| Soby Mathew | 37b1037 | 2024-11-26 12:19:32 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2024, Arm Limited. All rights reserved. |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | */ |
| 6 | |
| 7 | /* |
| 8 | * Based on migration guide[1]: |
| 9 | * |
| 10 | * config.h was split into build_info.h and mbedtls_config.h. In code, use |
| 11 | * #include <mbedtls/build_info.h>. Don't include mbedtls/config.h and don't |
| 12 | * refer to MBEDTLS_CONFIG_FILE. And also the guide recommends, if you have a |
| 13 | * custom configuration file don't define MBEDTLS_CONFIG_H anymore. |
| 14 | * |
| 15 | * [1] https://github.com/Mbed-TLS/mbedtls/blob/v3.6.0/docs/3.0-migration-guide.md |
| 16 | */ |
| 17 | |
| 18 | #include <limits.h> |
| 19 | /* This is needed for size_t */ |
| 20 | #include <stddef.h> |
| 21 | /* For snprintf function declaration */ |
| 22 | #include <stdio.h> |
| 23 | |
| Lauren Wehrmeister | e04fce4 | 2025-04-03 12:49:06 -0500 | [diff] [blame] | 24 | /* This file is compatible with release 3.6.3 */ |
| 25 | #define MBEDTLS_CONFIG_VERSION 0x03060300 |
| Soby Mathew | 37b1037 | 2024-11-26 12:19:32 +0000 | [diff] [blame] | 26 | |
| 27 | /* Configuration file to build mbed TLS with the required features for TFTF */ |
| 28 | #define MBEDTLS_PLATFORM_MEMORY |
| 29 | |
| 30 | #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS |
| 31 | |
| 32 | #define MBEDTLS_CIPHER_C |
| 33 | |
| 34 | #define MBEDTLS_ECP_C |
| 35 | #define MBEDTLS_ECP_DP_SECP384R1_ENABLED |
| 36 | #define MBEDTLS_ECP_RESTARTABLE |
| 37 | #define MBEDTLS_ECDSA_C |
| 38 | #define MBEDTLS_ECDSA_DETERMINISTIC |
| 39 | #define MBEDTLS_ECP_WINDOW_SIZE (2U) /* Valid range = [2,7] */ |
| 40 | |
| 41 | /* |
| 42 | * This is enabled in TFTF as PSA calls are made within the trust boundary. |
| 43 | * Disabling this option causes mbedtls to create a local copy of input buffer |
| 44 | * using buffer_alloc_calloc(). |
| 45 | */ |
| 46 | #define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS |
| 47 | |
| 48 | #define MBEDTLS_ASN1_PARSE_C |
| 49 | #define MBEDTLS_ASN1_WRITE_C |
| 50 | |
| 51 | #define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf |
| 52 | |
| 53 | #define MBEDTLS_BASE64_C |
| 54 | #define MBEDTLS_BIGNUM_C |
| 55 | |
| 56 | #define MBEDTLS_ERROR_C |
| 57 | |
| 58 | #define MBEDTLS_HKDF_C |
| 59 | #define MBEDTLS_HMAC_DRBG_C |
| 60 | |
| 61 | #define MBEDTLS_MD_C |
| 62 | |
| 63 | #define MBEDTLS_PLATFORM_C |
| 64 | |
| 65 | #define MBEDTLS_SHA256_C |
| 66 | #define MBEDTLS_SHA224_C |
| 67 | #define MBEDTLS_SHA384_C |
| 68 | #define MBEDTLS_SHA512_C |
| 69 | |
| 70 | #define MBEDTLS_VERSION_C |
| 71 | |
| 72 | /* |
| 73 | * Prevent the use of 128-bit division which |
| 74 | * creates dependency on external libraries. |
| 75 | */ |
| 76 | #define MBEDTLS_NO_UDBL_DIVISION |
| 77 | |
| 78 | /* Memory buffer allocator option */ |
| 79 | #define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8 |
| 80 | |
| 81 | #define MBEDTLS_GENPRIME |
| 82 | |
| 83 | #define MBEDTLS_X509_CRL_PARSE_C |
| 84 | #define MBEDTLS_X509_CSR_PARSE_C |
| 85 | #define MBEDTLS_X509_CREATE_C |
| 86 | #define MBEDTLS_X509_CSR_WRITE_C |
| 87 | |
| 88 | #define MBEDTLS_AES_C |
| 89 | #define MBEDTLS_GCM_C |
| 90 | |
| 91 | #define MBEDTLS_CHACHA20_C |
| 92 | #define MBEDTLS_POLY1305_C |
| 93 | #define MBEDTLS_CHACHAPOLY_C |
| 94 | |
| 95 | #define MBEDTLS_ECDH_C |
| 96 | #define MBEDTLS_DHM_C |
| 97 | |
| 98 | #define MBEDTLS_PK_WRITE_C |
| 99 | |
| 100 | #define MBEDTLS_ECP_DP_SECP256R1_ENABLED |
| 101 | #define MBEDTLS_ECP_DP_SECP384R1_ENABLED |
| 102 | #define MBEDTLS_ECP_DP_SECP521R1_ENABLED |
| 103 | |
| 104 | #define MBEDTLS_MEMORY_BUFFER_ALLOC_C |
| 105 | |
| 106 | #define MBEDTLS_OID_C |
| 107 | #define MBEDTLS_RSA_C |
| 108 | #define MBEDTLS_PKCS1_V21 |
| 109 | |
| 110 | #define MBEDTLS_X509_USE_C |
| 111 | #define MBEDTLS_X509_CRT_PARSE_C |
| 112 | |
| 113 | #define MBEDTLS_PK_C |
| 114 | #define MBEDTLS_PK_PARSE_C |