1 /** 2 * \file mbedtls_config.h 3 * 4 * \brief Configuration options (set of defines) 5 * 6 * This set of compile-time options may be used to enable 7 * or disable features selectively, and reduce the global 8 * memory footprint. 9 */ 10 11 /* 12 * Copyright The Mbed TLS Contributors 13 * SPDX-License-Identifier: Apache-2.0 14 * 15 * Licensed under the Apache License, Version 2.0 (the "License"); you may 16 * not use this file except in compliance with the License. 17 * You may obtain a copy of the License at 18 * 19 * http://www.apache.org/licenses/LICENSE-2.0 20 * 21 * Unless required by applicable law or agreed to in writing, software 22 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 23 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 24 * See the License for the specific language governing permissions and 25 * limitations under the License. 26 */ 27 28 #ifndef __FREERTOS_MBEDTLS_CONFIG__ 29 #define __FREERTOS_MBEDTLS_CONFIG__ 30 31 /** 32 * This is an optional version symbol that enables compatibility handling of 33 * config files. 34 * 35 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that 36 * introduced the config format we want to be compatible with. 37 */ 38 /* #define MBEDTLS_CONFIG_VERSION 0x03000000 */ 39 40 /** 41 * \name SECTION: System support 42 * 43 * This section sets system specific settings. 44 * \{ 45 */ 46 47 /** 48 * \def MBEDTLS_HAVE_ASM 49 * 50 * The compiler has support for asm(). 51 * 52 * Requires support for asm() in compiler. 53 * 54 * Used in: 55 * library/aesni.h 56 * library/aria.c 57 * library/bn_mul.h 58 * library/constant_time.c 59 * library/padlock.h 60 * 61 * Required by: 62 * MBEDTLS_AESCE_C 63 * MBEDTLS_AESNI_C (on some platforms) 64 * MBEDTLS_PADLOCK_C 65 * 66 * Comment to disable the use of assembly code. 67 */ 68 #define MBEDTLS_HAVE_ASM 69 70 /** 71 * \def MBEDTLS_NO_UDBL_DIVISION 72 * 73 * The platform lacks support for double-width integer division (64-bit 74 * division on a 32-bit platform, 128-bit division on a 64-bit platform). 75 * 76 * Used in: 77 * include/mbedtls/bignum.h 78 * library/bignum.c 79 * 80 * The bignum code uses double-width division to speed up some operations. 81 * Double-width division is often implemented in software that needs to 82 * be linked with the program. The presence of a double-width integer 83 * type is usually detected automatically through preprocessor macros, 84 * but the automatic detection cannot know whether the code needs to 85 * and can be linked with an implementation of division for that type. 86 * By default division is assumed to be usable if the type is present. 87 * Uncomment this option to prevent the use of double-width division. 88 * 89 * Note that division for the native integer type is always required. 90 * Furthermore, a 64-bit type is always required even on a 32-bit 91 * platform, but it need not support multiplication or division. In some 92 * cases it is also desirable to disable some double-width operations. For 93 * example, if double-width division is implemented in software, disabling 94 * it can reduce code size in some embedded targets. 95 */ 96 /* #define MBEDTLS_NO_UDBL_DIVISION */ 97 98 /** 99 * \def MBEDTLS_NO_64BIT_MULTIPLICATION 100 * 101 * The platform lacks support for 32x32 -> 64-bit multiplication. 102 * 103 * Used in: 104 * library/poly1305.c 105 * 106 * Some parts of the library may use multiplication of two unsigned 32-bit 107 * operands with a 64-bit result in order to speed up computations. On some 108 * platforms, this is not available in hardware and has to be implemented in 109 * software, usually in a library provided by the toolchain. 110 * 111 * Sometimes it is not desirable to have to link to that library. This option 112 * removes the dependency of that library on platforms that lack a hardware 113 * 64-bit multiplier by embedding a software implementation in Mbed TLS. 114 * 115 * Note that depending on the compiler, this may decrease performance compared 116 * to using the library function provided by the toolchain. 117 */ 118 /* #define MBEDTLS_NO_64BIT_MULTIPLICATION */ 119 120 /** 121 * \def MBEDTLS_HAVE_SSE2 122 * 123 * CPU supports SSE2 instruction set. 124 * 125 * Uncomment if the CPU supports SSE2 (IA-32 specific). 126 */ 127 /* #define MBEDTLS_HAVE_SSE2 */ 128 129 /** 130 * \def MBEDTLS_HAVE_TIME 131 * 132 * System has time.h and time(). 133 * The time does not need to be correct, only time differences are used, 134 * by contrast with MBEDTLS_HAVE_TIME_DATE 135 * 136 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, 137 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and 138 * MBEDTLS_PLATFORM_STD_TIME. 139 * 140 * Comment if your system does not support time functions. 141 * 142 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing 143 * interface - timing.c will include time.h on suitable platforms 144 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 145 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 146 */ 147 /* #define MBEDTLS_HAVE_TIME */ 148 149 /** 150 * \def MBEDTLS_HAVE_TIME_DATE 151 * 152 * System has time.h, time(), and an implementation for 153 * mbedtls_platform_gmtime_r() (see below). 154 * The time needs to be correct (not necessarily very accurate, but at least 155 * the date should be correct). This is used to verify the validity period of 156 * X.509 certificates. 157 * 158 * Comment if your system does not have a correct clock. 159 * 160 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that 161 * behaves similarly to the gmtime_r() function from the C standard. Refer to 162 * the documentation for mbedtls_platform_gmtime_r() for more information. 163 * 164 * \note It is possible to configure an implementation for 165 * mbedtls_platform_gmtime_r() at compile-time by using the macro 166 * MBEDTLS_PLATFORM_GMTIME_R_ALT. 167 */ 168 /* #define MBEDTLS_HAVE_TIME_DATE */ 169 170 /** 171 * \def MBEDTLS_PLATFORM_MEMORY 172 * 173 * Enable the memory allocation layer. 174 * 175 * By default Mbed TLS uses the system-provided calloc() and free(). 176 * This allows different allocators (self-implemented or provided) to be 177 * provided to the platform abstraction layer. 178 * 179 * Enabling #MBEDTLS_PLATFORM_MEMORY without the 180 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide 181 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and 182 * free() function pointer at runtime. 183 * 184 * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying 185 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the 186 * alternate function at compile time. 187 * 188 * An overview of how the value of mbedtls_calloc is determined: 189 * 190 * - if !MBEDTLS_PLATFORM_MEMORY 191 * - mbedtls_calloc = calloc 192 * - if MBEDTLS_PLATFORM_MEMORY 193 * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): 194 * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO 195 * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): 196 * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. 197 * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? 198 * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: 199 * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; 200 * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; 201 * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: 202 * - if MBEDTLS_PLATFORM_STD_CALLOC is present: 203 * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; 204 * - if !MBEDTLS_PLATFORM_STD_CALLOC: 205 * - MBEDTLS_PLATFORM_STD_CALLOC = calloc 206 * 207 * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. 208 * - if !MBEDTLS_PLATFORM_STD_CALLOC 209 * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc 210 * 211 * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. 212 * 213 * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. 214 * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. 215 * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, 216 * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. 217 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. 218 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. 219 * 220 * Requires: MBEDTLS_PLATFORM_C 221 * 222 * Enable this layer to allow use of alternative memory allocators. 223 */ 224 #define MBEDTLS_PLATFORM_MEMORY 225 226 #include <stddef.h> 227 void * mbedtls_platform_calloc( size_t nmemb, 228 size_t size ); 229 void mbedtls_platform_free( void * ptr ); 230 231 /** 232 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 233 * 234 * Do not assign standard functions in the platform layer (e.g. calloc() to 235 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) 236 * 237 * This makes sure there are no linking errors on platforms that do not support 238 * these functions. You will HAVE to provide alternatives, either at runtime 239 * via the platform_set_xxx() functions or at compile time by setting 240 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a 241 * MBEDTLS_PLATFORM_XXX_MACRO. 242 * 243 * Requires: MBEDTLS_PLATFORM_C 244 * 245 * Uncomment to prevent default assignment of standard functions in the 246 * platform layer. 247 */ 248 /* #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ 249 250 /** 251 * \def MBEDTLS_PLATFORM_EXIT_ALT 252 * 253 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the 254 * function in the platform abstraction layer. 255 * 256 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will 257 * provide a function "mbedtls_platform_set_printf()" that allows you to set an 258 * alternative printf function pointer. 259 * 260 * All these define require MBEDTLS_PLATFORM_C to be defined! 261 * 262 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; 263 * it will be enabled automatically by check_config.h 264 * 265 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as 266 * MBEDTLS_PLATFORM_XXX_MACRO! 267 * 268 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME 269 * 270 * Uncomment a macro to enable alternate implementation of specific base 271 * platform function 272 */ 273 /* #define MBEDTLS_PLATFORM_SETBUF_ALT */ 274 /* #define MBEDTLS_PLATFORM_EXIT_ALT */ 275 /* #define MBEDTLS_PLATFORM_TIME_ALT */ 276 /* #define MBEDTLS_PLATFORM_FPRINTF_ALT */ 277 /* #define MBEDTLS_PLATFORM_PRINTF_ALT */ 278 /* #define MBEDTLS_PLATFORM_SNPRINTF_ALT */ 279 /* #define MBEDTLS_PLATFORM_VSNPRINTF_ALT */ 280 /* #define MBEDTLS_PLATFORM_NV_SEED_ALT */ 281 /* #define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ 282 /* #define MBEDTLS_PLATFORM_MS_TIME_ALT */ 283 284 /** 285 * Uncomment the macro to let Mbed TLS use your alternate implementation of 286 * mbedtls_platform_gmtime_r(). This replaces the default implementation in 287 * platform_util.c. 288 * 289 * gmtime() is not a thread-safe function as defined in the C standard. The 290 * library will try to use safer implementations of this function, such as 291 * gmtime_r() when available. However, if Mbed TLS cannot identify the target 292 * system, the implementation of mbedtls_platform_gmtime_r() will default to 293 * using the standard gmtime(). In this case, calls from the library to 294 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex 295 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the 296 * library are also guarded with this mutex to avoid race conditions. However, 297 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will 298 * unconditionally use the implementation for mbedtls_platform_gmtime_r() 299 * supplied at compile time. 300 */ 301 /* #define MBEDTLS_PLATFORM_GMTIME_R_ALT */ 302 303 /** 304 * Uncomment the macro to let Mbed TLS use your alternate implementation of 305 * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces 306 * the default implementation in platform_util.c. 307 * 308 * By default, the library uses a system function such as memset_s() 309 * (optional feature of C11), explicit_bzero() (BSD and compatible), or 310 * SecureZeroMemory (Windows). If no such function is detected, the library 311 * falls back to a plain C implementation. Compilers are technically 312 * permitted to optimize this implementation out, meaning that the memory is 313 * not actually wiped. The library tries to prevent that, but the C language 314 * makes it impossible to guarantee that the memory will always be wiped. 315 * 316 * If your platform provides a guaranteed method to wipe memory which 317 * `platform_util.c` does not detect, define this macro to the name of 318 * a function that takes two arguments, a `void *` pointer and a length, 319 * and wipes that many bytes starting at the specified address. For example, 320 * if your platform has explicit_bzero() but `platform_util.c` does not 321 * detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be 322 * `explicit_bzero` to use that function as mbedtls_platform_zeroize(). 323 */ 324 /* #define MBEDTLS_PLATFORM_ZEROIZE_ALT */ 325 326 /** 327 * \def MBEDTLS_DEPRECATED_WARNING 328 * 329 * Mark deprecated functions and features so that they generate a warning if 330 * used. Functionality deprecated in one version will usually be removed in the 331 * next version. You can enable this to help you prepare the transition to a 332 * new major version by making sure your code is not using this functionality. 333 * 334 * This only works with GCC and Clang. With other compilers, you may want to 335 * use MBEDTLS_DEPRECATED_REMOVED 336 * 337 * Uncomment to get warnings on using deprecated functions and features. 338 */ 339 #if defined( __GNUC__ ) 340 #define MBEDTLS_DEPRECATED_WARNING 341 #endif 342 343 /** 344 * \def MBEDTLS_DEPRECATED_REMOVED 345 * 346 * Remove deprecated functions and features so that they generate an error if 347 * used. Functionality deprecated in one version will usually be removed in the 348 * next version. You can enable this to help you prepare the transition to a 349 * new major version by making sure your code is not using this functionality. 350 * 351 * Uncomment to get errors on using deprecated functions and features. 352 */ 353 /* #define MBEDTLS_DEPRECATED_REMOVED */ 354 355 /** \} name SECTION: System support */ 356 357 /** 358 * \name SECTION: Mbed TLS feature support 359 * 360 * This section sets support for features that are or are not needed 361 * within the modules that are enabled. 362 * \{ 363 */ 364 365 /** 366 * \def MBEDTLS_TIMING_ALT 367 * 368 * Uncomment to provide your own alternate implementation for 369 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() 370 * 371 * Only works if you have MBEDTLS_TIMING_C enabled. 372 * 373 * You will need to provide a header "timing_alt.h" and an implementation at 374 * compile time. 375 */ 376 /* #define MBEDTLS_TIMING_ALT */ 377 378 /** 379 * \def MBEDTLS_AES_ALT 380 * 381 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your 382 * alternate core implementation of a symmetric crypto, an arithmetic or hash 383 * module (e.g. platform specific assembly optimized implementations). Keep 384 * in mind that the function prototypes should remain the same. 385 * 386 * This replaces the whole module. If you only want to replace one of the 387 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. 388 * 389 * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer 390 * provide the "struct mbedtls_aes_context" definition and omit the base 391 * function declarations and implementations. "aes_alt.h" will be included from 392 * "aes.h" to include the new function definitions. 393 * 394 * Uncomment a macro to enable alternate implementation of the corresponding 395 * module. 396 * 397 * \warning MD5, DES and SHA-1 are considered weak and their 398 * use constitutes a security risk. If possible, we recommend 399 * avoiding dependencies on them, and considering stronger message 400 * digests and ciphers instead. 401 * 402 */ 403 /* #define MBEDTLS_AES_ALT */ 404 /* #define MBEDTLS_ARIA_ALT */ 405 /* #define MBEDTLS_CAMELLIA_ALT */ 406 /* #define MBEDTLS_CCM_ALT */ 407 /* #define MBEDTLS_CHACHA20_ALT */ 408 /* #define MBEDTLS_CHACHAPOLY_ALT */ 409 /* #define MBEDTLS_CMAC_ALT */ 410 /* #define MBEDTLS_DES_ALT */ 411 /* #define MBEDTLS_DHM_ALT */ 412 /* #define MBEDTLS_ECJPAKE_ALT */ 413 /* #define MBEDTLS_GCM_ALT */ 414 /* #define MBEDTLS_NIST_KW_ALT */ 415 /* #define MBEDTLS_MD5_ALT */ 416 /* #define MBEDTLS_POLY1305_ALT */ 417 /* #define MBEDTLS_RIPEMD160_ALT */ 418 /* #define MBEDTLS_RSA_ALT */ 419 /* #define MBEDTLS_SHA1_ALT */ 420 /* #define MBEDTLS_SHA256_ALT */ 421 /* #define MBEDTLS_SHA512_ALT */ 422 423 /* 424 * When replacing the elliptic curve module, please consider, that it is 425 * implemented with two .c files: 426 * - ecp.c 427 * - ecp_curves.c 428 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT 429 * macros as described above. The only difference is that you have to make sure 430 * that you provide functionality for both .c files. 431 */ 432 /* #define MBEDTLS_ECP_ALT */ 433 434 /** 435 * \def MBEDTLS_SHA256_PROCESS_ALT 436 * 437 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you 438 * alternate core implementation of symmetric crypto or hash function. Keep in 439 * mind that function prototypes should remain the same. 440 * 441 * This replaces only one function. The header file from Mbed TLS is still 442 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. 443 * 444 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will 445 * no longer provide the mbedtls_sha1_process() function, but it will still provide 446 * the other function (using your mbedtls_sha1_process() function) and the definition 447 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible 448 * with this definition. 449 * 450 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set 451 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES 452 * tables. 453 * 454 * Uncomment a macro to enable alternate implementation of the corresponding 455 * function. 456 * 457 * \warning MD5, DES and SHA-1 are considered weak and their use 458 * constitutes a security risk. If possible, we recommend avoiding 459 * dependencies on them, and considering stronger message digests 460 * and ciphers instead. 461 * 462 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are 463 * enabled, then the deterministic ECDH signature functions pass the 464 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore 465 * alternative implementations should use the RNG only for generating 466 * the ephemeral key and nothing else. If this is not possible, then 467 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative 468 * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). 469 * 470 */ 471 /* #define MBEDTLS_MD5_PROCESS_ALT */ 472 /* #define MBEDTLS_RIPEMD160_PROCESS_ALT */ 473 /* #define MBEDTLS_SHA1_PROCESS_ALT */ 474 /* #define MBEDTLS_SHA256_PROCESS_ALT */ 475 /* #define MBEDTLS_SHA512_PROCESS_ALT */ 476 /* #define MBEDTLS_DES_SETKEY_ALT */ 477 /* #define MBEDTLS_DES_CRYPT_ECB_ALT */ 478 /* #define MBEDTLS_DES3_CRYPT_ECB_ALT */ 479 /* #define MBEDTLS_AES_SETKEY_ENC_ALT */ 480 /* #define MBEDTLS_AES_SETKEY_DEC_ALT */ 481 /* #define MBEDTLS_AES_ENCRYPT_ALT */ 482 /* #define MBEDTLS_AES_DECRYPT_ALT */ 483 /* #define MBEDTLS_ECDH_GEN_PUBLIC_ALT */ 484 /* #define MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ 485 /* #define MBEDTLS_ECDSA_VERIFY_ALT */ 486 /* #define MBEDTLS_ECDSA_SIGN_ALT */ 487 /* #define MBEDTLS_ECDSA_GENKEY_ALT */ 488 489 /** 490 * \def MBEDTLS_ECP_INTERNAL_ALT 491 * 492 * Expose a part of the internal interface of the Elliptic Curve Point module. 493 * 494 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your 495 * alternative core implementation of elliptic curve arithmetic. Keep in mind 496 * that function prototypes should remain the same. 497 * 498 * This partially replaces one function. The header file from Mbed TLS is still 499 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation 500 * is still present and it is used for group structures not supported by the 501 * alternative. 502 * 503 * The original implementation can in addition be removed by setting the 504 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the 505 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be 506 * able to fallback to curves not supported by the alternative implementation. 507 * 508 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT 509 * and implementing the following functions: 510 * unsigned char mbedtls_internal_ecp_grp_capable( 511 * const mbedtls_ecp_group *grp ) 512 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) 513 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) 514 * The mbedtls_internal_ecp_grp_capable function should return 1 if the 515 * replacement functions implement arithmetic for the given group and 0 516 * otherwise. 517 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are 518 * called before and after each point operation and provide an opportunity to 519 * implement optimized set up and tear down instructions. 520 * 521 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and 522 * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() 523 * function, but will use your mbedtls_internal_ecp_double_jac() if the group 524 * for the operation is supported by your implementation (i.e. your 525 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the 526 * group is not supported by your implementation, then the original Mbed TLS 527 * implementation of ecp_double_jac() is used instead, unless this fallback 528 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case 529 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). 530 * 531 * The function prototypes and the definition of mbedtls_ecp_group and 532 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your 533 * implementation of mbedtls_internal_ecp__function_name__ must be compatible 534 * with their definitions. 535 * 536 * Uncomment a macro to enable alternate implementation of the corresponding 537 * function. 538 */ 539 /* Required for all the functions in this section */ 540 /* #define MBEDTLS_ECP_INTERNAL_ALT */ 541 /* Turn off software fallback for curves not supported in hardware */ 542 /* #define MBEDTLS_ECP_NO_FALLBACK */ 543 /* Support for Weierstrass curves with Jacobi representation */ 544 /* #define MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ 545 /* #define MBEDTLS_ECP_ADD_MIXED_ALT */ 546 /* #define MBEDTLS_ECP_DOUBLE_JAC_ALT */ 547 /* #define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ 548 /* #define MBEDTLS_ECP_NORMALIZE_JAC_ALT */ 549 /* Support for curves with Montgomery arithmetic */ 550 /* #define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ 551 /* #define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ 552 /* #define MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ 553 554 /** 555 * \def MBEDTLS_ENTROPY_HARDWARE_ALT 556 * 557 * Uncomment this macro to let Mbed TLS use your own implementation of a 558 * hardware entropy collector. 559 * 560 * Your function must be called \c mbedtls_hardware_poll(), have the same 561 * prototype as declared in library/entropy_poll.h, and accept NULL as first 562 * argument. 563 * 564 * Uncomment to use your own hardware entropy collector. 565 */ 566 #define MBEDTLS_ENTROPY_HARDWARE_ALT 567 568 /** 569 * \def MBEDTLS_AES_ROM_TABLES 570 * 571 * Use precomputed AES tables stored in ROM. 572 * 573 * Uncomment this macro to use precomputed AES tables stored in ROM. 574 * Comment this macro to generate AES tables in RAM at runtime. 575 * 576 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb 577 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the 578 * initialization time before the first AES operation can be performed. 579 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c 580 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded 581 * performance if ROM access is slower than RAM access. 582 * 583 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. 584 */ 585 #define MBEDTLS_AES_ROM_TABLES 586 587 /** 588 * \def MBEDTLS_AES_FEWER_TABLES 589 * 590 * Use less ROM/RAM for AES tables. 591 * 592 * Uncommenting this macro omits 75% of the AES tables from 593 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) 594 * by computing their values on the fly during operations 595 * (the tables are entry-wise rotations of one another). 596 * 597 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint 598 * by ~6kb but at the cost of more arithmetic operations during 599 * runtime. Specifically, one has to compare 4 accesses within 600 * different tables to 4 accesses with additional arithmetic 601 * operations within the same table. The performance gain/loss 602 * depends on the system and memory details. 603 * 604 * This option is independent of \c MBEDTLS_AES_ROM_TABLES. 605 */ 606 /* #define MBEDTLS_AES_FEWER_TABLES */ 607 608 /** 609 * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 610 * 611 * Use only 128-bit keys in AES operations to save ROM. 612 * 613 * Uncomment this macro to remove support for AES operations that use 192- 614 * or 256-bit keys. 615 * 616 * Uncommenting this macro reduces the size of AES code by ~300 bytes 617 * on v8-M/Thumb2. 618 * 619 * Module: library/aes.c 620 * 621 * Requires: MBEDTLS_AES_C 622 */ 623 /* #define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ 624 625 /* 626 * Disable plain C implementation for AES. 627 * 628 * When the plain C implementation is enabled, and an implementation using a 629 * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime 630 * detection will be used to select between them. 631 * 632 * If only one implementation is present, runtime detection will not be used. 633 * This configuration will crash at runtime if running on a CPU without the 634 * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C 635 * and/or MBEDTLS_AESNI_C is enabled & present in the build. 636 */ 637 /* #define MBEDTLS_AES_USE_HARDWARE_ONLY */ 638 639 /** 640 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY 641 * 642 * Use less ROM for the Camellia implementation (saves about 768 bytes). 643 * 644 * Uncomment this macro to use less memory for Camellia. 645 */ 646 /* #define MBEDTLS_CAMELLIA_SMALL_MEMORY */ 647 648 /** 649 * \def MBEDTLS_CHECK_RETURN_WARNING 650 * 651 * If this macro is defined, emit a compile-time warning if application code 652 * calls a function without checking its return value, but the return value 653 * should generally be checked in portable applications. 654 * 655 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is 656 * implemented. Otherwise this option has no effect. 657 * 658 * Uncomment to get warnings on using fallible functions without checking 659 * their return value. 660 * 661 * \note This feature is a work in progress. 662 * Warnings will be added to more functions in the future. 663 * 664 * \note A few functions are considered critical, and ignoring the return 665 * value of these functions will trigger a warning even if this 666 * macro is not defined. To completely disable return value check 667 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion. 668 */ 669 /* #define MBEDTLS_CHECK_RETURN_WARNING */ 670 671 /** 672 * \def MBEDTLS_CIPHER_MODE_CBC 673 * 674 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. 675 */ 676 #define MBEDTLS_CIPHER_MODE_CBC 677 678 /** 679 * \def MBEDTLS_CIPHER_MODE_CFB 680 * 681 * Enable Cipher Feedback mode (CFB) for symmetric ciphers. 682 */ 683 #define MBEDTLS_CIPHER_MODE_CFB 684 685 /** 686 * \def MBEDTLS_CIPHER_MODE_CTR 687 * 688 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. 689 */ 690 #define MBEDTLS_CIPHER_MODE_CTR 691 692 /** 693 * \def MBEDTLS_CIPHER_MODE_OFB 694 * 695 * Enable Output Feedback mode (OFB) for symmetric ciphers. 696 */ 697 #define MBEDTLS_CIPHER_MODE_OFB 698 699 /** 700 * \def MBEDTLS_CIPHER_MODE_XTS 701 * 702 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. 703 */ 704 #define MBEDTLS_CIPHER_MODE_XTS 705 706 /** 707 * \def MBEDTLS_CIPHER_NULL_CIPHER 708 * 709 * Enable NULL cipher. 710 * Warning: Only do so when you know what you are doing. This allows for 711 * encryption or channels without any security! 712 * 713 * To enable the following ciphersuites: 714 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 715 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 716 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 717 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 718 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 719 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 720 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 721 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 722 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 723 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 724 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 725 * MBEDTLS_TLS_RSA_WITH_NULL_SHA 726 * MBEDTLS_TLS_RSA_WITH_NULL_MD5 727 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 728 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 729 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 730 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 731 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 732 * MBEDTLS_TLS_PSK_WITH_NULL_SHA 733 * 734 * Uncomment this macro to enable the NULL cipher and ciphersuites 735 */ 736 /* #define MBEDTLS_CIPHER_NULL_CIPHER */ 737 738 /** 739 * \def MBEDTLS_CIPHER_PADDING_PKCS7 740 * 741 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for 742 * specific padding modes in the cipher layer with cipher modes that support 743 * padding (e.g. CBC) 744 * 745 * If you disable all padding modes, only full blocks can be used with CBC. 746 * 747 * Enable padding modes in the cipher layer. 748 */ 749 #define MBEDTLS_CIPHER_PADDING_PKCS7 750 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS 751 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN 752 #define MBEDTLS_CIPHER_PADDING_ZEROS 753 754 /** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY 755 * 756 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. 757 * Without this, CTR_DRBG uses a 256-bit key 758 * unless \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. 759 */ 760 /* #define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ 761 762 /** 763 * Enable the verified implementations of ECDH primitives from Project Everest 764 * (currently only Curve25519). This feature changes the layout of ECDH 765 * contexts and therefore is a compatibility break for applications that access 766 * fields of a mbedtls_ecdh_context structure directly. See also 767 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. 768 */ 769 /* #define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ 770 771 /** 772 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED 773 * 774 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve 775 * module. By default all supported curves are enabled. 776 * 777 * Comment macros to disable the curve and functions for it 778 */ 779 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ 780 /* #define MBEDTLS_ECP_DP_SECP192R1_ENABLED */ 781 /* #define MBEDTLS_ECP_DP_SECP224R1_ENABLED */ 782 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED 783 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED 784 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED 785 /* #define MBEDTLS_ECP_DP_SECP192K1_ENABLED */ 786 /* #define MBEDTLS_ECP_DP_SECP224K1_ENABLED */ 787 /* #define MBEDTLS_ECP_DP_SECP256K1_ENABLED */ 788 /* #define MBEDTLS_ECP_DP_BP256R1_ENABLED */ 789 /* #define MBEDTLS_ECP_DP_BP384R1_ENABLED */ 790 /* #define MBEDTLS_ECP_DP_BP512R1_ENABLED */ 791 /* Montgomery curves (supporting ECP) */ 792 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED 793 #define MBEDTLS_ECP_DP_CURVE448_ENABLED 794 795 /** 796 * \def MBEDTLS_ECP_NIST_OPTIM 797 * 798 * Enable specific 'modulo p' routines for each NIST prime. 799 * Depending on the prime and architecture, makes operations 4 to 8 times 800 * faster on the corresponding curve. 801 * 802 * Comment this macro to disable NIST curves optimisation. 803 */ 804 #define MBEDTLS_ECP_NIST_OPTIM 805 806 /** 807 * \def MBEDTLS_ECP_RESTARTABLE 808 * 809 * Enable "non-blocking" ECC operations that can return early and be resumed. 810 * 811 * This allows various functions to pause by returning 812 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, 813 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in 814 * order to further progress and eventually complete their operation. This is 815 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum 816 * number of ECC operations a function may perform before pausing; see 817 * mbedtls_ecp_set_max_ops() for more information. 818 * 819 * This is useful in non-threaded environments if you want to avoid blocking 820 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. 821 * 822 * This option: 823 * - Adds xxx_restartable() variants of existing operations in the 824 * following modules, with corresponding restart context types: 825 * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), 826 * linear combination (muladd); 827 * - ECDSA: signature generation & verification; 828 * - PK: signature generation & verification; 829 * - X509: certificate chain verification. 830 * - Adds mbedtls_ecdh_enable_restart() in the ECDH module. 831 * - Changes the behaviour of TLS 1.2 clients (not servers) when using the 832 * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC 833 * computations restartable: 834 * - ECDH operations from the key exchange, only for Short Weierstrass 835 * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled. 836 * - verification of the server's key exchange signature; 837 * - verification of the server's certificate chain; 838 * - generation of the client's signature if client authentication is used, 839 * with an ECC key/certificate. 840 * 841 * \note In the cases above, the usual SSL/TLS functions, such as 842 * mbedtls_ssl_handshake(), can now return 843 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. 844 * 845 * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled, 846 * restartable operations in PK, X.509 and TLS (see above) are not 847 * using PSA. On the other hand, ECDH computations in TLS are using 848 * PSA, and are not restartable. These are temporary limitations that 849 * should be lifted in the future. 850 * 851 * \note This option only works with the default software implementation of 852 * elliptic curve functionality. It is incompatible with 853 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. 854 * 855 * Requires: MBEDTLS_ECP_C 856 * 857 * Uncomment this macro to enable restartable ECC computations. 858 */ 859 /* #define MBEDTLS_ECP_RESTARTABLE */ 860 861 /** 862 * Uncomment to enable using new bignum code in the ECC modules. 863 * 864 * \warning This is currently experimental, incomplete and therefore should not 865 * be used in production. 866 */ 867 /* #define MBEDTLS_ECP_WITH_MPI_UINT */ 868 869 /** 870 * \def MBEDTLS_ECDSA_DETERMINISTIC 871 * 872 * Enable deterministic ECDSA (RFC 6979). 873 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing 874 * may result in a compromise of the long-term signing key. This is avoided by 875 * the deterministic variant. 876 * 877 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C 878 * 879 * Comment this macro to disable deterministic ECDSA. 880 */ 881 #define MBEDTLS_ECDSA_DETERMINISTIC 882 883 /** 884 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 885 * 886 * Enable the PSK based ciphersuite modes in SSL / TLS. 887 * 888 * This enables the following ciphersuites (if other requisites are 889 * enabled as well): 890 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 891 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 892 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 893 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 894 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 895 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 896 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 897 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 898 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 899 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 900 */ 901 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 902 903 /** 904 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 905 * 906 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. 907 * 908 * Requires: MBEDTLS_DHM_C 909 * 910 * This enables the following ciphersuites (if other requisites are 911 * enabled as well): 912 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 913 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 914 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 915 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 916 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 917 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 918 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 919 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 920 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 921 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 922 * 923 * \warning Using DHE constitutes a security risk as it 924 * is not possible to validate custom DH parameters. 925 * If possible, it is recommended users should consider 926 * preferring other methods of key exchange. 927 * See dhm.h for more details. 928 * 929 */ 930 /* #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 931 932 /** 933 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 934 * 935 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. 936 * 937 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 938 * 939 * This enables the following ciphersuites (if other requisites are 940 * enabled as well): 941 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 942 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 943 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 944 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 945 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 946 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 947 */ 948 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 949 950 /** 951 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 952 * 953 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. 954 * 955 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 956 * MBEDTLS_X509_CRT_PARSE_C 957 * 958 * This enables the following ciphersuites (if other requisites are 959 * enabled as well): 960 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 961 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 962 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 963 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 964 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 965 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 966 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 967 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 968 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 969 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 970 */ 971 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 972 973 /** 974 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 975 * 976 * Enable the RSA-only based ciphersuite modes in SSL / TLS. 977 * 978 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 979 * MBEDTLS_X509_CRT_PARSE_C 980 * 981 * This enables the following ciphersuites (if other requisites are 982 * enabled as well): 983 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 984 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 985 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 986 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 987 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 988 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 989 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 990 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 991 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 992 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 993 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 994 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 995 */ 996 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 997 998 /** 999 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 1000 * 1001 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. 1002 * 1003 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, 1004 * MBEDTLS_X509_CRT_PARSE_C 1005 * 1006 * This enables the following ciphersuites (if other requisites are 1007 * enabled as well): 1008 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 1009 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 1010 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 1011 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 1012 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 1013 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 1014 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 1015 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 1016 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 1017 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 1018 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 1019 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 1020 * 1021 * \warning Using DHE constitutes a security risk as it 1022 * is not possible to validate custom DH parameters. 1023 * If possible, it is recommended users should consider 1024 * preferring other methods of key exchange. 1025 * See dhm.h for more details. 1026 * 1027 */ 1028 /* #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 1029 1030 /** 1031 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1032 * 1033 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. 1034 * 1035 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1036 * MBEDTLS_RSA_C 1037 * MBEDTLS_PKCS1_V15 1038 * MBEDTLS_X509_CRT_PARSE_C 1039 * 1040 * This enables the following ciphersuites (if other requisites are 1041 * enabled as well): 1042 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 1043 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 1044 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 1045 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 1046 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 1047 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 1048 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 1049 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 1050 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 1051 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 1052 */ 1053 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 1054 1055 /** 1056 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1057 * 1058 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. 1059 * 1060 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1061 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1062 * MBEDTLS_X509_CRT_PARSE_C 1063 * 1064 * This enables the following ciphersuites (if other requisites are 1065 * enabled as well): 1066 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 1067 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 1068 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 1069 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 1070 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 1071 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 1072 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 1073 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 1074 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 1075 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 1076 */ 1077 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 1078 1079 /** 1080 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 1081 * 1082 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. 1083 * 1084 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1085 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1086 * MBEDTLS_X509_CRT_PARSE_C 1087 * 1088 * This enables the following ciphersuites (if other requisites are 1089 * enabled as well): 1090 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 1091 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 1092 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 1093 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 1094 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 1095 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 1096 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 1097 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 1098 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 1099 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 1100 */ 1101 /* #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 1102 1103 /** 1104 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1105 * 1106 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. 1107 * 1108 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) 1109 * MBEDTLS_RSA_C 1110 * MBEDTLS_X509_CRT_PARSE_C 1111 * 1112 * This enables the following ciphersuites (if other requisites are 1113 * enabled as well): 1114 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 1115 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 1116 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 1117 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 1118 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 1119 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 1120 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 1121 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 1122 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 1123 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 1124 */ 1125 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 1126 1127 /** 1128 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 1129 * 1130 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. 1131 * 1132 * \warning This is currently experimental. EC J-PAKE support is based on the 1133 * Thread v1.0.0 specification; incompatible changes to the specification 1134 * might still happen. For this reason, this is disabled by default. 1135 * 1136 * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE) 1137 * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver) 1138 * MBEDTLS_ECP_DP_SECP256R1_ENABLED 1139 * 1140 * \warning If SHA-256 is provided only by a PSA driver, you must call 1141 * psa_crypto_init() before the first hanshake (even if 1142 * MBEDTLS_USE_PSA_CRYPTO is disabled). 1143 * 1144 * This enables the following ciphersuites (if other requisites are 1145 * enabled as well): 1146 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 1147 */ 1148 /* #define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ 1149 1150 /** 1151 * \def MBEDTLS_PK_PARSE_EC_EXTENDED 1152 * 1153 * Enhance support for reading EC keys using variants of SEC1 not allowed by 1154 * RFC 5915 and RFC 5480. 1155 * 1156 * Currently this means parsing the SpecifiedECDomain choice of EC 1157 * parameters (only known groups are supported, not arbitrary domains, to 1158 * avoid validation issues). 1159 * 1160 * Disable if you only need to support RFC 5915 + 5480 key formats. 1161 */ 1162 #define MBEDTLS_PK_PARSE_EC_EXTENDED 1163 1164 /** 1165 * \def MBEDTLS_PK_PARSE_EC_COMPRESSED 1166 * 1167 * Enable the support for parsing public keys of type Short Weierstrass 1168 * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the 1169 * compressed point format. This parsing is done through ECP module's functions. 1170 * 1171 * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h) 1172 * the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and 1173 * MBEDTLS_ECP_DP_SECP224K1. 1174 */ 1175 #define MBEDTLS_PK_PARSE_EC_COMPRESSED 1176 1177 /** 1178 * \def MBEDTLS_ERROR_STRERROR_DUMMY 1179 * 1180 * Enable a dummy error function to make use of mbedtls_strerror() in 1181 * third party libraries easier when MBEDTLS_ERROR_C is disabled 1182 * (no effect when MBEDTLS_ERROR_C is enabled). 1183 * 1184 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're 1185 * not using mbedtls_strerror() or error_strerror() in your application. 1186 * 1187 * Disable if you run into name conflicts and want to really remove the 1188 * mbedtls_strerror() 1189 */ 1190 #define MBEDTLS_ERROR_STRERROR_DUMMY 1191 1192 /** 1193 * \def MBEDTLS_GENPRIME 1194 * 1195 * Enable the prime-number generation code. 1196 * 1197 * Requires: MBEDTLS_BIGNUM_C 1198 */ 1199 #define MBEDTLS_GENPRIME 1200 1201 /** 1202 * \def MBEDTLS_FS_IO 1203 * 1204 * Enable functions that use the filesystem. 1205 */ 1206 /* #define MBEDTLS_FS_IO */ 1207 1208 /** 1209 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES 1210 * 1211 * Do not add default entropy sources in mbedtls_entropy_init(). 1212 * 1213 * This is useful to have more control over the added entropy sources in an 1214 * application. 1215 * 1216 * Uncomment this macro to prevent loading of default entropy functions. 1217 */ 1218 /* #define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ 1219 1220 /** 1221 * \def MBEDTLS_NO_PLATFORM_ENTROPY 1222 * 1223 * Do not use built-in platform entropy functions. 1224 * This is useful if your platform does not support 1225 * standards like the /dev/urandom or Windows CryptoAPI. 1226 * 1227 * Uncomment this macro to disable the built-in platform entropy functions. 1228 */ 1229 #define MBEDTLS_NO_PLATFORM_ENTROPY 1230 1231 /** 1232 * \def MBEDTLS_ENTROPY_FORCE_SHA256 1233 * 1234 * Force the entropy accumulator to use a SHA-256 accumulator instead of the 1235 * default SHA-512 based one (if both are available). 1236 * 1237 * Requires: MBEDTLS_SHA256_C 1238 * 1239 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option 1240 * if you have performance concerns. 1241 * 1242 * This option is only useful if both MBEDTLS_SHA256_C and 1243 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. 1244 */ 1245 /* #define MBEDTLS_ENTROPY_FORCE_SHA256 */ 1246 1247 /** 1248 * \def MBEDTLS_ENTROPY_NV_SEED 1249 * 1250 * Enable the non-volatile (NV) seed file-based entropy source. 1251 * (Also enables the NV seed read/write functions in the platform layer) 1252 * 1253 * This is crucial (if not required) on systems that do not have a 1254 * cryptographic entropy source (in hardware or kernel) available. 1255 * 1256 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C 1257 * 1258 * \note The read/write functions that are used by the entropy source are 1259 * determined in the platform layer, and can be modified at runtime and/or 1260 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. 1261 * 1262 * \note If you use the default implementation functions that read a seedfile 1263 * with regular fopen(), please make sure you make a seedfile with the 1264 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at 1265 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from 1266 * and written to or you will get an entropy source error! The default 1267 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE 1268 * bytes from the file. 1269 * 1270 * \note The entropy collector will write to the seed file before entropy is 1271 * given to an external source, to update it. 1272 */ 1273 /* #define MBEDTLS_ENTROPY_NV_SEED */ 1274 1275 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 1276 * 1277 * Enable key identifiers that encode a key owner identifier. 1278 * 1279 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t 1280 * which is currently hard-coded to be int32_t. 1281 * 1282 * Note that this option is meant for internal use only and may be removed 1283 * without notice. 1284 */ 1285 /* #define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ 1286 1287 /** 1288 * \def MBEDTLS_MEMORY_DEBUG 1289 * 1290 * Enable debugging of buffer allocator memory issues. Automatically prints 1291 * (to stderr) all (fatal) messages on memory allocation issues. Enables 1292 * function for 'debug output' of allocated memory. 1293 * 1294 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1295 * 1296 * Uncomment this macro to let the buffer allocator print out error messages. 1297 */ 1298 /* #define MBEDTLS_MEMORY_DEBUG */ 1299 1300 /** 1301 * \def MBEDTLS_MEMORY_BACKTRACE 1302 * 1303 * Include backtrace information with each allocated block. 1304 * 1305 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C 1306 * GLIBC-compatible backtrace() and backtrace_symbols() support 1307 * 1308 * Uncomment this macro to include backtrace information 1309 */ 1310 /* #define MBEDTLS_MEMORY_BACKTRACE */ 1311 1312 /** 1313 * \def MBEDTLS_PK_RSA_ALT_SUPPORT 1314 * 1315 * Support external private RSA keys (eg from a HSM) in the PK layer. 1316 * 1317 * Comment this macro to disable support for external private RSA keys. 1318 */ 1319 /* #define MBEDTLS_PK_RSA_ALT_SUPPORT */ 1320 1321 /** 1322 * \def MBEDTLS_PKCS1_V15 1323 * 1324 * Enable support for PKCS#1 v1.5 encoding. 1325 * 1326 * Requires: MBEDTLS_RSA_C 1327 * 1328 * This enables support for PKCS#1 v1.5 operations. 1329 */ 1330 #define MBEDTLS_PKCS1_V15 1331 1332 /** 1333 * \def MBEDTLS_PKCS1_V21 1334 * 1335 * Enable support for PKCS#1 v2.1 encoding. 1336 * 1337 * Requires: MBEDTLS_RSA_C 1338 * 1339 * \warning If using a hash that is only provided by PSA drivers, you must 1340 * call psa_crypto_init() before doing any PKCS#1 v2.1 operation. 1341 * 1342 * This enables support for RSAES-OAEP and RSASSA-PSS operations. 1343 */ 1344 #define MBEDTLS_PKCS1_V21 1345 1346 /** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS 1347 * 1348 * Enable support for platform built-in keys. If you enable this feature, 1349 * you must implement the function mbedtls_psa_platform_get_builtin_key(). 1350 * See the documentation of that function for more information. 1351 * 1352 * Built-in keys are typically derived from a hardware unique key or 1353 * stored in a secure element. 1354 * 1355 * Requires: MBEDTLS_PSA_CRYPTO_C. 1356 * 1357 * \warning This interface is experimental and may change or be removed 1358 * without notice. 1359 */ 1360 /* #define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ 1361 1362 /** \def MBEDTLS_PSA_CRYPTO_CLIENT 1363 * 1364 * Enable support for PSA crypto client. 1365 * 1366 * \note This option allows to include the code necessary for a PSA 1367 * crypto client when the PSA crypto implementation is not included in 1368 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the 1369 * code to set and get PSA key attributes. 1370 * The development of PSA drivers partially relying on the library to 1371 * fulfill the hardware gaps is another possible usage of this option. 1372 * 1373 * \warning This interface is experimental and may change or be removed 1374 * without notice. 1375 */ 1376 /* #define MBEDTLS_PSA_CRYPTO_CLIENT */ 1377 1378 /** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG 1379 * 1380 * Make the PSA Crypto module use an external random generator provided 1381 * by a driver, instead of Mbed TLS's entropy and DRBG modules. 1382 * 1383 * \note This random generator must deliver random numbers with cryptographic 1384 * quality and high performance. It must supply unpredictable numbers 1385 * with a uniform distribution. The implementation of this function 1386 * is responsible for ensuring that the random generator is seeded 1387 * with sufficient entropy. If you have a hardware TRNG which is slow 1388 * or delivers non-uniform output, declare it as an entropy source 1389 * with mbedtls_entropy_add_source() instead of enabling this option. 1390 * 1391 * If you enable this option, you must configure the type 1392 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h 1393 * and define a function called mbedtls_psa_external_get_random() 1394 * with the following prototype: 1395 * ``` 1396 * psa_status_t mbedtls_psa_external_get_random( 1397 * mbedtls_psa_external_random_context_t *context, 1398 * uint8_t *output, size_t output_size, size_t *output_length); 1399 * ); 1400 * ``` 1401 * The \c context value is initialized to 0 before the first call. 1402 * The function must fill the \c output buffer with \c output_size bytes 1403 * of random data and set \c *output_length to \c output_size. 1404 * 1405 * Requires: MBEDTLS_PSA_CRYPTO_C 1406 * 1407 * \warning If you enable this option, code that uses the PSA cryptography 1408 * interface will not use any of the entropy sources set up for 1409 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED 1410 * enables. 1411 * 1412 * \note This option is experimental and may be removed without notice. 1413 */ 1414 /* #define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ 1415 1416 /** 1417 * \def MBEDTLS_PSA_CRYPTO_SPM 1418 * 1419 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure 1420 * Partition Manager) integration which separates the code into two parts: a 1421 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process 1422 * Environment). 1423 * 1424 * If you enable this option, your build environment must include a header 1425 * file `"crypto_spe.h"` (either in the `psa` subdirectory of the Mbed TLS 1426 * header files, or in another directory on the compiler's include search 1427 * path). Alternatively, your platform may customize the header 1428 * `psa/crypto_platform.h`, in which case it can skip or replace the 1429 * inclusion of `"crypto_spe.h"`. 1430 * 1431 * Module: library/psa_crypto.c 1432 * Requires: MBEDTLS_PSA_CRYPTO_C 1433 * 1434 */ 1435 /* #define MBEDTLS_PSA_CRYPTO_SPM */ 1436 1437 /** 1438 * Uncomment to enable p256-m. This is an alternative implementation of 1439 * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1. 1440 * Compared to the default implementation: 1441 * 1442 * - p256-m has a much smaller code size and RAM footprint. 1443 * - p256-m is only available via the PSA API. This includes the pk module 1444 * when #MBEDTLS_USE_PSA_CRYPTO is enabled. 1445 * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols 1446 * over the core arithmetic, or deterministic derivation of keys. 1447 * 1448 * We recommend enabling this option if your application uses the PSA API 1449 * and the only elliptic curve support it needs is ECDH and ECDSA over 1450 * SECP256R1. 1451 * 1452 * If you enable this option, you do not need to enable any ECC-related 1453 * MBEDTLS_xxx option. You do need to separately request support for the 1454 * cryptographic mechanisms through the PSA API: 1455 * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based 1456 * configuration; 1457 * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS; 1458 * - #PSA_WANT_ECC_SECP_R1_256; 1459 * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed; 1460 * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, 1461 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT, 1462 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or 1463 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed. 1464 * 1465 * \note To benefit from the smaller code size of p256-m, make sure that you 1466 * do not enable any ECC-related option not supported by p256-m: this 1467 * would cause the built-in ECC implementation to be built as well, in 1468 * order to provide the required option. 1469 * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and 1470 * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than 1471 * SECP256R1 are disabled as they are not supported by this driver. 1472 * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or 1473 * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of 1474 * the built-in ECC implementation, see docs/driver-only-builds.md. 1475 */ 1476 /* #define MBEDTLS_PSA_P256M_DRIVER_ENABLED */ 1477 1478 /** 1479 * \def MBEDTLS_PSA_INJECT_ENTROPY 1480 * 1481 * Enable support for entropy injection at first boot. This feature is 1482 * required on systems that do not have a built-in entropy source (TRNG). 1483 * This feature is currently not supported on systems that have a built-in 1484 * entropy source. 1485 * 1486 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED 1487 * 1488 */ 1489 /* #define MBEDTLS_PSA_INJECT_ENTROPY */ 1490 1491 /** 1492 * \def MBEDTLS_RSA_NO_CRT 1493 * 1494 * Do not use the Chinese Remainder Theorem 1495 * for the RSA private operation. 1496 * 1497 * Uncomment this macro to disable the use of CRT in RSA. 1498 * 1499 */ 1500 /* #define MBEDTLS_RSA_NO_CRT */ 1501 1502 /** 1503 * \def MBEDTLS_SELF_TEST 1504 * 1505 * Enable the checkup functions (*_self_test). 1506 */ 1507 /* #define MBEDTLS_SELF_TEST */ 1508 1509 /** 1510 * \def MBEDTLS_SHA256_SMALLER 1511 * 1512 * Enable an implementation of SHA-256 that has lower ROM footprint but also 1513 * lower performance. 1514 * 1515 * The default implementation is meant to be a reasonable compromise between 1516 * performance and size. This version optimizes more aggressively for size at 1517 * the expense of performance. Eg on Cortex-M4 it reduces the size of 1518 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 1519 * 30%. 1520 * 1521 * Uncomment to enable the smaller implementation of SHA256. 1522 */ 1523 /* #define MBEDTLS_SHA256_SMALLER */ 1524 1525 /** 1526 * \def MBEDTLS_SHA512_SMALLER 1527 * 1528 * Enable an implementation of SHA-512 that has lower ROM footprint but also 1529 * lower performance. 1530 * 1531 * Uncomment to enable the smaller implementation of SHA512. 1532 */ 1533 /* #define MBEDTLS_SHA512_SMALLER */ 1534 1535 /** 1536 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES 1537 * 1538 * Enable sending of alert messages in case of encountered errors as per RFC. 1539 * If you choose not to send the alert messages, Mbed TLS can still communicate 1540 * with other servers, only debugging of failures is harder. 1541 * 1542 * The advantage of not sending alert messages, is that no information is given 1543 * about reasons for failures thus preventing adversaries of gaining intel. 1544 * 1545 * Enable sending of all alert messages 1546 */ 1547 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES 1548 1549 /** 1550 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID 1551 * 1552 * Enable support for the DTLS Connection ID (CID) extension, 1553 * which allows to identify DTLS connections across changes 1554 * in the underlying transport. The CID functionality is described 1555 * in RFC 9146. 1556 * 1557 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, 1558 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and 1559 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for 1560 * more information. 1561 * 1562 * The maximum lengths of outgoing and incoming CIDs can be configured 1563 * through the options 1564 * - MBEDTLS_SSL_CID_OUT_LEN_MAX 1565 * - MBEDTLS_SSL_CID_IN_LEN_MAX. 1566 * 1567 * Requires: MBEDTLS_SSL_PROTO_DTLS 1568 * 1569 * Uncomment to enable the Connection ID extension. 1570 */ 1571 /* #define MBEDTLS_SSL_DTLS_CONNECTION_ID */ 1572 1573 1574 /** 1575 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1576 * 1577 * Defines whether RFC 9146 (default) or the legacy version 1578 * (version draft-ietf-tls-dtls-connection-id-05, 1579 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) 1580 * is used. 1581 * 1582 * Set the value to 0 for the standard version, and 1583 * 1 for the legacy draft version. 1584 * 1585 * \deprecated Support for the legacy version of the DTLS 1586 * Connection ID feature is deprecated. Please 1587 * switch to the standardized version defined 1588 * in RFC 9146 enabled by utilizing 1589 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use 1590 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. 1591 * 1592 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID 1593 */ 1594 /* #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 */ 1595 1596 /** 1597 * \def MBEDTLS_SSL_ASYNC_PRIVATE 1598 * 1599 * Enable asynchronous external private key operations in SSL. This allows 1600 * you to configure an SSL connection to call an external cryptographic 1601 * module to perform private key operations instead of performing the 1602 * operation inside the library. 1603 * 1604 * Requires: MBEDTLS_X509_CRT_PARSE_C 1605 */ 1606 /* #define MBEDTLS_SSL_ASYNC_PRIVATE */ 1607 1608 /** 1609 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION 1610 * 1611 * Enable serialization of the TLS context structures, through use of the 1612 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load(). 1613 * 1614 * This pair of functions allows one side of a connection to serialize the 1615 * context associated with the connection, then free or re-use that context 1616 * while the serialized state is persisted elsewhere, and finally deserialize 1617 * that state to a live context for resuming read/write operations on the 1618 * connection. From a protocol perspective, the state of the connection is 1619 * unaffected, in particular this is entirely transparent to the peer. 1620 * 1621 * Note: this is distinct from TLS session resumption, which is part of the 1622 * protocol and fully visible by the peer. TLS session resumption enables 1623 * establishing new connections associated to a saved session with shorter, 1624 * lighter handshakes, while context serialization is a local optimization in 1625 * handling a single, potentially long-lived connection. 1626 * 1627 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are 1628 * saved after the handshake to allow for more efficient serialization, so if 1629 * you don't need this feature you'll save RAM by disabling it. 1630 * 1631 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C 1632 * 1633 * Comment to disable the context serialization APIs. 1634 */ 1635 /* #define MBEDTLS_SSL_CONTEXT_SERIALIZATION */ 1636 1637 /** 1638 * \def MBEDTLS_SSL_DEBUG_ALL 1639 * 1640 * Enable the debug messages in SSL module for all issues. 1641 * Debug messages have been disabled in some places to prevent timing 1642 * attacks due to (unbalanced) debugging function calls. 1643 * 1644 * If you need all error reporting you should enable this during debugging, 1645 * but remove this for production servers that should log as well. 1646 * 1647 * Uncomment this macro to report all debug messages on errors introducing 1648 * a timing side-channel. 1649 * 1650 */ 1651 /* #define MBEDTLS_SSL_DEBUG_ALL */ 1652 1653 /** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC 1654 * 1655 * Enable support for Encrypt-then-MAC, RFC 7366. 1656 * 1657 * This allows peers that both support it to use a more robust protection for 1658 * ciphersuites using CBC, providing deep resistance against timing attacks 1659 * on the padding or underlying cipher. 1660 * 1661 * This only affects CBC ciphersuites, and is useless if none is defined. 1662 * 1663 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1664 * 1665 * Comment this macro to disable support for Encrypt-then-MAC 1666 */ 1667 /* #define MBEDTLS_SSL_ENCRYPT_THEN_MAC */ 1668 1669 /** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET 1670 * 1671 * Enable support for RFC 7627: Session Hash and Extended Master Secret 1672 * Extension. 1673 * 1674 * This was introduced as "the proper fix" to the Triple Handshake family of 1675 * attacks, but it is recommended to always use it (even if you disable 1676 * renegotiation), since it actually fixes a more fundamental issue in the 1677 * original SSL/TLS design, and has implications beyond Triple Handshake. 1678 * 1679 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1680 * 1681 * Comment this macro to disable support for Extended Master Secret. 1682 */ 1683 /* #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ 1684 1685 /** 1686 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1687 * 1688 * This option controls the availability of the API mbedtls_ssl_get_peer_cert() 1689 * giving access to the peer's certificate after completion of the handshake. 1690 * 1691 * Unless you need mbedtls_ssl_peer_cert() in your application, it is 1692 * recommended to disable this option for reduced RAM usage. 1693 * 1694 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still 1695 * defined, but always returns \c NULL. 1696 * 1697 * \note This option has no influence on the protection against the 1698 * triple handshake attack. Even if it is disabled, Mbed TLS will 1699 * still ensure that certificates do not change during renegotiation, 1700 * for example by keeping a hash of the peer's certificate. 1701 * 1702 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set. 1703 * 1704 * Comment this macro to disable storing the peer's certificate 1705 * after the handshake. 1706 */ 1707 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1708 1709 /** 1710 * \def MBEDTLS_SSL_RENEGOTIATION 1711 * 1712 * Enable support for TLS renegotiation. 1713 * 1714 * The two main uses of renegotiation are (1) refresh keys on long-lived 1715 * connections and (2) client authentication after the initial handshake. 1716 * If you don't need renegotiation, it's probably better to disable it, since 1717 * it has been associated with security issues in the past and is easy to 1718 * misuse/misunderstand. 1719 * 1720 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1721 * 1722 * Comment this to disable support for renegotiation. 1723 * 1724 * \note Even if this option is disabled, both client and server are aware 1725 * of the Renegotiation Indication Extension (RFC 5746) used to 1726 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). 1727 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the 1728 * configuration of this extension). 1729 * 1730 */ 1731 /* #define MBEDTLS_SSL_RENEGOTIATION */ 1732 1733 /** 1734 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 1735 * 1736 * Enable support for RFC 6066 max_fragment_length extension in SSL. 1737 * 1738 * Comment this macro to disable support for the max_fragment_length extension 1739 */ 1740 /* #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ 1741 1742 /** 1743 * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT 1744 * 1745 * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). 1746 * 1747 * \warning This extension is currently in development and must NOT be used except 1748 * for testing purposes. 1749 * 1750 * Requires: MBEDTLS_SSL_PROTO_TLS1_3 1751 * 1752 * Uncomment this macro to enable support for the record_size_limit extension 1753 */ 1754 /* #define MBEDTLS_SSL_RECORD_SIZE_LIMIT */ 1755 1756 /** 1757 * \def MBEDTLS_SSL_PROTO_TLS1_2 1758 * 1759 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). 1760 * 1761 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and 1762 * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or 1763 * SHA-256 or SHA-512 provided by a PSA driver) 1764 * With MBEDTLS_USE_PSA_CRYPTO: 1765 * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384 1766 * 1767 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used 1768 * are only provided by PSA drivers, you must call psa_crypto_init() before 1769 * doing any TLS operations. 1770 * 1771 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 1772 */ 1773 #define MBEDTLS_SSL_PROTO_TLS1_2 1774 1775 /** 1776 * \def MBEDTLS_SSL_PROTO_TLS1_3 1777 * 1778 * Enable support for TLS 1.3. 1779 * 1780 * \note See docs/architecture/tls13-support.md for a description of the TLS 1781 * 1.3 support that this option enables. 1782 * 1783 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 1784 * Requires: MBEDTLS_PSA_CRYPTO_C 1785 * 1786 * \note TLS 1.3 uses PSA crypto for cryptographic operations that are 1787 * directly performed by TLS 1.3 code. As a consequence, you must 1788 * call psa_crypto_init() before the first TLS 1.3 handshake. 1789 * 1790 * \note Cryptographic operations performed indirectly via another module 1791 * (X.509, PK) or by code shared with TLS 1.2 (record protection, 1792 * running handshake hash) only use PSA crypto if 1793 * #MBEDTLS_USE_PSA_CRYPTO is enabled. 1794 * 1795 * Uncomment this macro to enable the support for TLS 1.3. 1796 */ 1797 #define MBEDTLS_SSL_PROTO_TLS1_3 1798 1799 /** 1800 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1801 * 1802 * Enable TLS 1.3 middlebox compatibility mode. 1803 * 1804 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility 1805 * mode to make a TLS 1.3 connection more likely to pass through middle boxes 1806 * expecting TLS 1.2 traffic. 1807 * 1808 * Turning on the compatibility mode comes at the cost of a few added bytes 1809 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations 1810 * that don't use it. Therefore, unless transmission bandwidth is critical and 1811 * you know that middlebox compatibility issues won't occur, it is therefore 1812 * recommended to set this option. 1813 * 1814 * Comment to disable compatibility mode for TLS 1.3. If 1815 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1816 * effect on the build. 1817 * 1818 */ 1819 #define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 1820 1821 /** 1822 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1823 * 1824 * Enable TLS 1.3 PSK key exchange mode. 1825 * 1826 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If 1827 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1828 * effect on the build. 1829 * 1830 */ 1831 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 1832 1833 /** 1834 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1835 * 1836 * Enable TLS 1.3 ephemeral key exchange mode. 1837 * 1838 * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH 1839 * MBEDTLS_X509_CRT_PARSE_C 1840 * and at least one of: 1841 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) 1842 * MBEDTLS_PKCS1_V21 1843 * 1844 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. 1845 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any 1846 * effect on the build. 1847 * 1848 */ 1849 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 1850 1851 /** 1852 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1853 * 1854 * Enable TLS 1.3 PSK ephemeral key exchange mode. 1855 * 1856 * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH 1857 * 1858 * Comment to disable support for the PSK ephemeral key exchange mode in 1859 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not 1860 * have any effect on the build. 1861 * 1862 */ 1863 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1864 1865 /** 1866 * \def MBEDTLS_SSL_EARLY_DATA 1867 * 1868 * Enable support for RFC 8446 TLS 1.3 early data. 1869 * 1870 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either 1871 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or 1872 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 1873 * 1874 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 1875 * is not enabled, this option does not have any effect on the build. 1876 * 1877 * This feature is experimental, not completed and thus not ready for 1878 * production. 1879 * 1880 * \note The maximum amount of early data can be set with 1881 * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. 1882 * 1883 */ 1884 /* #define MBEDTLS_SSL_EARLY_DATA */ 1885 1886 /** 1887 * \def MBEDTLS_SSL_PROTO_DTLS 1888 * 1889 * Enable support for DTLS (all available versions). 1890 * 1891 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. 1892 * 1893 * Requires: MBEDTLS_SSL_PROTO_TLS1_2 1894 * 1895 * Comment this macro to disable support for DTLS 1896 */ 1897 /* #define MBEDTLS_SSL_PROTO_DTLS */ 1898 1899 /** 1900 * \def MBEDTLS_SSL_ALPN 1901 * 1902 * Enable support for RFC 7301 Application Layer Protocol Negotiation. 1903 * 1904 * Comment this macro to disable support for ALPN. 1905 */ 1906 #define MBEDTLS_SSL_ALPN 1907 1908 /** 1909 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY 1910 * 1911 * Enable support for the anti-replay mechanism in DTLS. 1912 * 1913 * Requires: MBEDTLS_SSL_TLS_C 1914 * MBEDTLS_SSL_PROTO_DTLS 1915 * 1916 * \warning Disabling this is often a security risk! 1917 * See mbedtls_ssl_conf_dtls_anti_replay() for details. 1918 * 1919 * Comment this to disable anti-replay in DTLS. 1920 */ 1921 /* #define MBEDTLS_SSL_DTLS_ANTI_REPLAY */ 1922 1923 /** 1924 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY 1925 * 1926 * Enable support for HelloVerifyRequest on DTLS servers. 1927 * 1928 * This feature is highly recommended to prevent DTLS servers being used as 1929 * amplifiers in DoS attacks against other hosts. It should always be enabled 1930 * unless you know for sure amplification cannot be a problem in the 1931 * environment in which your server operates. 1932 * 1933 * \warning Disabling this can be a security risk! (see above) 1934 * 1935 * Requires: MBEDTLS_SSL_PROTO_DTLS 1936 * 1937 * Comment this to disable support for HelloVerifyRequest. 1938 */ 1939 /* #define MBEDTLS_SSL_DTLS_HELLO_VERIFY */ 1940 1941 /** 1942 * \def MBEDTLS_SSL_DTLS_SRTP 1943 * 1944 * Enable support for negotiation of DTLS-SRTP (RFC 5764) 1945 * through the use_srtp extension. 1946 * 1947 * \note This feature provides the minimum functionality required 1948 * to negotiate the use of DTLS-SRTP and to allow the derivation of 1949 * the associated SRTP packet protection key material. 1950 * In particular, the SRTP packet protection itself, as well as the 1951 * demultiplexing of RTP and DTLS packets at the datagram layer 1952 * (see Section 5 of RFC 5764), are not handled by this feature. 1953 * Instead, after successful completion of a handshake negotiating 1954 * the use of DTLS-SRTP, the extended key exporter API 1955 * mbedtls_ssl_conf_export_keys_cb() should be used to implement 1956 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705 1957 * (this is implemented in the SSL example programs). 1958 * The resulting key should then be passed to an SRTP stack. 1959 * 1960 * Setting this option enables the runtime API 1961 * mbedtls_ssl_conf_dtls_srtp_protection_profiles() 1962 * through which the supported DTLS-SRTP protection 1963 * profiles can be configured. You must call this API at 1964 * runtime if you wish to negotiate the use of DTLS-SRTP. 1965 * 1966 * Requires: MBEDTLS_SSL_PROTO_DTLS 1967 * 1968 * Uncomment this to enable support for use_srtp extension. 1969 */ 1970 /* #define MBEDTLS_SSL_DTLS_SRTP */ 1971 1972 /** 1973 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE 1974 * 1975 * Enable server-side support for clients that reconnect from the same port. 1976 * 1977 * Some clients unexpectedly close the connection and try to reconnect using the 1978 * same source port. This needs special support from the server to handle the 1979 * new connection securely, as described in section 4.2.8 of RFC 6347. This 1980 * flag enables that support. 1981 * 1982 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY 1983 * 1984 * Comment this to disable support for clients reusing the source port. 1985 */ 1986 /* #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ 1987 1988 /** 1989 * \def MBEDTLS_SSL_SESSION_TICKETS 1990 * 1991 * Enable support for RFC 5077 session tickets in SSL. 1992 * Client-side, provides full support for session tickets (maintenance of a 1993 * session store remains the responsibility of the application, though). 1994 * Server-side, you also need to provide callbacks for writing and parsing 1995 * tickets, including authenticated encryption and key management. Example 1996 * callbacks are provided by MBEDTLS_SSL_TICKET_C. 1997 * 1998 * Comment this macro to disable support for SSL session tickets 1999 */ 2000 #define MBEDTLS_SSL_SESSION_TICKETS 2001 2002 /** 2003 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION 2004 * 2005 * Enable support for RFC 6066 server name indication (SNI) in SSL. 2006 * 2007 * Requires: MBEDTLS_X509_CRT_PARSE_C 2008 * 2009 * Comment this macro to disable support for server name indication in SSL 2010 */ 2011 #define MBEDTLS_SSL_SERVER_NAME_INDICATION 2012 2013 /** 2014 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 2015 * 2016 * When this option is enabled, the SSL buffer will be resized automatically 2017 * based on the negotiated maximum fragment length in each direction. 2018 * 2019 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 2020 */ 2021 /* #define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ 2022 2023 /** 2024 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN 2025 * 2026 * Enable testing of the constant-flow nature of some sensitive functions with 2027 * clang's MemorySanitizer. This causes some existing tests to also test 2028 * this non-functional property of the code under test. 2029 * 2030 * This setting requires compiling with clang -fsanitize=memory. The test 2031 * suites can then be run normally. 2032 * 2033 * \warning This macro is only used for extended testing; it is not considered 2034 * part of the library's API, so it may change or disappear at any time. 2035 * 2036 * Uncomment to enable testing of the constant-flow nature of selected code. 2037 */ 2038 /* #define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ 2039 2040 /** 2041 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND 2042 * 2043 * Enable testing of the constant-flow nature of some sensitive functions with 2044 * valgrind's memcheck tool. This causes some existing tests to also test 2045 * this non-functional property of the code under test. 2046 * 2047 * This setting requires valgrind headers for building, and is only useful for 2048 * testing if the tests suites are run with valgrind's memcheck. This can be 2049 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when 2050 * using CMake, this can be done for all test suites with 'make memcheck'. 2051 * 2052 * \warning This macro is only used for extended testing; it is not considered 2053 * part of the library's API, so it may change or disappear at any time. 2054 * 2055 * Uncomment to enable testing of the constant-flow nature of selected code. 2056 */ 2057 /* #define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ 2058 2059 /** 2060 * \def MBEDTLS_TEST_HOOKS 2061 * 2062 * Enable features for invasive testing such as introspection functions and 2063 * hooks for fault injection. This enables additional unit tests. 2064 * 2065 * Merely enabling this feature should not change the behavior of the product. 2066 * It only adds new code, and new branching points where the default behavior 2067 * is the same as when this feature is disabled. 2068 * However, this feature increases the attack surface: there is an added 2069 * risk of vulnerabilities, and more gadgets that can make exploits easier. 2070 * Therefore this feature must never be enabled in production. 2071 * 2072 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more 2073 * information. 2074 * 2075 * Uncomment to enable invasive tests. 2076 */ 2077 /* #define MBEDTLS_TEST_HOOKS */ 2078 2079 /** 2080 * \def MBEDTLS_THREADING_ALT 2081 * 2082 * Provide your own alternate threading implementation. 2083 * 2084 * Requires: MBEDTLS_THREADING_C 2085 * 2086 * Uncomment this to allow your own alternate threading implementation. 2087 */ 2088 /* #define MBEDTLS_THREADING_ALT */ 2089 2090 /** 2091 * \def MBEDTLS_THREADING_PTHREAD 2092 * 2093 * Enable the pthread wrapper layer for the threading layer. 2094 * 2095 * Requires: MBEDTLS_THREADING_C 2096 * 2097 * Uncomment this to enable pthread mutexes. 2098 */ 2099 /* #define MBEDTLS_THREADING_PTHREAD */ 2100 2101 /** 2102 * \def MBEDTLS_USE_PSA_CRYPTO 2103 * 2104 * Make the X.509 and TLS libraries use PSA for cryptographic operations as 2105 * much as possible, and enable new APIs for using keys handled by PSA Crypto. 2106 * 2107 * \note Development of this option is currently in progress, and parts of Mbed 2108 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts 2109 * will still continue to work as usual, so enabling this option should not 2110 * break backwards compatibility. 2111 * 2112 * \warning If you enable this option, you need to call `psa_crypto_init()` 2113 * before calling any function from the SSL/TLS, X.509 or PK modules, except 2114 * for the various mbedtls_xxx_init() functions which can be called at any time. 2115 * 2116 * \note An important and desirable effect of this option is that it allows 2117 * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling 2118 * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in 2119 * those modules. However, note that even with this option disabled, some code 2120 * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it 2121 * can determine it's safe to do so; currently that's the case for hashes. 2122 * 2123 * \note See docs/use-psa-crypto.md for a complete description this option. 2124 * 2125 * Requires: MBEDTLS_PSA_CRYPTO_C. 2126 * 2127 * Uncomment this to enable internal use of PSA Crypto and new associated APIs. 2128 */ 2129 #define MBEDTLS_USE_PSA_CRYPTO 2130 2131 /** 2132 * \def MBEDTLS_PSA_CRYPTO_CONFIG 2133 * 2134 * This setting allows support for cryptographic mechanisms through the PSA 2135 * API to be configured separately from support through the mbedtls API. 2136 * 2137 * When this option is disabled, the PSA API exposes the cryptographic 2138 * mechanisms that can be implemented on top of the `mbedtls_xxx` API 2139 * configured with `MBEDTLS_XXX` symbols. 2140 * 2141 * When this option is enabled, the PSA API exposes the cryptographic 2142 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in 2143 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are 2144 * automatically enabled if required (i.e. if no PSA driver provides the 2145 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols 2146 * in mbedtls_config.h. 2147 * 2148 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies 2149 * an alternative header to include instead of include/psa/crypto_config.h. 2150 * 2151 * \warning This option is experimental, in that the set of `PSA_WANT_XXX` 2152 * symbols is not completely finalized yet, and the configuration 2153 * tooling is not ideally adapted to having two separate configuration 2154 * files. 2155 * Future minor releases of Mbed TLS may make minor changes to those 2156 * symbols, but we will endeavor to provide a transition path. 2157 * Nonetheless, this option is considered mature enough to use in 2158 * production, as long as you accept that you may need to make 2159 * minor changes to psa/crypto_config.h when upgrading Mbed TLS. 2160 */ 2161 /* #define MBEDTLS_PSA_CRYPTO_CONFIG */ 2162 2163 /** 2164 * \def MBEDTLS_VERSION_FEATURES 2165 * 2166 * Allow run-time checking of compile-time enabled features. Thus allowing users 2167 * to check at run-time if the library is for instance compiled with threading 2168 * support via mbedtls_version_check_feature(). 2169 * 2170 * Requires: MBEDTLS_VERSION_C 2171 * 2172 * Comment this to disable run-time checking and save ROM space 2173 */ 2174 #define MBEDTLS_VERSION_FEATURES 2175 2176 /** 2177 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK 2178 * 2179 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()` 2180 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure 2181 * the set of trusted certificates through a callback instead of a linked 2182 * list. 2183 * 2184 * This is useful for example in environments where a large number of trusted 2185 * certificates is present and storing them in a linked list isn't efficient 2186 * enough, or when the set of trusted certificates changes frequently. 2187 * 2188 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and 2189 * `mbedtls_ssl_conf_ca_cb()` for more information. 2190 * 2191 * Requires: MBEDTLS_X509_CRT_PARSE_C 2192 * 2193 * Uncomment to enable trusted certificate callbacks. 2194 */ 2195 /* #define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 2196 2197 /** 2198 * \def MBEDTLS_X509_REMOVE_INFO 2199 * 2200 * Disable mbedtls_x509_*_info() and related APIs. 2201 * 2202 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() 2203 * and other functions/constants only used by these functions, thus reducing 2204 * the code footprint by several KB. 2205 */ 2206 /* #define MBEDTLS_X509_REMOVE_INFO */ 2207 2208 /** 2209 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT 2210 * 2211 * Enable parsing and verification of X.509 certificates, CRLs and CSRS 2212 * signed with RSASSA-PSS (aka PKCS#1 v2.1). 2213 * 2214 * Comment this macro to disallow using RSASSA-PSS in certificates. 2215 */ 2216 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT 2217 /** \} name SECTION: Mbed TLS feature support */ 2218 2219 /** 2220 * \name SECTION: Mbed TLS modules 2221 * 2222 * This section enables or disables entire modules in Mbed TLS 2223 * \{ 2224 */ 2225 2226 /** 2227 * \def MBEDTLS_AESNI_C 2228 * 2229 * Enable AES-NI support on x86-64 or x86-32. 2230 * 2231 * \note AESNI is only supported with certain compilers and target options: 2232 * - Visual Studio 2013: supported. 2233 * - GCC, x86-64, target not explicitly supporting AESNI: 2234 * requires MBEDTLS_HAVE_ASM. 2235 * - GCC, x86-32, target not explicitly supporting AESNI: 2236 * not supported. 2237 * - GCC, x86-64 or x86-32, target supporting AESNI: supported. 2238 * For this assembly-less implementation, you must currently compile 2239 * `library/aesni.c` and `library/aes.c` with machine options to enable 2240 * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or 2241 * `clang -maes -mpclmul`. 2242 * - Non-x86 targets: this option is silently ignored. 2243 * - Other compilers: this option is silently ignored. 2244 * 2245 * \note 2246 * Above, "GCC" includes compatible compilers such as Clang. 2247 * The limitations on target support are likely to be relaxed in the future. 2248 * 2249 * Module: library/aesni.c 2250 * Caller: library/aes.c 2251 * 2252 * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) 2253 * 2254 * This modules adds support for the AES-NI instructions on x86. 2255 */ 2256 /* #define MBEDTLS_AESNI_C */ 2257 2258 /** 2259 * \def MBEDTLS_AESCE_C 2260 * 2261 * Enable AES cryptographic extension support on 64-bit Arm. 2262 * 2263 * Module: library/aesce.c 2264 * Caller: library/aes.c 2265 * 2266 * Requires: MBEDTLS_AES_C 2267 * 2268 * \warning Runtime detection only works on Linux. For non-Linux operating 2269 * system, Armv8-A Cryptographic Extensions must be supported by 2270 * the CPU when this option is enabled. 2271 * 2272 * \note Minimum compiler versions for this feature are Clang 4.0, 2273 * armclang 6.6, GCC 6.0 or MSVC 2019 version 16.11.2. 2274 * 2275 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 2276 * armclang <= 6.9 2277 * 2278 * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems. 2279 */ 2280 /* #define MBEDTLS_AESCE_C */ 2281 2282 /** 2283 * \def MBEDTLS_AES_C 2284 * 2285 * Enable the AES block cipher. 2286 * 2287 * Module: library/aes.c 2288 * Caller: library/cipher.c 2289 * library/pem.c 2290 * library/ctr_drbg.c 2291 * 2292 * This module enables the following ciphersuites (if other requisites are 2293 * enabled as well): 2294 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 2295 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 2296 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 2297 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 2298 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 2299 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 2300 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 2301 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 2302 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 2303 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 2304 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 2305 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 2306 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 2307 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 2308 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 2309 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 2310 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 2311 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 2312 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 2313 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 2314 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 2315 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 2316 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 2317 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 2318 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 2319 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 2320 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 2321 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 2322 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 2323 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 2324 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 2325 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 2326 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 2327 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 2328 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 2329 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 2330 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 2331 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 2332 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 2333 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 2334 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 2335 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 2336 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 2337 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 2338 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 2339 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 2340 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 2341 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 2342 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 2343 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 2344 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 2345 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 2346 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 2347 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 2348 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 2349 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 2350 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 2351 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 2352 * 2353 * PEM_PARSE uses AES for decrypting encrypted keys. 2354 */ 2355 #define MBEDTLS_AES_C 2356 2357 /** 2358 * \def MBEDTLS_ASN1_PARSE_C 2359 * 2360 * Enable the generic ASN1 parser. 2361 * 2362 * Module: library/asn1.c 2363 * Caller: library/x509.c 2364 * library/dhm.c 2365 * library/pkcs12.c 2366 * library/pkcs5.c 2367 * library/pkparse.c 2368 */ 2369 #define MBEDTLS_ASN1_PARSE_C 2370 2371 /** 2372 * \def MBEDTLS_ASN1_WRITE_C 2373 * 2374 * Enable the generic ASN1 writer. 2375 * 2376 * Module: library/asn1write.c 2377 * Caller: library/ecdsa.c 2378 * library/pkwrite.c 2379 * library/x509_create.c 2380 * library/x509write_crt.c 2381 * library/x509write_csr.c 2382 */ 2383 #define MBEDTLS_ASN1_WRITE_C 2384 2385 /** 2386 * \def MBEDTLS_BASE64_C 2387 * 2388 * Enable the Base64 module. 2389 * 2390 * Module: library/base64.c 2391 * Caller: library/pem.c 2392 * 2393 * This module is required for PEM support (required by X.509). 2394 */ 2395 #define MBEDTLS_BASE64_C 2396 2397 /** 2398 * \def MBEDTLS_BIGNUM_C 2399 * 2400 * Enable the multi-precision integer library. 2401 * 2402 * Module: library/bignum.c 2403 * library/bignum_core.c 2404 * library/bignum_mod.c 2405 * library/bignum_mod_raw.c 2406 * Caller: library/dhm.c 2407 * library/ecp.c 2408 * library/ecdsa.c 2409 * library/rsa.c 2410 * library/rsa_alt_helpers.c 2411 * library/ssl_tls.c 2412 * 2413 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. 2414 */ 2415 #define MBEDTLS_BIGNUM_C 2416 2417 /** 2418 * \def MBEDTLS_CAMELLIA_C 2419 * 2420 * Enable the Camellia block cipher. 2421 * 2422 * Module: library/camellia.c 2423 * Caller: library/cipher.c 2424 * 2425 * This module enables the following ciphersuites (if other requisites are 2426 * enabled as well): 2427 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2428 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2429 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 2430 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 2431 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2432 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2433 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 2434 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 2435 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 2436 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2437 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 2438 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 2439 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 2440 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 2441 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 2442 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 2443 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2444 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 2445 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 2446 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2447 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 2448 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 2449 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 2450 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2451 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 2452 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 2453 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2454 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 2455 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 2456 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 2457 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 2458 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 2459 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 2460 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 2461 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 2462 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 2463 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 2464 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 2465 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 2466 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 2467 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 2468 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 2469 */ 2470 /* #define MBEDTLS_CAMELLIA_C */ 2471 2472 /** 2473 * \def MBEDTLS_ARIA_C 2474 * 2475 * Enable the ARIA block cipher. 2476 * 2477 * Module: library/aria.c 2478 * Caller: library/cipher.c 2479 * 2480 * This module enables the following ciphersuites (if other requisites are 2481 * enabled as well): 2482 * 2483 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 2484 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 2485 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 2486 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 2487 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 2488 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 2489 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 2490 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 2491 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 2492 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 2493 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 2494 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 2495 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 2496 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 2497 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 2498 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 2499 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 2500 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 2501 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 2502 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 2503 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 2504 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 2505 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 2506 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 2507 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 2508 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 2509 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 2510 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 2511 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 2512 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 2513 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 2514 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 2515 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 2516 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 2517 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 2518 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 2519 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 2520 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 2521 */ 2522 /* #define MBEDTLS_ARIA_C */ 2523 2524 /** 2525 * \def MBEDTLS_CCM_C 2526 * 2527 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. 2528 * 2529 * Module: library/ccm.c 2530 * 2531 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2532 * MBEDTLS_ARIA_C 2533 * 2534 * This module enables the AES-CCM ciphersuites, if other requisites are 2535 * enabled as well. 2536 */ 2537 /* #define MBEDTLS_CCM_C */ 2538 2539 /** 2540 * \def MBEDTLS_CHACHA20_C 2541 * 2542 * Enable the ChaCha20 stream cipher. 2543 * 2544 * Module: library/chacha20.c 2545 */ 2546 #define MBEDTLS_CHACHA20_C 2547 2548 /** 2549 * \def MBEDTLS_CHACHAPOLY_C 2550 * 2551 * Enable the ChaCha20-Poly1305 AEAD algorithm. 2552 * 2553 * Module: library/chachapoly.c 2554 * 2555 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C 2556 */ 2557 #define MBEDTLS_CHACHAPOLY_C 2558 2559 /** 2560 * \def MBEDTLS_CIPHER_C 2561 * 2562 * Enable the generic cipher layer. 2563 * 2564 * Module: library/cipher.c 2565 * Caller: library/ccm.c 2566 * library/cmac.c 2567 * library/gcm.c 2568 * library/nist_kw.c 2569 * library/pkcs12.c 2570 * library/pkcs5.c 2571 * library/psa_crypto_aead.c 2572 * library/psa_crypto_mac.c 2573 * library/ssl_ciphersuites.c 2574 * library/ssl_msg.c 2575 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) 2576 * 2577 * Uncomment to enable generic cipher wrappers. 2578 */ 2579 #define MBEDTLS_CIPHER_C 2580 2581 /** 2582 * \def MBEDTLS_CMAC_C 2583 * 2584 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block 2585 * ciphers. 2586 * 2587 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying 2588 * implementation of the CMAC algorithm is provided by an alternate 2589 * implementation, that alternate implementation may opt to not support 2590 * AES-192 or 3DES as underlying block ciphers for the CMAC operation. 2591 * 2592 * Module: library/cmac.c 2593 * 2594 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C 2595 * 2596 */ 2597 #define MBEDTLS_CMAC_C 2598 2599 /** 2600 * \def MBEDTLS_CTR_DRBG_C 2601 * 2602 * Enable the CTR_DRBG AES-based random generator. 2603 * The CTR_DRBG generator uses AES-256 by default. 2604 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. 2605 * 2606 * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. 2607 * 2608 * \note To achieve a 256-bit security strength with CTR_DRBG, 2609 * you must use AES-256 *and* use sufficient entropy. 2610 * See ctr_drbg.h for more details. 2611 * 2612 * Module: library/ctr_drbg.c 2613 * Caller: 2614 * 2615 * Requires: MBEDTLS_AES_C 2616 * 2617 * This module provides the CTR_DRBG AES random number generator. 2618 */ 2619 #define MBEDTLS_CTR_DRBG_C 2620 2621 /** 2622 * \def MBEDTLS_DEBUG_C 2623 * 2624 * Enable the debug functions. 2625 * 2626 * Module: library/debug.c 2627 * Caller: library/ssl_msg.c 2628 * library/ssl_tls.c 2629 * library/ssl_tls12_*.c 2630 * library/ssl_tls13_*.c 2631 * 2632 * This module provides debugging functions. 2633 */ 2634 /* #define MBEDTLS_DEBUG_C */ 2635 2636 /** 2637 * \def MBEDTLS_DES_C 2638 * 2639 * Enable the DES block cipher. 2640 * 2641 * Module: library/des.c 2642 * Caller: library/pem.c 2643 * library/cipher.c 2644 * 2645 * PEM_PARSE uses DES/3DES for decrypting encrypted keys. 2646 * 2647 * \warning DES/3DES are considered weak ciphers and their use constitutes a 2648 * security risk. We recommend considering stronger ciphers instead. 2649 */ 2650 /* #define MBEDTLS_DES_C */ 2651 2652 /** 2653 * \def MBEDTLS_DHM_C 2654 * 2655 * Enable the Diffie-Hellman-Merkle module. 2656 * 2657 * Module: library/dhm.c 2658 * Caller: library/ssl_tls.c 2659 * library/ssl*_client.c 2660 * library/ssl*_server.c 2661 * 2662 * This module is used by the following key exchanges: 2663 * DHE-RSA, DHE-PSK 2664 * 2665 * \warning Using DHE constitutes a security risk as it 2666 * is not possible to validate custom DH parameters. 2667 * If possible, it is recommended users should consider 2668 * preferring other methods of key exchange. 2669 * See dhm.h for more details. 2670 * 2671 */ 2672 #define MBEDTLS_DHM_C 2673 2674 /** 2675 * \def MBEDTLS_ECDH_C 2676 * 2677 * Enable the elliptic curve Diffie-Hellman library. 2678 * 2679 * Module: library/ecdh.c 2680 * Caller: library/psa_crypto.c 2681 * library/ssl_tls.c 2682 * library/ssl*_client.c 2683 * library/ssl*_server.c 2684 * 2685 * This module is used by the following key exchanges: 2686 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK 2687 * 2688 * Requires: MBEDTLS_ECP_C 2689 */ 2690 #define MBEDTLS_ECDH_C 2691 2692 /** 2693 * \def MBEDTLS_ECDSA_C 2694 * 2695 * Enable the elliptic curve DSA library. 2696 * 2697 * Module: library/ecdsa.c 2698 * Caller: 2699 * 2700 * This module is used by the following key exchanges: 2701 * ECDHE-ECDSA 2702 * 2703 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, 2704 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a 2705 * short Weierstrass curve. 2706 */ 2707 #define MBEDTLS_ECDSA_C 2708 2709 /** 2710 * \def MBEDTLS_ECJPAKE_C 2711 * 2712 * Enable the elliptic curve J-PAKE library. 2713 * 2714 * \note EC J-PAKE support is based on the Thread v1.0.0 specification. 2715 * It has not been reviewed for compliance with newer standards such as 2716 * Thread v1.1 or RFC 8236. 2717 * 2718 * Module: library/ecjpake.c 2719 * Caller: 2720 * 2721 * This module is used by the following key exchanges: 2722 * ECJPAKE 2723 * 2724 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C 2725 * 2726 * \warning If using a hash that is only provided by PSA drivers, you must 2727 * call psa_crypto_init() before doing any EC J-PAKE operations. 2728 */ 2729 /* #define MBEDTLS_ECJPAKE_C */ 2730 2731 /** 2732 * \def MBEDTLS_ECP_C 2733 * 2734 * Enable the elliptic curve over GF(p) library. 2735 * 2736 * Module: library/ecp.c 2737 * Caller: library/ecdh.c 2738 * library/ecdsa.c 2739 * library/ecjpake.c 2740 * 2741 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED 2742 */ 2743 #define MBEDTLS_ECP_C 2744 2745 /** 2746 * \def MBEDTLS_ENTROPY_C 2747 * 2748 * Enable the platform-specific entropy code. 2749 * 2750 * Module: library/entropy.c 2751 * Caller: 2752 * 2753 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C 2754 * 2755 * This module provides a generic entropy pool 2756 */ 2757 #define MBEDTLS_ENTROPY_C 2758 2759 /** 2760 * \def MBEDTLS_ERROR_C 2761 * 2762 * Enable error code to error string conversion. 2763 * 2764 * Module: library/error.c 2765 * Caller: 2766 * 2767 * This module enables mbedtls_strerror(). 2768 */ 2769 #define MBEDTLS_ERROR_C 2770 2771 /** 2772 * \def MBEDTLS_GCM_C 2773 * 2774 * Enable the Galois/Counter Mode (GCM). 2775 * 2776 * Module: library/gcm.c 2777 * 2778 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or 2779 * MBEDTLS_ARIA_C 2780 * 2781 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other 2782 * requisites are enabled as well. 2783 */ 2784 #define MBEDTLS_GCM_C 2785 2786 /** 2787 * \def MBEDTLS_HKDF_C 2788 * 2789 * Enable the HKDF algorithm (RFC 5869). 2790 * 2791 * Module: library/hkdf.c 2792 * Caller: 2793 * 2794 * Requires: MBEDTLS_MD_C 2795 * 2796 * This module adds support for the Hashed Message Authentication Code 2797 * (HMAC)-based key derivation function (HKDF). 2798 */ 2799 #define MBEDTLS_HKDF_C 2800 2801 /** 2802 * \def MBEDTLS_HMAC_DRBG_C 2803 * 2804 * Enable the HMAC_DRBG random generator. 2805 * 2806 * Module: library/hmac_drbg.c 2807 * Caller: 2808 * 2809 * Requires: MBEDTLS_MD_C 2810 * 2811 * Uncomment to enable the HMAC_DRBG random number generator. 2812 */ 2813 #define MBEDTLS_HMAC_DRBG_C 2814 2815 /** 2816 * \def MBEDTLS_LMS_C 2817 * 2818 * Enable the LMS stateful-hash asymmetric signature algorithm. 2819 * 2820 * Module: library/lms.c 2821 * Caller: 2822 * 2823 * Requires: MBEDTLS_PSA_CRYPTO_C 2824 * 2825 * Uncomment to enable the LMS verification algorithm and public key operations. 2826 */ 2827 #define MBEDTLS_LMS_C 2828 2829 /** 2830 * \def MBEDTLS_LMS_PRIVATE 2831 * 2832 * Enable LMS private-key operations and signing code. Functions enabled by this 2833 * option are experimental, and should not be used in production. 2834 * 2835 * Requires: MBEDTLS_LMS_C 2836 * 2837 * Uncomment to enable the LMS signature algorithm and private key operations. 2838 */ 2839 /* #define MBEDTLS_LMS_PRIVATE */ 2840 2841 /** 2842 * \def MBEDTLS_NIST_KW_C 2843 * 2844 * Enable the Key Wrapping mode for 128-bit block ciphers, 2845 * as defined in NIST SP 800-38F. Only KW and KWP modes 2846 * are supported. At the moment, only AES is approved by NIST. 2847 * 2848 * Module: library/nist_kw.c 2849 * 2850 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C 2851 */ 2852 #define MBEDTLS_NIST_KW_C 2853 2854 /** 2855 * \def MBEDTLS_MD_C 2856 * 2857 * Enable the generic layer for message digest (hashing) and HMAC. 2858 * 2859 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, 2860 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, 2861 * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least 2862 * one hash. 2863 * Module: library/md.c 2864 * Caller: library/constant_time.c 2865 * library/ecdsa.c 2866 * library/ecjpake.c 2867 * library/hkdf.c 2868 * library/hmac_drbg.c 2869 * library/pk.c 2870 * library/pkcs5.c 2871 * library/pkcs12.c 2872 * library/psa_crypto_ecp.c 2873 * library/psa_crypto_rsa.c 2874 * library/rsa.c 2875 * library/ssl_cookie.c 2876 * library/ssl_msg.c 2877 * library/ssl_tls.c 2878 * library/x509.c 2879 * library/x509_crt.c 2880 * library/x509write_crt.c 2881 * library/x509write_csr.c 2882 * 2883 * Uncomment to enable generic message digest wrappers. 2884 */ 2885 #define MBEDTLS_MD_C 2886 2887 /** 2888 * \def MBEDTLS_MD5_C 2889 * 2890 * Enable the MD5 hash algorithm. 2891 * 2892 * Module: library/md5.c 2893 * Caller: library/md.c 2894 * library/pem.c 2895 * library/ssl_tls.c 2896 * 2897 * This module is required for TLS 1.2 depending on the handshake parameters. 2898 * Further, it is used for checking MD5-signed certificates, and for PBKDF1 2899 * when decrypting PEM-encoded encrypted keys. 2900 * 2901 * \warning MD5 is considered a weak message digest and its use constitutes a 2902 * security risk. If possible, we recommend avoiding dependencies on 2903 * it, and considering stronger message digests instead. 2904 * 2905 */ 2906 #define MBEDTLS_MD5_C 2907 2908 /** 2909 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C 2910 * 2911 * Enable the buffer allocator implementation that makes use of a (stack) 2912 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() 2913 * calls) 2914 * 2915 * Module: library/memory_buffer_alloc.c 2916 * 2917 * Requires: MBEDTLS_PLATFORM_C 2918 * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) 2919 * 2920 * Enable this module to enable the buffer memory allocator. 2921 */ 2922 /* #define MBEDTLS_MEMORY_BUFFER_ALLOC_C */ 2923 2924 /** 2925 * \def MBEDTLS_NET_C 2926 * 2927 * Enable the TCP and UDP over IPv6/IPv4 networking routines. 2928 * 2929 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) 2930 * and Windows. For other platforms, you'll want to disable it, and write your 2931 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). 2932 * 2933 * \note See also our Knowledge Base article about porting to a new 2934 * environment: 2935 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 2936 * 2937 * Module: library/net_sockets.c 2938 * 2939 * This module provides networking routines. 2940 */ 2941 /* #define MBEDTLS_NET_C */ 2942 2943 /** 2944 * \def MBEDTLS_OID_C 2945 * 2946 * Enable the OID database. 2947 * 2948 * Module: library/oid.c 2949 * Caller: library/asn1write.c 2950 * library/pkcs5.c 2951 * library/pkparse.c 2952 * library/pkwrite.c 2953 * library/rsa.c 2954 * library/x509.c 2955 * library/x509_create.c 2956 * library/x509_crl.c 2957 * library/x509_crt.c 2958 * library/x509_csr.c 2959 * library/x509write_crt.c 2960 * library/x509write_csr.c 2961 * 2962 * This modules translates between OIDs and internal values. 2963 */ 2964 #define MBEDTLS_OID_C 2965 2966 /** 2967 * \def MBEDTLS_PADLOCK_C 2968 * 2969 * Enable VIA Padlock support on x86. 2970 * 2971 * Module: library/padlock.c 2972 * Caller: library/aes.c 2973 * 2974 * Requires: MBEDTLS_HAVE_ASM 2975 * 2976 * This modules adds support for the VIA PadLock on x86. 2977 */ 2978 /* #define MBEDTLS_PADLOCK_C */ 2979 2980 /** 2981 * \def MBEDTLS_PEM_PARSE_C 2982 * 2983 * Enable PEM decoding / parsing. 2984 * 2985 * Module: library/pem.c 2986 * Caller: library/dhm.c 2987 * library/pkparse.c 2988 * library/x509_crl.c 2989 * library/x509_crt.c 2990 * library/x509_csr.c 2991 * 2992 * Requires: MBEDTLS_BASE64_C 2993 * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below) 2994 * 2995 * \warning When parsing password-protected files, if MD5 is provided only by 2996 * a PSA driver, you must call psa_crypto_init() before the first file. 2997 * 2998 * This modules adds support for decoding / parsing PEM files. 2999 */ 3000 #define MBEDTLS_PEM_PARSE_C 3001 3002 /** 3003 * \def MBEDTLS_PEM_WRITE_C 3004 * 3005 * Enable PEM encoding / writing. 3006 * 3007 * Module: library/pem.c 3008 * Caller: library/pkwrite.c 3009 * library/x509write_crt.c 3010 * library/x509write_csr.c 3011 * 3012 * Requires: MBEDTLS_BASE64_C 3013 * 3014 * This modules adds support for encoding / writing PEM files. 3015 */ 3016 #define MBEDTLS_PEM_WRITE_C 3017 3018 /** 3019 * \def MBEDTLS_PK_C 3020 * 3021 * Enable the generic public (asymmetric) key layer. 3022 * 3023 * Module: library/pk.c 3024 * Caller: library/psa_crypto_rsa.c 3025 * library/ssl_tls.c 3026 * library/ssl*_client.c 3027 * library/ssl*_server.c 3028 * library/x509.c 3029 * 3030 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C 3031 * 3032 * Uncomment to enable generic public key wrappers. 3033 */ 3034 #define MBEDTLS_PK_C 3035 3036 /** 3037 * \def MBEDTLS_PK_PARSE_C 3038 * 3039 * Enable the generic public (asymmetric) key parser. 3040 * 3041 * Module: library/pkparse.c 3042 * Caller: library/x509_crt.c 3043 * library/x509_csr.c 3044 * 3045 * Requires: MBEDTLS_PK_C 3046 * 3047 * Uncomment to enable generic public key parse functions. 3048 */ 3049 #define MBEDTLS_PK_PARSE_C 3050 3051 /** 3052 * \def MBEDTLS_PK_WRITE_C 3053 * 3054 * Enable the generic public (asymmetric) key writer. 3055 * 3056 * Module: library/pkwrite.c 3057 * Caller: library/x509write.c 3058 * 3059 * Requires: MBEDTLS_PK_C 3060 * 3061 * Uncomment to enable generic public key write functions. 3062 */ 3063 #define MBEDTLS_PK_WRITE_C 3064 3065 /** 3066 * \def MBEDTLS_PKCS5_C 3067 * 3068 * Enable PKCS#5 functions. 3069 * 3070 * Module: library/pkcs5.c 3071 * 3072 * Requires: MBEDTLS_CIPHER_C 3073 * Auto-enables: MBEDTLS_MD_C 3074 * 3075 * \warning If using a hash that is only provided by PSA drivers, you must 3076 * call psa_crypto_init() before doing any PKCS5 operations. 3077 * 3078 * This module adds support for the PKCS#5 functions. 3079 */ 3080 #define MBEDTLS_PKCS5_C 3081 3082 /** 3083 * \def MBEDTLS_PKCS7_C 3084 * 3085 * Enable PKCS #7 core for using PKCS #7-formatted signatures. 3086 * RFC Link - https://tools.ietf.org/html/rfc2315 3087 * 3088 * Module: library/pkcs7.c 3089 * 3090 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3091 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, 3092 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C 3093 * 3094 * This module is required for the PKCS #7 parsing modules. 3095 */ 3096 /* #define MBEDTLS_PKCS7_C */ 3097 3098 /** 3099 * \def MBEDTLS_PKCS12_C 3100 * 3101 * Enable PKCS#12 PBE functions. 3102 * Adds algorithms for parsing PKCS#8 encrypted private keys 3103 * 3104 * Module: library/pkcs12.c 3105 * Caller: library/pkparse.c 3106 * 3107 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either 3108 * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. 3109 * 3110 * \warning If using a hash that is only provided by PSA drivers, you must 3111 * call psa_crypto_init() before doing any PKCS12 operations. 3112 * 3113 * This module enables PKCS#12 functions. 3114 */ 3115 #define MBEDTLS_PKCS12_C 3116 3117 /** 3118 * \def MBEDTLS_PLATFORM_C 3119 * 3120 * Enable the platform abstraction layer that allows you to re-assign 3121 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). 3122 * 3123 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT 3124 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned 3125 * above to be specified at runtime or compile time respectively. 3126 * 3127 * \note This abstraction layer must be enabled on Windows (including MSYS2) 3128 * as other modules rely on it for a fixed snprintf implementation. 3129 * 3130 * Module: library/platform.c 3131 * Caller: Most other .c files 3132 * 3133 * This module enables abstraction of common (libc) functions. 3134 */ 3135 #define MBEDTLS_PLATFORM_C 3136 3137 /** 3138 * \def MBEDTLS_POLY1305_C 3139 * 3140 * Enable the Poly1305 MAC algorithm. 3141 * 3142 * Module: library/poly1305.c 3143 * Caller: library/chachapoly.c 3144 */ 3145 #define MBEDTLS_POLY1305_C 3146 3147 /** 3148 * \def MBEDTLS_PSA_CRYPTO_C 3149 * 3150 * Enable the Platform Security Architecture cryptography API. 3151 * 3152 * Module: library/psa_crypto.c 3153 * 3154 * Requires: MBEDTLS_CIPHER_C, 3155 * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, 3156 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, 3157 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. 3158 * 3159 */ 3160 #define MBEDTLS_PSA_CRYPTO_C 3161 3162 /** 3163 * \def MBEDTLS_PSA_CRYPTO_SE_C 3164 * 3165 * Enable dynamic secure element support in the Platform Security Architecture 3166 * cryptography API. 3167 * 3168 * \deprecated This feature is deprecated. Please switch to the PSA driver 3169 * interface. 3170 * 3171 * Module: library/psa_crypto_se.c 3172 * 3173 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C 3174 * 3175 */ 3176 /* #define MBEDTLS_PSA_CRYPTO_SE_C */ 3177 3178 /** 3179 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C 3180 * 3181 * Enable the Platform Security Architecture persistent key storage. 3182 * 3183 * Module: library/psa_crypto_storage.c 3184 * 3185 * Requires: MBEDTLS_PSA_CRYPTO_C, 3186 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of 3187 * the PSA ITS interface 3188 */ 3189 /* #define MBEDTLS_PSA_CRYPTO_STORAGE_C */ 3190 3191 /** 3192 * \def MBEDTLS_PSA_ITS_FILE_C 3193 * 3194 * Enable the emulation of the Platform Security Architecture 3195 * Internal Trusted Storage (PSA ITS) over files. 3196 * 3197 * Module: library/psa_its_file.c 3198 * 3199 * Requires: MBEDTLS_FS_IO 3200 */ 3201 /* #define MBEDTLS_PSA_ITS_FILE_C */ 3202 3203 /** 3204 * \def MBEDTLS_RIPEMD160_C 3205 * 3206 * Enable the RIPEMD-160 hash algorithm. 3207 * 3208 * Module: library/ripemd160.c 3209 * Caller: library/md.c 3210 * 3211 */ 3212 #define MBEDTLS_RIPEMD160_C 3213 3214 /** 3215 * \def MBEDTLS_RSA_C 3216 * 3217 * Enable the RSA public-key cryptosystem. 3218 * 3219 * Module: library/rsa.c 3220 * library/rsa_alt_helpers.c 3221 * Caller: library/pk.c 3222 * library/psa_crypto.c 3223 * library/ssl_tls.c 3224 * library/ssl*_client.c 3225 * library/ssl*_server.c 3226 * 3227 * This module is used by the following key exchanges: 3228 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK 3229 * 3230 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C 3231 */ 3232 #define MBEDTLS_RSA_C 3233 3234 /** 3235 * \def MBEDTLS_SHA1_C 3236 * 3237 * Enable the SHA1 cryptographic hash algorithm. 3238 * 3239 * Module: library/sha1.c 3240 * Caller: library/md.c 3241 * library/psa_crypto_hash.c 3242 * 3243 * This module is required for TLS 1.2 depending on the handshake parameters, 3244 * and for SHA1-signed certificates. 3245 * 3246 * \warning SHA-1 is considered a weak message digest and its use constitutes 3247 * a security risk. If possible, we recommend avoiding dependencies 3248 * on it, and considering stronger message digests instead. 3249 * 3250 */ 3251 #define MBEDTLS_SHA1_C 3252 3253 /** 3254 * \def MBEDTLS_SHA224_C 3255 * 3256 * Enable the SHA-224 cryptographic hash algorithm. 3257 * 3258 * Module: library/sha256.c 3259 * Caller: library/md.c 3260 * library/ssl_cookie.c 3261 * 3262 * This module adds support for SHA-224. 3263 */ 3264 #define MBEDTLS_SHA224_C 3265 3266 /** 3267 * \def MBEDTLS_SHA256_C 3268 * 3269 * Enable the SHA-256 cryptographic hash algorithm. 3270 * 3271 * Module: library/sha256.c 3272 * Caller: library/entropy.c 3273 * library/md.c 3274 * library/ssl_tls.c 3275 * library/ssl*_client.c 3276 * library/ssl*_server.c 3277 * 3278 * This module adds support for SHA-256. 3279 * This module is required for the SSL/TLS 1.2 PRF function. 3280 */ 3281 #define MBEDTLS_SHA256_C 3282 3283 /** 3284 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3285 * 3286 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3287 * with the ARMv8 cryptographic extensions if they are available at runtime. 3288 * If not, the library will fall back to the C implementation. 3289 * 3290 * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building 3291 * for a non-Aarch64 build it will be silently ignored. 3292 * 3293 * \note Minimum compiler versions for this feature are Clang 4.0, 3294 * armclang 6.6 or GCC 6.0. 3295 * 3296 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 3297 * armclang <= 6.9 3298 * 3299 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3300 * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. 3301 * 3302 * Requires: MBEDTLS_SHA256_C. 3303 * 3304 * Module: library/sha256.c 3305 * 3306 * Uncomment to have the library check for the A64 SHA-256 crypto extensions 3307 * and use them if available. 3308 */ 3309 /* #define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ 3310 3311 /** 3312 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 3313 * 3314 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms 3315 * with the ARMv8 cryptographic extensions, which must be available at runtime 3316 * or else an illegal instruction fault will occur. 3317 * 3318 * \note This allows builds with a smaller code size than with 3319 * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT 3320 * 3321 * \note Minimum compiler versions for this feature are Clang 4.0, 3322 * armclang 6.6 or GCC 6.0. 3323 * 3324 * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for 3325 * armclang <= 6.9 3326 * 3327 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same 3328 * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. 3329 * 3330 * Requires: MBEDTLS_SHA256_C. 3331 * 3332 * Module: library/sha256.c 3333 * 3334 * Uncomment to have the library use the A64 SHA-256 crypto extensions 3335 * unconditionally. 3336 */ 3337 /* #define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ 3338 3339 /** 3340 * \def MBEDTLS_SHA384_C 3341 * 3342 * Enable the SHA-384 cryptographic hash algorithm. 3343 * 3344 * Module: library/sha512.c 3345 * Caller: library/md.c 3346 * library/psa_crypto_hash.c 3347 * library/ssl_tls.c 3348 * library/ssl*_client.c 3349 * library/ssl*_server.c 3350 * 3351 * Comment to disable SHA-384 3352 */ 3353 #define MBEDTLS_SHA384_C 3354 3355 /** 3356 * \def MBEDTLS_SHA512_C 3357 * 3358 * Enable SHA-512 cryptographic hash algorithms. 3359 * 3360 * Module: library/sha512.c 3361 * Caller: library/entropy.c 3362 * library/md.c 3363 * library/ssl_tls.c 3364 * library/ssl_cookie.c 3365 * 3366 * This module adds support for SHA-512. 3367 */ 3368 #define MBEDTLS_SHA512_C 3369 3370 /** 3371 * \def MBEDTLS_SHA3_C 3372 * 3373 * Enable the SHA3 cryptographic hash algorithm. 3374 * 3375 * Module: library/sha3.c 3376 * 3377 * This module adds support for SHA3. 3378 */ 3379 #define MBEDTLS_SHA3_C 3380 3381 /** 3382 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3383 * 3384 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3385 * with the ARMv8 cryptographic extensions if they are available at runtime. 3386 * If not, the library will fall back to the C implementation. 3387 * 3388 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building 3389 * for a non-Aarch64 build it will be silently ignored. 3390 * 3391 * \note Minimum compiler versions for this feature are Clang 7.0, 3392 * armclang 6.9 or GCC 8.0. 3393 * 3394 * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for 3395 * armclang 6.9 3396 * 3397 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the 3398 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. 3399 * 3400 * Requires: MBEDTLS_SHA512_C. 3401 * 3402 * Module: library/sha512.c 3403 * 3404 * Uncomment to have the library check for the A64 SHA-512 crypto extensions 3405 * and use them if available. 3406 */ 3407 /* #define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ 3408 3409 /** 3410 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY 3411 * 3412 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms 3413 * with the ARMv8 cryptographic extensions, which must be available at runtime 3414 * or else an illegal instruction fault will occur. 3415 * 3416 * \note This allows builds with a smaller code size than with 3417 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT 3418 * 3419 * \note Minimum compiler versions for this feature are Clang 7.0, 3420 * armclang 6.9 or GCC 8.0. 3421 * 3422 * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for 3423 * armclang 6.9 3424 * 3425 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same 3426 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. 3427 * 3428 * Requires: MBEDTLS_SHA512_C. 3429 * 3430 * Module: library/sha512.c 3431 * 3432 * Uncomment to have the library use the A64 SHA-512 crypto extensions 3433 * unconditionally. 3434 */ 3435 /* #define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ 3436 3437 /** 3438 * \def MBEDTLS_SSL_CACHE_C 3439 * 3440 * Enable simple SSL cache implementation. 3441 * 3442 * Module: library/ssl_cache.c 3443 * Caller: 3444 * 3445 * Requires: MBEDTLS_SSL_CACHE_C 3446 */ 3447 #define MBEDTLS_SSL_CACHE_C 3448 3449 /** 3450 * \def MBEDTLS_SSL_COOKIE_C 3451 * 3452 * Enable basic implementation of DTLS cookies for hello verification. 3453 * 3454 * Module: library/ssl_cookie.c 3455 * Caller: 3456 */ 3457 #define MBEDTLS_SSL_COOKIE_C 3458 3459 /** 3460 * \def MBEDTLS_SSL_TICKET_C 3461 * 3462 * Enable an implementation of TLS server-side callbacks for session tickets. 3463 * 3464 * Module: library/ssl_ticket.c 3465 * Caller: 3466 * 3467 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) && 3468 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C) 3469 */ 3470 #define MBEDTLS_SSL_TICKET_C 3471 3472 /** 3473 * \def MBEDTLS_SSL_CLI_C 3474 * 3475 * Enable the SSL/TLS client code. 3476 * 3477 * Module: library/ssl*_client.c 3478 * Caller: 3479 * 3480 * Requires: MBEDTLS_SSL_TLS_C 3481 * 3482 * This module is required for SSL/TLS client support. 3483 */ 3484 #define MBEDTLS_SSL_CLI_C 3485 3486 /** 3487 * \def MBEDTLS_SSL_SRV_C 3488 * 3489 * Enable the SSL/TLS server code. 3490 * 3491 * Module: library/ssl*_server.c 3492 * Caller: 3493 * 3494 * Requires: MBEDTLS_SSL_TLS_C 3495 * 3496 * This module is required for SSL/TLS server support. 3497 */ 3498 /* #define MBEDTLS_SSL_SRV */ 3499 3500 /** 3501 * \def MBEDTLS_SSL_TLS_C 3502 * 3503 * Enable the generic SSL/TLS code. 3504 * 3505 * Module: library/ssl_tls.c 3506 * Caller: library/ssl*_client.c 3507 * library/ssl*_server.c 3508 * 3509 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C 3510 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines 3511 * 3512 * This module is required for SSL/TLS. 3513 */ 3514 #define MBEDTLS_SSL_TLS_C 3515 3516 /** 3517 * \def MBEDTLS_THREADING_C 3518 * 3519 * Enable the threading abstraction layer. 3520 * By default Mbed TLS assumes it is used in a non-threaded environment or that 3521 * contexts are not shared between threads. If you do intend to use contexts 3522 * between threads, you will need to enable this layer to prevent race 3523 * conditions. See also our Knowledge Base article about threading: 3524 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading 3525 * 3526 * Module: library/threading.c 3527 * 3528 * This allows different threading implementations (self-implemented or 3529 * provided). 3530 * 3531 * You will have to enable either MBEDTLS_THREADING_ALT or 3532 * MBEDTLS_THREADING_PTHREAD. 3533 * 3534 * Enable this layer to allow use of mutexes within Mbed TLS 3535 */ 3536 #define MBEDTLS_THREADING_C 3537 #define MBEDTLS_THREADING_IMPL 3538 #include "mbedtls_freertos_port.h" 3539 3540 /** 3541 * \def MBEDTLS_TIMING_C 3542 * 3543 * Enable the semi-portable timing interface. 3544 * 3545 * \note The provided implementation only works on POSIX/Unix (including Linux, 3546 * BSD and OS X) and Windows. On other platforms, you can either disable that 3547 * module and provide your own implementations of the callbacks needed by 3548 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide 3549 * your own implementation of the whole module by setting 3550 * \c MBEDTLS_TIMING_ALT in the current file. 3551 * 3552 * \note The timing module will include time.h on suitable platforms 3553 * regardless of the setting of MBEDTLS_HAVE_TIME, unless 3554 * MBEDTLS_TIMING_ALT is used. See timing.c for more information. 3555 * 3556 * \note See also our Knowledge Base article about porting to a new 3557 * environment: 3558 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS 3559 * 3560 * Module: library/timing.c 3561 */ 3562 /* #define MBEDTLS_TIMING_C */ 3563 3564 /** 3565 * \def MBEDTLS_VERSION_C 3566 * 3567 * Enable run-time version information. 3568 * 3569 * Module: library/version.c 3570 * 3571 * This module provides run-time version information. 3572 */ 3573 #define MBEDTLS_VERSION_C 3574 3575 /** 3576 * \def MBEDTLS_X509_USE_C 3577 * 3578 * Enable X.509 core for using certificates. 3579 * 3580 * Module: library/x509.c 3581 * Caller: library/x509_crl.c 3582 * library/x509_crt.c 3583 * library/x509_csr.c 3584 * 3585 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3586 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3587 * 3588 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3589 * psa_crypto_init() before doing any X.509 operation. 3590 * 3591 * This module is required for the X.509 parsing modules. 3592 */ 3593 #define MBEDTLS_X509_USE_C 3594 3595 /** 3596 * \def MBEDTLS_X509_CRT_PARSE_C 3597 * 3598 * Enable X.509 certificate parsing. 3599 * 3600 * Module: library/x509_crt.c 3601 * Caller: library/ssl_tls.c 3602 * library/ssl*_client.c 3603 * library/ssl*_server.c 3604 * 3605 * Requires: MBEDTLS_X509_USE_C 3606 * 3607 * This module is required for X.509 certificate parsing. 3608 */ 3609 #define MBEDTLS_X509_CRT_PARSE_C 3610 3611 /** 3612 * \def MBEDTLS_X509_CRL_PARSE_C 3613 * 3614 * Enable X.509 CRL parsing. 3615 * 3616 * Module: library/x509_crl.c 3617 * Caller: library/x509_crt.c 3618 * 3619 * Requires: MBEDTLS_X509_USE_C 3620 * 3621 * This module is required for X.509 CRL parsing. 3622 */ 3623 #define MBEDTLS_X509_CRL_PARSE_C 3624 3625 /** 3626 * \def MBEDTLS_X509_CSR_PARSE_C 3627 * 3628 * Enable X.509 Certificate Signing Request (CSR) parsing. 3629 * 3630 * Module: library/x509_csr.c 3631 * Caller: library/x509_crt_write.c 3632 * 3633 * Requires: MBEDTLS_X509_USE_C 3634 * 3635 * This module is used for reading X.509 certificate request. 3636 */ 3637 #define MBEDTLS_X509_CSR_PARSE_C 3638 3639 /** 3640 * \def MBEDTLS_X509_CREATE_C 3641 * 3642 * Enable X.509 core for creating certificates. 3643 * 3644 * Module: library/x509_create.c 3645 * 3646 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C, 3647 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 3648 * 3649 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call 3650 * psa_crypto_init() before doing any X.509 create operation. 3651 * 3652 * This module is the basis for creating X.509 certificates and CSRs. 3653 */ 3654 #define MBEDTLS_X509_CREATE_C 3655 3656 /** 3657 * \def MBEDTLS_X509_CRT_WRITE_C 3658 * 3659 * Enable creating X.509 certificates. 3660 * 3661 * Module: library/x509_crt_write.c 3662 * 3663 * Requires: MBEDTLS_X509_CREATE_C 3664 * 3665 * This module is required for X.509 certificate creation. 3666 */ 3667 #define MBEDTLS_X509_CRT_WRITE_C 3668 3669 /** 3670 * \def MBEDTLS_X509_CSR_WRITE_C 3671 * 3672 * Enable creating X.509 Certificate Signing Requests (CSR). 3673 * 3674 * Module: library/x509_csr_write.c 3675 * 3676 * Requires: MBEDTLS_X509_CREATE_C 3677 * 3678 * This module is required for X.509 certificate request writing. 3679 */ 3680 #define MBEDTLS_X509_CSR_WRITE_C 3681 3682 /** \} name SECTION: Mbed TLS modules */ 3683 3684 /** 3685 * \name SECTION: General configuration options 3686 * 3687 * This section contains Mbed TLS build settings that are not associated 3688 * with a particular module. 3689 * 3690 * \{ 3691 */ 3692 3693 /** 3694 * \def MBEDTLS_CONFIG_FILE 3695 * 3696 * If defined, this is a header which will be included instead of 3697 * `"mbedtls/mbedtls_config.h"`. 3698 * This header file specifies the compile-time configuration of Mbed TLS. 3699 * Unlike other configuration options, this one must be defined on the 3700 * compiler command line: a definition in `mbedtls_config.h` would have 3701 * no effect. 3702 * 3703 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3704 * non-standard feature of the C language, so this feature is only available 3705 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3706 * 3707 * The value of this symbol is typically a path in double quotes, either 3708 * absolute or relative to a directory on the include search path. 3709 */ 3710 #ifndef MBEDTLS_CONFIG_FILE 3711 #define MBEDTLS_CONFIG_FILE "mbedtls_config_v3.5.1.h" 3712 #endif /* MBEDTLS_CONFIG_FILE */ 3713 3714 /** 3715 * \def MBEDTLS_USER_CONFIG_FILE 3716 * 3717 * If defined, this is a header which will be included after 3718 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. 3719 * This allows you to modify the default configuration, including the ability 3720 * to undefine options that are enabled by default. 3721 * 3722 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3723 * non-standard feature of the C language, so this feature is only available 3724 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3725 * 3726 * The value of this symbol is typically a path in double quotes, either 3727 * absolute or relative to a directory on the include search path. 3728 */ 3729 /* #define MBEDTLS_USER_CONFIG_FILE "/dev/null" */ 3730 3731 /** 3732 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE 3733 * 3734 * If defined, this is a header which will be included instead of 3735 * `"psa/crypto_config.h"`. 3736 * This header file specifies which cryptographic mechanisms are available 3737 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and 3738 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. 3739 * 3740 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3741 * non-standard feature of the C language, so this feature is only available 3742 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3743 * 3744 * The value of this symbol is typically a path in double quotes, either 3745 * absolute or relative to a directory on the include search path. 3746 */ 3747 /* #define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" */ 3748 3749 /** 3750 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 3751 * 3752 * If defined, this is a header which will be included after 3753 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. 3754 * This allows you to modify the default configuration, including the ability 3755 * to undefine options that are enabled by default. 3756 * 3757 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3758 * non-standard feature of the C language, so this feature is only available 3759 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3760 * 3761 * The value of this symbol is typically a path in double quotes, either 3762 * absolute or relative to a directory on the include search path. 3763 */ 3764 /* #define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" */ 3765 3766 /** 3767 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE 3768 * 3769 * If defined, this is a header which will be included instead of 3770 * `"psa/crypto_platform.h"`. This file should declare the same identifiers 3771 * as the one in Mbed TLS, but with definitions adapted to the platform on 3772 * which the library code will run. 3773 * 3774 * \note The required content of this header can vary from one version of 3775 * Mbed TLS to the next. Integrators who provide an alternative file 3776 * should review the changes in the original file whenever they 3777 * upgrade Mbed TLS. 3778 * 3779 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3780 * non-standard feature of the C language, so this feature is only available 3781 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3782 * 3783 * The value of this symbol is typically a path in double quotes, either 3784 * absolute or relative to a directory on the include search path. 3785 */ 3786 /* #define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" */ 3787 3788 /** 3789 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE 3790 * 3791 * If defined, this is a header which will be included instead of 3792 * `"psa/crypto_struct.h"`. This file should declare the same identifiers 3793 * as the one in Mbed TLS, but with definitions adapted to the environment 3794 * in which the library code will run. The typical use for this feature 3795 * is to provide alternative type definitions on the client side in 3796 * client-server integrations of PSA crypto, where operation structures 3797 * contain handles instead of cryptographic data. 3798 * 3799 * \note The required content of this header can vary from one version of 3800 * Mbed TLS to the next. Integrators who provide an alternative file 3801 * should review the changes in the original file whenever they 3802 * upgrade Mbed TLS. 3803 * 3804 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but 3805 * non-standard feature of the C language, so this feature is only available 3806 * with compilers that perform macro expansion on an <tt>\#include</tt> line. 3807 * 3808 * The value of this symbol is typically a path in double quotes, either 3809 * absolute or relative to a directory on the include search path. 3810 */ 3811 /* #define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" */ 3812 3813 /** \} name SECTION: General configuration options */ 3814 3815 /** 3816 * \name SECTION: Module configuration options 3817 * 3818 * This section allows for the setting of module specific sizes and 3819 * configuration options. The default values are already present in the 3820 * relevant header files and should suffice for the regular use cases. 3821 * 3822 * Our advice is to enable options and change their values here 3823 * only if you have a good reason and know the consequences. 3824 * \{ 3825 */ 3826 3827 /* The Doxygen documentation here is used when a user comments out a 3828 * setting and runs doxygen themselves. On the other hand, when we typeset 3829 * the full documentation including disabled settings, the documentation 3830 * in specific modules' header files is used if present. When editing this 3831 * file, make sure that each option is documented in exactly one place, 3832 * plus optionally a same-line Doxygen comment here if there is a Doxygen 3833 * comment in the specific module. */ 3834 3835 /* MPI / BIGNUM options */ 3836 /* #define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ 3837 /* #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ 3838 3839 /* CTR_DRBG options */ 3840 /* #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ 3841 /* #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3842 /* #define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3843 /* #define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3844 /* #define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3845 3846 /* HMAC_DRBG options */ 3847 /* #define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ 3848 /* #define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ 3849 /* #define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ 3850 /* #define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ 3851 3852 /* ECP options */ 3853 /* #define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */ 3854 /* #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ 3855 3856 /* Entropy options */ 3857 /* #define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ 3858 /* #define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ 3859 /* #define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ 3860 3861 /* Memory buffer allocator options */ 3862 /* #define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ 3863 3864 /* Platform options */ 3865 /* #define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ 3866 3867 /** \def MBEDTLS_PLATFORM_STD_CALLOC 3868 * 3869 * Default allocator to use, can be undefined. 3870 * It must initialize the allocated buffer memory to zeroes. 3871 * The size of the buffer is the product of the two parameters. 3872 * The calloc function returns either a null pointer or a pointer to the allocated space. 3873 * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. 3874 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. 3875 * See the description of #MBEDTLS_PLATFORM_MEMORY for more details. 3876 * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. 3877 */ 3878 /* #define MBEDTLS_PLATFORM_STD_CALLOC calloc */ 3879 3880 /** \def MBEDTLS_PLATFORM_STD_FREE 3881 * 3882 * Default free to use, can be undefined. 3883 * NULL is a valid parameter, and the function must do nothing. 3884 * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. 3885 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. 3886 * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). 3887 */ 3888 /* #define MBEDTLS_PLATFORM_STD_FREE free */ 3889 /* #define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ 3890 /* #define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ 3891 /* #define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3892 /* #define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ 3893 /* #define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ 3894 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3895 /* #define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ 3896 /* #define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ 3897 /* #define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ 3898 /* #define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3899 /* #define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3900 /* #define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ 3901 3902 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ 3903 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ 3904 #define MBEDTLS_PLATFORM_CALLOC_MACRO mbedtls_platform_calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ 3905 #define MBEDTLS_PLATFORM_FREE_MACRO mbedtls_platform_free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ 3906 /* #define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ 3907 /* #define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ 3908 /* #define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3909 /* #define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ 3910 /* #define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ 3911 /* #define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ 3912 /* Note: your snprintf must correctly zero-terminate the buffer! */ 3913 /* #define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ 3914 /* #define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ 3915 /* #define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ 3916 /* #define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ 3917 /* #define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/ 3918 /* #define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */ 3919 3920 /** \def MBEDTLS_CHECK_RETURN 3921 * 3922 * This macro is used at the beginning of the declaration of a function 3923 * to indicate that its return value should be checked. It should 3924 * instruct the compiler to emit a warning or an error if the function 3925 * is called without checking its return value. 3926 * 3927 * There is a default implementation for popular compilers in platform_util.h. 3928 * You can override the default implementation by defining your own here. 3929 * 3930 * If the implementation here is empty, this will effectively disable the 3931 * checking of functions' return values. 3932 */ 3933 /* #define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) */ 3934 3935 /** \def MBEDTLS_IGNORE_RETURN 3936 * 3937 * This macro requires one argument, which should be a C function call. 3938 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this 3939 * warning is suppressed. 3940 */ 3941 /* #define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) */ 3942 3943 /* PSA options */ 3944 3945 /** 3946 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the 3947 * PSA crypto subsystem. 3948 * 3949 * If this option is unset: 3950 * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG. 3951 * - Otherwise, the PSA subsystem uses HMAC_DRBG with either 3952 * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and 3953 * on unspecified heuristics. 3954 */ 3955 /* #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 */ 3956 3957 /** \def MBEDTLS_PSA_KEY_SLOT_COUNT 3958 * Restrict the PSA library to supporting a maximum amount of simultaneously 3959 * loaded keys. A loaded key is a key stored by the PSA Crypto core as a 3960 * volatile key, or a persistent key which is loaded temporarily by the 3961 * library as part of a crypto operation in flight. 3962 * 3963 * If this option is unset, the library will fall back to a default value of 3964 * 32 keys. 3965 */ 3966 /* #define MBEDTLS_PSA_KEY_SLOT_COUNT 32 */ 3967 3968 /* RSA OPTIONS */ 3969 /* #define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ 3970 3971 /* SSL Cache options */ 3972 /* #define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ 3973 /* #define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ 3974 3975 /* SSL options */ 3976 3977 /** \def MBEDTLS_SSL_IN_CONTENT_LEN 3978 * 3979 * Maximum length (in bytes) of incoming plaintext fragments. 3980 * 3981 * This determines the size of the incoming TLS I/O buffer in such a way 3982 * that it is capable of holding the specified amount of plaintext data, 3983 * regardless of the protection mechanism used. 3984 * 3985 * \note When using a value less than the default of 16KB on the client, it is 3986 * recommended to use the Maximum Fragment Length (MFL) extension to 3987 * inform the server about this limitation. On the server, there 3988 * is no supported, standardized way of informing the client about 3989 * restriction on the maximum size of incoming messages, and unless 3990 * the limitation has been communicated by other means, it is recommended 3991 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN 3992 * while keeping the default value of 16KB for the incoming buffer. 3993 * 3994 * Uncomment to set the maximum plaintext size of the incoming I/O buffer. 3995 */ 3996 /* #define MBEDTLS_SSL_IN_CONTENT_LEN 16384 */ 3997 3998 /** \def MBEDTLS_SSL_CID_IN_LEN_MAX 3999 * 4000 * The maximum length of CIDs used for incoming DTLS messages. 4001 * 4002 */ 4003 /* #define MBEDTLS_SSL_CID_IN_LEN_MAX 32 */ 4004 4005 /** \def MBEDTLS_SSL_CID_OUT_LEN_MAX 4006 * 4007 * The maximum length of CIDs used for outgoing DTLS messages. 4008 * 4009 */ 4010 /* #define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 */ 4011 4012 /** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 4013 * 4014 * This option controls the use of record plaintext padding 4015 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2. 4016 * 4017 * The padding will always be chosen so that the length of the 4018 * padded plaintext is a multiple of the value of this option. 4019 * 4020 * Note: A value of \c 1 means that no padding will be used 4021 * for outgoing records. 4022 * 4023 * Note: On systems lacking division instructions, 4024 * a power of two should be preferred. 4025 */ 4026 /* #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 */ 4027 4028 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN 4029 * 4030 * Maximum length (in bytes) of outgoing plaintext fragments. 4031 * 4032 * This determines the size of the outgoing TLS I/O buffer in such a way 4033 * that it is capable of holding the specified amount of plaintext data, 4034 * regardless of the protection mechanism used. 4035 * 4036 * It is possible to save RAM by setting a smaller outward buffer, while keeping 4037 * the default inward 16384 byte buffer to conform to the TLS specification. 4038 * 4039 * The minimum required outward buffer size is determined by the handshake 4040 * protocol's usage. Handshaking will fail if the outward buffer is too small. 4041 * The specific size requirement depends on the configured ciphers and any 4042 * certificate data which is sent during the handshake. 4043 * 4044 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. 4045 */ 4046 /* #define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 */ 4047 4048 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING 4049 * 4050 * Maximum number of heap-allocated bytes for the purpose of 4051 * DTLS handshake message reassembly and future message buffering. 4052 * 4053 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN 4054 * to account for a reassembled handshake message of maximum size, 4055 * together with its reassembly bitmap. 4056 * 4057 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) 4058 * should be sufficient for all practical situations as it allows 4059 * to reassembly a large handshake message (such as a certificate) 4060 * while buffering multiple smaller handshake messages. 4061 * 4062 */ 4063 /* #define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 */ 4064 4065 /* #define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */ 4066 /* #define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ 4067 4068 /** 4069 * Complete list of ciphersuites to use, in order of preference. 4070 * 4071 * \warning No dependency checking is done on that field! This option can only 4072 * be used to restrict the set of available ciphersuites. It is your 4073 * responsibility to make sure the needed modules are active. 4074 * 4075 * Use this to save a few hundred bytes of ROM (default ordering of all 4076 * available ciphersuites) and a few to a few hundred bytes of RAM. 4077 * 4078 * The value below is only an example, not the default. 4079 */ 4080 /* #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */ 4081 4082 /** 4083 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 4084 * 4085 * The default maximum amount of 0-RTT data. See the documentation of 4086 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. 4087 * 4088 * It must be positive and smaller than UINT32_MAX. 4089 * 4090 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not 4091 * have any impact on the build. 4092 * 4093 * This feature is experimental, not completed and thus not ready for 4094 * production. 4095 * 4096 */ 4097 /* #define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 */ 4098 4099 /** 4100 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 4101 * 4102 * Maximum time difference in milliseconds tolerated between the age of a 4103 * ticket from the server and client point of view. 4104 * From the client point of view, the age of a ticket is the time difference 4105 * between the time when the client proposes to the server to use the ticket 4106 * (time of writing of the Pre-Shared Key Extension including the ticket) and 4107 * the time the client received the ticket from the server. 4108 * From the server point of view, the age of a ticket is the time difference 4109 * between the time when the server receives a proposition from the client 4110 * to use the ticket and the time when the ticket was created by the server. 4111 * The server age is expected to be always greater than the client one and 4112 * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the 4113 * maximum difference tolerated for the server to accept the ticket. 4114 * This is not used in TLS 1.2. 4115 * 4116 */ 4117 /* #define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 */ 4118 4119 /** 4120 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 4121 * 4122 * Size in bytes of a ticket nonce. This is not used in TLS 1.2. 4123 * 4124 * This must be less than 256. 4125 */ 4126 /* #define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 */ 4127 4128 /** 4129 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 4130 * 4131 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server 4132 * after handshake completion. This is not used in TLS 1.2 and relevant only if 4133 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. 4134 * 4135 */ 4136 /* #define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 */ 4137 4138 /* X509 options */ 4139 /* #define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ 4140 /* #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ 4141 4142 /** \} name SECTION: Module configuration options */ 4143 4144 #if 0 4145 #ifndef MBEDTLS_SSL_PROTO_TLS1_2 4146 #ifdef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 4147 #error This option is undef'd in build_info.h 4148 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 4149 4150 #ifdef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 4151 #error This option is undef'd in build_info.h 4152 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 4153 4154 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 4155 #error This option is undef'd in build_info.h 4156 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 4157 4158 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 4159 #error This option is undef'd in build_info.h 4160 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 4161 4162 #ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 4163 #error This option is undef'd in build_info.h 4164 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 4165 4166 #ifdef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 4167 #error This option is undef'd in build_info.h 4168 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 4169 4170 #ifdef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 4171 #error This option is undef'd in build_info.h 4172 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 4173 4174 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 4175 #error This option is undef'd in build_info.h 4176 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 4177 4178 #ifdef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 4179 #error This option is undef'd in build_info.h 4180 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 4181 4182 #ifdef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 4183 #error This option is undef'd in build_info.h 4184 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 4185 4186 #ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 4187 #error This option is undef'd in build_info.h 4188 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ 4189 #endif /* MBEDTLS_SSL_PROTO_TLS1_2*/ 4190 #endif /* if 0 */ 4191 4192 #ifdef MBEDTLS_USE_PSA_CRYPTO 4193 #ifdef MBEDTLS_PSA_CRYPTO_CONFIG 4194 #include MBEDTLS_PSA_CRYPTO_CONFIG 4195 #else 4196 #include "mbedtls/config_psa.h" 4197 #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ 4198 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 4199 4200 #include "mbedtls/config_adjust_legacy_crypto.h" 4201 4202 #include "mbedtls/check_config.h" 4203 4204 #endif /* __FREERTOS_MBEDTLS_CONFIG__*/ 4205