable the generic layer for message digest (hashing) and HMAC. 2662 * 2663 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, 2664 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, 2665 * MBEDTLS_SHA512_C. 2666 * Module: library/md.c 2667 * Caller: library/constant_time.c 2668 * library/ecdsa.c 2669 * library/ecjpake.c 2670 * library/hkdf.c 2671 * library/hmac_drbg.c 2672 * library/pk.c 2673 * library/pkcs5.c 2674 * library/pkcs12.c 2675 * library/psa_crypto_ecp.c 2676 * library/psa_crypto_rsa.c 2677 * library/rsa.c 2678 * library/ssl_cookie.c 2679 * library/ssl_msg.c 2680 * library/ssl_tls.c 2681 * library/x509.c 2682 * library/x509_crt.c 2683 * library/x509write_crt.c 2684 * library/x509write_csr.c 2685 * 2686 * Uncomment to enable generic message digest wrappers. 2687 */ 2688 #define MBEDTLS_MD_C 2689 2690 /** 2691 * \def MBEDTLS_MD5_C 2692 * 2693 * Enable the MD5 hash algorithm. 2694 * 2695 * Module: library/md5.c 2696 * Caller: library/md.c 2697 * library/pem.c 2698 * library/ssl_tls.c 2699 * 2700 * This module is required for TLS 1.2 depending on the handshake parameters. 2701 * Further, it is used for checking MD5-signed certificates, and for PBKDF1 2702 * when decrypting PEM-encoded encrypted keys. 2703 * 2704 * \warning MD5 is considered a weak message digest and its use constitutes a 2705 * security risk. If possible, we recommend avoiding dependencies on 2706 * it, and considering stronger message digests instead. 2707 * 2708 */ 2709 #define MBEDTLS_MD5_C 2710 2711 /** 2712 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C 2713 * 2714 * Enable the buffer allocator implementation that makes use of a (stack) 2715 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() 2716 * calls) 2717 * 2718 * Module: library/memory_buffer_alloc.c 2719 * 2720 * Requires: MBEDTLS_PLATFORM_C 2721 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) 2722 * 2723 * Enable this module to enable the buffer memory allocator. 2724 */ 2725 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C 2726 2727 /** 2728 * \def MBEDTLS_NET_C 2729 * 2730 * Enable the TCP and UDP over IPv6/IPv4 networking routines. 2731 * 2732 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) 2733 * and Windows. For other platforms, you'll want to disable it, and write your 2734 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). 2735 * 2736 * \note See also our Knowledge Base article about porting to a new 2737 * environment: 2738 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 2739 * 2740 * Module: library/net_sockets.c 2741 * 2742 * This module provides networking routines. 2743 */ 2744 #define MBEDTLS_NET_C 2745 2746 /** 2747 * \def MBEDTLS_OID_C 2748 * 2749 * Enable the OID database. 2750 * 2751 * Module: library/oid.c 2752 * Caller: library/asn1write.c 2753 * library/pkcs5.c 2754 * library/pkparse.c 2755 * library/pkwrite.c 2756 * library/rsa.c 2757 * library/x509.c 2758 * library/x509_create.c 2759 * library/x509_crl.c 2760 * library/x509_crt.c 2761 * library/x509_csr.c 2762 * library/x509write_crt.c 2763 * library/x509write_csr.c 2764 * 2765 * This modules translates between OIDs and internal values. 2766 */ 2767 #define MBEDTLS_OID_C 2768 2769 /** 2770 * \def MBEDTLS_PADLOCK_C 2771 * 2772 * Enable VIA Padlock support on x86. 2773 * 2774 * Module: library/padlock.c 2775 * Caller: library/aes.c 2776 * 2777 * Requires: MBEDTLS_HAVE_ASM 2778 * 2779 * This modules adds support for the VIA PadLock on x86. 2780 */ 2781 #define MBEDTLS_PADLOCK_C 2782 2783 /** 2784 * \def MBEDTLS_PEM_PARSE_C 2785 * 2786 * Enable PEM decoding / parsing. 2787 * 2788 * Module: library/pem.c 2789 * Caller: library/dhm.c 2790 * library/pkparse.c 2791 * library/x509_crl.c 2792 * library/x509_crt.c 2793 * library/x509_csr.c 2794 * 2795 * Requires: MBEDTLS_BASE64_C 2796 * 2797 * This modules adds support for decoding / parsing PEM files. 2798 */ 2799 #define MBEDTLS_PEM_PARSE_C 2800 2801 /** 2802 * \def MBEDTLS_PEM_WRITE_C 2803 * 2804 * Enable PEM encoding / writing. 2805 * 2806 * Module: library/pem.c 2807 * Caller: library/pkwrite.c 2808 * library/x509write_crt.c 2809 * library/x509write_csr.c 2810 * 2811 * Requires: MBEDTLS_BASE64_C 2812 * 2813 * This modules adds support for encoding / writing PEM files. 2814 */ 2815 #define MBEDTLS_PEM_WRITE_C 2816 2817 /** 2818 * \def MBEDTLS_PK_C 2819 * 2820 * Enable the generic public (asymmetric) key layer. 2821 * 2822 * Module: library/pk.c 2823 * Caller: library/psa_crypto_rsa.c 2824 * library/ssl_tls.c 2825 * library/ssl*_client.c 2826 * library/ssl*_server.c 2827 * library/x509.c 2828 * 2829 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C 2830 * 2831 * Uncomment to enable generic public key wrappers. 2832 */ 2833 #define MBEDTLS_PK_C 2834 2835 /** 2836 * \def MBEDTLS_PK_PARSE_C 2837 * 2838 * Enable the generic public (asymmetric) key parser. 2839 * 2840 * Module: library/pkparse.c 2841 * Caller: library/x509_crt.c 2842 * library/x509_csr.c 2843 * 2844 * Requires: MBEDTLS_PK_C 2845 * 2846 * Uncomment to enable generic public key parse functions. 2847 */ 2848 #define MBEDTLS_PK_PARSE_C 2849 2850 /** 2851 * \def MBEDTLS_PK_WRITE_C 2852 * 2853 * Enable the generic public (asymmetric) key writer. 2854 * 2855 * Module: library/pkwrite.c 2856 * Caller: library/x509write.c 2857 * 2858 * Requires: MBEDTLS_PK_C 2859 * 2860 * Uncomment to enable generic public key write functions. 2861 */ 2862 #define MBEDTLS_PK_WRITE_C 2863 2864 /** 2865 * \def MBEDTLS_PKCS5_C 2866 * 2867 * Enable PKCS#5 functions. 2868 * 2869 * Module: library/pkcs5.c 2870 * 2871 * Requires: MBEDTLS_CIPHER_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. 2872 * 2873 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 2874 * before doing any PKCS5 operation. 2875 * 2876 * \warning When building with MBEDTLS_MD_C, all hashes used with this 2877 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 2878 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 2879 * this module in builds where MBEDTLS_MD_C is disabled. 2880 * 2881 * This module adds support for the PKCS#5 functions. 2882 */ 2883 #define MBEDTLS_PKCS5_C 2884 2885 /** 2886 * \def MBEDTLS_PKCS7_C 2887 * 2888 * Enable PKCS #7 core for using PKCS #7-formatted signatures. 2889 * RFC Link - https://tools.ietf.org/html/rfc2315 2890 * 2891 * Module: library/pkcs7.c 2892 * 2893 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 2894 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, 2895 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C 2896 * 2897 * This module is required for the PKCS #7 parsing modules. 2898 */ 2899 #define MBEDTLS_PKCS7_C 2900 2901 /** 2902 * \def MBEDTLS_PKCS12_C 2903 * 2904 * Enable PKCS#12 PBE functions. 2905 * Adds algorithms for parsing PKCS#8 encrypted private keys 2906 * 2907 * Module: library/pkcs12.c 2908 * Caller: library/pkparse.c 2909 * 2910 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either 2911 * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. 2912 * 2913 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 2914 * before doing any PKCS12 operation. 2915 * 2916 * \warning When building with MBEDTLS_MD_C, all hashes used with this 2917 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 2918 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 2919 * this module in builds where MBEDTLS_MD_C is disabled. 2920 * 2921 * This module enables PKCS#12 functions. 2922 */ 2923 #define MBEDTLS_PKCS12_C 2924 2925 /** 2926 * \def MBEDTLS_PLATFORM_C 2927 * 2928 * Enable the platform abstraction layer that allows you to re-assign 2929 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). 2930 * 2931 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT 2932 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned 2933 * above to be specified at runtime or compile time respectively. 2934 * 2935 * \note This abstraction layer must be enabled on Windows (including MSYS2) 2936 * as other modules rely on it for a fixed snprintf implementation. 2937 * 2938 * Module: library/platform.c 2939 * Caller: Most other .c files 2940 * 2941 * This module enables abstraction of common (libc) functions. 2942 */ 2943 #define MBEDTLS_PLATFORM_C 2944 2945 /** 2946 * \def MBEDTLS_POLY1305_C 2947 * 2948 * Enable the Poly1305 MAC algorithm. 2949 * 2950 * Module: library/poly1305.c 2951 * Caller: library/chachapoly.c 2952 */ 2953 #define MBEDTLS_POLY1305_C 2954 2955 /** 2956 * \def MBEDTLS_PSA_CRYPTO_C 2957 * 2958 * Enable the Platform Security Architecture cryptography API. 2959 * 2960 * Module: library/psa_crypto.c 2961 * 2962 * Requires: MBEDTLS_CIPHER_C, 2963 * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, 2964 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, 2965 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. 2966 * 2967 */ 2968 #define MBEDTLS_PSA_CRYPTO_C 2969 2970 /** 2971 * \def MBEDTLS_PSA_CRYPTO_SE_C 2972 * 2973 * Enable dynamic secure element support in the Platform Security Architecture 2974 * cryptography API. 2975 * 2976 * \deprecated This feature is deprecated. Please switch to the driver 2977 * interface enabled by #MBEDTLS_PSA_CRYPTO_DRIVERS. 2978 * 2979 * Module: library/psa_crypto_se.c 2980 * 2981 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C 2982 * 2983 */ 2984 //#define MBEDTLS_PSA_CRYPTO_SE_C 2985 2986 /** 2987 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C 2988 * 2989 * Enable the Platform Security Architecture persistent key storage. 2990 * 2991 * Module: library/psa_crypto_storage.c 2992 * 2993 * Requires: MBEDTLS_PSA_CRYPTO_C, 2994 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of 2995 * the PSA ITS interface 2996 */ 2997 #define MBEDTLS_PSA_CRYPTO_STORAGE_C 2998 2999 /** 3000 * \def MBEDTLS_PSA_ITS_FILE_C 3001 * 3002 * Enable the emulation of the Platform Security Architecture 3003 * Internal Trusted Storage (PSA ITS) over files. 3004 * 3005 * Module: library/psa_its_file.c 3006 * 3007 * Requires: MBEDTLS_FS_IO 3008 */ 3009 #define MBEDTLS_PSA_ITS_FILE_C 3010 3011 /** 3012 * \def MBEDTLS_RIPEMD160_C 3013 * 3014 * Enable the RIPEMD-160 hash algorithm. 3015 * 3016 * Module: library/ripemd160.c 3017 * Caller: library/md.c 3018 * 3019 */ 3020 #define MBEDTLS_RIPEMD160_C 3021 3022 /** 3023 * \def MBEDTLS_RSA_C 3024 * 3025 * Enable the RSA public-key cryptosystem. 3026 * 3027 * Module: library/rsa.c 3028 * library/rsa_alt_helpers.c 3029 * Caller: library/pk.c 3030 * library/psa_crypto.c 3031 * library/ssl_tls.c 3032 * library/ssl*_client.c 3033 * library/ssl*_server.c 3034 * 3035 * This module is used by the following key exchanges: 3036 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK 3037 * 3038 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C 3039 */ 3040 #define MBEDTLS_RSA_C 3041 3042 /** 3043 * \def MBEDTLS_SHA1_C 3044 * 3045 * Enable the SHA1 cryptographic hash algorithm. 3046 * 3047 * Module: library/sha1.c 3048 * Caller: library/md.c 3049 * library/psa_crypto_hash.c 3050 * 3051 * This module is required for TLS 1.2 depending on the handshake parameters, 3052 * and for SHA1-signed certificates. 3053 * 3054 * \warning SHA-1 is considered a weak message digest and its use constitutes 3055 * a security risk. If possible, we recommend avoiding dependencies 3056 * on it, and considering stronger message digests instead. 3057 * 3058 */ 3059 #define MBEDTLS_SHA1_C 3060 3061 /** 3062 * \def MBEDTLS_SHA224_C 3063 * 3064 * Enable the SHA-224 cryptographic hash algorithm. 3065 * 3066 * Module: library/sha256.c 3067 * Caller: library/md.c 3068 * library/ssl_cookie.c 3069 * 3070 * This module adds support for SHA-224. 3071 */ 3072 #define MBEDTLS_SHA224_C 3073 3074 /** 3075 * \def MBEDTLS_SHA256_C 3076 * 3077 * Enable the SHA-256 cryptographic hash algorithm. 3078 * 3079 * Module: library/sha256.c 3080 * Caller: library/entropy.c 3081 * library/md.c 3082 * library/ssl_tls.c 3083 * library/ssl*_client.c 3084 * library/ssl*_server.c 3085 * 3086 * This module adds support for SHA-256. 3087 * This module is required for the SSL/TLS 1.2 PRF function. 3088 */ 3089 #define MBEDTLS_SHA256_C 3090 3091 /** 3092 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3093 * 3094 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3095 * with the ARMv8 cryptographic extensions if they are available at runtime. 3096 * If not, the library will fall back to the C implementation. 3097 * 3098 * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building 3099 * for a non-Aarch64 build it will be silently ignored. 3100 * 3101 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3102 * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. 3103 * 3104 * Requires: MBEDTLS_SHA256_C. 3105 * 3106 * Module: library/sha256.c 3107 * 3108 * Uncomment to have the library check for the A64 SHA-256 crypto extensions 3109 * and use them if available. 3110 */ 3111 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3112 3113 /** 3114 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3115 * 3116 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3117 * with the ARMv8 cryptographic extensions, which must be available at runtime 3118 * or else an illegal instruction fault will occur. 3119 * 3120 * \note This allows builds with a smaller code size than with 3121 * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3122 * 3123 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same 3124 * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. 3125 * 3126 * Requires: MBEDTLS_SHA256_C. 3127 * 3128 * Module: library/sha256.c 3129 * 3130 * Uncomment to have the library use the A64 SHA-256 crypto extensions 3131 * unconditionally. 3132 */ 3133 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3134 3135 /** 3136 * \def MBEDTLS_SHA384_C 3137 * 3138 * Enable the SHA-384 cryptographic hash algorithm. 3139 * 3140 * Module: library/sha512.c 3141 * Caller: library/md.c 3142 * library/psa_crypto_hash.c 3143 * library/ssl_tls.c 3144 * library/ssl*_client.c 3145 * library/ssl*_server.c 3146 * 3147 * Comment to disable SHA-384 3148 */ 3149 #define MBEDTLS_SHA384_C 3150 3151 /** 3152 * \def MBEDTLS_SHA512_C 3153 * 3154 * Enable SHA-512 cryptographic hash algorithms. 3155 * 3156 * Module: library/sha512.c 3157 * Caller: library/entropy.c 3158 * library/md.c 3159 * library/ssl_tls.c 3160 * library/ssl_cookie.c 3161 * 3162 * This module adds support for SHA-512. 3163 */ 3164 #define MBEDTLS_SHA512_C 3165 3166 /** 3167 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3168 * 3169 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3170 * with the ARMv8 cryptographic extensions if they are available at runtime. 3171 * If not, the library will fall back to the C implementation. 3172 * 3173 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building 3174 * for a non-Aarch64 build it will be silently ignored. 3175 * 3176 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or 3177 * Clang >= 7. 3178 * 3179 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3180 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. 3181 * 3182 * Requires: MBEDTLS_SHA512_C. 3183 * 3184 * Module: library/sha512.c 3185 * 3186 * Uncomment to have the library check for the A64 SHA-512 crypto extensions 3187 * and use them if available. 3188 */ 3189 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3190 3191 /** 3192 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3193 * 3194 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3195 * with the ARMv8 cryptographic extensions, which must be available at runtime 3196 * or else an illegal instruction fault will occur. 3197 * 3198 * \note This allows builds with a smaller code size than with 3199 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3200 * 3201 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or 3202 * Clang >= 7. 3203 * 3204 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same 3205 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. 3206 * 3207 * Requires: MBEDTLS_SHA512_C. 3208 * 3209 * Module: library/sha512.c 3210 * 3211 * Uncomment to have the library use the A64 SHA-512 crypto extensions 3212 * unconditionally. 3213 */ 3214 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3215 3216 /** 3217 * \def MBEDTLS_SSL_CACHE_C 3218 * 3219 * Enable simple SSL cache implementation. 3220 * 3221 * Module: library/ssl_cache.c 3222 * Caller: 3223 * 3224 * Requires: MBEDTLS_SSL_CACHE_C 3225 */ 3226 #define MBEDTLS_SSL_CACHE_C 3227 3228 /** 3229 * \def MBEDTLS_SSL_COOKIE_C 3230 * 3231 * Enable basic implementation of DTLS cookies for hello verification. 3232 * 3233 * Module: library/ssl_cookie.c 3234 * Caller: 3235 */ 3236 #define MBEDTLS_SSL_COOKIE_C 3237 3238 /** 3239 * \def MBEDTLS_SSL_TICKET_C 3240 * 3241 * Enable an implementation of TLS server-side callbacks for session tickets. 3242 * 3243 * Module: library/ssl_ticket.c 3244 * Caller: 3245 * 3246 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) && 3247 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) 3248 */ 3249 #define MBEDTLS_SSL_TICKET_C 3250 3251 /** 3252 * \def MBEDTLS_SSL_CLI_C 3253 * 3254 * Enable the SSL/TLS client code. 3255 * 3256 * Module: library/ssl*_client.c 3257 * Caller: 3258 * 3259 * Requires: MBEDTLS_SSL_TLS_C 3260 * 3261 * This module is required for SSL/TLS client support. 3262 */ 3263 #define MBEDTLS_SSL_CLI_C 3264 3265 /** 3266 * \def MBEDTLS_SSL_SRV_C 3267 * 3268 * Enable the SSL/TLS server code. 3269 * 3270 * Module: library/ssl*_server.c 3271 * Caller: 3272 * 3273 * Requires: MBEDTLS_SSL_TLS_C 3274 * 3275 * This module is required for SSL/TLS server support. 3276 */ 3277 #define MBEDTLS_SSL_SRV_C 3278 3279 /** 3280 * \def MBEDTLS_SSL_TLS_C 3281 * 3282 * Enable the generic SSL/TLS code. 3283 * 3284 * Module: library/ssl_tls.c 3285 * Caller: library/ssl*_client.c 3286 * library/ssl*_server.c 3287 * 3288 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C 3289 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines 3290 * 3291 * This module is required for SSL/TLS. 3292 */ 3293 #define MBEDTLS_SSL_TLS_C 3294 3295 /** 3296 * \def MBEDTLS_THREADING_C 3297 * 3298 * Enable the threading abstraction layer. 3299 * By default mbed TLS assumes it is used in a non-threaded environment or that 3300 * contexts are not shared between threads. If you do intend to use contexts 3301 * between threads, you will need to enable this layer to prevent race 3302 * conditions. See also our Knowledge Base article about threading: 3303 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading 3304 * 3305 * Module: library/threading.c 3306 * 3307 * This allows different threading implementations (self-implemented or 3308 * provided). 3309 * 3310 * You will have to enable either MBEDTLS_THREADING_ALT or 3311 * MBEDTLS_THREADING_PTHREAD. 3312 * 3313 * Enable this layer to allow use of mutexes within mbed TLS 3314 */ 3315 //#define MBEDTLS_THREADING_C 3316 3317 /** 3318 * \def MBEDTLS_TIMING_C 3319 * 3320 * Enable the semi-portable timing interface. 3321 * 3322 * \note The provided implementation only works on POSIX/Unix (including Linux, 3323 * BSD and OS X) and Windows. On other platforms, you can either disable that 3324 * module and provide your own implementations of the callbacks needed by 3325 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide 3326 * your own implementation of the whole module by setting 3327 * \c MBEDTLS_TIMING_ALT in the current file. 3328 * 3329 * \note The timing module will include time.h on suitable platforms 3330 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 3331 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 3332 * 3333 * \note See also our Knowledge Base article about porting to a new 3334 * environment: 3335 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 3336 * 3337 * Module: library/timing.c 3338 */ 3339 #define MBEDTLS_TIMING_C 3340 3341 /** 3342 * \def MBEDTLS_VERSION_C 3343 * 3344 * Enable run-time version information. 3345 * 3346 * Module: library/version.c 3347 * 3348 * This module provides run-time version information. 3349 */ 3350 #define MBEDTLS_VERSION_C 3351 3352 /** 3353 * \def MBEDTLS_X509_USE_C 3354 * 3355 * Enable X.509 core for using certificates. 3356 * 3357 * Module: library/x509.c 3358 * Caller: library/x509_crl.c 3359 * library/x509_crt.c 3360 * library/x509_csr.c 3361 * 3362 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3363 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3364 * 3365 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3366 * psa_crypto_init() before doing any X.509 operation. 3367 * 3368 * This module is required for the X.509 parsing modules. 3369 */ 3370 #define MBEDTLS_X509_USE_C 3371 3372 /** 3373 * \def MBEDTLS_X509_CRT_PARSE_C 3374 * 3375 * Enable X.509 certificate parsing. 3376 * 3377 * Module: library/x509_crt.c 3378 * Caller: library/ssl_tls.c 3379 * library/ssl*_client.c 3380 * library/ssl*_server.c 3381 * 3382 * Requires: MBEDTLS_X509_USE_C 3383 * 3384 * This module is required for X.509 certificate parsing. 3385 */ 3386 #define MBEDTLS_X509_CRT_PARSE_C 3387 3388 /** 3389 * \def MBEDTLS_X509_CRL_PARSE_C 3390 * 3391 * Enable X.509 CRL parsing. 3392 * 3393 * Module: library/x509_crl.c 3394 * Caller: library/x509_crt.c 3395 * 3396 * Requires: MBEDTLS_X509_USE_C 3397 * 3398 * This module is required for X.509 CRL parsing. 3399 */ 3400 #define MBEDTLS_X509_CRL_PARSE_C 3401 3402 /** 3403 * \def MBEDTLS_X509_CSR_PARSE_C 3404 * 3405 * Enable X.509 Certificate Signing Request (CSR) parsing. 3406 * 3407 * Module: library/x509_csr.c 3408 * Caller: library/x509_crt_write.c 3409 * 3410 * Requires: MBEDTLS_X509_USE_C 3411 * 3412 * This module is used for reading X.509 certificate request. 3413 */ 3414 #define MBEDTLS_X509_CSR_PARSE_C 3415 3416 /** 3417 * \def MBEDTLS_X509_CREATE_C 3418 * 3419 * Enable X.509 core for creating certificates. 3420 * 3421 * Module: library/x509_create.c 3422 * 3423 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3424 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3425 * 3426 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3427 * psa_crypto_init() before doing any X.509 create operation. 3428 * 3429 * This module is the basis for creating X.509 certificates and CSRs. 3430 */ 3431 #define MBEDTLS_X509_CREATE_C 3432 3433 /** 3434 * \def MBEDTLS_X509_CRT_WRITE_C 3435 * 3436 * Enable creating X.509 certificates. 3437 * 3438 * Module: library/x509_crt_write.c 3439 * 3440 * Requires: MBEDTLS_X509_CREATE_C 3441 * 3442 * This module is required for X.509 certificate creation. 3443 */ 3444 #define MBEDTLS_X509_CRT_WRITE_C 3445 3446 /** 3447 * \def MBEDTLS_X509_CSR_WRITE_C 3448 * 3449 * Enable creating X.509 Certificate Signing Requests (CSR). 3450 * 3451 * Module: library/x509_csr_write.c 3452 * 3453 * Requires: MBEDTLS_X509_CREATE_C 3454 * 3455 * This module is required for X.509 certificate request writing. 3456 */ 3457 #define MBEDTLS_X509_CSR_WRITE_C 3458 3459 /** \} name SECTION: mbed TLS modules */ 3460 3461 /** 3462 * \name SECTION: General configuration options 3463 * 3464 * This section contains Mbed TLS build settings that are not associated 3465 * with a particular module. 3466 * 3467 * \{ 3468 */ 3469 3470 /** 3471 * \def MBEDTLS_CONFIG_FILE 3472 * 3473 * If defined, this is a header which will be included instead of 3474 * `"mbedtls/mbedtls_config.h"`. 3475 * This header file specifies the compile-time configuration of Mbed TLS. 3476 * Unlike other configuration options, this one must be defined on the 3477 * compiler command line: a definition in `mbedtls_config.h` would have 3478 * no effect. 3479 * 3480 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3481 * non-standard feature of the C language, so this feature is only available 3482 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3483 * 3484 * The value of this symbol is typically a path in double quotes, either 3485 * absolute or relative to a directory on the include search path. 3486 */ 3487 //#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" 3488 3489 /** 3490 * \def MBEDTLS_USER_CONFIG_FILE 3491 * 3492 * If defined, this is a header which will be included after 3493 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. 3494 * This allows you to modify the default configuration, including the ability 3495 * to undefine options that are enabled by default. 3496 * 3497 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3498 * non-standard feature of the C language, so this feature is only available 3499 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3500 * 3501 * The value of this symbol is typically a path in double quotes, either 3502 * absolute or relative to a directory on the include search path. 3503 */ 3504 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null" 3505 3506 /** 3507 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE 3508 * 3509 * If defined, this is a header which will be included instead of 3510 * `"psa/crypto_config.h"`. 3511 * This header file specifies which cryptographic mechanisms are available 3512 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and 3513 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. 3514 * 3515 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3516 * non-standard feature of the C language, so this feature is only available 3517 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3518 * 3519 * The value of this symbol is typically a path in double quotes, either 3520 * absolute or relative to a directory on the include search path. 3521 */ 3522 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" 3523 3524 /** 3525 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 3526 * 3527 * If defined, this is a header which will be included after 3528 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. 3529 * This allows you to modify the default configuration, including the ability 3530 * to undefine options that are enabled by default. 3531 * 3532 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3533 * non-standard feature of the C language, so this feature is only available 3534 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3535 * 3536 * The value of this symbol is typically a path in double quotes, either 3537 * absolute or relative to a directory on the include search path. 3538 */ 3539 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" 3540 3541 /** 3542 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE 3543 * 3544 * If defined, this is a header which will be included instead of 3545 * `"psa/crypto_platform.h"`. This file should declare the same identifiers 3546 * as the one in Mbed TLS, but with definitions adapted to the platform on 3547 * which the library code will run. 3548 * 3549 * \note The required content of this header can vary from one version of 3550 * Mbed TLS to the next. Integrators who provide an alternative file 3551 * should review the changes in the original file whenever they 3552 * upgrade Mbed TLS. 3553 * 3554 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3555 * non-standard feature of the C language, so this feature is only available 3556 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3557 * 3558 * The value of this symbol is typically a path in double quotes, either 3559 * absolute or relative to a directory on the include search path. 3560 */ 3561 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" 3562 3563 /** 3564 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE 3565 * 3566 * If defined, this is a header which will be included instead of 3567 * `"psa/crypto_struct.h"`. This file should declare the same identifiers 3568 * as the one in Mbed TLS, but with definitions adapted to the environment 3569 * in which the library code will run. The typical use for this feature 3570 * is to provide alternative type definitions on the client side in 3571 * client-server integrations of PSA crypto, where operation structures 3572 * contain handles instead of cryptographic data. 3573 * 3574 * \note The required content of this header can vary from one version of 3575 * Mbed TLS to the next. Integrators who provide an alternative file 3576 * should review the changes in the original file whenever they 3577 * upgrade Mbed TLS. 3578 * 3579 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3580 * non-standard feature of the C language, so this feature is only available 3581 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3582 * 3583 * The value of this symbol is typically a path in double quotes, either 3584 * absolute or relative to a directory on the include search path. 3585 */ 3586 //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" 3587 3588 /** \} name SECTION: General configuration options */ 3589 3590 /** 3591 * \name SECTION: Module configuration options 3592 * 3593 * This section allows for the setting of module specific sizes and 3594 * configuration options. The default values are already present in the 3595 * relevant header files and should suffice for the regular use cases. 3596 * 3597 * Our advice is to enable options and change their values here 3598 * only if you have a good reason and know the consequences. 3599 * \{ 3600 */ 3601 /* The Doxygen documentation here is used when a user comments out a 3602 * setting and runs doxygen themselves. On the other hand, when we typeset 3603 * the full documentation including disabled settings, the documentation 3604 * in specific modules' header files is used if present. When editing this 3605 * file, make sure that each option is documented in exactly one place, 3606 * plus optionally a same-line Doxygen comment here if there is a Doxygen 3607 * comment in the specific module. */ 3608 3609 /* MPI / BIGNUM options */ 3610 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ 3611 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ 3612 3613 /* CTR_DRBG options */ 3614 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ 3615 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3616 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3617 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3618 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3619 3620 /* HMAC_DRBG options */ 3621 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3622 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3623 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3624 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3625 3626 /* ECP options */ 3627 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */ 3628 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ 3629 3630 /* Entropy options */ 3631 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ 3632 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ 3633 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ 3634 3635 /* Memory buffer allocator options */ 3636 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ 3637 3638 /* Platform options */ 3639 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ 3640 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ 3641 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ 3642 //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ 3643 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ 3644 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3645 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ 3646 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ 3647 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3648 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ 3649 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ 3650 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ 3651 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3652 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3653 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ 3654 3655 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ 3656 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ 3657 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ 3658 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ 3659 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ 3660 //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ 3661 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3662 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3663 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ 3664 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ 3665 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3666 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ 3667 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ 3668 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3669 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3670 3671 /** \def MBEDTLS_CHECK_RETURN 3672 * 3673 * This macro is used at the beginning of the declaration of a function 3674 * to indicate that its return value should be checked. It should 3675 * instruct the compiler to emit a warning or an error if the function 3676 * is called without checking its return value. 3677 * 3678 * There is a default implementation for popular compilers in platform_util.h. 3679 * You can override the default implementation by defining your own here. 3680 * 3681 * If the implementation here is empty, this will effectively disable the 3682 * checking of functions' return values. 3683 */ 3684 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) 3685 3686 /** \def MBEDTLS_IGNORE_RETURN 3687 * 3688 * This macro requires one argument, which should be a C function call. 3689 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this 3690 * warning is suppressed. 3691 */ 3692 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) 3693 3694 /* PSA options */ 3695 /** 3696 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the 3697 * PSA crypto subsystem. 3698 * 3699 * If this option is unset: 3700 * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG. 3701 * - Otherwise, the PSA subsystem uses HMAC_DRBG with either 3702 * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and 3703 * on unspecified heuristics. 3704 */ 3705 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 3706 3707 /** \def MBEDTLS_PSA_KEY_SLOT_COUNT 3708 * Restrict the PSA library to supporting a maximum amount of simultaneously 3709 * loaded keys. A loaded key is a key stored by the PSA Crypto core as a 3710 * volatile key, or a persistent key which is loaded temporarily by the 3711 * library as part of a crypto operation in flight. 3712 * 3713 * If this option is unset, the library will fall back to a default value of 3714 * 32 keys. 3715 */ 3716 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 3717 3718 /* SSL Cache options */ 3719 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ 3720 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ 3721 3722 /* SSL options */ 3723 3724 /** \def MBEDTLS_SSL_IN_CONTENT_LEN 3725 * 3726 * Maximum length (in bytes) of incoming plaintext fragments. 3727 * 3728 * This determines the size of the incoming TLS I/O buffer in such a way 3729 * that it is capable of holding the specified amount of plaintext data, 3730 * regardless of the protection mechanism used. 3731 * 3732 * \note When using a value less than the default of 16KB on the client, it is 3733 * recommended to use the Maximum Fragment Length (MFL) extension to 3734 * inform the server about this limitation. On the server, there 3735 * is no supported, standardized way of informing the client about 3736 * restriction on the maximum size of incoming messages, and unless 3737 * the limitation has been communicated by other means, it is recommended 3738 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN 3739 * while keeping the default value of 16KB for the incoming buffer. 3740 * 3741 * Uncomment to set the maximum plaintext size of the incoming I/O buffer. 3742 */ 3743 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 3744 3745 /** \def MBEDTLS_SSL_CID_IN_LEN_MAX 3746 * 3747 * The maximum length of CIDs used for incoming DTLS messages. 3748 * 3749 */ 3750 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 3751 3752 /** \def MBEDTLS_SSL_CID_OUT_LEN_MAX 3753 * 3754 * The maximum length of CIDs used for outgoing DTLS messages. 3755 * 3756 */ 3757 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 3758 3759 /** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 3760 * 3761 * This option controls the use of record plaintext padding 3762 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. 3763 * 3764 * The padding will always be chosen so that the length of the 3765 * padded plaintext is a multiple of the value of this option. 3766 * 3767 * Note: A value of \c 1 means that no padding will be used 3768 * for outgoing records. 3769 * 3770 * Note: On systems lacking division instructions, 3771 * a power of two should be preferred. 3772 */ 3773 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 3774 3775 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN 3776 * 3777 * Maximum length (in bytes) of outgoing plaintext fragments. 3778 * 3779 * This determines the size of the outgoing TLS I/O buffer in such a way 3780 * that it is capable of holding the specified amount of plaintext data, 3781 * regardless of the protection mechanism used. 3782 * 3783 * It is possible to save RAM by setting a smaller outward buffer, while keeping 3784 * the default inward 16384 byte buffer to conform to the TLS specification. 3785 * 3786 * The minimum required outward buffer size is determined by the handshake 3787 * protocol's usage. Handshaking will fail if the outward buffer is too small. 3788 * The specific size requirement depends on the configured ciphers and any 3789 * certificate data which is sent during the handshake. 3790 * 3791 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. 3792 */ 3793 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 3794 3795 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING 3796 * 3797 * Maximum number of heap-allocated bytes for the purpose of 3798 * DTLS handshake message reassembly and future message buffering. 3799 * 3800 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN 3801 * to account for a reassembled handshake message of maximum size, 3802 * together with its reassembly bitmap. 3803 * 3804 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) 3805 * should be sufficient for all practical situations as it allows 3806 * to reassembly a large handshake message (such as a certificate) 3807 * while buffering multiple smaller handshake messages. 3808 * 3809 */ 3810 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 3811 3812 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */ 3813 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ 3814 3815 /** 3816 * Complete list of ciphersuites to use, in order of preference. 3817 * 3818 * \warning No dependency checking is done on that field! This option can only 3819 * be used to restrict the set of available ciphersuites. It is your 3820 * responsibility to make sure the needed modules are active. 3821 * 3822 * Use this to save a few hundred bytes of ROM (default ordering of all 3823 * available ciphersuites) and a few to a few hundred bytes of RAM. 3824 * 3825 * The value below is only an example, not the default. 3826 */ 3827 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 3828 3829 /** 3830 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 3831 * 3832 * Maximum time difference in milliseconds tolerated between the age of a 3833 * ticket from the server and client point of view. 3834 * From the client point of view, the age of a ticket is the time difference 3835 * between the time when the client proposes to the server to use the ticket 3836 * (time of writing of the Pre-Shared Key Extension including the ticket) and 3837 * the time the client received the ticket from the server. 3838 * From the server point of view, the age of a ticket is the time difference 3839 * between the time when the server receives a proposition from the client 3840 * to use the ticket and the time when the ticket was created by the server. 3841 * The server age is expected to be always greater than the client one and 3842 * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the 3843 * maximum difference tolerated for the server to accept the ticket. 3844 * This is not used in TLS 1.2. 3845 * 3846 */ 3847 #define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 3848 3849 /** 3850 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 3851 * 3852 * Size in bytes of a ticket nonce. This is not used in TLS 1.2. 3853 * 3854 * This must be less than 256. 3855 */ 3856 #define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 3857 3858 /** 3859 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 3860 * 3861 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server 3862 * after handshake completion. This is not used in TLS 1.2 and relevant only if 3863 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. 3864 * 3865 */ 3866 #define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 3867 3868 /* X509 options */ 3869 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ 3870 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ 3871 3872 /** 3873 * Uncomment the macro to let mbed TLS use your alternate implementation of 3874 * mbedtls_platform_zeroize(). This replaces the default implementation in 3875 * platform_util.c. 3876 * 3877 * mbedtls_platform_zeroize() is a widely used function across the library to 3878 * zero a block of memory. The implementation is expected to be secure in the 3879 * sense that it has been written to prevent the compiler from removing calls 3880 * to mbedtls_platform_zeroize() as part of redundant code elimination 3881 * optimizations. However, it is difficult to guarantee that calls to 3882 * mbedtls_platform_zeroize() will not be optimized by the compiler as older 3883 * versions of the C language standards do not provide a secure implementation 3884 * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to 3885 * configure their own implementation of mbedtls_platform_zeroize(), for 3886 * example by using directives specific to their compiler, features from newer 3887 * C standards (e.g using memset_s() in C11) or calling a secure memset() from 3888 * their system (e.g explicit_bzero() in BSD). 3889 */ 3890 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT 3891 3892 /** 3893 * Uncomment the macro to let Mbed TLS use your alternate implementation of 3894 * mbedtls_platform_gmtime_r(). This replaces the default implementation in 3895 * platform_util.c. 3896 * 3897 * gmtime() is not a thread-safe function as defined in the C standard. The 3898 * library will try to use safer implementations of this function, such as 3899 * gmtime_r() when available. However, if Mbed TLS cannot identify the target 3900 * system, the implementation of mbedtls_platform_gmtime_r() will default to 3901 * using the standard gmtime(). In this case, calls from the library to 3902 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex 3903 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the 3904 * library are also guarded with this mutex to avoid race conditions. However, 3905 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will 3906 * unconditionally use the implementation for mbedtls_platform_gmtime_r() 3907 * supplied at compile time. 3908 */ 3909 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT 3910 3911 /** 3912 * Enable the verified implementations of ECDH primitives from Project Everest 3913 * (currently only Curve25519). This feature changes the layout of ECDH 3914 * contexts and therefore is a compatibility break for applications that access 3915 * fields of a mbedtls_ecdh_context structure directly. See also 3916 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. 3917 */ 3918 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 3919 3920 /** \} name SECTION: Module configuration options */ 3921
