Mbed TLS v2.28.5
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  */
26 
27 #ifndef MBEDTLS_CONFIG_H
28 #define MBEDTLS_CONFIG_H
29 
30 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
31 #define _CRT_SECURE_NO_DEPRECATE 1
32 #endif
33 
59 #define MBEDTLS_HAVE_ASM
60 
87 //#define MBEDTLS_NO_UDBL_DIVISION
88 
109 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
110 
118 //#define MBEDTLS_HAVE_SSE2
119 
138 #define MBEDTLS_HAVE_TIME
139 
159 #define MBEDTLS_HAVE_TIME_DATE
160 
215 //#define MBEDTLS_PLATFORM_MEMORY
216 
234 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
235 
259 //#define MBEDTLS_PLATFORM_EXIT_ALT
260 //#define MBEDTLS_PLATFORM_TIME_ALT
261 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
262 //#define MBEDTLS_PLATFORM_PRINTF_ALT
263 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
264 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
265 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
266 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
267 
285 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
286 
305 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
306 
320 //#define MBEDTLS_DEPRECATED_WARNING
321 
332 //#define MBEDTLS_DEPRECATED_REMOVED
333 
384 //#define MBEDTLS_CHECK_PARAMS
385 
398 //#define MBEDTLS_CHECK_PARAMS_ASSERT
399 
421 //#define MBEDTLS_TIMING_ALT
422 
448 //#define MBEDTLS_AES_ALT
449 //#define MBEDTLS_ARC4_ALT
450 //#define MBEDTLS_ARIA_ALT
451 //#define MBEDTLS_BLOWFISH_ALT
452 //#define MBEDTLS_CAMELLIA_ALT
453 //#define MBEDTLS_CCM_ALT
454 //#define MBEDTLS_CHACHA20_ALT
455 //#define MBEDTLS_CHACHAPOLY_ALT
456 //#define MBEDTLS_CMAC_ALT
457 //#define MBEDTLS_DES_ALT
458 //#define MBEDTLS_DHM_ALT
459 //#define MBEDTLS_ECJPAKE_ALT
460 //#define MBEDTLS_GCM_ALT
461 //#define MBEDTLS_NIST_KW_ALT
462 //#define MBEDTLS_MD2_ALT
463 //#define MBEDTLS_MD4_ALT
464 //#define MBEDTLS_MD5_ALT
465 //#define MBEDTLS_POLY1305_ALT
466 //#define MBEDTLS_RIPEMD160_ALT
467 //#define MBEDTLS_RSA_ALT
468 //#define MBEDTLS_SHA1_ALT
469 //#define MBEDTLS_SHA256_ALT
470 //#define MBEDTLS_SHA512_ALT
471 //#define MBEDTLS_XTEA_ALT
472 
473 /*
474  * When replacing the elliptic curve module, please consider, that it is
475  * implemented with two .c files:
476  * - ecp.c
477  * - ecp_curves.c
478  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
479  * macros as described above. The only difference is that you have to make sure
480  * that you provide functionality for both .c files.
481  */
482 //#define MBEDTLS_ECP_ALT
483 
529 //#define MBEDTLS_MD2_PROCESS_ALT
530 //#define MBEDTLS_MD4_PROCESS_ALT
531 //#define MBEDTLS_MD5_PROCESS_ALT
532 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
533 //#define MBEDTLS_SHA1_PROCESS_ALT
534 //#define MBEDTLS_SHA256_PROCESS_ALT
535 //#define MBEDTLS_SHA512_PROCESS_ALT
536 //#define MBEDTLS_DES_SETKEY_ALT
537 //#define MBEDTLS_DES_CRYPT_ECB_ALT
538 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
539 //#define MBEDTLS_AES_SETKEY_ENC_ALT
540 //#define MBEDTLS_AES_SETKEY_DEC_ALT
541 //#define MBEDTLS_AES_ENCRYPT_ALT
542 //#define MBEDTLS_AES_DECRYPT_ALT
543 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
544 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
545 //#define MBEDTLS_ECDSA_VERIFY_ALT
546 //#define MBEDTLS_ECDSA_SIGN_ALT
547 //#define MBEDTLS_ECDSA_GENKEY_ALT
548 
599 /* Required for all the functions in this section */
600 //#define MBEDTLS_ECP_INTERNAL_ALT
601 /* Turn off software fallback for curves not supported in hardware */
602 //#define MBEDTLS_ECP_NO_FALLBACK
603 /* Support for Weierstrass curves with Jacobi representation */
604 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
605 //#define MBEDTLS_ECP_ADD_MIXED_ALT
606 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
607 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
608 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
609 /* Support for curves with Montgomery arithmetic */
610 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
611 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
612 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
613 
629 //#define MBEDTLS_TEST_NULL_ENTROPY
630 
642 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
643 
662 //#define MBEDTLS_AES_ROM_TABLES
663 
684 //#define MBEDTLS_AES_FEWER_TABLES
685 
693 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
694 
716 //#define MBEDTLS_CHECK_RETURN_WARNING
717 
723 #define MBEDTLS_CIPHER_MODE_CBC
724 
730 #define MBEDTLS_CIPHER_MODE_CFB
731 
737 #define MBEDTLS_CIPHER_MODE_CTR
738 
744 #define MBEDTLS_CIPHER_MODE_OFB
745 
751 #define MBEDTLS_CIPHER_MODE_XTS
752 
784 //#define MBEDTLS_CIPHER_NULL_CIPHER
785 
797 #define MBEDTLS_CIPHER_PADDING_PKCS7
798 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
799 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
800 #define MBEDTLS_CIPHER_PADDING_ZEROS
801 
807 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
808 
825 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
826 
838 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
839 
858 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
859 
867 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
868 
877 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
878 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
879 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
880 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
881 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
882 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
883 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
884 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
885 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
886 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
887 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
888 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
889 /* Montgomery curves (supporting ECP) */
890 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
891 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
892 
902 #define MBEDTLS_ECP_NIST_OPTIM
903 
924 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
925 
974 //#define MBEDTLS_ECP_RESTARTABLE
975 
1002 #define MBEDTLS_ECDH_LEGACY_CONTEXT
1003 
1016 #define MBEDTLS_ECDSA_DETERMINISTIC
1017 
1038 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
1039 
1069 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
1070 
1089 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1090 
1114 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1115 
1142 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1143 
1175 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1176 
1200 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1201 
1224 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1225 
1248 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1249 
1272 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1273 
1291 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1292 
1305 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1306 
1320 #define MBEDTLS_ERROR_STRERROR_DUMMY
1321 
1329 #define MBEDTLS_GENPRIME
1330 
1336 #define MBEDTLS_FS_IO
1337 
1349 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1350 
1360 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1361 
1376 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1377 
1404 //#define MBEDTLS_ENTROPY_NV_SEED
1405 
1406 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1407  *
1408  * Enable key identifiers that encode a key owner identifier.
1409  *
1410  * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1411  * which is currently hard-coded to be int32_t.
1412  *
1413  * Note that this option is meant for internal use only and may be removed
1414  * without notice. It is incompatible with MBEDTLS_USE_PSA_CRYPTO.
1415  */
1416 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1417 
1429 //#define MBEDTLS_MEMORY_DEBUG
1430 
1441 //#define MBEDTLS_MEMORY_BACKTRACE
1442 
1450 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1451 
1461 #define MBEDTLS_PKCS1_V15
1462 
1472 #define MBEDTLS_PKCS1_V21
1473 
1488 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1489 
1504 //#define MBEDTLS_PSA_CRYPTO_CLIENT
1505 
1515 //#define MBEDTLS_PSA_CRYPTO_DRIVERS
1516 
1553 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1554 
1567 //#define MBEDTLS_PSA_CRYPTO_SPM
1568 
1580 //#define MBEDTLS_PSA_INJECT_ENTROPY
1581 
1591 //#define MBEDTLS_RSA_NO_CRT
1592 
1598 #define MBEDTLS_SELF_TEST
1599 
1614 //#define MBEDTLS_SHA256_SMALLER
1615 
1624 //#define MBEDTLS_SHA512_SMALLER
1625 
1636 //#define MBEDTLS_SHA512_NO_SHA384
1637 
1650 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1651 
1664 #define MBEDTLS_SSL_RECORD_CHECKING
1665 
1692 //#define MBEDTLS_SSL_DTLS_CONNECTION_ID
1693 
1703 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1704 
1732 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1733 
1748 //#define MBEDTLS_SSL_DEBUG_ALL
1749 
1766 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1767 
1784 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1785 
1802 #define MBEDTLS_SSL_FALLBACK_SCSV
1803 
1824 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1825 
1837 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1838 
1849 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1850 
1871 #define MBEDTLS_SSL_RENEGOTIATION
1872 
1884 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1885 
1894 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1895 
1903 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1904 
1918 //#define MBEDTLS_SSL_PROTO_SSL3
1919 
1930 #define MBEDTLS_SSL_PROTO_TLS1
1931 
1942 #define MBEDTLS_SSL_PROTO_TLS1_1
1943 
1954 #define MBEDTLS_SSL_PROTO_TLS1_2
1955 
1973 //#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
1974 
1988 #define MBEDTLS_SSL_PROTO_DTLS
1989 
1997 #define MBEDTLS_SSL_ALPN
1998 
2012 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
2013 
2030 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
2031 
2061 //#define MBEDTLS_SSL_DTLS_SRTP
2062 
2077 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
2078 
2088 #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
2089 
2102 #define MBEDTLS_SSL_SESSION_TICKETS
2103 
2112 #define MBEDTLS_SSL_EXPORT_KEYS
2113 
2123 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
2124 
2132 #define MBEDTLS_SSL_TRUNCATED_HMAC
2133 
2156 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
2157 
2166 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2167 
2183 //#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
2184 
2200 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2201 
2219 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2220 
2239 //#define MBEDTLS_TEST_HOOKS
2240 
2250 //#define MBEDTLS_THREADING_ALT
2251 
2261 #define MBEDTLS_THREADING_PTHREAD
2262 
2286 //#define MBEDTLS_USE_PSA_CRYPTO
2287 
2315 //#define MBEDTLS_PSA_CRYPTO_CONFIG
2316 
2328 #define MBEDTLS_VERSION_FEATURES
2329 
2338 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2339 
2350 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2351 
2369 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2370 
2383 #define MBEDTLS_X509_CHECK_KEY_USAGE
2384 
2396 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2397 
2406 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2407 
2431 //#define MBEDTLS_ZLIB_SUPPORT
2471 #define MBEDTLS_AESNI_C
2472 
2546 #define MBEDTLS_AES_C
2547 
2574 #define MBEDTLS_ARC4_C
2575 
2588 #define MBEDTLS_ASN1_PARSE_C
2589 
2602 #define MBEDTLS_ASN1_WRITE_C
2603 
2614 #define MBEDTLS_BASE64_C
2615 
2631 #define MBEDTLS_BIGNUM_C
2632 
2640 #define MBEDTLS_BLOWFISH_C
2641 
2695 #define MBEDTLS_CAMELLIA_C
2696 
2747 //#define MBEDTLS_ARIA_C
2748 
2761 #define MBEDTLS_CCM_C
2762 
2773 #define MBEDTLS_CERTS_C
2774 
2782 #define MBEDTLS_CHACHA20_C
2783 
2793 #define MBEDTLS_CHACHAPOLY_C
2794 
2805 #define MBEDTLS_CIPHER_C
2806 
2823 //#define MBEDTLS_CMAC_C
2824 
2843 #define MBEDTLS_CTR_DRBG_C
2844 
2857 #define MBEDTLS_DEBUG_C
2858 
2886 #define MBEDTLS_DES_C
2887 
2907 #define MBEDTLS_DHM_C
2908 
2923 #define MBEDTLS_ECDH_C
2924 
2940 #define MBEDTLS_ECDSA_C
2941 
2959 //#define MBEDTLS_ECJPAKE_C
2960 
2973 #define MBEDTLS_ECP_C
2974 
2987 #define MBEDTLS_ENTROPY_C
2988 
2999 #define MBEDTLS_ERROR_C
3000 
3013 #define MBEDTLS_GCM_C
3014 
3036 #define MBEDTLS_HAVEGE_C
3037 
3051 #define MBEDTLS_HKDF_C
3052 
3065 #define MBEDTLS_HMAC_DRBG_C
3066 
3078 //#define MBEDTLS_NIST_KW_C
3079 
3090 #define MBEDTLS_MD_C
3091 
3107 //#define MBEDTLS_MD2_C
3108 
3124 //#define MBEDTLS_MD4_C
3125 
3146 #define MBEDTLS_MD5_C
3147 
3162 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
3163 
3181 #define MBEDTLS_NET_C
3182 
3204 #define MBEDTLS_OID_C
3205 
3218 #define MBEDTLS_PADLOCK_C
3219 
3236 #define MBEDTLS_PEM_PARSE_C
3237 
3252 #define MBEDTLS_PEM_WRITE_C
3253 
3268 #define MBEDTLS_PK_C
3269 
3283 #define MBEDTLS_PK_PARSE_C
3284 
3297 #define MBEDTLS_PK_WRITE_C
3298 
3310 #define MBEDTLS_PKCS5_C
3311 
3328 //#define MBEDTLS_PKCS11_C
3329 
3344 #define MBEDTLS_PKCS12_C
3345 
3364 #define MBEDTLS_PLATFORM_C
3365 
3374 #define MBEDTLS_POLY1305_C
3375 
3388 #define MBEDTLS_PSA_CRYPTO_C
3389 
3404 //#define MBEDTLS_PSA_CRYPTO_SE_C
3405 
3417 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3418 
3429 #define MBEDTLS_PSA_ITS_FILE_C
3430 
3440 #define MBEDTLS_RIPEMD160_C
3441 
3459 #define MBEDTLS_RSA_C
3460 
3481 #define MBEDTLS_SHA1_C
3482 
3498 #define MBEDTLS_SHA256_C
3499 
3513 #define MBEDTLS_SHA512_C
3514 
3525 #define MBEDTLS_SSL_CACHE_C
3526 
3535 #define MBEDTLS_SSL_COOKIE_C
3536 
3548 #define MBEDTLS_SSL_TICKET_C
3549 
3562 #define MBEDTLS_SSL_CLI_C
3563 
3576 #define MBEDTLS_SSL_SRV_C
3577 
3592 #define MBEDTLS_SSL_TLS_C
3593 
3614 #define MBEDTLS_THREADING_C
3615 
3641 #define MBEDTLS_TIMING_C
3642 
3652 #define MBEDTLS_VERSION_C
3653 
3669 #define MBEDTLS_X509_USE_C
3670 
3685 #define MBEDTLS_X509_CRT_PARSE_C
3686 
3699 #define MBEDTLS_X509_CRL_PARSE_C
3700 
3713 #define MBEDTLS_X509_CSR_PARSE_C
3714 
3726 #define MBEDTLS_X509_CREATE_C
3727 
3739 #define MBEDTLS_X509_CRT_WRITE_C
3740 
3752 #define MBEDTLS_X509_CSR_WRITE_C
3753 
3762 #define MBEDTLS_XTEA_C
3763 
3791 //#define MBEDTLS_CONFIG_FILE "mbedtls/config.h"
3792 
3808 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3809 
3826 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3827 
3843 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3844 
3858 /* The Doxygen documentation here is used when a user comments out a
3859  * setting and runs doxygen themselves. On the other hand, when we typeset
3860  * the full documentation including disabled settings, the documentation
3861  * in specific modules' header files is used if present. When editing this
3862  * file, make sure that each option is documented in exactly one place,
3863  * plus optionally a same-line Doxygen comment here if there is a Doxygen
3864  * comment in the specific module. */
3865 
3866 /* MPI / BIGNUM options */
3867 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
3868 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3869 
3870 /* CTR_DRBG options */
3871 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3872 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3873 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3874 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3875 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3876 
3877 /* HMAC_DRBG options */
3878 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3879 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3880 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3881 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3882 
3883 /* ECP options */
3884 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
3885 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
3886 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3887 
3888 /* Entropy options */
3889 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3890 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3891 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3892 
3893 /* Memory buffer allocator options */
3894 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3895 
3896 /* Platform options */
3897 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3898 
3910 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc
3911 
3920 //#define MBEDTLS_PLATFORM_STD_FREE free
3921 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3922 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3923 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3924 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3925 /* Note: your snprintf must correctly zero-terminate the buffer! */
3926 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3927 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3928 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3929 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3930 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3931 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3932 
3933 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
3934 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3935 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
3936 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
3937 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3938 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3939 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3940 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3941 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3942 /* Note: your snprintf must correctly zero-terminate the buffer! */
3943 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3944 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
3945 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3946 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3947 
3982 //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3983 
3997 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
3998 
4005 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
4006 
4007 /* PSA options */
4018 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
4019 
4029 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
4030 
4031 /* SSL Cache options */
4032 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
4033 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
4034 
4035 /* SSL options */
4036 
4061 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
4062 
4086 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
4087 
4093 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
4094 
4100 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
4101 
4117 //#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
4118 
4133 //#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
4134 
4157 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
4158 
4174 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4175 
4176 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
4177 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
4178 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4179 
4189 //#define MBEDTLS_TLS_EXT_CID 254
4190 
4203 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4204 
4205 /* X509 options */
4206 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4207 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4208 
4211 /* Target and application specific configurations
4212  *
4213  * Allow user to override any previous default.
4214  *
4215  */
4216 #if defined(MBEDTLS_USER_CONFIG_FILE)
4217 #include MBEDTLS_USER_CONFIG_FILE
4218 #endif
4219 
4220 #if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
4221 #include "mbedtls/config_psa.h"
4222 #endif
4223 
4224 #include "mbedtls/check_config.h"
4225 
4226 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.
PSA crypto configuration options (set of defines)