#include "tuya_iot_config.h"
#include "tuya_iot_config.h"
#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
#include MBEDTLS_USER_CONFIG_FILE
#include MBEDTLS_USER_CONFIG_FILE
#define MBEDTLS_CONFIG_H_TY_ECC_ONLY
#define TUYA_ECP_MUL_COMB_ROM_TABLES 1 //使用ROM代替RAM
//#define TUYA_ECP_MUL_COMB_OPTIM 1 //打开ECP点乘优化
#define _CRT_SECURE_NO_DEPRECATE 1
#define MBEDTLS_HAVE_ASM
#define MBEDTLS_PLATFORM_MEMORY
/** * \def MBEDTLS_PLATFORM_MEMORY * * Enable the memory allocation layer. * * By default mbed TLS uses the system-provided calloc() and free(). * This allows different allocators (self-implemented or provided) to be * provided to the platform abstraction layer. * * Enabling MBEDTLS_PLATFORM_MEMORY without the * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and * free() function pointer at runtime. * * Enabling MBEDTLS_PLATFORM_MEMORY and specifying * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the * alternate function at compile time. * * Requires: MBEDTLS_PLATFORM_C * * Enable this layer to allow use of alternative memory allocators. */
#define MBEDTLS_DEPRECATED_WARNING
/** * \def MBEDTLS_DEPRECATED_WARNING * * Mark deprecated functions so that they generate a warning if used. * Functions deprecated in one version will usually be removed in the next * version. You can enable this to help you prepare the transition to a new * major version by making sure your code is not using these functions. * * This only works with GCC and Clang. With other compilers, you may want to * use MBEDTLS_DEPRECATED_REMOVED * * Uncomment to get warnings on using deprecated functions. */
#define MBEDTLS_AES_ALT
/** * \def MBEDTLS_AES_ALT * * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your * alternate core implementation of a symmetric crypto, an arithmetic or hash * module (e.g. platform specific assembly optimized implementations). Keep * in mind that the function prototypes should remain the same. * * This replaces the whole module. If you only want to replace one of the * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. * * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer * provide the "struct mbedtls_aes_context" definition and omit the base * function declarations and implementations. "aes_alt.h" will be included from * "aes.h" to include the new function definitions. * * Uncomment a macro to enable alternate implementation of the corresponding * module. * * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their * use constitutes a security risk. If possible, we recommend * avoiding dependencies on them, and considering stronger message * digests and ciphers instead. * */
#define MBEDTLS_AES_ROM_TABLES
/** * \def MBEDTLS_AES_ROM_TABLES * * Use precomputed AES tables stored in ROM. * * Uncomment this macro to use precomputed AES tables stored in ROM. * Comment this macro to generate AES tables in RAM at runtime. * * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the * initialization time before the first AES operation can be performed. * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded * performance if ROM access is slower than RAM access. * * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. * */
#define MBEDTLS_AES_FEWER_TABLES
/** * \def MBEDTLS_AES_FEWER_TABLES * * Use less ROM/RAM for AES tables. * * Uncommenting this macro omits 75% of the AES tables from * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) * by computing their values on the fly during operations * (the tables are entry-wise rotations of one another). * * Tradeoff: Uncommenting this reduces the RAM / ROM footprint * by ~6kb but at the cost of more arithmetic operations during * runtime. Specifically, one has to compare 4 accesses within * different tables to 4 accesses with additional arithmetic * operations within the same table. The performance gain/loss * depends on the system and memory details. * * This option is independent of \c MBEDTLS_AES_ROM_TABLES. * */
#define MBEDTLS_CIPHER_MODE_CBC
/** * \def MBEDTLS_CIPHER_MODE_CBC * * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. */
#define MBEDTLS_CIPHER_PADDING_PKCS7
/** * \def MBEDTLS_CIPHER_PADDING_PKCS7 * * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for * specific padding modes in the cipher layer with cipher modes that support * padding (e.g. CBC) * * If you disable all padding modes, only full blocks can be used with CBC. * * Enable padding modes in the cipher layer. */
#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
#define MBEDTLS_CIPHER_PADDING_ZEROS
#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
/** * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES * * Remove RC4 ciphersuites by default in SSL / TLS. * This flag removes the ciphersuites based on RC4 from the default list as * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them * explicitly. * * Uncomment this macro to remove RC4 ciphersuites by default. */
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
#define MBEDTLS_ECP_NIST_OPTIM
/** * \def MBEDTLS_ECP_NIST_OPTIM * * Enable specific 'modulo p' routines for each NIST prime. * Depending on the prime and architecture, makes operations 4 to 8 times * faster on the corresponding curve. * * Comment this macro to disable NIST curves optimisation. */
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
/** * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED * * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. * * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, * MBEDTLS_X509_CRT_PARSE_C * * This enables the following ciphersuites (if other requisites are * enabled as well): * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA */
#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
/** * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES * * Do not add default entropy sources. These are the platform specific, * mbedtls_timing_hardclock and HAVEGE based poll functions. * * This is useful to have more control over the added entropy sources in an * application. * * Uncomment this macro to prevent loading of default entropy functions. */
#define MBEDTLS_NO_PLATFORM_ENTROPY
/** * \def MBEDTLS_NO_PLATFORM_ENTROPY * * Do not use built-in platform entropy functions. * This is useful if your platform does not support * standards like the /dev/urandom or Windows CryptoAPI. * * Uncomment this macro to disable the built-in platform entropy functions. */
#define MBEDTLS_PKCS1_V15
/** * \def MBEDTLS_PKCS1_V15 * * Enable support for PKCS#1 v1.5 encoding. * * Requires: MBEDTLS_RSA_C * * This enables support for PKCS#1 v1.5 operations. */
#define MBEDTLS_PKCS1_V21
/** * \def MBEDTLS_PKCS1_V21 * * Enable support for PKCS#1 v2.1 encoding. * * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C * * This enables support for RSAES-OAEP and RSASSA-PSS operations. */
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
/** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * * Enable sending of alert messages in case of encountered errors as per RFC. * If you choose not to send the alert messages, mbed TLS can still communicate * with other servers, only debugging of failures is harder. * * The advantage of not sending alert messages, is that no information is given * about reasons for failures thus preventing adversaries of gaining intel. * * Enable sending of all alert messages */
#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC * * Enable support for Encrypt-then-MAC, RFC 7366. * * This allows peers that both support it to use a more robust protection for * ciphersuites using CBC, providing deep resistance against timing attacks * on the padding or underlying cipher. * * This only affects CBC ciphersuites, and is useless if none is defined. * * Requires: MBEDTLS_SSL_PROTO_TLS1 or * MBEDTLS_SSL_PROTO_TLS1_1 or * MBEDTLS_SSL_PROTO_TLS1_2 * * Comment this macro to disable support for Encrypt-then-MAC */
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET * * Enable support for Extended Master Secret, aka Session Hash * (draft-ietf-tls-session-hash-02). * * This was introduced as "the proper fix" to the Triple Handshake familiy of * attacks, but it is recommended to always use it (even if you disable * renegotiation), since it actually fixes a more fundamental issue in the * original SSL/TLS design, and has implications beyond Triple Handshake. * * Requires: MBEDTLS_SSL_PROTO_TLS1 or * MBEDTLS_SSL_PROTO_TLS1_1 or * MBEDTLS_SSL_PROTO_TLS1_2 * * Comment this macro to disable support for Extended Master Secret. */
#define MBEDTLS_SSL_PROTO_TLS1_2
/** * \def MBEDTLS_SSL_PROTO_TLS1_2 * * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). * * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C * (Depends on ciphersuites) * * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 */
#define MBEDTLS_SSL_SESSION_TICKETS
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
/** * \def MBEDTLS_SSL_SERVER_NAME_INDICATION * * Enable support for RFC 6066 server name indication (SNI) in SSL. * * Requires: MBEDTLS_X509_CRT_PARSE_C * * Comment this macro to disable support for server name indication in SSL */
#define MBEDTLS_X509_CHECK_KEY_USAGE
/** * \def MBEDTLS_X509_CHECK_KEY_USAGE * * Enable verification of the keyUsage extension (CA and leaf certificates). * * Disabling this avoids problems with mis-issued and/or misused * (intermediate) CA and leaf certificates. * * \warning Depending on your PKI use, disabling this can be a security risk! * * Comment to skip keyUsage checking for both CA and leaf certificates. */
#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
/** * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE * * Enable verification of the extendedKeyUsage extension (leaf certificates). * * Disabling this avoids problems with mis-issued and/or misused certificates. * * \warning Depending on your PKI use, disabling this can be a security risk! * * Comment to skip extendedKeyUsage checking for certificates. */
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
/** * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT * * Enable parsing and verification of X.509 certificates, CRLs and CSRS * signed with RSASSA-PSS (aka PKCS#1 v2.1). * * Comment this macro to disallow using RSASSA-PSS in certificates. */
#define MBEDTLS_AES_C
/** * \def MBEDTLS_AES_C * * Enable the AES block cipher. * * Module: library/aes.c * Caller: library/cipher.c * library/pem.c * library/ctr_drbg.c * * This module enables the following ciphersuites (if other requisites are * enabled as well): * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA * * PEM_PARSE uses AES for decrypting encrypted keys. */
#define MBEDTLS_ASN1_PARSE_C
/** * \def MBEDTLS_ASN1_PARSE_C * * Enable the generic ASN1 parser. * * Module: library/asn1.c * Caller: library/x509.c * library/dhm.c * library/pkcs12.c * library/pkcs5.c * library/pkparse.c */
#define MBEDTLS_BASE64_C
/** * \def MBEDTLS_BASE64_C * * Enable the Base64 module. * * Module: library/base64.c * Caller: library/pem.c * * This module is required for PEM support (required by X.509). */
#define MBEDTLS_BIGNUM_C
/** * \def MBEDTLS_BIGNUM_C * * Enable the multi-precision integer library. * * Module: library/bignum.c * Caller: library/dhm.c * library/ecp.c * library/ecdsa.c * library/rsa.c * library/rsa_internal.c * library/ssl_tls.c * * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. */
#define MBEDTLS_CCM_C
/** * \def MBEDTLS_CCM_C * * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. * * Module: library/ccm.c * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * * This module enables the AES-CCM ciphersuites, if other requisites are * enabled as well. */
#define MBEDTLS_CIPHER_C
/** * \def MBEDTLS_CIPHER_C * * Enable the generic cipher layer. * * Module: library/cipher.c * Caller: library/ssl_tls.c * * Uncomment to enable generic cipher wrappers. */
#define MBEDTLS_ECDH_C
/** * \def MBEDTLS_ECDH_C * * Enable the elliptic curve Diffie-Hellman library. * * Module: library/ecdh.c * Caller: library/ssl_cli.c * library/ssl_srv.c * * This module is used by the following key exchanges: * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK * * Requires: MBEDTLS_ECP_C */
#define MBEDTLS_ECP_C
/** * \def MBEDTLS_ECP_C * * Enable the elliptic curve over GF(p) library. * * Module: library/ecp.c * Caller: library/ecdh.c * library/ecdsa.c * library/ecjpake.c * * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED */
#define MBEDTLS_GCM_C
/** * \def MBEDTLS_GCM_C * * Enable the Galois/Counter Mode (GCM) for AES. * * Module: library/gcm.c * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other * requisites are enabled as well. */
#define MBEDTLS_MD_C
/** * \def MBEDTLS_MD_C * * Enable the generic message digest layer. * * Module: library/md.c * Caller: * * Uncomment to enable generic message digest wrappers. */
#define MBEDTLS_MD5_C
/** * \def MBEDTLS_MD5_C * * Enable the MD5 hash algorithm. * * Module: library/md5.c * Caller: library/md.c * library/pem.c * library/ssl_tls.c * * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 * depending on the handshake parameters. Further, it is used for checking * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded * encrypted keys. * * \warning MD5 is considered a weak message digest and its use constitutes a * security risk. If possible, we recommend avoiding dependencies on * it, and considering stronger message digests instead. * */
#define MBEDTLS_OID_C
/** * \def MBEDTLS_OID_C * * Enable the OID database. * * Module: library/oid.c * Caller: library/asn1write.c * library/pkcs5.c * library/pkparse.c * library/pkwrite.c * library/rsa.c * library/x509.c * library/x509_create.c * library/x509_crl.c * library/x509_crt.c * library/x509_csr.c * library/x509write_crt.c * library/x509write_csr.c * * This modules translates between OIDs and internal values. */
#define MBEDTLS_PK_C
/** * \def MBEDTLS_PK_C * * Enable the generic public (asymetric) key layer. * * Module: library/pk.c * Caller: library/ssl_tls.c * library/ssl_cli.c * library/ssl_srv.c * * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C * * Uncomment to enable generic public key wrappers. */
#define MBEDTLS_PK_PARSE_C
/** * \def MBEDTLS_PK_PARSE_C * * Enable the generic public (asymetric) key parser. * * Module: library/pkparse.c * Caller: library/x509_crt.c * library/x509_csr.c * * Requires: MBEDTLS_PK_C * * Uncomment to enable generic public key parse functions. */
#define MBEDTLS_PKCS5_C
/** * \def MBEDTLS_PKCS5_C * * Enable PKCS#5 functions. * * Module: library/pkcs5.c * * Requires: MBEDTLS_MD_C * * This module adds support for the PKCS#5 functions. */
#define MBEDTLS_PKCS12_C
/** * \def MBEDTLS_PKCS12_C * * Enable PKCS#12 PBE functions. * Adds algorithms for parsing PKCS#8 encrypted private keys * * Module: library/pkcs12.c * Caller: library/pkparse.c * * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C * Can use: MBEDTLS_ARC4_C * * This module enables PKCS#12 functions. */
#define MBEDTLS_PLATFORM_C
/** * \def MBEDTLS_PLATFORM_C * * Enable the platform abstraction layer that allows you to re-assign * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). * * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned * above to be specified at runtime or compile time respectively. * * \note This abstraction layer must be enabled on Windows (including MSYS2) * as other module rely on it for a fixed snprintf implementation. * * Module: library/platform.c * Caller: Most other .c files * * This module enables abstraction of common (libc) functions. */
#define MBEDTLS_RSA_C
/** * \def MBEDTLS_RSA_C * * Enable the RSA public-key cryptosystem. * * Module: library/rsa.c * library/rsa_internal.c * Caller: library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c * library/x509.c * * This module is used by the following key exchanges: * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK * * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C */
#define MBEDTLS_SHA1_C
/** * \def MBEDTLS_SHA1_C * * Enable the SHA1 cryptographic hash algorithm. * * Module: library/sha1.c * Caller: library/md.c * library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c * library/x509write_crt.c * * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 * depending on the handshake parameters, and for SHA1-signed certificates. * * \warning SHA-1 is considered a weak message digest and its use constitutes * a security risk. If possible, we recommend avoiding dependencies * on it, and considering stronger message digests instead. * */
#define MBEDTLS_SHA256_C
/** * \def MBEDTLS_SHA256_C * * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. * * Module: library/sha256.c * Caller: library/entropy.c * library/md.c * library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c * * This module adds support for SHA-224 and SHA-256. * This module is required for the SSL/TLS 1.2 PRF function. */
#define MBEDTLS_SHA512_C
/** * \def MBEDTLS_SHA512_C * * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. * * Module: library/sha512.c * Caller: library/entropy.c * library/md.c * library/ssl_cli.c * library/ssl_srv.c * * This module adds support for SHA-384 and SHA-512. */
#define MBEDTLS_SSL_CLI_C
/** * \def MBEDTLS_SSL_CLI_C * * Enable the SSL/TLS client code. * * Module: library/ssl_cli.c * Caller: * * Requires: MBEDTLS_SSL_TLS_C * * This module is required for SSL/TLS client support. */
#define MBEDTLS_SSL_TLS_C
/** * \def MBEDTLS_SSL_TLS_C * * Enable the generic SSL/TLS code. * * Module: library/ssl_tls.c * Caller: library/ssl_cli.c * library/ssl_srv.c * * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C * and at least one of the MBEDTLS_SSL_PROTO_XXX defines * * This module is required for SSL/TLS. */
#define MBEDTLS_VERSION_C
/** * \def MBEDTLS_VERSION_C * * Enable run-time version information. * * Module: library/version.c * * This module provides run-time version information. */
#define MBEDTLS_X509_USE_C
/** * \def MBEDTLS_X509_USE_C * * Enable X.509 core for using certificates. * * Module: library/x509.c * Caller: library/x509_crl.c * library/x509_crt.c * library/x509_csr.c * * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, * MBEDTLS_PK_PARSE_C * * This module is required for the X.509 parsing modules. */
#define MBEDTLS_X509_CRT_PARSE_C
/** * \def MBEDTLS_X509_CRT_PARSE_C * * Enable X.509 certificate parsing. * * Module: library/x509_crt.c * Caller: library/ssl_cli.c * library/ssl_srv.c * library/ssl_tls.c * * Requires: MBEDTLS_X509_USE_C * * This module is required for X.509 certificate parsing. */
#define MBEDTLS_MPI_WINDOW_SIZE 1 /**< Maximum windows size used. */
/* MPI / BIGNUM options */
#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
#define MBEDTLS_ECP_MAX_BITS 256 /**< Maximum bit size of groups */
/* ECP options */
#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384