mbed TLS v2.3.0
config.h
Go to the documentation of this file.
1 
30 #ifndef MBEDTLS_CONFIG_H
31 #define MBEDTLS_CONFIG_H
32 
33 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
34 #define _CRT_SECURE_NO_DEPRECATE 1
35 #endif
36 
58 #define MBEDTLS_HAVE_ASM
59 
67 //#define MBEDTLS_HAVE_SSE2
68 
78 #define MBEDTLS_HAVE_TIME
79 
90 #define MBEDTLS_HAVE_TIME_DATE
91 
114 //#define MBEDTLS_PLATFORM_MEMORY
115 
133 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
134 
156 //#define MBEDTLS_PLATFORM_EXIT_ALT
157 //#define MBEDTLS_PLATFORM_TIME_ALT
158 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
159 //#define MBEDTLS_PLATFORM_PRINTF_ALT
160 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
161 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
162 
176 //#define MBEDTLS_DEPRECATED_WARNING
177 
188 //#define MBEDTLS_DEPRECATED_REMOVED
189 
190 /* \} name SECTION: System support */
191 
211 //#define MBEDTLS_TIMING_ALT
212 
232 //#define MBEDTLS_AES_ALT
233 //#define MBEDTLS_ARC4_ALT
234 //#define MBEDTLS_BLOWFISH_ALT
235 //#define MBEDTLS_CAMELLIA_ALT
236 //#define MBEDTLS_DES_ALT
237 //#define MBEDTLS_XTEA_ALT
238 //#define MBEDTLS_MD2_ALT
239 //#define MBEDTLS_MD4_ALT
240 //#define MBEDTLS_MD5_ALT
241 //#define MBEDTLS_RIPEMD160_ALT
242 //#define MBEDTLS_SHA1_ALT
243 //#define MBEDTLS_SHA256_ALT
244 //#define MBEDTLS_SHA512_ALT
245 
269 //#define MBEDTLS_MD2_PROCESS_ALT
270 //#define MBEDTLS_MD4_PROCESS_ALT
271 //#define MBEDTLS_MD5_PROCESS_ALT
272 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
273 //#define MBEDTLS_SHA1_PROCESS_ALT
274 //#define MBEDTLS_SHA256_PROCESS_ALT
275 //#define MBEDTLS_SHA512_PROCESS_ALT
276 //#define MBEDTLS_DES_SETKEY_ALT
277 //#define MBEDTLS_DES_CRYPT_ECB_ALT
278 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
279 //#define MBEDTLS_AES_SETKEY_ENC_ALT
280 //#define MBEDTLS_AES_SETKEY_DEC_ALT
281 //#define MBEDTLS_AES_ENCRYPT_ALT
282 //#define MBEDTLS_AES_DECRYPT_ALT
283 
299 //#define MBEDTLS_TEST_NULL_ENTROPY
300 
312 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
313 
321 //#define MBEDTLS_AES_ROM_TABLES
322 
330 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
331 
337 #define MBEDTLS_CIPHER_MODE_CBC
338 
344 #define MBEDTLS_CIPHER_MODE_CFB
345 
351 #define MBEDTLS_CIPHER_MODE_CTR
352 
384 //#define MBEDTLS_CIPHER_NULL_CIPHER
385 
397 #define MBEDTLS_CIPHER_PADDING_PKCS7
398 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
399 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
400 #define MBEDTLS_CIPHER_PADDING_ZEROS
401 
415 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
416 
428 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
429 
438 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
439 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
440 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
441 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
442 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
443 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
444 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
445 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
446 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
447 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
448 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
449 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
450 
460 #define MBEDTLS_ECP_NIST_OPTIM
461 
474 #define MBEDTLS_ECDSA_DETERMINISTIC
475 
496 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
497 
520 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
521 
540 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
541 
565 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
566 
593 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
594 
619 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
620 
644 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
645 
668 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
669 
692 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
693 
716 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
717 
735 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
736 
749 #define MBEDTLS_PK_PARSE_EC_EXTENDED
750 
764 #define MBEDTLS_ERROR_STRERROR_DUMMY
765 
773 #define MBEDTLS_GENPRIME
774 
780 #define MBEDTLS_FS_IO
781 
793 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
794 
804 //#define MBEDTLS_NO_PLATFORM_ENTROPY
805 
820 //#define MBEDTLS_ENTROPY_FORCE_SHA256
821 
848 //#define MBEDTLS_ENTROPY_NV_SEED
849 
861 //#define MBEDTLS_MEMORY_DEBUG
862 
873 //#define MBEDTLS_MEMORY_BACKTRACE
874 
882 #define MBEDTLS_PK_RSA_ALT_SUPPORT
883 
893 #define MBEDTLS_PKCS1_V15
894 
904 #define MBEDTLS_PKCS1_V21
905 
914 //#define MBEDTLS_RSA_NO_CRT
915 
921 #define MBEDTLS_SELF_TEST
922 
937 //#define MBEDTLS_SHA256_SMALLER
938 
949 //#define MBEDTLS_SSL_AEAD_RANDOM_IV
950 
963 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
964 
979 //#define MBEDTLS_SSL_DEBUG_ALL
980 
997 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
998 
1015 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1016 
1032 #define MBEDTLS_SSL_FALLBACK_SCSV
1033 
1042 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1043 
1054 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1055 
1069 #define MBEDTLS_SSL_RENEGOTIATION
1070 
1079 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1080 
1089 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1090 
1098 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1099 
1110 //#define MBEDTLS_SSL_PROTO_SSL3
1111 
1122 #define MBEDTLS_SSL_PROTO_TLS1
1123 
1134 #define MBEDTLS_SSL_PROTO_TLS1_1
1135 
1146 #define MBEDTLS_SSL_PROTO_TLS1_2
1147 
1161 #define MBEDTLS_SSL_PROTO_DTLS
1162 
1170 #define MBEDTLS_SSL_ALPN
1171 
1185 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1186 
1203 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1204 
1219 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1220 
1230 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1231 
1244 #define MBEDTLS_SSL_SESSION_TICKETS
1245 
1254 #define MBEDTLS_SSL_EXPORT_KEYS
1255 
1265 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
1266 
1274 #define MBEDTLS_SSL_TRUNCATED_HMAC
1275 
1285 //#define MBEDTLS_THREADING_ALT
1286 
1296 //#define MBEDTLS_THREADING_PTHREAD
1297 
1309 #define MBEDTLS_VERSION_FEATURES
1310 
1319 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1320 
1331 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1332 
1345 #define MBEDTLS_X509_CHECK_KEY_USAGE
1346 
1358 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1359 
1368 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
1369 
1390 //#define MBEDTLS_ZLIB_SUPPORT
1391 /* \} name SECTION: mbed TLS feature support */
1392 
1412 #define MBEDTLS_AESNI_C
1413 
1487 #define MBEDTLS_AES_C
1488 
1510 #define MBEDTLS_ARC4_C
1511 
1524 #define MBEDTLS_ASN1_PARSE_C
1525 
1538 #define MBEDTLS_ASN1_WRITE_C
1539 
1550 #define MBEDTLS_BASE64_C
1551 
1566 #define MBEDTLS_BIGNUM_C
1567 
1575 #define MBEDTLS_BLOWFISH_C
1576 
1630 #define MBEDTLS_CAMELLIA_C
1631 
1644 #define MBEDTLS_CCM_C
1645 
1656 #define MBEDTLS_CERTS_C
1657 
1668 #define MBEDTLS_CIPHER_C
1669 
1682 #define MBEDTLS_CTR_DRBG_C
1683 
1696 #define MBEDTLS_DEBUG_C
1697 
1722 #define MBEDTLS_DES_C
1723 
1736 #define MBEDTLS_DHM_C
1737 
1752 #define MBEDTLS_ECDH_C
1753 
1767 #define MBEDTLS_ECDSA_C
1768 
1786 //#define MBEDTLS_ECJPAKE_C
1787 
1800 #define MBEDTLS_ECP_C
1801 
1814 #define MBEDTLS_ENTROPY_C
1815 
1826 #define MBEDTLS_ERROR_C
1827 
1840 #define MBEDTLS_GCM_C
1841 
1863 //#define MBEDTLS_HAVEGE_C
1864 
1877 #define MBEDTLS_HMAC_DRBG_C
1878 
1889 #define MBEDTLS_MD_C
1890 
1901 //#define MBEDTLS_MD2_C
1902 
1913 //#define MBEDTLS_MD4_C
1914 
1928 #define MBEDTLS_MD5_C
1929 
1944 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
1945 
1963 #define MBEDTLS_NET_C
1964 
1986 #define MBEDTLS_OID_C
1987 
2000 #define MBEDTLS_PADLOCK_C
2001 
2018 #define MBEDTLS_PEM_PARSE_C
2019 
2034 #define MBEDTLS_PEM_WRITE_C
2035 
2050 #define MBEDTLS_PK_C
2051 
2065 #define MBEDTLS_PK_PARSE_C
2066 
2079 #define MBEDTLS_PK_WRITE_C
2080 
2092 #define MBEDTLS_PKCS5_C
2093 
2107 //#define MBEDTLS_PKCS11_C
2108 
2123 #define MBEDTLS_PKCS12_C
2124 
2143 #define MBEDTLS_PLATFORM_C
2144 
2154 #define MBEDTLS_RIPEMD160_C
2155 
2172 #define MBEDTLS_RSA_C
2173 
2188 #define MBEDTLS_SHA1_C
2189 
2205 #define MBEDTLS_SHA256_C
2206 
2220 #define MBEDTLS_SHA512_C
2221 
2232 #define MBEDTLS_SSL_CACHE_C
2233 
2242 #define MBEDTLS_SSL_COOKIE_C
2243 
2254 #define MBEDTLS_SSL_TICKET_C
2255 
2268 #define MBEDTLS_SSL_CLI_C
2269 
2282 #define MBEDTLS_SSL_SRV_C
2283 
2298 #define MBEDTLS_SSL_TLS_C
2299 
2320 //#define MBEDTLS_THREADING_C
2321 
2343 #define MBEDTLS_TIMING_C
2344 
2354 #define MBEDTLS_VERSION_C
2355 
2371 #define MBEDTLS_X509_USE_C
2372 
2387 #define MBEDTLS_X509_CRT_PARSE_C
2388 
2401 #define MBEDTLS_X509_CRL_PARSE_C
2402 
2415 #define MBEDTLS_X509_CSR_PARSE_C
2416 
2428 #define MBEDTLS_X509_CREATE_C
2429 
2441 #define MBEDTLS_X509_CRT_WRITE_C
2442 
2454 #define MBEDTLS_X509_CSR_WRITE_C
2455 
2464 #define MBEDTLS_XTEA_C
2465 
2466 /* \} name SECTION: mbed TLS modules */
2467 
2483 /* MPI / BIGNUM options */
2484 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
2485 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
2486 
2487 /* CTR_DRBG options */
2488 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
2489 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2490 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2491 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2492 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2493 
2494 /* HMAC_DRBG options */
2495 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2496 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2497 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2498 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2499 
2500 /* ECP options */
2501 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
2502 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
2503 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
2504 
2505 /* Entropy options */
2506 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
2507 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
2508 
2509 /* Memory buffer allocator options */
2510 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
2511 
2512 /* Platform options */
2513 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
2514 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
2515 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
2516 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
2517 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined */
2518 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
2519 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
2520 /* Note: your snprintf must correclty zero-terminate the buffer! */
2521 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
2522 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
2523 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
2524 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2525 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2526 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
2527 
2528 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
2529 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
2530 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
2531 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
2532 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
2533 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined */
2534 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined */
2535 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
2536 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
2537 /* Note: your snprintf must correclty zero-terminate the buffer! */
2538 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
2539 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2540 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2541 
2542 /* SSL Cache options */
2543 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
2544 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
2545 
2546 /* SSL options */
2547 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
2548 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
2549 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
2550 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
2551 
2564 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2565 
2566 /* X509 options */
2567 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
2568 
2569 /* \} name SECTION: Customisation configuration options */
2570 
2571 /* Target and application specific configurations */
2572 //#define YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE "target_config.h"
2573 
2574 /*
2575  * Allow user to override any previous default.
2576  *
2577  * Use two macro names for that, as:
2578  * - with yotta the prefix YOTTA_CFG_ is forced
2579  * - without yotta is looks weird to have a YOTTA prefix.
2580  */
2581 #if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
2582 #include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
2583 #elif defined(MBEDTLS_USER_CONFIG_FILE)
2584 #include MBEDTLS_USER_CONFIG_FILE
2585 #endif
2586 
2587 #include "check_config.h"
2588 
2589 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.