mbed TLS v2.28.1
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  */
26 
27 #ifndef MBEDTLS_CONFIG_H
28 #define MBEDTLS_CONFIG_H
29 
30 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
31 #define _CRT_SECURE_NO_DEPRECATE 1
32 #endif
33 
59 #define MBEDTLS_HAVE_ASM
60 
87 //#define MBEDTLS_NO_UDBL_DIVISION
88 
109 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
110 
118 //#define MBEDTLS_HAVE_SSE2
119 
138 #define MBEDTLS_HAVE_TIME
139 
159 #define MBEDTLS_HAVE_TIME_DATE
160 
183 //#define MBEDTLS_PLATFORM_MEMORY
184 
202 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
203 
227 //#define MBEDTLS_PLATFORM_EXIT_ALT
228 //#define MBEDTLS_PLATFORM_TIME_ALT
229 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
230 //#define MBEDTLS_PLATFORM_PRINTF_ALT
231 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
232 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
233 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
234 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
235 
249 #define MBEDTLS_DEPRECATED_WARNING
250 
261 //#define MBEDTLS_DEPRECATED_REMOVED
262 
313 //#define MBEDTLS_CHECK_PARAMS
314 
327 //#define MBEDTLS_CHECK_PARAMS_ASSERT
328 
350 //#define MBEDTLS_TIMING_ALT
351 
377 //#define MBEDTLS_AES_ALT
378 //#define MBEDTLS_ARC4_ALT
379 //#define MBEDTLS_ARIA_ALT
380 //#define MBEDTLS_BLOWFISH_ALT
381 //#define MBEDTLS_CAMELLIA_ALT
382 //#define MBEDTLS_CCM_ALT
383 //#define MBEDTLS_CHACHA20_ALT
384 //#define MBEDTLS_CHACHAPOLY_ALT
385 //#define MBEDTLS_CMAC_ALT
386 //#define MBEDTLS_DES_ALT
387 //#define MBEDTLS_DHM_ALT
388 //#define MBEDTLS_ECJPAKE_ALT
389 //#define MBEDTLS_GCM_ALT
390 //#define MBEDTLS_NIST_KW_ALT
391 //#define MBEDTLS_MD2_ALT
392 //#define MBEDTLS_MD4_ALT
393 //#define MBEDTLS_MD5_ALT
394 //#define MBEDTLS_POLY1305_ALT
395 //#define MBEDTLS_RIPEMD160_ALT
396 //#define MBEDTLS_RSA_ALT
397 //#define MBEDTLS_SHA1_ALT
398 //#define MBEDTLS_SHA256_ALT
399 //#define MBEDTLS_SHA512_ALT
400 //#define MBEDTLS_XTEA_ALT
401 
402 /*
403  * When replacing the elliptic curve module, please consider, that it is
404  * implemented with two .c files:
405  * - ecp.c
406  * - ecp_curves.c
407  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
408  * macros as described above. The only difference is that you have to make sure
409  * that you provide functionality for both .c files.
410  */
411 //#define MBEDTLS_ECP_ALT
412 
458 //#define MBEDTLS_MD2_PROCESS_ALT
459 //#define MBEDTLS_MD4_PROCESS_ALT
460 //#define MBEDTLS_MD5_PROCESS_ALT
461 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
462 //#define MBEDTLS_SHA1_PROCESS_ALT
463 //#define MBEDTLS_SHA256_PROCESS_ALT
464 //#define MBEDTLS_SHA512_PROCESS_ALT
465 //#define MBEDTLS_DES_SETKEY_ALT
466 //#define MBEDTLS_DES_CRYPT_ECB_ALT
467 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
468 //#define MBEDTLS_AES_SETKEY_ENC_ALT
469 //#define MBEDTLS_AES_SETKEY_DEC_ALT
470 //#define MBEDTLS_AES_ENCRYPT_ALT
471 //#define MBEDTLS_AES_DECRYPT_ALT
472 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
473 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
474 //#define MBEDTLS_ECDSA_VERIFY_ALT
475 //#define MBEDTLS_ECDSA_SIGN_ALT
476 //#define MBEDTLS_ECDSA_GENKEY_ALT
477 
528 /* Required for all the functions in this section */
529 //#define MBEDTLS_ECP_INTERNAL_ALT
530 /* Turn off software fallback for curves not supported in hardware */
531 //#define MBEDTLS_ECP_NO_FALLBACK
532 /* Support for Weierstrass curves with Jacobi representation */
533 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
534 //#define MBEDTLS_ECP_ADD_MIXED_ALT
535 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
536 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
537 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
538 /* Support for curves with Montgomery arithmetic */
539 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
540 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
541 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
542 
558 //#define MBEDTLS_TEST_NULL_ENTROPY
559 
571 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
572 
591 //#define MBEDTLS_AES_ROM_TABLES
592 
613 //#define MBEDTLS_AES_FEWER_TABLES
614 
622 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
623 
645 //#define MBEDTLS_CHECK_RETURN_WARNING
646 
652 #define MBEDTLS_CIPHER_MODE_CBC
653 
659 #define MBEDTLS_CIPHER_MODE_CFB
660 
666 #define MBEDTLS_CIPHER_MODE_CTR
667 
673 #define MBEDTLS_CIPHER_MODE_OFB
674 
680 #define MBEDTLS_CIPHER_MODE_XTS
681 
713 //#define MBEDTLS_CIPHER_NULL_CIPHER
714 
726 #define MBEDTLS_CIPHER_PADDING_PKCS7
727 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
728 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
729 #define MBEDTLS_CIPHER_PADDING_ZEROS
730 
736 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
737 
754 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
755 
767 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
768 
787 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
788 
797 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
798 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
799 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
800 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
801 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
802 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
803 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
804 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
805 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
806 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
807 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
808 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
809 /* Montgomery curves (supporting ECP) */
810 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
811 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
812 
822 #define MBEDTLS_ECP_NIST_OPTIM
823 
844 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
845 
869 //#define MBEDTLS_ECP_RESTARTABLE
870 
897 #define MBEDTLS_ECDH_LEGACY_CONTEXT
898 
911 #define MBEDTLS_ECDSA_DETERMINISTIC
912 
933 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
934 
964 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
965 
984 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
985 
1009 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1010 
1037 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1038 
1070 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1071 
1095 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1096 
1119 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1120 
1143 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1144 
1167 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1168 
1186 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1187 
1200 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1201 
1215 #define MBEDTLS_ERROR_STRERROR_DUMMY
1216 
1224 #define MBEDTLS_GENPRIME
1225 
1231 #define MBEDTLS_FS_IO
1232 
1244 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1245 
1255 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1256 
1271 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1272 
1299 //#define MBEDTLS_ENTROPY_NV_SEED
1300 
1301 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1302  *
1303  * Enable key identifiers that encode a key owner identifier.
1304  *
1305  * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1306  * which is currently hard-coded to be int32_t.
1307  *
1308  * Note that this option is meant for internal use only and may be removed
1309  * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
1310  */
1311 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1312 
1324 //#define MBEDTLS_MEMORY_DEBUG
1325 
1336 //#define MBEDTLS_MEMORY_BACKTRACE
1337 
1345 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1346 
1356 #define MBEDTLS_PKCS1_V15
1357 
1367 #define MBEDTLS_PKCS1_V21
1368 
1383 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1384 
1399 //#define MBEDTLS_PSA_CRYPTO_CLIENT
1400 
1410 //#define MBEDTLS_PSA_CRYPTO_DRIVERS
1411 
1448 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1449 
1462 //#define MBEDTLS_PSA_CRYPTO_SPM
1463 
1475 //#define MBEDTLS_PSA_INJECT_ENTROPY
1476 
1486 //#define MBEDTLS_RSA_NO_CRT
1487 
1493 #define MBEDTLS_SELF_TEST
1494 
1509 //#define MBEDTLS_SHA256_SMALLER
1510 
1519 //#define MBEDTLS_SHA512_SMALLER
1520 
1531 //#define MBEDTLS_SHA512_NO_SHA384
1532 
1545 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1546 
1559 #define MBEDTLS_SSL_RECORD_CHECKING
1560 
1587 //#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1588 
1598 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1599 
1625 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1626 
1641 //#define MBEDTLS_SSL_DEBUG_ALL
1642 
1659 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1660 
1677 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1678 
1695 #define MBEDTLS_SSL_FALLBACK_SCSV
1696 
1717 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1718 
1730 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1731 
1742 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1743 
1764 #define MBEDTLS_SSL_RENEGOTIATION
1765 
1777 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1778 
1787 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1788 
1796 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1797 
1811 //#define MBEDTLS_SSL_PROTO_SSL3
1812 
1823 #define MBEDTLS_SSL_PROTO_TLS1
1824 
1835 #define MBEDTLS_SSL_PROTO_TLS1_1
1836 
1847 #define MBEDTLS_SSL_PROTO_TLS1_2
1848 
1866 //#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
1867 
1881 #define MBEDTLS_SSL_PROTO_DTLS
1882 
1890 #define MBEDTLS_SSL_ALPN
1891 
1905 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1906 
1923 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1924 
1954 #define MBEDTLS_SSL_DTLS_SRTP
1955 
1970 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1971 
1981 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1982 
1995 #define MBEDTLS_SSL_SESSION_TICKETS
1996 
2005 #define MBEDTLS_SSL_EXPORT_KEYS
2006 
2016 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
2017 
2025 #define MBEDTLS_SSL_TRUNCATED_HMAC
2026 
2049 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
2050 
2059 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2060 
2076 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2077 
2095 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2096 
2115 //#define MBEDTLS_TEST_HOOKS
2116 
2126 //#define MBEDTLS_THREADING_ALT
2127 
2137 #define MBEDTLS_THREADING_PTHREAD
2138 
2162 //#define MBEDTLS_USE_PSA_CRYPTO
2163 
2191 //#define MBEDTLS_PSA_CRYPTO_CONFIG
2192 
2204 #define MBEDTLS_VERSION_FEATURES
2205 
2214 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2215 
2226 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2227 
2245 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2246 
2259 #define MBEDTLS_X509_CHECK_KEY_USAGE
2260 
2272 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2273 
2282 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2283 
2307 //#define MBEDTLS_ZLIB_SUPPORT
2329 #define MBEDTLS_AESNI_C
2330 
2404 #define MBEDTLS_AES_C
2405 
2432 #define MBEDTLS_ARC4_C
2433 
2446 #define MBEDTLS_ASN1_PARSE_C
2447 
2460 #define MBEDTLS_ASN1_WRITE_C
2461 
2472 #define MBEDTLS_BASE64_C
2473 
2489 #define MBEDTLS_BIGNUM_C
2490 
2498 #define MBEDTLS_BLOWFISH_C
2499 
2553 #define MBEDTLS_CAMELLIA_C
2554 
2605 //#define MBEDTLS_ARIA_C
2606 
2619 #define MBEDTLS_CCM_C
2620 
2631 #define MBEDTLS_CERTS_C
2632 
2640 #define MBEDTLS_CHACHA20_C
2641 
2651 #define MBEDTLS_CHACHAPOLY_C
2652 
2663 #define MBEDTLS_CIPHER_C
2664 
2681 #define MBEDTLS_CMAC_C
2682 
2701 #define MBEDTLS_CTR_DRBG_C
2702 
2715 #define MBEDTLS_DEBUG_C
2716 
2744 #define MBEDTLS_DES_C
2745 
2765 #define MBEDTLS_DHM_C
2766 
2781 #define MBEDTLS_ECDH_C
2782 
2798 #define MBEDTLS_ECDSA_C
2799 
2817 //#define MBEDTLS_ECJPAKE_C
2818 
2831 #define MBEDTLS_ECP_C
2832 
2845 #define MBEDTLS_ENTROPY_C
2846 
2857 #define MBEDTLS_ERROR_C
2858 
2871 #define MBEDTLS_GCM_C
2872 
2894 #define MBEDTLS_HAVEGE_C
2895 
2909 #define MBEDTLS_HKDF_C
2910 
2923 #define MBEDTLS_HMAC_DRBG_C
2924 
2936 //#define MBEDTLS_NIST_KW_C
2937 
2948 #define MBEDTLS_MD_C
2949 
2965 #define MBEDTLS_MD2_C
2966 
2982 #define MBEDTLS_MD4_C
2983 
3004 #define MBEDTLS_MD5_C
3005 
3020 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3021 
3039 #define MBEDTLS_NET_C
3040 
3062 #define MBEDTLS_OID_C
3063 
3076 #define MBEDTLS_PADLOCK_C
3077 
3094 #define MBEDTLS_PEM_PARSE_C
3095 
3110 #define MBEDTLS_PEM_WRITE_C
3111 
3126 #define MBEDTLS_PK_C
3127 
3141 #define MBEDTLS_PK_PARSE_C
3142 
3155 #define MBEDTLS_PK_WRITE_C
3156 
3168 #define MBEDTLS_PKCS5_C
3169 
3186 //#define MBEDTLS_PKCS11_C
3187 
3202 #define MBEDTLS_PKCS12_C
3203 
3222 #define MBEDTLS_PLATFORM_C
3223 
3232 #define MBEDTLS_POLY1305_C
3233 
3246 #define MBEDTLS_PSA_CRYPTO_C
3247 
3262 //#define MBEDTLS_PSA_CRYPTO_SE_C
3263 
3275 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3276 
3287 #define MBEDTLS_PSA_ITS_FILE_C
3288 
3298 #define MBEDTLS_RIPEMD160_C
3299 
3317 #define MBEDTLS_RSA_C
3318 
3339 #define MBEDTLS_SHA1_C
3340 
3356 #define MBEDTLS_SHA256_C
3357 
3371 #define MBEDTLS_SHA512_C
3372 
3383 #define MBEDTLS_SSL_CACHE_C
3384 
3393 #define MBEDTLS_SSL_COOKIE_C
3394 
3405 #define MBEDTLS_SSL_TICKET_C
3406 
3419 #define MBEDTLS_SSL_CLI_C
3420 
3433 #define MBEDTLS_SSL_SRV_C
3434 
3449 #define MBEDTLS_SSL_TLS_C
3450 
3471 #define MBEDTLS_THREADING_C
3472 
3498 #define MBEDTLS_TIMING_C
3499 
3509 #define MBEDTLS_VERSION_C
3510 
3526 #define MBEDTLS_X509_USE_C
3527 
3542 #define MBEDTLS_X509_CRT_PARSE_C
3543 
3556 #define MBEDTLS_X509_CRL_PARSE_C
3557 
3570 #define MBEDTLS_X509_CSR_PARSE_C
3571 
3583 #define MBEDTLS_X509_CREATE_C
3584 
3596 #define MBEDTLS_X509_CRT_WRITE_C
3597 
3609 #define MBEDTLS_X509_CSR_WRITE_C
3610 
3619 #define MBEDTLS_XTEA_C
3620 
3648 //#define MBEDTLS_CONFIG_FILE "mbedtls/config.h"
3649 
3665 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3666 
3683 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3684 
3700 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3701 
3715 /* The Doxygen documentation here is used when a user comments out a
3716  * setting and runs doxygen themselves. On the other hand, when we typeset
3717  * the full documentation including disabled settings, the documentation
3718  * in specific modules' header files is used if present. When editing this
3719  * file, make sure that each option is documented in exactly one place,
3720  * plus optionally a same-line Doxygen comment here if there is a Doxygen
3721  * comment in the specific module. */
3722 
3723 /* MPI / BIGNUM options */
3724 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
3725 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3726 
3727 /* CTR_DRBG options */
3728 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3729 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3730 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3731 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3732 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3733 
3734 /* HMAC_DRBG options */
3735 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3736 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3737 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3738 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3739 
3740 /* ECP options */
3741 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
3742 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
3743 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3744 
3745 /* Entropy options */
3746 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3747 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3748 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3749 
3750 /* Memory buffer allocator options */
3751 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3752 
3753 /* Platform options */
3754 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3755 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
3756 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3757 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3758 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3759 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3760 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3761 /* Note: your snprintf must correctly zero-terminate the buffer! */
3762 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3763 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3764 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3765 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3766 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3767 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3768 
3769 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3770 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3771 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
3772 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3773 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3774 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3775 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3776 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3777 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3778 /* Note: your snprintf must correctly zero-terminate the buffer! */
3779 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3780 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
3781 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3782 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3783 
3818 //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3819 
3833 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
3834 
3841 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
3842 
3843 /* PSA options */
3854 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
3855 
3865 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
3866 
3867 /* SSL Cache options */
3868 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3869 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3870 
3871 /* SSL options */
3872 
3897 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
3898 
3922 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3923 
3929 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3930 
3936 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3937 
3953 //#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
3954 
3969 //#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
3970 
3993 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3994 
4010 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4011 
4012 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
4013 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
4014 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4015 
4025 //#define MBEDTLS_TLS_EXT_CID 254
4026 
4039 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4040 
4041 /* X509 options */
4042 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4043 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4044 
4060 //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
4061 
4080 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
4081 
4099 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
4100 
4108 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
4109 
4112 /* Target and application specific configurations
4113  *
4114  * Allow user to override any previous default.
4115  *
4116  */
4117 #if defined(MBEDTLS_USER_CONFIG_FILE)
4118 #include MBEDTLS_USER_CONFIG_FILE
4119 #endif
4120 
4121 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
4122 #include "mbedtls/config_psa.h"
4123 #endif
4124 
4125 #include "mbedtls/check_config.h"
4126 
4127 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.
PSA crypto configuration options (set of defines)