mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-02-15 03:40:08 +00:00
Remove Mbed TLS feature support section
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
e2b24d3461
commit
5f64611f6b
@ -97,12 +97,12 @@ of PSA_WANT_\* and MBEDTLS_PSA_ACCEL_\* configuration options.
|
||||
|
||||
The sections in `mbedtls_config.h` are reorganized to be better aligned with
|
||||
the ones in `tf_psa_crypto_config.h`. The main change is the reorganization
|
||||
of the "Mbed TLS modules" and "Module configuration options" sections into
|
||||
the ["TLS feature selection"](#section-tls-feature-selection) and
|
||||
of the "Mbed TLS modules", "Mbed TLS feature support" and
|
||||
"Module configuration options" sections into the
|
||||
["TLS feature selection"](#section-tls-feature-selection) and
|
||||
["X.509 feature selection"](#section-x.509-feature-selection) sections. That
|
||||
way both configuration files do not have a section dedicated to non boolean
|
||||
configuration options. The non boolean configuration options are located in the
|
||||
same section as the boolean option they are associated to.
|
||||
way all TLS/x509 options are grouped into one section and there is no
|
||||
section dedicated to non boolean configuration options anymore.
|
||||
|
||||
|
||||
## Repartition of the configuration options
|
||||
@ -371,6 +371,10 @@ PSA_WANT_\* macros as in current `crypto_config.h`.
|
||||
#### SECTION General configuration options
|
||||
```
|
||||
#define MBEDTLS_ERROR_C
|
||||
#define MBEDTLS_ERROR_STRERROR_DUMMY
|
||||
#define MBEDTLS_VERSION_C
|
||||
#define MBEDTLS_VERSION_FEATURES
|
||||
|
||||
//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h"
|
||||
//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
|
||||
```
|
||||
@ -378,13 +382,53 @@ PSA_WANT_\* macros as in current `crypto_config.h`.
|
||||
|
||||
#### SECTION TLS feature selection
|
||||
```
|
||||
//#define MBEDTLS_CIPHER_NULL_CIPHER
|
||||
#define MBEDTLS_DEBUG_C
|
||||
#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
|
||||
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
|
||||
#define MBEDTLS_SSL_ALPN
|
||||
//#define MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
#define MBEDTLS_SSL_CACHE_C
|
||||
#define MBEDTLS_SSL_CLI_C
|
||||
#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
#define MBEDTLS_SSL_COOKIE_C
|
||||
//#define MBEDTLS_SSL_DEBUG_ALL
|
||||
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
|
||||
#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
#define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
|
||||
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
//#define MBEDTLS_SSL_DTLS_SRTP
|
||||
//#define MBEDTLS_SSL_EARLY_DATA
|
||||
#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
|
||||
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
|
||||
#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
|
||||
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
#define MBEDTLS_SSL_PROTO_DTLS
|
||||
#define MBEDTLS_SSL_PROTO_TLS1_2
|
||||
#define MBEDTLS_SSL_PROTO_TLS1_3
|
||||
//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
#define MBEDTLS_SSL_RENEGOTIATION
|
||||
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
|
||||
#define MBEDTLS_SSL_SESSION_TICKETS
|
||||
#define MBEDTLS_SSL_SRV_C
|
||||
#define MBEDTLS_SSL_TICKET_C
|
||||
#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
#define MBEDTLS_SSL_TLS_C
|
||||
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
|
||||
|
||||
//#define MBEDTLS_PSK_MAX_LEN 32
|
||||
//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50
|
||||
@ -413,59 +457,11 @@ PSA_WANT_\* macros as in current `crypto_config.h`.
|
||||
#define MBEDTLS_X509_CRT_WRITE_C
|
||||
#define MBEDTLS_X509_CSR_PARSE_C
|
||||
#define MBEDTLS_X509_CSR_WRITE_C
|
||||
//#define MBEDTLS_X509_REMOVE_INFO
|
||||
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
|
||||
//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
#define MBEDTLS_X509_USE_C
|
||||
|
||||
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
|
||||
//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8
|
||||
```
|
||||
|
||||
|
||||
#### SECTION Mbed TLS feature support
|
||||
```
|
||||
//#define MBEDTLS_CIPHER_NULL_CIPHER
|
||||
#define MBEDTLS_ERROR_STRERROR_DUMMY
|
||||
#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
|
||||
//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
||||
#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
|
||||
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
|
||||
#define MBEDTLS_SSL_ALPN
|
||||
//#define MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
//#define MBEDTLS_SSL_DEBUG_ALL
|
||||
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
|
||||
#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
#define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0
|
||||
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
//#define MBEDTLS_SSL_DTLS_SRTP
|
||||
//#define MBEDTLS_SSL_EARLY_DATA
|
||||
#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
|
||||
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
|
||||
#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
|
||||
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||
#define MBEDTLS_SSL_PROTO_DTLS
|
||||
#define MBEDTLS_SSL_PROTO_TLS1_2
|
||||
#define MBEDTLS_SSL_PROTO_TLS1_3
|
||||
//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT
|
||||
#define MBEDTLS_SSL_RENEGOTIATION
|
||||
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
|
||||
#define MBEDTLS_SSL_SESSION_TICKETS
|
||||
#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
|
||||
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
|
||||
#define MBEDTLS_VERSION_C
|
||||
#define MBEDTLS_VERSION_FEATURES
|
||||
//#define MBEDTLS_X509_REMOVE_INFO
|
||||
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
|
||||
//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
```
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user