blob: c6e275d4521f69b1f40732374dabf3b68b4c7064 [file] [log] [blame]
/*
*
* Copyright (c) 2021 Project CHIP Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#pragma once
#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
/**
* \def MBEDTLS_AES_ALT
*
* MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
* alternate core implementation of a symmetric crypto, an arithmetic or hash
* module (e.g. platform specific assembly optimized implementations). Keep
* in mind that the function prototypes should remain the same.
*
* This replaces the whole module. If you only want to replace one of the
* functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
*
* Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
* provide the "struct mbedtls_aes_context" definition and omit the base
* function declarations and implementations. "aes_alt.h" will be included from
* "aes.h" to include the new function definitions.
*
* Uncomment a macro to enable alternate implementation of the corresponding
* module.
*
* \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
* use constitutes a security risk. If possible, we recommend
* avoiding dependencies on them, and considering stronger message
* digests and ciphers instead.
*
*/
#define MBEDTLS_AES_ALT
// #define MBEDTLS_ARC4_ALT
// #define MBEDTLS_ARIA_ALT
// #define MBEDTLS_BLOWFISH_ALT
// #define MBEDTLS_CAMELLIA_ALT
#define MBEDTLS_CCM_ALT
// #define MBEDTLS_CHACHA20_ALT
// #define MBEDTLS_CHACHAPOLY_ALT
// #define MBEDTLS_CMAC_ALT
// #define MBEDTLS_DES_ALT
// #define MBEDTLS_DHM_ALT
// #define MBEDTLS_ECJPAKE_ALT
// #define MBEDTLS_GCM_ALT
// #define MBEDTLS_NIST_KW_ALT
// #define MBEDTLS_MD2_ALT
// #define MBEDTLS_MD4_ALT
// #define MBEDTLS_MD5_ALT
// #define MBEDTLS_POLY1305_ALT
// #define MBEDTLS_RIPEMD160_ALT
// #define MBEDTLS_RSA_ALT
// #define MBEDTLS_SHA1_ALT
#define MBEDTLS_SHA256_ALT
// #define MBEDTLS_SHA512_ALT
// #define MBEDTLS_XTEA_ALT
/*
* When replacing the elliptic curve module, please consider, that it is
* implemented with two .c files:
* - ecp.c
* - ecp_curves.c
* You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
* macros as described above. The only difference is that you have to make sure
* that you provide functionality for both .c files.
*/
#define MBEDTLS_ECP_ALT
/**
* \def MBEDTLS_ERROR_STRERROR_DUMMY
*
* Enable a dummy error function to make use of mbedtls_strerror() in
* third party libraries easier when MBEDTLS_ERROR_C is disabled
* (no effect when MBEDTLS_ERROR_C is enabled).
*
* You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
* not using mbedtls_strerror() or error_strerror() in your application.
*
* Disable if you run into name conflicts and want to really remove the
* mbedtls_strerror()
*/
#define MBEDTLS_ERROR_STRERROR_DUMMY
/**
* \def MBEDTLS_BASE64_C
*
* Enable the Base64 module.
*
* Module: library/base64.c
* Caller: library/pem.c
*
* This module is required for PEM support (required by X.509).
*/
#define MBEDTLS_BASE64_C
/**
* \def MBEDTLS_HKDF_C
*
* Enable the HKDF algorithm (RFC 5869).
*
* Module: library/hkdf.c
* Caller:
*
* Requires: MBEDTLS_MD_C
*
* This module adds support for the Hashed Message Authentication Code
* (HMAC)-based key derivation function (HKDF).
*/
#define MBEDTLS_HKDF_C
/**
* \def MBEDTLS_OID_C
*
* Enable the OID database.
*
* Module: library/oid.c
* Caller: library/asn1write.c
* library/pkcs5.c
* library/pkparse.c
* library/pkwrite.c
* library/rsa.c
* library/x509.c
* library/x509_create.c
* library/x509_crl.c
* library/x509_crt.c
* library/x509_csr.c
* library/x509write_crt.c
* library/x509write_csr.c
*
* This modules translates between OIDs and internal values.
*/
#define MBEDTLS_OID_C
/**
* \def MBEDTLS_PEM_WRITE_C
*
* Enable PEM encoding / writing.
*
* Module: library/pem.c
* Caller: library/pkwrite.c
* library/x509write_crt.c
* library/x509write_csr.c
*
* Requires: MBEDTLS_BASE64_C
*
* This modules adds support for encoding / writing PEM files.
*/
#define MBEDTLS_PEM_WRITE_C
/**
* \def MBEDTLS_PK_WRITE_C
*
* Enable the generic public (asymetric) key writer.
*
* Module: library/pkwrite.c
* Caller: library/x509write.c
*
* Requires: MBEDTLS_PK_C
*
* Uncomment to enable generic public key write functions.
*/
#define MBEDTLS_PK_WRITE_C
/**
* \def MBEDTLS_PKCS5_C
*
* Enable PKCS#5 functions.
*
* Module: library/pkcs5.c
*
* Requires: MBEDTLS_MD_C
*
* This module adds support for the PKCS#5 functions.
*/
#define MBEDTLS_PKCS5_C
/**
* \def MBEDTLS_X509_USE_C
*
* Enable X.509 core for using certificates.
*
* Module: library/x509.c
* Caller: library/x509_crl.c
* library/x509_crt.c
* library/x509_csr.c
*
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
* MBEDTLS_PK_PARSE_C
*
* This module is required for the X.509 parsing modules.
*/
#define MBEDTLS_X509_USE_C
/**
* \def MBEDTLS_X509_CRT_PARSE_C
*
* Enable X.509 certificate parsing.
*
* Module: library/x509_crt.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
*
* Requires: MBEDTLS_X509_USE_C
*
* This module is required for X.509 certificate parsing.
*/
#define MBEDTLS_X509_CRT_PARSE_C
/**
* \def MBEDTLS_X509_CREATE_C
*
* Enable X.509 core for creating certificates.
*
* Module: library/x509_create.c
*
* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
*
* This module is the basis for creating X.509 certificates and CSRs.
*/
#define MBEDTLS_X509_CREATE_C
/**
* \def MBEDTLS_X509_CSR_WRITE_C
*
* Enable creating X.509 Certificate Signing Requests (CSR).
*
* Module: library/x509_csr_write.c
*
* Requires: MBEDTLS_X509_CREATE_C
*
* This module is required for X.509 certificate request writing.
*/
#define MBEDTLS_X509_CSR_WRITE_C