From b992bc8aa75015ad6de19297095d6482f10fe7d0 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 27 Sep 2024 10:45:13 +0200 Subject: [PATCH] Re-order mbedtls_config.h sections Re-order mbedtls_config.h sections for the order to be more aligned with the tf_psa_crypto_config.h one. Signed-off-by: Ronald Cron --- docs/proposed/config-split.md | 98 +++++++++++++++++------------------ 1 file changed, 48 insertions(+), 50 deletions(-) diff --git a/docs/proposed/config-split.md b/docs/proposed/config-split.md index b26aa8470e..91d889e220 100644 --- a/docs/proposed/config-split.md +++ b/docs/proposed/config-split.md @@ -346,6 +346,54 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_TIMING_C ``` +#### SECTION General configuration options +``` +//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" +//#define MBEDTLS_USER_CONFIG_FILE "/dev/null" +``` + +#### SECTION Mbed TLS modules +``` +#define MBEDTLS_DEBUG_C +#define MBEDTLS_ERROR_C +#define MBEDTLS_PKCS7_C +#define MBEDTLS_SSL_CACHE_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_COOKIE_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TICKET_C +#define MBEDTLS_SSL_TLS_C +#define MBEDTLS_X509_CREATE_C +#define MBEDTLS_X509_CRL_PARSE_C +#define MBEDTLS_X509_CRT_PARSE_C +#define MBEDTLS_X509_CRT_WRITE_C +#define MBEDTLS_X509_CSR_PARSE_C +#define MBEDTLS_X509_CSR_WRITE_C +#define MBEDTLS_X509_USE_C +``` + + +#### SECTION Module configuration options +``` +//#define MBEDTLS_PSK_MAX_LEN 32 +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 +//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 +//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 +//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 +//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 +//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 +//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 +//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 +//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 +//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 +//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 +``` + #### SECTION Mbed TLS feature support ``` @@ -397,53 +445,3 @@ PSA_WANT_\* macros as in current `crypto_config.h`. #define MBEDTLS_X509_RSASSA_PSS_SUPPORT //#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ``` - - -#### SECTION Mbed TLS modules -``` -#define MBEDTLS_DEBUG_C -#define MBEDTLS_ERROR_C -#define MBEDTLS_PKCS7_C -#define MBEDTLS_SSL_CACHE_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_COOKIE_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TICKET_C -#define MBEDTLS_SSL_TLS_C -#define MBEDTLS_X509_CREATE_C -#define MBEDTLS_X509_CRL_PARSE_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_CRT_WRITE_C -#define MBEDTLS_X509_CSR_PARSE_C -#define MBEDTLS_X509_CSR_WRITE_C -#define MBEDTLS_X509_USE_C -``` - - -#### SECTION General configuration options -``` -//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" -//#define MBEDTLS_USER_CONFIG_FILE "/dev/null" -``` - - -#### SECTION Module configuration options -``` -//#define MBEDTLS_PSK_MAX_LEN 32 -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 -//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 -//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 -//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 -//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 -//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 -//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 -//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 -```