|  | /** | 
|  | * \file mbedtls/build_info.h | 
|  | * | 
|  | * \brief Build-time configuration info | 
|  | * | 
|  | *  Include this file if you need to depend on the | 
|  | *  configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE | 
|  | */ | 
|  | /* | 
|  | *  Copyright The Mbed TLS Contributors | 
|  | *  SPDX-License-Identifier: Apache-2.0 | 
|  | * | 
|  | *  Licensed under the Apache License, Version 2.0 (the "License"); you may | 
|  | *  not use this file except in compliance with the License. | 
|  | *  You may obtain a copy of the License at | 
|  | * | 
|  | *  http://www.apache.org/licenses/LICENSE-2.0 | 
|  | * | 
|  | *  Unless required by applicable law or agreed to in writing, software | 
|  | *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | 
|  | *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 
|  | *  See the License for the specific language governing permissions and | 
|  | *  limitations under the License. | 
|  | */ | 
|  |  | 
|  | #ifndef MBEDTLS_BUILD_INFO_H | 
|  | #define MBEDTLS_BUILD_INFO_H | 
|  |  | 
|  | /* | 
|  | * This set of compile-time defines can be used to determine the version number | 
|  | * of the Mbed TLS library used. Run-time variables for the same can be found in | 
|  | * version.h | 
|  | */ | 
|  |  | 
|  | /** | 
|  | * The version number x.y.z is split into three parts. | 
|  | * Major, Minor, Patchlevel | 
|  | */ | 
|  | #define MBEDTLS_VERSION_MAJOR  3 | 
|  | #define MBEDTLS_VERSION_MINOR  4 | 
|  | #define MBEDTLS_VERSION_PATCH  0 | 
|  |  | 
|  | /** | 
|  | * The single version number has the following structure: | 
|  | *    MMNNPP00 | 
|  | *    Major version | Minor version | Patch version | 
|  | */ | 
|  | #define MBEDTLS_VERSION_NUMBER         0x03040000 | 
|  | #define MBEDTLS_VERSION_STRING         "3.4.0" | 
|  | #define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 3.4.0" | 
|  |  | 
|  | #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) | 
|  | #define _CRT_SECURE_NO_DEPRECATE 1 | 
|  | #endif | 
|  |  | 
|  | /* Define `inline` on some non-C99-compliant compilers. */ | 
|  | #if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ | 
|  | !defined(inline) && !defined(__cplusplus) | 
|  | #define inline __inline | 
|  | #endif | 
|  |  | 
|  | #if !defined(MBEDTLS_CONFIG_FILE) | 
|  | #include "mbedtls/mbedtls_config.h" | 
|  | #else | 
|  | #include MBEDTLS_CONFIG_FILE | 
|  | #endif | 
|  |  | 
|  | #if defined(MBEDTLS_CONFIG_VERSION) && ( \ | 
|  | MBEDTLS_CONFIG_VERSION < 0x03000000 || \ | 
|  | MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER) | 
|  | #error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" | 
|  | #endif | 
|  |  | 
|  | /* Target and application specific configurations | 
|  | * | 
|  | * Allow user to override any previous default. | 
|  | * | 
|  | */ | 
|  | #if defined(MBEDTLS_USER_CONFIG_FILE) | 
|  | #include MBEDTLS_USER_CONFIG_FILE | 
|  | #endif | 
|  |  | 
|  | /* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if | 
|  | * MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined | 
|  | * to ensure a 128-bit key size in CTR_DRBG. | 
|  | */ | 
|  | #if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && defined(MBEDTLS_CTR_DRBG_C) | 
|  | #define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY | 
|  | #endif | 
|  |  | 
|  | /* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it | 
|  | * in a previous release, to ensure backwards compatibility. | 
|  | */ | 
|  | #if defined(MBEDTLS_PKCS5_C) | 
|  | #define MBEDTLS_MD_C | 
|  | #endif | 
|  |  | 
|  | /* PSA crypto specific configuration options | 
|  | * - If config_psa.h reads a configuration option in preprocessor directive, | 
|  | *   this symbol should be set before its inclusion. (e.g. MBEDTLS_MD_C) | 
|  | * - If config_psa.h writes a configuration option in conditional directive, | 
|  | *   this symbol should be consulted after its inclusion. | 
|  | *   (e.g. MBEDTLS_MD_LIGHT) | 
|  | */ | 
|  | #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) /* PSA_WANT_xxx influences MBEDTLS_xxx */ || \ | 
|  | defined(MBEDTLS_PSA_CRYPTO_C) /* MBEDTLS_xxx influences PSA_WANT_xxx */ | 
|  | #include "mbedtls/config_psa.h" | 
|  | #endif | 
|  |  | 
|  | /* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. | 
|  | * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. | 
|  | */ | 
|  | #if defined(MBEDTLS_MD_C) | 
|  | #define MBEDTLS_MD_LIGHT | 
|  | #endif | 
|  |  | 
|  | /* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it | 
|  | * in a previous release, to ensure backwards compatibility. | 
|  | */ | 
|  | #if defined(MBEDTLS_ECJPAKE_C) || \ | 
|  | defined(MBEDTLS_PEM_PARSE_C) || \ | 
|  | defined(MBEDTLS_ENTROPY_C) || \ | 
|  | defined(MBEDTLS_PK_C) || \ | 
|  | defined(MBEDTLS_PKCS12_C) || \ | 
|  | defined(MBEDTLS_RSA_C) || \ | 
|  | defined(MBEDTLS_SSL_TLS_C) || \ | 
|  | defined(MBEDTLS_X509_USE_C) || \ | 
|  | defined(MBEDTLS_X509_CREATE_C) | 
|  | #define MBEDTLS_MD_LIGHT | 
|  | #endif | 
|  |  | 
|  | /* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: | 
|  | * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions | 
|  | *   for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for | 
|  | *   some reason, then MBEDTLS_ECP_LIGHT should be enabled as well. | 
|  | * - MBEDTLS_PK_PARSE_EC_EXTENDED and MBEDTLS_PK_PARSE_EC_COMPRESSED because | 
|  | *   these features are not supported in PSA so the only way to have them is | 
|  | *   to enable the built-in solution. | 
|  | *   Both of them are temporary dependencies: | 
|  | *   - PK_PARSE_EC_EXTENDED will be removed after #7779 and #7789 | 
|  | *   - support for compressed points should also be added to PSA, but in this | 
|  | *     case there is no associated issue to track it yet. | 
|  | * - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE because Weierstrass key derivation | 
|  | *   still depends on ECP_LIGHT. | 
|  | * - PK_C + USE_PSA + PSA_WANT_ALG_ECDSA is a temporary dependency which will | 
|  | *   be fixed by #7453. | 
|  | */ | 
|  | #if defined(MBEDTLS_ECP_C) || \ | 
|  | defined(MBEDTLS_PK_PARSE_EC_EXTENDED) || \ | 
|  | defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) || \ | 
|  | defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) | 
|  | #define MBEDTLS_ECP_LIGHT | 
|  | #endif | 
|  |  | 
|  | /* MBEDTLS_PK_PARSE_EC_COMPRESSED is introduced in MbedTLS version 3.5, while | 
|  | * in previous version compressed points were automatically supported as long | 
|  | * as PK_PARSE_C and ECP_C were enabled. As a consequence, for backward | 
|  | * compatibility, we auto-enable PK_PARSE_EC_COMPRESSED when these conditions | 
|  | * are met. */ | 
|  | #if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_ECP_C) | 
|  | #define MBEDTLS_PK_PARSE_EC_COMPRESSED | 
|  | #endif | 
|  |  | 
|  | /* Helper symbol to state that there is support for ECDH, either through | 
|  | * library implementation (ECDH_C) or through PSA. */ | 
|  | #if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_ECDH)) || \ | 
|  | (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C)) | 
|  | #define MBEDTLS_CAN_ECDH | 
|  | #endif | 
|  |  | 
|  | /* PK module can achieve ECDSA functionalities by means of either software | 
|  | * implementations (ECDSA_C) or through a PSA driver. The following defines | 
|  | * are meant to list these capabilities in a general way which abstracts how | 
|  | * they are implemented under the hood. */ | 
|  | #if !defined(MBEDTLS_USE_PSA_CRYPTO) | 
|  | #if defined(MBEDTLS_ECDSA_C) | 
|  | #define MBEDTLS_PK_CAN_ECDSA_SIGN | 
|  | #define MBEDTLS_PK_CAN_ECDSA_VERIFY | 
|  | #endif /* MBEDTLS_ECDSA_C */ | 
|  | #else /* MBEDTLS_USE_PSA_CRYPTO */ | 
|  | #if defined(PSA_WANT_ALG_ECDSA) | 
|  | #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) | 
|  | #define MBEDTLS_PK_CAN_ECDSA_SIGN | 
|  | #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */ | 
|  | #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) | 
|  | #define MBEDTLS_PK_CAN_ECDSA_VERIFY | 
|  | #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ | 
|  | #endif /* PSA_WANT_ALG_ECDSA */ | 
|  | #endif /* MBEDTLS_USE_PSA_CRYPTO */ | 
|  |  | 
|  | #if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN) | 
|  | #define MBEDTLS_PK_CAN_ECDSA_SOME | 
|  | #endif | 
|  |  | 
|  | /* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT | 
|  | * is defined as well to include all PSA code. | 
|  | */ | 
|  | #if defined(MBEDTLS_PSA_CRYPTO_C) | 
|  | #define MBEDTLS_PSA_CRYPTO_CLIENT | 
|  | #endif /* MBEDTLS_PSA_CRYPTO_C */ | 
|  |  | 
|  | /* The PK wrappers need pk_write functions to format RSA key objects | 
|  | * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO, | 
|  | * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */ | 
|  | #if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) | 
|  | #define MBEDTLS_PK_C | 
|  | #define MBEDTLS_PK_WRITE_C | 
|  | #define MBEDTLS_PK_PARSE_C | 
|  | #endif | 
|  |  | 
|  | /* The following blocks make it easier to disable all of TLS, | 
|  | * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all | 
|  | * key exchanges, options and extensions related to them. */ | 
|  |  | 
|  | #if !defined(MBEDTLS_SSL_TLS_C) | 
|  | #undef MBEDTLS_SSL_CLI_C | 
|  | #undef MBEDTLS_SSL_SRV_C | 
|  | #undef MBEDTLS_SSL_PROTO_TLS1_3 | 
|  | #undef MBEDTLS_SSL_PROTO_TLS1_2 | 
|  | #undef MBEDTLS_SSL_PROTO_DTLS | 
|  | #endif | 
|  |  | 
|  | #if !defined(MBEDTLS_SSL_PROTO_DTLS) | 
|  | #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY | 
|  | #undef MBEDTLS_SSL_DTLS_CONNECTION_ID | 
|  | #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT | 
|  | #undef MBEDTLS_SSL_DTLS_HELLO_VERIFY | 
|  | #undef MBEDTLS_SSL_DTLS_SRTP | 
|  | #undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE | 
|  | #endif | 
|  |  | 
|  | #if !defined(MBEDTLS_SSL_PROTO_TLS1_2) | 
|  | #undef MBEDTLS_SSL_ENCRYPT_THEN_MAC | 
|  | #undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET | 
|  | #undef MBEDTLS_SSL_RENEGOTIATION | 
|  | #undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED | 
|  | #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED | 
|  | #endif | 
|  |  | 
|  | #if !defined(MBEDTLS_SSL_PROTO_TLS1_3) | 
|  | #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED | 
|  | #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED | 
|  | #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED | 
|  | #undef MBEDTLS_SSL_EARLY_DATA | 
|  | #endif | 
|  |  | 
|  | #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ | 
|  | (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ | 
|  | defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)) | 
|  | #define MBEDTLS_SSL_TLS1_2_SOME_ECC | 
|  | #endif | 
|  |  | 
|  | /* Make sure all configuration symbols are set before including check_config.h, | 
|  | * even the ones that are calculated programmatically. */ | 
|  | #include "mbedtls/check_config.h" | 
|  |  | 
|  | #endif /* MBEDTLS_BUILD_INFO_H */ |