ReactOS  0.4.15-dev-1177-g6cb3b62
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  *
14  * This file is provided under the Apache License 2.0, or the
15  * GNU General Public License v2.0 or later.
16  *
17  * **********
18  * Apache License 2.0:
19  *
20  * Licensed under the Apache License, Version 2.0 (the "License"); you may
21  * not use this file except in compliance with the License.
22  * You may obtain a copy of the License at
23  *
24  * http://www.apache.org/licenses/LICENSE-2.0
25  *
26  * Unless required by applicable law or agreed to in writing, software
27  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
28  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29  * See the License for the specific language governing permissions and
30  * limitations under the License.
31  *
32  * **********
33  *
34  * **********
35  * GNU General Public License v2.0 or later:
36  *
37  * This program is free software; you can redistribute it and/or modify
38  * it under the terms of the GNU General Public License as published by
39  * the Free Software Foundation; either version 2 of the License, or
40  * (at your option) any later version.
41  *
42  * This program is distributed in the hope that it will be useful,
43  * but WITHOUT ANY WARRANTY; without even the implied warranty of
44  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45  * GNU General Public License for more details.
46  *
47  * You should have received a copy of the GNU General Public License along
48  * with this program; if not, write to the Free Software Foundation, Inc.,
49  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
50  *
51  * **********
52  *
53  * This file is part of mbed TLS (https://tls.mbed.org)
54  */
55 
56 #ifndef MBEDTLS_CONFIG_H
57 #define MBEDTLS_CONFIG_H
58 
59 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
60 //#define _CRT_SECURE_NO_DEPRECATE 1
61 #endif
62 
84 #define MBEDTLS_HAVE_ASM
85 
112 //#define MBEDTLS_NO_UDBL_DIVISION
113 
121 //#define MBEDTLS_HAVE_SSE2 /* We want to run on older hardware. TODO: This should be checked at runtime. */
122 
136 //#define MBEDTLS_HAVE_TIME
137 
148 //#define MBEDTLS_HAVE_TIME_DATE
149 
172 //#define MBEDTLS_PLATFORM_MEMORY
173 
191 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
192 
216 //#define MBEDTLS_PLATFORM_EXIT_ALT
217 //#define MBEDTLS_PLATFORM_TIME_ALT
218 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
219 //#define MBEDTLS_PLATFORM_PRINTF_ALT
220 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
221 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
222 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
223 
237 //#define MBEDTLS_DEPRECATED_WARNING
238 
249 //#define MBEDTLS_DEPRECATED_REMOVED /* ThFabba: we need md5/sha functions for bcrypt */
250 
251 /* \} name SECTION: System support */
252 
272 //#define MBEDTLS_TIMING_ALT
273 
299 //#define MBEDTLS_AES_ALT
300 //#define MBEDTLS_ARC4_ALT
301 //#define MBEDTLS_BLOWFISH_ALT
302 //#define MBEDTLS_CAMELLIA_ALT
303 //#define MBEDTLS_CCM_ALT
304 //#define MBEDTLS_CMAC_ALT
305 //#define MBEDTLS_DES_ALT
306 //#define MBEDTLS_DHM_ALT
307 //#define MBEDTLS_ECJPAKE_ALT
308 //#define MBEDTLS_GCM_ALT
309 //#define MBEDTLS_MD2_ALT
310 //#define MBEDTLS_MD4_ALT
311 //#define MBEDTLS_MD5_ALT
312 //#define MBEDTLS_RIPEMD160_ALT
313 //#define MBEDTLS_RSA_ALT
314 //#define MBEDTLS_SHA1_ALT
315 //#define MBEDTLS_SHA256_ALT
316 //#define MBEDTLS_SHA512_ALT
317 //#define MBEDTLS_XTEA_ALT
318 /*
319  * When replacing the elliptic curve module, pleace consider, that it is
320  * implemented with two .c files:
321  * - ecp.c
322  * - ecp_curves.c
323  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
324  * macros as described above. The only difference is that you have to make sure
325  * that you provide functionality for both .c files.
326  */
327 //#define MBEDTLS_ECP_ALT
328 
374 //#define MBEDTLS_MD2_PROCESS_ALT
375 //#define MBEDTLS_MD4_PROCESS_ALT
376 //#define MBEDTLS_MD5_PROCESS_ALT
377 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
378 //#define MBEDTLS_SHA1_PROCESS_ALT
379 //#define MBEDTLS_SHA256_PROCESS_ALT
380 //#define MBEDTLS_SHA512_PROCESS_ALT
381 //#define MBEDTLS_DES_SETKEY_ALT
382 //#define MBEDTLS_DES_CRYPT_ECB_ALT
383 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
384 //#define MBEDTLS_AES_SETKEY_ENC_ALT
385 //#define MBEDTLS_AES_SETKEY_DEC_ALT
386 //#define MBEDTLS_AES_ENCRYPT_ALT
387 //#define MBEDTLS_AES_DECRYPT_ALT
388 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
389 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
390 //#define MBEDTLS_ECDSA_VERIFY_ALT
391 //#define MBEDTLS_ECDSA_SIGN_ALT
392 //#define MBEDTLS_ECDSA_GENKEY_ALT
393 
434 /* Required for all the functions in this section */
435 //#define MBEDTLS_ECP_INTERNAL_ALT
436 /* Support for Weierstrass curves with Jacobi representation */
437 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
438 //#define MBEDTLS_ECP_ADD_MIXED_ALT
439 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
440 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
441 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
442 /* Support for curves with Montgomery arithmetic */
443 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
444 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
445 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
446 
462 //#define MBEDTLS_TEST_NULL_ENTROPY
463 
475 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
476 
484 //#define MBEDTLS_AES_ROM_TABLES
485 
493 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
494 
500 #define MBEDTLS_CIPHER_MODE_CBC
501 
507 #define MBEDTLS_CIPHER_MODE_CFB
508 
514 #define MBEDTLS_CIPHER_MODE_CTR
515 
547 //#define MBEDTLS_CIPHER_NULL_CIPHER
548 
560 #define MBEDTLS_CIPHER_PADDING_PKCS7
561 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
562 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
563 #define MBEDTLS_CIPHER_PADDING_ZEROS
564 
581 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
582 
594 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
595 
614 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
615 
624 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
625 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
626 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
627 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
628 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
629 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
630 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
631 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
632 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
633 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
634 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
635 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
636 
646 #define MBEDTLS_ECP_NIST_OPTIM
647 
668 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
669 
682 #define MBEDTLS_ECDSA_DETERMINISTIC
683 
704 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
705 
735 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
736 
755 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
756 
780 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
781 
808 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
809 
841 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
842 
866 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
867 
890 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
891 
914 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
915 
938 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
939 
957 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
958 
971 #define MBEDTLS_PK_PARSE_EC_EXTENDED
972 
986 #define MBEDTLS_ERROR_STRERROR_DUMMY
987 
995 #define MBEDTLS_GENPRIME
996 
1002 //#define MBEDTLS_FS_IO /* swyter: we don't have to access the filesystem directly in schannel */
1003 
1015 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1016 
1026 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1027 
1042 #define MBEDTLS_ENTROPY_FORCE_SHA256 /* swyter: ReactOS is primarily 32-bit only, this speeds it up notably */
1043 
1070 //#define MBEDTLS_ENTROPY_NV_SEED
1071 
1083 //#define MBEDTLS_MEMORY_DEBUG
1084 
1095 //#define MBEDTLS_MEMORY_BACKTRACE
1096 
1104 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1105 
1115 #define MBEDTLS_PKCS1_V15
1116 
1126 #define MBEDTLS_PKCS1_V21
1127 
1137 //#define MBEDTLS_RSA_NO_CRT
1138 
1144 //#define MBEDTLS_SELF_TEST /* swyter: we don't need this, adds quite a bit of bloat */
1145 
1160 //#define MBEDTLS_SHA256_SMALLER
1161 
1174 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1175 
1190 //#define MBEDTLS_SSL_DEBUG_ALL /* swyter: we don't need that much verboseness that clogges up the dll with strings */
1191 
1208 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1209 
1226 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1227 
1243 //#define MBEDTLS_SSL_FALLBACK_SCSV /* swyter: as the description says, we don't need this for clients */
1244 
1253 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1254 
1265 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1266 
1287 #define MBEDTLS_SSL_RENEGOTIATION
1288 
1297 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO /* swyter: we don't need anything server-related */
1298 
1307 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE /* swyter: we don't need anything server-related */
1308 
1316 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1317 
1328 //#define MBEDTLS_SSL_PROTO_SSL3 /* swyter: this is potentially insecure and should remain ethernaly disabled */
1329 
1340 #define MBEDTLS_SSL_PROTO_TLS1
1341 
1352 #define MBEDTLS_SSL_PROTO_TLS1_1
1353 
1364 #define MBEDTLS_SSL_PROTO_TLS1_2
1365 
1379 //#define MBEDTLS_SSL_PROTO_DTLS /* swyter: schannel does not support UDP sockets, DTLS is useless */
1380 
1388 #define MBEDTLS_SSL_ALPN
1389 
1403 //#define MBEDTLS_SSL_DTLS_ANTI_REPLAY /* swyter: schannel does not support UDP sockets, DTLS is useless */
1404 
1421 //#define MBEDTLS_SSL_DTLS_HELLO_VERIFY /* swyter: schannel does not support UDP sockets, DTLS is useless */
1422 
1437 //#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE /* swyter: schannel does not support UDP sockets, DTLS is useless */
1438 
1448 //#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT /* swyter: schannel does not support UDP sockets, DTLS is useless */
1449 
1462 #define MBEDTLS_SSL_SESSION_TICKETS
1463 
1472 //#define MBEDTLS_SSL_EXPORT_KEYS
1473 
1483 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
1484 
1492 #define MBEDTLS_SSL_TRUNCATED_HMAC
1493 
1516 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1517 
1527 //#define MBEDTLS_THREADING_ALT
1528 
1538 //#define MBEDTLS_THREADING_PTHREAD
1539 
1551 //#define MBEDTLS_VERSION_FEATURES
1552 
1561 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1562 
1573 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1574 
1587 #define MBEDTLS_X509_CHECK_KEY_USAGE
1588 
1600 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1601 
1610 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
1611 
1632 //#define MBEDTLS_ZLIB_SUPPORT
1633 /* \} name SECTION: mbed TLS feature support */
1634 
1654 #define MBEDTLS_AESNI_C /* swyter: looks like these AMD64 improvements are behind an arch macro, better perf is always good */
1655 
1729 #define MBEDTLS_AES_C
1730 
1757 #define MBEDTLS_ARC4_C
1758 
1771 #define MBEDTLS_ASN1_PARSE_C
1772 
1785 #define MBEDTLS_ASN1_WRITE_C
1786 
1797 //#define MBEDTLS_BASE64_C
1798 
1814 #define MBEDTLS_BIGNUM_C
1815 
1823 #define MBEDTLS_BLOWFISH_C
1824 
1878 #define MBEDTLS_CAMELLIA_C
1879 
1892 #define MBEDTLS_CCM_C
1893 
1904 //#define MBEDTLS_CERTS_C /* swyter: these test certs are completely useless */
1905 
1916 #define MBEDTLS_CIPHER_C
1917 
1929 //#define MBEDTLS_CMAC_C
1930 
1947 #define MBEDTLS_CTR_DRBG_C
1948 
1961 //#define MBEDTLS_DEBUG_C /* swyter: we don't even need this level of verboseness, useful only when developing */
1962 
1990 #define MBEDTLS_DES_C
1991 
2011 #define MBEDTLS_DHM_C
2012 
2027 #define MBEDTLS_ECDH_C
2028 
2042 #define MBEDTLS_ECDSA_C
2043 
2061 //#define MBEDTLS_ECJPAKE_C
2062 
2075 #define MBEDTLS_ECP_C
2076 
2089 #define MBEDTLS_ENTROPY_C
2090 
2101 //#define MBEDTLS_ERROR_C /* swyter: we don't print user errors, so this trims some fat */
2102 
2115 #define MBEDTLS_GCM_C
2116 
2138 //#define MBEDTLS_HAVEGE_C
2139 
2152 #define MBEDTLS_HMAC_DRBG_C
2153 
2164 #define MBEDTLS_MD_C
2165 
2181 //#define MBEDTLS_MD2_C
2182 
2198 //#define MBEDTLS_MD4_C
2199 
2220 #define MBEDTLS_MD5_C
2221 
2236 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2237 
2255 //#define MBEDTLS_NET_C /* swyter: we don't use the network routines, in fact in schannel we replace them with our own shim to forward the managed network buffers */
2256 
2278 #define MBEDTLS_OID_C
2279 
2292 #define MBEDTLS_PADLOCK_C
2293 
2310 //#define MBEDTLS_PEM_PARSE_C /* swyter: we don't do any PEM decoding */
2311 
2326 //#define MBEDTLS_PEM_WRITE_C /* swyter: we don't do any PEM decoding */
2327 
2342 #define MBEDTLS_PK_C
2343 
2357 #define MBEDTLS_PK_PARSE_C
2358 
2371 //#define MBEDTLS_PK_WRITE_C /* swyter: we don't write any PK */
2372 
2384 #define MBEDTLS_PKCS5_C
2385 
2399 //#define MBEDTLS_PKCS11_C
2400 
2415 #define MBEDTLS_PKCS12_C
2416 
2435 #define MBEDTLS_PLATFORM_C
2436 
2446 #define MBEDTLS_RIPEMD160_C
2447 
2465 #define MBEDTLS_RSA_C
2466 
2487 #define MBEDTLS_SHA1_C
2488 
2504 #define MBEDTLS_SHA256_C
2505 
2519 #define MBEDTLS_SHA512_C
2520 
2531 //#define MBEDTLS_SSL_CACHE_C /* swyter: we don't make use of this caching mechanism, as the WINE schannel API does not expose it */
2532 
2541 //#define MBEDTLS_SSL_COOKIE_C /* swyter: schannel does not support UDP sockets, DTLS is useless */
2542 
2553 #define MBEDTLS_SSL_TICKET_C
2554 
2567 #define MBEDTLS_SSL_CLI_C
2568 
2581 //#define MBEDTLS_SSL_SRV_C /* swyter: we don't need anything server-related */
2582 
2597 #define MBEDTLS_SSL_TLS_C
2598 
2619 //#define MBEDTLS_THREADING_C
2620 
2642 #define MBEDTLS_TIMING_C
2643 
2653 //#define MBEDTLS_VERSION_C /* swyter: we don't use these functions, so it's a waste of space */
2654 
2670 #define MBEDTLS_X509_USE_C
2671 
2686 #define MBEDTLS_X509_CRT_PARSE_C
2687 
2700 //#define MBEDTLS_X509_CRL_PARSE_C /* swyter: we don't verify certs directly */
2701 
2714 //#define MBEDTLS_X509_CSR_PARSE_C /* swyter: we don't verify certs directly */
2715 
2727 //#define MBEDTLS_X509_CREATE_C /* swyter: we don't create certs in schannel */
2728 
2740 //#define MBEDTLS_X509_CRT_WRITE_C /* swyter: we don't create certs in schannel */
2741 
2753 //#define MBEDTLS_X509_CSR_WRITE_C /* swyter: we don't create certs in schannel, this is for servers */
2754 
2763 #define MBEDTLS_XTEA_C
2764 
2765 /* \} name SECTION: mbed TLS modules */
2766 
2782 /* MPI / BIGNUM options */
2783 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
2784 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
2785 
2786 /* CTR_DRBG options */
2787 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
2788 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2789 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2790 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2791 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2792 
2793 /* HMAC_DRBG options */
2794 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2795 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2796 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2797 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2798 
2799 /* ECP options */
2800 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
2801 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
2802 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
2803 
2804 /* Entropy options */
2805 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
2806 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
2807 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
2808 
2809 /* Memory buffer allocator options */
2810 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
2811 
2812 /* Platform options */
2813 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
2814 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
2815 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
2816 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
2817 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
2818 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
2819 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
2820 /* Note: your snprintf must correctly zero-terminate the buffer! */
2821 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
2822 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
2823 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
2824 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2825 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2826 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
2827 
2828 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
2829 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
2830 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
2831 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
2832 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
2833 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
2834 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
2835 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
2836 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
2837 /* Note: your snprintf must correctly zero-terminate the buffer! */
2838 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
2839 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2840 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2841 
2842 /* SSL Cache options */
2843 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
2844 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
2845 
2846 /* SSL options */
2847 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
2848 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
2849 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
2850 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
2851 
2864 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2865 
2866 /* X509 options */
2867 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
2868 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
2869 
2882 // #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
2883 
2899 #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
2900 
2901 /* \} name SECTION: Customisation configuration options */
2902 
2903 /* Target and application specific configurations */
2904 //#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h"
2905 
2906 #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
2907 #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
2908 #endif
2909 
2910 /*
2911  * Allow user to override any previous default.
2912  *
2913  * Use two macro names for that, as:
2914  * - with yotta the prefix YOTTA_CFG_ is forced
2915  * - without yotta is looks weird to have a YOTTA prefix.
2916  */
2917 #if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
2918 #include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
2919 #elif defined(MBEDTLS_USER_CONFIG_FILE)
2920 #include MBEDTLS_USER_CONFIG_FILE
2921 #endif
2922 
2923 #include "check_config.h"
2924 
2925 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.