ReactOS  0.4.15-dev-3295-gaa8fc87
config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  *
14  * This file is provided under the Apache License 2.0, or the
15  * GNU General Public License v2.0 or later.
16  *
17  * **********
18  * Apache License 2.0:
19  *
20  * Licensed under the Apache License, Version 2.0 (the "License"); you may
21  * not use this file except in compliance with the License.
22  * You may obtain a copy of the License at
23  *
24  * http://www.apache.org/licenses/LICENSE-2.0
25  *
26  * Unless required by applicable law or agreed to in writing, software
27  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
28  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29  * See the License for the specific language governing permissions and
30  * limitations under the License.
31  *
32  * **********
33  *
34  * **********
35  * GNU General Public License v2.0 or later:
36  *
37  * This program is free software; you can redistribute it and/or modify
38  * it under the terms of the GNU General Public License as published by
39  * the Free Software Foundation; either version 2 of the License, or
40  * (at your option) any later version.
41  *
42  * This program is distributed in the hope that it will be useful,
43  * but WITHOUT ANY WARRANTY; without even the implied warranty of
44  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45  * GNU General Public License for more details.
46  *
47  * You should have received a copy of the GNU General Public License along
48  * with this program; if not, write to the Free Software Foundation, Inc.,
49  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
50  *
51  * **********
52  */
53 
54 #ifndef MBEDTLS_CONFIG_H
55 #define MBEDTLS_CONFIG_H
56 
57 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
58 //#define _CRT_SECURE_NO_DEPRECATE 1
59 #endif
60 
86 #define MBEDTLS_HAVE_ASM
87 
114 //#define MBEDTLS_NO_UDBL_DIVISION
115 
136 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
137 
145 //#define MBEDTLS_HAVE_SSE2 /* We want to run on older hardware. TODO: This should be checked at runtime. */
146 
160 //#define MBEDTLS_HAVE_TIME
161 
181 //#define MBEDTLS_HAVE_TIME_DATE
182 
205 //#define MBEDTLS_PLATFORM_MEMORY
206 
224 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
225 
249 //#define MBEDTLS_PLATFORM_EXIT_ALT
250 //#define MBEDTLS_PLATFORM_TIME_ALT
251 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
252 //#define MBEDTLS_PLATFORM_PRINTF_ALT
253 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
254 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
255 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
256 
270 //#define MBEDTLS_DEPRECATED_WARNING
271 
282 //#define MBEDTLS_DEPRECATED_REMOVED /* ThFabba: we need md5/sha functions for bcrypt */
283 
334 //#define MBEDTLS_CHECK_PARAMS
335 
348 //#define MBEDTLS_CHECK_PARAMS_ASSERT
349 
350 /* \} name SECTION: System support */
351 
371 //#define MBEDTLS_TIMING_ALT
372 
398 //#define MBEDTLS_AES_ALT
399 //#define MBEDTLS_ARC4_ALT
400 //#define MBEDTLS_ARIA_ALT
401 //#define MBEDTLS_BLOWFISH_ALT
402 //#define MBEDTLS_CAMELLIA_ALT
403 //#define MBEDTLS_CCM_ALT
404 //#define MBEDTLS_CHACHA20_ALT
405 //#define MBEDTLS_CHACHAPOLY_ALT
406 //#define MBEDTLS_CMAC_ALT
407 //#define MBEDTLS_DES_ALT
408 //#define MBEDTLS_DHM_ALT
409 //#define MBEDTLS_ECJPAKE_ALT
410 //#define MBEDTLS_GCM_ALT
411 //#define MBEDTLS_NIST_KW_ALT
412 //#define MBEDTLS_MD2_ALT
413 //#define MBEDTLS_MD4_ALT
414 //#define MBEDTLS_MD5_ALT
415 //#define MBEDTLS_POLY1305_ALT
416 //#define MBEDTLS_RIPEMD160_ALT
417 //#define MBEDTLS_RSA_ALT
418 //#define MBEDTLS_SHA1_ALT
419 //#define MBEDTLS_SHA256_ALT
420 //#define MBEDTLS_SHA512_ALT
421 //#define MBEDTLS_XTEA_ALT
422 
423 /*
424  * When replacing the elliptic curve module, pleace consider, that it is
425  * implemented with two .c files:
426  * - ecp.c
427  * - ecp_curves.c
428  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
429  * macros as described above. The only difference is that you have to make sure
430  * that you provide functionality for both .c files.
431  */
432 //#define MBEDTLS_ECP_ALT
433 
479 //#define MBEDTLS_MD2_PROCESS_ALT
480 //#define MBEDTLS_MD4_PROCESS_ALT
481 //#define MBEDTLS_MD5_PROCESS_ALT
482 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
483 //#define MBEDTLS_SHA1_PROCESS_ALT
484 //#define MBEDTLS_SHA256_PROCESS_ALT
485 //#define MBEDTLS_SHA512_PROCESS_ALT
486 //#define MBEDTLS_DES_SETKEY_ALT
487 //#define MBEDTLS_DES_CRYPT_ECB_ALT
488 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
489 //#define MBEDTLS_AES_SETKEY_ENC_ALT
490 //#define MBEDTLS_AES_SETKEY_DEC_ALT
491 //#define MBEDTLS_AES_ENCRYPT_ALT
492 //#define MBEDTLS_AES_DECRYPT_ALT
493 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
494 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
495 //#define MBEDTLS_ECDSA_VERIFY_ALT
496 //#define MBEDTLS_ECDSA_SIGN_ALT
497 //#define MBEDTLS_ECDSA_GENKEY_ALT
498 
539 /* Required for all the functions in this section */
540 //#define MBEDTLS_ECP_INTERNAL_ALT
541 /* Support for Weierstrass curves with Jacobi representation */
542 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
543 //#define MBEDTLS_ECP_ADD_MIXED_ALT
544 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
545 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
546 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
547 /* Support for curves with Montgomery arithmetic */
548 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
549 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
550 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
551 
567 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
568 
586 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
587 
603 //#define MBEDTLS_TEST_NULL_ENTROPY
604 
616 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
617 
636 //#define MBEDTLS_AES_ROM_TABLES
637 
658 //#define MBEDTLS_AES_FEWER_TABLES
659 
667 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
668 
674 #define MBEDTLS_CIPHER_MODE_CBC
675 
681 #define MBEDTLS_CIPHER_MODE_CFB
682 
688 #define MBEDTLS_CIPHER_MODE_CTR
689 
695 #define MBEDTLS_CIPHER_MODE_OFB
696 
702 #define MBEDTLS_CIPHER_MODE_XTS
703 
735 //#define MBEDTLS_CIPHER_NULL_CIPHER
736 
748 #define MBEDTLS_CIPHER_PADDING_PKCS7
749 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
750 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
751 #define MBEDTLS_CIPHER_PADDING_ZEROS
752 
758 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
759 
776 //#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
777 
789 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
790 
809 #define MBEDTLS_REMOVE_3DES_CIPHERSUITES
810 
819 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
820 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
821 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
822 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
823 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
824 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
825 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
826 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
827 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
828 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
829 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
830 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
831 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
832 
842 #define MBEDTLS_ECP_NIST_OPTIM
843 
864 //#define MBEDTLS_ECP_NO_INTERNAL_RNG
865 
888 //#define MBEDTLS_ECP_RESTARTABLE
889 
902 #define MBEDTLS_ECDSA_DETERMINISTIC
903 
924 //#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
925 
955 //#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
956 
975 //#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
976 
1000 //#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED /* swyter: we don't need PSK-based ciphers for schannel */
1001 
1028 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1029 
1061 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1062 
1086 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1087 
1110 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1111 
1134 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1135 
1158 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1159 
1177 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1178 
1191 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1192 
1206 #define MBEDTLS_ERROR_STRERROR_DUMMY
1207 
1215 #define MBEDTLS_GENPRIME
1216 
1222 //#define MBEDTLS_FS_IO /* swyter: we don't have to access the filesystem directly in schannel */
1223 
1235 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1236 
1246 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1247 
1262 #define MBEDTLS_ENTROPY_FORCE_SHA256 /* swyter: ReactOS is primarily 32-bit only, this speeds it up notably */
1263 
1290 //#define MBEDTLS_ENTROPY_NV_SEED
1291 
1303 //#define MBEDTLS_MEMORY_DEBUG
1304 
1315 //#define MBEDTLS_MEMORY_BACKTRACE
1316 
1324 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1325 
1335 #define MBEDTLS_PKCS1_V15
1336 
1346 #define MBEDTLS_PKCS1_V21
1347 
1357 //#define MBEDTLS_RSA_NO_CRT
1358 
1364 //#define MBEDTLS_SELF_TEST /* swyter: we don't need this, adds quite a bit of bloat */
1365 
1380 //#define MBEDTLS_SHA256_SMALLER
1381 
1394 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1395 
1405 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1406 
1421 //#define MBEDTLS_SSL_DEBUG_ALL /* swyter: we don't need that much verboseness that clogges up the dll with strings */
1422 
1439 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1440 
1457 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1458 
1474 //#define MBEDTLS_SSL_FALLBACK_SCSV /* swyter: as the description says, we don't need this for clients */
1475 
1484 //#define MBEDTLS_SSL_HW_RECORD_ACCEL
1485 
1496 #define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1497 
1518 #define MBEDTLS_SSL_RENEGOTIATION
1519 
1528 //#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO /* swyter: we don't need anything server-related */
1529 
1538 //#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE /* swyter: we don't need anything server-related */
1539 
1547 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1548 
1559 //#define MBEDTLS_SSL_PROTO_SSL3 /* swyter: this is potentially insecure and should remain ethernaly disabled */
1560 
1571 #define MBEDTLS_SSL_PROTO_TLS1
1572 
1583 #define MBEDTLS_SSL_PROTO_TLS1_1
1584 
1595 #define MBEDTLS_SSL_PROTO_TLS1_2
1596 
1610 //#define MBEDTLS_SSL_PROTO_DTLS /* swyter: schannel does not support UDP sockets, DTLS is useless */
1611 
1619 #define MBEDTLS_SSL_ALPN
1620 
1634 //#define MBEDTLS_SSL_DTLS_ANTI_REPLAY /* swyter: schannel does not support UDP sockets, DTLS is useless */
1635 
1652 //#define MBEDTLS_SSL_DTLS_HELLO_VERIFY /* swyter: schannel does not support UDP sockets, DTLS is useless */
1653 
1668 //#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE /* swyter: schannel does not support UDP sockets, DTLS is useless */
1669 
1679 //#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT /* swyter: schannel does not support UDP sockets, DTLS is useless */
1680 
1693 #define MBEDTLS_SSL_SESSION_TICKETS
1694 
1703 //#define MBEDTLS_SSL_EXPORT_KEYS
1704 
1714 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
1715 
1723 #define MBEDTLS_SSL_TRUNCATED_HMAC
1724 
1747 //#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1748 
1764 //#define MBEDTLS_TEST_HOOKS
1765 
1775 //#define MBEDTLS_THREADING_ALT
1776 
1786 //#define MBEDTLS_THREADING_PTHREAD
1787 
1799 //#define MBEDTLS_VERSION_FEATURES
1800 
1809 //#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
1810 
1821 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
1822 
1835 #define MBEDTLS_X509_CHECK_KEY_USAGE
1836 
1848 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
1849 
1858 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
1859 
1883 //#define MBEDTLS_ZLIB_SUPPORT
1884 /* \} name SECTION: mbed TLS feature support */
1885 
1905 #define MBEDTLS_AESNI_C /* swyter: looks like these AMD64 improvements are behind an arch macro, better perf is always good */
1906 
1980 #define MBEDTLS_AES_C
1981 
2008 #define MBEDTLS_ARC4_C
2009 
2022 #define MBEDTLS_ASN1_PARSE_C
2023 
2036 #define MBEDTLS_ASN1_WRITE_C
2037 
2048 //#define MBEDTLS_BASE64_C
2049 
2065 #define MBEDTLS_BIGNUM_C
2066 
2074 #define MBEDTLS_BLOWFISH_C
2075 
2129 #define MBEDTLS_CAMELLIA_C
2130 
2181 //#define MBEDTLS_ARIA_C
2182 
2195 #define MBEDTLS_CCM_C
2196 
2207 //#define MBEDTLS_CERTS_C /* swyter: these test certs are completely useless */
2208 
2216 //#define MBEDTLS_CHACHA20_C /* ThFabba: we don't use this feature, no need to compile it */
2217 
2227 //#define MBEDTLS_CHACHAPOLY_C /* ThFabba: we don't use this feature, no need to compile it */
2228 
2239 #define MBEDTLS_CIPHER_C
2240 
2252 //#define MBEDTLS_CMAC_C
2253 
2272 #define MBEDTLS_CTR_DRBG_C
2273 
2286 //#define MBEDTLS_DEBUG_C /* swyter: we don't even need this level of verboseness, useful only when developing */
2287 
2315 #define MBEDTLS_DES_C
2316 
2336 #define MBEDTLS_DHM_C
2337 
2352 #define MBEDTLS_ECDH_C
2353 
2367 #define MBEDTLS_ECDSA_C
2368 
2386 //#define MBEDTLS_ECJPAKE_C
2387 
2400 #define MBEDTLS_ECP_C
2401 
2414 #define MBEDTLS_ENTROPY_C
2415 
2426 //#define MBEDTLS_ERROR_C /* swyter: we don't print user errors, so this trims some fat */
2427 
2440 #define MBEDTLS_GCM_C
2441 
2463 //#define MBEDTLS_HAVEGE_C
2464 
2478 //#define MBEDTLS_HKDF_C /* ThFabba: we don't use this feature, no need to compile it */
2479 
2492 #define MBEDTLS_HMAC_DRBG_C
2493 
2505 //#define MBEDTLS_NIST_KW_C /* ThFabba: we don't use this feature, no need to compile it */
2506 
2517 #define MBEDTLS_MD_C
2518 
2534 //#define MBEDTLS_MD2_C
2535 
2551 //#define MBEDTLS_MD4_C
2552 
2573 #define MBEDTLS_MD5_C
2574 
2589 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2590 
2608 //#define MBEDTLS_NET_C /* swyter: we don't use the network routines, in fact in schannel we replace them with our own shim to forward the managed network buffers */
2609 
2631 #define MBEDTLS_OID_C
2632 
2645 #define MBEDTLS_PADLOCK_C
2646 
2663 //#define MBEDTLS_PEM_PARSE_C /* swyter: we don't do any PEM decoding */
2664 
2679 //#define MBEDTLS_PEM_WRITE_C /* swyter: we don't do any PEM decoding */
2680 
2695 #define MBEDTLS_PK_C
2696 
2710 #define MBEDTLS_PK_PARSE_C
2711 
2724 //#define MBEDTLS_PK_WRITE_C /* swyter: we don't write any PK */
2725 
2737 #define MBEDTLS_PKCS5_C
2738 
2752 //#define MBEDTLS_PKCS11_C
2753 
2768 #define MBEDTLS_PKCS12_C
2769 
2788 #define MBEDTLS_PLATFORM_C
2789 
2798 //#define MBEDTLS_POLY1305_C /* ThFabba: we don't use this feature, no need to compile it */
2799 
2809 #define MBEDTLS_RIPEMD160_C
2810 
2828 #define MBEDTLS_RSA_C
2829 
2850 #define MBEDTLS_SHA1_C
2851 
2867 #define MBEDTLS_SHA256_C
2868 
2882 #define MBEDTLS_SHA512_C
2883 
2894 //#define MBEDTLS_SSL_CACHE_C /* swyter: we don't make use of this caching mechanism, as the WINE schannel API does not expose it */
2895 
2904 //#define MBEDTLS_SSL_COOKIE_C /* swyter: schannel does not support UDP sockets, DTLS is useless */
2905 
2916 #define MBEDTLS_SSL_TICKET_C
2917 
2930 #define MBEDTLS_SSL_CLI_C
2931 
2944 //#define MBEDTLS_SSL_SRV_C /* swyter: we don't need anything server-related */
2945 
2960 #define MBEDTLS_SSL_TLS_C
2961 
2982 //#define MBEDTLS_THREADING_C
2983 
3005 #define MBEDTLS_TIMING_C
3006 
3016 //#define MBEDTLS_VERSION_C /* swyter: we don't use these functions, so it's a waste of space */
3017 
3033 #define MBEDTLS_X509_USE_C
3034 
3049 #define MBEDTLS_X509_CRT_PARSE_C
3050 
3063 //#define MBEDTLS_X509_CRL_PARSE_C /* swyter: we don't verify certs directly */
3064 
3077 //#define MBEDTLS_X509_CSR_PARSE_C /* swyter: we don't verify certs directly */
3078 
3090 //#define MBEDTLS_X509_CREATE_C /* swyter: we don't create certs in schannel */
3091 
3103 //#define MBEDTLS_X509_CRT_WRITE_C /* swyter: we don't create certs in schannel */
3104 
3116 //#define MBEDTLS_X509_CSR_WRITE_C /* swyter: we don't create certs in schannel, this is for servers */
3117 
3126 #define MBEDTLS_XTEA_C
3127 
3128 /* \} name SECTION: mbed TLS modules */
3129 
3145 /* MPI / BIGNUM options */
3146 //#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
3147 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3148 
3149 /* CTR_DRBG options */
3150 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3151 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3152 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3153 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3154 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3155 
3156 /* HMAC_DRBG options */
3157 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3158 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3159 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3160 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3161 
3162 /* ECP options */
3163 //#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
3164 //#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
3165 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3166 
3167 /* Entropy options */
3168 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3169 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3170 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3171 
3172 /* Memory buffer allocator options */
3173 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3174 
3175 /* Platform options */
3176 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3177 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
3178 //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3179 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3180 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3181 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3182 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3183 /* Note: your snprintf must correctly zero-terminate the buffer! */
3184 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3185 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3186 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3187 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3188 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3189 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3190 
3191 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3192 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3193 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
3194 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3195 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3196 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3197 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3198 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3199 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3200 /* Note: your snprintf must correctly zero-terminate the buffer! */
3201 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3202 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3203 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3204 
3239 //#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3240 
3241 /* SSL Cache options */
3242 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3243 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3244 
3245 /* SSL options */
3246 
3271 //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384
3272 
3296 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3297 
3320 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
3321 
3337 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
3338 
3339 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
3340 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
3341 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
3342 
3355 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
3356 
3357 /* X509 options */
3358 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
3359 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
3360 
3373 // #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
3374 
3390 #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
3391 
3410 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
3411 
3429 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
3430 
3431 /* \} name SECTION: Customisation configuration options */
3432 
3433 /* Target and application specific configurations
3434  *
3435  * Allow user to override any previous default.
3436  *
3437  */
3438 #if defined(MBEDTLS_USER_CONFIG_FILE)
3439 #include MBEDTLS_USER_CONFIG_FILE
3440 #endif
3441 
3442 #include "check_config.h"
3443 
3444 #endif /* MBEDTLS_CONFIG_H */
Consistency checks for configuration options.