From 294b5e06b1278b3f5ea782228588a9359b80eb78 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 27 Sep 2024 10:04:31 +0200 Subject: [PATCH] Improve alphabetic ordering in sections Signed-off-by: Ronald Cron --- docs/proposed/config-split.md | 94 +++++++++++++++++------------------ 1 file changed, 47 insertions(+), 47 deletions(-) diff --git a/docs/proposed/config-split.md b/docs/proposed/config-split.md index 4ec6aec922..84081a8d3f 100644 --- a/docs/proposed/config-split.md +++ b/docs/proposed/config-split.md @@ -99,8 +99,8 @@ Open question: do we group them into a subsection? #define MBEDTLS_FS_IO #define MBEDTLS_HAVE_TIME #define MBEDTLS_HAVE_TIME_DATE -//#define MBEDTLS_MEMORY_DEBUG //#define MBEDTLS_MEMORY_BACKTRACE +//#define MBEDTLS_MEMORY_DEBUG #define MBEDTLS_PLATFORM_C //#define MBEDTLS_PLATFORM_EXIT_ALT //#define MBEDTLS_PLATFORM_FPRINTF_ALT @@ -117,8 +117,8 @@ Open question: do we group them into a subsection? //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT //#define MBEDTLS_PLATFORM_ZEROIZE_ALT //#define MBEDTLS_THREADING_ALT -//#define MBEDTLS_THREADING_PTHREAD //#define MBEDTLS_THREADING_C +//#define MBEDTLS_THREADING_PTHREAD //#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc @@ -126,11 +126,11 @@ Open question: do we group them into a subsection? //#define MBEDTLS_PLATFORM_FREE_MACRO free //#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t -//#define MBEDTLS_PRINTF_MS_TIME PRId64 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write //#define MBEDTLS_PLATFORM_PRINTF_MACRO printf //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf +//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf //#define MBEDTLS_PLATFORM_STD_CALLOC calloc //#define MBEDTLS_PLATFORM_STD_EXIT exit //#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 @@ -145,10 +145,10 @@ Open question: do we group them into a subsection? //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf //#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf //#define MBEDTLS_PLATFORM_STD_TIME time -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf //#define MBEDTLS_PLATFORM_TIME_MACRO time //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf +//#define MBEDTLS_PRINTF_MS_TIME PRId64 ``` #### SECTION "General and test configuration options" @@ -156,8 +156,6 @@ Open question: do we group them into a subsection? //#define MBEDTLS_CHECK_RETURN_WARNING //#define MBEDTLS_DEPRECATED_REMOVED //#define MBEDTLS_DEPRECATED_WARNING -//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" -//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" #define MBEDTLS_SELF_TEST //#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN //#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND @@ -165,6 +163,8 @@ Open question: do we group them into a subsection? //#define MBEDTLS_CHECK_RETURN __attribute__((__warn_unused_result__)) //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) +//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" +//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" ``` #### SECTION "Cryptographic mechanism selection (PSA API)" @@ -177,12 +177,12 @@ PSA_WANT_\* macros as in current `crypto_config.h`. //#define MBEDTLS_LMS_PRIVATE #define MBEDTLS_MD_C #define MBEDTLS_NIST_KW_C -#define MBEDTLS_PK_C #define MBEDTLS_PKCS5_C #define MBEDTLS_PKCS12_C +#define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -#define MBEDTLS_PK_PARSE_EC_EXTENDED #define MBEDTLS_PK_PARSE_EC_COMPRESSED +#define MBEDTLS_PK_PARSE_EC_EXTENDED #define MBEDTLS_PK_RSA_ALT_SUPPORT #define MBEDTLS_PK_WRITE_C @@ -218,9 +218,9 @@ PSA_WANT_\* macros as in current `crypto_config.h`. //#define MBEDTLS_ENTROPY_NV_SEED //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES //#define MBEDTLS_NO_PLATFORM_ENTROPY -#define MBEDTLS_PSA_CRYPTO_C //#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS //#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS +#define MBEDTLS_PSA_CRYPTO_C //#define MBEDTLS_PSA_CRYPTO_CLIENT //#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER @@ -229,8 +229,8 @@ PSA_WANT_\* macros as in current `crypto_config.h`. //#define MBEDTLS_PSA_INJECT_ENTROPY #define MBEDTLS_PSA_ITS_FILE_C -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 //#define MBEDTLS_ENTROPY_MAX_GATHER 128 +//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 //#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 //#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" //#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" @@ -239,11 +239,11 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #### SECTION "Builtin drivers" ``` -#define MBEDTLS_AESNI_C #define MBEDTLS_AESCE_C -//#define MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_AESNI_C //#define MBEDTLS_AES_FEWER_TABLES //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +//#define MBEDTLS_AES_ROM_TABLES //#define MBEDTLS_AES_USE_HARDWARE_ONLY //#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT //#define MBEDTLS_CAMELLIA_SMALL_MEMORY @@ -259,10 +259,10 @@ PSA_WANT_\* macros as in current `crypto_config.h`. //#define MBEDTLS_PSA_P256M_DRIVER_ENABLED //#define MBEDTLS_RSA_NO_CRT //#define MBEDTLS_SHA256_SMALLER -//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT -//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY //#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY //#define MBEDTLS_SHA512_SMALLER //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY @@ -290,10 +290,10 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_CIPHER_MODE_CTR #define MBEDTLS_CIPHER_MODE_OFB #define MBEDTLS_CIPHER_MODE_XTS -#define MBEDTLS_CIPHER_PADDING_PKCS7 #define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define MBEDTLS_CIPHER_PADDING_PKCS7 #define MBEDTLS_CIPHER_PADDING_ZEROS +#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CMAC_C #define MBEDTLS_CTR_DRBG_C //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY @@ -301,19 +301,19 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_DHM_C #define MBEDTLS_ECDH_C #define MBEDTLS_ECP_C -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED #define MBEDTLS_ECP_DP_BP256R1_ENABLED #define MBEDTLS_ECP_DP_BP384R1_ENABLED #define MBEDTLS_ECP_DP_BP512R1_ENABLED #define MBEDTLS_ECP_DP_CURVE25519_ENABLED #define MBEDTLS_ECP_DP_CURVE448_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED #define MBEDTLS_ECDSA_C #define MBEDTLS_ECDSA_DETERMINISTIC #define MBEDTLS_ECJPAKE_C @@ -334,8 +334,8 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C -#define MBEDTLS_SHA512_C #define MBEDTLS_SHA3_C +#define MBEDTLS_SHA512_C ``` @@ -343,8 +343,8 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #### SECTION "Platform abstraction layer" ``` #define MBEDTLS_NET_C -#define MBEDTLS_TIMING_C //#define MBEDTLS_TIMING_ALT +#define MBEDTLS_TIMING_C ``` @@ -352,17 +352,17 @@ PSA_WANT_\* macros as in current `crypto_config.h`. ``` //#define MBEDTLS_CIPHER_NULL_CIPHER #define MBEDTLS_ERROR_STRERROR_DUMMY -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED //#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED #define MBEDTLS_SSL_ALL_ALERT_MESSAGES #define MBEDTLS_SSL_ALPN //#define MBEDTLS_SSL_ASYNC_PRIVATE @@ -374,29 +374,29 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0 #define MBEDTLS_SSL_DTLS_HELLO_VERIFY //#define MBEDTLS_SSL_DTLS_SRTP -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC //#define MBEDTLS_SSL_EARLY_DATA +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT -#define MBEDTLS_SSL_RENEGOTIATION #define MBEDTLS_SSL_PROTO_DTLS #define MBEDTLS_SSL_PROTO_TLS1_2 #define MBEDTLS_SSL_PROTO_TLS1_3 -#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED -#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED -#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT +#define MBEDTLS_SSL_RENEGOTIATION #define MBEDTLS_SSL_SERVER_NAME_INDICATION #define MBEDTLS_SSL_SESSION_TICKETS +#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH //#define MBEDTLS_USE_PSA_CRYPTO #define MBEDTLS_VERSION_C #define MBEDTLS_VERSION_FEATURES -//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK //#define MBEDTLS_X509_REMOVE_INFO #define MBEDTLS_X509_RSASSA_PSS_SUPPORT +//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ``` @@ -406,8 +406,8 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_ERROR_C #define MBEDTLS_PKCS7_C #define MBEDTLS_SSL_CACHE_C -#define MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TICKET_C #define MBEDTLS_SSL_TLS_C @@ -430,21 +430,21 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #### SECTION "Module configuration options" ``` -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 +//#define MBEDTLS_PSK_MAX_LEN 32 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 //#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 //#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 //#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 //#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 +//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 //#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 -//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 -//#define MBEDTLS_PSK_MAX_LEN 32 -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 ```