Mbed TLS v3.6.3
Loading...
Searching...
No Matches
mbedtls_config.h
Go to the documentation of this file.
1
10/*
11 * Copyright The Mbed TLS Contributors
12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13 */
14
22//#define MBEDTLS_CONFIG_VERSION 0x03000000
23
52#define MBEDTLS_HAVE_ASM
53
80//#define MBEDTLS_NO_UDBL_DIVISION
81
102//#define MBEDTLS_NO_64BIT_MULTIPLICATION
103
111//#define MBEDTLS_HAVE_SSE2
112
131#define MBEDTLS_HAVE_TIME
132
152#define MBEDTLS_HAVE_TIME_DATE
153
208//#define MBEDTLS_PLATFORM_MEMORY
209
227//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
228
252//#define MBEDTLS_PLATFORM_SETBUF_ALT
253//#define MBEDTLS_PLATFORM_EXIT_ALT
254//#define MBEDTLS_PLATFORM_TIME_ALT
255//#define MBEDTLS_PLATFORM_FPRINTF_ALT
256//#define MBEDTLS_PLATFORM_PRINTF_ALT
257//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
258//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
259//#define MBEDTLS_PLATFORM_NV_SEED_ALT
260//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
261//#define MBEDTLS_PLATFORM_MS_TIME_ALT
262
280//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
281
303//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
304
318//#define MBEDTLS_DEPRECATED_WARNING
319
330//#define MBEDTLS_DEPRECATED_REMOVED
331
353//#define MBEDTLS_TIMING_ALT
354
380//#define MBEDTLS_AES_ALT
381//#define MBEDTLS_ARIA_ALT
382//#define MBEDTLS_CAMELLIA_ALT
383//#define MBEDTLS_CCM_ALT
384//#define MBEDTLS_CHACHA20_ALT
385//#define MBEDTLS_CHACHAPOLY_ALT
386//#define MBEDTLS_CMAC_ALT
387//#define MBEDTLS_DES_ALT
388//#define MBEDTLS_DHM_ALT
389//#define MBEDTLS_ECJPAKE_ALT
390//#define MBEDTLS_GCM_ALT
391//#define MBEDTLS_NIST_KW_ALT
392//#define MBEDTLS_MD5_ALT
393//#define MBEDTLS_POLY1305_ALT
394//#define MBEDTLS_RIPEMD160_ALT
395//#define MBEDTLS_RSA_ALT
396//#define MBEDTLS_SHA1_ALT
397//#define MBEDTLS_SHA256_ALT
398//#define MBEDTLS_SHA512_ALT
399
400/*
401 * When replacing the elliptic curve module, please consider, that it is
402 * implemented with two .c files:
403 * - ecp.c
404 * - ecp_curves.c
405 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
406 * macros as described above. The only difference is that you have to make sure
407 * that you provide functionality for both .c files.
408 */
409//#define MBEDTLS_ECP_ALT
410
448//#define MBEDTLS_MD5_PROCESS_ALT
449//#define MBEDTLS_RIPEMD160_PROCESS_ALT
450//#define MBEDTLS_SHA1_PROCESS_ALT
451//#define MBEDTLS_SHA256_PROCESS_ALT
452//#define MBEDTLS_SHA512_PROCESS_ALT
453//#define MBEDTLS_DES_SETKEY_ALT
454//#define MBEDTLS_DES_CRYPT_ECB_ALT
455//#define MBEDTLS_DES3_CRYPT_ECB_ALT
456//#define MBEDTLS_AES_SETKEY_ENC_ALT
457//#define MBEDTLS_AES_SETKEY_DEC_ALT
458//#define MBEDTLS_AES_ENCRYPT_ALT
459//#define MBEDTLS_AES_DECRYPT_ALT
460//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
461//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
462//#define MBEDTLS_ECDSA_VERIFY_ALT
463//#define MBEDTLS_ECDSA_SIGN_ALT
464//#define MBEDTLS_ECDSA_GENKEY_ALT
465
516/* Required for all the functions in this section */
517//#define MBEDTLS_ECP_INTERNAL_ALT
518/* Turn off software fallback for curves not supported in hardware */
519//#define MBEDTLS_ECP_NO_FALLBACK
520/* Support for Weierstrass curves with Jacobi representation */
521//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
522//#define MBEDTLS_ECP_ADD_MIXED_ALT
523//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
524//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
525//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
526/* Support for curves with Montgomery arithmetic */
527//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
528//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
529//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
530
543//#define MBEDTLS_ENTROPY_HARDWARE_ALT
544
562//#define MBEDTLS_AES_ROM_TABLES
563
583//#define MBEDTLS_AES_FEWER_TABLES
584
600//#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
601
602/*
603 * Disable plain C implementation for AES.
604 *
605 * When the plain C implementation is enabled, and an implementation using a
606 * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
607 * detection will be used to select between them.
608 *
609 * If only one implementation is present, runtime detection will not be used.
610 * This configuration will crash at runtime if running on a CPU without the
611 * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
612 * and/or MBEDTLS_AESNI_C is enabled & present in the build.
613 */
614//#define MBEDTLS_AES_USE_HARDWARE_ONLY
615
623//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
624
646//#define MBEDTLS_CHECK_RETURN_WARNING
647
653#define MBEDTLS_CIPHER_MODE_CBC
654
660#define MBEDTLS_CIPHER_MODE_CFB
661
667#define MBEDTLS_CIPHER_MODE_CTR
668
674#define MBEDTLS_CIPHER_MODE_OFB
675
681#define MBEDTLS_CIPHER_MODE_XTS
682
713//#define MBEDTLS_CIPHER_NULL_CIPHER
714
726#define MBEDTLS_CIPHER_PADDING_PKCS7
727#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
728#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
729#define MBEDTLS_CIPHER_PADDING_ZEROS
730
737//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
738
749//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
750
759/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
760#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
761#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
762#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
763#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
764#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
765#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
766#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
767#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
768#define MBEDTLS_ECP_DP_BP256R1_ENABLED
769#define MBEDTLS_ECP_DP_BP384R1_ENABLED
770#define MBEDTLS_ECP_DP_BP512R1_ENABLED
771/* Montgomery curves (supporting ECP) */
772#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
773#define MBEDTLS_ECP_DP_CURVE448_ENABLED
774
784#define MBEDTLS_ECP_NIST_OPTIM
785
839//#define MBEDTLS_ECP_RESTARTABLE
840
847//#define MBEDTLS_ECP_WITH_MPI_UINT
848
861#define MBEDTLS_ECDSA_DETERMINISTIC
862
881#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
882
910#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
911
928#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
929
951#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
952
976#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
977
1008#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1009
1033#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1034
1057#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1058
1081#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1082
1105#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1106
1128//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1129
1142#define MBEDTLS_PK_PARSE_EC_EXTENDED
1143
1155#define MBEDTLS_PK_PARSE_EC_COMPRESSED
1156
1170#define MBEDTLS_ERROR_STRERROR_DUMMY
1171
1179#define MBEDTLS_GENPRIME
1180
1186#define MBEDTLS_FS_IO
1187
1198//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1199
1209//#define MBEDTLS_NO_PLATFORM_ENTROPY
1210
1225//#define MBEDTLS_ENTROPY_FORCE_SHA256
1226
1253//#define MBEDTLS_ENTROPY_NV_SEED
1254
1255/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1256 *
1257 * Enable key identifiers that encode a key owner identifier.
1258 *
1259 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1260 * which is currently hard-coded to be int32_t.
1261 *
1262 * Note that this option is meant for internal use only and may be removed
1263 * without notice.
1264 */
1265//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1266
1278//#define MBEDTLS_MEMORY_DEBUG
1279
1290//#define MBEDTLS_MEMORY_BACKTRACE
1291
1299#define MBEDTLS_PK_RSA_ALT_SUPPORT
1300
1310#define MBEDTLS_PKCS1_V15
1311
1324#define MBEDTLS_PKCS1_V21
1325
1340//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1341
1356//#define MBEDTLS_PSA_CRYPTO_CLIENT
1357
1394//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1395
1415//#define MBEDTLS_PSA_CRYPTO_SPM
1416
1432#define MBEDTLS_PSA_KEY_STORE_DYNAMIC
1433
1473//#define MBEDTLS_PSA_P256M_DRIVER_ENABLED
1474
1486//#define MBEDTLS_PSA_INJECT_ENTROPY
1487
1506//#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
1507
1517//#define MBEDTLS_RSA_NO_CRT
1518
1524#define MBEDTLS_SELF_TEST
1525
1540//#define MBEDTLS_SHA256_SMALLER
1541
1550//#define MBEDTLS_SHA512_SMALLER
1551
1564#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1565
1588#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1589
1590
1611#define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
1612
1623//#define MBEDTLS_SSL_ASYNC_PRIVATE
1624
1663//#define MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
1664
1692#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1693
1708//#define MBEDTLS_SSL_DEBUG_ALL
1709
1724#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1725
1740#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1741
1764#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1765
1788#define MBEDTLS_SSL_RENEGOTIATION
1789
1797#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1798
1808//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
1809
1827#define MBEDTLS_SSL_PROTO_TLS1_2
1828
1857#define MBEDTLS_SSL_PROTO_TLS1_3
1858
1879#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1880
1891#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1892
1909#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1910
1923#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1924
1941//#define MBEDTLS_SSL_EARLY_DATA
1942
1954#define MBEDTLS_SSL_PROTO_DTLS
1955
1963#define MBEDTLS_SSL_ALPN
1964
1978#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1979
1996#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1997
2027//#define MBEDTLS_SSL_DTLS_SRTP
2028
2043#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
2044
2057#define MBEDTLS_SSL_SESSION_TICKETS
2058
2068#define MBEDTLS_SSL_SERVER_NAME_INDICATION
2069
2078//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2079
2095//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2096
2114//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2115
2134//#define MBEDTLS_TEST_HOOKS
2135
2145//#define MBEDTLS_THREADING_ALT
2146
2156#define MBEDTLS_THREADING_PTHREAD
2157
2190//#define MBEDTLS_USE_PSA_CRYPTO
2191
2222//#define MBEDTLS_PSA_CRYPTO_CONFIG
2223
2235#define MBEDTLS_VERSION_FEATURES
2236
2256//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2257
2267//#define MBEDTLS_X509_REMOVE_INFO
2268
2279#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2319#define MBEDTLS_AESNI_C
2320
2345#define MBEDTLS_AESCE_C
2346
2420#define MBEDTLS_AES_C
2421
2434#define MBEDTLS_ASN1_PARSE_C
2435
2448#define MBEDTLS_ASN1_WRITE_C
2449
2460#define MBEDTLS_BASE64_C
2461
2482//#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
2483
2502#define MBEDTLS_BIGNUM_C
2503
2557#define MBEDTLS_CAMELLIA_C
2558
2609#define MBEDTLS_ARIA_C
2610
2624#define MBEDTLS_CCM_C
2625
2633#define MBEDTLS_CHACHA20_C
2634
2644#define MBEDTLS_CHACHAPOLY_C
2645
2668#define MBEDTLS_CIPHER_C
2669
2686#define MBEDTLS_CMAC_C
2687
2717#define MBEDTLS_CTR_DRBG_C
2718
2732#define MBEDTLS_DEBUG_C
2733
2748#define MBEDTLS_DES_C
2749
2770#define MBEDTLS_DHM_C
2771
2788#define MBEDTLS_ECDH_C
2789
2805#define MBEDTLS_ECDSA_C
2806
2827#define MBEDTLS_ECJPAKE_C
2828
2841#define MBEDTLS_ECP_C
2842
2855#define MBEDTLS_ENTROPY_C
2856
2867#define MBEDTLS_ERROR_C
2868
2882#define MBEDTLS_GCM_C
2883
2898//#define MBEDTLS_GCM_LARGE_TABLE
2899
2913#define MBEDTLS_HKDF_C
2914
2927#define MBEDTLS_HMAC_DRBG_C
2928
2941#define MBEDTLS_LMS_C
2942
2953//#define MBEDTLS_LMS_PRIVATE
2954
2966#define MBEDTLS_NIST_KW_C
2967
2999#define MBEDTLS_MD_C
3000
3020#define MBEDTLS_MD5_C
3021
3036//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3037
3055#define MBEDTLS_NET_C
3056
3078#define MBEDTLS_OID_C
3079
3092#define MBEDTLS_PADLOCK_C
3093
3114#define MBEDTLS_PEM_PARSE_C
3115
3130#define MBEDTLS_PEM_WRITE_C
3131
3148#define MBEDTLS_PK_C
3149
3163#define MBEDTLS_PK_PARSE_C
3164
3177#define MBEDTLS_PK_WRITE_C
3178
3193#define MBEDTLS_PKCS5_C
3194
3209#define MBEDTLS_PKCS7_C
3210
3228#define MBEDTLS_PKCS12_C
3229
3248#define MBEDTLS_PLATFORM_C
3249
3258#define MBEDTLS_POLY1305_C
3259
3285#define MBEDTLS_PSA_CRYPTO_C
3286
3304//#define MBEDTLS_PSA_CRYPTO_SE_C
3305
3317#define MBEDTLS_PSA_CRYPTO_STORAGE_C
3318
3329#define MBEDTLS_PSA_ITS_FILE_C
3330
3349//#define MBEDTLS_PSA_STATIC_KEY_SLOTS
3350
3360#define MBEDTLS_RIPEMD160_C
3361
3380#define MBEDTLS_RSA_C
3381
3399#define MBEDTLS_SHA1_C
3400
3412#define MBEDTLS_SHA224_C
3413
3429#define MBEDTLS_SHA256_C
3430
3461//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
3462
3470//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3471
3502//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
3503
3511//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3512
3527#define MBEDTLS_SHA384_C
3528
3542#define MBEDTLS_SHA512_C
3543
3553#define MBEDTLS_SHA3_C
3554
3581//#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3582
3609//#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3610
3621#define MBEDTLS_SSL_CACHE_C
3622
3631#define MBEDTLS_SSL_COOKIE_C
3632
3644#define MBEDTLS_SSL_TICKET_C
3645
3658#define MBEDTLS_SSL_CLI_C
3659
3672#define MBEDTLS_SSL_SRV_C
3673
3688#define MBEDTLS_SSL_TLS_C
3689
3738#define MBEDTLS_THREADING_C
3739
3762#define MBEDTLS_TIMING_C
3763
3773#define MBEDTLS_VERSION_C
3774
3793#define MBEDTLS_X509_USE_C
3794
3809#define MBEDTLS_X509_CRT_PARSE_C
3810
3823#define MBEDTLS_X509_CRL_PARSE_C
3824
3837#define MBEDTLS_X509_CSR_PARSE_C
3838
3854#define MBEDTLS_X509_CREATE_C
3855
3867#define MBEDTLS_X509_CRT_WRITE_C
3868
3880#define MBEDTLS_X509_CSR_WRITE_C
3881
3910//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h"
3911
3927//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3928
3945//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3946
3962//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3963
3984//#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h"
3985
4009//#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h"
4010
4024/* The Doxygen documentation here is used when a user comments out a
4025 * setting and runs doxygen themselves. On the other hand, when we typeset
4026 * the full documentation including disabled settings, the documentation
4027 * in specific modules' header files is used if present. When editing this
4028 * file, make sure that each option is documented in exactly one place,
4029 * plus optionally a same-line Doxygen comment here if there is a Doxygen
4030 * comment in the specific module. */
4031
4032/* MPI / BIGNUM options */
4033//#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
4034//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
4035
4036/* CTR_DRBG options */
4037//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
4038//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
4039//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
4040//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
4041//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
4042
4043/* HMAC_DRBG options */
4044//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
4045//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
4046//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
4047//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
4048
4049/* ECP options */
4050//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
4051//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
4052
4053/* Entropy options */
4054//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
4055//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
4056//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
4057
4058/* Memory buffer allocator options */
4059//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
4060
4061/* Platform options */
4062//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
4063
4075//#define MBEDTLS_PLATFORM_STD_CALLOC calloc
4076
4085//#define MBEDTLS_PLATFORM_STD_FREE free
4086//#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */
4087//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
4088//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4089//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
4090//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
4091/* Note: your snprintf must correctly zero-terminate the buffer! */
4092//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
4093//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
4094//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
4095//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
4096//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
4097//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
4098
4099/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
4100/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
4101//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
4102//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
4103//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
4104//#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */
4105//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4106//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4107//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
4108//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
4109/* Note: your snprintf must correctly zero-terminate the buffer! */
4110//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
4111//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
4112//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
4113//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
4114//#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/
4115//#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */
4116
4130//#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
4131
4138//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
4139
4140/* PSA options */
4158//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
4159
4178//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
4179
4191//#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE 256
4192
4193/* RSA OPTIONS */
4194//#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */
4195
4196/* SSL Cache options */
4197//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
4198//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
4199
4200/* SSL options */
4201
4221//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
4222
4228//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
4229
4235//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
4236
4251//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
4252
4271//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
4272
4288//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4289
4290//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */
4291//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4292
4305//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4306
4318//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
4319
4341//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
4342
4350//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
4351
4360//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
4361
4362/* X509 options */
4363//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4364//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4365