blob: d0f8c46554113ce62d4fd4c1ec97df51ca13b9d8 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001/**
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +02002 * \file mbedtls_config.h
Paul Bakker5121ce52009-01-03 21:22:43 +00003 *
Paul Bakker37ca75d2011-01-06 12:28:03 +00004 * \brief Configuration options (set of defines)
5 *
Simon Butcher5b331b92016-01-03 16:14:14 +00006 * This set of compile-time options may be used to enable
7 * or disable features selectively, and reduce the global
8 * memory footprint.
Darryl Greena40a1012018-01-05 15:33:17 +00009 */
10/*
Bence Szépkúti1e148272020-08-07 13:07:28 +020011 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +020012 * SPDX-License-Identifier: Apache-2.0
13 *
14 * Licensed under the Apache License, Version 2.0 (the "License"); you may
15 * not use this file except in compliance with the License.
16 * You may obtain a copy of the License at
17 *
18 * http://www.apache.org/licenses/LICENSE-2.0
19 *
20 * Unless required by applicable law or agreed to in writing, software
21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23 * See the License for the specific language governing permissions and
24 * limitations under the License.
Manuel Pégourié-Gonnarde2b0efe2015-08-11 10:38:37 +020025 */
26
Bence Szépkúti2bb74562021-06-21 16:19:00 +020027/**
Tom Cosgrove1e211442022-05-26 11:51:00 +010028 * This is an optional version symbol that enables compatibility handling of
Bence Szépkúti2bb74562021-06-21 16:19:00 +020029 * config files.
30 *
Bence Szépkúti1b2a8832021-06-28 10:26:11 +010031 * It is equal to the #MBEDTLS_VERSION_NUMBER of the Mbed TLS version that
Bence Szépkúti2bb74562021-06-21 16:19:00 +020032 * introduced the config format we want to be compatible with.
33 */
Bence Szépkúti1cafe5c2021-06-22 09:30:08 +020034//#define MBEDTLS_CONFIG_VERSION 0x03000000
Bence Szépkútiba7248a2021-05-31 16:53:56 +020035
Paul Bakkerf3b86c12011-01-27 15:24:17 +000036/**
Paul Bakker0a62cd12011-01-21 11:00:08 +000037 * \name SECTION: System support
38 *
39 * This section sets system specific settings.
40 * \{
41 */
42
Paul Bakkerf3b86c12011-01-27 15:24:17 +000043/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020044 * \def MBEDTLS_HAVE_ASM
Paul Bakkerf3b86c12011-01-27 15:24:17 +000045 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020046 * The compiler has support for asm().
Paul Bakker68041ec2009-04-19 21:17:55 +000047 *
48 * Requires support for asm() in compiler.
49 *
50 * Used in:
Dave Rodgmancb0f2c42022-12-23 13:15:37 +000051 * library/aesni.h
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010052 * library/aria.c
Chris Jones4c5819c2021-03-03 17:45:34 +000053 * library/bn_mul.h
Dave Rodgmancb0f2c42022-12-23 13:15:37 +000054 * library/constant_time.c
55 * library/padlock.h
Paul Bakker68041ec2009-04-19 21:17:55 +000056 *
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010057 * Required by:
Tom Cosgrovef586aa22023-03-20 14:45:27 +000058 * MBEDTLS_AESCE_C
Gilles Peskine0bfccfa2023-03-16 17:49:44 +010059 * MBEDTLS_AESNI_C (on some platforms)
Manuel Pégourié-Gonnard26b54fa2018-02-27 12:20:20 +010060 * MBEDTLS_PADLOCK_C
61 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +020062 * Comment to disable the use of assembly code.
Paul Bakker5121ce52009-01-03 21:22:43 +000063 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020064#define MBEDTLS_HAVE_ASM
Paul Bakker5121ce52009-01-03 21:22:43 +000065
Paul Bakkerf3b86c12011-01-27 15:24:17 +000066/**
Gilles Peskineed942f82017-06-08 15:19:20 +020067 * \def MBEDTLS_NO_UDBL_DIVISION
68 *
69 * The platform lacks support for double-width integer division (64-bit
70 * division on a 32-bit platform, 128-bit division on a 64-bit platform).
71 *
72 * Used in:
73 * include/mbedtls/bignum.h
74 * library/bignum.c
75 *
76 * The bignum code uses double-width division to speed up some operations.
77 * Double-width division is often implemented in software that needs to
78 * be linked with the program. The presence of a double-width integer
79 * type is usually detected automatically through preprocessor macros,
80 * but the automatic detection cannot know whether the code needs to
81 * and can be linked with an implementation of division for that type.
82 * By default division is assumed to be usable if the type is present.
83 * Uncomment this option to prevent the use of double-width division.
84 *
85 * Note that division for the native integer type is always required.
86 * Furthermore, a 64-bit type is always required even on a 32-bit
Andres Amaya Garcia2801d002017-07-21 10:56:22 +010087 * platform, but it need not support multiplication or division. In some
88 * cases it is also desirable to disable some double-width operations. For
89 * example, if double-width division is implemented in software, disabling
90 * it can reduce code size in some embedded targets.
Gilles Peskineed942f82017-06-08 15:19:20 +020091 */
92//#define MBEDTLS_NO_UDBL_DIVISION
93
94/**
Manuel Pégourié-Gonnard2adb3752018-06-07 10:51:44 +020095 * \def MBEDTLS_NO_64BIT_MULTIPLICATION
96 *
97 * The platform lacks support for 32x32 -> 64-bit multiplication.
98 *
99 * Used in:
100 * library/poly1305.c
101 *
102 * Some parts of the library may use multiplication of two unsigned 32-bit
103 * operands with a 64-bit result in order to speed up computations. On some
104 * platforms, this is not available in hardware and has to be implemented in
105 * software, usually in a library provided by the toolchain.
106 *
107 * Sometimes it is not desirable to have to link to that library. This option
108 * removes the dependency of that library on platforms that lack a hardware
109 * 64-bit multiplier by embedding a software implementation in Mbed TLS.
110 *
111 * Note that depending on the compiler, this may decrease performance compared
112 * to using the library function provided by the toolchain.
113 */
114//#define MBEDTLS_NO_64BIT_MULTIPLICATION
115
116/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200117 * \def MBEDTLS_HAVE_SSE2
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000118 *
Paul Bakkere23c3152012-10-01 14:42:47 +0000119 * CPU supports SSE2 instruction set.
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000120 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000121 * Uncomment if the CPU supports SSE2 (IA-32 specific).
Paul Bakker5121ce52009-01-03 21:22:43 +0000122 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200123//#define MBEDTLS_HAVE_SSE2
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200124
125/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200126 * \def MBEDTLS_HAVE_TIME
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200127 *
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200128 * System has time.h and time().
129 * The time does not need to be correct, only time differences are used,
130 * by contrast with MBEDTLS_HAVE_TIME_DATE
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200131 *
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +0100132 * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
133 * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
134 * MBEDTLS_PLATFORM_STD_TIME.
135 *
Andrzej Kurek57353692022-04-07 08:08:21 -0400136 * Comment if your system does not support time functions.
137 *
138 * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing
139 * interface - timing.c will include time.h on suitable platforms
140 * regardless of the setting of MBEDTLS_HAVE_TIME, unless
141 * MBEDTLS_TIMING_ALT is used. See timing.c for more information.
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200142 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200143#define MBEDTLS_HAVE_TIME
Manuel Pégourié-Gonnard10934de2013-12-13 12:54:09 +0100144
145/**
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200146 * \def MBEDTLS_HAVE_TIME_DATE
147 *
Hanno Becker4e67cca2018-09-05 16:18:38 +0100148 * System has time.h, time(), and an implementation for
149 * mbedtls_platform_gmtime_r() (see below).
Antonin Décimo36e89b52019-01-23 15:24:37 +0100150 * The time needs to be correct (not necessarily very accurate, but at least
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200151 * the date should be correct). This is used to verify the validity period of
152 * X.509 certificates.
153 *
154 * Comment if your system does not have a correct clock.
Andres Amaya Garcia97f3ecb2018-08-07 20:39:27 +0100155 *
Hanno Becker6a739782018-09-05 15:06:19 +0100156 * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
Hanno Beckerc52ef402018-09-05 16:28:59 +0100157 * behaves similarly to the gmtime_r() function from the C standard. Refer to
158 * the documentation for mbedtls_platform_gmtime_r() for more information.
Andres Amaya Garciac99b12b2018-08-21 19:32:44 +0100159 *
160 * \note It is possible to configure an implementation for
Hanno Becker6a739782018-09-05 15:06:19 +0100161 * mbedtls_platform_gmtime_r() at compile-time by using the macro
162 * MBEDTLS_PLATFORM_GMTIME_R_ALT.
Manuel Pégourié-Gonnard60c793b2015-06-18 20:52:58 +0200163 */
164#define MBEDTLS_HAVE_TIME_DATE
165
166/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200167 * \def MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100168 *
169 * Enable the memory allocation layer.
170 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200171 * By default mbed TLS uses the system-provided calloc() and free().
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100172 * This allows different allocators (self-implemented or provided) to be
173 * provided to the platform abstraction layer.
174 *
Andrzej Kurekf14a5c32023-07-14 06:15:15 -0400175 * Enabling #MBEDTLS_PLATFORM_MEMORY without the
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200176 * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
177 * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
Rich Evans16f8cd82015-02-06 16:14:34 +0000178 * free() function pointer at runtime.
179 *
Andrzej Kurekf14a5c32023-07-14 06:15:15 -0400180 * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200181 * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
Rich Evans16f8cd82015-02-06 16:14:34 +0000182 * alternate function at compile time.
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100183 *
Andrzej Kurekf14a5c32023-07-14 06:15:15 -0400184 * An overview of how the value of mbedtls_calloc is determined:
185 *
186 * - if !MBEDTLS_PLATFORM_MEMORY
187 * - mbedtls_calloc = calloc
188 * - if MBEDTLS_PLATFORM_MEMORY
189 * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
190 * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO
191 * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
192 * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC.
193 * - How is MBEDTLS_PLATFORM_STD_CALLOC handled?
194 * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
195 * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything;
196 * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present;
197 * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
198 * - if MBEDTLS_PLATFORM_STD_CALLOC is present:
199 * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected;
200 * - if !MBEDTLS_PLATFORM_STD_CALLOC:
201 * - MBEDTLS_PLATFORM_STD_CALLOC = calloc
202 *
203 * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked.
204 * - if !MBEDTLS_PLATFORM_STD_CALLOC
205 * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc
206 *
207 * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC.
208 *
209 * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible.
210 * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time.
211 * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used,
212 * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
213 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer.
214 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything.
215 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200216 * Requires: MBEDTLS_PLATFORM_C
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100217 *
218 * Enable this layer to allow use of alternative memory allocators.
219 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200220//#define MBEDTLS_PLATFORM_MEMORY
Paul Bakkerdefc0ca2014-02-04 17:30:24 +0100221
222/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200223 * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200224 *
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +0200225 * Do not assign standard functions in the platform layer (e.g. calloc() to
226 * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
Paul Bakker088c5c52014-04-25 11:11:10 +0200227 *
228 * This makes sure there are no linking errors on platforms that do not support
229 * these functions. You will HAVE to provide alternatives, either at runtime
230 * via the platform_set_xxx() functions or at compile time by setting
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200231 * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
232 * MBEDTLS_PLATFORM_XXX_MACRO.
Paul Bakker088c5c52014-04-25 11:11:10 +0200233 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200234 * Requires: MBEDTLS_PLATFORM_C
Paul Bakker088c5c52014-04-25 11:11:10 +0200235 *
236 * Uncomment to prevent default assignment of standard functions in the
237 * platform layer.
238 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200239//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
Paul Bakker088c5c52014-04-25 11:11:10 +0200240
241/**
Janos Follathc351d182016-03-21 08:43:59 +0000242 * \def MBEDTLS_PLATFORM_EXIT_ALT
Paul Bakker747a83a2014-02-01 22:50:07 +0100243 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100244 * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
245 * function in the platform abstraction layer.
Paul Bakker747a83a2014-02-01 22:50:07 +0100246 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200247 * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
248 * provide a function "mbedtls_platform_set_printf()" that allows you to set an
Paul Bakker747a83a2014-02-01 22:50:07 +0100249 * alternative printf function pointer.
250 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200251 * All these define require MBEDTLS_PLATFORM_C to be defined!
Paul Bakker747a83a2014-02-01 22:50:07 +0100252 *
Manuel Pégourié-Gonnard9db28872015-06-26 10:52:01 +0200253 * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
254 * it will be enabled automatically by check_config.h
255 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +0200256 * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200257 * MBEDTLS_PLATFORM_XXX_MACRO!
Rich Evans16f8cd82015-02-06 16:14:34 +0000258 *
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +0100259 * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
260 *
Paul Bakker747a83a2014-02-01 22:50:07 +0100261 * Uncomment a macro to enable alternate implementation of specific base
262 * platform function
263 */
Gilles Peskine6497b5a2022-06-30 17:01:40 +0200264//#define MBEDTLS_PLATFORM_SETBUF_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200265//#define MBEDTLS_PLATFORM_EXIT_ALT
SimonBd5800b72016-04-26 07:43:27 +0100266//#define MBEDTLS_PLATFORM_TIME_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200267//#define MBEDTLS_PLATFORM_FPRINTF_ALT
268//#define MBEDTLS_PLATFORM_PRINTF_ALT
269//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
k-stachowiak723f8672018-07-16 14:27:07 +0200270//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
Paul Bakkercf0a9f92016-06-01 11:25:44 +0100271//#define MBEDTLS_PLATFORM_NV_SEED_ALT
Andres Amaya Garcia59c20262017-07-18 10:23:04 +0100272//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
Jerry Yu38257492022-12-15 17:54:47 +0800273//#define MBEDTLS_PLATFORM_MS_TIME_ALT
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100274
275/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200276 * \def MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100277 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000278 * Mark deprecated functions and features so that they generate a warning if
279 * used. Functionality deprecated in one version will usually be removed in the
280 * next version. You can enable this to help you prepare the transition to a
281 * new major version by making sure your code is not using this functionality.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100282 *
283 * This only works with GCC and Clang. With other compilers, you may want to
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200284 * use MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100285 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000286 * Uncomment to get warnings on using deprecated functions and features.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100287 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200288//#define MBEDTLS_DEPRECATED_WARNING
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100289
290/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200291 * \def MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100292 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000293 * Remove deprecated functions and features so that they generate an error if
294 * used. Functionality deprecated in one version will usually be removed in the
295 * next version. You can enable this to help you prepare the transition to a
296 * new major version by making sure your code is not using this functionality.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100297 *
Andres Amaya Garcia09634242018-11-29 09:55:41 +0000298 * Uncomment to get errors on using deprecated functions and features.
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100299 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200300//#define MBEDTLS_DEPRECATED_REMOVED
Manuel Pégourié-Gonnardc70581c2015-03-23 13:58:27 +0100301
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +0100302/** \} name SECTION: System support */
Paul Bakker0a62cd12011-01-21 11:00:08 +0000303
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000304/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000305 * \name SECTION: mbed TLS feature support
Paul Bakker0a62cd12011-01-21 11:00:08 +0000306 *
307 * This section sets support for features that are or are not needed
308 * within the modules that are enabled.
309 * \{
310 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000311
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000312/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200313 * \def MBEDTLS_TIMING_ALT
Paul Bakkerf2561b32014-02-06 15:11:55 +0100314 *
TRodziewiczd8540832021-06-10 15:16:50 +0200315 * Uncomment to provide your own alternate implementation for
Manuel Pégourié-Gonnarda63bc942015-05-14 18:22:47 +0200316 * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
Paul Bakkerf2561b32014-02-06 15:11:55 +0100317 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200318 * Only works if you have MBEDTLS_TIMING_C enabled.
Paul Bakkerf2561b32014-02-06 15:11:55 +0100319 *
320 * You will need to provide a header "timing_alt.h" and an implementation at
321 * compile time.
322 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200323//#define MBEDTLS_TIMING_ALT
Paul Bakkerf2561b32014-02-06 15:11:55 +0100324
325/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100326 * \def MBEDTLS_AES_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200327 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100328 * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follathb0697532016-08-18 12:38:46 +0100329 * alternate core implementation of a symmetric crypto, an arithmetic or hash
330 * module (e.g. platform specific assembly optimized implementations). Keep
331 * in mind that the function prototypes should remain the same.
Paul Bakker90995b52013-06-24 19:20:35 +0200332 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200333 * This replaces the whole module. If you only want to replace one of the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200334 * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200335 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200336 * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
Janos Follathee782bc2016-11-07 15:41:26 +0000337 * provide the "struct mbedtls_aes_context" definition and omit the base
338 * function declarations and implementations. "aes_alt.h" will be included from
Paul Bakker90995b52013-06-24 19:20:35 +0200339 * "aes.h" to include the new function definitions.
340 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200341 * Uncomment a macro to enable alternate implementation of the corresponding
342 * module.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100343 *
TRodziewicz10e8cf52021-05-31 17:58:57 +0200344 * \warning MD5, DES and SHA-1 are considered weak and their
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100345 * use constitutes a security risk. If possible, we recommend
346 * avoiding dependencies on them, and considering stronger message
347 * digests and ciphers instead.
348 *
Paul Bakker90995b52013-06-24 19:20:35 +0200349 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200350//#define MBEDTLS_AES_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000351//#define MBEDTLS_ARIA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200352//#define MBEDTLS_CAMELLIA_ALT
Steven Cooreman222e2ff2017-04-04 11:37:15 +0200353//#define MBEDTLS_CCM_ALT
Daniel King34b822c2016-05-15 17:28:08 -0300354//#define MBEDTLS_CHACHA20_ALT
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +0200355//#define MBEDTLS_CHACHAPOLY_ALT
Steven Cooreman63342772017-04-04 11:47:16 +0200356//#define MBEDTLS_CMAC_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200357//#define MBEDTLS_DES_ALT
nirekh01d569ecf2018-01-09 16:43:21 +0000358//#define MBEDTLS_DHM_ALT
Hanno Becker616d1ca2018-01-24 10:25:05 +0000359//#define MBEDTLS_ECJPAKE_ALT
Jaeden Amero15263302017-09-21 12:53:48 +0100360//#define MBEDTLS_GCM_ALT
Ron Eldor466a57f2018-05-03 16:54:28 +0300361//#define MBEDTLS_NIST_KW_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200362//#define MBEDTLS_MD5_ALT
Daniel Kingadc32c02016-05-16 18:25:45 -0300363//#define MBEDTLS_POLY1305_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200364//#define MBEDTLS_RIPEMD160_ALT
Hanno Becker88683b22018-01-04 18:26:54 +0000365//#define MBEDTLS_RSA_ALT
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200366//#define MBEDTLS_SHA1_ALT
367//#define MBEDTLS_SHA256_ALT
368//#define MBEDTLS_SHA512_ALT
Markku-Juhani O. Saarinen0fb47fe2017-12-01 15:41:38 +0000369
Janos Follathb0697532016-08-18 12:38:46 +0100370/*
Shaun Case8b0ecbc2021-12-20 21:14:10 -0800371 * When replacing the elliptic curve module, please consider, that it is
Janos Follathb0697532016-08-18 12:38:46 +0100372 * implemented with two .c files:
373 * - ecp.c
374 * - ecp_curves.c
Janos Follathee782bc2016-11-07 15:41:26 +0000375 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
376 * macros as described above. The only difference is that you have to make sure
377 * that you provide functionality for both .c files.
Janos Follathb0697532016-08-18 12:38:46 +0100378 */
379//#define MBEDTLS_ECP_ALT
Paul Bakker90995b52013-06-24 19:20:35 +0200380
381/**
TRodziewicz75628d52021-06-18 12:56:27 +0200382 * \def MBEDTLS_SHA256_PROCESS_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200383 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100384 * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
385 * alternate core implementation of symmetric crypto or hash function. Keep in
386 * mind that function prototypes should remain the same.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200387 *
388 * This replaces only one function. The header file from mbed TLS is still
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200389 * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200390 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200391 * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
392 * no longer provide the mbedtls_sha1_process() function, but it will still provide
393 * the other function (using your mbedtls_sha1_process() function) and the definition
394 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200395 * with this definition.
396 *
Tobias Nießen1e8ca122021-05-10 19:53:15 +0200397 * \note If you use the AES_xxx_ALT macros, then it is recommended to also set
Hanno Beckera5723f42017-06-26 12:46:19 +0100398 * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
399 * tables.
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200400 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200401 * Uncomment a macro to enable alternate implementation of the corresponding
402 * function.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100403 *
TRodziewicz10e8cf52021-05-31 17:58:57 +0200404 * \warning MD5, DES and SHA-1 are considered weak and their use
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100405 * constitutes a security risk. If possible, we recommend avoiding
406 * dependencies on them, and considering stronger message digests
407 * and ciphers instead.
408 *
Janos Follath1231d212019-01-07 15:01:32 +0000409 * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are
410 * enabled, then the deterministic ECDH signature functions pass the
411 * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore
412 * alternative implementations should use the RNG only for generating
413 * the ephemeral key and nothing else. If this is not possible, then
414 * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative
TRodziewiczc1c479f2021-05-06 00:53:22 +0200415 * implementation should be provided for mbedtls_ecdsa_sign_det_ext().
Janos Follath1231d212019-01-07 15:01:32 +0000416 *
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200417 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200418//#define MBEDTLS_MD5_PROCESS_ALT
419//#define MBEDTLS_RIPEMD160_PROCESS_ALT
420//#define MBEDTLS_SHA1_PROCESS_ALT
421//#define MBEDTLS_SHA256_PROCESS_ALT
422//#define MBEDTLS_SHA512_PROCESS_ALT
Manuel Pégourié-Gonnard70a50102015-05-12 15:02:45 +0200423//#define MBEDTLS_DES_SETKEY_ALT
424//#define MBEDTLS_DES_CRYPT_ECB_ALT
425//#define MBEDTLS_DES3_CRYPT_ECB_ALT
Manuel Pégourié-Gonnard31993f22015-05-12 15:41:08 +0200426//#define MBEDTLS_AES_SETKEY_ENC_ALT
427//#define MBEDTLS_AES_SETKEY_DEC_ALT
428//#define MBEDTLS_AES_ENCRYPT_ALT
429//#define MBEDTLS_AES_DECRYPT_ALT
Ron Eldora84c1cb2017-10-10 19:04:27 +0300430//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
Ron Eldor3226d362017-10-12 14:17:48 +0300431//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
Ron Eldor314adb62017-10-10 18:28:25 +0300432//#define MBEDTLS_ECDSA_VERIFY_ALT
433//#define MBEDTLS_ECDSA_SIGN_ALT
434//#define MBEDTLS_ECDSA_GENKEY_ALT
Manuel Pégourié-Gonnard427b6722015-03-31 18:32:50 +0200435
436/**
Janos Follathc44ab972016-11-18 16:38:23 +0000437 * \def MBEDTLS_ECP_INTERNAL_ALT
438 *
439 * Expose a part of the internal interface of the Elliptic Curve Point module.
Janos Follathb0697532016-08-18 12:38:46 +0100440 *
441 * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
Janos Follath372697b2016-10-28 16:53:11 +0100442 * alternative core implementation of elliptic curve arithmetic. Keep in mind
443 * that function prototypes should remain the same.
Janos Follathb0697532016-08-18 12:38:46 +0100444 *
445 * This partially replaces one function. The header file from mbed TLS is still
446 * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
447 * is still present and it is used for group structures not supported by the
448 * alternative.
449 *
Steven Cooreman97b49842021-01-08 16:32:20 +0100450 * The original implementation can in addition be removed by setting the
Steven Cooreman6226a122021-01-21 13:58:31 +0100451 * MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the
Steven Cooreman97b49842021-01-08 16:32:20 +0100452 * corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be
453 * able to fallback to curves not supported by the alternative implementation.
454 *
Janos Follathc44ab972016-11-18 16:38:23 +0000455 * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
456 * and implementing the following functions:
457 * unsigned char mbedtls_internal_ecp_grp_capable(
458 * const mbedtls_ecp_group *grp )
459 * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500460 * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
Janos Follathc44ab972016-11-18 16:38:23 +0000461 * The mbedtls_internal_ecp_grp_capable function should return 1 if the
462 * replacement functions implement arithmetic for the given group and 0
463 * otherwise.
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500464 * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
Janos Follathc44ab972016-11-18 16:38:23 +0000465 * called before and after each point operation and provide an opportunity to
466 * implement optimized set up and tear down instructions.
Janos Follathb0697532016-08-18 12:38:46 +0100467 *
Steven Cooreman6226a122021-01-21 13:58:31 +0100468 * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and
469 * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac()
470 * function, but will use your mbedtls_internal_ecp_double_jac() if the group
471 * for the operation is supported by your implementation (i.e. your
472 * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the
473 * group is not supported by your implementation, then the original mbed TLS
474 * implementation of ecp_double_jac() is used instead, unless this fallback
475 * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case
476 * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE).
477 *
478 * The function prototypes and the definition of mbedtls_ecp_group and
479 * mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your
480 * implementation of mbedtls_internal_ecp__function_name__ must be compatible
481 * with their definitions.
Janos Follathb0697532016-08-18 12:38:46 +0100482 *
483 * Uncomment a macro to enable alternate implementation of the corresponding
484 * function.
485 */
486/* Required for all the functions in this section */
Janos Follathc44ab972016-11-18 16:38:23 +0000487//#define MBEDTLS_ECP_INTERNAL_ALT
Steven Cooreman97b49842021-01-08 16:32:20 +0100488/* Turn off software fallback for curves not supported in hardware */
489//#define MBEDTLS_ECP_NO_FALLBACK
Janos Follathb0697532016-08-18 12:38:46 +0100490/* Support for Weierstrass curves with Jacobi representation */
491//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
492//#define MBEDTLS_ECP_ADD_MIXED_ALT
493//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
494//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
495//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
496/* Support for curves with Montgomery arithmetic */
497//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
498//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
499//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
500
501/**
Manuel Pégourié-Gonnard8ba88f02015-06-22 12:14:20 +0200502 * \def MBEDTLS_ENTROPY_HARDWARE_ALT
Manuel Pégourié-Gonnard3f77dfb2015-06-19 10:06:21 +0200503 *
504 * Uncomment this macro to let mbed TLS use your own implementation of a
505 * hardware entropy collector.
506 *
507 * Your function must be called \c mbedtls_hardware_poll(), have the same
Chris Jones3848e312021-03-11 16:17:59 +0000508 * prototype as declared in library/entropy_poll.h, and accept NULL as first
509 * argument.
Manuel Pégourié-Gonnard3f77dfb2015-06-19 10:06:21 +0200510 *
511 * Uncomment to use your own hardware entropy collector.
512 */
513//#define MBEDTLS_ENTROPY_HARDWARE_ALT
514
515/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200516 * \def MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000517 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100518 * Use precomputed AES tables stored in ROM.
Paul Bakker15566e42011-04-24 21:19:15 +0000519 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100520 * Uncomment this macro to use precomputed AES tables stored in ROM.
521 * Comment this macro to generate AES tables in RAM at runtime.
522 *
Hanno Becker4c1dc3c2018-03-27 16:52:03 +0100523 * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
524 * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
Hanno Becker6a92ce62018-03-28 11:42:05 +0100525 * initialization time before the first AES operation can be performed.
526 * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
527 * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
528 * performance if ROM access is slower than RAM access.
Hanno Becker177d3cf2017-06-07 15:52:48 +0100529 *
530 * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
Paul Bakker15566e42011-04-24 21:19:15 +0000531 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200532//#define MBEDTLS_AES_ROM_TABLES
Paul Bakker15566e42011-04-24 21:19:15 +0000533
534/**
Hanno Becker177d3cf2017-06-07 15:52:48 +0100535 * \def MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200536 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100537 * Use less ROM/RAM for AES tables.
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200538 *
Hanno Becker177d3cf2017-06-07 15:52:48 +0100539 * Uncommenting this macro omits 75% of the AES tables from
540 * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
541 * by computing their values on the fly during operations
542 * (the tables are entry-wise rotations of one another).
543 *
544 * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
Hanno Becker08a5c182017-06-19 16:33:58 +0100545 * by ~6kb but at the cost of more arithmetic operations during
Hanno Becker177d3cf2017-06-07 15:52:48 +0100546 * runtime. Specifically, one has to compare 4 accesses within
547 * different tables to 4 accesses with additional arithmetic
548 * operations within the same table. The performance gain/loss
549 * depends on the system and memory details.
550 *
551 * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200552 */
Hanno Becker177d3cf2017-06-07 15:52:48 +0100553//#define MBEDTLS_AES_FEWER_TABLES
Jussi Kivilinna2fd1bb82015-11-12 16:38:31 +0200554
555/**
Arto Kinnunen732ca322023-04-14 14:26:10 +0800556 * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
557 *
558 * Use only 128-bit keys in AES operations to save ROM.
559 *
Yanray Wangd2ae4322023-05-10 10:45:38 +0800560 * Uncomment this macro to remove support for AES operations that use 192-
Arto Kinnunen732ca322023-04-14 14:26:10 +0800561 * or 256-bit keys.
562 *
Yanray Wangd2ae4322023-05-10 10:45:38 +0800563 * Uncommenting this macro reduces the size of AES code by ~300 bytes
564 * on v8-M/Thumb2.
Arto Kinnunen732ca322023-04-14 14:26:10 +0800565 *
Arto Kinnunen732ca322023-04-14 14:26:10 +0800566 * Module: library/aes.c
567 *
568 * Requires: MBEDTLS_AES_C
Arto Kinnunen732ca322023-04-14 14:26:10 +0800569 */
570//#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
571
572/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200573 * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200574 *
575 * Use less ROM for the Camellia implementation (saves about 768 bytes).
576 *
577 * Uncomment this macro to use less memory for Camellia.
578 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200579//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
Manuel Pégourié-Gonnard62edcc82015-04-03 16:28:19 +0200580
581/**
Gilles Peskine9a7d4c22021-09-23 18:07:36 +0200582 * \def MBEDTLS_CHECK_RETURN_WARNING
583 *
584 * If this macro is defined, emit a compile-time warning if application code
585 * calls a function without checking its return value, but the return value
586 * should generally be checked in portable applications.
587 *
588 * This is only supported on platforms where #MBEDTLS_CHECK_RETURN is
589 * implemented. Otherwise this option has no effect.
590 *
591 * Uncomment to get warnings on using fallible functions without checking
592 * their return value.
593 *
594 * \note This feature is a work in progress.
595 * Warnings will be added to more functions in the future.
596 *
597 * \note A few functions are considered critical, and ignoring the return
598 * value of these functions will trigger a warning even if this
599 * macro is not defined. To completely disable return value check
600 * warnings, define #MBEDTLS_CHECK_RETURN with an empty expansion.
601 */
602//#define MBEDTLS_CHECK_RETURN_WARNING
603
604/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200605 * \def MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200606 *
607 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
608 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200609#define MBEDTLS_CIPHER_MODE_CBC
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200610
611/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200612 * \def MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000613 *
614 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
615 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200616#define MBEDTLS_CIPHER_MODE_CFB
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000617
618/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200619 * \def MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000620 *
621 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
622 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200623#define MBEDTLS_CIPHER_MODE_CTR
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000624
625/**
Jaeden Ameroff2f4932018-06-14 11:38:50 +0100626 * \def MBEDTLS_CIPHER_MODE_OFB
627 *
628 * Enable Output Feedback mode (OFB) for symmetric ciphers.
629 */
630#define MBEDTLS_CIPHER_MODE_OFB
631
632/**
633 * \def MBEDTLS_CIPHER_MODE_XTS
634 *
635 * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
636 */
637#define MBEDTLS_CIPHER_MODE_XTS
638
639/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200640 * \def MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000641 *
642 * Enable NULL cipher.
643 * Warning: Only do so when you know what you are doing. This allows for
644 * encryption or channels without any security!
645 *
Ronald Croncee42702021-04-26 11:34:44 +0200646 * To enable the following ciphersuites:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200647 * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
648 * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
649 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
650 * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
651 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
652 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
653 * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
654 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
655 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
656 * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
657 * MBEDTLS_TLS_RSA_WITH_NULL_SHA256
658 * MBEDTLS_TLS_RSA_WITH_NULL_SHA
659 * MBEDTLS_TLS_RSA_WITH_NULL_MD5
660 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
661 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
662 * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
663 * MBEDTLS_TLS_PSK_WITH_NULL_SHA384
664 * MBEDTLS_TLS_PSK_WITH_NULL_SHA256
665 * MBEDTLS_TLS_PSK_WITH_NULL_SHA
Paul Bakkerfab5c822012-02-06 16:45:10 +0000666 *
667 * Uncomment this macro to enable the NULL cipher and ciphersuites
Paul Bakkerfab5c822012-02-06 16:45:10 +0000668 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200669//#define MBEDTLS_CIPHER_NULL_CIPHER
Paul Bakkerfab5c822012-02-06 16:45:10 +0000670
671/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100672 * \def MBEDTLS_CIPHER_PADDING_PKCS7
Paul Bakker48e93c82013-08-14 12:21:18 +0200673 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100674 * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
675 * specific padding modes in the cipher layer with cipher modes that support
676 * padding (e.g. CBC)
Paul Bakker48e93c82013-08-14 12:21:18 +0200677 *
678 * If you disable all padding modes, only full blocks can be used with CBC.
679 *
680 * Enable padding modes in the cipher layer.
681 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200682#define MBEDTLS_CIPHER_PADDING_PKCS7
683#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
684#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
685#define MBEDTLS_CIPHER_PADDING_ZEROS
Paul Bakker48e93c82013-08-14 12:21:18 +0200686
Gilles Peskine1540e5b2019-10-03 14:21:14 +0200687/** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
688 *
689 * Uncomment this macro to use a 128-bit key in the CTR_DRBG module.
Yanray Wang55ef22c2023-06-15 09:57:06 +0800690 * Without this, CTR_DRBG uses a 256-bit key
691 * unless \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set.
Gilles Peskine1540e5b2019-10-03 14:21:14 +0200692 */
693//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
694
Paul Bakker48e93c82013-08-14 12:21:18 +0200695/**
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100696 * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200697 *
Manuel Pégourié-Gonnard76da60c2016-01-04 13:51:01 +0100698 * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
699 * module. By default all supported curves are enabled.
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200700 *
701 * Comment macros to disable the curve and functions for it
702 */
Gilles Peskine799e5762018-09-14 17:34:00 +0200703/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200704#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
705#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
706#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
707#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
708#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
709#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
710#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
711#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
712#define MBEDTLS_ECP_DP_BP256R1_ENABLED
713#define MBEDTLS_ECP_DP_BP384R1_ENABLED
714#define MBEDTLS_ECP_DP_BP512R1_ENABLED
Gilles Peskine799e5762018-09-14 17:34:00 +0200715/* Montgomery curves (supporting ECP) */
Manuel Pégourié-Gonnard07894332015-06-23 00:18:41 +0200716#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
Nicholas Wilson08f3ef12015-11-10 13:10:01 +0000717#define MBEDTLS_ECP_DP_CURVE448_ENABLED
Paul Bakker5dc6b5f2013-06-29 23:26:34 +0200718
719/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200720 * \def MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200721 *
722 * Enable specific 'modulo p' routines for each NIST prime.
723 * Depending on the prime and architecture, makes operations 4 to 8 times
724 * faster on the corresponding curve.
725 *
726 * Comment this macro to disable NIST curves optimisation.
727 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200728#define MBEDTLS_ECP_NIST_OPTIM
Manuel Pégourié-Gonnardc04c5302013-10-23 16:11:52 +0200729
730/**
Manuel Pégourié-Gonnard4b9c51e2017-04-20 15:50:26 +0200731 * \def MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100732 *
733 * Enable "non-blocking" ECC operations that can return early and be resumed.
734 *
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200735 * This allows various functions to pause by returning
736 * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
737 * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
738 * order to further progress and eventually complete their operation. This is
739 * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
740 * number of ECC operations a function may perform before pausing; see
741 * mbedtls_ecp_set_max_ops() for more information.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100742 *
Manuel Pégourié-Gonnard8b7b96b2017-08-23 10:02:51 +0200743 * This is useful in non-threaded environments if you want to avoid blocking
Manuel Pégourié-Gonnardf0bbd7e2018-10-15 13:22:41 +0200744 * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100745 *
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100746 * This option:
747 * - Adds xxx_restartable() variants of existing operations in the
748 * following modules, with corresponding restart context types:
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100749 * - ECP (for Short Weierstrass curves only): scalar multiplication (mul),
750 * linear combination (muladd);
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100751 * - ECDSA: signature generation & verification;
752 * - PK: signature generation & verification;
753 * - X509: certificate chain verification.
754 * - Adds mbedtls_ecdh_enable_restart() in the ECDH module.
755 * - Changes the behaviour of TLS 1.2 clients (not servers) when using the
756 * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC
757 * computations restartable:
Tom Cosgrove5c8505f2023-03-07 11:39:52 +0000758 * - ECDH operations from the key exchange, only for Short Weierstrass
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100759 * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled.
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100760 * - verification of the server's key exchange signature;
761 * - verification of the server's certificate chain;
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100762 * - generation of the client's signature if client authentication is used,
763 * with an ECC key/certificate.
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100764 *
765 * \note In the cases above, the usual SSL/TLS functions, such as
766 * mbedtls_ssl_handshake(), can now return
767 * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS.
Ron Eldor5ed8c1e2018-11-05 14:04:26 +0200768 *
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +0100769 * \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled,
770 * restartable operations in PK, X.509 and TLS (see above) are not
771 * using PSA. On the other hand, ECDH computations in TLS are using
Manuel Pégourié-Gonnardb2812cc2022-12-09 09:53:55 +0100772 * PSA, and are not restartable. These are temporary limitations that
773 * should be lifted in the future.
Ron Eldor5ed8c1e2018-11-05 14:04:26 +0200774 *
Ron Eldor19779c42018-11-05 16:58:13 +0200775 * \note This option only works with the default software implementation of
776 * elliptic curve functionality. It is incompatible with
Thomas Daubney537e6432021-06-03 15:46:33 +0100777 * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT.
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100778 *
Manuel Pégourié-Gonnardad45c4d2022-12-06 13:20:06 +0100779 * Requires: MBEDTLS_ECP_C
780 *
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +0100781 * Uncomment this macro to enable restartable ECC computations.
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100782 */
Manuel Pégourié-Gonnardc9e16a92017-08-15 14:30:59 +0200783//#define MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnardc3a3bc72017-03-22 11:17:51 +0100784
785/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200786 * \def MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100787 *
788 * Enable deterministic ECDSA (RFC 6979).
789 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
790 * may result in a compromise of the long-term signing key. This is avoided by
791 * the deterministic variant.
792 *
John Durkop36a82e52020-10-26 09:39:05 -0700793 * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C
Manuel Pégourié-Gonnard5b1a5732014-01-07 16:46:17 +0100794 *
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100795 * Comment this macro to disable deterministic ECDSA.
796 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200797#define MBEDTLS_ECDSA_DETERMINISTIC
Manuel Pégourié-Gonnard461d4162014-01-06 10:16:28 +0100798
799/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200800 * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200801 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200802 * Enable the PSK based ciphersuite modes in SSL / TLS.
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200803 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200804 * This enables the following ciphersuites (if other requisites are
805 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200806 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
807 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
808 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
809 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
810 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
811 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
812 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
813 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
814 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
815 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200816 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200817#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200818
819/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200820 * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200821 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200822 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200823 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200824 * Requires: MBEDTLS_DHM_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200825 *
826 * This enables the following ciphersuites (if other requisites are
827 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200828 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
829 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
830 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
831 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
832 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
833 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
834 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
835 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
836 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
837 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Hanno Beckera2f6b722017-09-28 10:33:29 +0100838 *
Hanno Beckerf9734b32017-10-03 12:09:22 +0100839 * \warning Using DHE constitutes a security risk as it
840 * is not possible to validate custom DH parameters.
841 * If possible, it is recommended users should consider
842 * preferring other methods of key exchange.
843 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +0100844 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200845 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200846#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200847
848/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200849 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200850 *
851 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
852 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +0200853 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200854 *
855 * This enables the following ciphersuites (if other requisites are
856 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200857 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
858 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
859 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
860 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
861 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
862 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200863 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200864#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
Manuel Pégourié-Gonnard3ce3bbd2013-10-11 16:53:50 +0200865
866/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200867 * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200868 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200869 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
Manuel Pégourié-Gonnard0fae60b2013-10-14 17:39:48 +0200870 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200871 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
872 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200873 *
874 * This enables the following ciphersuites (if other requisites are
875 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200876 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
877 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
878 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
879 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
880 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
881 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
882 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
883 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
884 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
885 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakkere07f41d2013-04-19 09:08:57 +0200886 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200887#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200888
889/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200890 * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200891 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200892 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200893 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200894 * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
895 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200896 *
897 * This enables the following ciphersuites (if other requisites are
898 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200899 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
900 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
901 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
902 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
903 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
904 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
905 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
906 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
907 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
908 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
909 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
910 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
Paul Bakkere07f41d2013-04-19 09:08:57 +0200911 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200912#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200913
914/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200915 * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200916 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200917 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200918 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200919 * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
920 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200921 *
922 * This enables the following ciphersuites (if other requisites are
923 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200924 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
925 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
926 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
927 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
928 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
929 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
930 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
931 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
932 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
933 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
934 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
935 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
Hanno Beckera2f6b722017-09-28 10:33:29 +0100936 *
Hanno Beckerf9734b32017-10-03 12:09:22 +0100937 * \warning Using DHE constitutes a security risk as it
938 * is not possible to validate custom DH parameters.
939 * If possible, it is recommended users should consider
940 * preferring other methods of key exchange.
941 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +0100942 *
Paul Bakkere07f41d2013-04-19 09:08:57 +0200943 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200944#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200945
946/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200947 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200948 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200949 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
Paul Bakkere07f41d2013-04-19 09:08:57 +0200950 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +0200951 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
952 * MBEDTLS_RSA_C
953 * MBEDTLS_PKCS1_V15
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200954 * MBEDTLS_X509_CRT_PARSE_C
Paul Bakkere07f41d2013-04-19 09:08:57 +0200955 *
956 * This enables the following ciphersuites (if other requisites are
957 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200958 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
959 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
960 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
961 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
962 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
963 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
964 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
965 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
966 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
967 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakkere07f41d2013-04-19 09:08:57 +0200968 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200969#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Paul Bakkere07f41d2013-04-19 09:08:57 +0200970
971/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200972 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200973 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +0200974 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200975 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +0200976 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
977 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA)
978 * MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200979 *
980 * This enables the following ciphersuites (if other requisites are
981 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200982 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
983 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
984 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
985 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
986 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
987 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
988 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
989 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
990 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
991 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200992 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200993#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200994
995/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200996 * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100997 *
998 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
999 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +02001000 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
1001 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA)
1002 * MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001003 *
1004 * This enables the following ciphersuites (if other requisites are
1005 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001006 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
1007 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
1008 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
1009 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
1010 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
1011 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
1012 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
1013 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
1014 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
1015 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001016 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001017#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001018
1019/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001020 * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001021 *
1022 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
1023 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +02001024 * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
1025 * MBEDTLS_RSA_C
1026 * MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001027 *
1028 * This enables the following ciphersuites (if other requisites are
1029 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001030 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
1031 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
1032 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
1033 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
1034 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
1035 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
1036 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
1037 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
1038 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
1039 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001040 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001041#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001042
1043/**
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001044 * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1045 *
1046 * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
1047 *
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +02001048 * \warning This is currently experimental. EC J-PAKE support is based on the
1049 * Thread v1.0.0 specification; incompatible changes to the specification
1050 * might still happen. For this reason, this is disabled by default.
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001051 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +02001052 * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE)
Manuel Pégourié-Gonnard41bc8b62023-03-14 23:59:24 +01001053 * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver)
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001054 * MBEDTLS_ECP_DP_SECP256R1_ENABLED
1055 *
Manuel Pégourié-Gonnard41bc8b62023-03-14 23:59:24 +01001056 * \warning If SHA-256 is provided only by a PSA driver, you must call
1057 * psa_crypto_init() before the first hanshake (even if
1058 * MBEDTLS_USE_PSA_CRYPTO is disabled).
1059 *
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001060 * This enables the following ciphersuites (if other requisites are
1061 * enabled as well):
1062 * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
1063 */
Manuel Pégourié-Gonnardcf828932015-10-20 14:57:00 +02001064//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnard557535d2015-09-15 17:53:32 +02001065
1066/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001067 * \def MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001068 *
1069 * Enhance support for reading EC keys using variants of SEC1 not allowed by
1070 * RFC 5915 and RFC 5480.
1071 *
1072 * Currently this means parsing the SpecifiedECDomain choice of EC
1073 * parameters (only known groups are supported, not arbitrary domains, to
1074 * avoid validation issues).
1075 *
1076 * Disable if you only need to support RFC 5915 + 5480 key formats.
1077 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001078#define MBEDTLS_PK_PARSE_EC_EXTENDED
Manuel Pégourié-Gonnard6fac3512014-03-19 16:39:52 +01001079
1080/**
Valerio Settiaddeee42023-06-14 10:46:55 +02001081 * \def MBEDTLS_PK_PARSE_EC_COMPRESSED
1082 *
1083 * Enable the support for parsing public keys of type Short Weierstrass
1084 * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the
Valerio Setti3cd4ef72023-06-19 11:35:10 +02001085 * compressed point format. This parsing is done through ECP module's functions.
1086 *
1087 * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h)
1088 * the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and
1089 * MBEDTLS_ECP_DP_SECP224K1.
Valerio Settiaddeee42023-06-14 10:46:55 +02001090 */
1091#define MBEDTLS_PK_PARSE_EC_COMPRESSED
1092
1093/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001094 * \def MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001095 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001096 * Enable a dummy error function to make use of mbedtls_strerror() in
1097 * third party libraries easier when MBEDTLS_ERROR_C is disabled
1098 * (no effect when MBEDTLS_ERROR_C is enabled).
Manuel Pégourié-Gonnarddc16aa72014-06-25 12:55:12 +02001099 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001100 * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
1101 * not using mbedtls_strerror() or error_strerror() in your application.
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001102 *
1103 * Disable if you run into name conflicts and want to really remove the
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001104 * mbedtls_strerror()
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001105 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001106#define MBEDTLS_ERROR_STRERROR_DUMMY
Paul Bakker8fe40dc2013-02-02 12:43:08 +01001107
1108/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001109 * \def MBEDTLS_GENPRIME
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001110 *
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02001111 * Enable the prime-number generation code.
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001112 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001113 * Requires: MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00001114 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001115#define MBEDTLS_GENPRIME
Paul Bakker5121ce52009-01-03 21:22:43 +00001116
Paul Bakkerf3b86c12011-01-27 15:24:17 +00001117/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001118 * \def MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001119 *
1120 * Enable functions that use the filesystem.
1121 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001122#define MBEDTLS_FS_IO
Paul Bakker335db3f2011-04-25 15:28:35 +00001123
1124/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001125 * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001126 *
TRodziewicz15a7b732021-06-16 11:22:53 +02001127 * Do not add default entropy sources in mbedtls_entropy_init().
Paul Bakker43655f42011-12-15 20:11:16 +00001128 *
Shuo Chen95a0d112014-04-04 21:04:40 -07001129 * This is useful to have more control over the added entropy sources in an
Paul Bakker43655f42011-12-15 20:11:16 +00001130 * application.
1131 *
1132 * Uncomment this macro to prevent loading of default entropy functions.
Paul Bakker43655f42011-12-15 20:11:16 +00001133 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001134//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
Paul Bakker43655f42011-12-15 20:11:16 +00001135
1136/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001137 * \def MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001138 *
1139 * Do not use built-in platform entropy functions.
1140 * This is useful if your platform does not support
1141 * standards like the /dev/urandom or Windows CryptoAPI.
1142 *
1143 * Uncomment this macro to disable the built-in platform entropy functions.
Paul Bakker6083fd22011-12-03 21:45:14 +00001144 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001145//#define MBEDTLS_NO_PLATFORM_ENTROPY
Paul Bakker6083fd22011-12-03 21:45:14 +00001146
1147/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001148 * \def MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001149 *
1150 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
1151 * default SHA-512 based one (if both are available).
1152 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001153 * Requires: MBEDTLS_SHA256_C
Paul Bakker2ceda572014-02-06 15:55:25 +01001154 *
1155 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
1156 * if you have performance concerns.
1157 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001158 * This option is only useful if both MBEDTLS_SHA256_C and
1159 * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
Paul Bakker2ceda572014-02-06 15:55:25 +01001160 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001161//#define MBEDTLS_ENTROPY_FORCE_SHA256
Paul Bakker2ceda572014-02-06 15:55:25 +01001162
1163/**
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001164 * \def MBEDTLS_ENTROPY_NV_SEED
1165 *
1166 * Enable the non-volatile (NV) seed file-based entropy source.
1167 * (Also enables the NV seed read/write functions in the platform layer)
1168 *
1169 * This is crucial (if not required) on systems that do not have a
1170 * cryptographic entropy source (in hardware or kernel) available.
1171 *
1172 * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
1173 *
Paul Bakker71a597a2016-06-07 10:59:03 +01001174 * \note The read/write functions that are used by the entropy source are
1175 * determined in the platform layer, and can be modified at runtime and/or
1176 * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
1177 *
1178 * \note If you use the default implementation functions that read a seedfile
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001179 * with regular fopen(), please make sure you make a seedfile with the
1180 * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
1181 * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
Paul Bakker71a597a2016-06-07 10:59:03 +01001182 * and written to or you will get an entropy source error! The default
1183 * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
1184 * bytes from the file.
1185 *
1186 * \note The entropy collector will write to the seed file before entropy is
1187 * given to an external source, to update it.
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001188 */
1189//#define MBEDTLS_ENTROPY_NV_SEED
1190
Ronald Cron71016a92020-08-28 19:01:50 +02001191/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001192 *
Ronald Cron71016a92020-08-28 19:01:50 +02001193 * Enable key identifiers that encode a key owner identifier.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001194 *
Ronald Cron9a2511e2020-09-14 10:02:56 +02001195 * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1196 * which is currently hard-coded to be int32_t.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001197 *
1198 * Note that this option is meant for internal use only and may be removed
Andrzej Kurekcfc920a2022-01-25 06:33:08 -05001199 * without notice.
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001200 */
Ronald Cron71016a92020-08-28 19:01:50 +02001201//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
Gilles Peskine69d7c8b2019-02-19 14:00:31 +01001202
Paul Bakkercf0a9f92016-06-01 11:25:44 +01001203/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001204 * \def MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001205 *
1206 * Enable debugging of buffer allocator memory issues. Automatically prints
1207 * (to stderr) all (fatal) messages on memory allocation issues. Enables
1208 * function for 'debug output' of allocated memory.
1209 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001210 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02001211 *
1212 * Uncomment this macro to let the buffer allocator print out error messages.
Paul Bakkera7ea6a52013-10-15 11:55:10 +02001213 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001214//#define MBEDTLS_MEMORY_DEBUG
Paul Bakker6e339b52013-07-03 13:37:05 +02001215
1216/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001217 * \def MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001218 *
1219 * Include backtrace information with each allocated block.
1220 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001221 * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Tom Cosgrovece7f18c2022-07-28 05:50:56 +01001222 * GLIBC-compatible backtrace() and backtrace_symbols() support
Paul Bakker6e339b52013-07-03 13:37:05 +02001223 *
1224 * Uncomment this macro to include backtrace information
Paul Bakker6e339b52013-07-03 13:37:05 +02001225 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001226//#define MBEDTLS_MEMORY_BACKTRACE
Paul Bakker6e339b52013-07-03 13:37:05 +02001227
1228/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001229 * \def MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001230 *
1231 * Support external private RSA keys (eg from a HSM) in the PK layer.
1232 *
1233 * Comment this macro to disable support for external private RSA keys.
1234 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001235#define MBEDTLS_PK_RSA_ALT_SUPPORT
Manuel Pégourié-Gonnard348bcb32015-03-31 14:01:33 +02001236
1237/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001238 * \def MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001239 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001240 * Enable support for PKCS#1 v1.5 encoding.
1241 *
Manuel Pégourié-Gonnard98b91d42022-10-19 10:59:30 +02001242 * Requires: MBEDTLS_RSA_C
Paul Bakker48377d92013-08-30 12:06:24 +02001243 *
Paul Bakker48377d92013-08-30 12:06:24 +02001244 * This enables support for PKCS#1 v1.5 operations.
1245 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001246#define MBEDTLS_PKCS1_V15
Paul Bakker48377d92013-08-30 12:06:24 +02001247
1248/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001249 * \def MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001250 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001251 * Enable support for PKCS#1 v2.1 encoding.
1252 *
Manuel Pégourié-Gonnardfb8d90a2023-03-16 10:47:59 +01001253 * Requires: MBEDTLS_RSA_C
Manuel Pégourié-Gonnard077ba842022-07-27 10:42:31 +02001254 *
Manuel Pégourié-Gonnardfb8d90a2023-03-16 10:47:59 +01001255 * \warning If using a hash that is only provided by PSA drivers, you must
1256 * call psa_crypto_init() before doing any PKCS#1 v2.1 operation.
Manuel Pégourié-Gonnard18a38562022-11-22 11:49:55 +01001257 *
Paul Bakker9dcc3222011-03-08 14:16:06 +00001258 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
1259 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001260#define MBEDTLS_PKCS1_V21
Paul Bakker9dcc3222011-03-08 14:16:06 +00001261
Steven Cooreman6801f082021-02-19 17:21:22 +01001262/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1263 *
1264 * Enable support for platform built-in keys. If you enable this feature,
1265 * you must implement the function mbedtls_psa_platform_get_builtin_key().
1266 * See the documentation of that function for more information.
1267 *
1268 * Built-in keys are typically derived from a hardware unique key or
1269 * stored in a secure element.
1270 *
1271 * Requires: MBEDTLS_PSA_CRYPTO_C.
1272 *
1273 * \warning This interface is experimental and may change or be removed
1274 * without notice.
1275 */
1276//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1277
Ronald Cron3768ac12021-01-26 16:58:00 +01001278/** \def MBEDTLS_PSA_CRYPTO_CLIENT
1279 *
1280 * Enable support for PSA crypto client.
1281 *
1282 * \note This option allows to include the code necessary for a PSA
1283 * crypto client when the PSA crypto implementation is not included in
1284 * the library (MBEDTLS_PSA_CRYPTO_C disabled). The code included is the
1285 * code to set and get PSA key attributes.
1286 * The development of PSA drivers partially relying on the library to
1287 * fulfill the hardware gaps is another possible usage of this option.
1288 *
1289 * \warning This interface is experimental and may change or be removed
1290 * without notice.
1291 */
1292//#define MBEDTLS_PSA_CRYPTO_CLIENT
1293
Gilles Peskinef08b3f82020-11-13 17:36:48 +01001294/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1295 *
1296 * Make the PSA Crypto module use an external random generator provided
1297 * by a driver, instead of Mbed TLS's entropy and DRBG modules.
1298 *
Gilles Peskineb663a602020-11-18 15:27:37 +01001299 * \note This random generator must deliver random numbers with cryptographic
1300 * quality and high performance. It must supply unpredictable numbers
1301 * with a uniform distribution. The implementation of this function
1302 * is responsible for ensuring that the random generator is seeded
1303 * with sufficient entropy. If you have a hardware TRNG which is slow
1304 * or delivers non-uniform output, declare it as an entropy source
1305 * with mbedtls_entropy_add_source() instead of enabling this option.
1306 *
Gilles Peskineb0a748e2020-11-30 12:01:54 +01001307 * If you enable this option, you must configure the type
Gilles Peskineb8af2282020-11-13 18:00:34 +01001308 * ::mbedtls_psa_external_random_context_t in psa/crypto_platform.h
1309 * and define a function called mbedtls_psa_external_get_random()
1310 * with the following prototype:
Gilles Peskinef08b3f82020-11-13 17:36:48 +01001311 * ```
1312 * psa_status_t mbedtls_psa_external_get_random(
1313 * mbedtls_psa_external_random_context_t *context,
1314 * uint8_t *output, size_t output_size, size_t *output_length);
1315 * );
1316 * ```
1317 * The \c context value is initialized to 0 before the first call.
1318 * The function must fill the \c output buffer with \p output_size bytes
1319 * of random data and set \c *output_length to \p output_size.
1320 *
1321 * Requires: MBEDTLS_PSA_CRYPTO_C
1322 *
1323 * \warning If you enable this option, code that uses the PSA cryptography
1324 * interface will not use any of the entropy sources set up for
1325 * the entropy module, nor the NV seed that MBEDTLS_ENTROPY_NV_SEED
1326 * enables.
1327 *
1328 * \note This option is experimental and may be removed without notice.
1329 */
1330//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1331
Paul Bakker9dcc3222011-03-08 14:16:06 +00001332/**
Andrzej Kurekc6905232019-02-05 05:23:41 -05001333 * \def MBEDTLS_PSA_CRYPTO_SPM
1334 *
1335 * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
1336 * Partition Manager) integration which separates the code into two parts: a
1337 * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
1338 * Environment).
1339 *
1340 * Module: library/psa_crypto.c
1341 * Requires: MBEDTLS_PSA_CRYPTO_C
1342 *
1343 */
1344//#define MBEDTLS_PSA_CRYPTO_SPM
1345
1346/**
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001347 * \def MBEDTLS_PSA_INJECT_ENTROPY
Andrzej Kurekc6905232019-02-05 05:23:41 -05001348 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001349 * Enable support for entropy injection at first boot. This feature is
1350 * required on systems that do not have a built-in entropy source (TRNG).
1351 * This feature is currently not supported on systems that have a built-in
1352 * entropy source.
Andrzej Kurekc6905232019-02-05 05:23:41 -05001353 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001354 * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
Andrzej Kurekc6905232019-02-05 05:23:41 -05001355 *
1356 */
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00001357//#define MBEDTLS_PSA_INJECT_ENTROPY
Andrzej Kurekc6905232019-02-05 05:23:41 -05001358
1359/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001360 * \def MBEDTLS_RSA_NO_CRT
Paul Bakker0216cc12011-03-26 13:40:23 +00001361 *
Hanno Becker88ec2382017-05-03 13:51:16 +01001362 * Do not use the Chinese Remainder Theorem
1363 * for the RSA private operation.
Paul Bakker0216cc12011-03-26 13:40:23 +00001364 *
1365 * Uncomment this macro to disable the use of CRT in RSA.
1366 *
Paul Bakker0216cc12011-03-26 13:40:23 +00001367 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001368//#define MBEDTLS_RSA_NO_CRT
Paul Bakker15566e42011-04-24 21:19:15 +00001369
1370/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001371 * \def MBEDTLS_SELF_TEST
Paul Bakker15566e42011-04-24 21:19:15 +00001372 *
1373 * Enable the checkup functions (*_self_test).
1374 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001375#define MBEDTLS_SELF_TEST
Paul Bakker5c721f92011-07-27 16:51:09 +00001376
1377/**
Manuel Pégourié-Gonnardeb0d8702015-05-28 12:54:04 +02001378 * \def MBEDTLS_SHA256_SMALLER
1379 *
1380 * Enable an implementation of SHA-256 that has lower ROM footprint but also
1381 * lower performance.
1382 *
Adam Wolf039080f2019-09-10 09:53:08 -05001383 * The default implementation is meant to be a reasonable compromise between
Manuel Pégourié-Gonnardeb0d8702015-05-28 12:54:04 +02001384 * performance and size. This version optimizes more aggressively for size at
1385 * the expense of performance. Eg on Cortex-M4 it reduces the size of
1386 * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
1387 * 30%.
1388 *
1389 * Uncomment to enable the smaller implementation of SHA256.
1390 */
1391//#define MBEDTLS_SHA256_SMALLER
1392
1393/**
Manuel Pégourié-Gonnard2306d152019-07-17 12:36:53 +02001394 * \def MBEDTLS_SHA512_SMALLER
1395 *
1396 * Enable an implementation of SHA-512 that has lower ROM footprint but also
1397 * lower performance.
1398 *
1399 * Uncomment to enable the smaller implementation of SHA512.
1400 */
1401//#define MBEDTLS_SHA512_SMALLER
1402
1403/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001404 * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
Paul Bakker40865c82013-01-31 17:13:13 +01001405 *
1406 * Enable sending of alert messages in case of encountered errors as per RFC.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00001407 * If you choose not to send the alert messages, mbed TLS can still communicate
Paul Bakker40865c82013-01-31 17:13:13 +01001408 * with other servers, only debugging of failures is harder.
1409 *
1410 * The advantage of not sending alert messages, is that no information is given
1411 * about reasons for failures thus preventing adversaries of gaining intel.
1412 *
1413 * Enable sending of all alert messages
1414 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001415#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
Paul Bakker40865c82013-01-31 17:13:13 +01001416
1417/**
Gilles Peskined3d02902020-03-04 21:35:27 +01001418 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID
1419 *
Hannes Tschofenige2c46e02022-11-23 10:44:11 +01001420 * Enable support for the DTLS Connection ID (CID) extension,
Gilles Peskined3d02902020-03-04 21:35:27 +01001421 * which allows to identify DTLS connections across changes
Hannes Tschofenige2c46e02022-11-23 10:44:11 +01001422 * in the underlying transport. The CID functionality is described
1423 * in RFC 9146.
Gilles Peskined3d02902020-03-04 21:35:27 +01001424 *
1425 * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`,
Paul Elliott0113cf12022-03-11 20:26:47 +00001426 * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and
1427 * `mbedtls_ssl_conf_cid()`. See the corresponding documentation for
1428 * more information.
Gilles Peskined3d02902020-03-04 21:35:27 +01001429 *
Gilles Peskined3d02902020-03-04 21:35:27 +01001430 * The maximum lengths of outgoing and incoming CIDs can be configured
1431 * through the options
1432 * - MBEDTLS_SSL_CID_OUT_LEN_MAX
1433 * - MBEDTLS_SSL_CID_IN_LEN_MAX.
1434 *
1435 * Requires: MBEDTLS_SSL_PROTO_DTLS
1436 *
1437 * Uncomment to enable the Connection ID extension.
1438 */
Hannes Tschofenigfd6cca42021-10-12 09:22:33 +02001439#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1440
1441
1442/**
1443 * \def MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
1444 *
1445 * Defines whether RFC 9146 (default) or the legacy version
1446 * (version draft-ietf-tls-dtls-connection-id-05,
1447 * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05)
1448 * is used.
1449 *
1450 * Set the value to 0 for the standard version, and
1451 * 1 for the legacy draft version.
1452 *
Hannes Tschofenige2c46e02022-11-23 10:44:11 +01001453 * \deprecated Support for the legacy version of the DTLS
1454 * Connection ID feature is deprecated. Please
1455 * switch to the standardized version defined
1456 * in RFC 9146 enabled by utilizing
1457 * MBEDTLS_SSL_DTLS_CONNECTION_ID without use
1458 * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT.
1459 *
Hannes Tschofenigfd6cca42021-10-12 09:22:33 +02001460 * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID
1461 */
1462#define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
Gilles Peskined3d02902020-03-04 21:35:27 +01001463
1464/**
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001465 * \def MBEDTLS_SSL_ASYNC_PRIVATE
1466 *
1467 * Enable asynchronous external private key operations in SSL. This allows
1468 * you to configure an SSL connection to call an external cryptographic
1469 * module to perform private key operations instead of performing the
1470 * operation inside the library.
1471 *
Valerio Setti8841d6b2023-01-05 08:40:24 +01001472 * Requires: MBEDTLS_X509_CRT_PARSE_C
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001473 */
Jaeden Amerod9c71da2018-06-15 20:31:26 +01001474//#define MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskineb74a1c72018-04-24 13:09:22 +02001475
1476/**
Gilles Peskined3d02902020-03-04 21:35:27 +01001477 * \def MBEDTLS_SSL_CONTEXT_SERIALIZATION
1478 *
1479 * Enable serialization of the TLS context structures, through use of the
1480 * functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load().
1481 *
1482 * This pair of functions allows one side of a connection to serialize the
1483 * context associated with the connection, then free or re-use that context
1484 * while the serialized state is persisted elsewhere, and finally deserialize
1485 * that state to a live context for resuming read/write operations on the
1486 * connection. From a protocol perspective, the state of the connection is
1487 * unaffected, in particular this is entirely transparent to the peer.
1488 *
1489 * Note: this is distinct from TLS session resumption, which is part of the
1490 * protocol and fully visible by the peer. TLS session resumption enables
1491 * establishing new connections associated to a saved session with shorter,
1492 * lighter handshakes, while context serialization is a local optimization in
1493 * handling a single, potentially long-lived connection.
1494 *
1495 * Enabling these APIs makes some SSL structures larger, as 64 extra bytes are
1496 * saved after the handshake to allow for more efficient serialization, so if
1497 * you don't need this feature you'll save RAM by disabling it.
1498 *
Przemek Stekiel460192e2022-10-03 08:55:29 +02001499 * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C
1500 *
Gilles Peskined3d02902020-03-04 21:35:27 +01001501 * Comment to disable the context serialization APIs.
1502 */
1503#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1504
1505/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001506 * \def MBEDTLS_SSL_DEBUG_ALL
Paul Bakkerd66f0702013-01-31 16:57:45 +01001507 *
1508 * Enable the debug messages in SSL module for all issues.
1509 * Debug messages have been disabled in some places to prevent timing
1510 * attacks due to (unbalanced) debugging function calls.
1511 *
1512 * If you need all error reporting you should enable this during debugging,
1513 * but remove this for production servers that should log as well.
1514 *
1515 * Uncomment this macro to report all debug messages on errors introducing
1516 * a timing side-channel.
1517 *
Paul Bakkerd66f0702013-01-31 16:57:45 +01001518 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001519//#define MBEDTLS_SSL_DEBUG_ALL
Paul Bakkerd66f0702013-01-31 16:57:45 +01001520
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001521/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001522 *
1523 * Enable support for Encrypt-then-MAC, RFC 7366.
1524 *
1525 * This allows peers that both support it to use a more robust protection for
1526 * ciphersuites using CBC, providing deep resistance against timing attacks
1527 * on the padding or underlying cipher.
1528 *
1529 * This only affects CBC ciphersuites, and is useless if none is defined.
1530 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001531 * Requires: MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001532 *
1533 * Comment this macro to disable support for Encrypt-then-MAC
1534 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001535#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001536
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001537/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001538 *
Manuel Pégourié-Gonnardbca8aa02020-03-24 12:11:49 +01001539 * Enable support for RFC 7627: Session Hash and Extended Master Secret
1540 * Extension.
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001541 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08001542 * This was introduced as "the proper fix" to the Triple Handshake family of
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001543 * attacks, but it is recommended to always use it (even if you disable
1544 * renegotiation), since it actually fixes a more fundamental issue in the
1545 * original SSL/TLS design, and has implications beyond Triple Handshake.
1546 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001547 * Requires: MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard769c6b62014-10-28 14:13:55 +01001548 *
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001549 * Comment this macro to disable support for Extended Master Secret.
1550 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001551#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001552
Paul Bakkerd66f0702013-01-31 16:57:45 +01001553/**
Hanno Beckerbb278f52019-02-05 17:04:00 +00001554 * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1555 *
Hanno Beckerfd7f2982019-02-25 10:13:33 +00001556 * This option controls the availability of the API mbedtls_ssl_get_peer_cert()
Hanno Beckerbb278f52019-02-05 17:04:00 +00001557 * giving access to the peer's certificate after completion of the handshake.
1558 *
1559 * Unless you need mbedtls_ssl_peer_cert() in your application, it is
1560 * recommended to disable this option for reduced RAM usage.
1561 *
1562 * \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still
1563 * defined, but always returns \c NULL.
1564 *
1565 * \note This option has no influence on the protection against the
1566 * triple handshake attack. Even if it is disabled, Mbed TLS will
1567 * still ensure that certificates do not change during renegotiation,
Shaun Case8b0ecbc2021-12-20 21:14:10 -08001568 * for example by keeping a hash of the peer's certificate.
Hanno Beckerbb278f52019-02-05 17:04:00 +00001569 *
Tom Cosgroveafb2fe12022-06-29 16:36:12 +01001570 * \note This option is required if MBEDTLS_SSL_PROTO_TLS1_3 is set.
Hanno Beckerbb278f52019-02-05 17:04:00 +00001571 *
1572 * Comment this macro to disable storing the peer's certificate
1573 * after the handshake.
1574 */
1575#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1576
1577/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001578 * \def MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001579 *
Hanno Becker0eb8fb82018-10-26 09:53:16 +01001580 * Enable support for TLS renegotiation.
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001581 *
1582 * The two main uses of renegotiation are (1) refresh keys on long-lived
1583 * connections and (2) client authentication after the initial handshake.
1584 * If you don't need renegotiation, it's probably better to disable it, since
1585 * it has been associated with security issues in the past and is easy to
1586 * misuse/misunderstand.
Manuel Pégourié-Gonnard03717042014-11-04 19:52:10 +01001587 *
Manuel Pégourié-Gonnard55f968b2015-03-09 16:23:15 +00001588 * Comment this to disable support for renegotiation.
Hanno Becker6851b102017-10-12 14:57:48 +01001589 *
1590 * \note Even if this option is disabled, both client and server are aware
1591 * of the Renegotiation Indication Extension (RFC 5746) used to
1592 * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
1593 * (See \c mbedtls_ssl_conf_legacy_renegotiation for the
1594 * configuration of this extension).
1595 *
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001596 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001597#define MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard615e6772014-11-03 08:23:14 +01001598
1599/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001600 * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Paul Bakker05decb22013-08-15 13:33:48 +02001601 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001602 * Enable support for RFC 6066 max_fragment_length extension in SSL.
Paul Bakker05decb22013-08-15 13:33:48 +02001603 *
1604 * Comment this macro to disable support for the max_fragment_length extension
1605 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001606#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Paul Bakker05decb22013-08-15 13:33:48 +02001607
1608/**
Jan Bruckner151f6422023-02-10 12:45:19 +01001609 * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT
1610 *
Jan Brucknera0589e72023-03-15 11:04:45 +01001611 * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only).
Jan Bruckner151f6422023-02-10 12:45:19 +01001612 *
1613 * \warning This extension is currently in development and must NOT be used except
1614 * for testing purposes.
1615 *
1616 * Requires: MBEDTLS_SSL_PROTO_TLS1_3
1617 *
1618 * Uncomment this macro to enable support for the record_size_limit extension
1619 */
1620//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
1621
1622/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001623 * \def MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001624 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001625 * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001626 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02001627 * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and
Manuel Pégourié-Gonnarda22857b2023-03-23 13:20:44 +01001628 * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or
1629 * SHA-256 or SHA-512 provided by a PSA driver)
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02001630 * With MBEDTLS_USE_PSA_CRYPTO:
Manuel Pégourié-Gonnarda22857b2023-03-23 13:20:44 +01001631 * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384
Andrzej Kureke02da812022-08-17 17:04:49 -04001632 *
Manuel Pégourié-Gonnarda22857b2023-03-23 13:20:44 +01001633 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used
1634 * are only provided by PSA drivers, you must call psa_crypto_init() before
1635 * doing any TLS operations.
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001636 *
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001637 * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001638 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001639#define MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakkerd2f068e2013-08-27 21:19:20 +02001640
1641/**
Ronald Cron6f135e12021-12-08 16:57:54 +01001642 * \def MBEDTLS_SSL_PROTO_TLS1_3
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001643 *
Ronald Cron6f135e12021-12-08 16:57:54 +01001644 * Enable support for TLS 1.3.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001645 *
Ronald Cron6f135e12021-12-08 16:57:54 +01001646 * \note The support for TLS 1.3 is not comprehensive yet, in particular
1647 * pre-shared keys are not supported.
1648 * See docs/architecture/tls13-support.md for a description of the TLS
1649 * 1.3 support that this option enables.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001650 *
Tom Cosgroveafb2fe12022-06-29 16:36:12 +01001651 * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
Manuel Pégourié-Gonnard3e830982022-05-11 13:27:44 +02001652 * Requires: MBEDTLS_PSA_CRYPTO_C
Ronald Cron6f135e12021-12-08 16:57:54 +01001653 *
Gilles Peskine8c2830a2022-08-04 23:37:51 +02001654 * \note TLS 1.3 uses PSA crypto for cryptographic operations that are
1655 * directly performed by TLS 1.3 code. As a consequence, you must
1656 * call psa_crypto_init() before the first TLS 1.3 handshake.
1657 *
1658 * \note Cryptographic operations performed indirectly via another module
1659 * (X.509, PK) or by code shared with TLS 1.2 (record protection,
1660 * running handshake hash) only use PSA crypto if
1661 * #MBEDTLS_USE_PSA_CRYPTO is enabled.
Tom Cosgroveafb2fe12022-06-29 16:36:12 +01001662 *
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001663 * Uncomment this macro to enable the support for TLS 1.3.
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001664 */
Ronald Cron6f135e12021-12-08 16:57:54 +01001665//#define MBEDTLS_SSL_PROTO_TLS1_3
Hanno Becker9fc15ea2020-05-04 12:00:47 +01001666
1667/**
Ronald Cronab65c522021-11-24 10:47:20 +01001668 * \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1669 *
1670 * Enable TLS 1.3 middlebox compatibility mode.
1671 *
1672 * As specified in Section D.4 of RFC 8446, TLS 1.3 offers a compatibility
1673 * mode to make a TLS 1.3 connection more likely to pass through middle boxes
1674 * expecting TLS 1.2 traffic.
1675 *
1676 * Turning on the compatibility mode comes at the cost of a few added bytes
1677 * on the wire, but it doesn't affect compatibility with TLS 1.3 implementations
1678 * that don't use it. Therefore, unless transmission bandwidth is critical and
1679 * you know that middlebox compatibility issues won't occur, it is therefore
1680 * recommended to set this option.
1681 *
1682 * Comment to disable compatibility mode for TLS 1.3. If
Ronald Cron6f135e12021-12-08 16:57:54 +01001683 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
1684 * effect on the build.
Ronald Cronab65c522021-11-24 10:47:20 +01001685 *
1686 */
1687//#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1688
1689/**
Ronald Crond8d2ea52022-10-04 15:48:06 +02001690 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1691 *
1692 * Enable TLS 1.3 PSK key exchange mode.
1693 *
1694 * Comment to disable support for the PSK key exchange mode in TLS 1.3. If
1695 * MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
1696 * effect on the build.
1697 *
1698 */
1699#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1700
1701/**
1702 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1703 *
1704 * Enable TLS 1.3 ephemeral key exchange mode.
1705 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +02001706 * Requires: PSA_WANT_ALG_ECDH
1707 * MBEDTLS_X509_CRT_PARSE_C
1708 * and at least one of:
1709 * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA)
1710 * MBEDTLS_PKCS1_V21
Ronald Crond8d2ea52022-10-04 15:48:06 +02001711 *
1712 * Comment to disable support for the ephemeral key exchange mode in TLS 1.3.
1713 * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
1714 * effect on the build.
1715 *
1716 */
1717#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1718
1719/**
1720 * \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1721 *
1722 * Enable TLS 1.3 PSK ephemeral key exchange mode.
1723 *
Manuel Pégourié-Gonnard4fa702a2023-03-29 12:15:24 +02001724 * Requires: PSA_WANT_ALG_ECDH
Ronald Crond8d2ea52022-10-04 15:48:06 +02001725 *
1726 * Comment to disable support for the PSK ephemeral key exchange mode in
1727 * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not
1728 * have any effect on the build.
1729 *
1730 */
1731#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1732
1733/**
Gilles Peskine449bd832023-01-11 14:50:10 +01001734 * \def MBEDTLS_SSL_EARLY_DATA
1735 *
1736 * Enable support for RFC 8446 TLS 1.3 early data.
1737 *
1738 * Requires: MBEDTLS_SSL_SESSION_TICKETS and either
1739 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
1740 * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1741 *
1742 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
1743 * is not enabled, this option does not have any effect on the build.
1744 *
1745 * This feature is experimental, not completed and thus not ready for
1746 * production.
1747 *
1748 */
Ronald Cronc2e110f2022-11-22 09:01:46 +01001749//#define MBEDTLS_SSL_EARLY_DATA
Xiaokang Qian54413b12022-10-20 05:57:03 +00001750
1751/**
Jerry Yu16f68532022-11-05 10:50:06 +08001752 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
1753 *
Jerry Yu12c46bd2022-12-06 11:02:51 +08001754 * The default maximum amount of 0-RTT data. See the documentation of
1755 * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
1756 *
1757 * It must be positive and smaller than UINT32_MAX.
1758 *
1759 * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not
1760 * have any impact on the build.
Jerry Yu16f68532022-11-05 10:50:06 +08001761 *
1762 * This feature is experimental, not completed and thus not ready for
1763 * production.
1764 *
1765 */
1766#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
1767
1768/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001769 * \def MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001770 *
1771 * Enable support for DTLS (all available versions).
1772 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001773 * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001774 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02001775 * Requires: MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001776 *
1777 * Comment this macro to disable support for DTLS
1778 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001779#define MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard0b1ff292014-02-06 13:04:16 +01001780
1781/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001782 * \def MBEDTLS_SSL_ALPN
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001783 *
Manuel Pégourié-Gonnard6b298e62014-11-20 18:28:50 +01001784 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001785 *
Paul Bakker27e36d32014-04-08 12:33:37 +02001786 * Comment this macro to disable support for ALPN.
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001787 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001788#define MBEDTLS_SSL_ALPN
Manuel Pégourié-Gonnard7e250d42014-04-04 16:08:41 +02001789
1790/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001791 * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001792 *
1793 * Enable support for the anti-replay mechanism in DTLS.
1794 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001795 * Requires: MBEDTLS_SSL_TLS_C
1796 * MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001797 *
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001798 * \warning Disabling this is often a security risk!
Manuel Pégourié-Gonnard6729e792015-05-11 09:50:24 +02001799 * See mbedtls_ssl_conf_dtls_anti_replay() for details.
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001800 *
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001801 * Comment this to disable anti-replay in DTLS.
1802 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001803#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
Manuel Pégourié-Gonnard8464a462014-09-24 14:05:32 +02001804
1805/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001806 * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001807 *
1808 * Enable support for HelloVerifyRequest on DTLS servers.
1809 *
1810 * This feature is highly recommended to prevent DTLS servers being used as
1811 * amplifiers in DoS attacks against other hosts. It should always be enabled
1812 * unless you know for sure amplification cannot be a problem in the
1813 * environment in which your server operates.
1814 *
Andrzej Kurek5c65c572022-04-13 14:28:52 -04001815 * \warning Disabling this can be a security risk! (see above)
Manuel Pégourié-Gonnarda6fcffe2014-10-13 18:15:52 +02001816 *
Manuel Pégourié-Gonnarde057d3b2015-05-20 10:59:43 +02001817 * Requires: MBEDTLS_SSL_PROTO_DTLS
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001818 *
1819 * Comment this to disable support for HelloVerifyRequest.
1820 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001821#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard82202f02014-07-23 00:28:58 +02001822
1823/**
Johan Pascalb62bb512015-12-03 21:56:45 +01001824 * \def MBEDTLS_SSL_DTLS_SRTP
1825 *
Tobias Nießen1e8ca122021-05-10 19:53:15 +02001826 * Enable support for negotiation of DTLS-SRTP (RFC 5764)
Johan Pascal842d6712020-09-23 13:34:40 +02001827 * through the use_srtp extension.
1828 *
1829 * \note This feature provides the minimum functionality required
1830 * to negotiate the use of DTLS-SRTP and to allow the derivation of
1831 * the associated SRTP packet protection key material.
1832 * In particular, the SRTP packet protection itself, as well as the
1833 * demultiplexing of RTP and DTLS packets at the datagram layer
1834 * (see Section 5 of RFC 5764), are not handled by this feature.
1835 * Instead, after successful completion of a handshake negotiating
1836 * the use of DTLS-SRTP, the extended key exporter API
Hanno Becker2d6e6f82021-05-24 10:58:31 +01001837 * mbedtls_ssl_conf_export_keys_cb() should be used to implement
Johan Pascal842d6712020-09-23 13:34:40 +02001838 * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705
1839 * (this is implemented in the SSL example programs).
1840 * The resulting key should then be passed to an SRTP stack.
1841 *
1842 * Setting this option enables the runtime API
1843 * mbedtls_ssl_conf_dtls_srtp_protection_profiles()
1844 * through which the supported DTLS-SRTP protection
1845 * profiles can be configured. You must call this API at
1846 * runtime if you wish to negotiate the use of DTLS-SRTP.
Johan Pascalb62bb512015-12-03 21:56:45 +01001847 *
1848 * Requires: MBEDTLS_SSL_PROTO_DTLS
1849 *
Ron Eldor9cfb5eb2018-12-10 15:30:14 +02001850 * Uncomment this to enable support for use_srtp extension.
Johan Pascalb62bb512015-12-03 21:56:45 +01001851 */
Ron Eldor9cfb5eb2018-12-10 15:30:14 +02001852//#define MBEDTLS_SSL_DTLS_SRTP
Johan Pascalb62bb512015-12-03 21:56:45 +01001853
1854/**
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001855 * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1856 *
1857 * Enable server-side support for clients that reconnect from the same port.
1858 *
1859 * Some clients unexpectedly close the connection and try to reconnect using the
1860 * same source port. This needs special support from the server to handle the
Simon Butcher4f6882a2015-09-11 17:12:46 +01001861 * new connection securely, as described in section 4.2.8 of RFC 6347. This
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001862 * flag enables that support.
1863 *
Manuel Pégourié-Gonnard62c74bb2015-09-08 17:50:29 +02001864 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
Manuel Pégourié-Gonnard62c74bb2015-09-08 17:50:29 +02001865 *
Manuel Pégourié-Gonnard26d227d2015-09-04 10:53:25 +02001866 * Comment this to disable support for clients reusing the source port.
1867 */
1868#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1869
1870/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001871 * \def MBEDTLS_SSL_SESSION_TICKETS
Paul Bakkera503a632013-08-14 13:48:06 +02001872 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001873 * Enable support for RFC 5077 session tickets in SSL.
Antonin Décimo36e89b52019-01-23 15:24:37 +01001874 * Client-side, provides full support for session tickets (maintenance of a
Manuel Pégourié-Gonnard0c0f11f2015-05-20 09:55:50 +02001875 * session store remains the responsibility of the application, though).
1876 * Server-side, you also need to provide callbacks for writing and parsing
1877 * tickets, including authenticated encryption and key management. Example
1878 * callbacks are provided by MBEDTLS_SSL_TICKET_C.
Paul Bakkera503a632013-08-14 13:48:06 +02001879 *
1880 * Comment this macro to disable support for SSL session tickets
1881 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001882#define MBEDTLS_SSL_SESSION_TICKETS
Paul Bakkera503a632013-08-14 13:48:06 +02001883
1884/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001885 * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
Paul Bakker0be444a2013-08-27 21:55:01 +02001886 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02001887 * Enable support for RFC 6066 server name indication (SNI) in SSL.
Paul Bakker0be444a2013-08-27 21:55:01 +02001888 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001889 * Requires: MBEDTLS_X509_CRT_PARSE_C
Manuel Pégourié-Gonnardbbbb3cf2015-01-28 16:44:37 +00001890 *
Paul Bakker0be444a2013-08-27 21:55:01 +02001891 * Comment this macro to disable support for server name indication in SSL
1892 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001893#define MBEDTLS_SSL_SERVER_NAME_INDICATION
Paul Bakker0be444a2013-08-27 21:55:01 +02001894
1895/**
Gilles Peskinef03bd812020-03-23 18:13:58 +01001896 * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1897 *
Andrzej Kurek2a54a6f2021-01-07 08:13:49 -05001898 * When this option is enabled, the SSL buffer will be resized automatically
1899 * based on the negotiated maximum fragment length in each direction.
Andrzej Kurek557289b2020-10-21 15:12:39 +02001900 *
1901 * Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Gilles Peskinef03bd812020-03-23 18:13:58 +01001902 */
1903//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1904
1905/**
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001906 * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
1907 *
1908 * Enable testing of the constant-flow nature of some sensitive functions with
1909 * clang's MemorySanitizer. This causes some existing tests to also test
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001910 * this non-functional property of the code under test.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001911 *
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001912 * This setting requires compiling with clang -fsanitize=memory. The test
1913 * suites can then be run normally.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001914 *
Manuel Pégourié-Gonnard8ff863b2020-07-31 12:59:34 +02001915 * \warning This macro is only used for extended testing; it is not considered
1916 * part of the library's API, so it may change or disappear at any time.
1917 *
Manuel Pégourié-Gonnard390fb4f2020-07-24 11:08:40 +02001918 * Uncomment to enable testing of the constant-flow nature of selected code.
Manuel Pégourié-Gonnard6240def2020-07-10 09:35:54 +02001919 */
1920//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
1921
1922/**
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001923 * \def MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
1924 *
1925 * Enable testing of the constant-flow nature of some sensitive functions with
1926 * valgrind's memcheck tool. This causes some existing tests to also test
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001927 * this non-functional property of the code under test.
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001928 *
1929 * This setting requires valgrind headers for building, and is only useful for
Manuel Pégourié-Gonnarddd00bfc2020-08-24 12:58:36 +02001930 * testing if the tests suites are run with valgrind's memcheck. This can be
1931 * done for an individual test suite with 'valgrind ./test_suite_xxx', or when
1932 * using CMake, this can be done for all test suites with 'make memcheck'.
Manuel Pégourié-Gonnard73afa372020-08-19 10:27:38 +02001933 *
1934 * \warning This macro is only used for extended testing; it is not considered
1935 * part of the library's API, so it may change or disappear at any time.
1936 *
1937 * Uncomment to enable testing of the constant-flow nature of selected code.
1938 */
1939//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
1940
1941/**
Gilles Peskinefea6eaf2019-09-11 13:27:48 +02001942 * \def MBEDTLS_TEST_HOOKS
1943 *
1944 * Enable features for invasive testing such as introspection functions and
1945 * hooks for fault injection. This enables additional unit tests.
1946 *
1947 * Merely enabling this feature should not change the behavior of the product.
1948 * It only adds new code, and new branching points where the default behavior
1949 * is the same as when this feature is disabled.
1950 * However, this feature increases the attack surface: there is an added
1951 * risk of vulnerabilities, and more gadgets that can make exploits easier.
1952 * Therefore this feature must never be enabled in production.
1953 *
1954 * See `docs/architecture/testing/mbed-crypto-invasive-testing.md` for more
1955 * information.
1956 *
1957 * Uncomment to enable invasive tests.
1958 */
1959//#define MBEDTLS_TEST_HOOKS
1960
1961/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001962 * \def MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001963 *
1964 * Provide your own alternate threading implementation.
1965 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001966 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001967 *
1968 * Uncomment this to allow your own alternate threading implementation.
Paul Bakker2466d932013-09-28 14:40:38 +02001969 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001970//#define MBEDTLS_THREADING_ALT
Paul Bakker2466d932013-09-28 14:40:38 +02001971
1972/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001973 * \def MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02001974 *
1975 * Enable the pthread wrapper layer for the threading layer.
1976 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001977 * Requires: MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02001978 *
1979 * Uncomment this to enable pthread mutexes.
Paul Bakker2466d932013-09-28 14:40:38 +02001980 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001981//#define MBEDTLS_THREADING_PTHREAD
Paul Bakker2466d932013-09-28 14:40:38 +02001982
1983/**
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001984 * \def MBEDTLS_USE_PSA_CRYPTO
1985 *
Manuel Pégourié-Gonnard2ca08c82023-03-24 09:21:46 +01001986 * Make the X.509 and TLS libraries use PSA for cryptographic operations as
1987 * much as possible, and enable new APIs for using keys handled by PSA Crypto.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001988 *
Jaeden Amero8dd16902019-07-22 16:39:49 +01001989 * \note Development of this option is currently in progress, and parts of Mbed
1990 * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts
Andrzej Kurekd65b11d2019-04-16 04:20:24 -04001991 * will still continue to work as usual, so enabling this option should not
1992 * break backwards compatibility.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02001993 *
Manuel Pégourié-Gonnardff43ff62022-04-20 15:32:01 +02001994 * \warning If you enable this option, you need to call `psa_crypto_init()`
valeriocf35d772023-04-20 10:37:53 +02001995 * before calling any function from the SSL/TLS, X.509 or PK modules, except
1996 * for the various mbedtls_xxx_init() functions which can be called at any time.
Hanno Becker51560b62018-11-19 09:46:26 +00001997 *
Manuel Pégourié-Gonnard93b21e72023-03-29 10:30:26 +02001998 * \note An important and desirable effect of this option is that it allows
1999 * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling
2000 * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in
Manuel Pégourié-Gonnard9463e782023-03-30 09:37:39 +02002001 * those modules. However, note that even with this option disabled, some code
Manuel Pégourié-Gonnard93b21e72023-03-29 10:30:26 +02002002 * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it
2003 * can determine it's safe to do so; currently that's the case for hashes.
Manuel Pégourié-Gonnard2ca08c82023-03-24 09:21:46 +01002004 *
2005 * \note See docs/use-psa-crypto.md for a complete description this option.
Manuel Pégourié-Gonnardaeefa492018-10-22 12:14:52 +02002006 *
2007 * Requires: MBEDTLS_PSA_CRYPTO_C.
Manuel Pégourié-Gonnard971dea32019-02-01 12:38:40 +01002008 *
Andrzej Kurekd3deb1d2019-04-16 04:14:48 -04002009 * Uncomment this to enable internal use of PSA Crypto and new associated APIs.
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002010 */
Paul Bakker0f90d7d2014-04-30 11:49:44 +02002011//#define MBEDTLS_USE_PSA_CRYPTO
2012
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002013/**
John Durkop6e33dbe2020-09-17 21:15:13 -07002014 * \def MBEDTLS_PSA_CRYPTO_CONFIG
2015 *
John Durkop185764f2020-10-12 21:32:12 -07002016 * This setting allows support for cryptographic mechanisms through the PSA
2017 * API to be configured separately from support through the mbedtls API.
John Durkop6e33dbe2020-09-17 21:15:13 -07002018 *
Gilles Peskinedb0421b2022-04-13 23:22:49 +02002019 * When this option is disabled, the PSA API exposes the cryptographic
2020 * mechanisms that can be implemented on top of the `mbedtls_xxx` API
2021 * configured with `MBEDTLS_XXX` symbols.
Gilles Peskine750596e2022-03-16 17:03:55 +01002022 *
2023 * When this option is enabled, the PSA API exposes the cryptographic
2024 * mechanisms requested by the `PSA_WANT_XXX` symbols defined in
2025 * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are
2026 * automatically enabled if required (i.e. if no PSA driver provides the
2027 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
2028 * in mbedtls_config.h.
Gilles Peskine58858b72020-11-09 15:26:09 +01002029 *
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01002030 * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
Gilles Peskine0c4db1f2022-04-14 12:44:01 +02002031 * an alternative header to include instead of include/psa/crypto_config.h.
Gilles Peskine58858b72020-11-09 15:26:09 +01002032 *
John Durkop185764f2020-10-12 21:32:12 -07002033 * This feature is still experimental and is not ready for production since
2034 * it is not completed.
John Durkop6e33dbe2020-09-17 21:15:13 -07002035 */
2036//#define MBEDTLS_PSA_CRYPTO_CONFIG
2037
2038/**
Paul Bakker1f2bc622013-08-15 13:45:55 +02002039 * \def MBEDTLS_VERSION_FEATURES
2040 *
2041 * Allow run-time checking of compile-time enabled features. Thus allowing users
2042 * to check at run-time if the library is for instance compiled with threading
Paul Bakker5c721f92011-07-27 16:51:09 +00002043 * support via mbedtls_version_check_feature().
2044 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002045 * Requires: MBEDTLS_VERSION_C
Paul Bakker5c721f92011-07-27 16:51:09 +00002046 *
2047 * Comment this to disable run-time checking and save ROM space
2048 */
2049#define MBEDTLS_VERSION_FEATURES
2050
2051/**
Hanno Becker288dedc2019-03-27 11:00:53 +00002052 * \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2053 *
Jarno Lamsaf49fedc2019-04-01 14:58:30 +03002054 * If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()`
Hanno Becker288dedc2019-03-27 11:00:53 +00002055 * and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure
2056 * the set of trusted certificates through a callback instead of a linked
2057 * list.
2058 *
2059 * This is useful for example in environments where a large number of trusted
2060 * certificates is present and storing them in a linked list isn't efficient
2061 * enough, or when the set of trusted certificates changes frequently.
2062 *
Jarno Lamsaf49fedc2019-04-01 14:58:30 +03002063 * See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and
Hanno Becker288dedc2019-03-27 11:00:53 +00002064 * `mbedtls_ssl_conf_ca_cb()` for more information.
2065 *
Valerio Setti8e45cdd2023-01-05 09:32:29 +01002066 * Requires: MBEDTLS_X509_CRT_PARSE_C
2067 *
Hanno Becker288dedc2019-03-27 11:00:53 +00002068 * Uncomment to enable trusted certificate callbacks.
2069 */
2070//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2071
2072/**
Hanno Becker612a2f12020-10-09 09:19:39 +01002073 * \def MBEDTLS_X509_REMOVE_INFO
Peter Kolbus9a969b62018-12-11 13:55:56 -06002074 *
Chris Jones2c745862020-12-16 11:41:06 +00002075 * Disable mbedtls_x509_*_info() and related APIs.
Peter Kolbus9a969b62018-12-11 13:55:56 -06002076 *
Chris Jones2c745862020-12-16 11:41:06 +00002077 * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt()
Peter Kolbus9a969b62018-12-11 13:55:56 -06002078 * and other functions/constants only used by these functions, thus reducing
2079 * the code footprint by several KB.
2080 */
Chris Jones2c745862020-12-16 11:41:06 +00002081//#define MBEDTLS_X509_REMOVE_INFO
Peter Kolbus9a969b62018-12-11 13:55:56 -06002082
2083/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002084 * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
Manuel Pégourié-Gonnardd1539b12014-06-06 16:42:37 +02002085 *
2086 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
2087 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
2088 *
2089 * Comment this macro to disallow using RSASSA-PSS in certificates.
2090 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002091#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +01002092/** \} name SECTION: mbed TLS feature support */
Paul Bakker0a62cd12011-01-21 11:00:08 +00002093
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002094/**
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002095 * \name SECTION: mbed TLS modules
Paul Bakker0a62cd12011-01-21 11:00:08 +00002096 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00002097 * This section enables or disables entire modules in mbed TLS
Paul Bakker0a62cd12011-01-21 11:00:08 +00002098 * \{
2099 */
Paul Bakker5121ce52009-01-03 21:22:43 +00002100
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002101/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002102 * \def MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002103 *
Gilles Peskine0bfccfa2023-03-16 17:49:44 +01002104 * Enable AES-NI support on x86-64 or x86-32.
2105 *
2106 * \note AESNI is only supported with certain compilers and target options:
2107 * - Visual Studio 2013: supported.
2108 * - GCC, x86-64, target not explicitly supporting AESNI:
2109 * requires MBEDTLS_HAVE_ASM.
2110 * - GCC, x86-32, target not explicitly supporting AESNI:
2111 * not supported.
2112 * - GCC, x86-64 or x86-32, target supporting AESNI: supported.
2113 * For this assembly-less implementation, you must currently compile
2114 * `library/aesni.c` and `library/aes.c` with machine options to enable
2115 * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or
2116 * `clang -maes -mpclmul`.
2117 * - Non-x86 targets: this option is silently ignored.
2118 * - Other compilers: this option is silently ignored.
2119 *
2120 * \note
2121 * Above, "GCC" includes compatible compilers such as Clang.
2122 * The limitations on target support are likely to be relaxed in the future.
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002123 *
2124 * Module: library/aesni.c
2125 * Caller: library/aes.c
2126 *
Gilles Peskine0bfccfa2023-03-16 17:49:44 +01002127 * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note)
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002128 *
Gilles Peskine0bfccfa2023-03-16 17:49:44 +01002129 * This modules adds support for the AES-NI instructions on x86.
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002130 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002131#define MBEDTLS_AESNI_C
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002132
2133/**
Jerry Yu2fddfd72023-01-10 16:32:03 +08002134 * \def MBEDTLS_AESCE_C
2135 *
Dave Rodgmanf918d422023-03-17 17:52:23 +00002136 * Enable AES cryptographic extension support on 64-bit Arm.
Jerry Yu2fddfd72023-01-10 16:32:03 +08002137 *
2138 * Module: library/aesce.c
2139 * Caller: library/aes.c
2140 *
Jerry Yuf015a932023-04-25 10:38:03 +08002141 * Requires: MBEDTLS_AES_C
Jerry Yu2fddfd72023-01-10 16:32:03 +08002142 *
Dave Rodgmanf918d422023-03-17 17:52:23 +00002143 * \warning Runtime detection only works on Linux. For non-Linux operating
2144 * system, Armv8-A Cryptographic Extensions must be supported by
2145 * the CPU when this option is enabled.
Jerry Yu2fddfd72023-01-10 16:32:03 +08002146 *
Jerry Yua1a039d2023-04-26 10:21:42 +08002147 * \note Minimum compiler versions for this feature are Clang 4.0,
2148 * GCC 6.0 or MSVC 2019 version 16.11.2.
Jerry Yu2fddfd72023-01-10 16:32:03 +08002149 *
Dave Rodgmanf918d422023-03-17 17:52:23 +00002150 * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems.
Jerry Yu2fddfd72023-01-10 16:32:03 +08002151 */
2152#define MBEDTLS_AESCE_C
2153
2154/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002155 * \def MBEDTLS_AES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002156 *
2157 * Enable the AES block cipher.
2158 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002159 * Module: library/aes.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002160 * Caller: library/cipher.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002161 * library/pem.c
Paul Bakker6083fd22011-12-03 21:45:14 +00002162 * library/ctr_drbg.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002163 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002164 * This module enables the following ciphersuites (if other requisites are
2165 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002166 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
2167 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
2168 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
2169 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
2170 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
2171 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
2172 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
2173 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
2174 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
2175 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
2176 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
2177 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
2178 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
2179 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2180 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2181 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
2182 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2183 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2184 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
2185 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2186 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2187 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2188 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2189 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2190 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
2191 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
2192 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
2193 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
2194 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2195 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
2196 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
2197 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
2198 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
2199 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
2200 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
2201 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
2202 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
2203 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
2204 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
2205 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
2206 * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
2207 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
2208 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
2209 * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
2210 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
2211 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
2212 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
2213 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
2214 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
2215 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
2216 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
2217 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
2218 * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
2219 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
2220 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
2221 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
2222 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
2223 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
Paul Bakker6deb37e2013-02-19 13:17:08 +01002224 *
Paul Bakkercff68422013-09-15 20:43:33 +02002225 * PEM_PARSE uses AES for decrypting encrypted keys.
Paul Bakker5121ce52009-01-03 21:22:43 +00002226 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002227#define MBEDTLS_AES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002228
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002229/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002230 * \def MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002231 *
2232 * Enable the generic ASN1 parser.
2233 *
2234 * Module: library/asn1.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002235 * Caller: library/x509.c
2236 * library/dhm.c
2237 * library/pkcs12.c
2238 * library/pkcs5.c
2239 * library/pkparse.c
Paul Bakkerefc30292011-11-10 14:43:23 +00002240 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002241#define MBEDTLS_ASN1_PARSE_C
Paul Bakkerefc30292011-11-10 14:43:23 +00002242
2243/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002244 * \def MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002245 *
2246 * Enable the generic ASN1 writer.
2247 *
2248 * Module: library/asn1write.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002249 * Caller: library/ecdsa.c
2250 * library/pkwrite.c
2251 * library/x509_create.c
2252 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002253 * library/x509write_csr.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002254 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002255#define MBEDTLS_ASN1_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00002256
2257/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002258 * \def MBEDTLS_BASE64_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002259 *
2260 * Enable the Base64 module.
2261 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002262 * Module: library/base64.c
Paul Bakker5690efc2011-05-26 13:16:06 +00002263 * Caller: library/pem.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002264 *
Paul Bakker5690efc2011-05-26 13:16:06 +00002265 * This module is required for PEM support (required by X.509).
Paul Bakker5121ce52009-01-03 21:22:43 +00002266 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002267#define MBEDTLS_BASE64_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002268
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002269/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002270 * \def MBEDTLS_BIGNUM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002271 *
Paul Bakker9a736322012-11-14 12:39:52 +00002272 * Enable the multi-precision integer library.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002273 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002274 * Module: library/bignum.c
Janos Follath3ca07752022-08-09 11:45:47 +01002275 * library/bignum_core.c
Janos Follathd1baedb2022-08-09 13:44:53 +01002276 * library/bignum_mod.c
Gabor Mezeid41f6272022-08-12 15:20:21 +02002277 * library/bignum_mod_raw.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002278 * Caller: library/dhm.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002279 * library/ecp.c
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002280 * library/ecdsa.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002281 * library/rsa.c
Chris Jones3848e312021-03-11 16:17:59 +00002282 * library/rsa_alt_helpers.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002283 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002284 *
Manuel Pégourié-Gonnardbf319772014-06-25 13:00:17 +02002285 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
Paul Bakker5121ce52009-01-03 21:22:43 +00002286 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002287#define MBEDTLS_BIGNUM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002288
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002289/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002290 * \def MBEDTLS_CAMELLIA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002291 *
2292 * Enable the Camellia block cipher.
2293 *
Paul Bakker38119b12009-01-10 23:31:23 +00002294 * Module: library/camellia.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002295 * Caller: library/cipher.c
Paul Bakker38119b12009-01-10 23:31:23 +00002296 *
Paul Bakker645ce3a2012-10-31 12:32:41 +00002297 * This module enables the following ciphersuites (if other requisites are
2298 * enabled as well):
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002299 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2300 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2301 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
2302 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
2303 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2304 * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2305 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
2306 * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
2307 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
2308 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2309 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
2310 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
2311 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
2312 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
2313 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
2314 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
2315 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2316 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
2317 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
2318 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2319 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
2320 * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
2321 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
2322 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2323 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
2324 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
2325 * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2326 * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
2327 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
2328 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
2329 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
2330 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
2331 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
2332 * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
2333 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
2334 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
2335 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
2336 * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
2337 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
2338 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
2339 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
2340 * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Paul Bakker38119b12009-01-10 23:31:23 +00002341 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002342#define MBEDTLS_CAMELLIA_C
Paul Bakker38119b12009-01-10 23:31:23 +00002343
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002344/**
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002345 * \def MBEDTLS_ARIA_C
2346 *
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002347 * Enable the ARIA block cipher.
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002348 *
2349 * Module: library/aria.c
Manuel Pégourié-Gonnard525168c2018-02-28 10:47:02 +01002350 * Caller: library/cipher.c
2351 *
2352 * This module enables the following ciphersuites (if other requisites are
2353 * enabled as well):
2354 *
2355 * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
2356 * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
2357 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
2358 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
2359 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
2360 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
2361 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
2362 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
2363 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
2364 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
2365 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
2366 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
2367 * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
2368 * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
2369 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
2370 * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
2371 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
2372 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
2373 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
2374 * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
2375 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
2376 * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
2377 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
2378 * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
2379 * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
2380 * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
2381 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
2382 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
2383 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
2384 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
2385 * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
2386 * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
2387 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
2388 * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
2389 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
2390 * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
2391 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
2392 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002393 */
TRodziewicz85aff9f2021-04-23 10:47:26 +02002394#define MBEDTLS_ARIA_C
Markku-Juhani O. Saarinen3c0b53b2017-11-30 16:00:34 +00002395
2396/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002397 * \def MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002398 *
2399 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
2400 *
2401 * Module: library/ccm.c
2402 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002403 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or
2404 * MBEDTLS_ARIA_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002405 *
2406 * This module enables the AES-CCM ciphersuites, if other requisites are
2407 * enabled as well.
2408 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002409#define MBEDTLS_CCM_C
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +02002410
2411/**
Daniel King34b822c2016-05-15 17:28:08 -03002412 * \def MBEDTLS_CHACHA20_C
2413 *
2414 * Enable the ChaCha20 stream cipher.
2415 *
2416 * Module: library/chacha20.c
2417 */
2418#define MBEDTLS_CHACHA20_C
2419
2420/**
Manuel Pégourié-Gonnarde533b222018-06-04 12:23:19 +02002421 * \def MBEDTLS_CHACHAPOLY_C
2422 *
2423 * Enable the ChaCha20-Poly1305 AEAD algorithm.
2424 *
2425 * Module: library/chachapoly.c
2426 *
2427 * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
2428 */
2429#define MBEDTLS_CHACHAPOLY_C
2430
2431/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002432 * \def MBEDTLS_CIPHER_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002433 *
2434 * Enable the generic cipher layer.
2435 *
Paul Bakker8123e9d2011-01-06 15:37:30 +00002436 * Module: library/cipher.c
Przemek Stekielea805b42022-05-02 10:30:03 +02002437 * Caller: library/ccm.c
2438 * library/cmac.c
2439 * library/gcm.c
2440 * library/nist_kw.c
Przemek Stekielea805b42022-05-02 10:30:03 +02002441 * library/pkcs12.c
2442 * library/pkcs5.c
2443 * library/psa_crypto_aead.c
2444 * library/psa_crypto_mac.c
2445 * library/ssl_ciphersuites.c
2446 * library/ssl_msg.c
Przemek Stekiela09f8352022-05-12 09:34:28 +02002447 * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled)
Paul Bakker8123e9d2011-01-06 15:37:30 +00002448 *
2449 * Uncomment to enable generic cipher wrappers.
2450 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002451#define MBEDTLS_CIPHER_C
Paul Bakker8123e9d2011-01-06 15:37:30 +00002452
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002453/**
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002454 * \def MBEDTLS_CMAC_C
2455 *
Simon Butcher327398a2016-10-05 14:09:11 +01002456 * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
2457 * ciphers.
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002458 *
Steven Cooremanc338cef2021-04-26 11:24:44 +02002459 * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying
2460 * implementation of the CMAC algorithm is provided by an alternate
2461 * implementation, that alternate implementation may opt to not support
2462 * AES-192 or 3DES as underlying block ciphers for the CMAC operation.
2463 *
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002464 * Module: library/cmac.c
2465 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002466 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_DES_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002467 *
2468 */
TRodziewicz85aff9f2021-04-23 10:47:26 +02002469#define MBEDTLS_CMAC_C
Robert Cragiedc5c7b92015-12-11 15:49:45 +00002470
2471/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002472 * \def MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002473 *
Nir Sonnenscheince266e42018-08-29 10:11:46 +03002474 * Enable the CTR_DRBG AES-based random generator.
2475 * The CTR_DRBG generator uses AES-256 by default.
Gilles Peskine1540e5b2019-10-03 14:21:14 +02002476 * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002477 *
Yanray Wang55ef22c2023-06-15 09:57:06 +08002478 * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set.
2479 *
Gilles Peskine7e279362019-10-03 14:21:39 +02002480 * \note To achieve a 256-bit security strength with CTR_DRBG,
2481 * you must use AES-256 *and* use sufficient entropy.
2482 * See ctr_drbg.h for more details.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002483 *
2484 * Module: library/ctr_drbg.c
2485 * Caller:
2486 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002487 * Requires: MBEDTLS_AES_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002488 *
Nir Sonnenschein521e8a92018-09-03 14:10:52 +03002489 * This module provides the CTR_DRBG AES random number generator.
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002490 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002491#define MBEDTLS_CTR_DRBG_C
Paul Bakker0e04d0e2011-11-27 14:46:59 +00002492
2493/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002494 * \def MBEDTLS_DEBUG_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002495 *
2496 * Enable the debug functions.
2497 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002498 * Module: library/debug.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002499 * Caller: library/ssl_msg.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002500 * library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002501 * library/ssl_tls12_*.c
2502 * library/ssl_tls13_*.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002503 *
2504 * This module provides debugging functions.
2505 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002506#define MBEDTLS_DEBUG_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002507
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002508/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002509 * \def MBEDTLS_DES_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002510 *
2511 * Enable the DES block cipher.
2512 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002513 * Module: library/des.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002514 * Caller: library/pem.c
Manuel Pégourié-Gonnardfdd43542018-02-28 10:49:02 +01002515 * library/cipher.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002516 *
Paul Bakkercff68422013-09-15 20:43:33 +02002517 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002518 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +00002519 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002520 * security risk. We recommend considering stronger ciphers instead.
Paul Bakker5121ce52009-01-03 21:22:43 +00002521 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002522#define MBEDTLS_DES_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002523
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002524/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002525 * \def MBEDTLS_DHM_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002526 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002527 * Enable the Diffie-Hellman-Merkle module.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002528 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002529 * Module: library/dhm.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002530 * Caller: library/ssl_tls.c
2531 * library/ssl*_client.c
2532 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002533 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002534 * This module is used by the following key exchanges:
2535 * DHE-RSA, DHE-PSK
Hanno Beckera2f6b722017-09-28 10:33:29 +01002536 *
Hanno Beckerf9734b32017-10-03 12:09:22 +01002537 * \warning Using DHE constitutes a security risk as it
2538 * is not possible to validate custom DH parameters.
2539 * If possible, it is recommended users should consider
2540 * preferring other methods of key exchange.
2541 * See dhm.h for more details.
Hanno Beckera2f6b722017-09-28 10:33:29 +01002542 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002543 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002544#define MBEDTLS_DHM_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002545
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002546/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002547 * \def MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002548 *
2549 * Enable the elliptic curve Diffie-Hellman library.
2550 *
2551 * Module: library/ecdh.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002552 * Caller: library/psa_crypto.c
2553 * library/ssl_tls.c
2554 * library/ssl*_client.c
2555 * library/ssl*_server.c
Paul Bakker41c83d32013-03-20 14:39:14 +01002556 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002557 * This module is used by the following key exchanges:
2558 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002559 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002560 * Requires: MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002561 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002562#define MBEDTLS_ECDH_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002563
2564/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002565 * \def MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002566 *
2567 * Enable the elliptic curve DSA library.
2568 *
2569 * Module: library/ecdsa.c
2570 * Caller:
2571 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002572 * This module is used by the following key exchanges:
2573 * ECDHE-ECDSA
2574 *
Gilles Peskine799e5762018-09-14 17:34:00 +02002575 * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C,
2576 * and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a
2577 * short Weierstrass curve.
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002578 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002579#define MBEDTLS_ECDSA_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002580
2581/**
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002582 * \def MBEDTLS_ECJPAKE_C
2583 *
2584 * Enable the elliptic curve J-PAKE library.
2585 *
Tomasz Rodziewicz532ca932021-05-07 11:01:24 +02002586 * \note EC J-PAKE support is based on the Thread v1.0.0 specification.
2587 * It has not been reviewed for compliance with newer standards such as
Tomasz Rodziewicz1fc7c4c2021-05-07 10:13:31 +02002588 * Thread v1.1 or RFC 8236.
Manuel Pégourié-Gonnard75df9022015-09-16 23:21:01 +02002589 *
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002590 * Module: library/ecjpake.c
2591 * Caller:
2592 *
2593 * This module is used by the following key exchanges:
2594 * ECJPAKE
2595 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02002596 * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C
Neil Armstrongecaba1c2022-08-11 10:47:08 +02002597 *
Manuel Pégourié-Gonnard41bc8b62023-03-14 23:59:24 +01002598 * \warning If using a hash that is only provided by PSA drivers, you must
2599 * call psa_crypto_init() before doing any EC J-PAKE operations.
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002600 */
Tomasz Rodziewiczb1336052021-04-22 15:14:17 +02002601#define MBEDTLS_ECJPAKE_C
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002602
2603/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002604 * \def MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002605 *
2606 * Enable the elliptic curve over GF(p) library.
2607 *
2608 * Module: library/ecp.c
2609 * Caller: library/ecdh.c
2610 * library/ecdsa.c
Manuel Pégourié-Gonnard4d8685b2015-08-05 15:44:42 +02002611 * library/ecjpake.c
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002612 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002613 * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002614 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002615#define MBEDTLS_ECP_C
Paul Bakkerd589a0d2013-03-13 16:30:17 +01002616
2617/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002618 * \def MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002619 *
2620 * Enable the platform-specific entropy code.
2621 *
2622 * Module: library/entropy.c
2623 * Caller:
2624 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002625 * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002626 *
2627 * This module provides a generic entropy pool
2628 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002629#define MBEDTLS_ENTROPY_C
Paul Bakker6083fd22011-12-03 21:45:14 +00002630
2631/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002632 * \def MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002633 *
2634 * Enable error code to error string conversion.
2635 *
2636 * Module: library/error.c
2637 * Caller:
2638 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002639 * This module enables mbedtls_strerror().
Paul Bakker9d781402011-05-09 16:17:09 +00002640 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002641#define MBEDTLS_ERROR_C
Paul Bakker9d781402011-05-09 16:17:09 +00002642
2643/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002644 * \def MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002645 *
Jaeden Amero7accf442019-04-10 18:13:57 +01002646 * Enable the Galois/Counter Mode (GCM).
Paul Bakker89e80c92012-03-20 13:50:09 +00002647 *
2648 * Module: library/gcm.c
2649 *
Przemek Stekielea805b42022-05-02 10:30:03 +02002650 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or
2651 * MBEDTLS_ARIA_C
Paul Bakker645ce3a2012-10-31 12:32:41 +00002652 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02002653 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
2654 * requisites are enabled as well.
Paul Bakker89e80c92012-03-20 13:50:09 +00002655 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002656#define MBEDTLS_GCM_C
Paul Bakker89e80c92012-03-20 13:50:09 +00002657
2658/**
Thomas Fossati656864b2016-07-17 08:51:22 +01002659 * \def MBEDTLS_HKDF_C
2660 *
2661 * Enable the HKDF algorithm (RFC 5869).
2662 *
2663 * Module: library/hkdf.c
2664 * Caller:
2665 *
2666 * Requires: MBEDTLS_MD_C
2667 *
2668 * This module adds support for the Hashed Message Authentication Code
2669 * (HMAC)-based key derivation function (HKDF).
2670 */
2671#define MBEDTLS_HKDF_C
2672
2673/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002674 * \def MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002675 *
2676 * Enable the HMAC_DRBG random generator.
2677 *
2678 * Module: library/hmac_drbg.c
2679 * Caller:
2680 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002681 * Requires: MBEDTLS_MD_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002682 *
Tom Cosgrove1e211442022-05-26 11:51:00 +01002683 * Uncomment to enable the HMAC_DRBG random number generator.
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002684 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002685#define MBEDTLS_HMAC_DRBG_C
Manuel Pégourié-Gonnard490bdf32014-01-27 14:03:10 +01002686
2687/**
Raef Coles8ff6df52021-07-21 12:42:15 +01002688 * \def MBEDTLS_LMS_C
2689 *
2690 * Enable the LMS stateful-hash asymmetric signature algorithm.
2691 *
2692 * Module: library/lms.c
2693 * Caller:
2694 *
Raef Colesab4f8742022-09-01 12:24:31 +01002695 * Requires: MBEDTLS_PSA_CRYPTO_C
Raef Coles8ff6df52021-07-21 12:42:15 +01002696 *
Raef Colesab4f8742022-09-01 12:24:31 +01002697 * Uncomment to enable the LMS verification algorithm and public key operations.
Raef Coles8ff6df52021-07-21 12:42:15 +01002698 */
2699#define MBEDTLS_LMS_C
2700
2701/**
Raef Colesab4f8742022-09-01 12:24:31 +01002702 * \def MBEDTLS_LMS_PRIVATE
2703 *
2704 * Enable LMS private-key operations and signing code. Functions enabled by this
2705 * option are experimental, and should not be used in production.
2706 *
2707 * Requires: MBEDTLS_LMS_C
2708 *
2709 * Uncomment to enable the LMS signature algorithm and private key operations.
2710 */
Raef Coles5127e852022-10-07 10:35:56 +01002711//#define MBEDTLS_LMS_PRIVATE
Raef Colesab4f8742022-09-01 12:24:31 +01002712
2713/**
Ron Eldor466a57f2018-05-03 16:54:28 +03002714 * \def MBEDTLS_NIST_KW_C
2715 *
2716 * Enable the Key Wrapping mode for 128-bit block ciphers,
2717 * as defined in NIST SP 800-38F. Only KW and KWP modes
2718 * are supported. At the moment, only AES is approved by NIST.
2719 *
2720 * Module: library/nist_kw.c
2721 *
2722 * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
2723 */
TRodziewicz85aff9f2021-04-23 10:47:26 +02002724#define MBEDTLS_NIST_KW_C
Ron Eldor466a57f2018-05-03 16:54:28 +03002725
2726/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002727 * \def MBEDTLS_MD_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002728 *
Manuel Pégourié-Gonnardb9b630d2023-02-16 19:07:31 +01002729 * Enable the generic layer for message digest (hashing) and HMAC.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002730 *
Manuel Pégourié-Gonnard1f7f7172022-07-18 12:04:05 +02002731 * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C,
2732 * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C,
Manuel Pégourié-Gonnard161dca62023-03-21 16:22:59 +01002733 * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least
Manuel Pégourié-Gonnard534d64d2023-03-14 17:43:06 +01002734 * one hash.
Simon Butcher2cb47392016-11-04 12:23:11 +00002735 * Module: library/md.c
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002736 * Caller: library/constant_time.c
2737 * library/ecdsa.c
2738 * library/ecjpake.c
2739 * library/hkdf.c
2740 * library/hmac_drbg.c
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002741 * library/pk.c
2742 * library/pkcs5.c
2743 * library/pkcs12.c
2744 * library/psa_crypto_ecp.c
2745 * library/psa_crypto_rsa.c
2746 * library/rsa.c
2747 * library/ssl_cookie.c
2748 * library/ssl_msg.c
2749 * library/ssl_tls.c
Przemek Stekiel6e712822022-05-06 11:40:20 +02002750 * library/x509.c
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002751 * library/x509_crt.c
2752 * library/x509write_crt.c
2753 * library/x509write_csr.c
Paul Bakker17373852011-01-06 14:20:01 +00002754 *
2755 * Uncomment to enable generic message digest wrappers.
2756 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002757#define MBEDTLS_MD_C
Paul Bakker17373852011-01-06 14:20:01 +00002758
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002759/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002760 * \def MBEDTLS_MD5_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002761 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002762 * Enable the MD5 hash algorithm.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002763 *
Simon Butcher2cb47392016-11-04 12:23:11 +00002764 * Module: library/md5.c
2765 * Caller: library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002766 * library/pem.c
Paul Bakker6deb37e2013-02-19 13:17:08 +01002767 * library/ssl_tls.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002768 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02002769 * This module is required for TLS 1.2 depending on the handshake parameters.
2770 * Further, it is used for checking MD5-signed certificates, and for PBKDF1
2771 * when decrypting PEM-encoded encrypted keys.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01002772 *
2773 * \warning MD5 is considered a weak message digest and its use constitutes a
2774 * security risk. If possible, we recommend avoiding dependencies on
2775 * it, and considering stronger message digests instead.
2776 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002777 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002778#define MBEDTLS_MD5_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002779
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002780/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002781 * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002782 *
2783 * Enable the buffer allocator implementation that makes use of a (stack)
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02002784 * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002785 * calls)
Paul Bakker6e339b52013-07-03 13:37:05 +02002786 *
2787 * Module: library/memory_buffer_alloc.c
2788 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002789 * Requires: MBEDTLS_PLATFORM_C
2790 * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
Paul Bakker6e339b52013-07-03 13:37:05 +02002791 *
2792 * Enable this module to enable the buffer memory allocator.
Paul Bakker6e339b52013-07-03 13:37:05 +02002793 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002794//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
Paul Bakker6e339b52013-07-03 13:37:05 +02002795
2796/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002797 * \def MBEDTLS_NET_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002798 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002799 * Enable the TCP and UDP over IPv6/IPv4 networking routines.
2800 *
Simon Butcherd567a232016-03-09 20:19:21 +00002801 * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
2802 * and Windows. For other platforms, you'll want to disable it, and write your
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002803 * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002804 *
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00002805 * \note See also our Knowledge Base article about porting to a new
2806 * environment:
Dave Rodgmanb3196842022-10-12 16:47:08 +01002807 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00002808 *
Andres AG788aa4a2016-09-14 14:32:09 +01002809 * Module: library/net_sockets.c
Paul Bakker5121ce52009-01-03 21:22:43 +00002810 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01002811 * This module provides networking routines.
Paul Bakker5121ce52009-01-03 21:22:43 +00002812 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002813#define MBEDTLS_NET_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002814
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002815/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002816 * \def MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002817 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002818 * Enable the OID database.
Paul Bakkerc70b9822013-04-07 22:00:46 +02002819 *
2820 * Module: library/oid.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002821 * Caller: library/asn1write.c
2822 * library/pkcs5.c
2823 * library/pkparse.c
2824 * library/pkwrite.c
2825 * library/rsa.c
2826 * library/x509.c
2827 * library/x509_create.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002828 * library/x509_crl.c
2829 * library/x509_crt.c
2830 * library/x509_csr.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002831 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002832 * library/x509write_csr.c
Paul Bakkerc70b9822013-04-07 22:00:46 +02002833 *
2834 * This modules translates between OIDs and internal values.
2835 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002836#define MBEDTLS_OID_C
Paul Bakkerc70b9822013-04-07 22:00:46 +02002837
2838/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002839 * \def MBEDTLS_PADLOCK_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002840 *
2841 * Enable VIA Padlock support on x86.
2842 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002843 * Module: library/padlock.c
2844 * Caller: library/aes.c
2845 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002846 * Requires: MBEDTLS_HAVE_ASM
Manuel Pégourié-Gonnard92ac76f2013-12-16 17:12:53 +01002847 *
Paul Bakker5121ce52009-01-03 21:22:43 +00002848 * This modules adds support for the VIA PadLock on x86.
2849 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002850#define MBEDTLS_PADLOCK_C
Paul Bakker5121ce52009-01-03 21:22:43 +00002851
Paul Bakkerf3b86c12011-01-27 15:24:17 +00002852/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002853 * \def MBEDTLS_PEM_PARSE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002854 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002855 * Enable PEM decoding / parsing.
Paul Bakker96743fc2011-02-12 14:30:57 +00002856 *
2857 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002858 * Caller: library/dhm.c
Paul Bakkercff68422013-09-15 20:43:33 +02002859 * library/pkparse.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002860 * library/x509_crl.c
2861 * library/x509_crt.c
2862 * library/x509_csr.c
Paul Bakker96743fc2011-02-12 14:30:57 +00002863 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002864 * Requires: MBEDTLS_BASE64_C
Manuel Pégourié-Gonnard1c2008f2023-03-16 10:20:29 +01002865 * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below)
2866 *
2867 * \warning When parsing password-protected files, if MD5 is provided only by
2868 * a PSA driver, you must call psa_crypto_init() before the first file.
Paul Bakker5690efc2011-05-26 13:16:06 +00002869 *
Paul Bakkercff68422013-09-15 20:43:33 +02002870 * This modules adds support for decoding / parsing PEM files.
Paul Bakker96743fc2011-02-12 14:30:57 +00002871 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002872#define MBEDTLS_PEM_PARSE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002873
2874/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002875 * \def MBEDTLS_PEM_WRITE_C
Paul Bakkercff68422013-09-15 20:43:33 +02002876 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002877 * Enable PEM encoding / writing.
Paul Bakkercff68422013-09-15 20:43:33 +02002878 *
2879 * Module: library/pem.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002880 * Caller: library/pkwrite.c
2881 * library/x509write_crt.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002882 * library/x509write_csr.c
Paul Bakkercff68422013-09-15 20:43:33 +02002883 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002884 * Requires: MBEDTLS_BASE64_C
Paul Bakkercff68422013-09-15 20:43:33 +02002885 *
2886 * This modules adds support for encoding / writing PEM files.
2887 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002888#define MBEDTLS_PEM_WRITE_C
Paul Bakker96743fc2011-02-12 14:30:57 +00002889
2890/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002891 * \def MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002892 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08002893 * Enable the generic public (asymmetric) key layer.
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002894 *
2895 * Module: library/pk.c
Ronald Cronde1adee2022-03-07 16:20:30 +01002896 * Caller: library/psa_crypto_rsa.c
2897 * library/ssl_tls.c
2898 * library/ssl*_client.c
2899 * library/ssl*_server.c
2900 * library/x509.c
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002901 *
Przemek Stekiel6aadf0b2022-04-27 14:46:52 +02002902 * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C or MBEDTLS_ECP_C
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +02002903 *
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002904 * Uncomment to enable generic public key wrappers.
2905 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002906#define MBEDTLS_PK_C
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +02002907
2908/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002909 * \def MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002910 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08002911 * Enable the generic public (asymmetric) key parser.
Paul Bakker4606c732013-09-15 17:04:23 +02002912 *
2913 * Module: library/pkparse.c
Simon Butcher2cb47392016-11-04 12:23:11 +00002914 * Caller: library/x509_crt.c
2915 * library/x509_csr.c
Paul Bakker4606c732013-09-15 17:04:23 +02002916 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002917 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002918 *
2919 * Uncomment to enable generic public key parse functions.
2920 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002921#define MBEDTLS_PK_PARSE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002922
2923/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002924 * \def MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002925 *
Shaun Case8b0ecbc2021-12-20 21:14:10 -08002926 * Enable the generic public (asymmetric) key writer.
Paul Bakker4606c732013-09-15 17:04:23 +02002927 *
2928 * Module: library/pkwrite.c
2929 * Caller: library/x509write.c
2930 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002931 * Requires: MBEDTLS_PK_C
Paul Bakker4606c732013-09-15 17:04:23 +02002932 *
2933 * Uncomment to enable generic public key write functions.
2934 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002935#define MBEDTLS_PK_WRITE_C
Paul Bakker4606c732013-09-15 17:04:23 +02002936
2937/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002938 * \def MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002939 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002940 * Enable PKCS#5 functions.
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002941 *
2942 * Module: library/pkcs5.c
2943 *
Manuel Pégourié-Gonnard49e67f82023-03-16 11:39:20 +01002944 * Requires: MBEDTLS_CIPHER_C
Manuel Pégourié-Gonnard161dca62023-03-21 16:22:59 +01002945 * Auto-enables: MBEDTLS_MD_C
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02002946 *
Manuel Pégourié-Gonnard49e67f82023-03-16 11:39:20 +01002947 * \warning If using a hash that is only provided by PSA drivers, you must
2948 * call psa_crypto_init() before doing any PKCS5 operations.
Manuel Pégourié-Gonnard18a38562022-11-22 11:49:55 +01002949 *
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002950 * This module adds support for the PKCS#5 functions.
2951 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002952#define MBEDTLS_PKCS5_C
Paul Bakkerb0c19a42013-06-24 19:26:38 +02002953
2954/**
Nayna Jainc9deb182020-11-16 19:03:12 +00002955 * \def MBEDTLS_PKCS7_C
2956 *
Dave Rodgman3fe2abf2023-03-10 17:05:54 +00002957 * Enable PKCS #7 core for using PKCS #7-formatted signatures.
Nayna Jainc9deb182020-11-16 19:03:12 +00002958 * RFC Link - https://tools.ietf.org/html/rfc2315
2959 *
2960 * Module: library/pkcs7.c
2961 *
2962 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
Nick Child89e82e12022-11-09 10:36:10 -06002963 * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C,
2964 * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C
Nayna Jainc9deb182020-11-16 19:03:12 +00002965 *
Dave Rodgmanefbc5f72023-03-13 12:15:49 +00002966 * This module is required for the PKCS #7 parsing modules.
Nayna Jainc9deb182020-11-16 19:03:12 +00002967 */
Dave Rodgman7c33b0c2023-03-10 15:07:15 +00002968#define MBEDTLS_PKCS7_C
Nayna Jainc9deb182020-11-16 19:03:12 +00002969
2970/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002971 * \def MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002972 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02002973 * Enable PKCS#12 PBE functions.
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002974 * Adds algorithms for parsing PKCS#8 encrypted private keys
2975 *
2976 * Module: library/pkcs12.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02002977 * Caller: library/pkparse.c
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002978 *
Andrzej Kurek7bd12c52022-08-24 10:47:10 -04002979 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either
2980 * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C.
2981 *
Manuel Pégourié-Gonnardbe97afe2023-03-16 10:00:54 +01002982 * \warning If using a hash that is only provided by PSA drivers, you must
2983 * call psa_crypto_init() before doing any PKCS12 operations.
Manuel Pégourié-Gonnard18a38562022-11-22 11:49:55 +01002984 *
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002985 * This module enables PKCS#12 functions.
2986 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002987#define MBEDTLS_PKCS12_C
Paul Bakkerf1f21fe2013-06-24 19:17:19 +02002988
2989/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002990 * \def MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01002991 *
2992 * Enable the platform abstraction layer that allows you to re-assign
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002993 * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
Paul Bakker747a83a2014-02-01 22:50:07 +01002994 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002995 * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
2996 * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
Rich Evans16f8cd82015-02-06 16:14:34 +00002997 * above to be specified at runtime or compile time respectively.
Paul Bakker747a83a2014-02-01 22:50:07 +01002998 *
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02002999 * \note This abstraction layer must be enabled on Windows (including MSYS2)
Jan Bruckner9ff6f8c2022-08-22 16:05:58 +02003000 * as other modules rely on it for a fixed snprintf implementation.
Manuel Pégourié-Gonnard6c0c8e02015-06-22 10:23:34 +02003001 *
Paul Bakker747a83a2014-02-01 22:50:07 +01003002 * Module: library/platform.c
3003 * Caller: Most other .c files
3004 *
3005 * This module enables abstraction of common (libc) functions.
3006 */
Manuel Pégourié-Gonnardb9ef1182015-05-26 16:15:20 +02003007#define MBEDTLS_PLATFORM_C
Paul Bakker747a83a2014-02-01 22:50:07 +01003008
3009/**
Daniel Kingadc32c02016-05-16 18:25:45 -03003010 * \def MBEDTLS_POLY1305_C
3011 *
3012 * Enable the Poly1305 MAC algorithm.
3013 *
3014 * Module: library/poly1305.c
Manuel Pégourié-Gonnarddca3a5d2018-05-07 10:43:27 +02003015 * Caller: library/chachapoly.c
Daniel Kingadc32c02016-05-16 18:25:45 -03003016 */
3017#define MBEDTLS_POLY1305_C
3018
3019/**
Jaeden Amero484ee332018-10-25 17:38:05 +01003020 * \def MBEDTLS_PSA_CRYPTO_C
3021 *
3022 * Enable the Platform Security Architecture cryptography API.
3023 *
Gilles Peskinee59236f2018-01-27 23:32:46 +01003024 * Module: library/psa_crypto.c
Jaeden Amero484ee332018-10-25 17:38:05 +01003025 *
Przemek Stekielea805b42022-05-02 10:30:03 +02003026 * Requires: MBEDTLS_CIPHER_C,
3027 * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C,
Gilles Peskine82e57d12020-11-13 21:31:17 +01003028 * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C,
Gilles Peskinef08b3f82020-11-13 17:36:48 +01003029 * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG.
Jaeden Amero484ee332018-10-25 17:38:05 +01003030 *
3031 */
Manuel Pégourié-Gonnardde7636e2019-02-01 12:33:29 +01003032#define MBEDTLS_PSA_CRYPTO_C
Jaeden Amero484ee332018-10-25 17:38:05 +01003033
3034/**
Gilles Peskinea8ade162019-06-26 11:24:49 +02003035 * \def MBEDTLS_PSA_CRYPTO_SE_C
3036 *
Gilles Peskine98473c42022-06-20 18:46:22 +02003037 * Enable dynamic secure element support in the Platform Security Architecture
Gilles Peskinea8ade162019-06-26 11:24:49 +02003038 * cryptography API.
3039 *
Ronald Crone6e6b752023-01-16 16:56:51 +01003040 * \deprecated This feature is deprecated. Please switch to the PSA driver
3041 * interface.
Gilles Peskined0e66b02019-07-24 13:52:51 +02003042 *
Gilles Peskinea8ade162019-06-26 11:24:49 +02003043 * Module: library/psa_crypto_se.c
3044 *
3045 * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C
3046 *
3047 */
Gilles Peskined0e66b02019-07-24 13:52:51 +02003048//#define MBEDTLS_PSA_CRYPTO_SE_C
Gilles Peskinea8ade162019-06-26 11:24:49 +02003049
3050/**
Andrzej Kurekc6905232019-02-05 05:23:41 -05003051 * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
3052 *
3053 * Enable the Platform Security Architecture persistent key storage.
3054 *
Darryl Greendb2b8db2018-06-15 13:06:04 +01003055 * Module: library/psa_crypto_storage.c
Andrzej Kurekc6905232019-02-05 05:23:41 -05003056 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003057 * Requires: MBEDTLS_PSA_CRYPTO_C,
3058 * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of
3059 * the PSA ITS interface
Andrzej Kurekc6905232019-02-05 05:23:41 -05003060 */
Darryl Greendb2b8db2018-06-15 13:06:04 +01003061#define MBEDTLS_PSA_CRYPTO_STORAGE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003062
3063/**
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003064 * \def MBEDTLS_PSA_ITS_FILE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003065 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003066 * Enable the emulation of the Platform Security Architecture
3067 * Internal Trusted Storage (PSA ITS) over files.
Andrzej Kurekc6905232019-02-05 05:23:41 -05003068 *
Gilles Peskine6194dc22018-11-16 22:24:15 +01003069 * Module: library/psa_its_file.c
Andrzej Kurekc6905232019-02-05 05:23:41 -05003070 *
Jaeden Amero57f4d9e2019-03-15 16:14:19 +00003071 * Requires: MBEDTLS_FS_IO
Andrzej Kurekc6905232019-02-05 05:23:41 -05003072 */
Gilles Peskine6194dc22018-11-16 22:24:15 +01003073#define MBEDTLS_PSA_ITS_FILE_C
Andrzej Kurekc6905232019-02-05 05:23:41 -05003074
3075/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003076 * \def MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003077 *
3078 * Enable the RIPEMD-160 hash algorithm.
3079 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003080 * Module: library/ripemd160.c
3081 * Caller: library/md.c
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003082 *
3083 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003084#define MBEDTLS_RIPEMD160_C
Manuel Pégourié-Gonnardcab4a882014-01-17 12:42:35 +01003085
3086/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003087 * \def MBEDTLS_RSA_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003088 *
3089 * Enable the RSA public-key cryptosystem.
3090 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003091 * Module: library/rsa.c
Chris Jones3848e312021-03-11 16:17:59 +00003092 * library/rsa_alt_helpers.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003093 * Caller: library/pk.c
3094 * library/psa_crypto.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003095 * library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003096 * library/ssl*_client.c
3097 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003098 *
Manuel Pégourié-Gonnard9d703732013-10-25 18:01:50 +02003099 * This module is used by the following key exchanges:
3100 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
Paul Bakker5690efc2011-05-26 13:16:06 +00003101 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003102 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003103 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003104#define MBEDTLS_RSA_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003105
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003106/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003107 * \def MBEDTLS_SHA1_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003108 *
3109 * Enable the SHA1 cryptographic hash algorithm.
3110 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003111 * Module: library/sha1.c
3112 * Caller: library/md.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003113 * library/psa_crypto_hash.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003114 *
TRodziewicz0f82ec62021-05-12 17:49:18 +02003115 * This module is required for TLS 1.2 depending on the handshake parameters,
3116 * and for SHA1-signed certificates.
Hanno Beckerbbca8c52017-09-25 14:53:51 +01003117 *
3118 * \warning SHA-1 is considered a weak message digest and its use constitutes
3119 * a security risk. If possible, we recommend avoiding dependencies
3120 * on it, and considering stronger message digests instead.
3121 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003122 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003123#define MBEDTLS_SHA1_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003124
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003125/**
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003126 * \def MBEDTLS_SHA224_C
3127 *
3128 * Enable the SHA-224 cryptographic hash algorithm.
3129 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003130 * Module: library/sha256.c
3131 * Caller: library/md.c
3132 * library/ssl_cookie.c
3133 *
3134 * This module adds support for SHA-224.
3135 */
3136#define MBEDTLS_SHA224_C
3137
3138/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003139 * \def MBEDTLS_SHA256_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003140 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003141 * Enable the SHA-256 cryptographic hash algorithm.
3142 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003143 * Module: library/sha256.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003144 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003145 * library/md.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003146 * library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003147 * library/ssl*_client.c
3148 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003149 *
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003150 * This module adds support for SHA-256.
Paul Bakker769075d2012-11-24 11:26:46 +01003151 * This module is required for the SSL/TLS 1.2 PRF function.
Paul Bakker5121ce52009-01-03 21:22:43 +00003152 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003153#define MBEDTLS_SHA256_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003154
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003155/**
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003156 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3157 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003158 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms
3159 * with the ARMv8 cryptographic extensions if they are available at runtime.
3160 * If not, the library will fall back to the C implementation.
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003161 *
3162 * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building
3163 * for a non-Aarch64 build it will be silently ignored.
3164 *
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003165 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the
3166 * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY.
3167 *
3168 * Requires: MBEDTLS_SHA256_C.
3169 *
3170 * Module: library/sha256.c
3171 *
3172 * Uncomment to have the library check for the A64 SHA-256 crypto extensions
3173 * and use them if available.
3174 */
3175//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3176
3177/**
3178 * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3179 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003180 * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms
3181 * with the ARMv8 cryptographic extensions, which must be available at runtime
3182 * or else an illegal instruction fault will occur.
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003183 *
3184 * \note This allows builds with a smaller code size than with
3185 * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3186 *
Tom Cosgrovef3ebd902022-02-20 22:25:31 +00003187 * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same
3188 * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT.
3189 *
3190 * Requires: MBEDTLS_SHA256_C.
3191 *
3192 * Module: library/sha256.c
3193 *
3194 * Uncomment to have the library use the A64 SHA-256 crypto extensions
3195 * unconditionally.
3196 */
3197//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3198
3199/**
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003200 * \def MBEDTLS_SHA384_C
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003201 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003202 * Enable the SHA-384 cryptographic hash algorithm.
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003203 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003204 * Module: library/sha512.c
3205 * Caller: library/md.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003206 * library/psa_crypto_hash.c
3207 * library/ssl_tls.c
3208 * library/ssl*_client.c
3209 * library/ssl*_server.c
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003210 *
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003211 * Comment to disable SHA-384
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003212 */
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003213#define MBEDTLS_SHA384_C
Mateusz Starzyke3c48b42021-04-19 16:46:28 +02003214
3215/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003216 * \def MBEDTLS_SHA512_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003217 *
Mateusz Starzyk3352a532021-04-06 14:28:22 +02003218 * Enable SHA-512 cryptographic hash algorithms.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003219 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003220 * Module: library/sha512.c
Manuel Pégourié-Gonnardfe286462013-09-20 14:10:14 +02003221 * Caller: library/entropy.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003222 * library/md.c
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +02003223 * library/ssl_tls.c
3224 * library/ssl_cookie.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003225 *
Mateusz Starzyk3352a532021-04-06 14:28:22 +02003226 * This module adds support for SHA-512.
Paul Bakker5121ce52009-01-03 21:22:43 +00003227 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003228#define MBEDTLS_SHA512_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003229
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003230/**
Pol Henarejos0cd1f1c2022-05-09 01:04:15 +02003231 * \def MBEDTLS_SHA3_C
3232 *
3233 * Enable the SHA3 cryptographic hash algorithm.
3234 *
3235 * Module: library/sha3.c
3236 *
3237 * This module adds support for SHA3.
3238 */
3239#define MBEDTLS_SHA3_C
3240
3241/**
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003242 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3243 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003244 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms
3245 * with the ARMv8 cryptographic extensions if they are available at runtime.
3246 * If not, the library will fall back to the C implementation.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003247 *
3248 * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building
3249 * for a non-Aarch64 build it will be silently ignored.
3250 *
3251 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or
Jerry Yuf7dccb32023-02-16 17:37:58 +08003252 * Clang >= 7.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003253 *
3254 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the
3255 * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY.
3256 *
3257 * Requires: MBEDTLS_SHA512_C.
3258 *
3259 * Module: library/sha512.c
3260 *
3261 * Uncomment to have the library check for the A64 SHA-512 crypto extensions
3262 * and use them if available.
3263 */
3264//#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3265
3266/**
3267 * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3268 *
Gilles Peskine9b3278b2022-06-09 19:09:38 +02003269 * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms
3270 * with the ARMv8 cryptographic extensions, which must be available at runtime
3271 * or else an illegal instruction fault will occur.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003272 *
3273 * \note This allows builds with a smaller code size than with
3274 * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3275 *
3276 * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or
Jerry Yuf7dccb32023-02-16 17:37:58 +08003277 * Clang >= 7.
Tom Cosgrove87fbfb52022-03-15 10:51:52 +00003278 *
3279 * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same
3280 * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT.
3281 *
3282 * Requires: MBEDTLS_SHA512_C.
3283 *
3284 * Module: library/sha512.c
3285 *
3286 * Uncomment to have the library use the A64 SHA-512 crypto extensions
3287 * unconditionally.
3288 */
3289//#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3290
3291/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003292 * \def MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003293 *
3294 * Enable simple SSL cache implementation.
3295 *
3296 * Module: library/ssl_cache.c
3297 * Caller:
3298 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003299 * Requires: MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003300 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003301#define MBEDTLS_SSL_CACHE_C
Paul Bakker0a597072012-09-25 21:55:46 +00003302
3303/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003304 * \def MBEDTLS_SSL_COOKIE_C
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003305 *
3306 * Enable basic implementation of DTLS cookies for hello verification.
3307 *
3308 * Module: library/ssl_cookie.c
3309 * Caller:
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003310 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003311#define MBEDTLS_SSL_COOKIE_C
Manuel Pégourié-Gonnarda64acd42014-07-23 18:30:45 +02003312
3313/**
Manuel Pégourié-Gonnardfd6d8972015-05-15 12:09:00 +02003314 * \def MBEDTLS_SSL_TICKET_C
3315 *
3316 * Enable an implementation of TLS server-side callbacks for session tickets.
3317 *
3318 * Module: library/ssl_ticket.c
3319 * Caller:
Manuel Pégourié-Gonnard0c0f11f2015-05-20 09:55:50 +02003320 *
Przemek Stekiel52a428b2022-10-10 08:47:13 +02003321 * Requires: (MBEDTLS_CIPHER_C || MBEDTLS_USE_PSA_CRYPTO) &&
3322 * (MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C)
Manuel Pégourié-Gonnardfd6d8972015-05-15 12:09:00 +02003323 */
3324#define MBEDTLS_SSL_TICKET_C
3325
3326/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003327 * \def MBEDTLS_SSL_CLI_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003328 *
3329 * Enable the SSL/TLS client code.
3330 *
Ronald Cronde1adee2022-03-07 16:20:30 +01003331 * Module: library/ssl*_client.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003332 * Caller:
3333 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003334 * Requires: MBEDTLS_SSL_TLS_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003335 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003336 * This module is required for SSL/TLS client support.
3337 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003338#define MBEDTLS_SSL_CLI_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003339
Paul Bakker9a736322012-11-14 12:39:52 +00003340/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003341 * \def MBEDTLS_SSL_SRV_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003342 *
3343 * Enable the SSL/TLS server code.
3344 *
Ronald Cronde1adee2022-03-07 16:20:30 +01003345 * Module: library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003346 * Caller:
3347 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003348 * Requires: MBEDTLS_SSL_TLS_C
Paul Bakker5690efc2011-05-26 13:16:06 +00003349 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003350 * This module is required for SSL/TLS server support.
3351 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003352#define MBEDTLS_SSL_SRV_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003353
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003354/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003355 * \def MBEDTLS_SSL_TLS_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003356 *
Paul Bakkere29ab062011-05-18 13:26:54 +00003357 * Enable the generic SSL/TLS code.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003358 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003359 * Module: library/ssl_tls.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003360 * Caller: library/ssl*_client.c
3361 * library/ssl*_server.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003362 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003363 * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
3364 * and at least one of the MBEDTLS_SSL_PROTO_XXX defines
Paul Bakker5690efc2011-05-26 13:16:06 +00003365 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003366 * This module is required for SSL/TLS.
3367 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003368#define MBEDTLS_SSL_TLS_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003369
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003370/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003371 * \def MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003372 *
3373 * Enable the threading abstraction layer.
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003374 * By default mbed TLS assumes it is used in a non-threaded environment or that
Paul Bakker2466d932013-09-28 14:40:38 +02003375 * contexts are not shared between threads. If you do intend to use contexts
3376 * between threads, you will need to enable this layer to prevent race
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003377 * conditions. See also our Knowledge Base article about threading:
Dave Rodgmanb3196842022-10-12 16:47:08 +01003378 * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading
Paul Bakker2466d932013-09-28 14:40:38 +02003379 *
3380 * Module: library/threading.c
3381 *
3382 * This allows different threading implementations (self-implemented or
3383 * provided).
3384 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003385 * You will have to enable either MBEDTLS_THREADING_ALT or
3386 * MBEDTLS_THREADING_PTHREAD.
Paul Bakker2466d932013-09-28 14:40:38 +02003387 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00003388 * Enable this layer to allow use of mutexes within mbed TLS
Paul Bakker2466d932013-09-28 14:40:38 +02003389 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003390//#define MBEDTLS_THREADING_C
Paul Bakker2466d932013-09-28 14:40:38 +02003391
3392/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003393 * \def MBEDTLS_TIMING_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003394 *
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01003395 * Enable the semi-portable timing interface.
3396 *
Simon Butcherd567a232016-03-09 20:19:21 +00003397 * \note The provided implementation only works on POSIX/Unix (including Linux,
3398 * BSD and OS X) and Windows. On other platforms, you can either disable that
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +01003399 * module and provide your own implementations of the callbacks needed by
3400 * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
3401 * your own implementation of the whole module by setting
3402 * \c MBEDTLS_TIMING_ALT in the current file.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003403 *
Andrzej Kurek57353692022-04-07 08:08:21 -04003404 * \note The timing module will include time.h on suitable platforms
3405 * regardless of the setting of MBEDTLS_HAVE_TIME, unless
3406 * MBEDTLS_TIMING_ALT is used. See timing.c for more information.
3407 *
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003408 * \note See also our Knowledge Base article about porting to a new
3409 * environment:
Dave Rodgmanb3196842022-10-12 16:47:08 +01003410 * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
Manuel Pégourié-Gonnard02049dc2016-02-22 16:42:51 +00003411 *
Paul Bakker5121ce52009-01-03 21:22:43 +00003412 * Module: library/timing.c
Paul Bakkerecd54fb2013-07-03 14:48:29 +02003413 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003414#define MBEDTLS_TIMING_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003415
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003416/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003417 * \def MBEDTLS_VERSION_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003418 *
3419 * Enable run-time version information.
3420 *
Paul Bakker0a62cd12011-01-21 11:00:08 +00003421 * Module: library/version.c
3422 *
3423 * This module provides run-time version information.
3424 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003425#define MBEDTLS_VERSION_C
Paul Bakker0a62cd12011-01-21 11:00:08 +00003426
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003427/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003428 * \def MBEDTLS_X509_USE_C
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003429 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003430 * Enable X.509 core for using certificates.
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003431 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003432 * Module: library/x509.c
Simon Butcher2cb47392016-11-04 12:23:11 +00003433 * Caller: library/x509_crl.c
3434 * library/x509_crt.c
3435 * library/x509_csr.c
Paul Bakker5121ce52009-01-03 21:22:43 +00003436 *
Przemek Stekiel10836a02022-08-19 08:45:34 +02003437 * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
Przemek Stekiel278b6672022-08-03 09:50:38 +02003438 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
3439 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02003440 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call
3441 * psa_crypto_init() before doing any X.509 operation.
Paul Bakker5690efc2011-05-26 13:16:06 +00003442 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003443 * This module is required for the X.509 parsing modules.
Paul Bakker5121ce52009-01-03 21:22:43 +00003444 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003445#define MBEDTLS_X509_USE_C
Paul Bakker5121ce52009-01-03 21:22:43 +00003446
Paul Bakkerf3b86c12011-01-27 15:24:17 +00003447/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003448 * \def MBEDTLS_X509_CRT_PARSE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003449 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003450 * Enable X.509 certificate parsing.
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003451 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003452 * Module: library/x509_crt.c
Ronald Cronde1adee2022-03-07 16:20:30 +01003453 * Caller: library/ssl_tls.c
3454 * library/ssl*_client.c
3455 * library/ssl*_server.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003456 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003457 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003458 *
3459 * This module is required for X.509 certificate parsing.
3460 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003461#define MBEDTLS_X509_CRT_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003462
3463/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003464 * \def MBEDTLS_X509_CRL_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003465 *
3466 * Enable X.509 CRL parsing.
3467 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003468 * Module: library/x509_crl.c
3469 * Caller: library/x509_crt.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003470 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003471 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003472 *
3473 * This module is required for X.509 CRL parsing.
3474 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003475#define MBEDTLS_X509_CRL_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003476
3477/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003478 * \def MBEDTLS_X509_CSR_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003479 *
3480 * Enable X.509 Certificate Signing Request (CSR) parsing.
3481 *
Simon Butcher2cb47392016-11-04 12:23:11 +00003482 * Module: library/x509_csr.c
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003483 * Caller: library/x509_crt_write.c
3484 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003485 * Requires: MBEDTLS_X509_USE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003486 *
3487 * This module is used for reading X.509 certificate request.
3488 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003489#define MBEDTLS_X509_CSR_PARSE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003490
3491/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003492 * \def MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003493 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003494 * Enable X.509 core for creating certificates.
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003495 *
3496 * Module: library/x509_create.c
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003497 *
Przemek Stekiel10836a02022-08-19 08:45:34 +02003498 * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
Przemek Stekiel278b6672022-08-03 09:50:38 +02003499 * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
3500 *
Manuel Pégourié-Gonnard72687b72022-09-15 12:23:58 +02003501 * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call
3502 * psa_crypto_init() before doing any X.509 create operation.
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003503 *
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003504 * This module is the basis for creating X.509 certificates and CSRs.
3505 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003506#define MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003507
3508/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003509 * \def MBEDTLS_X509_CRT_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003510 *
3511 * Enable creating X.509 certificates.
3512 *
3513 * Module: library/x509_crt_write.c
3514 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003515 * Requires: MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003516 *
3517 * This module is required for X.509 certificate creation.
3518 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003519#define MBEDTLS_X509_CRT_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003520
3521/**
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003522 * \def MBEDTLS_X509_CSR_WRITE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003523 *
Manuel Pégourié-Gonnard09fff7e2013-09-20 13:45:36 +02003524 * Enable creating X.509 Certificate Signing Requests (CSR).
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003525 *
3526 * Module: library/x509_csr_write.c
3527 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003528 * Requires: MBEDTLS_X509_CREATE_C
Paul Bakker7c6b2c32013-09-16 13:49:26 +02003529 *
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003530 * This module is required for X.509 certificate request writing.
3531 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003532#define MBEDTLS_X509_CSR_WRITE_C
Paul Bakkerbdb912d2012-02-13 23:11:30 +00003533
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +01003534/** \} name SECTION: mbed TLS modules */
Paul Bakker7a7c78f2009-01-04 18:15:48 +00003535
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003536/**
Gilles Peskineba4162a2022-04-11 17:04:38 +02003537 * \name SECTION: General configuration options
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003538 *
Gilles Peskined5793ce2022-04-13 23:05:10 +02003539 * This section contains Mbed TLS build settings that are not associated
3540 * with a particular module.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003541 *
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003542 * \{
3543 */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003544
Gilles Peskinea02c1242022-03-16 17:03:19 +01003545/**
3546 * \def MBEDTLS_CONFIG_FILE
3547 *
3548 * If defined, this is a header which will be included instead of
3549 * `"mbedtls/mbedtls_config.h"`.
3550 * This header file specifies the compile-time configuration of Mbed TLS.
Gilles Peskineefffd642022-04-26 18:13:01 +02003551 * Unlike other configuration options, this one must be defined on the
3552 * compiler command line: a definition in `mbedtls_config.h` would have
3553 * no effect.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003554 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003555 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinea02c1242022-03-16 17:03:19 +01003556 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003557 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003558 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003559 * The value of this symbol is typically a path in double quotes, either
3560 * absolute or relative to a directory on the include search path.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003561 */
3562//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h"
3563
3564/**
3565 * \def MBEDTLS_USER_CONFIG_FILE
3566 *
3567 * If defined, this is a header which will be included after
3568 * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE.
Gilles Peskinef68f43a2022-04-13 23:22:20 +02003569 * This allows you to modify the default configuration, including the ability
3570 * to undefine options that are enabled by default.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003571 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003572 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinea02c1242022-03-16 17:03:19 +01003573 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003574 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003575 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003576 * The value of this symbol is typically a path in double quotes, either
3577 * absolute or relative to a directory on the include search path.
Gilles Peskinea02c1242022-03-16 17:03:19 +01003578 */
3579//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3580
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003581/**
3582 * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
3583 *
3584 * If defined, this is a header which will be included instead of
3585 * `"psa/crypto_config.h"`.
3586 * This header file specifies which cryptographic mechanisms are available
3587 * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and
3588 * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled.
3589 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003590 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003591 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003592 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003593 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003594 * The value of this symbol is typically a path in double quotes, either
3595 * absolute or relative to a directory on the include search path.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003596 */
3597//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3598
3599/**
3600 * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
3601 *
3602 * If defined, this is a header which will be included after
3603 * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
Gilles Peskinef68f43a2022-04-13 23:22:20 +02003604 * This allows you to modify the default configuration, including the ability
3605 * to undefine options that are enabled by default.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003606 *
Gilles Peskine6457ef92022-04-11 16:42:37 +02003607 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003608 * non-standard feature of the C language, so this feature is only available
Gilles Peskine6457ef92022-04-11 16:42:37 +02003609 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003610 *
Gilles Peskine58ffcba2022-04-14 12:44:16 +02003611 * The value of this symbol is typically a path in double quotes, either
3612 * absolute or relative to a directory on the include search path.
Gilles Peskinef4c6eb02022-03-16 17:10:48 +01003613 */
3614//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3615
Gilles Peskineb1176f22023-02-22 22:07:28 +01003616/**
3617 * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE
3618 *
3619 * If defined, this is a header which will be included instead of
3620 * `"psa/crypto_platform.h"`. This file should declare the same identifiers
3621 * as the one in Mbed TLS, but with definitions adapted to the platform on
3622 * which the library code will run.
3623 *
3624 * \note The required content of this header can vary from one version of
3625 * Mbed TLS to the next. Integrators who provide an alternative file
3626 * should review the changes in the original file whenever they
3627 * upgrade Mbed TLS.
3628 *
3629 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
3630 * non-standard feature of the C language, so this feature is only available
3631 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
3632 *
3633 * The value of this symbol is typically a path in double quotes, either
3634 * absolute or relative to a directory on the include search path.
3635 */
3636//#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h"
3637
3638/**
3639 * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE
3640 *
3641 * If defined, this is a header which will be included instead of
3642 * `"psa/crypto_struct.h"`. This file should declare the same identifiers
3643 * as the one in Mbed TLS, but with definitions adapted to the environment
3644 * in which the library code will run. The typical use for this feature
3645 * is to provide alternative type definitions on the client side in
3646 * client-server integrations of PSA crypto, where operation structures
3647 * contain handles instead of cryptographic data.
3648 *
3649 * \note The required content of this header can vary from one version of
3650 * Mbed TLS to the next. Integrators who provide an alternative file
3651 * should review the changes in the original file whenever they
3652 * upgrade Mbed TLS.
3653 *
3654 * This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
3655 * non-standard feature of the C language, so this feature is only available
3656 * with compilers that perform macro expansion on an <tt>\#include</tt> line.
3657 *
3658 * The value of this symbol is typically a path in double quotes, either
3659 * absolute or relative to a directory on the include search path.
3660 */
3661//#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h"
3662
Gilles Peskineba4162a2022-04-11 17:04:38 +02003663/** \} name SECTION: General configuration options */
3664
3665/**
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003666 * \name SECTION: Module configuration options
3667 *
3668 * This section allows for the setting of module specific sizes and
3669 * configuration options. The default values are already present in the
3670 * relevant header files and should suffice for the regular use cases.
3671 *
3672 * Our advice is to enable options and change their values here
3673 * only if you have a good reason and know the consequences.
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003674 * \{
3675 */
Gilles Peskine3f49cc12022-04-13 23:21:16 +02003676/* The Doxygen documentation here is used when a user comments out a
3677 * setting and runs doxygen themselves. On the other hand, when we typeset
3678 * the full documentation including disabled settings, the documentation
3679 * in specific modules' header files is used if present. When editing this
3680 * file, make sure that each option is documented in exactly one place,
3681 * plus optionally a same-line Doxygen comment here if there is a Doxygen
3682 * comment in the specific module. */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003683
Paul Bakker088c5c52014-04-25 11:11:10 +02003684/* MPI / BIGNUM options */
Andrzej Kurek86f30ff2023-02-24 07:44:57 -05003685//#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003686//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003687
Paul Bakker088c5c52014-04-25 11:11:10 +02003688/* CTR_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003689//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3690//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3691//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3692//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3693//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003694
Paul Bakker088c5c52014-04-25 11:11:10 +02003695/* HMAC_DRBG options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003696//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3697//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3698//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3699//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003700
Paul Bakker088c5c52014-04-25 11:11:10 +02003701/* ECP options */
Gilles Peskine5752e592021-06-02 13:27:03 +02003702//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003703//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
Manuel Pégourié-Gonnard0520b602014-01-30 19:43:46 +01003704
Paul Bakker088c5c52014-04-25 11:11:10 +02003705/* Entropy options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003706//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3707//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
Andres AG7abc9742016-09-23 17:58:49 +01003708//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
Paul Bakkere1b665e2013-12-11 16:02:58 +01003709
Paul Bakker088c5c52014-04-25 11:11:10 +02003710/* Memory buffer allocator options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003711//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003712
Paul Bakker088c5c52014-04-25 11:11:10 +02003713/* Platform options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003714//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
Andrzej Kurek84356a12023-05-06 08:33:56 -04003715
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003716/** \def MBEDTLS_PLATFORM_STD_CALLOC
3717 *
Andrzej Kurekf14a5c32023-07-14 06:15:15 -04003718 * Default allocator to use, can be undefined.
Andrzej Kurekecaf6fb2023-05-04 17:07:57 -04003719 * It must initialize the allocated buffer memory to zeroes.
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003720 * The size of the buffer is the product of the two parameters.
Andrzej Kurekecaf6fb2023-05-04 17:07:57 -04003721 * The calloc function returns either a null pointer or a pointer to the allocated space.
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003722 * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function.
Andrzej Kurekf14a5c32023-07-14 06:15:15 -04003723 * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer.
3724 * See the description of #MBEDTLS_PLATFORM_MEMORY for more details.
Andrzej Kurekecaf6fb2023-05-04 17:07:57 -04003725 * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE.
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003726 */
3727//#define MBEDTLS_PLATFORM_STD_CALLOC calloc
Andrzej Kurek2b3c06e2023-07-03 06:52:37 -04003728
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003729/** \def MBEDTLS_PLATFORM_STD_FREE
3730 *
Andrzej Kurekf14a5c32023-07-14 06:15:15 -04003731 * Default free to use, can be undefined.
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003732 * NULL is a valid parameter, and the function must do nothing.
Andrzej Kurekecaf6fb2023-05-04 17:07:57 -04003733 * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
Andrzej Kurekf14a5c32023-07-14 06:15:15 -04003734 * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything.
3735 * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply).
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003736 */
3737//#define MBEDTLS_PLATFORM_STD_FREE free
Gilles Peskine6497b5a2022-06-30 17:01:40 +02003738//#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003739//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003740//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003741//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3742//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003743/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003744//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
Janos Follath91947442016-03-18 13:49:27 +00003745//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3746//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003747//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3748//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3749//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
Paul Bakker6e339b52013-07-03 13:37:05 +02003750
Andrzej Kurekecaf6fb2023-05-04 17:07:57 -04003751/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003752/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
Andrzej Kurek2d981f02023-04-27 09:19:35 -04003753//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
3754//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003755//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
Gilles Peskine6497b5a2022-06-30 17:01:40 +02003756//#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */
Andres Amaya Garcia1e4ec662016-07-20 10:16:25 +01003757//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3758//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003759//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3760//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
Antonin Décimo36e89b52019-01-23 15:24:37 +01003761/* Note: your snprintf must correctly zero-terminate the buffer! */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003762//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
k-stachowiak723f8672018-07-16 14:27:07 +02003763//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
Paul Bakkercf0a9f92016-06-01 11:25:44 +01003764//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3765//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
Jerry Yuf181e542023-02-23 17:16:26 +08003766//#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/
Jerry Yu10ce5402023-02-21 15:39:02 +08003767//#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003768
Gilles Peskine3f106f72021-09-23 17:42:39 +02003769/** \def MBEDTLS_CHECK_RETURN
3770 *
3771 * This macro is used at the beginning of the declaration of a function
3772 * to indicate that its return value should be checked. It should
3773 * instruct the compiler to emit a warning or an error if the function
3774 * is called without checking its return value.
3775 *
3776 * There is a default implementation for popular compilers in platform_util.h.
3777 * You can override the default implementation by defining your own here.
3778 *
3779 * If the implementation here is empty, this will effectively disable the
3780 * checking of functions' return values.
3781 */
Gilles Peskinecd79dfc2021-09-30 18:53:36 +02003782//#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
Gilles Peskine3f106f72021-09-23 17:42:39 +02003783
Gilles Peskinefcc93d72021-09-30 18:56:17 +02003784/** \def MBEDTLS_IGNORE_RETURN
3785 *
3786 * This macro requires one argument, which should be a C function call.
3787 * If that function call would cause a #MBEDTLS_CHECK_RETURN warning, this
3788 * warning is suppressed.
3789 */
3790//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
3791
Gilles Peskineed038902020-11-13 21:33:21 +01003792/* PSA options */
Gilles Peskine14c332b2020-11-14 12:26:53 +01003793/**
Gilles Peskineed038902020-11-13 21:33:21 +01003794 * Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
3795 * PSA crypto subsystem.
3796 *
3797 * If this option is unset:
3798 * - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
Gilles Peskineb0a748e2020-11-30 12:01:54 +01003799 * - Otherwise, the PSA subsystem uses HMAC_DRBG with either
Gilles Peskineed038902020-11-13 21:33:21 +01003800 * #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
3801 * on unspecified heuristics.
3802 */
3803//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
3804
Steven Cooreman863470a2021-02-15 14:03:19 +01003805/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
Steven Cooreman1f968fd2021-02-15 14:00:24 +01003806 * Restrict the PSA library to supporting a maximum amount of simultaneously
3807 * loaded keys. A loaded key is a key stored by the PSA Crypto core as a
3808 * volatile key, or a persistent key which is loaded temporarily by the
3809 * library as part of a crypto operation in flight.
3810 *
3811 * If this option is unset, the library will fall back to a default value of
3812 * 32 keys.
3813 */
Steven Cooreman863470a2021-02-15 14:03:19 +01003814//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
Steven Cooreman1f968fd2021-02-15 14:00:24 +01003815
Paul Bakker088c5c52014-04-25 11:11:10 +02003816/* SSL Cache options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003817//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3818//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003819
Paul Bakker088c5c52014-04-25 11:11:10 +02003820/* SSL options */
Angus Grattond8213d02016-05-25 20:56:48 +10003821
Angus Grattond8213d02016-05-25 20:56:48 +10003822/** \def MBEDTLS_SSL_IN_CONTENT_LEN
3823 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003824 * Maximum length (in bytes) of incoming plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003825 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003826 * This determines the size of the incoming TLS I/O buffer in such a way
3827 * that it is capable of holding the specified amount of plaintext data,
3828 * regardless of the protection mechanism used.
3829 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003830 * \note When using a value less than the default of 16KB on the client, it is
3831 * recommended to use the Maximum Fragment Length (MFL) extension to
3832 * inform the server about this limitation. On the server, there
3833 * is no supported, standardized way of informing the client about
3834 * restriction on the maximum size of incoming messages, and unless
3835 * the limitation has been communicated by other means, it is recommended
3836 * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN
3837 * while keeping the default value of 16KB for the incoming buffer.
3838 *
David Horstmann95d516f2021-05-04 18:36:56 +01003839 * Uncomment to set the maximum plaintext size of the incoming I/O buffer.
Angus Grattond8213d02016-05-25 20:56:48 +10003840 */
3841//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3842
Gilles Peskined3d02902020-03-04 21:35:27 +01003843/** \def MBEDTLS_SSL_CID_IN_LEN_MAX
3844 *
3845 * The maximum length of CIDs used for incoming DTLS messages.
3846 *
3847 */
3848//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3849
3850/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX
3851 *
3852 * The maximum length of CIDs used for outgoing DTLS messages.
3853 *
3854 */
3855//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3856
TRodziewicze8dd7092021-05-12 14:19:11 +02003857/** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY
Gilles Peskined3d02902020-03-04 21:35:27 +01003858 *
3859 * This option controls the use of record plaintext padding
TRodziewicz1e660ed2021-05-26 17:08:54 +02003860 * in TLS 1.3 and when using the Connection ID extension in DTLS 1.2.
Hanno Becker13996922020-05-28 16:15:19 +01003861 *
3862 * The padding will always be chosen so that the length of the
3863 * padded plaintext is a multiple of the value of this option.
3864 *
3865 * Note: A value of \c 1 means that no padding will be used
3866 * for outgoing records.
3867 *
3868 * Note: On systems lacking division instructions,
3869 * a power of two should be preferred.
3870 */
TRodziewicze8dd7092021-05-12 14:19:11 +02003871//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
Hanno Becker13996922020-05-28 16:15:19 +01003872
Angus Grattond8213d02016-05-25 20:56:48 +10003873/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
3874 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003875 * Maximum length (in bytes) of outgoing plaintext fragments.
Angus Grattond8213d02016-05-25 20:56:48 +10003876 *
Andrzej Kurekc470b6b2019-01-31 08:20:20 -05003877 * This determines the size of the outgoing TLS I/O buffer in such a way
3878 * that it is capable of holding the specified amount of plaintext data,
3879 * regardless of the protection mechanism used.
3880 *
Angus Grattond8213d02016-05-25 20:56:48 +10003881 * It is possible to save RAM by setting a smaller outward buffer, while keeping
3882 * the default inward 16384 byte buffer to conform to the TLS specification.
3883 *
3884 * The minimum required outward buffer size is determined by the handshake
3885 * protocol's usage. Handshaking will fail if the outward buffer is too small.
3886 * The specific size requirement depends on the configured ciphers and any
3887 * certificate data which is sent during the handshake.
3888 *
David Horstmann95d516f2021-05-04 18:36:56 +01003889 * Uncomment to set the maximum plaintext size of the outgoing I/O buffer.
Angus Grattond8213d02016-05-25 20:56:48 +10003890 */
3891//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3892
Hanno Beckere0b150f2018-08-21 15:51:03 +01003893/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
3894 *
3895 * Maximum number of heap-allocated bytes for the purpose of
3896 * DTLS handshake message reassembly and future message buffering.
3897 *
Yuto Takano7828ca22021-08-10 11:26:15 +01003898 * This should be at least 9/8 * MBEDTLS_SSL_IN_CONTENT_LEN
Hanno Becker28007512018-08-28 09:46:44 +01003899 * to account for a reassembled handshake message of maximum size,
3900 * together with its reassembly bitmap.
3901 *
Hanno Becker97a1c132018-08-28 14:42:15 +01003902 * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
Hanno Becker28007512018-08-28 09:46:44 +01003903 * should be sufficient for all practical situations as it allows
3904 * to reassembly a large handshake message (such as a certificate)
3905 * while buffering multiple smaller handshake messages.
3906 *
Hanno Beckere0b150f2018-08-21 15:51:03 +01003907 */
Hanno Becker159a37f2018-08-24 15:07:29 +01003908//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
Hanno Beckere0b150f2018-08-21 15:51:03 +01003909
Ronald Cron1aa6e8d2023-02-23 09:46:54 +01003910//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003911//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
Paul Bakker9bcf16c2013-06-24 19:31:17 +02003912
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02003913/**
3914 * Complete list of ciphersuites to use, in order of preference.
3915 *
3916 * \warning No dependency checking is done on that field! This option can only
3917 * be used to restrict the set of available ciphersuites. It is your
3918 * responsibility to make sure the needed modules are active.
3919 *
3920 * Use this to save a few hundred bytes of ROM (default ordering of all
3921 * available ciphersuites) and a few to a few hundred bytes of RAM.
3922 *
3923 * The value below is only an example, not the default.
3924 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003925//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02003926
Gilles Peskinea8d7e432022-08-04 23:39:41 +02003927/**
3928 * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
3929 *
3930 * Maximum time difference in milliseconds tolerated between the age of a
3931 * ticket from the server and client point of view.
3932 * From the client point of view, the age of a ticket is the time difference
3933 * between the time when the client proposes to the server to use the ticket
3934 * (time of writing of the Pre-Shared Key Extension including the ticket) and
3935 * the time the client received the ticket from the server.
3936 * From the server point of view, the age of a ticket is the time difference
3937 * between the time when the server receives a proposition from the client
3938 * to use the ticket and the time when the ticket was created by the server.
3939 * The server age is expected to be always greater than the client one and
3940 * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the
3941 * maximum difference tolerated for the server to accept the ticket.
3942 * This is not used in TLS 1.2.
3943 *
3944 */
3945#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
3946
3947/**
3948 * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH
3949 *
3950 * Size in bytes of a ticket nonce. This is not used in TLS 1.2.
3951 *
3952 * This must be less than 256.
3953 */
3954#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
3955
3956/**
3957 * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS
3958 *
3959 * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server
3960 * after handshake completion. This is not used in TLS 1.2 and relevant only if
3961 * the MBEDTLS_SSL_SESSION_TICKETS option is enabled.
3962 *
3963 */
3964#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
3965
Manuel Pégourié-Gonnardfd6c85c2014-11-20 16:34:20 +01003966/* X509 options */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003967//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
Andres AGf9113192016-09-02 14:06:04 +01003968//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
Manuel Pégourié-Gonnardfd6c85c2014-11-20 16:34:20 +01003969
Gilles Peskine5e79cb32017-05-04 16:17:21 +02003970/**
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003971 * Uncomment the macro to let mbed TLS use your alternate implementation of
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003972 * mbedtls_platform_zeroize(). This replaces the default implementation in
3973 * platform_util.c.
Andres Amaya Garcia6606d5c2018-03-08 20:25:29 +00003974 *
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003975 * mbedtls_platform_zeroize() is a widely used function across the library to
3976 * zero a block of memory. The implementation is expected to be secure in the
3977 * sense that it has been written to prevent the compiler from removing calls
3978 * to mbedtls_platform_zeroize() as part of redundant code elimination
3979 * optimizations. However, it is difficult to guarantee that calls to
3980 * mbedtls_platform_zeroize() will not be optimized by the compiler as older
3981 * versions of the C language standards do not provide a secure implementation
3982 * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
3983 * configure their own implementation of mbedtls_platform_zeroize(), for
Andres Amaya Garciad0ef4682018-04-24 08:31:34 -05003984 * example by using directives specific to their compiler, features from newer
3985 * C standards (e.g using memset_s() in C11) or calling a secure memset() from
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003986 * their system (e.g explicit_bzero() in BSD).
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003987 */
Andres Amaya Garciac58787f2018-04-17 10:21:45 -05003988//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
Andres Amaya Garciab1262a32017-10-25 09:51:14 +01003989
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003990/**
3991 * Uncomment the macro to let Mbed TLS use your alternate implementation of
Hanno Becker6a739782018-09-05 15:06:19 +01003992 * mbedtls_platform_gmtime_r(). This replaces the default implementation in
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003993 * platform_util.c.
3994 *
Hanno Becker921b76d2018-09-05 16:21:36 +01003995 * gmtime() is not a thread-safe function as defined in the C standard. The
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003996 * library will try to use safer implementations of this function, such as
3997 * gmtime_r() when available. However, if Mbed TLS cannot identify the target
Hanno Becker6a739782018-09-05 15:06:19 +01003998 * system, the implementation of mbedtls_platform_gmtime_r() will default to
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01003999 * using the standard gmtime(). In this case, calls from the library to
4000 * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
Hanno Becker9fbbf1c2018-09-05 16:23:02 +01004001 * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01004002 * library are also guarded with this mutex to avoid race conditions. However,
Hanno Becker6a739782018-09-05 15:06:19 +01004003 * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
4004 * unconditionally use the implementation for mbedtls_platform_gmtime_r()
4005 * supplied at compile time.
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01004006 */
Hanno Becker6a739782018-09-05 15:06:19 +01004007//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
Andres Amaya Garcia1abb3682018-08-16 21:42:09 +01004008
Christoph M. Wintersteigere50b9702018-12-14 11:03:02 +00004009/**
Christoph M. Wintersteiger50d9f092019-02-15 12:49:27 +00004010 * Enable the verified implementations of ECDH primitives from Project Everest
4011 * (currently only Curve25519). This feature changes the layout of ECDH
4012 * contexts and therefore is a compatibility break for applications that access
4013 * fields of a mbedtls_ecdh_context structure directly. See also
4014 * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
Christoph M. Wintersteiger02b80482018-10-25 12:41:04 +01004015 */
Christoph M. Wintersteiger6cddd302019-01-17 12:17:54 +00004016//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
Christoph M. Wintersteiger02b80482018-10-25 12:41:04 +01004017
Aditya Deshpandee41f7e42023-01-12 16:29:02 +00004018/**
4019 * Uncomment to enable p256-m, which implements ECC key generation, ECDH,
4020 * and ECDSA for SECP256R1 curves. This driver is used as an example to
4021 * document how a third-party driver or software accelerator can be integrated
4022 * to work alongside Mbed TLS.
4023 *
Aditya Deshpandebac592d2023-02-14 14:55:49 +00004024 * \warning p256-m has only been included to serve as a sample implementation
4025 * of how a driver/accelerator can be integrated alongside Mbed TLS. It is not
Aditya Deshpandef100f002023-03-21 14:49:31 +00004026 * intended for use in production. p256-m files in Mbed TLS are not updated
4027 * regularly, so they may not contain upstream fixes/improvements.
Aditya Deshpandee41f7e42023-01-12 16:29:02 +00004028 * DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS!
4029 */
4030//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED
4031
Gilles Peskine611179c2022-04-13 23:04:48 +02004032/** \} name SECTION: Module configuration options */