Mbed TLS v3.6.3
mbedtls_config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  */
14 
22 //#define MBEDTLS_CONFIG_VERSION 0x03000000
23 
52 #define MBEDTLS_HAVE_ASM
53 
80 //#define MBEDTLS_NO_UDBL_DIVISION
81 
102 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
103 
111 //#define MBEDTLS_HAVE_SSE2
112 
131 #define MBEDTLS_HAVE_TIME
132 
152 #define MBEDTLS_HAVE_TIME_DATE
153 
208 //#define MBEDTLS_PLATFORM_MEMORY
209 
227 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
228 
252 //#define MBEDTLS_PLATFORM_SETBUF_ALT
253 //#define MBEDTLS_PLATFORM_EXIT_ALT
254 //#define MBEDTLS_PLATFORM_TIME_ALT
255 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
256 //#define MBEDTLS_PLATFORM_PRINTF_ALT
257 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
258 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
259 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
260 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
261 //#define MBEDTLS_PLATFORM_MS_TIME_ALT
262 
280 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
281 
303 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
304 
318 //#define MBEDTLS_DEPRECATED_WARNING
319 
330 //#define MBEDTLS_DEPRECATED_REMOVED
331 
353 //#define MBEDTLS_TIMING_ALT
354 
380 //#define MBEDTLS_AES_ALT
381 //#define MBEDTLS_ARIA_ALT
382 //#define MBEDTLS_CAMELLIA_ALT
383 //#define MBEDTLS_CCM_ALT
384 //#define MBEDTLS_CHACHA20_ALT
385 //#define MBEDTLS_CHACHAPOLY_ALT
386 //#define MBEDTLS_CMAC_ALT
387 //#define MBEDTLS_DES_ALT
388 //#define MBEDTLS_DHM_ALT
389 //#define MBEDTLS_ECJPAKE_ALT
390 //#define MBEDTLS_GCM_ALT
391 //#define MBEDTLS_NIST_KW_ALT
392 //#define MBEDTLS_MD5_ALT
393 //#define MBEDTLS_POLY1305_ALT
394 //#define MBEDTLS_RIPEMD160_ALT
395 //#define MBEDTLS_RSA_ALT
396 //#define MBEDTLS_SHA1_ALT
397 //#define MBEDTLS_SHA256_ALT
398 //#define MBEDTLS_SHA512_ALT
399 
400 /*
401  * When replacing the elliptic curve module, please consider, that it is
402  * implemented with two .c files:
403  * - ecp.c
404  * - ecp_curves.c
405  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
406  * macros as described above. The only difference is that you have to make sure
407  * that you provide functionality for both .c files.
408  */
409 //#define MBEDTLS_ECP_ALT
410 
448 //#define MBEDTLS_MD5_PROCESS_ALT
449 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
450 //#define MBEDTLS_SHA1_PROCESS_ALT
451 //#define MBEDTLS_SHA256_PROCESS_ALT
452 //#define MBEDTLS_SHA512_PROCESS_ALT
453 //#define MBEDTLS_DES_SETKEY_ALT
454 //#define MBEDTLS_DES_CRYPT_ECB_ALT
455 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
456 //#define MBEDTLS_AES_SETKEY_ENC_ALT
457 //#define MBEDTLS_AES_SETKEY_DEC_ALT
458 //#define MBEDTLS_AES_ENCRYPT_ALT
459 //#define MBEDTLS_AES_DECRYPT_ALT
460 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
461 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
462 //#define MBEDTLS_ECDSA_VERIFY_ALT
463 //#define MBEDTLS_ECDSA_SIGN_ALT
464 //#define MBEDTLS_ECDSA_GENKEY_ALT
465 
516 /* Required for all the functions in this section */
517 //#define MBEDTLS_ECP_INTERNAL_ALT
518 /* Turn off software fallback for curves not supported in hardware */
519 //#define MBEDTLS_ECP_NO_FALLBACK
520 /* Support for Weierstrass curves with Jacobi representation */
521 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
522 //#define MBEDTLS_ECP_ADD_MIXED_ALT
523 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
524 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
525 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
526 /* Support for curves with Montgomery arithmetic */
527 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
528 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
529 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
530 
543 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
544 
562 //#define MBEDTLS_AES_ROM_TABLES
563 
583 //#define MBEDTLS_AES_FEWER_TABLES
584 
600 //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
601 
602 /*
603  * Disable plain C implementation for AES.
604  *
605  * When the plain C implementation is enabled, and an implementation using a
606  * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
607  * detection will be used to select between them.
608  *
609  * If only one implementation is present, runtime detection will not be used.
610  * This configuration will crash at runtime if running on a CPU without the
611  * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
612  * and/or MBEDTLS_AESNI_C is enabled & present in the build.
613  */
614 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
615 
623 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
624 
646 //#define MBEDTLS_CHECK_RETURN_WARNING
647 
653 #define MBEDTLS_CIPHER_MODE_CBC
654 
660 #define MBEDTLS_CIPHER_MODE_CFB
661 
667 #define MBEDTLS_CIPHER_MODE_CTR
668 
674 #define MBEDTLS_CIPHER_MODE_OFB
675 
681 #define MBEDTLS_CIPHER_MODE_XTS
682 
713 //#define MBEDTLS_CIPHER_NULL_CIPHER
714 
726 #define MBEDTLS_CIPHER_PADDING_PKCS7
727 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
728 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
729 #define MBEDTLS_CIPHER_PADDING_ZEROS
730 
737 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
738 
749 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
750 
759 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
760 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
761 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
762 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
763 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
764 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
765 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
766 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
767 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
768 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
769 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
770 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
771 /* Montgomery curves (supporting ECP) */
772 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
773 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
774 
784 #define MBEDTLS_ECP_NIST_OPTIM
785 
839 //#define MBEDTLS_ECP_RESTARTABLE
840 
847 //#define MBEDTLS_ECP_WITH_MPI_UINT
848 
861 #define MBEDTLS_ECDSA_DETERMINISTIC
862 
881 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
882 
910 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
911 
928 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
929 
951 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
952 
976 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
977 
1008 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1009 
1033 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1034 
1057 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1058 
1081 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1082 
1105 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1106 
1128 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1129 
1142 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1143 
1155 #define MBEDTLS_PK_PARSE_EC_COMPRESSED
1156 
1170 #define MBEDTLS_ERROR_STRERROR_DUMMY
1171 
1179 #define MBEDTLS_GENPRIME
1180 
1186 #define MBEDTLS_FS_IO
1187 
1198 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1199 
1209 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1210 
1225 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1226 
1253 //#define MBEDTLS_ENTROPY_NV_SEED
1254 
1255 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1256  *
1257  * Enable key identifiers that encode a key owner identifier.
1258  *
1259  * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1260  * which is currently hard-coded to be int32_t.
1261  *
1262  * Note that this option is meant for internal use only and may be removed
1263  * without notice.
1264  */
1265 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1266 
1278 //#define MBEDTLS_MEMORY_DEBUG
1279 
1290 //#define MBEDTLS_MEMORY_BACKTRACE
1291 
1299 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1300 
1310 #define MBEDTLS_PKCS1_V15
1311 
1324 #define MBEDTLS_PKCS1_V21
1325 
1340 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1341 
1356 //#define MBEDTLS_PSA_CRYPTO_CLIENT
1357 
1394 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1395 
1415 //#define MBEDTLS_PSA_CRYPTO_SPM
1416 
1432 #define MBEDTLS_PSA_KEY_STORE_DYNAMIC
1433 
1473 //#define MBEDTLS_PSA_P256M_DRIVER_ENABLED
1474 
1486 //#define MBEDTLS_PSA_INJECT_ENTROPY
1487 
1506 //#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
1507 
1517 //#define MBEDTLS_RSA_NO_CRT
1518 
1524 #define MBEDTLS_SELF_TEST
1525 
1540 //#define MBEDTLS_SHA256_SMALLER
1541 
1550 //#define MBEDTLS_SHA512_SMALLER
1551 
1564 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1565 
1588 #define MBEDTLS_SSL_DTLS_CONNECTION_ID
1589 
1590 
1611 #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
1612 
1623 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1624 
1663 //#define MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
1664 
1692 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1693 
1708 //#define MBEDTLS_SSL_DEBUG_ALL
1709 
1724 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1725 
1740 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1741 
1764 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1765 
1788 #define MBEDTLS_SSL_RENEGOTIATION
1789 
1797 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1798 
1808 //#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
1809 
1827 #define MBEDTLS_SSL_PROTO_TLS1_2
1828 
1857 #define MBEDTLS_SSL_PROTO_TLS1_3
1858 
1879 #define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1880 
1891 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1892 
1909 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1910 
1923 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1924 
1941 //#define MBEDTLS_SSL_EARLY_DATA
1942 
1954 #define MBEDTLS_SSL_PROTO_DTLS
1955 
1963 #define MBEDTLS_SSL_ALPN
1964 
1978 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1979 
1996 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1997 
2027 #define MBEDTLS_SSL_DTLS_SRTP
2028 
2043 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
2044 
2057 #define MBEDTLS_SSL_SESSION_TICKETS
2058 
2068 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
2069 
2078 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2079 
2095 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2096 
2114 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2115 
2134 //#define MBEDTLS_TEST_HOOKS
2135 
2145 //#define MBEDTLS_THREADING_ALT
2146 
2156 //#define MBEDTLS_THREADING_PTHREAD
2157 
2190 //#define MBEDTLS_USE_PSA_CRYPTO
2191 
2222 //#define MBEDTLS_PSA_CRYPTO_CONFIG
2223 
2235 #define MBEDTLS_VERSION_FEATURES
2236 
2256 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2257 
2267 //#define MBEDTLS_X509_REMOVE_INFO
2268 
2279 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2280 
2319 #define MBEDTLS_AESNI_C
2320 
2345 #define MBEDTLS_AESCE_C
2346 
2420 #define MBEDTLS_AES_C
2421 
2434 #define MBEDTLS_ASN1_PARSE_C
2435 
2448 #define MBEDTLS_ASN1_WRITE_C
2449 
2460 #define MBEDTLS_BASE64_C
2461 
2482 //#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
2483 
2502 #define MBEDTLS_BIGNUM_C
2503 
2557 #define MBEDTLS_CAMELLIA_C
2558 
2609 #define MBEDTLS_ARIA_C
2610 
2624 #define MBEDTLS_CCM_C
2625 
2633 #define MBEDTLS_CHACHA20_C
2634 
2644 #define MBEDTLS_CHACHAPOLY_C
2645 
2668 #define MBEDTLS_CIPHER_C
2669 
2686 #define MBEDTLS_CMAC_C
2687 
2717 #define MBEDTLS_CTR_DRBG_C
2718 
2732 #define MBEDTLS_DEBUG_C
2733 
2748 #define MBEDTLS_DES_C
2749 
2770 #define MBEDTLS_DHM_C
2771 
2788 #define MBEDTLS_ECDH_C
2789 
2805 #define MBEDTLS_ECDSA_C
2806 
2827 #define MBEDTLS_ECJPAKE_C
2828 
2841 #define MBEDTLS_ECP_C
2842 
2855 #define MBEDTLS_ENTROPY_C
2856 
2867 #define MBEDTLS_ERROR_C
2868 
2882 #define MBEDTLS_GCM_C
2883 
2898 //#define MBEDTLS_GCM_LARGE_TABLE
2899 
2913 #define MBEDTLS_HKDF_C
2914 
2927 #define MBEDTLS_HMAC_DRBG_C
2928 
2941 #define MBEDTLS_LMS_C
2942 
2953 //#define MBEDTLS_LMS_PRIVATE
2954 
2966 #define MBEDTLS_NIST_KW_C
2967 
2999 #define MBEDTLS_MD_C
3000 
3020 #define MBEDTLS_MD5_C
3021 
3036 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3037 
3055 #define MBEDTLS_NET_C
3056 
3078 #define MBEDTLS_OID_C
3079 
3092 #define MBEDTLS_PADLOCK_C
3093 
3114 #define MBEDTLS_PEM_PARSE_C
3115 
3130 #define MBEDTLS_PEM_WRITE_C
3131 
3148 #define MBEDTLS_PK_C
3149 
3163 #define MBEDTLS_PK_PARSE_C
3164 
3177 #define MBEDTLS_PK_WRITE_C
3178 
3193 #define MBEDTLS_PKCS5_C
3194 
3209 #define MBEDTLS_PKCS7_C
3210 
3228 #define MBEDTLS_PKCS12_C
3229 
3248 #define MBEDTLS_PLATFORM_C
3249 
3258 #define MBEDTLS_POLY1305_C
3259 
3285 #define MBEDTLS_PSA_CRYPTO_C
3286 
3304 //#define MBEDTLS_PSA_CRYPTO_SE_C
3305 
3317 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3318 
3329 #define MBEDTLS_PSA_ITS_FILE_C
3330 
3349 //#define MBEDTLS_PSA_STATIC_KEY_SLOTS
3350 
3360 #define MBEDTLS_RIPEMD160_C
3361 
3380 #define MBEDTLS_RSA_C
3381 
3399 #define MBEDTLS_SHA1_C
3400 
3412 #define MBEDTLS_SHA224_C
3413 
3429 #define MBEDTLS_SHA256_C
3430 
3461 //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
3462 
3470 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3471 
3502 //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
3503 
3511 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3512 
3527 #define MBEDTLS_SHA384_C
3528 
3542 #define MBEDTLS_SHA512_C
3543 
3553 #define MBEDTLS_SHA3_C
3554 
3581 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3582 
3609 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3610 
3621 #define MBEDTLS_SSL_CACHE_C
3622 
3631 #define MBEDTLS_SSL_COOKIE_C
3632 
3644 #define MBEDTLS_SSL_TICKET_C
3645 
3658 #define MBEDTLS_SSL_CLI_C
3659 
3672 #define MBEDTLS_SSL_SRV_C
3673 
3688 #define MBEDTLS_SSL_TLS_C
3689 
3738 //#define MBEDTLS_THREADING_C
3739 
3762 #define MBEDTLS_TIMING_C
3763 
3773 #define MBEDTLS_VERSION_C
3774 
3793 #define MBEDTLS_X509_USE_C
3794 
3809 #define MBEDTLS_X509_CRT_PARSE_C
3810 
3823 #define MBEDTLS_X509_CRL_PARSE_C
3824 
3837 #define MBEDTLS_X509_CSR_PARSE_C
3838 
3854 #define MBEDTLS_X509_CREATE_C
3855 
3867 #define MBEDTLS_X509_CRT_WRITE_C
3868 
3880 #define MBEDTLS_X509_CSR_WRITE_C
3881 
3910 //#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h"
3911 
3927 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3928 
3945 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3946 
3962 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3963 
3984 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h"
3985 
4009 //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h"
4010 
4024 /* The Doxygen documentation here is used when a user comments out a
4025  * setting and runs doxygen themselves. On the other hand, when we typeset
4026  * the full documentation including disabled settings, the documentation
4027  * in specific modules' header files is used if present. When editing this
4028  * file, make sure that each option is documented in exactly one place,
4029  * plus optionally a same-line Doxygen comment here if there is a Doxygen
4030  * comment in the specific module. */
4031 
4032 /* MPI / BIGNUM options */
4033 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
4034 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
4035 
4036 /* CTR_DRBG options */
4037 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
4038 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
4039 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
4040 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
4041 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
4042 
4043 /* HMAC_DRBG options */
4044 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
4045 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
4046 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
4047 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
4048 
4049 /* ECP options */
4050 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
4051 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
4052 
4053 /* Entropy options */
4054 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
4055 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
4056 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
4057 
4058 /* Memory buffer allocator options */
4059 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
4060 
4061 /* Platform options */
4062 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
4063 
4075 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc
4076 
4085 //#define MBEDTLS_PLATFORM_STD_FREE free
4086 //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */
4087 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
4088 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4089 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
4090 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
4091 /* Note: your snprintf must correctly zero-terminate the buffer! */
4092 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
4093 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
4094 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
4095 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
4096 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
4097 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
4098 
4099 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
4100 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
4101 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
4102 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
4103 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
4104 //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */
4105 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4106 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4107 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
4108 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
4109 /* Note: your snprintf must correctly zero-terminate the buffer! */
4110 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
4111 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
4112 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
4113 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
4114 //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/
4115 //#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */
4116 
4130 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
4131 
4138 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
4139 
4140 /* PSA options */
4158 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
4159 
4178 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
4179 
4191 //#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE 256
4192 
4193 /* RSA OPTIONS */
4194 //#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */
4195 
4196 /* SSL Cache options */
4197 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
4198 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
4199 
4200 /* SSL options */
4201 
4221 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
4222 
4228 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
4229 
4235 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
4236 
4251 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
4252 
4271 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
4272 
4288 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4289 
4290 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */
4291 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4292 
4305 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4306 
4318 //#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
4319 
4341 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
4342 
4350 //#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
4351 
4360 //#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
4361 
4362 /* X509 options */
4363 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4364 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4365