mbed TLS v2.23.0
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  *
26  * This file is part of mbed TLS (https://tls.mbed.org)
27  */
28 
29 #ifndef MBEDTLS_CONFIG_H
30 #define MBEDTLS_CONFIG_H
31 
32 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
33 #define _CRT_SECURE_NO_DEPRECATE 1
34 #endif
35 
61 #define MBEDTLS_HAVE_ASM
62 
89 //#define MBEDTLS_NO_UDBL_DIVISION
90 
111 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
112 
120 //#define MBEDTLS_HAVE_SSE2
121 
135 #define MBEDTLS_HAVE_TIME
136 
156 #define MBEDTLS_HAVE_TIME_DATE
157 
180 //#define MBEDTLS_PLATFORM_MEMORY
181 
199 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
200 
224 //#define MBEDTLS_PLATFORM_EXIT_ALT
225 //#define MBEDTLS_PLATFORM_TIME_ALT
226 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
227 //#define MBEDTLS_PLATFORM_PRINTF_ALT
228 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
229 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
230 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
231 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
232 
246 //#define MBEDTLS_DEPRECATED_WARNING
247 
258 //#define MBEDTLS_DEPRECATED_REMOVED
259 
310 //#define MBEDTLS_CHECK_PARAMS
311 
324 //#define MBEDTLS_CHECK_PARAMS_ASSERT
325 
326 /* \} name SECTION: System support */
327 
347 //#define MBEDTLS_TIMING_ALT
348 
374 //#define MBEDTLS_AES_ALT
375 //#define MBEDTLS_ARC4_ALT
376 //#define MBEDTLS_ARIA_ALT
377 //#define MBEDTLS_BLOWFISH_ALT
378 //#define MBEDTLS_CAMELLIA_ALT
379 //#define MBEDTLS_CCM_ALT
380 //#define MBEDTLS_CHACHA20_ALT
381 //#define MBEDTLS_CHACHAPOLY_ALT
382 //#define MBEDTLS_CMAC_ALT
383 //#define MBEDTLS_DES_ALT
384 //#define MBEDTLS_DHM_ALT
385 //#define MBEDTLS_ECJPAKE_ALT
386 //#define MBEDTLS_GCM_ALT
387 //#define MBEDTLS_NIST_KW_ALT
388 //#define MBEDTLS_MD2_ALT
389 //#define MBEDTLS_MD4_ALT
390 //#define MBEDTLS_MD5_ALT
391 //#define MBEDTLS_POLY1305_ALT
392 //#define MBEDTLS_RIPEMD160_ALT
393 //#define MBEDTLS_RSA_ALT
394 //#define MBEDTLS_SHA1_ALT
395 //#define MBEDTLS_SHA256_ALT
396 //#define MBEDTLS_SHA512_ALT
397 //#define MBEDTLS_XTEA_ALT
398 
399 /*
400  * When replacing the elliptic curve module, pleace consider, that it is
401  * implemented with two .c files:
402  * - ecp.c
403  * - ecp_curves.c
404  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
405  * macros as described above. The only difference is that you have to make sure
406  * that you provide functionality for both .c files.
407  */
408 //#define MBEDTLS_ECP_ALT
409 
455 //#define MBEDTLS_MD2_PROCESS_ALT
456 //#define MBEDTLS_MD4_PROCESS_ALT
457 //#define MBEDTLS_MD5_PROCESS_ALT
458 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
459 //#define MBEDTLS_SHA1_PROCESS_ALT
460 //#define MBEDTLS_SHA256_PROCESS_ALT
461 //#define MBEDTLS_SHA512_PROCESS_ALT
462 //#define MBEDTLS_DES_SETKEY_ALT
463 //#define MBEDTLS_DES_CRYPT_ECB_ALT
464 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
465 //#define MBEDTLS_AES_SETKEY_ENC_ALT
466 //#define MBEDTLS_AES_SETKEY_DEC_ALT
467 //#define MBEDTLS_AES_ENCRYPT_ALT
468 //#define MBEDTLS_AES_DECRYPT_ALT
469 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
470 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
471 //#define MBEDTLS_ECDSA_VERIFY_ALT
472 //#define MBEDTLS_ECDSA_SIGN_ALT
473 //#define MBEDTLS_ECDSA_GENKEY_ALT
474 
515 /* Required for all the functions in this section */
516 //#define MBEDTLS_ECP_INTERNAL_ALT
517 /* Support for Weierstrass curves with Jacobi representation */
518 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
519 //#define MBEDTLS_ECP_ADD_MIXED_ALT
520 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
521 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
522 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
523 /* Support for curves with Montgomery arithmetic */
524 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
525 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
526 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
527 
543 //#define MBEDTLS_TEST_NULL_ENTROPY
544 
556 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
557 
576 //#define MBEDTLS_AES_ROM_TABLES
577 
598 //#define MBEDTLS_AES_FEWER_TABLES
599 
607 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
608 
614 #define MBEDTLS_CIPHER_MODE_CBC
615 
621 #define MBEDTLS_CIPHER_MODE_CFB
622 
628 #define MBEDTLS_CIPHER_MODE_CTR
629 
635 #define MBEDTLS_CIPHER_MODE_OFB
636 
642 #define MBEDTLS_CIPHER_MODE_XTS
643 
675 //#define MBEDTLS_CIPHER_NULL_CIPHER
676 
688 #define MBEDTLS_CIPHER_PADDING_PKCS7
689 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
690 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
691 #define MBEDTLS_CIPHER_PADDING_ZEROS
692 
698 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
699 
716 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
717 
729 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
730 
749 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
750 
759 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
760 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
761 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
762 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
763 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
764 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
765 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
766 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
767 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
768 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
769 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
770 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
771 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
772 
782 #define MBEDTLS_ECP_NIST_OPTIM
783 
804 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
805 
829 //#define MBEDTLS_ECP_RESTARTABLE
830 
857 #define MBEDTLS_ECDH_LEGACY_CONTEXT
858 
871 #define MBEDTLS_ECDSA_DETERMINISTIC
872 
893 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
894 
924 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
925 
944 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
945 
969 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
970 
997 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
998 
1030 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1055 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1079 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1103 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1127 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1146 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1147 
1160 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1175 #define MBEDTLS_ERROR_STRERROR_DUMMY
1184 #define MBEDTLS_GENPRIME
1191 #define MBEDTLS_FS_IO
1204 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1205 
1215 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1216 
1231 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1232 
1259 //#define MBEDTLS_ENTROPY_NV_SEED
1260 
1261 /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
1262  *
1263  * In PSA key storage, encode the owner of the key.
1264  *
1265  * This is only meaningful when building the library as part of a
1266  * multi-client service. When you activate this option, you must provide
1267  * an implementation of the type psa_key_owner_id_t and a translation
1268  * from psa_key_file_id_t to file name in all the storage backends that
1269  * you wish to support.
1270  *
1271  * Note that this option is meant for internal use only and may be removed
1272  * without notice.
1273  */
1274 //#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
1275 
1287 //#define MBEDTLS_MEMORY_DEBUG
1288 
1299 //#define MBEDTLS_MEMORY_BACKTRACE
1300 
1308 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1319 #define MBEDTLS_PKCS1_V15
1330 #define MBEDTLS_PKCS1_V21
1344 //#define MBEDTLS_PSA_CRYPTO_SPM
1345 
1357 //#define MBEDTLS_PSA_INJECT_ENTROPY
1358 
1368 //#define MBEDTLS_RSA_NO_CRT
1369 
1375 #define MBEDTLS_SELF_TEST
1391 //#define MBEDTLS_SHA256_SMALLER
1392 
1401 //#define MBEDTLS_SHA512_SMALLER
1402 
1413 //#define MBEDTLS_SHA512_NO_SHA384
1414 
1427 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1441 #define MBEDTLS_SSL_RECORD_CHECKING
1469 //#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1470 
1480 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1481 
1507 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1523 //#define MBEDTLS_SSL_DEBUG_ALL
1524 
1541 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1559 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1577 #define MBEDTLS_SSL_FALLBACK_SCSV
1599 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1612 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1613 
1624 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1646 #define MBEDTLS_SSL_RENEGOTIATION
1659 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1660 
1669 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1670 
1678 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1693 //#define MBEDTLS_SSL_PROTO_SSL3
1694 
1705 #define MBEDTLS_SSL_PROTO_TLS1
1717 #define MBEDTLS_SSL_PROTO_TLS1_1
1729 #define MBEDTLS_SSL_PROTO_TLS1_2
1748 //#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
1749 
1763 #define MBEDTLS_SSL_PROTO_DTLS
1772 #define MBEDTLS_SSL_ALPN
1787 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1805 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1821 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1832 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1846 #define MBEDTLS_SSL_SESSION_TICKETS
1856 #define MBEDTLS_SSL_EXPORT_KEYS
1867 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
1876 #define MBEDTLS_SSL_TRUNCATED_HMAC
1900 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1901 
1907 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1908 
1927 //#define MBEDTLS_TEST_HOOKS
1928 
1938 //#define MBEDTLS_THREADING_ALT
1939 
1949 //#define MBEDTLS_THREADING_PTHREAD
1950 
1976 //#define MBEDTLS_USE_PSA_CRYPTO
1977 
1989 #define MBEDTLS_VERSION_FEATURES
1999 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2000 
2011 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2012 
2030 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2031 
2044 #define MBEDTLS_X509_CHECK_KEY_USAGE
2057 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2067 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2092 //#define MBEDTLS_ZLIB_SUPPORT
2093 /* \} name SECTION: mbed TLS feature support */
2094 
2114 #define MBEDTLS_AESNI_C
2189 #define MBEDTLS_AES_C
2217 #define MBEDTLS_ARC4_C
2231 #define MBEDTLS_ASN1_PARSE_C
2245 #define MBEDTLS_ASN1_WRITE_C
2257 #define MBEDTLS_BASE64_C
2274 #define MBEDTLS_BIGNUM_C
2283 #define MBEDTLS_BLOWFISH_C
2338 #define MBEDTLS_CAMELLIA_C
2390 //#define MBEDTLS_ARIA_C
2391 
2404 #define MBEDTLS_CCM_C
2416 #define MBEDTLS_CERTS_C
2425 #define MBEDTLS_CHACHA20_C
2436 #define MBEDTLS_CHACHAPOLY_C
2448 #define MBEDTLS_CIPHER_C
2461 //#define MBEDTLS_CMAC_C
2462 
2481 #define MBEDTLS_CTR_DRBG_C
2495 #define MBEDTLS_DEBUG_C
2524 #define MBEDTLS_DES_C
2545 #define MBEDTLS_DHM_C
2561 #define MBEDTLS_ECDH_C
2576 #define MBEDTLS_ECDSA_C
2595 //#define MBEDTLS_ECJPAKE_C
2596 
2609 #define MBEDTLS_ECP_C
2623 #define MBEDTLS_ENTROPY_C
2635 #define MBEDTLS_ERROR_C
2649 #define MBEDTLS_GCM_C
2672 //#define MBEDTLS_HAVEGE_C
2673 
2687 #define MBEDTLS_HKDF_C
2701 #define MBEDTLS_HMAC_DRBG_C
2714 //#define MBEDTLS_NIST_KW_C
2715 
2726 #define MBEDTLS_MD_C
2743 //#define MBEDTLS_MD2_C
2744 
2760 //#define MBEDTLS_MD4_C
2761 
2782 #define MBEDTLS_MD5_C
2798 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2799 
2817 #define MBEDTLS_NET_C
2840 #define MBEDTLS_OID_C
2854 #define MBEDTLS_PADLOCK_C
2872 #define MBEDTLS_PEM_PARSE_C
2888 #define MBEDTLS_PEM_WRITE_C
2904 #define MBEDTLS_PK_C
2919 #define MBEDTLS_PK_PARSE_C
2933 #define MBEDTLS_PK_WRITE_C
2946 #define MBEDTLS_PKCS5_C
2964 //#define MBEDTLS_PKCS11_C
2965 
2980 #define MBEDTLS_PKCS12_C
3000 #define MBEDTLS_PLATFORM_C
3010 #define MBEDTLS_POLY1305_C
3026 #define MBEDTLS_PSA_CRYPTO_C
3042 //#define MBEDTLS_PSA_CRYPTO_SE_C
3043 
3055 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3067 #define MBEDTLS_PSA_ITS_FILE_C
3078 #define MBEDTLS_RIPEMD160_C
3097 #define MBEDTLS_RSA_C
3119 #define MBEDTLS_SHA1_C
3136 #define MBEDTLS_SHA256_C
3151 #define MBEDTLS_SHA512_C
3163 #define MBEDTLS_SSL_CACHE_C
3173 #define MBEDTLS_SSL_COOKIE_C
3185 #define MBEDTLS_SSL_TICKET_C
3199 #define MBEDTLS_SSL_CLI_C
3213 #define MBEDTLS_SSL_SRV_C
3229 #define MBEDTLS_SSL_TLS_C
3251 //#define MBEDTLS_THREADING_C
3252 
3274 #define MBEDTLS_TIMING_C
3285 #define MBEDTLS_VERSION_C
3302 #define MBEDTLS_X509_USE_C
3318 #define MBEDTLS_X509_CRT_PARSE_C
3332 #define MBEDTLS_X509_CRL_PARSE_C
3346 #define MBEDTLS_X509_CSR_PARSE_C
3359 #define MBEDTLS_X509_CREATE_C
3372 #define MBEDTLS_X509_CRT_WRITE_C
3385 #define MBEDTLS_X509_CSR_WRITE_C
3395 #define MBEDTLS_XTEA_C
3397 /* \} name SECTION: mbed TLS modules */
3398 
3414 /* MPI / BIGNUM options */
3415 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
3416 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3417 
3418 /* CTR_DRBG options */
3419 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3420 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3421 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3422 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3423 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3424 
3425 /* HMAC_DRBG options */
3426 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3427 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3428 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3429 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3430 
3431 /* ECP options */
3432 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
3433 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
3434 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3435 
3436 /* Entropy options */
3437 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3438 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3439 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3440 
3441 /* Memory buffer allocator options */
3442 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3443 
3444 /* Platform options */
3445 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3446 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
3447 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3448 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3449 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3450 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3451 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3452 /* Note: your snprintf must correctly zero-terminate the buffer! */
3453 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3454 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3455 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3456 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3457 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3458 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3459 
3460 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3461 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3462 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
3463 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3464 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3465 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3466 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3467 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3468 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3469 /* Note: your snprintf must correctly zero-terminate the buffer! */
3470 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3471 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
3472 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3473 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3474 
3509 //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3510 
3511 /* SSL Cache options */
3512 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3513 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3514 
3515 /* SSL options */
3516 
3541 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
3542 
3566 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3567 
3573 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3574 
3580 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3581 
3597 //#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
3598 
3613 //#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
3614 
3637 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3638 
3654 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
3655 
3656 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
3657 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
3658 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
3659 
3672 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
3673 
3674 /* X509 options */
3675 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
3676 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
3677 
3690 //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
3691 
3707 #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
3727 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
3728 
3746 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
3747 
3755 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
3756 
3757 /* \} name SECTION: Customisation configuration options */
3758 
3759 /* Target and application specific configurations
3760  *
3761  * Allow user to override any previous default.
3762  *
3763  */
3764 #if defined(MBEDTLS_USER_CONFIG_FILE)
3765 #include MBEDTLS_USER_CONFIG_FILE
3766 #endif
3767 
3768 #include "mbedtls/check_config.h"
3769 
3770 #endif /* MBEDTLS_CONFIG_H */
check_config.h
Consistency checks for configuration options.