mbed TLS v2.3.0
config.h
Go to the documentation of this file.
1 
28 #ifndef MBEDTLS_CONFIG_H
29 #define MBEDTLS_CONFIG_H
30 
31 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
32 #define _CRT_SECURE_NO_DEPRECATE 1
33 #endif
34 
56 #define MBEDTLS_HAVE_ASM
57 
65 //#define MBEDTLS_HAVE_SSE2
66 
76 #define MBEDTLS_HAVE_TIME
77 
88 #define MBEDTLS_HAVE_TIME_DATE
89 
112 //#define MBEDTLS_PLATFORM_MEMORY
113 
131 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
132 
154 //#define MBEDTLS_PLATFORM_EXIT_ALT
155 //#define MBEDTLS_PLATFORM_TIME_ALT
156 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
157 //#define MBEDTLS_PLATFORM_PRINTF_ALT
158 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
159 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
160 
174 //#define MBEDTLS_DEPRECATED_WARNING
175 
186 //#define MBEDTLS_DEPRECATED_REMOVED
187 
188 /* \} name SECTION: System support */
189 
209 //#define MBEDTLS_TIMING_ALT
210 
230 //#define MBEDTLS_AES_ALT
231 //#define MBEDTLS_ARC4_ALT
232 //#define MBEDTLS_BLOWFISH_ALT
233 //#define MBEDTLS_CAMELLIA_ALT
234 //#define MBEDTLS_DES_ALT
235 //#define MBEDTLS_XTEA_ALT
236 //#define MBEDTLS_MD2_ALT
237 //#define MBEDTLS_MD4_ALT
238 //#define MBEDTLS_MD5_ALT
239 //#define MBEDTLS_RIPEMD160_ALT
240 //#define MBEDTLS_SHA1_ALT
241 //#define MBEDTLS_SHA256_ALT
242 //#define MBEDTLS_SHA512_ALT
243 
267 //#define MBEDTLS_MD2_PROCESS_ALT
268 //#define MBEDTLS_MD4_PROCESS_ALT
269 //#define MBEDTLS_MD5_PROCESS_ALT
270 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
271 //#define MBEDTLS_SHA1_PROCESS_ALT
272 //#define MBEDTLS_SHA256_PROCESS_ALT
273 //#define MBEDTLS_SHA512_PROCESS_ALT
274 //#define MBEDTLS_DES_SETKEY_ALT
275 //#define MBEDTLS_DES_CRYPT_ECB_ALT
276 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
277 //#define MBEDTLS_AES_SETKEY_ENC_ALT
278 //#define MBEDTLS_AES_SETKEY_DEC_ALT
279 //#define MBEDTLS_AES_ENCRYPT_ALT
280 //#define MBEDTLS_AES_DECRYPT_ALT
281 
297 //#define MBEDTLS_TEST_NULL_ENTROPY
298 
310 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
311 
319 //#define MBEDTLS_AES_ROM_TABLES
320 
328 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
329 
335 #define MBEDTLS_CIPHER_MODE_CBC
336 
342 #define MBEDTLS_CIPHER_MODE_CFB
343 
349 #define MBEDTLS_CIPHER_MODE_CTR
350 
382 //#define MBEDTLS_CIPHER_NULL_CIPHER
383 
395 #define MBEDTLS_CIPHER_PADDING_PKCS7
396 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
397 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
398 #define MBEDTLS_CIPHER_PADDING_ZEROS
399 
413 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
414 
426 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
427 
436 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
437 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
438 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
439 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
440 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
441 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
442 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
443 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
444 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
445 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
446 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
447 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
448 
458 #define MBEDTLS_ECP_NIST_OPTIM
459 
472 #define MBEDTLS_ECDSA_DETERMINISTIC
473 
494 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
495 
518 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
519 
538 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
539 
563 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
564 
591 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
592 
617 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
618 
642 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
643 
666 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
667 
690 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
691 
714 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
715 
733 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
734 
747 #define MBEDTLS_PK_PARSE_EC_EXTENDED
748 
762 #define MBEDTLS_ERROR_STRERROR_DUMMY
763 
771 #define MBEDTLS_GENPRIME
772 
778 #define MBEDTLS_FS_IO
779 
791 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
792 
802 //#define MBEDTLS_NO_PLATFORM_ENTROPY
803 
818 //#define MBEDTLS_ENTROPY_FORCE_SHA256
819 
846 //#define MBEDTLS_ENTROPY_NV_SEED
847 
859 //#define MBEDTLS_MEMORY_DEBUG
860 
871 //#define MBEDTLS_MEMORY_BACKTRACE
872 
880 #define MBEDTLS_PK_RSA_ALT_SUPPORT
881 
891 #define MBEDTLS_PKCS1_V15
892 
902 #define MBEDTLS_PKCS1_V21
903 
912 //#define MBEDTLS_RSA_NO_CRT
913 
919 #define MBEDTLS_SELF_TEST
920 
935 //#define MBEDTLS_SHA256_SMALLER
936 
947 //#define MBEDTLS_SSL_AEAD_RANDOM_IV
948 
961 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
962 
977 //#define MBEDTLS_SSL_DEBUG_ALL
978 
995 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
996 
1013 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1014 
1030 #define MBEDTLS_SSL_FALLBACK_SCSV
1031 
1040 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1041 
1052 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1053 
1067 #define MBEDTLS_SSL_RENEGOTIATION
1068 
1077 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1078 
1087 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1088 
1096 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1097 
1108 //#define MBEDTLS_SSL_PROTO_SSL3
1109 
1120 #define MBEDTLS_SSL_PROTO_TLS1
1121 
1132 #define MBEDTLS_SSL_PROTO_TLS1_1
1133 
1144 #define MBEDTLS_SSL_PROTO_TLS1_2
1145 
1159 #define MBEDTLS_SSL_PROTO_DTLS
1160 
1168 #define MBEDTLS_SSL_ALPN
1169 
1183 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1184 
1201 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1202 
1217 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1218 
1228 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1229 
1242 #define MBEDTLS_SSL_SESSION_TICKETS
1243 
1252 #define MBEDTLS_SSL_EXPORT_KEYS
1253 
1263 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
1264 
1272 #define MBEDTLS_SSL_TRUNCATED_HMAC
1273 
1283 //#define MBEDTLS_THREADING_ALT
1284 
1294 //#define MBEDTLS_THREADING_PTHREAD
1295 
1307 #define MBEDTLS_VERSION_FEATURES
1308 
1317 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1318 
1329 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1330 
1343 #define MBEDTLS_X509_CHECK_KEY_USAGE
1344 
1356 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1357 
1366 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
1367 
1388 //#define MBEDTLS_ZLIB_SUPPORT
1389 /* \} name SECTION: mbed TLS feature support */
1390 
1410 #define MBEDTLS_AESNI_C
1411 
1485 #define MBEDTLS_AES_C
1486 
1508 #define MBEDTLS_ARC4_C
1509 
1522 #define MBEDTLS_ASN1_PARSE_C
1523 
1536 #define MBEDTLS_ASN1_WRITE_C
1537 
1548 #define MBEDTLS_BASE64_C
1549 
1564 #define MBEDTLS_BIGNUM_C
1565 
1573 #define MBEDTLS_BLOWFISH_C
1574 
1628 #define MBEDTLS_CAMELLIA_C
1629 
1642 #define MBEDTLS_CCM_C
1643 
1654 #define MBEDTLS_CERTS_C
1655 
1666 #define MBEDTLS_CIPHER_C
1667 
1680 #define MBEDTLS_CTR_DRBG_C
1681 
1694 #define MBEDTLS_DEBUG_C
1695 
1720 #define MBEDTLS_DES_C
1721 
1734 #define MBEDTLS_DHM_C
1735 
1750 #define MBEDTLS_ECDH_C
1751 
1765 #define MBEDTLS_ECDSA_C
1766 
1784 //#define MBEDTLS_ECJPAKE_C
1785 
1798 #define MBEDTLS_ECP_C
1799 
1812 #define MBEDTLS_ENTROPY_C
1813 
1824 #define MBEDTLS_ERROR_C
1825 
1838 #define MBEDTLS_GCM_C
1839 
1861 //#define MBEDTLS_HAVEGE_C
1862 
1875 #define MBEDTLS_HMAC_DRBG_C
1876 
1887 #define MBEDTLS_MD_C
1888 
1899 //#define MBEDTLS_MD2_C
1900 
1911 //#define MBEDTLS_MD4_C
1912 
1926 #define MBEDTLS_MD5_C
1927 
1942 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
1943 
1961 #define MBEDTLS_NET_C
1962 
1984 #define MBEDTLS_OID_C
1985 
1998 #define MBEDTLS_PADLOCK_C
1999 
2016 #define MBEDTLS_PEM_PARSE_C
2017 
2032 #define MBEDTLS_PEM_WRITE_C
2033 
2048 #define MBEDTLS_PK_C
2049 
2063 #define MBEDTLS_PK_PARSE_C
2064 
2077 #define MBEDTLS_PK_WRITE_C
2078 
2090 #define MBEDTLS_PKCS5_C
2091 
2105 //#define MBEDTLS_PKCS11_C
2106 
2121 #define MBEDTLS_PKCS12_C
2122 
2141 #define MBEDTLS_PLATFORM_C
2142 
2152 #define MBEDTLS_RIPEMD160_C
2153 
2170 #define MBEDTLS_RSA_C
2171 
2186 #define MBEDTLS_SHA1_C
2187 
2203 #define MBEDTLS_SHA256_C
2204 
2218 #define MBEDTLS_SHA512_C
2219 
2230 #define MBEDTLS_SSL_CACHE_C
2231 
2240 #define MBEDTLS_SSL_COOKIE_C
2241 
2252 #define MBEDTLS_SSL_TICKET_C
2253 
2266 #define MBEDTLS_SSL_CLI_C
2267 
2280 #define MBEDTLS_SSL_SRV_C
2281 
2296 #define MBEDTLS_SSL_TLS_C
2297 
2318 //#define MBEDTLS_THREADING_C
2319 
2341 #define MBEDTLS_TIMING_C
2342 
2352 #define MBEDTLS_VERSION_C
2353 
2369 #define MBEDTLS_X509_USE_C
2370 
2385 #define MBEDTLS_X509_CRT_PARSE_C
2386 
2399 #define MBEDTLS_X509_CRL_PARSE_C
2400 
2413 #define MBEDTLS_X509_CSR_PARSE_C
2414 
2426 #define MBEDTLS_X509_CREATE_C
2427 
2439 #define MBEDTLS_X509_CRT_WRITE_C
2440 
2452 #define MBEDTLS_X509_CSR_WRITE_C
2453 
2462 #define MBEDTLS_XTEA_C
2463 
2464 /* \} name SECTION: mbed TLS modules */
2465 
2481 /* MPI / BIGNUM options */
2482 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
2483 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
2484 
2485 /* CTR_DRBG options */
2486 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
2487 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2488 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2489 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2490 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2491 
2492 /* HMAC_DRBG options */
2493 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2494 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2495 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2496 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2497 
2498 /* ECP options */
2499 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
2500 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
2501 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
2502 
2503 /* Entropy options */
2504 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
2505 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
2506 
2507 /* Memory buffer allocator options */
2508 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
2509 
2510 /* Platform options */
2511 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
2512 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
2513 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
2514 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
2515 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined */
2516 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
2517 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
2518 /* Note: your snprintf must correclty zero-terminate the buffer! */
2519 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
2520 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
2521 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
2522 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2523 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2524 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
2525 
2526 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
2527 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
2528 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
2529 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
2530 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
2531 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined */
2532 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined */
2533 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
2534 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
2535 /* Note: your snprintf must correclty zero-terminate the buffer! */
2536 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
2537 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2538 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2539 
2540 /* SSL Cache options */
2541 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
2542 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
2543 
2544 /* SSL options */
2545 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
2546 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
2547 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
2548 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
2549 
2562 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2563 
2564 /* X509 options */
2565 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
2566 
2567 /* \} name SECTION: Customisation configuration options */
2568 
2569 /* Target and application specific configurations */
2570 //#define YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE "target_config.h"
2571 
2572 /*
2573  * Allow user to override any previous default.
2574  *
2575  * Use two macro names for that, as:
2576  * - with yotta the prefix YOTTA_CFG_ is forced
2577  * - without yotta is looks weird to have a YOTTA prefix.
2578  */
2579 #if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
2580 #include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
2581 #elif defined(MBEDTLS_USER_CONFIG_FILE)
2582 #include MBEDTLS_USER_CONFIG_FILE
2583 #endif
2584 
2585 #include "check_config.h"
2586 
2587 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.