Mbed TLS v2.28.10
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  */
14 
15 #ifndef MBEDTLS_CONFIG_H
16 #define MBEDTLS_CONFIG_H
17 
18 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
19 #define _CRT_SECURE_NO_DEPRECATE 1
20 #endif
21 
47 #define MBEDTLS_HAVE_ASM
48 
75 //#define MBEDTLS_NO_UDBL_DIVISION
76 
97 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
98 
106 //#define MBEDTLS_HAVE_SSE2
107 
126 #define MBEDTLS_HAVE_TIME
127 
147 #define MBEDTLS_HAVE_TIME_DATE
148 
203 //#define MBEDTLS_PLATFORM_MEMORY
204 
222 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
223 
247 //#define MBEDTLS_PLATFORM_EXIT_ALT
248 //#define MBEDTLS_PLATFORM_TIME_ALT
249 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
250 //#define MBEDTLS_PLATFORM_PRINTF_ALT
251 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
252 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
253 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
254 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
255 
273 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
274 
293 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
294 
308 //#define MBEDTLS_DEPRECATED_WARNING
309 
320 //#define MBEDTLS_DEPRECATED_REMOVED
321 
372 //#define MBEDTLS_CHECK_PARAMS
373 
386 //#define MBEDTLS_CHECK_PARAMS_ASSERT
387 
409 //#define MBEDTLS_TIMING_ALT
410 
436 //#define MBEDTLS_AES_ALT
437 //#define MBEDTLS_ARC4_ALT
438 //#define MBEDTLS_ARIA_ALT
439 //#define MBEDTLS_BLOWFISH_ALT
440 //#define MBEDTLS_CAMELLIA_ALT
441 //#define MBEDTLS_CCM_ALT
442 //#define MBEDTLS_CHACHA20_ALT
443 //#define MBEDTLS_CHACHAPOLY_ALT
444 //#define MBEDTLS_CMAC_ALT
445 //#define MBEDTLS_DES_ALT
446 //#define MBEDTLS_DHM_ALT
447 //#define MBEDTLS_ECJPAKE_ALT
448 //#define MBEDTLS_GCM_ALT
449 //#define MBEDTLS_NIST_KW_ALT
450 //#define MBEDTLS_MD2_ALT
451 //#define MBEDTLS_MD4_ALT
452 //#define MBEDTLS_MD5_ALT
453 //#define MBEDTLS_POLY1305_ALT
454 //#define MBEDTLS_RIPEMD160_ALT
455 //#define MBEDTLS_RSA_ALT
456 //#define MBEDTLS_SHA1_ALT
457 //#define MBEDTLS_SHA256_ALT
458 //#define MBEDTLS_SHA512_ALT
459 //#define MBEDTLS_XTEA_ALT
460 
461 /*
462  * When replacing the elliptic curve module, please consider, that it is
463  * implemented with two .c files:
464  * - ecp.c
465  * - ecp_curves.c
466  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
467  * macros as described above. The only difference is that you have to make sure
468  * that you provide functionality for both .c files.
469  */
470 //#define MBEDTLS_ECP_ALT
471 
517 //#define MBEDTLS_MD2_PROCESS_ALT
518 //#define MBEDTLS_MD4_PROCESS_ALT
519 //#define MBEDTLS_MD5_PROCESS_ALT
520 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
521 //#define MBEDTLS_SHA1_PROCESS_ALT
522 //#define MBEDTLS_SHA256_PROCESS_ALT
523 //#define MBEDTLS_SHA512_PROCESS_ALT
524 //#define MBEDTLS_DES_SETKEY_ALT
525 //#define MBEDTLS_DES_CRYPT_ECB_ALT
526 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
527 //#define MBEDTLS_AES_SETKEY_ENC_ALT
528 //#define MBEDTLS_AES_SETKEY_DEC_ALT
529 //#define MBEDTLS_AES_ENCRYPT_ALT
530 //#define MBEDTLS_AES_DECRYPT_ALT
531 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
532 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
533 //#define MBEDTLS_ECDSA_VERIFY_ALT
534 //#define MBEDTLS_ECDSA_SIGN_ALT
535 //#define MBEDTLS_ECDSA_GENKEY_ALT
536 
587 /* Required for all the functions in this section */
588 //#define MBEDTLS_ECP_INTERNAL_ALT
589 /* Turn off software fallback for curves not supported in hardware */
590 //#define MBEDTLS_ECP_NO_FALLBACK
591 /* Support for Weierstrass curves with Jacobi representation */
592 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
593 //#define MBEDTLS_ECP_ADD_MIXED_ALT
594 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
595 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
596 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
597 /* Support for curves with Montgomery arithmetic */
598 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
599 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
600 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
601 
617 //#define MBEDTLS_TEST_NULL_ENTROPY
618 
630 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
631 
650 //#define MBEDTLS_AES_ROM_TABLES
651 
672 //#define MBEDTLS_AES_FEWER_TABLES
673 
681 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
682 
704 //#define MBEDTLS_CHECK_RETURN_WARNING
705 
711 #define MBEDTLS_CIPHER_MODE_CBC
712 
718 #define MBEDTLS_CIPHER_MODE_CFB
719 
725 #define MBEDTLS_CIPHER_MODE_CTR
726 
732 #define MBEDTLS_CIPHER_MODE_OFB
733 
739 #define MBEDTLS_CIPHER_MODE_XTS
740 
772 //#define MBEDTLS_CIPHER_NULL_CIPHER
773 
785 #define MBEDTLS_CIPHER_PADDING_PKCS7
786 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
787 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
788 #define MBEDTLS_CIPHER_PADDING_ZEROS
789 
795 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
796 
813 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
814 
826 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
827 
846 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
847 
858 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
859 
868 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
869 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
870 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
871 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
872 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
873 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
874 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
875 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
876 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
877 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
878 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
879 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
880 /* Montgomery curves (supporting ECP) */
881 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
882 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
883 
893 #define MBEDTLS_ECP_NIST_OPTIM
894 
915 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
916 
965 //#define MBEDTLS_ECP_RESTARTABLE
966 
993 #define MBEDTLS_ECDH_LEGACY_CONTEXT
994 
1007 #define MBEDTLS_ECDSA_DETERMINISTIC
1008 
1029 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
1030 
1060 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
1061 
1080 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1081 
1105 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1106 
1133 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1134 
1166 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1167 
1191 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1192 
1215 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1216 
1239 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1240 
1263 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1264 
1282 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1283 
1296 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1297 
1311 #define MBEDTLS_ERROR_STRERROR_DUMMY
1312 
1320 #define MBEDTLS_GENPRIME
1321 
1327 #define MBEDTLS_FS_IO
1328 
1340 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1341 
1351 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1352 
1367 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1368 
1395 //#define MBEDTLS_ENTROPY_NV_SEED
1396 
1397 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1398  *
1399  * Enable key identifiers that encode a key owner identifier.
1400  *
1401  * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1402  * which is currently hard-coded to be int32_t.
1403  *
1404  * Note that this option is meant for internal use only and may be removed
1405  * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
1406  */
1407 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1408 
1420 //#define MBEDTLS_MEMORY_DEBUG
1421 
1432 //#define MBEDTLS_MEMORY_BACKTRACE
1433 
1441 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1442 
1452 #define MBEDTLS_PKCS1_V15
1453 
1463 #define MBEDTLS_PKCS1_V21
1464 
1479 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1480 
1495 //#define MBEDTLS_PSA_CRYPTO_CLIENT
1496 
1506 //#define MBEDTLS_PSA_CRYPTO_DRIVERS
1507 
1544 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1545 
1558 //#define MBEDTLS_PSA_CRYPTO_SPM
1559 
1571 //#define MBEDTLS_PSA_INJECT_ENTROPY
1572 
1591 //#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
1592 
1602 //#define MBEDTLS_RSA_NO_CRT
1603 
1609 #define MBEDTLS_SELF_TEST
1610 
1625 //#define MBEDTLS_SHA256_SMALLER
1626 
1635 //#define MBEDTLS_SHA512_SMALLER
1636 
1647 //#define MBEDTLS_SHA512_NO_SHA384
1648 
1661 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1662 
1675 #define MBEDTLS_SSL_RECORD_CHECKING
1676 
1703 //#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1704 
1714 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1715 
1754 //#define MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
1755 
1783 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1784 
1799 //#define MBEDTLS_SSL_DEBUG_ALL
1800 
1817 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1818 
1835 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1836 
1853 #define MBEDTLS_SSL_FALLBACK_SCSV
1854 
1875 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1876 
1888 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1889 
1900 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1901 
1922 #define MBEDTLS_SSL_RENEGOTIATION
1923 
1935 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1936 
1945 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1946 
1954 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1955 
1969 //#define MBEDTLS_SSL_PROTO_SSL3
1970 
1981 #define MBEDTLS_SSL_PROTO_TLS1
1982 
1993 #define MBEDTLS_SSL_PROTO_TLS1_1
1994 
2005 #define MBEDTLS_SSL_PROTO_TLS1_2
2006 
2024 //#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
2025 
2039 #define MBEDTLS_SSL_PROTO_DTLS
2040 
2048 #define MBEDTLS_SSL_ALPN
2049 
2063 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
2064 
2081 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
2082 
2112 #define MBEDTLS_SSL_DTLS_SRTP
2113 
2128 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
2129 
2139 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
2140 
2153 #define MBEDTLS_SSL_SESSION_TICKETS
2154 
2163 #define MBEDTLS_SSL_EXPORT_KEYS
2164 
2174 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
2175 
2183 #define MBEDTLS_SSL_TRUNCATED_HMAC
2184 
2207 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
2208 
2217 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2218 
2234 //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
2235 
2251 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2252 
2270 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2271 
2290 //#define MBEDTLS_TEST_HOOKS
2291 
2301 //#define MBEDTLS_THREADING_ALT
2302 
2312 //#define MBEDTLS_THREADING_PTHREAD
2313 
2341 //#define MBEDTLS_USE_PSA_CRYPTO
2342 
2370 //#define MBEDTLS_PSA_CRYPTO_CONFIG
2371 
2383 #define MBEDTLS_VERSION_FEATURES
2384 
2393 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2394 
2405 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2406 
2424 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2425 
2438 #define MBEDTLS_X509_CHECK_KEY_USAGE
2439 
2451 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2452 
2461 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2462 
2486 //#define MBEDTLS_ZLIB_SUPPORT
2526 #define MBEDTLS_AESNI_C
2527 
2601 #define MBEDTLS_AES_C
2602 
2629 #define MBEDTLS_ARC4_C
2630 
2643 #define MBEDTLS_ASN1_PARSE_C
2644 
2657 #define MBEDTLS_ASN1_WRITE_C
2658 
2669 #define MBEDTLS_BASE64_C
2670 
2686 #define MBEDTLS_BIGNUM_C
2687 
2695 #define MBEDTLS_BLOWFISH_C
2696 
2750 #define MBEDTLS_CAMELLIA_C
2751 
2802 //#define MBEDTLS_ARIA_C
2803 
2816 #define MBEDTLS_CCM_C
2817 
2828 #define MBEDTLS_CERTS_C
2829 
2837 #define MBEDTLS_CHACHA20_C
2838 
2848 #define MBEDTLS_CHACHAPOLY_C
2849 
2860 #define MBEDTLS_CIPHER_C
2861 
2878 //#define MBEDTLS_CMAC_C
2879 
2898 #define MBEDTLS_CTR_DRBG_C
2899 
2912 #define MBEDTLS_DEBUG_C
2913 
2941 #define MBEDTLS_DES_C
2942 
2962 #define MBEDTLS_DHM_C
2963 
2978 #define MBEDTLS_ECDH_C
2979 
2995 #define MBEDTLS_ECDSA_C
2996 
3014 //#define MBEDTLS_ECJPAKE_C
3015 
3028 #define MBEDTLS_ECP_C
3029 
3042 #define MBEDTLS_ENTROPY_C
3043 
3054 #define MBEDTLS_ERROR_C
3055 
3068 #define MBEDTLS_GCM_C
3069 
3091 //#define MBEDTLS_HAVEGE_C
3092 
3106 #define MBEDTLS_HKDF_C
3107 
3120 #define MBEDTLS_HMAC_DRBG_C
3121 
3133 //#define MBEDTLS_NIST_KW_C
3134 
3145 #define MBEDTLS_MD_C
3146 
3162 //#define MBEDTLS_MD2_C
3163 
3179 //#define MBEDTLS_MD4_C
3180 
3201 #define MBEDTLS_MD5_C
3202 
3217 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3218 
3236 #define MBEDTLS_NET_C
3237 
3259 #define MBEDTLS_OID_C
3260 
3273 #define MBEDTLS_PADLOCK_C
3274 
3291 #define MBEDTLS_PEM_PARSE_C
3292 
3307 #define MBEDTLS_PEM_WRITE_C
3308 
3323 #define MBEDTLS_PK_C
3324 
3338 #define MBEDTLS_PK_PARSE_C
3339 
3352 #define MBEDTLS_PK_WRITE_C
3353 
3365 #define MBEDTLS_PKCS5_C
3366 
3383 //#define MBEDTLS_PKCS11_C
3384 
3399 #define MBEDTLS_PKCS12_C
3400 
3419 #define MBEDTLS_PLATFORM_C
3420 
3429 #define MBEDTLS_POLY1305_C
3430 
3451 #define MBEDTLS_PSA_CRYPTO_C
3452 
3467 //#define MBEDTLS_PSA_CRYPTO_SE_C
3468 
3480 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3481 
3492 #define MBEDTLS_PSA_ITS_FILE_C
3493 
3503 #define MBEDTLS_RIPEMD160_C
3504 
3522 #define MBEDTLS_RSA_C
3523 
3544 #define MBEDTLS_SHA1_C
3545 
3561 #define MBEDTLS_SHA256_C
3562 
3576 #define MBEDTLS_SHA512_C
3577 
3588 #define MBEDTLS_SSL_CACHE_C
3589 
3598 #define MBEDTLS_SSL_COOKIE_C
3599 
3611 #define MBEDTLS_SSL_TICKET_C
3612 
3625 #define MBEDTLS_SSL_CLI_C
3626 
3639 #define MBEDTLS_SSL_SRV_C
3640 
3655 #define MBEDTLS_SSL_TLS_C
3656 
3695 //#define MBEDTLS_THREADING_C
3696 
3722 #define MBEDTLS_TIMING_C
3723 
3733 #define MBEDTLS_VERSION_C
3734 
3750 #define MBEDTLS_X509_USE_C
3751 
3766 #define MBEDTLS_X509_CRT_PARSE_C
3767 
3780 #define MBEDTLS_X509_CRL_PARSE_C
3781 
3794 #define MBEDTLS_X509_CSR_PARSE_C
3795 
3807 #define MBEDTLS_X509_CREATE_C
3808 
3820 #define MBEDTLS_X509_CRT_WRITE_C
3821 
3833 #define MBEDTLS_X509_CSR_WRITE_C
3834 
3843 #define MBEDTLS_XTEA_C
3844 
3872 //#define MBEDTLS_CONFIG_FILE "mbedtls/config.h"
3873 
3889 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3890 
3907 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3908 
3924 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3925 
3939 /* The Doxygen documentation here is used when a user comments out a
3940  * setting and runs doxygen themselves. On the other hand, when we typeset
3941  * the full documentation including disabled settings, the documentation
3942  * in specific modules' header files is used if present. When editing this
3943  * file, make sure that each option is documented in exactly one place,
3944  * plus optionally a same-line Doxygen comment here if there is a Doxygen
3945  * comment in the specific module. */
3946 
3947 /* MPI / BIGNUM options */
3948 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
3949 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3950 
3951 /* CTR_DRBG options */
3952 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3953 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3954 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3955 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3956 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3957 
3958 /* HMAC_DRBG options */
3959 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3960 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3961 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3962 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3963 
3964 /* ECP options */
3965 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
3966 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
3967 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3968 
3969 /* Entropy options */
3970 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3971 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3972 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3973 
3974 /* Memory buffer allocator options */
3975 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3976 
3977 /* Platform options */
3978 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3979 
3991 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc
3992 
4001 //#define MBEDTLS_PLATFORM_STD_FREE free
4002 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
4003 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4004 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
4005 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
4006 /* Note: your snprintf must correctly zero-terminate the buffer! */
4007 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
4008 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
4009 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
4010 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
4011 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
4012 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
4013 
4014 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
4015 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
4016 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
4017 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
4018 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
4019 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4020 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
4021 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
4022 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
4023 /* Note: your snprintf must correctly zero-terminate the buffer! */
4024 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
4025 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
4026 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
4027 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
4028 
4063 //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
4064 
4078 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
4079 
4086 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
4087 
4088 /* PSA options */
4106 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
4107 
4122 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
4123 
4124 /* SSL Cache options */
4125 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
4126 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
4127 
4128 /* SSL options */
4129 
4154 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
4155 
4179 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
4180 
4186 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
4187 
4193 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
4194 
4210 //#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
4211 
4226 //#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
4227 
4250 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
4251 
4267 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4268 
4269 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
4270 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
4271 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4272 
4282 //#define MBEDTLS_TLS_EXT_CID 254
4283 
4296 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4297 
4298 /* X509 options */
4299 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4300 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4301 
4304 /* Target and application specific configurations
4305  *
4306  * Allow user to override any previous default.
4307  *
4308  */
4309 #if defined(MBEDTLS_USER_CONFIG_FILE)
4310 #include MBEDTLS_USER_CONFIG_FILE
4311 #endif
4312 
4313 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
4314 #include "mbedtls/config_psa.h"
4315 #endif
4316 
4317 #include "mbedtls/check_config.h"
4318 
4319 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.
PSA crypto configuration options (set of defines)