1 /* 2 * Copyright (c) 2018, The OpenThread Authors. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. Neither the name of the copyright holder nor the 13 * names of its contributors may be used to endorse or promote products 14 * derived from this software without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 // Spans multiple lines to avoid being processed by unifdef 30 #ifndef \ 31 MBEDTLS_CONFIG_H 32 #define MBEDTLS_CONFIG_H 33 34 #include "openthread-core-config.h" 35 36 #include <stdio.h> 37 #include <stdlib.h> 38 39 #include <openthread/config.h> 40 #include <openthread/platform/logging.h> 41 #include <openthread/platform/memory.h> 42 43 #define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf 44 45 #define MBEDTLS_AES_C 46 #if (MBEDTLS_VERSION_NUMBER >= 0x03050000) 47 #define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 48 #endif 49 #define MBEDTLS_AES_ROM_TABLES 50 #define MBEDTLS_ASN1_PARSE_C 51 #define MBEDTLS_ASN1_WRITE_C 52 #define MBEDTLS_BIGNUM_C 53 #if (MBEDTLS_VERSION_NUMBER >= 0x03050000) 54 #define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 55 #endif 56 #define MBEDTLS_CCM_C 57 #define MBEDTLS_CIPHER_C 58 #define MBEDTLS_CMAC_C 59 #define MBEDTLS_CTR_DRBG_C 60 #define MBEDTLS_DEPRECATED_REMOVED 61 #define MBEDTLS_DEPRECATED_WARNING 62 #define MBEDTLS_ECJPAKE_C 63 #define MBEDTLS_ECP_C 64 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 65 #define MBEDTLS_ECP_NIST_OPTIM 66 #define MBEDTLS_ENTROPY_C 67 #define MBEDTLS_HAVE_ASM 68 #define MBEDTLS_HMAC_DRBG_C 69 #define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 70 #define MBEDTLS_MD_C 71 #define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 72 #define MBEDTLS_NO_PLATFORM_ENTROPY 73 #define MBEDTLS_OID_C 74 #define MBEDTLS_PK_C 75 #define MBEDTLS_PK_PARSE_C 76 #define MBEDTLS_PLATFORM_C 77 #define MBEDTLS_PLATFORM_MEMORY 78 #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 79 #define MBEDTLS_SHA224_C 80 #define MBEDTLS_SHA256_C 81 #define MBEDTLS_SHA256_SMALLER 82 #define MBEDTLS_SSL_CLI_C 83 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY 84 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY 85 #define MBEDTLS_SSL_EXPORT_KEYS 86 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 87 #define MBEDTLS_SSL_PROTO_TLS1_2 88 #define MBEDTLS_SSL_PROTO_DTLS 89 #define MBEDTLS_SSL_TLS_C 90 91 #if OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE || OPENTHREAD_CONFIG_COMMISSIONER_ENABLE || OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE 92 #define MBEDTLS_SSL_COOKIE_C 93 #define MBEDTLS_SSL_SRV_C 94 #endif 95 96 #if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE 97 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 98 #endif 99 100 #if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE || OPENTHREAD_CONFIG_TLS_ENABLE 101 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 102 #endif 103 104 #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE 105 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 106 #define MBEDTLS_GCM_C 107 #endif 108 109 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 110 #define MBEDTLS_BASE64_C 111 #define MBEDTLS_ECDH_C 112 #define MBEDTLS_ECDSA_C 113 #define MBEDTLS_PEM_PARSE_C 114 #define MBEDTLS_X509_USE_C 115 #define MBEDTLS_X509_CRT_PARSE_C 116 #endif 117 118 #if OPENTHREAD_CONFIG_ECDSA_ENABLE 119 #define MBEDTLS_BASE64_C 120 #define MBEDTLS_ECDH_C 121 #define MBEDTLS_ECDSA_C 122 #if OPENTHREAD_CONFIG_DETERMINISTIC_ECDSA_ENABLE 123 #define MBEDTLS_ECDSA_DETERMINISTIC 124 #endif 125 #define MBEDTLS_PEM_PARSE_C 126 #define MBEDTLS_PK_WRITE_C 127 #endif 128 129 #define MBEDTLS_MPI_WINDOW_SIZE 1 /**< Maximum windows size used. */ 130 #define MBEDTLS_MPI_MAX_SIZE 32 /**< Maximum number of bytes for usable MPIs. */ 131 #define MBEDTLS_ECP_MAX_BITS 256 /**< Maximum bit size of groups */ 132 #define MBEDTLS_ECP_WINDOW_SIZE 2 /**< Maximum window size used */ 133 #define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Enable fixed-point speed-up */ 134 #define MBEDTLS_ENTROPY_MAX_SOURCES 1 /**< Maximum number of sources supported */ 135 136 #if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE 137 #define MBEDTLS_PLATFORM_STD_CALLOC otPlatCAlloc /**< Default allocator to use, can be undefined */ 138 #define MBEDTLS_PLATFORM_STD_FREE otPlatFree /**< Default free to use, can be undefined */ 139 #else 140 #define MBEDTLS_MEMORY_BUFFER_ALLOC_C 141 #endif 142 143 #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE 144 #define MBEDTLS_SSL_MAX_CONTENT_LEN 2000 /**< Maxium fragment length in bytes */ 145 #elif OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE 146 #define MBEDTLS_SSL_MAX_CONTENT_LEN 900 /**< Maxium fragment length in bytes */ 147 #else 148 #define MBEDTLS_SSL_MAX_CONTENT_LEN 768 /**< Maxium fragment length in bytes */ 149 #endif 150 151 #define MBEDTLS_SSL_IN_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN 152 #define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN 153 #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 154 155 // Spans multiple lines to avoid being processed by unifdef 156 #if defined(\ 157 MBEDTLS_USER_CONFIG_FILE) 158 #include MBEDTLS_USER_CONFIG_FILE 159 #endif 160 161 #include "mbedtls/version.h" 162 #if (MBEDTLS_VERSION_NUMBER < 0x03000000) 163 // Configuration sanity check. Done automatically in Mbed TLS >= 3.0. 164 #include "mbedtls/check_config.h" 165 #endif 166 167 #endif /* MBEDTLS_CONFIG_H */ 168