blob: ef3cf2408be422af77ae96dbe32d3a45e10fedb8 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001/**
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +02002 * \file mbedtls_config.h
Paul Bakker5121ce52009-01-03 21:22:43 +00003 *
Paul Bakker37ca75d2011-01-06 12:28:03 +00004 * \brief Configuration options (set of defines)
5 *
Simon Butcher5b331b92016-01-03 16:14:14 +00006 * This set of compile-time options may be used to enable
7 * or disable features selectively, and reduce the global
8 * memory footprint.
Darryl Greena40a1012018-01-05 15:33:17 +00009 */
10/*
Bence Szépkúti1e148272020-08-07 13:07:28 +020011 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +020012 * SPDX-License-Identifier: Apache-2.0
13 *
14 * Licensed under the Apache License, Version 2.0 (the "License"); you may
15 * not use this file except in compliance with the License.
16 * You may obtain a copy of the License at
17 *
18 * http://www.apache.org/licenses/LICENSE-2.0
19 *
20 * Unless required by applicable law or agreed to in writing, software
21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23 * See the License for the specific language governing permissions and
24 * limitations under the License.
Manuel Pégourié-Gonnarde2b0efe2015-08-11 10:38:37 +020025 */
26
Bence Szépkúti2bb74562021-06-21 16:19:00 +020027/**
Tom Cosgrove1e211442022-05-26 11:51:00 +010028 * This is an optional version symbol that enables compatibility handling of
Bence Szépkúti2bb74562021-06-21 16:19:00 +020029 * config files.
30 *
Bence Szépkúti1b2a8832021-06-28 10:26:11 +010031 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that
Bence Szépkúti2bb74562021-06-21 16:19:00 +020032 * introduced the config format we want to be compatible with.
33 */
Bence Szépkúti1cafe5c2021-06-22 09:30:08 +020034//#define MBEDTLS_CONFIG_VERSION 0x03000000
Bence Szépkútiba7248a2021-05-31 16:53:56 +020035
Paul Bakkerf3b86c12011-01-27 15:24:17 +000036/**
Paul Bakker0a62cd12011-01-21 11:00:08 +000037 * \name SECTION: System support
38 *
39 * This section sets system specific settings.
40 * \{
41 */
42
Paul Bakkerf3b86c12011-01-27 15:24:17 +000043/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020044 * \def MBEDTLS_HAVE_ASM
Paul Bakkerf3b86c12011-01-27 15:24:17 +000045 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020046 * The compiler has support for asm().
Paul Bakker68041ec2009-04-19 21:17:55 +000047 *
48 * Requires support for asm() in compiler.
49 *
50 * Used in:
Dave Rodgmancb0f2c42022-12-23 13:15:37 +000051 * library/aesni.h
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010052 * library/aria.c
Chris Jones4c5819c2021-03-03 17:45:34 +000053 * library/bn_mul.h
Dave Rodgmancb0f2c42022-12-23 13:15:37 +000054 * library/constant_time.c
55 * library/padlock.h
Paul Bakker68041ec2009-04-19 21:17:55 +000056 *
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010057 * Required by:
Tom Cosgrovef586aa22023-03-20 14:45:27 +000058 * MBEDTLS_AESCE_C
Gilles Peskine0bfccfa2023-03-16 17:49:44 +010059 * MBEDTLS_AESNI_C (on some platforms)
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010060 * MBEDTLS_PADLOCK_C
61 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020062 * Comment to disable the use of assembly code.
Paul Bakker5121ce52009-01-03 21:22:43 +000063 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020064#define MBEDTLS_HAVE_ASM
Paul Bakker5121ce52009-01-03 21:22:43 +000065
Paul Bakkerf3b86c12011-01-27 15:24:17 +000066/**
Gilles Peskineed942f82017-06-08 15:19:20 +020067 * \def MBEDTLS_NO_UDBL_DIVISION
68 *
69 * The platform lacks support for double-width integer division (64-bit
70 * division on a 32-bit platform, 128-bit division on a 64-bit platform).
71 *
72 * Used in:
73 * include/mbedtls/bignum.h
74 * library/bignum.c
75 *
76 * The bignum code uses double-width division to speed up some operations.
77 * Double-width division is often implemented in software that needs to
78 * be linked with the program. The presence of a double-width integer
79 * type is usually detected automatically through preprocessor macros,
80 * but the automatic detection cannot know whether the code needs to
81 * and can be linked with an implementation of division for that type.
82 * By default division is assumed to be usable if the type is present.
83 * Uncomment this option to prevent the use of double-width division.
84 *
85 * Note that division for the native integer type is always required.
86 * Furthermore, a 64-bit type is always required even on a 32-bit
Andres Amaya Garcia2801d002017-07-21 10:56:22 +010087 * platform, but it need not support multiplication or division. In some
88 * cases it is also desirable to disable some double-width operations. For
89 * example, if double-width division is implemented in software, disabling
90 * it can reduce code size in some embedded targets.
Gilles Peskineed942f82017-06-08 15:19:20 +020091 */
92//#define MBEDTLS_NO_UDBL_DIVISION
93
94/**
Manuel Pégourié-Gonnard2adb3752018-06-07 10:51:44 +020095 * \def MBEDTLS_NO_64BIT_MULTIPLICATION
96 *
97 * The platform lacks support for 32x32 -> 64-bit multiplication.
98 *
99 * Used in:
100 * library/poly1305.c
101 *
102 * Some parts of the library may use multiplication of two unsigned 32-bit
103 * operands with a 64-bit result in order to speed up computations. On some
104 * platforms, this is not available in hardware and has to be implemented in
105 * software, usually in a library provided by the toolchain.
106 *
107 * Sometimes it is not desirable to have to link to that library. This option
108 * removes the dependency of that library on platforms that lack a hardware
109 * 64-bit multiplier by embedding a software implementation in Mbed TLS.
110 *
111 * Note that depending on the compiler, this may decrease performance compared
112 * to using the library function provided by the toolchain.
113 */
114//#define MBEDTLS_NO_64BIT_MULTIPLICATION
115
116/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200117 * \def MBEDTLS_HAVE_SSE2
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000118 *
Paul Bakkere23c3152012-10-01 14:42:47 +0000119 * CPU supports SSE2 instruction set.
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000120 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000121 * Uncomment if the CPU supports SSE2 (IA-32 specific).
Paul Bakker5121ce52009-01-03 21:22:43 +0000122 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200123//#define MBEDTLS_HAVE_SSE2
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200124
125/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200126 * \def MBEDTLS_HAVE_TIME
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200127 *
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200128 * System has time.h and time().
129 * The time does not need to be correct, only time differences are used,
130 * by contrast with MBEDTLS_HAVE_TIME_DATE
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200131 *
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +0100132 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
133 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
134 * MBEDTLS_PLATFORM_STD_TIME.
135 *
Andrzej Kurek57353692022-04-07 08:08:21 -0400136 * Comment if your system does not support time functions.
137 *
138 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing
139 * interface - timing.c will include time.h on suitable platforms
140 * regardless of the setting of MBEDTLS_HAVE_TIME, unless
141 * MBEDTLS_TIMING_ALT is used. See timing.c for more information.
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200142 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200143#define MBEDTLS_HAVE_TIME
Manuel Pégourié-Gonnard10934de2013-12-13 12:54:09 +0100144
145/**
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200146 * \def MBEDTLS_HAVE_TIME_DATE
147 *
Hanno Becker4e67cca2018-09-05 16:18:38 +0100148 * System has time.h, time(), and an implementation for
149 * mbedtls_platform_gmtime_r() (see below).
Antonin Décimo36e89b52019-01-23 15:24:37 +0100150 * The time needs to be correct (not necessarily very accurate, but at least
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200151 * the date should be correct). This is used to verify the validity period of
152 * X.509 certificates.
153 *
154 * Comment if your system does not have a correct clock.
Andres Amaya Garcia97f3ecb2018-08-07 20:39:27 +0100155 *
Hanno Becker6a739782018-09-05 15:06:19 +0100156 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
Hanno Beckerc52ef402018-09-05 16:28:59 +0100157 * behaves similarly to the gmtime_r() function from the C standard. Refer to
158 * the documentation for mbedtls_platform_gmtime_r() for more information.
Andres Amaya Garciac99b12b2018-08-21 19:32:44 +0100159 *
160 * \note It is possible to configure an implementation for
Hanno Becker6a739782018-09-05 15:06:19 +0100161 * mbedtls_platform_gmtime_r() at compile-time by using the macro
162 * MBEDTLS_PLATFORM_GMTIME_R_ALT.
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200163 */
164#define MBEDTLS_HAVE_TIME_DATE
165
166/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200167 * \def MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100168 *
169 * Enable the memory allocation layer.
170 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200171 * By default mbed TLS uses the system-provided calloc() and free().
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100172 * This allows different allocators (self-implemented or provided) to be
173 * provided to the platform abstraction layer.
174 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200175 * Enabling MBEDTLS_PLATFORM_MEMORY without the
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200176 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
177 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
Rich Evans16f8cd82015-02-06 16:14:34 +0000178 * free() function pointer at runtime.
179 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200180 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200181 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
Rich Evans16f8cd82015-02-06 16:14:34 +0000182 * alternate function at compile time.
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100183 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200184 * Requires: MBEDTLS_PLATFORM_C
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100185 *
186 * Enable this layer to allow use of alternative memory allocators.
187 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200188//#define MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100189
190/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200191 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200192 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200193 * Do not assign standard functions in the platform layer (e.g. calloc() to
194 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
Paul Bakker088c5c52014-04-25 11:11:10 +0200195 *
196 * This makes sure there are no linking errors on platforms that do not support
197 * these functions. You will HAVE to provide alternatives, either at runtime
198 * via the platform_set_xxx() functions or at compile time by setting
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200199 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
200 * MBEDTLS_PLATFORM_XXX_MACRO.
Paul Bakker088c5c52014-04-25 11:11:10 +0200201 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200202 * Requires: MBEDTLS_PLATFORM_C
Paul Bakker088c5c52014-04-25 11:11:10 +0200203 *
204 * Uncomment to prevent default assignment of standard functions in the
205 * platform layer.
206 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200207//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200208
209/**
Janos Follathc351d182016-03-21 08:43:59 +0000210 * \def MBEDTLS_PLATFORM_EXIT_ALT
Paul Bakker747a83a2014-02-01 22:50:07 +0100211 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100212 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
213 * function in the platform abstraction layer.
Paul Bakker747a83a2014-02-01 22:50:07 +0100214 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200215 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
216 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
Paul Bakker747a83a2014-02-01 22:50:07 +0100217 * alternative printf function pointer.
218 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200219 * All these define require MBEDTLS_PLATFORM_C to be defined!
Paul Bakker747a83a2014-02-01 22:50:07 +0100220 *
Manuel Pégourié-Gonnard9db28872015-06-26 10:52:01 +0200221 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
222 * it will be enabled automatically by check_config.h
223 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +0200224 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200225 * MBEDTLS_PLATFORM_XXX_MACRO!
Rich Evans16f8cd82015-02-06 16:14:34 +0000226 *
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +0100227 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
228 *
Paul Bakker747a83a2014-02-01 22:50:07 +0100229 * Uncomment a macro to enable alternate implementation of specific base
230 * platform function
231 */
Gilles Peskine6497b5a2022-06-30 17:01:40 +0200232//#define MBEDTLS_PLATFORM_SETBUF_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200233//#define MBEDTLS_PLATFORM_EXIT_ALT
SimonBd5800b72016-04-26 07:43:27 +0100234//#define MBEDTLS_PLATFORM_TIME_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200235//#define MBEDTLS_PLATFORM_FPRINTF_ALT
236//#define MBEDTLS_PLATFORM_PRINTF_ALT
237//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
k-stachowiak723f8672018-07-16 14:27:07 +0200238//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
Paul Bakkercf0a9f92016-06-01 11:25:44 +0100239//#define MBEDTLS_PLATFORM_NV_SEED_ALT
Andres Amaya Garcia59c20262017-07-18 10:23:04 +0100240//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100241
242/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200243 * \def MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100244 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000245 * Mark deprecated functions and features so that they generate a warning if
246 * used. Functionality deprecated in one version will usually be removed in the
247 * next version. You can enable this to help you prepare the transition to a
248 * new major version by making sure your code is not using this functionality.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100249 *
250 * This only works with GCC and Clang. With other compilers, you may want to
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200251 * use MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100252 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000253 * Uncomment to get warnings on using deprecated functions and features.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100254 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200255//#define MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100256
257/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200258 * \def MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100259 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000260 * Remove deprecated functions and features so that they generate an error if
261 * used. Functionality deprecated in one version will usually be removed in the
262 * next version. You can enable this to help you prepare the transition to a
263 * new major version by making sure your code is not using this functionality.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100264 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000265 * Uncomment to get errors on using deprecated functions and features.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100266 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200267//#define MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100268
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +0100269/** \} name SECTION: System support */
Paul Bakker0a62cd12011-01-21 11:00:08 +0000270
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000271/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000272 * \name SECTION: mbed TLS feature support
Paul Bakker0a62cd12011-01-21 11:00:08 +0000273 *
274 * This section sets support for features that are or are not needed
275 * within the modules that are enabled.
276 * \{
277 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000278
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000279/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200280 * \def MBEDTLS_TIMING_ALT
Paul Bakkerf2561b32014-02-06 15:11:55 +0100281 *
TRodziewiczd8540832021-06-10 15:16:50 +0200282 * Uncomment to provide your own alternate implementation for
Manuel Pégourié-Gonnarda63bc942015-05-14 18:22:47 +0200283 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
Paul Bakkerf2561b32014-02-06 15:11:55 +0100284 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200285 * Only works if you have MBEDTLS_TIMING_C enabled.
Paul Bakkerf2561b32014-02-06 15:11:55 +0100286 *
287 * You will need to provide a header "timing_alt.h" and an implementation at
288 * compile time.
289 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200290//#define MBEDTLS_TIMING_ALT
Paul Bakkerf2561b32014-02-06 15:11:55 +0100291
292/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100293 * \def MBEDTLS_AES_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200294 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100295 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follathb0697532016-08-18 12:38:46 +0100296 * alternate core implementation of a symmetric crypto, an arithmetic or hash
297 * module (e.g. platform specific assembly optimized implementations). Keep
298 * in mind that the function prototypes should remain the same.
Paul Bakker90995b52013-06-24 19:20:35 +0200299 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200300 * This replaces the whole module. If you only want to replace one of the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200301 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200302 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200303 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
Janos Follathee782bc2016-11-07 15:41:26 +0000304 * provide the "struct mbedtls_aes_context" definition and omit the base
305 * function declarations and implementations. "aes_alt.h" will be included from
Paul Bakker90995b52013-06-24 19:20:35 +0200306 * "aes.h" to include the new function definitions.
307 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200308 * Uncomment a macro to enable alternate implementation of the corresponding
309 * module.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100310 *
TRodziewicz10e8cf52021-05-31 17:58:57 +0200311 * \warning MD5, DES and SHA-1 are considered weak and their
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100312 * use constitutes a security risk. If possible, we recommend
313 * avoiding dependencies on them, and considering stronger message
314 * digests and ciphers instead.
315 *
Paul Bakker90995b52013-06-24 19:20:35 +0200316 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200317//#define MBEDTLS_AES_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000318//#define MBEDTLS_ARIA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200319//#define MBEDTLS_CAMELLIA_ALT
Steven Cooreman222e2ff2017-04-04 11:37:15 +0200320//#define MBEDTLS_CCM_ALT
Daniel King34b822c2016-05-15 17:28:08 -0300321//#define MBEDTLS_CHACHA20_ALT
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +0200322//#define MBEDTLS_CHACHAPOLY_ALT
Steven Cooreman63342772017-04-04 11:47:16 +0200323//#define MBEDTLS_CMAC_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200324//#define MBEDTLS_DES_ALT
nirekh01d569ecf2018-01-09 16:43:21 +0000325//#define MBEDTLS_DHM_ALT
Hanno Becker616d1ca2018-01-24 10:25:05 +0000326//#define MBEDTLS_ECJPAKE_ALT
Jaeden Amero15263302017-09-21 12:53:48 +0100327//#define MBEDTLS_GCM_ALT
Ron Eldor466a57f2018-05-03 16:54:28 +0300328//#define MBEDTLS_NIST_KW_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200329//#define MBEDTLS_MD5_ALT
Daniel Kingadc32c02016-05-16 18:25:45 -0300330//#define MBEDTLS_POLY1305_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200331//#define MBEDTLS_RIPEMD160_ALT
Hanno Becker88683b22018-01-04 18:26:54 +0000332//#define MBEDTLS_RSA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200333//#define MBEDTLS_SHA1_ALT
334//#define MBEDTLS_SHA256_ALT
335//#define MBEDTLS_SHA512_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000336
Janos Follathb0697532016-08-18 12:38:46 +0100337/*
Shaun Case8b0ecbc2021-12-20 21:14:10 -0800338 * When replacing the elliptic curve module, please consider, that it is
Janos Follathb0697532016-08-18 12:38:46 +0100339 * implemented with two .c files:
340 * - ecp.c
341 * - ecp_curves.c
Janos Follathee782bc2016-11-07 15:41:26 +0000342 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
343 * macros as described above. The only difference is that you have to make sure
344 * that you provide functionality for both .c files.
Janos Follathb0697532016-08-18 12:38:46 +0100345 */
346//#define MBEDTLS_ECP_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200347
348/**
TRodziewicz75628d52021-06-18 12:56:27 +0200349 * \def MBEDTLS_SHA256_PROCESS_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200350 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100351 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
352 * alternate core implementation of symmetric crypto or hash function. Keep in
353 * mind that function prototypes should remain the same.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200354 *
355 * This replaces only one function. The header file from mbed TLS is still
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200356 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200357 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200358 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
359 * no longer provide the mbedtls_sha1_process() function, but it will still provide
360 * the other function (using your mbedtls_sha1_process() function) and the definition
361 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200362 * with this definition.
363 *
Tobias Nießen1e8ca122021-05-10 19:53:15 +0200364 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set
Hanno Beckera5723f42017-06-26 12:46:19 +0100365 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
366 * tables.
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200367 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200368 * Uncomment a macro to enable alternate implementation of the corresponding
369 * function.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100370 *
TRodziewicz10e8cf52021-05-31 17:58:57 +0200371 * \warning MD5, DES and SHA-1 are considered weak and their use
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100372 * constitutes a security risk. If possible, we recommend avoiding
373 * dependencies on them, and considering stronger message digests
374 * and ciphers instead.
375 *
Janos Follath1231d212019-01-07 15:01:32 +0000376 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are
377 * enabled, then the deterministic ECDH signature functions pass the
378 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore
379 * alternative implementations should use the RNG only for generating
380 * the ephemeral key and nothing else. If this is not possible, then
381 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative
TRodziewiczc1c479f2021-05-06 00:53:22 +0200382 * implementation should be provided for mbedtls_ecdsa_sign_det_ext().
Janos Follath1231d212019-01-07 15:01:32 +0000383 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200384 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200385//#define MBEDTLS_MD5_PROCESS_ALT
386//#define MBEDTLS_RIPEMD160_PROCESS_ALT
387//#define MBEDTLS_SHA1_PROCESS_ALT
388//#define MBEDTLS_SHA256_PROCESS_ALT
389//#define MBEDTLS_SHA512_PROCESS_ALT
Manuel Pégourié-Gonnard70a50102015-05-12 15:02:45 +0200390//#define MBEDTLS_DES_SETKEY_ALT
391//#define MBEDTLS_DES_CRYPT_ECB_ALT
392//#define MBEDTLS_DES3_CRYPT_ECB_ALT
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200393//#define MBEDTLS_AES_SETKEY_ENC_ALT
394//#define MBEDTLS_AES_SETKEY_DEC_ALT
395//#define MBEDTLS_AES_ENCRYPT_ALT
396//#define MBEDTLS_AES_DECRYPT_ALT
Ron Eldora84c1cb2017-10-10 19:04:27 +0300397//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
Ron Eldor3226d362017-10-12 14:17:48 +0300398//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
Ron Eldor314adb62017-10-10 18:28:25 +0300399//#define MBEDTLS_ECDSA_VERIFY_ALT
400//#define MBEDTLS_ECDSA_SIGN_ALT
401//#define MBEDTLS_ECDSA_GENKEY_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200402
403/**
Janos Follathc44ab972016-11-18 16:38:23 +0000404 * \def MBEDTLS_ECP_INTERNAL_ALT
405 *
406 * Expose a part of the internal interface of the Elliptic Curve Point module.
Janos Follathb0697532016-08-18 12:38:46 +0100407 *
408 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follath372697b2016-10-28 16:53:11 +0100409 * alternative core implementation of elliptic curve arithmetic. Keep in mind
410 * that function prototypes should remain the same.
Janos Follathb0697532016-08-18 12:38:46 +0100411 *
412 * This partially replaces one function. The header file from mbed TLS is still
413 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
414 * is still present and it is used for group structures not supported by the
415 * alternative.
416 *
Steven Cooreman97b49842021-01-08 16:32:20 +0100417 * The original implementation can in addition be removed by setting the
Steven Cooreman6226a122021-01-21 13:58:31 +0100418 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the
Steven Cooreman97b49842021-01-08 16:32:20 +0100419 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be
420 * able to fallback to curves not supported by the alternative implementation.
421 *
Janos Follathc44ab972016-11-18 16:38:23 +0000422 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
423 * and implementing the following functions:
424 * unsigned char mbedtls_internal_ecp_grp_capable(
425 * const mbedtls_ecp_group *grp )
426 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500427 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
Janos Follathc44ab972016-11-18 16:38:23 +0000428 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
429 * replacement functions implement arithmetic for the given group and 0
430 * otherwise.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500431 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
Janos Follathc44ab972016-11-18 16:38:23 +0000432 * called before and after each point operation and provide an opportunity to
433 * implement optimized set up and tear down instructions.
Janos Follathb0697532016-08-18 12:38:46 +0100434 *
Steven Cooreman6226a122021-01-21 13:58:31 +0100435 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and
436 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac()
437 * function, but will use your mbedtls_internal_ecp_double_jac() if the group
438 * for the operation is supported by your implementation (i.e. your
439 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the
440 * group is not supported by your implementation, then the original mbed TLS
441 * implementation of ecp_double_jac() is used instead, unless this fallback
442 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case
443 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE).
444 *
445 * The function prototypes and the definition of mbedtls_ecp_group and
446 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your
447 * implementation of mbedtls_internal_ecp__function_name__ must be compatible
448 * with their definitions.
Janos Follathb0697532016-08-18 12:38:46 +0100449 *
450 * Uncomment a macro to enable alternate implementation of the corresponding
451 * function.
452 */
453/* Required for all the functions in this section */
Janos Follathc44ab972016-11-18 16:38:23 +0000454//#define MBEDTLS_ECP_INTERNAL_ALT
Steven Cooreman97b49842021-01-08 16:32:20 +0100455/* Turn off software fallback for curves not supported in hardware */
456//#define MBEDTLS_ECP_NO_FALLBACK
Janos Follathb0697532016-08-18 12:38:46 +0100457/* Support for Weierstrass curves with Jacobi representation */
458//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
459//#define MBEDTLS_ECP_ADD_MIXED_ALT
460//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
461//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
462//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
463/* Support for curves with Montgomery arithmetic */
464//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
465//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
466//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
467
468/**
Manuel Pégourié-Gonnard8ba88f02015-06-22 12:14:20 +0200469 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
Manuel Pégourié-Gonnard3f77dfb2015-06-19 10:06:21 +0200470 *
471 * Uncomment this macro to let mbed TLS use your own implementation of a
472 * hardware entropy collector.
473 *
474 * Your function must be called \c mbedtls_hardware_poll(), have the same
Chris Jones3848e312021-03-11 16:17:59 +0000475 * prototype as declared in library/entropy_poll.h, and accept NULL as first
476 * argument.
Manuel Pégourié-Gonnard3f77dfb2015-06-19 10:06:21 +0200477 *
478 * Uncomment to use your own hardware entropy collector.
479 */
480//#define MBEDTLS_ENTROPY_HARDWARE_ALT
481
482/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200483 * \def MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000484 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100485 * Use precomputed AES tables stored in ROM.
Paul Bakker15566e42011-04-24 21:19:15 +0000486 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100487 * Uncomment this macro to use precomputed AES tables stored in ROM.
488 * Comment this macro to generate AES tables in RAM at runtime.
489 *
Hanno Becker4c1dc3c2018-03-27 16:52:03 +0100490 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
491 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
Hanno Becker6a92ce62018-03-28 11:42:05 +0100492 * initialization time before the first AES operation can be performed.
493 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
494 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
495 * performance if ROM access is slower than RAM access.
Hanno Becker177d3cf2017-06-07 15:52:48 +0100496 *
497 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
498 *
Paul Bakker15566e42011-04-24 21:19:15 +0000499 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200500//#define MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000501
502/**
Hanno Becker177d3cf2017-06-07 15:52:48 +0100503 * \def MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200504 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100505 * Use less ROM/RAM for AES tables.
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200506 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100507 * Uncommenting this macro omits 75% of the AES tables from
508 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
509 * by computing their values on the fly during operations
510 * (the tables are entry-wise rotations of one another).
511 *
512 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
Hanno Becker08a5c182017-06-19 16:33:58 +0100513 * by ~6kb but at the cost of more arithmetic operations during
Hanno Becker177d3cf2017-06-07 15:52:48 +0100514 * runtime. Specifically, one has to compare 4 accesses within
515 * different tables to 4 accesses with additional arithmetic
516 * operations within the same table. The performance gain/loss
517 * depends on the system and memory details.
518 *
519 * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
520 *
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200521 */
Hanno Becker177d3cf2017-06-07 15:52:48 +0100522//#define MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200523
524/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200525 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200526 *
527 * Use less ROM for the Camellia implementation (saves about 768 bytes).
528 *
529 * Uncomment this macro to use less memory for Camellia.
530 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200531//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200532
533/**
Gilles Peskine9a7d4c22021-09-23 18:07:36 +0200534 * \def MBEDTLS_CHECK_RETURN_WARNING
535 *
536 * If this macro is defined, emit a compile-time warning if application code
537 * calls a function without checking its return value, but the return value
538 * should generally be checked in portable applications.
539 *
540 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is
541 * implemented. Otherwise this option has no effect.
542 *
543 * Uncomment to get warnings on using fallible functions without checking
544 * their return value.
545 *
546 * \note This feature is a work in progress.
547 * Warnings will be added to more functions in the future.
548 *
549 * \note A few functions are considered critical, and ignoring the return
550 * value of these functions will trigger a warning even if this
551 * macro is not defined. To completely disable return value check
552 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion.
553 */
554//#define MBEDTLS_CHECK_RETURN_WARNING
555
556/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200557 * \def MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200558 *
559 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
560 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200561#define MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200562
563/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200564 * \def MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000565 *
566 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
567 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200568#define MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000569
570/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200571 * \def MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000572 *
573 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
574 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200575#define MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000576
577/**
Jaeden Ameroff2f4932018-06-14 11:38:50 +0100578 * \def MBEDTLS_CIPHER_MODE_OFB
579 *
580 * Enable Output Feedback mode (OFB) for symmetric ciphers.
581 */
582#define MBEDTLS_CIPHER_MODE_OFB
583
584/**
585 * \def MBEDTLS_CIPHER_MODE_XTS
586 *
587 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
588 */
589#define MBEDTLS_CIPHER_MODE_XTS
590
591/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200592 * \def MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000593 *
594 * Enable NULL cipher.
595 * Warning: Only do so when you know what you are doing. This allows for
596 * encryption or channels without any security!
597 *
Ronald Croncee42702021-04-26 11:34:44 +0200598 * To enable the following ciphersuites:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200599 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
600 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
601 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
602 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
603 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
604 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
605 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
606 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
607 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
608 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
609 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
610 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
611 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
612 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
613 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
614 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
615 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
616 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
617 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
Paul Bakkerfab5c822012-02-06 16:45:10 +0000618 *
619 * Uncomment this macro to enable the NULL cipher and ciphersuites
Paul Bakkerfab5c822012-02-06 16:45:10 +0000620 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200621//#define MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000622
623/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100624 * \def MBEDTLS_CIPHER_PADDING_PKCS7
Paul Bakker48e93c82013-08-14 12:21:18 +0200625 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100626 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
627 * specific padding modes in the cipher layer with cipher modes that support
628 * padding (e.g. CBC)
Paul Bakker48e93c82013-08-14 12:21:18 +0200629 *
630 * If you disable all padding modes, only full blocks can be used with CBC.
631 *
632 * Enable padding modes in the cipher layer.
633 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200634#define MBEDTLS_CIPHER_PADDING_PKCS7
635#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
636#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
637#define MBEDTLS_CIPHER_PADDING_ZEROS
Paul Bakker48e93c82013-08-14 12:21:18 +0200638
Gilles Peskine1540e5b2019-10-03 14:21:14 +0200639/** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
640 *
641 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module.
642 * By default, CTR_DRBG uses a 256-bit key.
643 */
644//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
645
Paul Bakker48e93c82013-08-14 12:21:18 +0200646/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100647 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200648 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100649 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
650 * module. By default all supported curves are enabled.
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200651 *
652 * Comment macros to disable the curve and functions for it
653 */
Gilles Peskine799e5762018-09-14 17:34:00 +0200654/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200655#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
656#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
657#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
658#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
659#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
660#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
661#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
662#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
663#define MBEDTLS_ECP_DP_BP256R1_ENABLED
664#define MBEDTLS_ECP_DP_BP384R1_ENABLED
665#define MBEDTLS_ECP_DP_BP512R1_ENABLED
Gilles Peskine799e5762018-09-14 17:34:00 +0200666/* Montgomery curves (supporting ECP) */
Manuel Pégourié-Gonnard07894332015-06-23 00:18:41 +0200667#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
Nicholas Wilson08f3ef12015-11-10 13:10:01 +0000668#define MBEDTLS_ECP_DP_CURVE448_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200669
670/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200671 * \def MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200672 *
673 * Enable specific 'modulo p' routines for each NIST prime.
674 * Depending on the prime and architecture, makes operations 4 to 8 times
675 * faster on the corresponding curve.
676 *
677 * Comment this macro to disable NIST curves optimisation.
678 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200679#define MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200680
681/**
Manuel Pégourié-Gonnard4b9c51e2017-04-20 15:50:26 +0200682 * \def MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100683 *
684 * Enable "non-blocking" ECC operations that can return early and be resumed.
685 *
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200686 * This allows various functions to pause by returning
687 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
688 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
689 * order to further progress and eventually complete their operation. This is
690 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
691 * number of ECC operations a function may perform before pausing; see
692 * mbedtls_ecp_set_max_ops() for more information.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100693 *
Manuel Pégourié-Gonnard8b7b96b2017-08-23 10:02:51 +0200694 * This is useful in non-threaded environments if you want to avoid blocking
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200695 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100696 *
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100697 * This option:
698 * - Adds xxx_restartable() variants of existing operations in the
699 * following modules, with corresponding restart context types:
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100700 * - ECP (for Short Weierstrass curves only): scalar multiplication (mul),
701 * linear combination (muladd);
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100702 * - ECDSA: signature generation & verification;
703 * - PK: signature generation & verification;
704 * - X509: certificate chain verification.
705 * - Adds mbedtls_ecdh_enable_restart() in the ECDH module.
706 * - Changes the behaviour of TLS 1.2 clients (not servers) when using the
707 * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC
708 * computations restartable:
Tom Cosgrove5c8505f2023-03-07 11:39:52 +0000709 * - ECDH operations from the key exchange, only for Short Weierstrass
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100710 * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled.
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100711 * - verification of the server's key exchange signature;
712 * - verification of the server's certificate chain;
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100713 * - generation of the client's signature if client authentication is used,
714 * with an ECC key/certificate.
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100715 *
716 * \note In the cases above, the usual SSL/TLS functions, such as
717 * mbedtls_ssl_handshake(), can now return
718 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS.
Ron Eldor5ed8c1e2018-11-05 14:04:26 +0200719 *
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +0100720 * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled,
721 * restartable operations in PK, X.509 and TLS (see above) are not
722 * using PSA. On the other hand, ECDH computations in TLS are using
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100723 * PSA, and are not restartable. These are temporary limitations that
724 * should be lifted in the future.
Ron Eldor5ed8c1e2018-11-05 14:04:26 +0200725 *
Ron Eldor19779c42018-11-05 16:58:13 +0200726 * \note This option only works with the default software implementation of
727 * elliptic curve functionality. It is incompatible with
Thomas Daubney537e6432021-06-03 15:46:33 +0100728 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT.
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100729 *
Manuel Pégourié-Gonnardad45c4d2022-12-06 13:20:06 +0100730 * Requires: MBEDTLS_ECP_C
731 *
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100732 * Uncomment this macro to enable restartable ECC computations.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100733 */
Manuel Pégourié-Gonnardc9e16a92017-08-15 14:30:59 +0200734//#define MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100735
736/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200737 * \def MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100738 *
739 * Enable deterministic ECDSA (RFC 6979).
740 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
741 * may result in a compromise of the long-term signing key. This is avoided by
742 * the deterministic variant.
743 *
John Durkop36a82e52020-10-26 09:39:05 -0700744 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C
Manuel Pégourié-Gonnard5b1a5732014-01-07 16:46:17 +0100745 *
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100746 * Comment this macro to disable deterministic ECDSA.
747 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200748#define MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100749
750/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200751 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200752 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200753 * Enable the PSK based ciphersuite modes in SSL / TLS.
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200754 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200755 * This enables the following ciphersuites (if other requisites are
756 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200757 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
758 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
759 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
760 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
761 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
762 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
763 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
764 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
765 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
766 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200767 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200768#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200769
770/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200771 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200772 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200773 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200774 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200775 * Requires: MBEDTLS_DHM_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200776 *
777 * This enables the following ciphersuites (if other requisites are
778 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200779 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
780 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
781 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
782 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
783 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
784 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
785 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
786 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
787 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
788 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Hanno Beckera2f6b722017-09-28 10:33:29 +0100789 *
Hanno Beckerf9734b32017-10-03 12:09:22 +0100790 * \warning Using DHE constitutes a security risk as it
791 * is not possible to validate custom DH parameters.
792 * If possible, it is recommended users should consider
793 * preferring other methods of key exchange.
794 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +0100795 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200796 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200797#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200798
799/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200800 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200801 *
802 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
803 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200804 * Requires: MBEDTLS_ECDH_C
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200805 *
806 * This enables the following ciphersuites (if other requisites are
807 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200808 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
809 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
810 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
811 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
812 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
813 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200814 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200815#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200816
817/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200818 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200819 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200820 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
Manuel Pégourié-Gonnard0fae60b2013-10-14 17:39:48 +0200821 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200822 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
823 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200824 *
825 * This enables the following ciphersuites (if other requisites are
826 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200827 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
828 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
829 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
830 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
831 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
832 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
833 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
834 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
835 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
836 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakkere07f41d2013-04-19 09:08:57 +0200837 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200838#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200839
840/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200841 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200842 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200843 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200844 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200845 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
846 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200847 *
848 * This enables the following ciphersuites (if other requisites are
849 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200850 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
851 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
852 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
853 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
854 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
855 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
856 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
857 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
858 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
859 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
860 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
861 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
Paul Bakkere07f41d2013-04-19 09:08:57 +0200862 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200863#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200864
865/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200866 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200867 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200868 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200869 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200870 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
871 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200872 *
873 * This enables the following ciphersuites (if other requisites are
874 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200875 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
876 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
877 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
878 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
879 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
880 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
881 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
882 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
883 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
884 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
885 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
886 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
Hanno Beckera2f6b722017-09-28 10:33:29 +0100887 *
Hanno Beckerf9734b32017-10-03 12:09:22 +0100888 * \warning Using DHE constitutes a security risk as it
889 * is not possible to validate custom DH parameters.
890 * If possible, it is recommended users should consider
891 * preferring other methods of key exchange.
892 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +0100893 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200894 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200895#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200896
897/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200898 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200899 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200900 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200901 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200902 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
903 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200904 *
905 * This enables the following ciphersuites (if other requisites are
906 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200907 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
908 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
909 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
910 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
911 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
912 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
913 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
914 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
915 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
916 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakkere07f41d2013-04-19 09:08:57 +0200917 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200918#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200919
920/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200921 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200922 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200923 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200924 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200925 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200926 *
927 * This enables the following ciphersuites (if other requisites are
928 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200929 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
930 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
931 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
932 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
933 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
934 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
935 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
936 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
937 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
938 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200939 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200940#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200941
942/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200943 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100944 *
945 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
946 *
Gilles Peskine7ab66a62018-09-14 17:47:41 +0200947 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100948 *
949 * This enables the following ciphersuites (if other requisites are
950 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200951 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
952 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
953 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
954 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
955 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
956 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
957 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
958 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
959 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
960 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100961 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200962#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100963
964/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200965 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100966 *
967 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
968 *
Gilles Peskine7ab66a62018-09-14 17:47:41 +0200969 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100970 *
971 * This enables the following ciphersuites (if other requisites are
972 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200973 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
974 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
975 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
976 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
977 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
978 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
979 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
980 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
981 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
982 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100983 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200984#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100985
986/**
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +0200987 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
988 *
989 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
990 *
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +0200991 * \warning This is currently experimental. EC J-PAKE support is based on the
992 * Thread v1.0.0 specification; incompatible changes to the specification
993 * might still happen. For this reason, this is disabled by default.
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +0200994 *
995 * Requires: MBEDTLS_ECJPAKE_C
Manuel Pégourié-Gonnard41bc8b62023-03-14 23:59:24 +0100996 * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver)
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +0200997 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
998 *
Manuel Pégourié-Gonnard41bc8b62023-03-14 23:59:24 +0100999 * \warning If SHA-256 is provided only by a PSA driver, you must call
1000 * psa_crypto_init() before the first hanshake (even if
1001 * MBEDTLS_USE_PSA_CRYPTO is disabled).
1002 *
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001003 * This enables the following ciphersuites (if other requisites are
1004 * enabled as well):
1005 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
1006 */
Manuel Pégourié-Gonnardcf828932015-10-20 14:57:00 +02001007//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001008
1009/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001010 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001011 *
1012 * Enhance support for reading EC keys using variants of SEC1 not allowed by
1013 * RFC 5915 and RFC 5480.
1014 *
1015 * Currently this means parsing the SpecifiedECDomain choice of EC
1016 * parameters (only known groups are supported, not arbitrary domains, to
1017 * avoid validation issues).
1018 *
1019 * Disable if you only need to support RFC 5915 + 5480 key formats.
1020 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001021#define MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001022
1023/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001024 * \def MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001025 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001026 * Enable a dummy error function to make use of mbedtls_strerror() in
1027 * third party libraries easier when MBEDTLS_ERROR_C is disabled
1028 * (no effect when MBEDTLS_ERROR_C is enabled).
Manuel Pégourié-Gonnarddc16aa72014-06-25 12:55:12 +02001029 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001030 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
1031 * not using mbedtls_strerror() or error_strerror() in your application.
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001032 *
1033 * Disable if you run into name conflicts and want to really remove the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001034 * mbedtls_strerror()
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001035 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001036#define MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001037
1038/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001039 * \def MBEDTLS_GENPRIME
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001040 *
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02001041 * Enable the prime-number generation code.
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001042 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001043 * Requires: MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00001044 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001045#define MBEDTLS_GENPRIME
Paul Bakker5121ce52009-01-03 21:22:43 +00001046
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001047/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001048 * \def MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001049 *
1050 * Enable functions that use the filesystem.
1051 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001052#define MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001053
1054/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001055 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001056 *
TRodziewicz15a7b732021-06-16 11:22:53 +02001057 * Do not add default entropy sources in mbedtls_entropy_init().
Paul Bakker43655f42011-12-15 20:11:16 +00001058 *
Shuo Chen95a0d112014-04-04 21:04:40 -07001059 * This is useful to have more control over the added entropy sources in an
Paul Bakker43655f42011-12-15 20:11:16 +00001060 * application.
1061 *
1062 * Uncomment this macro to prevent loading of default entropy functions.
Paul Bakker43655f42011-12-15 20:11:16 +00001063 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001064//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001065
1066/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001067 * \def MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001068 *
1069 * Do not use built-in platform entropy functions.
1070 * This is useful if your platform does not support
1071 * standards like the /dev/urandom or Windows CryptoAPI.
1072 *
1073 * Uncomment this macro to disable the built-in platform entropy functions.
Paul Bakker6083fd22011-12-03 21:45:14 +00001074 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001075//#define MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001076
1077/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001078 * \def MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001079 *
1080 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
1081 * default SHA-512 based one (if both are available).
1082 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001083 * Requires: MBEDTLS_SHA256_C
Paul Bakker2ceda572014-02-06 15:55:25 +01001084 *
1085 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
1086 * if you have performance concerns.
1087 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001088 * This option is only useful if both MBEDTLS_SHA256_C and
1089 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
Paul Bakker2ceda572014-02-06 15:55:25 +01001090 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001091//#define MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001092
1093/**
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001094 * \def MBEDTLS_ENTROPY_NV_SEED
1095 *
1096 * Enable the non-volatile (NV) seed file-based entropy source.
1097 * (Also enables the NV seed read/write functions in the platform layer)
1098 *
1099 * This is crucial (if not required) on systems that do not have a
1100 * cryptographic entropy source (in hardware or kernel) available.
1101 *
1102 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
1103 *
Paul Bakker71a597a2016-06-07 10:59:03 +01001104 * \note The read/write functions that are used by the entropy source are
1105 * determined in the platform layer, and can be modified at runtime and/or
1106 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
1107 *
1108 * \note If you use the default implementation functions that read a seedfile
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001109 * with regular fopen(), please make sure you make a seedfile with the
1110 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
1111 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
Paul Bakker71a597a2016-06-07 10:59:03 +01001112 * and written to or you will get an entropy source error! The default
1113 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
1114 * bytes from the file.
1115 *
1116 * \note The entropy collector will write to the seed file before entropy is
1117 * given to an external source, to update it.
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001118 */
1119//#define MBEDTLS_ENTROPY_NV_SEED
1120
Ronald Cron71016a92020-08-28 19:01:50 +02001121/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001122 *
Ronald Cron71016a92020-08-28 19:01:50 +02001123 * Enable key identifiers that encode a key owner identifier.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001124 *
Ronald Cron9a2511e2020-09-14 10:02:56 +02001125 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1126 * which is currently hard-coded to be int32_t.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001127 *
1128 * Note that this option is meant for internal use only and may be removed
Andrzej Kurekcfc920a2022-01-25 06:33:08 -05001129 * without notice.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001130 */
Ronald Cron71016a92020-08-28 19:01:50 +02001131//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001132
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001133/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001134 * \def MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001135 *
1136 * Enable debugging of buffer allocator memory issues. Automatically prints
1137 * (to stderr) all (fatal) messages on memory allocation issues. Enables
1138 * function for 'debug output' of allocated memory.
1139 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001140 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02001141 *
1142 * Uncomment this macro to let the buffer allocator print out error messages.
Paul Bakkera7ea6a52013-10-15 11:55:10 +02001143 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001144//#define MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001145
1146/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001147 * \def MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001148 *
1149 * Include backtrace information with each allocated block.
1150 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001151 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Tom Cosgrovece7f18c2022-07-28 05:50:56 +01001152 * GLIBC-compatible backtrace() and backtrace_symbols() support
Paul Bakker6e339b52013-07-03 13:37:05 +02001153 *
1154 * Uncomment this macro to include backtrace information
Paul Bakker6e339b52013-07-03 13:37:05 +02001155 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001156//#define MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001157
1158/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001159 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001160 *
1161 * Support external private RSA keys (eg from a HSM) in the PK layer.
1162 *
1163 * Comment this macro to disable support for external private RSA keys.
1164 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001165#define MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001166
1167/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001168 * \def MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001169 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001170 * Enable support for PKCS#1 v1.5 encoding.
1171 *
Manuel Pégourié-Gonnard98b91d42022-10-19 10:59:30 +02001172 * Requires: MBEDTLS_RSA_C
Paul Bakker48377d92013-08-30 12:06:24 +02001173 *
Paul Bakker48377d92013-08-30 12:06:24 +02001174 * This enables support for PKCS#1 v1.5 operations.
1175 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001176#define MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001177
1178/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001179 * \def MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001180 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001181 * Enable support for PKCS#1 v2.1 encoding.
1182 *
Manuel Pégourié-Gonnardfb8d90a2023-03-16 10:47:59 +01001183 * Requires: MBEDTLS_RSA_C
Manuel Pégourié-Gonnard077ba842022-07-27 10:42:31 +02001184 *
Manuel Pégourié-Gonnardfb8d90a2023-03-16 10:47:59 +01001185 * \warning If using a hash that is only provided by PSA drivers, you must
1186 * call psa_crypto_init() before doing any PKCS#1 v2.1 operation.
Manuel Pégourié-Gonnard18a38562022-11-22 11:49:55 +01001187 *
Paul Bakker9dcc3222011-03-08 14:16:06 +00001188 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
1189 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001190#define MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001191
Steven Cooreman6801f082021-02-19 17:21:22 +01001192/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1193 *
1194 * Enable support for platform built-in keys. If you enable this feature,
1195 * you must implement the function mbedtls_psa_platform_get_builtin_key().
1196 * See the documentation of that function for more information.
1197 *
1198 * Built-in keys are typically derived from a hardware unique key or
1199 * stored in a secure element.
1200 *
1201 * Requires: MBEDTLS_PSA_CRYPTO_C.
1202 *
1203 * \warning This interface is experimental and may change or be removed
1204 * without notice.
1205 */
1206//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1207
Ronald Cron3768ac12021-01-26 16:58:00 +01001208/** \def MBEDTLS_PSA_CRYPTO_CLIENT
1209 *
1210 * Enable support for PSA crypto client.
1211 *
1212 * \note This option allows to include the code necessary for a PSA
1213 * crypto client when the PSA crypto implementation is not included in
1214 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the
1215 * code to set and get PSA key attributes.
1216 * The development of PSA drivers partially relying on the library to
1217 * fulfill the hardware gaps is another possible usage of this option.
1218 *
1219 * \warning This interface is experimental and may change or be removed
1220 * without notice.
1221 */
1222//#define MBEDTLS_PSA_CRYPTO_CLIENT
1223
Steven Cooreman0d59f7b02020-07-16 20:27:57 +02001224/** \def MBEDTLS_PSA_CRYPTO_DRIVERS
1225 *
1226 * Enable support for the experimental PSA crypto driver interface.
1227 *
John Durkop185764f2020-10-12 21:32:12 -07001228 * Requires: MBEDTLS_PSA_CRYPTO_C
Steven Cooreman0d59f7b02020-07-16 20:27:57 +02001229 *
Gilles Peskine4b873872022-06-20 18:50:09 +02001230 * \warning This interface is experimental. We intend to maintain backward
1231 * compatibility with application code that relies on drivers,
1232 * but the driver interfaces may change without notice.
Steven Cooreman0d59f7b02020-07-16 20:27:57 +02001233 */
1234//#define MBEDTLS_PSA_CRYPTO_DRIVERS
1235
Gilles Peskinef08b3f82020-11-13 17:36:48 +01001236/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1237 *
1238 * Make the PSA Crypto module use an external random generator provided
1239 * by a driver, instead of Mbed TLS's entropy and DRBG modules.
1240 *
Gilles Peskineb663a602020-11-18 15:27:37 +01001241 * \note This random generator must deliver random numbers with cryptographic
1242 * quality and high performance. It must supply unpredictable numbers
1243 * with a uniform distribution. The implementation of this function
1244 * is responsible for ensuring that the random generator is seeded
1245 * with sufficient entropy. If you have a hardware TRNG which is slow
1246 * or delivers non-uniform output, declare it as an entropy source
1247 * with mbedtls_entropy_add_source() instead of enabling this option.
1248 *
Gilles Peskineb0a748e2020-11-30 12:01:54 +01001249 * If you enable this option, you must configure the type
Gilles Peskineb8af2282020-11-13 18:00:34 +01001250 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h
1251 * and define a function called mbedtls_psa_external_get_random()
1252 * with the following prototype:
Gilles Peskinef08b3f82020-11-13 17:36:48 +01001253 * ```
1254 * psa_status_t mbedtls_psa_external_get_random(
1255 * mbedtls_psa_external_random_context_t *context,
1256 * uint8_t *output, size_t output_size, size_t *output_length);
1257 * );
1258 * ```
1259 * The \c context value is initialized to 0 before the first call.
1260 * The function must fill the \c output buffer with \p output_size bytes
1261 * of random data and set \c *output_length to \p output_size.
1262 *
1263 * Requires: MBEDTLS_PSA_CRYPTO_C
1264 *
1265 * \warning If you enable this option, code that uses the PSA cryptography
1266 * interface will not use any of the entropy sources set up for
1267 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED
1268 * enables.
1269 *
1270 * \note This option is experimental and may be removed without notice.
1271 */
1272//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1273
Paul Bakker9dcc3222011-03-08 14:16:06 +00001274/**
Andrzej Kurekc6905232019-02-05 05:23:41 -05001275 * \def MBEDTLS_PSA_CRYPTO_SPM
1276 *
1277 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
1278 * Partition Manager) integration which separates the code into two parts: a
1279 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
1280 * Environment).
1281 *
1282 * Module: library/psa_crypto.c
1283 * Requires: MBEDTLS_PSA_CRYPTO_C
1284 *
1285 */
1286//#define MBEDTLS_PSA_CRYPTO_SPM
1287
1288/**
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001289 * \def MBEDTLS_PSA_INJECT_ENTROPY
Andrzej Kurekc6905232019-02-05 05:23:41 -05001290 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001291 * Enable support for entropy injection at first boot. This feature is
1292 * required on systems that do not have a built-in entropy source (TRNG).
1293 * This feature is currently not supported on systems that have a built-in
1294 * entropy source.
Andrzej Kurekc6905232019-02-05 05:23:41 -05001295 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001296 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
Andrzej Kurekc6905232019-02-05 05:23:41 -05001297 *
1298 */
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001299//#define MBEDTLS_PSA_INJECT_ENTROPY
Andrzej Kurekc6905232019-02-05 05:23:41 -05001300
1301/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001302 * \def MBEDTLS_RSA_NO_CRT
Paul Bakker0216cc12011-03-26 13:40:23 +00001303 *
Hanno Becker88ec2382017-05-03 13:51:16 +01001304 * Do not use the Chinese Remainder Theorem
1305 * for the RSA private operation.
Paul Bakker0216cc12011-03-26 13:40:23 +00001306 *
1307 * Uncomment this macro to disable the use of CRT in RSA.
1308 *
Paul Bakker0216cc12011-03-26 13:40:23 +00001309 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001310//#define MBEDTLS_RSA_NO_CRT
Paul Bakker15566e42011-04-24 21:19:15 +00001311
1312/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001313 * \def MBEDTLS_SELF_TEST
Paul Bakker15566e42011-04-24 21:19:15 +00001314 *
1315 * Enable the checkup functions (*_self_test).
1316 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001317#define MBEDTLS_SELF_TEST
Paul Bakker5c721f92011-07-27 16:51:09 +00001318
1319/**
Manuel Pégourié-Gonnardeb0d8702015-05-28 12:54:04 +02001320 * \def MBEDTLS_SHA256_SMALLER
1321 *
1322 * Enable an implementation of SHA-256 that has lower ROM footprint but also
1323 * lower performance.
1324 *
Adam Wolf039080f2019-09-10 09:53:08 -05001325 * The default implementation is meant to be a reasonable compromise between
Manuel Pégourié-Gonnardeb0d8702015-05-28 12:54:04 +02001326 * performance and size. This version optimizes more aggressively for size at
1327 * the expense of performance. Eg on Cortex-M4 it reduces the size of
1328 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
1329 * 30%.
1330 *
1331 * Uncomment to enable the smaller implementation of SHA256.
1332 */
1333//#define MBEDTLS_SHA256_SMALLER
1334
1335/**
Manuel Pégourié-Gonnard2306d152019-07-17 12:36:53 +02001336 * \def MBEDTLS_SHA512_SMALLER
1337 *
1338 * Enable an implementation of SHA-512 that has lower ROM footprint but also
1339 * lower performance.
1340 *
1341 * Uncomment to enable the smaller implementation of SHA512.
1342 */
1343//#define MBEDTLS_SHA512_SMALLER
1344
1345/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001346 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
Paul Bakker40865c82013-01-31 17:13:13 +01001347 *
1348 * Enable sending of alert messages in case of encountered errors as per RFC.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00001349 * If you choose not to send the alert messages, mbed TLS can still communicate
Paul Bakker40865c82013-01-31 17:13:13 +01001350 * with other servers, only debugging of failures is harder.
1351 *
1352 * The advantage of not sending alert messages, is that no information is given
1353 * about reasons for failures thus preventing adversaries of gaining intel.
1354 *
1355 * Enable sending of all alert messages
1356 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001357#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
Paul Bakker40865c82013-01-31 17:13:13 +01001358
1359/**
Gilles Peskined3d02902020-03-04 21:35:27 +01001360 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID
1361 *
Hannes Tschofenige2c46e02022-11-23 10:44:11 +01001362 * Enable support for the DTLS Connection ID (CID) extension,
Gilles Peskined3d02902020-03-04 21:35:27 +01001363 * which allows to identify DTLS connections across changes
Hannes Tschofenige2c46e02022-11-23 10:44:11 +01001364 * in the underlying transport. The CID functionality is described
1365 * in RFC 9146.
Gilles Peskined3d02902020-03-04 21:35:27 +01001366 *
1367 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`,
Paul Elliott0113cf12022-03-11 20:26:47 +00001368 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and
1369 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for
1370 * more information.
Gilles Peskined3d02902020-03-04 21:35:27 +01001371 *
Gilles Peskined3d02902020-03-04 21:35:27 +01001372 * The maximum lengths of outgoing and incoming CIDs can be configured
1373 * through the options
1374 * - MBEDTLS_SSL_CID_OUT_LEN_MAX
1375 * - MBEDTLS_SSL_CID_IN_LEN_MAX.
1376 *
1377 * Requires: MBEDTLS_SSL_PROTO_DTLS
1378 *
1379 * Uncomment to enable the Connection ID extension.
1380 */
Hannes Tschofenigfd6cca42021-10-12 09:22:33 +02001381#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1382
1383
1384/**
1385 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
1386 *
1387 * Defines whether RFC 9146 (default) or the legacy version
1388 * (version draft-ietf-tls-dtls-connection-id-05,
1389 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05)
1390 * is used.
1391 *
1392 * Set the value to 0 for the standard version, and
1393 * 1 for the legacy draft version.
1394 *
Hannes Tschofenige2c46e02022-11-23 10:44:11 +01001395 * \deprecated Support for the legacy version of the DTLS
1396 * Connection ID feature is deprecated. Please
1397 * switch to the standardized version defined
1398 * in RFC 9146 enabled by utilizing
1399 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use
1400 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT.
1401 *
Hannes Tschofenigfd6cca42021-10-12 09:22:33 +02001402 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID
1403 */
1404#define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
Gilles Peskined3d02902020-03-04 21:35:27 +01001405
1406/**
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001407 * \def MBEDTLS_SSL_ASYNC_PRIVATE
1408 *
1409 * Enable asynchronous external private key operations in SSL. This allows
1410 * you to configure an SSL connection to call an external cryptographic
1411 * module to perform private key operations instead of performing the
1412 * operation inside the library.
1413 *
Valerio Setti8841d6b2023-01-05 08:40:24 +01001414 * Requires: MBEDTLS_X509_CRT_PARSE_C
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001415 */
Jaeden Amerod9c71da2018-06-15 20:31:26 +01001416//#define MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001417
1418/**
Gilles Peskined3d02902020-03-04 21:35:27 +01001419 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION
1420 *
1421 * Enable serialization of the TLS context structures, through use of the
1422 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load().
1423 *
1424 * This pair of functions allows one side of a connection to serialize the
1425 * context associated with the connection, then free or re-use that context
1426 * while the serialized state is persisted elsewhere, and finally deserialize
1427 * that state to a live context for resuming read/write operations on the
1428 * connection. From a protocol perspective, the state of the connection is
1429 * unaffected, in particular this is entirely transparent to the peer.
1430 *
1431 * Note: this is distinct from TLS session resumption, which is part of the
1432 * protocol and fully visible by the peer. TLS session resumption enables
1433 * establishing new connections associated to a saved session with shorter,
1434 * lighter handshakes, while context serialization is a local optimization in
1435 * handling a single, potentially long-lived connection.
1436 *
1437 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are
1438 * saved after the handshake to allow for more efficient serialization, so if
1439 * you don't need this feature you'll save RAM by disabling it.
1440 *
Przemek Stekiel460192e2022-10-03 08:55:29 +02001441 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C
1442 *
Gilles Peskined3d02902020-03-04 21:35:27 +01001443 * Comment to disable the context serialization APIs.
1444 */
1445#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1446
1447/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001448 * \def MBEDTLS_SSL_DEBUG_ALL
Paul Bakkerd66f0702013-01-31 16:57:45 +01001449 *
1450 * Enable the debug messages in SSL module for all issues.
1451 * Debug messages have been disabled in some places to prevent timing
1452 * attacks due to (unbalanced) debugging function calls.
1453 *
1454 * If you need all error reporting you should enable this during debugging,
1455 * but remove this for production servers that should log as well.
1456 *
1457 * Uncomment this macro to report all debug messages on errors introducing
1458 * a timing side-channel.
1459 *
Paul Bakkerd66f0702013-01-31 16:57:45 +01001460 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001461//#define MBEDTLS_SSL_DEBUG_ALL
Paul Bakkerd66f0702013-01-31 16:57:45 +01001462
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001463/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001464 *
1465 * Enable support for Encrypt-then-MAC, RFC 7366.
1466 *
1467 * This allows peers that both support it to use a more robust protection for
1468 * ciphersuites using CBC, providing deep resistance against timing attacks
1469 * on the padding or underlying cipher.
1470 *
1471 * This only affects CBC ciphersuites, and is useless if none is defined.
1472 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001473 * Requires: MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001474 *
1475 * Comment this macro to disable support for Encrypt-then-MAC
1476 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001477#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001478
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001479/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001480 *
Manuel Pégourié-Gonnardbca8aa02020-03-24 12:11:49 +01001481 * Enable support for RFC 7627: Session Hash and Extended Master Secret
1482 * Extension.
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001483 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08001484 * This was introduced as "the proper fix" to the Triple Handshake family of
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001485 * attacks, but it is recommended to always use it (even if you disable
1486 * renegotiation), since it actually fixes a more fundamental issue in the
1487 * original SSL/TLS design, and has implications beyond Triple Handshake.
1488 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001489 * Requires: MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard769c6b62014-10-28 14:13:55 +01001490 *
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001491 * Comment this macro to disable support for Extended Master Secret.
1492 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001493#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001494
Paul Bakkerd66f0702013-01-31 16:57:45 +01001495/**
Hanno Beckerbb278f52019-02-05 17:04:00 +00001496 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1497 *
Hanno Beckerfd7f2982019-02-25 10:13:33 +00001498 * This option controls the availability of the API mbedtls_ssl_get_peer_cert()
Hanno Beckerbb278f52019-02-05 17:04:00 +00001499 * giving access to the peer's certificate after completion of the handshake.
1500 *
1501 * Unless you need mbedtls_ssl_peer_cert() in your application, it is
1502 * recommended to disable this option for reduced RAM usage.
1503 *
1504 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still
1505 * defined, but always returns \c NULL.
1506 *
1507 * \note This option has no influence on the protection against the
1508 * triple handshake attack. Even if it is disabled, Mbed TLS will
1509 * still ensure that certificates do not change during renegotiation,
Shaun Case8b0ecbc2021-12-20 21:14:10 -08001510 * for example by keeping a hash of the peer's certificate.
Hanno Beckerbb278f52019-02-05 17:04:00 +00001511 *
Tom Cosgroveafb2fe12022-06-29 16:36:12 +01001512 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set.
1513 *
Hanno Beckerbb278f52019-02-05 17:04:00 +00001514 * Comment this macro to disable storing the peer's certificate
1515 * after the handshake.
1516 */
1517#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1518
1519/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001520 * \def MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001521 *
Hanno Becker0eb8fb82018-10-26 09:53:16 +01001522 * Enable support for TLS renegotiation.
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001523 *
1524 * The two main uses of renegotiation are (1) refresh keys on long-lived
1525 * connections and (2) client authentication after the initial handshake.
1526 * If you don't need renegotiation, it's probably better to disable it, since
1527 * it has been associated with security issues in the past and is easy to
1528 * misuse/misunderstand.
Manuel Pégourié-Gonnard03717042014-11-04 19:52:10 +01001529 *
Manuel Pégourié-Gonnard55f968b2015-03-09 16:23:15 +00001530 * Comment this to disable support for renegotiation.
Hanno Becker6851b102017-10-12 14:57:48 +01001531 *
1532 * \note Even if this option is disabled, both client and server are aware
1533 * of the Renegotiation Indication Extension (RFC 5746) used to
1534 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
1535 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
1536 * configuration of this extension).
1537 *
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001538 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001539#define MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001540
1541/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001542 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Paul Bakker05decb22013-08-15 13:33:48 +02001543 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001544 * Enable support for RFC 6066 max_fragment_length extension in SSL.
Paul Bakker05decb22013-08-15 13:33:48 +02001545 *
1546 * Comment this macro to disable support for the max_fragment_length extension
1547 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001548#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Paul Bakker05decb22013-08-15 13:33:48 +02001549
1550/**
Jan Bruckner151f6422023-02-10 12:45:19 +01001551 * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT
1552 *
Jan Brucknera0589e72023-03-15 11:04:45 +01001553 * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only).
Jan Bruckner151f6422023-02-10 12:45:19 +01001554 *
1555 * \warning This extension is currently in development and must NOT be used except
1556 * for testing purposes.
1557 *
1558 * Requires: MBEDTLS_SSL_PROTO_TLS1_3
1559 *
1560 * Uncomment this macro to enable support for the record_size_limit extension
1561 */
1562//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
1563
1564/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001565 * \def MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001566 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001567 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001568 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02001569 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and
Manuel Pégourié-Gonnarda22857b2023-03-23 13:20:44 +01001570 * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or
1571 * SHA-256 or SHA-512 provided by a PSA driver)
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02001572 * With MBEDTLS_USE_PSA_CRYPTO:
Manuel Pégourié-Gonnarda22857b2023-03-23 13:20:44 +01001573 * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384
Andrzej Kureke02da812022-08-17 17:04:49 -04001574 *
Manuel Pégourié-Gonnarda22857b2023-03-23 13:20:44 +01001575 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used
1576 * are only provided by PSA drivers, you must call psa_crypto_init() before
1577 * doing any TLS operations.
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001578 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001579 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001580 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001581#define MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001582
1583/**
Ronald Cron6f135e12021-12-08 16:57:54 +01001584 * \def MBEDTLS_SSL_PROTO_TLS1_3
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001585 *
Ronald Cron6f135e12021-12-08 16:57:54 +01001586 * Enable support for TLS 1.3.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001587 *
Ronald Cron6f135e12021-12-08 16:57:54 +01001588 * \note The support for TLS 1.3 is not comprehensive yet, in particular
1589 * pre-shared keys are not supported.
1590 * See docs/architecture/tls13-support.md for a description of the TLS
1591 * 1.3 support that this option enables.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001592 *
Tom Cosgroveafb2fe12022-06-29 16:36:12 +01001593 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
Manuel Pégourié-Gonnard3e830982022-05-11 13:27:44 +02001594 * Requires: MBEDTLS_PSA_CRYPTO_C
1595 *
Gilles Peskine8c2830a2022-08-04 23:37:51 +02001596 * \note TLS 1.3 uses PSA crypto for cryptographic operations that are
1597 * directly performed by TLS 1.3 code. As a consequence, you must
1598 * call psa_crypto_init() before the first TLS 1.3 handshake.
1599 *
1600 * \note Cryptographic operations performed indirectly via another module
1601 * (X.509, PK) or by code shared with TLS 1.2 (record protection,
1602 * running handshake hash) only use PSA crypto if
1603 * #MBEDTLS_USE_PSA_CRYPTO is enabled.
Tom Cosgroveafb2fe12022-06-29 16:36:12 +01001604 *
Ronald Cron6f135e12021-12-08 16:57:54 +01001605 * Uncomment this macro to enable the support for TLS 1.3.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001606 */
Ronald Cron6f135e12021-12-08 16:57:54 +01001607//#define MBEDTLS_SSL_PROTO_TLS1_3
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001608
1609/**
Ronald Cronab65c522021-11-24 10:47:20 +01001610 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1611 *
1612 * Enable TLS 1.3 middlebox compatibility mode.
1613 *
1614 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility
1615 * mode to make a TLS 1.3 connection more likely to pass through middle boxes
1616 * expecting TLS 1.2 traffic.
1617 *
1618 * Turning on the compatibility mode comes at the cost of a few added bytes
1619 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations
1620 * that don't use it. Therefore, unless transmission bandwidth is critical and
1621 * you know that middlebox compatibility issues won't occur, it is therefore
1622 * recommended to set this option.
1623 *
1624 * Comment to disable compatibility mode for TLS 1.3. If
Ronald Cron6f135e12021-12-08 16:57:54 +01001625 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
1626 * effect on the build.
Ronald Cronab65c522021-11-24 10:47:20 +01001627 *
1628 */
1629//#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1630
1631/**
Ronald Crond8d2ea52022-10-04 15:48:06 +02001632 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1633 *
1634 * Enable TLS 1.3 PSK key exchange mode.
1635 *
1636 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If
1637 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
1638 * effect on the build.
1639 *
1640 */
1641#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1642
1643/**
1644 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1645 *
1646 * Enable TLS 1.3 ephemeral key exchange mode.
1647 *
1648 * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C, MBEDTLS_ECDSA_C or
1649 * MBEDTLS_PKCS1_V21
1650 *
1651 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3.
1652 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
1653 * effect on the build.
1654 *
1655 */
1656#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1657
1658/**
1659 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1660 *
1661 * Enable TLS 1.3 PSK ephemeral key exchange mode.
1662 *
1663 * Requires: MBEDTLS_ECDH_C
1664 *
1665 * Comment to disable support for the PSK ephemeral key exchange mode in
1666 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not
1667 * have any effect on the build.
1668 *
1669 */
1670#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1671
1672/**
Gilles Peskine449bd832023-01-11 14:50:10 +01001673 * \def MBEDTLS_SSL_EARLY_DATA
1674 *
1675 * Enable support for RFC 8446 TLS 1.3 early data.
1676 *
1677 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either
1678 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
1679 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1680 *
1681 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
1682 * is not enabled, this option does not have any effect on the build.
1683 *
1684 * This feature is experimental, not completed and thus not ready for
1685 * production.
1686 *
1687 */
Ronald Cronc2e110f2022-11-22 09:01:46 +01001688//#define MBEDTLS_SSL_EARLY_DATA
Xiaokang Qian54413b12022-10-20 05:57:03 +00001689
1690/**
Jerry Yu16f68532022-11-05 10:50:06 +08001691 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
1692 *
Jerry Yu12c46bd2022-12-06 11:02:51 +08001693 * The default maximum amount of 0-RTT data. See the documentation of
1694 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
1695 *
1696 * It must be positive and smaller than UINT32_MAX.
1697 *
1698 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
1699 * have any impact on the build.
Jerry Yu16f68532022-11-05 10:50:06 +08001700 *
1701 * This feature is experimental, not completed and thus not ready for
1702 * production.
1703 *
1704 */
1705#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
1706
1707/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001708 * \def MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001709 *
1710 * Enable support for DTLS (all available versions).
1711 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001712 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001713 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001714 * Requires: MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001715 *
1716 * Comment this macro to disable support for DTLS
1717 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001718#define MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001719
1720/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001721 * \def MBEDTLS_SSL_ALPN
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001722 *
Manuel Pégourié-Gonnard6b298e62014-11-20 18:28:50 +01001723 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001724 *
Paul Bakker27e36d32014-04-08 12:33:37 +02001725 * Comment this macro to disable support for ALPN.
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001726 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001727#define MBEDTLS_SSL_ALPN
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001728
1729/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001730 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001731 *
1732 * Enable support for the anti-replay mechanism in DTLS.
1733 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001734 * Requires: MBEDTLS_SSL_TLS_C
1735 * MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001736 *
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001737 * \warning Disabling this is often a security risk!
Manuel Pégourié-Gonnard6729e792015-05-11 09:50:24 +02001738 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001739 *
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001740 * Comment this to disable anti-replay in DTLS.
1741 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001742#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001743
1744/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001745 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001746 *
1747 * Enable support for HelloVerifyRequest on DTLS servers.
1748 *
1749 * This feature is highly recommended to prevent DTLS servers being used as
1750 * amplifiers in DoS attacks against other hosts. It should always be enabled
1751 * unless you know for sure amplification cannot be a problem in the
1752 * environment in which your server operates.
1753 *
Andrzej Kurek5c65c572022-04-13 14:28:52 -04001754 * \warning Disabling this can be a security risk! (see above)
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001755 *
Manuel Pégourié-Gonnarde057d3b2015-05-20 10:59:43 +02001756 * Requires: MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001757 *
1758 * Comment this to disable support for HelloVerifyRequest.
1759 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001760#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001761
1762/**
Johan Pascalb62bb512015-12-03 21:56:45 +01001763 * \def MBEDTLS_SSL_DTLS_SRTP
1764 *
Tobias Nießen1e8ca122021-05-10 19:53:15 +02001765 * Enable support for negotiation of DTLS-SRTP (RFC 5764)
Johan Pascal842d6712020-09-23 13:34:40 +02001766 * through the use_srtp extension.
1767 *
1768 * \note This feature provides the minimum functionality required
1769 * to negotiate the use of DTLS-SRTP and to allow the derivation of
1770 * the associated SRTP packet protection key material.
1771 * In particular, the SRTP packet protection itself, as well as the
1772 * demultiplexing of RTP and DTLS packets at the datagram layer
1773 * (see Section 5 of RFC 5764), are not handled by this feature.
1774 * Instead, after successful completion of a handshake negotiating
1775 * the use of DTLS-SRTP, the extended key exporter API
Hanno Becker2d6e6f82021-05-24 10:58:31 +01001776 * mbedtls_ssl_conf_export_keys_cb() should be used to implement
Johan Pascal842d6712020-09-23 13:34:40 +02001777 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705
1778 * (this is implemented in the SSL example programs).
1779 * The resulting key should then be passed to an SRTP stack.
1780 *
1781 * Setting this option enables the runtime API
1782 * mbedtls_ssl_conf_dtls_srtp_protection_profiles()
1783 * through which the supported DTLS-SRTP protection
1784 * profiles can be configured. You must call this API at
1785 * runtime if you wish to negotiate the use of DTLS-SRTP.
Johan Pascalb62bb512015-12-03 21:56:45 +01001786 *
1787 * Requires: MBEDTLS_SSL_PROTO_DTLS
1788 *
Ron Eldor9cfb5eb2018-12-10 15:30:14 +02001789 * Uncomment this to enable support for use_srtp extension.
Johan Pascalb62bb512015-12-03 21:56:45 +01001790 */
Ron Eldor9cfb5eb2018-12-10 15:30:14 +02001791//#define MBEDTLS_SSL_DTLS_SRTP
Johan Pascalb62bb512015-12-03 21:56:45 +01001792
1793/**
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001794 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1795 *
1796 * Enable server-side support for clients that reconnect from the same port.
1797 *
1798 * Some clients unexpectedly close the connection and try to reconnect using the
1799 * same source port. This needs special support from the server to handle the
Simon Butcher4f6882a2015-09-11 17:12:46 +01001800 * new connection securely, as described in section 4.2.8 of RFC 6347. This
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001801 * flag enables that support.
1802 *
Manuel Pégourié-Gonnard62c74bb2015-09-08 17:50:29 +02001803 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard62c74bb2015-09-08 17:50:29 +02001804 *
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001805 * Comment this to disable support for clients reusing the source port.
1806 */
1807#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1808
1809/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001810 * \def MBEDTLS_SSL_SESSION_TICKETS
Paul Bakkera503a632013-08-14 13:48:06 +02001811 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001812 * Enable support for RFC 5077 session tickets in SSL.
Antonin Décimo36e89b52019-01-23 15:24:37 +01001813 * Client-side, provides full support for session tickets (maintenance of a
Manuel Pégourié-Gonnard0c0f11f2015-05-20 09:55:50 +02001814 * session store remains the responsibility of the application, though).
1815 * Server-side, you also need to provide callbacks for writing and parsing
1816 * tickets, including authenticated encryption and key management. Example
1817 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
Paul Bakkera503a632013-08-14 13:48:06 +02001818 *
1819 * Comment this macro to disable support for SSL session tickets
1820 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001821#define MBEDTLS_SSL_SESSION_TICKETS
Paul Bakkera503a632013-08-14 13:48:06 +02001822
1823/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001824 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
Paul Bakker0be444a2013-08-27 21:55:01 +02001825 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001826 * Enable support for RFC 6066 server name indication (SNI) in SSL.
Paul Bakker0be444a2013-08-27 21:55:01 +02001827 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001828 * Requires: MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnardbbbb3cf2015-01-28 16:44:37 +00001829 *
Paul Bakker0be444a2013-08-27 21:55:01 +02001830 * Comment this macro to disable support for server name indication in SSL
1831 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001832#define MBEDTLS_SSL_SERVER_NAME_INDICATION
Paul Bakker0be444a2013-08-27 21:55:01 +02001833
1834/**
Gilles Peskinef03bd812020-03-23 18:13:58 +01001835 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1836 *
Andrzej Kurek2a54a6f2021-01-07 08:13:49 -05001837 * When this option is enabled, the SSL buffer will be resized automatically
1838 * based on the negotiated maximum fragment length in each direction.
Andrzej Kurek557289b2020-10-21 15:12:39 +02001839 *
1840 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Gilles Peskinef03bd812020-03-23 18:13:58 +01001841 */
1842//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1843
1844/**
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001845 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
1846 *
1847 * Enable testing of the constant-flow nature of some sensitive functions with
1848 * clang's MemorySanitizer. This causes some existing tests to also test
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001849 * this non-functional property of the code under test.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001850 *
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001851 * This setting requires compiling with clang -fsanitize=memory. The test
1852 * suites can then be run normally.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001853 *
Manuel Pégourié-Gonnard8ff863b2020-07-31 12:59:34 +02001854 * \warning This macro is only used for extended testing; it is not considered
1855 * part of the library's API, so it may change or disappear at any time.
1856 *
Manuel Pégourié-Gonnard390fb4f2020-07-24 11:08:40 +02001857 * Uncomment to enable testing of the constant-flow nature of selected code.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001858 */
1859//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
1860
1861/**
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001862 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
1863 *
1864 * Enable testing of the constant-flow nature of some sensitive functions with
1865 * valgrind's memcheck tool. This causes some existing tests to also test
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001866 * this non-functional property of the code under test.
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001867 *
1868 * This setting requires valgrind headers for building, and is only useful for
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001869 * testing if the tests suites are run with valgrind's memcheck. This can be
1870 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when
1871 * using CMake, this can be done for all test suites with 'make memcheck'.
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001872 *
1873 * \warning This macro is only used for extended testing; it is not considered
1874 * part of the library's API, so it may change or disappear at any time.
1875 *
1876 * Uncomment to enable testing of the constant-flow nature of selected code.
1877 */
1878//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
1879
1880/**
Gilles Peskinefea6eaf2019-09-11 13:27:48 +02001881 * \def MBEDTLS_TEST_HOOKS
1882 *
1883 * Enable features for invasive testing such as introspection functions and
1884 * hooks for fault injection. This enables additional unit tests.
1885 *
1886 * Merely enabling this feature should not change the behavior of the product.
1887 * It only adds new code, and new branching points where the default behavior
1888 * is the same as when this feature is disabled.
1889 * However, this feature increases the attack surface: there is an added
1890 * risk of vulnerabilities, and more gadgets that can make exploits easier.
1891 * Therefore this feature must never be enabled in production.
1892 *
1893 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more
1894 * information.
1895 *
1896 * Uncomment to enable invasive tests.
1897 */
1898//#define MBEDTLS_TEST_HOOKS
1899
1900/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001901 * \def MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001902 *
1903 * Provide your own alternate threading implementation.
1904 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001905 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001906 *
1907 * Uncomment this to allow your own alternate threading implementation.
Paul Bakker2466d932013-09-28 14:40:38 +02001908 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001909//#define MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001910
1911/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001912 * \def MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02001913 *
1914 * Enable the pthread wrapper layer for the threading layer.
1915 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001916 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001917 *
1918 * Uncomment this to enable pthread mutexes.
Paul Bakker2466d932013-09-28 14:40:38 +02001919 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001920//#define MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02001921
1922/**
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001923 * \def MBEDTLS_USE_PSA_CRYPTO
1924 *
Manuel Pégourié-Gonnard2ca08c82023-03-24 09:21:46 +01001925 * Make the X.509 and TLS libraries use PSA for cryptographic operations as
1926 * much as possible, and enable new APIs for using keys handled by PSA Crypto.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001927 *
Jaeden Amero8dd16902019-07-22 16:39:49 +01001928 * \note Development of this option is currently in progress, and parts of Mbed
1929 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts
Andrzej Kurekd65b11d2019-04-16 04:20:24 -04001930 * will still continue to work as usual, so enabling this option should not
1931 * break backwards compatibility.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001932 *
Manuel Pégourié-Gonnardff43ff62022-04-20 15:32:01 +02001933 * \warning If you enable this option, you need to call `psa_crypto_init()`
1934 * before calling any function from the SSL/TLS, X.509 or PK modules.
Hanno Becker51560b62018-11-19 09:46:26 +00001935 *
Manuel Pégourié-Gonnard2ca08c82023-03-24 09:21:46 +01001936 * \note Even with this option disabled, some code in PK, X.509, TLS or the
1937 * crypto library might still use PSA drivers, if it can determine it's safe
1938 * to do so.
1939 *
1940 * \note See docs/use-psa-crypto.md for a complete description this option.
1941 *
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001942 * Requires: MBEDTLS_PSA_CRYPTO_C.
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01001943 *
Andrzej Kurekd3deb1d2019-04-16 04:14:48 -04001944 * Uncomment this to enable internal use of PSA Crypto and new associated APIs.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001945 */
1946//#define MBEDTLS_USE_PSA_CRYPTO
1947
1948/**
John Durkop6e33dbe2020-09-17 21:15:13 -07001949 * \def MBEDTLS_PSA_CRYPTO_CONFIG
1950 *
John Durkop185764f2020-10-12 21:32:12 -07001951 * This setting allows support for cryptographic mechanisms through the PSA
1952 * API to be configured separately from support through the mbedtls API.
John Durkop6e33dbe2020-09-17 21:15:13 -07001953 *
Gilles Peskinedb0421b2022-04-13 23:22:49 +02001954 * When this option is disabled, the PSA API exposes the cryptographic
1955 * mechanisms that can be implemented on top of the `mbedtls_xxx` API
1956 * configured with `MBEDTLS_XXX` symbols.
Gilles Peskine750596e2022-03-16 17:03:55 +01001957 *
1958 * When this option is enabled, the PSA API exposes the cryptographic
1959 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in
1960 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are
1961 * automatically enabled if required (i.e. if no PSA driver provides the
1962 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
1963 * in mbedtls_config.h.
Gilles Peskine58858b72020-11-09 15:26:09 +01001964 *
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01001965 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
Gilles Peskine0c4db1f2022-04-14 12:44:01 +02001966 * an alternative header to include instead of include/psa/crypto_config.h.
Gilles Peskine58858b72020-11-09 15:26:09 +01001967 *
John Durkop185764f2020-10-12 21:32:12 -07001968 * This feature is still experimental and is not ready for production since
1969 * it is not completed.
John Durkop6e33dbe2020-09-17 21:15:13 -07001970 */
1971//#define MBEDTLS_PSA_CRYPTO_CONFIG
1972
1973/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001974 * \def MBEDTLS_VERSION_FEATURES
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001975 *
1976 * Allow run-time checking of compile-time enabled features. Thus allowing users
1977 * to check at run-time if the library is for instance compiled with threading
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001978 * support via mbedtls_version_check_feature().
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001979 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001980 * Requires: MBEDTLS_VERSION_C
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001981 *
1982 * Comment this to disable run-time checking and save ROM space
1983 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001984#define MBEDTLS_VERSION_FEATURES
Paul Bakker0f90d7d2014-04-30 11:49:44 +02001985
1986/**
Hanno Becker288dedc2019-03-27 11:00:53 +00001987 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1988 *
Jarno Lamsaf49fedc2019-04-01 14:58:30 +03001989 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()`
Hanno Becker288dedc2019-03-27 11:00:53 +00001990 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure
1991 * the set of trusted certificates through a callback instead of a linked
1992 * list.
1993 *
1994 * This is useful for example in environments where a large number of trusted
1995 * certificates is present and storing them in a linked list isn't efficient
1996 * enough, or when the set of trusted certificates changes frequently.
1997 *
Jarno Lamsaf49fedc2019-04-01 14:58:30 +03001998 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and
Hanno Becker288dedc2019-03-27 11:00:53 +00001999 * `mbedtls_ssl_conf_ca_cb()` for more information.
2000 *
Valerio Setti8e45cdd2023-01-05 09:32:29 +01002001 * Requires: MBEDTLS_X509_CRT_PARSE_C
2002 *
Hanno Becker288dedc2019-03-27 11:00:53 +00002003 * Uncomment to enable trusted certificate callbacks.
2004 */
2005//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2006
2007/**
Hanno Becker612a2f12020-10-09 09:19:39 +01002008 * \def MBEDTLS_X509_REMOVE_INFO
Peter Kolbus9a969b62018-12-11 13:55:56 -06002009 *
Chris Jones2c745862020-12-16 11:41:06 +00002010 * Disable mbedtls_x509_*_info() and related APIs.
Peter Kolbus9a969b62018-12-11 13:55:56 -06002011 *
Chris Jones2c745862020-12-16 11:41:06 +00002012 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt()
Peter Kolbus9a969b62018-12-11 13:55:56 -06002013 * and other functions/constants only used by these functions, thus reducing
2014 * the code footprint by several KB.
2015 */
Chris Jones2c745862020-12-16 11:41:06 +00002016//#define MBEDTLS_X509_REMOVE_INFO
Peter Kolbus9a969b62018-12-11 13:55:56 -06002017
2018/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002019 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
Manuel Pégourié-Gonnardd1539b12014-06-06 16:42:37 +02002020 *
2021 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
2022 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
2023 *
2024 * Comment this macro to disallow using RSASSA-PSS in certificates.
2025 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002026#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +01002027/** \} name SECTION: mbed TLS feature support */
Paul Bakker0a62cd12011-01-21 11:00:08 +00002028
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002029/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002030 * \name SECTION: mbed TLS modules
Paul Bakker0a62cd12011-01-21 11:00:08 +00002031 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002032 * This section enables or disables entire modules in mbed TLS
Paul Bakker0a62cd12011-01-21 11:00:08 +00002033 * \{
2034 */
Paul Bakker5121ce52009-01-03 21:22:43 +00002035
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002036/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002037 * \def MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002038 *
Gilles Peskine0bfccfa2023-03-16 17:49:44 +01002039 * Enable AES-NI support on x86-64 or x86-32.
2040 *
2041 * \note AESNI is only supported with certain compilers and target options:
2042 * - Visual Studio 2013: supported.
2043 * - GCC, x86-64, target not explicitly supporting AESNI:
2044 * requires MBEDTLS_HAVE_ASM.
2045 * - GCC, x86-32, target not explicitly supporting AESNI:
2046 * not supported.
2047 * - GCC, x86-64 or x86-32, target supporting AESNI: supported.
2048 * For this assembly-less implementation, you must currently compile
2049 * `library/aesni.c` and `library/aes.c` with machine options to enable
2050 * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or
2051 * `clang -maes -mpclmul`.
2052 * - Non-x86 targets: this option is silently ignored.
2053 * - Other compilers: this option is silently ignored.
2054 *
2055 * \note
2056 * Above, "GCC" includes compatible compilers such as Clang.
2057 * The limitations on target support are likely to be relaxed in the future.
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002058 *
2059 * Module: library/aesni.c
2060 * Caller: library/aes.c
2061 *
Gilles Peskine0bfccfa2023-03-16 17:49:44 +01002062 * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note)
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002063 *
Gilles Peskine0bfccfa2023-03-16 17:49:44 +01002064 * This modules adds support for the AES-NI instructions on x86.
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002065 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002066#define MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002067
2068/**
Jerry Yu2fddfd72023-01-10 16:32:03 +08002069 * \def MBEDTLS_AESCE_C
2070 *
Dave Rodgmanf918d422023-03-17 17:52:23 +00002071 * Enable AES cryptographic extension support on 64-bit Arm.
Jerry Yu2fddfd72023-01-10 16:32:03 +08002072 *
2073 * Module: library/aesce.c
2074 * Caller: library/aes.c
2075 *
2076 * Requires: MBEDTLS_HAVE_ASM, MBEDTLS_AES_C
2077 *
Dave Rodgmanf918d422023-03-17 17:52:23 +00002078 * \warning Runtime detection only works on Linux. For non-Linux operating
2079 * system, Armv8-A Cryptographic Extensions must be supported by
2080 * the CPU when this option is enabled.
Jerry Yu330e6ae2023-02-21 14:51:38 +08002081 *
Dave Rodgmanf918d422023-03-17 17:52:23 +00002082 * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems.
Jerry Yu2fddfd72023-01-10 16:32:03 +08002083 */
2084#define MBEDTLS_AESCE_C
2085
2086/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002087 * \def MBEDTLS_AES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002088 *
2089 * Enable the AES block cipher.
2090 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002091 * Module: library/aes.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002092 * Caller: library/cipher.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002093 * library/pem.c
Paul Bakker6083fd22011-12-03 21:45:14 +00002094 * library/ctr_drbg.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002095 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002096 * This module enables the following ciphersuites (if other requisites are
2097 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002098 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
2099 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
2100 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
2101 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
2102 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
2103 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
2104 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
2105 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
2106 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
2107 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
2108 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
2109 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
2110 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
2111 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2112 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2113 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
2114 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2115 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2116 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
2117 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2118 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2119 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2120 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2121 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2122 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
2123 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
2124 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
2125 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
2126 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2127 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
2128 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
2129 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
2130 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
2131 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
2132 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
2133 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
2134 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
2135 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
2136 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
2137 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
2138 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
2139 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
2140 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
2141 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
2142 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
2143 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
2144 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
2145 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
2146 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
2147 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
2148 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
2149 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
2150 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
2151 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
2152 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
2153 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
2154 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
2155 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
Paul Bakker6deb37e2013-02-19 13:17:08 +01002156 *
Paul Bakkercff68422013-09-15 20:43:33 +02002157 * PEM_PARSE uses AES for decrypting encrypted keys.
Paul Bakker5121ce52009-01-03 21:22:43 +00002158 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002159#define MBEDTLS_AES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002160
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002161/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002162 * \def MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002163 *
2164 * Enable the generic ASN1 parser.
2165 *
2166 * Module: library/asn1.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002167 * Caller: library/x509.c
2168 * library/dhm.c
2169 * library/pkcs12.c
2170 * library/pkcs5.c
2171 * library/pkparse.c
Paul Bakkerefc30292011-11-10 14:43:23 +00002172 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002173#define MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002174
2175/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002176 * \def MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002177 *
2178 * Enable the generic ASN1 writer.
2179 *
2180 * Module: library/asn1write.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002181 * Caller: library/ecdsa.c
2182 * library/pkwrite.c
2183 * library/x509_create.c
2184 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002185 * library/x509write_csr.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002186 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002187#define MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002188
2189/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002190 * \def MBEDTLS_BASE64_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002191 *
2192 * Enable the Base64 module.
2193 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002194 * Module: library/base64.c
Paul Bakker5690efc2011-05-26 13:16:06 +00002195 * Caller: library/pem.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002196 *
Paul Bakker5690efc2011-05-26 13:16:06 +00002197 * This module is required for PEM support (required by X.509).
Paul Bakker5121ce52009-01-03 21:22:43 +00002198 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002199#define MBEDTLS_BASE64_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002200
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002201/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002202 * \def MBEDTLS_BIGNUM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002203 *
Paul Bakker9a736322012-11-14 12:39:52 +00002204 * Enable the multi-precision integer library.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002205 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002206 * Module: library/bignum.c
Janos Follath3ca07752022-08-09 11:45:47 +01002207 * library/bignum_core.c
Janos Follathd1baedb2022-08-09 13:44:53 +01002208 * library/bignum_mod.c
Gabor Mezeid41f6272022-08-12 15:20:21 +02002209 * library/bignum_mod_raw.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002210 * Caller: library/dhm.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002211 * library/ecp.c
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002212 * library/ecdsa.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002213 * library/rsa.c
Chris Jones3848e312021-03-11 16:17:59 +00002214 * library/rsa_alt_helpers.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002215 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002216 *
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002217 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
Paul Bakker5121ce52009-01-03 21:22:43 +00002218 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002219#define MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002220
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002221/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002222 * \def MBEDTLS_CAMELLIA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002223 *
2224 * Enable the Camellia block cipher.
2225 *
Paul Bakker38119b12009-01-10 23:31:23 +00002226 * Module: library/camellia.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002227 * Caller: library/cipher.c
Paul Bakker38119b12009-01-10 23:31:23 +00002228 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002229 * This module enables the following ciphersuites (if other requisites are
2230 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002231 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2232 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2233 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
2234 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
2235 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2236 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2237 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
2238 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
2239 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2240 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2241 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2242 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2243 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
2244 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
2245 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
2246 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2247 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2248 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2249 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2250 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2251 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2252 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
2253 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
2254 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2255 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2256 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
2257 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2258 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2259 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
2260 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
2261 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
2262 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
2263 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
2264 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
2265 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
2266 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
2267 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
2268 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
2269 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
2270 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
2271 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
2272 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakker38119b12009-01-10 23:31:23 +00002273 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002274#define MBEDTLS_CAMELLIA_C
Paul Bakker38119b12009-01-10 23:31:23 +00002275
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002276/**
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002277 * \def MBEDTLS_ARIA_C
2278 *
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002279 * Enable the ARIA block cipher.
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002280 *
2281 * Module: library/aria.c
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002282 * Caller: library/cipher.c
2283 *
2284 * This module enables the following ciphersuites (if other requisites are
2285 * enabled as well):
2286 *
2287 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
2288 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
2289 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
2290 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
2291 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
2292 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
2293 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
2294 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
2295 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
2296 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
2297 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
2298 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
2299 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
2300 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
2301 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
2302 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
2303 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
2304 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
2305 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
2306 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
2307 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
2308 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
2309 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
2310 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
2311 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
2312 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
2313 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
2314 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
2315 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
2316 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
2317 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
2318 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
2319 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
2320 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
2321 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
2322 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
2323 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
2324 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002325 */
TRodziewicz85aff9f2021-04-23 10:47:26 +02002326#define MBEDTLS_ARIA_C
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002327
2328/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002329 * \def MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002330 *
2331 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
2332 *
2333 * Module: library/ccm.c
2334 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002335 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or
2336 * MBEDTLS_ARIA_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002337 *
2338 * This module enables the AES-CCM ciphersuites, if other requisites are
2339 * enabled as well.
2340 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002341#define MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002342
2343/**
Daniel King34b822c2016-05-15 17:28:08 -03002344 * \def MBEDTLS_CHACHA20_C
2345 *
2346 * Enable the ChaCha20 stream cipher.
2347 *
2348 * Module: library/chacha20.c
2349 */
2350#define MBEDTLS_CHACHA20_C
2351
2352/**
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +02002353 * \def MBEDTLS_CHACHAPOLY_C
2354 *
2355 * Enable the ChaCha20-Poly1305 AEAD algorithm.
2356 *
2357 * Module: library/chachapoly.c
2358 *
2359 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
2360 */
2361#define MBEDTLS_CHACHAPOLY_C
2362
2363/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002364 * \def MBEDTLS_CIPHER_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002365 *
2366 * Enable the generic cipher layer.
2367 *
Paul Bakker8123e9d2011-01-06 15:37:30 +00002368 * Module: library/cipher.c
Przemek Stekielea805b42022-05-02 10:30:03 +02002369 * Caller: library/ccm.c
2370 * library/cmac.c
2371 * library/gcm.c
2372 * library/nist_kw.c
Przemek Stekielea805b42022-05-02 10:30:03 +02002373 * library/pkcs12.c
2374 * library/pkcs5.c
2375 * library/psa_crypto_aead.c
2376 * library/psa_crypto_mac.c
2377 * library/ssl_ciphersuites.c
2378 * library/ssl_msg.c
Przemek Stekiela09f8352022-05-12 09:34:28 +02002379 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled)
Paul Bakker8123e9d2011-01-06 15:37:30 +00002380 *
2381 * Uncomment to enable generic cipher wrappers.
2382 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002383#define MBEDTLS_CIPHER_C
Paul Bakker8123e9d2011-01-06 15:37:30 +00002384
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002385/**
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002386 * \def MBEDTLS_CMAC_C
2387 *
Simon Butcher327398a2016-10-05 14:09:11 +01002388 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
2389 * ciphers.
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002390 *
Steven Cooremanc338cef2021-04-26 11:24:44 +02002391 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying
2392 * implementation of the CMAC algorithm is provided by an alternate
2393 * implementation, that alternate implementation may opt to not support
2394 * AES-192 or 3DES as underlying block ciphers for the CMAC operation.
2395 *
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002396 * Module: library/cmac.c
2397 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002398 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002399 *
2400 */
TRodziewicz85aff9f2021-04-23 10:47:26 +02002401#define MBEDTLS_CMAC_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002402
2403/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002404 * \def MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002405 *
Nir Sonnenscheince266e42018-08-29 10:11:46 +03002406 * Enable the CTR_DRBG AES-based random generator.
2407 * The CTR_DRBG generator uses AES-256 by default.
Gilles Peskine1540e5b2019-10-03 14:21:14 +02002408 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002409 *
Gilles Peskine7e279362019-10-03 14:21:39 +02002410 * \note To achieve a 256-bit security strength with CTR_DRBG,
2411 * you must use AES-256 *and* use sufficient entropy.
2412 * See ctr_drbg.h for more details.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002413 *
2414 * Module: library/ctr_drbg.c
2415 * Caller:
2416 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002417 * Requires: MBEDTLS_AES_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002418 *
Nir Sonnenschein521e8a92018-09-03 14:10:52 +03002419 * This module provides the CTR_DRBG AES random number generator.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002420 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002421#define MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002422
2423/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002424 * \def MBEDTLS_DEBUG_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002425 *
2426 * Enable the debug functions.
2427 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002428 * Module: library/debug.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002429 * Caller: library/ssl_msg.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002430 * library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002431 * library/ssl_tls12_*.c
2432 * library/ssl_tls13_*.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002433 *
2434 * This module provides debugging functions.
2435 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002436#define MBEDTLS_DEBUG_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002437
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002438/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002439 * \def MBEDTLS_DES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002440 *
2441 * Enable the DES block cipher.
2442 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002443 * Module: library/des.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002444 * Caller: library/pem.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002445 * library/cipher.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002446 *
Paul Bakkercff68422013-09-15 20:43:33 +02002447 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002448 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +00002449 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002450 * security risk. We recommend considering stronger ciphers instead.
Paul Bakker5121ce52009-01-03 21:22:43 +00002451 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002452#define MBEDTLS_DES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002453
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002454/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002455 * \def MBEDTLS_DHM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002456 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002457 * Enable the Diffie-Hellman-Merkle module.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002458 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002459 * Module: library/dhm.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002460 * Caller: library/ssl_tls.c
2461 * library/ssl*_client.c
2462 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002463 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002464 * This module is used by the following key exchanges:
2465 * DHE-RSA, DHE-PSK
Hanno Beckera2f6b722017-09-28 10:33:29 +01002466 *
Hanno Beckerf9734b32017-10-03 12:09:22 +01002467 * \warning Using DHE constitutes a security risk as it
2468 * is not possible to validate custom DH parameters.
2469 * If possible, it is recommended users should consider
2470 * preferring other methods of key exchange.
2471 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +01002472 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002473 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002474#define MBEDTLS_DHM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002475
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002476/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002477 * \def MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002478 *
2479 * Enable the elliptic curve Diffie-Hellman library.
2480 *
2481 * Module: library/ecdh.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002482 * Caller: library/psa_crypto.c
2483 * library/ssl_tls.c
2484 * library/ssl*_client.c
2485 * library/ssl*_server.c
Paul Bakker41c83d32013-03-20 14:39:14 +01002486 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002487 * This module is used by the following key exchanges:
2488 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002489 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002490 * Requires: MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002491 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002492#define MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002493
2494/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002495 * \def MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002496 *
2497 * Enable the elliptic curve DSA library.
2498 *
2499 * Module: library/ecdsa.c
2500 * Caller:
2501 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002502 * This module is used by the following key exchanges:
2503 * ECDHE-ECDSA
2504 *
Gilles Peskine799e5762018-09-14 17:34:00 +02002505 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C,
2506 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a
2507 * short Weierstrass curve.
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002508 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002509#define MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002510
2511/**
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002512 * \def MBEDTLS_ECJPAKE_C
2513 *
2514 * Enable the elliptic curve J-PAKE library.
2515 *
Tomasz Rodziewicz532ca932021-05-07 11:01:24 +02002516 * \note EC J-PAKE support is based on the Thread v1.0.0 specification.
2517 * It has not been reviewed for compliance with newer standards such as
Tomasz Rodziewicz1fc7c4c2021-05-07 10:13:31 +02002518 * Thread v1.1 or RFC 8236.
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +02002519 *
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002520 * Module: library/ecjpake.c
2521 * Caller:
2522 *
2523 * This module is used by the following key exchanges:
2524 * ECJPAKE
2525 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02002526 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C
Neil Armstrongecaba1c2022-08-11 10:47:08 +02002527 *
Manuel Pégourié-Gonnard41bc8b62023-03-14 23:59:24 +01002528 * \warning If using a hash that is only provided by PSA drivers, you must
2529 * call psa_crypto_init() before doing any EC J-PAKE operations.
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002530 */
Tomasz Rodziewiczb1336052021-04-22 15:14:17 +02002531#define MBEDTLS_ECJPAKE_C
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002532
2533/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002534 * \def MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002535 *
2536 * Enable the elliptic curve over GF(p) library.
2537 *
2538 * Module: library/ecp.c
2539 * Caller: library/ecdh.c
2540 * library/ecdsa.c
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002541 * library/ecjpake.c
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002542 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002543 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002544 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002545#define MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002546
2547/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002548 * \def MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002549 *
2550 * Enable the platform-specific entropy code.
2551 *
2552 * Module: library/entropy.c
2553 * Caller:
2554 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002555 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002556 *
2557 * This module provides a generic entropy pool
2558 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002559#define MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002560
2561/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002562 * \def MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002563 *
2564 * Enable error code to error string conversion.
2565 *
2566 * Module: library/error.c
2567 * Caller:
2568 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002569 * This module enables mbedtls_strerror().
Paul Bakker9d781402011-05-09 16:17:09 +00002570 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002571#define MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002572
2573/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002574 * \def MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002575 *
Jaeden Amero7accf442019-04-10 18:13:57 +01002576 * Enable the Galois/Counter Mode (GCM).
Paul Bakker89e80c92012-03-20 13:50:09 +00002577 *
2578 * Module: library/gcm.c
2579 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002580 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or
2581 * MBEDTLS_ARIA_C
Paul Bakker645ce3a2012-10-31 12:32:41 +00002582 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002583 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
2584 * requisites are enabled as well.
Paul Bakker89e80c92012-03-20 13:50:09 +00002585 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002586#define MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002587
2588/**
Thomas Fossati656864b2016-07-17 08:51:22 +01002589 * \def MBEDTLS_HKDF_C
2590 *
2591 * Enable the HKDF algorithm (RFC 5869).
2592 *
2593 * Module: library/hkdf.c
2594 * Caller:
2595 *
2596 * Requires: MBEDTLS_MD_C
2597 *
2598 * This module adds support for the Hashed Message Authentication Code
2599 * (HMAC)-based key derivation function (HKDF).
2600 */
2601#define MBEDTLS_HKDF_C
2602
2603/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002604 * \def MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002605 *
2606 * Enable the HMAC_DRBG random generator.
2607 *
2608 * Module: library/hmac_drbg.c
2609 * Caller:
2610 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002611 * Requires: MBEDTLS_MD_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002612 *
Tom Cosgrove1e211442022-05-26 11:51:00 +01002613 * Uncomment to enable the HMAC_DRBG random number generator.
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002614 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002615#define MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002616
2617/**
Raef Coles8ff6df52021-07-21 12:42:15 +01002618 * \def MBEDTLS_LMS_C
2619 *
2620 * Enable the LMS stateful-hash asymmetric signature algorithm.
2621 *
2622 * Module: library/lms.c
2623 * Caller:
2624 *
Raef Colesab4f8742022-09-01 12:24:31 +01002625 * Requires: MBEDTLS_PSA_CRYPTO_C
Raef Coles8ff6df52021-07-21 12:42:15 +01002626 *
Raef Colesab4f8742022-09-01 12:24:31 +01002627 * Uncomment to enable the LMS verification algorithm and public key operations.
Raef Coles8ff6df52021-07-21 12:42:15 +01002628 */
2629#define MBEDTLS_LMS_C
2630
2631/**
Raef Colesab4f8742022-09-01 12:24:31 +01002632 * \def MBEDTLS_LMS_PRIVATE
2633 *
2634 * Enable LMS private-key operations and signing code. Functions enabled by this
2635 * option are experimental, and should not be used in production.
2636 *
2637 * Requires: MBEDTLS_LMS_C
2638 *
2639 * Uncomment to enable the LMS signature algorithm and private key operations.
2640 */
Raef Coles5127e852022-10-07 10:35:56 +01002641//#define MBEDTLS_LMS_PRIVATE
Raef Colesab4f8742022-09-01 12:24:31 +01002642
2643/**
Ron Eldor466a57f2018-05-03 16:54:28 +03002644 * \def MBEDTLS_NIST_KW_C
2645 *
2646 * Enable the Key Wrapping mode for 128-bit block ciphers,
2647 * as defined in NIST SP 800-38F. Only KW and KWP modes
2648 * are supported. At the moment, only AES is approved by NIST.
2649 *
2650 * Module: library/nist_kw.c
2651 *
2652 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
2653 */
TRodziewicz85aff9f2021-04-23 10:47:26 +02002654#define MBEDTLS_NIST_KW_C
Ron Eldor466a57f2018-05-03 16:54:28 +03002655
2656/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002657 * \def MBEDTLS_MD_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002658 *
Manuel Pégourié-Gonnardb9b630d2023-02-16 19:07:31 +01002659 * Enable the generic layer for message digest (hashing) and HMAC.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002660 *
Manuel Pégourié-Gonnard1f7f7172022-07-18 12:04:05 +02002661 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C,
2662 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C,
Manuel Pégourié-Gonnard161dca62023-03-21 16:22:59 +01002663 * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least
Manuel Pégourié-Gonnard534d64d2023-03-14 17:43:06 +01002664 * one hash.
Simon Butcher2cb47392016-11-04 12:23:11 +00002665 * Module: library/md.c
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002666 * Caller: library/constant_time.c
2667 * library/ecdsa.c
2668 * library/ecjpake.c
2669 * library/hkdf.c
2670 * library/hmac_drbg.c
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002671 * library/pk.c
2672 * library/pkcs5.c
2673 * library/pkcs12.c
2674 * library/psa_crypto_ecp.c
2675 * library/psa_crypto_rsa.c
2676 * library/rsa.c
2677 * library/ssl_cookie.c
2678 * library/ssl_msg.c
2679 * library/ssl_tls.c
Przemek Stekiel6e712822022-05-06 11:40:20 +02002680 * library/x509.c
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002681 * library/x509_crt.c
2682 * library/x509write_crt.c
2683 * library/x509write_csr.c
Paul Bakker17373852011-01-06 14:20:01 +00002684 *
2685 * Uncomment to enable generic message digest wrappers.
2686 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002687#define MBEDTLS_MD_C
Paul Bakker17373852011-01-06 14:20:01 +00002688
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002689/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002690 * \def MBEDTLS_MD5_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002691 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002692 * Enable the MD5 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002693 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002694 * Module: library/md5.c
2695 * Caller: library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002696 * library/pem.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002697 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002698 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02002699 * This module is required for TLS 1.2 depending on the handshake parameters.
2700 * Further, it is used for checking MD5-signed certificates, and for PBKDF1
2701 * when decrypting PEM-encoded encrypted keys.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002702 *
2703 * \warning MD5 is considered a weak message digest and its use constitutes a
2704 * security risk. If possible, we recommend avoiding dependencies on
2705 * it, and considering stronger message digests instead.
2706 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002707 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002708#define MBEDTLS_MD5_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002709
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002710/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002711 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002712 *
2713 * Enable the buffer allocator implementation that makes use of a (stack)
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02002714 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002715 * calls)
Paul Bakker6e339b52013-07-03 13:37:05 +02002716 *
2717 * Module: library/memory_buffer_alloc.c
2718 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002719 * Requires: MBEDTLS_PLATFORM_C
2720 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
Paul Bakker6e339b52013-07-03 13:37:05 +02002721 *
2722 * Enable this module to enable the buffer memory allocator.
Paul Bakker6e339b52013-07-03 13:37:05 +02002723 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002724//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02002725
2726/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002727 * \def MBEDTLS_NET_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002728 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002729 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
2730 *
Simon Butcherd567a232016-03-09 20:19:21 +00002731 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
2732 * and Windows. For other platforms, you'll want to disable it, and write your
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002733 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002734 *
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00002735 * \note See also our Knowledge Base article about porting to a new
2736 * environment:
Dave Rodgmanb3196842022-10-12 16:47:08 +01002737 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00002738 *
Andres AG788aa4a2016-09-14 14:32:09 +01002739 * Module: library/net_sockets.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002740 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002741 * This module provides networking routines.
Paul Bakker5121ce52009-01-03 21:22:43 +00002742 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002743#define MBEDTLS_NET_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002744
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002745/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002746 * \def MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002747 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002748 * Enable the OID database.
Paul Bakkerc70b9822013-04-07 22:00:46 +02002749 *
2750 * Module: library/oid.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002751 * Caller: library/asn1write.c
2752 * library/pkcs5.c
2753 * library/pkparse.c
2754 * library/pkwrite.c
2755 * library/rsa.c
2756 * library/x509.c
2757 * library/x509_create.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002758 * library/x509_crl.c
2759 * library/x509_crt.c
2760 * library/x509_csr.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002761 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002762 * library/x509write_csr.c
Paul Bakkerc70b9822013-04-07 22:00:46 +02002763 *
2764 * This modules translates between OIDs and internal values.
2765 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002766#define MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002767
2768/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002769 * \def MBEDTLS_PADLOCK_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002770 *
2771 * Enable VIA Padlock support on x86.
2772 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002773 * Module: library/padlock.c
2774 * Caller: library/aes.c
2775 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002776 * Requires: MBEDTLS_HAVE_ASM
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002777 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002778 * This modules adds support for the VIA PadLock on x86.
2779 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002780#define MBEDTLS_PADLOCK_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002781
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002782/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002783 * \def MBEDTLS_PEM_PARSE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002784 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002785 * Enable PEM decoding / parsing.
Paul Bakker96743fc2011-02-12 14:30:57 +00002786 *
2787 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002788 * Caller: library/dhm.c
Paul Bakkercff68422013-09-15 20:43:33 +02002789 * library/pkparse.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002790 * library/x509_crl.c
2791 * library/x509_crt.c
2792 * library/x509_csr.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002793 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002794 * Requires: MBEDTLS_BASE64_C
Manuel Pégourié-Gonnard1c2008f2023-03-16 10:20:29 +01002795 * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below)
2796 *
2797 * \warning When parsing password-protected files, if MD5 is provided only by
2798 * a PSA driver, you must call psa_crypto_init() before the first file.
Paul Bakker5690efc2011-05-26 13:16:06 +00002799 *
Paul Bakkercff68422013-09-15 20:43:33 +02002800 * This modules adds support for decoding / parsing PEM files.
Paul Bakker96743fc2011-02-12 14:30:57 +00002801 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002802#define MBEDTLS_PEM_PARSE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002803
2804/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002805 * \def MBEDTLS_PEM_WRITE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002806 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002807 * Enable PEM encoding / writing.
Paul Bakkercff68422013-09-15 20:43:33 +02002808 *
2809 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002810 * Caller: library/pkwrite.c
2811 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002812 * library/x509write_csr.c
Paul Bakkercff68422013-09-15 20:43:33 +02002813 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002814 * Requires: MBEDTLS_BASE64_C
Paul Bakkercff68422013-09-15 20:43:33 +02002815 *
2816 * This modules adds support for encoding / writing PEM files.
2817 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002818#define MBEDTLS_PEM_WRITE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002819
2820/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002821 * \def MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002822 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08002823 * Enable the generic public (asymmetric) key layer.
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002824 *
2825 * Module: library/pk.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002826 * Caller: library/psa_crypto_rsa.c
2827 * library/ssl_tls.c
2828 * library/ssl*_client.c
2829 * library/ssl*_server.c
2830 * library/x509.c
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002831 *
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002832 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +02002833 *
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002834 * Uncomment to enable generic public key wrappers.
2835 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002836#define MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002837
2838/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002839 * \def MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002840 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08002841 * Enable the generic public (asymmetric) key parser.
Paul Bakker4606c732013-09-15 17:04:23 +02002842 *
2843 * Module: library/pkparse.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002844 * Caller: library/x509_crt.c
2845 * library/x509_csr.c
Paul Bakker4606c732013-09-15 17:04:23 +02002846 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002847 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002848 *
2849 * Uncomment to enable generic public key parse functions.
2850 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002851#define MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002852
2853/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002854 * \def MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002855 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08002856 * Enable the generic public (asymmetric) key writer.
Paul Bakker4606c732013-09-15 17:04:23 +02002857 *
2858 * Module: library/pkwrite.c
2859 * Caller: library/x509write.c
2860 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002861 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002862 *
2863 * Uncomment to enable generic public key write functions.
2864 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002865#define MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002866
2867/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002868 * \def MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002869 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002870 * Enable PKCS#5 functions.
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002871 *
2872 * Module: library/pkcs5.c
2873 *
Manuel Pégourié-Gonnard49e67f82023-03-16 11:39:20 +01002874 * Requires: MBEDTLS_CIPHER_C
Manuel Pégourié-Gonnard161dca62023-03-21 16:22:59 +01002875 * Auto-enables: MBEDTLS_MD_C
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02002876 *
Manuel Pégourié-Gonnard49e67f82023-03-16 11:39:20 +01002877 * \warning If using a hash that is only provided by PSA drivers, you must
2878 * call psa_crypto_init() before doing any PKCS5 operations.
Manuel Pégourié-Gonnard18a38562022-11-22 11:49:55 +01002879 *
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002880 * This module adds support for the PKCS#5 functions.
2881 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002882#define MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002883
2884/**
Nayna Jainc9deb182020-11-16 19:03:12 +00002885 * \def MBEDTLS_PKCS7_C
2886 *
Dave Rodgman3fe2abf2023-03-10 17:05:54 +00002887 * Enable PKCS #7 core for using PKCS #7-formatted signatures.
Nayna Jainc9deb182020-11-16 19:03:12 +00002888 * RFC Link - https://tools.ietf.org/html/rfc2315
2889 *
2890 * Module: library/pkcs7.c
2891 *
2892 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
Nick Child89e82e12022-11-09 10:36:10 -06002893 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C,
2894 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C
Nayna Jainc9deb182020-11-16 19:03:12 +00002895 *
Dave Rodgmanefbc5f72023-03-13 12:15:49 +00002896 * This module is required for the PKCS #7 parsing modules.
Nayna Jainc9deb182020-11-16 19:03:12 +00002897 */
Dave Rodgman7c33b0c2023-03-10 15:07:15 +00002898#define MBEDTLS_PKCS7_C
Nayna Jainc9deb182020-11-16 19:03:12 +00002899
2900/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002901 * \def MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002902 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002903 * Enable PKCS#12 PBE functions.
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002904 * Adds algorithms for parsing PKCS#8 encrypted private keys
2905 *
2906 * Module: library/pkcs12.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002907 * Caller: library/pkparse.c
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002908 *
Andrzej Kurek7bd12c52022-08-24 10:47:10 -04002909 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either
2910 * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C.
2911 *
Manuel Pégourié-Gonnardbe97afe2023-03-16 10:00:54 +01002912 * \warning If using a hash that is only provided by PSA drivers, you must
2913 * call psa_crypto_init() before doing any PKCS12 operations.
Manuel Pégourié-Gonnard18a38562022-11-22 11:49:55 +01002914 *
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002915 * This module enables PKCS#12 functions.
2916 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002917#define MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002918
2919/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002920 * \def MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01002921 *
2922 * Enable the platform abstraction layer that allows you to re-assign
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002923 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
Paul Bakker747a83a2014-02-01 22:50:07 +01002924 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002925 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
2926 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
Rich Evans16f8cd82015-02-06 16:14:34 +00002927 * above to be specified at runtime or compile time respectively.
Paul Bakker747a83a2014-02-01 22:50:07 +01002928 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002929 * \note This abstraction layer must be enabled on Windows (including MSYS2)
Jan Bruckner9ff6f8c2022-08-22 16:05:58 +02002930 * as other modules rely on it for a fixed snprintf implementation.
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002931 *
Paul Bakker747a83a2014-02-01 22:50:07 +01002932 * Module: library/platform.c
2933 * Caller: Most other .c files
2934 *
2935 * This module enables abstraction of common (libc) functions.
2936 */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02002937#define MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01002938
2939/**
Daniel Kingadc32c02016-05-16 18:25:45 -03002940 * \def MBEDTLS_POLY1305_C
2941 *
2942 * Enable the Poly1305 MAC algorithm.
2943 *
2944 * Module: library/poly1305.c
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +02002945 * Caller: library/chachapoly.c
Daniel Kingadc32c02016-05-16 18:25:45 -03002946 */
2947#define MBEDTLS_POLY1305_C
2948
2949/**
Jaeden Amero484ee332018-10-25 17:38:05 +01002950 * \def MBEDTLS_PSA_CRYPTO_C
2951 *
2952 * Enable the Platform Security Architecture cryptography API.
2953 *
Gilles Peskinee59236f2018-01-27 23:32:46 +01002954 * Module: library/psa_crypto.c
Jaeden Amero484ee332018-10-25 17:38:05 +01002955 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002956 * Requires: MBEDTLS_CIPHER_C,
2957 * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
Gilles Peskine82e57d12020-11-13 21:31:17 +01002958 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C,
Gilles Peskinef08b3f82020-11-13 17:36:48 +01002959 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
Jaeden Amero484ee332018-10-25 17:38:05 +01002960 *
2961 */
Manuel Pégourié-Gonnardde7636e2019-02-01 12:33:29 +01002962#define MBEDTLS_PSA_CRYPTO_C
Jaeden Amero484ee332018-10-25 17:38:05 +01002963
2964/**
Gilles Peskinea8ade162019-06-26 11:24:49 +02002965 * \def MBEDTLS_PSA_CRYPTO_SE_C
2966 *
Gilles Peskine98473c42022-06-20 18:46:22 +02002967 * Enable dynamic secure element support in the Platform Security Architecture
Gilles Peskinea8ade162019-06-26 11:24:49 +02002968 * cryptography API.
2969 *
Gilles Peskine98473c42022-06-20 18:46:22 +02002970 * \deprecated This feature is deprecated. Please switch to the driver
2971 * interface enabled by #MBEDTLS_PSA_CRYPTO_DRIVERS.
Gilles Peskined0e66b02019-07-24 13:52:51 +02002972 *
Gilles Peskinea8ade162019-06-26 11:24:49 +02002973 * Module: library/psa_crypto_se.c
2974 *
2975 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C
2976 *
2977 */
Gilles Peskined0e66b02019-07-24 13:52:51 +02002978//#define MBEDTLS_PSA_CRYPTO_SE_C
Gilles Peskinea8ade162019-06-26 11:24:49 +02002979
2980/**
Andrzej Kurekc6905232019-02-05 05:23:41 -05002981 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
2982 *
2983 * Enable the Platform Security Architecture persistent key storage.
2984 *
Darryl Greendb2b8db2018-06-15 13:06:04 +01002985 * Module: library/psa_crypto_storage.c
Andrzej Kurekc6905232019-02-05 05:23:41 -05002986 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00002987 * Requires: MBEDTLS_PSA_CRYPTO_C,
2988 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
2989 * the PSA ITS interface
Andrzej Kurekc6905232019-02-05 05:23:41 -05002990 */
Darryl Greendb2b8db2018-06-15 13:06:04 +01002991#define MBEDTLS_PSA_CRYPTO_STORAGE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05002992
2993/**
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00002994 * \def MBEDTLS_PSA_ITS_FILE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05002995 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00002996 * Enable the emulation of the Platform Security Architecture
2997 * Internal Trusted Storage (PSA ITS) over files.
Andrzej Kurekc6905232019-02-05 05:23:41 -05002998 *
Gilles Peskine6194dc22018-11-16 22:24:15 +01002999 * Module: library/psa_its_file.c
Andrzej Kurekc6905232019-02-05 05:23:41 -05003000 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003001 * Requires: MBEDTLS_FS_IO
Andrzej Kurekc6905232019-02-05 05:23:41 -05003002 */
Gilles Peskine6194dc22018-11-16 22:24:15 +01003003#define MBEDTLS_PSA_ITS_FILE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003004
3005/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003006 * \def MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003007 *
3008 * Enable the RIPEMD-160 hash algorithm.
3009 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003010 * Module: library/ripemd160.c
3011 * Caller: library/md.c
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003012 *
3013 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003014#define MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003015
3016/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003017 * \def MBEDTLS_RSA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003018 *
3019 * Enable the RSA public-key cryptosystem.
3020 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003021 * Module: library/rsa.c
Chris Jones3848e312021-03-11 16:17:59 +00003022 * library/rsa_alt_helpers.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003023 * Caller: library/pk.c
3024 * library/psa_crypto.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003025 * library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003026 * library/ssl*_client.c
3027 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003028 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02003029 * This module is used by the following key exchanges:
3030 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
Paul Bakker5690efc2011-05-26 13:16:06 +00003031 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003032 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003033 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003034#define MBEDTLS_RSA_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003035
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003036/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003037 * \def MBEDTLS_SHA1_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003038 *
3039 * Enable the SHA1 cryptographic hash algorithm.
3040 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003041 * Module: library/sha1.c
3042 * Caller: library/md.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003043 * library/psa_crypto_hash.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003044 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02003045 * This module is required for TLS 1.2 depending on the handshake parameters,
3046 * and for SHA1-signed certificates.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01003047 *
3048 * \warning SHA-1 is considered a weak message digest and its use constitutes
3049 * a security risk. If possible, we recommend avoiding dependencies
3050 * on it, and considering stronger message digests instead.
3051 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003052 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003053#define MBEDTLS_SHA1_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003054
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003055/**
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003056 * \def MBEDTLS_SHA224_C
3057 *
3058 * Enable the SHA-224 cryptographic hash algorithm.
3059 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003060 * Module: library/sha256.c
3061 * Caller: library/md.c
3062 * library/ssl_cookie.c
3063 *
3064 * This module adds support for SHA-224.
3065 */
3066#define MBEDTLS_SHA224_C
3067
3068/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003069 * \def MBEDTLS_SHA256_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003070 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003071 * Enable the SHA-256 cryptographic hash algorithm.
3072 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003073 * Module: library/sha256.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003074 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003075 * library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003076 * library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003077 * library/ssl*_client.c
3078 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003079 *
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003080 * This module adds support for SHA-256.
Paul Bakker769075d2012-11-24 11:26:46 +01003081 * This module is required for the SSL/TLS 1.2 PRF function.
Paul Bakker5121ce52009-01-03 21:22:43 +00003082 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003083#define MBEDTLS_SHA256_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003084
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003085/**
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003086 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3087 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003088 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms
3089 * with the ARMv8 cryptographic extensions if they are available at runtime.
3090 * If not, the library will fall back to the C implementation.
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003091 *
3092 * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building
3093 * for a non-Aarch64 build it will be silently ignored.
3094 *
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003095 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the
3096 * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY.
3097 *
3098 * Requires: MBEDTLS_SHA256_C.
3099 *
3100 * Module: library/sha256.c
3101 *
3102 * Uncomment to have the library check for the A64 SHA-256 crypto extensions
3103 * and use them if available.
3104 */
3105//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3106
3107/**
3108 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3109 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003110 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms
3111 * with the ARMv8 cryptographic extensions, which must be available at runtime
3112 * or else an illegal instruction fault will occur.
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003113 *
3114 * \note This allows builds with a smaller code size than with
3115 * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3116 *
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003117 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same
3118 * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT.
3119 *
3120 * Requires: MBEDTLS_SHA256_C.
3121 *
3122 * Module: library/sha256.c
3123 *
3124 * Uncomment to have the library use the A64 SHA-256 crypto extensions
3125 * unconditionally.
3126 */
3127//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3128
3129/**
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003130 * \def MBEDTLS_SHA384_C
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003131 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003132 * Enable the SHA-384 cryptographic hash algorithm.
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003133 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003134 * Module: library/sha512.c
3135 * Caller: library/md.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003136 * library/psa_crypto_hash.c
3137 * library/ssl_tls.c
3138 * library/ssl*_client.c
3139 * library/ssl*_server.c
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003140 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003141 * Comment to disable SHA-384
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003142 */
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003143#define MBEDTLS_SHA384_C
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003144
3145/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003146 * \def MBEDTLS_SHA512_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003147 *
Mateusz Starzyk3352a532021-04-06 14:28:22 +02003148 * Enable SHA-512 cryptographic hash algorithms.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003149 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003150 * Module: library/sha512.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003151 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003152 * library/md.c
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003153 * library/ssl_tls.c
3154 * library/ssl_cookie.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003155 *
Mateusz Starzyk3352a532021-04-06 14:28:22 +02003156 * This module adds support for SHA-512.
Paul Bakker5121ce52009-01-03 21:22:43 +00003157 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003158#define MBEDTLS_SHA512_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003159
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003160/**
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003161 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3162 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003163 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms
3164 * with the ARMv8 cryptographic extensions if they are available at runtime.
3165 * If not, the library will fall back to the C implementation.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003166 *
3167 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building
3168 * for a non-Aarch64 build it will be silently ignored.
3169 *
3170 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or
Jerry Yuf7dccb32023-02-16 17:37:58 +08003171 * Clang >= 7.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003172 *
3173 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the
3174 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY.
3175 *
3176 * Requires: MBEDTLS_SHA512_C.
3177 *
3178 * Module: library/sha512.c
3179 *
3180 * Uncomment to have the library check for the A64 SHA-512 crypto extensions
3181 * and use them if available.
3182 */
3183//#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3184
3185/**
3186 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3187 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003188 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms
3189 * with the ARMv8 cryptographic extensions, which must be available at runtime
3190 * or else an illegal instruction fault will occur.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003191 *
3192 * \note This allows builds with a smaller code size than with
3193 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3194 *
3195 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or
Jerry Yuf7dccb32023-02-16 17:37:58 +08003196 * Clang >= 7.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003197 *
3198 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same
3199 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT.
3200 *
3201 * Requires: MBEDTLS_SHA512_C.
3202 *
3203 * Module: library/sha512.c
3204 *
3205 * Uncomment to have the library use the A64 SHA-512 crypto extensions
3206 * unconditionally.
3207 */
3208//#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3209
3210/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003211 * \def MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003212 *
3213 * Enable simple SSL cache implementation.
3214 *
3215 * Module: library/ssl_cache.c
3216 * Caller:
3217 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003218 * Requires: MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003219 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003220#define MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003221
3222/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003223 * \def MBEDTLS_SSL_COOKIE_C
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003224 *
3225 * Enable basic implementation of DTLS cookies for hello verification.
3226 *
3227 * Module: library/ssl_cookie.c
3228 * Caller:
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003229 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003230#define MBEDTLS_SSL_COOKIE_C
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003231
3232/**
Manuel Pégourié-Gonnardfd6d8972015-05-15 12:09:00 +02003233 * \def MBEDTLS_SSL_TICKET_C
3234 *
3235 * Enable an implementation of TLS server-side callbacks for session tickets.
3236 *
3237 * Module: library/ssl_ticket.c
3238 * Caller:
Manuel Pégourié-Gonnard0c0f11f2015-05-20 09:55:50 +02003239 *
Przemek Stekiel52a428b2022-10-10 08:47:13 +02003240 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) &&
3241 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnardfd6d8972015-05-15 12:09:00 +02003242 */
3243#define MBEDTLS_SSL_TICKET_C
3244
3245/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003246 * \def MBEDTLS_SSL_CLI_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003247 *
3248 * Enable the SSL/TLS client code.
3249 *
Ronald Cronde1adee2022-03-07 16:20:30 +01003250 * Module: library/ssl*_client.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003251 * Caller:
3252 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003253 * Requires: MBEDTLS_SSL_TLS_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003254 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003255 * This module is required for SSL/TLS client support.
3256 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003257#define MBEDTLS_SSL_CLI_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003258
Paul Bakker9a736322012-11-14 12:39:52 +00003259/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003260 * \def MBEDTLS_SSL_SRV_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003261 *
3262 * Enable the SSL/TLS server code.
3263 *
Ronald Cronde1adee2022-03-07 16:20:30 +01003264 * Module: library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003265 * Caller:
3266 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003267 * Requires: MBEDTLS_SSL_TLS_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003268 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003269 * This module is required for SSL/TLS server support.
3270 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003271#define MBEDTLS_SSL_SRV_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003272
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003273/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003274 * \def MBEDTLS_SSL_TLS_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003275 *
Paul Bakkere29ab062011-05-18 13:26:54 +00003276 * Enable the generic SSL/TLS code.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003277 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003278 * Module: library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003279 * Caller: library/ssl*_client.c
3280 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003281 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003282 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
3283 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
Paul Bakker5690efc2011-05-26 13:16:06 +00003284 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003285 * This module is required for SSL/TLS.
3286 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003287#define MBEDTLS_SSL_TLS_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003288
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003289/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003290 * \def MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003291 *
3292 * Enable the threading abstraction layer.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003293 * By default mbed TLS assumes it is used in a non-threaded environment or that
Paul Bakker2466d932013-09-28 14:40:38 +02003294 * contexts are not shared between threads. If you do intend to use contexts
3295 * between threads, you will need to enable this layer to prevent race
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003296 * conditions. See also our Knowledge Base article about threading:
Dave Rodgmanb3196842022-10-12 16:47:08 +01003297 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading
Paul Bakker2466d932013-09-28 14:40:38 +02003298 *
3299 * Module: library/threading.c
3300 *
3301 * This allows different threading implementations (self-implemented or
3302 * provided).
3303 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003304 * You will have to enable either MBEDTLS_THREADING_ALT or
3305 * MBEDTLS_THREADING_PTHREAD.
Paul Bakker2466d932013-09-28 14:40:38 +02003306 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003307 * Enable this layer to allow use of mutexes within mbed TLS
Paul Bakker2466d932013-09-28 14:40:38 +02003308 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003309//#define MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003310
3311/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003312 * \def MBEDTLS_TIMING_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003313 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01003314 * Enable the semi-portable timing interface.
3315 *
Simon Butcherd567a232016-03-09 20:19:21 +00003316 * \note The provided implementation only works on POSIX/Unix (including Linux,
3317 * BSD and OS X) and Windows. On other platforms, you can either disable that
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01003318 * module and provide your own implementations of the callbacks needed by
3319 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
3320 * your own implementation of the whole module by setting
3321 * \c MBEDTLS_TIMING_ALT in the current file.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003322 *
Andrzej Kurek57353692022-04-07 08:08:21 -04003323 * \note The timing module will include time.h on suitable platforms
3324 * regardless of the setting of MBEDTLS_HAVE_TIME, unless
3325 * MBEDTLS_TIMING_ALT is used. See timing.c for more information.
3326 *
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003327 * \note See also our Knowledge Base article about porting to a new
3328 * environment:
Dave Rodgmanb3196842022-10-12 16:47:08 +01003329 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003330 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003331 * Module: library/timing.c
Paul Bakkerecd54fb2013-07-03 14:48:29 +02003332 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003333#define MBEDTLS_TIMING_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003334
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003335/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003336 * \def MBEDTLS_VERSION_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003337 *
3338 * Enable run-time version information.
3339 *
Paul Bakker0a62cd12011-01-21 11:00:08 +00003340 * Module: library/version.c
3341 *
3342 * This module provides run-time version information.
3343 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003344#define MBEDTLS_VERSION_C
Paul Bakker0a62cd12011-01-21 11:00:08 +00003345
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003346/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003347 * \def MBEDTLS_X509_USE_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003348 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003349 * Enable X.509 core for using certificates.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003350 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003351 * Module: library/x509.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003352 * Caller: library/x509_crl.c
3353 * library/x509_crt.c
3354 * library/x509_csr.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003355 *
Przemek Stekiel10836a02022-08-19 08:45:34 +02003356 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
Przemek Stekiel278b6672022-08-03 09:50:38 +02003357 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
3358 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02003359 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call
3360 * psa_crypto_init() before doing any X.509 operation.
Paul Bakker5690efc2011-05-26 13:16:06 +00003361 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003362 * This module is required for the X.509 parsing modules.
Paul Bakker5121ce52009-01-03 21:22:43 +00003363 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003364#define MBEDTLS_X509_USE_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003365
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003366/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003367 * \def MBEDTLS_X509_CRT_PARSE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003368 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003369 * Enable X.509 certificate parsing.
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003370 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003371 * Module: library/x509_crt.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003372 * Caller: library/ssl_tls.c
3373 * library/ssl*_client.c
3374 * library/ssl*_server.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003375 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003376 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003377 *
3378 * This module is required for X.509 certificate parsing.
3379 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003380#define MBEDTLS_X509_CRT_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003381
3382/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003383 * \def MBEDTLS_X509_CRL_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003384 *
3385 * Enable X.509 CRL parsing.
3386 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003387 * Module: library/x509_crl.c
3388 * Caller: library/x509_crt.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003389 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003390 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003391 *
3392 * This module is required for X.509 CRL parsing.
3393 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003394#define MBEDTLS_X509_CRL_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003395
3396/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003397 * \def MBEDTLS_X509_CSR_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003398 *
3399 * Enable X.509 Certificate Signing Request (CSR) parsing.
3400 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003401 * Module: library/x509_csr.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003402 * Caller: library/x509_crt_write.c
3403 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003404 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003405 *
3406 * This module is used for reading X.509 certificate request.
3407 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003408#define MBEDTLS_X509_CSR_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003409
3410/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003411 * \def MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003412 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003413 * Enable X.509 core for creating certificates.
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003414 *
3415 * Module: library/x509_create.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003416 *
Przemek Stekiel10836a02022-08-19 08:45:34 +02003417 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
Przemek Stekiel278b6672022-08-03 09:50:38 +02003418 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
3419 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02003420 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call
3421 * psa_crypto_init() before doing any X.509 create operation.
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003422 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003423 * This module is the basis for creating X.509 certificates and CSRs.
3424 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003425#define MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003426
3427/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003428 * \def MBEDTLS_X509_CRT_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003429 *
3430 * Enable creating X.509 certificates.
3431 *
3432 * Module: library/x509_crt_write.c
3433 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003434 * Requires: MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003435 *
3436 * This module is required for X.509 certificate creation.
3437 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003438#define MBEDTLS_X509_CRT_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003439
3440/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003441 * \def MBEDTLS_X509_CSR_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003442 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003443 * Enable creating X.509 Certificate Signing Requests (CSR).
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003444 *
3445 * Module: library/x509_csr_write.c
3446 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003447 * Requires: MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003448 *
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003449 * This module is required for X.509 certificate request writing.
3450 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003451#define MBEDTLS_X509_CSR_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003452
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +01003453/** \} name SECTION: mbed TLS modules */
Paul Bakker7a7c78f2009-01-04 18:15:48 +00003454
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003455/**
Gilles Peskineba4162a2022-04-11 17:04:38 +02003456 * \name SECTION: General configuration options
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003457 *
Gilles Peskined5793ce2022-04-13 23:05:10 +02003458 * This section contains Mbed TLS build settings that are not associated
3459 * with a particular module.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003460 *
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003461 * \{
3462 */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003463
Gilles Peskinea02c1242022-03-16 17:03:19 +01003464/**
3465 * \def MBEDTLS_CONFIG_FILE
3466 *
3467 * If defined, this is a header which will be included instead of
3468 * `"mbedtls/mbedtls_config.h"`.
3469 * This header file specifies the compile-time configuration of Mbed TLS.
Gilles Peskineefffd642022-04-26 18:13:01 +02003470 * Unlike other configuration options, this one must be defined on the
3471 * compiler command line: a definition in `mbedtls_config.h` would have
3472 * no effect.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003473 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003474 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinea02c1242022-03-16 17:03:19 +01003475 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003476 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003477 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003478 * The value of this symbol is typically a path in double quotes, either
3479 * absolute or relative to a directory on the include search path.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003480 */
3481//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h"
3482
3483/**
3484 * \def MBEDTLS_USER_CONFIG_FILE
3485 *
3486 * If defined, this is a header which will be included after
3487 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE.
Gilles Peskinef68f43a2022-04-13 23:22:20 +02003488 * This allows you to modify the default configuration, including the ability
3489 * to undefine options that are enabled by default.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003490 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003491 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinea02c1242022-03-16 17:03:19 +01003492 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003493 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003494 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003495 * The value of this symbol is typically a path in double quotes, either
3496 * absolute or relative to a directory on the include search path.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003497 */
3498//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3499
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003500/**
3501 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
3502 *
3503 * If defined, this is a header which will be included instead of
3504 * `"psa/crypto_config.h"`.
3505 * This header file specifies which cryptographic mechanisms are available
3506 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and
3507 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled.
3508 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003509 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003510 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003511 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003512 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003513 * The value of this symbol is typically a path in double quotes, either
3514 * absolute or relative to a directory on the include search path.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003515 */
3516//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3517
3518/**
3519 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
3520 *
3521 * If defined, this is a header which will be included after
3522 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
Gilles Peskinef68f43a2022-04-13 23:22:20 +02003523 * This allows you to modify the default configuration, including the ability
3524 * to undefine options that are enabled by default.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003525 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003526 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003527 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003528 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003529 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003530 * The value of this symbol is typically a path in double quotes, either
3531 * absolute or relative to a directory on the include search path.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003532 */
3533//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3534
Gilles Peskineb1176f22023-02-22 22:07:28 +01003535/**
3536 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE
3537 *
3538 * If defined, this is a header which will be included instead of
3539 * `"psa/crypto_platform.h"`. This file should declare the same identifiers
3540 * as the one in Mbed TLS, but with definitions adapted to the platform on
3541 * which the library code will run.
3542 *
3543 * \note The required content of this header can vary from one version of
3544 * Mbed TLS to the next. Integrators who provide an alternative file
3545 * should review the changes in the original file whenever they
3546 * upgrade Mbed TLS.
3547 *
3548 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
3549 * non-standard feature of the C language, so this feature is only available
3550 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
3551 *
3552 * The value of this symbol is typically a path in double quotes, either
3553 * absolute or relative to a directory on the include search path.
3554 */
3555//#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h"
3556
3557/**
3558 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE
3559 *
3560 * If defined, this is a header which will be included instead of
3561 * `"psa/crypto_struct.h"`. This file should declare the same identifiers
3562 * as the one in Mbed TLS, but with definitions adapted to the environment
3563 * in which the library code will run. The typical use for this feature
3564 * is to provide alternative type definitions on the client side in
3565 * client-server integrations of PSA crypto, where operation structures
3566 * contain handles instead of cryptographic data.
3567 *
3568 * \note The required content of this header can vary from one version of
3569 * Mbed TLS to the next. Integrators who provide an alternative file
3570 * should review the changes in the original file whenever they
3571 * upgrade Mbed TLS.
3572 *
3573 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
3574 * non-standard feature of the C language, so this feature is only available
3575 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
3576 *
3577 * The value of this symbol is typically a path in double quotes, either
3578 * absolute or relative to a directory on the include search path.
3579 */
3580//#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h"
3581
Gilles Peskineba4162a2022-04-11 17:04:38 +02003582/** \} name SECTION: General configuration options */
3583
3584/**
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003585 * \name SECTION: Module configuration options
3586 *
3587 * This section allows for the setting of module specific sizes and
3588 * configuration options. The default values are already present in the
3589 * relevant header files and should suffice for the regular use cases.
3590 *
3591 * Our advice is to enable options and change their values here
3592 * only if you have a good reason and know the consequences.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003593 * \{
3594 */
Gilles Peskine3f49cc12022-04-13 23:21:16 +02003595/* The Doxygen documentation here is used when a user comments out a
3596 * setting and runs doxygen themselves. On the other hand, when we typeset
3597 * the full documentation including disabled settings, the documentation
3598 * in specific modules' header files is used if present. When editing this
3599 * file, make sure that each option is documented in exactly one place,
3600 * plus optionally a same-line Doxygen comment here if there is a Doxygen
3601 * comment in the specific module. */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003602
Paul Bakker088c5c52014-04-25 11:11:10 +02003603/* MPI / BIGNUM options */
Andrzej Kurek86f30ff2023-02-24 07:44:57 -05003604//#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003605//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003606
Paul Bakker088c5c52014-04-25 11:11:10 +02003607/* CTR_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003608//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3609//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3610//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3611//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3612//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003613
Paul Bakker088c5c52014-04-25 11:11:10 +02003614/* HMAC_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003615//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3616//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3617//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3618//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003619
Paul Bakker088c5c52014-04-25 11:11:10 +02003620/* ECP options */
Gilles Peskine5752e592021-06-02 13:27:03 +02003621//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003622//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
Manuel Pégourié-Gonnard0520b602014-01-30 19:43:46 +01003623
Paul Bakker088c5c52014-04-25 11:11:10 +02003624/* Entropy options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003625//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3626//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
Andres AG7abc9742016-09-23 17:58:49 +01003627//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
Paul Bakkere1b665e2013-12-11 16:02:58 +01003628
Paul Bakker088c5c52014-04-25 11:11:10 +02003629/* Memory buffer allocator options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003630//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003631
Paul Bakker088c5c52014-04-25 11:11:10 +02003632/* Platform options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003633//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003634//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003635//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
Gilles Peskine6497b5a2022-06-30 17:01:40 +02003636//#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003637//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003638//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003639//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3640//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003641/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003642//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
Janos Follath91947442016-03-18 13:49:27 +00003643//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3644//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003645//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3646//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3647//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
Paul Bakker6e339b52013-07-03 13:37:05 +02003648
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003649/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3650/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003651//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003652//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3653//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
Gilles Peskine6497b5a2022-06-30 17:01:40 +02003654//#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003655//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3656//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003657//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3658//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003659/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003660//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
k-stachowiak723f8672018-07-16 14:27:07 +02003661//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003662//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3663//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003664
Gilles Peskine3f106f72021-09-23 17:42:39 +02003665/** \def MBEDTLS_CHECK_RETURN
3666 *
3667 * This macro is used at the beginning of the declaration of a function
3668 * to indicate that its return value should be checked. It should
3669 * instruct the compiler to emit a warning or an error if the function
3670 * is called without checking its return value.
3671 *
3672 * There is a default implementation for popular compilers in platform_util.h.
3673 * You can override the default implementation by defining your own here.
3674 *
3675 * If the implementation here is empty, this will effectively disable the
3676 * checking of functions' return values.
3677 */
Gilles Peskinecd79dfc2021-09-30 18:53:36 +02003678//#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
Gilles Peskine3f106f72021-09-23 17:42:39 +02003679
Gilles Peskinefcc93d72021-09-30 18:56:17 +02003680/** \def MBEDTLS_IGNORE_RETURN
3681 *
3682 * This macro requires one argument, which should be a C function call.
3683 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this
3684 * warning is suppressed.
3685 */
3686//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
3687
Gilles Peskineed038902020-11-13 21:33:21 +01003688/* PSA options */
Gilles Peskine14c332b2020-11-14 12:26:53 +01003689/**
Gilles Peskineed038902020-11-13 21:33:21 +01003690 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
3691 * PSA crypto subsystem.
3692 *
3693 * If this option is unset:
3694 * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
Gilles Peskineb0a748e2020-11-30 12:01:54 +01003695 * - Otherwise, the PSA subsystem uses HMAC_DRBG with either
Gilles Peskineed038902020-11-13 21:33:21 +01003696 * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
3697 * on unspecified heuristics.
3698 */
3699//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
3700
Steven Cooreman863470a2021-02-15 14:03:19 +01003701/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
Steven Cooreman1f968fd2021-02-15 14:00:24 +01003702 * Restrict the PSA library to supporting a maximum amount of simultaneously
3703 * loaded keys. A loaded key is a key stored by the PSA Crypto core as a
3704 * volatile key, or a persistent key which is loaded temporarily by the
3705 * library as part of a crypto operation in flight.
3706 *
3707 * If this option is unset, the library will fall back to a default value of
3708 * 32 keys.
3709 */
Steven Cooreman863470a2021-02-15 14:03:19 +01003710//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
Steven Cooreman1f968fd2021-02-15 14:00:24 +01003711
Paul Bakker088c5c52014-04-25 11:11:10 +02003712/* SSL Cache options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003713//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3714//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003715
Paul Bakker088c5c52014-04-25 11:11:10 +02003716/* SSL options */
Angus Grattond8213d02016-05-25 20:56:48 +10003717
Angus Grattond8213d02016-05-25 20:56:48 +10003718/** \def MBEDTLS_SSL_IN_CONTENT_LEN
3719 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003720 * Maximum length (in bytes) of incoming plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003721 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003722 * This determines the size of the incoming TLS I/O buffer in such a way
3723 * that it is capable of holding the specified amount of plaintext data,
3724 * regardless of the protection mechanism used.
3725 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003726 * \note When using a value less than the default of 16KB on the client, it is
3727 * recommended to use the Maximum Fragment Length (MFL) extension to
3728 * inform the server about this limitation. On the server, there
3729 * is no supported, standardized way of informing the client about
3730 * restriction on the maximum size of incoming messages, and unless
3731 * the limitation has been communicated by other means, it is recommended
3732 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3733 * while keeping the default value of 16KB for the incoming buffer.
3734 *
David Horstmann95d516f2021-05-04 18:36:56 +01003735 * Uncomment to set the maximum plaintext size of the incoming I/O buffer.
Angus Grattond8213d02016-05-25 20:56:48 +10003736 */
3737//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3738
Gilles Peskined3d02902020-03-04 21:35:27 +01003739/** \def MBEDTLS_SSL_CID_IN_LEN_MAX
3740 *
3741 * The maximum length of CIDs used for incoming DTLS messages.
3742 *
3743 */
3744//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3745
3746/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX
3747 *
3748 * The maximum length of CIDs used for outgoing DTLS messages.
3749 *
3750 */
3751//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3752
TRodziewicze8dd7092021-05-12 14:19:11 +02003753/** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY
Gilles Peskined3d02902020-03-04 21:35:27 +01003754 *
3755 * This option controls the use of record plaintext padding
TRodziewicz1e660ed2021-05-26 17:08:54 +02003756 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2.
Hanno Becker13996922020-05-28 16:15:19 +01003757 *
3758 * The padding will always be chosen so that the length of the
3759 * padded plaintext is a multiple of the value of this option.
3760 *
3761 * Note: A value of \c 1 means that no padding will be used
3762 * for outgoing records.
3763 *
3764 * Note: On systems lacking division instructions,
3765 * a power of two should be preferred.
3766 */
TRodziewicze8dd7092021-05-12 14:19:11 +02003767//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
Hanno Becker13996922020-05-28 16:15:19 +01003768
Angus Grattond8213d02016-05-25 20:56:48 +10003769/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
3770 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003771 * Maximum length (in bytes) of outgoing plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003772 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003773 * This determines the size of the outgoing TLS I/O buffer in such a way
3774 * that it is capable of holding the specified amount of plaintext data,
3775 * regardless of the protection mechanism used.
3776 *
Angus Grattond8213d02016-05-25 20:56:48 +10003777 * It is possible to save RAM by setting a smaller outward buffer, while keeping
3778 * the default inward 16384 byte buffer to conform to the TLS specification.
3779 *
3780 * The minimum required outward buffer size is determined by the handshake
3781 * protocol's usage. Handshaking will fail if the outward buffer is too small.
3782 * The specific size requirement depends on the configured ciphers and any
3783 * certificate data which is sent during the handshake.
3784 *
David Horstmann95d516f2021-05-04 18:36:56 +01003785 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer.
Angus Grattond8213d02016-05-25 20:56:48 +10003786 */
3787//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3788
Hanno Beckere0b150f2018-08-21 15:51:03 +01003789/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
3790 *
3791 * Maximum number of heap-allocated bytes for the purpose of
3792 * DTLS handshake message reassembly and future message buffering.
3793 *
Yuto Takano7828ca22021-08-10 11:26:15 +01003794 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN
Hanno Becker28007512018-08-28 09:46:44 +01003795 * to account for a reassembled handshake message of maximum size,
3796 * together with its reassembly bitmap.
3797 *
Hanno Becker97a1c132018-08-28 14:42:15 +01003798 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
Hanno Becker28007512018-08-28 09:46:44 +01003799 * should be sufficient for all practical situations as it allows
3800 * to reassembly a large handshake message (such as a certificate)
3801 * while buffering multiple smaller handshake messages.
3802 *
Hanno Beckere0b150f2018-08-21 15:51:03 +01003803 */
Hanno Becker159a37f2018-08-24 15:07:29 +01003804//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
Hanno Beckere0b150f2018-08-21 15:51:03 +01003805
Ronald Cron1aa6e8d2023-02-23 09:46:54 +01003806//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003807//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003808
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02003809/**
3810 * Complete list of ciphersuites to use, in order of preference.
3811 *
3812 * \warning No dependency checking is done on that field! This option can only
3813 * be used to restrict the set of available ciphersuites. It is your
3814 * responsibility to make sure the needed modules are active.
3815 *
3816 * Use this to save a few hundred bytes of ROM (default ordering of all
3817 * available ciphersuites) and a few to a few hundred bytes of RAM.
3818 *
3819 * The value below is only an example, not the default.
3820 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003821//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02003822
Gilles Peskinea8d7e432022-08-04 23:39:41 +02003823/**
3824 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
3825 *
3826 * Maximum time difference in milliseconds tolerated between the age of a
3827 * ticket from the server and client point of view.
3828 * From the client point of view, the age of a ticket is the time difference
3829 * between the time when the client proposes to the server to use the ticket
3830 * (time of writing of the Pre-Shared Key Extension including the ticket) and
3831 * the time the client received the ticket from the server.
3832 * From the server point of view, the age of a ticket is the time difference
3833 * between the time when the server receives a proposition from the client
3834 * to use the ticket and the time when the ticket was created by the server.
3835 * The server age is expected to be always greater than the client one and
3836 * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the
3837 * maximum difference tolerated for the server to accept the ticket.
3838 * This is not used in TLS 1.2.
3839 *
3840 */
3841#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
3842
3843/**
3844 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH
3845 *
3846 * Size in bytes of a ticket nonce. This is not used in TLS 1.2.
3847 *
3848 * This must be less than 256.
3849 */
3850#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
3851
3852/**
3853 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS
3854 *
3855 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server
3856 * after handshake completion. This is not used in TLS 1.2 and relevant only if
3857 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled.
3858 *
3859 */
3860#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
3861
Manuel Pégourié-Gonnardfd6c85c2014-11-20 16:34:20 +01003862/* X509 options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003863//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
Andres AGf9113192016-09-02 14:06:04 +01003864//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
Manuel Pégourié-Gonnardfd6c85c2014-11-20 16:34:20 +01003865
Gilles Peskine5e79cb32017-05-04 16:17:21 +02003866/**
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003867 * Uncomment the macro to let mbed TLS use your alternate implementation of
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003868 * mbedtls_platform_zeroize(). This replaces the default implementation in
3869 * platform_util.c.
Andres Amaya Garcia6606d5c2018-03-08 20:25:29 +00003870 *
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003871 * mbedtls_platform_zeroize() is a widely used function across the library to
3872 * zero a block of memory. The implementation is expected to be secure in the
3873 * sense that it has been written to prevent the compiler from removing calls
3874 * to mbedtls_platform_zeroize() as part of redundant code elimination
3875 * optimizations. However, it is difficult to guarantee that calls to
3876 * mbedtls_platform_zeroize() will not be optimized by the compiler as older
3877 * versions of the C language standards do not provide a secure implementation
3878 * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
3879 * configure their own implementation of mbedtls_platform_zeroize(), for
Andres Amaya Garciad0ef4682018-04-24 08:31:34 -05003880 * example by using directives specific to their compiler, features from newer
3881 * C standards (e.g using memset_s() in C11) or calling a secure memset() from
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003882 * their system (e.g explicit_bzero() in BSD).
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003883 */
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003884//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003885
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003886/**
3887 * Uncomment the macro to let Mbed TLS use your alternate implementation of
Hanno Becker6a739782018-09-05 15:06:19 +01003888 * mbedtls_platform_gmtime_r(). This replaces the default implementation in
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003889 * platform_util.c.
3890 *
Hanno Becker921b76d2018-09-05 16:21:36 +01003891 * gmtime() is not a thread-safe function as defined in the C standard. The
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003892 * library will try to use safer implementations of this function, such as
3893 * gmtime_r() when available. However, if Mbed TLS cannot identify the target
Hanno Becker6a739782018-09-05 15:06:19 +01003894 * system, the implementation of mbedtls_platform_gmtime_r() will default to
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003895 * using the standard gmtime(). In this case, calls from the library to
3896 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
Hanno Becker9fbbf1c2018-09-05 16:23:02 +01003897 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003898 * library are also guarded with this mutex to avoid race conditions. However,
Hanno Becker6a739782018-09-05 15:06:19 +01003899 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
3900 * unconditionally use the implementation for mbedtls_platform_gmtime_r()
3901 * supplied at compile time.
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003902 */
Hanno Becker6a739782018-09-05 15:06:19 +01003903//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003904
Christoph M. Wintersteigere50b9702018-12-14 11:03:02 +00003905/**
Christoph M. Wintersteiger50d9f092019-02-15 12:49:27 +00003906 * Enable the verified implementations of ECDH primitives from Project Everest
3907 * (currently only Curve25519). This feature changes the layout of ECDH
3908 * contexts and therefore is a compatibility break for applications that access
3909 * fields of a mbedtls_ecdh_context structure directly. See also
3910 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
Christoph M. Wintersteiger02b80482018-10-25 12:41:04 +01003911 */
Christoph M. Wintersteiger6cddd302019-01-17 12:17:54 +00003912//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
Christoph M. Wintersteiger02b80482018-10-25 12:41:04 +01003913
Gilles Peskine611179c2022-04-13 23:04:48 +02003914/** \} name SECTION: Module configuration options */