Mbed TLS v2.28.9
Loading...
Searching...
No Matches
config.h
Go to the documentation of this file.
1
10/*
11 * Copyright The Mbed TLS Contributors
12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13 */
14
15#ifndef MBEDTLS_CONFIG_H
16#define MBEDTLS_CONFIG_H
17
18#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
19#define _CRT_SECURE_NO_DEPRECATE 1
20#endif
21
47#define MBEDTLS_HAVE_ASM
48
75//#define MBEDTLS_NO_UDBL_DIVISION
76
97//#define MBEDTLS_NO_64BIT_MULTIPLICATION
98
106//#define MBEDTLS_HAVE_SSE2
107
126#define MBEDTLS_HAVE_TIME
127
147#define MBEDTLS_HAVE_TIME_DATE
148
203//#define MBEDTLS_PLATFORM_MEMORY
204
222//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
223
247//#define MBEDTLS_PLATFORM_EXIT_ALT
248//#define MBEDTLS_PLATFORM_TIME_ALT
249//#define MBEDTLS_PLATFORM_FPRINTF_ALT
250//#define MBEDTLS_PLATFORM_PRINTF_ALT
251//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
252//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
253//#define MBEDTLS_PLATFORM_NV_SEED_ALT
254//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
255
273//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
274
293//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
294
308//#define MBEDTLS_DEPRECATED_WARNING
309
320//#define MBEDTLS_DEPRECATED_REMOVED
321
372//#define MBEDTLS_CHECK_PARAMS
373
386//#define MBEDTLS_CHECK_PARAMS_ASSERT
387
409//#define MBEDTLS_TIMING_ALT
410
436//#define MBEDTLS_AES_ALT
437//#define MBEDTLS_ARC4_ALT
438//#define MBEDTLS_ARIA_ALT
439//#define MBEDTLS_BLOWFISH_ALT
440//#define MBEDTLS_CAMELLIA_ALT
441//#define MBEDTLS_CCM_ALT
442//#define MBEDTLS_CHACHA20_ALT
443//#define MBEDTLS_CHACHAPOLY_ALT
444//#define MBEDTLS_CMAC_ALT
445//#define MBEDTLS_DES_ALT
446//#define MBEDTLS_DHM_ALT
447//#define MBEDTLS_ECJPAKE_ALT
448//#define MBEDTLS_GCM_ALT
449//#define MBEDTLS_NIST_KW_ALT
450//#define MBEDTLS_MD2_ALT
451//#define MBEDTLS_MD4_ALT
452//#define MBEDTLS_MD5_ALT
453//#define MBEDTLS_POLY1305_ALT
454//#define MBEDTLS_RIPEMD160_ALT
455//#define MBEDTLS_RSA_ALT
456//#define MBEDTLS_SHA1_ALT
457//#define MBEDTLS_SHA256_ALT
458//#define MBEDTLS_SHA512_ALT
459//#define MBEDTLS_XTEA_ALT
460
461/*
462 * When replacing the elliptic curve module, please consider, that it is
463 * implemented with two .c files:
464 * - ecp.c
465 * - ecp_curves.c
466 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
467 * macros as described above. The only difference is that you have to make sure
468 * that you provide functionality for both .c files.
469 */
470//#define MBEDTLS_ECP_ALT
471
517//#define MBEDTLS_MD2_PROCESS_ALT
518//#define MBEDTLS_MD4_PROCESS_ALT
519//#define MBEDTLS_MD5_PROCESS_ALT
520//#define MBEDTLS_RIPEMD160_PROCESS_ALT
521//#define MBEDTLS_SHA1_PROCESS_ALT
522//#define MBEDTLS_SHA256_PROCESS_ALT
523//#define MBEDTLS_SHA512_PROCESS_ALT
524//#define MBEDTLS_DES_SETKEY_ALT
525//#define MBEDTLS_DES_CRYPT_ECB_ALT
526//#define MBEDTLS_DES3_CRYPT_ECB_ALT
527//#define MBEDTLS_AES_SETKEY_ENC_ALT
528//#define MBEDTLS_AES_SETKEY_DEC_ALT
529//#define MBEDTLS_AES_ENCRYPT_ALT
530//#define MBEDTLS_AES_DECRYPT_ALT
531//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
532//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
533//#define MBEDTLS_ECDSA_VERIFY_ALT
534//#define MBEDTLS_ECDSA_SIGN_ALT
535//#define MBEDTLS_ECDSA_GENKEY_ALT
536
587/* Required for all the functions in this section */
588//#define MBEDTLS_ECP_INTERNAL_ALT
589/* Turn off software fallback for curves not supported in hardware */
590//#define MBEDTLS_ECP_NO_FALLBACK
591/* Support for Weierstrass curves with Jacobi representation */
592//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
593//#define MBEDTLS_ECP_ADD_MIXED_ALT
594//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
595//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
596//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
597/* Support for curves with Montgomery arithmetic */
598//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
599//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
600//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
601
617//#define MBEDTLS_TEST_NULL_ENTROPY
618
630//#define MBEDTLS_ENTROPY_HARDWARE_ALT
631
650//#define MBEDTLS_AES_ROM_TABLES
651
672//#define MBEDTLS_AES_FEWER_TABLES
673
681//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
682
704//#define MBEDTLS_CHECK_RETURN_WARNING
705
711#define MBEDTLS_CIPHER_MODE_CBC
712
718#define MBEDTLS_CIPHER_MODE_CFB
719
725#define MBEDTLS_CIPHER_MODE_CTR
726
732#define MBEDTLS_CIPHER_MODE_OFB
733
739#define MBEDTLS_CIPHER_MODE_XTS
740
772//#define MBEDTLS_CIPHER_NULL_CIPHER
773
785#define MBEDTLS_CIPHER_PADDING_PKCS7
786#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
787#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
788#define MBEDTLS_CIPHER_PADDING_ZEROS
789
795//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
796
813//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
814
826#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
827
846#define MBEDTLS_REMOVE_3DES_CIPHERSUITES
847
858//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
859
868/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
869#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
870#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
871#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
872#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
873#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
874#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
875#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
876#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
877#define MBEDTLS_ECP_DP_BP256R1_ENABLED
878#define MBEDTLS_ECP_DP_BP384R1_ENABLED
879#define MBEDTLS_ECP_DP_BP512R1_ENABLED
880/* Montgomery curves (supporting ECP) */
881#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
882#define MBEDTLS_ECP_DP_CURVE448_ENABLED
883
893#define MBEDTLS_ECP_NIST_OPTIM
894
915//#define MBEDTLS_ECP_NO_INTERNAL_RNG
916
965//#define MBEDTLS_ECP_RESTARTABLE
966
993#define MBEDTLS_ECDH_LEGACY_CONTEXT
994
1007#define MBEDTLS_ECDSA_DETERMINISTIC
1008
1029#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
1030
1060#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
1061
1080#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1081
1105#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1106
1133#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1134
1166#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1167
1191#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1192
1215#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1216
1239#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1240
1263#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1264
1282//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1283
1296#define MBEDTLS_PK_PARSE_EC_EXTENDED
1297
1311#define MBEDTLS_ERROR_STRERROR_DUMMY
1312
1320#define MBEDTLS_GENPRIME
1321
1327#define MBEDTLS_FS_IO
1328
1340//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1341
1351//#define MBEDTLS_NO_PLATFORM_ENTROPY
1352
1367//#define MBEDTLS_ENTROPY_FORCE_SHA256
1368
1395//#define MBEDTLS_ENTROPY_NV_SEED
1396
1397/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1398 *
1399 * Enable key identifiers that encode a key owner identifier.
1400 *
1401 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1402 * which is currently hard-coded to be int32_t.
1403 *
1404 * Note that this option is meant for internal use only and may be removed
1405 * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
1406 */
1407//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1408
1420//#define MBEDTLS_MEMORY_DEBUG
1421
1432//#define MBEDTLS_MEMORY_BACKTRACE
1433
1441#define MBEDTLS_PK_RSA_ALT_SUPPORT
1442
1452#define MBEDTLS_PKCS1_V15
1453
1463#define MBEDTLS_PKCS1_V21
1464
1479//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1480
1495//#define MBEDTLS_PSA_CRYPTO_CLIENT
1496
1506//#define MBEDTLS_PSA_CRYPTO_DRIVERS
1507
1544//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1545
1558//#define MBEDTLS_PSA_CRYPTO_SPM
1559
1571//#define MBEDTLS_PSA_INJECT_ENTROPY
1572
1591//#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
1592
1602//#define MBEDTLS_RSA_NO_CRT
1603
1609#define MBEDTLS_SELF_TEST
1610
1625//#define MBEDTLS_SHA256_SMALLER
1626
1635//#define MBEDTLS_SHA512_SMALLER
1636
1647//#define MBEDTLS_SHA512_NO_SHA384
1648
1661#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1662
1675#define MBEDTLS_SSL_RECORD_CHECKING
1676
1703//#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1704
1714//#define MBEDTLS_SSL_ASYNC_PRIVATE
1715
1743#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1744
1759//#define MBEDTLS_SSL_DEBUG_ALL
1760
1777#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1778
1795#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1796
1813#define MBEDTLS_SSL_FALLBACK_SCSV
1814
1835#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1836
1848//#define MBEDTLS_SSL_HW_RECORD_ACCEL
1849
1860#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1861
1882#define MBEDTLS_SSL_RENEGOTIATION
1883
1895//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1896
1905//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1906
1914#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1915
1929//#define MBEDTLS_SSL_PROTO_SSL3
1930
1941#define MBEDTLS_SSL_PROTO_TLS1
1942
1953#define MBEDTLS_SSL_PROTO_TLS1_1
1954
1965#define MBEDTLS_SSL_PROTO_TLS1_2
1966
1984//#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
1985
1999#define MBEDTLS_SSL_PROTO_DTLS
2000
2008#define MBEDTLS_SSL_ALPN
2009
2023#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
2024
2041#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
2042
2072//#define MBEDTLS_SSL_DTLS_SRTP
2073
2088#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
2089
2099#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
2100
2113#define MBEDTLS_SSL_SESSION_TICKETS
2114
2123#define MBEDTLS_SSL_EXPORT_KEYS
2124
2134#define MBEDTLS_SSL_SERVER_NAME_INDICATION
2135
2143#define MBEDTLS_SSL_TRUNCATED_HMAC
2144
2167//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
2168
2177//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2178
2194//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
2195
2211//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2212
2230//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2231
2250//#define MBEDTLS_TEST_HOOKS
2251
2261//#define MBEDTLS_THREADING_ALT
2262
2272#define MBEDTLS_THREADING_PTHREAD
2273
2297//#define MBEDTLS_USE_PSA_CRYPTO
2298
2326//#define MBEDTLS_PSA_CRYPTO_CONFIG
2327
2339#define MBEDTLS_VERSION_FEATURES
2340
2349//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2350
2361//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2362
2380//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2381
2394#define MBEDTLS_X509_CHECK_KEY_USAGE
2395
2407#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2408
2417#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2418
2442//#define MBEDTLS_ZLIB_SUPPORT
2482#define MBEDTLS_AESNI_C
2483
2557#define MBEDTLS_AES_C
2558
2585#define MBEDTLS_ARC4_C
2586
2599#define MBEDTLS_ASN1_PARSE_C
2600
2613#define MBEDTLS_ASN1_WRITE_C
2614
2625#define MBEDTLS_BASE64_C
2626
2642#define MBEDTLS_BIGNUM_C
2643
2651#define MBEDTLS_BLOWFISH_C
2652
2706#define MBEDTLS_CAMELLIA_C
2707
2758//#define MBEDTLS_ARIA_C
2759
2772#define MBEDTLS_CCM_C
2773
2784#define MBEDTLS_CERTS_C
2785
2793#define MBEDTLS_CHACHA20_C
2794
2804#define MBEDTLS_CHACHAPOLY_C
2805
2816#define MBEDTLS_CIPHER_C
2817
2834//#define MBEDTLS_CMAC_C
2835
2854#define MBEDTLS_CTR_DRBG_C
2855
2868#define MBEDTLS_DEBUG_C
2869
2897#define MBEDTLS_DES_C
2898
2918#define MBEDTLS_DHM_C
2919
2934#define MBEDTLS_ECDH_C
2935
2951#define MBEDTLS_ECDSA_C
2952
2970//#define MBEDTLS_ECJPAKE_C
2971
2984#define MBEDTLS_ECP_C
2985
2998#define MBEDTLS_ENTROPY_C
2999
3010#define MBEDTLS_ERROR_C
3011
3024#define MBEDTLS_GCM_C
3025
3047//#define MBEDTLS_HAVEGE_C
3048
3062#define MBEDTLS_HKDF_C
3063
3076#define MBEDTLS_HMAC_DRBG_C
3077
3089//#define MBEDTLS_NIST_KW_C
3090
3101#define MBEDTLS_MD_C
3102
3118//#define MBEDTLS_MD2_C
3119
3135//#define MBEDTLS_MD4_C
3136
3157#define MBEDTLS_MD5_C
3158
3173//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3174
3192#define MBEDTLS_NET_C
3193
3215#define MBEDTLS_OID_C
3216
3229#define MBEDTLS_PADLOCK_C
3230
3247#define MBEDTLS_PEM_PARSE_C
3248
3263#define MBEDTLS_PEM_WRITE_C
3264
3279#define MBEDTLS_PK_C
3280
3294#define MBEDTLS_PK_PARSE_C
3295
3308#define MBEDTLS_PK_WRITE_C
3309
3321#define MBEDTLS_PKCS5_C
3322
3339//#define MBEDTLS_PKCS11_C
3340
3355#define MBEDTLS_PKCS12_C
3356
3375#define MBEDTLS_PLATFORM_C
3376
3385#define MBEDTLS_POLY1305_C
3386
3399#define MBEDTLS_PSA_CRYPTO_C
3400
3415//#define MBEDTLS_PSA_CRYPTO_SE_C
3416
3428#define MBEDTLS_PSA_CRYPTO_STORAGE_C
3429
3440#define MBEDTLS_PSA_ITS_FILE_C
3441
3451#define MBEDTLS_RIPEMD160_C
3452
3470#define MBEDTLS_RSA_C
3471
3492#define MBEDTLS_SHA1_C
3493
3509#define MBEDTLS_SHA256_C
3510
3524#define MBEDTLS_SHA512_C
3525
3536#define MBEDTLS_SSL_CACHE_C
3537
3546#define MBEDTLS_SSL_COOKIE_C
3547
3559#define MBEDTLS_SSL_TICKET_C
3560
3573#define MBEDTLS_SSL_CLI_C
3574
3587#define MBEDTLS_SSL_SRV_C
3588
3603#define MBEDTLS_SSL_TLS_C
3604
3625#define MBEDTLS_THREADING_C
3626
3652#define MBEDTLS_TIMING_C
3653
3663#define MBEDTLS_VERSION_C
3664
3680#define MBEDTLS_X509_USE_C
3681
3696#define MBEDTLS_X509_CRT_PARSE_C
3697
3710#define MBEDTLS_X509_CRL_PARSE_C
3711
3724#define MBEDTLS_X509_CSR_PARSE_C
3725
3737#define MBEDTLS_X509_CREATE_C
3738
3750#define MBEDTLS_X509_CRT_WRITE_C
3751
3763#define MBEDTLS_X509_CSR_WRITE_C
3764
3773#define MBEDTLS_XTEA_C
3774
3802//#define MBEDTLS_CONFIG_FILE "mbedtls/config.h"
3803
3819//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3820
3837//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3838
3854//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3855
3869/* The Doxygen documentation here is used when a user comments out a
3870 * setting and runs doxygen themselves. On the other hand, when we typeset
3871 * the full documentation including disabled settings, the documentation
3872 * in specific modules' header files is used if present. When editing this
3873 * file, make sure that each option is documented in exactly one place,
3874 * plus optionally a same-line Doxygen comment here if there is a Doxygen
3875 * comment in the specific module. */
3876
3877/* MPI / BIGNUM options */
3878//#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
3879//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3880
3881/* CTR_DRBG options */
3882//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3883//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3884//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3885//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3886//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3887
3888/* HMAC_DRBG options */
3889//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3890//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3891//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3892//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3893
3894/* ECP options */
3895//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
3896//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
3897//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3898
3899/* Entropy options */
3900//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3901//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3902//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3903
3904/* Memory buffer allocator options */
3905//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3906
3907/* Platform options */
3908//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3909
3921//#define MBEDTLS_PLATFORM_STD_CALLOC calloc
3922
3931//#define MBEDTLS_PLATFORM_STD_FREE free
3932//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3933//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3934//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3935//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3936/* Note: your snprintf must correctly zero-terminate the buffer! */
3937//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3938//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3939//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3940//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3941//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3942//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3943
3944/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
3945/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3946//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
3947//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
3948//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3949//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3950//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3951//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3952//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3953/* Note: your snprintf must correctly zero-terminate the buffer! */
3954//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3955//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
3956//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3957//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3958
3993//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3994
4008//#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
4009
4016//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
4017
4018/* PSA options */
4036//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
4037
4052//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
4053
4054/* SSL Cache options */
4055//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
4056//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
4057
4058/* SSL options */
4059
4084//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
4085
4109//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
4110
4116//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
4117
4123//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
4124
4140//#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
4141
4156//#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
4157
4180//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
4181
4197//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4198
4199//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
4200//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
4201//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4202
4212//#define MBEDTLS_TLS_EXT_CID 254
4213
4226//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4227
4228/* X509 options */
4229//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4230//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4231
4234/* Target and application specific configurations
4235 *
4236 * Allow user to override any previous default.
4237 *
4238 */
4239#if defined(MBEDTLS_USER_CONFIG_FILE)
4240#include MBEDTLS_USER_CONFIG_FILE
4241#endif
4242
4243#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
4244#include "mbedtls/config_psa.h"
4245#endif
4246
4247#include "mbedtls/check_config.h"
4248
4249#endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.
PSA crypto configuration options (set of defines)