mbed TLS v2.28.0
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  */
26 
27 #ifndef MBEDTLS_CONFIG_H
28 #define MBEDTLS_CONFIG_H
29 
30 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
31 #define _CRT_SECURE_NO_DEPRECATE 1
32 #endif
33 
59 #define MBEDTLS_HAVE_ASM
60 
87 //#define MBEDTLS_NO_UDBL_DIVISION
88 
109 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
110 
118 //#define MBEDTLS_HAVE_SSE2
119 
133 #define MBEDTLS_HAVE_TIME
134 
154 #define MBEDTLS_HAVE_TIME_DATE
155 
178 //#define MBEDTLS_PLATFORM_MEMORY
179 
197 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
198 
222 //#define MBEDTLS_PLATFORM_EXIT_ALT
223 //#define MBEDTLS_PLATFORM_TIME_ALT
224 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
225 //#define MBEDTLS_PLATFORM_PRINTF_ALT
226 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
227 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
228 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
229 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
230 
244 //#define MBEDTLS_DEPRECATED_WARNING
245 
256 //#define MBEDTLS_DEPRECATED_REMOVED
257 
308 //#define MBEDTLS_CHECK_PARAMS
309 
322 //#define MBEDTLS_CHECK_PARAMS_ASSERT
323 
324 /* \} name SECTION: System support */
325 
345 //#define MBEDTLS_TIMING_ALT
346 
372 //#define MBEDTLS_AES_ALT
373 //#define MBEDTLS_ARC4_ALT
374 //#define MBEDTLS_ARIA_ALT
375 //#define MBEDTLS_BLOWFISH_ALT
376 //#define MBEDTLS_CAMELLIA_ALT
377 //#define MBEDTLS_CCM_ALT
378 //#define MBEDTLS_CHACHA20_ALT
379 //#define MBEDTLS_CHACHAPOLY_ALT
380 //#define MBEDTLS_CMAC_ALT
381 //#define MBEDTLS_DES_ALT
382 //#define MBEDTLS_DHM_ALT
383 //#define MBEDTLS_ECJPAKE_ALT
384 //#define MBEDTLS_GCM_ALT
385 //#define MBEDTLS_NIST_KW_ALT
386 //#define MBEDTLS_MD2_ALT
387 //#define MBEDTLS_MD4_ALT
388 //#define MBEDTLS_MD5_ALT
389 //#define MBEDTLS_POLY1305_ALT
390 //#define MBEDTLS_RIPEMD160_ALT
391 //#define MBEDTLS_RSA_ALT
392 //#define MBEDTLS_SHA1_ALT
393 //#define MBEDTLS_SHA256_ALT
394 //#define MBEDTLS_SHA512_ALT
395 //#define MBEDTLS_XTEA_ALT
396 
397 /*
398  * When replacing the elliptic curve module, pleace consider, that it is
399  * implemented with two .c files:
400  * - ecp.c
401  * - ecp_curves.c
402  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
403  * macros as described above. The only difference is that you have to make sure
404  * that you provide functionality for both .c files.
405  */
406 //#define MBEDTLS_ECP_ALT
407 
453 //#define MBEDTLS_MD2_PROCESS_ALT
454 //#define MBEDTLS_MD4_PROCESS_ALT
455 //#define MBEDTLS_MD5_PROCESS_ALT
456 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
457 //#define MBEDTLS_SHA1_PROCESS_ALT
458 //#define MBEDTLS_SHA256_PROCESS_ALT
459 //#define MBEDTLS_SHA512_PROCESS_ALT
460 //#define MBEDTLS_DES_SETKEY_ALT
461 //#define MBEDTLS_DES_CRYPT_ECB_ALT
462 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
463 //#define MBEDTLS_AES_SETKEY_ENC_ALT
464 //#define MBEDTLS_AES_SETKEY_DEC_ALT
465 //#define MBEDTLS_AES_ENCRYPT_ALT
466 //#define MBEDTLS_AES_DECRYPT_ALT
467 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
468 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
469 //#define MBEDTLS_ECDSA_VERIFY_ALT
470 //#define MBEDTLS_ECDSA_SIGN_ALT
471 //#define MBEDTLS_ECDSA_GENKEY_ALT
472 
523 /* Required for all the functions in this section */
524 //#define MBEDTLS_ECP_INTERNAL_ALT
525 /* Turn off software fallback for curves not supported in hardware */
526 //#define MBEDTLS_ECP_NO_FALLBACK
527 /* Support for Weierstrass curves with Jacobi representation */
528 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
529 //#define MBEDTLS_ECP_ADD_MIXED_ALT
530 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
531 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
532 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
533 /* Support for curves with Montgomery arithmetic */
534 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
535 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
536 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
537 
553 //#define MBEDTLS_TEST_NULL_ENTROPY
554 
566 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
567 
586 //#define MBEDTLS_AES_ROM_TABLES
587 
608 //#define MBEDTLS_AES_FEWER_TABLES
609 
617 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
618 
640 //#define MBEDTLS_CHECK_RETURN_WARNING
641 
647 #define MBEDTLS_CIPHER_MODE_CBC
648 
654 #define MBEDTLS_CIPHER_MODE_CFB
655 
661 #define MBEDTLS_CIPHER_MODE_CTR
662 
668 #define MBEDTLS_CIPHER_MODE_OFB
669 
675 #define MBEDTLS_CIPHER_MODE_XTS
676 
708 //#define MBEDTLS_CIPHER_NULL_CIPHER
709 
721 #define MBEDTLS_CIPHER_PADDING_PKCS7
722 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
723 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
724 #define MBEDTLS_CIPHER_PADDING_ZEROS
725 
731 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
732 
749 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
750 
762 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
763 
782 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
783 
792 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
793 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
794 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
795 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
796 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
797 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
798 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
799 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
800 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
801 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
802 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
803 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
804 /* Montgomery curves (supporting ECP) */
805 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
806 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
807 
817 #define MBEDTLS_ECP_NIST_OPTIM
818 
839 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
840 
864 //#define MBEDTLS_ECP_RESTARTABLE
865 
892 #define MBEDTLS_ECDH_LEGACY_CONTEXT
893 
906 #define MBEDTLS_ECDSA_DETERMINISTIC
907 
928 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
929 
959 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
960 
979 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
980 
1004 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1005 
1032 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1033 
1065 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1066 
1090 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1091 
1114 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1115 
1138 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1139 
1162 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1163 
1181 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1182 
1195 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1196 
1210 #define MBEDTLS_ERROR_STRERROR_DUMMY
1211 
1219 #define MBEDTLS_GENPRIME
1220 
1226 #define MBEDTLS_FS_IO
1227 
1239 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1240 
1250 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1251 
1266 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1267 
1294 //#define MBEDTLS_ENTROPY_NV_SEED
1295 
1296 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1297  *
1298  * Enable key identifiers that encode a key owner identifier.
1299  *
1300  * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1301  * which is currently hard-coded to be int32_t.
1302  *
1303  * Note that this option is meant for internal use only and may be removed
1304  * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
1305  */
1306 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1307 
1319 //#define MBEDTLS_MEMORY_DEBUG
1320 
1331 //#define MBEDTLS_MEMORY_BACKTRACE
1332 
1340 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1341 
1351 #define MBEDTLS_PKCS1_V15
1352 
1362 #define MBEDTLS_PKCS1_V21
1363 
1378 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1379 
1394 //#define MBEDTLS_PSA_CRYPTO_CLIENT
1395 
1405 //#define MBEDTLS_PSA_CRYPTO_DRIVERS
1406 
1443 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1444 
1457 //#define MBEDTLS_PSA_CRYPTO_SPM
1458 
1470 //#define MBEDTLS_PSA_INJECT_ENTROPY
1471 
1481 //#define MBEDTLS_RSA_NO_CRT
1482 
1488 #define MBEDTLS_SELF_TEST
1489 
1504 //#define MBEDTLS_SHA256_SMALLER
1505 
1514 //#define MBEDTLS_SHA512_SMALLER
1515 
1526 //#define MBEDTLS_SHA512_NO_SHA384
1527 
1540 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1541 
1554 #define MBEDTLS_SSL_RECORD_CHECKING
1555 
1582 //#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1583 
1593 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1594 
1620 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1621 
1636 //#define MBEDTLS_SSL_DEBUG_ALL
1637 
1654 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1655 
1672 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1673 
1690 #define MBEDTLS_SSL_FALLBACK_SCSV
1691 
1712 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1713 
1725 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1726 
1737 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1738 
1759 #define MBEDTLS_SSL_RENEGOTIATION
1760 
1772 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1773 
1782 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1783 
1791 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1792 
1806 //#define MBEDTLS_SSL_PROTO_SSL3
1807 
1818 #define MBEDTLS_SSL_PROTO_TLS1
1819 
1830 #define MBEDTLS_SSL_PROTO_TLS1_1
1831 
1842 #define MBEDTLS_SSL_PROTO_TLS1_2
1843 
1861 //#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
1862 
1876 #define MBEDTLS_SSL_PROTO_DTLS
1877 
1885 #define MBEDTLS_SSL_ALPN
1886 
1900 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1901 
1918 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1919 
1949 //#define MBEDTLS_SSL_DTLS_SRTP
1950 
1965 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1966 
1976 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1977 
1990 #define MBEDTLS_SSL_SESSION_TICKETS
1991 
2000 #define MBEDTLS_SSL_EXPORT_KEYS
2001 
2011 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
2012 
2020 #define MBEDTLS_SSL_TRUNCATED_HMAC
2021 
2044 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
2045 
2054 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2055 
2071 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2072 
2090 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2091 
2110 //#define MBEDTLS_TEST_HOOKS
2111 
2121 //#define MBEDTLS_THREADING_ALT
2122 
2132 #define MBEDTLS_THREADING_PTHREAD
2133 
2157 //#define MBEDTLS_USE_PSA_CRYPTO
2158 
2175 //#define MBEDTLS_PSA_CRYPTO_CONFIG
2176 
2188 #define MBEDTLS_VERSION_FEATURES
2189 
2198 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2199 
2210 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2211 
2229 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2230 
2243 #define MBEDTLS_X509_CHECK_KEY_USAGE
2244 
2256 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2257 
2266 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2267 
2291 //#define MBEDTLS_ZLIB_SUPPORT
2292 /* \} name SECTION: mbed TLS feature support */
2293 
2313 #define MBEDTLS_AESNI_C
2314 
2388 #define MBEDTLS_AES_C
2389 
2416 #define MBEDTLS_ARC4_C
2417 
2430 #define MBEDTLS_ASN1_PARSE_C
2431 
2444 #define MBEDTLS_ASN1_WRITE_C
2445 
2456 #define MBEDTLS_BASE64_C
2457 
2473 #define MBEDTLS_BIGNUM_C
2474 
2482 #define MBEDTLS_BLOWFISH_C
2483 
2537 #define MBEDTLS_CAMELLIA_C
2538 
2589 //#define MBEDTLS_ARIA_C
2590 
2603 #define MBEDTLS_CCM_C
2604 
2615 #define MBEDTLS_CERTS_C
2616 
2624 #define MBEDTLS_CHACHA20_C
2625 
2635 #define MBEDTLS_CHACHAPOLY_C
2636 
2647 #define MBEDTLS_CIPHER_C
2648 
2665 //#define MBEDTLS_CMAC_C
2666 
2685 #define MBEDTLS_CTR_DRBG_C
2686 
2699 #define MBEDTLS_DEBUG_C
2700 
2728 #define MBEDTLS_DES_C
2729 
2749 #define MBEDTLS_DHM_C
2750 
2765 #define MBEDTLS_ECDH_C
2766 
2782 #define MBEDTLS_ECDSA_C
2783 
2801 //#define MBEDTLS_ECJPAKE_C
2802 
2815 #define MBEDTLS_ECP_C
2816 
2829 #define MBEDTLS_ENTROPY_C
2830 
2841 #define MBEDTLS_ERROR_C
2842 
2855 #define MBEDTLS_GCM_C
2856 
2878 #define MBEDTLS_HAVEGE_C
2879 
2893 #define MBEDTLS_HKDF_C
2894 
2907 #define MBEDTLS_HMAC_DRBG_C
2908 
2920 //#define MBEDTLS_NIST_KW_C
2921 
2932 #define MBEDTLS_MD_C
2933 
2949 //#define MBEDTLS_MD2_C
2950 
2966 //#define MBEDTLS_MD4_C
2967 
2988 #define MBEDTLS_MD5_C
2989 
3004 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3005 
3023 #define MBEDTLS_NET_C
3024 
3046 #define MBEDTLS_OID_C
3047 
3060 #define MBEDTLS_PADLOCK_C
3061 
3078 #define MBEDTLS_PEM_PARSE_C
3079 
3094 #define MBEDTLS_PEM_WRITE_C
3095 
3110 #define MBEDTLS_PK_C
3111 
3125 #define MBEDTLS_PK_PARSE_C
3126 
3139 #define MBEDTLS_PK_WRITE_C
3140 
3152 #define MBEDTLS_PKCS5_C
3153 
3170 //#define MBEDTLS_PKCS11_C
3171 
3186 #define MBEDTLS_PKCS12_C
3187 
3206 #define MBEDTLS_PLATFORM_C
3207 
3216 #define MBEDTLS_POLY1305_C
3217 
3230 #define MBEDTLS_PSA_CRYPTO_C
3231 
3246 //#define MBEDTLS_PSA_CRYPTO_SE_C
3247 
3259 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3260 
3271 #define MBEDTLS_PSA_ITS_FILE_C
3272 
3282 #define MBEDTLS_RIPEMD160_C
3283 
3301 #define MBEDTLS_RSA_C
3302 
3323 #define MBEDTLS_SHA1_C
3324 
3340 #define MBEDTLS_SHA256_C
3341 
3355 #define MBEDTLS_SHA512_C
3356 
3367 #define MBEDTLS_SSL_CACHE_C
3368 
3377 #define MBEDTLS_SSL_COOKIE_C
3378 
3389 #define MBEDTLS_SSL_TICKET_C
3390 
3403 #define MBEDTLS_SSL_CLI_C
3404 
3417 #define MBEDTLS_SSL_SRV_C
3418 
3433 #define MBEDTLS_SSL_TLS_C
3434 
3455 #define MBEDTLS_THREADING_C
3456 
3478 #define MBEDTLS_TIMING_C
3479 
3489 #define MBEDTLS_VERSION_C
3490 
3506 #define MBEDTLS_X509_USE_C
3507 
3522 #define MBEDTLS_X509_CRT_PARSE_C
3523 
3536 #define MBEDTLS_X509_CRL_PARSE_C
3537 
3550 #define MBEDTLS_X509_CSR_PARSE_C
3551 
3563 #define MBEDTLS_X509_CREATE_C
3564 
3576 #define MBEDTLS_X509_CRT_WRITE_C
3577 
3589 #define MBEDTLS_X509_CSR_WRITE_C
3590 
3599 #define MBEDTLS_XTEA_C
3600 
3601 /* \} name SECTION: mbed TLS modules */
3602 
3618 /* MPI / BIGNUM options */
3619 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
3620 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3621 
3622 /* CTR_DRBG options */
3623 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3624 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3625 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3626 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3627 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3628 
3629 /* HMAC_DRBG options */
3630 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3631 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3632 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3633 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3634 
3635 /* ECP options */
3636 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
3637 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
3638 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3639 
3640 /* Entropy options */
3641 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3642 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3643 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3644 
3645 /* Memory buffer allocator options */
3646 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3647 
3648 /* Platform options */
3649 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3650 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
3651 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3652 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3653 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3654 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3655 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3656 /* Note: your snprintf must correctly zero-terminate the buffer! */
3657 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3658 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3659 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3660 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3661 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3662 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3663 
3664 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3665 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3666 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
3667 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3668 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3669 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3670 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3671 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3672 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3673 /* Note: your snprintf must correctly zero-terminate the buffer! */
3674 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3675 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
3676 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3677 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3678 
3713 //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3714 
3728 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
3729 
3736 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
3737 
3738 /* PSA options */
3749 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
3750 
3760 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
3761 
3762 /* SSL Cache options */
3763 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3764 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3765 
3766 /* SSL options */
3767 
3792 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
3793 
3817 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3818 
3824 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3825 
3831 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3832 
3848 //#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
3849 
3864 //#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
3865 
3888 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3889 
3905 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
3906 
3907 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
3908 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
3909 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
3910 
3920 //#define MBEDTLS_TLS_EXT_CID 254
3921 
3934 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
3935 
3936 /* X509 options */
3937 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
3938 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
3939 
3955 //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
3956 
3975 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
3976 
3994 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
3995 
4003 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
4004 
4005 /* \} name SECTION: Customisation configuration options */
4006 
4007 /* Target and application specific configurations
4008  *
4009  * Allow user to override any previous default.
4010  *
4011  */
4012 #if defined(MBEDTLS_USER_CONFIG_FILE)
4013 #include MBEDTLS_USER_CONFIG_FILE
4014 #endif
4015 
4016 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
4017 #include "mbedtls/config_psa.h"
4018 #endif
4019 
4020 #include "mbedtls/check_config.h"
4021 
4022 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.
PSA crypto configuration options (set of defines)