mbed TLS v2.24.0
|
Configuration options (set of defines) More...
#include "mbedtls/check_config.h"
Go to the source code of this file.
Configuration options (set of defines)
This set of compile-time options may be used to enable or disable features selectively, and reduce the global memory footprint.
Definition in file config.h.
#define MBEDTLS_AES_ALT |
MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your alternate core implementation of a symmetric crypto, an arithmetic or hash module (e.g. platform specific assembly optimized implementations). Keep in mind that the function prototypes should remain the same.
This replaces the whole module. If you only want to replace one of the functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer provide the "struct mbedtls_aes_context" definition and omit the base function declarations and implementations. "aes_alt.h" will be included from "aes.h" to include the new function definitions.
Uncomment a macro to enable alternate implementation of the corresponding module.
#define MBEDTLS_AES_C |
Enable the AES block cipher.
Module: library/aes.c Caller: library/cipher.c library/pem.c library/ctr_drbg.c
This module enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
PEM_PARSE uses AES for decrypting encrypted keys.
#define MBEDTLS_AES_FEWER_TABLES |
Use less ROM/RAM for AES tables.
Uncommenting this macro omits 75% of the AES tables from ROM / RAM (depending on the value of MBEDTLS_AES_ROM_TABLES
) by computing their values on the fly during operations (the tables are entry-wise rotations of one another).
Tradeoff: Uncommenting this reduces the RAM / ROM footprint by ~6kb but at the cost of more arithmetic operations during runtime. Specifically, one has to compare 4 accesses within different tables to 4 accesses with additional arithmetic operations within the same table. The performance gain/loss depends on the system and memory details.
This option is independent of MBEDTLS_AES_ROM_TABLES
.
#define MBEDTLS_AES_ROM_TABLES |
Use precomputed AES tables stored in ROM.
Uncomment this macro to use precomputed AES tables stored in ROM. Comment this macro to generate AES tables in RAM at runtime.
Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb (or ~2kb if MBEDTLS_AES_FEWER_TABLES
is used) and reduces the initialization time before the first AES operation can be performed. It comes at the cost of additional ~8kb ROM use (resp. ~2kb if MBEDTLS_AES_FEWER_TABLES
below is used), and potentially degraded performance if ROM access is slower than RAM access.
This option is independent of MBEDTLS_AES_FEWER_TABLES
.
#define MBEDTLS_AESNI_C |
#define MBEDTLS_ARC4_C |
Enable the ARCFOUR stream cipher.
Module: library/arc4.c Caller: library/cipher.c
This module enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
#define MBEDTLS_ARIA_C |
Enable the ARIA block cipher.
Module: library/aria.c Caller: library/cipher.c
This module enables the following ciphersuites (if other requisites are enabled as well):
MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
#define MBEDTLS_ASN1_PARSE_C |
#define MBEDTLS_ASN1_WRITE_C |
#define MBEDTLS_BASE64_C |
#define MBEDTLS_BIGNUM_C |
#define MBEDTLS_BLOWFISH_C |
#define MBEDTLS_CAMELLIA_C |
Enable the Camellia block cipher.
Module: library/camellia.c Caller: library/cipher.c
This module enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
#define MBEDTLS_CAMELLIA_SMALL_MEMORY |
#define MBEDTLS_CCM_C |
#define MBEDTLS_CERTS_C |
#define MBEDTLS_CHACHA20_C |
#define MBEDTLS_CHACHAPOLY_C |
#define MBEDTLS_CHECK_PARAMS |
This configuration option controls whether the library validates more of the parameters passed to it.
When this flag is not defined, the library only attempts to validate an input parameter if: (1) they may come from the outside world (such as the network, the filesystem, etc.) or (2) not validating them could result in internal memory errors such as overflowing a buffer controlled by the library. On the other hand, it doesn't attempt to validate parameters whose values are fully controlled by the application (such as pointers).
When this flag is defined, the library additionally attempts to validate parameters that are fully controlled by the application, and should always be valid if the application code is fully correct and trusted.
For example, when a function accepts as input a pointer to a buffer that may contain untrusted data, and its documentation mentions that this pointer must not be NULL:
When this flag is defined, if a library function receives a parameter that is invalid:
When defining this flag, you also need to arrange a definition for MBEDTLS_PARAM_FAILED(). You can do this by any of the following methods:
platform_util.h
for its prototype.cond
) to be assert(cond)
. You can still supply an alternative definition of MBEDTLS_PARAM_FAILED(), which may call assert
.config.h
or you uncomment the definition of MBEDTLS_PARAM_FAILED() in config.h
, the library will call the macro that you defined and will not supply its own version. Note that if MBEDTLS_PARAM_FAILED() calls assert
, you need to enable MBEDTLS_CHECK_PARAMS_ASSERT so that library source files include <assert.h>
.Uncomment to enable validation of application-controlled parameters.
#define MBEDTLS_CHECK_PARAMS_ASSERT |
Allow MBEDTLS_PARAM_FAILED() to call assert
, and make it default to assert
. This macro is only used if MBEDTLS_CHECK_PARAMS is defined.
If this macro is not defined, then MBEDTLS_PARAM_FAILED() defaults to calling a function mbedtls_param_failed(). See the documentation of MBEDTLS_CHECK_PARAMS for details.
Uncomment to allow MBEDTLS_PARAM_FAILED() to call assert
.
#define MBEDTLS_CIPHER_C |
#define MBEDTLS_CIPHER_MODE_CBC |
#define MBEDTLS_CIPHER_MODE_CFB |
#define MBEDTLS_CIPHER_MODE_CTR |
#define MBEDTLS_CIPHER_MODE_OFB |
#define MBEDTLS_CIPHER_MODE_XTS |
#define MBEDTLS_CIPHER_NULL_CIPHER |
Enable NULL cipher. Warning: Only do so when you know what you are doing. This allows for encryption or channels without any security!
Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable the following ciphersuites: MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_RSA_WITH_NULL_SHA256 MBEDTLS_TLS_RSA_WITH_NULL_SHA MBEDTLS_TLS_RSA_WITH_NULL_MD5 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA MBEDTLS_TLS_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_PSK_WITH_NULL_SHA
Uncomment this macro to enable the NULL cipher and ciphersuites
#define MBEDTLS_CIPHER_PADDING_PKCS7 |
MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for specific padding modes in the cipher layer with cipher modes that support padding (e.g. CBC)
If you disable all padding modes, only full blocks can be used with CBC.
Enable padding modes in the cipher layer.
#define MBEDTLS_CMAC_C |
#define MBEDTLS_CTR_DRBG_C |
Enable the CTR_DRBG AES-based random generator. The CTR_DRBG generator uses AES-256 by default. To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
above.
Module: library/ctr_drbg.c Caller:
Requires: MBEDTLS_AES_C
This module provides the CTR_DRBG AES random number generator.
#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY |
#define MBEDTLS_DEBUG_C |
#define MBEDTLS_DEPRECATED_REMOVED |
Remove deprecated functions and features so that they generate an error if used. Functionality deprecated in one version will usually be removed in the next version. You can enable this to help you prepare the transition to a new major version by making sure your code is not using this functionality.
Uncomment to get errors on using deprecated functions and features.
#define MBEDTLS_DEPRECATED_WARNING |
Mark deprecated functions and features so that they generate a warning if used. Functionality deprecated in one version will usually be removed in the next version. You can enable this to help you prepare the transition to a new major version by making sure your code is not using this functionality.
This only works with GCC and Clang. With other compilers, you may want to use MBEDTLS_DEPRECATED_REMOVED
Uncomment to get warnings on using deprecated functions and features.
#define MBEDTLS_DES_C |
Enable the DES block cipher.
Module: library/des.c Caller: library/pem.c library/cipher.c
This module enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
PEM_PARSE uses DES/3DES for decrypting encrypted keys.
#define MBEDTLS_DHM_C |
Enable the Diffie-Hellman-Merkle module.
Module: library/dhm.c Caller: library/ssl_cli.c library/ssl_srv.c
This module is used by the following key exchanges: DHE-RSA, DHE-PSK
#define MBEDTLS_ECDH_C |
#define MBEDTLS_ECDH_LEGACY_CONTEXT |
Use a backward compatible ECDH context.
Mbed TLS supports two formats for ECDH contexts (mbedtls_ecdh_context defined in ecdh.h
). For most applications, the choice of format makes no difference, since all library functions can work with either format, except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE.
The new format used when this option is disabled is smaller (56 bytes on a 32-bit platform). In future versions of the library, it will support alternative implementations of ECDH operations. The new format is incompatible with applications that access context fields directly and with restartable ECP operations.
Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you want to access ECDH context fields directly. Otherwise you should comment out this macro definition.
This option has no effect if MBEDTLS_ECDH_C is not enabled.
#define MBEDTLS_ECDSA_C |
Enable the elliptic curve DSA library.
Module: library/ecdsa.c Caller:
This module is used by the following key exchanges: ECDHE-ECDSA
Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C, and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a short Weierstrass curve.
#define MBEDTLS_ECDSA_DETERMINISTIC |
Enable deterministic ECDSA (RFC 6979). Standard ECDSA is "fragile" in the sense that lack of entropy when signing may result in a compromise of the long-term signing key. This is avoided by the deterministic variant.
Requires: MBEDTLS_HMAC_DRBG_C
Comment this macro to disable deterministic ECDSA.
#define MBEDTLS_ECJPAKE_C |
Enable the elliptic curve J-PAKE library.
Module: library/ecjpake.c Caller:
This module is used by the following key exchanges: ECJPAKE
Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
#define MBEDTLS_ECP_C |
#define MBEDTLS_ECP_DP_SECP192R1_ENABLED |
#define MBEDTLS_ECP_INTERNAL_ALT |
Expose a part of the internal interface of the Elliptic Curve Point module.
MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your alternative core implementation of elliptic curve arithmetic. Keep in mind that function prototypes should remain the same.
This partially replaces one function. The header file from mbed TLS is still used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation is still present and it is used for group structures not supported by the alternative.
Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT and implementing the following functions: unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp ) int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) The mbedtls_internal_ecp_grp_capable function should return 1 if the replacement functions implement arithmetic for the given group and 0 otherwise. The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are called before and after each point operation and provide an opportunity to implement optimized set up and tear down instructions.
Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac function, but will use your mbedtls_internal_ecp_double_jac if the group is supported (your mbedtls_internal_ecp_grp_capable function returns 1 when receives it as an argument). If the group is not supported then the original implementation is used. The other functions and the definition of mbedtls_ecp_group and mbedtls_ecp_point will not change, so your implementation of mbedtls_internal_ecp_double_jac and mbedtls_internal_ecp_grp_capable must be compatible with this definition.
Uncomment a macro to enable alternate implementation of the corresponding function.
#define MBEDTLS_ECP_NIST_OPTIM |
#define MBEDTLS_ECP_NO_INTERNAL_RNG |
When this option is disabled, mbedtls_ecp_mul() will make use of an internal RNG when called with a NULL f_rng
argument, in order to protect against some side-channel attacks.
This protection introduces a dependency of the ECP module on one of the DRBG modules. For very constrained implementations that don't require this protection (for example, because you're only doing signature verification, so not manipulating any secret, or because local/physical side-channel attacks are outside your threat model), it might be desirable to get rid of that dependency.
Uncomment this macro to disable some counter-measures in ECP.
#define MBEDTLS_ECP_RESTARTABLE |
Enable "non-blocking" ECC operations that can return early and be resumed.
This allows various functions to pause by returning MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in order to further progress and eventually complete their operation. This is controlled through mbedtls_ecp_set_max_ops() which limits the maximum number of ECC operations a function may perform before pausing; see mbedtls_ecp_set_max_ops() for more information.
This is useful in non-threaded environments if you want to avoid blocking for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
Uncomment this macro to enable restartable ECC computations.
#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES |
Enable weak ciphersuites in SSL / TLS. Warning: Only do so when you know what you are doing. This allows for channels with virtually no security at all!
This enables the following ciphersuites: MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
Uncomment this macro to enable weak ciphersuites
#define MBEDTLS_ENTROPY_C |
#define MBEDTLS_ENTROPY_FORCE_SHA256 |
Force the entropy accumulator to use a SHA-256 accumulator instead of the default SHA-512 based one (if both are available).
Requires: MBEDTLS_SHA256_C
On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option if you have performance concerns.
This option is only useful if both MBEDTLS_SHA256_C and MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
#define MBEDTLS_ENTROPY_HARDWARE_ALT |
Uncomment this macro to let mbed TLS use your own implementation of a hardware entropy collector.
Your function must be called mbedtls_hardware_poll()
, have the same prototype as declared in entropy_poll.h, and accept NULL as first argument.
Uncomment to use your own hardware entropy collector.
#define MBEDTLS_ENTROPY_NV_SEED |
Enable the non-volatile (NV) seed file-based entropy source. (Also enables the NV seed read/write functions in the platform layer)
This is crucial (if not required) on systems that do not have a cryptographic entropy source (in hardware or kernel) available.
Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
#define MBEDTLS_ERROR_C |
Enable error code to error string conversion.
Module: library/error.c Caller:
This module enables mbedtls_strerror().
#define MBEDTLS_ERROR_STRERROR_DUMMY |
Enable a dummy error function to make use of mbedtls_strerror() in third party libraries easier when MBEDTLS_ERROR_C is disabled (no effect when MBEDTLS_ERROR_C is enabled).
You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're not using mbedtls_strerror() or error_strerror() in your application.
Disable if you run into name conflicts and want to really remove the mbedtls_strerror()
#define MBEDTLS_FS_IO |
#define MBEDTLS_GCM_C |
#define MBEDTLS_GENPRIME |
#define MBEDTLS_HAVE_ASM |
The compiler has support for asm().
Requires support for asm() in compiler.
Used in: library/aria.c library/timing.c include/mbedtls/bn_mul.h
Required by: MBEDTLS_AESNI_C MBEDTLS_PADLOCK_C
Comment to disable the use of assembly code.
#define MBEDTLS_HAVE_SSE2 |
#define MBEDTLS_HAVE_TIME |
System has time.h and time(). The time does not need to be correct, only time differences are used, by contrast with MBEDTLS_HAVE_TIME_DATE
Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME.
Comment if your system does not support time functions
#define MBEDTLS_HAVE_TIME_DATE |
System has time.h, time(), and an implementation for mbedtls_platform_gmtime_r() (see below). The time needs to be correct (not necessarily very accurate, but at least the date should be correct). This is used to verify the validity period of X.509 certificates.
Comment if your system does not have a correct clock.
#define MBEDTLS_HAVEGE_C |
Enable the HAVEGE random generator.
Warning: the HAVEGE random generator is not suitable for virtualized environments
Warning: the HAVEGE random generator is dependent on timing and specific processor traits. It is therefore not advised to use HAVEGE as your applications primary random generator or primary entropy pool input. As a secondary input to your entropy pool, it IS able add the (limited) extra entropy it provides.
Module: library/havege.c Caller:
Requires: MBEDTLS_TIMING_C
Uncomment to enable the HAVEGE random generator.
#define MBEDTLS_HKDF_C |
#define MBEDTLS_HMAC_DRBG_C |
#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_DHM_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED |
Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, MBEDTLS_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_ECDH_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, MBEDTLS_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED |
Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_ECJPAKE_C MBEDTLS_SHA256_C MBEDTLS_ECP_DP_SECP256R1_ENABLED
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED |
Enable the PSK based ciphersuite modes in SSL / TLS.
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
Enable the RSA-only based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, MBEDTLS_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, MBEDTLS_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
#define MBEDTLS_MD2_C |
Enable the MD2 hash algorithm.
Module: library/md2.c Caller:
Uncomment to enable support for (rare) MD2-signed X.509 certs.
#define MBEDTLS_MD2_PROCESS_ALT |
MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you alternate core implementation of symmetric crypto or hash function. Keep in mind that function prototypes should remain the same.
This replaces only one function. The header file from mbed TLS is still used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will no longer provide the mbedtls_sha1_process() function, but it will still provide the other function (using your mbedtls_sha1_process() function) and the definition of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible with this definition.
Uncomment a macro to enable alternate implementation of the corresponding function.
#define MBEDTLS_MD4_C |
Enable the MD4 hash algorithm.
Module: library/md4.c Caller:
Uncomment to enable support for (rare) MD4-signed X.509 certs.
#define MBEDTLS_MD5_C |
Enable the MD5 hash algorithm.
Module: library/md5.c Caller: library/md.c library/pem.c library/ssl_tls.c
This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 depending on the handshake parameters. Further, it is used for checking MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded encrypted keys.
#define MBEDTLS_MD_C |
#define MBEDTLS_MEMORY_BACKTRACE |
#define MBEDTLS_MEMORY_BUFFER_ALLOC_C |
Enable the buffer allocator implementation that makes use of a (stack) based buffer to 'allocate' dynamic memory. (replaces calloc() and free() calls)
Module: library/memory_buffer_alloc.c
Requires: MBEDTLS_PLATFORM_C MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
Enable this module to enable the buffer memory allocator.
#define MBEDTLS_MEMORY_DEBUG |
Enable debugging of buffer allocator memory issues. Automatically prints (to stderr) all (fatal) messages on memory allocation issues. Enables function for 'debug output' of allocated memory.
Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
Uncomment this macro to let the buffer allocator print out error messages.
#define MBEDTLS_NET_C |
Enable the TCP and UDP over IPv6/IPv4 networking routines.
mbedtls_ssl_set_bio()
.Module: library/net_sockets.c
This module provides networking routines.
#define MBEDTLS_NIST_KW_C |
#define MBEDTLS_NO_64BIT_MULTIPLICATION |
The platform lacks support for 32x32 -> 64-bit multiplication.
Used in: library/poly1305.c
Some parts of the library may use multiplication of two unsigned 32-bit operands with a 64-bit result in order to speed up computations. On some platforms, this is not available in hardware and has to be implemented in software, usually in a library provided by the toolchain.
Sometimes it is not desirable to have to link to that library. This option removes the dependency of that library on platforms that lack a hardware 64-bit multiplier by embedding a software implementation in Mbed TLS.
Note that depending on the compiler, this may decrease performance compared to using the library function provided by the toolchain.
#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
Do not add default entropy sources. These are the platform specific, mbedtls_timing_hardclock and HAVEGE based poll functions.
This is useful to have more control over the added entropy sources in an application.
Uncomment this macro to prevent loading of default entropy functions.
#define MBEDTLS_NO_PLATFORM_ENTROPY |
#define MBEDTLS_NO_UDBL_DIVISION |
The platform lacks support for double-width integer division (64-bit division on a 32-bit platform, 128-bit division on a 64-bit platform).
Used in: include/mbedtls/bignum.h library/bignum.c
The bignum code uses double-width division to speed up some operations. Double-width division is often implemented in software that needs to be linked with the program. The presence of a double-width integer type is usually detected automatically through preprocessor macros, but the automatic detection cannot know whether the code needs to and can be linked with an implementation of division for that type. By default division is assumed to be usable if the type is present. Uncomment this option to prevent the use of double-width division.
Note that division for the native integer type is always required. Furthermore, a 64-bit type is always required even on a 32-bit platform, but it need not support multiplication or division. In some cases it is also desirable to disable some double-width operations. For example, if double-width division is implemented in software, disabling it can reduce code size in some embedded targets.
#define MBEDTLS_OID_C |
Enable the OID database.
Module: library/oid.c Caller: library/asn1write.c library/pkcs5.c library/pkparse.c library/pkwrite.c library/rsa.c library/x509.c library/x509_create.c library/x509_crl.c library/x509_crt.c library/x509_csr.c library/x509write_crt.c library/x509write_csr.c
This modules translates between OIDs and internal values.
#define MBEDTLS_PADLOCK_C |
#define MBEDTLS_PEM_PARSE_C |
#define MBEDTLS_PEM_WRITE_C |
#define MBEDTLS_PK_C |
#define MBEDTLS_PK_PARSE_C |
#define MBEDTLS_PK_PARSE_EC_EXTENDED |
Enhance support for reading EC keys using variants of SEC1 not allowed by RFC 5915 and RFC 5480.
Currently this means parsing the SpecifiedECDomain choice of EC parameters (only known groups are supported, not arbitrary domains, to avoid validation issues).
Disable if you only need to support RFC 5915 + 5480 key formats.
#define MBEDTLS_PK_RSA_ALT_SUPPORT |
#define MBEDTLS_PK_WRITE_C |
#define MBEDTLS_PKCS11_C |
Enable wrapper for PKCS#11 smartcard support via the pkcs11-helper library.
Module: library/pkcs11.c Caller: library/pk.c
Requires: MBEDTLS_PK_C
This module enables SSL/TLS PKCS #11 smartcard support. Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
#define MBEDTLS_PKCS12_C |
Enable PKCS#12 PBE functions. Adds algorithms for parsing PKCS#8 encrypted private keys
Module: library/pkcs12.c Caller: library/pkparse.c
Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C Can use: MBEDTLS_ARC4_C
This module enables PKCS#12 functions.
#define MBEDTLS_PKCS1_V15 |
#define MBEDTLS_PKCS1_V21 |
#define MBEDTLS_PKCS5_C |
#define MBEDTLS_PLATFORM_C |
Enable the platform abstraction layer that allows you to re-assign functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned above to be specified at runtime or compile time respectively.
Module: library/platform.c Caller: Most other .c files
This module enables abstraction of common (libc) functions.
#define MBEDTLS_PLATFORM_EXIT_ALT |
MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the function in the platform abstraction layer.
Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will provide a function "mbedtls_platform_set_printf()" that allows you to set an alternative printf function pointer.
All these define require MBEDTLS_PLATFORM_C to be defined!
Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
Uncomment a macro to enable alternate implementation of specific base platform function
#define MBEDTLS_PLATFORM_MEMORY |
Enable the memory allocation layer.
By default mbed TLS uses the system-provided calloc() and free(). This allows different allocators (self-implemented or provided) to be provided to the platform abstraction layer.
Enabling MBEDTLS_PLATFORM_MEMORY without the MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and free() function pointer at runtime.
Enabling MBEDTLS_PLATFORM_MEMORY and specifying MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the alternate function at compile time.
Requires: MBEDTLS_PLATFORM_C
Enable this layer to allow use of alternative memory allocators.
#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS |
Do not assign standard functions in the platform layer (e.g. calloc() to MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
This makes sure there are no linking errors on platforms that do not support these functions. You will HAVE to provide alternatives, either at runtime via the platform_set_xxx() functions or at compile time by setting the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a MBEDTLS_PLATFORM_XXX_MACRO.
Requires: MBEDTLS_PLATFORM_C
Uncomment to prevent default assignment of standard functions in the platform layer.
#define MBEDTLS_POLY1305_C |
#define MBEDTLS_PSA_CRYPTO_C |
Enable the Platform Security Architecture cryptography API.
Module: library/psa_crypto.c
Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
#define MBEDTLS_PSA_CRYPTO_SE_C |
Enable secure element support in the Platform Security Architecture cryptography API.
Module: library/psa_crypto_se.c
Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_C
#define MBEDTLS_PSA_CRYPTO_SPM |
When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure Partition Manager) integration which separates the code into two parts: a NSPE (Non-Secure Process Environment) and an SPE (Secure Process Environment).
Module: library/psa_crypto.c Requires: MBEDTLS_PSA_CRYPTO_C
#define MBEDTLS_PSA_CRYPTO_STORAGE_C |
#define MBEDTLS_PSA_INJECT_ENTROPY |
Enable support for entropy injection at first boot. This feature is required on systems that do not have a built-in entropy source (TRNG). This feature is currently not supported on systems that have a built-in entropy source.
Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED
#define MBEDTLS_PSA_ITS_FILE_C |
#define MBEDTLS_REMOVE_3DES_CIPHERSUITES |
Remove 3DES ciphersuites by default in SSL / TLS. This flag removes the ciphersuites based on 3DES from the default list as returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them explicitly.
A man-in-the-browser attacker can recover authentication tokens sent through a TLS connection using a 3DES based cipher suite (see "On the Practical (In-)Security of 64-bit Block Ciphers" by Karthikeyan Bhargavan and Gaëtan Leurent, see https://sweet32.info/SWEET32_CCS16.pdf). If this attack falls in your threat model or you are unsure, then you should keep this option enabled to remove 3DES based cipher suites.
Comment this macro to keep 3DES in the default ciphersuite list.
#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES |
Remove RC4 ciphersuites by default in SSL / TLS. This flag removes the ciphersuites based on RC4 from the default list as returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them explicitly.
Uncomment this macro to remove RC4 ciphersuites by default.
#define MBEDTLS_RIPEMD160_C |
#define MBEDTLS_RSA_C |
Enable the RSA public-key cryptosystem.
Module: library/rsa.c library/rsa_internal.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c library/x509.c
This module is used by the following key exchanges: RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
#define MBEDTLS_RSA_NO_CRT |
#define MBEDTLS_SELF_TEST |
#define MBEDTLS_SHA1_C |
Enable the SHA1 cryptographic hash algorithm.
Module: library/sha1.c Caller: library/md.c library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c library/x509write_crt.c
This module is required for SSL/TLS up to version 1.1, for TLS 1.2 depending on the handshake parameters, and for SHA1-signed certificates.
#define MBEDTLS_SHA256_C |
Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
Module: library/sha256.c Caller: library/entropy.c library/md.c library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c
This module adds support for SHA-224 and SHA-256. This module is required for the SSL/TLS 1.2 PRF function.
#define MBEDTLS_SHA256_SMALLER |
Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance.
The default implementation is meant to be a reasonnable compromise between performance and size. This version optimizes more aggressively for size at the expense of performance. Eg on Cortex-M4 it reduces the size of mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 30%.
Uncomment to enable the smaller implementation of SHA256.
#define MBEDTLS_SHA512_C |
#define MBEDTLS_SHA512_NO_SHA384 |
#define MBEDTLS_SHA512_SMALLER |
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES |
Enable sending of alert messages in case of encountered errors as per RFC. If you choose not to send the alert messages, mbed TLS can still communicate with other servers, only debugging of failures is harder.
The advantage of not sending alert messages, is that no information is given about reasons for failures thus preventing adversaries of gaining intel.
Enable sending of all alert messages
#define MBEDTLS_SSL_ALPN |
#define MBEDTLS_SSL_ASYNC_PRIVATE |
#define MBEDTLS_SSL_CACHE_C |
#define MBEDTLS_SSL_CBC_RECORD_SPLITTING |
Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
This is a countermeasure to the BEAST attack, which also minimizes the risk of interoperability issues compared to sending 0-length records.
Comment this macro to disable 1/n-1 record splitting.
#define MBEDTLS_SSL_CLI_C |
#define MBEDTLS_SSL_CONTEXT_SERIALIZATION |
Enable serialization of the TLS context structures, through use of the functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load().
This pair of functions allows one side of a connection to serialize the context associated with the connection, then free or re-use that context while the serialized state is persisted elsewhere, and finally deserialize that state to a live context for resuming read/write operations on the connection. From a protocol perspective, the state of the connection is unaffected, in particular this is entirely transparent to the peer.
Note: this is distinct from TLS session resumption, which is part of the protocol and fully visible by the peer. TLS session resumption enables establishing new connections associated to a saved session with shorter, lighter handshakes, while context serialization is a local optimization in handling a single, potentially long-lived connection.
Enabling these APIs makes some SSL structures larger, as 64 extra bytes are saved after the handshake to allow for more efficient serialization, so if you don't need this feature you'll save RAM by disabling it.
Comment to disable the context serialization APIs.
#define MBEDTLS_SSL_COOKIE_C |
#define MBEDTLS_SSL_DEBUG_ALL |
Enable the debug messages in SSL module for all issues. Debug messages have been disabled in some places to prevent timing attacks due to (unbalanced) debugging function calls.
If you need all error reporting you should enable this during debugging, but remove this for production servers that should log as well.
Uncomment this macro to report all debug messages on errors introducing a timing side-channel.
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY |
Enable support for the anti-replay mechanism in DTLS.
Requires: MBEDTLS_SSL_TLS_C MBEDTLS_SSL_PROTO_DTLS
Comment this to disable anti-replay in DTLS.
#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT |
Enable support for a limit of records with bad MAC.
See mbedtls_ssl_conf_dtls_badmac_limit().
Requires: MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE |
Enable server-side support for clients that reconnect from the same port.
Some clients unexpectedly close the connection and try to reconnect using the same source port. This needs special support from the server to handle the new connection securely, as described in section 4.2.8 of RFC 6347. This flag enables that support.
Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
Comment this to disable support for clients reusing the source port.
#define MBEDTLS_SSL_DTLS_CONNECTION_ID |
Enable support for the DTLS Connection ID extension (version draft-ietf-tls-dtls-connection-id-05, https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) which allows to identify DTLS connections across changes in the underlying transport.
Setting this option enables the SSL APIs mbedtls_ssl_set_cid()
, mbedtls_ssl_get_peer_cid()
and mbedtls_ssl_conf_cid()
. See the corresponding documentation for more information.
The maximum lengths of outgoing and incoming CIDs can be configured through the options
Requires: MBEDTLS_SSL_PROTO_DTLS
Uncomment to enable the Connection ID extension.
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY |
Enable support for HelloVerifyRequest on DTLS servers.
This feature is highly recommended to prevent DTLS servers being used as amplifiers in DoS attacks against other hosts. It should always be enabled unless you know for sure amplification cannot be a problem in the environment in which your server operates.
Requires: MBEDTLS_SSL_PROTO_DTLS
Comment this to disable support for HelloVerifyRequest.
#define MBEDTLS_SSL_ENCRYPT_THEN_MAC |
Enable support for Encrypt-then-MAC, RFC 7366.
This allows peers that both support it to use a more robust protection for ciphersuites using CBC, providing deep resistance against timing attacks on the padding or underlying cipher.
This only affects CBC ciphersuites, and is useless if none is defined.
Requires: MBEDTLS_SSL_PROTO_TLS1 or MBEDTLS_SSL_PROTO_TLS1_1 or MBEDTLS_SSL_PROTO_TLS1_2
Comment this macro to disable support for Encrypt-then-MAC
#define MBEDTLS_SSL_EXPORT_KEYS |
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET |
Enable support for RFC 7627: Session Hash and Extended Master Secret Extension.
This was introduced as "the proper fix" to the Triple Handshake familiy of attacks, but it is recommended to always use it (even if you disable renegotiation), since it actually fixes a more fundamental issue in the original SSL/TLS design, and has implications beyond Triple Handshake.
Requires: MBEDTLS_SSL_PROTO_TLS1 or MBEDTLS_SSL_PROTO_TLS1_1 or MBEDTLS_SSL_PROTO_TLS1_2
Comment this macro to disable support for Extended Master Secret.
#define MBEDTLS_SSL_FALLBACK_SCSV |
Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks.
For servers, it is recommended to always enable this, unless you support only one version of TLS, or know for sure that none of your clients implements a fallback strategy.
For clients, you only need this if you're using a fallback strategy, which is not recommended in the first place, unless you absolutely need it to interoperate with buggy (version-intolerant) servers.
Comment this macro to disable support for FALLBACK_SCSV
#define MBEDTLS_SSL_HW_RECORD_ACCEL |
Enable hooking functions in SSL module for hardware acceleration of individual records.
Uncomment this macro to enable hooking functions.
#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE |
This option controls the availability of the API mbedtls_ssl_get_peer_cert() giving access to the peer's certificate after completion of the handshake.
Unless you need mbedtls_ssl_peer_cert() in your application, it is recommended to disable this option for reduced RAM usage.
NULL
.Comment this macro to disable storing the peer's certificate after the handshake.
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH |
#define MBEDTLS_SSL_PROTO_DTLS |
Enable support for DTLS (all available versions).
Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
Requires: MBEDTLS_SSL_PROTO_TLS1_1 or MBEDTLS_SSL_PROTO_TLS1_2
Comment this macro to disable support for DTLS
#define MBEDTLS_SSL_PROTO_SSL3 |
Enable support for SSL 3.0.
Requires: MBEDTLS_MD5_C MBEDTLS_SHA1_C
Comment this macro to disable support for SSL 3.0
#define MBEDTLS_SSL_PROTO_TLS1 |
#define MBEDTLS_SSL_PROTO_TLS1_1 |
#define MBEDTLS_SSL_PROTO_TLS1_2 |
#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL |
This macro is used to selectively enable experimental parts of the code that contribute to the ongoing development of the prototype TLS 1.3 and DTLS 1.3 implementation, and provide no other purpose.
Uncomment this macro to enable experimental and partial functionality specific to TLS 1.3.
#define MBEDTLS_SSL_RECORD_CHECKING |
Enable the function mbedtls_ssl_check_record() which can be used to check the validity and authenticity of an incoming record, to verify that it has not been seen before. These checks are performed without modifying the externally visible state of the SSL context.
See mbedtls_ssl_check_record() for more information.
Uncomment to enable support for record checking.
#define MBEDTLS_SSL_RENEGOTIATION |
Enable support for TLS renegotiation.
The two main uses of renegotiation are (1) refresh keys on long-lived connections and (2) client authentication after the initial handshake. If you don't need renegotiation, it's probably better to disable it, since it has been associated with security issues in the past and is easy to misuse/misunderstand.
Comment this to disable support for renegotiation.
mbedtls_ssl_conf_legacy_renegotiation
for the configuration of this extension). #define MBEDTLS_SSL_SERVER_NAME_INDICATION |
#define MBEDTLS_SSL_SESSION_TICKETS |
Enable support for RFC 5077 session tickets in SSL. Client-side, provides full support for session tickets (maintenance of a session store remains the responsibility of the application, though). Server-side, you also need to provide callbacks for writing and parsing tickets, including authenticated encryption and key management. Example callbacks are provided by MBEDTLS_SSL_TICKET_C.
Comment this macro to disable support for SSL session tickets
#define MBEDTLS_SSL_SRV_C |
#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE |
#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
Enable support for receiving and parsing SSLv2 Client Hello messages for the SSL Server module (MBEDTLS_SSL_SRV_C).
Uncomment this macro to enable support for SSLv2 Client Hello messages.
#define MBEDTLS_SSL_TICKET_C |
#define MBEDTLS_SSL_TLS_C |
#define MBEDTLS_SSL_TRUNCATED_HMAC |
#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT |
Fallback to old (pre-2.7), non-conforming implementation of the truncated HMAC extension which also truncates the HMAC key. Note that this option is only meant for a transitory upgrade period and will be removed in a future version of the library.
Uncomment to fallback to old, non-compliant truncated HMAC implementation.
Requires: MBEDTLS_SSL_TRUNCATED_HMAC
#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH |
#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN |
Enable testing of the constant-flow nature of some sensitive functions with clang's MemorySanitizer. This causes some existing tests to also test this non-functional property of the code under test.
This setting requires compiling with clang -fsanitize=memory. The test suites can then be run normally.
Uncomment to enable testing of the constant-flow nature of selected code.
#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND |
Enable testing of the constant-flow nature of some sensitive functions with valgrind's memcheck tool. This causes some existing tests to also test this non-functional property of the code under test.
This setting requires valgrind headers for building, and is only useful for testing if the tests suites are run with valgrind's memcheck. This can be done for an individual test suite with 'valgrind ./test_suite_xxx', or when using CMake, this can be done for all test suites with 'make memcheck'.
Uncomment to enable testing of the constant-flow nature of selected code.
#define MBEDTLS_TEST_HOOKS |
Enable features for invasive testing such as introspection functions and hooks for fault injection. This enables additional unit tests.
Merely enabling this feature should not change the behavior of the product. It only adds new code, and new branching points where the default behavior is the same as when this feature is disabled. However, this feature increases the attack surface: there is an added risk of vulnerabilities, and more gadgets that can make exploits easier. Therefore this feature must never be enabled in production.
See docs/architecture/testing/mbed-crypto-invasive-testing.md
for more information.
Uncomment to enable invasive tests.
#define MBEDTLS_TEST_NULL_ENTROPY |
Enables testing and use of mbed TLS without any configured entropy sources. This permits use of the library on platforms before an entropy source has been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the MBEDTLS_ENTROPY_NV_SEED switches).
WARNING! This switch MUST be disabled in production builds, and is suitable only for development. Enabling the switch negates any security provided by the library.
Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
#define MBEDTLS_THREADING_ALT |
#define MBEDTLS_THREADING_C |
Enable the threading abstraction layer. By default mbed TLS assumes it is used in a non-threaded environment or that contexts are not shared between threads. If you do intend to use contexts between threads, you will need to enable this layer to prevent race conditions. See also our Knowledge Base article about threading: https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
Module: library/threading.c
This allows different threading implementations (self-implemented or provided).
You will have to enable either MBEDTLS_THREADING_ALT or MBEDTLS_THREADING_PTHREAD.
Enable this layer to allow use of mutexes within mbed TLS
#define MBEDTLS_THREADING_PTHREAD |
#define MBEDTLS_TIMING_ALT |
Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
Only works if you have MBEDTLS_TIMING_C enabled.
You will need to provide a header "timing_alt.h" and an implementation at compile time.
#define MBEDTLS_TIMING_C |
Enable the semi-portable timing interface.
mbedtls_ssl_set_timer_cb()
for DTLS, or leave it enabled and provide your own implementation of the whole module by setting MBEDTLS_TIMING_ALT
in the current file.Module: library/timing.c Caller: library/havege.c
This module is used by the HAVEGE random number generator.
#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE |
Complete list of ciphersuites to use, in order of preference.
Use this to save a few hundred bytes of ROM (default ordering of all available ciphersuites) and a few to a few hundred bytes of RAM.
The value below is only an example, not the default. Allow SHA-1 in the default TLS configuration for certificate signing. Without this build-time option, SHA-1 support must be activated explicitly through mbedtls_ssl_conf_cert_profile. Turning on this option is not recommended because of it is possible to generate SHA-1 collisions, however this may be safe for legacy infrastructure where additional controls apply.
#define MBEDTLS_USE_PSA_CRYPTO |
Make the X.509 and TLS library use PSA for cryptographic operations, and enable new APIs for using keys handled by PSA Crypto.
Requires: MBEDTLS_PSA_CRYPTO_C.
Uncomment this to enable internal use of PSA Crypto and new associated APIs.
#define MBEDTLS_VERSION_C |
#define MBEDTLS_VERSION_FEATURES |
Allow run-time checking of compile-time enabled features. Thus allowing users to check at run-time if the library is for instance compiled with threading support via mbedtls_version_check_feature().
Requires: MBEDTLS_VERSION_C
Comment this to disable run-time checking and save ROM space
#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE |
Enable verification of the extendedKeyUsage extension (leaf certificates).
Disabling this avoids problems with mis-issued and/or misused certificates.
Comment to skip extendedKeyUsage checking for certificates.
#define MBEDTLS_X509_CHECK_KEY_USAGE |
Enable verification of the keyUsage extension (CA and leaf certificates).
Disabling this avoids problems with mis-issued and/or misused (intermediate) CA and leaf certificates.
Comment to skip keyUsage checking for both CA and leaf certificates.
#define MBEDTLS_X509_CREATE_C |
#define MBEDTLS_X509_CRL_PARSE_C |
#define MBEDTLS_X509_CRT_PARSE_C |
#define MBEDTLS_X509_CRT_WRITE_C |
#define MBEDTLS_X509_CSR_PARSE_C |
#define MBEDTLS_X509_CSR_WRITE_C |
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT |
#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK |
If set, this enables the X.509 API mbedtls_x509_crt_verify_with_ca_cb()
and the SSL API mbedtls_ssl_conf_ca_cb()
which allow users to configure the set of trusted certificates through a callback instead of a linked list.
This is useful for example in environments where a large number of trusted certificates is present and storing them in a linked list isn't efficient enough, or when the set of trusted certificates changes frequently.
See the documentation of mbedtls_x509_crt_verify_with_ca_cb()
and mbedtls_ssl_conf_ca_cb()
for more information.
Uncomment to enable trusted certificate callbacks.
#define MBEDTLS_X509_USE_C |
Enable X.509 core for using certificates.
Module: library/x509.c Caller: library/x509_crl.c library/x509_crt.c library/x509_csr.c
Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C
This module is required for the X.509 parsing modules.
#define MBEDTLS_XTEA_C |
#define MBEDTLS_ZLIB_SUPPORT |
If set, the SSL/TLS module uses ZLIB to support compression and decompression of packet data.
Used in: library/ssl_tls.c library/ssl_cli.c library/ssl_srv.c
This feature requires zlib library and headers to be present.
Uncomment to enable use of ZLIB