1 /** 2 * \file mbedtls_config.h 3 * 4 * \brief Configuration options (set of defines) 5 * 6 * This set of compile-time options may be used to enable 7 * or disable features selectively, and reduce the global 8 * memory footprint. 9 */ 10 /* 11 * Copyright The Mbed TLS Contributors 12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 13 */ 14 15 /** 16 * This is an optional version symbol that enables compatibility handling of 17 * config files. 18 * 19 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that 20 * introduced the config format we want to be compatible with. 21 */ 22 //#define MBEDTLS_CONFIG_VERSION 0x03000000 23 24 /** 25 * \name SECTION: System support 26 * 27 * This section sets system specific settings. 28 * \{ 29 */ 30 31 /** 32 * \def MBEDTLS_HAVE_ASM 33 * 34 * The compiler has support for asm(). 35 * 36 * Requires support for asm() in compiler. 37 * 38 * Used in: 39 * library/aesni.h 40 * library/aria.c 41 * library/bn_mul.h 42 * library/constant_time.c 43 * library/padlock.h 44 * 45 * Required by: 46 * MBEDTLS_AESCE_C 47 * MBEDTLS_AESNI_C (on some platforms) 48 * MBEDTLS_PADLOCK_C 49 * 50 * Comment to disable the use of assembly code. 51 */ 52 #define MBEDTLS_HAVE_ASM 53 54 /** 55 * \def MBEDTLS_NO_UDBL_DIVISION 56 * 57 * The platform lacks support for double-width integer division (64-bit 58 * division on a 32-bit platform, 128-bit division on a 64-bit platform). 59 * 60 * Used in: 61 * include/mbedtls/bignum.h 62 * library/bignum.c 63 * 64 * The bignum code uses double-width division to speed up some operations. 65 * Double-width division is often implemented in software that needs to 66 * be linked with the program. The presence of a double-width integer 67 * type is usually detected automatically through preprocessor macros, 68 * but the automatic detection cannot know whether the code needs to 69 * and can be linked with an implementation of division for that type. 70 * By default division is assumed to be usable if the type is present. 71 * Uncomment this option to prevent the use of double-width division. 72 * 73 * Note that division for the native integer type is always required. 74 * Furthermore, a 64-bit type is always required even on a 32-bit 75 * platform, but it need not support multiplication or division. In some 76 * cases it is also desirable to disable some double-width operations. For 77 * example, if double-width division is implemented in software, disabling 78 * it can reduce code size in some embedded targets. 79 */ 80 //#define MBEDTLS_NO_UDBL_DIVISION 81 82 /** 83 * \def MBEDTLS_NO_64BIT_MULTIPLICATION 84 * 85 * The platform lacks support for 32x32 -> 64-bit multiplication. 86 * 87 * Used in: 88 * library/poly1305.c 89 * 90 * Some parts of the library may use multiplication of two unsigned 32-bit 91 * operands with a 64-bit result in order to speed up computations. On some 92 * platforms, this is not available in hardware and has to be implemented in 93 * software, usually in a library provided by the toolchain. 94 * 95 * Sometimes it is not desirable to have to link to that library. This option 96 * removes the dependency of that library on platforms that lack a hardware 97 * 64-bit multiplier by embedding a software implementation in Mbed TLS. 98 * 99 * Note that depending on the compiler, this may decrease performance compared 100 * to using the library function provided by the toolchain. 101 */ 102 //#define MBEDTLS_NO_64BIT_MULTIPLICATION 103 104 /** 105 * \def MBEDTLS_HAVE_SSE2 106 * 107 * CPU supports SSE2 instruction set. 108 * 109 * Uncomment if the CPU supports SSE2 (IA-32 specific). 110 */ 111 //#define MBEDTLS_HAVE_SSE2 112 113 /** 114 * \def MBEDTLS_HAVE_TIME 115 * 116 * System has time.h and time(). 117 * The time does not need to be correct, only time differences are used, 118 * by contrast with MBEDTLS_HAVE_TIME_DATE 119 * 120 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, 121 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and 122 * MBEDTLS_PLATFORM_STD_TIME. 123 * 124 * Comment if your system does not support time functions. 125 * 126 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing 127 * interface - timing.c will include time.h on suitable platforms 128 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 129 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 130 */ 131 #define MBEDTLS_HAVE_TIME 132 133 /** 134 * \def MBEDTLS_HAVE_TIME_DATE 135 * 136 * System has time.h, time(), and an implementation for 137 * mbedtls_platform_gmtime_r() (see below). 138 * The time needs to be correct (not necessarily very accurate, but at least 139 * the date should be correct). This is used to verify the validity period of 140 * X.509 certificates. 141 * 142 * Comment if your system does not have a correct clock. 143 * 144 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that 145 * behaves similarly to the gmtime_r() function from the C standard. Refer to 146 * the documentation for mbedtls_platform_gmtime_r() for more information. 147 * 148 * \note It is possible to configure an implementation for 149 * mbedtls_platform_gmtime_r() at compile-time by using the macro 150 * MBEDTLS_PLATFORM_GMTIME_R_ALT. 151 */ 152 #define MBEDTLS_HAVE_TIME_DATE 153 154 /** 155 * \def MBEDTLS_PLATFORM_MEMORY 156 * 157 * Enable the memory allocation layer. 158 * 159 * By default Mbed TLS uses the system-provided calloc() and free(). 160 * This allows different allocators (self-implemented or provided) to be 161 * provided to the platform abstraction layer. 162 * 163 * Enabling #MBEDTLS_PLATFORM_MEMORY without the 164 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide 165 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and 166 * free() function pointer at runtime. 167 * 168 * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying 169 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the 170 * alternate function at compile time. 171 * 172 * An overview of how the value of mbedtls_calloc is determined: 173 * 174 * - if !MBEDTLS_PLATFORM_MEMORY 175 * - mbedtls_calloc = calloc 176 * - if MBEDTLS_PLATFORM_MEMORY 177 * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): 178 * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO 179 * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): 180 * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. 181 * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? 182 * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: 183 * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; 184 * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; 185 * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: 186 * - if MBEDTLS_PLATFORM_STD_CALLOC is present: 187 * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; 188 * - if !MBEDTLS_PLATFORM_STD_CALLOC: 189 * - MBEDTLS_PLATFORM_STD_CALLOC = calloc 190 * 191 * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. 192 * - if !MBEDTLS_PLATFORM_STD_CALLOC 193 * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc 194 * 195 * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. 196 * 197 * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. 198 * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. 199 * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, 200 * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. 201 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. 202 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. 203 * 204 * Requires: MBEDTLS_PLATFORM_C 205 * 206 * Enable this layer to allow use of alternative memory allocators. 207 */ 208 //#define MBEDTLS_PLATFORM_MEMORY 209 210 /** 211 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 212 * 213 * Do not assign standard functions in the platform layer (e.g. calloc() to 214 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) 215 * 216 * This makes sure there are no linking errors on platforms that do not support 217 * these functions. You will HAVE to provide alternatives, either at runtime 218 * via the platform_set_xxx() functions or at compile time by setting 219 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a 220 * MBEDTLS_PLATFORM_XXX_MACRO. 221 * 222 * Requires: MBEDTLS_PLATFORM_C 223 * 224 * Uncomment to prevent default assignment of standard functions in the 225 * platform layer. 226 */ 227 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 228 229 /** 230 * \def MBEDTLS_PLATFORM_EXIT_ALT 231 * 232 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the 233 * function in the platform abstraction layer. 234 * 235 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will 236 * provide a function "mbedtls_platform_set_printf()" that allows you to set an 237 * alternative printf function pointer. 238 * 239 * All these define require MBEDTLS_PLATFORM_C to be defined! 240 * 241 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; 242 * it will be enabled automatically by check_config.h 243 * 244 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as 245 * MBEDTLS_PLATFORM_XXX_MACRO! 246 * 247 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME 248 * 249 * Uncomment a macro to enable alternate implementation of specific base 250 * platform function 251 */ 252 //#define MBEDTLS_PLATFORM_SETBUF_ALT 253 //#define MBEDTLS_PLATFORM_EXIT_ALT 254 //#define MBEDTLS_PLATFORM_TIME_ALT 255 //#define MBEDTLS_PLATFORM_FPRINTF_ALT 256 //#define MBEDTLS_PLATFORM_PRINTF_ALT 257 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT 258 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT 259 //#define MBEDTLS_PLATFORM_NV_SEED_ALT 260 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT 261 //#define MBEDTLS_PLATFORM_MS_TIME_ALT 262 263 /** 264 * Uncomment the macro to let Mbed TLS use your alternate implementation of 265 * mbedtls_platform_gmtime_r(). This replaces the default implementation in 266 * platform_util.c. 267 * 268 * gmtime() is not a thread-safe function as defined in the C standard. The 269 * library will try to use safer implementations of this function, such as 270 * gmtime_r() when available. However, if Mbed TLS cannot identify the target 271 * system, the implementation of mbedtls_platform_gmtime_r() will default to 272 * using the standard gmtime(). In this case, calls from the library to 273 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex 274 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the 275 * library are also guarded with this mutex to avoid race conditions. However, 276 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will 277 * unconditionally use the implementation for mbedtls_platform_gmtime_r() 278 * supplied at compile time. 279 */ 280 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT 281 282 /** 283 * Uncomment the macro to let Mbed TLS use your alternate implementation of 284 * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces 285 * the default implementation in platform_util.c. 286 * 287 * By default, the library uses a system function such as memset_s() 288 * (optional feature of C11), explicit_bzero() (BSD and compatible), or 289 * SecureZeroMemory (Windows). If no such function is detected, the library 290 * falls back to a plain C implementation. Compilers are technically 291 * permitted to optimize this implementation out, meaning that the memory is 292 * not actually wiped. The library tries to prevent that, but the C language 293 * makes it impossible to guarantee that the memory will always be wiped. 294 * 295 * If your platform provides a guaranteed method to wipe memory which 296 * `platform_util.c` does not detect, define this macro to the name of 297 * a function that takes two arguments, a `void *` pointer and a length, 298 * and wipes that many bytes starting at the specified address. For example, 299 * if your platform has explicit_bzero() but `platform_util.c` does not 300 * detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be 301 * `explicit_bzero` to use that function as mbedtls_platform_zeroize(). 302 */ 303 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT 304 305 /** 306 * \def MBEDTLS_DEPRECATED_WARNING 307 * 308 * Mark deprecated functions and features so that they generate a warning if 309 * used. Functionality deprecated in one version will usually be removed in the 310 * next version. You can enable this to help you prepare the transition to a 311 * new major version by making sure your code is not using this functionality. 312 * 313 * This only works with GCC and Clang. With other compilers, you may want to 314 * use MBEDTLS_DEPRECATED_REMOVED 315 * 316 * Uncomment to get warnings on using deprecated functions and features. 317 */ 318 //#define MBEDTLS_DEPRECATED_WARNING 319 320 /** 321 * \def MBEDTLS_DEPRECATED_REMOVED 322 * 323 * Remove deprecated functions and features so that they generate an error if 324 * used. Functionality deprecated in one version will usually be removed in the 325 * next version. You can enable this to help you prepare the transition to a 326 * new major version by making sure your code is not using this functionality. 327 * 328 * Uncomment to get errors on using deprecated functions and features. 329 */ 330 //#define MBEDTLS_DEPRECATED_REMOVED 331 332 /** \} name SECTION: System support */ 333 334 /** 335 * \name SECTION: Mbed TLS feature support 336 * 337 * This section sets support for features that are or are not needed 338 * within the modules that are enabled. 339 * \{ 340 */ 341 342 /** 343 * \def MBEDTLS_TIMING_ALT 344 * 345 * Uncomment to provide your own alternate implementation for 346 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() 347 * 348 * Only works if you have MBEDTLS_TIMING_C enabled. 349 * 350 * You will need to provide a header "timing_alt.h" and an implementation at 351 * compile time. 352 */ 353 //#define MBEDTLS_TIMING_ALT 354 355 /** 356 * \def MBEDTLS_AES_ALT 357 * 358 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your 359 * alternate core implementation of a symmetric crypto, an arithmetic or hash 360 * module (e.g. platform specific assembly optimized implementations). Keep 361 * in mind that the function prototypes should remain the same. 362 * 363 * This replaces the whole module. If you only want to replace one of the 364 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. 365 * 366 * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer 367 * provide the "struct mbedtls_aes_context" definition and omit the base 368 * function declarations and implementations. "aes_alt.h" will be included from 369 * "aes.h" to include the new function definitions. 370 * 371 * Uncomment a macro to enable alternate implementation of the corresponding 372 * module. 373 * 374 * \warning MD5, DES and SHA-1 are considered weak and their 375 * use constitutes a security risk. If possible, we recommend 376 * avoiding dependencies on them, and considering stronger message 377 * digests and ciphers instead. 378 * 379 */ 380 //#define MBEDTLS_AES_ALT 381 //#define MBEDTLS_ARIA_ALT 382 //#define MBEDTLS_CAMELLIA_ALT 383 //#define MBEDTLS_CCM_ALT 384 //#define MBEDTLS_CHACHA20_ALT 385 //#define MBEDTLS_CHACHAPOLY_ALT 386 //#define MBEDTLS_CMAC_ALT 387 //#define MBEDTLS_DES_ALT 388 //#define MBEDTLS_DHM_ALT 389 //#define MBEDTLS_ECJPAKE_ALT 390 //#define MBEDTLS_GCM_ALT 391 //#define MBEDTLS_NIST_KW_ALT 392 //#define MBEDTLS_MD5_ALT 393 //#define MBEDTLS_POLY1305_ALT 394 //#define MBEDTLS_RIPEMD160_ALT 395 //#define MBEDTLS_RSA_ALT 396 //#define MBEDTLS_SHA1_ALT 397 //#define MBEDTLS_SHA256_ALT 398 //#define MBEDTLS_SHA512_ALT 399 400 /* 401 * When replacing the elliptic curve module, please consider, that it is 402 * implemented with two .c files: 403 * - ecp.c 404 * - ecp_curves.c 405 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT 406 * macros as described above. The only difference is that you have to make sure 407 * that you provide functionality for both .c files. 408 */ 409 //#define MBEDTLS_ECP_ALT 410 411 /** 412 * \def MBEDTLS_SHA256_PROCESS_ALT 413 * 414 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you 415 * alternate core implementation of symmetric crypto or hash function. Keep in 416 * mind that function prototypes should remain the same. 417 * 418 * This replaces only one function. The header file from Mbed TLS is still 419 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. 420 * 421 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will 422 * no longer provide the mbedtls_sha1_process() function, but it will still provide 423 * the other function (using your mbedtls_sha1_process() function) and the definition 424 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible 425 * with this definition. 426 * 427 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set 428 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES 429 * tables. 430 * 431 * Uncomment a macro to enable alternate implementation of the corresponding 432 * function. 433 * 434 * \warning MD5, DES and SHA-1 are considered weak and their use 435 * constitutes a security risk. If possible, we recommend avoiding 436 * dependencies on them, and considering stronger message digests 437 * and ciphers instead. 438 * 439 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are 440 * enabled, then the deterministic ECDH signature functions pass the 441 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore 442 * alternative implementations should use the RNG only for generating 443 * the ephemeral key and nothing else. If this is not possible, then 444 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative 445 * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). 446 * 447 */ 448 //#define MBEDTLS_MD5_PROCESS_ALT 449 //#define MBEDTLS_RIPEMD160_PROCESS_ALT 450 //#define MBEDTLS_SHA1_PROCESS_ALT 451 //#define MBEDTLS_SHA256_PROCESS_ALT 452 //#define MBEDTLS_SHA512_PROCESS_ALT 453 //#define MBEDTLS_DES_SETKEY_ALT 454 //#define MBEDTLS_DES_CRYPT_ECB_ALT 455 //#define MBEDTLS_DES3_CRYPT_ECB_ALT 456 //#define MBEDTLS_AES_SETKEY_ENC_ALT 457 //#define MBEDTLS_AES_SETKEY_DEC_ALT 458 //#define MBEDTLS_AES_ENCRYPT_ALT 459 //#define MBEDTLS_AES_DECRYPT_ALT 460 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT 461 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT 462 //#define MBEDTLS_ECDSA_VERIFY_ALT 463 //#define MBEDTLS_ECDSA_SIGN_ALT 464 //#define MBEDTLS_ECDSA_GENKEY_ALT 465 466 /** 467 * \def MBEDTLS_ECP_INTERNAL_ALT 468 * 469 * Expose a part of the internal interface of the Elliptic Curve Point module. 470 * 471 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your 472 * alternative core implementation of elliptic curve arithmetic. Keep in mind 473 * that function prototypes should remain the same. 474 * 475 * This partially replaces one function. The header file from Mbed TLS is still 476 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation 477 * is still present and it is used for group structures not supported by the 478 * alternative. 479 * 480 * The original implementation can in addition be removed by setting the 481 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the 482 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be 483 * able to fallback to curves not supported by the alternative implementation. 484 * 485 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT 486 * and implementing the following functions: 487 * unsigned char mbedtls_internal_ecp_grp_capable( 488 * const mbedtls_ecp_group *grp ) 489 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) 490 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) 491 * The mbedtls_internal_ecp_grp_capable function should return 1 if the 492 * replacement functions implement arithmetic for the given group and 0 493 * otherwise. 494 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are 495 * called before and after each point operation and provide an opportunity to 496 * implement optimized set up and tear down instructions. 497 * 498 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and 499 * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() 500 * function, but will use your mbedtls_internal_ecp_double_jac() if the group 501 * for the operation is supported by your implementation (i.e. your 502 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the 503 * group is not supported by your implementation, then the original Mbed TLS 504 * implementation of ecp_double_jac() is used instead, unless this fallback 505 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case 506 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). 507 * 508 * The function prototypes and the definition of mbedtls_ecp_group and 509 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your 510 * implementation of mbedtls_internal_ecp__function_name__ must be compatible 511 * with their definitions. 512 * 513 * Uncomment a macro to enable alternate implementation of the corresponding 514 * function. 515 */ 516 /* Required for all the functions in this section */ 517 //#define MBEDTLS_ECP_INTERNAL_ALT 518 /* Turn off software fallback for curves not supported in hardware */ 519 //#define MBEDTLS_ECP_NO_FALLBACK 520 /* Support for Weierstrass curves with Jacobi representation */ 521 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT 522 //#define MBEDTLS_ECP_ADD_MIXED_ALT 523 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT 524 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT 525 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT 526 /* Support for curves with Montgomery arithmetic */ 527 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT 528 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT 529 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT 530 531 /** 532 * \def MBEDTLS_ENTROPY_HARDWARE_ALT 533 * 534 * Uncomment this macro to let Mbed TLS use your own implementation of a 535 * hardware entropy collector. 536 * 537 * Your function must be called \c mbedtls_hardware_poll(), have the same 538 * prototype as declared in library/entropy_poll.h, and accept NULL as first 539 * argument. 540 * 541 * Uncomment to use your own hardware entropy collector. 542 */ 543 //#define MBEDTLS_ENTROPY_HARDWARE_ALT 544 545 /** 546 * \def MBEDTLS_AES_ROM_TABLES 547 * 548 * Use precomputed AES tables stored in ROM. 549 * 550 * Uncomment this macro to use precomputed AES tables stored in ROM. 551 * Comment this macro to generate AES tables in RAM at runtime. 552 * 553 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb 554 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the 555 * initialization time before the first AES operation can be performed. 556 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c 557 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded 558 * performance if ROM access is slower than RAM access. 559 * 560 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. 561 */ 562 //#define MBEDTLS_AES_ROM_TABLES 563 564 /** 565 * \def MBEDTLS_AES_FEWER_TABLES 566 * 567 * Use less ROM/RAM for AES tables. 568 * 569 * Uncommenting this macro omits 75% of the AES tables from 570 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) 571 * by computing their values on the fly during operations 572 * (the tables are entry-wise rotations of one another). 573 * 574 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint 575 * by ~6kb but at the cost of more arithmetic operations during 576 * runtime. Specifically, one has to compare 4 accesses within 577 * different tables to 4 accesses with additional arithmetic 578 * operations within the same table. The performance gain/loss 579 * depends on the system and memory details. 580 * 581 * This option is independent of \c MBEDTLS_AES_ROM_TABLES. 582 */ 583 //#define MBEDTLS_AES_FEWER_TABLES 584 585 /** 586 * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 587 * 588 * Use only 128-bit keys in AES operations to save ROM. 589 * 590 * Uncomment this macro to remove support for AES operations that use 192- 591 * or 256-bit keys. 592 * 593 * Uncommenting this macro reduces the size of AES code by ~300 bytes 594 * on v8-M/Thumb2. 595 * 596 * Module: library/aes.c 597 * 598 * Requires: MBEDTLS_AES_C 599 */ 600 //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 601 602 /* 603 * Disable plain C implementation for AES. 604 * 605 * When the plain C implementation is enabled, and an implementation using a 606 * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime 607 * detection will be used to select between them. 608 * 609 * If only one implementation is present, runtime detection will not be used. 610 * This configuration will crash at runtime if running on a CPU without the 611 * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C 612 * and/or MBEDTLS_AESNI_C is enabled & present in the build. 613 */ 614 //#define MBEDTLS_AES_USE_HARDWARE_ONLY 615 616 /** 617 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY 618 * 619 * Use less ROM for the Camellia implementation (saves about 768 bytes). 620 * 621 * Uncomment this macro to use less memory for Camellia. 622 */ 623 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY 624 625 /** 626 * \def MBEDTLS_CHECK_RETURN_WARNING 627 * 628 * If this macro is defined, emit a compile-time warning if application code 629 * calls a function without checking its return value, but the return value 630 * should generally be checked in portable applications. 631 * 632 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is 633 * implemented. Otherwise this option has no effect. 634 * 635 * Uncomment to get warnings on using fallible functions without checking 636 * their return value. 637 * 638 * \note This feature is a work in progress. 639 * Warnings will be added to more functions in the future. 640 * 641 * \note A few functions are considered critical, and ignoring the return 642 * value of these functions will trigger a warning even if this 643 * macro is not defined. To completely disable return value check 644 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion. 645 */ 646 //#define MBEDTLS_CHECK_RETURN_WARNING 647 648 /** 649 * \def MBEDTLS_CIPHER_MODE_CBC 650 * 651 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. 652 */ 653 #define MBEDTLS_CIPHER_MODE_CBC 654 655 /** 656 * \def MBEDTLS_CIPHER_MODE_CFB 657 * 658 * Enable Cipher Feedback mode (CFB) for symmetric ciphers. 659 */ 660 #define MBEDTLS_CIPHER_MODE_CFB 661 662 /** 663 * \def MBEDTLS_CIPHER_MODE_CTR 664 * 665 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. 666 */ 667 #define MBEDTLS_CIPHER_MODE_CTR 668 669 /** 670 * \def MBEDTLS_CIPHER_MODE_OFB 671 * 672 * Enable Output Feedback mode (OFB) for symmetric ciphers. 673 */ 674 #define MBEDTLS_CIPHER_MODE_OFB 675 676 /** 677 * \def MBEDTLS_CIPHER_MODE_XTS 678 * 679 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. 680 */ 681 #define MBEDTLS_CIPHER_MODE_XTS 682 683 /** 684 * \def MBEDTLS_CIPHER_NULL_CIPHER 685 * 686 * Enable NULL cipher. 687 * Warning: Only do so when you know what you are doing. This allows for 688 * encryption or channels without any security! 689 * 690 * To enable the following ciphersuites: 691 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 692 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 693 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 694 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 695 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 696 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 697 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 698 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 699 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 700 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 701 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 702 * MBEDTLS_TLS_RSA_WITH_NULL_SHA 703 * MBEDTLS_TLS_RSA_WITH_NULL_MD5 704 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 705 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 706 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 707 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 708 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 709 * MBEDTLS_TLS_PSK_WITH_NULL_SHA 710 * 711 * Uncomment this macro to enable the NULL cipher and ciphersuites 712 */ 713 //#define MBEDTLS_CIPHER_NULL_CIPHER 714 715 /** 716 * \def MBEDTLS_CIPHER_PADDING_PKCS7 717 * 718 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for 719 * specific padding modes in the cipher layer with cipher modes that support 720 * padding (e.g. CBC) 721 * 722 * If you disable all padding modes, only full blocks can be used with CBC. 723 * 724 * Enable padding modes in the cipher layer. 725 */ 726 #define MBEDTLS_CIPHER_PADDING_PKCS7 727 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS 728 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN 729 #define MBEDTLS_CIPHER_PADDING_ZEROS 730 731 /** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 732 * 733 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. 734 * Without this, CTR_DRBG uses a 256-bit key 735 * unless \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. 736 */ 737 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 738 739 /** 740 * Enable the verified implementations of ECDH primitives from Project Everest 741 * (currently only Curve25519). This feature changes the layout of ECDH 742 * contexts and therefore is a compatibility break for applications that access 743 * fields of a mbedtls_ecdh_context structure directly. See also 744 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. 745 * 746 * The Everest code is provided under the Apache 2.0 license only; therefore enabling this 747 * option is not compatible with taking the library under the GPL v2.0-or-later license. 748 */ 749 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED 750 751 /** 752 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED 753 * 754 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve 755 * module. By default all supported curves are enabled. 756 * 757 * Comment macros to disable the curve and functions for it 758 */ 759 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ 760 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED 761 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED 762 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 763 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 764 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 765 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED 766 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED 767 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED 768 #define MBEDTLS_ECP_DP_BP256R1_ENABLED 769 #define MBEDTLS_ECP_DP_BP384R1_ENABLED 770 #define MBEDTLS_ECP_DP_BP512R1_ENABLED 771 /* Montgomery curves (supporting ECP) */ 772 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 773 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 774 775 /** 776 * \def MBEDTLS_ECP_NIST_OPTIM 777 * 778 * Enable specific 'modulo p' routines for each NIST prime. 779 * Depending on the prime and architecture, makes operations 4 to 8 times 780 * faster on the corresponding curve. 781 * 782 * Comment this macro to disable NIST curves optimisation. 783 */ 784 #define MBEDTLS_ECP_NIST_OPTIM 785 786 /** 787 * \def MBEDTLS_ECP_RESTARTABLE 788 * 789 * Enable "non-blocking" ECC operations that can return early and be resumed. 790 * 791 * This allows various functions to pause by returning 792 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, 793 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in 794 * order to further progress and eventually complete their operation. This is 795 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum 796 * number of ECC operations a function may perform before pausing; see 797 * mbedtls_ecp_set_max_ops() for more information. 798 * 799 * This is useful in non-threaded environments if you want to avoid blocking 800 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. 801 * 802 * This option: 803 * - Adds xxx_restartable() variants of existing operations in the 804 * following modules, with corresponding restart context types: 805 * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), 806 * linear combination (muladd); 807 * - ECDSA: signature generation & verification; 808 * - PK: signature generation & verification; 809 * - X509: certificate chain verification. 810 * - Adds mbedtls_ecdh_enable_restart() in the ECDH module. 811 * - Changes the behaviour of TLS 1.2 clients (not servers) when using the 812 * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC 813 * computations restartable: 814 * - ECDH operations from the key exchange, only for Short Weierstrass 815 * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled. 816 * - verification of the server's key exchange signature; 817 * - verification of the server's certificate chain; 818 * - generation of the client's signature if client authentication is used, 819 * with an ECC key/certificate. 820 * 821 * \note In the cases above, the usual SSL/TLS functions, such as 822 * mbedtls_ssl_handshake(), can now return 823 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. 824 * 825 * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled, 826 * restartable operations in PK, X.509 and TLS (see above) are not 827 * using PSA. On the other hand, ECDH computations in TLS are using 828 * PSA, and are not restartable. These are temporary limitations that 829 * should be lifted in the future. 830 * 831 * \note This option only works with the default software implementation of 832 * elliptic curve functionality. It is incompatible with 833 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. 834 * 835 * Requires: MBEDTLS_ECP_C 836 * 837 * Uncomment this macro to enable restartable ECC computations. 838 */ 839 //#define MBEDTLS_ECP_RESTARTABLE 840 841 /** 842 * Uncomment to enable using new bignum code in the ECC modules. 843 * 844 * \warning This is currently experimental, incomplete and therefore should not 845 * be used in production. 846 */ 847 //#define MBEDTLS_ECP_WITH_MPI_UINT 848 849 /** 850 * \def MBEDTLS_ECDSA_DETERMINISTIC 851 * 852 * Enable deterministic ECDSA (RFC 6979). 853 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing 854 * may result in a compromise of the long-term signing key. This is avoided by 855 * the deterministic variant. 856 * 857 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C 858 * 859 * Comment this macro to disable deterministic ECDSA. 860 */ 861 #define MBEDTLS_ECDSA_DETERMINISTIC 862 863 /** 864 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 865 * 866 * Enable the PSK based ciphersuite modes in SSL / TLS. 867 * 868 * This enables the following ciphersuites (if other requisites are 869 * enabled as well): 870 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 871 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 872 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 873 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 874 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 875 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 876 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 877 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 878 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 879 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 880 */ 881 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 882 883 /** 884 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 885 * 886 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. 887 * 888 * Requires: MBEDTLS_DHM_C 889 * 890 * This enables the following ciphersuites (if other requisites are 891 * enabled as well): 892 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 893 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 894 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 895 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 896 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 897 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 898 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 899 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 900 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 901 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 902 * 903 * \warning Using DHE constitutes a security risk as it 904 * is not possible to validate custom DH parameters. 905 * If possible, it is recommended users should consider 906 * preferring other methods of key exchange. 907 * See dhm.h for more details. 908 * 909 */ 910 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 911 912 /** 913 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 914 * 915 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. 916 * 917 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 918 * 919 * This enables the following ciphersuites (if other requisites are 920 * enabled as well): 921 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 922 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 923 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 924 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 925 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 926 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 927 */ 928 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 929 930 /** 931 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 932 * 933 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. 934 * 935 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 936 * MBEDTLS_X509_CRT_PARSE_C 937 * 938 * This enables the following ciphersuites (if other requisites are 939 * enabled as well): 940 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 941 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 942 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 943 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 944 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 945 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 946 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 947 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 948 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 949 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 950 */ 951 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 952 953 /** 954 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 955 * 956 * Enable the RSA-only based ciphersuite modes in SSL / TLS. 957 * 958 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 959 * MBEDTLS_X509_CRT_PARSE_C 960 * 961 * This enables the following ciphersuites (if other requisites are 962 * enabled as well): 963 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 964 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 965 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 966 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 967 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 968 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 969 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 970 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 971 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 972 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 973 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 974 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 975 */ 976 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 977 978 /** 979 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 980 * 981 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. 982 * 983 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 984 * MBEDTLS_X509_CRT_PARSE_C 985 * 986 * This enables the following ciphersuites (if other requisites are 987 * enabled as well): 988 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 989 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 990 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 991 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 992 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 993 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 994 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 995 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 996 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 997 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 998 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 999 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 1000 * 1001 * \warning Using DHE constitutes a security risk as it 1002 * is not possible to validate custom DH parameters. 1003 * If possible, it is recommended users should consider 1004 * preferring other methods of key exchange. 1005 * See dhm.h for more details. 1006 * 1007 */ 1008 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 1009 1010 /** 1011 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1012 * 1013 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. 1014 * 1015 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1016 * MBEDTLS_RSA_C 1017 * MBEDTLS_PKCS1_V15 1018 * MBEDTLS_X509_CRT_PARSE_C 1019 * 1020 * This enables the following ciphersuites (if other requisites are 1021 * enabled as well): 1022 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 1023 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 1024 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 1025 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 1026 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 1027 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 1028 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 1029 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 1030 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 1031 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 1032 */ 1033 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1034 1035 /** 1036 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1037 * 1038 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. 1039 * 1040 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1041 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1042 * MBEDTLS_X509_CRT_PARSE_C 1043 * 1044 * This enables the following ciphersuites (if other requisites are 1045 * enabled as well): 1046 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 1047 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 1048 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 1049 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 1050 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 1051 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 1052 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 1053 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 1054 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 1055 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 1056 */ 1057 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1058 1059 /** 1060 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1061 * 1062 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. 1063 * 1064 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1065 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1066 * MBEDTLS_X509_CRT_PARSE_C 1067 * 1068 * This enables the following ciphersuites (if other requisites are 1069 * enabled as well): 1070 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 1071 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 1072 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 1073 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 1074 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 1075 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 1076 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 1077 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 1078 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 1079 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 1080 */ 1081 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1082 1083 /** 1084 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1085 * 1086 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. 1087 * 1088 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1089 * MBEDTLS_RSA_C 1090 * MBEDTLS_X509_CRT_PARSE_C 1091 * 1092 * This enables the following ciphersuites (if other requisites are 1093 * enabled as well): 1094 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 1095 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 1096 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 1097 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 1098 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 1099 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 1100 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 1101 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 1102 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 1103 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 1104 */ 1105 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1106 1107 /** 1108 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1109 * 1110 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. 1111 * 1112 * \warning This is currently experimental. EC J-PAKE support is based on the 1113 * Thread v1.0.0 specification; incompatible changes to the specification 1114 * might still happen. For this reason, this is disabled by default. 1115 * 1116 * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE) 1117 * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver) 1118 * MBEDTLS_ECP_DP_SECP256R1_ENABLED 1119 * 1120 * \warning If SHA-256 is provided only by a PSA driver, you must call 1121 * psa_crypto_init() before the first handshake (even if 1122 * MBEDTLS_USE_PSA_CRYPTO is disabled). 1123 * 1124 * This enables the following ciphersuites (if other requisites are 1125 * enabled as well): 1126 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 1127 */ 1128 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1129 1130 /** 1131 * \def MBEDTLS_PK_PARSE_EC_EXTENDED 1132 * 1133 * Enhance support for reading EC keys using variants of SEC1 not allowed by 1134 * RFC 5915 and RFC 5480. 1135 * 1136 * Currently this means parsing the SpecifiedECDomain choice of EC 1137 * parameters (only known groups are supported, not arbitrary domains, to 1138 * avoid validation issues). 1139 * 1140 * Disable if you only need to support RFC 5915 + 5480 key formats. 1141 */ 1142 #define MBEDTLS_PK_PARSE_EC_EXTENDED 1143 1144 /** 1145 * \def MBEDTLS_PK_PARSE_EC_COMPRESSED 1146 * 1147 * Enable the support for parsing public keys of type Short Weierstrass 1148 * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the 1149 * compressed point format. This parsing is done through ECP module's functions. 1150 * 1151 * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h) 1152 * the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and 1153 * MBEDTLS_ECP_DP_SECP224K1. 1154 */ 1155 #define MBEDTLS_PK_PARSE_EC_COMPRESSED 1156 1157 /** 1158 * \def MBEDTLS_ERROR_STRERROR_DUMMY 1159 * 1160 * Enable a dummy error function to make use of mbedtls_strerror() in 1161 * third party libraries easier when MBEDTLS_ERROR_C is disabled 1162 * (no effect when MBEDTLS_ERROR_C is enabled). 1163 * 1164 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're 1165 * not using mbedtls_strerror() or error_strerror() in your application. 1166 * 1167 * Disable if you run into name conflicts and want to really remove the 1168 * mbedtls_strerror() 1169 */ 1170 #define MBEDTLS_ERROR_STRERROR_DUMMY 1171 1172 /** 1173 * \def MBEDTLS_GENPRIME 1174 * 1175 * Enable the prime-number generation code. 1176 * 1177 * Requires: MBEDTLS_BIGNUM_C 1178 */ 1179 #define MBEDTLS_GENPRIME 1180 1181 /** 1182 * \def MBEDTLS_FS_IO 1183 * 1184 * Enable functions that use the filesystem. 1185 */ 1186 #define MBEDTLS_FS_IO 1187 1188 /** 1189 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1190 * 1191 * Do not add default entropy sources in mbedtls_entropy_init(). 1192 * 1193 * This is useful to have more control over the added entropy sources in an 1194 * application. 1195 * 1196 * Uncomment this macro to prevent loading of default entropy functions. 1197 */ 1198 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1199 1200 /** 1201 * \def MBEDTLS_NO_PLATFORM_ENTROPY 1202 * 1203 * Do not use built-in platform entropy functions. 1204 * This is useful if your platform does not support 1205 * standards like the /dev/urandom or Windows CryptoAPI. 1206 * 1207 * Uncomment this macro to disable the built-in platform entropy functions. 1208 */ 1209 //#define MBEDTLS_NO_PLATFORM_ENTROPY 1210 1211 /** 1212 * \def MBEDTLS_ENTROPY_FORCE_SHA256 1213 * 1214 * Force the entropy accumulator to use a SHA-256 accumulator instead of the 1215 * default SHA-512 based one (if both are available). 1216 * 1217 * Requires: MBEDTLS_SHA256_C 1218 * 1219 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option 1220 * if you have performance concerns. 1221 * 1222 * This option is only useful if both MBEDTLS_SHA256_C and 1223 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. 1224 */ 1225 //#define MBEDTLS_ENTROPY_FORCE_SHA256 1226 1227 /** 1228 * \def MBEDTLS_ENTROPY_NV_SEED 1229 * 1230 * Enable the non-volatile (NV) seed file-based entropy source. 1231 * (Also enables the NV seed read/write functions in the platform layer) 1232 * 1233 * This is crucial (if not required) on systems that do not have a 1234 * cryptographic entropy source (in hardware or kernel) available. 1235 * 1236 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C 1237 * 1238 * \note The read/write functions that are used by the entropy source are 1239 * determined in the platform layer, and can be modified at runtime and/or 1240 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. 1241 * 1242 * \note If you use the default implementation functions that read a seedfile 1243 * with regular fopen(), please make sure you make a seedfile with the 1244 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at 1245 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from 1246 * and written to or you will get an entropy source error! The default 1247 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE 1248 * bytes from the file. 1249 * 1250 * \note The entropy collector will write to the seed file before entropy is 1251 * given to an external source, to update it. 1252 */ 1253 //#define MBEDTLS_ENTROPY_NV_SEED 1254 1255 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1256 * 1257 * Enable key identifiers that encode a key owner identifier. 1258 * 1259 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t 1260 * which is currently hard-coded to be int32_t. 1261 * 1262 * Note that this option is meant for internal use only and may be removed 1263 * without notice. 1264 */ 1265 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1266 1267 /** 1268 * \def MBEDTLS_MEMORY_DEBUG 1269 * 1270 * Enable debugging of buffer allocator memory issues. Automatically prints 1271 * (to stderr) all (fatal) messages on memory allocation issues. Enables 1272 * function for 'debug output' of allocated memory. 1273 * 1274 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1275 * 1276 * Uncomment this macro to let the buffer allocator print out error messages. 1277 */ 1278 //#define MBEDTLS_MEMORY_DEBUG 1279 1280 /** 1281 * \def MBEDTLS_MEMORY_BACKTRACE 1282 * 1283 * Include backtrace information with each allocated block. 1284 * 1285 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1286 * GLIBC-compatible backtrace() and backtrace_symbols() support 1287 * 1288 * Uncomment this macro to include backtrace information 1289 */ 1290 //#define MBEDTLS_MEMORY_BACKTRACE 1291 1292 /** 1293 * \def MBEDTLS_PK_RSA_ALT_SUPPORT 1294 * 1295 * Support external private RSA keys (eg from a HSM) in the PK layer. 1296 * 1297 * Comment this macro to disable support for external private RSA keys. 1298 */ 1299 #define MBEDTLS_PK_RSA_ALT_SUPPORT 1300 1301 /** 1302 * \def MBEDTLS_PKCS1_V15 1303 * 1304 * Enable support for PKCS#1 v1.5 encoding. 1305 * 1306 * Requires: MBEDTLS_RSA_C 1307 * 1308 * This enables support for PKCS#1 v1.5 operations. 1309 */ 1310 #define MBEDTLS_PKCS1_V15 1311 1312 /** 1313 * \def MBEDTLS_PKCS1_V21 1314 * 1315 * Enable support for PKCS#1 v2.1 encoding. 1316 * 1317 * Requires: MBEDTLS_RSA_C 1318 * 1319 * \warning If using a hash that is only provided by PSA drivers, you must 1320 * call psa_crypto_init() before doing any PKCS#1 v2.1 operation. 1321 * 1322 * This enables support for RSAES-OAEP and RSASSA-PSS operations. 1323 */ 1324 #define MBEDTLS_PKCS1_V21 1325 1326 /** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1327 * 1328 * Enable support for platform built-in keys. If you enable this feature, 1329 * you must implement the function mbedtls_psa_platform_get_builtin_key(). 1330 * See the documentation of that function for more information. 1331 * 1332 * Built-in keys are typically derived from a hardware unique key or 1333 * stored in a secure element. 1334 * 1335 * Requires: MBEDTLS_PSA_CRYPTO_C. 1336 * 1337 * \warning This interface is experimental and may change or be removed 1338 * without notice. 1339 */ 1340 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1341 1342 /** \def MBEDTLS_PSA_CRYPTO_CLIENT 1343 * 1344 * Enable support for PSA crypto client. 1345 * 1346 * \note This option allows to include the code necessary for a PSA 1347 * crypto client when the PSA crypto implementation is not included in 1348 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the 1349 * code to set and get PSA key attributes. 1350 * The development of PSA drivers partially relying on the library to 1351 * fulfill the hardware gaps is another possible usage of this option. 1352 * 1353 * \warning This interface is experimental and may change or be removed 1354 * without notice. 1355 */ 1356 //#define MBEDTLS_PSA_CRYPTO_CLIENT 1357 1358 /** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1359 * 1360 * Make the PSA Crypto module use an external random generator provided 1361 * by a driver, instead of Mbed TLS's entropy and DRBG modules. 1362 * 1363 * \note This random generator must deliver random numbers with cryptographic 1364 * quality and high performance. It must supply unpredictable numbers 1365 * with a uniform distribution. The implementation of this function 1366 * is responsible for ensuring that the random generator is seeded 1367 * with sufficient entropy. If you have a hardware TRNG which is slow 1368 * or delivers non-uniform output, declare it as an entropy source 1369 * with mbedtls_entropy_add_source() instead of enabling this option. 1370 * 1371 * If you enable this option, you must configure the type 1372 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h 1373 * and define a function called mbedtls_psa_external_get_random() 1374 * with the following prototype: 1375 * ``` 1376 * psa_status_t mbedtls_psa_external_get_random( 1377 * mbedtls_psa_external_random_context_t *context, 1378 * uint8_t *output, size_t output_size, size_t *output_length); 1379 * ); 1380 * ``` 1381 * The \c context value is initialized to 0 before the first call. 1382 * The function must fill the \c output buffer with \c output_size bytes 1383 * of random data and set \c *output_length to \c output_size. 1384 * 1385 * Requires: MBEDTLS_PSA_CRYPTO_C 1386 * 1387 * \warning If you enable this option, code that uses the PSA cryptography 1388 * interface will not use any of the entropy sources set up for 1389 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED 1390 * enables. 1391 * 1392 * \note This option is experimental and may be removed without notice. 1393 */ 1394 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1395 1396 /** 1397 * \def MBEDTLS_PSA_CRYPTO_SPM 1398 * 1399 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure 1400 * Partition Manager) integration which separates the code into two parts: a 1401 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process 1402 * Environment). 1403 * 1404 * If you enable this option, your build environment must include a header 1405 * file `"crypto_spe.h"` (either in the `psa` subdirectory of the Mbed TLS 1406 * header files, or in another directory on the compiler's include search 1407 * path). Alternatively, your platform may customize the header 1408 * `psa/crypto_platform.h`, in which case it can skip or replace the 1409 * inclusion of `"crypto_spe.h"`. 1410 * 1411 * Module: library/psa_crypto.c 1412 * Requires: MBEDTLS_PSA_CRYPTO_C 1413 * 1414 */ 1415 //#define MBEDTLS_PSA_CRYPTO_SPM 1416 1417 /** 1418 * \def MBEDTLS_PSA_KEY_STORE_DYNAMIC 1419 * 1420 * Dynamically resize the PSA key store to accommodate any number of 1421 * volatile keys (until the heap memory is exhausted). 1422 * 1423 * If this option is disabled, the key store has a fixed size 1424 * #MBEDTLS_PSA_KEY_SLOT_COUNT for volatile keys and loaded persistent keys 1425 * together. 1426 * 1427 * This option has no effect when #MBEDTLS_PSA_CRYPTO_C is disabled. 1428 * 1429 * Module: library/psa_crypto.c 1430 * Requires: MBEDTLS_PSA_CRYPTO_C 1431 */ 1432 #define MBEDTLS_PSA_KEY_STORE_DYNAMIC 1433 1434 /** 1435 * Uncomment to enable p256-m. This is an alternative implementation of 1436 * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1. 1437 * Compared to the default implementation: 1438 * 1439 * - p256-m has a much smaller code size and RAM footprint. 1440 * - p256-m is only available via the PSA API. This includes the pk module 1441 * when #MBEDTLS_USE_PSA_CRYPTO is enabled. 1442 * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols 1443 * over the core arithmetic, or deterministic derivation of keys. 1444 * 1445 * We recommend enabling this option if your application uses the PSA API 1446 * and the only elliptic curve support it needs is ECDH and ECDSA over 1447 * SECP256R1. 1448 * 1449 * If you enable this option, you do not need to enable any ECC-related 1450 * MBEDTLS_xxx option. You do need to separately request support for the 1451 * cryptographic mechanisms through the PSA API: 1452 * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based 1453 * configuration; 1454 * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS; 1455 * - #PSA_WANT_ECC_SECP_R1_256; 1456 * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed; 1457 * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, 1458 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT, 1459 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or 1460 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed. 1461 * 1462 * \note To benefit from the smaller code size of p256-m, make sure that you 1463 * do not enable any ECC-related option not supported by p256-m: this 1464 * would cause the built-in ECC implementation to be built as well, in 1465 * order to provide the required option. 1466 * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and 1467 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than 1468 * SECP256R1 are disabled as they are not supported by this driver. 1469 * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or 1470 * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of 1471 * the built-in ECC implementation, see docs/driver-only-builds.md. 1472 */ 1473 //#define MBEDTLS_PSA_P256M_DRIVER_ENABLED 1474 1475 /** 1476 * \def MBEDTLS_PSA_INJECT_ENTROPY 1477 * 1478 * Enable support for entropy injection at first boot. This feature is 1479 * required on systems that do not have a built-in entropy source (TRNG). 1480 * This feature is currently not supported on systems that have a built-in 1481 * entropy source. 1482 * 1483 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED 1484 * 1485 */ 1486 //#define MBEDTLS_PSA_INJECT_ENTROPY 1487 1488 /** 1489 * \def MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 1490 * 1491 * Assume all buffers passed to PSA functions are owned exclusively by the 1492 * PSA function and are not stored in shared memory. 1493 * 1494 * This option may be enabled if all buffers passed to any PSA function reside 1495 * in memory that is accessible only to the PSA function during its execution. 1496 * 1497 * This option MUST be disabled whenever buffer arguments are in memory shared 1498 * with an untrusted party, for example where arguments to PSA calls are passed 1499 * across a trust boundary. 1500 * 1501 * \note Enabling this option reduces memory usage and code size. 1502 * 1503 * \note Enabling this option causes overlap of input and output buffers 1504 * not to be supported by PSA functions. 1505 */ 1506 //#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 1507 1508 /** 1509 * \def MBEDTLS_RSA_NO_CRT 1510 * 1511 * Do not use the Chinese Remainder Theorem 1512 * for the RSA private operation. 1513 * 1514 * Uncomment this macro to disable the use of CRT in RSA. 1515 * 1516 */ 1517 //#define MBEDTLS_RSA_NO_CRT 1518 1519 /** 1520 * \def MBEDTLS_SELF_TEST 1521 * 1522 * Enable the checkup functions (*_self_test). 1523 */ 1524 #define MBEDTLS_SELF_TEST 1525 1526 /** 1527 * \def MBEDTLS_SHA256_SMALLER 1528 * 1529 * Enable an implementation of SHA-256 that has lower ROM footprint but also 1530 * lower performance. 1531 * 1532 * The default implementation is meant to be a reasonable compromise between 1533 * performance and size. This version optimizes more aggressively for size at 1534 * the expense of performance. Eg on Cortex-M4 it reduces the size of 1535 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 1536 * 30%. 1537 * 1538 * Uncomment to enable the smaller implementation of SHA256. 1539 */ 1540 //#define MBEDTLS_SHA256_SMALLER 1541 1542 /** 1543 * \def MBEDTLS_SHA512_SMALLER 1544 * 1545 * Enable an implementation of SHA-512 that has lower ROM footprint but also 1546 * lower performance. 1547 * 1548 * Uncomment to enable the smaller implementation of SHA512. 1549 */ 1550 //#define MBEDTLS_SHA512_SMALLER 1551 1552 /** 1553 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES 1554 * 1555 * Enable sending of alert messages in case of encountered errors as per RFC. 1556 * If you choose not to send the alert messages, Mbed TLS can still communicate 1557 * with other servers, only debugging of failures is harder. 1558 * 1559 * The advantage of not sending alert messages, is that no information is given 1560 * about reasons for failures thus preventing adversaries of gaining intel. 1561 * 1562 * Enable sending of all alert messages 1563 */ 1564 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES 1565 1566 /** 1567 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID 1568 * 1569 * Enable support for the DTLS Connection ID (CID) extension, 1570 * which allows to identify DTLS connections across changes 1571 * in the underlying transport. The CID functionality is described 1572 * in RFC 9146. 1573 * 1574 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, 1575 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and 1576 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for 1577 * more information. 1578 * 1579 * The maximum lengths of outgoing and incoming CIDs can be configured 1580 * through the options 1581 * - MBEDTLS_SSL_CID_OUT_LEN_MAX 1582 * - MBEDTLS_SSL_CID_IN_LEN_MAX. 1583 * 1584 * Requires: MBEDTLS_SSL_PROTO_DTLS 1585 * 1586 * Uncomment to enable the Connection ID extension. 1587 */ 1588 #define MBEDTLS_SSL_DTLS_CONNECTION_ID 1589 1590 1591 /** 1592 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1593 * 1594 * Defines whether RFC 9146 (default) or the legacy version 1595 * (version draft-ietf-tls-dtls-connection-id-05, 1596 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) 1597 * is used. 1598 * 1599 * Set the value to 0 for the standard version, and 1600 * 1 for the legacy draft version. 1601 * 1602 * \deprecated Support for the legacy version of the DTLS 1603 * Connection ID feature is deprecated. Please 1604 * switch to the standardized version defined 1605 * in RFC 9146 enabled by utilizing 1606 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use 1607 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. 1608 * 1609 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID 1610 */ 1611 #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 1612 1613 /** 1614 * \def MBEDTLS_SSL_ASYNC_PRIVATE 1615 * 1616 * Enable asynchronous external private key operations in SSL. This allows 1617 * you to configure an SSL connection to call an external cryptographic 1618 * module to perform private key operations instead of performing the 1619 * operation inside the library. 1620 * 1621 * Requires: MBEDTLS_X509_CRT_PARSE_C 1622 */ 1623 //#define MBEDTLS_SSL_ASYNC_PRIVATE 1624 1625 /** 1626 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION 1627 * 1628 * Enable serialization of the TLS context structures, through use of the 1629 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load(). 1630 * 1631 * This pair of functions allows one side of a connection to serialize the 1632 * context associated with the connection, then free or re-use that context 1633 * while the serialized state is persisted elsewhere, and finally deserialize 1634 * that state to a live context for resuming read/write operations on the 1635 * connection. From a protocol perspective, the state of the connection is 1636 * unaffected, in particular this is entirely transparent to the peer. 1637 * 1638 * Note: this is distinct from TLS session resumption, which is part of the 1639 * protocol and fully visible by the peer. TLS session resumption enables 1640 * establishing new connections associated to a saved session with shorter, 1641 * lighter handshakes, while context serialization is a local optimization in 1642 * handling a single, potentially long-lived connection. 1643 * 1644 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are 1645 * saved after the handshake to allow for more efficient serialization, so if 1646 * you don't need this feature you'll save RAM by disabling it. 1647 * 1648 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C 1649 * 1650 * Comment to disable the context serialization APIs. 1651 */ 1652 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION 1653 1654 /** 1655 * \def MBEDTLS_SSL_DEBUG_ALL 1656 * 1657 * Enable the debug messages in SSL module for all issues. 1658 * Debug messages have been disabled in some places to prevent timing 1659 * attacks due to (unbalanced) debugging function calls. 1660 * 1661 * If you need all error reporting you should enable this during debugging, 1662 * but remove this for production servers that should log as well. 1663 * 1664 * Uncomment this macro to report all debug messages on errors introducing 1665 * a timing side-channel. 1666 * 1667 */ 1668 //#define MBEDTLS_SSL_DEBUG_ALL 1669 1670 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC 1671 * 1672 * Enable support for Encrypt-then-MAC, RFC 7366. 1673 * 1674 * This allows peers that both support it to use a more robust protection for 1675 * ciphersuites using CBC, providing deep resistance against timing attacks 1676 * on the padding or underlying cipher. 1677 * 1678 * This only affects CBC ciphersuites, and is useless if none is defined. 1679 * 1680 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1681 * 1682 * Comment this macro to disable support for Encrypt-then-MAC 1683 */ 1684 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC 1685 1686 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1687 * 1688 * Enable support for RFC 7627: Session Hash and Extended Master Secret 1689 * Extension. 1690 * 1691 * This was introduced as "the proper fix" to the Triple Handshake family of 1692 * attacks, but it is recommended to always use it (even if you disable 1693 * renegotiation), since it actually fixes a more fundamental issue in the 1694 * original SSL/TLS design, and has implications beyond Triple Handshake. 1695 * 1696 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1697 * 1698 * Comment this macro to disable support for Extended Master Secret. 1699 */ 1700 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1701 1702 /** 1703 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1704 * 1705 * This option controls the availability of the API mbedtls_ssl_get_peer_cert() 1706 * giving access to the peer's certificate after completion of the handshake. 1707 * 1708 * Unless you need mbedtls_ssl_peer_cert() in your application, it is 1709 * recommended to disable this option for reduced RAM usage. 1710 * 1711 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still 1712 * defined, but always returns \c NULL. 1713 * 1714 * \note This option has no influence on the protection against the 1715 * triple handshake attack. Even if it is disabled, Mbed TLS will 1716 * still ensure that certificates do not change during renegotiation, 1717 * for example by keeping a hash of the peer's certificate. 1718 * 1719 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set. 1720 * 1721 * Comment this macro to disable storing the peer's certificate 1722 * after the handshake. 1723 */ 1724 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1725 1726 /** 1727 * \def MBEDTLS_SSL_RENEGOTIATION 1728 * 1729 * Enable support for TLS renegotiation. 1730 * 1731 * The two main uses of renegotiation are (1) refresh keys on long-lived 1732 * connections and (2) client authentication after the initial handshake. 1733 * If you don't need renegotiation, it's probably better to disable it, since 1734 * it has been associated with security issues in the past and is easy to 1735 * misuse/misunderstand. 1736 * 1737 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1738 * 1739 * Comment this to disable support for renegotiation. 1740 * 1741 * \note Even if this option is disabled, both client and server are aware 1742 * of the Renegotiation Indication Extension (RFC 5746) used to 1743 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). 1744 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the 1745 * configuration of this extension). 1746 * 1747 */ 1748 #define MBEDTLS_SSL_RENEGOTIATION 1749 1750 /** 1751 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1752 * 1753 * Enable support for RFC 6066 max_fragment_length extension in SSL. 1754 * 1755 * Comment this macro to disable support for the max_fragment_length extension 1756 */ 1757 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1758 1759 /** 1760 * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT 1761 * 1762 * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). 1763 * 1764 * Requires: MBEDTLS_SSL_PROTO_TLS1_3 1765 * 1766 * Uncomment this macro to enable support for the record_size_limit extension 1767 */ 1768 //#define MBEDTLS_SSL_RECORD_SIZE_LIMIT 1769 1770 /** 1771 * \def MBEDTLS_SSL_PROTO_TLS1_2 1772 * 1773 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). 1774 * 1775 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and 1776 * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or 1777 * SHA-256 or SHA-512 provided by a PSA driver) 1778 * With MBEDTLS_USE_PSA_CRYPTO: 1779 * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384 1780 * 1781 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used 1782 * are only provided by PSA drivers, you must call psa_crypto_init() before 1783 * doing any TLS operations. 1784 * 1785 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 1786 */ 1787 #define MBEDTLS_SSL_PROTO_TLS1_2 1788 1789 /** 1790 * \def MBEDTLS_SSL_PROTO_TLS1_3 1791 * 1792 * Enable support for TLS 1.3. 1793 * 1794 * \note See docs/architecture/tls13-support.md for a description of the TLS 1795 * 1.3 support that this option enables. 1796 * 1797 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1798 * Requires: MBEDTLS_PSA_CRYPTO_C 1799 * 1800 * \note TLS 1.3 uses PSA crypto for cryptographic operations that are 1801 * directly performed by TLS 1.3 code. As a consequence, when TLS 1.3 1802 * is enabled, a TLS handshake may call psa_crypto_init(), even 1803 * if it ends up negotiating a different TLS version. 1804 * 1805 * \note Cryptographic operations performed indirectly via another module 1806 * (X.509, PK) or by code shared with TLS 1.2 (record protection, 1807 * running handshake hash) only use PSA crypto if 1808 * #MBEDTLS_USE_PSA_CRYPTO is enabled. 1809 * 1810 * Uncomment this macro to enable the support for TLS 1.3. 1811 */ 1812 #define MBEDTLS_SSL_PROTO_TLS1_3 1813 1814 /** 1815 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1816 * 1817 * Enable TLS 1.3 middlebox compatibility mode. 1818 * 1819 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility 1820 * mode to make a TLS 1.3 connection more likely to pass through middle boxes 1821 * expecting TLS 1.2 traffic. 1822 * 1823 * Turning on the compatibility mode comes at the cost of a few added bytes 1824 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations 1825 * that don't use it. Therefore, unless transmission bandwidth is critical and 1826 * you know that middlebox compatibility issues won't occur, it is therefore 1827 * recommended to set this option. 1828 * 1829 * Comment to disable compatibility mode for TLS 1.3. If 1830 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1831 * effect on the build. 1832 * 1833 */ 1834 #define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1835 1836 /** 1837 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1838 * 1839 * Enable TLS 1.3 PSK key exchange mode. 1840 * 1841 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If 1842 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1843 * effect on the build. 1844 * 1845 */ 1846 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1847 1848 /** 1849 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1850 * 1851 * Enable TLS 1.3 ephemeral key exchange mode. 1852 * 1853 * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH 1854 * MBEDTLS_X509_CRT_PARSE_C 1855 * and at least one of: 1856 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1857 * MBEDTLS_PKCS1_V21 1858 * 1859 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. 1860 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1861 * effect on the build. 1862 * 1863 */ 1864 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1865 1866 /** 1867 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1868 * 1869 * Enable TLS 1.3 PSK ephemeral key exchange mode. 1870 * 1871 * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH 1872 * 1873 * Comment to disable support for the PSK ephemeral key exchange mode in 1874 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not 1875 * have any effect on the build. 1876 * 1877 */ 1878 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1879 1880 /** 1881 * \def MBEDTLS_SSL_EARLY_DATA 1882 * 1883 * Enable support for RFC 8446 TLS 1.3 early data. 1884 * 1885 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either 1886 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or 1887 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1888 * 1889 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 1890 * is not enabled, this option does not have any effect on the build. 1891 * 1892 * \note The maximum amount of early data can be set with 1893 * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. 1894 * 1895 */ 1896 //#define MBEDTLS_SSL_EARLY_DATA 1897 1898 /** 1899 * \def MBEDTLS_SSL_PROTO_DTLS 1900 * 1901 * Enable support for DTLS (all available versions). 1902 * 1903 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. 1904 * 1905 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1906 * 1907 * Comment this macro to disable support for DTLS 1908 */ 1909 #define MBEDTLS_SSL_PROTO_DTLS 1910 1911 /** 1912 * \def MBEDTLS_SSL_ALPN 1913 * 1914 * Enable support for RFC 7301 Application Layer Protocol Negotiation. 1915 * 1916 * Comment this macro to disable support for ALPN. 1917 */ 1918 #define MBEDTLS_SSL_ALPN 1919 1920 /** 1921 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY 1922 * 1923 * Enable support for the anti-replay mechanism in DTLS. 1924 * 1925 * Requires: MBEDTLS_SSL_TLS_C 1926 * MBEDTLS_SSL_PROTO_DTLS 1927 * 1928 * \warning Disabling this is often a security risk! 1929 * See mbedtls_ssl_conf_dtls_anti_replay() for details. 1930 * 1931 * Comment this to disable anti-replay in DTLS. 1932 */ 1933 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY 1934 1935 /** 1936 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY 1937 * 1938 * Enable support for HelloVerifyRequest on DTLS servers. 1939 * 1940 * This feature is highly recommended to prevent DTLS servers being used as 1941 * amplifiers in DoS attacks against other hosts. It should always be enabled 1942 * unless you know for sure amplification cannot be a problem in the 1943 * environment in which your server operates. 1944 * 1945 * \warning Disabling this can be a security risk! (see above) 1946 * 1947 * Requires: MBEDTLS_SSL_PROTO_DTLS 1948 * 1949 * Comment this to disable support for HelloVerifyRequest. 1950 */ 1951 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY 1952 1953 /** 1954 * \def MBEDTLS_SSL_DTLS_SRTP 1955 * 1956 * Enable support for negotiation of DTLS-SRTP (RFC 5764) 1957 * through the use_srtp extension. 1958 * 1959 * \note This feature provides the minimum functionality required 1960 * to negotiate the use of DTLS-SRTP and to allow the derivation of 1961 * the associated SRTP packet protection key material. 1962 * In particular, the SRTP packet protection itself, as well as the 1963 * demultiplexing of RTP and DTLS packets at the datagram layer 1964 * (see Section 5 of RFC 5764), are not handled by this feature. 1965 * Instead, after successful completion of a handshake negotiating 1966 * the use of DTLS-SRTP, the extended key exporter API 1967 * mbedtls_ssl_conf_export_keys_cb() should be used to implement 1968 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 1969 * (this is implemented in the SSL example programs). 1970 * The resulting key should then be passed to an SRTP stack. 1971 * 1972 * Setting this option enables the runtime API 1973 * mbedtls_ssl_conf_dtls_srtp_protection_profiles() 1974 * through which the supported DTLS-SRTP protection 1975 * profiles can be configured. You must call this API at 1976 * runtime if you wish to negotiate the use of DTLS-SRTP. 1977 * 1978 * Requires: MBEDTLS_SSL_PROTO_DTLS 1979 * 1980 * Uncomment this to enable support for use_srtp extension. 1981 */ 1982 //#define MBEDTLS_SSL_DTLS_SRTP 1983 1984 /** 1985 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1986 * 1987 * Enable server-side support for clients that reconnect from the same port. 1988 * 1989 * Some clients unexpectedly close the connection and try to reconnect using the 1990 * same source port. This needs special support from the server to handle the 1991 * new connection securely, as described in section 4.2.8 of RFC 6347. This 1992 * flag enables that support. 1993 * 1994 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY 1995 * 1996 * Comment this to disable support for clients reusing the source port. 1997 */ 1998 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1999 2000 /** 2001 * \def MBEDTLS_SSL_SESSION_TICKETS 2002 * 2003 * Enable support for RFC 5077 session tickets in SSL. 2004 * Client-side, provides full support for session tickets (maintenance of a 2005 * session store remains the responsibility of the application, though). 2006 * Server-side, you also need to provide callbacks for writing and parsing 2007 * tickets, including authenticated encryption and key management. Example 2008 * callbacks are provided by MBEDTLS_SSL_TICKET_C. 2009 * 2010 * Comment this macro to disable support for SSL session tickets 2011 */ 2012 #define MBEDTLS_SSL_SESSION_TICKETS 2013 2014 /** 2015 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION 2016 * 2017 * Enable support for RFC 6066 server name indication (SNI) in SSL. 2018 * 2019 * Requires: MBEDTLS_X509_CRT_PARSE_C 2020 * 2021 * Comment this macro to disable support for server name indication in SSL 2022 */ 2023 #define MBEDTLS_SSL_SERVER_NAME_INDICATION 2024 2025 /** 2026 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 2027 * 2028 * When this option is enabled, the SSL buffer will be resized automatically 2029 * based on the negotiated maximum fragment length in each direction. 2030 * 2031 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 2032 */ 2033 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 2034 2035 /** 2036 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 2037 * 2038 * Enable testing of the constant-flow nature of some sensitive functions with 2039 * clang's MemorySanitizer. This causes some existing tests to also test 2040 * this non-functional property of the code under test. 2041 * 2042 * This setting requires compiling with clang -fsanitize=memory. The test 2043 * suites can then be run normally. 2044 * 2045 * \warning This macro is only used for extended testing; it is not considered 2046 * part of the library's API, so it may change or disappear at any time. 2047 * 2048 * Uncomment to enable testing of the constant-flow nature of selected code. 2049 */ 2050 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 2051 2052 /** 2053 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 2054 * 2055 * Enable testing of the constant-flow nature of some sensitive functions with 2056 * valgrind's memcheck tool. This causes some existing tests to also test 2057 * this non-functional property of the code under test. 2058 * 2059 * This setting requires valgrind headers for building, and is only useful for 2060 * testing if the tests suites are run with valgrind's memcheck. This can be 2061 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when 2062 * using CMake, this can be done for all test suites with 'make memcheck'. 2063 * 2064 * \warning This macro is only used for extended testing; it is not considered 2065 * part of the library's API, so it may change or disappear at any time. 2066 * 2067 * Uncomment to enable testing of the constant-flow nature of selected code. 2068 */ 2069 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 2070 2071 /** 2072 * \def MBEDTLS_TEST_HOOKS 2073 * 2074 * Enable features for invasive testing such as introspection functions and 2075 * hooks for fault injection. This enables additional unit tests. 2076 * 2077 * Merely enabling this feature should not change the behavior of the product. 2078 * It only adds new code, and new branching points where the default behavior 2079 * is the same as when this feature is disabled. 2080 * However, this feature increases the attack surface: there is an added 2081 * risk of vulnerabilities, and more gadgets that can make exploits easier. 2082 * Therefore this feature must never be enabled in production. 2083 * 2084 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more 2085 * information. 2086 * 2087 * Uncomment to enable invasive tests. 2088 */ 2089 //#define MBEDTLS_TEST_HOOKS 2090 2091 /** 2092 * \def MBEDTLS_THREADING_ALT 2093 * 2094 * Provide your own alternate threading implementation. 2095 * 2096 * Requires: MBEDTLS_THREADING_C 2097 * 2098 * Uncomment this to allow your own alternate threading implementation. 2099 */ 2100 //#define MBEDTLS_THREADING_ALT 2101 2102 /** 2103 * \def MBEDTLS_THREADING_PTHREAD 2104 * 2105 * Enable the pthread wrapper layer for the threading layer. 2106 * 2107 * Requires: MBEDTLS_THREADING_C 2108 * 2109 * Uncomment this to enable pthread mutexes. 2110 */ 2111 //#define MBEDTLS_THREADING_PTHREAD 2112 2113 /** 2114 * \def MBEDTLS_USE_PSA_CRYPTO 2115 * 2116 * Make the X.509 and TLS libraries use PSA for cryptographic operations as 2117 * much as possible, and enable new APIs for using keys handled by PSA Crypto. 2118 * 2119 * \note Development of this option is currently in progress, and parts of Mbed 2120 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts 2121 * will still continue to work as usual, so enabling this option should not 2122 * break backwards compatibility. 2123 * 2124 * \warning If you enable this option, you need to call `psa_crypto_init()` 2125 * before calling any function from the SSL/TLS, X.509 or PK modules, except 2126 * for the various mbedtls_xxx_init() functions which can be called at any time. 2127 * 2128 * \note An important and desirable effect of this option is that it allows 2129 * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling 2130 * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in 2131 * those modules. However, note that even with this option disabled, some code 2132 * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it 2133 * can determine it's safe to do so; currently that's the case for hashes. 2134 * 2135 * \note See docs/use-psa-crypto.md for a complete description this option. 2136 * 2137 * Requires: MBEDTLS_PSA_CRYPTO_C. 2138 * 2139 * Uncomment this to enable internal use of PSA Crypto and new associated APIs. 2140 */ 2141 //#define MBEDTLS_USE_PSA_CRYPTO 2142 2143 /** 2144 * \def MBEDTLS_PSA_CRYPTO_CONFIG 2145 * 2146 * This setting allows support for cryptographic mechanisms through the PSA 2147 * API to be configured separately from support through the mbedtls API. 2148 * 2149 * When this option is disabled, the PSA API exposes the cryptographic 2150 * mechanisms that can be implemented on top of the `mbedtls_xxx` API 2151 * configured with `MBEDTLS_XXX` symbols. 2152 * 2153 * When this option is enabled, the PSA API exposes the cryptographic 2154 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in 2155 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are 2156 * automatically enabled if required (i.e. if no PSA driver provides the 2157 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols 2158 * in mbedtls_config.h. 2159 * 2160 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies 2161 * an alternative header to include instead of include/psa/crypto_config.h. 2162 * 2163 * \warning This option is experimental, in that the set of `PSA_WANT_XXX` 2164 * symbols is not completely finalized yet, and the configuration 2165 * tooling is not ideally adapted to having two separate configuration 2166 * files. 2167 * Future minor releases of Mbed TLS may make minor changes to those 2168 * symbols, but we will endeavor to provide a transition path. 2169 * Nonetheless, this option is considered mature enough to use in 2170 * production, as long as you accept that you may need to make 2171 * minor changes to psa/crypto_config.h when upgrading Mbed TLS. 2172 */ 2173 //#define MBEDTLS_PSA_CRYPTO_CONFIG 2174 2175 /** 2176 * \def MBEDTLS_VERSION_FEATURES 2177 * 2178 * Allow run-time checking of compile-time enabled features. Thus allowing users 2179 * to check at run-time if the library is for instance compiled with threading 2180 * support via mbedtls_version_check_feature(). 2181 * 2182 * Requires: MBEDTLS_VERSION_C 2183 * 2184 * Comment this to disable run-time checking and save ROM space 2185 */ 2186 #define MBEDTLS_VERSION_FEATURES 2187 2188 /** 2189 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 2190 * 2191 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` 2192 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure 2193 * the set of trusted certificates through a callback instead of a linked 2194 * list. 2195 * 2196 * This is useful for example in environments where a large number of trusted 2197 * certificates is present and storing them in a linked list isn't efficient 2198 * enough, or when the set of trusted certificates changes frequently. 2199 * 2200 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and 2201 * `mbedtls_ssl_conf_ca_cb()` for more information. 2202 * 2203 * Requires: MBEDTLS_X509_CRT_PARSE_C 2204 * 2205 * Uncomment to enable trusted certificate callbacks. 2206 */ 2207 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 2208 2209 /** 2210 * \def MBEDTLS_X509_REMOVE_INFO 2211 * 2212 * Disable mbedtls_x509_*_info() and related APIs. 2213 * 2214 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() 2215 * and other functions/constants only used by these functions, thus reducing 2216 * the code footprint by several KB. 2217 */ 2218 //#define MBEDTLS_X509_REMOVE_INFO 2219 2220 /** 2221 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT 2222 * 2223 * Enable parsing and verification of X.509 certificates, CRLs and CSRS 2224 * signed with RSASSA-PSS (aka PKCS#1 v2.1). 2225 * 2226 * Requires: MBEDTLS_PKCS1_V21 2227 * 2228 * Comment this macro to disallow using RSASSA-PSS in certificates. 2229 */ 2230 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT 2231 /** \} name SECTION: Mbed TLS feature support */ 2232 2233 /** 2234 * \name SECTION: Mbed TLS modules 2235 * 2236 * This section enables or disables entire modules in Mbed TLS 2237 * \{ 2238 */ 2239 2240 /** 2241 * \def MBEDTLS_AESNI_C 2242 * 2243 * Enable AES-NI support on x86-64 or x86-32. 2244 * 2245 * \note AESNI is only supported with certain compilers and target options: 2246 * - Visual Studio: supported 2247 * - GCC, x86-64, target not explicitly supporting AESNI: 2248 * requires MBEDTLS_HAVE_ASM. 2249 * - GCC, x86-32, target not explicitly supporting AESNI: 2250 * not supported. 2251 * - GCC, x86-64 or x86-32, target supporting AESNI: supported. 2252 * For this assembly-less implementation, you must currently compile 2253 * `library/aesni.c` and `library/aes.c` with machine options to enable 2254 * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or 2255 * `clang -maes -mpclmul`. 2256 * - Non-x86 targets: this option is silently ignored. 2257 * - Other compilers: this option is silently ignored. 2258 * 2259 * \note 2260 * Above, "GCC" includes compatible compilers such as Clang. 2261 * The limitations on target support are likely to be relaxed in the future. 2262 * 2263 * Module: library/aesni.c 2264 * Caller: library/aes.c 2265 * 2266 * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) 2267 * 2268 * This modules adds support for the AES-NI instructions on x86. 2269 */ 2270 #define MBEDTLS_AESNI_C 2271 2272 /** 2273 * \def MBEDTLS_AESCE_C 2274 * 2275 * Enable AES cryptographic extension support on Armv8. 2276 * 2277 * Module: library/aesce.c 2278 * Caller: library/aes.c 2279 * 2280 * Requires: MBEDTLS_AES_C 2281 * 2282 * \warning Runtime detection only works on Linux. For non-Linux operating 2283 * system, Armv8-A Cryptographic Extensions must be supported by 2284 * the CPU when this option is enabled. 2285 * 2286 * \note Minimum compiler versions for this feature when targeting aarch64 2287 * are Clang 4.0; armclang 6.6; GCC 6.0; or MSVC 2019 version 16.11.2. 2288 * Minimum compiler versions for this feature when targeting 32-bit 2289 * Arm or Thumb are Clang 11.0; armclang 6.20; or GCC 6.0. 2290 * 2291 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 2292 * armclang <= 6.9 2293 * 2294 * This module adds support for the AES Armv8-A Cryptographic Extensions on Armv8 systems. 2295 */ 2296 #define MBEDTLS_AESCE_C 2297 2298 /** 2299 * \def MBEDTLS_AES_C 2300 * 2301 * Enable the AES block cipher. 2302 * 2303 * Module: library/aes.c 2304 * Caller: library/cipher.c 2305 * library/pem.c 2306 * library/ctr_drbg.c 2307 * 2308 * This module enables the following ciphersuites (if other requisites are 2309 * enabled as well): 2310 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 2311 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 2312 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 2313 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 2314 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 2315 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 2316 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 2317 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 2318 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 2319 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 2320 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 2321 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 2322 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 2323 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 2324 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 2325 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 2326 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 2327 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 2328 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 2329 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 2330 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2331 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 2332 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 2333 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 2334 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 2335 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 2336 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 2337 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 2338 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 2339 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 2340 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 2341 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 2342 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 2343 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 2344 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 2345 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 2346 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 2347 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 2348 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 2349 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 2350 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 2351 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 2352 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 2353 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 2354 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 2355 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 2356 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 2357 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 2358 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 2359 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 2360 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 2361 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 2362 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 2363 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 2364 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 2365 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 2366 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 2367 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 2368 * 2369 * PEM_PARSE uses AES for decrypting encrypted keys. 2370 */ 2371 #define MBEDTLS_AES_C 2372 2373 /** 2374 * \def MBEDTLS_ASN1_PARSE_C 2375 * 2376 * Enable the generic ASN1 parser. 2377 * 2378 * Module: library/asn1.c 2379 * Caller: library/x509.c 2380 * library/dhm.c 2381 * library/pkcs12.c 2382 * library/pkcs5.c 2383 * library/pkparse.c 2384 */ 2385 #define MBEDTLS_ASN1_PARSE_C 2386 2387 /** 2388 * \def MBEDTLS_ASN1_WRITE_C 2389 * 2390 * Enable the generic ASN1 writer. 2391 * 2392 * Module: library/asn1write.c 2393 * Caller: library/ecdsa.c 2394 * library/pkwrite.c 2395 * library/x509_create.c 2396 * library/x509write_crt.c 2397 * library/x509write_csr.c 2398 */ 2399 #define MBEDTLS_ASN1_WRITE_C 2400 2401 /** 2402 * \def MBEDTLS_BASE64_C 2403 * 2404 * Enable the Base64 module. 2405 * 2406 * Module: library/base64.c 2407 * Caller: library/pem.c 2408 * 2409 * This module is required for PEM support (required by X.509). 2410 */ 2411 #define MBEDTLS_BASE64_C 2412 2413 /** 2414 * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 2415 * 2416 * Remove decryption operation for AES, ARIA and Camellia block cipher. 2417 * 2418 * \note This feature is incompatible with insecure block cipher, 2419 * MBEDTLS_DES_C, and cipher modes which always require decryption 2420 * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and 2421 * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, 2422 * this feature is incompatible with following supported PSA equivalence, 2423 * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING, 2424 * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES. 2425 * 2426 * Module: library/aes.c 2427 * library/aesce.c 2428 * library/aesni.c 2429 * library/aria.c 2430 * library/camellia.c 2431 * library/cipher.c 2432 */ 2433 //#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 2434 2435 /** 2436 * \def MBEDTLS_BIGNUM_C 2437 * 2438 * Enable the multi-precision integer library. 2439 * 2440 * Module: library/bignum.c 2441 * library/bignum_core.c 2442 * library/bignum_mod.c 2443 * library/bignum_mod_raw.c 2444 * Caller: library/dhm.c 2445 * library/ecp.c 2446 * library/ecdsa.c 2447 * library/rsa.c 2448 * library/rsa_alt_helpers.c 2449 * library/ssl_tls.c 2450 * 2451 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. 2452 */ 2453 #define MBEDTLS_BIGNUM_C 2454 2455 /** 2456 * \def MBEDTLS_CAMELLIA_C 2457 * 2458 * Enable the Camellia block cipher. 2459 * 2460 * Module: library/camellia.c 2461 * Caller: library/cipher.c 2462 * 2463 * This module enables the following ciphersuites (if other requisites are 2464 * enabled as well): 2465 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2466 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2467 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 2468 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 2469 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2470 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2471 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 2472 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 2473 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2474 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2475 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2476 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2477 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 2478 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 2479 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 2480 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2481 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2482 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2483 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2484 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2485 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2486 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 2487 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 2488 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2489 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2490 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 2491 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2492 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2493 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 2494 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 2495 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 2496 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 2497 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 2498 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 2499 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 2500 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 2501 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 2502 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 2503 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 2504 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 2505 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 2506 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 2507 */ 2508 #define MBEDTLS_CAMELLIA_C 2509 2510 /** 2511 * \def MBEDTLS_ARIA_C 2512 * 2513 * Enable the ARIA block cipher. 2514 * 2515 * Module: library/aria.c 2516 * Caller: library/cipher.c 2517 * 2518 * This module enables the following ciphersuites (if other requisites are 2519 * enabled as well): 2520 * 2521 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 2522 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 2523 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 2524 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 2525 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 2526 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 2527 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 2528 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 2529 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 2530 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 2531 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 2532 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 2533 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 2534 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 2535 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 2536 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 2537 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 2538 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 2539 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 2540 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 2541 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 2542 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 2543 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 2544 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 2545 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 2546 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 2547 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 2548 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 2549 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 2550 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 2551 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 2552 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 2553 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 2554 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 2555 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 2556 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 2557 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 2558 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 2559 */ 2560 #define MBEDTLS_ARIA_C 2561 2562 /** 2563 * \def MBEDTLS_CCM_C 2564 * 2565 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. 2566 * 2567 * Module: library/ccm.c 2568 * 2569 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2570 * MBEDTLS_ARIA_C 2571 * 2572 * This module enables the AES-CCM ciphersuites, if other requisites are 2573 * enabled as well. 2574 */ 2575 #define MBEDTLS_CCM_C 2576 2577 /** 2578 * \def MBEDTLS_CHACHA20_C 2579 * 2580 * Enable the ChaCha20 stream cipher. 2581 * 2582 * Module: library/chacha20.c 2583 */ 2584 #define MBEDTLS_CHACHA20_C 2585 2586 /** 2587 * \def MBEDTLS_CHACHAPOLY_C 2588 * 2589 * Enable the ChaCha20-Poly1305 AEAD algorithm. 2590 * 2591 * Module: library/chachapoly.c 2592 * 2593 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C 2594 */ 2595 #define MBEDTLS_CHACHAPOLY_C 2596 2597 /** 2598 * \def MBEDTLS_CIPHER_C 2599 * 2600 * Enable the generic cipher layer. 2601 * 2602 * Module: library/cipher.c 2603 * Caller: library/ccm.c 2604 * library/cmac.c 2605 * library/gcm.c 2606 * library/nist_kw.c 2607 * library/pkcs12.c 2608 * library/pkcs5.c 2609 * library/psa_crypto_aead.c 2610 * library/psa_crypto_mac.c 2611 * library/ssl_ciphersuites.c 2612 * library/ssl_msg.c 2613 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) 2614 * Auto-enabled by: MBEDTLS_PSA_CRYPTO_C depending on which ciphers are enabled 2615 * (see the documentation of that option for details). 2616 * 2617 * Uncomment to enable generic cipher wrappers. 2618 */ 2619 #define MBEDTLS_CIPHER_C 2620 2621 /** 2622 * \def MBEDTLS_CMAC_C 2623 * 2624 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block 2625 * ciphers. 2626 * 2627 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying 2628 * implementation of the CMAC algorithm is provided by an alternate 2629 * implementation, that alternate implementation may opt to not support 2630 * AES-192 or 3DES as underlying block ciphers for the CMAC operation. 2631 * 2632 * Module: library/cmac.c 2633 * 2634 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C 2635 * 2636 */ 2637 #define MBEDTLS_CMAC_C 2638 2639 /** 2640 * \def MBEDTLS_CTR_DRBG_C 2641 * 2642 * Enable the CTR_DRBG AES-based random generator. 2643 * The CTR_DRBG generator uses AES-256 by default. 2644 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. 2645 * 2646 * AES support can either be achieved through builtin (MBEDTLS_AES_C) or PSA. 2647 * Builtin is the default option when MBEDTLS_AES_C is defined otherwise PSA 2648 * is used. 2649 * 2650 * \warning When using PSA, the user should call `psa_crypto_init()` before 2651 * using any CTR_DRBG operation (except `mbedtls_ctr_drbg_init()`). 2652 * 2653 * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. 2654 * 2655 * \note To achieve a 256-bit security strength with CTR_DRBG, 2656 * you must use AES-256 *and* use sufficient entropy. 2657 * See ctr_drbg.h for more details. 2658 * 2659 * Module: library/ctr_drbg.c 2660 * Caller: 2661 * 2662 * Requires: MBEDTLS_AES_C or 2663 * (PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING and 2664 * MBEDTLS_PSA_CRYPTO_C) 2665 * 2666 * This module provides the CTR_DRBG AES random number generator. 2667 */ 2668 #define MBEDTLS_CTR_DRBG_C 2669 2670 /** 2671 * \def MBEDTLS_DEBUG_C 2672 * 2673 * Enable the debug functions. 2674 * 2675 * Module: library/debug.c 2676 * Caller: library/ssl_msg.c 2677 * library/ssl_tls.c 2678 * library/ssl_tls12_*.c 2679 * library/ssl_tls13_*.c 2680 * 2681 * This module provides debugging functions. 2682 */ 2683 #define MBEDTLS_DEBUG_C 2684 2685 /** 2686 * \def MBEDTLS_DES_C 2687 * 2688 * Enable the DES block cipher. 2689 * 2690 * Module: library/des.c 2691 * Caller: library/pem.c 2692 * library/cipher.c 2693 * 2694 * PEM_PARSE uses DES/3DES for decrypting encrypted keys. 2695 * 2696 * \warning DES/3DES are considered weak ciphers and their use constitutes a 2697 * security risk. We recommend considering stronger ciphers instead. 2698 */ 2699 #define MBEDTLS_DES_C 2700 2701 /** 2702 * \def MBEDTLS_DHM_C 2703 * 2704 * Enable the Diffie-Hellman-Merkle module. 2705 * 2706 * Module: library/dhm.c 2707 * Caller: library/ssl_tls.c 2708 * library/ssl*_client.c 2709 * library/ssl*_server.c 2710 * 2711 * This module is used by the following key exchanges: 2712 * DHE-RSA, DHE-PSK 2713 * 2714 * \warning Using DHE constitutes a security risk as it 2715 * is not possible to validate custom DH parameters. 2716 * If possible, it is recommended users should consider 2717 * preferring other methods of key exchange. 2718 * See dhm.h for more details. 2719 * 2720 */ 2721 #define MBEDTLS_DHM_C 2722 2723 /** 2724 * \def MBEDTLS_ECDH_C 2725 * 2726 * Enable the elliptic curve Diffie-Hellman library. 2727 * 2728 * Module: library/ecdh.c 2729 * Caller: library/psa_crypto.c 2730 * library/ssl_tls.c 2731 * library/ssl*_client.c 2732 * library/ssl*_server.c 2733 * 2734 * This module is used by the following key exchanges: 2735 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK 2736 * 2737 * Requires: MBEDTLS_ECP_C 2738 */ 2739 #define MBEDTLS_ECDH_C 2740 2741 /** 2742 * \def MBEDTLS_ECDSA_C 2743 * 2744 * Enable the elliptic curve DSA library. 2745 * 2746 * Module: library/ecdsa.c 2747 * Caller: 2748 * 2749 * This module is used by the following key exchanges: 2750 * ECDHE-ECDSA 2751 * 2752 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, 2753 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a 2754 * short Weierstrass curve. 2755 */ 2756 #define MBEDTLS_ECDSA_C 2757 2758 /** 2759 * \def MBEDTLS_ECJPAKE_C 2760 * 2761 * Enable the elliptic curve J-PAKE library. 2762 * 2763 * \note EC J-PAKE support is based on the Thread v1.0.0 specification. 2764 * It has not been reviewed for compliance with newer standards such as 2765 * Thread v1.1 or RFC 8236. 2766 * 2767 * Module: library/ecjpake.c 2768 * Caller: 2769 * 2770 * This module is used by the following key exchanges: 2771 * ECJPAKE 2772 * 2773 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C 2774 * 2775 * \warning If using a hash that is only provided by PSA drivers, you must 2776 * call psa_crypto_init() before doing any EC J-PAKE operations. 2777 */ 2778 #define MBEDTLS_ECJPAKE_C 2779 2780 /** 2781 * \def MBEDTLS_ECP_C 2782 * 2783 * Enable the elliptic curve over GF(p) library. 2784 * 2785 * Module: library/ecp.c 2786 * Caller: library/ecdh.c 2787 * library/ecdsa.c 2788 * library/ecjpake.c 2789 * 2790 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED 2791 */ 2792 #define MBEDTLS_ECP_C 2793 2794 /** 2795 * \def MBEDTLS_ENTROPY_C 2796 * 2797 * Enable the platform-specific entropy code. 2798 * 2799 * Module: library/entropy.c 2800 * Caller: 2801 * 2802 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C 2803 * 2804 * This module provides a generic entropy pool 2805 */ 2806 #define MBEDTLS_ENTROPY_C 2807 2808 /** 2809 * \def MBEDTLS_ERROR_C 2810 * 2811 * Enable error code to error string conversion. 2812 * 2813 * Module: library/error.c 2814 * Caller: 2815 * 2816 * This module enables mbedtls_strerror(). 2817 */ 2818 #define MBEDTLS_ERROR_C 2819 2820 /** 2821 * \def MBEDTLS_GCM_C 2822 * 2823 * Enable the Galois/Counter Mode (GCM). 2824 * 2825 * Module: library/gcm.c 2826 * 2827 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2828 * MBEDTLS_ARIA_C 2829 * 2830 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other 2831 * requisites are enabled as well. 2832 */ 2833 #define MBEDTLS_GCM_C 2834 2835 /** 2836 * \def MBEDTLS_GCM_LARGE_TABLE 2837 * 2838 * Enable large pre-computed tables for Galois/Counter Mode (GCM). 2839 * Can significantly increase throughput on systems without GCM hardware 2840 * acceleration (e.g., AESNI, AESCE). 2841 * 2842 * The mbedtls_gcm_context size will increase by 3840 bytes. 2843 * The code size will increase by roughly 344 bytes. 2844 * 2845 * Module: library/gcm.c 2846 * 2847 * Requires: MBEDTLS_GCM_C 2848 */ 2849 //#define MBEDTLS_GCM_LARGE_TABLE 2850 2851 /** 2852 * \def MBEDTLS_HKDF_C 2853 * 2854 * Enable the HKDF algorithm (RFC 5869). 2855 * 2856 * Module: library/hkdf.c 2857 * Caller: 2858 * 2859 * Requires: MBEDTLS_MD_C 2860 * 2861 * This module adds support for the Hashed Message Authentication Code 2862 * (HMAC)-based key derivation function (HKDF). 2863 */ 2864 #define MBEDTLS_HKDF_C 2865 2866 /** 2867 * \def MBEDTLS_HMAC_DRBG_C 2868 * 2869 * Enable the HMAC_DRBG random generator. 2870 * 2871 * Module: library/hmac_drbg.c 2872 * Caller: 2873 * 2874 * Requires: MBEDTLS_MD_C 2875 * 2876 * Uncomment to enable the HMAC_DRBG random number generator. 2877 */ 2878 #define MBEDTLS_HMAC_DRBG_C 2879 2880 /** 2881 * \def MBEDTLS_LMS_C 2882 * 2883 * Enable the LMS stateful-hash asymmetric signature algorithm. 2884 * 2885 * Module: library/lms.c 2886 * Caller: 2887 * 2888 * Requires: MBEDTLS_PSA_CRYPTO_C 2889 * 2890 * Uncomment to enable the LMS verification algorithm and public key operations. 2891 */ 2892 #define MBEDTLS_LMS_C 2893 2894 /** 2895 * \def MBEDTLS_LMS_PRIVATE 2896 * 2897 * Enable LMS private-key operations and signing code. Functions enabled by this 2898 * option are experimental, and should not be used in production. 2899 * 2900 * Requires: MBEDTLS_LMS_C 2901 * 2902 * Uncomment to enable the LMS signature algorithm and private key operations. 2903 */ 2904 //#define MBEDTLS_LMS_PRIVATE 2905 2906 /** 2907 * \def MBEDTLS_NIST_KW_C 2908 * 2909 * Enable the Key Wrapping mode for 128-bit block ciphers, 2910 * as defined in NIST SP 800-38F. Only KW and KWP modes 2911 * are supported. At the moment, only AES is approved by NIST. 2912 * 2913 * Module: library/nist_kw.c 2914 * 2915 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C 2916 */ 2917 #define MBEDTLS_NIST_KW_C 2918 2919 /** 2920 * \def MBEDTLS_MD_C 2921 * 2922 * Enable the generic layer for message digest (hashing) and HMAC. 2923 * 2924 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, 2925 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, 2926 * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least 2927 * one hash. 2928 * Module: library/md.c 2929 * Caller: library/constant_time.c 2930 * library/ecdsa.c 2931 * library/ecjpake.c 2932 * library/hkdf.c 2933 * library/hmac_drbg.c 2934 * library/pk.c 2935 * library/pkcs5.c 2936 * library/pkcs12.c 2937 * library/psa_crypto_ecp.c 2938 * library/psa_crypto_rsa.c 2939 * library/rsa.c 2940 * library/ssl_cookie.c 2941 * library/ssl_msg.c 2942 * library/ssl_tls.c 2943 * library/x509.c 2944 * library/x509_crt.c 2945 * library/x509write_crt.c 2946 * library/x509write_csr.c 2947 * 2948 * Uncomment to enable generic message digest wrappers. 2949 */ 2950 #define MBEDTLS_MD_C 2951 2952 /** 2953 * \def MBEDTLS_MD5_C 2954 * 2955 * Enable the MD5 hash algorithm. 2956 * 2957 * Module: library/md5.c 2958 * Caller: library/md.c 2959 * library/pem.c 2960 * library/ssl_tls.c 2961 * 2962 * This module is required for TLS 1.2 depending on the handshake parameters. 2963 * Further, it is used for checking MD5-signed certificates, and for PBKDF1 2964 * when decrypting PEM-encoded encrypted keys. 2965 * 2966 * \warning MD5 is considered a weak message digest and its use constitutes a 2967 * security risk. If possible, we recommend avoiding dependencies on 2968 * it, and considering stronger message digests instead. 2969 * 2970 */ 2971 #define MBEDTLS_MD5_C 2972 2973 /** 2974 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C 2975 * 2976 * Enable the buffer allocator implementation that makes use of a (stack) 2977 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() 2978 * calls) 2979 * 2980 * Module: library/memory_buffer_alloc.c 2981 * 2982 * Requires: MBEDTLS_PLATFORM_C 2983 * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) 2984 * 2985 * Enable this module to enable the buffer memory allocator. 2986 */ 2987 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C 2988 2989 /** 2990 * \def MBEDTLS_NET_C 2991 * 2992 * Enable the TCP and UDP over IPv6/IPv4 networking routines. 2993 * 2994 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) 2995 * and Windows. For other platforms, you'll want to disable it, and write your 2996 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). 2997 * 2998 * \note See also our Knowledge Base article about porting to a new 2999 * environment: 3000 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 3001 * 3002 * Module: library/net_sockets.c 3003 * 3004 * This module provides networking routines. 3005 */ 3006 #define MBEDTLS_NET_C 3007 3008 /** 3009 * \def MBEDTLS_OID_C 3010 * 3011 * Enable the OID database. 3012 * 3013 * Module: library/oid.c 3014 * Caller: library/asn1write.c 3015 * library/pkcs5.c 3016 * library/pkparse.c 3017 * library/pkwrite.c 3018 * library/rsa.c 3019 * library/x509.c 3020 * library/x509_create.c 3021 * library/x509_crl.c 3022 * library/x509_crt.c 3023 * library/x509_csr.c 3024 * library/x509write_crt.c 3025 * library/x509write_csr.c 3026 * 3027 * This modules translates between OIDs and internal values. 3028 */ 3029 #define MBEDTLS_OID_C 3030 3031 /** 3032 * \def MBEDTLS_PADLOCK_C 3033 * 3034 * Enable VIA Padlock support on x86. 3035 * 3036 * Module: library/padlock.c 3037 * Caller: library/aes.c 3038 * 3039 * Requires: MBEDTLS_HAVE_ASM 3040 * 3041 * This modules adds support for the VIA PadLock on x86. 3042 */ 3043 #define MBEDTLS_PADLOCK_C 3044 3045 /** 3046 * \def MBEDTLS_PEM_PARSE_C 3047 * 3048 * Enable PEM decoding / parsing. 3049 * 3050 * Module: library/pem.c 3051 * Caller: library/dhm.c 3052 * library/pkparse.c 3053 * library/x509_crl.c 3054 * library/x509_crt.c 3055 * library/x509_csr.c 3056 * 3057 * Requires: MBEDTLS_BASE64_C 3058 * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below) 3059 * 3060 * \warning When parsing password-protected files, if MD5 is provided only by 3061 * a PSA driver, you must call psa_crypto_init() before the first file. 3062 * 3063 * This modules adds support for decoding / parsing PEM files. 3064 */ 3065 #define MBEDTLS_PEM_PARSE_C 3066 3067 /** 3068 * \def MBEDTLS_PEM_WRITE_C 3069 * 3070 * Enable PEM encoding / writing. 3071 * 3072 * Module: library/pem.c 3073 * Caller: library/pkwrite.c 3074 * library/x509write_crt.c 3075 * library/x509write_csr.c 3076 * 3077 * Requires: MBEDTLS_BASE64_C 3078 * 3079 * This modules adds support for encoding / writing PEM files. 3080 */ 3081 #define MBEDTLS_PEM_WRITE_C 3082 3083 /** 3084 * \def MBEDTLS_PK_C 3085 * 3086 * Enable the generic public (asymmetric) key layer. 3087 * 3088 * Module: library/pk.c 3089 * Caller: library/psa_crypto_rsa.c 3090 * library/ssl_tls.c 3091 * library/ssl*_client.c 3092 * library/ssl*_server.c 3093 * library/x509.c 3094 * 3095 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C 3096 * 3097 * Uncomment to enable generic public key wrappers. 3098 */ 3099 #define MBEDTLS_PK_C 3100 3101 /** 3102 * \def MBEDTLS_PK_PARSE_C 3103 * 3104 * Enable the generic public (asymmetric) key parser. 3105 * 3106 * Module: library/pkparse.c 3107 * Caller: library/x509_crt.c 3108 * library/x509_csr.c 3109 * 3110 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_C 3111 * 3112 * Uncomment to enable generic public key parse functions. 3113 */ 3114 #define MBEDTLS_PK_PARSE_C 3115 3116 /** 3117 * \def MBEDTLS_PK_WRITE_C 3118 * 3119 * Enable the generic public (asymmetric) key writer. 3120 * 3121 * Module: library/pkwrite.c 3122 * Caller: library/x509write.c 3123 * 3124 * Requires: MBEDTLS_ASN1_WRITE_C, MBEDTLS_OID_C, MBEDTLS_PK_C 3125 * 3126 * Uncomment to enable generic public key write functions. 3127 */ 3128 #define MBEDTLS_PK_WRITE_C 3129 3130 /** 3131 * \def MBEDTLS_PKCS5_C 3132 * 3133 * Enable PKCS#5 functions. 3134 * 3135 * Module: library/pkcs5.c 3136 * 3137 * Auto-enables: MBEDTLS_MD_C 3138 * 3139 * \warning If using a hash that is only provided by PSA drivers, you must 3140 * call psa_crypto_init() before doing any PKCS5 operations. 3141 * 3142 * This module adds support for the PKCS#5 functions. 3143 */ 3144 #define MBEDTLS_PKCS5_C 3145 3146 /** 3147 * \def MBEDTLS_PKCS7_C 3148 * 3149 * Enable PKCS #7 core for using PKCS #7-formatted signatures. 3150 * RFC Link - https://tools.ietf.org/html/rfc2315 3151 * 3152 * Module: library/pkcs7.c 3153 * 3154 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3155 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, 3156 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C 3157 * 3158 * This module is required for the PKCS #7 parsing modules. 3159 */ 3160 #define MBEDTLS_PKCS7_C 3161 3162 /** 3163 * \def MBEDTLS_PKCS12_C 3164 * 3165 * Enable PKCS#12 PBE functions. 3166 * Adds algorithms for parsing PKCS#8 encrypted private keys 3167 * 3168 * Module: library/pkcs12.c 3169 * Caller: library/pkparse.c 3170 * 3171 * Requires: MBEDTLS_ASN1_PARSE_C and either MBEDTLS_MD_C or 3172 * MBEDTLS_PSA_CRYPTO_C. 3173 * 3174 * \warning If using a hash that is only provided by PSA drivers, you must 3175 * call psa_crypto_init() before doing any PKCS12 operations. 3176 * 3177 * This module enables PKCS#12 functions. 3178 */ 3179 #define MBEDTLS_PKCS12_C 3180 3181 /** 3182 * \def MBEDTLS_PLATFORM_C 3183 * 3184 * Enable the platform abstraction layer that allows you to re-assign 3185 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). 3186 * 3187 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT 3188 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned 3189 * above to be specified at runtime or compile time respectively. 3190 * 3191 * \note This abstraction layer must be enabled on Windows (including MSYS2) 3192 * as other modules rely on it for a fixed snprintf implementation. 3193 * 3194 * Module: library/platform.c 3195 * Caller: Most other .c files 3196 * 3197 * This module enables abstraction of common (libc) functions. 3198 */ 3199 #define MBEDTLS_PLATFORM_C 3200 3201 /** 3202 * \def MBEDTLS_POLY1305_C 3203 * 3204 * Enable the Poly1305 MAC algorithm. 3205 * 3206 * Module: library/poly1305.c 3207 * Caller: library/chachapoly.c 3208 */ 3209 #define MBEDTLS_POLY1305_C 3210 3211 /** 3212 * \def MBEDTLS_PSA_CRYPTO_C 3213 * 3214 * Enable the Platform Security Architecture cryptography API. 3215 * 3216 * Module: library/psa_crypto.c 3217 * 3218 * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, 3219 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, 3220 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. 3221 * Auto-enables: MBEDTLS_CIPHER_C if any unauthenticated (ie, non-AEAD) cipher 3222 * is enabled in PSA (unless it's fully accelerated, see 3223 * docs/driver-only-builds.md about that). 3224 */ 3225 #define MBEDTLS_PSA_CRYPTO_C 3226 3227 /** 3228 * \def MBEDTLS_PSA_CRYPTO_SE_C 3229 * 3230 * Enable dynamic secure element support in the Platform Security Architecture 3231 * cryptography API. 3232 * 3233 * \deprecated This feature is deprecated. Please switch to the PSA driver 3234 * interface. 3235 * 3236 * \warning This feature is not thread-safe, and should not be used in a 3237 * multi-threaded environment. 3238 * 3239 * Module: library/psa_crypto_se.c 3240 * 3241 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C 3242 * 3243 */ 3244 //#define MBEDTLS_PSA_CRYPTO_SE_C 3245 3246 /** 3247 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C 3248 * 3249 * Enable the Platform Security Architecture persistent key storage. 3250 * 3251 * Module: library/psa_crypto_storage.c 3252 * 3253 * Requires: MBEDTLS_PSA_CRYPTO_C, 3254 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of 3255 * the PSA ITS interface 3256 */ 3257 #define MBEDTLS_PSA_CRYPTO_STORAGE_C 3258 3259 /** 3260 * \def MBEDTLS_PSA_ITS_FILE_C 3261 * 3262 * Enable the emulation of the Platform Security Architecture 3263 * Internal Trusted Storage (PSA ITS) over files. 3264 * 3265 * Module: library/psa_its_file.c 3266 * 3267 * Requires: MBEDTLS_FS_IO 3268 */ 3269 #define MBEDTLS_PSA_ITS_FILE_C 3270 3271 /** 3272 * \def MBEDTLS_PSA_STATIC_KEY_SLOTS 3273 * 3274 * Statically preallocate memory to store keys' material in PSA instead 3275 * of allocating it dynamically when required. This allows builds without a 3276 * heap, if none of the enabled cryptographic implementations or other features 3277 * require it. 3278 * This feature affects both volatile and persistent keys which means that 3279 * it's not possible to persistently store a key which is larger than 3280 * #MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE. 3281 * 3282 * \note This feature comes with a (potentially) higher RAM usage since: 3283 * - All the key slots are allocated no matter if they are used or not. 3284 * - Each key buffer's length is #MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE bytes. 3285 * 3286 * Requires: MBEDTLS_PSA_CRYPTO_C 3287 * 3288 */ 3289 //#define MBEDTLS_PSA_STATIC_KEY_SLOTS 3290 3291 /** 3292 * \def MBEDTLS_RIPEMD160_C 3293 * 3294 * Enable the RIPEMD-160 hash algorithm. 3295 * 3296 * Module: library/ripemd160.c 3297 * Caller: library/md.c 3298 * 3299 */ 3300 #define MBEDTLS_RIPEMD160_C 3301 3302 /** 3303 * \def MBEDTLS_RSA_C 3304 * 3305 * Enable the RSA public-key cryptosystem. 3306 * 3307 * Module: library/rsa.c 3308 * library/rsa_alt_helpers.c 3309 * Caller: library/pk.c 3310 * library/psa_crypto.c 3311 * library/ssl_tls.c 3312 * library/ssl*_client.c 3313 * library/ssl*_server.c 3314 * 3315 * This module is used by the following key exchanges: 3316 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK 3317 * 3318 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C 3319 */ 3320 #define MBEDTLS_RSA_C 3321 3322 /** 3323 * \def MBEDTLS_SHA1_C 3324 * 3325 * Enable the SHA1 cryptographic hash algorithm. 3326 * 3327 * Module: library/sha1.c 3328 * Caller: library/md.c 3329 * library/psa_crypto_hash.c 3330 * 3331 * This module is required for TLS 1.2 depending on the handshake parameters, 3332 * and for SHA1-signed certificates. 3333 * 3334 * \warning SHA-1 is considered a weak message digest and its use constitutes 3335 * a security risk. If possible, we recommend avoiding dependencies 3336 * on it, and considering stronger message digests instead. 3337 * 3338 */ 3339 #define MBEDTLS_SHA1_C 3340 3341 /** 3342 * \def MBEDTLS_SHA224_C 3343 * 3344 * Enable the SHA-224 cryptographic hash algorithm. 3345 * 3346 * Module: library/sha256.c 3347 * Caller: library/md.c 3348 * library/ssl_cookie.c 3349 * 3350 * This module adds support for SHA-224. 3351 */ 3352 #define MBEDTLS_SHA224_C 3353 3354 /** 3355 * \def MBEDTLS_SHA256_C 3356 * 3357 * Enable the SHA-256 cryptographic hash algorithm. 3358 * 3359 * Module: library/sha256.c 3360 * Caller: library/entropy.c 3361 * library/md.c 3362 * library/ssl_tls.c 3363 * library/ssl*_client.c 3364 * library/ssl*_server.c 3365 * 3366 * This module adds support for SHA-256. 3367 * This module is required for the SSL/TLS 1.2 PRF function. 3368 */ 3369 #define MBEDTLS_SHA256_C 3370 3371 /** 3372 * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT 3373 * 3374 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3375 * with the ARMv8 cryptographic extensions if they are available at runtime. 3376 * If not, the library will fall back to the C implementation. 3377 * 3378 * \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building 3379 * for a non-Armv8-A build it will be silently ignored. 3380 * 3381 * \note Minimum compiler versions for this feature are Clang 4.0, 3382 * armclang 6.6 or GCC 6.0. 3383 * 3384 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 3385 * armclang <= 6.9 3386 * 3387 * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. 3388 * That name is deprecated, but may still be used as an alternative form for this 3389 * option. 3390 * 3391 * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the 3392 * same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. 3393 * 3394 * Requires: MBEDTLS_SHA256_C. 3395 * 3396 * Module: library/sha256.c 3397 * 3398 * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions 3399 * and use them if available. 3400 */ 3401 //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT 3402 3403 /** 3404 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3405 * 3406 * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. 3407 * This name is now deprecated, but may still be used as an alternative form for 3408 * this option. 3409 */ 3410 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3411 3412 /** 3413 * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY 3414 * 3415 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3416 * with the ARMv8 cryptographic extensions, which must be available at runtime 3417 * or else an illegal instruction fault will occur. 3418 * 3419 * \note This allows builds with a smaller code size than with 3420 * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT 3421 * 3422 * \note Minimum compiler versions for this feature are Clang 4.0, 3423 * armclang 6.6 or GCC 6.0. 3424 * 3425 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 3426 * armclang <= 6.9 3427 * 3428 * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. 3429 * That name is deprecated, but may still be used as an alternative form for this 3430 * option. 3431 * 3432 * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same 3433 * time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. 3434 * 3435 * Requires: MBEDTLS_SHA256_C. 3436 * 3437 * Module: library/sha256.c 3438 * 3439 * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions 3440 * unconditionally. 3441 */ 3442 //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY 3443 3444 /** 3445 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3446 * 3447 * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. 3448 * This name is now deprecated, but may still be used as an alternative form for 3449 * this option. 3450 */ 3451 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3452 3453 /** 3454 * \def MBEDTLS_SHA384_C 3455 * 3456 * Enable the SHA-384 cryptographic hash algorithm. 3457 * 3458 * Module: library/sha512.c 3459 * Caller: library/md.c 3460 * library/psa_crypto_hash.c 3461 * library/ssl_tls.c 3462 * library/ssl*_client.c 3463 * library/ssl*_server.c 3464 * 3465 * Comment to disable SHA-384 3466 */ 3467 #define MBEDTLS_SHA384_C 3468 3469 /** 3470 * \def MBEDTLS_SHA512_C 3471 * 3472 * Enable SHA-512 cryptographic hash algorithms. 3473 * 3474 * Module: library/sha512.c 3475 * Caller: library/entropy.c 3476 * library/md.c 3477 * library/ssl_tls.c 3478 * library/ssl_cookie.c 3479 * 3480 * This module adds support for SHA-512. 3481 */ 3482 #define MBEDTLS_SHA512_C 3483 3484 /** 3485 * \def MBEDTLS_SHA3_C 3486 * 3487 * Enable the SHA3 cryptographic hash algorithm. 3488 * 3489 * Module: library/sha3.c 3490 * 3491 * This module adds support for SHA3. 3492 */ 3493 #define MBEDTLS_SHA3_C 3494 3495 /** 3496 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3497 * 3498 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3499 * with the ARMv8 cryptographic extensions if they are available at runtime. 3500 * If not, the library will fall back to the C implementation. 3501 * 3502 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building 3503 * for a non-Aarch64 build it will be silently ignored. 3504 * 3505 * \note Minimum compiler versions for this feature are Clang 7.0, 3506 * armclang 6.9 or GCC 8.0. 3507 * 3508 * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for 3509 * armclang 6.9 3510 * 3511 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3512 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. 3513 * 3514 * Requires: MBEDTLS_SHA512_C. 3515 * 3516 * Module: library/sha512.c 3517 * 3518 * Uncomment to have the library check for the A64 SHA-512 crypto extensions 3519 * and use them if available. 3520 */ 3521 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3522 3523 /** 3524 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3525 * 3526 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3527 * with the ARMv8 cryptographic extensions, which must be available at runtime 3528 * or else an illegal instruction fault will occur. 3529 * 3530 * \note This allows builds with a smaller code size than with 3531 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3532 * 3533 * \note Minimum compiler versions for this feature are Clang 7.0, 3534 * armclang 6.9 or GCC 8.0. 3535 * 3536 * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for 3537 * armclang 6.9 3538 * 3539 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same 3540 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. 3541 * 3542 * Requires: MBEDTLS_SHA512_C. 3543 * 3544 * Module: library/sha512.c 3545 * 3546 * Uncomment to have the library use the A64 SHA-512 crypto extensions 3547 * unconditionally. 3548 */ 3549 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3550 3551 /** 3552 * \def MBEDTLS_SSL_CACHE_C 3553 * 3554 * Enable simple SSL cache implementation. 3555 * 3556 * Module: library/ssl_cache.c 3557 * Caller: 3558 * 3559 * Requires: MBEDTLS_SSL_CACHE_C 3560 */ 3561 #define MBEDTLS_SSL_CACHE_C 3562 3563 /** 3564 * \def MBEDTLS_SSL_COOKIE_C 3565 * 3566 * Enable basic implementation of DTLS cookies for hello verification. 3567 * 3568 * Module: library/ssl_cookie.c 3569 * Caller: 3570 */ 3571 #define MBEDTLS_SSL_COOKIE_C 3572 3573 /** 3574 * \def MBEDTLS_SSL_TICKET_C 3575 * 3576 * Enable an implementation of TLS server-side callbacks for session tickets. 3577 * 3578 * Module: library/ssl_ticket.c 3579 * Caller: 3580 * 3581 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) && 3582 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) 3583 */ 3584 #define MBEDTLS_SSL_TICKET_C 3585 3586 /** 3587 * \def MBEDTLS_SSL_CLI_C 3588 * 3589 * Enable the SSL/TLS client code. 3590 * 3591 * Module: library/ssl*_client.c 3592 * Caller: 3593 * 3594 * Requires: MBEDTLS_SSL_TLS_C 3595 * 3596 * This module is required for SSL/TLS client support. 3597 */ 3598 #define MBEDTLS_SSL_CLI_C 3599 3600 /** 3601 * \def MBEDTLS_SSL_SRV_C 3602 * 3603 * Enable the SSL/TLS server code. 3604 * 3605 * Module: library/ssl*_server.c 3606 * Caller: 3607 * 3608 * Requires: MBEDTLS_SSL_TLS_C 3609 * 3610 * This module is required for SSL/TLS server support. 3611 */ 3612 #define MBEDTLS_SSL_SRV_C 3613 3614 /** 3615 * \def MBEDTLS_SSL_TLS_C 3616 * 3617 * Enable the generic SSL/TLS code. 3618 * 3619 * Module: library/ssl_tls.c 3620 * Caller: library/ssl*_client.c 3621 * library/ssl*_server.c 3622 * 3623 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C 3624 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines 3625 * 3626 * This module is required for SSL/TLS. 3627 */ 3628 #define MBEDTLS_SSL_TLS_C 3629 3630 /** 3631 * \def MBEDTLS_THREADING_C 3632 * 3633 * Enable the threading abstraction layer. 3634 * By default Mbed TLS assumes it is used in a non-threaded environment or that 3635 * contexts are not shared between threads. If you do intend to use contexts 3636 * between threads, you will need to enable this layer to prevent race 3637 * conditions. See also our Knowledge Base article about threading: 3638 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading 3639 * 3640 * Module: library/threading.c 3641 * 3642 * This allows different threading implementations (self-implemented or 3643 * provided). 3644 * 3645 * You will have to enable either MBEDTLS_THREADING_ALT or 3646 * MBEDTLS_THREADING_PTHREAD. 3647 * 3648 * Enable this layer to allow use of mutexes within Mbed TLS 3649 */ 3650 //#define MBEDTLS_THREADING_C 3651 3652 /** 3653 * \def MBEDTLS_TIMING_C 3654 * 3655 * Enable the semi-portable timing interface. 3656 * 3657 * \note The provided implementation only works on POSIX/Unix (including Linux, 3658 * BSD and OS X) and Windows. On other platforms, you can either disable that 3659 * module and provide your own implementations of the callbacks needed by 3660 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide 3661 * your own implementation of the whole module by setting 3662 * \c MBEDTLS_TIMING_ALT in the current file. 3663 * 3664 * \note The timing module will include time.h on suitable platforms 3665 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 3666 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 3667 * 3668 * \note See also our Knowledge Base article about porting to a new 3669 * environment: 3670 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 3671 * 3672 * Module: library/timing.c 3673 */ 3674 #define MBEDTLS_TIMING_C 3675 3676 /** 3677 * \def MBEDTLS_VERSION_C 3678 * 3679 * Enable run-time version information. 3680 * 3681 * Module: library/version.c 3682 * 3683 * This module provides run-time version information. 3684 */ 3685 #define MBEDTLS_VERSION_C 3686 3687 /** 3688 * \def MBEDTLS_X509_USE_C 3689 * 3690 * Enable X.509 core for using certificates. 3691 * 3692 * Module: library/x509.c 3693 * Caller: library/x509_crl.c 3694 * library/x509_crt.c 3695 * library/x509_csr.c 3696 * 3697 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3698 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3699 * 3700 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3701 * psa_crypto_init() before doing any X.509 operation. 3702 * 3703 * This module is required for the X.509 parsing modules. 3704 */ 3705 #define MBEDTLS_X509_USE_C 3706 3707 /** 3708 * \def MBEDTLS_X509_CRT_PARSE_C 3709 * 3710 * Enable X.509 certificate parsing. 3711 * 3712 * Module: library/x509_crt.c 3713 * Caller: library/ssl_tls.c 3714 * library/ssl*_client.c 3715 * library/ssl*_server.c 3716 * 3717 * Requires: MBEDTLS_X509_USE_C 3718 * 3719 * This module is required for X.509 certificate parsing. 3720 */ 3721 #define MBEDTLS_X509_CRT_PARSE_C 3722 3723 /** 3724 * \def MBEDTLS_X509_CRL_PARSE_C 3725 * 3726 * Enable X.509 CRL parsing. 3727 * 3728 * Module: library/x509_crl.c 3729 * Caller: library/x509_crt.c 3730 * 3731 * Requires: MBEDTLS_X509_USE_C 3732 * 3733 * This module is required for X.509 CRL parsing. 3734 */ 3735 #define MBEDTLS_X509_CRL_PARSE_C 3736 3737 /** 3738 * \def MBEDTLS_X509_CSR_PARSE_C 3739 * 3740 * Enable X.509 Certificate Signing Request (CSR) parsing. 3741 * 3742 * Module: library/x509_csr.c 3743 * Caller: library/x509_crt_write.c 3744 * 3745 * Requires: MBEDTLS_X509_USE_C 3746 * 3747 * This module is used for reading X.509 certificate request. 3748 */ 3749 #define MBEDTLS_X509_CSR_PARSE_C 3750 3751 /** 3752 * \def MBEDTLS_X509_CREATE_C 3753 * 3754 * Enable X.509 core for creating certificates. 3755 * 3756 * Module: library/x509_create.c 3757 * 3758 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3759 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3760 * 3761 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3762 * psa_crypto_init() before doing any X.509 create operation. 3763 * 3764 * This module is the basis for creating X.509 certificates and CSRs. 3765 */ 3766 #define MBEDTLS_X509_CREATE_C 3767 3768 /** 3769 * \def MBEDTLS_X509_CRT_WRITE_C 3770 * 3771 * Enable creating X.509 certificates. 3772 * 3773 * Module: library/x509_crt_write.c 3774 * 3775 * Requires: MBEDTLS_X509_CREATE_C 3776 * 3777 * This module is required for X.509 certificate creation. 3778 */ 3779 #define MBEDTLS_X509_CRT_WRITE_C 3780 3781 /** 3782 * \def MBEDTLS_X509_CSR_WRITE_C 3783 * 3784 * Enable creating X.509 Certificate Signing Requests (CSR). 3785 * 3786 * Module: library/x509_csr_write.c 3787 * 3788 * Requires: MBEDTLS_X509_CREATE_C 3789 * 3790 * This module is required for X.509 certificate request writing. 3791 */ 3792 #define MBEDTLS_X509_CSR_WRITE_C 3793 3794 /** \} name SECTION: Mbed TLS modules */ 3795 3796 /** 3797 * \name SECTION: General configuration options 3798 * 3799 * This section contains Mbed TLS build settings that are not associated 3800 * with a particular module. 3801 * 3802 * \{ 3803 */ 3804 3805 /** 3806 * \def MBEDTLS_CONFIG_FILE 3807 * 3808 * If defined, this is a header which will be included instead of 3809 * `"mbedtls/mbedtls_config.h"`. 3810 * This header file specifies the compile-time configuration of Mbed TLS. 3811 * Unlike other configuration options, this one must be defined on the 3812 * compiler command line: a definition in `mbedtls_config.h` would have 3813 * no effect. 3814 * 3815 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3816 * non-standard feature of the C language, so this feature is only available 3817 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3818 * 3819 * The value of this symbol is typically a path in double quotes, either 3820 * absolute or relative to a directory on the include search path. 3821 */ 3822 //#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" 3823 3824 /** 3825 * \def MBEDTLS_USER_CONFIG_FILE 3826 * 3827 * If defined, this is a header which will be included after 3828 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. 3829 * This allows you to modify the default configuration, including the ability 3830 * to undefine options that are enabled by default. 3831 * 3832 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3833 * non-standard feature of the C language, so this feature is only available 3834 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3835 * 3836 * The value of this symbol is typically a path in double quotes, either 3837 * absolute or relative to a directory on the include search path. 3838 */ 3839 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null" 3840 3841 /** 3842 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE 3843 * 3844 * If defined, this is a header which will be included instead of 3845 * `"psa/crypto_config.h"`. 3846 * This header file specifies which cryptographic mechanisms are available 3847 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and 3848 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. 3849 * 3850 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3851 * non-standard feature of the C language, so this feature is only available 3852 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3853 * 3854 * The value of this symbol is typically a path in double quotes, either 3855 * absolute or relative to a directory on the include search path. 3856 */ 3857 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" 3858 3859 /** 3860 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 3861 * 3862 * If defined, this is a header which will be included after 3863 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. 3864 * This allows you to modify the default configuration, including the ability 3865 * to undefine options that are enabled by default. 3866 * 3867 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3868 * non-standard feature of the C language, so this feature is only available 3869 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3870 * 3871 * The value of this symbol is typically a path in double quotes, either 3872 * absolute or relative to a directory on the include search path. 3873 */ 3874 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" 3875 3876 /** 3877 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE 3878 * 3879 * If defined, this is a header which will be included instead of 3880 * `"psa/crypto_platform.h"`. This file should declare the same identifiers 3881 * as the one in Mbed TLS, but with definitions adapted to the platform on 3882 * which the library code will run. 3883 * 3884 * \note The required content of this header can vary from one version of 3885 * Mbed TLS to the next. Integrators who provide an alternative file 3886 * should review the changes in the original file whenever they 3887 * upgrade Mbed TLS. 3888 * 3889 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3890 * non-standard feature of the C language, so this feature is only available 3891 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3892 * 3893 * The value of this symbol is typically a path in double quotes, either 3894 * absolute or relative to a directory on the include search path. 3895 */ 3896 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" 3897 3898 /** 3899 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE 3900 * 3901 * If defined, this is a header which will be included instead of 3902 * `"psa/crypto_struct.h"`. This file should declare the same identifiers 3903 * as the one in Mbed TLS, but with definitions adapted to the environment 3904 * in which the library code will run. The typical use for this feature 3905 * is to provide alternative type definitions on the client side in 3906 * client-server integrations of PSA crypto, where operation structures 3907 * contain handles instead of cryptographic data. 3908 * 3909 * \note The required content of this header can vary from one version of 3910 * Mbed TLS to the next. Integrators who provide an alternative file 3911 * should review the changes in the original file whenever they 3912 * upgrade Mbed TLS. 3913 * 3914 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3915 * non-standard feature of the C language, so this feature is only available 3916 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3917 * 3918 * The value of this symbol is typically a path in double quotes, either 3919 * absolute or relative to a directory on the include search path. 3920 */ 3921 //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" 3922 3923 /** \} name SECTION: General configuration options */ 3924 3925 /** 3926 * \name SECTION: Module configuration options 3927 * 3928 * This section allows for the setting of module specific sizes and 3929 * configuration options. The default values are already present in the 3930 * relevant header files and should suffice for the regular use cases. 3931 * 3932 * Our advice is to enable options and change their values here 3933 * only if you have a good reason and know the consequences. 3934 * \{ 3935 */ 3936 /* The Doxygen documentation here is used when a user comments out a 3937 * setting and runs doxygen themselves. On the other hand, when we typeset 3938 * the full documentation including disabled settings, the documentation 3939 * in specific modules' header files is used if present. When editing this 3940 * file, make sure that each option is documented in exactly one place, 3941 * plus optionally a same-line Doxygen comment here if there is a Doxygen 3942 * comment in the specific module. */ 3943 3944 /* MPI / BIGNUM options */ 3945 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ 3946 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ 3947 3948 /* CTR_DRBG options */ 3949 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ 3950 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3951 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3952 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3953 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3954 3955 /* HMAC_DRBG options */ 3956 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3957 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3958 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3959 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3960 3961 /* ECP options */ 3962 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */ 3963 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ 3964 3965 /* Entropy options */ 3966 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ 3967 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ 3968 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ 3969 3970 /* Memory buffer allocator options */ 3971 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ 3972 3973 /* Platform options */ 3974 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ 3975 3976 /** \def MBEDTLS_PLATFORM_STD_CALLOC 3977 * 3978 * Default allocator to use, can be undefined. 3979 * It must initialize the allocated buffer memory to zeroes. 3980 * The size of the buffer is the product of the two parameters. 3981 * The calloc function returns either a null pointer or a pointer to the allocated space. 3982 * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. 3983 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. 3984 * See the description of #MBEDTLS_PLATFORM_MEMORY for more details. 3985 * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. 3986 */ 3987 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc 3988 3989 /** \def MBEDTLS_PLATFORM_STD_FREE 3990 * 3991 * Default free to use, can be undefined. 3992 * NULL is a valid parameter, and the function must do nothing. 3993 * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. 3994 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. 3995 * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). 3996 */ 3997 //#define MBEDTLS_PLATFORM_STD_FREE free 3998 //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ 3999 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ 4000 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 4001 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ 4002 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ 4003 /* Note: your snprintf must correctly zero-terminate the buffer! */ 4004 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ 4005 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ 4006 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ 4007 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 4008 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 4009 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ 4010 4011 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ 4012 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ 4013 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ 4014 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ 4015 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ 4016 //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ 4017 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 4018 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 4019 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ 4020 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ 4021 /* Note: your snprintf must correctly zero-terminate the buffer! */ 4022 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ 4023 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ 4024 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 4025 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 4026 //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/ 4027 //#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */ 4028 4029 /** \def MBEDTLS_CHECK_RETURN 4030 * 4031 * This macro is used at the beginning of the declaration of a function 4032 * to indicate that its return value should be checked. It should 4033 * instruct the compiler to emit a warning or an error if the function 4034 * is called without checking its return value. 4035 * 4036 * There is a default implementation for popular compilers in platform_util.h. 4037 * You can override the default implementation by defining your own here. 4038 * 4039 * If the implementation here is empty, this will effectively disable the 4040 * checking of functions' return values. 4041 */ 4042 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) 4043 4044 /** \def MBEDTLS_IGNORE_RETURN 4045 * 4046 * This macro requires one argument, which should be a C function call. 4047 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this 4048 * warning is suppressed. 4049 */ 4050 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) 4051 4052 /* PSA options */ 4053 /** 4054 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the 4055 * PSA crypto subsystem. 4056 * 4057 * If this option is unset, the library chooses a hash (currently between 4058 * #MBEDTLS_MD_SHA512 and #MBEDTLS_MD_SHA256) based on availability and 4059 * unspecified heuristics. 4060 * 4061 * \note The PSA crypto subsystem uses the first available mechanism amongst 4062 * the following: 4063 * - #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if enabled; 4064 * - Entropy from #MBEDTLS_ENTROPY_C plus CTR_DRBG with AES 4065 * if #MBEDTLS_CTR_DRBG_C is enabled; 4066 * - Entropy from #MBEDTLS_ENTROPY_C plus HMAC_DRBG. 4067 * 4068 * A future version may reevaluate the prioritization of DRBG mechanisms. 4069 */ 4070 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 4071 4072 /** \def MBEDTLS_PSA_KEY_SLOT_COUNT 4073 * 4074 * When #MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled, 4075 * the maximum amount of PSA keys simultaneously in memory. This counts all 4076 * volatile keys, plus loaded persistent keys. 4077 * 4078 * When #MBEDTLS_PSA_KEY_STORE_DYNAMIC is enabled, 4079 * the maximum number of loaded persistent keys. 4080 * 4081 * Currently, persistent keys do not need to be loaded all the time while 4082 * a multipart operation is in progress, only while the operation is being 4083 * set up. This may change in future versions of the library. 4084 * 4085 * Currently, the library traverses of the whole table on each access to a 4086 * persistent key. Therefore large values may cause poor performance. 4087 * 4088 * This option has no effect when #MBEDTLS_PSA_CRYPTO_C is disabled. 4089 */ 4090 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 4091 4092 /** 4093 * \def MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE 4094 * 4095 * Define the size (in bytes) of each static key buffer when 4096 * #MBEDTLS_PSA_STATIC_KEY_SLOTS is set. If not 4097 * explicitly defined then it's automatically guessed from available PSA keys 4098 * enabled in the build through PSA_WANT_xxx symbols. 4099 * If required by the application this parameter can be set to higher values 4100 * in order to store larger objects (ex: raw keys), but please note that this 4101 * will increase RAM usage. 4102 */ 4103 //#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE 256 4104 4105 /* RSA OPTIONS */ 4106 //#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ 4107 4108 /* SSL Cache options */ 4109 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ 4110 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ 4111 4112 /* SSL options */ 4113 4114 /** \def MBEDTLS_SSL_IN_CONTENT_LEN 4115 * 4116 * Maximum length (in bytes) of incoming plaintext fragments. 4117 * 4118 * This determines the size of the incoming TLS I/O buffer in such a way 4119 * that it is capable of holding the specified amount of plaintext data, 4120 * regardless of the protection mechanism used. 4121 * 4122 * \note When using a value less than the default of 16KB on the client, it is 4123 * recommended to use the Maximum Fragment Length (MFL) extension to 4124 * inform the server about this limitation. On the server, there 4125 * is no supported, standardized way of informing the client about 4126 * restriction on the maximum size of incoming messages, and unless 4127 * the limitation has been communicated by other means, it is recommended 4128 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN 4129 * while keeping the default value of 16KB for the incoming buffer. 4130 * 4131 * Uncomment to set the maximum plaintext size of the incoming I/O buffer. 4132 */ 4133 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 4134 4135 /** \def MBEDTLS_SSL_CID_IN_LEN_MAX 4136 * 4137 * The maximum length of CIDs used for incoming DTLS messages. 4138 * 4139 */ 4140 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 4141 4142 /** \def MBEDTLS_SSL_CID_OUT_LEN_MAX 4143 * 4144 * The maximum length of CIDs used for outgoing DTLS messages. 4145 * 4146 */ 4147 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 4148 4149 /** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 4150 * 4151 * This option controls the use of record plaintext padding 4152 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. 4153 * 4154 * The padding will always be chosen so that the length of the 4155 * padded plaintext is a multiple of the value of this option. 4156 * 4157 * Note: A value of \c 1 means that no padding will be used 4158 * for outgoing records. 4159 * 4160 * Note: On systems lacking division instructions, 4161 * a power of two should be preferred. 4162 */ 4163 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 4164 4165 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN 4166 * 4167 * Maximum length (in bytes) of outgoing plaintext fragments. 4168 * 4169 * This determines the size of the outgoing TLS I/O buffer in such a way 4170 * that it is capable of holding the specified amount of plaintext data, 4171 * regardless of the protection mechanism used. 4172 * 4173 * It is possible to save RAM by setting a smaller outward buffer, while keeping 4174 * the default inward 16384 byte buffer to conform to the TLS specification. 4175 * 4176 * The minimum required outward buffer size is determined by the handshake 4177 * protocol's usage. Handshaking will fail if the outward buffer is too small. 4178 * The specific size requirement depends on the configured ciphers and any 4179 * certificate data which is sent during the handshake. 4180 * 4181 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. 4182 */ 4183 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 4184 4185 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING 4186 * 4187 * Maximum number of heap-allocated bytes for the purpose of 4188 * DTLS handshake message reassembly and future message buffering. 4189 * 4190 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN 4191 * to account for a reassembled handshake message of maximum size, 4192 * together with its reassembly bitmap. 4193 * 4194 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) 4195 * should be sufficient for all practical situations as it allows 4196 * to reassembly a large handshake message (such as a certificate) 4197 * while buffering multiple smaller handshake messages. 4198 * 4199 */ 4200 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 4201 4202 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */ 4203 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ 4204 4205 /** 4206 * Complete list of ciphersuites to use, in order of preference. 4207 * 4208 * \warning No dependency checking is done on that field! This option can only 4209 * be used to restrict the set of available ciphersuites. It is your 4210 * responsibility to make sure the needed modules are active. 4211 * 4212 * Use this to save a few hundred bytes of ROM (default ordering of all 4213 * available ciphersuites) and a few to a few hundred bytes of RAM. 4214 * 4215 * The value below is only an example, not the default. 4216 */ 4217 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 4218 4219 /** 4220 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 4221 * 4222 * The default maximum amount of 0-RTT data. See the documentation of 4223 * \c mbedtls_ssl_conf_max_early_data_size() for more information. 4224 * 4225 * It must be positive and smaller than UINT32_MAX. 4226 * 4227 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not 4228 * have any impact on the build. 4229 */ 4230 //#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 4231 4232 /** 4233 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 4234 * 4235 * Maximum allowed ticket age difference in milliseconds tolerated between 4236 * server and client. Default value is 6000. This is not used in TLS 1.2. 4237 * 4238 * - The client ticket age is the time difference between the time when the 4239 * client proposes to the server to use the ticket and the time the client 4240 * received the ticket from the server. 4241 * - The server ticket age is the time difference between the time when the 4242 * server receives a proposition from the client to use the ticket and the 4243 * time when the ticket was created by the server. 4244 * 4245 * The ages might be different due to the client and server clocks not running 4246 * at the same pace. The typical accuracy of an RTC crystal is ±100 to ±20 parts 4247 * per million (360 to 72 milliseconds per hour). Default tolerance window is 4248 * 6s, thus in the worst case clients and servers must sync up their system time 4249 * every 6000/360/2~=8 hours. 4250 * 4251 * See section 8.3 of the TLS 1.3 specification(RFC 8446) for more information. 4252 */ 4253 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 4254 4255 /** 4256 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 4257 * 4258 * Size in bytes of a ticket nonce. This is not used in TLS 1.2. 4259 * 4260 * This must be less than 256. 4261 */ 4262 //#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 4263 4264 /** 4265 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 4266 * 4267 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server 4268 * after handshake completion. This is not used in TLS 1.2 and relevant only if 4269 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. 4270 * 4271 */ 4272 //#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 4273 4274 /* X509 options */ 4275 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ 4276 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ 4277 4278 /** \} name SECTION: Module configuration options */ 4279