Mbed TLS v3.5.0
mbedtls_config.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  */
26 
34 //#define MBEDTLS_CONFIG_VERSION 0x03000000
35 
64 #define MBEDTLS_HAVE_ASM
65 
92 //#define MBEDTLS_NO_UDBL_DIVISION
93 
114 //#define MBEDTLS_NO_64BIT_MULTIPLICATION
115 
123 //#define MBEDTLS_HAVE_SSE2
124 
143 #define MBEDTLS_HAVE_TIME
144 
164 #define MBEDTLS_HAVE_TIME_DATE
165 
220 //#define MBEDTLS_PLATFORM_MEMORY
221 
239 //#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
240 
264 //#define MBEDTLS_PLATFORM_SETBUF_ALT
265 //#define MBEDTLS_PLATFORM_EXIT_ALT
266 //#define MBEDTLS_PLATFORM_TIME_ALT
267 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
268 //#define MBEDTLS_PLATFORM_PRINTF_ALT
269 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
270 //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
271 //#define MBEDTLS_PLATFORM_NV_SEED_ALT
272 //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
273 //#define MBEDTLS_PLATFORM_MS_TIME_ALT
274 
292 //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
293 
315 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
316 
330 #define MBEDTLS_DEPRECATED_WARNING
331 
342 //#define MBEDTLS_DEPRECATED_REMOVED
343 
365 //#define MBEDTLS_TIMING_ALT
366 
392 //#define MBEDTLS_AES_ALT
393 //#define MBEDTLS_ARIA_ALT
394 //#define MBEDTLS_CAMELLIA_ALT
395 //#define MBEDTLS_CCM_ALT
396 //#define MBEDTLS_CHACHA20_ALT
397 //#define MBEDTLS_CHACHAPOLY_ALT
398 //#define MBEDTLS_CMAC_ALT
399 //#define MBEDTLS_DES_ALT
400 //#define MBEDTLS_DHM_ALT
401 //#define MBEDTLS_ECJPAKE_ALT
402 //#define MBEDTLS_GCM_ALT
403 //#define MBEDTLS_NIST_KW_ALT
404 //#define MBEDTLS_MD5_ALT
405 //#define MBEDTLS_POLY1305_ALT
406 //#define MBEDTLS_RIPEMD160_ALT
407 //#define MBEDTLS_RSA_ALT
408 //#define MBEDTLS_SHA1_ALT
409 //#define MBEDTLS_SHA256_ALT
410 //#define MBEDTLS_SHA512_ALT
411 
412 /*
413  * When replacing the elliptic curve module, please consider, that it is
414  * implemented with two .c files:
415  * - ecp.c
416  * - ecp_curves.c
417  * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
418  * macros as described above. The only difference is that you have to make sure
419  * that you provide functionality for both .c files.
420  */
421 //#define MBEDTLS_ECP_ALT
422 
460 //#define MBEDTLS_MD5_PROCESS_ALT
461 //#define MBEDTLS_RIPEMD160_PROCESS_ALT
462 //#define MBEDTLS_SHA1_PROCESS_ALT
463 //#define MBEDTLS_SHA256_PROCESS_ALT
464 //#define MBEDTLS_SHA512_PROCESS_ALT
465 //#define MBEDTLS_DES_SETKEY_ALT
466 //#define MBEDTLS_DES_CRYPT_ECB_ALT
467 //#define MBEDTLS_DES3_CRYPT_ECB_ALT
468 //#define MBEDTLS_AES_SETKEY_ENC_ALT
469 //#define MBEDTLS_AES_SETKEY_DEC_ALT
470 //#define MBEDTLS_AES_ENCRYPT_ALT
471 //#define MBEDTLS_AES_DECRYPT_ALT
472 //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
473 //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
474 //#define MBEDTLS_ECDSA_VERIFY_ALT
475 //#define MBEDTLS_ECDSA_SIGN_ALT
476 //#define MBEDTLS_ECDSA_GENKEY_ALT
477 
528 /* Required for all the functions in this section */
529 //#define MBEDTLS_ECP_INTERNAL_ALT
530 /* Turn off software fallback for curves not supported in hardware */
531 //#define MBEDTLS_ECP_NO_FALLBACK
532 /* Support for Weierstrass curves with Jacobi representation */
533 //#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
534 //#define MBEDTLS_ECP_ADD_MIXED_ALT
535 //#define MBEDTLS_ECP_DOUBLE_JAC_ALT
536 //#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
537 //#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
538 /* Support for curves with Montgomery arithmetic */
539 //#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
540 //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
541 //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
542 
555 //#define MBEDTLS_ENTROPY_HARDWARE_ALT
556 
574 //#define MBEDTLS_AES_ROM_TABLES
575 
595 //#define MBEDTLS_AES_FEWER_TABLES
596 
612 //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
613 
614 /*
615  * Disable plain C implementation for AES.
616  *
617  * When the plain C implementation is enabled, and an implementation using a
618  * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
619  * detection will be used to select between them.
620  *
621  * If only one implementation is present, runtime detection will not be used.
622  * This configuration will crash at runtime if running on a CPU without the
623  * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
624  * and/or MBEDTLS_AESNI_C is enabled & present in the build.
625  */
626 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
627 
635 //#define MBEDTLS_CAMELLIA_SMALL_MEMORY
636 
658 //#define MBEDTLS_CHECK_RETURN_WARNING
659 
665 #define MBEDTLS_CIPHER_MODE_CBC
666 
672 #define MBEDTLS_CIPHER_MODE_CFB
673 
679 #define MBEDTLS_CIPHER_MODE_CTR
680 
686 #define MBEDTLS_CIPHER_MODE_OFB
687 
693 #define MBEDTLS_CIPHER_MODE_XTS
694 
725 //#define MBEDTLS_CIPHER_NULL_CIPHER
726 
738 #define MBEDTLS_CIPHER_PADDING_PKCS7
739 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
740 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
741 #define MBEDTLS_CIPHER_PADDING_ZEROS
742 
749 //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
750 
758 //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
759 
768 /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
769 #define MBEDTLS_ECP_DP_SECP192R1_ENABLED
770 #define MBEDTLS_ECP_DP_SECP224R1_ENABLED
771 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
772 #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
773 #define MBEDTLS_ECP_DP_SECP521R1_ENABLED
774 #define MBEDTLS_ECP_DP_SECP192K1_ENABLED
775 #define MBEDTLS_ECP_DP_SECP224K1_ENABLED
776 #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
777 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
778 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
779 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
780 /* Montgomery curves (supporting ECP) */
781 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
782 #define MBEDTLS_ECP_DP_CURVE448_ENABLED
783 
793 #define MBEDTLS_ECP_NIST_OPTIM
794 
848 //#define MBEDTLS_ECP_RESTARTABLE
849 
856 //#define MBEDTLS_ECP_WITH_MPI_UINT
857 
870 #define MBEDTLS_ECDSA_DETERMINISTIC
871 
890 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
891 
919 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
920 
937 #define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
938 
960 #define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
961 
985 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
986 
1017 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1018 
1042 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1043 
1066 #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1067 
1090 #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1091 
1114 #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1115 
1137 //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1138 
1151 #define MBEDTLS_PK_PARSE_EC_EXTENDED
1152 
1164 #define MBEDTLS_PK_PARSE_EC_COMPRESSED
1165 
1179 #define MBEDTLS_ERROR_STRERROR_DUMMY
1180 
1188 #define MBEDTLS_GENPRIME
1189 
1195 #define MBEDTLS_FS_IO
1196 
1207 //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1208 
1218 //#define MBEDTLS_NO_PLATFORM_ENTROPY
1219 
1234 //#define MBEDTLS_ENTROPY_FORCE_SHA256
1235 
1262 //#define MBEDTLS_ENTROPY_NV_SEED
1263 
1264 /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1265  *
1266  * Enable key identifiers that encode a key owner identifier.
1267  *
1268  * The owner of a key is identified by a value of type ::mbedtls_key_owner_id_t
1269  * which is currently hard-coded to be int32_t.
1270  *
1271  * Note that this option is meant for internal use only and may be removed
1272  * without notice.
1273  */
1274 //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
1275 
1287 //#define MBEDTLS_MEMORY_DEBUG
1288 
1299 //#define MBEDTLS_MEMORY_BACKTRACE
1300 
1308 #define MBEDTLS_PK_RSA_ALT_SUPPORT
1309 
1319 #define MBEDTLS_PKCS1_V15
1320 
1333 #define MBEDTLS_PKCS1_V21
1334 
1349 //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
1350 
1365 //#define MBEDTLS_PSA_CRYPTO_CLIENT
1366 
1403 //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
1404 
1424 //#define MBEDTLS_PSA_CRYPTO_SPM
1425 
1465 //#define MBEDTLS_PSA_P256M_DRIVER_ENABLED
1466 
1478 //#define MBEDTLS_PSA_INJECT_ENTROPY
1479 
1489 //#define MBEDTLS_RSA_NO_CRT
1490 
1496 #define MBEDTLS_SELF_TEST
1497 
1512 //#define MBEDTLS_SHA256_SMALLER
1513 
1522 //#define MBEDTLS_SHA512_SMALLER
1523 
1536 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1537 
1560 #define MBEDTLS_SSL_DTLS_CONNECTION_ID
1561 
1562 
1583 #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
1584 
1595 //#define MBEDTLS_SSL_ASYNC_PRIVATE
1596 
1624 #define MBEDTLS_SSL_CONTEXT_SERIALIZATION
1625 
1640 //#define MBEDTLS_SSL_DEBUG_ALL
1641 
1656 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1657 
1672 #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1673 
1696 #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
1697 
1720 #define MBEDTLS_SSL_RENEGOTIATION
1721 
1729 #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1730 
1743 //#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
1744 
1762 #define MBEDTLS_SSL_PROTO_TLS1_2
1763 
1786 //#define MBEDTLS_SSL_PROTO_TLS1_3
1787 
1808 //#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
1809 
1820 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
1821 
1838 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
1839 
1852 #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
1853 
1873 //#define MBEDTLS_SSL_EARLY_DATA
1874 
1886 #define MBEDTLS_SSL_PROTO_DTLS
1887 
1895 #define MBEDTLS_SSL_ALPN
1896 
1910 #define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1911 
1928 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1929 
1959 #define MBEDTLS_SSL_DTLS_SRTP
1960 
1975 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1976 
1989 #define MBEDTLS_SSL_SESSION_TICKETS
1990 
2000 #define MBEDTLS_SSL_SERVER_NAME_INDICATION
2001 
2010 //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2011 
2027 //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
2028 
2046 //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
2047 
2066 //#define MBEDTLS_TEST_HOOKS
2067 
2077 //#define MBEDTLS_THREADING_ALT
2078 
2088 #define MBEDTLS_THREADING_PTHREAD
2089 
2118 //#define MBEDTLS_USE_PSA_CRYPTO
2119 
2150 //#define MBEDTLS_PSA_CRYPTO_CONFIG
2151 
2163 #define MBEDTLS_VERSION_FEATURES
2164 
2184 //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
2185 
2195 //#define MBEDTLS_X509_REMOVE_INFO
2196 
2205 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2245 #define MBEDTLS_AESNI_C
2246 
2269 #define MBEDTLS_AESCE_C
2270 
2344 #define MBEDTLS_AES_C
2345 
2358 #define MBEDTLS_ASN1_PARSE_C
2359 
2372 #define MBEDTLS_ASN1_WRITE_C
2373 
2384 #define MBEDTLS_BASE64_C
2385 
2404 #define MBEDTLS_BIGNUM_C
2405 
2459 #define MBEDTLS_CAMELLIA_C
2460 
2511 #define MBEDTLS_ARIA_C
2512 
2526 #define MBEDTLS_CCM_C
2527 
2535 #define MBEDTLS_CHACHA20_C
2536 
2546 #define MBEDTLS_CHACHAPOLY_C
2547 
2568 #define MBEDTLS_CIPHER_C
2569 
2586 #define MBEDTLS_CMAC_C
2587 
2608 #define MBEDTLS_CTR_DRBG_C
2609 
2623 #define MBEDTLS_DEBUG_C
2624 
2639 #define MBEDTLS_DES_C
2640 
2661 #define MBEDTLS_DHM_C
2662 
2679 #define MBEDTLS_ECDH_C
2680 
2696 #define MBEDTLS_ECDSA_C
2697 
2718 #define MBEDTLS_ECJPAKE_C
2719 
2732 #define MBEDTLS_ECP_C
2733 
2746 #define MBEDTLS_ENTROPY_C
2747 
2758 #define MBEDTLS_ERROR_C
2759 
2773 #define MBEDTLS_GCM_C
2774 
2788 #define MBEDTLS_HKDF_C
2789 
2802 #define MBEDTLS_HMAC_DRBG_C
2803 
2816 #define MBEDTLS_LMS_C
2817 
2828 //#define MBEDTLS_LMS_PRIVATE
2829 
2841 #define MBEDTLS_NIST_KW_C
2842 
2874 #define MBEDTLS_MD_C
2875 
2895 #define MBEDTLS_MD5_C
2896 
2911 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2912 
2930 #define MBEDTLS_NET_C
2931 
2953 #define MBEDTLS_OID_C
2954 
2967 #define MBEDTLS_PADLOCK_C
2968 
2989 #define MBEDTLS_PEM_PARSE_C
2990 
3005 #define MBEDTLS_PEM_WRITE_C
3006 
3023 #define MBEDTLS_PK_C
3024 
3038 #define MBEDTLS_PK_PARSE_C
3039 
3052 #define MBEDTLS_PK_WRITE_C
3053 
3069 #define MBEDTLS_PKCS5_C
3070 
3085 #define MBEDTLS_PKCS7_C
3086 
3104 #define MBEDTLS_PKCS12_C
3105 
3124 #define MBEDTLS_PLATFORM_C
3125 
3134 #define MBEDTLS_POLY1305_C
3135 
3149 #define MBEDTLS_PSA_CRYPTO_C
3150 
3165 //#define MBEDTLS_PSA_CRYPTO_SE_C
3166 
3178 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
3179 
3190 #define MBEDTLS_PSA_ITS_FILE_C
3191 
3201 #define MBEDTLS_RIPEMD160_C
3202 
3221 #define MBEDTLS_RSA_C
3222 
3240 #define MBEDTLS_SHA1_C
3241 
3253 #define MBEDTLS_SHA224_C
3254 
3270 #define MBEDTLS_SHA256_C
3271 
3298 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
3299 
3326 //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
3327 
3342 #define MBEDTLS_SHA384_C
3343 
3357 #define MBEDTLS_SHA512_C
3358 
3368 #define MBEDTLS_SHA3_C
3369 
3396 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
3397 
3424 //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
3425 
3436 #define MBEDTLS_SSL_CACHE_C
3437 
3446 #define MBEDTLS_SSL_COOKIE_C
3447 
3459 #define MBEDTLS_SSL_TICKET_C
3460 
3473 #define MBEDTLS_SSL_CLI_C
3474 
3487 #define MBEDTLS_SSL_SRV_C
3488 
3503 #define MBEDTLS_SSL_TLS_C
3504 
3525 #define MBEDTLS_THREADING_C
3526 
3549 #define MBEDTLS_TIMING_C
3550 
3560 #define MBEDTLS_VERSION_C
3561 
3580 #define MBEDTLS_X509_USE_C
3581 
3596 #define MBEDTLS_X509_CRT_PARSE_C
3597 
3610 #define MBEDTLS_X509_CRL_PARSE_C
3611 
3624 #define MBEDTLS_X509_CSR_PARSE_C
3625 
3641 #define MBEDTLS_X509_CREATE_C
3642 
3654 #define MBEDTLS_X509_CRT_WRITE_C
3655 
3667 #define MBEDTLS_X509_CSR_WRITE_C
3668 
3697 //#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h"
3698 
3714 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
3715 
3732 //#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
3733 
3749 //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
3750 
3771 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h"
3772 
3796 //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h"
3797 
3811 /* The Doxygen documentation here is used when a user comments out a
3812  * setting and runs doxygen themselves. On the other hand, when we typeset
3813  * the full documentation including disabled settings, the documentation
3814  * in specific modules' header files is used if present. When editing this
3815  * file, make sure that each option is documented in exactly one place,
3816  * plus optionally a same-line Doxygen comment here if there is a Doxygen
3817  * comment in the specific module. */
3818 
3819 /* MPI / BIGNUM options */
3820 //#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
3821 //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3822 
3823 /* CTR_DRBG options */
3824 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3825 //#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3826 //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3827 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3828 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3829 
3830 /* HMAC_DRBG options */
3831 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3832 //#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3833 //#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3834 //#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3835 
3836 /* ECP options */
3837 //#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
3838 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3839 
3840 /* Entropy options */
3841 //#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3842 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3843 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3844 
3845 /* Memory buffer allocator options */
3846 //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3847 
3848 /* Platform options */
3849 //#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3850 
3862 //#define MBEDTLS_PLATFORM_STD_CALLOC calloc
3863 
3872 //#define MBEDTLS_PLATFORM_STD_FREE free
3873 //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */
3874 //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3875 //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3876 //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3877 //#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3878 /* Note: your snprintf must correctly zero-terminate the buffer! */
3879 //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3880 //#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3881 //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3882 //#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3883 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3884 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3885 
3886 /* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
3887 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3888 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
3889 //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
3890 //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3891 //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */
3892 //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3893 //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3894 //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3895 //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3896 /* Note: your snprintf must correctly zero-terminate the buffer! */
3897 //#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3898 //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
3899 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3900 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3901 //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/
3902 //#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */
3903 
3917 //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__))
3918 
3925 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
3926 
3927 /* PSA options */
3938 //#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
3939 
3949 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
3950 
3951 /* RSA OPTIONS */
3952 //#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */
3953 
3954 /* SSL Cache options */
3955 //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3956 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3957 
3958 /* SSL options */
3959 
3979 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384
3980 
3986 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32
3987 
3993 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
3994 
4009 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
4010 
4029 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384
4030 
4046 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
4047 
4048 //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */
4049 //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
4050 
4063 //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
4064 
4080 //#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
4081 
4100 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
4101 
4109 //#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
4110 
4119 //#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
4120 
4121 /* X509 options */
4122 //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
4123 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
4124