d7/d96/sdk_2include_2reactos_2libs_2mbedtls_2config_8h_source.html

/*

 *  Copyright The Mbed TLS Contributors

 *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later

 *

 *  This file is provided under the Apache License 2.0, or the

 *  GNU General Public License v2.0 or later.

 *

 *  **********

 *  Apache License 2.0:

 *

 *  Licensed under the Apache License, Version 2.0 (the "License"); you may

 *  not use this file except in compliance with the License.

 *  You may obtain a copy of the License at

 *

 *  http://www.apache.org/licenses/LICENSE-2.0

 *

 *  Unless required by applicable law or agreed to in writing, software

 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 *  See the License for the specific language governing permissions and

 *  limitations under the License.

 *

 *  **********

 *

 *  **********

 *  GNU General Public License v2.0 or later:

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License as published by

 *  the Free Software Foundation; either version 2 of the License, or

 *  (at your option) any later version.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, write to the Free Software Foundation, Inc.,

 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

 *

 *  **********

 */


#ifndef MBEDTLS_CONFIG_H

#define MBEDTLS_CONFIG_H


#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)

//#define _CRT_SECURE_NO_DEPRECATE 1

#endif


#define MBEDTLS_HAVE_ASM


//#define MBEDTLS_NO_UDBL_DIVISION


//#define MBEDTLS_NO_64BIT_MULTIPLICATION


//#define MBEDTLS_HAVE_SSE2 /* We want to run on older hardware. TODO: This should be checked at runtime. */


//#define MBEDTLS_HAVE_TIME


//#define MBEDTLS_HAVE_TIME_DATE


//#define MBEDTLS_PLATFORM_MEMORY


//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS


//#define MBEDTLS_PLATFORM_EXIT_ALT

//#define MBEDTLS_PLATFORM_TIME_ALT

//#define MBEDTLS_PLATFORM_FPRINTF_ALT

//#define MBEDTLS_PLATFORM_PRINTF_ALT

//#define MBEDTLS_PLATFORM_SNPRINTF_ALT

//#define MBEDTLS_PLATFORM_NV_SEED_ALT

//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT


//#define MBEDTLS_DEPRECATED_WARNING


//#define MBEDTLS_DEPRECATED_REMOVED /* ThFabba: we need md5/sha functions for bcrypt */


//#define MBEDTLS_CHECK_PARAMS


//#define MBEDTLS_CHECK_PARAMS_ASSERT


/* \} name SECTION: System support */


//#define MBEDTLS_TIMING_ALT


//#define MBEDTLS_AES_ALT

//#define MBEDTLS_ARC4_ALT

//#define MBEDTLS_ARIA_ALT

//#define MBEDTLS_BLOWFISH_ALT

//#define MBEDTLS_CAMELLIA_ALT

//#define MBEDTLS_CCM_ALT

//#define MBEDTLS_CHACHA20_ALT

//#define MBEDTLS_CHACHAPOLY_ALT

//#define MBEDTLS_CMAC_ALT

//#define MBEDTLS_DES_ALT

//#define MBEDTLS_DHM_ALT

//#define MBEDTLS_ECJPAKE_ALT

//#define MBEDTLS_GCM_ALT

//#define MBEDTLS_NIST_KW_ALT

//#define MBEDTLS_MD2_ALT

//#define MBEDTLS_MD4_ALT

//#define MBEDTLS_MD5_ALT

//#define MBEDTLS_POLY1305_ALT

//#define MBEDTLS_RIPEMD160_ALT

//#define MBEDTLS_RSA_ALT

//#define MBEDTLS_SHA1_ALT

//#define MBEDTLS_SHA256_ALT

//#define MBEDTLS_SHA512_ALT

//#define MBEDTLS_XTEA_ALT


/*

 * When replacing the elliptic curve module, pleace consider, that it is

 * implemented with two .c files:

 *      - ecp.c

 *      - ecp_curves.c

 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT

 * macros as described above. The only difference is that you have to make sure

 * that you provide functionality for both .c files.

 */

//#define MBEDTLS_ECP_ALT


//#define MBEDTLS_MD2_PROCESS_ALT

//#define MBEDTLS_MD4_PROCESS_ALT

//#define MBEDTLS_MD5_PROCESS_ALT

//#define MBEDTLS_RIPEMD160_PROCESS_ALT

//#define MBEDTLS_SHA1_PROCESS_ALT

//#define MBEDTLS_SHA256_PROCESS_ALT

//#define MBEDTLS_SHA512_PROCESS_ALT

//#define MBEDTLS_DES_SETKEY_ALT

//#define MBEDTLS_DES_CRYPT_ECB_ALT

//#define MBEDTLS_DES3_CRYPT_ECB_ALT

//#define MBEDTLS_AES_SETKEY_ENC_ALT

//#define MBEDTLS_AES_SETKEY_DEC_ALT

//#define MBEDTLS_AES_ENCRYPT_ALT

//#define MBEDTLS_AES_DECRYPT_ALT

//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT

//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT

//#define MBEDTLS_ECDSA_VERIFY_ALT

//#define MBEDTLS_ECDSA_SIGN_ALT

//#define MBEDTLS_ECDSA_GENKEY_ALT


/* Required for all the functions in this section */

//#define MBEDTLS_ECP_INTERNAL_ALT

/* Support for Weierstrass curves with Jacobi representation */

//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT

//#define MBEDTLS_ECP_ADD_MIXED_ALT

//#define MBEDTLS_ECP_DOUBLE_JAC_ALT

//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT

//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT

/* Support for curves with Montgomery arithmetic */

//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT

//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT

//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT


//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN


//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND


//#define MBEDTLS_TEST_NULL_ENTROPY


//#define MBEDTLS_ENTROPY_HARDWARE_ALT


//#define MBEDTLS_AES_ROM_TABLES


//#define MBEDTLS_AES_FEWER_TABLES


//#define MBEDTLS_CAMELLIA_SMALL_MEMORY


#define MBEDTLS_CIPHER_MODE_CBC


#define MBEDTLS_CIPHER_MODE_CFB


#define MBEDTLS_CIPHER_MODE_CTR


#define MBEDTLS_CIPHER_MODE_OFB


#define MBEDTLS_CIPHER_MODE_XTS


//#define MBEDTLS_CIPHER_NULL_CIPHER


#define MBEDTLS_CIPHER_PADDING_PKCS7

#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS

#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN

#define MBEDTLS_CIPHER_PADDING_ZEROS


//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY


//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES


#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES


#define MBEDTLS_REMOVE_3DES_CIPHERSUITES


#define MBEDTLS_ECP_DP_SECP192R1_ENABLED

#define MBEDTLS_ECP_DP_SECP224R1_ENABLED

#define MBEDTLS_ECP_DP_SECP256R1_ENABLED

#define MBEDTLS_ECP_DP_SECP384R1_ENABLED

#define MBEDTLS_ECP_DP_SECP521R1_ENABLED

#define MBEDTLS_ECP_DP_SECP192K1_ENABLED

#define MBEDTLS_ECP_DP_SECP224K1_ENABLED

#define MBEDTLS_ECP_DP_SECP256K1_ENABLED

#define MBEDTLS_ECP_DP_BP256R1_ENABLED

#define MBEDTLS_ECP_DP_BP384R1_ENABLED

#define MBEDTLS_ECP_DP_BP512R1_ENABLED

#define MBEDTLS_ECP_DP_CURVE25519_ENABLED

#define MBEDTLS_ECP_DP_CURVE448_ENABLED


#define MBEDTLS_ECP_NIST_OPTIM


//#define MBEDTLS_ECP_NO_INTERNAL_RNG


//#define MBEDTLS_ECP_RESTARTABLE


#define MBEDTLS_ECDSA_DETERMINISTIC


//#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */


//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */


//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */


//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */


#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED


#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED


#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED


#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED


#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED


#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED


//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED


#define MBEDTLS_PK_PARSE_EC_EXTENDED


#define MBEDTLS_ERROR_STRERROR_DUMMY


#define MBEDTLS_GENPRIME


//#define MBEDTLS_FS_IO /* swyter: we don't have to access the filesystem directly in schannel */


//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES


//#define MBEDTLS_NO_PLATFORM_ENTROPY


#define MBEDTLS_ENTROPY_FORCE_SHA256 /* swyter: ReactOS is primarily 32-bit only, this speeds it up notably */


//#define MBEDTLS_ENTROPY_NV_SEED


//#define MBEDTLS_MEMORY_DEBUG


//#define MBEDTLS_MEMORY_BACKTRACE


#define MBEDTLS_PK_RSA_ALT_SUPPORT


#define MBEDTLS_PKCS1_V15


#define MBEDTLS_PKCS1_V21


//#define MBEDTLS_RSA_NO_CRT


//#define MBEDTLS_SELF_TEST /* swyter: we don't need this, adds quite a bit of bloat */


//#define MBEDTLS_SHA256_SMALLER


#define MBEDTLS_SSL_ALL_ALERT_MESSAGES


//#define MBEDTLS_SSL_ASYNC_PRIVATE


//#define MBEDTLS_SSL_DEBUG_ALL /* swyter: we don't need that much verboseness that clogges up the dll with strings */


#define MBEDTLS_SSL_ENCRYPT_THEN_MAC


#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET


//#define MBEDTLS_SSL_FALLBACK_SCSV /* swyter: as the description says, we don't need this for clients */


//#define MBEDTLS_SSL_HW_RECORD_ACCEL


#define MBEDTLS_SSL_CBC_RECORD_SPLITTING


#define MBEDTLS_SSL_RENEGOTIATION


//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO /* swyter: we don't need anything server-related */


//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE  /* swyter: we don't need anything server-related */


#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH


//#define MBEDTLS_SSL_PROTO_SSL3 /* swyter: this is potentially insecure and should remain ethernaly disabled */


#define MBEDTLS_SSL_PROTO_TLS1


#define MBEDTLS_SSL_PROTO_TLS1_1


#define MBEDTLS_SSL_PROTO_TLS1_2


//#define MBEDTLS_SSL_PROTO_DTLS /* swyter: schannel does not support UDP sockets, DTLS is useless */


#define MBEDTLS_SSL_ALPN


//#define MBEDTLS_SSL_DTLS_ANTI_REPLAY /* swyter: schannel does not support UDP sockets, DTLS is useless */


//#define MBEDTLS_SSL_DTLS_HELLO_VERIFY /* swyter: schannel does not support UDP sockets, DTLS is useless */


//#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE /* swyter: schannel does not support UDP sockets, DTLS is useless */


//#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT /* swyter: schannel does not support UDP sockets, DTLS is useless */


#define MBEDTLS_SSL_SESSION_TICKETS


//#define MBEDTLS_SSL_EXPORT_KEYS


#define MBEDTLS_SSL_SERVER_NAME_INDICATION


#define MBEDTLS_SSL_TRUNCATED_HMAC


//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT


//#define MBEDTLS_TEST_HOOKS


//#define MBEDTLS_THREADING_ALT


//#define MBEDTLS_THREADING_PTHREAD


//#define MBEDTLS_VERSION_FEATURES


//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3


//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION


#define MBEDTLS_X509_CHECK_KEY_USAGE


#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE


#define MBEDTLS_X509_RSASSA_PSS_SUPPORT


//#define MBEDTLS_ZLIB_SUPPORT

/* \} name SECTION: mbed TLS feature support */


#define MBEDTLS_AESNI_C /* swyter: looks like these AMD64 improvements are behind an arch macro, better perf is always good */


#define MBEDTLS_AES_C


#define MBEDTLS_ARC4_C


#define MBEDTLS_ASN1_PARSE_C


#define MBEDTLS_ASN1_WRITE_C


//#define MBEDTLS_BASE64_C


#define MBEDTLS_BIGNUM_C


#define MBEDTLS_BLOWFISH_C


#define MBEDTLS_CAMELLIA_C


//#define MBEDTLS_ARIA_C


#define MBEDTLS_CCM_C


//#define MBEDTLS_CERTS_C /* swyter: these test certs are completely useless */


//#define MBEDTLS_CHACHA20_C /* ThFabba: we don't use this feature, no need to compile it */


//#define MBEDTLS_CHACHAPOLY_C /* ThFabba: we don't use this feature, no need to compile it */


#define MBEDTLS_CIPHER_C


//#define MBEDTLS_CMAC_C


#define MBEDTLS_CTR_DRBG_C


//#define MBEDTLS_DEBUG_C /* swyter: we don't even need this level of verboseness, useful only when developing */


#define MBEDTLS_DES_C


#define MBEDTLS_DHM_C


#define MBEDTLS_ECDH_C


#define MBEDTLS_ECDSA_C


//#define MBEDTLS_ECJPAKE_C


#define MBEDTLS_ECP_C


#define MBEDTLS_ENTROPY_C


//#define MBEDTLS_ERROR_C /* swyter: we don't print user errors, so this trims some fat */


#define MBEDTLS_GCM_C


//#define MBEDTLS_HAVEGE_C


//#define MBEDTLS_HKDF_C /* ThFabba: we don't use this feature, no need to compile it */


#define MBEDTLS_HMAC_DRBG_C


//#define MBEDTLS_NIST_KW_C /* ThFabba: we don't use this feature, no need to compile it */


#define MBEDTLS_MD_C


//#define MBEDTLS_MD2_C


//#define MBEDTLS_MD4_C


#define MBEDTLS_MD5_C


//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C


//#define MBEDTLS_NET_C /* swyter: we don't use the network routines, in fact in schannel we replace them with our own shim to forward the managed network buffers */


#define MBEDTLS_OID_C


#define MBEDTLS_PADLOCK_C


//#define MBEDTLS_PEM_PARSE_C /* swyter: we don't do any PEM decoding */


//#define MBEDTLS_PEM_WRITE_C /* swyter: we don't do any PEM decoding */


#define MBEDTLS_PK_C


#define MBEDTLS_PK_PARSE_C


//#define MBEDTLS_PK_WRITE_C /* swyter: we don't write any PK */


#define MBEDTLS_PKCS5_C


//#define MBEDTLS_PKCS11_C


#define MBEDTLS_PKCS12_C


#define MBEDTLS_PLATFORM_C


//#define MBEDTLS_POLY1305_C /* ThFabba: we don't use this feature, no need to compile it */


#define MBEDTLS_RIPEMD160_C


#define MBEDTLS_RSA_C


#define MBEDTLS_SHA1_C


#define MBEDTLS_SHA256_C


#define MBEDTLS_SHA512_C


//#define MBEDTLS_SSL_CACHE_C /* swyter: we don't make use of this caching mechanism, as the WINE schannel API does not expose it */


//#define MBEDTLS_SSL_COOKIE_C /* swyter: schannel does not support UDP sockets, DTLS is useless */


#define MBEDTLS_SSL_TICKET_C


#define MBEDTLS_SSL_CLI_C


//#define MBEDTLS_SSL_SRV_C /* swyter: we don't need anything server-related */


#define MBEDTLS_SSL_TLS_C


//#define MBEDTLS_THREADING_C


#define MBEDTLS_TIMING_C


//#define MBEDTLS_VERSION_C /* swyter: we don't use these functions, so it's a waste of space */


#define MBEDTLS_X509_USE_C


#define MBEDTLS_X509_CRT_PARSE_C


//#define MBEDTLS_X509_CRL_PARSE_C /* swyter: we don't verify certs directly */


//#define MBEDTLS_X509_CSR_PARSE_C /* swyter: we don't verify certs directly */


//#define MBEDTLS_X509_CREATE_C /* swyter: we don't create certs in schannel */


//#define MBEDTLS_X509_CRT_WRITE_C /* swyter: we don't create certs in schannel */


//#define MBEDTLS_X509_CSR_WRITE_C /* swyter: we don't create certs in schannel, this is for servers */


#define MBEDTLS_XTEA_C


/* \} name SECTION: mbed TLS modules */


/* MPI / BIGNUM options */

//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum window size used. */

//#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */


/* CTR_DRBG options */

//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */

//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        10000 /**< Interval before reseed is performed by default */

//#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */

//#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */

//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */


/* HMAC_DRBG options */

//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */

//#define MBEDTLS_HMAC_DRBG_MAX_INPUT           256 /**< Maximum number of additional input bytes */

//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST        1024 /**< Maximum number of requested bytes per call */

//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */


/* ECP options */

//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */

//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */

//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */


/* Entropy options */

//#define MBEDTLS_ENTROPY_MAX_SOURCES                20 /**< Maximum number of sources supported */

//#define MBEDTLS_ENTROPY_MAX_GATHER                128 /**< Maximum amount requested from entropy sources */

//#define MBEDTLS_ENTROPY_MIN_HARDWARE               32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */


/* Memory buffer allocator options */

//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */


/* Platform options */

//#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */

//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */

//#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_PRINTF        printf /**< Default printf to use, can be undefined */

/* Note: your snprintf must correctly zero-terminate the buffer! */

//#define MBEDTLS_PLATFORM_STD_SNPRINTF    snprintf /**< Default snprintf to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS       0 /**< Default exit value to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE       1 /**< Default exit value to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */

//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */


/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */

/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */

//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */

//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */

//#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */

//#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */

//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */

//#define MBEDTLS_PLATFORM_FPRINTF_MACRO      fprintf /**< Default fprintf macro to use, can be undefined */

//#define MBEDTLS_PLATFORM_PRINTF_MACRO        printf /**< Default printf macro to use, can be undefined */

/* Note: your snprintf must correctly zero-terminate the buffer! */

//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO    snprintf /**< Default snprintf macro to use, can be undefined */

//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */

//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */


//#define MBEDTLS_PARAM_FAILED( cond )               assert( cond )


/* SSL Cache options */

//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400 /**< 1 day  */

//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */


/* SSL options */


//#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384


//#define MBEDTLS_SSL_IN_CONTENT_LEN              16384


//#define MBEDTLS_SSL_OUT_CONTENT_LEN             16384


//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING             32768


//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */

//#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */

//#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */


//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256


/* X509 options */

//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8   /**< Maximum number of intermediate CAs in a verification chain. */

//#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */


// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES


#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE


//#define MBEDTLS_PLATFORM_ZEROIZE_ALT


//#define MBEDTLS_PLATFORM_GMTIME_R_ALT


/* \} name SECTION: Customisation configuration options */


/* Target and application specific configurations

 *

 * Allow user to override any previous default.

 *

 */

#if defined(MBEDTLS_USER_CONFIG_FILE)

#include MBEDTLS_USER_CONFIG_FILE

#endif


#include "check_config.h"


#endif /* MBEDTLS_CONFIG_H */

check_config.h
Consistency checks for configuration options.