1 /** 2 * \file mbedtls_config.h 3 * 4 * \brief Configuration options (set of defines) 5 * 6 * This set of compile-time options may be used to enable 7 * or disable features selectively, and reduce the global 8 * memory footprint. 9 */ 10 /* 11 * Copyright The Mbed TLS Contributors 12 * SPDX-License-Identifier: Apache-2.0 13 * 14 * Licensed under the Apache License, Version 2.0 (the "License"); you may 15 * not use this file except in compliance with the License. 16 * You may obtain a copy of the License at 17 * 18 * http://www.apache.org/licenses/LICENSE-2.0 19 * 20 * Unless required by applicable law or agreed to in writing, software 21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 23 * See the License for the specific language governing permissions and 24 * limitations under the License. 25 */ 26 27 /** 28 * This is an optional version symbol that enables compatibility handling of 29 * config files. 30 * 31 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that 32 * introduced the config format we want to be compatible with. 33 */ 34 //#define MBEDTLS_CONFIG_VERSION 0x03000000 35 36 /** 37 * \name SECTION: System support 38 * 39 * This section sets system specific settings. 40 * \{ 41 */ 42 43 /** 44 * \def MBEDTLS_HAVE_ASM 45 * 46 * The compiler has support for asm(). 47 * 48 * Requires support for asm() in compiler. 49 * 50 * Used in: 51 * library/aria.c 52 * library/bn_mul.h 53 * 54 * Required by: 55 * MBEDTLS_AESNI_C 56 * MBEDTLS_PADLOCK_C 57 * 58 * Comment to disable the use of assembly code. 59 */ 60 #define MBEDTLS_HAVE_ASM 61 62 /** 63 * \def MBEDTLS_NO_UDBL_DIVISION 64 * 65 * The platform lacks support for double-width integer division (64-bit 66 * division on a 32-bit platform, 128-bit division on a 64-bit platform). 67 * 68 * Used in: 69 * include/mbedtls/bignum.h 70 * library/bignum.c 71 * 72 * The bignum code uses double-width division to speed up some operations. 73 * Double-width division is often implemented in software that needs to 74 * be linked with the program. The presence of a double-width integer 75 * type is usually detected automatically through preprocessor macros, 76 * but the automatic detection cannot know whether the code needs to 77 * and can be linked with an implementation of division for that type. 78 * By default division is assumed to be usable if the type is present. 79 * Uncomment this option to prevent the use of double-width division. 80 * 81 * Note that division for the native integer type is always required. 82 * Furthermore, a 64-bit type is always required even on a 32-bit 83 * platform, but it need not support multiplication or division. In some 84 * cases it is also desirable to disable some double-width operations. For 85 * example, if double-width division is implemented in software, disabling 86 * it can reduce code size in some embedded targets. 87 */ 88 //#define MBEDTLS_NO_UDBL_DIVISION 89 90 /** 91 * \def MBEDTLS_NO_64BIT_MULTIPLICATION 92 * 93 * The platform lacks support for 32x32 -> 64-bit multiplication. 94 * 95 * Used in: 96 * library/poly1305.c 97 * 98 * Some parts of the library may use multiplication of two unsigned 32-bit 99 * operands with a 64-bit result in order to speed up computations. On some 100 * platforms, this is not available in hardware and has to be implemented in 101 * software, usually in a library provided by the toolchain. 102 * 103 * Sometimes it is not desirable to have to link to that library. This option 104 * removes the dependency of that library on platforms that lack a hardware 105 * 64-bit multiplier by embedding a software implementation in Mbed TLS. 106 * 107 * Note that depending on the compiler, this may decrease performance compared 108 * to using the library function provided by the toolchain. 109 */ 110 //#define MBEDTLS_NO_64BIT_MULTIPLICATION 111 112 /** 113 * \def MBEDTLS_HAVE_SSE2 114 * 115 * CPU supports SSE2 instruction set. 116 * 117 * Uncomment if the CPU supports SSE2 (IA-32 specific). 118 */ 119 //#define MBEDTLS_HAVE_SSE2 120 121 /** 122 * \def MBEDTLS_HAVE_TIME 123 * 124 * System has time.h and time(). 125 * The time does not need to be correct, only time differences are used, 126 * by contrast with MBEDTLS_HAVE_TIME_DATE 127 * 128 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, 129 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and 130 * MBEDTLS_PLATFORM_STD_TIME. 131 * 132 * Comment if your system does not support time functions. 133 * 134 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing 135 * interface - timing.c will include time.h on suitable platforms 136 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 137 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 138 */ 139 #define MBEDTLS_HAVE_TIME 140 141 /** 142 * \def MBEDTLS_HAVE_TIME_DATE 143 * 144 * System has time.h, time(), and an implementation for 145 * mbedtls_platform_gmtime_r() (see below). 146 * The time needs to be correct (not necessarily very accurate, but at least 147 * the date should be correct). This is used to verify the validity period of 148 * X.509 certificates. 149 * 150 * Comment if your system does not have a correct clock. 151 * 152 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that 153 * behaves similarly to the gmtime_r() function from the C standard. Refer to 154 * the documentation for mbedtls_platform_gmtime_r() for more information. 155 * 156 * \note It is possible to configure an implementation for 157 * mbedtls_platform_gmtime_r() at compile-time by using the macro 158 * MBEDTLS_PLATFORM_GMTIME_R_ALT. 159 */ 160 #define MBEDTLS_HAVE_TIME_DATE 161 162 /** 163 * \def MBEDTLS_PLATFORM_MEMORY 164 * 165 * Enable the memory allocation layer. 166 * 167 * By default mbed TLS uses the system-provided calloc() and free(). 168 * This allows different allocators (self-implemented or provided) to be 169 * provided to the platform abstraction layer. 170 * 171 * Enabling MBEDTLS_PLATFORM_MEMORY without the 172 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide 173 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and 174 * free() function pointer at runtime. 175 * 176 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying 177 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the 178 * alternate function at compile time. 179 * 180 * Requires: MBEDTLS_PLATFORM_C 181 * 182 * Enable this layer to allow use of alternative memory allocators. 183 */ 184 //#define MBEDTLS_PLATFORM_MEMORY 185 186 /** 187 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 188 * 189 * Do not assign standard functions in the platform layer (e.g. calloc() to 190 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) 191 * 192 * This makes sure there are no linking errors on platforms that do not support 193 * these functions. You will HAVE to provide alternatives, either at runtime 194 * via the platform_set_xxx() functions or at compile time by setting 195 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a 196 * MBEDTLS_PLATFORM_XXX_MACRO. 197 * 198 * Requires: MBEDTLS_PLATFORM_C 199 * 200 * Uncomment to prevent default assignment of standard functions in the 201 * platform layer. 202 */ 203 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 204 205 /** 206 * \def MBEDTLS_PLATFORM_EXIT_ALT 207 * 208 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the 209 * function in the platform abstraction layer. 210 * 211 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will 212 * provide a function "mbedtls_platform_set_printf()" that allows you to set an 213 * alternative printf function pointer. 214 * 215 * All these define require MBEDTLS_PLATFORM_C to be defined! 216 * 217 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; 218 * it will be enabled automatically by check_config.h 219 * 220 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as 221 * MBEDTLS_PLATFORM_XXX_MACRO! 222 * 223 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME 224 * 225 * Uncomment a macro to enable alternate implementation of specific base 226 * platform function 227 */ 228 //#define MBEDTLS_PLATFORM_SETBUF_ALT 229 //#define MBEDTLS_PLATFORM_EXIT_ALT 230 //#define MBEDTLS_PLATFORM_TIME_ALT 231 //#define MBEDTLS_PLATFORM_FPRINTF_ALT 232 //#define MBEDTLS_PLATFORM_PRINTF_ALT 233 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT 234 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT 235 //#define MBEDTLS_PLATFORM_NV_SEED_ALT 236 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT 237 238 /** 239 * \def MBEDTLS_DEPRECATED_WARNING 240 * 241 * Mark deprecated functions and features so that they generate a warning if 242 * used. Functionality deprecated in one version will usually be removed in the 243 * next version. You can enable this to help you prepare the transition to a 244 * new major version by making sure your code is not using this functionality. 245 * 246 * This only works with GCC and Clang. With other compilers, you may want to 247 * use MBEDTLS_DEPRECATED_REMOVED 248 * 249 * Uncomment to get warnings on using deprecated functions and features. 250 */ 251 //#define MBEDTLS_DEPRECATED_WARNING 252 253 /** 254 * \def MBEDTLS_DEPRECATED_REMOVED 255 * 256 * Remove deprecated functions and features so that they generate an error if 257 * used. Functionality deprecated in one version will usually be removed in the 258 * next version. You can enable this to help you prepare the transition to a 259 * new major version by making sure your code is not using this functionality. 260 * 261 * Uncomment to get errors on using deprecated functions and features. 262 */ 263 //#define MBEDTLS_DEPRECATED_REMOVED 264 265 /** \} name SECTION: System support */ 266 267 /** 268 * \name SECTION: mbed TLS feature support 269 * 270 * This section sets support for features that are or are not needed 271 * within the modules that are enabled. 272 * \{ 273 */ 274 275 /** 276 * \def MBEDTLS_TIMING_ALT 277 * 278 * Uncomment to provide your own alternate implementation for 279 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() 280 * 281 * Only works if you have MBEDTLS_TIMING_C enabled. 282 * 283 * You will need to provide a header "timing_alt.h" and an implementation at 284 * compile time. 285 */ 286 //#define MBEDTLS_TIMING_ALT 287 288 /** 289 * \def MBEDTLS_AES_ALT 290 * 291 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your 292 * alternate core implementation of a symmetric crypto, an arithmetic or hash 293 * module (e.g. platform specific assembly optimized implementations). Keep 294 * in mind that the function prototypes should remain the same. 295 * 296 * This replaces the whole module. If you only want to replace one of the 297 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. 298 * 299 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer 300 * provide the "struct mbedtls_aes_context" definition and omit the base 301 * function declarations and implementations. "aes_alt.h" will be included from 302 * "aes.h" to include the new function definitions. 303 * 304 * Uncomment a macro to enable alternate implementation of the corresponding 305 * module. 306 * 307 * \warning MD5, DES and SHA-1 are considered weak and their 308 * use constitutes a security risk. If possible, we recommend 309 * avoiding dependencies on them, and considering stronger message 310 * digests and ciphers instead. 311 * 312 */ 313 //#define MBEDTLS_AES_ALT 314 //#define MBEDTLS_ARIA_ALT 315 //#define MBEDTLS_CAMELLIA_ALT 316 //#define MBEDTLS_CCM_ALT 317 //#define MBEDTLS_CHACHA20_ALT 318 //#define MBEDTLS_CHACHAPOLY_ALT 319 //#define MBEDTLS_CMAC_ALT 320 //#define MBEDTLS_DES_ALT 321 //#define MBEDTLS_DHM_ALT 322 //#define MBEDTLS_ECJPAKE_ALT 323 //#define MBEDTLS_GCM_ALT 324 //#define MBEDTLS_NIST_KW_ALT 325 //#define MBEDTLS_MD5_ALT 326 //#define MBEDTLS_POLY1305_ALT 327 //#define MBEDTLS_RIPEMD160_ALT 328 //#define MBEDTLS_RSA_ALT 329 //#define MBEDTLS_SHA1_ALT 330 //#define MBEDTLS_SHA256_ALT 331 //#define MBEDTLS_SHA512_ALT 332 333 /* 334 * When replacing the elliptic curve module, please consider, that it is 335 * implemented with two .c files: 336 * - ecp.c 337 * - ecp_curves.c 338 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT 339 * macros as described above. The only difference is that you have to make sure 340 * that you provide functionality for both .c files. 341 */ 342 //#define MBEDTLS_ECP_ALT 343 344 /** 345 * \def MBEDTLS_SHA256_PROCESS_ALT 346 * 347 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you 348 * alternate core implementation of symmetric crypto or hash function. Keep in 349 * mind that function prototypes should remain the same. 350 * 351 * This replaces only one function. The header file from mbed TLS is still 352 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. 353 * 354 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will 355 * no longer provide the mbedtls_sha1_process() function, but it will still provide 356 * the other function (using your mbedtls_sha1_process() function) and the definition 357 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible 358 * with this definition. 359 * 360 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set 361 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES 362 * tables. 363 * 364 * Uncomment a macro to enable alternate implementation of the corresponding 365 * function. 366 * 367 * \warning MD5, DES and SHA-1 are considered weak and their use 368 * constitutes a security risk. If possible, we recommend avoiding 369 * dependencies on them, and considering stronger message digests 370 * and ciphers instead. 371 * 372 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are 373 * enabled, then the deterministic ECDH signature functions pass the 374 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore 375 * alternative implementations should use the RNG only for generating 376 * the ephemeral key and nothing else. If this is not possible, then 377 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative 378 * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). 379 * 380 */ 381 //#define MBEDTLS_MD5_PROCESS_ALT 382 //#define MBEDTLS_RIPEMD160_PROCESS_ALT 383 //#define MBEDTLS_SHA1_PROCESS_ALT 384 //#define MBEDTLS_SHA256_PROCESS_ALT 385 //#define MBEDTLS_SHA512_PROCESS_ALT 386 //#define MBEDTLS_DES_SETKEY_ALT 387 //#define MBEDTLS_DES_CRYPT_ECB_ALT 388 //#define MBEDTLS_DES3_CRYPT_ECB_ALT 389 //#define MBEDTLS_AES_SETKEY_ENC_ALT 390 //#define MBEDTLS_AES_SETKEY_DEC_ALT 391 //#define MBEDTLS_AES_ENCRYPT_ALT 392 //#define MBEDTLS_AES_DECRYPT_ALT 393 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT 394 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT 395 //#define MBEDTLS_ECDSA_VERIFY_ALT 396 //#define MBEDTLS_ECDSA_SIGN_ALT 397 //#define MBEDTLS_ECDSA_GENKEY_ALT 398 399 /** 400 * \def MBEDTLS_ECP_INTERNAL_ALT 401 * 402 * Expose a part of the internal interface of the Elliptic Curve Point module. 403 * 404 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your 405 * alternative core implementation of elliptic curve arithmetic. Keep in mind 406 * that function prototypes should remain the same. 407 * 408 * This partially replaces one function. The header file from mbed TLS is still 409 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation 410 * is still present and it is used for group structures not supported by the 411 * alternative. 412 * 413 * The original implementation can in addition be removed by setting the 414 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the 415 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be 416 * able to fallback to curves not supported by the alternative implementation. 417 * 418 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT 419 * and implementing the following functions: 420 * unsigned char mbedtls_internal_ecp_grp_capable( 421 * const mbedtls_ecp_group *grp ) 422 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) 423 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) 424 * The mbedtls_internal_ecp_grp_capable function should return 1 if the 425 * replacement functions implement arithmetic for the given group and 0 426 * otherwise. 427 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are 428 * called before and after each point operation and provide an opportunity to 429 * implement optimized set up and tear down instructions. 430 * 431 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and 432 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac() 433 * function, but will use your mbedtls_internal_ecp_double_jac() if the group 434 * for the operation is supported by your implementation (i.e. your 435 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the 436 * group is not supported by your implementation, then the original mbed TLS 437 * implementation of ecp_double_jac() is used instead, unless this fallback 438 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case 439 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). 440 * 441 * The function prototypes and the definition of mbedtls_ecp_group and 442 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your 443 * implementation of mbedtls_internal_ecp__function_name__ must be compatible 444 * with their definitions. 445 * 446 * Uncomment a macro to enable alternate implementation of the corresponding 447 * function. 448 */ 449 /* Required for all the functions in this section */ 450 //#define MBEDTLS_ECP_INTERNAL_ALT 451 /* Turn off software fallback for curves not supported in hardware */ 452 //#define MBEDTLS_ECP_NO_FALLBACK 453 /* Support for Weierstrass curves with Jacobi representation */ 454 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT 455 //#define MBEDTLS_ECP_ADD_MIXED_ALT 456 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT 457 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT 458 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT 459 /* Support for curves with Montgomery arithmetic */ 460 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT 461 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT 462 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT 463 464 /** 465 * \def MBEDTLS_ENTROPY_HARDWARE_ALT 466 * 467 * Uncomment this macro to let mbed TLS use your own implementation of a 468 * hardware entropy collector. 469 * 470 * Your function must be called \c mbedtls_hardware_poll(), have the same 471 * prototype as declared in library/entropy_poll.h, and accept NULL as first 472 * argument. 473 * 474 * Uncomment to use your own hardware entropy collector. 475 */ 476 //#define MBEDTLS_ENTROPY_HARDWARE_ALT 477 478 /** 479 * \def MBEDTLS_AES_ROM_TABLES 480 * 481 * Use precomputed AES tables stored in ROM. 482 * 483 * Uncomment this macro to use precomputed AES tables stored in ROM. 484 * Comment this macro to generate AES tables in RAM at runtime. 485 * 486 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb 487 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the 488 * initialization time before the first AES operation can be performed. 489 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c 490 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded 491 * performance if ROM access is slower than RAM access. 492 * 493 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. 494 * 495 */ 496 //#define MBEDTLS_AES_ROM_TABLES 497 498 /** 499 * \def MBEDTLS_AES_FEWER_TABLES 500 * 501 * Use less ROM/RAM for AES tables. 502 * 503 * Uncommenting this macro omits 75% of the AES tables from 504 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) 505 * by computing their values on the fly during operations 506 * (the tables are entry-wise rotations of one another). 507 * 508 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint 509 * by ~6kb but at the cost of more arithmetic operations during 510 * runtime. Specifically, one has to compare 4 accesses within 511 * different tables to 4 accesses with additional arithmetic 512 * operations within the same table. The performance gain/loss 513 * depends on the system and memory details. 514 * 515 * This option is independent of \c MBEDTLS_AES_ROM_TABLES. 516 * 517 */ 518 //#define MBEDTLS_AES_FEWER_TABLES 519 520 /** 521 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY 522 * 523 * Use less ROM for the Camellia implementation (saves about 768 bytes). 524 * 525 * Uncomment this macro to use less memory for Camellia. 526 */ 527 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY 528 529 /** 530 * \def MBEDTLS_CHECK_RETURN_WARNING 531 * 532 * If this macro is defined, emit a compile-time warning if application code 533 * calls a function without checking its return value, but the return value 534 * should generally be checked in portable applications. 535 * 536 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is 537 * implemented. Otherwise this option has no effect. 538 * 539 * Uncomment to get warnings on using fallible functions without checking 540 * their return value. 541 * 542 * \note This feature is a work in progress. 543 * Warnings will be added to more functions in the future. 544 * 545 * \note A few functions are considered critical, and ignoring the return 546 * value of these functions will trigger a warning even if this 547 * macro is not defined. To completely disable return value check 548 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion. 549 */ 550 //#define MBEDTLS_CHECK_RETURN_WARNING 551 552 /** 553 * \def MBEDTLS_CIPHER_MODE_CBC 554 * 555 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. 556 */ 557 #define MBEDTLS_CIPHER_MODE_CBC 558 559 /** 560 * \def MBEDTLS_CIPHER_MODE_CFB 561 * 562 * Enable Cipher Feedback mode (CFB) for symmetric ciphers. 563 */ 564 #define MBEDTLS_CIPHER_MODE_CFB 565 566 /** 567 * \def MBEDTLS_CIPHER_MODE_CTR 568 * 569 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. 570 */ 571 #define MBEDTLS_CIPHER_MODE_CTR 572 573 /** 574 * \def MBEDTLS_CIPHER_MODE_OFB 575 * 576 * Enable Output Feedback mode (OFB) for symmetric ciphers. 577 */ 578 #define MBEDTLS_CIPHER_MODE_OFB 579 580 /** 581 * \def MBEDTLS_CIPHER_MODE_XTS 582 * 583 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. 584 */ 585 #define MBEDTLS_CIPHER_MODE_XTS 586 587 /** 588 * \def MBEDTLS_CIPHER_NULL_CIPHER 589 * 590 * Enable NULL cipher. 591 * Warning: Only do so when you know what you are doing. This allows for 592 * encryption or channels without any security! 593 * 594 * To enable the following ciphersuites: 595 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 596 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 597 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 598 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 599 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 600 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 601 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 602 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 603 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 604 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 605 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 606 * MBEDTLS_TLS_RSA_WITH_NULL_SHA 607 * MBEDTLS_TLS_RSA_WITH_NULL_MD5 608 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 609 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 610 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 611 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 612 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 613 * MBEDTLS_TLS_PSK_WITH_NULL_SHA 614 * 615 * Uncomment this macro to enable the NULL cipher and ciphersuites 616 */ 617 //#define MBEDTLS_CIPHER_NULL_CIPHER 618 619 /** 620 * \def MBEDTLS_CIPHER_PADDING_PKCS7 621 * 622 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for 623 * specific padding modes in the cipher layer with cipher modes that support 624 * padding (e.g. CBC) 625 * 626 * If you disable all padding modes, only full blocks can be used with CBC. 627 * 628 * Enable padding modes in the cipher layer. 629 */ 630 #define MBEDTLS_CIPHER_PADDING_PKCS7 631 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS 632 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN 633 #define MBEDTLS_CIPHER_PADDING_ZEROS 634 635 /** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 636 * 637 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. 638 * By default, CTR_DRBG uses a 256-bit key. 639 */ 640 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 641 642 /** 643 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED 644 * 645 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve 646 * module. By default all supported curves are enabled. 647 * 648 * Comment macros to disable the curve and functions for it 649 */ 650 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ 651 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 652 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 653 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 654 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 655 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 656 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 657 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 658 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 659 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 660 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 661 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 662 /* Montgomery curves (supporting ECP) */ 663 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 664 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 665 666 /** 667 * \def MBEDTLS_ECP_NIST_OPTIM 668 * 669 * Enable specific 'modulo p' routines for each NIST prime. 670 * Depending on the prime and architecture, makes operations 4 to 8 times 671 * faster on the corresponding curve. 672 * 673 * Comment this macro to disable NIST curves optimisation. 674 */ 675 #define MBEDTLS_ECP_NIST_OPTIM 676 677 /** 678 * \def MBEDTLS_ECP_RESTARTABLE 679 * 680 * Enable "non-blocking" ECC operations that can return early and be resumed. 681 * 682 * This allows various functions to pause by returning 683 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, 684 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in 685 * order to further progress and eventually complete their operation. This is 686 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum 687 * number of ECC operations a function may perform before pausing; see 688 * mbedtls_ecp_set_max_ops() for more information. 689 * 690 * This is useful in non-threaded environments if you want to avoid blocking 691 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. 692 * 693 * Uncomment this macro to enable restartable ECC computations. 694 * 695 * \note This option only works with the default software implementation of 696 * elliptic curve functionality. It is incompatible with 697 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. 698 */ 699 //#define MBEDTLS_ECP_RESTARTABLE 700 701 /** 702 * \def MBEDTLS_ECDSA_DETERMINISTIC 703 * 704 * Enable deterministic ECDSA (RFC 6979). 705 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing 706 * may result in a compromise of the long-term signing key. This is avoided by 707 * the deterministic variant. 708 * 709 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C 710 * 711 * Comment this macro to disable deterministic ECDSA. 712 */ 713 #define MBEDTLS_ECDSA_DETERMINISTIC 714 715 /** 716 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 717 * 718 * Enable the PSK based ciphersuite modes in SSL / TLS. 719 * 720 * This enables the following ciphersuites (if other requisites are 721 * enabled as well): 722 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 723 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 724 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 725 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 726 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 727 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 728 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 729 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 730 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 731 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 732 */ 733 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 734 735 /** 736 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 737 * 738 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. 739 * 740 * Requires: MBEDTLS_DHM_C 741 * 742 * This enables the following ciphersuites (if other requisites are 743 * enabled as well): 744 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 745 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 746 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 747 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 748 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 749 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 750 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 751 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 752 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 753 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 754 * 755 * \warning Using DHE constitutes a security risk as it 756 * is not possible to validate custom DH parameters. 757 * If possible, it is recommended users should consider 758 * preferring other methods of key exchange. 759 * See dhm.h for more details. 760 * 761 */ 762 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 763 764 /** 765 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 766 * 767 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. 768 * 769 * Requires: MBEDTLS_ECDH_C 770 * 771 * This enables the following ciphersuites (if other requisites are 772 * enabled as well): 773 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 774 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 775 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 776 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 777 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 778 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 779 */ 780 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 781 782 /** 783 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 784 * 785 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. 786 * 787 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 788 * MBEDTLS_X509_CRT_PARSE_C 789 * 790 * This enables the following ciphersuites (if other requisites are 791 * enabled as well): 792 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 793 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 794 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 795 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 796 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 797 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 798 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 799 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 800 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 801 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 802 */ 803 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 804 805 /** 806 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 807 * 808 * Enable the RSA-only based ciphersuite modes in SSL / TLS. 809 * 810 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 811 * MBEDTLS_X509_CRT_PARSE_C 812 * 813 * This enables the following ciphersuites (if other requisites are 814 * enabled as well): 815 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 816 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 817 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 818 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 819 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 820 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 821 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 822 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 823 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 824 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 825 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 826 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 827 */ 828 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 829 830 /** 831 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 832 * 833 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. 834 * 835 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 836 * MBEDTLS_X509_CRT_PARSE_C 837 * 838 * This enables the following ciphersuites (if other requisites are 839 * enabled as well): 840 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 841 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 842 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 843 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 844 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 845 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 846 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 847 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 848 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 849 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 850 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 851 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 852 * 853 * \warning Using DHE constitutes a security risk as it 854 * is not possible to validate custom DH parameters. 855 * If possible, it is recommended users should consider 856 * preferring other methods of key exchange. 857 * See dhm.h for more details. 858 * 859 */ 860 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 861 862 /** 863 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 864 * 865 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. 866 * 867 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 868 * MBEDTLS_X509_CRT_PARSE_C 869 * 870 * This enables the following ciphersuites (if other requisites are 871 * enabled as well): 872 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 873 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 874 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 875 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 876 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 877 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 878 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 879 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 880 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 881 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 882 */ 883 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 884 885 /** 886 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 887 * 888 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. 889 * 890 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, 891 * 892 * This enables the following ciphersuites (if other requisites are 893 * enabled as well): 894 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 895 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 896 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 897 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 898 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 899 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 900 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 901 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 902 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 903 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 904 */ 905 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 906 907 /** 908 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 909 * 910 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. 911 * 912 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C 913 * 914 * This enables the following ciphersuites (if other requisites are 915 * enabled as well): 916 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 917 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 918 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 919 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 920 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 921 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 922 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 923 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 924 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 925 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 926 */ 927 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 928 929 /** 930 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 931 * 932 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. 933 * 934 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C 935 * 936 * This enables the following ciphersuites (if other requisites are 937 * enabled as well): 938 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 939 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 940 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 941 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 942 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 943 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 944 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 945 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 946 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 947 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 948 */ 949 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 950 951 /** 952 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 953 * 954 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. 955 * 956 * \warning This is currently experimental. EC J-PAKE support is based on the 957 * Thread v1.0.0 specification; incompatible changes to the specification 958 * might still happen. For this reason, this is disabled by default. 959 * 960 * Requires: MBEDTLS_ECJPAKE_C 961 * SHA-256 (via MD if present, or via PSA, see MBEDTLS_ECJPAKE_C) 962 * MBEDTLS_ECP_DP_SECP256R1_ENABLED 963 * 964 * This enables the following ciphersuites (if other requisites are 965 * enabled as well): 966 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 967 */ 968 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 969 970 /** 971 * \def MBEDTLS_PK_PARSE_EC_EXTENDED 972 * 973 * Enhance support for reading EC keys using variants of SEC1 not allowed by 974 * RFC 5915 and RFC 5480. 975 * 976 * Currently this means parsing the SpecifiedECDomain choice of EC 977 * parameters (only known groups are supported, not arbitrary domains, to 978 * avoid validation issues). 979 * 980 * Disable if you only need to support RFC 5915 + 5480 key formats. 981 */ 982 #define MBEDTLS_PK_PARSE_EC_EXTENDED 983 984 /** 985 * \def MBEDTLS_ERROR_STRERROR_DUMMY 986 * 987 * Enable a dummy error function to make use of mbedtls_strerror() in 988 * third party libraries easier when MBEDTLS_ERROR_C is disabled 989 * (no effect when MBEDTLS_ERROR_C is enabled). 990 * 991 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're 992 * not using mbedtls_strerror() or error_strerror() in your application. 993 * 994 * Disable if you run into name conflicts and want to really remove the 995 * mbedtls_strerror() 996 */ 997 #define MBEDTLS_ERROR_STRERROR_DUMMY 998 999 /** 1000 * \def MBEDTLS_GENPRIME 1001 * 1002 * Enable the prime-number generation code. 1003 * 1004 * Requires: MBEDTLS_BIGNUM_C 1005 */ 1006 #define MBEDTLS_GENPRIME 1007 1008 /** 1009 * \def MBEDTLS_FS_IO 1010 * 1011 * Enable functions that use the filesystem. 1012 */ 1013 #define MBEDTLS_FS_IO 1014 1015 /** 1016 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1017 * 1018 * Do not add default entropy sources in mbedtls_entropy_init(). 1019 * 1020 * This is useful to have more control over the added entropy sources in an 1021 * application. 1022 * 1023 * Uncomment this macro to prevent loading of default entropy functions. 1024 */ 1025 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1026 1027 /** 1028 * \def MBEDTLS_NO_PLATFORM_ENTROPY 1029 * 1030 * Do not use built-in platform entropy functions. 1031 * This is useful if your platform does not support 1032 * standards like the /dev/urandom or Windows CryptoAPI. 1033 * 1034 * Uncomment this macro to disable the built-in platform entropy functions. 1035 */ 1036 //#define MBEDTLS_NO_PLATFORM_ENTROPY 1037 1038 /** 1039 * \def MBEDTLS_ENTROPY_FORCE_SHA256 1040 * 1041 * Force the entropy accumulator to use a SHA-256 accumulator instead of the 1042 * default SHA-512 based one (if both are available). 1043 * 1044 * Requires: MBEDTLS_SHA256_C 1045 * 1046 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option 1047 * if you have performance concerns. 1048 * 1049 * This option is only useful if both MBEDTLS_SHA256_C and 1050 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. 1051 */ 1052 //#define MBEDTLS_ENTROPY_FORCE_SHA256 1053 1054 /** 1055 * \def MBEDTLS_ENTROPY_NV_SEED 1056 * 1057 * Enable the non-volatile (NV) seed file-based entropy source. 1058 * (Also enables the NV seed read/write functions in the platform layer) 1059 * 1060 * This is crucial (if not required) on systems that do not have a 1061 * cryptographic entropy source (in hardware or kernel) available. 1062 * 1063 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C 1064 * 1065 * \note The read/write functions that are used by the entropy source are 1066 * determined in the platform layer, and can be modified at runtime and/or 1067 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. 1068 * 1069 * \note If you use the default implementation functions that read a seedfile 1070 * with regular fopen(), please make sure you make a seedfile with the 1071 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at 1072 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from 1073 * and written to or you will get an entropy source error! The default 1074 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE 1075 * bytes from the file. 1076 * 1077 * \note The entropy collector will write to the seed file before entropy is 1078 * given to an external source, to update it. 1079 */ 1080 //#define MBEDTLS_ENTROPY_NV_SEED 1081 1082 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1083 * 1084 * Enable key identifiers that encode a key owner identifier. 1085 * 1086 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t 1087 * which is currently hard-coded to be int32_t. 1088 * 1089 * Note that this option is meant for internal use only and may be removed 1090 * without notice. 1091 */ 1092 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1093 1094 /** 1095 * \def MBEDTLS_MEMORY_DEBUG 1096 * 1097 * Enable debugging of buffer allocator memory issues. Automatically prints 1098 * (to stderr) all (fatal) messages on memory allocation issues. Enables 1099 * function for 'debug output' of allocated memory. 1100 * 1101 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1102 * 1103 * Uncomment this macro to let the buffer allocator print out error messages. 1104 */ 1105 //#define MBEDTLS_MEMORY_DEBUG 1106 1107 /** 1108 * \def MBEDTLS_MEMORY_BACKTRACE 1109 * 1110 * Include backtrace information with each allocated block. 1111 * 1112 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1113 * GLIBC-compatible backtrace() and backtrace_symbols() support 1114 * 1115 * Uncomment this macro to include backtrace information 1116 */ 1117 //#define MBEDTLS_MEMORY_BACKTRACE 1118 1119 /** 1120 * \def MBEDTLS_PK_RSA_ALT_SUPPORT 1121 * 1122 * Support external private RSA keys (eg from a HSM) in the PK layer. 1123 * 1124 * Comment this macro to disable support for external private RSA keys. 1125 */ 1126 #define MBEDTLS_PK_RSA_ALT_SUPPORT 1127 1128 /** 1129 * \def MBEDTLS_PKCS1_V15 1130 * 1131 * Enable support for PKCS#1 v1.5 encoding. 1132 * 1133 * Requires: MBEDTLS_RSA_C 1134 * 1135 * This enables support for PKCS#1 v1.5 operations. 1136 */ 1137 #define MBEDTLS_PKCS1_V15 1138 1139 /** 1140 * \def MBEDTLS_PKCS1_V21 1141 * 1142 * Enable support for PKCS#1 v2.1 encoding. 1143 * 1144 * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C). 1145 * 1146 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 1147 * before doing any PKCS#1 v2.1 operation. 1148 * 1149 * \warning When building with MBEDTLS_MD_C, all hashes used with this 1150 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 1151 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 1152 * this module in builds where MBEDTLS_MD_C is disabled. 1153 * 1154 * This enables support for RSAES-OAEP and RSASSA-PSS operations. 1155 */ 1156 #define MBEDTLS_PKCS1_V21 1157 1158 /** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1159 * 1160 * Enable support for platform built-in keys. If you enable this feature, 1161 * you must implement the function mbedtls_psa_platform_get_builtin_key(). 1162 * See the documentation of that function for more information. 1163 * 1164 * Built-in keys are typically derived from a hardware unique key or 1165 * stored in a secure element. 1166 * 1167 * Requires: MBEDTLS_PSA_CRYPTO_C. 1168 * 1169 * \warning This interface is experimental and may change or be removed 1170 * without notice. 1171 */ 1172 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1173 1174 /** \def MBEDTLS_PSA_CRYPTO_CLIENT 1175 * 1176 * Enable support for PSA crypto client. 1177 * 1178 * \note This option allows to include the code necessary for a PSA 1179 * crypto client when the PSA crypto implementation is not included in 1180 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the 1181 * code to set and get PSA key attributes. 1182 * The development of PSA drivers partially relying on the library to 1183 * fulfill the hardware gaps is another possible usage of this option. 1184 * 1185 * \warning This interface is experimental and may change or be removed 1186 * without notice. 1187 */ 1188 //#define MBEDTLS_PSA_CRYPTO_CLIENT 1189 1190 /** \def MBEDTLS_PSA_CRYPTO_DRIVERS 1191 * 1192 * Enable support for the experimental PSA crypto driver interface. 1193 * 1194 * Requires: MBEDTLS_PSA_CRYPTO_C 1195 * 1196 * \warning This interface is experimental. We intend to maintain backward 1197 * compatibility with application code that relies on drivers, 1198 * but the driver interfaces may change without notice. 1199 */ 1200 //#define MBEDTLS_PSA_CRYPTO_DRIVERS 1201 1202 /** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1203 * 1204 * Make the PSA Crypto module use an external random generator provided 1205 * by a driver, instead of Mbed TLS's entropy and DRBG modules. 1206 * 1207 * \note This random generator must deliver random numbers with cryptographic 1208 * quality and high performance. It must supply unpredictable numbers 1209 * with a uniform distribution. The implementation of this function 1210 * is responsible for ensuring that the random generator is seeded 1211 * with sufficient entropy. If you have a hardware TRNG which is slow 1212 * or delivers non-uniform output, declare it as an entropy source 1213 * with mbedtls_entropy_add_source() instead of enabling this option. 1214 * 1215 * If you enable this option, you must configure the type 1216 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h 1217 * and define a function called mbedtls_psa_external_get_random() 1218 * with the following prototype: 1219 * ``` 1220 * psa_status_t mbedtls_psa_external_get_random( 1221 * mbedtls_psa_external_random_context_t *context, 1222 * uint8_t *output, size_t output_size, size_t *output_length); 1223 * ); 1224 * ``` 1225 * The \c context value is initialized to 0 before the first call. 1226 * The function must fill the \c output buffer with \p output_size bytes 1227 * of random data and set \c *output_length to \p output_size. 1228 * 1229 * Requires: MBEDTLS_PSA_CRYPTO_C 1230 * 1231 * \warning If you enable this option, code that uses the PSA cryptography 1232 * interface will not use any of the entropy sources set up for 1233 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED 1234 * enables. 1235 * 1236 * \note This option is experimental and may be removed without notice. 1237 */ 1238 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1239 1240 /** 1241 * \def MBEDTLS_PSA_CRYPTO_SPM 1242 * 1243 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure 1244 * Partition Manager) integration which separates the code into two parts: a 1245 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process 1246 * Environment). 1247 * 1248 * Module: library/psa_crypto.c 1249 * Requires: MBEDTLS_PSA_CRYPTO_C 1250 * 1251 */ 1252 //#define MBEDTLS_PSA_CRYPTO_SPM 1253 1254 /** 1255 * \def MBEDTLS_PSA_INJECT_ENTROPY 1256 * 1257 * Enable support for entropy injection at first boot. This feature is 1258 * required on systems that do not have a built-in entropy source (TRNG). 1259 * This feature is currently not supported on systems that have a built-in 1260 * entropy source. 1261 * 1262 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED 1263 * 1264 */ 1265 //#define MBEDTLS_PSA_INJECT_ENTROPY 1266 1267 /** 1268 * \def MBEDTLS_RSA_NO_CRT 1269 * 1270 * Do not use the Chinese Remainder Theorem 1271 * for the RSA private operation. 1272 * 1273 * Uncomment this macro to disable the use of CRT in RSA. 1274 * 1275 */ 1276 //#define MBEDTLS_RSA_NO_CRT 1277 1278 /** 1279 * \def MBEDTLS_SELF_TEST 1280 * 1281 * Enable the checkup functions (*_self_test). 1282 */ 1283 #define MBEDTLS_SELF_TEST 1284 1285 /** 1286 * \def MBEDTLS_SHA256_SMALLER 1287 * 1288 * Enable an implementation of SHA-256 that has lower ROM footprint but also 1289 * lower performance. 1290 * 1291 * The default implementation is meant to be a reasonable compromise between 1292 * performance and size. This version optimizes more aggressively for size at 1293 * the expense of performance. Eg on Cortex-M4 it reduces the size of 1294 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 1295 * 30%. 1296 * 1297 * Uncomment to enable the smaller implementation of SHA256. 1298 */ 1299 //#define MBEDTLS_SHA256_SMALLER 1300 1301 /** 1302 * \def MBEDTLS_SHA512_SMALLER 1303 * 1304 * Enable an implementation of SHA-512 that has lower ROM footprint but also 1305 * lower performance. 1306 * 1307 * Uncomment to enable the smaller implementation of SHA512. 1308 */ 1309 //#define MBEDTLS_SHA512_SMALLER 1310 1311 /** 1312 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES 1313 * 1314 * Enable sending of alert messages in case of encountered errors as per RFC. 1315 * If you choose not to send the alert messages, mbed TLS can still communicate 1316 * with other servers, only debugging of failures is harder. 1317 * 1318 * The advantage of not sending alert messages, is that no information is given 1319 * about reasons for failures thus preventing adversaries of gaining intel. 1320 * 1321 * Enable sending of all alert messages 1322 */ 1323 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES 1324 1325 /** 1326 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID 1327 * 1328 * Enable support for the DTLS Connection ID (CID) extension, 1329 * which allows to identify DTLS connections across changes 1330 * in the underlying transport. The CID functionality is described 1331 * in RFC 9146. 1332 * 1333 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, 1334 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and 1335 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for 1336 * more information. 1337 * 1338 * The maximum lengths of outgoing and incoming CIDs can be configured 1339 * through the options 1340 * - MBEDTLS_SSL_CID_OUT_LEN_MAX 1341 * - MBEDTLS_SSL_CID_IN_LEN_MAX. 1342 * 1343 * Requires: MBEDTLS_SSL_PROTO_DTLS 1344 * 1345 * Uncomment to enable the Connection ID extension. 1346 */ 1347 #define MBEDTLS_SSL_DTLS_CONNECTION_ID 1348 1349 1350 /** 1351 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1352 * 1353 * Defines whether RFC 9146 (default) or the legacy version 1354 * (version draft-ietf-tls-dtls-connection-id-05, 1355 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) 1356 * is used. 1357 * 1358 * Set the value to 0 for the standard version, and 1359 * 1 for the legacy draft version. 1360 * 1361 * \deprecated Support for the legacy version of the DTLS 1362 * Connection ID feature is deprecated. Please 1363 * switch to the standardized version defined 1364 * in RFC 9146 enabled by utilizing 1365 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use 1366 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. 1367 * 1368 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID 1369 */ 1370 #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 1371 1372 /** 1373 * \def MBEDTLS_SSL_ASYNC_PRIVATE 1374 * 1375 * Enable asynchronous external private key operations in SSL. This allows 1376 * you to configure an SSL connection to call an external cryptographic 1377 * module to perform private key operations instead of performing the 1378 * operation inside the library. 1379 * 1380 */ 1381 //#define MBEDTLS_SSL_ASYNC_PRIVATE 1382 1383 /** 1384 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION 1385 * 1386 * Enable serialization of the TLS context structures, through use of the 1387 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load(). 1388 * 1389 * This pair of functions allows one side of a connection to serialize the 1390 * context associated with the connection, then free or re-use that context 1391 * while the serialized state is persisted elsewhere, and finally deserialize 1392 * that state to a live context for resuming read/write operations on the 1393 * connection. From a protocol perspective, the state of the connection is 1394 * unaffected, in particular this is entirely transparent to the peer. 1395 * 1396 * Note: this is distinct from TLS session resumption, which is part of the 1397 * protocol and fully visible by the peer. TLS session resumption enables 1398 * establishing new connections associated to a saved session with shorter, 1399 * lighter handshakes, while context serialization is a local optimization in 1400 * handling a single, potentially long-lived connection. 1401 * 1402 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are 1403 * saved after the handshake to allow for more efficient serialization, so if 1404 * you don't need this feature you'll save RAM by disabling it. 1405 * 1406 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C 1407 * 1408 * Comment to disable the context serialization APIs. 1409 */ 1410 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION 1411 1412 /** 1413 * \def MBEDTLS_SSL_DEBUG_ALL 1414 * 1415 * Enable the debug messages in SSL module for all issues. 1416 * Debug messages have been disabled in some places to prevent timing 1417 * attacks due to (unbalanced) debugging function calls. 1418 * 1419 * If you need all error reporting you should enable this during debugging, 1420 * but remove this for production servers that should log as well. 1421 * 1422 * Uncomment this macro to report all debug messages on errors introducing 1423 * a timing side-channel. 1424 * 1425 */ 1426 //#define MBEDTLS_SSL_DEBUG_ALL 1427 1428 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC 1429 * 1430 * Enable support for Encrypt-then-MAC, RFC 7366. 1431 * 1432 * This allows peers that both support it to use a more robust protection for 1433 * ciphersuites using CBC, providing deep resistance against timing attacks 1434 * on the padding or underlying cipher. 1435 * 1436 * This only affects CBC ciphersuites, and is useless if none is defined. 1437 * 1438 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1439 * 1440 * Comment this macro to disable support for Encrypt-then-MAC 1441 */ 1442 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC 1443 1444 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1445 * 1446 * Enable support for RFC 7627: Session Hash and Extended Master Secret 1447 * Extension. 1448 * 1449 * This was introduced as "the proper fix" to the Triple Handshake family of 1450 * attacks, but it is recommended to always use it (even if you disable 1451 * renegotiation), since it actually fixes a more fundamental issue in the 1452 * original SSL/TLS design, and has implications beyond Triple Handshake. 1453 * 1454 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1455 * 1456 * Comment this macro to disable support for Extended Master Secret. 1457 */ 1458 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1459 1460 /** 1461 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1462 * 1463 * This option controls the availability of the API mbedtls_ssl_get_peer_cert() 1464 * giving access to the peer's certificate after completion of the handshake. 1465 * 1466 * Unless you need mbedtls_ssl_peer_cert() in your application, it is 1467 * recommended to disable this option for reduced RAM usage. 1468 * 1469 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still 1470 * defined, but always returns \c NULL. 1471 * 1472 * \note This option has no influence on the protection against the 1473 * triple handshake attack. Even if it is disabled, Mbed TLS will 1474 * still ensure that certificates do not change during renegotiation, 1475 * for example by keeping a hash of the peer's certificate. 1476 * 1477 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set. 1478 * 1479 * Comment this macro to disable storing the peer's certificate 1480 * after the handshake. 1481 */ 1482 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1483 1484 /** 1485 * \def MBEDTLS_SSL_RENEGOTIATION 1486 * 1487 * Enable support for TLS renegotiation. 1488 * 1489 * The two main uses of renegotiation are (1) refresh keys on long-lived 1490 * connections and (2) client authentication after the initial handshake. 1491 * If you don't need renegotiation, it's probably better to disable it, since 1492 * it has been associated with security issues in the past and is easy to 1493 * misuse/misunderstand. 1494 * 1495 * Comment this to disable support for renegotiation. 1496 * 1497 * \note Even if this option is disabled, both client and server are aware 1498 * of the Renegotiation Indication Extension (RFC 5746) used to 1499 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). 1500 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the 1501 * configuration of this extension). 1502 * 1503 */ 1504 #define MBEDTLS_SSL_RENEGOTIATION 1505 1506 /** 1507 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1508 * 1509 * Enable support for RFC 6066 max_fragment_length extension in SSL. 1510 * 1511 * Comment this macro to disable support for the max_fragment_length extension 1512 */ 1513 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1514 1515 /** 1516 * \def MBEDTLS_SSL_PROTO_TLS1_2 1517 * 1518 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). 1519 * 1520 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and 1521 * (MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C) 1522 * With MBEDTLS_USE_PSA_CRYPTO: 1523 * PSA_WANT_ALG_SHA_1 or PSA_WANT_ALG_SHA_256 or 1524 * PSA_WANT_ALG_SHA_512 1525 * 1526 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 1527 * psa_crypto_init() before doing any TLS operations. 1528 * 1529 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 1530 */ 1531 #define MBEDTLS_SSL_PROTO_TLS1_2 1532 1533 /** 1534 * \def MBEDTLS_SSL_PROTO_TLS1_3 1535 * 1536 * Enable support for TLS 1.3. 1537 * 1538 * \note The support for TLS 1.3 is not comprehensive yet, in particular 1539 * pre-shared keys are not supported. 1540 * See docs/architecture/tls13-support.md for a description of the TLS 1541 * 1.3 support that this option enables. 1542 * 1543 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1544 * Requires: MBEDTLS_PSA_CRYPTO_C 1545 * 1546 * Note: even though TLS 1.3 depends on PSA Crypto, and uses it unconditionally 1547 * for most operations, if you want it to only use PSA for all crypto 1548 * operations, you need to also enable MBEDTLS_USE_PSA_CRYPTO; otherwise X.509 1549 * operations, and functions that are common with TLS 1.2 (record protection, 1550 * running handshake hash) will still use non-PSA crypto. 1551 * 1552 * Uncomment this macro to enable the support for TLS 1.3. 1553 */ 1554 //#define MBEDTLS_SSL_PROTO_TLS1_3 1555 1556 /** 1557 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1558 * 1559 * Enable TLS 1.3 middlebox compatibility mode. 1560 * 1561 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility 1562 * mode to make a TLS 1.3 connection more likely to pass through middle boxes 1563 * expecting TLS 1.2 traffic. 1564 * 1565 * Turning on the compatibility mode comes at the cost of a few added bytes 1566 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations 1567 * that don't use it. Therefore, unless transmission bandwidth is critical and 1568 * you know that middlebox compatibility issues won't occur, it is therefore 1569 * recommended to set this option. 1570 * 1571 * Comment to disable compatibility mode for TLS 1.3. If 1572 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1573 * effect on the build. 1574 * 1575 */ 1576 //#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1577 1578 /** 1579 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1580 * 1581 * Enable TLS 1.3 PSK key exchange mode. 1582 * 1583 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If 1584 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1585 * effect on the build. 1586 * 1587 */ 1588 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1589 1590 /** 1591 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1592 * 1593 * Enable TLS 1.3 ephemeral key exchange mode. 1594 * 1595 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C, MBEDTLS_ECDSA_C or 1596 * MBEDTLS_PKCS1_V21 1597 * 1598 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. 1599 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1600 * effect on the build. 1601 * 1602 */ 1603 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1604 1605 /** 1606 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1607 * 1608 * Enable TLS 1.3 PSK ephemeral key exchange mode. 1609 * 1610 * Requires: MBEDTLS_ECDH_C 1611 * 1612 * Comment to disable support for the PSK ephemeral key exchange mode in 1613 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not 1614 * have any effect on the build. 1615 * 1616 */ 1617 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1618 1619 /** 1620 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 1621 * 1622 * Maximum time difference in milliseconds tolerated between the age of a 1623 * ticket from the server and client point of view. 1624 * From the client point of view, the age of a ticket is the time difference 1625 * between the time when the client proposes to the server to use the ticket 1626 * (time of writing of the Pre-Shared Key Extension including the ticket) and 1627 * the time the client received the ticket from the server. 1628 * From the server point of view, the age of a ticket is the time difference 1629 * between the time when the server receives a proposition from the client 1630 * to use the ticket and the time when the ticket was created by the server. 1631 * The server age is expected to be always greater than the client one and 1632 * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the 1633 * maximum difference tolerated for the server to accept the ticket. 1634 * This is not used in TLS 1.2. 1635 * 1636 */ 1637 #define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 1638 1639 /** 1640 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 1641 * 1642 * Size in bytes of a ticket nonce. This is not used in TLS 1.2. 1643 * 1644 * This must be less than 256. 1645 */ 1646 #define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 1647 1648 /** 1649 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1650 * 1651 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server 1652 * after handshake completion. This is not used in TLS 1.2 and relevant only if 1653 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. 1654 * 1655 */ 1656 #define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 1657 1658 /** 1659 * \def MBEDTLS_SSL_EARLY_DATA 1660 * 1661 * Enable support for RFC 8446 TLS 1.3 early data. 1662 * 1663 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either 1664 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or 1665 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1666 * 1667 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 1668 * is not enabled, this option does not have any effect on the build. 1669 * 1670 * This feature is experimental, not completed and thus not ready for 1671 * production. 1672 * 1673 */ 1674 //#define MBEDTLS_SSL_EARLY_DATA 1675 1676 /** 1677 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1678 * 1679 * The default maximum amount of 0-RTT data. See the documentation of 1680 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. 1681 * 1682 * It must be positive and smaller than UINT32_MAX. 1683 * 1684 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not 1685 * have any impact on the build. 1686 * 1687 * This feature is experimental, not completed and thus not ready for 1688 * production. 1689 * 1690 */ 1691 #define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 1692 1693 /** 1694 * \def MBEDTLS_SSL_PROTO_DTLS 1695 * 1696 * Enable support for DTLS (all available versions). 1697 * 1698 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. 1699 * 1700 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1701 * 1702 * Comment this macro to disable support for DTLS 1703 */ 1704 #define MBEDTLS_SSL_PROTO_DTLS 1705 1706 /** 1707 * \def MBEDTLS_SSL_ALPN 1708 * 1709 * Enable support for RFC 7301 Application Layer Protocol Negotiation. 1710 * 1711 * Comment this macro to disable support for ALPN. 1712 */ 1713 #define MBEDTLS_SSL_ALPN 1714 1715 /** 1716 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY 1717 * 1718 * Enable support for the anti-replay mechanism in DTLS. 1719 * 1720 * Requires: MBEDTLS_SSL_TLS_C 1721 * MBEDTLS_SSL_PROTO_DTLS 1722 * 1723 * \warning Disabling this is often a security risk! 1724 * See mbedtls_ssl_conf_dtls_anti_replay() for details. 1725 * 1726 * Comment this to disable anti-replay in DTLS. 1727 */ 1728 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY 1729 1730 /** 1731 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY 1732 * 1733 * Enable support for HelloVerifyRequest on DTLS servers. 1734 * 1735 * This feature is highly recommended to prevent DTLS servers being used as 1736 * amplifiers in DoS attacks against other hosts. It should always be enabled 1737 * unless you know for sure amplification cannot be a problem in the 1738 * environment in which your server operates. 1739 * 1740 * \warning Disabling this can be a security risk! (see above) 1741 * 1742 * Requires: MBEDTLS_SSL_PROTO_DTLS 1743 * 1744 * Comment this to disable support for HelloVerifyRequest. 1745 */ 1746 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY 1747 1748 /** 1749 * \def MBEDTLS_SSL_DTLS_SRTP 1750 * 1751 * Enable support for negotiation of DTLS-SRTP (RFC 5764) 1752 * through the use_srtp extension. 1753 * 1754 * \note This feature provides the minimum functionality required 1755 * to negotiate the use of DTLS-SRTP and to allow the derivation of 1756 * the associated SRTP packet protection key material. 1757 * In particular, the SRTP packet protection itself, as well as the 1758 * demultiplexing of RTP and DTLS packets at the datagram layer 1759 * (see Section 5 of RFC 5764), are not handled by this feature. 1760 * Instead, after successful completion of a handshake negotiating 1761 * the use of DTLS-SRTP, the extended key exporter API 1762 * mbedtls_ssl_conf_export_keys_cb() should be used to implement 1763 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 1764 * (this is implemented in the SSL example programs). 1765 * The resulting key should then be passed to an SRTP stack. 1766 * 1767 * Setting this option enables the runtime API 1768 * mbedtls_ssl_conf_dtls_srtp_protection_profiles() 1769 * through which the supported DTLS-SRTP protection 1770 * profiles can be configured. You must call this API at 1771 * runtime if you wish to negotiate the use of DTLS-SRTP. 1772 * 1773 * Requires: MBEDTLS_SSL_PROTO_DTLS 1774 * 1775 * Uncomment this to enable support for use_srtp extension. 1776 */ 1777 //#define MBEDTLS_SSL_DTLS_SRTP 1778 1779 /** 1780 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1781 * 1782 * Enable server-side support for clients that reconnect from the same port. 1783 * 1784 * Some clients unexpectedly close the connection and try to reconnect using the 1785 * same source port. This needs special support from the server to handle the 1786 * new connection securely, as described in section 4.2.8 of RFC 6347. This 1787 * flag enables that support. 1788 * 1789 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY 1790 * 1791 * Comment this to disable support for clients reusing the source port. 1792 */ 1793 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1794 1795 /** 1796 * \def MBEDTLS_SSL_SESSION_TICKETS 1797 * 1798 * Enable support for RFC 5077 session tickets in SSL. 1799 * Client-side, provides full support for session tickets (maintenance of a 1800 * session store remains the responsibility of the application, though). 1801 * Server-side, you also need to provide callbacks for writing and parsing 1802 * tickets, including authenticated encryption and key management. Example 1803 * callbacks are provided by MBEDTLS_SSL_TICKET_C. 1804 * 1805 * Comment this macro to disable support for SSL session tickets 1806 */ 1807 #define MBEDTLS_SSL_SESSION_TICKETS 1808 1809 /** 1810 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION 1811 * 1812 * Enable support for RFC 6066 server name indication (SNI) in SSL. 1813 * 1814 * Requires: MBEDTLS_X509_CRT_PARSE_C 1815 * 1816 * Comment this macro to disable support for server name indication in SSL 1817 */ 1818 #define MBEDTLS_SSL_SERVER_NAME_INDICATION 1819 1820 /** 1821 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 1822 * 1823 * When this option is enabled, the SSL buffer will be resized automatically 1824 * based on the negotiated maximum fragment length in each direction. 1825 * 1826 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1827 */ 1828 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 1829 1830 /** 1831 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1832 * 1833 * Enable testing of the constant-flow nature of some sensitive functions with 1834 * clang's MemorySanitizer. This causes some existing tests to also test 1835 * this non-functional property of the code under test. 1836 * 1837 * This setting requires compiling with clang -fsanitize=memory. The test 1838 * suites can then be run normally. 1839 * 1840 * \warning This macro is only used for extended testing; it is not considered 1841 * part of the library's API, so it may change or disappear at any time. 1842 * 1843 * Uncomment to enable testing of the constant-flow nature of selected code. 1844 */ 1845 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 1846 1847 /** 1848 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1849 * 1850 * Enable testing of the constant-flow nature of some sensitive functions with 1851 * valgrind's memcheck tool. This causes some existing tests to also test 1852 * this non-functional property of the code under test. 1853 * 1854 * This setting requires valgrind headers for building, and is only useful for 1855 * testing if the tests suites are run with valgrind's memcheck. This can be 1856 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when 1857 * using CMake, this can be done for all test suites with 'make memcheck'. 1858 * 1859 * \warning This macro is only used for extended testing; it is not considered 1860 * part of the library's API, so it may change or disappear at any time. 1861 * 1862 * Uncomment to enable testing of the constant-flow nature of selected code. 1863 */ 1864 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 1865 1866 /** 1867 * \def MBEDTLS_TEST_HOOKS 1868 * 1869 * Enable features for invasive testing such as introspection functions and 1870 * hooks for fault injection. This enables additional unit tests. 1871 * 1872 * Merely enabling this feature should not change the behavior of the product. 1873 * It only adds new code, and new branching points where the default behavior 1874 * is the same as when this feature is disabled. 1875 * However, this feature increases the attack surface: there is an added 1876 * risk of vulnerabilities, and more gadgets that can make exploits easier. 1877 * Therefore this feature must never be enabled in production. 1878 * 1879 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more 1880 * information. 1881 * 1882 * Uncomment to enable invasive tests. 1883 */ 1884 //#define MBEDTLS_TEST_HOOKS 1885 1886 /** 1887 * \def MBEDTLS_THREADING_ALT 1888 * 1889 * Provide your own alternate threading implementation. 1890 * 1891 * Requires: MBEDTLS_THREADING_C 1892 * 1893 * Uncomment this to allow your own alternate threading implementation. 1894 */ 1895 //#define MBEDTLS_THREADING_ALT 1896 1897 /** 1898 * \def MBEDTLS_THREADING_PTHREAD 1899 * 1900 * Enable the pthread wrapper layer for the threading layer. 1901 * 1902 * Requires: MBEDTLS_THREADING_C 1903 * 1904 * Uncomment this to enable pthread mutexes. 1905 */ 1906 //#define MBEDTLS_THREADING_PTHREAD 1907 1908 /** 1909 * \def MBEDTLS_USE_PSA_CRYPTO 1910 * 1911 * Make the X.509 and TLS library use PSA for cryptographic operations, and 1912 * enable new APIs for using keys handled by PSA Crypto. 1913 * 1914 * \note Development of this option is currently in progress, and parts of Mbed 1915 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts 1916 * will still continue to work as usual, so enabling this option should not 1917 * break backwards compatibility. 1918 * 1919 * \note See docs/use-psa-crypto.md for a complete description of what this 1920 * option currently does, and of parts that are not affected by it so far. 1921 * 1922 * \warning If you enable this option, you need to call `psa_crypto_init()` 1923 * before calling any function from the SSL/TLS, X.509 or PK modules. 1924 * 1925 * Requires: MBEDTLS_PSA_CRYPTO_C. 1926 * Conflicts with: MBEDTLS_ECP_RESTARTABLE 1927 * 1928 * Uncomment this to enable internal use of PSA Crypto and new associated APIs. 1929 */ 1930 //#define MBEDTLS_USE_PSA_CRYPTO 1931 1932 /** 1933 * \def MBEDTLS_PSA_CRYPTO_CONFIG 1934 * 1935 * This setting allows support for cryptographic mechanisms through the PSA 1936 * API to be configured separately from support through the mbedtls API. 1937 * 1938 * When this option is disabled, the PSA API exposes the cryptographic 1939 * mechanisms that can be implemented on top of the `mbedtls_xxx` API 1940 * configured with `MBEDTLS_XXX` symbols. 1941 * 1942 * When this option is enabled, the PSA API exposes the cryptographic 1943 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in 1944 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are 1945 * automatically enabled if required (i.e. if no PSA driver provides the 1946 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols 1947 * in mbedtls_config.h. 1948 * 1949 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies 1950 * an alternative header to include instead of include/psa/crypto_config.h. 1951 * 1952 * This feature is still experimental and is not ready for production since 1953 * it is not completed. 1954 */ 1955 //#define MBEDTLS_PSA_CRYPTO_CONFIG 1956 1957 /** 1958 * \def MBEDTLS_VERSION_FEATURES 1959 * 1960 * Allow run-time checking of compile-time enabled features. Thus allowing users 1961 * to check at run-time if the library is for instance compiled with threading 1962 * support via mbedtls_version_check_feature(). 1963 * 1964 * Requires: MBEDTLS_VERSION_C 1965 * 1966 * Comment this to disable run-time checking and save ROM space 1967 */ 1968 #define MBEDTLS_VERSION_FEATURES 1969 1970 /** 1971 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 1972 * 1973 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` 1974 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure 1975 * the set of trusted certificates through a callback instead of a linked 1976 * list. 1977 * 1978 * This is useful for example in environments where a large number of trusted 1979 * certificates is present and storing them in a linked list isn't efficient 1980 * enough, or when the set of trusted certificates changes frequently. 1981 * 1982 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and 1983 * `mbedtls_ssl_conf_ca_cb()` for more information. 1984 * 1985 * Uncomment to enable trusted certificate callbacks. 1986 */ 1987 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 1988 1989 /** 1990 * \def MBEDTLS_X509_REMOVE_INFO 1991 * 1992 * Disable mbedtls_x509_*_info() and related APIs. 1993 * 1994 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() 1995 * and other functions/constants only used by these functions, thus reducing 1996 * the code footprint by several KB. 1997 */ 1998 //#define MBEDTLS_X509_REMOVE_INFO 1999 2000 /** 2001 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT 2002 * 2003 * Enable parsing and verification of X.509 certificates, CRLs and CSRS 2004 * signed with RSASSA-PSS (aka PKCS#1 v2.1). 2005 * 2006 * Comment this macro to disallow using RSASSA-PSS in certificates. 2007 */ 2008 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT 2009 /** \} name SECTION: mbed TLS feature support */ 2010 2011 /** 2012 * \name SECTION: mbed TLS modules 2013 * 2014 * This section enables or disables entire modules in mbed TLS 2015 * \{ 2016 */ 2017 2018 /** 2019 * \def MBEDTLS_AESNI_C 2020 * 2021 * Enable AES-NI support on x86-64. 2022 * 2023 * Module: library/aesni.c 2024 * Caller: library/aes.c 2025 * 2026 * Requires: MBEDTLS_HAVE_ASM 2027 * 2028 * This modules adds support for the AES-NI instructions on x86-64 2029 */ 2030 #define MBEDTLS_AESNI_C 2031 2032 /** 2033 * \def MBEDTLS_AES_C 2034 * 2035 * Enable the AES block cipher. 2036 * 2037 * Module: library/aes.c 2038 * Caller: library/cipher.c 2039 * library/pem.c 2040 * library/ctr_drbg.c 2041 * 2042 * This module enables the following ciphersuites (if other requisites are 2043 * enabled as well): 2044 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 2045 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 2046 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 2047 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 2048 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 2049 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 2050 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 2051 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 2052 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 2053 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 2054 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 2055 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 2056 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 2057 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 2058 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 2059 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 2060 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 2061 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 2062 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 2063 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 2064 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2065 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 2066 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 2067 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 2068 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 2069 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 2070 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 2071 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 2072 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 2073 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 2074 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 2075 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 2076 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 2077 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 2078 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 2079 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 2080 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 2081 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 2082 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 2083 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 2084 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 2085 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 2086 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 2087 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 2088 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 2089 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 2090 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 2091 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 2092 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 2093 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 2094 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 2095 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 2096 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 2097 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 2098 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 2099 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 2100 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 2101 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 2102 * 2103 * PEM_PARSE uses AES for decrypting encrypted keys. 2104 */ 2105 #define MBEDTLS_AES_C 2106 2107 /** 2108 * \def MBEDTLS_ASN1_PARSE_C 2109 * 2110 * Enable the generic ASN1 parser. 2111 * 2112 * Module: library/asn1.c 2113 * Caller: library/x509.c 2114 * library/dhm.c 2115 * library/pkcs12.c 2116 * library/pkcs5.c 2117 * library/pkparse.c 2118 */ 2119 #define MBEDTLS_ASN1_PARSE_C 2120 2121 /** 2122 * \def MBEDTLS_ASN1_WRITE_C 2123 * 2124 * Enable the generic ASN1 writer. 2125 * 2126 * Module: library/asn1write.c 2127 * Caller: library/ecdsa.c 2128 * library/pkwrite.c 2129 * library/x509_create.c 2130 * library/x509write_crt.c 2131 * library/x509write_csr.c 2132 */ 2133 #define MBEDTLS_ASN1_WRITE_C 2134 2135 /** 2136 * \def MBEDTLS_BASE64_C 2137 * 2138 * Enable the Base64 module. 2139 * 2140 * Module: library/base64.c 2141 * Caller: library/pem.c 2142 * 2143 * This module is required for PEM support (required by X.509). 2144 */ 2145 #define MBEDTLS_BASE64_C 2146 2147 /** 2148 * \def MBEDTLS_BIGNUM_C 2149 * 2150 * Enable the multi-precision integer library. 2151 * 2152 * Module: library/bignum.c 2153 * library/bignum_core.c 2154 * library/bignum_mod.c 2155 * library/bignum_mod_raw.c 2156 * Caller: library/dhm.c 2157 * library/ecp.c 2158 * library/ecdsa.c 2159 * library/rsa.c 2160 * library/rsa_alt_helpers.c 2161 * library/ssl_tls.c 2162 * 2163 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. 2164 */ 2165 #define MBEDTLS_BIGNUM_C 2166 2167 /** 2168 * \def MBEDTLS_CAMELLIA_C 2169 * 2170 * Enable the Camellia block cipher. 2171 * 2172 * Module: library/camellia.c 2173 * Caller: library/cipher.c 2174 * 2175 * This module enables the following ciphersuites (if other requisites are 2176 * enabled as well): 2177 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2178 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2179 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 2180 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 2181 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2182 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2183 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 2184 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 2185 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2186 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2187 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2188 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2189 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 2190 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 2191 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 2192 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2193 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2194 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2195 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2196 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2197 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2198 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 2199 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 2200 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2201 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2202 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 2203 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2204 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2205 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 2206 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 2207 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 2208 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 2209 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 2210 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 2211 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 2212 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 2213 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 2214 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 2215 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 2216 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 2217 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 2218 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 2219 */ 2220 #define MBEDTLS_CAMELLIA_C 2221 2222 /** 2223 * \def MBEDTLS_ARIA_C 2224 * 2225 * Enable the ARIA block cipher. 2226 * 2227 * Module: library/aria.c 2228 * Caller: library/cipher.c 2229 * 2230 * This module enables the following ciphersuites (if other requisites are 2231 * enabled as well): 2232 * 2233 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 2234 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 2235 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 2236 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 2237 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 2238 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 2239 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 2240 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 2241 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 2242 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 2243 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 2244 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 2245 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 2246 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 2247 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 2248 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 2249 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 2250 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 2251 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 2252 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 2253 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 2254 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 2255 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 2256 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 2257 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 2258 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 2259 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 2260 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 2261 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 2262 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 2263 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 2264 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 2265 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 2266 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 2267 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 2268 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 2269 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 2270 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 2271 */ 2272 #define MBEDTLS_ARIA_C 2273 2274 /** 2275 * \def MBEDTLS_CCM_C 2276 * 2277 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. 2278 * 2279 * Module: library/ccm.c 2280 * 2281 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2282 * MBEDTLS_ARIA_C 2283 * 2284 * This module enables the AES-CCM ciphersuites, if other requisites are 2285 * enabled as well. 2286 */ 2287 #define MBEDTLS_CCM_C 2288 2289 /** 2290 * \def MBEDTLS_CHACHA20_C 2291 * 2292 * Enable the ChaCha20 stream cipher. 2293 * 2294 * Module: library/chacha20.c 2295 */ 2296 #define MBEDTLS_CHACHA20_C 2297 2298 /** 2299 * \def MBEDTLS_CHACHAPOLY_C 2300 * 2301 * Enable the ChaCha20-Poly1305 AEAD algorithm. 2302 * 2303 * Module: library/chachapoly.c 2304 * 2305 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C 2306 */ 2307 #define MBEDTLS_CHACHAPOLY_C 2308 2309 /** 2310 * \def MBEDTLS_CIPHER_C 2311 * 2312 * Enable the generic cipher layer. 2313 * 2314 * Module: library/cipher.c 2315 * Caller: library/ccm.c 2316 * library/cmac.c 2317 * library/gcm.c 2318 * library/nist_kw.c 2319 * library/pkcs12.c 2320 * library/pkcs5.c 2321 * library/psa_crypto_aead.c 2322 * library/psa_crypto_mac.c 2323 * library/ssl_ciphersuites.c 2324 * library/ssl_msg.c 2325 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) 2326 * 2327 * Uncomment to enable generic cipher wrappers. 2328 */ 2329 #define MBEDTLS_CIPHER_C 2330 2331 /** 2332 * \def MBEDTLS_CMAC_C 2333 * 2334 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block 2335 * ciphers. 2336 * 2337 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying 2338 * implementation of the CMAC algorithm is provided by an alternate 2339 * implementation, that alternate implementation may opt to not support 2340 * AES-192 or 3DES as underlying block ciphers for the CMAC operation. 2341 * 2342 * Module: library/cmac.c 2343 * 2344 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C 2345 * 2346 */ 2347 #define MBEDTLS_CMAC_C 2348 2349 /** 2350 * \def MBEDTLS_CTR_DRBG_C 2351 * 2352 * Enable the CTR_DRBG AES-based random generator. 2353 * The CTR_DRBG generator uses AES-256 by default. 2354 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. 2355 * 2356 * \note To achieve a 256-bit security strength with CTR_DRBG, 2357 * you must use AES-256 *and* use sufficient entropy. 2358 * See ctr_drbg.h for more details. 2359 * 2360 * Module: library/ctr_drbg.c 2361 * Caller: 2362 * 2363 * Requires: MBEDTLS_AES_C 2364 * 2365 * This module provides the CTR_DRBG AES random number generator. 2366 */ 2367 #define MBEDTLS_CTR_DRBG_C 2368 2369 /** 2370 * \def MBEDTLS_DEBUG_C 2371 * 2372 * Enable the debug functions. 2373 * 2374 * Module: library/debug.c 2375 * Caller: library/ssl_msg.c 2376 * library/ssl_tls.c 2377 * library/ssl_tls12_*.c 2378 * library/ssl_tls13_*.c 2379 * 2380 * This module provides debugging functions. 2381 */ 2382 #define MBEDTLS_DEBUG_C 2383 2384 /** 2385 * \def MBEDTLS_DES_C 2386 * 2387 * Enable the DES block cipher. 2388 * 2389 * Module: library/des.c 2390 * Caller: library/pem.c 2391 * library/cipher.c 2392 * 2393 * PEM_PARSE uses DES/3DES for decrypting encrypted keys. 2394 * 2395 * \warning DES is considered a weak cipher and its use constitutes a 2396 * security risk. We recommend considering stronger ciphers instead. 2397 */ 2398 #define MBEDTLS_DES_C 2399 2400 /** 2401 * \def MBEDTLS_DHM_C 2402 * 2403 * Enable the Diffie-Hellman-Merkle module. 2404 * 2405 * Module: library/dhm.c 2406 * Caller: library/ssl_tls.c 2407 * library/ssl*_client.c 2408 * library/ssl*_server.c 2409 * 2410 * This module is used by the following key exchanges: 2411 * DHE-RSA, DHE-PSK 2412 * 2413 * \warning Using DHE constitutes a security risk as it 2414 * is not possible to validate custom DH parameters. 2415 * If possible, it is recommended users should consider 2416 * preferring other methods of key exchange. 2417 * See dhm.h for more details. 2418 * 2419 */ 2420 #define MBEDTLS_DHM_C 2421 2422 /** 2423 * \def MBEDTLS_ECDH_C 2424 * 2425 * Enable the elliptic curve Diffie-Hellman library. 2426 * 2427 * Module: library/ecdh.c 2428 * Caller: library/psa_crypto.c 2429 * library/ssl_tls.c 2430 * library/ssl*_client.c 2431 * library/ssl*_server.c 2432 * 2433 * This module is used by the following key exchanges: 2434 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK 2435 * 2436 * Requires: MBEDTLS_ECP_C 2437 */ 2438 #define MBEDTLS_ECDH_C 2439 2440 /** 2441 * \def MBEDTLS_ECDSA_C 2442 * 2443 * Enable the elliptic curve DSA library. 2444 * 2445 * Module: library/ecdsa.c 2446 * Caller: 2447 * 2448 * This module is used by the following key exchanges: 2449 * ECDHE-ECDSA 2450 * 2451 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, 2452 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a 2453 * short Weierstrass curve. 2454 */ 2455 #define MBEDTLS_ECDSA_C 2456 2457 /** 2458 * \def MBEDTLS_ECJPAKE_C 2459 * 2460 * Enable the elliptic curve J-PAKE library. 2461 * 2462 * \note EC J-PAKE support is based on the Thread v1.0.0 specification. 2463 * It has not been reviewed for compliance with newer standards such as 2464 * Thread v1.1 or RFC 8236. 2465 * 2466 * Module: library/ecjpake.c 2467 * Caller: 2468 * 2469 * This module is used by the following key exchanges: 2470 * ECJPAKE 2471 * 2472 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C 2473 * 2474 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 2475 * before doing any EC J-PAKE operations. 2476 * 2477 * \warning When building with MBEDTLS_MD_C, all hashes used with this 2478 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 2479 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 2480 * this module in builds where MBEDTLS_MD_C is disabled. 2481 */ 2482 #define MBEDTLS_ECJPAKE_C 2483 2484 /** 2485 * \def MBEDTLS_ECP_C 2486 * 2487 * Enable the elliptic curve over GF(p) library. 2488 * 2489 * Module: library/ecp.c 2490 * Caller: library/ecdh.c 2491 * library/ecdsa.c 2492 * library/ecjpake.c 2493 * 2494 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED 2495 */ 2496 #define MBEDTLS_ECP_C 2497 2498 /** 2499 * \def MBEDTLS_ENTROPY_C 2500 * 2501 * Enable the platform-specific entropy code. 2502 * 2503 * Module: library/entropy.c 2504 * Caller: 2505 * 2506 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C 2507 * 2508 * This module provides a generic entropy pool 2509 */ 2510 #define MBEDTLS_ENTROPY_C 2511 2512 /** 2513 * \def MBEDTLS_ERROR_C 2514 * 2515 * Enable error code to error string conversion. 2516 * 2517 * Module: library/error.c 2518 * Caller: 2519 * 2520 * This module enables mbedtls_strerror(). 2521 */ 2522 #define MBEDTLS_ERROR_C 2523 2524 /** 2525 * \def MBEDTLS_GCM_C 2526 * 2527 * Enable the Galois/Counter Mode (GCM). 2528 * 2529 * Module: library/gcm.c 2530 * 2531 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2532 * MBEDTLS_ARIA_C 2533 * 2534 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other 2535 * requisites are enabled as well. 2536 */ 2537 #define MBEDTLS_GCM_C 2538 2539 /** 2540 * \def MBEDTLS_HKDF_C 2541 * 2542 * Enable the HKDF algorithm (RFC 5869). 2543 * 2544 * Module: library/hkdf.c 2545 * Caller: 2546 * 2547 * Requires: MBEDTLS_MD_C 2548 * 2549 * This module adds support for the Hashed Message Authentication Code 2550 * (HMAC)-based key derivation function (HKDF). 2551 */ 2552 #define MBEDTLS_HKDF_C 2553 2554 /** 2555 * \def MBEDTLS_HMAC_DRBG_C 2556 * 2557 * Enable the HMAC_DRBG random generator. 2558 * 2559 * Module: library/hmac_drbg.c 2560 * Caller: 2561 * 2562 * Requires: MBEDTLS_MD_C 2563 * 2564 * Uncomment to enable the HMAC_DRBG random number generator. 2565 */ 2566 #define MBEDTLS_HMAC_DRBG_C 2567 2568 /** 2569 * \def MBEDTLS_LMS_C 2570 * 2571 * Enable the LMS stateful-hash asymmetric signature algorithm. 2572 * 2573 * Module: library/lms.c 2574 * Caller: 2575 * 2576 * Requires: MBEDTLS_PSA_CRYPTO_C 2577 * 2578 * Uncomment to enable the LMS verification algorithm and public key operations. 2579 */ 2580 #define MBEDTLS_LMS_C 2581 2582 /** 2583 * \def MBEDTLS_LMS_PRIVATE 2584 * 2585 * Enable LMS private-key operations and signing code. Functions enabled by this 2586 * option are experimental, and should not be used in production. 2587 * 2588 * Requires: MBEDTLS_LMS_C 2589 * 2590 * Uncomment to enable the LMS signature algorithm and private key operations. 2591 */ 2592 //#define MBEDTLS_LMS_PRIVATE 2593 2594 /** 2595 * \def MBEDTLS_NIST_KW_C 2596 * 2597 * Enable the Key Wrapping mode for 128-bit block ciphers, 2598 * as defined in NIST SP 800-38F. Only KW and KWP modes 2599 * are supported. At the moment, only AES is approved by NIST. 2600 * 2601 * Module: library/nist_kw.c 2602 * 2603 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C 2604 */ 2605 #define MBEDTLS_NIST_KW_C 2606 2607 /** 2608 * \def MBEDTLS_MD_C 2609 * 2610 * Enable the generic message digest layer. 2611 * 2612 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, 2613 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, 2614 * MBEDTLS_SHA512_C. 2615 * Module: library/md.c 2616 * Caller: library/constant_time.c 2617 * library/ecdsa.c 2618 * library/ecjpake.c 2619 * library/hkdf.c 2620 * library/hmac_drbg.c 2621 * library/pk.c 2622 * library/pkcs5.c 2623 * library/pkcs12.c 2624 * library/psa_crypto_ecp.c 2625 * library/psa_crypto_rsa.c 2626 * library/rsa.c 2627 * library/ssl_cookie.c 2628 * library/ssl_msg.c 2629 * library/ssl_tls.c 2630 * library/x509.c 2631 * library/x509_crt.c 2632 * library/x509write_crt.c 2633 * library/x509write_csr.c 2634 * 2635 * Uncomment to enable generic message digest wrappers. 2636 */ 2637 #define MBEDTLS_MD_C 2638 2639 /** 2640 * \def MBEDTLS_MD5_C 2641 * 2642 * Enable the MD5 hash algorithm. 2643 * 2644 * Module: library/md5.c 2645 * Caller: library/md.c 2646 * library/pem.c 2647 * library/ssl_tls.c 2648 * 2649 * This module is required for TLS 1.2 depending on the handshake parameters. 2650 * Further, it is used for checking MD5-signed certificates, and for PBKDF1 2651 * when decrypting PEM-encoded encrypted keys. 2652 * 2653 * \warning MD5 is considered a weak message digest and its use constitutes a 2654 * security risk. If possible, we recommend avoiding dependencies on 2655 * it, and considering stronger message digests instead. 2656 * 2657 */ 2658 #define MBEDTLS_MD5_C 2659 2660 /** 2661 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C 2662 * 2663 * Enable the buffer allocator implementation that makes use of a (stack) 2664 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() 2665 * calls) 2666 * 2667 * Module: library/memory_buffer_alloc.c 2668 * 2669 * Requires: MBEDTLS_PLATFORM_C 2670 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) 2671 * 2672 * Enable this module to enable the buffer memory allocator. 2673 */ 2674 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C 2675 2676 /** 2677 * \def MBEDTLS_NET_C 2678 * 2679 * Enable the TCP and UDP over IPv6/IPv4 networking routines. 2680 * 2681 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) 2682 * and Windows. For other platforms, you'll want to disable it, and write your 2683 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). 2684 * 2685 * \note See also our Knowledge Base article about porting to a new 2686 * environment: 2687 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 2688 * 2689 * Module: library/net_sockets.c 2690 * 2691 * This module provides networking routines. 2692 */ 2693 #define MBEDTLS_NET_C 2694 2695 /** 2696 * \def MBEDTLS_OID_C 2697 * 2698 * Enable the OID database. 2699 * 2700 * Module: library/oid.c 2701 * Caller: library/asn1write.c 2702 * library/pkcs5.c 2703 * library/pkparse.c 2704 * library/pkwrite.c 2705 * library/rsa.c 2706 * library/x509.c 2707 * library/x509_create.c 2708 * library/x509_crl.c 2709 * library/x509_crt.c 2710 * library/x509_csr.c 2711 * library/x509write_crt.c 2712 * library/x509write_csr.c 2713 * 2714 * This modules translates between OIDs and internal values. 2715 */ 2716 #define MBEDTLS_OID_C 2717 2718 /** 2719 * \def MBEDTLS_PADLOCK_C 2720 * 2721 * Enable VIA Padlock support on x86. 2722 * 2723 * Module: library/padlock.c 2724 * Caller: library/aes.c 2725 * 2726 * Requires: MBEDTLS_HAVE_ASM 2727 * 2728 * This modules adds support for the VIA PadLock on x86. 2729 */ 2730 #define MBEDTLS_PADLOCK_C 2731 2732 /** 2733 * \def MBEDTLS_PEM_PARSE_C 2734 * 2735 * Enable PEM decoding / parsing. 2736 * 2737 * Module: library/pem.c 2738 * Caller: library/dhm.c 2739 * library/pkparse.c 2740 * library/x509_crl.c 2741 * library/x509_crt.c 2742 * library/x509_csr.c 2743 * 2744 * Requires: MBEDTLS_BASE64_C 2745 * 2746 * This modules adds support for decoding / parsing PEM files. 2747 */ 2748 #define MBEDTLS_PEM_PARSE_C 2749 2750 /** 2751 * \def MBEDTLS_PEM_WRITE_C 2752 * 2753 * Enable PEM encoding / writing. 2754 * 2755 * Module: library/pem.c 2756 * Caller: library/pkwrite.c 2757 * library/x509write_crt.c 2758 * library/x509write_csr.c 2759 * 2760 * Requires: MBEDTLS_BASE64_C 2761 * 2762 * This modules adds support for encoding / writing PEM files. 2763 */ 2764 #define MBEDTLS_PEM_WRITE_C 2765 2766 /** 2767 * \def MBEDTLS_PK_C 2768 * 2769 * Enable the generic public (asymmetric) key layer. 2770 * 2771 * Module: library/pk.c 2772 * Caller: library/psa_crypto_rsa.c 2773 * library/ssl_tls.c 2774 * library/ssl*_client.c 2775 * library/ssl*_server.c 2776 * library/x509.c 2777 * 2778 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C 2779 * 2780 * Uncomment to enable generic public key wrappers. 2781 */ 2782 #define MBEDTLS_PK_C 2783 2784 /** 2785 * \def MBEDTLS_PK_PARSE_C 2786 * 2787 * Enable the generic public (asymmetric) key parser. 2788 * 2789 * Module: library/pkparse.c 2790 * Caller: library/x509_crt.c 2791 * library/x509_csr.c 2792 * 2793 * Requires: MBEDTLS_PK_C 2794 * 2795 * Uncomment to enable generic public key parse functions. 2796 */ 2797 #define MBEDTLS_PK_PARSE_C 2798 2799 /** 2800 * \def MBEDTLS_PK_WRITE_C 2801 * 2802 * Enable the generic public (asymmetric) key writer. 2803 * 2804 * Module: library/pkwrite.c 2805 * Caller: library/x509write.c 2806 * 2807 * Requires: MBEDTLS_PK_C 2808 * 2809 * Uncomment to enable generic public key write functions. 2810 */ 2811 #define MBEDTLS_PK_WRITE_C 2812 2813 /** 2814 * \def MBEDTLS_PKCS5_C 2815 * 2816 * Enable PKCS#5 functions. 2817 * 2818 * Module: library/pkcs5.c 2819 * 2820 * Requires: MBEDTLS_CIPHER_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. 2821 * 2822 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 2823 * before doing any PKCS5 operation. 2824 * 2825 * \warning When building with MBEDTLS_MD_C, all hashes used with this 2826 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 2827 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 2828 * this module in builds where MBEDTLS_MD_C is disabled. 2829 * 2830 * This module adds support for the PKCS#5 functions. 2831 */ 2832 #define MBEDTLS_PKCS5_C 2833 2834 /** 2835 * \def MBEDTLS_PKCS7_C 2836 * 2837 * This feature is a work in progress and not ready for production. Testing and 2838 * validation is incomplete, and handling of malformed inputs may not be robust. 2839 * The API may change. 2840 * 2841 * Enable PKCS7 core for using PKCS7 formatted signatures. 2842 * RFC Link - https://tools.ietf.org/html/rfc2315 2843 * 2844 * Module: library/pkcs7.c 2845 * 2846 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 2847 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, 2848 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C 2849 * 2850 * This module is required for the PKCS7 parsing modules. 2851 */ 2852 //#define MBEDTLS_PKCS7_C 2853 2854 /** 2855 * \def MBEDTLS_PKCS12_C 2856 * 2857 * Enable PKCS#12 PBE functions. 2858 * Adds algorithms for parsing PKCS#8 encrypted private keys 2859 * 2860 * Module: library/pkcs12.c 2861 * Caller: library/pkparse.c 2862 * 2863 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either 2864 * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. 2865 * 2866 * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() 2867 * before doing any PKCS12 operation. 2868 * 2869 * \warning When building with MBEDTLS_MD_C, all hashes used with this 2870 * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, 2871 * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by 2872 * this module in builds where MBEDTLS_MD_C is disabled. 2873 * 2874 * This module enables PKCS#12 functions. 2875 */ 2876 #define MBEDTLS_PKCS12_C 2877 2878 /** 2879 * \def MBEDTLS_PLATFORM_C 2880 * 2881 * Enable the platform abstraction layer that allows you to re-assign 2882 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). 2883 * 2884 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT 2885 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned 2886 * above to be specified at runtime or compile time respectively. 2887 * 2888 * \note This abstraction layer must be enabled on Windows (including MSYS2) 2889 * as other modules rely on it for a fixed snprintf implementation. 2890 * 2891 * Module: library/platform.c 2892 * Caller: Most other .c files 2893 * 2894 * This module enables abstraction of common (libc) functions. 2895 */ 2896 #define MBEDTLS_PLATFORM_C 2897 2898 /** 2899 * \def MBEDTLS_POLY1305_C 2900 * 2901 * Enable the Poly1305 MAC algorithm. 2902 * 2903 * Module: library/poly1305.c 2904 * Caller: library/chachapoly.c 2905 */ 2906 #define MBEDTLS_POLY1305_C 2907 2908 /** 2909 * \def MBEDTLS_PSA_CRYPTO_C 2910 * 2911 * Enable the Platform Security Architecture cryptography API. 2912 * 2913 * Module: library/psa_crypto.c 2914 * 2915 * Requires: MBEDTLS_CIPHER_C, 2916 * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, 2917 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, 2918 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. 2919 * 2920 */ 2921 #define MBEDTLS_PSA_CRYPTO_C 2922 2923 /** 2924 * \def MBEDTLS_PSA_CRYPTO_SE_C 2925 * 2926 * Enable dynamic secure element support in the Platform Security Architecture 2927 * cryptography API. 2928 * 2929 * \deprecated This feature is deprecated. Please switch to the driver 2930 * interface enabled by #MBEDTLS_PSA_CRYPTO_DRIVERS. 2931 * 2932 * Module: library/psa_crypto_se.c 2933 * 2934 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C 2935 * 2936 */ 2937 //#define MBEDTLS_PSA_CRYPTO_SE_C 2938 2939 /** 2940 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C 2941 * 2942 * Enable the Platform Security Architecture persistent key storage. 2943 * 2944 * Module: library/psa_crypto_storage.c 2945 * 2946 * Requires: MBEDTLS_PSA_CRYPTO_C, 2947 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of 2948 * the PSA ITS interface 2949 */ 2950 #define MBEDTLS_PSA_CRYPTO_STORAGE_C 2951 2952 /** 2953 * \def MBEDTLS_PSA_ITS_FILE_C 2954 * 2955 * Enable the emulation of the Platform Security Architecture 2956 * Internal Trusted Storage (PSA ITS) over files. 2957 * 2958 * Module: library/psa_its_file.c 2959 * 2960 * Requires: MBEDTLS_FS_IO 2961 */ 2962 #define MBEDTLS_PSA_ITS_FILE_C 2963 2964 /** 2965 * \def MBEDTLS_RIPEMD160_C 2966 * 2967 * Enable the RIPEMD-160 hash algorithm. 2968 * 2969 * Module: library/ripemd160.c 2970 * Caller: library/md.c 2971 * 2972 */ 2973 #define MBEDTLS_RIPEMD160_C 2974 2975 /** 2976 * \def MBEDTLS_RSA_C 2977 * 2978 * Enable the RSA public-key cryptosystem. 2979 * 2980 * Module: library/rsa.c 2981 * library/rsa_alt_helpers.c 2982 * Caller: library/pk.c 2983 * library/psa_crypto.c 2984 * library/ssl_tls.c 2985 * library/ssl*_client.c 2986 * library/ssl*_server.c 2987 * 2988 * This module is used by the following key exchanges: 2989 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK 2990 * 2991 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C 2992 */ 2993 #define MBEDTLS_RSA_C 2994 2995 /** 2996 * \def MBEDTLS_SHA1_C 2997 * 2998 * Enable the SHA1 cryptographic hash algorithm. 2999 * 3000 * Module: library/sha1.c 3001 * Caller: library/md.c 3002 * library/psa_crypto_hash.c 3003 * 3004 * This module is required for TLS 1.2 depending on the handshake parameters, 3005 * and for SHA1-signed certificates. 3006 * 3007 * \warning SHA-1 is considered a weak message digest and its use constitutes 3008 * a security risk. If possible, we recommend avoiding dependencies 3009 * on it, and considering stronger message digests instead. 3010 * 3011 */ 3012 #define MBEDTLS_SHA1_C 3013 3014 /** 3015 * \def MBEDTLS_SHA224_C 3016 * 3017 * Enable the SHA-224 cryptographic hash algorithm. 3018 * 3019 * Requires: MBEDTLS_SHA256_C. The library does not currently support enabling 3020 * SHA-224 without SHA-256. 3021 * 3022 * Module: library/sha256.c 3023 * Caller: library/md.c 3024 * library/ssl_cookie.c 3025 * 3026 * This module adds support for SHA-224. 3027 */ 3028 #define MBEDTLS_SHA224_C 3029 3030 /** 3031 * \def MBEDTLS_SHA256_C 3032 * 3033 * Enable the SHA-256 cryptographic hash algorithm. 3034 * 3035 * Requires: MBEDTLS_SHA224_C. The library does not currently support enabling 3036 * SHA-256 without SHA-224. 3037 * 3038 * Module: library/sha256.c 3039 * Caller: library/entropy.c 3040 * library/md.c 3041 * library/ssl_tls.c 3042 * library/ssl*_client.c 3043 * library/ssl*_server.c 3044 * 3045 * This module adds support for SHA-256. 3046 * This module is required for the SSL/TLS 1.2 PRF function. 3047 */ 3048 #define MBEDTLS_SHA256_C 3049 3050 /** 3051 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3052 * 3053 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3054 * with the ARMv8 cryptographic extensions if they are available at runtime. 3055 * If not, the library will fall back to the C implementation. 3056 * 3057 * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building 3058 * for a non-Aarch64 build it will be silently ignored. 3059 * 3060 * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum 3061 * of \c -march=armv8-a+crypto. 3062 * 3063 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3064 * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. 3065 * 3066 * Requires: MBEDTLS_SHA256_C. 3067 * 3068 * Module: library/sha256.c 3069 * 3070 * Uncomment to have the library check for the A64 SHA-256 crypto extensions 3071 * and use them if available. 3072 */ 3073 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3074 3075 /** 3076 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3077 * 3078 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3079 * with the ARMv8 cryptographic extensions, which must be available at runtime 3080 * or else an illegal instruction fault will occur. 3081 * 3082 * \note This allows builds with a smaller code size than with 3083 * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3084 * 3085 * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum 3086 * of \c -march=armv8-a+crypto. 3087 * 3088 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same 3089 * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. 3090 * 3091 * Requires: MBEDTLS_SHA256_C. 3092 * 3093 * Module: library/sha256.c 3094 * 3095 * Uncomment to have the library use the A64 SHA-256 crypto extensions 3096 * unconditionally. 3097 */ 3098 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3099 3100 /** 3101 * \def MBEDTLS_SHA384_C 3102 * 3103 * Enable the SHA-384 cryptographic hash algorithm. 3104 * 3105 * Requires: MBEDTLS_SHA512_C 3106 * 3107 * Module: library/sha512.c 3108 * Caller: library/md.c 3109 * library/psa_crypto_hash.c 3110 * library/ssl_tls.c 3111 * library/ssl*_client.c 3112 * library/ssl*_server.c 3113 * 3114 * Comment to disable SHA-384 3115 */ 3116 #define MBEDTLS_SHA384_C 3117 3118 /** 3119 * \def MBEDTLS_SHA512_C 3120 * 3121 * Enable SHA-512 cryptographic hash algorithms. 3122 * 3123 * Module: library/sha512.c 3124 * Caller: library/entropy.c 3125 * library/md.c 3126 * library/ssl_tls.c 3127 * library/ssl_cookie.c 3128 * 3129 * This module adds support for SHA-512. 3130 */ 3131 #define MBEDTLS_SHA512_C 3132 3133 /** 3134 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3135 * 3136 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3137 * with the ARMv8 cryptographic extensions if they are available at runtime. 3138 * If not, the library will fall back to the C implementation. 3139 * 3140 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building 3141 * for a non-Aarch64 build it will be silently ignored. 3142 * 3143 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or 3144 * Clang >= 7, and \c CFLAGS must be set to a minimum of 3145 * \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the 3146 * fastest code. 3147 * 3148 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3149 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. 3150 * 3151 * Requires: MBEDTLS_SHA512_C. 3152 * 3153 * Module: library/sha512.c 3154 * 3155 * Uncomment to have the library check for the A64 SHA-512 crypto extensions 3156 * and use them if available. 3157 */ 3158 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3159 3160 /** 3161 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3162 * 3163 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3164 * with the ARMv8 cryptographic extensions, which must be available at runtime 3165 * or else an illegal instruction fault will occur. 3166 * 3167 * \note This allows builds with a smaller code size than with 3168 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3169 * 3170 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or 3171 * Clang >= 7, and \c CFLAGS must be set to a minimum of 3172 * \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the 3173 * fastest code. 3174 * 3175 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same 3176 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. 3177 * 3178 * Requires: MBEDTLS_SHA512_C. 3179 * 3180 * Module: library/sha512.c 3181 * 3182 * Uncomment to have the library use the A64 SHA-512 crypto extensions 3183 * unconditionally. 3184 */ 3185 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3186 3187 /** 3188 * \def MBEDTLS_SSL_CACHE_C 3189 * 3190 * Enable simple SSL cache implementation. 3191 * 3192 * Module: library/ssl_cache.c 3193 * Caller: 3194 * 3195 * Requires: MBEDTLS_SSL_CACHE_C 3196 */ 3197 #define MBEDTLS_SSL_CACHE_C 3198 3199 /** 3200 * \def MBEDTLS_SSL_COOKIE_C 3201 * 3202 * Enable basic implementation of DTLS cookies for hello verification. 3203 * 3204 * Module: library/ssl_cookie.c 3205 * Caller: 3206 */ 3207 #define MBEDTLS_SSL_COOKIE_C 3208 3209 /** 3210 * \def MBEDTLS_SSL_TICKET_C 3211 * 3212 * Enable an implementation of TLS server-side callbacks for session tickets. 3213 * 3214 * Module: library/ssl_ticket.c 3215 * Caller: 3216 * 3217 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) && 3218 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) 3219 */ 3220 #define MBEDTLS_SSL_TICKET_C 3221 3222 /** 3223 * \def MBEDTLS_SSL_CLI_C 3224 * 3225 * Enable the SSL/TLS client code. 3226 * 3227 * Module: library/ssl*_client.c 3228 * Caller: 3229 * 3230 * Requires: MBEDTLS_SSL_TLS_C 3231 * 3232 * This module is required for SSL/TLS client support. 3233 */ 3234 #define MBEDTLS_SSL_CLI_C 3235 3236 /** 3237 * \def MBEDTLS_SSL_SRV_C 3238 * 3239 * Enable the SSL/TLS server code. 3240 * 3241 * Module: library/ssl*_server.c 3242 * Caller: 3243 * 3244 * Requires: MBEDTLS_SSL_TLS_C 3245 * 3246 * This module is required for SSL/TLS server support. 3247 */ 3248 #define MBEDTLS_SSL_SRV_C 3249 3250 /** 3251 * \def MBEDTLS_SSL_TLS_C 3252 * 3253 * Enable the generic SSL/TLS code. 3254 * 3255 * Module: library/ssl_tls.c 3256 * Caller: library/ssl*_client.c 3257 * library/ssl*_server.c 3258 * 3259 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C 3260 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines 3261 * 3262 * This module is required for SSL/TLS. 3263 */ 3264 #define MBEDTLS_SSL_TLS_C 3265 3266 /** 3267 * \def MBEDTLS_THREADING_C 3268 * 3269 * Enable the threading abstraction layer. 3270 * By default mbed TLS assumes it is used in a non-threaded environment or that 3271 * contexts are not shared between threads. If you do intend to use contexts 3272 * between threads, you will need to enable this layer to prevent race 3273 * conditions. See also our Knowledge Base article about threading: 3274 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading 3275 * 3276 * Module: library/threading.c 3277 * 3278 * This allows different threading implementations (self-implemented or 3279 * provided). 3280 * 3281 * You will have to enable either MBEDTLS_THREADING_ALT or 3282 * MBEDTLS_THREADING_PTHREAD. 3283 * 3284 * Enable this layer to allow use of mutexes within mbed TLS 3285 */ 3286 //#define MBEDTLS_THREADING_C 3287 3288 /** 3289 * \def MBEDTLS_TIMING_C 3290 * 3291 * Enable the semi-portable timing interface. 3292 * 3293 * \note The provided implementation only works on POSIX/Unix (including Linux, 3294 * BSD and OS X) and Windows. On other platforms, you can either disable that 3295 * module and provide your own implementations of the callbacks needed by 3296 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide 3297 * your own implementation of the whole module by setting 3298 * \c MBEDTLS_TIMING_ALT in the current file. 3299 * 3300 * \note The timing module will include time.h on suitable platforms 3301 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 3302 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 3303 * 3304 * \note See also our Knowledge Base article about porting to a new 3305 * environment: 3306 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 3307 * 3308 * Module: library/timing.c 3309 */ 3310 #define MBEDTLS_TIMING_C 3311 3312 /** 3313 * \def MBEDTLS_VERSION_C 3314 * 3315 * Enable run-time version information. 3316 * 3317 * Module: library/version.c 3318 * 3319 * This module provides run-time version information. 3320 */ 3321 #define MBEDTLS_VERSION_C 3322 3323 /** 3324 * \def MBEDTLS_X509_USE_C 3325 * 3326 * Enable X.509 core for using certificates. 3327 * 3328 * Module: library/x509.c 3329 * Caller: library/x509_crl.c 3330 * library/x509_crt.c 3331 * library/x509_csr.c 3332 * 3333 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3334 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3335 * 3336 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3337 * psa_crypto_init() before doing any X.509 operation. 3338 * 3339 * This module is required for the X.509 parsing modules. 3340 */ 3341 #define MBEDTLS_X509_USE_C 3342 3343 /** 3344 * \def MBEDTLS_X509_CRT_PARSE_C 3345 * 3346 * Enable X.509 certificate parsing. 3347 * 3348 * Module: library/x509_crt.c 3349 * Caller: library/ssl_tls.c 3350 * library/ssl*_client.c 3351 * library/ssl*_server.c 3352 * 3353 * Requires: MBEDTLS_X509_USE_C 3354 * 3355 * This module is required for X.509 certificate parsing. 3356 */ 3357 #define MBEDTLS_X509_CRT_PARSE_C 3358 3359 /** 3360 * \def MBEDTLS_X509_CRL_PARSE_C 3361 * 3362 * Enable X.509 CRL parsing. 3363 * 3364 * Module: library/x509_crl.c 3365 * Caller: library/x509_crt.c 3366 * 3367 * Requires: MBEDTLS_X509_USE_C 3368 * 3369 * This module is required for X.509 CRL parsing. 3370 */ 3371 #define MBEDTLS_X509_CRL_PARSE_C 3372 3373 /** 3374 * \def MBEDTLS_X509_CSR_PARSE_C 3375 * 3376 * Enable X.509 Certificate Signing Request (CSR) parsing. 3377 * 3378 * Module: library/x509_csr.c 3379 * Caller: library/x509_crt_write.c 3380 * 3381 * Requires: MBEDTLS_X509_USE_C 3382 * 3383 * This module is used for reading X.509 certificate request. 3384 */ 3385 #define MBEDTLS_X509_CSR_PARSE_C 3386 3387 /** 3388 * \def MBEDTLS_X509_CREATE_C 3389 * 3390 * Enable X.509 core for creating certificates. 3391 * 3392 * Module: library/x509_create.c 3393 * 3394 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3395 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3396 * 3397 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3398 * psa_crypto_init() before doing any X.509 create operation. 3399 * 3400 * This module is the basis for creating X.509 certificates and CSRs. 3401 */ 3402 #define MBEDTLS_X509_CREATE_C 3403 3404 /** 3405 * \def MBEDTLS_X509_CRT_WRITE_C 3406 * 3407 * Enable creating X.509 certificates. 3408 * 3409 * Module: library/x509_crt_write.c 3410 * 3411 * Requires: MBEDTLS_X509_CREATE_C 3412 * 3413 * This module is required for X.509 certificate creation. 3414 */ 3415 #define MBEDTLS_X509_CRT_WRITE_C 3416 3417 /** 3418 * \def MBEDTLS_X509_CSR_WRITE_C 3419 * 3420 * Enable creating X.509 Certificate Signing Requests (CSR). 3421 * 3422 * Module: library/x509_csr_write.c 3423 * 3424 * Requires: MBEDTLS_X509_CREATE_C 3425 * 3426 * This module is required for X.509 certificate request writing. 3427 */ 3428 #define MBEDTLS_X509_CSR_WRITE_C 3429 3430 /** \} name SECTION: mbed TLS modules */ 3431 3432 /** 3433 * \name SECTION: General configuration options 3434 * 3435 * This section contains Mbed TLS build settings that are not associated 3436 * with a particular module. 3437 * 3438 * \{ 3439 */ 3440 3441 /** 3442 * \def MBEDTLS_CONFIG_FILE 3443 * 3444 * If defined, this is a header which will be included instead of 3445 * `"mbedtls/mbedtls_config.h"`. 3446 * This header file specifies the compile-time configuration of Mbed TLS. 3447 * Unlike other configuration options, this one must be defined on the 3448 * compiler command line: a definition in `mbedtls_config.h` would have 3449 * no effect. 3450 * 3451 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3452 * non-standard feature of the C language, so this feature is only available 3453 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3454 * 3455 * The value of this symbol is typically a path in double quotes, either 3456 * absolute or relative to a directory on the include search path. 3457 */ 3458 //#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" 3459 3460 /** 3461 * \def MBEDTLS_USER_CONFIG_FILE 3462 * 3463 * If defined, this is a header which will be included after 3464 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. 3465 * This allows you to modify the default configuration, including the ability 3466 * to undefine options that are enabled by default. 3467 * 3468 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3469 * non-standard feature of the C language, so this feature is only available 3470 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3471 * 3472 * The value of this symbol is typically a path in double quotes, either 3473 * absolute or relative to a directory on the include search path. 3474 */ 3475 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null" 3476 3477 /** 3478 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE 3479 * 3480 * If defined, this is a header which will be included instead of 3481 * `"psa/crypto_config.h"`. 3482 * This header file specifies which cryptographic mechanisms are available 3483 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and 3484 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. 3485 * 3486 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3487 * non-standard feature of the C language, so this feature is only available 3488 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3489 * 3490 * The value of this symbol is typically a path in double quotes, either 3491 * absolute or relative to a directory on the include search path. 3492 */ 3493 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" 3494 3495 /** 3496 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 3497 * 3498 * If defined, this is a header which will be included after 3499 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. 3500 * This allows you to modify the default configuration, including the ability 3501 * to undefine options that are enabled by default. 3502 * 3503 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3504 * non-standard feature of the C language, so this feature is only available 3505 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3506 * 3507 * The value of this symbol is typically a path in double quotes, either 3508 * absolute or relative to a directory on the include search path. 3509 */ 3510 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" 3511 3512 /** 3513 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE 3514 * 3515 * If defined, this is a header which will be included instead of 3516 * `"psa/crypto_platform.h"`. This file should declare the same identifiers 3517 * as the one in Mbed TLS, but with definitions adapted to the platform on 3518 * which the library code will run. 3519 * 3520 * \note The required content of this header can vary from one version of 3521 * Mbed TLS to the next. Integrators who provide an alternative file 3522 * should review the changes in the original file whenever they 3523 * upgrade Mbed TLS. 3524 * 3525 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3526 * non-standard feature of the C language, so this feature is only available 3527 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3528 * 3529 * The value of this symbol is typically a path in double quotes, either 3530 * absolute or relative to a directory on the include search path. 3531 */ 3532 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" 3533 3534 /** 3535 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE 3536 * 3537 * If defined, this is a header which will be included instead of 3538 * `"psa/crypto_struct.h"`. This file should declare the same identifiers 3539 * as the one in Mbed TLS, but with definitions adapted to the environment 3540 * in which the library code will run. The typical use for this feature 3541 * is to provide alternative type definitions on the client side in 3542 * client-server integrations of PSA crypto, where operation structures 3543 * contain handles instead of cryptographic data. 3544 * 3545 * \note The required content of this header can vary from one version of 3546 * Mbed TLS to the next. Integrators who provide an alternative file 3547 * should review the changes in the original file whenever they 3548 * upgrade Mbed TLS. 3549 * 3550 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3551 * non-standard feature of the C language, so this feature is only available 3552 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3553 * 3554 * The value of this symbol is typically a path in double quotes, either 3555 * absolute or relative to a directory on the include search path. 3556 */ 3557 //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" 3558 3559 /** \} name SECTION: General configuration options */ 3560 3561 /** 3562 * \name SECTION: Module configuration options 3563 * 3564 * This section allows for the setting of module specific sizes and 3565 * configuration options. The default values are already present in the 3566 * relevant header files and should suffice for the regular use cases. 3567 * 3568 * Our advice is to enable options and change their values here 3569 * only if you have a good reason and know the consequences. 3570 * \{ 3571 */ 3572 /* The Doxygen documentation here is used when a user comments out a 3573 * setting and runs doxygen themselves. On the other hand, when we typeset 3574 * the full documentation including disabled settings, the documentation 3575 * in specific modules' header files is used if present. When editing this 3576 * file, make sure that each option is documented in exactly one place, 3577 * plus optionally a same-line Doxygen comment here if there is a Doxygen 3578 * comment in the specific module. */ 3579 3580 /* MPI / BIGNUM options */ 3581 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */ 3582 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ 3583 3584 /* CTR_DRBG options */ 3585 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ 3586 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3587 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3588 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3589 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3590 3591 /* HMAC_DRBG options */ 3592 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3593 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3594 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3595 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3596 3597 /* ECP options */ 3598 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */ 3599 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ 3600 3601 /* Entropy options */ 3602 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ 3603 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ 3604 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ 3605 3606 /* Memory buffer allocator options */ 3607 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ 3608 3609 /* Platform options */ 3610 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ 3611 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ 3612 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ 3613 //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ 3614 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ 3615 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3616 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ 3617 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ 3618 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3619 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ 3620 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ 3621 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ 3622 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3623 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3624 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ 3625 3626 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ 3627 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ 3628 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ 3629 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ 3630 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ 3631 //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ 3632 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3633 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3634 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ 3635 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ 3636 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3637 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ 3638 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ 3639 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3640 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3641 3642 /** \def MBEDTLS_CHECK_RETURN 3643 * 3644 * This macro is used at the beginning of the declaration of a function 3645 * to indicate that its return value should be checked. It should 3646 * instruct the compiler to emit a warning or an error if the function 3647 * is called without checking its return value. 3648 * 3649 * There is a default implementation for popular compilers in platform_util.h. 3650 * You can override the default implementation by defining your own here. 3651 * 3652 * If the implementation here is empty, this will effectively disable the 3653 * checking of functions' return values. 3654 */ 3655 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) 3656 3657 /** \def MBEDTLS_IGNORE_RETURN 3658 * 3659 * This macro requires one argument, which should be a C function call. 3660 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this 3661 * warning is suppressed. 3662 */ 3663 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) 3664 3665 /* PSA options */ 3666 /** 3667 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the 3668 * PSA crypto subsystem. 3669 * 3670 * If this option is unset: 3671 * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG. 3672 * - Otherwise, the PSA subsystem uses HMAC_DRBG with either 3673 * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and 3674 * on unspecified heuristics. 3675 */ 3676 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 3677 3678 /** \def MBEDTLS_PSA_KEY_SLOT_COUNT 3679 * Restrict the PSA library to supporting a maximum amount of simultaneously 3680 * loaded keys. A loaded key is a key stored by the PSA Crypto core as a 3681 * volatile key, or a persistent key which is loaded temporarily by the 3682 * library as part of a crypto operation in flight. 3683 * 3684 * If this option is unset, the library will fall back to a default value of 3685 * 32 keys. 3686 */ 3687 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 3688 3689 /* SSL Cache options */ 3690 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ 3691 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ 3692 3693 /* SSL options */ 3694 3695 /** \def MBEDTLS_SSL_IN_CONTENT_LEN 3696 * 3697 * Maximum length (in bytes) of incoming plaintext fragments. 3698 * 3699 * This determines the size of the incoming TLS I/O buffer in such a way 3700 * that it is capable of holding the specified amount of plaintext data, 3701 * regardless of the protection mechanism used. 3702 * 3703 * \note When using a value less than the default of 16KB on the client, it is 3704 * recommended to use the Maximum Fragment Length (MFL) extension to 3705 * inform the server about this limitation. On the server, there 3706 * is no supported, standardized way of informing the client about 3707 * restriction on the maximum size of incoming messages, and unless 3708 * the limitation has been communicated by other means, it is recommended 3709 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN 3710 * while keeping the default value of 16KB for the incoming buffer. 3711 * 3712 * Uncomment to set the maximum plaintext size of the incoming I/O buffer. 3713 */ 3714 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 3715 3716 /** \def MBEDTLS_SSL_CID_IN_LEN_MAX 3717 * 3718 * The maximum length of CIDs used for incoming DTLS messages. 3719 * 3720 */ 3721 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 3722 3723 /** \def MBEDTLS_SSL_CID_OUT_LEN_MAX 3724 * 3725 * The maximum length of CIDs used for outgoing DTLS messages. 3726 * 3727 */ 3728 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 3729 3730 /** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 3731 * 3732 * This option controls the use of record plaintext padding 3733 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. 3734 * 3735 * The padding will always be chosen so that the length of the 3736 * padded plaintext is a multiple of the value of this option. 3737 * 3738 * Note: A value of \c 1 means that no padding will be used 3739 * for outgoing records. 3740 * 3741 * Note: On systems lacking division instructions, 3742 * a power of two should be preferred. 3743 */ 3744 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 3745 3746 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN 3747 * 3748 * Maximum length (in bytes) of outgoing plaintext fragments. 3749 * 3750 * This determines the size of the outgoing TLS I/O buffer in such a way 3751 * that it is capable of holding the specified amount of plaintext data, 3752 * regardless of the protection mechanism used. 3753 * 3754 * It is possible to save RAM by setting a smaller outward buffer, while keeping 3755 * the default inward 16384 byte buffer to conform to the TLS specification. 3756 * 3757 * The minimum required outward buffer size is determined by the handshake 3758 * protocol's usage. Handshaking will fail if the outward buffer is too small. 3759 * The specific size requirement depends on the configured ciphers and any 3760 * certificate data which is sent during the handshake. 3761 * 3762 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. 3763 */ 3764 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 3765 3766 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING 3767 * 3768 * Maximum number of heap-allocated bytes for the purpose of 3769 * DTLS handshake message reassembly and future message buffering. 3770 * 3771 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN 3772 * to account for a reassembled handshake message of maximum size, 3773 * together with its reassembly bitmap. 3774 * 3775 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) 3776 * should be sufficient for all practical situations as it allows 3777 * to reassembly a large handshake message (such as a certificate) 3778 * while buffering multiple smaller handshake messages. 3779 * 3780 */ 3781 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 3782 3783 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ 3784 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ 3785 3786 /** 3787 * Complete list of ciphersuites to use, in order of preference. 3788 * 3789 * \warning No dependency checking is done on that field! This option can only 3790 * be used to restrict the set of available ciphersuites. It is your 3791 * responsibility to make sure the needed modules are active. 3792 * 3793 * Use this to save a few hundred bytes of ROM (default ordering of all 3794 * available ciphersuites) and a few to a few hundred bytes of RAM. 3795 * 3796 * The value below is only an example, not the default. 3797 */ 3798 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 3799 3800 /* X509 options */ 3801 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ 3802 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ 3803 3804 /** 3805 * Uncomment the macro to let mbed TLS use your alternate implementation of 3806 * mbedtls_platform_zeroize(). This replaces the default implementation in 3807 * platform_util.c. 3808 * 3809 * mbedtls_platform_zeroize() is a widely used function across the library to 3810 * zero a block of memory. The implementation is expected to be secure in the 3811 * sense that it has been written to prevent the compiler from removing calls 3812 * to mbedtls_platform_zeroize() as part of redundant code elimination 3813 * optimizations. However, it is difficult to guarantee that calls to 3814 * mbedtls_platform_zeroize() will not be optimized by the compiler as older 3815 * versions of the C language standards do not provide a secure implementation 3816 * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to 3817 * configure their own implementation of mbedtls_platform_zeroize(), for 3818 * example by using directives specific to their compiler, features from newer 3819 * C standards (e.g using memset_s() in C11) or calling a secure memset() from 3820 * their system (e.g explicit_bzero() in BSD). 3821 */ 3822 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT 3823 3824 /** 3825 * Uncomment the macro to let Mbed TLS use your alternate implementation of 3826 * mbedtls_platform_gmtime_r(). This replaces the default implementation in 3827 * platform_util.c. 3828 * 3829 * gmtime() is not a thread-safe function as defined in the C standard. The 3830 * library will try to use safer implementations of this function, such as 3831 * gmtime_r() when available. However, if Mbed TLS cannot identify the target 3832 * system, the implementation of mbedtls_platform_gmtime_r() will default to 3833 * using the standard gmtime(). In this case, calls from the library to 3834 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex 3835 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the 3836 * library are also guarded with this mutex to avoid race conditions. However, 3837 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will 3838 * unconditionally use the implementation for mbedtls_platform_gmtime_r() 3839 * supplied at compile time. 3840 */ 3841 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT 3842 3843 /** 3844 * Enable the verified implementations of ECDH primitives from Project Everest 3845 * (currently only Curve25519). This feature changes the layout of ECDH 3846 * contexts and therefore is a compatibility break for applications that access 3847 * fields of a mbedtls_ecdh_context structure directly. See also 3848 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. 3849 */ 3850 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 3851 3852 /** \} name SECTION: Module configuration options */ 3853