ReactOS  0.4.14-dev-384-g5b37caa
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
12  * SPDX-License-Identifier: GPL-2.0
13  *
14  * This program is free software; you can redistribute it and/or modify
15  * it under the terms of the GNU General Public License as published by
16  * the Free Software Foundation; either version 2 of the License, or
17  * (at your option) any later version.
18  *
19  * This program is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22  * GNU General Public License for more details.
23  *
24  * You should have received a copy of the GNU General Public License along
25  * with this program; if not, write to the Free Software Foundation, Inc.,
26  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27  *
28  * This file is part of mbed TLS (https://tls.mbed.org)
29  */
30 
31 #ifndef MBEDTLS_CONFIG_H
32 #define MBEDTLS_CONFIG_H
33 
34 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
35 //#define _CRT_SECURE_NO_DEPRECATE 1
36 #endif
37 
59 #define MBEDTLS_HAVE_ASM
60 
87 //#define MBEDTLS_NO_UDBL_DIVISION
88 
96 //#define MBEDTLS_HAVE_SSE2 /* We want to run on older hardware. TODO: This should be checked at runtime. */
97 
111 //#define MBEDTLS_HAVE_TIME
112 
123 //#define MBEDTLS_HAVE_TIME_DATE
124 
147 //#define MBEDTLS_PLATFORM_MEMORY
148 
166 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
167 
191 //#define MBEDTLS_PLATFORM_EXIT_ALT
192 //#define MBEDTLS_PLATFORM_TIME_ALT
193 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
194 //#define MBEDTLS_PLATFORM_PRINTF_ALT
195 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
196 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
197 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
198 
212 //#define MBEDTLS_DEPRECATED_WARNING
213 
224 //#define MBEDTLS_DEPRECATED_REMOVED /* ThFabba: we need md5/sha functions for bcrypt */
225 
226 /* \} name SECTION: System support */
227 
247 //#define MBEDTLS_TIMING_ALT
248 
274 //#define MBEDTLS_AES_ALT
275 //#define MBEDTLS_ARC4_ALT
276 //#define MBEDTLS_BLOWFISH_ALT
277 //#define MBEDTLS_CAMELLIA_ALT
278 //#define MBEDTLS_CCM_ALT
279 //#define MBEDTLS_CMAC_ALT
280 //#define MBEDTLS_DES_ALT
281 //#define MBEDTLS_DHM_ALT
282 //#define MBEDTLS_ECJPAKE_ALT
283 //#define MBEDTLS_GCM_ALT
284 //#define MBEDTLS_MD2_ALT
285 //#define MBEDTLS_MD4_ALT
286 //#define MBEDTLS_MD5_ALT
287 //#define MBEDTLS_RIPEMD160_ALT
288 //#define MBEDTLS_RSA_ALT
289 //#define MBEDTLS_SHA1_ALT
290 //#define MBEDTLS_SHA256_ALT
291 //#define MBEDTLS_SHA512_ALT
292 //#define MBEDTLS_XTEA_ALT
293 /*
294  * When replacing the elliptic curve module, pleace consider, that it is
295  * implemented with two .c files:
296  * - ecp.c
297  * - ecp_curves.c
298  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
299  * macros as described above. The only difference is that you have to make sure
300  * that you provide functionality for both .c files.
301  */
302 //#define MBEDTLS_ECP_ALT
303 
349 //#define MBEDTLS_MD2_PROCESS_ALT
350 //#define MBEDTLS_MD4_PROCESS_ALT
351 //#define MBEDTLS_MD5_PROCESS_ALT
352 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
353 //#define MBEDTLS_SHA1_PROCESS_ALT
354 //#define MBEDTLS_SHA256_PROCESS_ALT
355 //#define MBEDTLS_SHA512_PROCESS_ALT
356 //#define MBEDTLS_DES_SETKEY_ALT
357 //#define MBEDTLS_DES_CRYPT_ECB_ALT
358 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
359 //#define MBEDTLS_AES_SETKEY_ENC_ALT
360 //#define MBEDTLS_AES_SETKEY_DEC_ALT
361 //#define MBEDTLS_AES_ENCRYPT_ALT
362 //#define MBEDTLS_AES_DECRYPT_ALT
363 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
364 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
365 //#define MBEDTLS_ECDSA_VERIFY_ALT
366 //#define MBEDTLS_ECDSA_SIGN_ALT
367 //#define MBEDTLS_ECDSA_GENKEY_ALT
368 
409 /* Required for all the functions in this section */
410 //#define MBEDTLS_ECP_INTERNAL_ALT
411 /* Support for Weierstrass curves with Jacobi representation */
412 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
413 //#define MBEDTLS_ECP_ADD_MIXED_ALT
414 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
415 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
416 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
417 /* Support for curves with Montgomery arithmetic */
418 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
419 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
420 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
421 
437 //#define MBEDTLS_TEST_NULL_ENTROPY
438 
450 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
451 
459 //#define MBEDTLS_AES_ROM_TABLES
460 
468 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
469 
475 #define MBEDTLS_CIPHER_MODE_CBC
476 
482 #define MBEDTLS_CIPHER_MODE_CFB
483 
489 #define MBEDTLS_CIPHER_MODE_CTR
490 
522 //#define MBEDTLS_CIPHER_NULL_CIPHER
523 
535 #define MBEDTLS_CIPHER_PADDING_PKCS7
536 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
537 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
538 #define MBEDTLS_CIPHER_PADDING_ZEROS
539 
556 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
557 
569 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
570 
589 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
590 
599 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
600 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
601 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
602 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
603 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
604 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
605 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
606 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
607 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
608 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
609 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
610 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
611 
621 #define MBEDTLS_ECP_NIST_OPTIM
622 
635 #define MBEDTLS_ECDSA_DETERMINISTIC
636 
657 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
658 
688 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
689 
708 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
709 
733 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
734 
761 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
762 
794 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
795 
819 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
820 
843 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
844 
867 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
868 
891 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
892 
910 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
911 
924 #define MBEDTLS_PK_PARSE_EC_EXTENDED
925 
939 #define MBEDTLS_ERROR_STRERROR_DUMMY
940 
948 #define MBEDTLS_GENPRIME
949 
955 //#define MBEDTLS_FS_IO /* swyter: we don't have to access the filesystem directly in schannel */
956 
968 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
969 
979 //#define MBEDTLS_NO_PLATFORM_ENTROPY
980 
995 #define MBEDTLS_ENTROPY_FORCE_SHA256 /* swyter: ReactOS is primarily 32-bit only, this speeds it up notably */
996 
1023 //#define MBEDTLS_ENTROPY_NV_SEED
1024 
1036 //#define MBEDTLS_MEMORY_DEBUG
1037 
1048 //#define MBEDTLS_MEMORY_BACKTRACE
1049 
1057 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1058 
1068 #define MBEDTLS_PKCS1_V15
1069 
1079 #define MBEDTLS_PKCS1_V21
1080 
1090 //#define MBEDTLS_RSA_NO_CRT
1091 
1097 //#define MBEDTLS_SELF_TEST /* swyter: we don't need this, adds quite a bit of bloat */
1098 
1113 //#define MBEDTLS_SHA256_SMALLER
1114 
1127 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1128 
1143 //#define MBEDTLS_SSL_DEBUG_ALL /* swyter: we don't need that much verboseness that clogges up the dll with strings */
1144 
1161 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1162 
1179 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1180 
1196 //#define MBEDTLS_SSL_FALLBACK_SCSV /* swyter: as the description says, we don't need this for clients */
1197 
1206 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1207 
1218 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1219 
1240 #define MBEDTLS_SSL_RENEGOTIATION
1241 
1250 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO /* swyter: we don't need anything server-related */
1251 
1260 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE /* swyter: we don't need anything server-related */
1261 
1269 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1270 
1281 //#define MBEDTLS_SSL_PROTO_SSL3 /* swyter: this is potentially insecure and should remain ethernaly disabled */
1282 
1293 #define MBEDTLS_SSL_PROTO_TLS1
1294 
1305 #define MBEDTLS_SSL_PROTO_TLS1_1
1306 
1317 #define MBEDTLS_SSL_PROTO_TLS1_2
1318 
1332 //#define MBEDTLS_SSL_PROTO_DTLS /* swyter: schannel does not support UDP sockets, DTLS is useless */
1333 
1341 #define MBEDTLS_SSL_ALPN
1342 
1356 //#define MBEDTLS_SSL_DTLS_ANTI_REPLAY /* swyter: schannel does not support UDP sockets, DTLS is useless */
1357 
1374 //#define MBEDTLS_SSL_DTLS_HELLO_VERIFY /* swyter: schannel does not support UDP sockets, DTLS is useless */
1375 
1390 //#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE /* swyter: schannel does not support UDP sockets, DTLS is useless */
1391 
1401 //#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT /* swyter: schannel does not support UDP sockets, DTLS is useless */
1402 
1415 #define MBEDTLS_SSL_SESSION_TICKETS
1416 
1425 //#define MBEDTLS_SSL_EXPORT_KEYS
1426 
1436 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
1437 
1445 #define MBEDTLS_SSL_TRUNCATED_HMAC
1446 
1469 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1470 
1480 //#define MBEDTLS_THREADING_ALT
1481 
1491 //#define MBEDTLS_THREADING_PTHREAD
1492 
1504 //#define MBEDTLS_VERSION_FEATURES
1505 
1514 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1515 
1526 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1527 
1540 #define MBEDTLS_X509_CHECK_KEY_USAGE
1541 
1553 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1554 
1563 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
1564 
1585 //#define MBEDTLS_ZLIB_SUPPORT
1586 /* \} name SECTION: mbed TLS feature support */
1587 
1607 #define MBEDTLS_AESNI_C /* swyter: looks like these AMD64 improvements are behind an arch macro, better perf is always good */
1608 
1682 #define MBEDTLS_AES_C
1683 
1710 #define MBEDTLS_ARC4_C
1711 
1724 #define MBEDTLS_ASN1_PARSE_C
1725 
1738 #define MBEDTLS_ASN1_WRITE_C
1739 
1750 //#define MBEDTLS_BASE64_C
1751 
1767 #define MBEDTLS_BIGNUM_C
1768 
1776 #define MBEDTLS_BLOWFISH_C
1777 
1831 #define MBEDTLS_CAMELLIA_C
1832 
1845 #define MBEDTLS_CCM_C
1846 
1857 //#define MBEDTLS_CERTS_C /* swyter: these test certs are completely useless */
1858 
1869 #define MBEDTLS_CIPHER_C
1870 
1882 //#define MBEDTLS_CMAC_C
1883 
1896 #define MBEDTLS_CTR_DRBG_C
1897 
1910 //#define MBEDTLS_DEBUG_C /* swyter: we don't even need this level of verboseness, useful only when developing */
1911 
1939 #define MBEDTLS_DES_C
1940 
1960 #define MBEDTLS_DHM_C
1961 
1976 #define MBEDTLS_ECDH_C
1977 
1991 #define MBEDTLS_ECDSA_C
1992 
2010 //#define MBEDTLS_ECJPAKE_C
2011 
2024 #define MBEDTLS_ECP_C
2025 
2038 #define MBEDTLS_ENTROPY_C
2039 
2050 //#define MBEDTLS_ERROR_C /* swyter: we don't print user errors, so this trims some fat */
2051 
2064 #define MBEDTLS_GCM_C
2065 
2087 //#define MBEDTLS_HAVEGE_C
2088 
2101 #define MBEDTLS_HMAC_DRBG_C
2102 
2113 #define MBEDTLS_MD_C
2114 
2130 //#define MBEDTLS_MD2_C
2131 
2147 //#define MBEDTLS_MD4_C
2148 
2169 #define MBEDTLS_MD5_C
2170 
2185 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2186 
2204 //#define MBEDTLS_NET_C /* swyter: we don't use the network routines, in fact in schannel we replace them with our own shim to forward the managed network buffers */
2205 
2227 #define MBEDTLS_OID_C
2228 
2241 #define MBEDTLS_PADLOCK_C
2242 
2259 //#define MBEDTLS_PEM_PARSE_C /* swyter: we don't do any PEM decoding */
2260 
2275 //#define MBEDTLS_PEM_WRITE_C /* swyter: we don't do any PEM decoding */
2276 
2291 #define MBEDTLS_PK_C
2292 
2306 #define MBEDTLS_PK_PARSE_C
2307 
2320 //#define MBEDTLS_PK_WRITE_C /* swyter: we don't write any PK */
2321 
2333 #define MBEDTLS_PKCS5_C
2334 
2348 //#define MBEDTLS_PKCS11_C
2349 
2364 #define MBEDTLS_PKCS12_C
2365 
2384 #define MBEDTLS_PLATFORM_C
2385 
2395 #define MBEDTLS_RIPEMD160_C
2396 
2414 #define MBEDTLS_RSA_C
2415 
2436 #define MBEDTLS_SHA1_C
2437 
2453 #define MBEDTLS_SHA256_C
2454 
2468 #define MBEDTLS_SHA512_C
2469 
2480 //#define MBEDTLS_SSL_CACHE_C /* swyter: we don't make use of this caching mechanism, as the WINE schannel API does not expose it */
2481 
2490 //#define MBEDTLS_SSL_COOKIE_C /* swyter: schannel does not support UDP sockets, DTLS is useless */
2491 
2502 #define MBEDTLS_SSL_TICKET_C
2503 
2516 #define MBEDTLS_SSL_CLI_C
2517 
2530 //#define MBEDTLS_SSL_SRV_C /* swyter: we don't need anything server-related */
2531 
2546 #define MBEDTLS_SSL_TLS_C
2547 
2568 //#define MBEDTLS_THREADING_C
2569 
2591 #define MBEDTLS_TIMING_C
2592 
2602 //#define MBEDTLS_VERSION_C /* swyter: we don't use these functions, so it's a waste of space */
2603 
2619 #define MBEDTLS_X509_USE_C
2620 
2635 #define MBEDTLS_X509_CRT_PARSE_C
2636 
2649 //#define MBEDTLS_X509_CRL_PARSE_C /* swyter: we don't verify certs directly */
2650 
2663 //#define MBEDTLS_X509_CSR_PARSE_C /* swyter: we don't verify certs directly */
2664 
2676 //#define MBEDTLS_X509_CREATE_C /* swyter: we don't create certs in schannel */
2677 
2689 //#define MBEDTLS_X509_CRT_WRITE_C /* swyter: we don't create certs in schannel */
2690 
2702 //#define MBEDTLS_X509_CSR_WRITE_C /* swyter: we don't create certs in schannel, this is for servers */
2703 
2712 #define MBEDTLS_XTEA_C
2713 
2714 /* \} name SECTION: mbed TLS modules */
2715 
2731 /* MPI / BIGNUM options */
2732 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
2733 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
2734 
2735 /* CTR_DRBG options */
2736 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
2737 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2738 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2739 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2740 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2741 
2742 /* HMAC_DRBG options */
2743 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
2744 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
2745 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
2746 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
2747 
2748 /* ECP options */
2749 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
2750 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
2751 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
2752 
2753 /* Entropy options */
2754 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
2755 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
2756 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
2757 
2758 /* Memory buffer allocator options */
2759 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
2760 
2761 /* Platform options */
2762 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
2763 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
2764 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
2765 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
2766 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
2767 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
2768 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
2769 /* Note: your snprintf must correctly zero-terminate the buffer! */
2770 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
2771 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
2772 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
2773 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2774 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2775 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
2776 
2777 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
2778 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
2779 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
2780 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
2781 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
2782 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
2783 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
2784 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
2785 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
2786 /* Note: your snprintf must correctly zero-terminate the buffer! */
2787 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
2788 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
2789 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
2790 
2791 /* SSL Cache options */
2792 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
2793 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
2794 
2795 /* SSL options */
2796 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
2797 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
2798 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
2799 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
2800 
2813 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
2814 
2815 /* X509 options */
2816 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
2817 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
2818 
2831 // #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
2832 
2848 #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
2849 
2850 /* \} name SECTION: Customisation configuration options */
2851 
2852 /* Target and application specific configurations */
2853 //#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h"
2854 
2855 #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
2856 #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
2857 #endif
2858 
2859 /*
2860  * Allow user to override any previous default.
2861  *
2862  * Use two macro names for that, as:
2863  * - with yotta the prefix YOTTA_CFG_ is forced
2864  * - without yotta is looks weird to have a YOTTA prefix.
2865  */
2866 #if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
2867 #include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
2868 #elif defined(MBEDTLS_USER_CONFIG_FILE)
2869 #include MBEDTLS_USER_CONFIG_FILE
2870 #endif
2871 
2872 #include "check_config.h"
2873 
2874 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.