1 /*
2  * Copyright (C) 2019 Alibaba Group Holding Limited
3  */
4 
5 #ifndef MBEDTLS_CONFIG_H
6 #define MBEDTLS_CONFIG_H
7 
8 /* Platform configuration
9  * These configurations can't placed into package.yaml, that can produce too long
10  * parameters in building commands to cause building error in windows.
11  */
12 
13 #ifndef    MBEDTLS_CONFIG_CRYPTO
14 #define    MBEDTLS_CONFIG_CRYPTO                   1
15 #endif
16 
17 #ifndef    MBEDTLS_CONFIG_CRYPTO_MD5
18 #define    MBEDTLS_CONFIG_CRYPTO_MD5               1
19 #endif
20 
21 #ifndef    MBEDTLS_CONFIG_CRYPTO_SHA1
22 #define    MBEDTLS_CONFIG_CRYPTO_SHA1              1
23 #endif
24 
25 #ifndef    MBEDTLS_CONFIG_CRYPTO_SHA256
26 #define    MBEDTLS_CONFIG_CRYPTO_SHA256            1
27 #endif
28 
29 #ifndef    MBEDTLS_CONFIG_CRYPTO_SHA512
30 #define    MBEDTLS_CONFIG_CRYPTO_SHA512            0
31 #endif
32 
33 #ifndef    MBEDTLS_CONFIG_CRYPTO_RIPEMD160
34 #define    MBEDTLS_CONFIG_CRYPTO_RIPEMD160         0
35 #endif
36 
37 #ifndef    MBEDTLS_CONFIG_CRYPTO_ARIA
38 #define    MBEDTLS_CONFIG_CRYPTO_ARIA              0
39 #endif
40 
41 #ifndef    MBEDTLS_CONFIG_CRYPTO_DES
42 #define    MBEDTLS_CONFIG_CRYPTO_DES               0
43 #endif
44 
45 #ifndef    MBEDTLS_CONFIG_CRYPTO_AES
46 #define    MBEDTLS_CONFIG_CRYPTO_AES               1
47 #endif
48 
49 #ifndef    MBEDTLS_CONFIG_CRYPTO_AES_ROM_TABLES
50 #define    MBEDTLS_CONFIG_CRYPTO_AES_ROM_TABLES    0
51 #endif
52 
53 #ifndef    MBEDTLS_CONFIG_CRYPTO_AES_FEWER_TABLES
54 #define    MBEDTLS_CONFIG_CRYPTO_AES_FEWER_TABLES  0
55 #endif
56 
57 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_CBC
58 #define    MBEDTLS_CONFIG_CRYPTO_MODE_CBC          1
59 #endif
60 
61 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_CFB
62 #define    MBEDTLS_CONFIG_CRYPTO_MODE_CFB          0
63 #endif
64 
65 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_CTR
66 #define    MBEDTLS_CONFIG_CRYPTO_MODE_CTR          0
67 #endif
68 
69 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_OFB
70 #define    MBEDTLS_CONFIG_CRYPTO_MODE_OFB          0
71 #endif
72 
73 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_XTS
74 #define    MBEDTLS_CONFIG_CRYPTO_MODE_XTS          0
75 #endif
76 
77 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_GCM
78 #define    MBEDTLS_CONFIG_CRYPTO_MODE_GCM          0
79 #endif
80 
81 #ifndef    MBEDTLS_CONFIG_CRYPTO_MODE_CCM
82 #define    MBEDTLS_CONFIG_CRYPTO_MODE_CCM          0
83 #endif
84 
85 #ifndef    MBEDTLS_CONFIG_CRYPTO_ARC4
86 #define    MBEDTLS_CONFIG_CRYPTO_ARC4              0
87 #endif
88 
89 #ifndef    MBEDTLS_CONFIG_CRYPTO_BLOWFISH
90 #define    MBEDTLS_CONFIG_CRYPTO_BLOWFISH          0
91 #endif
92 
93 #ifndef    MBEDTLS_CONFIG_CRYPTO_CAMELLIA
94 #define    MBEDTLS_CONFIG_CRYPTO_CAMELLIA          0
95 #endif
96 
97 #ifndef    MBEDTLS_CONFIG_CRYPTO_XTEA
98 #define    MBEDTLS_CONFIG_CRYPTO_XTEA              0
99 #endif
100 
101 #ifndef    MBEDTLS_CONFIG_CRYPTO_CHACHA20
102 #define    MBEDTLS_CONFIG_CRYPTO_CHACHA20          0
103 #endif
104 
105 #ifndef    MBEDTLS_CONFIG_CRYPTO_POLY1305
106 #define    MBEDTLS_CONFIG_CRYPTO_POLY1305          0
107 #endif
108 
109 #ifndef    MBEDTLS_CONFIG_CRYPTO_CHACHAPOLY
110 #define    MBEDTLS_CONFIG_CRYPTO_CHACHAPOLY        0
111 #endif
112 
113 #ifndef    MBEDTLS_CONFIG_X509
114 #define    MBEDTLS_CONFIG_X509                     1
115 #endif
116 
117 #ifndef    MBEDTLS_CONFIG_TLS
118 #define    MBEDTLS_CONFIG_TLS                      1
119 #endif
120 
121 #ifdef     MBEDTLS_CONFIG_TLS1_2
122 #define    MBEDTLS_CONFIG_TLS1_2                   1
123 #endif
124 
125 #ifndef    MBEDTLS_CONFIG_DTLS
126 #define    MBEDTLS_CONFIG_DTLS                     1
127 #endif
128 
129 #ifdef     MBEDTLS_CONFIG_TLS_DEBUG
130 #define    MBEDTLS_CONFIG_TLS_DEBUG                0
131 #endif
132 
133 #ifndef    MBEDTLS_CONFIG_TLS_MAX_CONTENT_LEN
134 #define    MBEDTLS_CONFIG_TLS_MAX_CONTENT_LEN      4096
135 #endif
136 
137 #ifndef    MBEDTLS_CONFIG_SELFTEST
138 #define    MBEDTLS_CONFIG_SELFTEST                 0
139 #endif
140 
141 #ifndef    MBEDTLS_CONFIG_ERROR
142 #define    MBEDTLS_CONFIG_ERROR                    0
143 #endif
144 
145 #ifndef    MBEDTLS_CONFIG_CRYPTO_ECP
146 #define    MBEDTLS_CONFIG_CRYPTO_ECP               0
147 #endif
148 
149 /* System support */
150 #define MBEDTLS_HAVE_ASM
151 #define MBEDTLS_NO_UDBL_DIVISION
152 #define MBEDTLS_NO_64BIT_MULTIPLICATION
153 #define MBEDTLS_HAVE_TIME
154 #define MBEDTLS_PLATFORM_MEMORY
155 
156 /* mbed TLS feature support */
157 #define MBEDTLS_CIPHER_PADDING_PKCS7
158 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
159 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
160 #define MBEDTLS_CIPHER_PADDING_ZEROS
161 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
162 #define MBEDTLS_ERROR_STRERROR_DUMMY
163 #define MBEDTLS_GENPRIME
164 #define MBEDTLS_PKCS1_V15
165 #define MBEDTLS_PKCS1_V21
166 #define MBEDTLS_THREADING_ALT
167 #define MBEDTLS_VERSION_FEATURES
168 
169 #if (MBEDTLS_CONFIG_CRYPTO_AES_ROM_TABLES > 0)
170 #define MBEDTLS_AES_ROM_TABLES
171 #endif
172 #if (MBEDTLS_CONFIG_CRYPTO_AES_FEWER_TABLES > 0)
173 #define MBEDTLS_AES_FEWER_TABLES
174 #endif
175 
176 #if (MBEDTLS_CONFIG_CRYPTO_MODE_CBC > 0)
177 #define MBEDTLS_CIPHER_MODE_CBC
178 #endif
179 #if (MBEDTLS_CONFIG_CRYPTO_MODE_CFB > 0)
180 #define MBEDTLS_CIPHER_MODE_CFB
181 #endif
182 #if (MBEDTLS_CONFIG_CRYPTO_MODE_CTR > 0)
183 #define MBEDTLS_CIPHER_MODE_CTR
184 #endif
185 #if (MBEDTLS_CONFIG_CRYPTO_MODE_OFB > 0)
186 #define MBEDTLS_CIPHER_MODE_OFB
187 #endif
188 #if (MBEDTLS_CONFIG_CRYPTO_MODE_XTS > 0)
189 #define MBEDTLS_CIPHER_MODE_XTS
190 #endif
191 
192 #if (MBEDTLS_CONFIG_SELFTEST > 0)
193 #define MBEDTLS_SELF_TEST
194 #endif
195 
196 #if (MBEDTLS_CONFIG_TLS > 0)
197 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
198 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
199 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
200 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
201 #define MBEDTLS_SSL_FALLBACK_SCSV
202 #define MBEDTLS_SSL_RENEGOTIATION
203 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
204 #define MBEDTLS_SSL_PROTO_TLS1_2
205 #if (MBEDTLS_CONFIG_DTLS > 0)
206 #define MBEDTLS_SSL_PROTO_DTLS
207 #endif
208 #define MBEDTLS_SSL_ALPN
209 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
210 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
211 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
212 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
213 #define MBEDTLS_SSL_SESSION_TICKETS
214 #define MBEDTLS_SSL_EXPORT_KEYS
215 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
216 #define MBEDTLS_SSL_TRUNCATED_HMAC
217 #endif /* MBEDTLS_CONFIG_TLS */
218 
219 #if (MBEDTLS_CONFIG_X509 > 0)
220 #define MBEDTLS_X509_CHECK_KEY_USAGE
221 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
222 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
223 #endif
224 
225 /* mbed TLS modules */
226 #define MBEDTLS_ASN1_PARSE_C
227 #define MBEDTLS_ASN1_WRITE_C
228 #define MBEDTLS_BASE64_C
229 #define MBEDTLS_BIGNUM_C
230 #define MBEDTLS_CIPHER_C
231 #define MBEDTLS_HKDF_C
232 #define MBEDTLS_HMAC_DRBG_C
233 #define MBEDTLS_OID_C
234 #define MBEDTLS_PEM_PARSE_C
235 #define MBEDTLS_MD_C
236 #define MBEDTLS_PK_C
237 #define MBEDTLS_PK_PARSE_C
238 #define MBEDTLS_PKCS5_C
239 #define MBEDTLS_PKCS12_C
240 #define MBEDTLS_PLATFORM_C
241 #define MBEDTLS_THREADING_C
242 #define MBEDTLS_TIMING_C
243 #define MBEDTLS_VERSION_C
244 #define MBEDTLS_RSA_C
245 #define MBEDTLS_HAVEGE_C
246 
247 #if (MBEDTLS_CONFIG_CRYPTO_ECP > 0)
248 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
249 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
250 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
251 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
252 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
253 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
254 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
255 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
256 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
257 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
258 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
259 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
260 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
261 #define MBEDTLS_BIGNUM_C
262 #define MBEDTLS_ECP_C
263 #endif
264 
265 #if (MBEDTLS_CONFIG_CRYPTO_AES > 0)
266 #define MBEDTLS_AES_C
267 #endif
268 #if (MBEDTLS_CONFIG_CRYPTO_ARC4 > 0)
269 #define MBEDTLS_ARC4_C
270 #endif
271 #if (MBEDTLS_CONFIG_CRYPTO_BLOWFISH > 0)
272 #define MBEDTLS_BLOWFISH_C
273 #endif
274 #if (MBEDTLS_CONFIG_CRYPTO_CAMELLIA > 0)
275 #define MBEDTLS_CAMELLIA_C
276 #endif
277 #if (MBEDTLS_CONFIG_CRYPTO_ARIA > 0)
278 #define MBEDTLS_ARIA_C
279 #endif
280 #if (MBEDTLS_CONFIG_CRYPTO_MODE_CCM > 0)
281 #define MBEDTLS_CCM_C
282 #endif
283 #if (MBEDTLS_CONFIG_CRYPTO_MODE_GCM > 0)
284 #define MBEDTLS_GCM_C
285 #endif
286 #if (MBEDTLS_CONFIG_CRYPTO_CHACHA20  > 0)
287 #define MBEDTLS_CHACHA20_C
288 #endif
289 #if (MBEDTLS_CONFIG_CRYPTO_POLY1305 > 0)
290 #define MBEDTLS_POLY1305_C
291 #endif
292 #if (MBEDTLS_CONFIG_CRYPTO_CHACHAPOLY > 0)
293 #define MBEDTLS_CHACHAPOLY_C
294 #endif
295 #if (MBEDTLS_CONFIG_CRYPTO_DES > 0)
296 #define MBEDTLS_DES_C
297 #endif
298 #if (MBEDTLS_CONFIG_CRYPTO_XTEA > 0)
299 #define MBEDTLS_XTEA_C
300 #endif
301 
302 #if (MBEDTLS_CONFIG_TLS_DEBUG > 0)
303 #define MBEDTLS_DEBUG_C
304 #endif
305 #if (MBEDTLS_CONFIG_ERROR > 0)
306 #define MBEDTLS_ERROR_C
307 #endif
308 
309 #if (MBEDTLS_CONFIG_CRYPTO_MD5 > 0)
310 #define MBEDTLS_MD5_C
311 #endif
312 #if (MBEDTLS_CONFIG_CRYPTO_RIPEMD160 > 0)
313 #define MBEDTLS_RIPEMD160_C
314 #endif
315 #if (MBEDTLS_CONFIG_CRYPTO_SHA1 > 0)
316 #define MBEDTLS_SHA1_C
317 #endif
318 #if (MBEDTLS_CONFIG_CRYPTO_SHA256 > 0)
319 #define MBEDTLS_SHA256_C
320 #endif
321 #if (MBEDTLS_CONFIG_CRYPTO_SHA512 > 0)
322 #define MBEDTLS_SHA512_C
323 #endif
324 
325 #if (MBEDTLS_CONFIG_TLS > 0)
326 #define MBEDTLS_SSL_CACHE_C
327 #define MBEDTLS_SSL_COOKIE_C
328 #define MBEDTLS_SSL_CLI_C
329 #define MBEDTLS_SSL_TLS_C
330 #endif
331 
332 #ifdef LWM2M_WITH_MBEDTLS
333 #if (MBEDTLS_CONFIG_DTLS > 0)
334 #define MBEDTLS_SSL_SRV_C
335 #endif
336 #if (MBEDTLS_CONFIG_CRYPTO_AES > 0)
337 #define MBEDTLS_CTR_DRBG_C
338 #endif
339 #endif /* LWM2M_WITH_MBEDTLS */
340 
341 #if (MBEDTLS_CONFIG_X509 > 0)
342 #define MBEDTLS_X509_USE_C
343 #define MBEDTLS_X509_CRT_PARSE_C
344 #define MBEDTLS_X509_CRL_PARSE_C
345 #endif
346 
347 /* Module configuration options */
348 #if (MBEDTLS_CONFIG_TLS > 0)
349 #define MBEDTLS_SSL_MAX_CONTENT_LEN          MBEDTLS_CONFIG_TLS_MAX_CONTENT_LEN
350 #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
351 #endif
352 
353 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
354 
355 /*
356  * User custom configuration file to add or override the above default
357  * configurations
358  */
359 #if defined(MBEDTLS_CONFIG_USER_FILE)
360 #include MBEDTLS_CONFIG_USER_FILE
361 #endif
362 
363 #include "mbedtls/check_config.h"
364 
365 #endif /* MBEDTLS_CONFIG_H */
366