1 // Copyright 2021 The Pigweed Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); you may not 4 // use this file except in compliance with the License. You may obtain a copy of 5 // the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 11 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 12 // License for the specific language governing permissions and limitations under 13 // the License. 14 15 // Some common configs for using mbedtls in Pigweed. These include disabling of 16 // file system, socket and linux/windows specific features. See 17 // include/mbedtls/config.h for a detail explanation of these configurations. 18 19 #pragma once 20 21 // No file system support. 22 #undef MBEDTLS_FS_IO 23 // No posix socket support 24 #undef MBEDTLS_NET_C 25 // This feature requires file system support. 26 #undef MBEDTLS_PSA_ITS_FILE_C 27 // The following two require MBEDTLS_PSA_ITS_FILE_C 28 #undef MBEDTLS_PSA_CRYPTO_C 29 #undef MBEDTLS_PSA_CRYPTO_STORAGE_C 30 // This feature only works on Unix/Windows 31 #undef MBEDTLS_TIMING_C 32 // Use a custom entropy generator 33 #define MBEDTLS_NO_PLATFORM_ENTROPY 34 // Error string support for debugging 35 #define MBEDTLS_ERROR_C 36 // This feature requires MBEDTLS_PSA_CRYPTO_C. 37 #undef MBEDTLS_LMS_C 38 39 // Disable a number of TLS related features as we are not maintaining the TLS 40 // support. 41 #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED 42 #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED 43 #undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 44 #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 45 #undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 46 #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 47 #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 48 #undef MBEDTLS_HAVE_TIME 49 #undef MBEDTLS_HAVE_TIME_DATE 50 #undef MBEDTLS_ECJPAKE_C 51 #undef MBEDTLS_ENTROPY_C 52 #undef MBEDTLS_GCM_C 53 #undef MBEDTLS_MD_C 54 #undef MBEDTLS_SSL_PROTO_TLS1_3 55 #undef MBEDTLS_SSL_TLS_C 56 #undef MBEDTLS_SSL_TICKET_C 57 #undef MBEDTLS_SSL_CONTEXT_SERIALIZATION 58 #undef MBEDTLS_CCM_C 59 #undef MBEDTLS_HKDF_C 60 #undef MBEDTLS_HMAC_DRBG_C 61 #undef MBEDTLS_SSL_CLI_C 62 #undef MBEDTLS_SSL_SRV_C 63 #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY 64 #undef MBEDTLS_SSL_DTLS_CONNECTION_ID 65 #undef MBEDTLS_X509_USE_C 66 #undef MBEDTLS_X509_CREATE_C 67 #undef MBEDTLS_ECDSA_DETERMINISTIC 68 #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 69 #undef MBEDTLS_X509_CRT_PARSE_C 70 #undef MBEDTLS_X509_CRL_PARSE_C 71 #undef MBEDTLS_X509_CSR_PARSE_C 72 #undef MBEDTLS_X509_CRT_WRITE_C 73 #undef MBEDTLS_X509_CSR_WRITE_C 74 #undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 75 #undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 76 #undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 77 #undef MBEDTLS_SSL_SERVER_NAME_INDICATION 78 #undef MBEDTLS_PKCS7_C 79 80 #if defined(_PW_MBEDTLS_IS_HOST) && !_PW_MBEDTLS_IS_HOST 81 #define MBEDTLS_PLATFORM_MEMORY 82 #define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS 83 84 #include <stdio.h> 85 #define MBEDTLS_PLATFORM_SNPRINTF_ALT 86 #define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf 87 #define MBEDTLS_PLATFORM_VSNPRINTF_ALT 88 #define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf 89 90 #define MBEDTLS_PLATFORM_FPRINTF_MACRO(stream, format, ...) (0) 91 #define MBEDTLS_PLATFORM_PRINTF_MACRO(format, ...) (0) 92 #define MBEDTLS_PLATFORM_EXIT_MACRO(exit_code) 93 94 #elif defined(_PW_MBEDTLS_IS_HOST) && _PW_MBEDTLS_IS_HOST 95 // Needed for Picotool. 96 #define MBEDTLS_FS_IO 97 #endif // defined(_PW_MBEDTLS_IS_HOST) && !_PW_MBEDTLS_IS_HOST 98 99 #include "mbedtls/check_config.h" 100