blob: 617e9137cfdfe01eec59e1893082def5c7f5e7c5 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001/**
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02002 * \file config.h
Paul Bakker5121ce52009-01-03 21:22:43 +00003 *
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02004 * \brief Configuration options (set of defines)
Paul Bakker37ca75d2011-01-06 12:28:03 +00005 *
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02006 * This set of compile-time options may be used to enable
7 * or disable features selectively, and reduce the global
8 * memory footprint.
Darryl Greena40a1012018-01-05 15:33:17 +00009 */
10/*
Thomas Fossati656864b2016-07-17 08:51:22 +010011 * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +020012 * SPDX-License-Identifier: Apache-2.0
13 *
14 * Licensed under the Apache License, Version 2.0 (the "License"); you may
15 * not use this file except in compliance with the License.
16 * You may obtain a copy of the License at
17 *
18 * http://www.apache.org/licenses/LICENSE-2.0
19 *
20 * Unless required by applicable law or agreed to in writing, software
21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23 * See the License for the specific language governing permissions and
24 * limitations under the License.
Paul Bakkerb96f1542010-07-18 20:36:00 +000025 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +000026 * This file is part of mbed TLS (https://tls.mbed.org)
Manuel Pégourié-Gonnarde2b0efe2015-08-11 10:38:37 +020027 */
28
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020029#ifndef MBEDTLS_CONFIG_H
30#define MBEDTLS_CONFIG_H
Paul Bakker5121ce52009-01-03 21:22:43 +000031
Paul Bakkercce9d772011-11-18 14:26:47 +000032#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
Paul Bakker5121ce52009-01-03 21:22:43 +000033#define _CRT_SECURE_NO_DEPRECATE 1
34#endif
35
Paul Bakkerf3b86c12011-01-27 15:24:17 +000036/**
Paul Bakker0a62cd12011-01-21 11:00:08 +000037 * \name SECTION: System support
38 *
39 * This section sets system specific settings.
40 * \{
41 */
42
Paul Bakkerf3b86c12011-01-27 15:24:17 +000043/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020044 * \def MBEDTLS_HAVE_ASM
Paul Bakkerf3b86c12011-01-27 15:24:17 +000045 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020046 * The compiler has support for asm().
Paul Bakker68041ec2009-04-19 21:17:55 +000047 *
48 * Requires support for asm() in compiler.
49 *
50 * Used in:
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010051 * library/aria.c
Paul Bakker68041ec2009-04-19 21:17:55 +000052 * library/timing.c
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000053 * include/mbedtls/bn_mul.h
Paul Bakker68041ec2009-04-19 21:17:55 +000054 *
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010055 * Required by:
56 * MBEDTLS_AESNI_C
57 * MBEDTLS_PADLOCK_C
58 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020059 * Comment to disable the use of assembly code.
Paul Bakker5121ce52009-01-03 21:22:43 +000060 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020061#define MBEDTLS_HAVE_ASM
Paul Bakker5121ce52009-01-03 21:22:43 +000062
Paul Bakkerf3b86c12011-01-27 15:24:17 +000063/**
Gilles Peskineb1a977f2017-06-08 15:19:20 +020064 * \def MBEDTLS_NO_UDBL_DIVISION
65 *
66 * The platform lacks support for double-width integer division (64-bit
67 * division on a 32-bit platform, 128-bit division on a 64-bit platform).
68 *
69 * Used in:
70 * include/mbedtls/bignum.h
71 * library/bignum.c
72 *
73 * The bignum code uses double-width division to speed up some operations.
74 * Double-width division is often implemented in software that needs to
75 * be linked with the program. The presence of a double-width integer
76 * type is usually detected automatically through preprocessor macros,
77 * but the automatic detection cannot know whether the code needs to
78 * and can be linked with an implementation of division for that type.
79 * By default division is assumed to be usable if the type is present.
80 * Uncomment this option to prevent the use of double-width division.
81 *
82 * Note that division for the native integer type is always required.
83 * Furthermore, a 64-bit type is always required even on a 32-bit
Andres Amaya Garciac630ce62017-07-21 10:56:22 +010084 * platform, but it need not support multiplication or division. In some
85 * cases it is also desirable to disable some double-width operations. For
86 * example, if double-width division is implemented in software, disabling
87 * it can reduce code size in some embedded targets.
Gilles Peskineb1a977f2017-06-08 15:19:20 +020088 */
89//#define MBEDTLS_NO_UDBL_DIVISION
90
91/**
Manuel Pégourié-Gonnard2adb3752018-06-07 10:51:44 +020092 * \def MBEDTLS_NO_64BIT_MULTIPLICATION
93 *
94 * The platform lacks support for 32x32 -> 64-bit multiplication.
95 *
96 * Used in:
97 * library/poly1305.c
98 *
99 * Some parts of the library may use multiplication of two unsigned 32-bit
100 * operands with a 64-bit result in order to speed up computations. On some
101 * platforms, this is not available in hardware and has to be implemented in
102 * software, usually in a library provided by the toolchain.
103 *
104 * Sometimes it is not desirable to have to link to that library. This option
105 * removes the dependency of that library on platforms that lack a hardware
106 * 64-bit multiplier by embedding a software implementation in Mbed TLS.
107 *
108 * Note that depending on the compiler, this may decrease performance compared
109 * to using the library function provided by the toolchain.
110 */
111//#define MBEDTLS_NO_64BIT_MULTIPLICATION
112
113/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200114 * \def MBEDTLS_HAVE_SSE2
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000115 *
Paul Bakkere23c3152012-10-01 14:42:47 +0000116 * CPU supports SSE2 instruction set.
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000117 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000118 * Uncomment if the CPU supports SSE2 (IA-32 specific).
Paul Bakker5121ce52009-01-03 21:22:43 +0000119 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200120//#define MBEDTLS_HAVE_SSE2
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200121
122/**
Gilles Peskine9a9e19f2018-06-19 11:56:47 +0200123 * \def MBEDTLS_HAVE_TIME
124 *
125 * System has time.h and time().
126 * The time does not need to be correct, only time differences are used,
127 * by contrast with MBEDTLS_HAVE_TIME_DATE
128 *
129 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
130 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
131 * MBEDTLS_PLATFORM_STD_TIME.
132 *
133 * Comment if your system does not support time functions
134 */
135#define MBEDTLS_HAVE_TIME
136
137/**
138 * \def MBEDTLS_HAVE_TIME_DATE
139 *
Hanno Becker4e67cca2018-09-05 16:18:38 +0100140 * System has time.h, time(), and an implementation for
141 * mbedtls_platform_gmtime_r() (see below).
Antonin Décimo36e89b52019-01-23 15:24:37 +0100142 * The time needs to be correct (not necessarily very accurate, but at least
Gilles Peskine9a9e19f2018-06-19 11:56:47 +0200143 * the date should be correct). This is used to verify the validity period of
144 * X.509 certificates.
145 *
146 * Comment if your system does not have a correct clock.
Andres Amaya Garcia97f3ecb2018-08-07 20:39:27 +0100147 *
Hanno Becker6a739782018-09-05 15:06:19 +0100148 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
Hanno Beckerc52ef402018-09-05 16:28:59 +0100149 * behaves similarly to the gmtime_r() function from the C standard. Refer to
150 * the documentation for mbedtls_platform_gmtime_r() for more information.
Andres Amaya Garciac99b12b2018-08-21 19:32:44 +0100151 *
152 * \note It is possible to configure an implementation for
Hanno Becker6a739782018-09-05 15:06:19 +0100153 * mbedtls_platform_gmtime_r() at compile-time by using the macro
154 * MBEDTLS_PLATFORM_GMTIME_R_ALT.
Gilles Peskine9a9e19f2018-06-19 11:56:47 +0200155 */
156#define MBEDTLS_HAVE_TIME_DATE
157
158/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200159 * \def MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100160 *
161 * Enable the memory allocation layer.
162 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200163 * By default mbed TLS uses the system-provided calloc() and free().
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100164 * This allows different allocators (self-implemented or provided) to be
165 * provided to the platform abstraction layer.
166 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200167 * Enabling MBEDTLS_PLATFORM_MEMORY without the
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200168 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
169 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
Rich Evans16f8cd82015-02-06 16:14:34 +0000170 * free() function pointer at runtime.
171 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200172 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200173 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
Rich Evans16f8cd82015-02-06 16:14:34 +0000174 * alternate function at compile time.
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100175 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200176 * Requires: MBEDTLS_PLATFORM_C
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100177 *
178 * Enable this layer to allow use of alternative memory allocators.
179 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200180//#define MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100181
182/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200183 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200184 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200185 * Do not assign standard functions in the platform layer (e.g. calloc() to
186 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
Paul Bakker088c5c52014-04-25 11:11:10 +0200187 *
188 * This makes sure there are no linking errors on platforms that do not support
189 * these functions. You will HAVE to provide alternatives, either at runtime
190 * via the platform_set_xxx() functions or at compile time by setting
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200191 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
192 * MBEDTLS_PLATFORM_XXX_MACRO.
Paul Bakker088c5c52014-04-25 11:11:10 +0200193 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200194 * Requires: MBEDTLS_PLATFORM_C
Paul Bakker088c5c52014-04-25 11:11:10 +0200195 *
196 * Uncomment to prevent default assignment of standard functions in the
197 * platform layer.
198 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200199//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200200
201/**
Janos Follathc351d182016-03-21 08:43:59 +0000202 * \def MBEDTLS_PLATFORM_EXIT_ALT
Paul Bakker747a83a2014-02-01 22:50:07 +0100203 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100204 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
205 * function in the platform abstraction layer.
Paul Bakker747a83a2014-02-01 22:50:07 +0100206 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200207 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
208 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
Paul Bakker747a83a2014-02-01 22:50:07 +0100209 * alternative printf function pointer.
210 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200211 * All these define require MBEDTLS_PLATFORM_C to be defined!
Paul Bakker747a83a2014-02-01 22:50:07 +0100212 *
Manuel Pégourié-Gonnard9db28872015-06-26 10:52:01 +0200213 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
214 * it will be enabled automatically by check_config.h
215 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +0200216 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200217 * MBEDTLS_PLATFORM_XXX_MACRO!
Rich Evans16f8cd82015-02-06 16:14:34 +0000218 *
Gilles Peskine9a9e19f2018-06-19 11:56:47 +0200219 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
220 *
Paul Bakker747a83a2014-02-01 22:50:07 +0100221 * Uncomment a macro to enable alternate implementation of specific base
222 * platform function
223 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200224//#define MBEDTLS_PLATFORM_EXIT_ALT
Gilles Peskine9a9e19f2018-06-19 11:56:47 +0200225//#define MBEDTLS_PLATFORM_TIME_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200226//#define MBEDTLS_PLATFORM_FPRINTF_ALT
227//#define MBEDTLS_PLATFORM_PRINTF_ALT
228//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
k-stachowiak723f8672018-07-16 14:27:07 +0200229//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
Paul Bakkercf0a9f92016-06-01 11:25:44 +0100230//#define MBEDTLS_PLATFORM_NV_SEED_ALT
Andres Amaya Garciad91f99f2017-07-18 10:23:04 +0100231//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100232
233/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200234 * \def MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100235 *
236 * Mark deprecated functions so that they generate a warning if used.
237 * Functions deprecated in one version will usually be removed in the next
238 * version. You can enable this to help you prepare the transition to a new
239 * major version by making sure your code is not using these functions.
240 *
241 * This only works with GCC and Clang. With other compilers, you may want to
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200242 * use MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100243 *
244 * Uncomment to get warnings on using deprecated functions.
245 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200246//#define MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100247
248/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200249 * \def MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100250 *
251 * Remove deprecated functions so that they generate an error if used.
252 * Functions deprecated in one version will usually be removed in the next
253 * version. You can enable this to help you prepare the transition to a new
254 * major version by making sure your code is not using these functions.
255 *
256 * Uncomment to get errors on using deprecated functions.
257 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200258//#define MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100259
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500260/**
261 * \def MBEDTLS_CHECK_PARAMS
262 *
263 * This configuration option controls whether the library validates more of
264 * the parameters passed to it.
265 *
266 * When this flag is not defined, the library only attempts to validate an
267 * input parameter if: (1) they may come from the outside world (such as the
268 * network, the filesystem, etc.) or (2) not validating them could result in
269 * internal memory errors such as overflowing a buffer controlled by the
270 * library. On the other hand, it doesn't attempt to validate parameters whose
271 * values are fully controlled by the application (such as pointers).
272 *
273 * When this flag is defined, the library additionally attempts to validate
274 * parameters that are fully controlled by the application, and should always
275 * be valid if the application code is fully correct and trusted.
276 *
277 * For example, when a function accepts as input a pointer to a buffer that may
278 * contain untrusted data, and its documentation mentions that this pointer
279 * must not be NULL:
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200280 * - The pointer is checked to be non-NULL only if this option is enabled.
281 * - The content of the buffer is always validated.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500282 *
283 * When this flag is defined, if a library function receives a parameter that
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200284 * is invalid:
285 * 1. The function will invoke the macro MBEDTLS_PARAM_FAILED().
286 * 2. If MBEDTLS_PARAM_FAILED() did not terminate the program, the function
287 * will immediately return. If the function returns an Mbed TLS error code,
288 * the error code in this case is MBEDTLS_ERR_xxx_BAD_INPUT_DATA.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500289 *
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200290 * When defining this flag, you also need to arrange a definition for
291 * MBEDTLS_PARAM_FAILED(). You can do this by any of the following methods:
292 * - By default, the library defines MBEDTLS_PARAM_FAILED() to call a
293 * function mbedtls_param_failed(), but the library does not define this
294 * function. If you do not make any other arrangements, you must provide
295 * the function mbedtls_param_failed() in your application.
296 * See `platform_util.h` for its prototype.
297 * - If you enable the macro #MBEDTLS_CHECK_PARAMS_ASSERT, then the
Jaeden Amero8dd16902019-07-22 16:39:49 +0100298 * library defines MBEDTLS_PARAM_FAILED(\c cond) to be `assert(cond)`.
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200299 * You can still supply an alternative definition of
300 * MBEDTLS_PARAM_FAILED(), which may call `assert`.
301 * - If you define a macro MBEDTLS_PARAM_FAILED() before including `config.h`
302 * or you uncomment the definition of MBEDTLS_PARAM_FAILED() in `config.h`,
303 * the library will call the macro that you defined and will not supply
304 * its own version. Note that if MBEDTLS_PARAM_FAILED() calls `assert`,
305 * you need to enable #MBEDTLS_CHECK_PARAMS_ASSERT so that library source
306 * files include `<assert.h>`.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500307 *
308 * Uncomment to enable validation of application-controlled parameters.
309 */
310//#define MBEDTLS_CHECK_PARAMS
311
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200312/**
313 * \def MBEDTLS_CHECK_PARAMS_ASSERT
314 *
315 * Allow MBEDTLS_PARAM_FAILED() to call `assert`, and make it default to
316 * `assert`. This macro is only used if #MBEDTLS_CHECK_PARAMS is defined.
317 *
318 * If this macro is not defined, then MBEDTLS_PARAM_FAILED() defaults to
319 * calling a function mbedtls_param_failed(). See the documentation of
320 * #MBEDTLS_CHECK_PARAMS for details.
321 *
322 * Uncomment to allow MBEDTLS_PARAM_FAILED() to call `assert`.
323 */
324//#define MBEDTLS_CHECK_PARAMS_ASSERT
325
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200326/* \} name SECTION: System support */
Paul Bakker0a62cd12011-01-21 11:00:08 +0000327
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000328/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000329 * \name SECTION: mbed TLS feature support
Paul Bakker0a62cd12011-01-21 11:00:08 +0000330 *
331 * This section sets support for features that are or are not needed
332 * within the modules that are enabled.
333 * \{
334 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000335
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000336/**
Gilles Peskine9a9e19f2018-06-19 11:56:47 +0200337 * \def MBEDTLS_TIMING_ALT
338 *
339 * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
340 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
341 *
342 * Only works if you have MBEDTLS_TIMING_C enabled.
343 *
344 * You will need to provide a header "timing_alt.h" and an implementation at
345 * compile time.
346 */
347//#define MBEDTLS_TIMING_ALT
348
349/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100350 * \def MBEDTLS_AES_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200351 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100352 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follathb0697532016-08-18 12:38:46 +0100353 * alternate core implementation of a symmetric crypto, an arithmetic or hash
354 * module (e.g. platform specific assembly optimized implementations). Keep
355 * in mind that the function prototypes should remain the same.
Paul Bakker90995b52013-06-24 19:20:35 +0200356 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200357 * This replaces the whole module. If you only want to replace one of the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200358 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200359 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200360 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
Janos Follathee782bc2016-11-07 15:41:26 +0000361 * provide the "struct mbedtls_aes_context" definition and omit the base
362 * function declarations and implementations. "aes_alt.h" will be included from
Paul Bakker90995b52013-06-24 19:20:35 +0200363 * "aes.h" to include the new function definitions.
364 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200365 * Uncomment a macro to enable alternate implementation of the corresponding
366 * module.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100367 *
368 * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
369 * use constitutes a security risk. If possible, we recommend
370 * avoiding dependencies on them, and considering stronger message
371 * digests and ciphers instead.
372 *
Paul Bakker90995b52013-06-24 19:20:35 +0200373 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200374//#define MBEDTLS_AES_ALT
375//#define MBEDTLS_ARC4_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000376//#define MBEDTLS_ARIA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200377//#define MBEDTLS_BLOWFISH_ALT
378//#define MBEDTLS_CAMELLIA_ALT
Steven Cooreman222e2ff2017-04-04 11:37:15 +0200379//#define MBEDTLS_CCM_ALT
Daniel King34b822c2016-05-15 17:28:08 -0300380//#define MBEDTLS_CHACHA20_ALT
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +0200381//#define MBEDTLS_CHACHAPOLY_ALT
Steven Cooreman63342772017-04-04 11:47:16 +0200382//#define MBEDTLS_CMAC_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200383//#define MBEDTLS_DES_ALT
nirekh01d569ecf2018-01-09 16:43:21 +0000384//#define MBEDTLS_DHM_ALT
Hanno Becker616d1ca2018-01-24 10:25:05 +0000385//#define MBEDTLS_ECJPAKE_ALT
Jaeden Amero15263302017-09-21 12:53:48 +0100386//#define MBEDTLS_GCM_ALT
Ron Eldor466a57f2018-05-03 16:54:28 +0300387//#define MBEDTLS_NIST_KW_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200388//#define MBEDTLS_MD2_ALT
389//#define MBEDTLS_MD4_ALT
390//#define MBEDTLS_MD5_ALT
Daniel Kingadc32c02016-05-16 18:25:45 -0300391//#define MBEDTLS_POLY1305_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200392//#define MBEDTLS_RIPEMD160_ALT
Hanno Becker88683b22018-01-04 18:26:54 +0000393//#define MBEDTLS_RSA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200394//#define MBEDTLS_SHA1_ALT
395//#define MBEDTLS_SHA256_ALT
396//#define MBEDTLS_SHA512_ALT
Hanno Becker88683b22018-01-04 18:26:54 +0000397//#define MBEDTLS_XTEA_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000398
Janos Follathb0697532016-08-18 12:38:46 +0100399/*
400 * When replacing the elliptic curve module, pleace consider, that it is
401 * implemented with two .c files:
402 * - ecp.c
403 * - ecp_curves.c
Janos Follathee782bc2016-11-07 15:41:26 +0000404 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
405 * macros as described above. The only difference is that you have to make sure
406 * that you provide functionality for both .c files.
Janos Follathb0697532016-08-18 12:38:46 +0100407 */
408//#define MBEDTLS_ECP_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200409
410/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100411 * \def MBEDTLS_MD2_PROCESS_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200412 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100413 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
414 * alternate core implementation of symmetric crypto or hash function. Keep in
415 * mind that function prototypes should remain the same.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200416 *
417 * This replaces only one function. The header file from mbed TLS is still
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200418 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200419 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200420 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
421 * no longer provide the mbedtls_sha1_process() function, but it will still provide
422 * the other function (using your mbedtls_sha1_process() function) and the definition
423 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200424 * with this definition.
425 *
Hanno Becker6d84ae72017-06-26 12:46:19 +0100426 * \note Because of a signature change, the core AES encryption and decryption routines are
427 * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
428 * respectively. When setting up alternative implementations, these functions should
Antonin Décimo36e89b52019-01-23 15:24:37 +0100429 * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
Hanno Beckerca1cdb22017-07-20 09:50:59 +0100430 * must stay untouched.
Hanno Becker6d84ae72017-06-26 12:46:19 +0100431 *
432 * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
433 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
434 * tables.
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200435 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200436 * Uncomment a macro to enable alternate implementation of the corresponding
437 * function.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100438 *
439 * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
440 * constitutes a security risk. If possible, we recommend avoiding
441 * dependencies on them, and considering stronger message digests
442 * and ciphers instead.
443 *
Janos Follath1231d212019-01-07 15:01:32 +0000444 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are
445 * enabled, then the deterministic ECDH signature functions pass the
446 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore
447 * alternative implementations should use the RNG only for generating
448 * the ephemeral key and nothing else. If this is not possible, then
449 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative
450 * implementation should be provided for mbedtls_ecdsa_sign_det_ext()
451 * (and for mbedtls_ecdsa_sign_det() too if backward compatibility is
452 * desirable).
453 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200454 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200455//#define MBEDTLS_MD2_PROCESS_ALT
456//#define MBEDTLS_MD4_PROCESS_ALT
457//#define MBEDTLS_MD5_PROCESS_ALT
458//#define MBEDTLS_RIPEMD160_PROCESS_ALT
459//#define MBEDTLS_SHA1_PROCESS_ALT
460//#define MBEDTLS_SHA256_PROCESS_ALT
461//#define MBEDTLS_SHA512_PROCESS_ALT
Manuel Pégourié-Gonnard70a50102015-05-12 15:02:45 +0200462//#define MBEDTLS_DES_SETKEY_ALT
463//#define MBEDTLS_DES_CRYPT_ECB_ALT
464//#define MBEDTLS_DES3_CRYPT_ECB_ALT
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200465//#define MBEDTLS_AES_SETKEY_ENC_ALT
466//#define MBEDTLS_AES_SETKEY_DEC_ALT
467//#define MBEDTLS_AES_ENCRYPT_ALT
468//#define MBEDTLS_AES_DECRYPT_ALT
Ron Eldora84c1cb2017-10-10 19:04:27 +0300469//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
Ron Eldor3226d362017-10-12 14:17:48 +0300470//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
Ron Eldor314adb62017-10-10 18:28:25 +0300471//#define MBEDTLS_ECDSA_VERIFY_ALT
472//#define MBEDTLS_ECDSA_SIGN_ALT
473//#define MBEDTLS_ECDSA_GENKEY_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200474
475/**
Janos Follathc44ab972016-11-18 16:38:23 +0000476 * \def MBEDTLS_ECP_INTERNAL_ALT
477 *
478 * Expose a part of the internal interface of the Elliptic Curve Point module.
Janos Follathb0697532016-08-18 12:38:46 +0100479 *
480 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follath372697b2016-10-28 16:53:11 +0100481 * alternative core implementation of elliptic curve arithmetic. Keep in mind
482 * that function prototypes should remain the same.
Janos Follathb0697532016-08-18 12:38:46 +0100483 *
484 * This partially replaces one function. The header file from mbed TLS is still
485 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
486 * is still present and it is used for group structures not supported by the
487 * alternative.
488 *
Janos Follathc44ab972016-11-18 16:38:23 +0000489 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
490 * and implementing the following functions:
491 * unsigned char mbedtls_internal_ecp_grp_capable(
492 * const mbedtls_ecp_group *grp )
493 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
Janos Follathd2af46f2018-12-07 10:39:00 +0000494 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
Janos Follathc44ab972016-11-18 16:38:23 +0000495 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
496 * replacement functions implement arithmetic for the given group and 0
497 * otherwise.
Janos Follathd2af46f2018-12-07 10:39:00 +0000498 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
Janos Follathc44ab972016-11-18 16:38:23 +0000499 * called before and after each point operation and provide an opportunity to
500 * implement optimized set up and tear down instructions.
Janos Follathb0697532016-08-18 12:38:46 +0100501 *
Janos Follathc44ab972016-11-18 16:38:23 +0000502 * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
Janos Follath4d9c69d2016-11-01 13:27:03 +0000503 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
Janos Follathc44ab972016-11-18 16:38:23 +0000504 * function, but will use your mbedtls_internal_ecp_double_jac if the group is
505 * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
506 * receives it as an argument). If the group is not supported then the original
Janos Follathee782bc2016-11-07 15:41:26 +0000507 * implementation is used. The other functions and the definition of
508 * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
Janos Follathc44ab972016-11-18 16:38:23 +0000509 * implementation of mbedtls_internal_ecp_double_jac and
510 * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
Janos Follathb0697532016-08-18 12:38:46 +0100511 *
512 * Uncomment a macro to enable alternate implementation of the corresponding
513 * function.
514 */
515/* Required for all the functions in this section */
Janos Follathc44ab972016-11-18 16:38:23 +0000516//#define MBEDTLS_ECP_INTERNAL_ALT
Janos Follathb0697532016-08-18 12:38:46 +0100517/* Support for Weierstrass curves with Jacobi representation */
518//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
519//#define MBEDTLS_ECP_ADD_MIXED_ALT
520//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
521//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
522//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
523/* Support for curves with Montgomery arithmetic */
524//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
525//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
526//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
527
528/**
Simon Butcherab5df402016-06-11 02:31:21 +0100529 * \def MBEDTLS_TEST_NULL_ENTROPY
Janos Follath53de7842016-06-08 15:29:18 +0100530 *
Simon Butcherab5df402016-06-11 02:31:21 +0100531 * Enables testing and use of mbed TLS without any configured entropy sources.
532 * This permits use of the library on platforms before an entropy source has
533 * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
534 * MBEDTLS_ENTROPY_NV_SEED switches).
535 *
536 * WARNING! This switch MUST be disabled in production builds, and is suitable
537 * only for development.
538 * Enabling the switch negates any security provided by the library.
Janos Follath53de7842016-06-08 15:29:18 +0100539 *
Janos Follathf93b8bc2016-06-09 13:54:15 +0100540 * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
541 *
Janos Follath53de7842016-06-08 15:29:18 +0100542 */
Simon Butcherab5df402016-06-11 02:31:21 +0100543//#define MBEDTLS_TEST_NULL_ENTROPY
Janos Follath53de7842016-06-08 15:29:18 +0100544
545/**
Manuel Pégourié-Gonnard8ba88f02015-06-22 12:14:20 +0200546 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
Manuel Pégourié-Gonnard3f77dfb2015-06-19 10:06:21 +0200547 *
548 * Uncomment this macro to let mbed TLS use your own implementation of a
549 * hardware entropy collector.
550 *
551 * Your function must be called \c mbedtls_hardware_poll(), have the same
552 * prototype as declared in entropy_poll.h, and accept NULL as first argument.
553 *
554 * Uncomment to use your own hardware entropy collector.
555 */
556//#define MBEDTLS_ENTROPY_HARDWARE_ALT
557
558/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200559 * \def MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000560 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100561 * Use precomputed AES tables stored in ROM.
Paul Bakker15566e42011-04-24 21:19:15 +0000562 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100563 * Uncomment this macro to use precomputed AES tables stored in ROM.
564 * Comment this macro to generate AES tables in RAM at runtime.
565 *
Hanno Becker4c1dc3c2018-03-27 16:52:03 +0100566 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
567 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
Hanno Becker6a92ce62018-03-28 11:42:05 +0100568 * initialization time before the first AES operation can be performed.
569 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
570 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
571 * performance if ROM access is slower than RAM access.
Hanno Becker177d3cf2017-06-07 15:52:48 +0100572 *
573 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
574 *
Paul Bakker15566e42011-04-24 21:19:15 +0000575 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200576//#define MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000577
578/**
Hanno Becker177d3cf2017-06-07 15:52:48 +0100579 * \def MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200580 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100581 * Use less ROM/RAM for AES tables.
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200582 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100583 * Uncommenting this macro omits 75% of the AES tables from
584 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
585 * by computing their values on the fly during operations
586 * (the tables are entry-wise rotations of one another).
587 *
588 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
Hanno Becker08a5c182017-06-19 16:33:58 +0100589 * by ~6kb but at the cost of more arithmetic operations during
Hanno Becker177d3cf2017-06-07 15:52:48 +0100590 * runtime. Specifically, one has to compare 4 accesses within
591 * different tables to 4 accesses with additional arithmetic
592 * operations within the same table. The performance gain/loss
593 * depends on the system and memory details.
594 *
595 * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
596 *
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200597 */
Hanno Becker177d3cf2017-06-07 15:52:48 +0100598//#define MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200599
600/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200601 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200602 *
603 * Use less ROM for the Camellia implementation (saves about 768 bytes).
604 *
605 * Uncomment this macro to use less memory for Camellia.
606 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200607//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200608
609/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200610 * \def MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200611 *
612 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
613 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200614#define MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200615
616/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200617 * \def MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000618 *
619 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
620 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200621#define MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000622
623/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200624 * \def MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000625 *
626 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
627 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200628#define MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000629
630/**
Jaeden Ameroff2f4932018-06-14 11:38:50 +0100631 * \def MBEDTLS_CIPHER_MODE_OFB
632 *
633 * Enable Output Feedback mode (OFB) for symmetric ciphers.
634 */
635#define MBEDTLS_CIPHER_MODE_OFB
636
637/**
638 * \def MBEDTLS_CIPHER_MODE_XTS
639 *
640 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
641 */
642#define MBEDTLS_CIPHER_MODE_XTS
643
644/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200645 * \def MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000646 *
647 * Enable NULL cipher.
648 * Warning: Only do so when you know what you are doing. This allows for
649 * encryption or channels without any security!
650 *
Gilles Peskine4e117492020-02-26 18:56:08 +0100651 * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
652 * the following ciphersuites:
653 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
654 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
655 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
656 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
657 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
658 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
659 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
660 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
661 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
662 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
663 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
664 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
665 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
666 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
667 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
668 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
669 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
670 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
671 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
Paul Bakkerfab5c822012-02-06 16:45:10 +0000672 *
Gilles Peskine4e117492020-02-26 18:56:08 +0100673 * Uncomment this macro to enable the NULL cipher and ciphersuites
Paul Bakkerfab5c822012-02-06 16:45:10 +0000674 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200675//#define MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000676
677/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100678 * \def MBEDTLS_CIPHER_PADDING_PKCS7
Paul Bakker48e93c82013-08-14 12:21:18 +0200679 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100680 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
681 * specific padding modes in the cipher layer with cipher modes that support
682 * padding (e.g. CBC)
Paul Bakker48e93c82013-08-14 12:21:18 +0200683 *
684 * If you disable all padding modes, only full blocks can be used with CBC.
685 *
686 * Enable padding modes in the cipher layer.
687 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200688#define MBEDTLS_CIPHER_PADDING_PKCS7
689#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
690#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
691#define MBEDTLS_CIPHER_PADDING_ZEROS
Paul Bakker48e93c82013-08-14 12:21:18 +0200692
Gilles Peskine1540e5b2019-10-03 14:21:14 +0200693/** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
694 *
695 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module.
696 * By default, CTR_DRBG uses a 256-bit key.
697 */
698//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
699
Paul Bakker48e93c82013-08-14 12:21:18 +0200700/**
Gilles Peskine4e117492020-02-26 18:56:08 +0100701 * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
702 *
703 * Enable weak ciphersuites in SSL / TLS.
704 * Warning: Only do so when you know what you are doing. This allows for
705 * channels with virtually no security at all!
706 *
707 * This enables the following ciphersuites:
708 * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
709 * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
710 *
711 * Uncomment this macro to enable weak ciphersuites
712 *
713 * \warning DES is considered a weak cipher and its use constitutes a
714 * security risk. We recommend considering stronger ciphers instead.
715 */
716//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
717
718/**
719 * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
720 *
721 * Remove RC4 ciphersuites by default in SSL / TLS.
722 * This flag removes the ciphersuites based on RC4 from the default list as
723 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
724 * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
725 * explicitly.
726 *
727 * Uncomment this macro to remove RC4 ciphersuites by default.
728 */
729#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
730
731/**
732 * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES
733 *
734 * Remove 3DES ciphersuites by default in SSL / TLS.
735 * This flag removes the ciphersuites based on 3DES from the default list as
736 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible
737 * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including
738 * them explicitly.
739 *
740 * A man-in-the-browser attacker can recover authentication tokens sent through
741 * a TLS connection using a 3DES based cipher suite (see "On the Practical
742 * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan
743 * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls
744 * in your threat model or you are unsure, then you should keep this option
745 * enabled to remove 3DES based cipher suites.
746 *
747 * Comment this macro to keep 3DES in the default ciphersuite list.
748 */
749#define MBEDTLS_REMOVE_3DES_CIPHERSUITES
750
751/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100752 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200753 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100754 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
755 * module. By default all supported curves are enabled.
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200756 *
757 * Comment macros to disable the curve and functions for it
758 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200759#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
760#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
761#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
762#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
763#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
764#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
765#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
766#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
767#define MBEDTLS_ECP_DP_BP256R1_ENABLED
768#define MBEDTLS_ECP_DP_BP384R1_ENABLED
769#define MBEDTLS_ECP_DP_BP512R1_ENABLED
Manuel Pégourié-Gonnard07894332015-06-23 00:18:41 +0200770#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
Nicholas Wilson08f3ef12015-11-10 13:10:01 +0000771#define MBEDTLS_ECP_DP_CURVE448_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200772
773/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200774 * \def MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200775 *
776 * Enable specific 'modulo p' routines for each NIST prime.
777 * Depending on the prime and architecture, makes operations 4 to 8 times
778 * faster on the corresponding curve.
779 *
780 * Comment this macro to disable NIST curves optimisation.
781 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200782#define MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200783
784/**
Manuel Pégourié-Gonnard4b9c51e2017-04-20 15:50:26 +0200785 * \def MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100786 *
787 * Enable "non-blocking" ECC operations that can return early and be resumed.
788 *
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200789 * This allows various functions to pause by returning
Jaeden Amerode0a41b2018-11-02 18:40:14 +0000790 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in Mbed TLS's SSL module,
791 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in order
792 * to further progress and eventually complete their operation. This is
793 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum number
794 * of ECC operations a function may perform before pausing; see
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200795 * mbedtls_ecp_set_max_ops() for more information.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100796 *
Manuel Pégourié-Gonnard8b7b96b2017-08-23 10:02:51 +0200797 * This is useful in non-threaded environments if you want to avoid blocking
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200798 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100799 *
Manuel Pégourié-Gonnardc9e16a92017-08-15 14:30:59 +0200800 * Uncomment this macro to enable restartable ECC computations.
Ron Eldor5ed8c1e2018-11-05 14:04:26 +0200801 *
Ron Eldor19779c42018-11-05 16:58:13 +0200802 * \note This option only works with the default software implementation of
803 * elliptic curve functionality. It is incompatible with
Gilles Peskine43f564f2019-02-22 12:14:02 +0100804 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT
805 * and MBEDTLS_ECDH_LEGACY_CONTEXT.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100806 */
Manuel Pégourié-Gonnardc9e16a92017-08-15 14:30:59 +0200807//#define MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100808
809/**
Gilles Peskine43f564f2019-02-22 12:14:02 +0100810 * \def MBEDTLS_ECDH_LEGACY_CONTEXT
811 *
812 * Use a backward compatible ECDH context.
813 *
814 * Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context
815 * defined in `ecdh.h`). For most applications, the choice of format makes
816 * no difference, since all library functions can work with either format,
817 * except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE.
818
819 * The new format used when this option is disabled is smaller
820 * (56 bytes on a 32-bit platform). In future versions of the library, it
821 * will support alternative implementations of ECDH operations.
822 * The new format is incompatible with applications that access
823 * context fields directly and with restartable ECP operations.
824 *
825 * Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you
826 * want to access ECDH context fields directly. Otherwise you should
827 * comment out this macro definition.
828 *
829 * This option has no effect if #MBEDTLS_ECDH_C is not enabled.
830 *
831 * \note This configuration option is experimental. Future versions of the
832 * library may modify the way the ECDH context layout is configured
833 * and may modify the layout of the new context type.
834 */
835#define MBEDTLS_ECDH_LEGACY_CONTEXT
836
837/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200838 * \def MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100839 *
840 * Enable deterministic ECDSA (RFC 6979).
841 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
842 * may result in a compromise of the long-term signing key. This is avoided by
843 * the deterministic variant.
844 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200845 * Requires: MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard5b1a5732014-01-07 16:46:17 +0100846 *
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100847 * Comment this macro to disable deterministic ECDSA.
848 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200849#define MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100850
851/**
Gilles Peskine4e117492020-02-26 18:56:08 +0100852 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
853 *
854 * Enable the PSK based ciphersuite modes in SSL / TLS.
855 *
856 * This enables the following ciphersuites (if other requisites are
857 * enabled as well):
858 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
859 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
860 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
861 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
862 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
863 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
864 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
865 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
866 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
867 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
868 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
869 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
870 */
871#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
872
873/**
874 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
875 *
876 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
877 *
878 * Requires: MBEDTLS_DHM_C
879 *
880 * This enables the following ciphersuites (if other requisites are
881 * enabled as well):
882 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
883 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
884 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
885 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
886 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
887 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
888 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
889 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
890 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
891 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
892 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
893 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
894 *
895 * \warning Using DHE constitutes a security risk as it
896 * is not possible to validate custom DH parameters.
897 * If possible, it is recommended users should consider
898 * preferring other methods of key exchange.
899 * See dhm.h for more details.
900 *
901 */
902#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
903
904/**
905 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
906 *
907 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
908 *
909 * Requires: MBEDTLS_ECDH_C
910 *
911 * This enables the following ciphersuites (if other requisites are
912 * enabled as well):
913 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
914 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
915 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
916 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
917 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
918 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
919 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
920 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
921 */
922#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
923
924/**
925 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
926 *
927 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
928 *
929 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
930 * MBEDTLS_X509_CRT_PARSE_C
931 *
932 * This enables the following ciphersuites (if other requisites are
933 * enabled as well):
934 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
935 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
936 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
937 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
938 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
939 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
940 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
941 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
942 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
943 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
944 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
945 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
946 */
947#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
948
949/**
950 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
951 *
952 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
953 *
954 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
955 * MBEDTLS_X509_CRT_PARSE_C
956 *
957 * This enables the following ciphersuites (if other requisites are
958 * enabled as well):
959 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
960 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
961 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
962 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
963 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
964 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
965 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
966 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
967 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
968 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
969 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
970 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
971 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
972 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
973 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
974 */
975#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
976
977/**
978 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
979 *
980 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
981 *
982 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
983 * MBEDTLS_X509_CRT_PARSE_C
984 *
985 * This enables the following ciphersuites (if other requisites are
986 * enabled as well):
987 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
988 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
989 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
990 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
991 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
992 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
993 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
994 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
995 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
996 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
997 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
998 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
999 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
1000 *
1001 * \warning Using DHE constitutes a security risk as it
1002 * is not possible to validate custom DH parameters.
1003 * If possible, it is recommended users should consider
1004 * preferring other methods of key exchange.
1005 * See dhm.h for more details.
1006 *
1007 */
1008#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1009
1010/**
1011 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1012 *
1013 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
1014 *
1015 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
1016 * MBEDTLS_X509_CRT_PARSE_C
1017 *
1018 * This enables the following ciphersuites (if other requisites are
1019 * enabled as well):
1020 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
1021 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
1022 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
1023 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
1024 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
1025 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
1026 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
1027 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
1028 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
1029 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
1030 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
1031 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
1032 */
1033#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1034
1035/**
1036 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1037 *
1038 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
1039 *
1040 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
1041 *
1042 * This enables the following ciphersuites (if other requisites are
1043 * enabled as well):
1044 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
1045 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
1046 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
1047 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
1048 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1049 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
1050 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
1051 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
1052 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1053 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1054 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
1055 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
1056 */
1057#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1058
1059/**
1060 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1061 *
1062 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
1063 *
1064 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
1065 *
1066 * This enables the following ciphersuites (if other requisites are
1067 * enabled as well):
1068 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
1069 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
1070 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
1071 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
1072 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
1073 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
1074 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
1075 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
1076 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1077 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1078 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1079 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
1080 */
1081#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1082
1083/**
1084 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1085 *
1086 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
1087 *
1088 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
1089 *
1090 * This enables the following ciphersuites (if other requisites are
1091 * enabled as well):
1092 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
1093 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
1094 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
1095 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
1096 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
1097 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
1098 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
1099 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
1100 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
1101 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
1102 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
1103 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
1104 */
1105#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1106
1107/**
1108 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1109 *
1110 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
1111 *
1112 * \warning This is currently experimental. EC J-PAKE support is based on the
1113 * Thread v1.0.0 specification; incompatible changes to the specification
1114 * might still happen. For this reason, this is disabled by default.
1115 *
1116 * Requires: MBEDTLS_ECJPAKE_C
1117 * MBEDTLS_SHA256_C
1118 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
1119 *
1120 * This enables the following ciphersuites (if other requisites are
1121 * enabled as well):
1122 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
1123 */
1124//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1125
1126/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001127 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001128 *
1129 * Enhance support for reading EC keys using variants of SEC1 not allowed by
1130 * RFC 5915 and RFC 5480.
1131 *
1132 * Currently this means parsing the SpecifiedECDomain choice of EC
1133 * parameters (only known groups are supported, not arbitrary domains, to
1134 * avoid validation issues).
1135 *
1136 * Disable if you only need to support RFC 5915 + 5480 key formats.
1137 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001138#define MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001139
1140/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001141 * \def MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001142 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001143 * Enable a dummy error function to make use of mbedtls_strerror() in
1144 * third party libraries easier when MBEDTLS_ERROR_C is disabled
1145 * (no effect when MBEDTLS_ERROR_C is enabled).
Manuel Pégourié-Gonnarddc16aa72014-06-25 12:55:12 +02001146 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001147 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
1148 * not using mbedtls_strerror() or error_strerror() in your application.
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001149 *
1150 * Disable if you run into name conflicts and want to really remove the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001151 * mbedtls_strerror()
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001152 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001153#define MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001154
1155/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001156 * \def MBEDTLS_GENPRIME
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001157 *
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02001158 * Enable the prime-number generation code.
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001159 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001160 * Requires: MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00001161 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001162#define MBEDTLS_GENPRIME
Paul Bakker5121ce52009-01-03 21:22:43 +00001163
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001164/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001165 * \def MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001166 *
1167 * Enable functions that use the filesystem.
1168 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001169#define MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001170
1171/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001172 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001173 *
1174 * Do not add default entropy sources. These are the platform specific,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001175 * mbedtls_timing_hardclock and HAVEGE based poll functions.
Paul Bakker43655f42011-12-15 20:11:16 +00001176 *
Shuo Chen95a0d112014-04-04 21:04:40 -07001177 * This is useful to have more control over the added entropy sources in an
Paul Bakker43655f42011-12-15 20:11:16 +00001178 * application.
1179 *
1180 * Uncomment this macro to prevent loading of default entropy functions.
Paul Bakker43655f42011-12-15 20:11:16 +00001181 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001182//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001183
1184/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001185 * \def MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001186 *
1187 * Do not use built-in platform entropy functions.
1188 * This is useful if your platform does not support
1189 * standards like the /dev/urandom or Windows CryptoAPI.
1190 *
1191 * Uncomment this macro to disable the built-in platform entropy functions.
Paul Bakker6083fd22011-12-03 21:45:14 +00001192 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001193//#define MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001194
1195/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001196 * \def MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001197 *
1198 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
1199 * default SHA-512 based one (if both are available).
1200 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001201 * Requires: MBEDTLS_SHA256_C
Paul Bakker2ceda572014-02-06 15:55:25 +01001202 *
1203 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
1204 * if you have performance concerns.
1205 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001206 * This option is only useful if both MBEDTLS_SHA256_C and
1207 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
Paul Bakker2ceda572014-02-06 15:55:25 +01001208 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001209//#define MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001210
1211/**
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001212 * \def MBEDTLS_ENTROPY_NV_SEED
1213 *
1214 * Enable the non-volatile (NV) seed file-based entropy source.
1215 * (Also enables the NV seed read/write functions in the platform layer)
1216 *
1217 * This is crucial (if not required) on systems that do not have a
1218 * cryptographic entropy source (in hardware or kernel) available.
1219 *
1220 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
1221 *
Paul Bakker71a597a2016-06-07 10:59:03 +01001222 * \note The read/write functions that are used by the entropy source are
1223 * determined in the platform layer, and can be modified at runtime and/or
1224 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
1225 *
1226 * \note If you use the default implementation functions that read a seedfile
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001227 * with regular fopen(), please make sure you make a seedfile with the
1228 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
1229 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
Paul Bakker71a597a2016-06-07 10:59:03 +01001230 * and written to or you will get an entropy source error! The default
1231 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
1232 * bytes from the file.
1233 *
1234 * \note The entropy collector will write to the seed file before entropy is
1235 * given to an external source, to update it.
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001236 */
1237//#define MBEDTLS_ENTROPY_NV_SEED
1238
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001239/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
1240 *
1241 * In PSA key storage, encode the owner of the key.
1242 *
1243 * This is only meaningful when building the library as part of a
1244 * multi-client service. When you activate this option, you must provide
1245 * an implementation of the type psa_key_owner_id_t and a translation
1246 * from psa_key_file_id_t to file name in all the storage backends that
1247 * you wish to support.
1248 *
1249 * Note that this option is meant for internal use only and may be removed
1250 * without notice.
1251 */
1252//#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
1253
Netanel Gonen212a7932018-11-19 12:19:19 +02001254/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001255 * \def MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001256 *
1257 * Enable debugging of buffer allocator memory issues. Automatically prints
1258 * (to stderr) all (fatal) messages on memory allocation issues. Enables
1259 * function for 'debug output' of allocated memory.
1260 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001261 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02001262 *
1263 * Uncomment this macro to let the buffer allocator print out error messages.
Paul Bakkera7ea6a52013-10-15 11:55:10 +02001264 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001265//#define MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001266
1267/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001268 * \def MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001269 *
1270 * Include backtrace information with each allocated block.
1271 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001272 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02001273 * GLIBC-compatible backtrace() an backtrace_symbols() support
1274 *
1275 * Uncomment this macro to include backtrace information
Paul Bakker6e339b52013-07-03 13:37:05 +02001276 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001277//#define MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001278
1279/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001280 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001281 *
1282 * Support external private RSA keys (eg from a HSM) in the PK layer.
1283 *
1284 * Comment this macro to disable support for external private RSA keys.
1285 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001286#define MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001287
1288/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001289 * \def MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001290 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001291 * Enable support for PKCS#1 v1.5 encoding.
1292 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001293 * Requires: MBEDTLS_RSA_C
Paul Bakker48377d92013-08-30 12:06:24 +02001294 *
Paul Bakker48377d92013-08-30 12:06:24 +02001295 * This enables support for PKCS#1 v1.5 operations.
1296 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001297#define MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001298
1299/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001300 * \def MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001301 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001302 * Enable support for PKCS#1 v2.1 encoding.
1303 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001304 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
Paul Bakker5690efc2011-05-26 13:16:06 +00001305 *
Paul Bakker9dcc3222011-03-08 14:16:06 +00001306 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
1307 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001308#define MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001309
1310/**
Jaeden Amero67a93512018-07-11 16:07:40 +01001311 * \def MBEDTLS_PSA_CRYPTO_SPM
1312 *
1313 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
1314 * Partition Manager) integration which separates the code into two parts: a
1315 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
1316 * Environment).
1317 *
1318 * Module: library/psa_crypto.c
1319 * Requires: MBEDTLS_PSA_CRYPTO_C
1320 *
1321 */
1322//#define MBEDTLS_PSA_CRYPTO_SPM
1323
1324/**
Gilles Peskinee3dbdd82019-02-25 11:04:06 +01001325 * \def MBEDTLS_PSA_INJECT_ENTROPY
1326 *
1327 * Enable support for entropy injection at first boot. This feature is
1328 * required on systems that do not have a built-in entropy source (TRNG).
1329 * This feature is currently not supported on systems that have a built-in
1330 * entropy source.
1331 *
1332 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
1333 *
1334 */
1335//#define MBEDTLS_PSA_INJECT_ENTROPY
1336
1337/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001338 * \def MBEDTLS_RSA_NO_CRT
Paul Bakker0216cc12011-03-26 13:40:23 +00001339 *
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02001340 * Do not use the Chinese Remainder Theorem
1341 * for the RSA private operation.
Paul Bakker0216cc12011-03-26 13:40:23 +00001342 *
1343 * Uncomment this macro to disable the use of CRT in RSA.
1344 *
Paul Bakker0216cc12011-03-26 13:40:23 +00001345 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001346//#define MBEDTLS_RSA_NO_CRT
Paul Bakker15566e42011-04-24 21:19:15 +00001347
1348/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001349 * \def MBEDTLS_SELF_TEST
Paul Bakker15566e42011-04-24 21:19:15 +00001350 *
1351 * Enable the checkup functions (*_self_test).
1352 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001353#define MBEDTLS_SELF_TEST
Paul Bakker5c721f92011-07-27 16:51:09 +00001354
1355/**
Manuel Pégourié-Gonnardeb0d8702015-05-28 12:54:04 +02001356 * \def MBEDTLS_SHA256_SMALLER
1357 *
1358 * Enable an implementation of SHA-256 that has lower ROM footprint but also
1359 * lower performance.
1360 *
1361 * The default implementation is meant to be a reasonnable compromise between
1362 * performance and size. This version optimizes more aggressively for size at
1363 * the expense of performance. Eg on Cortex-M4 it reduces the size of
1364 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
1365 * 30%.
1366 *
1367 * Uncomment to enable the smaller implementation of SHA256.
1368 */
1369//#define MBEDTLS_SHA256_SMALLER
1370
1371/**
Manuel Pégourié-Gonnard2306d152019-07-17 12:36:53 +02001372 * \def MBEDTLS_SHA512_SMALLER
1373 *
1374 * Enable an implementation of SHA-512 that has lower ROM footprint but also
1375 * lower performance.
1376 *
1377 * Uncomment to enable the smaller implementation of SHA512.
1378 */
1379//#define MBEDTLS_SHA512_SMALLER
1380
1381/**
Manuel Pégourié-Gonnardad6cb112019-07-17 14:58:03 +02001382 * \def MBEDTLS_SHA512_NO_SHA384
1383 *
1384 * Disable the SHA-384 option of the SHA-512 module. Use this to save some
1385 * code size on devices that don't use SHA-384.
1386 *
Manuel Pégourié-Gonnard1e6fb012020-01-07 11:00:34 +01001387 * Requires: MBEDTLS_SHA512_C
1388 *
Manuel Pégourié-Gonnardad6cb112019-07-17 14:58:03 +02001389 * Uncomment to disable SHA-384
1390 */
1391//#define MBEDTLS_SHA512_NO_SHA384
1392
1393/**
Gilles Peskine4e117492020-02-26 18:56:08 +01001394 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
1395 *
1396 * Enable sending of alert messages in case of encountered errors as per RFC.
1397 * If you choose not to send the alert messages, mbed TLS can still communicate
1398 * with other servers, only debugging of failures is harder.
1399 *
1400 * The advantage of not sending alert messages, is that no information is given
1401 * about reasons for failures thus preventing adversaries of gaining intel.
1402 *
1403 * Enable sending of all alert messages
1404 */
1405#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1406
1407/**
1408 * \def MBEDTLS_SSL_ASYNC_PRIVATE
1409 *
1410 * Enable asynchronous external private key operations in SSL. This allows
1411 * you to configure an SSL connection to call an external cryptographic
1412 * module to perform private key operations instead of performing the
1413 * operation inside the library.
1414 *
1415 */
1416//#define MBEDTLS_SSL_ASYNC_PRIVATE
1417
1418/**
1419 * \def MBEDTLS_SSL_DEBUG_ALL
1420 *
1421 * Enable the debug messages in SSL module for all issues.
1422 * Debug messages have been disabled in some places to prevent timing
1423 * attacks due to (unbalanced) debugging function calls.
1424 *
1425 * If you need all error reporting you should enable this during debugging,
1426 * but remove this for production servers that should log as well.
1427 *
1428 * Uncomment this macro to report all debug messages on errors introducing
1429 * a timing side-channel.
1430 *
1431 */
1432//#define MBEDTLS_SSL_DEBUG_ALL
1433
1434/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
1435 *
1436 * Enable support for Encrypt-then-MAC, RFC 7366.
1437 *
1438 * This allows peers that both support it to use a more robust protection for
1439 * ciphersuites using CBC, providing deep resistance against timing attacks
1440 * on the padding or underlying cipher.
1441 *
1442 * This only affects CBC ciphersuites, and is useless if none is defined.
1443 *
1444 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
1445 * MBEDTLS_SSL_PROTO_TLS1_1 or
1446 * MBEDTLS_SSL_PROTO_TLS1_2
1447 *
1448 * Comment this macro to disable support for Encrypt-then-MAC
1449 */
1450#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1451
1452/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1453 *
1454 * Enable support for Extended Master Secret, aka Session Hash
1455 * (draft-ietf-tls-session-hash-02).
1456 *
1457 * This was introduced as "the proper fix" to the Triple Handshake familiy of
1458 * attacks, but it is recommended to always use it (even if you disable
1459 * renegotiation), since it actually fixes a more fundamental issue in the
1460 * original SSL/TLS design, and has implications beyond Triple Handshake.
1461 *
1462 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
1463 * MBEDTLS_SSL_PROTO_TLS1_1 or
1464 * MBEDTLS_SSL_PROTO_TLS1_2
1465 *
1466 * Comment this macro to disable support for Extended Master Secret.
1467 */
1468#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1469
1470/**
1471 * \def MBEDTLS_SSL_FALLBACK_SCSV
1472 *
1473 * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
1474 *
1475 * For servers, it is recommended to always enable this, unless you support
1476 * only one version of TLS, or know for sure that none of your clients
1477 * implements a fallback strategy.
1478 *
1479 * For clients, you only need this if you're using a fallback strategy, which
1480 * is not recommended in the first place, unless you absolutely need it to
1481 * interoperate with buggy (version-intolerant) servers.
1482 *
1483 * Comment this macro to disable support for FALLBACK_SCSV
1484 */
1485#define MBEDTLS_SSL_FALLBACK_SCSV
1486
1487/**
1488 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1489 *
1490 * This option controls the availability of the API mbedtls_ssl_get_peer_cert()
1491 * giving access to the peer's certificate after completion of the handshake.
1492 *
1493 * Unless you need mbedtls_ssl_peer_cert() in your application, it is
1494 * recommended to disable this option for reduced RAM usage.
1495 *
1496 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still
1497 * defined, but always returns \c NULL.
1498 *
1499 * \note This option has no influence on the protection against the
1500 * triple handshake attack. Even if it is disabled, Mbed TLS will
1501 * still ensure that certificates do not change during renegotiation,
1502 * for exaple by keeping a hash of the peer's certificate.
1503 *
1504 * Comment this macro to disable storing the peer's certificate
1505 * after the handshake.
1506 */
1507#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1508
1509/**
1510 * \def MBEDTLS_SSL_HW_RECORD_ACCEL
1511 *
1512 * Enable hooking functions in SSL module for hardware acceleration of
1513 * individual records.
1514 *
1515 * Uncomment this macro to enable hooking functions.
1516 */
1517//#define MBEDTLS_SSL_HW_RECORD_ACCEL
1518
1519/**
1520 * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
1521 *
1522 * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
1523 *
1524 * This is a countermeasure to the BEAST attack, which also minimizes the risk
1525 * of interoperability issues compared to sending 0-length records.
1526 *
1527 * Comment this macro to disable 1/n-1 record splitting.
1528 */
1529#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1530
1531/**
1532 * \def MBEDTLS_SSL_RENEGOTIATION
1533 *
1534 * Enable support for TLS renegotiation.
1535 *
1536 * The two main uses of renegotiation are (1) refresh keys on long-lived
1537 * connections and (2) client authentication after the initial handshake.
1538 * If you don't need renegotiation, it's probably better to disable it, since
1539 * it has been associated with security issues in the past and is easy to
1540 * misuse/misunderstand.
1541 *
1542 * Comment this to disable support for renegotiation.
1543 *
1544 * \note Even if this option is disabled, both client and server are aware
1545 * of the Renegotiation Indication Extension (RFC 5746) used to
1546 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
1547 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
1548 * configuration of this extension).
1549 *
1550 */
1551#define MBEDTLS_SSL_RENEGOTIATION
1552
1553/**
1554 * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1555 *
1556 * Enable support for receiving and parsing SSLv2 Client Hello messages for the
1557 * SSL Server module (MBEDTLS_SSL_SRV_C).
1558 *
1559 * Uncomment this macro to enable support for SSLv2 Client Hello messages.
1560 */
1561//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1562
1563/**
1564 * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1565 *
1566 * Pick the ciphersuite according to the client's preferences rather than ours
1567 * in the SSL Server module (MBEDTLS_SSL_SRV_C).
1568 *
1569 * Uncomment this macro to respect client's ciphersuite order
1570 */
1571//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1572
1573/**
1574 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1575 *
1576 * Enable support for RFC 6066 max_fragment_length extension in SSL.
1577 *
1578 * Comment this macro to disable support for the max_fragment_length extension
1579 */
1580#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1581
1582/**
1583 * \def MBEDTLS_SSL_PROTO_SSL3
1584 *
1585 * Enable support for SSL 3.0.
1586 *
1587 * Requires: MBEDTLS_MD5_C
1588 * MBEDTLS_SHA1_C
1589 *
1590 * Comment this macro to disable support for SSL 3.0
1591 */
1592//#define MBEDTLS_SSL_PROTO_SSL3
1593
1594/**
1595 * \def MBEDTLS_SSL_PROTO_TLS1
1596 *
1597 * Enable support for TLS 1.0.
1598 *
1599 * Requires: MBEDTLS_MD5_C
1600 * MBEDTLS_SHA1_C
1601 *
1602 * Comment this macro to disable support for TLS 1.0
1603 */
1604#define MBEDTLS_SSL_PROTO_TLS1
1605
1606/**
1607 * \def MBEDTLS_SSL_PROTO_TLS1_1
1608 *
1609 * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
1610 *
1611 * Requires: MBEDTLS_MD5_C
1612 * MBEDTLS_SHA1_C
1613 *
1614 * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
1615 */
1616#define MBEDTLS_SSL_PROTO_TLS1_1
1617
1618/**
1619 * \def MBEDTLS_SSL_PROTO_TLS1_2
1620 *
1621 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
1622 *
1623 * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
1624 * (Depends on ciphersuites)
1625 *
1626 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
1627 */
1628#define MBEDTLS_SSL_PROTO_TLS1_2
1629
1630/**
1631 * \def MBEDTLS_SSL_PROTO_DTLS
1632 *
1633 * Enable support for DTLS (all available versions).
1634 *
1635 * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
1636 * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
1637 *
1638 * Requires: MBEDTLS_SSL_PROTO_TLS1_1
1639 * or MBEDTLS_SSL_PROTO_TLS1_2
1640 *
1641 * Comment this macro to disable support for DTLS
1642 */
1643#define MBEDTLS_SSL_PROTO_DTLS
1644
1645/**
1646 * \def MBEDTLS_SSL_ALPN
1647 *
1648 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
1649 *
1650 * Comment this macro to disable support for ALPN.
1651 */
1652#define MBEDTLS_SSL_ALPN
1653
1654/**
1655 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
1656 *
1657 * Enable support for the anti-replay mechanism in DTLS.
1658 *
1659 * Requires: MBEDTLS_SSL_TLS_C
1660 * MBEDTLS_SSL_PROTO_DTLS
1661 *
1662 * \warning Disabling this is often a security risk!
1663 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
1664 *
1665 * Comment this to disable anti-replay in DTLS.
1666 */
1667#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1668
1669/**
1670 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
1671 *
1672 * Enable support for HelloVerifyRequest on DTLS servers.
1673 *
1674 * This feature is highly recommended to prevent DTLS servers being used as
1675 * amplifiers in DoS attacks against other hosts. It should always be enabled
1676 * unless you know for sure amplification cannot be a problem in the
1677 * environment in which your server operates.
1678 *
1679 * \warning Disabling this can ba a security risk! (see above)
1680 *
1681 * Requires: MBEDTLS_SSL_PROTO_DTLS
1682 *
1683 * Comment this to disable support for HelloVerifyRequest.
1684 */
1685#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1686
1687/**
1688 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1689 *
1690 * Enable server-side support for clients that reconnect from the same port.
1691 *
1692 * Some clients unexpectedly close the connection and try to reconnect using the
1693 * same source port. This needs special support from the server to handle the
1694 * new connection securely, as described in section 4.2.8 of RFC 6347. This
1695 * flag enables that support.
1696 *
1697 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
1698 *
1699 * Comment this to disable support for clients reusing the source port.
1700 */
1701#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1702
1703/**
1704 * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1705 *
1706 * Enable support for a limit of records with bad MAC.
1707 *
1708 * See mbedtls_ssl_conf_dtls_badmac_limit().
1709 *
1710 * Requires: MBEDTLS_SSL_PROTO_DTLS
1711 */
1712#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1713
1714/**
1715 * \def MBEDTLS_SSL_SESSION_TICKETS
1716 *
1717 * Enable support for RFC 5077 session tickets in SSL.
1718 * Client-side, provides full support for session tickets (maintenance of a
1719 * session store remains the responsibility of the application, though).
1720 * Server-side, you also need to provide callbacks for writing and parsing
1721 * tickets, including authenticated encryption and key management. Example
1722 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
1723 *
1724 * Comment this macro to disable support for SSL session tickets
1725 */
1726#define MBEDTLS_SSL_SESSION_TICKETS
1727
1728/**
1729 * \def MBEDTLS_SSL_EXPORT_KEYS
1730 *
1731 * Enable support for exporting key block and master secret.
1732 * This is required for certain users of TLS, e.g. EAP-TLS.
1733 *
1734 * Comment this macro to disable support for key export
1735 */
1736#define MBEDTLS_SSL_EXPORT_KEYS
1737
1738/**
1739 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
1740 *
1741 * Enable support for RFC 6066 server name indication (SNI) in SSL.
1742 *
1743 * Requires: MBEDTLS_X509_CRT_PARSE_C
1744 *
1745 * Comment this macro to disable support for server name indication in SSL
1746 */
1747#define MBEDTLS_SSL_SERVER_NAME_INDICATION
1748
1749/**
1750 * \def MBEDTLS_SSL_TRUNCATED_HMAC
1751 *
1752 * Enable support for RFC 6066 truncated HMAC in SSL.
1753 *
1754 * Comment this macro to disable support for truncated HMAC in SSL
1755 */
1756#define MBEDTLS_SSL_TRUNCATED_HMAC
1757
1758/**
1759 * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1760 *
1761 * Fallback to old (pre-2.7), non-conforming implementation of the truncated
1762 * HMAC extension which also truncates the HMAC key. Note that this option is
1763 * only meant for a transitory upgrade period and is likely to be removed in
1764 * a future version of the library.
1765 *
1766 * \warning The old implementation is non-compliant and has a security weakness
1767 * (2^80 brute force attack on the HMAC key used for a single,
1768 * uninterrupted connection). This should only be enabled temporarily
1769 * when (1) the use of truncated HMAC is essential in order to save
1770 * bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
1771 * the fixed implementation yet (pre-2.7).
1772 *
1773 * \deprecated This option is deprecated and will likely be removed in a
1774 * future version of Mbed TLS.
1775 *
1776 * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
1777 *
1778 * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
1779 */
1780//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1781
1782/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001783 * \def MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001784 *
1785 * Provide your own alternate threading implementation.
1786 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001787 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001788 *
1789 * Uncomment this to allow your own alternate threading implementation.
Paul Bakker2466d932013-09-28 14:40:38 +02001790 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001791//#define MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001792
1793/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001794 * \def MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02001795 *
1796 * Enable the pthread wrapper layer for the threading layer.
1797 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001798 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001799 *
1800 * Uncomment this to enable pthread mutexes.
Paul Bakker2466d932013-09-28 14:40:38 +02001801 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001802//#define MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02001803
1804/**
Manuel Pégourié-Gonnard26fd7302018-10-22 12:14:52 +02001805 * \def MBEDTLS_USE_PSA_CRYPTO
1806 *
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01001807 * Make the X.509 and TLS library use PSA for cryptographic operations, and
1808 * enable new APIs for using keys handled by PSA Crypto.
Manuel Pégourié-Gonnard26fd7302018-10-22 12:14:52 +02001809 *
Jaeden Amero8dd16902019-07-22 16:39:49 +01001810 * \note Development of this option is currently in progress, and parts of Mbed
1811 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts
Andrzej Kurekd65b11d2019-04-16 04:20:24 -04001812 * will still continue to work as usual, so enabling this option should not
1813 * break backwards compatibility.
Manuel Pégourié-Gonnard26fd7302018-10-22 12:14:52 +02001814 *
Jaeden Amero8dd16902019-07-22 16:39:49 +01001815 * \warning Support for PSA is still an experimental feature.
1816 * Any public API that depends on this option may change
1817 * at any time until this warning is removed.
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01001818 *
1819 * \warning This option enables new Mbed TLS APIs that are dependent on the
1820 * PSA Crypto API, so can't come with the same stability guarantees as the
1821 * rest of the Mbed TLS APIs. You're welcome to experiment with them, but for
Andrzej Kurekd3deb1d2019-04-16 04:14:48 -04001822 * now, access to these APIs is opt-in (via enabling the present option), in
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01001823 * order to clearly differentiate them from the stable Mbed TLS APIs.
Hanno Becker56a78dd2018-11-19 09:46:26 +00001824 *
Manuel Pégourié-Gonnard26fd7302018-10-22 12:14:52 +02001825 * Requires: MBEDTLS_PSA_CRYPTO_C.
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01001826 *
Andrzej Kurekd3deb1d2019-04-16 04:14:48 -04001827 * Uncomment this to enable internal use of PSA Crypto and new associated APIs.
Manuel Pégourié-Gonnard26fd7302018-10-22 12:14:52 +02001828 */
1829//#define MBEDTLS_USE_PSA_CRYPTO
1830
1831/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001832 * \def MBEDTLS_VERSION_FEATURES
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001833 *
1834 * Allow run-time checking of compile-time enabled features. Thus allowing users
1835 * to check at run-time if the library is for instance compiled with threading
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001836 * support via mbedtls_version_check_feature().
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001837 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001838 * Requires: MBEDTLS_VERSION_C
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001839 *
1840 * Comment this to disable run-time checking and save ROM space
1841 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001842#define MBEDTLS_VERSION_FEATURES
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001843
Gilles Peskine252e3912020-02-26 18:33:58 +01001844/**
1845 * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1846 *
1847 * If set, the X509 parser will not break-off when parsing an X509 certificate
1848 * and encountering an extension in a v1 or v2 certificate.
1849 *
1850 * Uncomment to prevent an error.
1851 */
1852//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1853
1854/**
1855 * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1856 *
1857 * If set, the X509 parser will not break-off when parsing an X509 certificate
1858 * and encountering an unknown critical extension.
1859 *
1860 * \warning Depending on your PKI use, enabling this can be a security risk!
1861 *
1862 * Uncomment to prevent an error.
1863 */
1864//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1865
1866/**
1867 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1868 *
1869 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()`
1870 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure
1871 * the set of trusted certificates through a callback instead of a linked
1872 * list.
1873 *
1874 * This is useful for example in environments where a large number of trusted
1875 * certificates is present and storing them in a linked list isn't efficient
1876 * enough, or when the set of trusted certificates changes frequently.
1877 *
1878 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and
1879 * `mbedtls_ssl_conf_ca_cb()` for more information.
1880 *
1881 * Uncomment to enable trusted certificate callbacks.
1882 */
1883//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1884
1885/**
1886 * \def MBEDTLS_X509_CHECK_KEY_USAGE
1887 *
1888 * Enable verification of the keyUsage extension (CA and leaf certificates).
1889 *
1890 * Disabling this avoids problems with mis-issued and/or misused
1891 * (intermediate) CA and leaf certificates.
1892 *
1893 * \warning Depending on your PKI use, disabling this can be a security risk!
1894 *
1895 * Comment to skip keyUsage checking for both CA and leaf certificates.
1896 */
1897#define MBEDTLS_X509_CHECK_KEY_USAGE
1898
1899/**
1900 * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1901 *
1902 * Enable verification of the extendedKeyUsage extension (leaf certificates).
1903 *
1904 * Disabling this avoids problems with mis-issued and/or misused certificates.
1905 *
1906 * \warning Depending on your PKI use, disabling this can be a security risk!
1907 *
1908 * Comment to skip extendedKeyUsage checking for certificates.
1909 */
1910#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1911
1912/**
1913 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
1914 *
1915 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
1916 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
1917 *
1918 * Comment this macro to disallow using RSASSA-PSS in certificates.
1919 */
1920#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
Gilles Peskine4e117492020-02-26 18:56:08 +01001921
1922/**
1923 * \def MBEDTLS_ZLIB_SUPPORT
1924 *
1925 * If set, the SSL/TLS module uses ZLIB to support compression and
1926 * decompression of packet data.
1927 *
1928 * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
1929 * CRIME attack. Before enabling this option, you should examine with care if
1930 * CRIME or similar exploits may be applicable to your use case.
1931 *
1932 * \note Currently compression can't be used with DTLS.
1933 *
1934 * \deprecated This feature is deprecated and will be removed
1935 * in the next major revision of the library.
1936 *
1937 * Used in: library/ssl_tls.c
1938 * library/ssl_cli.c
1939 * library/ssl_srv.c
1940 *
1941 * This feature requires zlib library and headers to be present.
1942 *
1943 * Uncomment to enable use of ZLIB
1944 */
1945//#define MBEDTLS_ZLIB_SUPPORT
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00001946/* \} name SECTION: mbed TLS feature support */
Paul Bakker0a62cd12011-01-21 11:00:08 +00001947
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001948/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00001949 * \name SECTION: mbed TLS modules
Paul Bakker0a62cd12011-01-21 11:00:08 +00001950 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00001951 * This section enables or disables entire modules in mbed TLS
Paul Bakker0a62cd12011-01-21 11:00:08 +00001952 * \{
1953 */
Paul Bakker5121ce52009-01-03 21:22:43 +00001954
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001955/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001956 * \def MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01001957 *
1958 * Enable AES-NI support on x86-64.
1959 *
1960 * Module: library/aesni.c
1961 * Caller: library/aes.c
1962 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001963 * Requires: MBEDTLS_HAVE_ASM
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01001964 *
1965 * This modules adds support for the AES-NI instructions on x86-64
1966 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001967#define MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01001968
1969/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001970 * \def MBEDTLS_AES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001971 *
1972 * Enable the AES block cipher.
1973 *
Paul Bakker5121ce52009-01-03 21:22:43 +00001974 * Module: library/aes.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01001975 * Caller: library/cipher.c
Paul Bakker96743fc2011-02-12 14:30:57 +00001976 * library/pem.c
Paul Bakker6083fd22011-12-03 21:45:14 +00001977 * library/ctr_drbg.c
Paul Bakker5121ce52009-01-03 21:22:43 +00001978 *
Gilles Peskine4e117492020-02-26 18:56:08 +01001979 * This module enables the following ciphersuites (if other requisites are
1980 * enabled as well):
1981 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
1982 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
1983 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
1984 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
1985 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
1986 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
1987 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
1988 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
1989 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
1990 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
1991 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
1992 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
1993 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
1994 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
1995 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
1996 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
1997 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
1998 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
1999 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
2000 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2001 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2002 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2003 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2004 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2005 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
2006 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
2007 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
2008 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
2009 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2010 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
2011 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
2012 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
2013 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
2014 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
2015 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
2016 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
2017 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
2018 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
2019 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
2020 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
2021 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
2022 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
2023 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
2024 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
2025 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
2026 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
2027 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
2028 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
2029 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
2030 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
2031 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
2032 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
2033 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
2034 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
2035 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
2036 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
2037 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
2038 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
Paul Bakker6deb37e2013-02-19 13:17:08 +01002039 *
Paul Bakkercff68422013-09-15 20:43:33 +02002040 * PEM_PARSE uses AES for decrypting encrypted keys.
Paul Bakker5121ce52009-01-03 21:22:43 +00002041 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002042#define MBEDTLS_AES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002043
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002044/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002045 * \def MBEDTLS_ARC4_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002046 *
2047 * Enable the ARCFOUR stream cipher.
2048 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002049 * Module: library/arc4.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002050 * Caller: library/cipher.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002051 *
Gilles Peskine4e117492020-02-26 18:56:08 +01002052 * This module enables the following ciphersuites (if other requisites are
2053 * enabled as well):
2054 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
2055 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
2056 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
2057 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
2058 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
2059 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
2060 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
2061 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
2062 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
2063 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002064 *
2065 * \warning ARC4 is considered a weak cipher and its use constitutes a
2066 * security risk. If possible, we recommend avoidng dependencies on
2067 * it, and considering stronger ciphers instead.
2068 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002069 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002070#define MBEDTLS_ARC4_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002071
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002072/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002073 * \def MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002074 *
2075 * Enable the generic ASN1 parser.
2076 *
2077 * Module: library/asn1.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002078 * Caller: library/x509.c
2079 * library/dhm.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002080 * library/pkcs12.c
2081 * library/pkcs5.c
2082 * library/pkparse.c
Paul Bakkerefc30292011-11-10 14:43:23 +00002083 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002084#define MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002085
2086/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002087 * \def MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002088 *
2089 * Enable the generic ASN1 writer.
2090 *
2091 * Module: library/asn1write.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002092 * Caller: library/ecdsa.c
2093 * library/pkwrite.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002094 * library/x509_create.c
2095 * library/x509write_crt.c
2096 * library/x509write_csr.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002097 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002098#define MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002099
2100/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002101 * \def MBEDTLS_BASE64_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002102 *
2103 * Enable the Base64 module.
2104 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002105 * Module: library/base64.c
Paul Bakker5690efc2011-05-26 13:16:06 +00002106 * Caller: library/pem.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002107 *
Paul Bakker5690efc2011-05-26 13:16:06 +00002108 * This module is required for PEM support (required by X.509).
Paul Bakker5121ce52009-01-03 21:22:43 +00002109 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002110#define MBEDTLS_BASE64_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002111
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002112/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002113 * \def MBEDTLS_BIGNUM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002114 *
Paul Bakker9a736322012-11-14 12:39:52 +00002115 * Enable the multi-precision integer library.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002116 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002117 * Module: library/bignum.c
2118 * Caller: library/dhm.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002119 * library/ecp.c
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002120 * library/ecdsa.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002121 * library/rsa.c
Hanno Beckera565f542017-10-11 11:00:19 +01002122 * library/rsa_internal.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002123 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002124 *
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002125 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
Paul Bakker5121ce52009-01-03 21:22:43 +00002126 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002127#define MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002128
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002129/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002130 * \def MBEDTLS_BLOWFISH_C
Paul Bakkera9379c02012-07-04 11:02:11 +00002131 *
2132 * Enable the Blowfish block cipher.
2133 *
2134 * Module: library/blowfish.c
2135 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002136#define MBEDTLS_BLOWFISH_C
Paul Bakkera9379c02012-07-04 11:02:11 +00002137
2138/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002139 * \def MBEDTLS_CAMELLIA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002140 *
2141 * Enable the Camellia block cipher.
2142 *
Paul Bakker38119b12009-01-10 23:31:23 +00002143 * Module: library/camellia.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002144 * Caller: library/cipher.c
Paul Bakker38119b12009-01-10 23:31:23 +00002145 *
Gilles Peskine4e117492020-02-26 18:56:08 +01002146 * This module enables the following ciphersuites (if other requisites are
2147 * enabled as well):
2148 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2149 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2150 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
2151 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
2152 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2153 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2154 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
2155 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
2156 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2157 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2158 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2159 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2160 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
2161 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
2162 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
2163 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2164 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2165 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2166 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2167 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2168 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2169 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
2170 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
2171 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2172 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2173 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
2174 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2175 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2176 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
2177 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
2178 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
2179 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
2180 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
2181 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
2182 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
2183 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
2184 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
2185 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
2186 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
2187 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
2188 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
2189 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakker38119b12009-01-10 23:31:23 +00002190 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002191#define MBEDTLS_CAMELLIA_C
Paul Bakker38119b12009-01-10 23:31:23 +00002192
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002193/**
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002194 * \def MBEDTLS_ARIA_C
2195 *
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002196 * Enable the ARIA block cipher.
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002197 *
2198 * Module: library/aria.c
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002199 * Caller: library/cipher.c
2200 *
Gilles Peskine4e117492020-02-26 18:56:08 +01002201 * This module enables the following ciphersuites (if other requisites are
2202 * enabled as well):
2203 *
2204 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
2205 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
2206 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
2207 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
2208 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
2209 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
2210 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
2211 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
2212 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
2213 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
2214 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
2215 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
2216 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
2217 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
2218 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
2219 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
2220 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
2221 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
2222 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
2223 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
2224 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
2225 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
2226 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
2227 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
2228 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
2229 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
2230 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
2231 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
2232 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
2233 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
2234 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
2235 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
2236 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
2237 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
2238 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
2239 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
2240 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
2241 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002242 */
Manuel Pégourié-Gonnard2268b962018-02-27 12:22:36 +01002243//#define MBEDTLS_ARIA_C
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002244
2245/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002246 * \def MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002247 *
2248 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
2249 *
2250 * Module: library/ccm.c
2251 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002252 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002253 *
Gilles Peskine4e117492020-02-26 18:56:08 +01002254 * This module enables the AES-CCM ciphersuites, if other requisites are
2255 * enabled as well.
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002256 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002257#define MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002258
2259/**
Gilles Peskine252e3912020-02-26 18:33:58 +01002260 * \def MBEDTLS_CERTS_C
2261 *
2262 * Enable the test certificates.
2263 *
2264 * Module: library/certs.c
2265 * Caller:
2266 *
2267 * This module is used for testing (ssl_client/server).
2268 */
2269#define MBEDTLS_CERTS_C
2270
2271/**
Daniel King34b822c2016-05-15 17:28:08 -03002272 * \def MBEDTLS_CHACHA20_C
2273 *
2274 * Enable the ChaCha20 stream cipher.
2275 *
2276 * Module: library/chacha20.c
2277 */
2278#define MBEDTLS_CHACHA20_C
2279
2280/**
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +02002281 * \def MBEDTLS_CHACHAPOLY_C
2282 *
2283 * Enable the ChaCha20-Poly1305 AEAD algorithm.
2284 *
2285 * Module: library/chachapoly.c
2286 *
2287 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
2288 */
2289#define MBEDTLS_CHACHAPOLY_C
2290
2291/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002292 * \def MBEDTLS_CIPHER_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002293 *
2294 * Enable the generic cipher layer.
2295 *
Paul Bakker8123e9d2011-01-06 15:37:30 +00002296 * Module: library/cipher.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002297 * Caller: library/ssl_tls.c
Paul Bakker8123e9d2011-01-06 15:37:30 +00002298 *
2299 * Uncomment to enable generic cipher wrappers.
2300 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002301#define MBEDTLS_CIPHER_C
Paul Bakker8123e9d2011-01-06 15:37:30 +00002302
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002303/**
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002304 * \def MBEDTLS_CMAC_C
2305 *
Simon Butcher327398a2016-10-05 14:09:11 +01002306 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
2307 * ciphers.
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002308 *
2309 * Module: library/cmac.c
2310 *
Simon Butcher69283e52016-10-06 12:49:58 +01002311 * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002312 *
2313 */
Gilles Peskinee59236f2018-01-27 23:32:46 +01002314#define MBEDTLS_CMAC_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002315
2316/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002317 * \def MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002318 *
Nir Sonnenscheince266e42018-08-29 10:11:46 +03002319 * Enable the CTR_DRBG AES-based random generator.
2320 * The CTR_DRBG generator uses AES-256 by default.
Gilles Peskine1540e5b2019-10-03 14:21:14 +02002321 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002322 *
Gilles Peskine7e279362019-10-03 14:21:39 +02002323 * \note To achieve a 256-bit security strength with CTR_DRBG,
2324 * you must use AES-256 *and* use sufficient entropy.
2325 * See ctr_drbg.h for more details.
2326 *
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002327 * Module: library/ctr_drbg.c
2328 * Caller:
2329 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002330 * Requires: MBEDTLS_AES_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002331 *
Nir Sonnenschein521e8a92018-09-03 14:10:52 +03002332 * This module provides the CTR_DRBG AES random number generator.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002333 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002334#define MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002335
2336/**
Gilles Peskine4e117492020-02-26 18:56:08 +01002337 * \def MBEDTLS_DEBUG_C
2338 *
2339 * Enable the debug functions.
2340 *
2341 * Module: library/debug.c
2342 * Caller: library/ssl_cli.c
2343 * library/ssl_srv.c
2344 * library/ssl_tls.c
2345 *
2346 * This module provides debugging functions.
2347 */
2348#define MBEDTLS_DEBUG_C
2349
2350/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002351 * \def MBEDTLS_DES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002352 *
2353 * Enable the DES block cipher.
2354 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002355 * Module: library/des.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002356 * Caller: library/pem.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002357 * library/cipher.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002358 *
Gilles Peskine4e117492020-02-26 18:56:08 +01002359 * This module enables the following ciphersuites (if other requisites are
2360 * enabled as well):
2361 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
2362 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
2363 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
2364 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
2365 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2366 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
2367 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
2368 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
2369 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
2370 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
Paul Bakker6deb37e2013-02-19 13:17:08 +01002371 *
Paul Bakkercff68422013-09-15 20:43:33 +02002372 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002373 *
2374 * \warning DES is considered a weak cipher and its use constitutes a
2375 * security risk. We recommend considering stronger ciphers instead.
Paul Bakker5121ce52009-01-03 21:22:43 +00002376 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002377#define MBEDTLS_DES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002378
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002379/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002380 * \def MBEDTLS_DHM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002381 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002382 * Enable the Diffie-Hellman-Merkle module.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002383 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002384 * Module: library/dhm.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002385 * Caller: library/ssl_cli.c
2386 * library/ssl_srv.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002387 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002388 * This module is used by the following key exchanges:
2389 * DHE-RSA, DHE-PSK
Hanno Beckera2f6b722017-09-28 10:33:29 +01002390 *
Hanno Beckerf9734b32017-10-03 12:09:22 +01002391 * \warning Using DHE constitutes a security risk as it
2392 * is not possible to validate custom DH parameters.
2393 * If possible, it is recommended users should consider
2394 * preferring other methods of key exchange.
2395 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +01002396 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002397 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002398#define MBEDTLS_DHM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002399
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002400/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002401 * \def MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002402 *
2403 * Enable the elliptic curve Diffie-Hellman library.
2404 *
2405 * Module: library/ecdh.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002406 * Caller: library/ssl_cli.c
2407 * library/ssl_srv.c
Paul Bakker41c83d32013-03-20 14:39:14 +01002408 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002409 * This module is used by the following key exchanges:
2410 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002411 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002412 * Requires: MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002413 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002414#define MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002415
2416/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002417 * \def MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002418 *
2419 * Enable the elliptic curve DSA library.
2420 *
2421 * Module: library/ecdsa.c
2422 * Caller:
2423 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002424 * This module is used by the following key exchanges:
2425 * ECDHE-ECDSA
2426 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002427 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002428 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002429#define MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002430
2431/**
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002432 * \def MBEDTLS_ECJPAKE_C
2433 *
2434 * Enable the elliptic curve J-PAKE library.
2435 *
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +02002436 * \warning This is currently experimental. EC J-PAKE support is based on the
2437 * Thread v1.0.0 specification; incompatible changes to the specification
2438 * might still happen. For this reason, this is disabled by default.
2439 *
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002440 * Module: library/ecjpake.c
2441 * Caller:
2442 *
2443 * This module is used by the following key exchanges:
2444 * ECJPAKE
2445 *
2446 * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
2447 */
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02002448//#define MBEDTLS_ECJPAKE_C
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002449
2450/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002451 * \def MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002452 *
2453 * Enable the elliptic curve over GF(p) library.
2454 *
2455 * Module: library/ecp.c
2456 * Caller: library/ecdh.c
2457 * library/ecdsa.c
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002458 * library/ecjpake.c
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002459 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002460 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002461 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002462#define MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002463
2464/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002465 * \def MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002466 *
2467 * Enable the platform-specific entropy code.
2468 *
2469 * Module: library/entropy.c
2470 * Caller:
2471 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002472 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002473 *
2474 * This module provides a generic entropy pool
2475 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002476#define MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002477
2478/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002479 * \def MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002480 *
2481 * Enable error code to error string conversion.
2482 *
2483 * Module: library/error.c
2484 * Caller:
2485 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002486 * This module enables mbedtls_strerror().
Paul Bakker9d781402011-05-09 16:17:09 +00002487 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002488#define MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002489
2490/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002491 * \def MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002492 *
Jaeden Amero7accf442019-04-10 18:13:57 +01002493 * Enable the Galois/Counter Mode (GCM).
Paul Bakker89e80c92012-03-20 13:50:09 +00002494 *
2495 * Module: library/gcm.c
2496 *
Jaeden Amero651ae682019-04-10 18:19:16 +01002497 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_ARIA_C
Paul Bakker645ce3a2012-10-31 12:32:41 +00002498 *
Gilles Peskine4e117492020-02-26 18:56:08 +01002499 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
2500 * requisites are enabled as well.
Paul Bakker89e80c92012-03-20 13:50:09 +00002501 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002502#define MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002503
2504/**
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02002505 * \def MBEDTLS_HAVEGE_C
2506 *
2507 * Enable the HAVEGE random generator.
2508 *
2509 * Warning: the HAVEGE random generator is not suitable for virtualized
2510 * environments
2511 *
2512 * Warning: the HAVEGE random generator is dependent on timing and specific
2513 * processor traits. It is therefore not advised to use HAVEGE as
2514 * your applications primary random generator or primary entropy pool
2515 * input. As a secondary input to your entropy pool, it IS able add
2516 * the (limited) extra entropy it provides.
2517 *
2518 * Module: library/havege.c
2519 * Caller:
2520 *
2521 * Requires: MBEDTLS_TIMING_C
2522 *
2523 * Uncomment to enable the HAVEGE random generator.
2524 */
2525//#define MBEDTLS_HAVEGE_C
2526
2527/**
Thomas Fossati656864b2016-07-17 08:51:22 +01002528 * \def MBEDTLS_HKDF_C
2529 *
2530 * Enable the HKDF algorithm (RFC 5869).
2531 *
2532 * Module: library/hkdf.c
2533 * Caller:
2534 *
2535 * Requires: MBEDTLS_MD_C
2536 *
2537 * This module adds support for the Hashed Message Authentication Code
2538 * (HMAC)-based key derivation function (HKDF).
2539 */
2540#define MBEDTLS_HKDF_C
2541
2542/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002543 * \def MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002544 *
2545 * Enable the HMAC_DRBG random generator.
2546 *
2547 * Module: library/hmac_drbg.c
2548 * Caller:
2549 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002550 * Requires: MBEDTLS_MD_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002551 *
2552 * Uncomment to enable the HMAC_DRBG random number geerator.
2553 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002554#define MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002555
2556/**
Ron Eldor466a57f2018-05-03 16:54:28 +03002557 * \def MBEDTLS_NIST_KW_C
2558 *
2559 * Enable the Key Wrapping mode for 128-bit block ciphers,
2560 * as defined in NIST SP 800-38F. Only KW and KWP modes
2561 * are supported. At the moment, only AES is approved by NIST.
2562 *
2563 * Module: library/nist_kw.c
2564 *
2565 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
2566 */
2567//#define MBEDTLS_NIST_KW_C
2568
2569/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002570 * \def MBEDTLS_MD_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002571 *
2572 * Enable the generic message digest layer.
2573 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002574 * Module: library/md.c
Paul Bakker17373852011-01-06 14:20:01 +00002575 * Caller:
2576 *
2577 * Uncomment to enable generic message digest wrappers.
2578 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002579#define MBEDTLS_MD_C
Paul Bakker17373852011-01-06 14:20:01 +00002580
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002581/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002582 * \def MBEDTLS_MD2_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002583 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002584 * Enable the MD2 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002585 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002586 * Module: library/md2.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002587 * Caller:
Paul Bakker5121ce52009-01-03 21:22:43 +00002588 *
2589 * Uncomment to enable support for (rare) MD2-signed X.509 certs.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002590 *
2591 * \warning MD2 is considered a weak message digest and its use constitutes a
2592 * security risk. If possible, we recommend avoiding dependencies on
2593 * it, and considering stronger message digests instead.
2594 *
Paul Bakker6506aff2009-07-28 20:52:02 +00002595 */
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02002596//#define MBEDTLS_MD2_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002597
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002598/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002599 * \def MBEDTLS_MD4_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002600 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002601 * Enable the MD4 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002602 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002603 * Module: library/md4.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002604 * Caller:
Paul Bakker5121ce52009-01-03 21:22:43 +00002605 *
2606 * Uncomment to enable support for (rare) MD4-signed X.509 certs.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002607 *
2608 * \warning MD4 is considered a weak message digest and its use constitutes a
2609 * security risk. If possible, we recommend avoiding dependencies on
2610 * it, and considering stronger message digests instead.
2611 *
Paul Bakker6506aff2009-07-28 20:52:02 +00002612 */
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02002613//#define MBEDTLS_MD4_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002614
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002615/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002616 * \def MBEDTLS_MD5_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002617 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002618 * Enable the MD5 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002619 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002620 * Module: library/md5.c
2621 * Caller: library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002622 * library/pem.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002623 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002624 *
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002625 * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
2626 * depending on the handshake parameters. Further, it is used for checking
2627 * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
2628 * encrypted keys.
2629 *
2630 * \warning MD5 is considered a weak message digest and its use constitutes a
2631 * security risk. If possible, we recommend avoiding dependencies on
2632 * it, and considering stronger message digests instead.
2633 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002634 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002635#define MBEDTLS_MD5_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002636
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002637/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002638 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002639 *
2640 * Enable the buffer allocator implementation that makes use of a (stack)
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02002641 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002642 * calls)
Paul Bakker6e339b52013-07-03 13:37:05 +02002643 *
2644 * Module: library/memory_buffer_alloc.c
2645 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002646 * Requires: MBEDTLS_PLATFORM_C
2647 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
Paul Bakker6e339b52013-07-03 13:37:05 +02002648 *
2649 * Enable this module to enable the buffer memory allocator.
Paul Bakker6e339b52013-07-03 13:37:05 +02002650 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002651//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02002652
2653/**
Gilles Peskine4e117492020-02-26 18:56:08 +01002654 * \def MBEDTLS_NET_C
2655 *
2656 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
2657 *
2658 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
2659 * and Windows. For other platforms, you'll want to disable it, and write your
2660 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
2661 *
2662 * \note See also our Knowledge Base article about porting to a new
2663 * environment:
2664 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
2665 *
2666 * Module: library/net_sockets.c
2667 *
2668 * This module provides networking routines.
2669 */
2670#define MBEDTLS_NET_C
2671
2672/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002673 * \def MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002674 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002675 * Enable the OID database.
Paul Bakkerc70b9822013-04-07 22:00:46 +02002676 *
2677 * Module: library/oid.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002678 * Caller: library/asn1write.c
2679 * library/pkcs5.c
2680 * library/pkparse.c
2681 * library/pkwrite.c
2682 * library/rsa.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002683 * library/x509.c
2684 * library/x509_create.c
2685 * library/x509_crl.c
2686 * library/x509_crt.c
2687 * library/x509_csr.c
2688 * library/x509write_crt.c
2689 * library/x509write_csr.c
Paul Bakkerc70b9822013-04-07 22:00:46 +02002690 *
2691 * This modules translates between OIDs and internal values.
2692 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002693#define MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002694
2695/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002696 * \def MBEDTLS_PADLOCK_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002697 *
2698 * Enable VIA Padlock support on x86.
2699 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002700 * Module: library/padlock.c
2701 * Caller: library/aes.c
2702 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002703 * Requires: MBEDTLS_HAVE_ASM
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002704 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002705 * This modules adds support for the VIA PadLock on x86.
2706 */
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02002707#define MBEDTLS_PADLOCK_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002708
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002709/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002710 * \def MBEDTLS_PEM_PARSE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002711 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002712 * Enable PEM decoding / parsing.
Paul Bakker96743fc2011-02-12 14:30:57 +00002713 *
2714 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002715 * Caller: library/dhm.c
Paul Bakkercff68422013-09-15 20:43:33 +02002716 * library/pkparse.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002717 * library/x509_crl.c
2718 * library/x509_crt.c
2719 * library/x509_csr.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002720 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002721 * Requires: MBEDTLS_BASE64_C
Paul Bakker5690efc2011-05-26 13:16:06 +00002722 *
Paul Bakkercff68422013-09-15 20:43:33 +02002723 * This modules adds support for decoding / parsing PEM files.
Paul Bakker96743fc2011-02-12 14:30:57 +00002724 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002725#define MBEDTLS_PEM_PARSE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002726
2727/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002728 * \def MBEDTLS_PEM_WRITE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002729 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002730 * Enable PEM encoding / writing.
Paul Bakkercff68422013-09-15 20:43:33 +02002731 *
2732 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002733 * Caller: library/pkwrite.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002734 * library/x509write_crt.c
2735 * library/x509write_csr.c
Paul Bakkercff68422013-09-15 20:43:33 +02002736 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002737 * Requires: MBEDTLS_BASE64_C
Paul Bakkercff68422013-09-15 20:43:33 +02002738 *
2739 * This modules adds support for encoding / writing PEM files.
2740 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002741#define MBEDTLS_PEM_WRITE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002742
2743/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002744 * \def MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002745 *
2746 * Enable the generic public (asymetric) key layer.
2747 *
2748 * Module: library/pk.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002749 * Caller: library/ssl_tls.c
2750 * library/ssl_cli.c
2751 * library/ssl_srv.c
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002752 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002753 * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +02002754 *
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002755 * Uncomment to enable generic public key wrappers.
2756 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002757#define MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002758
2759/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002760 * \def MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002761 *
2762 * Enable the generic public (asymetric) key parser.
2763 *
2764 * Module: library/pkparse.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002765 * Caller: library/x509_crt.c
2766 * library/x509_csr.c
Paul Bakker4606c732013-09-15 17:04:23 +02002767 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002768 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002769 *
2770 * Uncomment to enable generic public key parse functions.
2771 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002772#define MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002773
2774/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002775 * \def MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002776 *
Paul Bakkerf20ba4b2013-09-16 22:46:20 +02002777 * Enable the generic public (asymetric) key writer.
Paul Bakker4606c732013-09-15 17:04:23 +02002778 *
2779 * Module: library/pkwrite.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002780 * Caller: library/x509write.c
Paul Bakker4606c732013-09-15 17:04:23 +02002781 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002782 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002783 *
2784 * Uncomment to enable generic public key write functions.
2785 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002786#define MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002787
2788/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002789 * \def MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002790 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002791 * Enable PKCS#5 functions.
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002792 *
2793 * Module: library/pkcs5.c
2794 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002795 * Requires: MBEDTLS_MD_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002796 *
2797 * This module adds support for the PKCS#5 functions.
2798 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002799#define MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002800
2801/**
Gilles Peskine252e3912020-02-26 18:33:58 +01002802 * \def MBEDTLS_PKCS11_C
2803 *
2804 * Enable wrapper for PKCS#11 smartcard support.
2805 *
2806 * Module: library/pkcs11.c
2807 * Caller: library/pk.c
2808 *
2809 * Requires: MBEDTLS_PK_C
2810 *
2811 * This module enables SSL/TLS PKCS #11 smartcard support.
2812 * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
2813 */
2814//#define MBEDTLS_PKCS11_C
2815
2816/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002817 * \def MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002818 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002819 * Enable PKCS#12 PBE functions.
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002820 * Adds algorithms for parsing PKCS#8 encrypted private keys
2821 *
2822 * Module: library/pkcs12.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002823 * Caller: library/pkparse.c
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002824 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002825 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
2826 * Can use: MBEDTLS_ARC4_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002827 *
2828 * This module enables PKCS#12 functions.
2829 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002830#define MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002831
2832/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002833 * \def MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01002834 *
2835 * Enable the platform abstraction layer that allows you to re-assign
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002836 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
Paul Bakker747a83a2014-02-01 22:50:07 +01002837 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002838 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
2839 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
Rich Evans16f8cd82015-02-06 16:14:34 +00002840 * above to be specified at runtime or compile time respectively.
Paul Bakker747a83a2014-02-01 22:50:07 +01002841 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002842 * \note This abstraction layer must be enabled on Windows (including MSYS2)
2843 * as other module rely on it for a fixed snprintf implementation.
2844 *
Paul Bakker747a83a2014-02-01 22:50:07 +01002845 * Module: library/platform.c
2846 * Caller: Most other .c files
2847 *
2848 * This module enables abstraction of common (libc) functions.
2849 */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02002850#define MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01002851
2852/**
Daniel Kingadc32c02016-05-16 18:25:45 -03002853 * \def MBEDTLS_POLY1305_C
2854 *
2855 * Enable the Poly1305 MAC algorithm.
2856 *
2857 * Module: library/poly1305.c
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +02002858 * Caller: library/chachapoly.c
Daniel Kingadc32c02016-05-16 18:25:45 -03002859 */
2860#define MBEDTLS_POLY1305_C
2861
2862/**
Jaeden Ameroe852df82018-09-14 12:00:46 +01002863 * \def MBEDTLS_PSA_CRYPTO_C
Gilles Peskinee59236f2018-01-27 23:32:46 +01002864 *
2865 * Enable the Platform Security Architecture cryptography API.
2866 *
Manuel Pégourié-Gonnardde7636e2019-02-01 12:33:29 +01002867 * \warning The PSA Crypto API is still beta status. While you're welcome to
2868 * experiment using it, incompatible API changes are still possible, and some
2869 * parts may not have reached the same quality as the rest of Mbed TLS yet.
Jaeden Amero484ee332018-10-25 17:38:05 +01002870 *
Gilles Peskinee59236f2018-01-27 23:32:46 +01002871 * Module: library/psa_crypto.c
2872 *
2873 * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
2874 *
2875 */
2876#define MBEDTLS_PSA_CRYPTO_C
2877
2878/**
Gilles Peskinea8ade162019-06-26 11:24:49 +02002879 * \def MBEDTLS_PSA_CRYPTO_SE_C
2880 *
2881 * Enable secure element support in the Platform Security Architecture
2882 * cryptography API.
2883 *
Gilles Peskined0e66b02019-07-24 13:52:51 +02002884 * \warning This feature is not yet suitable for production. It is provided
2885 * for API evaluation and testing purposes only.
2886 *
Gilles Peskinea8ade162019-06-26 11:24:49 +02002887 * Module: library/psa_crypto_se.c
2888 *
2889 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C
2890 *
2891 */
Gilles Peskined0e66b02019-07-24 13:52:51 +02002892//#define MBEDTLS_PSA_CRYPTO_SE_C
Gilles Peskinea8ade162019-06-26 11:24:49 +02002893
2894/**
Darryl Greendb2b8db2018-06-15 13:06:04 +01002895 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
2896 *
2897 * Enable the Platform Security Architecture persistent key storage.
2898 *
2899 * Module: library/psa_crypto_storage.c
2900 *
Gilles Peskine088b77f2019-02-24 17:00:27 +01002901 * Requires: MBEDTLS_PSA_CRYPTO_C,
2902 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
2903 * the PSA ITS interface
Darryl Greendb2b8db2018-06-15 13:06:04 +01002904 */
2905#define MBEDTLS_PSA_CRYPTO_STORAGE_C
2906
2907/**
Gilles Peskine6194dc22018-11-16 22:24:15 +01002908 * \def MBEDTLS_PSA_ITS_FILE_C
2909 *
2910 * Enable the emulation of the Platform Security Architecture
2911 * Internal Trusted Storage (PSA ITS) over files.
2912 *
2913 * Module: library/psa_its_file.c
2914 *
2915 * Requires: MBEDTLS_FS_IO
2916 */
2917#define MBEDTLS_PSA_ITS_FILE_C
2918
2919/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002920 * \def MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01002921 *
2922 * Enable the RIPEMD-160 hash algorithm.
2923 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002924 * Module: library/ripemd160.c
2925 * Caller: library/md.c
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01002926 *
2927 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002928#define MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01002929
2930/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002931 * \def MBEDTLS_RSA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002932 *
2933 * Enable the RSA public-key cryptosystem.
2934 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002935 * Module: library/rsa.c
Hanno Beckera565f542017-10-11 11:00:19 +01002936 * library/rsa_internal.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002937 * Caller: library/ssl_cli.c
2938 * library/ssl_srv.c
2939 * library/ssl_tls.c
2940 * library/x509.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002941 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002942 * This module is used by the following key exchanges:
2943 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
Paul Bakker5690efc2011-05-26 13:16:06 +00002944 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002945 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002946 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002947#define MBEDTLS_RSA_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002948
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002949/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002950 * \def MBEDTLS_SHA1_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002951 *
2952 * Enable the SHA1 cryptographic hash algorithm.
2953 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002954 * Module: library/sha1.c
2955 * Caller: library/md.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002956 * library/ssl_cli.c
2957 * library/ssl_srv.c
2958 * library/ssl_tls.c
Gilles Peskine252e3912020-02-26 18:33:58 +01002959 * library/x509write_crt.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002960 *
Gilles Peskine5e79cb32017-05-04 16:17:21 +02002961 * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
2962 * depending on the handshake parameters, and for SHA1-signed certificates.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002963 *
2964 * \warning SHA-1 is considered a weak message digest and its use constitutes
2965 * a security risk. If possible, we recommend avoiding dependencies
2966 * on it, and considering stronger message digests instead.
2967 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002968 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002969#define MBEDTLS_SHA1_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002970
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002971/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002972 * \def MBEDTLS_SHA256_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002973 *
2974 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
2975 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002976 * Module: library/sha256.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002977 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002978 * library/md.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002979 * library/ssl_cli.c
2980 * library/ssl_srv.c
2981 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002982 *
2983 * This module adds support for SHA-224 and SHA-256.
Paul Bakker769075d2012-11-24 11:26:46 +01002984 * This module is required for the SSL/TLS 1.2 PRF function.
Paul Bakker5121ce52009-01-03 21:22:43 +00002985 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002986#define MBEDTLS_SHA256_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002987
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002988/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002989 * \def MBEDTLS_SHA512_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002990 *
2991 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
2992 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002993 * Module: library/sha512.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002994 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002995 * library/md.c
Gilles Peskine4e117492020-02-26 18:56:08 +01002996 * library/ssl_cli.c
2997 * library/ssl_srv.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002998 *
2999 * This module adds support for SHA-384 and SHA-512.
3000 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003001#define MBEDTLS_SHA512_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003002
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003003/**
Gilles Peskine4e117492020-02-26 18:56:08 +01003004 * \def MBEDTLS_SSL_CACHE_C
3005 *
3006 * Enable simple SSL cache implementation.
3007 *
3008 * Module: library/ssl_cache.c
3009 * Caller:
3010 *
3011 * Requires: MBEDTLS_SSL_CACHE_C
3012 */
3013#define MBEDTLS_SSL_CACHE_C
3014
3015/**
3016 * \def MBEDTLS_SSL_COOKIE_C
3017 *
3018 * Enable basic implementation of DTLS cookies for hello verification.
3019 *
3020 * Module: library/ssl_cookie.c
3021 * Caller:
3022 */
3023#define MBEDTLS_SSL_COOKIE_C
3024
3025/**
3026 * \def MBEDTLS_SSL_TICKET_C
3027 *
3028 * Enable an implementation of TLS server-side callbacks for session tickets.
3029 *
3030 * Module: library/ssl_ticket.c
3031 * Caller:
3032 *
3033 * Requires: MBEDTLS_CIPHER_C
3034 */
3035#define MBEDTLS_SSL_TICKET_C
3036
3037/**
3038 * \def MBEDTLS_SSL_CLI_C
3039 *
3040 * Enable the SSL/TLS client code.
3041 *
3042 * Module: library/ssl_cli.c
3043 * Caller:
3044 *
3045 * Requires: MBEDTLS_SSL_TLS_C
3046 *
3047 * This module is required for SSL/TLS client support.
3048 */
3049#define MBEDTLS_SSL_CLI_C
3050
3051/**
3052 * \def MBEDTLS_SSL_SRV_C
3053 *
3054 * Enable the SSL/TLS server code.
3055 *
3056 * Module: library/ssl_srv.c
3057 * Caller:
3058 *
3059 * Requires: MBEDTLS_SSL_TLS_C
3060 *
3061 * This module is required for SSL/TLS server support.
3062 */
3063#define MBEDTLS_SSL_SRV_C
3064
3065/**
3066 * \def MBEDTLS_SSL_TLS_C
3067 *
3068 * Enable the generic SSL/TLS code.
3069 *
3070 * Module: library/ssl_tls.c
3071 * Caller: library/ssl_cli.c
3072 * library/ssl_srv.c
3073 *
3074 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
3075 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
3076 *
3077 * This module is required for SSL/TLS.
3078 */
3079#define MBEDTLS_SSL_TLS_C
3080
3081/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003082 * \def MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003083 *
3084 * Enable the threading abstraction layer.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003085 * By default mbed TLS assumes it is used in a non-threaded environment or that
Paul Bakker2466d932013-09-28 14:40:38 +02003086 * contexts are not shared between threads. If you do intend to use contexts
3087 * between threads, you will need to enable this layer to prevent race
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003088 * conditions. See also our Knowledge Base article about threading:
3089 * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
Paul Bakker2466d932013-09-28 14:40:38 +02003090 *
3091 * Module: library/threading.c
3092 *
3093 * This allows different threading implementations (self-implemented or
3094 * provided).
3095 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003096 * You will have to enable either MBEDTLS_THREADING_ALT or
3097 * MBEDTLS_THREADING_PTHREAD.
Paul Bakker2466d932013-09-28 14:40:38 +02003098 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003099 * Enable this layer to allow use of mutexes within mbed TLS
Paul Bakker2466d932013-09-28 14:40:38 +02003100 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003101//#define MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003102
3103/**
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02003104 * \def MBEDTLS_TIMING_C
3105 *
3106 * Enable the semi-portable timing interface.
3107 *
3108 * \note The provided implementation only works on POSIX/Unix (including Linux,
3109 * BSD and OS X) and Windows. On other platforms, you can either disable that
Gilles Peskine4e117492020-02-26 18:56:08 +01003110 * module and provide your own implementations of the callbacks needed by
3111 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
3112 * your own implementation of the whole module by setting
Gilles Peskine9a9e19f2018-06-19 11:56:47 +02003113 * \c MBEDTLS_TIMING_ALT in the current file.
3114 *
3115 * \note See also our Knowledge Base article about porting to a new
3116 * environment:
3117 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
3118 *
3119 * Module: library/timing.c
3120 * Caller: library/havege.c
3121 *
3122 * This module is used by the HAVEGE random number generator.
3123 */
3124#define MBEDTLS_TIMING_C
3125
3126/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003127 * \def MBEDTLS_VERSION_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003128 *
3129 * Enable run-time version information.
3130 *
Paul Bakker0a62cd12011-01-21 11:00:08 +00003131 * Module: library/version.c
3132 *
3133 * This module provides run-time version information.
3134 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003135#define MBEDTLS_VERSION_C
Paul Bakker0a62cd12011-01-21 11:00:08 +00003136
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003137/**
Gilles Peskine252e3912020-02-26 18:33:58 +01003138 * \def MBEDTLS_X509_USE_C
3139 *
3140 * Enable X.509 core for using certificates.
3141 *
3142 * Module: library/x509.c
3143 * Caller: library/x509_crl.c
3144 * library/x509_crt.c
3145 * library/x509_csr.c
3146 *
3147 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
3148 * MBEDTLS_PK_PARSE_C
3149 *
3150 * This module is required for the X.509 parsing modules.
3151 */
3152#define MBEDTLS_X509_USE_C
3153
3154/**
3155 * \def MBEDTLS_X509_CRT_PARSE_C
3156 *
3157 * Enable X.509 certificate parsing.
3158 *
3159 * Module: library/x509_crt.c
3160 * Caller: library/ssl_cli.c
3161 * library/ssl_srv.c
3162 * library/ssl_tls.c
3163 *
3164 * Requires: MBEDTLS_X509_USE_C
3165 *
3166 * This module is required for X.509 certificate parsing.
3167 */
3168#define MBEDTLS_X509_CRT_PARSE_C
3169
3170/**
3171 * \def MBEDTLS_X509_CRL_PARSE_C
3172 *
3173 * Enable X.509 CRL parsing.
3174 *
3175 * Module: library/x509_crl.c
3176 * Caller: library/x509_crt.c
3177 *
3178 * Requires: MBEDTLS_X509_USE_C
3179 *
3180 * This module is required for X.509 CRL parsing.
3181 */
3182#define MBEDTLS_X509_CRL_PARSE_C
3183
3184/**
3185 * \def MBEDTLS_X509_CSR_PARSE_C
3186 *
3187 * Enable X.509 Certificate Signing Request (CSR) parsing.
3188 *
3189 * Module: library/x509_csr.c
3190 * Caller: library/x509_crt_write.c
3191 *
3192 * Requires: MBEDTLS_X509_USE_C
3193 *
3194 * This module is used for reading X.509 certificate request.
3195 */
3196#define MBEDTLS_X509_CSR_PARSE_C
3197
3198/**
3199 * \def MBEDTLS_X509_CREATE_C
3200 *
3201 * Enable X.509 core for creating certificates.
3202 *
3203 * Module: library/x509_create.c
3204 *
3205 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
3206 *
3207 * This module is the basis for creating X.509 certificates and CSRs.
3208 */
3209#define MBEDTLS_X509_CREATE_C
3210
3211/**
3212 * \def MBEDTLS_X509_CRT_WRITE_C
3213 *
3214 * Enable creating X.509 certificates.
3215 *
3216 * Module: library/x509_crt_write.c
3217 *
3218 * Requires: MBEDTLS_X509_CREATE_C
3219 *
3220 * This module is required for X.509 certificate creation.
3221 */
3222#define MBEDTLS_X509_CRT_WRITE_C
3223
3224/**
3225 * \def MBEDTLS_X509_CSR_WRITE_C
3226 *
3227 * Enable creating X.509 Certificate Signing Requests (CSR).
3228 *
3229 * Module: library/x509_csr_write.c
3230 *
3231 * Requires: MBEDTLS_X509_CREATE_C
3232 *
3233 * This module is required for X.509 certificate request writing.
3234 */
3235#define MBEDTLS_X509_CSR_WRITE_C
3236
3237/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003238 * \def MBEDTLS_XTEA_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003239 *
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003240 * Enable the XTEA block cipher.
3241 *
Paul Bakker7a7c78f2009-01-04 18:15:48 +00003242 * Module: library/xtea.c
3243 * Caller:
3244 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003245#define MBEDTLS_XTEA_C
Manuel Pégourié-Gonnard39d2adb2012-10-31 09:26:55 +01003246
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003247/* \} name SECTION: mbed TLS modules */
Paul Bakker7a7c78f2009-01-04 18:15:48 +00003248
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003249/**
3250 * \name SECTION: Module configuration options
3251 *
3252 * This section allows for the setting of module specific sizes and
3253 * configuration options. The default values are already present in the
3254 * relevant header files and should suffice for the regular use cases.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003255 *
Paul Bakker088c5c52014-04-25 11:11:10 +02003256 * Our advice is to enable options and change their values here
3257 * only if you have a good reason and know the consequences.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003258 *
3259 * Please check the respective header file for documentation on these
3260 * parameters (to prevent duplicate documentation).
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003261 * \{
3262 */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003263
Paul Bakker088c5c52014-04-25 11:11:10 +02003264/* MPI / BIGNUM options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003265//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
3266//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003267
Paul Bakker088c5c52014-04-25 11:11:10 +02003268/* CTR_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003269//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3270//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3271//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3272//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3273//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003274
Paul Bakker088c5c52014-04-25 11:11:10 +02003275/* HMAC_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003276//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3277//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3278//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3279//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003280
Paul Bakker088c5c52014-04-25 11:11:10 +02003281/* ECP options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003282//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
3283//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
3284//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
Manuel Pégourié-Gonnard0520b602014-01-30 19:43:46 +01003285
Paul Bakker088c5c52014-04-25 11:11:10 +02003286/* Entropy options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003287//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3288//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
Andres AG7abc9742016-09-23 17:58:49 +01003289//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
Paul Bakkere1b665e2013-12-11 16:02:58 +01003290
Paul Bakker088c5c52014-04-25 11:11:10 +02003291/* Memory buffer allocator options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003292//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003293
Paul Bakker088c5c52014-04-25 11:11:10 +02003294/* Platform options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003295//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003296//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003297//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3298//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003299//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003300//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3301//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003302/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003303//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
Janos Follath91947442016-03-18 13:49:27 +00003304//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3305//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003306//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3307//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3308//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
Paul Bakker6e339b52013-07-03 13:37:05 +02003309
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003310/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3311/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003312//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003313//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3314//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003315//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3316//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003317//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3318//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003319/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003320//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
k-stachowiak723f8672018-07-16 14:27:07 +02003321//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003322//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3323//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003324
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003325/**
3326 * \brief This macro is invoked by the library when an invalid parameter
Gilles Peskinec7ad1222019-06-13 16:44:19 +02003327 * is detected that is only checked with #MBEDTLS_CHECK_PARAMS
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003328 * (see the documentation of that option for context).
3329 *
Gilles Peskinec7ad1222019-06-13 16:44:19 +02003330 * When you leave this undefined here, the library provides
3331 * a default definition. If the macro #MBEDTLS_CHECK_PARAMS_ASSERT
3332 * is defined, the default definition is `assert(cond)`,
3333 * otherwise the default definition calls a function
3334 * mbedtls_param_failed(). This function is declared in
3335 * `platform_util.h` for the benefit of the library, but
3336 * you need to define in your application.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003337 *
3338 * When you define this here, this replaces the default
3339 * definition in platform_util.h (which no longer declares the
3340 * function mbedtls_param_failed()) and it is your responsibility
3341 * to make sure this macro expands to something suitable (in
3342 * particular, that all the necessary declarations are visible
3343 * from within the library - you can ensure that by providing
3344 * them in this file next to the macro definition).
Gilles Peskinec7ad1222019-06-13 16:44:19 +02003345 * If you define this macro to call `assert`, also define
3346 * #MBEDTLS_CHECK_PARAMS_ASSERT so that library source files
3347 * include `<assert.h>`.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003348 *
3349 * Note that you may define this macro to expand to nothing, in
3350 * which case you don't have to worry about declarations or
3351 * definitions. However, you will then be notified about invalid
3352 * parameters only in non-void functions, and void function will
3353 * just silently return early on invalid parameters, which
3354 * partially negates the benefits of enabling
3355 * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
3356 *
3357 * \param cond The expression that should evaluate to true, but doesn't.
3358 */
3359//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3360
Gilles Peskine4e117492020-02-26 18:56:08 +01003361/* SSL Cache options */
3362//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3363//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3364
3365/* SSL options */
3366
3367/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
3368 *
3369 * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
3370 *
3371 * This determines the size of both the incoming and outgoing TLS I/O buffers
3372 * in such a way that both are capable of holding the specified amount of
3373 * plaintext data, regardless of the protection mechanism used.
3374 *
3375 * To configure incoming and outgoing I/O buffers separately, use
3376 * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
3377 * which overwrite the value set by this option.
3378 *
3379 * \note When using a value less than the default of 16KB on the client, it is
3380 * recommended to use the Maximum Fragment Length (MFL) extension to
3381 * inform the server about this limitation. On the server, there
3382 * is no supported, standardized way of informing the client about
3383 * restriction on the maximum size of incoming messages, and unless
3384 * the limitation has been communicated by other means, it is recommended
3385 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3386 * while keeping the default value of 16KB for the incoming buffer.
3387 *
3388 * Uncomment to set the maximum plaintext size of both
3389 * incoming and outgoing I/O buffers.
3390 */
3391//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
3392
3393/** \def MBEDTLS_SSL_IN_CONTENT_LEN
3394 *
3395 * Maximum length (in bytes) of incoming plaintext fragments.
3396 *
3397 * This determines the size of the incoming TLS I/O buffer in such a way
3398 * that it is capable of holding the specified amount of plaintext data,
3399 * regardless of the protection mechanism used.
3400 *
3401 * If this option is undefined, it inherits its value from
3402 * #MBEDTLS_SSL_MAX_CONTENT_LEN.
3403 *
3404 * \note When using a value less than the default of 16KB on the client, it is
3405 * recommended to use the Maximum Fragment Length (MFL) extension to
3406 * inform the server about this limitation. On the server, there
3407 * is no supported, standardized way of informing the client about
3408 * restriction on the maximum size of incoming messages, and unless
3409 * the limitation has been communicated by other means, it is recommended
3410 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3411 * while keeping the default value of 16KB for the incoming buffer.
3412 *
3413 * Uncomment to set the maximum plaintext size of the incoming I/O buffer
3414 * independently of the outgoing I/O buffer.
3415 */
3416//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3417
3418/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
3419 *
3420 * Maximum length (in bytes) of outgoing plaintext fragments.
3421 *
3422 * This determines the size of the outgoing TLS I/O buffer in such a way
3423 * that it is capable of holding the specified amount of plaintext data,
3424 * regardless of the protection mechanism used.
3425 *
3426 * If this option undefined, it inherits its value from
3427 * #MBEDTLS_SSL_MAX_CONTENT_LEN.
3428 *
3429 * It is possible to save RAM by setting a smaller outward buffer, while keeping
3430 * the default inward 16384 byte buffer to conform to the TLS specification.
3431 *
3432 * The minimum required outward buffer size is determined by the handshake
3433 * protocol's usage. Handshaking will fail if the outward buffer is too small.
3434 * The specific size requirement depends on the configured ciphers and any
3435 * certificate data which is sent during the handshake.
3436 *
3437 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
3438 * independently of the incoming I/O buffer.
3439 */
3440//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3441
3442/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
3443 *
3444 * Maximum number of heap-allocated bytes for the purpose of
3445 * DTLS handshake message reassembly and future message buffering.
3446 *
3447 * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
3448 * to account for a reassembled handshake message of maximum size,
3449 * together with its reassembly bitmap.
3450 *
3451 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
3452 * should be sufficient for all practical situations as it allows
3453 * to reassembly a large handshake message (such as a certificate)
3454 * while buffering multiple smaller handshake messages.
3455 *
3456 */
3457//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
3458
3459//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
3460//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
3461//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
3462
3463/**
3464 * Complete list of ciphersuites to use, in order of preference.
3465 *
3466 * \warning No dependency checking is done on that field! This option can only
3467 * be used to restrict the set of available ciphersuites. It is your
3468 * responsibility to make sure the needed modules are active.
3469 *
3470 * Use this to save a few hundred bytes of ROM (default ordering of all
3471 * available ciphersuites) and a few to a few hundred bytes of RAM.
3472 *
3473 * The value below is only an example, not the default.
3474 */
3475//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
3476
3477/* X509 options */
3478//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
3479//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
3480
3481/**
3482 * Allow SHA-1 in the default TLS configuration for certificate signing.
3483 * Without this build-time option, SHA-1 support must be activated explicitly
3484 * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
3485 * recommended because of it is possible to generate SHA-1 collisions, however
3486 * this may be safe for legacy infrastructure where additional controls apply.
3487 *
3488 * \warning SHA-1 is considered a weak message digest and its use constitutes
3489 * a security risk. If possible, we recommend avoiding dependencies
3490 * on it, and considering stronger message digests instead.
3491 *
3492 */
3493// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
3494
3495/**
3496 * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
3497 * signature and ciphersuite selection. Without this build-time option, SHA-1
3498 * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
3499 * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
3500 * default. At the time of writing, there is no practical attack on the use
3501 * of SHA-1 in handshake signatures, hence this option is turned on by default
3502 * to preserve compatibility with existing peers, but the general
3503 * warning applies nonetheless:
3504 *
3505 * \warning SHA-1 is considered a weak message digest and its use constitutes
3506 * a security risk. If possible, we recommend avoiding dependencies
3507 * on it, and considering stronger message digests instead.
3508 *
3509 */
3510#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
3511
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003512/**
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003513 * Uncomment the macro to let mbed TLS use your alternate implementation of
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003514 * mbedtls_platform_zeroize(). This replaces the default implementation in
3515 * platform_util.c.
Andres Amaya Garcia6606d5c2018-03-08 20:25:29 +00003516 *
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003517 * mbedtls_platform_zeroize() is a widely used function across the library to
3518 * zero a block of memory. The implementation is expected to be secure in the
3519 * sense that it has been written to prevent the compiler from removing calls
3520 * to mbedtls_platform_zeroize() as part of redundant code elimination
3521 * optimizations. However, it is difficult to guarantee that calls to
3522 * mbedtls_platform_zeroize() will not be optimized by the compiler as older
3523 * versions of the C language standards do not provide a secure implementation
3524 * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
3525 * configure their own implementation of mbedtls_platform_zeroize(), for
Andres Amaya Garciad0ef4682018-04-24 08:31:34 -05003526 * example by using directives specific to their compiler, features from newer
3527 * C standards (e.g using memset_s() in C11) or calling a secure memset() from
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003528 * their system (e.g explicit_bzero() in BSD).
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003529 */
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003530//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003531
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003532/**
3533 * Uncomment the macro to let Mbed TLS use your alternate implementation of
Hanno Becker6a739782018-09-05 15:06:19 +01003534 * mbedtls_platform_gmtime_r(). This replaces the default implementation in
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003535 * platform_util.c.
3536 *
Hanno Becker921b76d2018-09-05 16:21:36 +01003537 * gmtime() is not a thread-safe function as defined in the C standard. The
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003538 * library will try to use safer implementations of this function, such as
3539 * gmtime_r() when available. However, if Mbed TLS cannot identify the target
Hanno Becker6a739782018-09-05 15:06:19 +01003540 * system, the implementation of mbedtls_platform_gmtime_r() will default to
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003541 * using the standard gmtime(). In this case, calls from the library to
3542 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
Hanno Becker9fbbf1c2018-09-05 16:23:02 +01003543 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003544 * library are also guarded with this mutex to avoid race conditions. However,
Hanno Becker6a739782018-09-05 15:06:19 +01003545 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
3546 * unconditionally use the implementation for mbedtls_platform_gmtime_r()
3547 * supplied at compile time.
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003548 */
Hanno Becker6a739782018-09-05 15:06:19 +01003549//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003550
Christoph M. Wintersteigerc3cbdde2018-12-14 11:03:02 +00003551/**
Christoph M. Wintersteiger5833de72019-02-15 12:49:27 +00003552 * Enable the verified implementations of ECDH primitives from Project Everest
3553 * (currently only Curve25519). This feature changes the layout of ECDH
3554 * contexts and therefore is a compatibility break for applications that access
3555 * fields of a mbedtls_ecdh_context structure directly. See also
3556 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
Christoph M. Wintersteigerde4fcf22018-10-25 12:41:04 +01003557 */
Christoph M. Wintersteiger78450a32019-01-17 12:17:54 +00003558//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
Christoph M. Wintersteigerde4fcf22018-10-25 12:41:04 +01003559
3560/* \} name SECTION: Customisation configuration options */
3561
Simon Butcher3ad2efd2018-05-02 14:49:38 +01003562/* Target and application specific configurations
3563 *
Manuel Pégourié-Gonnard32da9f62015-07-31 15:52:30 +02003564 * Allow user to override any previous default.
3565 *
Manuel Pégourié-Gonnard32da9f62015-07-31 15:52:30 +02003566 */
Simon Butcher3ad2efd2018-05-02 14:49:38 +01003567#if defined(MBEDTLS_USER_CONFIG_FILE)
Manuel Pégourié-Gonnard32da9f62015-07-31 15:52:30 +02003568#include MBEDTLS_USER_CONFIG_FILE
3569#endif
3570
Jaeden Ameroc49fbbf2019-07-04 20:01:14 +01003571#include "mbedtls/check_config.h"
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01003572
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003573#endif /* MBEDTLS_CONFIG_H */