Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 9b51ddc156cc6f0f95e3805c513f8344c5dfccd7 / . / lib / mbedtls / mbedtls_def_config.h
blob: dda3f4dd6e4f3f2334b2d2c3a4e2c94b95080d19 [file] [log] [blame]
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]1/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * MbedTLS config file
4 *
5 * Derived from the MbedTLS internal config file,
6 * for more information about each build option,
7 * please refer to:
8 * external/mbedtls/include/mbedtls/mbedtls_config.h
9 *
10 * Copyright (c) 2024 Linaro Limited
11 * Author: Raymond Mao <raymond.mao@linaro.org>
12 */
13
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]14#if CONFIG_IS_ENABLED(MBEDTLS_LIB)
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]15
16#if CONFIG_IS_ENABLED(MD5)
17#define MBEDTLS_MD_C
18#define MBEDTLS_MD5_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]19#if CONFIG_IS_ENABLED(MBEDTLS_LIB_HASHING_ALT)
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]20#define MBEDTLS_MD5_ALT
21#endif
22#endif
23
24#if CONFIG_IS_ENABLED(SHA1)
25#define MBEDTLS_MD_C
26#define MBEDTLS_SHA1_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]27#if CONFIG_IS_ENABLED(MBEDTLS_LIB_HASHING_ALT)
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]28#define MBEDTLS_SHA1_ALT
29#endif
30#endif
31
32#if CONFIG_IS_ENABLED(SHA256)
33#define MBEDTLS_MD_C
34#define MBEDTLS_SHA256_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]35#if CONFIG_IS_ENABLED(MBEDTLS_LIB_HASHING_ALT)
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]36#define MBEDTLS_SHA256_ALT
37#endif
Raymond Mao001b6132024-10-03 14:50:20 -0700[diff] [blame]38#if CONFIG_IS_ENABLED(SHA256_SMALLER)
39#define MBEDTLS_SHA256_SMALLER
40#endif
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]41#endif
42
43#if CONFIG_IS_ENABLED(SHA384)
44#define MBEDTLS_MD_C
45#define MBEDTLS_SHA384_C
46#endif
47
48#if CONFIG_IS_ENABLED(SHA512)
49#define MBEDTLS_MD_C
50#define MBEDTLS_SHA512_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]51#if CONFIG_IS_ENABLED(MBEDTLS_LIB_HASHING_ALT)
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]52#define MBEDTLS_SHA512_ALT
53#endif
Raymond Mao001b6132024-10-03 14:50:20 -0700[diff] [blame]54#if CONFIG_IS_ENABLED(SHA512_SMALLER)
55#define MBEDTLS_SHA512_SMALLER
56#endif
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]57#endif
58
Philippe Reynes1db678a2024-12-19 14:05:48 +0100[diff] [blame]59#if CONFIG_IS_ENABLED(HKDF_MBEDTLS)
60#define MBEDTLS_HKDF_C
61#endif
62
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]63#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]64
65#if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER)
66#define MBEDTLS_X509_USE_C
67#define MBEDTLS_X509_CRT_PARSE_C
68#define MBEDTLS_X509_CRL_PARSE_C
69#endif
70
71#if CONFIG_IS_ENABLED(ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
72#define MBEDTLS_PK_C
73#define MBEDTLS_PK_PARSE_C
74#endif
75
76#if CONFIG_IS_ENABLED(RSA_PUBLIC_KEY_PARSER)
77#define MBEDTLS_BIGNUM_C
78#define MBEDTLS_RSA_C
79#define MBEDTLS_PKCS1_V15
80#endif
81
82#if CONFIG_IS_ENABLED(PKCS7_MESSAGE_PARSER)
83#define MBEDTLS_PKCS7_C
84#endif
85
86#if CONFIG_IS_ENABLED(ASN1_DECODER)
87#define MBEDTLS_OID_C
88#define MBEDTLS_ASN1_PARSE_C
89#define MBEDTLS_ASN1_WRITE_C
90#endif
91
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]92#endif /* #if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509) */
Raymond Mao87010c32024-10-03 14:50:15 -0700[diff] [blame]93
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]94#if CONFIG_IS_ENABLED(MBEDTLS_LIB_TLS)
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]95#include "rtc.h"
96
97/* Generic options */
98#define MBEDTLS_ENTROPY_HARDWARE_ALT
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]99#define MBEDTLS_PLATFORM_C
100#define MBEDTLS_SSL_CLI_C
101#define MBEDTLS_SSL_TLS_C
102#define MBEDTLS_CIPHER_C
103#define MBEDTLS_MD_C
104#define MBEDTLS_CTR_DRBG_C
105#define MBEDTLS_AES_C
106#define MBEDTLS_ENTROPY_C
107#define MBEDTLS_NO_PLATFORM_ENTROPY
108#define MBEDTLS_SSL_PROTO_TLS1_2
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]109#if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER)
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]110#define MBEDTLS_SSL_SERVER_NAME_INDICATION
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]111#endif
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]112#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
113
114/* RSA */
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]115#if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER) && \
116 CONFIG_IS_ENABLED(RSA_PUBLIC_KEY_PARSER)
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]117#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
118#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
119#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]120#endif
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]121#define MBEDTLS_GCM_C
122
123/* ECDSA */
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]124#if CONFIG_IS_ENABLED(ASN1_DECODER)
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]125#define MBEDTLS_ECDSA_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]126#define MBEDTLS_ECP_C
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]127#define MBEDTLS_ECDH_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]128#endif
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]129#define MBEDTLS_ECDSA_DETERMINISTIC
130#define MBEDTLS_HMAC_DRBG_C
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]131
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]132#define MBEDTLS_CAN_ECDH
133#define MBEDTLS_PK_CAN_ECDSA_SIGN
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]134#if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER)
135#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
136#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
137#endif
138
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]139#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
140#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
141#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
142#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
143#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
144#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
145#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
146#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
147#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
148#define MBEDTLS_ECP_DP_BP256R1_ENABLED
149#define MBEDTLS_ECP_DP_BP384R1_ENABLED
150#define MBEDTLS_ECP_DP_BP512R1_ENABLED
151
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]152#endif /* #if CONFIG_IS_ENABLED(MBEDTLS_LIB_TLS) */
Ilias Apalodimas9f75dc12024-11-10 10:28:37 +0200[diff] [blame]153
Raymond Mao9f4ca0d2025-02-03 14:08:14 -0800[diff] [blame]154#endif /* #if CONFIG_IS_ENABLED(MBEDTLS_LIB) */