1 /** 2 * \file mbedtls/check_config.h 3 * 4 * \brief Consistency checks for configuration options 5 * 6 * This is an internal header. Do not include it directly. 7 * 8 * This header is included automatically by all public Mbed TLS headers 9 * (via mbedtls/build_info.h). Do not include it directly in a configuration 10 * file such as mbedtls/mbedtls_config.h or #MBEDTLS_USER_CONFIG_FILE! 11 * It would run at the wrong time due to missing derived symbols. 12 */ 13 /* 14 * Copyright The Mbed TLS Contributors 15 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 16 */ 17 18 #ifndef MBEDTLS_CHECK_CONFIG_H 19 #define MBEDTLS_CHECK_CONFIG_H 20 21 /* *INDENT-OFF* */ 22 23 #if !defined(MBEDTLS_CONFIG_IS_FINALIZED) 24 #warning "Do not include mbedtls/check_config.h manually! " \ 25 "This may cause spurious errors. " \ 26 "It is included automatically at the right point since Mbed TLS 3.0." 27 #endif /* !MBEDTLS_CONFIG_IS_FINALIZED */ 28 29 #if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C) 30 #error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS" 31 #endif 32 33 #if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_HAVE_TIME) 34 #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense" 35 #endif 36 37 /* Limitations on ECC curves acceleration: partial curve acceleration is only 38 * supported with crypto excluding PK, X.509 or TLS. 39 * Note: no need to check X.509 as it depends on PK. */ 40 #if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \ 41 defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \ 42 defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \ 43 defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \ 44 defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \ 45 defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \ 46 defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \ 47 defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \ 48 defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ 49 defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ 50 defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) 51 #if defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) 52 #if defined(MBEDTLS_SSL_TLS_C) 53 #error "Unsupported partial support for ECC curves acceleration, see docs/driver-only-builds.md" 54 #endif /* modules beyond what's supported */ 55 #endif /* not all curves accelerated */ 56 #endif /* some curve accelerated */ 57 58 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ 59 ( !defined(MBEDTLS_CAN_ECDH) || \ 60 !defined(PSA_HAVE_ALG_ECDSA_SIGN) || \ 61 !defined(MBEDTLS_X509_CRT_PARSE_C) ) 62 #error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" 63 #endif 64 65 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ 66 ( !defined(MBEDTLS_CAN_ECDH) || !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ 67 !defined(MBEDTLS_X509_CRT_PARSE_C) ) 68 #error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" 69 #endif 70 71 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ 72 !defined(MBEDTLS_CAN_ECDH) 73 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" 74 #endif 75 76 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ 77 ( !defined(MBEDTLS_CAN_ECDH) || !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ 78 !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) || !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) ) 79 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" 80 #endif 81 82 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ 83 ( !defined(MBEDTLS_CAN_ECDH) || \ 84 !defined(PSA_HAVE_ALG_ECDSA_SIGN) || \ 85 !defined(MBEDTLS_X509_CRT_PARSE_C) ) 86 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" 87 #endif 88 89 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ 90 ( !defined(PSA_WANT_ALG_JPAKE) || \ 91 !defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ 92 !defined(PSA_WANT_ECC_SECP_R1_256) ) 93 #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" 94 #endif 95 96 /* Use of EC J-PAKE in TLS requires SHA-256. */ 97 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ 98 !defined(PSA_WANT_ALG_SHA_256) 99 #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" 100 #endif 101 102 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ 103 !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) && \ 104 !defined(PSA_WANT_ALG_SHA_256) && \ 105 !defined(PSA_WANT_ALG_SHA_512) && \ 106 !defined(PSA_WANT_ALG_SHA_1) 107 #error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires SHA-512, SHA-256 or SHA-1". 108 #endif 109 110 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ 111 ( !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || !defined(PSA_WANT_ALG_RSA_OAEP) ) 112 #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" 113 #endif 114 115 /* TLS 1.3 requires separate HKDF parts from PSA, 116 * and at least one ciphersuite, so at least SHA-256 or SHA-384 117 * from PSA to use with HKDF. 118 * 119 * Note: for dependencies common with TLS 1.2 (running handshake hash), 120 * see MBEDTLS_SSL_TLS_C. */ 121 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ 122 !(defined(MBEDTLS_PSA_CRYPTO_CLIENT) && \ 123 defined(PSA_WANT_ALG_HKDF_EXTRACT) && \ 124 defined(PSA_WANT_ALG_HKDF_EXPAND) && \ 125 (defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384))) 126 #error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" 127 #endif 128 129 #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) 130 #if !( (defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)) && \ 131 defined(MBEDTLS_X509_CRT_PARSE_C) && \ 132 ( defined(PSA_HAVE_ALG_ECDSA_SIGN) || defined(PSA_WANT_ALG_RSA_OAEP) ) ) 133 #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites" 134 #endif 135 #endif 136 137 #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) 138 #if !( defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) ) 139 #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED defined, but not all prerequisites" 140 #endif 141 #endif 142 143 /* 144 * The current implementation of TLS 1.3 requires MBEDTLS_SSL_KEEP_PEER_CERTIFICATE. 145 */ 146 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) 147 #error "MBEDTLS_SSL_PROTO_TLS1_3 defined without MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" 148 #endif 149 150 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ 151 !(defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ 152 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ 153 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ 154 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ 155 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ 156 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ 157 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) ) 158 #error "One or more versions of the TLS protocol are enabled " \ 159 "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx" 160 #endif 161 162 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ 163 !(defined(PSA_WANT_ALG_SHA_1) || defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512)) 164 #error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" 165 #endif 166 167 #if defined(MBEDTLS_SSL_EARLY_DATA) && \ 168 ( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \ 169 ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \ 170 !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) ) ) 171 #error "MBEDTLS_SSL_EARLY_DATA defined, but not all prerequisites" 172 #endif 173 174 #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \ 175 defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) && \ 176 ((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) || \ 177 (MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX)) 178 #error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)" 179 #endif 180 181 #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ 182 !defined(MBEDTLS_SSL_PROTO_TLS1_2) 183 #error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites" 184 #endif 185 186 #if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C) 187 #error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites" 188 #endif 189 190 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && !defined(MBEDTLS_X509_CRT_PARSE_C) 191 #error "MBEDTLS_SSL_ASYNC_PRIVATE defined, but not all prerequisites" 192 #endif 193 194 /* TLS 1.2 and 1.3 require SHA-256 or SHA-384 (running handshake hash) */ 195 #if defined(MBEDTLS_SSL_TLS_C) && \ 196 !(defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384)) 197 #error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" 198 #endif 199 200 #if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C) 201 #error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" 202 #endif 203 204 #if defined(MBEDTLS_SSL_TLS_C) && \ 205 !( defined(MBEDTLS_SSL_PROTO_TLS1_2) || defined(MBEDTLS_SSL_PROTO_TLS1_3) ) 206 #error "MBEDTLS_SSL_TLS_C defined, but no protocols are active" 207 #endif 208 209 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS) 210 #error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites" 211 #endif 212 213 #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \ 214 !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) 215 #error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE defined, but not all prerequisites" 216 #endif 217 218 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) && \ 219 ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) 220 #error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites" 221 #endif 222 223 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \ 224 ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) 225 #error "MBEDTLS_SSL_DTLS_CONNECTION_ID defined, but not all prerequisites" 226 #endif 227 228 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \ 229 defined(MBEDTLS_SSL_CID_IN_LEN_MAX) && \ 230 MBEDTLS_SSL_CID_IN_LEN_MAX > 255 231 #error "MBEDTLS_SSL_CID_IN_LEN_MAX too large (max 255)" 232 #endif 233 234 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \ 235 defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) && \ 236 MBEDTLS_SSL_CID_OUT_LEN_MAX > 255 237 #error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)" 238 #endif 239 240 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ 241 !defined(MBEDTLS_SSL_PROTO_TLS1_2) 242 #error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequisites" 243 #endif 244 245 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ 246 !defined(MBEDTLS_SSL_PROTO_TLS1_2) 247 #error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites" 248 #endif 249 250 #if defined(MBEDTLS_SSL_RENEGOTIATION) && \ 251 !defined(MBEDTLS_SSL_PROTO_TLS1_2) 252 #error "MBEDTLS_SSL_RENEGOTIATION defined, but not all prerequisites" 253 #endif 254 255 #if defined(MBEDTLS_SSL_TICKET_C) && \ 256 !( defined(PSA_WANT_ALG_CCM) || defined(PSA_WANT_ALG_GCM) || \ 257 defined(PSA_WANT_ALG_CHACHA20_POLY1305) ) 258 #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" 259 #endif 260 261 #if defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH) && \ 262 MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH >= 256 263 #error "MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH must be less than 256" 264 #endif 265 266 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ 267 !defined(MBEDTLS_X509_CRT_PARSE_C) 268 #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" 269 #endif 270 271 #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C) 272 #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" 273 #endif 274 275 #if defined(MBEDTLS_X509_USE_C) && \ 276 (!defined(MBEDTLS_ASN1_PARSE_C) || !defined(MBEDTLS_PK_PARSE_C)) 277 #error "MBEDTLS_X509_USE_C defined, but not all prerequisites" 278 #endif 279 280 #if defined(MBEDTLS_X509_CREATE_C) && \ 281 (!defined(MBEDTLS_ASN1_WRITE_C) || !defined(MBEDTLS_PK_PARSE_C)) 282 #error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" 283 #endif 284 285 #if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) 286 #error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites" 287 #endif 288 289 #if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) 290 #error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites" 291 #endif 292 293 #if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) 294 #error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites" 295 #endif 296 297 #if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) 298 #error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites" 299 #endif 300 301 #if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) 302 #error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites" 303 #endif 304 305 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) && \ 306 ( !defined(MBEDTLS_X509_CRT_PARSE_C) ) 307 #error "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK defined, but not all prerequisites" 308 #endif 309 310 #if defined(MBEDTLS_SSL_DTLS_SRTP) && ( !defined(MBEDTLS_SSL_PROTO_DTLS) ) 311 #error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites" 312 #endif 313 314 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) && ( !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) ) 315 #error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites" 316 #endif 317 318 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && ( !defined(MBEDTLS_SSL_PROTO_TLS1_3) ) 319 #error "MBEDTLS_SSL_RECORD_SIZE_LIMIT defined, but not all prerequisites" 320 #endif 321 322 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ 323 !( defined(PSA_WANT_ALG_CCM) || defined(PSA_WANT_ALG_GCM) || \ 324 defined(PSA_WANT_ALG_CHACHA20_POLY1305) ) 325 #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" 326 #endif 327 328 /* Reject attempts to enable options that have been removed and that could 329 * cause a build to succeed but with features removed. */ 330 331 #if defined(MBEDTLS_HAVEGE_C) //no-check-names 332 #error "MBEDTLS_HAVEGE_C was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/2599" 333 #endif 334 335 #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) //no-check-names 336 #error "MBEDTLS_SSL_HW_RECORD_ACCEL was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031" 337 #endif 338 339 #if defined(MBEDTLS_SSL_PROTO_SSL3) //no-check-names 340 #error "MBEDTLS_SSL_PROTO_SSL3 (SSL v3.0 support) was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031" 341 #endif 342 343 #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) //no-check-names 344 #error "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO (SSL v2 ClientHello support) was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031" 345 #endif 346 347 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) //no-check-names 348 #error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT (compatibility with the buggy implementation of truncated HMAC in Mbed TLS up to 2.7) was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031" 349 #endif 350 351 #if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES) //no-check-names 352 #error "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES was removed in Mbed TLS 3.0. See the ChangeLog entry if you really need SHA-1-signed certificates." 353 #endif 354 355 #if defined(MBEDTLS_ZLIB_SUPPORT) //no-check-names 356 #error "MBEDTLS_ZLIB_SUPPORT was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031" 357 #endif 358 359 #if defined(MBEDTLS_CHECK_PARAMS) //no-check-names 360 #error "MBEDTLS_CHECK_PARAMS was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4313" 361 #endif 362 363 #if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY) //no-check-names 364 #error "MBEDTLS_SSL_CID_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4335" 365 #endif 366 367 #if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY) //no-check-names 368 #error "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4335" 369 #endif 370 371 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) //no-check-names 372 #error "MBEDTLS_SSL_TRUNCATED_HMAC was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4341" 373 #endif 374 375 #if defined(MBEDTLS_PKCS7_C) && ( ( !defined(MBEDTLS_ASN1_PARSE_C) ) || \ 376 ( !defined(MBEDTLS_PK_PARSE_C) ) || \ 377 ( !defined(MBEDTLS_X509_CRT_PARSE_C) ) || \ 378 ( !defined(MBEDTLS_X509_CRL_PARSE_C) ) || \ 379 ( !defined(MBEDTLS_MD_C) ) ) 380 #error "MBEDTLS_PKCS7_C is defined, but not all prerequisites" 381 #endif 382 383 /* *INDENT-ON* */ 384 #endif /* MBEDTLS_CHECK_CONFIG_H */ 385