blob: 260dbab089e510d416e5918adf7012e3d53526bd [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001/**
2 * \file config.h
3 *
Paul Bakker37ca75d2011-01-06 12:28:03 +00004 * \brief Configuration options (set of defines)
5 *
Simon Butcher5b331b92016-01-03 16:14:14 +00006 * This set of compile-time options may be used to enable
7 * or disable features selectively, and reduce the global
8 * memory footprint.
Darryl Greena40a1012018-01-05 15:33:17 +00009 */
10/*
Bence Szépkúti1e148272020-08-07 13:07:28 +020011 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +020012 * SPDX-License-Identifier: Apache-2.0
13 *
14 * Licensed under the Apache License, Version 2.0 (the "License"); you may
15 * not use this file except in compliance with the License.
16 * You may obtain a copy of the License at
17 *
18 * http://www.apache.org/licenses/LICENSE-2.0
19 *
20 * Unless required by applicable law or agreed to in writing, software
21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23 * See the License for the specific language governing permissions and
24 * limitations under the License.
Manuel Pégourié-Gonnarde2b0efe2015-08-11 10:38:37 +020025 */
26
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020027#ifndef MBEDTLS_CONFIG_H
28#define MBEDTLS_CONFIG_H
Paul Bakker5121ce52009-01-03 21:22:43 +000029
Paul Bakkercce9d772011-11-18 14:26:47 +000030#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
Paul Bakker5121ce52009-01-03 21:22:43 +000031#define _CRT_SECURE_NO_DEPRECATE 1
32#endif
33
Paul Bakkerf3b86c12011-01-27 15:24:17 +000034/**
Paul Bakker0a62cd12011-01-21 11:00:08 +000035 * \name SECTION: System support
36 *
37 * This section sets system specific settings.
38 * \{
39 */
40
Paul Bakkerf3b86c12011-01-27 15:24:17 +000041/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020042 * \def MBEDTLS_HAVE_ASM
Paul Bakkerf3b86c12011-01-27 15:24:17 +000043 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020044 * The compiler has support for asm().
Paul Bakker68041ec2009-04-19 21:17:55 +000045 *
46 * Requires support for asm() in compiler.
47 *
48 * Used in:
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010049 * library/aria.c
Paul Bakker68041ec2009-04-19 21:17:55 +000050 * library/timing.c
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000051 * include/mbedtls/bn_mul.h
Paul Bakker68041ec2009-04-19 21:17:55 +000052 *
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010053 * Required by:
54 * MBEDTLS_AESNI_C
55 * MBEDTLS_PADLOCK_C
56 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020057 * Comment to disable the use of assembly code.
Paul Bakker5121ce52009-01-03 21:22:43 +000058 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020059#define MBEDTLS_HAVE_ASM
Paul Bakker5121ce52009-01-03 21:22:43 +000060
Paul Bakkerf3b86c12011-01-27 15:24:17 +000061/**
Gilles Peskineed942f82017-06-08 15:19:20 +020062 * \def MBEDTLS_NO_UDBL_DIVISION
63 *
64 * The platform lacks support for double-width integer division (64-bit
65 * division on a 32-bit platform, 128-bit division on a 64-bit platform).
66 *
67 * Used in:
68 * include/mbedtls/bignum.h
69 * library/bignum.c
70 *
71 * The bignum code uses double-width division to speed up some operations.
72 * Double-width division is often implemented in software that needs to
73 * be linked with the program. The presence of a double-width integer
74 * type is usually detected automatically through preprocessor macros,
75 * but the automatic detection cannot know whether the code needs to
76 * and can be linked with an implementation of division for that type.
77 * By default division is assumed to be usable if the type is present.
78 * Uncomment this option to prevent the use of double-width division.
79 *
80 * Note that division for the native integer type is always required.
81 * Furthermore, a 64-bit type is always required even on a 32-bit
Andres Amaya Garcia2801d002017-07-21 10:56:22 +010082 * platform, but it need not support multiplication or division. In some
83 * cases it is also desirable to disable some double-width operations. For
84 * example, if double-width division is implemented in software, disabling
85 * it can reduce code size in some embedded targets.
Gilles Peskineed942f82017-06-08 15:19:20 +020086 */
87//#define MBEDTLS_NO_UDBL_DIVISION
88
89/**
Manuel Pégourié-Gonnard2adb3752018-06-07 10:51:44 +020090 * \def MBEDTLS_NO_64BIT_MULTIPLICATION
91 *
92 * The platform lacks support for 32x32 -> 64-bit multiplication.
93 *
94 * Used in:
95 * library/poly1305.c
96 *
97 * Some parts of the library may use multiplication of two unsigned 32-bit
98 * operands with a 64-bit result in order to speed up computations. On some
99 * platforms, this is not available in hardware and has to be implemented in
100 * software, usually in a library provided by the toolchain.
101 *
102 * Sometimes it is not desirable to have to link to that library. This option
103 * removes the dependency of that library on platforms that lack a hardware
104 * 64-bit multiplier by embedding a software implementation in Mbed TLS.
105 *
106 * Note that depending on the compiler, this may decrease performance compared
107 * to using the library function provided by the toolchain.
108 */
109//#define MBEDTLS_NO_64BIT_MULTIPLICATION
110
111/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200112 * \def MBEDTLS_HAVE_SSE2
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000113 *
Paul Bakkere23c3152012-10-01 14:42:47 +0000114 * CPU supports SSE2 instruction set.
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000115 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000116 * Uncomment if the CPU supports SSE2 (IA-32 specific).
Paul Bakker5121ce52009-01-03 21:22:43 +0000117 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200118//#define MBEDTLS_HAVE_SSE2
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200119
120/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200121 * \def MBEDTLS_HAVE_TIME
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200122 *
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200123 * System has time.h and time().
124 * The time does not need to be correct, only time differences are used,
125 * by contrast with MBEDTLS_HAVE_TIME_DATE
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200126 *
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +0100127 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
128 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
129 * MBEDTLS_PLATFORM_STD_TIME.
130 *
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200131 * Comment if your system does not support time functions
132 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200133#define MBEDTLS_HAVE_TIME
Manuel Pégourié-Gonnard10934de2013-12-13 12:54:09 +0100134
135/**
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200136 * \def MBEDTLS_HAVE_TIME_DATE
137 *
Hanno Becker4e67cca2018-09-05 16:18:38 +0100138 * System has time.h, time(), and an implementation for
139 * mbedtls_platform_gmtime_r() (see below).
Antonin Décimo36e89b52019-01-23 15:24:37 +0100140 * The time needs to be correct (not necessarily very accurate, but at least
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200141 * the date should be correct). This is used to verify the validity period of
142 * X.509 certificates.
143 *
144 * Comment if your system does not have a correct clock.
Andres Amaya Garcia97f3ecb2018-08-07 20:39:27 +0100145 *
Hanno Becker6a739782018-09-05 15:06:19 +0100146 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
Hanno Beckerc52ef402018-09-05 16:28:59 +0100147 * behaves similarly to the gmtime_r() function from the C standard. Refer to
148 * the documentation for mbedtls_platform_gmtime_r() for more information.
Andres Amaya Garciac99b12b2018-08-21 19:32:44 +0100149 *
150 * \note It is possible to configure an implementation for
Hanno Becker6a739782018-09-05 15:06:19 +0100151 * mbedtls_platform_gmtime_r() at compile-time by using the macro
152 * MBEDTLS_PLATFORM_GMTIME_R_ALT.
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200153 */
154#define MBEDTLS_HAVE_TIME_DATE
155
156/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200157 * \def MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100158 *
159 * Enable the memory allocation layer.
160 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200161 * By default mbed TLS uses the system-provided calloc() and free().
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100162 * This allows different allocators (self-implemented or provided) to be
163 * provided to the platform abstraction layer.
164 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200165 * Enabling MBEDTLS_PLATFORM_MEMORY without the
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200166 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
167 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
Rich Evans16f8cd82015-02-06 16:14:34 +0000168 * free() function pointer at runtime.
169 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200170 * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200171 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
Rich Evans16f8cd82015-02-06 16:14:34 +0000172 * alternate function at compile time.
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100173 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200174 * Requires: MBEDTLS_PLATFORM_C
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100175 *
176 * Enable this layer to allow use of alternative memory allocators.
177 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200178//#define MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100179
180/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200181 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200182 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200183 * Do not assign standard functions in the platform layer (e.g. calloc() to
184 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
Paul Bakker088c5c52014-04-25 11:11:10 +0200185 *
186 * This makes sure there are no linking errors on platforms that do not support
187 * these functions. You will HAVE to provide alternatives, either at runtime
188 * via the platform_set_xxx() functions or at compile time by setting
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200189 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
190 * MBEDTLS_PLATFORM_XXX_MACRO.
Paul Bakker088c5c52014-04-25 11:11:10 +0200191 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200192 * Requires: MBEDTLS_PLATFORM_C
Paul Bakker088c5c52014-04-25 11:11:10 +0200193 *
194 * Uncomment to prevent default assignment of standard functions in the
195 * platform layer.
196 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200197//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200198
199/**
Janos Follathc351d182016-03-21 08:43:59 +0000200 * \def MBEDTLS_PLATFORM_EXIT_ALT
Paul Bakker747a83a2014-02-01 22:50:07 +0100201 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100202 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
203 * function in the platform abstraction layer.
Paul Bakker747a83a2014-02-01 22:50:07 +0100204 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200205 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
206 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
Paul Bakker747a83a2014-02-01 22:50:07 +0100207 * alternative printf function pointer.
208 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200209 * All these define require MBEDTLS_PLATFORM_C to be defined!
Paul Bakker747a83a2014-02-01 22:50:07 +0100210 *
Manuel Pégourié-Gonnard9db28872015-06-26 10:52:01 +0200211 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
212 * it will be enabled automatically by check_config.h
213 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +0200214 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200215 * MBEDTLS_PLATFORM_XXX_MACRO!
Rich Evans16f8cd82015-02-06 16:14:34 +0000216 *
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +0100217 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
218 *
Paul Bakker747a83a2014-02-01 22:50:07 +0100219 * Uncomment a macro to enable alternate implementation of specific base
220 * platform function
221 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200222//#define MBEDTLS_PLATFORM_EXIT_ALT
SimonBd5800b72016-04-26 07:43:27 +0100223//#define MBEDTLS_PLATFORM_TIME_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200224//#define MBEDTLS_PLATFORM_FPRINTF_ALT
225//#define MBEDTLS_PLATFORM_PRINTF_ALT
226//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
k-stachowiak723f8672018-07-16 14:27:07 +0200227//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
Paul Bakkercf0a9f92016-06-01 11:25:44 +0100228//#define MBEDTLS_PLATFORM_NV_SEED_ALT
Andres Amaya Garcia59c20262017-07-18 10:23:04 +0100229//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100230
231/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200232 * \def MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100233 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000234 * Mark deprecated functions and features so that they generate a warning if
235 * used. Functionality deprecated in one version will usually be removed in the
236 * next version. You can enable this to help you prepare the transition to a
237 * new major version by making sure your code is not using this functionality.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100238 *
239 * This only works with GCC and Clang. With other compilers, you may want to
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200240 * use MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100241 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000242 * Uncomment to get warnings on using deprecated functions and features.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100243 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200244//#define MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100245
246/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200247 * \def MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100248 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000249 * Remove deprecated functions and features so that they generate an error if
250 * used. Functionality deprecated in one version will usually be removed in the
251 * next version. You can enable this to help you prepare the transition to a
252 * new major version by making sure your code is not using this functionality.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100253 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000254 * Uncomment to get errors on using deprecated functions and features.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100255 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200256//#define MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100257
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500258/**
259 * \def MBEDTLS_CHECK_PARAMS
260 *
261 * This configuration option controls whether the library validates more of
262 * the parameters passed to it.
263 *
264 * When this flag is not defined, the library only attempts to validate an
265 * input parameter if: (1) they may come from the outside world (such as the
266 * network, the filesystem, etc.) or (2) not validating them could result in
267 * internal memory errors such as overflowing a buffer controlled by the
268 * library. On the other hand, it doesn't attempt to validate parameters whose
269 * values are fully controlled by the application (such as pointers).
270 *
271 * When this flag is defined, the library additionally attempts to validate
272 * parameters that are fully controlled by the application, and should always
273 * be valid if the application code is fully correct and trusted.
274 *
275 * For example, when a function accepts as input a pointer to a buffer that may
276 * contain untrusted data, and its documentation mentions that this pointer
277 * must not be NULL:
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200278 * - The pointer is checked to be non-NULL only if this option is enabled.
279 * - The content of the buffer is always validated.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500280 *
281 * When this flag is defined, if a library function receives a parameter that
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200282 * is invalid:
283 * 1. The function will invoke the macro MBEDTLS_PARAM_FAILED().
284 * 2. If MBEDTLS_PARAM_FAILED() did not terminate the program, the function
285 * will immediately return. If the function returns an Mbed TLS error code,
286 * the error code in this case is MBEDTLS_ERR_xxx_BAD_INPUT_DATA.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500287 *
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200288 * When defining this flag, you also need to arrange a definition for
289 * MBEDTLS_PARAM_FAILED(). You can do this by any of the following methods:
290 * - By default, the library defines MBEDTLS_PARAM_FAILED() to call a
291 * function mbedtls_param_failed(), but the library does not define this
292 * function. If you do not make any other arrangements, you must provide
293 * the function mbedtls_param_failed() in your application.
294 * See `platform_util.h` for its prototype.
295 * - If you enable the macro #MBEDTLS_CHECK_PARAMS_ASSERT, then the
Jaeden Amerodbe4ff82019-07-04 21:15:37 +0100296 * library defines MBEDTLS_PARAM_FAILED(\c cond) to be `assert(cond)`.
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200297 * You can still supply an alternative definition of
298 * MBEDTLS_PARAM_FAILED(), which may call `assert`.
299 * - If you define a macro MBEDTLS_PARAM_FAILED() before including `config.h`
300 * or you uncomment the definition of MBEDTLS_PARAM_FAILED() in `config.h`,
301 * the library will call the macro that you defined and will not supply
302 * its own version. Note that if MBEDTLS_PARAM_FAILED() calls `assert`,
303 * you need to enable #MBEDTLS_CHECK_PARAMS_ASSERT so that library source
304 * files include `<assert.h>`.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500305 *
306 * Uncomment to enable validation of application-controlled parameters.
307 */
308//#define MBEDTLS_CHECK_PARAMS
309
Gilles Peskinec7ad1222019-06-13 16:44:19 +0200310/**
311 * \def MBEDTLS_CHECK_PARAMS_ASSERT
312 *
313 * Allow MBEDTLS_PARAM_FAILED() to call `assert`, and make it default to
314 * `assert`. This macro is only used if #MBEDTLS_CHECK_PARAMS is defined.
315 *
316 * If this macro is not defined, then MBEDTLS_PARAM_FAILED() defaults to
317 * calling a function mbedtls_param_failed(). See the documentation of
318 * #MBEDTLS_CHECK_PARAMS for details.
319 *
320 * Uncomment to allow MBEDTLS_PARAM_FAILED() to call `assert`.
321 */
322//#define MBEDTLS_CHECK_PARAMS_ASSERT
323
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200324/* \} name SECTION: System support */
Paul Bakker0a62cd12011-01-21 11:00:08 +0000325
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000326/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000327 * \name SECTION: mbed TLS feature support
Paul Bakker0a62cd12011-01-21 11:00:08 +0000328 *
329 * This section sets support for features that are or are not needed
330 * within the modules that are enabled.
331 * \{
332 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000333
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000334/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200335 * \def MBEDTLS_TIMING_ALT
Paul Bakkerf2561b32014-02-06 15:11:55 +0100336 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200337 * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
Manuel Pégourié-Gonnarda63bc942015-05-14 18:22:47 +0200338 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
Paul Bakkerf2561b32014-02-06 15:11:55 +0100339 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200340 * Only works if you have MBEDTLS_TIMING_C enabled.
Paul Bakkerf2561b32014-02-06 15:11:55 +0100341 *
342 * You will need to provide a header "timing_alt.h" and an implementation at
343 * compile time.
344 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200345//#define MBEDTLS_TIMING_ALT
Paul Bakkerf2561b32014-02-06 15:11:55 +0100346
347/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100348 * \def MBEDTLS_AES_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200349 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100350 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follathb0697532016-08-18 12:38:46 +0100351 * alternate core implementation of a symmetric crypto, an arithmetic or hash
352 * module (e.g. platform specific assembly optimized implementations). Keep
353 * in mind that the function prototypes should remain the same.
Paul Bakker90995b52013-06-24 19:20:35 +0200354 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200355 * This replaces the whole module. If you only want to replace one of the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200356 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200357 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200358 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
Janos Follathee782bc2016-11-07 15:41:26 +0000359 * provide the "struct mbedtls_aes_context" definition and omit the base
360 * function declarations and implementations. "aes_alt.h" will be included from
Paul Bakker90995b52013-06-24 19:20:35 +0200361 * "aes.h" to include the new function definitions.
362 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200363 * Uncomment a macro to enable alternate implementation of the corresponding
364 * module.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100365 *
366 * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
367 * use constitutes a security risk. If possible, we recommend
368 * avoiding dependencies on them, and considering stronger message
369 * digests and ciphers instead.
370 *
Paul Bakker90995b52013-06-24 19:20:35 +0200371 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200372//#define MBEDTLS_AES_ALT
373//#define MBEDTLS_ARC4_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000374//#define MBEDTLS_ARIA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200375//#define MBEDTLS_BLOWFISH_ALT
376//#define MBEDTLS_CAMELLIA_ALT
Steven Cooreman222e2ff2017-04-04 11:37:15 +0200377//#define MBEDTLS_CCM_ALT
Daniel King34b822c2016-05-15 17:28:08 -0300378//#define MBEDTLS_CHACHA20_ALT
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +0200379//#define MBEDTLS_CHACHAPOLY_ALT
Steven Cooreman63342772017-04-04 11:47:16 +0200380//#define MBEDTLS_CMAC_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200381//#define MBEDTLS_DES_ALT
nirekh01d569ecf2018-01-09 16:43:21 +0000382//#define MBEDTLS_DHM_ALT
Hanno Becker616d1ca2018-01-24 10:25:05 +0000383//#define MBEDTLS_ECJPAKE_ALT
Jaeden Amero15263302017-09-21 12:53:48 +0100384//#define MBEDTLS_GCM_ALT
Ron Eldor466a57f2018-05-03 16:54:28 +0300385//#define MBEDTLS_NIST_KW_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200386//#define MBEDTLS_MD2_ALT
387//#define MBEDTLS_MD4_ALT
388//#define MBEDTLS_MD5_ALT
Daniel Kingadc32c02016-05-16 18:25:45 -0300389//#define MBEDTLS_POLY1305_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200390//#define MBEDTLS_RIPEMD160_ALT
Hanno Becker88683b22018-01-04 18:26:54 +0000391//#define MBEDTLS_RSA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200392//#define MBEDTLS_SHA1_ALT
393//#define MBEDTLS_SHA256_ALT
394//#define MBEDTLS_SHA512_ALT
Hanno Becker88683b22018-01-04 18:26:54 +0000395//#define MBEDTLS_XTEA_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000396
Janos Follathb0697532016-08-18 12:38:46 +0100397/*
398 * When replacing the elliptic curve module, pleace consider, that it is
399 * implemented with two .c files:
400 * - ecp.c
401 * - ecp_curves.c
Janos Follathee782bc2016-11-07 15:41:26 +0000402 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
403 * macros as described above. The only difference is that you have to make sure
404 * that you provide functionality for both .c files.
Janos Follathb0697532016-08-18 12:38:46 +0100405 */
406//#define MBEDTLS_ECP_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200407
408/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100409 * \def MBEDTLS_MD2_PROCESS_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200410 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100411 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
412 * alternate core implementation of symmetric crypto or hash function. Keep in
413 * mind that function prototypes should remain the same.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200414 *
415 * This replaces only one function. The header file from mbed TLS is still
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200416 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200417 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200418 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
419 * no longer provide the mbedtls_sha1_process() function, but it will still provide
420 * the other function (using your mbedtls_sha1_process() function) and the definition
421 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200422 * with this definition.
423 *
Hanno Beckera5723f42017-06-26 12:46:19 +0100424 * \note Because of a signature change, the core AES encryption and decryption routines are
425 * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
426 * respectively. When setting up alternative implementations, these functions should
Antonin Décimo36e89b52019-01-23 15:24:37 +0100427 * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
Hanno Becker2de930f2017-07-20 09:50:59 +0100428 * must stay untouched.
Hanno Beckera5723f42017-06-26 12:46:19 +0100429 *
430 * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
431 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
432 * tables.
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200433 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200434 * Uncomment a macro to enable alternate implementation of the corresponding
435 * function.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100436 *
437 * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
438 * constitutes a security risk. If possible, we recommend avoiding
439 * dependencies on them, and considering stronger message digests
440 * and ciphers instead.
441 *
Janos Follath1231d212019-01-07 15:01:32 +0000442 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are
443 * enabled, then the deterministic ECDH signature functions pass the
444 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore
445 * alternative implementations should use the RNG only for generating
446 * the ephemeral key and nothing else. If this is not possible, then
447 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative
448 * implementation should be provided for mbedtls_ecdsa_sign_det_ext()
449 * (and for mbedtls_ecdsa_sign_det() too if backward compatibility is
450 * desirable).
451 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200452 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200453//#define MBEDTLS_MD2_PROCESS_ALT
454//#define MBEDTLS_MD4_PROCESS_ALT
455//#define MBEDTLS_MD5_PROCESS_ALT
456//#define MBEDTLS_RIPEMD160_PROCESS_ALT
457//#define MBEDTLS_SHA1_PROCESS_ALT
458//#define MBEDTLS_SHA256_PROCESS_ALT
459//#define MBEDTLS_SHA512_PROCESS_ALT
Manuel Pégourié-Gonnard70a50102015-05-12 15:02:45 +0200460//#define MBEDTLS_DES_SETKEY_ALT
461//#define MBEDTLS_DES_CRYPT_ECB_ALT
462//#define MBEDTLS_DES3_CRYPT_ECB_ALT
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200463//#define MBEDTLS_AES_SETKEY_ENC_ALT
464//#define MBEDTLS_AES_SETKEY_DEC_ALT
465//#define MBEDTLS_AES_ENCRYPT_ALT
466//#define MBEDTLS_AES_DECRYPT_ALT
Ron Eldora84c1cb2017-10-10 19:04:27 +0300467//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
Ron Eldor3226d362017-10-12 14:17:48 +0300468//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
Ron Eldor314adb62017-10-10 18:28:25 +0300469//#define MBEDTLS_ECDSA_VERIFY_ALT
470//#define MBEDTLS_ECDSA_SIGN_ALT
471//#define MBEDTLS_ECDSA_GENKEY_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200472
473/**
Janos Follathc44ab972016-11-18 16:38:23 +0000474 * \def MBEDTLS_ECP_INTERNAL_ALT
475 *
476 * Expose a part of the internal interface of the Elliptic Curve Point module.
Janos Follathb0697532016-08-18 12:38:46 +0100477 *
478 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follath372697b2016-10-28 16:53:11 +0100479 * alternative core implementation of elliptic curve arithmetic. Keep in mind
480 * that function prototypes should remain the same.
Janos Follathb0697532016-08-18 12:38:46 +0100481 *
482 * This partially replaces one function. The header file from mbed TLS is still
483 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
484 * is still present and it is used for group structures not supported by the
485 * alternative.
486 *
Janos Follathc44ab972016-11-18 16:38:23 +0000487 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
488 * and implementing the following functions:
489 * unsigned char mbedtls_internal_ecp_grp_capable(
490 * const mbedtls_ecp_group *grp )
491 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500492 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
Janos Follathc44ab972016-11-18 16:38:23 +0000493 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
494 * replacement functions implement arithmetic for the given group and 0
495 * otherwise.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500496 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
Janos Follathc44ab972016-11-18 16:38:23 +0000497 * called before and after each point operation and provide an opportunity to
498 * implement optimized set up and tear down instructions.
Janos Follathb0697532016-08-18 12:38:46 +0100499 *
Janos Follathc44ab972016-11-18 16:38:23 +0000500 * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
Janos Follath4d9c69d2016-11-01 13:27:03 +0000501 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
Janos Follathc44ab972016-11-18 16:38:23 +0000502 * function, but will use your mbedtls_internal_ecp_double_jac if the group is
503 * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
504 * receives it as an argument). If the group is not supported then the original
Janos Follathee782bc2016-11-07 15:41:26 +0000505 * implementation is used. The other functions and the definition of
506 * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
Janos Follathc44ab972016-11-18 16:38:23 +0000507 * implementation of mbedtls_internal_ecp_double_jac and
508 * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
Janos Follathb0697532016-08-18 12:38:46 +0100509 *
510 * Uncomment a macro to enable alternate implementation of the corresponding
511 * function.
512 */
513/* Required for all the functions in this section */
Janos Follathc44ab972016-11-18 16:38:23 +0000514//#define MBEDTLS_ECP_INTERNAL_ALT
Janos Follathb0697532016-08-18 12:38:46 +0100515/* Support for Weierstrass curves with Jacobi representation */
516//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
517//#define MBEDTLS_ECP_ADD_MIXED_ALT
518//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
519//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
520//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
521/* Support for curves with Montgomery arithmetic */
522//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
523//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
524//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
525
526/**
Simon Butcherab5df402016-06-11 02:31:21 +0100527 * \def MBEDTLS_TEST_NULL_ENTROPY
Janos Follath53de7842016-06-08 15:29:18 +0100528 *
Simon Butcherab5df402016-06-11 02:31:21 +0100529 * Enables testing and use of mbed TLS without any configured entropy sources.
530 * This permits use of the library on platforms before an entropy source has
531 * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
532 * MBEDTLS_ENTROPY_NV_SEED switches).
533 *
534 * WARNING! This switch MUST be disabled in production builds, and is suitable
535 * only for development.
536 * Enabling the switch negates any security provided by the library.
Janos Follath53de7842016-06-08 15:29:18 +0100537 *
Janos Follathf93b8bc2016-06-09 13:54:15 +0100538 * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
539 *
Janos Follath53de7842016-06-08 15:29:18 +0100540 */
Simon Butcherab5df402016-06-11 02:31:21 +0100541//#define MBEDTLS_TEST_NULL_ENTROPY
Janos Follath53de7842016-06-08 15:29:18 +0100542
543/**
Manuel Pégourié-Gonnard8ba88f02015-06-22 12:14:20 +0200544 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
Manuel Pégourié-Gonnard3f77dfb2015-06-19 10:06:21 +0200545 *
546 * Uncomment this macro to let mbed TLS use your own implementation of a
547 * hardware entropy collector.
548 *
549 * Your function must be called \c mbedtls_hardware_poll(), have the same
550 * prototype as declared in entropy_poll.h, and accept NULL as first argument.
551 *
552 * Uncomment to use your own hardware entropy collector.
553 */
554//#define MBEDTLS_ENTROPY_HARDWARE_ALT
555
556/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200557 * \def MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000558 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100559 * Use precomputed AES tables stored in ROM.
Paul Bakker15566e42011-04-24 21:19:15 +0000560 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100561 * Uncomment this macro to use precomputed AES tables stored in ROM.
562 * Comment this macro to generate AES tables in RAM at runtime.
563 *
Hanno Becker4c1dc3c2018-03-27 16:52:03 +0100564 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
565 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
Hanno Becker6a92ce62018-03-28 11:42:05 +0100566 * initialization time before the first AES operation can be performed.
567 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
568 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
569 * performance if ROM access is slower than RAM access.
Hanno Becker177d3cf2017-06-07 15:52:48 +0100570 *
571 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
572 *
Paul Bakker15566e42011-04-24 21:19:15 +0000573 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200574//#define MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000575
576/**
Hanno Becker177d3cf2017-06-07 15:52:48 +0100577 * \def MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200578 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100579 * Use less ROM/RAM for AES tables.
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200580 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100581 * Uncommenting this macro omits 75% of the AES tables from
582 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
583 * by computing their values on the fly during operations
584 * (the tables are entry-wise rotations of one another).
585 *
586 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
Hanno Becker08a5c182017-06-19 16:33:58 +0100587 * by ~6kb but at the cost of more arithmetic operations during
Hanno Becker177d3cf2017-06-07 15:52:48 +0100588 * runtime. Specifically, one has to compare 4 accesses within
589 * different tables to 4 accesses with additional arithmetic
590 * operations within the same table. The performance gain/loss
591 * depends on the system and memory details.
592 *
593 * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
594 *
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200595 */
Hanno Becker177d3cf2017-06-07 15:52:48 +0100596//#define MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200597
598/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200599 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200600 *
601 * Use less ROM for the Camellia implementation (saves about 768 bytes).
602 *
603 * Uncomment this macro to use less memory for Camellia.
604 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200605//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200606
607/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200608 * \def MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200609 *
610 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
611 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200612#define MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200613
614/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200615 * \def MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000616 *
617 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
618 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200619#define MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000620
621/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200622 * \def MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000623 *
624 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
625 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200626#define MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000627
628/**
Jaeden Ameroff2f4932018-06-14 11:38:50 +0100629 * \def MBEDTLS_CIPHER_MODE_OFB
630 *
631 * Enable Output Feedback mode (OFB) for symmetric ciphers.
632 */
633#define MBEDTLS_CIPHER_MODE_OFB
634
635/**
636 * \def MBEDTLS_CIPHER_MODE_XTS
637 *
638 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
639 */
640#define MBEDTLS_CIPHER_MODE_XTS
641
642/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200643 * \def MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000644 *
645 * Enable NULL cipher.
646 * Warning: Only do so when you know what you are doing. This allows for
647 * encryption or channels without any security!
648 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200649 * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
Paul Bakkerfab5c822012-02-06 16:45:10 +0000650 * the following ciphersuites:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200651 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
652 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
653 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
654 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
655 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
656 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
657 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
658 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
659 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
660 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
661 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
662 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
663 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
664 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
665 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
666 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
667 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
668 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
669 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
Paul Bakkerfab5c822012-02-06 16:45:10 +0000670 *
671 * Uncomment this macro to enable the NULL cipher and ciphersuites
Paul Bakkerfab5c822012-02-06 16:45:10 +0000672 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200673//#define MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000674
675/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100676 * \def MBEDTLS_CIPHER_PADDING_PKCS7
Paul Bakker48e93c82013-08-14 12:21:18 +0200677 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100678 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
679 * specific padding modes in the cipher layer with cipher modes that support
680 * padding (e.g. CBC)
Paul Bakker48e93c82013-08-14 12:21:18 +0200681 *
682 * If you disable all padding modes, only full blocks can be used with CBC.
683 *
684 * Enable padding modes in the cipher layer.
685 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200686#define MBEDTLS_CIPHER_PADDING_PKCS7
687#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
688#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
689#define MBEDTLS_CIPHER_PADDING_ZEROS
Paul Bakker48e93c82013-08-14 12:21:18 +0200690
Gilles Peskine1540e5b2019-10-03 14:21:14 +0200691/** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
692 *
693 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module.
694 * By default, CTR_DRBG uses a 256-bit key.
695 */
696//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
697
Paul Bakker48e93c82013-08-14 12:21:18 +0200698/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200699 * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
Paul Bakkerfab5c822012-02-06 16:45:10 +0000700 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200701 * Enable weak ciphersuites in SSL / TLS.
Paul Bakkerfab5c822012-02-06 16:45:10 +0000702 * Warning: Only do so when you know what you are doing. This allows for
Paul Bakker9a736322012-11-14 12:39:52 +0000703 * channels with virtually no security at all!
Paul Bakkerfab5c822012-02-06 16:45:10 +0000704 *
705 * This enables the following ciphersuites:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200706 * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
707 * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
Paul Bakkerfab5c822012-02-06 16:45:10 +0000708 *
709 * Uncomment this macro to enable weak ciphersuites
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100710 *
711 * \warning DES is considered a weak cipher and its use constitutes a
712 * security risk. We recommend considering stronger ciphers instead.
Paul Bakkerfab5c822012-02-06 16:45:10 +0000713 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200714//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
Paul Bakkerfab5c822012-02-06 16:45:10 +0000715
716/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200717 * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200718 *
719 * Remove RC4 ciphersuites by default in SSL / TLS.
720 * This flag removes the ciphersuites based on RC4 from the default list as
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200721 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
Manuel Pégourié-Gonnard6729e792015-05-11 09:50:24 +0200722 * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200723 * explicitly.
724 *
725 * Uncomment this macro to remove RC4 ciphersuites by default.
726 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200727#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200728
729/**
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000730 * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES
731 *
732 * Remove 3DES ciphersuites by default in SSL / TLS.
733 * This flag removes the ciphersuites based on 3DES from the default list as
734 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible
735 * to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including
736 * them explicitly.
737 *
Andres Amaya Garciabdfba792019-02-11 21:47:30 +0000738 * A man-in-the-browser attacker can recover authentication tokens sent through
Andres Amaya Garcia22a89052018-11-26 20:57:49 +0000739 * a TLS connection using a 3DES based cipher suite (see "On the Practical
740 * (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan
741 * Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls
742 * in your threat model or you are unsure, then you should keep this option
743 * enabled to remove 3DES based cipher suites.
744 *
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000745 * Comment this macro to keep 3DES in the default ciphersuite list.
746 */
747#define MBEDTLS_REMOVE_3DES_CIPHERSUITES
748
749/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100750 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200751 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100752 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
753 * module. By default all supported curves are enabled.
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200754 *
755 * Comment macros to disable the curve and functions for it
756 */
Gilles Peskine799e5762018-09-14 17:34:00 +0200757/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200758#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
759#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
760#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
761#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
762#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
763#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
764#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
765#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
766#define MBEDTLS_ECP_DP_BP256R1_ENABLED
767#define MBEDTLS_ECP_DP_BP384R1_ENABLED
768#define MBEDTLS_ECP_DP_BP512R1_ENABLED
Gilles Peskine799e5762018-09-14 17:34:00 +0200769/* Montgomery curves (supporting ECP) */
Manuel Pégourié-Gonnard07894332015-06-23 00:18:41 +0200770#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
Nicholas Wilson08f3ef12015-11-10 13:10:01 +0000771#define MBEDTLS_ECP_DP_CURVE448_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200772
773/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200774 * \def MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200775 *
776 * Enable specific 'modulo p' routines for each NIST prime.
777 * Depending on the prime and architecture, makes operations 4 to 8 times
778 * faster on the corresponding curve.
779 *
780 * Comment this macro to disable NIST curves optimisation.
781 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200782#define MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200783
784/**
Manuel Pégourié-Gonnard1a3f9ed2020-05-19 12:38:31 +0200785 * \def MBEDTLS_ECP_NO_INTERNAL_RNG
786 *
787 * When this option is disabled, mbedtls_ecp_mul() will make use of an
788 * internal RNG when called with a NULL \c f_rng argument, in order to protect
789 * against some side-channel attacks.
790 *
791 * This protection introduces a dependency of the ECP module on one of the
792 * DRBG modules. For very constrained implementations that don't require this
793 * protection (for example, because you're only doing signature verification,
794 * so not manipulating any secret, or because local/physical side-channel
795 * attacks are outside your threat model), it might be desirable to get rid of
796 * that dependency.
797 *
798 * \warning Enabling this option makes some uses of ECP vulnerable to some
799 * side-channel attacks. Only enable it if you know that's not a problem for
800 * your use case.
801 *
802 * Uncomment this macro to disable some counter-measures in ECP.
803 */
804//#define MBEDTLS_ECP_NO_INTERNAL_RNG
805
806/**
Manuel Pégourié-Gonnard4b9c51e2017-04-20 15:50:26 +0200807 * \def MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100808 *
809 * Enable "non-blocking" ECC operations that can return early and be resumed.
810 *
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200811 * This allows various functions to pause by returning
812 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
813 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
814 * order to further progress and eventually complete their operation. This is
815 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
816 * number of ECC operations a function may perform before pausing; see
817 * mbedtls_ecp_set_max_ops() for more information.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100818 *
Manuel Pégourié-Gonnard8b7b96b2017-08-23 10:02:51 +0200819 * This is useful in non-threaded environments if you want to avoid blocking
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200820 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100821 *
Manuel Pégourié-Gonnardc9e16a92017-08-15 14:30:59 +0200822 * Uncomment this macro to enable restartable ECC computations.
Ron Eldor5ed8c1e2018-11-05 14:04:26 +0200823 *
Ron Eldor19779c42018-11-05 16:58:13 +0200824 * \note This option only works with the default software implementation of
825 * elliptic curve functionality. It is incompatible with
Gilles Peskine43f564f2019-02-22 12:14:02 +0100826 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT
827 * and MBEDTLS_ECDH_LEGACY_CONTEXT.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100828 */
Manuel Pégourié-Gonnardc9e16a92017-08-15 14:30:59 +0200829//#define MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100830
831/**
Gilles Peskine43f564f2019-02-22 12:14:02 +0100832 * \def MBEDTLS_ECDH_LEGACY_CONTEXT
833 *
834 * Use a backward compatible ECDH context.
835 *
836 * Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context
837 * defined in `ecdh.h`). For most applications, the choice of format makes
838 * no difference, since all library functions can work with either format,
839 * except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE.
840
841 * The new format used when this option is disabled is smaller
842 * (56 bytes on a 32-bit platform). In future versions of the library, it
843 * will support alternative implementations of ECDH operations.
844 * The new format is incompatible with applications that access
845 * context fields directly and with restartable ECP operations.
846 *
847 * Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you
848 * want to access ECDH context fields directly. Otherwise you should
849 * comment out this macro definition.
850 *
851 * This option has no effect if #MBEDTLS_ECDH_C is not enabled.
852 *
853 * \note This configuration option is experimental. Future versions of the
854 * library may modify the way the ECDH context layout is configured
855 * and may modify the layout of the new context type.
856 */
857#define MBEDTLS_ECDH_LEGACY_CONTEXT
858
859/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200860 * \def MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100861 *
862 * Enable deterministic ECDSA (RFC 6979).
863 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
864 * may result in a compromise of the long-term signing key. This is avoided by
865 * the deterministic variant.
866 *
John Durkop36a82e52020-10-26 09:39:05 -0700867 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C
Manuel Pégourié-Gonnard5b1a5732014-01-07 16:46:17 +0100868 *
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100869 * Comment this macro to disable deterministic ECDSA.
870 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200871#define MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100872
873/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200874 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200875 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200876 * Enable the PSK based ciphersuite modes in SSL / TLS.
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200877 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200878 * This enables the following ciphersuites (if other requisites are
879 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200880 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
881 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
882 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
883 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
884 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
885 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
886 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
887 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
888 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
889 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
890 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
891 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200892 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200893#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200894
895/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200896 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200897 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200898 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200899 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200900 * Requires: MBEDTLS_DHM_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200901 *
902 * This enables the following ciphersuites (if other requisites are
903 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200904 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
905 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
906 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
907 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
908 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
909 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
910 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
911 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
912 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
913 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
914 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
915 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
Hanno Beckera2f6b722017-09-28 10:33:29 +0100916 *
Hanno Beckerf9734b32017-10-03 12:09:22 +0100917 * \warning Using DHE constitutes a security risk as it
918 * is not possible to validate custom DH parameters.
919 * If possible, it is recommended users should consider
920 * preferring other methods of key exchange.
921 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +0100922 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200923 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200924#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200925
926/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200927 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200928 *
929 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
930 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200931 * Requires: MBEDTLS_ECDH_C
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200932 *
933 * This enables the following ciphersuites (if other requisites are
934 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200935 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
936 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
937 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
938 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
939 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
940 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
941 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
942 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200943 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200944#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200945
946/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200947 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200948 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200949 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
Manuel Pégourié-Gonnard0fae60b2013-10-14 17:39:48 +0200950 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200951 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
952 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200953 *
954 * This enables the following ciphersuites (if other requisites are
955 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200956 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
957 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
958 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
959 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
960 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
961 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
962 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
963 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
964 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
965 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
966 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
967 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
Paul Bakkere07f41d2013-04-19 09:08:57 +0200968 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200969#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200970
971/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200972 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200973 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200974 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200975 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200976 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
977 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200978 *
979 * This enables the following ciphersuites (if other requisites are
980 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200981 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
982 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
983 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
984 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
985 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
986 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
987 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
988 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
989 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
990 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
991 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
992 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
993 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
994 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
995 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
Paul Bakkere07f41d2013-04-19 09:08:57 +0200996 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200997#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200998
999/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001000 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +02001001 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001002 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +02001003 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001004 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
1005 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +02001006 *
1007 * This enables the following ciphersuites (if other requisites are
1008 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001009 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
1010 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
1011 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
1012 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
1013 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
1014 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
1015 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
1016 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
1017 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
1018 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
1019 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
1020 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
1021 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Hanno Beckera2f6b722017-09-28 10:33:29 +01001022 *
Hanno Beckerf9734b32017-10-03 12:09:22 +01001023 * \warning Using DHE constitutes a security risk as it
1024 * is not possible to validate custom DH parameters.
1025 * If possible, it is recommended users should consider
1026 * preferring other methods of key exchange.
1027 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +01001028 *
Paul Bakkere07f41d2013-04-19 09:08:57 +02001029 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001030#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +02001031
1032/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001033 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +02001034 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001035 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +02001036 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001037 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
1038 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +02001039 *
1040 * This enables the following ciphersuites (if other requisites are
1041 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001042 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
1043 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
1044 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
1045 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
1046 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
1047 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
1048 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
1049 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
1050 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
1051 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
1052 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
1053 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
Paul Bakkere07f41d2013-04-19 09:08:57 +02001054 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001055#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +02001056
1057/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001058 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +02001059 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001060 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +02001061 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001062 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +02001063 *
1064 * This enables the following ciphersuites (if other requisites are
1065 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001066 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
1067 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
1068 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
1069 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
1070 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1071 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
1072 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
1073 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
1074 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1075 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1076 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
1077 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +02001078 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001079#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +02001080
1081/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001082 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001083 *
1084 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
1085 *
Gilles Peskine7ab66a62018-09-14 17:47:41 +02001086 * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001087 *
1088 * This enables the following ciphersuites (if other requisites are
1089 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001090 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
1091 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
1092 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
1093 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
1094 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
1095 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
1096 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
1097 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
1098 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1099 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1100 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1101 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001102 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001103#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001104
1105/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001106 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001107 *
1108 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
1109 *
Gilles Peskine7ab66a62018-09-14 17:47:41 +02001110 * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001111 *
1112 * This enables the following ciphersuites (if other requisites are
1113 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001114 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
1115 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
1116 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
1117 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
1118 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
1119 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
1120 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
1121 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
1122 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
1123 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
1124 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
1125 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001126 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001127#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001128
1129/**
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001130 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1131 *
1132 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
1133 *
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +02001134 * \warning This is currently experimental. EC J-PAKE support is based on the
1135 * Thread v1.0.0 specification; incompatible changes to the specification
1136 * might still happen. For this reason, this is disabled by default.
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001137 *
1138 * Requires: MBEDTLS_ECJPAKE_C
1139 * MBEDTLS_SHA256_C
1140 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
1141 *
1142 * This enables the following ciphersuites (if other requisites are
1143 * enabled as well):
1144 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
1145 */
Manuel Pégourié-Gonnardcf828932015-10-20 14:57:00 +02001146//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001147
1148/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001149 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001150 *
1151 * Enhance support for reading EC keys using variants of SEC1 not allowed by
1152 * RFC 5915 and RFC 5480.
1153 *
1154 * Currently this means parsing the SpecifiedECDomain choice of EC
1155 * parameters (only known groups are supported, not arbitrary domains, to
1156 * avoid validation issues).
1157 *
1158 * Disable if you only need to support RFC 5915 + 5480 key formats.
1159 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001160#define MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001161
1162/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001163 * \def MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001164 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001165 * Enable a dummy error function to make use of mbedtls_strerror() in
1166 * third party libraries easier when MBEDTLS_ERROR_C is disabled
1167 * (no effect when MBEDTLS_ERROR_C is enabled).
Manuel Pégourié-Gonnarddc16aa72014-06-25 12:55:12 +02001168 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001169 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
1170 * not using mbedtls_strerror() or error_strerror() in your application.
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001171 *
1172 * Disable if you run into name conflicts and want to really remove the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001173 * mbedtls_strerror()
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001174 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001175#define MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001176
1177/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001178 * \def MBEDTLS_GENPRIME
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001179 *
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02001180 * Enable the prime-number generation code.
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001181 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001182 * Requires: MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00001183 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001184#define MBEDTLS_GENPRIME
Paul Bakker5121ce52009-01-03 21:22:43 +00001185
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001186/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001187 * \def MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001188 *
1189 * Enable functions that use the filesystem.
1190 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001191#define MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001192
1193/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001194 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001195 *
Mateusz Starzyk0fdcc8e2021-01-29 16:46:31 +01001196 * Do not add default entropy sources. These are the platform specific
1197 * or mbedtls_timing_hardclock poll function.
Paul Bakker43655f42011-12-15 20:11:16 +00001198 *
Shuo Chen95a0d112014-04-04 21:04:40 -07001199 * This is useful to have more control over the added entropy sources in an
Paul Bakker43655f42011-12-15 20:11:16 +00001200 * application.
1201 *
1202 * Uncomment this macro to prevent loading of default entropy functions.
Paul Bakker43655f42011-12-15 20:11:16 +00001203 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001204//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001205
1206/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001207 * \def MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001208 *
1209 * Do not use built-in platform entropy functions.
1210 * This is useful if your platform does not support
1211 * standards like the /dev/urandom or Windows CryptoAPI.
1212 *
1213 * Uncomment this macro to disable the built-in platform entropy functions.
Paul Bakker6083fd22011-12-03 21:45:14 +00001214 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001215//#define MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001216
1217/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001218 * \def MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001219 *
1220 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
1221 * default SHA-512 based one (if both are available).
1222 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001223 * Requires: MBEDTLS_SHA256_C
Paul Bakker2ceda572014-02-06 15:55:25 +01001224 *
1225 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
1226 * if you have performance concerns.
1227 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001228 * This option is only useful if both MBEDTLS_SHA256_C and
1229 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
Paul Bakker2ceda572014-02-06 15:55:25 +01001230 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001231//#define MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001232
1233/**
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001234 * \def MBEDTLS_ENTROPY_NV_SEED
1235 *
1236 * Enable the non-volatile (NV) seed file-based entropy source.
1237 * (Also enables the NV seed read/write functions in the platform layer)
1238 *
1239 * This is crucial (if not required) on systems that do not have a
1240 * cryptographic entropy source (in hardware or kernel) available.
1241 *
1242 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
1243 *
Paul Bakker71a597a2016-06-07 10:59:03 +01001244 * \note The read/write functions that are used by the entropy source are
1245 * determined in the platform layer, and can be modified at runtime and/or
1246 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
1247 *
1248 * \note If you use the default implementation functions that read a seedfile
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001249 * with regular fopen(), please make sure you make a seedfile with the
1250 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
1251 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
Paul Bakker71a597a2016-06-07 10:59:03 +01001252 * and written to or you will get an entropy source error! The default
1253 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
1254 * bytes from the file.
1255 *
1256 * \note The entropy collector will write to the seed file before entropy is
1257 * given to an external source, to update it.
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001258 */
1259//#define MBEDTLS_ENTROPY_NV_SEED
1260
Ronald Cron71016a92020-08-28 19:01:50 +02001261/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001262 *
Ronald Cron71016a92020-08-28 19:01:50 +02001263 * Enable key identifiers that encode a key owner identifier.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001264 *
Ronald Cron9a2511e2020-09-14 10:02:56 +02001265 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1266 * which is currently hard-coded to be int32_t.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001267 *
1268 * Note that this option is meant for internal use only and may be removed
Ronald Cron77c89f52020-11-10 17:45:56 +01001269 * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001270 */
Ronald Cron71016a92020-08-28 19:01:50 +02001271//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001272
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001273/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001274 * \def MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001275 *
1276 * Enable debugging of buffer allocator memory issues. Automatically prints
1277 * (to stderr) all (fatal) messages on memory allocation issues. Enables
1278 * function for 'debug output' of allocated memory.
1279 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001280 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02001281 *
1282 * Uncomment this macro to let the buffer allocator print out error messages.
Paul Bakkera7ea6a52013-10-15 11:55:10 +02001283 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001284//#define MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001285
1286/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001287 * \def MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001288 *
1289 * Include backtrace information with each allocated block.
1290 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001291 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02001292 * GLIBC-compatible backtrace() an backtrace_symbols() support
1293 *
1294 * Uncomment this macro to include backtrace information
Paul Bakker6e339b52013-07-03 13:37:05 +02001295 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001296//#define MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001297
1298/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001299 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001300 *
1301 * Support external private RSA keys (eg from a HSM) in the PK layer.
1302 *
1303 * Comment this macro to disable support for external private RSA keys.
1304 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001305#define MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001306
1307/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001308 * \def MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001309 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001310 * Enable support for PKCS#1 v1.5 encoding.
1311 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001312 * Requires: MBEDTLS_RSA_C
Paul Bakker48377d92013-08-30 12:06:24 +02001313 *
Paul Bakker48377d92013-08-30 12:06:24 +02001314 * This enables support for PKCS#1 v1.5 operations.
1315 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001316#define MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001317
1318/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001319 * \def MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001320 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001321 * Enable support for PKCS#1 v2.1 encoding.
1322 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001323 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
Paul Bakker5690efc2011-05-26 13:16:06 +00001324 *
Paul Bakker9dcc3222011-03-08 14:16:06 +00001325 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
1326 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001327#define MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001328
Steven Cooreman0d59f7b02020-07-16 20:27:57 +02001329/** \def MBEDTLS_PSA_CRYPTO_DRIVERS
1330 *
1331 * Enable support for the experimental PSA crypto driver interface.
1332 *
John Durkop185764f2020-10-12 21:32:12 -07001333 * Requires: MBEDTLS_PSA_CRYPTO_C
Steven Cooreman0d59f7b02020-07-16 20:27:57 +02001334 *
1335 * \warning This interface is experimental and may change or be removed
1336 * without notice.
1337 */
1338//#define MBEDTLS_PSA_CRYPTO_DRIVERS
1339
Gilles Peskinef08b3f82020-11-13 17:36:48 +01001340/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1341 *
1342 * Make the PSA Crypto module use an external random generator provided
1343 * by a driver, instead of Mbed TLS's entropy and DRBG modules.
1344 *
Gilles Peskineb663a602020-11-18 15:27:37 +01001345 * \note This random generator must deliver random numbers with cryptographic
1346 * quality and high performance. It must supply unpredictable numbers
1347 * with a uniform distribution. The implementation of this function
1348 * is responsible for ensuring that the random generator is seeded
1349 * with sufficient entropy. If you have a hardware TRNG which is slow
1350 * or delivers non-uniform output, declare it as an entropy source
1351 * with mbedtls_entropy_add_source() instead of enabling this option.
1352 *
Gilles Peskineb0a748e2020-11-30 12:01:54 +01001353 * If you enable this option, you must configure the type
Gilles Peskineb8af2282020-11-13 18:00:34 +01001354 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h
1355 * and define a function called mbedtls_psa_external_get_random()
1356 * with the following prototype:
Gilles Peskinef08b3f82020-11-13 17:36:48 +01001357 * ```
1358 * psa_status_t mbedtls_psa_external_get_random(
1359 * mbedtls_psa_external_random_context_t *context,
1360 * uint8_t *output, size_t output_size, size_t *output_length);
1361 * );
1362 * ```
1363 * The \c context value is initialized to 0 before the first call.
1364 * The function must fill the \c output buffer with \p output_size bytes
1365 * of random data and set \c *output_length to \p output_size.
1366 *
1367 * Requires: MBEDTLS_PSA_CRYPTO_C
1368 *
1369 * \warning If you enable this option, code that uses the PSA cryptography
1370 * interface will not use any of the entropy sources set up for
1371 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED
1372 * enables.
1373 *
1374 * \note This option is experimental and may be removed without notice.
1375 */
1376//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1377
Paul Bakker9dcc3222011-03-08 14:16:06 +00001378/**
Andrzej Kurekc6905232019-02-05 05:23:41 -05001379 * \def MBEDTLS_PSA_CRYPTO_SPM
1380 *
1381 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
1382 * Partition Manager) integration which separates the code into two parts: a
1383 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
1384 * Environment).
1385 *
1386 * Module: library/psa_crypto.c
1387 * Requires: MBEDTLS_PSA_CRYPTO_C
1388 *
1389 */
1390//#define MBEDTLS_PSA_CRYPTO_SPM
1391
1392/**
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001393 * \def MBEDTLS_PSA_INJECT_ENTROPY
Andrzej Kurekc6905232019-02-05 05:23:41 -05001394 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001395 * Enable support for entropy injection at first boot. This feature is
1396 * required on systems that do not have a built-in entropy source (TRNG).
1397 * This feature is currently not supported on systems that have a built-in
1398 * entropy source.
Andrzej Kurekc6905232019-02-05 05:23:41 -05001399 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001400 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
Andrzej Kurekc6905232019-02-05 05:23:41 -05001401 *
1402 */
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001403//#define MBEDTLS_PSA_INJECT_ENTROPY
Andrzej Kurekc6905232019-02-05 05:23:41 -05001404
1405/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001406 * \def MBEDTLS_RSA_NO_CRT
Paul Bakker0216cc12011-03-26 13:40:23 +00001407 *
Hanno Becker88ec2382017-05-03 13:51:16 +01001408 * Do not use the Chinese Remainder Theorem
1409 * for the RSA private operation.
Paul Bakker0216cc12011-03-26 13:40:23 +00001410 *
1411 * Uncomment this macro to disable the use of CRT in RSA.
1412 *
Paul Bakker0216cc12011-03-26 13:40:23 +00001413 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001414//#define MBEDTLS_RSA_NO_CRT
Paul Bakker15566e42011-04-24 21:19:15 +00001415
1416/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001417 * \def MBEDTLS_SELF_TEST
Paul Bakker15566e42011-04-24 21:19:15 +00001418 *
1419 * Enable the checkup functions (*_self_test).
1420 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001421#define MBEDTLS_SELF_TEST
Paul Bakker5c721f92011-07-27 16:51:09 +00001422
1423/**
Manuel Pégourié-Gonnardeb0d8702015-05-28 12:54:04 +02001424 * \def MBEDTLS_SHA256_SMALLER
1425 *
1426 * Enable an implementation of SHA-256 that has lower ROM footprint but also
1427 * lower performance.
1428 *
1429 * The default implementation is meant to be a reasonnable compromise between
1430 * performance and size. This version optimizes more aggressively for size at
1431 * the expense of performance. Eg on Cortex-M4 it reduces the size of
1432 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
1433 * 30%.
1434 *
1435 * Uncomment to enable the smaller implementation of SHA256.
1436 */
1437//#define MBEDTLS_SHA256_SMALLER
1438
1439/**
Manuel Pégourié-Gonnard2306d152019-07-17 12:36:53 +02001440 * \def MBEDTLS_SHA512_SMALLER
1441 *
1442 * Enable an implementation of SHA-512 that has lower ROM footprint but also
1443 * lower performance.
1444 *
1445 * Uncomment to enable the smaller implementation of SHA512.
1446 */
1447//#define MBEDTLS_SHA512_SMALLER
1448
1449/**
Manuel Pégourié-Gonnardad6cb112019-07-17 14:58:03 +02001450 * \def MBEDTLS_SHA512_NO_SHA384
1451 *
1452 * Disable the SHA-384 option of the SHA-512 module. Use this to save some
1453 * code size on devices that don't use SHA-384.
1454 *
Manuel Pégourié-Gonnard1e6fb012020-01-07 11:00:34 +01001455 * Requires: MBEDTLS_SHA512_C
1456 *
Manuel Pégourié-Gonnardad6cb112019-07-17 14:58:03 +02001457 * Uncomment to disable SHA-384
1458 */
1459//#define MBEDTLS_SHA512_NO_SHA384
1460
1461/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001462 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
Paul Bakker40865c82013-01-31 17:13:13 +01001463 *
1464 * Enable sending of alert messages in case of encountered errors as per RFC.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00001465 * If you choose not to send the alert messages, mbed TLS can still communicate
Paul Bakker40865c82013-01-31 17:13:13 +01001466 * with other servers, only debugging of failures is harder.
1467 *
1468 * The advantage of not sending alert messages, is that no information is given
1469 * about reasons for failures thus preventing adversaries of gaining intel.
1470 *
1471 * Enable sending of all alert messages
1472 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001473#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
Paul Bakker40865c82013-01-31 17:13:13 +01001474
1475/**
Gilles Peskined3d02902020-03-04 21:35:27 +01001476 * \def MBEDTLS_SSL_RECORD_CHECKING
1477 *
1478 * Enable the function mbedtls_ssl_check_record() which can be used to check
1479 * the validity and authenticity of an incoming record, to verify that it has
1480 * not been seen before. These checks are performed without modifying the
1481 * externally visible state of the SSL context.
1482 *
1483 * See mbedtls_ssl_check_record() for more information.
1484 *
1485 * Uncomment to enable support for record checking.
1486 */
1487#define MBEDTLS_SSL_RECORD_CHECKING
1488
1489/**
1490 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID
1491 *
1492 * Enable support for the DTLS Connection ID extension
1493 * (version draft-ietf-tls-dtls-connection-id-05,
1494 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05)
1495 * which allows to identify DTLS connections across changes
1496 * in the underlying transport.
1497 *
1498 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`,
1499 * `mbedtls_ssl_get_peer_cid()` and `mbedtls_ssl_conf_cid()`.
1500 * See the corresponding documentation for more information.
1501 *
1502 * \warning The Connection ID extension is still in draft state.
1503 * We make no stability promises for the availability
1504 * or the shape of the API controlled by this option.
1505 *
1506 * The maximum lengths of outgoing and incoming CIDs can be configured
1507 * through the options
1508 * - MBEDTLS_SSL_CID_OUT_LEN_MAX
1509 * - MBEDTLS_SSL_CID_IN_LEN_MAX.
1510 *
1511 * Requires: MBEDTLS_SSL_PROTO_DTLS
1512 *
1513 * Uncomment to enable the Connection ID extension.
1514 */
1515//#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1516
1517/**
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001518 * \def MBEDTLS_SSL_ASYNC_PRIVATE
1519 *
1520 * Enable asynchronous external private key operations in SSL. This allows
1521 * you to configure an SSL connection to call an external cryptographic
1522 * module to perform private key operations instead of performing the
1523 * operation inside the library.
1524 *
1525 */
Jaeden Amerod9c71da2018-06-15 20:31:26 +01001526//#define MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001527
1528/**
Gilles Peskined3d02902020-03-04 21:35:27 +01001529 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION
1530 *
1531 * Enable serialization of the TLS context structures, through use of the
1532 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load().
1533 *
1534 * This pair of functions allows one side of a connection to serialize the
1535 * context associated with the connection, then free or re-use that context
1536 * while the serialized state is persisted elsewhere, and finally deserialize
1537 * that state to a live context for resuming read/write operations on the
1538 * connection. From a protocol perspective, the state of the connection is
1539 * unaffected, in particular this is entirely transparent to the peer.
1540 *
1541 * Note: this is distinct from TLS session resumption, which is part of the
1542 * protocol and fully visible by the peer. TLS session resumption enables
1543 * establishing new connections associated to a saved session with shorter,
1544 * lighter handshakes, while context serialization is a local optimization in
1545 * handling a single, potentially long-lived connection.
1546 *
1547 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are
1548 * saved after the handshake to allow for more efficient serialization, so if
1549 * you don't need this feature you'll save RAM by disabling it.
1550 *
1551 * Comment to disable the context serialization APIs.
1552 */
1553#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1554
1555/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001556 * \def MBEDTLS_SSL_DEBUG_ALL
Paul Bakkerd66f0702013-01-31 16:57:45 +01001557 *
1558 * Enable the debug messages in SSL module for all issues.
1559 * Debug messages have been disabled in some places to prevent timing
1560 * attacks due to (unbalanced) debugging function calls.
1561 *
1562 * If you need all error reporting you should enable this during debugging,
1563 * but remove this for production servers that should log as well.
1564 *
1565 * Uncomment this macro to report all debug messages on errors introducing
1566 * a timing side-channel.
1567 *
Paul Bakkerd66f0702013-01-31 16:57:45 +01001568 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001569//#define MBEDTLS_SSL_DEBUG_ALL
Paul Bakkerd66f0702013-01-31 16:57:45 +01001570
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001571/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001572 *
1573 * Enable support for Encrypt-then-MAC, RFC 7366.
1574 *
1575 * This allows peers that both support it to use a more robust protection for
1576 * ciphersuites using CBC, providing deep resistance against timing attacks
1577 * on the padding or underlying cipher.
1578 *
1579 * This only affects CBC ciphersuites, and is useless if none is defined.
1580 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001581 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
1582 * MBEDTLS_SSL_PROTO_TLS1_1 or
1583 * MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001584 *
1585 * Comment this macro to disable support for Encrypt-then-MAC
1586 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001587#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001588
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001589/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001590 *
Manuel Pégourié-Gonnardbca8aa02020-03-24 12:11:49 +01001591 * Enable support for RFC 7627: Session Hash and Extended Master Secret
1592 * Extension.
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001593 *
1594 * This was introduced as "the proper fix" to the Triple Handshake familiy of
1595 * attacks, but it is recommended to always use it (even if you disable
1596 * renegotiation), since it actually fixes a more fundamental issue in the
1597 * original SSL/TLS design, and has implications beyond Triple Handshake.
1598 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001599 * Requires: MBEDTLS_SSL_PROTO_TLS1 or
1600 * MBEDTLS_SSL_PROTO_TLS1_1 or
1601 * MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard769c6b62014-10-28 14:13:55 +01001602 *
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001603 * Comment this macro to disable support for Extended Master Secret.
1604 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001605#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001606
Paul Bakkerd66f0702013-01-31 16:57:45 +01001607/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001608 * \def MBEDTLS_SSL_FALLBACK_SCSV
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001609 *
Manuel Pégourié-Gonnardbca8aa02020-03-24 12:11:49 +01001610 * Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV)
1611 * for Preventing Protocol Downgrade Attacks.
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001612 *
1613 * For servers, it is recommended to always enable this, unless you support
1614 * only one version of TLS, or know for sure that none of your clients
1615 * implements a fallback strategy.
1616 *
1617 * For clients, you only need this if you're using a fallback strategy, which
1618 * is not recommended in the first place, unless you absolutely need it to
1619 * interoperate with buggy (version-intolerant) servers.
1620 *
1621 * Comment this macro to disable support for FALLBACK_SCSV
1622 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001623#define MBEDTLS_SSL_FALLBACK_SCSV
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001624
1625/**
Hanno Beckerbb278f52019-02-05 17:04:00 +00001626 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1627 *
Hanno Beckerfd7f2982019-02-25 10:13:33 +00001628 * This option controls the availability of the API mbedtls_ssl_get_peer_cert()
Hanno Beckerbb278f52019-02-05 17:04:00 +00001629 * giving access to the peer's certificate after completion of the handshake.
1630 *
1631 * Unless you need mbedtls_ssl_peer_cert() in your application, it is
1632 * recommended to disable this option for reduced RAM usage.
1633 *
1634 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still
1635 * defined, but always returns \c NULL.
1636 *
1637 * \note This option has no influence on the protection against the
1638 * triple handshake attack. Even if it is disabled, Mbed TLS will
1639 * still ensure that certificates do not change during renegotiation,
1640 * for exaple by keeping a hash of the peer's certificate.
1641 *
1642 * Comment this macro to disable storing the peer's certificate
1643 * after the handshake.
1644 */
1645#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1646
1647/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001648 * \def MBEDTLS_SSL_HW_RECORD_ACCEL
Paul Bakker05ef8352012-05-08 09:17:57 +00001649 *
1650 * Enable hooking functions in SSL module for hardware acceleration of
1651 * individual records.
1652 *
Andres Amaya Garciada154092019-01-15 18:43:48 +00001653 * \deprecated This option is deprecated and will be removed in a future
1654 * version of Mbed TLS.
Andres Amaya Garcia84b4e792018-12-05 22:39:38 +00001655 *
Paul Bakker05ef8352012-05-08 09:17:57 +00001656 * Uncomment this macro to enable hooking functions.
Paul Bakker05ef8352012-05-08 09:17:57 +00001657 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001658//#define MBEDTLS_SSL_HW_RECORD_ACCEL
Paul Bakker05ef8352012-05-08 09:17:57 +00001659
1660/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001661 * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
Manuel Pégourié-Gonnardd76314c2015-01-07 12:39:44 +01001662 *
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +01001663 * Enable 1/n-1 record splitting for CBC mode in TLS 1.0.
Manuel Pégourié-Gonnardd76314c2015-01-07 12:39:44 +01001664 *
1665 * This is a countermeasure to the BEAST attack, which also minimizes the risk
1666 * of interoperability issues compared to sending 0-length records.
1667 *
1668 * Comment this macro to disable 1/n-1 record splitting.
1669 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001670#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
Manuel Pégourié-Gonnardd76314c2015-01-07 12:39:44 +01001671
1672/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001673 * \def MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001674 *
Hanno Becker0eb8fb82018-10-26 09:53:16 +01001675 * Enable support for TLS renegotiation.
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001676 *
1677 * The two main uses of renegotiation are (1) refresh keys on long-lived
1678 * connections and (2) client authentication after the initial handshake.
1679 * If you don't need renegotiation, it's probably better to disable it, since
1680 * it has been associated with security issues in the past and is easy to
1681 * misuse/misunderstand.
Manuel Pégourié-Gonnard03717042014-11-04 19:52:10 +01001682 *
Manuel Pégourié-Gonnard55f968b2015-03-09 16:23:15 +00001683 * Comment this to disable support for renegotiation.
Hanno Becker6851b102017-10-12 14:57:48 +01001684 *
1685 * \note Even if this option is disabled, both client and server are aware
1686 * of the Renegotiation Indication Extension (RFC 5746) used to
1687 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
1688 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
1689 * configuration of this extension).
1690 *
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001691 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001692#define MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001693
1694/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001695 * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
Manuel Pégourié-Gonnard1a9f2c72013-11-30 18:30:06 +01001696 *
1697 * Pick the ciphersuite according to the client's preferences rather than ours
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001698 * in the SSL Server module (MBEDTLS_SSL_SRV_C).
Manuel Pégourié-Gonnard1a9f2c72013-11-30 18:30:06 +01001699 *
1700 * Uncomment this macro to respect client's ciphersuite order
1701 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001702//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
Manuel Pégourié-Gonnard1a9f2c72013-11-30 18:30:06 +01001703
1704/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001705 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Paul Bakker05decb22013-08-15 13:33:48 +02001706 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001707 * Enable support for RFC 6066 max_fragment_length extension in SSL.
Paul Bakker05decb22013-08-15 13:33:48 +02001708 *
1709 * Comment this macro to disable support for the max_fragment_length extension
1710 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001711#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Paul Bakker05decb22013-08-15 13:33:48 +02001712
1713/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001714 * \def MBEDTLS_SSL_PROTO_TLS1
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001715 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001716 * Enable support for TLS 1.0.
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001717 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001718 * Requires: MBEDTLS_MD5_C
1719 * MBEDTLS_SHA1_C
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001720 *
1721 * Comment this macro to disable support for TLS 1.0
1722 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001723#define MBEDTLS_SSL_PROTO_TLS1
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001724
1725/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001726 * \def MBEDTLS_SSL_PROTO_TLS1_1
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001727 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001728 * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001729 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001730 * Requires: MBEDTLS_MD5_C
1731 * MBEDTLS_SHA1_C
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001732 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001733 * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001734 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001735#define MBEDTLS_SSL_PROTO_TLS1_1
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001736
1737/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001738 * \def MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001739 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001740 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001741 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001742 * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001743 * (Depends on ciphersuites)
1744 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001745 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001746 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001747#define MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001748
1749/**
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001750 * \def MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
1751 *
Hanno Becker3c358d42020-05-20 13:54:41 +01001752 * This macro is used to selectively enable experimental parts
1753 * of the code that contribute to the ongoing development of
1754 * the prototype TLS 1.3 and DTLS 1.3 implementation, and provide
1755 * no other purpose.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001756 *
Hanno Becker3c358d42020-05-20 13:54:41 +01001757 * \warning TLS 1.3 and DTLS 1.3 aren't yet supported in Mbed TLS,
1758 * and no feature exposed through this macro is part of the
1759 * public API. In particular, features under the control
1760 * of this macro are experimental and don't come with any
1761 * stability guarantees.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001762 *
1763 * Uncomment this macro to enable experimental and partial
1764 * functionality specific to TLS 1.3.
1765 */
Hanno Beckere4160602020-05-07 15:11:45 +01001766//#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001767
1768/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001769 * \def MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001770 *
1771 * Enable support for DTLS (all available versions).
1772 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001773 * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
1774 * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001775 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001776 * Requires: MBEDTLS_SSL_PROTO_TLS1_1
1777 * or MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001778 *
1779 * Comment this macro to disable support for DTLS
1780 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001781#define MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001782
1783/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001784 * \def MBEDTLS_SSL_ALPN
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001785 *
Manuel Pégourié-Gonnard6b298e62014-11-20 18:28:50 +01001786 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001787 *
Paul Bakker27e36d32014-04-08 12:33:37 +02001788 * Comment this macro to disable support for ALPN.
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001789 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001790#define MBEDTLS_SSL_ALPN
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001791
1792/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001793 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001794 *
1795 * Enable support for the anti-replay mechanism in DTLS.
1796 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001797 * Requires: MBEDTLS_SSL_TLS_C
1798 * MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001799 *
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001800 * \warning Disabling this is often a security risk!
Manuel Pégourié-Gonnard6729e792015-05-11 09:50:24 +02001801 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001802 *
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001803 * Comment this to disable anti-replay in DTLS.
1804 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001805#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001806
1807/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001808 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001809 *
1810 * Enable support for HelloVerifyRequest on DTLS servers.
1811 *
1812 * This feature is highly recommended to prevent DTLS servers being used as
1813 * amplifiers in DoS attacks against other hosts. It should always be enabled
1814 * unless you know for sure amplification cannot be a problem in the
1815 * environment in which your server operates.
1816 *
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001817 * \warning Disabling this can ba a security risk! (see above)
1818 *
Manuel Pégourié-Gonnarde057d3b2015-05-20 10:59:43 +02001819 * Requires: MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001820 *
1821 * Comment this to disable support for HelloVerifyRequest.
1822 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001823#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001824
1825/**
Johan Pascalb62bb512015-12-03 21:56:45 +01001826 * \def MBEDTLS_SSL_DTLS_SRTP
1827 *
Johan Pascal842d6712020-09-23 13:34:40 +02001828 * Enable support for negotation of DTLS-SRTP (RFC 5764)
1829 * through the use_srtp extension.
1830 *
1831 * \note This feature provides the minimum functionality required
1832 * to negotiate the use of DTLS-SRTP and to allow the derivation of
1833 * the associated SRTP packet protection key material.
1834 * In particular, the SRTP packet protection itself, as well as the
1835 * demultiplexing of RTP and DTLS packets at the datagram layer
1836 * (see Section 5 of RFC 5764), are not handled by this feature.
1837 * Instead, after successful completion of a handshake negotiating
1838 * the use of DTLS-SRTP, the extended key exporter API
1839 * mbedtls_ssl_conf_export_keys_ext_cb() should be used to implement
1840 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705
1841 * (this is implemented in the SSL example programs).
1842 * The resulting key should then be passed to an SRTP stack.
1843 *
1844 * Setting this option enables the runtime API
1845 * mbedtls_ssl_conf_dtls_srtp_protection_profiles()
1846 * through which the supported DTLS-SRTP protection
1847 * profiles can be configured. You must call this API at
1848 * runtime if you wish to negotiate the use of DTLS-SRTP.
Johan Pascalb62bb512015-12-03 21:56:45 +01001849 *
1850 * Requires: MBEDTLS_SSL_PROTO_DTLS
1851 *
Ron Eldor9cfb5eb2018-12-10 15:30:14 +02001852 * Uncomment this to enable support for use_srtp extension.
Johan Pascalb62bb512015-12-03 21:56:45 +01001853 */
Ron Eldor9cfb5eb2018-12-10 15:30:14 +02001854//#define MBEDTLS_SSL_DTLS_SRTP
Johan Pascalb62bb512015-12-03 21:56:45 +01001855
1856/**
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001857 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1858 *
1859 * Enable server-side support for clients that reconnect from the same port.
1860 *
1861 * Some clients unexpectedly close the connection and try to reconnect using the
1862 * same source port. This needs special support from the server to handle the
Simon Butcher4f6882a2015-09-11 17:12:46 +01001863 * new connection securely, as described in section 4.2.8 of RFC 6347. This
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001864 * flag enables that support.
1865 *
Manuel Pégourié-Gonnard62c74bb2015-09-08 17:50:29 +02001866 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard62c74bb2015-09-08 17:50:29 +02001867 *
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001868 * Comment this to disable support for clients reusing the source port.
1869 */
1870#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1871
1872/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001873 * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
Manuel Pégourié-Gonnardb0643d12014-10-14 18:30:36 +02001874 *
1875 * Enable support for a limit of records with bad MAC.
1876 *
Manuel Pégourié-Gonnard6729e792015-05-11 09:50:24 +02001877 * See mbedtls_ssl_conf_dtls_badmac_limit().
Manuel Pégourié-Gonnardb0643d12014-10-14 18:30:36 +02001878 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001879 * Requires: MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnardb0643d12014-10-14 18:30:36 +02001880 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001881#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
Manuel Pégourié-Gonnardb0643d12014-10-14 18:30:36 +02001882
1883/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001884 * \def MBEDTLS_SSL_SESSION_TICKETS
Paul Bakkera503a632013-08-14 13:48:06 +02001885 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001886 * Enable support for RFC 5077 session tickets in SSL.
Antonin Décimo36e89b52019-01-23 15:24:37 +01001887 * Client-side, provides full support for session tickets (maintenance of a
Manuel Pégourié-Gonnard0c0f11f2015-05-20 09:55:50 +02001888 * session store remains the responsibility of the application, though).
1889 * Server-side, you also need to provide callbacks for writing and parsing
1890 * tickets, including authenticated encryption and key management. Example
1891 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
Paul Bakkera503a632013-08-14 13:48:06 +02001892 *
1893 * Comment this macro to disable support for SSL session tickets
1894 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001895#define MBEDTLS_SSL_SESSION_TICKETS
Paul Bakkera503a632013-08-14 13:48:06 +02001896
1897/**
Robert Cragie4feb7ae2015-10-02 13:33:37 +01001898 * \def MBEDTLS_SSL_EXPORT_KEYS
1899 *
Manuel Pégourié-Gonnard024b6df2015-10-19 13:52:53 +02001900 * Enable support for exporting key block and master secret.
Robert Cragie4feb7ae2015-10-02 13:33:37 +01001901 * This is required for certain users of TLS, e.g. EAP-TLS.
1902 *
1903 * Comment this macro to disable support for key export
1904 */
1905#define MBEDTLS_SSL_EXPORT_KEYS
1906
1907/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001908 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
Paul Bakker0be444a2013-08-27 21:55:01 +02001909 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001910 * Enable support for RFC 6066 server name indication (SNI) in SSL.
Paul Bakker0be444a2013-08-27 21:55:01 +02001911 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001912 * Requires: MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnardbbbb3cf2015-01-28 16:44:37 +00001913 *
Paul Bakker0be444a2013-08-27 21:55:01 +02001914 * Comment this macro to disable support for server name indication in SSL
1915 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001916#define MBEDTLS_SSL_SERVER_NAME_INDICATION
Paul Bakker0be444a2013-08-27 21:55:01 +02001917
1918/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001919 * \def MBEDTLS_SSL_TRUNCATED_HMAC
Paul Bakker1f2bc622013-08-15 13:45:55 +02001920 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001921 * Enable support for RFC 6066 truncated HMAC in SSL.
Paul Bakker1f2bc622013-08-15 13:45:55 +02001922 *
1923 * Comment this macro to disable support for truncated HMAC in SSL
1924 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001925#define MBEDTLS_SSL_TRUNCATED_HMAC
Paul Bakker1f2bc622013-08-15 13:45:55 +02001926
1927/**
Gilles Peskinef03bd812020-03-23 18:13:58 +01001928 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1929 *
Andrzej Kurek2a54a6f2021-01-07 08:13:49 -05001930 * When this option is enabled, the SSL buffer will be resized automatically
1931 * based on the negotiated maximum fragment length in each direction.
Andrzej Kurek557289b2020-10-21 15:12:39 +02001932 *
1933 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Gilles Peskinef03bd812020-03-23 18:13:58 +01001934 */
1935//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1936
1937/**
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001938 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
1939 *
1940 * Enable testing of the constant-flow nature of some sensitive functions with
1941 * clang's MemorySanitizer. This causes some existing tests to also test
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001942 * this non-functional property of the code under test.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001943 *
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001944 * This setting requires compiling with clang -fsanitize=memory. The test
1945 * suites can then be run normally.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001946 *
Manuel Pégourié-Gonnard8ff863b2020-07-31 12:59:34 +02001947 * \warning This macro is only used for extended testing; it is not considered
1948 * part of the library's API, so it may change or disappear at any time.
1949 *
Manuel Pégourié-Gonnard390fb4f2020-07-24 11:08:40 +02001950 * Uncomment to enable testing of the constant-flow nature of selected code.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001951 */
1952//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
1953
1954/**
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001955 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
1956 *
1957 * Enable testing of the constant-flow nature of some sensitive functions with
1958 * valgrind's memcheck tool. This causes some existing tests to also test
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001959 * this non-functional property of the code under test.
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001960 *
1961 * This setting requires valgrind headers for building, and is only useful for
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001962 * testing if the tests suites are run with valgrind's memcheck. This can be
1963 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when
1964 * using CMake, this can be done for all test suites with 'make memcheck'.
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001965 *
1966 * \warning This macro is only used for extended testing; it is not considered
1967 * part of the library's API, so it may change or disappear at any time.
1968 *
1969 * Uncomment to enable testing of the constant-flow nature of selected code.
1970 */
1971//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
1972
1973/**
Gilles Peskinefea6eaf2019-09-11 13:27:48 +02001974 * \def MBEDTLS_TEST_HOOKS
1975 *
1976 * Enable features for invasive testing such as introspection functions and
1977 * hooks for fault injection. This enables additional unit tests.
1978 *
1979 * Merely enabling this feature should not change the behavior of the product.
1980 * It only adds new code, and new branching points where the default behavior
1981 * is the same as when this feature is disabled.
1982 * However, this feature increases the attack surface: there is an added
1983 * risk of vulnerabilities, and more gadgets that can make exploits easier.
1984 * Therefore this feature must never be enabled in production.
1985 *
1986 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more
1987 * information.
1988 *
1989 * Uncomment to enable invasive tests.
1990 */
1991//#define MBEDTLS_TEST_HOOKS
1992
1993/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001994 * \def MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001995 *
1996 * Provide your own alternate threading implementation.
1997 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001998 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001999 *
2000 * Uncomment this to allow your own alternate threading implementation.
Paul Bakker2466d932013-09-28 14:40:38 +02002001 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002002//#define MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02002003
2004/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002005 * \def MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02002006 *
2007 * Enable the pthread wrapper layer for the threading layer.
2008 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002009 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02002010 *
2011 * Uncomment this to enable pthread mutexes.
Paul Bakker2466d932013-09-28 14:40:38 +02002012 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002013//#define MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02002014
2015/**
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02002016 * \def MBEDTLS_USE_PSA_CRYPTO
2017 *
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01002018 * Make the X.509 and TLS library use PSA for cryptographic operations, and
2019 * enable new APIs for using keys handled by PSA Crypto.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02002020 *
Jaeden Amero8dd16902019-07-22 16:39:49 +01002021 * \note Development of this option is currently in progress, and parts of Mbed
2022 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts
Andrzej Kurekd65b11d2019-04-16 04:20:24 -04002023 * will still continue to work as usual, so enabling this option should not
2024 * break backwards compatibility.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02002025 *
Gilles Peskined3d02902020-03-04 21:35:27 +01002026 * \warning The PSA Crypto API is in beta stage. While you're welcome to
2027 * experiment using it, incompatible API changes are still possible, and some
2028 * parts may not have reached the same quality as the rest of Mbed TLS yet.
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01002029 *
2030 * \warning This option enables new Mbed TLS APIs that are dependent on the
2031 * PSA Crypto API, so can't come with the same stability guarantees as the
2032 * rest of the Mbed TLS APIs. You're welcome to experiment with them, but for
Andrzej Kurekd3deb1d2019-04-16 04:14:48 -04002033 * now, access to these APIs is opt-in (via enabling the present option), in
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01002034 * order to clearly differentiate them from the stable Mbed TLS APIs.
Hanno Becker51560b62018-11-19 09:46:26 +00002035 *
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02002036 * Requires: MBEDTLS_PSA_CRYPTO_C.
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01002037 *
Andrzej Kurekd3deb1d2019-04-16 04:14:48 -04002038 * Uncomment this to enable internal use of PSA Crypto and new associated APIs.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02002039 */
2040//#define MBEDTLS_USE_PSA_CRYPTO
2041
2042/**
John Durkop6e33dbe2020-09-17 21:15:13 -07002043 * \def MBEDTLS_PSA_CRYPTO_CONFIG
2044 *
John Durkop185764f2020-10-12 21:32:12 -07002045 * This setting allows support for cryptographic mechanisms through the PSA
2046 * API to be configured separately from support through the mbedtls API.
John Durkop6e33dbe2020-09-17 21:15:13 -07002047 *
John Durkop185764f2020-10-12 21:32:12 -07002048 * Uncomment this to enable use of PSA Crypto configuration settings which
Gilles Peskine58858b72020-11-09 15:26:09 +01002049 * can be found in include/psa/crypto_config.h.
2050 *
2051 * If you enable this option and write your own configuration file, you must
2052 * include mbedtls/config_psa.h in your configuration file. The default
2053 * provided mbedtls/config.h contains the necessary inclusion.
John Durkop185764f2020-10-12 21:32:12 -07002054 *
2055 * This feature is still experimental and is not ready for production since
2056 * it is not completed.
John Durkop6e33dbe2020-09-17 21:15:13 -07002057 */
2058//#define MBEDTLS_PSA_CRYPTO_CONFIG
2059
2060/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002061 * \def MBEDTLS_VERSION_FEATURES
Paul Bakker0f90d7d2014-04-30 11:49:44 +02002062 *
2063 * Allow run-time checking of compile-time enabled features. Thus allowing users
2064 * to check at run-time if the library is for instance compiled with threading
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002065 * support via mbedtls_version_check_feature().
Paul Bakker0f90d7d2014-04-30 11:49:44 +02002066 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002067 * Requires: MBEDTLS_VERSION_C
Paul Bakker0f90d7d2014-04-30 11:49:44 +02002068 *
2069 * Comment this to disable run-time checking and save ROM space
2070 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002071#define MBEDTLS_VERSION_FEATURES
Paul Bakker0f90d7d2014-04-30 11:49:44 +02002072
2073/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002074 * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
Paul Bakkerc27c4e22013-09-23 15:01:36 +02002075 *
2076 * If set, the X509 parser will not break-off when parsing an X509 certificate
2077 * and encountering an extension in a v1 or v2 certificate.
2078 *
2079 * Uncomment to prevent an error.
Paul Bakkerc27c4e22013-09-23 15:01:36 +02002080 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002081//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
Paul Bakkerc27c4e22013-09-23 15:01:36 +02002082
2083/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002084 * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
Paul Bakker5c721f92011-07-27 16:51:09 +00002085 *
2086 * If set, the X509 parser will not break-off when parsing an X509 certificate
2087 * and encountering an unknown critical extension.
2088 *
Manuel Pégourié-Gonnardcb6af002015-10-05 12:12:39 +01002089 * \warning Depending on your PKI use, enabling this can be a security risk!
2090 *
Paul Bakker5c721f92011-07-27 16:51:09 +00002091 * Uncomment to prevent an error.
Paul Bakker5c721f92011-07-27 16:51:09 +00002092 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002093//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
Paul Bakker2770fbd2012-07-03 13:30:23 +00002094
2095/**
Hanno Becker288dedc2019-03-27 11:00:53 +00002096 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2097 *
Jarno Lamsaf49fedc2019-04-01 14:58:30 +03002098 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()`
Hanno Becker288dedc2019-03-27 11:00:53 +00002099 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure
2100 * the set of trusted certificates through a callback instead of a linked
2101 * list.
2102 *
2103 * This is useful for example in environments where a large number of trusted
2104 * certificates is present and storing them in a linked list isn't efficient
2105 * enough, or when the set of trusted certificates changes frequently.
2106 *
Jarno Lamsaf49fedc2019-04-01 14:58:30 +03002107 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and
Hanno Becker288dedc2019-03-27 11:00:53 +00002108 * `mbedtls_ssl_conf_ca_cb()` for more information.
2109 *
2110 * Uncomment to enable trusted certificate callbacks.
2111 */
2112//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2113
2114/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002115 * \def MBEDTLS_X509_CHECK_KEY_USAGE
Manuel Pégourié-Gonnard603116c2014-04-09 09:50:03 +02002116 *
2117 * Enable verification of the keyUsage extension (CA and leaf certificates).
2118 *
2119 * Disabling this avoids problems with mis-issued and/or misused
2120 * (intermediate) CA and leaf certificates.
2121 *
2122 * \warning Depending on your PKI use, disabling this can be a security risk!
2123 *
2124 * Comment to skip keyUsage checking for both CA and leaf certificates.
2125 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002126#define MBEDTLS_X509_CHECK_KEY_USAGE
Manuel Pégourié-Gonnard603116c2014-04-09 09:50:03 +02002127
2128/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002129 * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
Manuel Pégourié-Gonnard7afb8a02014-04-10 17:53:56 +02002130 *
2131 * Enable verification of the extendedKeyUsage extension (leaf certificates).
2132 *
2133 * Disabling this avoids problems with mis-issued and/or misused certificates.
2134 *
2135 * \warning Depending on your PKI use, disabling this can be a security risk!
2136 *
2137 * Comment to skip extendedKeyUsage checking for certificates.
2138 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002139#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
Manuel Pégourié-Gonnard7afb8a02014-04-10 17:53:56 +02002140
2141/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002142 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
Manuel Pégourié-Gonnardd1539b12014-06-06 16:42:37 +02002143 *
2144 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
2145 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
2146 *
2147 * Comment this macro to disallow using RSASSA-PSS in certificates.
2148 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002149#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
Manuel Pégourié-Gonnardd1539b12014-06-06 16:42:37 +02002150
2151/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002152 * \def MBEDTLS_ZLIB_SUPPORT
Paul Bakker2770fbd2012-07-03 13:30:23 +00002153 *
2154 * If set, the SSL/TLS module uses ZLIB to support compression and
2155 * decompression of packet data.
2156 *
Manuel Pégourié-Gonnardbb4dd372014-03-11 10:30:38 +01002157 * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
2158 * CRIME attack. Before enabling this option, you should examine with care if
Antonin Décimo36e89b52019-01-23 15:24:37 +01002159 * CRIME or similar exploits may be applicable to your use case.
Manuel Pégourié-Gonnardbb4dd372014-03-11 10:30:38 +01002160 *
Manuel Pégourié-Gonnard7c3b4ab2015-07-02 17:59:52 +02002161 * \note Currently compression can't be used with DTLS.
Manuel Pégourié-Gonnarda0e16322014-07-14 17:38:41 +02002162 *
Hanno Beckere494e202018-03-08 13:26:12 +00002163 * \deprecated This feature is deprecated and will be removed
2164 * in the next major revision of the library.
Hanno Beckercf092b22018-03-06 14:23:38 +00002165 *
Paul Bakker2770fbd2012-07-03 13:30:23 +00002166 * Used in: library/ssl_tls.c
2167 * library/ssl_cli.c
2168 * library/ssl_srv.c
2169 *
2170 * This feature requires zlib library and headers to be present.
2171 *
2172 * Uncomment to enable use of ZLIB
Paul Bakker2770fbd2012-07-03 13:30:23 +00002173 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002174//#define MBEDTLS_ZLIB_SUPPORT
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002175/* \} name SECTION: mbed TLS feature support */
Paul Bakker0a62cd12011-01-21 11:00:08 +00002176
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002177/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002178 * \name SECTION: mbed TLS modules
Paul Bakker0a62cd12011-01-21 11:00:08 +00002179 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002180 * This section enables or disables entire modules in mbed TLS
Paul Bakker0a62cd12011-01-21 11:00:08 +00002181 * \{
2182 */
Paul Bakker5121ce52009-01-03 21:22:43 +00002183
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002184/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002185 * \def MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002186 *
2187 * Enable AES-NI support on x86-64.
2188 *
2189 * Module: library/aesni.c
2190 * Caller: library/aes.c
2191 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002192 * Requires: MBEDTLS_HAVE_ASM
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002193 *
2194 * This modules adds support for the AES-NI instructions on x86-64
2195 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002196#define MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002197
2198/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002199 * \def MBEDTLS_AES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002200 *
2201 * Enable the AES block cipher.
2202 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002203 * Module: library/aes.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002204 * Caller: library/cipher.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002205 * library/pem.c
Paul Bakker6083fd22011-12-03 21:45:14 +00002206 * library/ctr_drbg.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002207 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002208 * This module enables the following ciphersuites (if other requisites are
2209 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002210 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
2211 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
2212 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
2213 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
2214 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
2215 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
2216 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
2217 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
2218 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
2219 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
2220 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
2221 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
2222 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
2223 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2224 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2225 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
2226 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2227 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2228 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
2229 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2230 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2231 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2232 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2233 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2234 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
2235 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
2236 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
2237 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
2238 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2239 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
2240 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
2241 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
2242 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
2243 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
2244 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
2245 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
2246 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
2247 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
2248 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
2249 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
2250 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
2251 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
2252 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
2253 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
2254 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
2255 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
2256 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
2257 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
2258 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
2259 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
2260 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
2261 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
2262 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
2263 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
2264 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
2265 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
2266 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
2267 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
Paul Bakker6deb37e2013-02-19 13:17:08 +01002268 *
Paul Bakkercff68422013-09-15 20:43:33 +02002269 * PEM_PARSE uses AES for decrypting encrypted keys.
Paul Bakker5121ce52009-01-03 21:22:43 +00002270 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002271#define MBEDTLS_AES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002272
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002273/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002274 * \def MBEDTLS_ARC4_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002275 *
2276 * Enable the ARCFOUR stream cipher.
2277 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002278 * Module: library/arc4.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002279 * Caller: library/cipher.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002280 *
Paul Bakker41c83d32013-03-20 14:39:14 +01002281 * This module enables the following ciphersuites (if other requisites are
2282 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002283 * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
2284 * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
2285 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
2286 * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
2287 * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
2288 * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
2289 * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
2290 * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
2291 * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
2292 * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002293 *
2294 * \warning ARC4 is considered a weak cipher and its use constitutes a
2295 * security risk. If possible, we recommend avoidng dependencies on
2296 * it, and considering stronger ciphers instead.
2297 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002298 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002299#define MBEDTLS_ARC4_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002300
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002301/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002302 * \def MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002303 *
2304 * Enable the generic ASN1 parser.
2305 *
2306 * Module: library/asn1.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002307 * Caller: library/x509.c
2308 * library/dhm.c
2309 * library/pkcs12.c
2310 * library/pkcs5.c
2311 * library/pkparse.c
Paul Bakkerefc30292011-11-10 14:43:23 +00002312 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002313#define MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002314
2315/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002316 * \def MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002317 *
2318 * Enable the generic ASN1 writer.
2319 *
2320 * Module: library/asn1write.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002321 * Caller: library/ecdsa.c
2322 * library/pkwrite.c
2323 * library/x509_create.c
2324 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002325 * library/x509write_csr.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002326 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002327#define MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002328
2329/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002330 * \def MBEDTLS_BASE64_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002331 *
2332 * Enable the Base64 module.
2333 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002334 * Module: library/base64.c
Paul Bakker5690efc2011-05-26 13:16:06 +00002335 * Caller: library/pem.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002336 *
Paul Bakker5690efc2011-05-26 13:16:06 +00002337 * This module is required for PEM support (required by X.509).
Paul Bakker5121ce52009-01-03 21:22:43 +00002338 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002339#define MBEDTLS_BASE64_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002340
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002341/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002342 * \def MBEDTLS_BIGNUM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002343 *
Paul Bakker9a736322012-11-14 12:39:52 +00002344 * Enable the multi-precision integer library.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002345 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002346 * Module: library/bignum.c
2347 * Caller: library/dhm.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002348 * library/ecp.c
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002349 * library/ecdsa.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002350 * library/rsa.c
Hanno Beckera565f542017-10-11 11:00:19 +01002351 * library/rsa_internal.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002352 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002353 *
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002354 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
Paul Bakker5121ce52009-01-03 21:22:43 +00002355 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002356#define MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002357
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002358/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002359 * \def MBEDTLS_BLOWFISH_C
Paul Bakkera9379c02012-07-04 11:02:11 +00002360 *
2361 * Enable the Blowfish block cipher.
2362 *
2363 * Module: library/blowfish.c
2364 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002365#define MBEDTLS_BLOWFISH_C
Paul Bakkera9379c02012-07-04 11:02:11 +00002366
2367/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002368 * \def MBEDTLS_CAMELLIA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002369 *
2370 * Enable the Camellia block cipher.
2371 *
Paul Bakker38119b12009-01-10 23:31:23 +00002372 * Module: library/camellia.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002373 * Caller: library/cipher.c
Paul Bakker38119b12009-01-10 23:31:23 +00002374 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002375 * This module enables the following ciphersuites (if other requisites are
2376 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002377 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2378 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2379 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
2380 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
2381 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2382 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2383 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
2384 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
2385 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2386 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2387 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2388 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2389 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
2390 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
2391 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
2392 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2393 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2394 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2395 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2396 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2397 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2398 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
2399 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
2400 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2401 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2402 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
2403 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2404 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2405 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
2406 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
2407 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
2408 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
2409 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
2410 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
2411 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
2412 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
2413 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
2414 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
2415 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
2416 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
2417 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
2418 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakker38119b12009-01-10 23:31:23 +00002419 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002420#define MBEDTLS_CAMELLIA_C
Paul Bakker38119b12009-01-10 23:31:23 +00002421
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002422/**
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002423 * \def MBEDTLS_ARIA_C
2424 *
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002425 * Enable the ARIA block cipher.
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002426 *
2427 * Module: library/aria.c
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002428 * Caller: library/cipher.c
2429 *
2430 * This module enables the following ciphersuites (if other requisites are
2431 * enabled as well):
2432 *
2433 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
2434 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
2435 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
2436 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
2437 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
2438 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
2439 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
2440 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
2441 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
2442 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
2443 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
2444 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
2445 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
2446 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
2447 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
2448 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
2449 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
2450 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
2451 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
2452 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
2453 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
2454 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
2455 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
2456 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
2457 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
2458 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
2459 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
2460 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
2461 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
2462 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
2463 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
2464 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
2465 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
2466 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
2467 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
2468 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
2469 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
2470 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002471 */
Manuel Pégourié-Gonnard2268b962018-02-27 12:22:36 +01002472//#define MBEDTLS_ARIA_C
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002473
2474/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002475 * \def MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002476 *
2477 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
2478 *
2479 * Module: library/ccm.c
2480 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002481 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002482 *
2483 * This module enables the AES-CCM ciphersuites, if other requisites are
2484 * enabled as well.
2485 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002486#define MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002487
2488/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002489 * \def MBEDTLS_CERTS_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002490 *
2491 * Enable the test certificates.
2492 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002493 * Module: library/certs.c
2494 * Caller:
2495 *
2496 * This module is used for testing (ssl_client/server).
2497 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002498#define MBEDTLS_CERTS_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002499
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002500/**
Daniel King34b822c2016-05-15 17:28:08 -03002501 * \def MBEDTLS_CHACHA20_C
2502 *
2503 * Enable the ChaCha20 stream cipher.
2504 *
2505 * Module: library/chacha20.c
2506 */
2507#define MBEDTLS_CHACHA20_C
2508
2509/**
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +02002510 * \def MBEDTLS_CHACHAPOLY_C
2511 *
2512 * Enable the ChaCha20-Poly1305 AEAD algorithm.
2513 *
2514 * Module: library/chachapoly.c
2515 *
2516 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
2517 */
2518#define MBEDTLS_CHACHAPOLY_C
2519
2520/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002521 * \def MBEDTLS_CIPHER_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002522 *
2523 * Enable the generic cipher layer.
2524 *
Paul Bakker8123e9d2011-01-06 15:37:30 +00002525 * Module: library/cipher.c
Paul Bakker04784f52013-08-19 13:30:57 +02002526 * Caller: library/ssl_tls.c
Paul Bakker8123e9d2011-01-06 15:37:30 +00002527 *
2528 * Uncomment to enable generic cipher wrappers.
2529 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002530#define MBEDTLS_CIPHER_C
Paul Bakker8123e9d2011-01-06 15:37:30 +00002531
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002532/**
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002533 * \def MBEDTLS_CMAC_C
2534 *
Simon Butcher327398a2016-10-05 14:09:11 +01002535 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
2536 * ciphers.
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002537 *
2538 * Module: library/cmac.c
2539 *
Simon Butcher69283e52016-10-06 12:49:58 +01002540 * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002541 *
2542 */
Gilles Peskined3d02902020-03-04 21:35:27 +01002543//#define MBEDTLS_CMAC_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002544
2545/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002546 * \def MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002547 *
Nir Sonnenscheince266e42018-08-29 10:11:46 +03002548 * Enable the CTR_DRBG AES-based random generator.
2549 * The CTR_DRBG generator uses AES-256 by default.
Gilles Peskine1540e5b2019-10-03 14:21:14 +02002550 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002551 *
Gilles Peskine7e279362019-10-03 14:21:39 +02002552 * \note To achieve a 256-bit security strength with CTR_DRBG,
2553 * you must use AES-256 *and* use sufficient entropy.
2554 * See ctr_drbg.h for more details.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002555 *
2556 * Module: library/ctr_drbg.c
2557 * Caller:
2558 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002559 * Requires: MBEDTLS_AES_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002560 *
Nir Sonnenschein521e8a92018-09-03 14:10:52 +03002561 * This module provides the CTR_DRBG AES random number generator.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002562 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002563#define MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002564
2565/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002566 * \def MBEDTLS_DEBUG_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002567 *
2568 * Enable the debug functions.
2569 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002570 * Module: library/debug.c
2571 * Caller: library/ssl_cli.c
2572 * library/ssl_srv.c
2573 * library/ssl_tls.c
2574 *
2575 * This module provides debugging functions.
2576 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002577#define MBEDTLS_DEBUG_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002578
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002579/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002580 * \def MBEDTLS_DES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002581 *
2582 * Enable the DES block cipher.
2583 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002584 * Module: library/des.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002585 * Caller: library/pem.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002586 * library/cipher.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002587 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002588 * This module enables the following ciphersuites (if other requisites are
2589 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002590 * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
2591 * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
2592 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
2593 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
2594 * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2595 * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
2596 * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
2597 * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
2598 * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
2599 * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
Paul Bakker6deb37e2013-02-19 13:17:08 +01002600 *
Paul Bakkercff68422013-09-15 20:43:33 +02002601 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002602 *
2603 * \warning DES is considered a weak cipher and its use constitutes a
2604 * security risk. We recommend considering stronger ciphers instead.
Paul Bakker5121ce52009-01-03 21:22:43 +00002605 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002606#define MBEDTLS_DES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002607
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002608/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002609 * \def MBEDTLS_DHM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002610 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002611 * Enable the Diffie-Hellman-Merkle module.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002612 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002613 * Module: library/dhm.c
2614 * Caller: library/ssl_cli.c
2615 * library/ssl_srv.c
2616 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002617 * This module is used by the following key exchanges:
2618 * DHE-RSA, DHE-PSK
Hanno Beckera2f6b722017-09-28 10:33:29 +01002619 *
Hanno Beckerf9734b32017-10-03 12:09:22 +01002620 * \warning Using DHE constitutes a security risk as it
2621 * is not possible to validate custom DH parameters.
2622 * If possible, it is recommended users should consider
2623 * preferring other methods of key exchange.
2624 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +01002625 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002626 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002627#define MBEDTLS_DHM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002628
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002629/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002630 * \def MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002631 *
2632 * Enable the elliptic curve Diffie-Hellman library.
2633 *
2634 * Module: library/ecdh.c
Paul Bakker41c83d32013-03-20 14:39:14 +01002635 * Caller: library/ssl_cli.c
2636 * library/ssl_srv.c
2637 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002638 * This module is used by the following key exchanges:
2639 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002640 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002641 * Requires: MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002642 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002643#define MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002644
2645/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002646 * \def MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002647 *
2648 * Enable the elliptic curve DSA library.
2649 *
2650 * Module: library/ecdsa.c
2651 * Caller:
2652 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002653 * This module is used by the following key exchanges:
2654 * ECDHE-ECDSA
2655 *
Gilles Peskine799e5762018-09-14 17:34:00 +02002656 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C,
2657 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a
2658 * short Weierstrass curve.
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002659 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002660#define MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002661
2662/**
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002663 * \def MBEDTLS_ECJPAKE_C
2664 *
2665 * Enable the elliptic curve J-PAKE library.
2666 *
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +02002667 * \warning This is currently experimental. EC J-PAKE support is based on the
2668 * Thread v1.0.0 specification; incompatible changes to the specification
2669 * might still happen. For this reason, this is disabled by default.
2670 *
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002671 * Module: library/ecjpake.c
2672 * Caller:
2673 *
2674 * This module is used by the following key exchanges:
2675 * ECJPAKE
2676 *
2677 * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
2678 */
Manuel Pégourié-Gonnardcf828932015-10-20 14:57:00 +02002679//#define MBEDTLS_ECJPAKE_C
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002680
2681/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002682 * \def MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002683 *
2684 * Enable the elliptic curve over GF(p) library.
2685 *
2686 * Module: library/ecp.c
2687 * Caller: library/ecdh.c
2688 * library/ecdsa.c
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002689 * library/ecjpake.c
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002690 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002691 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002692 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002693#define MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002694
2695/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002696 * \def MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002697 *
2698 * Enable the platform-specific entropy code.
2699 *
2700 * Module: library/entropy.c
2701 * Caller:
2702 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002703 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002704 *
2705 * This module provides a generic entropy pool
2706 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002707#define MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002708
2709/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002710 * \def MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002711 *
2712 * Enable error code to error string conversion.
2713 *
2714 * Module: library/error.c
2715 * Caller:
2716 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002717 * This module enables mbedtls_strerror().
Paul Bakker9d781402011-05-09 16:17:09 +00002718 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002719#define MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002720
2721/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002722 * \def MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002723 *
Jaeden Amero7accf442019-04-10 18:13:57 +01002724 * Enable the Galois/Counter Mode (GCM).
Paul Bakker89e80c92012-03-20 13:50:09 +00002725 *
2726 * Module: library/gcm.c
2727 *
Jaeden Amero651ae682019-04-10 18:19:16 +01002728 * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_ARIA_C
Paul Bakker645ce3a2012-10-31 12:32:41 +00002729 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002730 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
2731 * requisites are enabled as well.
Paul Bakker89e80c92012-03-20 13:50:09 +00002732 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002733#define MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002734
2735/**
Thomas Fossati656864b2016-07-17 08:51:22 +01002736 * \def MBEDTLS_HKDF_C
2737 *
2738 * Enable the HKDF algorithm (RFC 5869).
2739 *
2740 * Module: library/hkdf.c
2741 * Caller:
2742 *
2743 * Requires: MBEDTLS_MD_C
2744 *
2745 * This module adds support for the Hashed Message Authentication Code
2746 * (HMAC)-based key derivation function (HKDF).
2747 */
2748#define MBEDTLS_HKDF_C
2749
2750/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002751 * \def MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002752 *
2753 * Enable the HMAC_DRBG random generator.
2754 *
2755 * Module: library/hmac_drbg.c
2756 * Caller:
2757 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002758 * Requires: MBEDTLS_MD_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002759 *
2760 * Uncomment to enable the HMAC_DRBG random number geerator.
2761 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002762#define MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002763
2764/**
Ron Eldor466a57f2018-05-03 16:54:28 +03002765 * \def MBEDTLS_NIST_KW_C
2766 *
2767 * Enable the Key Wrapping mode for 128-bit block ciphers,
2768 * as defined in NIST SP 800-38F. Only KW and KWP modes
2769 * are supported. At the moment, only AES is approved by NIST.
2770 *
2771 * Module: library/nist_kw.c
2772 *
2773 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
2774 */
2775//#define MBEDTLS_NIST_KW_C
2776
2777/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002778 * \def MBEDTLS_MD_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002779 *
2780 * Enable the generic message digest layer.
2781 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002782 * Module: library/md.c
Paul Bakker17373852011-01-06 14:20:01 +00002783 * Caller:
2784 *
2785 * Uncomment to enable generic message digest wrappers.
2786 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002787#define MBEDTLS_MD_C
Paul Bakker17373852011-01-06 14:20:01 +00002788
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002789/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002790 * \def MBEDTLS_MD2_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002791 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002792 * Enable the MD2 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002793 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002794 * Module: library/md2.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002795 * Caller:
Paul Bakker5121ce52009-01-03 21:22:43 +00002796 *
2797 * Uncomment to enable support for (rare) MD2-signed X.509 certs.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002798 *
2799 * \warning MD2 is considered a weak message digest and its use constitutes a
2800 * security risk. If possible, we recommend avoiding dependencies on
2801 * it, and considering stronger message digests instead.
2802 *
Paul Bakker6506aff2009-07-28 20:52:02 +00002803 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002804//#define MBEDTLS_MD2_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002805
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002806/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002807 * \def MBEDTLS_MD4_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002808 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002809 * Enable the MD4 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002810 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002811 * Module: library/md4.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002812 * Caller:
Paul Bakker5121ce52009-01-03 21:22:43 +00002813 *
2814 * Uncomment to enable support for (rare) MD4-signed X.509 certs.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002815 *
2816 * \warning MD4 is considered a weak message digest and its use constitutes a
2817 * security risk. If possible, we recommend avoiding dependencies on
2818 * it, and considering stronger message digests instead.
2819 *
Paul Bakker6506aff2009-07-28 20:52:02 +00002820 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002821//#define MBEDTLS_MD4_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002822
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002823/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002824 * \def MBEDTLS_MD5_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002825 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002826 * Enable the MD5 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002827 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002828 * Module: library/md5.c
2829 * Caller: library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002830 * library/pem.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002831 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002832 *
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002833 * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
2834 * depending on the handshake parameters. Further, it is used for checking
2835 * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
2836 * encrypted keys.
2837 *
2838 * \warning MD5 is considered a weak message digest and its use constitutes a
2839 * security risk. If possible, we recommend avoiding dependencies on
2840 * it, and considering stronger message digests instead.
2841 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002842 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002843#define MBEDTLS_MD5_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002844
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002845/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002846 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002847 *
2848 * Enable the buffer allocator implementation that makes use of a (stack)
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02002849 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002850 * calls)
Paul Bakker6e339b52013-07-03 13:37:05 +02002851 *
2852 * Module: library/memory_buffer_alloc.c
2853 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002854 * Requires: MBEDTLS_PLATFORM_C
2855 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
Paul Bakker6e339b52013-07-03 13:37:05 +02002856 *
2857 * Enable this module to enable the buffer memory allocator.
Paul Bakker6e339b52013-07-03 13:37:05 +02002858 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002859//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02002860
2861/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002862 * \def MBEDTLS_NET_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002863 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002864 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
2865 *
Simon Butcherd567a232016-03-09 20:19:21 +00002866 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
2867 * and Windows. For other platforms, you'll want to disable it, and write your
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002868 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002869 *
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00002870 * \note See also our Knowledge Base article about porting to a new
2871 * environment:
2872 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
2873 *
Andres AG788aa4a2016-09-14 14:32:09 +01002874 * Module: library/net_sockets.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002875 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002876 * This module provides networking routines.
Paul Bakker5121ce52009-01-03 21:22:43 +00002877 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002878#define MBEDTLS_NET_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002879
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002880/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002881 * \def MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002882 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002883 * Enable the OID database.
Paul Bakkerc70b9822013-04-07 22:00:46 +02002884 *
2885 * Module: library/oid.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002886 * Caller: library/asn1write.c
2887 * library/pkcs5.c
2888 * library/pkparse.c
2889 * library/pkwrite.c
2890 * library/rsa.c
2891 * library/x509.c
2892 * library/x509_create.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002893 * library/x509_crl.c
2894 * library/x509_crt.c
2895 * library/x509_csr.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002896 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002897 * library/x509write_csr.c
Paul Bakkerc70b9822013-04-07 22:00:46 +02002898 *
2899 * This modules translates between OIDs and internal values.
2900 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002901#define MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002902
2903/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002904 * \def MBEDTLS_PADLOCK_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002905 *
2906 * Enable VIA Padlock support on x86.
2907 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002908 * Module: library/padlock.c
2909 * Caller: library/aes.c
2910 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002911 * Requires: MBEDTLS_HAVE_ASM
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002912 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002913 * This modules adds support for the VIA PadLock on x86.
2914 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002915#define MBEDTLS_PADLOCK_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002916
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002917/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002918 * \def MBEDTLS_PEM_PARSE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002919 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002920 * Enable PEM decoding / parsing.
Paul Bakker96743fc2011-02-12 14:30:57 +00002921 *
2922 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002923 * Caller: library/dhm.c
Paul Bakkercff68422013-09-15 20:43:33 +02002924 * library/pkparse.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002925 * library/x509_crl.c
2926 * library/x509_crt.c
2927 * library/x509_csr.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002928 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002929 * Requires: MBEDTLS_BASE64_C
Paul Bakker5690efc2011-05-26 13:16:06 +00002930 *
Paul Bakkercff68422013-09-15 20:43:33 +02002931 * This modules adds support for decoding / parsing PEM files.
Paul Bakker96743fc2011-02-12 14:30:57 +00002932 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002933#define MBEDTLS_PEM_PARSE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002934
2935/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002936 * \def MBEDTLS_PEM_WRITE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002937 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002938 * Enable PEM encoding / writing.
Paul Bakkercff68422013-09-15 20:43:33 +02002939 *
2940 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002941 * Caller: library/pkwrite.c
2942 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002943 * library/x509write_csr.c
Paul Bakkercff68422013-09-15 20:43:33 +02002944 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002945 * Requires: MBEDTLS_BASE64_C
Paul Bakkercff68422013-09-15 20:43:33 +02002946 *
2947 * This modules adds support for encoding / writing PEM files.
2948 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002949#define MBEDTLS_PEM_WRITE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002950
2951/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002952 * \def MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002953 *
2954 * Enable the generic public (asymetric) key layer.
2955 *
2956 * Module: library/pk.c
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +02002957 * Caller: library/ssl_tls.c
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002958 * library/ssl_cli.c
2959 * library/ssl_srv.c
2960 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002961 * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +02002962 *
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002963 * Uncomment to enable generic public key wrappers.
2964 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002965#define MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002966
2967/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002968 * \def MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002969 *
2970 * Enable the generic public (asymetric) key parser.
2971 *
2972 * Module: library/pkparse.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002973 * Caller: library/x509_crt.c
2974 * library/x509_csr.c
Paul Bakker4606c732013-09-15 17:04:23 +02002975 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002976 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002977 *
2978 * Uncomment to enable generic public key parse functions.
2979 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002980#define MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002981
2982/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002983 * \def MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002984 *
Paul Bakkerf20ba4b2013-09-16 22:46:20 +02002985 * Enable the generic public (asymetric) key writer.
Paul Bakker4606c732013-09-15 17:04:23 +02002986 *
2987 * Module: library/pkwrite.c
2988 * Caller: library/x509write.c
2989 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002990 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002991 *
2992 * Uncomment to enable generic public key write functions.
2993 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002994#define MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002995
2996/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002997 * \def MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002998 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002999 * Enable PKCS#5 functions.
Paul Bakkerb0c19a42013-06-24 19:26:38 +02003000 *
3001 * Module: library/pkcs5.c
3002 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003003 * Requires: MBEDTLS_MD_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02003004 *
3005 * This module adds support for the PKCS#5 functions.
3006 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003007#define MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02003008
3009/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003010 * \def MBEDTLS_PKCS11_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003011 *
Gilles Peskine907e95a2020-01-23 15:51:40 +01003012 * Enable wrapper for PKCS#11 smartcard support via the pkcs11-helper library.
Paul Bakker5690efc2011-05-26 13:16:06 +00003013 *
Andres Amaya Garcia99fc3872019-01-15 19:07:43 +00003014 * \deprecated This option is deprecated and will be removed in a future
3015 * version of Mbed TLS.
Paul Bakker5690efc2011-05-26 13:16:06 +00003016 *
Manuel Pégourié-Gonnard51be5592013-08-22 13:35:53 +02003017 * Module: library/pkcs11.c
3018 * Caller: library/pk.c
Paul Bakker5690efc2011-05-26 13:16:06 +00003019 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003020 * Requires: MBEDTLS_PK_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003021 *
Paul Bakkereb2c6582012-09-27 19:15:01 +00003022 * This module enables SSL/TLS PKCS #11 smartcard support.
Paul Bakker5690efc2011-05-26 13:16:06 +00003023 * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
Paul Bakker5690efc2011-05-26 13:16:06 +00003024 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003025//#define MBEDTLS_PKCS11_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003026
3027/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003028 * \def MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02003029 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003030 * Enable PKCS#12 PBE functions.
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02003031 * Adds algorithms for parsing PKCS#8 encrypted private keys
3032 *
3033 * Module: library/pkcs12.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003034 * Caller: library/pkparse.c
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02003035 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003036 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
3037 * Can use: MBEDTLS_ARC4_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02003038 *
3039 * This module enables PKCS#12 functions.
3040 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003041#define MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02003042
3043/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003044 * \def MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01003045 *
3046 * Enable the platform abstraction layer that allows you to re-assign
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02003047 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
Paul Bakker747a83a2014-02-01 22:50:07 +01003048 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003049 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
3050 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
Rich Evans16f8cd82015-02-06 16:14:34 +00003051 * above to be specified at runtime or compile time respectively.
Paul Bakker747a83a2014-02-01 22:50:07 +01003052 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02003053 * \note This abstraction layer must be enabled on Windows (including MSYS2)
3054 * as other module rely on it for a fixed snprintf implementation.
3055 *
Paul Bakker747a83a2014-02-01 22:50:07 +01003056 * Module: library/platform.c
3057 * Caller: Most other .c files
3058 *
3059 * This module enables abstraction of common (libc) functions.
3060 */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003061#define MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01003062
3063/**
Daniel Kingadc32c02016-05-16 18:25:45 -03003064 * \def MBEDTLS_POLY1305_C
3065 *
3066 * Enable the Poly1305 MAC algorithm.
3067 *
3068 * Module: library/poly1305.c
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +02003069 * Caller: library/chachapoly.c
Daniel Kingadc32c02016-05-16 18:25:45 -03003070 */
3071#define MBEDTLS_POLY1305_C
3072
3073/**
Jaeden Amero484ee332018-10-25 17:38:05 +01003074 * \def MBEDTLS_PSA_CRYPTO_C
3075 *
3076 * Enable the Platform Security Architecture cryptography API.
3077 *
Manuel Pégourié-Gonnardde7636e2019-02-01 12:33:29 +01003078 * \warning The PSA Crypto API is still beta status. While you're welcome to
3079 * experiment using it, incompatible API changes are still possible, and some
3080 * parts may not have reached the same quality as the rest of Mbed TLS yet.
Jaeden Amero484ee332018-10-25 17:38:05 +01003081 *
Gilles Peskinee59236f2018-01-27 23:32:46 +01003082 * Module: library/psa_crypto.c
Jaeden Amero484ee332018-10-25 17:38:05 +01003083 *
Gilles Peskinef08b3f82020-11-13 17:36:48 +01003084 * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
Gilles Peskine82e57d12020-11-13 21:31:17 +01003085 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C,
Gilles Peskinef08b3f82020-11-13 17:36:48 +01003086 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
Jaeden Amero484ee332018-10-25 17:38:05 +01003087 *
3088 */
Manuel Pégourié-Gonnardde7636e2019-02-01 12:33:29 +01003089#define MBEDTLS_PSA_CRYPTO_C
Jaeden Amero484ee332018-10-25 17:38:05 +01003090
3091/**
Gilles Peskinea8ade162019-06-26 11:24:49 +02003092 * \def MBEDTLS_PSA_CRYPTO_SE_C
3093 *
3094 * Enable secure element support in the Platform Security Architecture
3095 * cryptography API.
3096 *
Gilles Peskined0e66b02019-07-24 13:52:51 +02003097 * \warning This feature is not yet suitable for production. It is provided
3098 * for API evaluation and testing purposes only.
3099 *
Gilles Peskinea8ade162019-06-26 11:24:49 +02003100 * Module: library/psa_crypto_se.c
3101 *
3102 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C
3103 *
3104 */
Gilles Peskined0e66b02019-07-24 13:52:51 +02003105//#define MBEDTLS_PSA_CRYPTO_SE_C
Gilles Peskinea8ade162019-06-26 11:24:49 +02003106
3107/**
Andrzej Kurekc6905232019-02-05 05:23:41 -05003108 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
3109 *
3110 * Enable the Platform Security Architecture persistent key storage.
3111 *
Darryl Greendb2b8db2018-06-15 13:06:04 +01003112 * Module: library/psa_crypto_storage.c
Andrzej Kurekc6905232019-02-05 05:23:41 -05003113 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003114 * Requires: MBEDTLS_PSA_CRYPTO_C,
3115 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
3116 * the PSA ITS interface
Andrzej Kurekc6905232019-02-05 05:23:41 -05003117 */
Darryl Greendb2b8db2018-06-15 13:06:04 +01003118#define MBEDTLS_PSA_CRYPTO_STORAGE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003119
3120/**
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003121 * \def MBEDTLS_PSA_ITS_FILE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003122 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003123 * Enable the emulation of the Platform Security Architecture
3124 * Internal Trusted Storage (PSA ITS) over files.
Andrzej Kurekc6905232019-02-05 05:23:41 -05003125 *
Gilles Peskine6194dc22018-11-16 22:24:15 +01003126 * Module: library/psa_its_file.c
Andrzej Kurekc6905232019-02-05 05:23:41 -05003127 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003128 * Requires: MBEDTLS_FS_IO
Andrzej Kurekc6905232019-02-05 05:23:41 -05003129 */
Gilles Peskine6194dc22018-11-16 22:24:15 +01003130#define MBEDTLS_PSA_ITS_FILE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003131
3132/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003133 * \def MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003134 *
3135 * Enable the RIPEMD-160 hash algorithm.
3136 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003137 * Module: library/ripemd160.c
3138 * Caller: library/md.c
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003139 *
3140 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003141#define MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003142
3143/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003144 * \def MBEDTLS_RSA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003145 *
3146 * Enable the RSA public-key cryptosystem.
3147 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003148 * Module: library/rsa.c
Hanno Beckera565f542017-10-11 11:00:19 +01003149 * library/rsa_internal.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003150 * Caller: library/ssl_cli.c
3151 * library/ssl_srv.c
3152 * library/ssl_tls.c
3153 * library/x509.c
3154 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02003155 * This module is used by the following key exchanges:
3156 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
Paul Bakker5690efc2011-05-26 13:16:06 +00003157 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003158 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003159 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003160#define MBEDTLS_RSA_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003161
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003162/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003163 * \def MBEDTLS_SHA1_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003164 *
3165 * Enable the SHA1 cryptographic hash algorithm.
3166 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003167 * Module: library/sha1.c
3168 * Caller: library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003169 * library/ssl_cli.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003170 * library/ssl_srv.c
3171 * library/ssl_tls.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003172 * library/x509write_crt.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003173 *
Gilles Peskine5e79cb32017-05-04 16:17:21 +02003174 * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
3175 * depending on the handshake parameters, and for SHA1-signed certificates.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01003176 *
3177 * \warning SHA-1 is considered a weak message digest and its use constitutes
3178 * a security risk. If possible, we recommend avoiding dependencies
3179 * on it, and considering stronger message digests instead.
3180 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003181 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003182#define MBEDTLS_SHA1_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003183
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003184/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003185 * \def MBEDTLS_SHA256_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003186 *
3187 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
3188 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003189 * Module: library/sha256.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003190 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003191 * library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003192 * library/ssl_cli.c
3193 * library/ssl_srv.c
3194 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003195 *
3196 * This module adds support for SHA-224 and SHA-256.
Paul Bakker769075d2012-11-24 11:26:46 +01003197 * This module is required for the SSL/TLS 1.2 PRF function.
Paul Bakker5121ce52009-01-03 21:22:43 +00003198 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003199#define MBEDTLS_SHA256_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003200
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003201/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003202 * \def MBEDTLS_SHA512_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003203 *
3204 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
3205 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003206 * Module: library/sha512.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003207 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003208 * library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003209 * library/ssl_cli.c
3210 * library/ssl_srv.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003211 *
3212 * This module adds support for SHA-384 and SHA-512.
3213 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003214#define MBEDTLS_SHA512_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003215
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003216/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003217 * \def MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003218 *
3219 * Enable simple SSL cache implementation.
3220 *
3221 * Module: library/ssl_cache.c
3222 * Caller:
3223 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003224 * Requires: MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003225 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003226#define MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003227
3228/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003229 * \def MBEDTLS_SSL_COOKIE_C
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003230 *
3231 * Enable basic implementation of DTLS cookies for hello verification.
3232 *
3233 * Module: library/ssl_cookie.c
3234 * Caller:
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003235 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003236#define MBEDTLS_SSL_COOKIE_C
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003237
3238/**
Manuel Pégourié-Gonnardfd6d8972015-05-15 12:09:00 +02003239 * \def MBEDTLS_SSL_TICKET_C
3240 *
3241 * Enable an implementation of TLS server-side callbacks for session tickets.
3242 *
3243 * Module: library/ssl_ticket.c
3244 * Caller:
Manuel Pégourié-Gonnard0c0f11f2015-05-20 09:55:50 +02003245 *
Manuel Pégourié-Gonnard4214e3a2015-05-25 19:34:49 +02003246 * Requires: MBEDTLS_CIPHER_C
Manuel Pégourié-Gonnardfd6d8972015-05-15 12:09:00 +02003247 */
3248#define MBEDTLS_SSL_TICKET_C
3249
3250/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003251 * \def MBEDTLS_SSL_CLI_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003252 *
3253 * Enable the SSL/TLS client code.
3254 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003255 * Module: library/ssl_cli.c
3256 * Caller:
3257 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003258 * Requires: MBEDTLS_SSL_TLS_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003259 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003260 * This module is required for SSL/TLS client support.
3261 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003262#define MBEDTLS_SSL_CLI_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003263
Paul Bakker9a736322012-11-14 12:39:52 +00003264/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003265 * \def MBEDTLS_SSL_SRV_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003266 *
3267 * Enable the SSL/TLS server code.
3268 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003269 * Module: library/ssl_srv.c
3270 * Caller:
3271 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003272 * Requires: MBEDTLS_SSL_TLS_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003273 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003274 * This module is required for SSL/TLS server support.
3275 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003276#define MBEDTLS_SSL_SRV_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003277
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003278/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003279 * \def MBEDTLS_SSL_TLS_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003280 *
Paul Bakkere29ab062011-05-18 13:26:54 +00003281 * Enable the generic SSL/TLS code.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003282 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003283 * Module: library/ssl_tls.c
3284 * Caller: library/ssl_cli.c
3285 * library/ssl_srv.c
3286 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003287 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
3288 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
Paul Bakker5690efc2011-05-26 13:16:06 +00003289 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003290 * This module is required for SSL/TLS.
3291 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003292#define MBEDTLS_SSL_TLS_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003293
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003294/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003295 * \def MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003296 *
3297 * Enable the threading abstraction layer.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003298 * By default mbed TLS assumes it is used in a non-threaded environment or that
Paul Bakker2466d932013-09-28 14:40:38 +02003299 * contexts are not shared between threads. If you do intend to use contexts
3300 * between threads, you will need to enable this layer to prevent race
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003301 * conditions. See also our Knowledge Base article about threading:
3302 * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
Paul Bakker2466d932013-09-28 14:40:38 +02003303 *
3304 * Module: library/threading.c
3305 *
3306 * This allows different threading implementations (self-implemented or
3307 * provided).
3308 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003309 * You will have to enable either MBEDTLS_THREADING_ALT or
3310 * MBEDTLS_THREADING_PTHREAD.
Paul Bakker2466d932013-09-28 14:40:38 +02003311 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003312 * Enable this layer to allow use of mutexes within mbed TLS
Paul Bakker2466d932013-09-28 14:40:38 +02003313 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003314//#define MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003315
3316/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003317 * \def MBEDTLS_TIMING_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003318 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01003319 * Enable the semi-portable timing interface.
3320 *
Simon Butcherd567a232016-03-09 20:19:21 +00003321 * \note The provided implementation only works on POSIX/Unix (including Linux,
3322 * BSD and OS X) and Windows. On other platforms, you can either disable that
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01003323 * module and provide your own implementations of the callbacks needed by
3324 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
3325 * your own implementation of the whole module by setting
3326 * \c MBEDTLS_TIMING_ALT in the current file.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003327 *
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003328 * \note See also our Knowledge Base article about porting to a new
3329 * environment:
3330 * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
3331 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003332 * Module: library/timing.c
Paul Bakkerecd54fb2013-07-03 14:48:29 +02003333 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003334#define MBEDTLS_TIMING_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003335
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003336/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003337 * \def MBEDTLS_VERSION_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003338 *
3339 * Enable run-time version information.
3340 *
Paul Bakker0a62cd12011-01-21 11:00:08 +00003341 * Module: library/version.c
3342 *
3343 * This module provides run-time version information.
3344 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003345#define MBEDTLS_VERSION_C
Paul Bakker0a62cd12011-01-21 11:00:08 +00003346
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003347/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003348 * \def MBEDTLS_X509_USE_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003349 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003350 * Enable X.509 core for using certificates.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003351 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003352 * Module: library/x509.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003353 * Caller: library/x509_crl.c
3354 * library/x509_crt.c
3355 * library/x509_csr.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003356 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003357 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
3358 * MBEDTLS_PK_PARSE_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003359 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003360 * This module is required for the X.509 parsing modules.
Paul Bakker5121ce52009-01-03 21:22:43 +00003361 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003362#define MBEDTLS_X509_USE_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003363
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003364/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003365 * \def MBEDTLS_X509_CRT_PARSE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003366 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003367 * Enable X.509 certificate parsing.
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003368 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003369 * Module: library/x509_crt.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003370 * Caller: library/ssl_cli.c
3371 * library/ssl_srv.c
3372 * library/ssl_tls.c
3373 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003374 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003375 *
3376 * This module is required for X.509 certificate parsing.
3377 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003378#define MBEDTLS_X509_CRT_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003379
3380/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003381 * \def MBEDTLS_X509_CRL_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003382 *
3383 * Enable X.509 CRL parsing.
3384 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003385 * Module: library/x509_crl.c
3386 * Caller: library/x509_crt.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003387 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003388 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003389 *
3390 * This module is required for X.509 CRL parsing.
3391 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003392#define MBEDTLS_X509_CRL_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003393
3394/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003395 * \def MBEDTLS_X509_CSR_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003396 *
3397 * Enable X.509 Certificate Signing Request (CSR) parsing.
3398 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003399 * Module: library/x509_csr.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003400 * Caller: library/x509_crt_write.c
3401 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003402 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003403 *
3404 * This module is used for reading X.509 certificate request.
3405 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003406#define MBEDTLS_X509_CSR_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003407
3408/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003409 * \def MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003410 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003411 * Enable X.509 core for creating certificates.
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003412 *
3413 * Module: library/x509_create.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003414 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003415 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003416 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003417 * This module is the basis for creating X.509 certificates and CSRs.
3418 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003419#define MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003420
3421/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003422 * \def MBEDTLS_X509_CRT_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003423 *
3424 * Enable creating X.509 certificates.
3425 *
3426 * Module: library/x509_crt_write.c
3427 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003428 * Requires: MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003429 *
3430 * This module is required for X.509 certificate creation.
3431 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003432#define MBEDTLS_X509_CRT_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003433
3434/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003435 * \def MBEDTLS_X509_CSR_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003436 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003437 * Enable creating X.509 Certificate Signing Requests (CSR).
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003438 *
3439 * Module: library/x509_csr_write.c
3440 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003441 * Requires: MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003442 *
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003443 * This module is required for X.509 certificate request writing.
3444 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003445#define MBEDTLS_X509_CSR_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003446
3447/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003448 * \def MBEDTLS_XTEA_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003449 *
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003450 * Enable the XTEA block cipher.
3451 *
Paul Bakker7a7c78f2009-01-04 18:15:48 +00003452 * Module: library/xtea.c
3453 * Caller:
3454 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003455#define MBEDTLS_XTEA_C
Manuel Pégourié-Gonnard39d2adb2012-10-31 09:26:55 +01003456
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003457/* \} name SECTION: mbed TLS modules */
Paul Bakker7a7c78f2009-01-04 18:15:48 +00003458
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003459/**
3460 * \name SECTION: Module configuration options
3461 *
3462 * This section allows for the setting of module specific sizes and
3463 * configuration options. The default values are already present in the
3464 * relevant header files and should suffice for the regular use cases.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003465 *
Paul Bakker088c5c52014-04-25 11:11:10 +02003466 * Our advice is to enable options and change their values here
3467 * only if you have a good reason and know the consequences.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003468 *
3469 * Please check the respective header file for documentation on these
3470 * parameters (to prevent duplicate documentation).
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003471 * \{
3472 */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003473
Paul Bakker088c5c52014-04-25 11:11:10 +02003474/* MPI / BIGNUM options */
Daniel Otte4374dc42020-09-07 13:06:40 +02003475//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003476//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003477
Paul Bakker088c5c52014-04-25 11:11:10 +02003478/* CTR_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003479//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3480//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3481//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3482//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3483//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003484
Paul Bakker088c5c52014-04-25 11:11:10 +02003485/* HMAC_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003486//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3487//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3488//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3489//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003490
Paul Bakker088c5c52014-04-25 11:11:10 +02003491/* ECP options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003492//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
3493//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
3494//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
Manuel Pégourié-Gonnard0520b602014-01-30 19:43:46 +01003495
Paul Bakker088c5c52014-04-25 11:11:10 +02003496/* Entropy options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003497//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3498//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
Andres AG7abc9742016-09-23 17:58:49 +01003499//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
Paul Bakkere1b665e2013-12-11 16:02:58 +01003500
Paul Bakker088c5c52014-04-25 11:11:10 +02003501/* Memory buffer allocator options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003502//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003503
Paul Bakker088c5c52014-04-25 11:11:10 +02003504/* Platform options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003505//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003506//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003507//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3508//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003509//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003510//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3511//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003512/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003513//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
Janos Follath91947442016-03-18 13:49:27 +00003514//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3515//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003516//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3517//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3518//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
Paul Bakker6e339b52013-07-03 13:37:05 +02003519
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003520/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3521/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003522//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003523//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3524//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003525//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3526//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003527//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3528//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003529/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003530//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
k-stachowiak723f8672018-07-16 14:27:07 +02003531//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003532//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3533//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003534
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003535/**
3536 * \brief This macro is invoked by the library when an invalid parameter
Gilles Peskinec7ad1222019-06-13 16:44:19 +02003537 * is detected that is only checked with #MBEDTLS_CHECK_PARAMS
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003538 * (see the documentation of that option for context).
3539 *
Gilles Peskinec7ad1222019-06-13 16:44:19 +02003540 * When you leave this undefined here, the library provides
3541 * a default definition. If the macro #MBEDTLS_CHECK_PARAMS_ASSERT
3542 * is defined, the default definition is `assert(cond)`,
3543 * otherwise the default definition calls a function
3544 * mbedtls_param_failed(). This function is declared in
3545 * `platform_util.h` for the benefit of the library, but
3546 * you need to define in your application.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003547 *
3548 * When you define this here, this replaces the default
3549 * definition in platform_util.h (which no longer declares the
3550 * function mbedtls_param_failed()) and it is your responsibility
3551 * to make sure this macro expands to something suitable (in
3552 * particular, that all the necessary declarations are visible
3553 * from within the library - you can ensure that by providing
3554 * them in this file next to the macro definition).
Gilles Peskinec7ad1222019-06-13 16:44:19 +02003555 * If you define this macro to call `assert`, also define
3556 * #MBEDTLS_CHECK_PARAMS_ASSERT so that library source files
3557 * include `<assert.h>`.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003558 *
3559 * Note that you may define this macro to expand to nothing, in
3560 * which case you don't have to worry about declarations or
3561 * definitions. However, you will then be notified about invalid
3562 * parameters only in non-void functions, and void function will
3563 * just silently return early on invalid parameters, which
3564 * partially negates the benefits of enabling
3565 * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged.
3566 *
3567 * \param cond The expression that should evaluate to true, but doesn't.
3568 */
3569//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3570
Gilles Peskineed038902020-11-13 21:33:21 +01003571/* PSA options */
Gilles Peskine14c332b2020-11-14 12:26:53 +01003572/**
Gilles Peskineed038902020-11-13 21:33:21 +01003573 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
3574 * PSA crypto subsystem.
3575 *
3576 * If this option is unset:
3577 * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
Gilles Peskineb0a748e2020-11-30 12:01:54 +01003578 * - Otherwise, the PSA subsystem uses HMAC_DRBG with either
Gilles Peskineed038902020-11-13 21:33:21 +01003579 * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
3580 * on unspecified heuristics.
3581 */
3582//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
3583
Paul Bakker088c5c52014-04-25 11:11:10 +02003584/* SSL Cache options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003585//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3586//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003587
Paul Bakker088c5c52014-04-25 11:11:10 +02003588/* SSL options */
Angus Grattond8213d02016-05-25 20:56:48 +10003589
3590/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
3591 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003592 * Maximum length (in bytes) of incoming and outgoing plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003593 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003594 * This determines the size of both the incoming and outgoing TLS I/O buffers
3595 * in such a way that both are capable of holding the specified amount of
3596 * plaintext data, regardless of the protection mechanism used.
Angus Grattond8213d02016-05-25 20:56:48 +10003597 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003598 * To configure incoming and outgoing I/O buffers separately, use
3599 * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN,
3600 * which overwrite the value set by this option.
3601 *
3602 * \note When using a value less than the default of 16KB on the client, it is
3603 * recommended to use the Maximum Fragment Length (MFL) extension to
3604 * inform the server about this limitation. On the server, there
3605 * is no supported, standardized way of informing the client about
3606 * restriction on the maximum size of incoming messages, and unless
3607 * the limitation has been communicated by other means, it is recommended
3608 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3609 * while keeping the default value of 16KB for the incoming buffer.
3610 *
3611 * Uncomment to set the maximum plaintext size of both
3612 * incoming and outgoing I/O buffers.
Angus Grattond8213d02016-05-25 20:56:48 +10003613 */
3614//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
3615
3616/** \def MBEDTLS_SSL_IN_CONTENT_LEN
3617 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003618 * Maximum length (in bytes) of incoming plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003619 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003620 * This determines the size of the incoming TLS I/O buffer in such a way
3621 * that it is capable of holding the specified amount of plaintext data,
3622 * regardless of the protection mechanism used.
3623 *
3624 * If this option is undefined, it inherits its value from
3625 * #MBEDTLS_SSL_MAX_CONTENT_LEN.
3626 *
3627 * \note When using a value less than the default of 16KB on the client, it is
3628 * recommended to use the Maximum Fragment Length (MFL) extension to
3629 * inform the server about this limitation. On the server, there
3630 * is no supported, standardized way of informing the client about
3631 * restriction on the maximum size of incoming messages, and unless
3632 * the limitation has been communicated by other means, it is recommended
3633 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3634 * while keeping the default value of 16KB for the incoming buffer.
3635 *
3636 * Uncomment to set the maximum plaintext size of the incoming I/O buffer
3637 * independently of the outgoing I/O buffer.
Angus Grattond8213d02016-05-25 20:56:48 +10003638 */
3639//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3640
Gilles Peskined3d02902020-03-04 21:35:27 +01003641/** \def MBEDTLS_SSL_CID_IN_LEN_MAX
3642 *
3643 * The maximum length of CIDs used for incoming DTLS messages.
3644 *
3645 */
3646//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3647
3648/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX
3649 *
3650 * The maximum length of CIDs used for outgoing DTLS messages.
3651 *
3652 */
3653//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3654
3655/** \def MBEDTLS_SSL_CID_PADDING_GRANULARITY
3656 *
3657 * This option controls the use of record plaintext padding
3658 * when using the Connection ID extension in DTLS 1.2.
3659 *
3660 * The padding will always be chosen so that the length of the
3661 * padded plaintext is a multiple of the value of this option.
3662 *
3663 * Note: A value of \c 1 means that no padding will be used
3664 * for outgoing records.
3665 *
3666 * Note: On systems lacking division instructions,
3667 * a power of two should be preferred.
3668 *
3669 */
3670//#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
3671
Hanno Beckerceef8482020-06-02 06:16:00 +01003672/** \def MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY
Hanno Becker13996922020-05-28 16:15:19 +01003673 *
3674 * This option controls the use of record plaintext padding
3675 * in TLS 1.3.
3676 *
3677 * The padding will always be chosen so that the length of the
3678 * padded plaintext is a multiple of the value of this option.
3679 *
3680 * Note: A value of \c 1 means that no padding will be used
3681 * for outgoing records.
3682 *
3683 * Note: On systems lacking division instructions,
3684 * a power of two should be preferred.
3685 */
Hanno Beckerceef8482020-06-02 06:16:00 +01003686//#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
Hanno Becker13996922020-05-28 16:15:19 +01003687
Angus Grattond8213d02016-05-25 20:56:48 +10003688/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
3689 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003690 * Maximum length (in bytes) of outgoing plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003691 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003692 * This determines the size of the outgoing TLS I/O buffer in such a way
3693 * that it is capable of holding the specified amount of plaintext data,
3694 * regardless of the protection mechanism used.
3695 *
3696 * If this option undefined, it inherits its value from
3697 * #MBEDTLS_SSL_MAX_CONTENT_LEN.
Angus Grattond8213d02016-05-25 20:56:48 +10003698 *
3699 * It is possible to save RAM by setting a smaller outward buffer, while keeping
3700 * the default inward 16384 byte buffer to conform to the TLS specification.
3701 *
3702 * The minimum required outward buffer size is determined by the handshake
3703 * protocol's usage. Handshaking will fail if the outward buffer is too small.
3704 * The specific size requirement depends on the configured ciphers and any
3705 * certificate data which is sent during the handshake.
3706 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003707 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer
3708 * independently of the incoming I/O buffer.
Angus Grattond8213d02016-05-25 20:56:48 +10003709 */
3710//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3711
Hanno Beckere0b150f2018-08-21 15:51:03 +01003712/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
3713 *
3714 * Maximum number of heap-allocated bytes for the purpose of
3715 * DTLS handshake message reassembly and future message buffering.
3716 *
Hanno Becker97a1c132018-08-28 14:42:15 +01003717 * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
Hanno Becker28007512018-08-28 09:46:44 +01003718 * to account for a reassembled handshake message of maximum size,
3719 * together with its reassembly bitmap.
3720 *
Hanno Becker97a1c132018-08-28 14:42:15 +01003721 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
Hanno Becker28007512018-08-28 09:46:44 +01003722 * should be sufficient for all practical situations as it allows
3723 * to reassembly a large handshake message (such as a certificate)
3724 * while buffering multiple smaller handshake messages.
3725 *
Hanno Beckere0b150f2018-08-21 15:51:03 +01003726 */
Hanno Becker159a37f2018-08-24 15:07:29 +01003727//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
Hanno Beckere0b150f2018-08-21 15:51:03 +01003728
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003729//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
3730//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
3731//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003732
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02003733/**
3734 * Complete list of ciphersuites to use, in order of preference.
3735 *
3736 * \warning No dependency checking is done on that field! This option can only
3737 * be used to restrict the set of available ciphersuites. It is your
3738 * responsibility to make sure the needed modules are active.
3739 *
3740 * Use this to save a few hundred bytes of ROM (default ordering of all
3741 * available ciphersuites) and a few to a few hundred bytes of RAM.
3742 *
3743 * The value below is only an example, not the default.
3744 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003745//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02003746
Manuel Pégourié-Gonnardfd6c85c2014-11-20 16:34:20 +01003747/* X509 options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003748//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
Andres AGf9113192016-09-02 14:06:04 +01003749//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
Manuel Pégourié-Gonnardfd6c85c2014-11-20 16:34:20 +01003750
Gilles Peskine5e79cb32017-05-04 16:17:21 +02003751/**
Gilles Peskine5d2511c2017-05-12 13:16:40 +02003752 * Allow SHA-1 in the default TLS configuration for certificate signing.
3753 * Without this build-time option, SHA-1 support must be activated explicitly
3754 * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
Hanno Beckerbbca8c52017-09-25 14:53:51 +01003755 * recommended because of it is possible to generate SHA-1 collisions, however
Gilles Peskine5d2511c2017-05-12 13:16:40 +02003756 * this may be safe for legacy infrastructure where additional controls apply.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01003757 *
3758 * \warning SHA-1 is considered a weak message digest and its use constitutes
3759 * a security risk. If possible, we recommend avoiding dependencies
3760 * on it, and considering stronger message digests instead.
3761 *
Gilles Peskine5e79cb32017-05-04 16:17:21 +02003762 */
Gilles Peskined3d02902020-03-04 21:35:27 +01003763//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskine5d2511c2017-05-12 13:16:40 +02003764
3765/**
3766 * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
3767 * signature and ciphersuite selection. Without this build-time option, SHA-1
3768 * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
3769 * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
3770 * default. At the time of writing, there is no practical attack on the use
3771 * of SHA-1 in handshake signatures, hence this option is turned on by default
Hanno Beckerbbca8c52017-09-25 14:53:51 +01003772 * to preserve compatibility with existing peers, but the general
3773 * warning applies nonetheless:
3774 *
3775 * \warning SHA-1 is considered a weak message digest and its use constitutes
3776 * a security risk. If possible, we recommend avoiding dependencies
3777 * on it, and considering stronger message digests instead.
3778 *
Gilles Peskine5d2511c2017-05-12 13:16:40 +02003779 */
3780#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
Gilles Peskine5e79cb32017-05-04 16:17:21 +02003781
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003782/**
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003783 * Uncomment the macro to let mbed TLS use your alternate implementation of
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003784 * mbedtls_platform_zeroize(). This replaces the default implementation in
3785 * platform_util.c.
Andres Amaya Garcia6606d5c2018-03-08 20:25:29 +00003786 *
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003787 * mbedtls_platform_zeroize() is a widely used function across the library to
3788 * zero a block of memory. The implementation is expected to be secure in the
3789 * sense that it has been written to prevent the compiler from removing calls
3790 * to mbedtls_platform_zeroize() as part of redundant code elimination
3791 * optimizations. However, it is difficult to guarantee that calls to
3792 * mbedtls_platform_zeroize() will not be optimized by the compiler as older
3793 * versions of the C language standards do not provide a secure implementation
3794 * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
3795 * configure their own implementation of mbedtls_platform_zeroize(), for
Andres Amaya Garciad0ef4682018-04-24 08:31:34 -05003796 * example by using directives specific to their compiler, features from newer
3797 * C standards (e.g using memset_s() in C11) or calling a secure memset() from
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003798 * their system (e.g explicit_bzero() in BSD).
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003799 */
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003800//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003801
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003802/**
3803 * Uncomment the macro to let Mbed TLS use your alternate implementation of
Hanno Becker6a739782018-09-05 15:06:19 +01003804 * mbedtls_platform_gmtime_r(). This replaces the default implementation in
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003805 * platform_util.c.
3806 *
Hanno Becker921b76d2018-09-05 16:21:36 +01003807 * gmtime() is not a thread-safe function as defined in the C standard. The
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003808 * library will try to use safer implementations of this function, such as
3809 * gmtime_r() when available. However, if Mbed TLS cannot identify the target
Hanno Becker6a739782018-09-05 15:06:19 +01003810 * system, the implementation of mbedtls_platform_gmtime_r() will default to
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003811 * using the standard gmtime(). In this case, calls from the library to
3812 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
Hanno Becker9fbbf1c2018-09-05 16:23:02 +01003813 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003814 * library are also guarded with this mutex to avoid race conditions. However,
Hanno Becker6a739782018-09-05 15:06:19 +01003815 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
3816 * unconditionally use the implementation for mbedtls_platform_gmtime_r()
3817 * supplied at compile time.
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003818 */
Hanno Becker6a739782018-09-05 15:06:19 +01003819//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003820
Christoph M. Wintersteigere50b9702018-12-14 11:03:02 +00003821/**
Christoph M. Wintersteiger50d9f092019-02-15 12:49:27 +00003822 * Enable the verified implementations of ECDH primitives from Project Everest
3823 * (currently only Curve25519). This feature changes the layout of ECDH
3824 * contexts and therefore is a compatibility break for applications that access
3825 * fields of a mbedtls_ecdh_context structure directly. See also
3826 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
Christoph M. Wintersteiger02b80482018-10-25 12:41:04 +01003827 */
Christoph M. Wintersteiger6cddd302019-01-17 12:17:54 +00003828//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
Christoph M. Wintersteiger02b80482018-10-25 12:41:04 +01003829
Simon Butcher30b5f972016-06-08 19:00:23 +01003830/* \} name SECTION: Customisation configuration options */
Manuel Pégourié-Gonnard43569a92015-07-31 15:37:29 +02003831
Simon Butcher3ad2efd2018-05-02 14:49:38 +01003832/* Target and application specific configurations
3833 *
Manuel Pégourié-Gonnard32da9f62015-07-31 15:52:30 +02003834 * Allow user to override any previous default.
3835 *
Manuel Pégourié-Gonnard32da9f62015-07-31 15:52:30 +02003836 */
Simon Butcher3ad2efd2018-05-02 14:49:38 +01003837#if defined(MBEDTLS_USER_CONFIG_FILE)
Manuel Pégourié-Gonnard32da9f62015-07-31 15:52:30 +02003838#include MBEDTLS_USER_CONFIG_FILE
3839#endif
3840
Gilles Peskinea26b3e52020-11-09 15:19:32 +01003841#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
John Durkop6e33dbe2020-09-17 21:15:13 -07003842#include "mbedtls/config_psa.h"
Gilles Peskinea26b3e52020-11-09 15:19:32 +01003843#endif
John Durkop6e33dbe2020-09-17 21:15:13 -07003844
Jaeden Amero6609aef2019-07-04 20:01:14 +01003845#include "mbedtls/check_config.h"
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01003846
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003847#endif /* MBEDTLS_CONFIG_H */