TuyaOS
tuya_tls_security_L2_default_config.h
1
10/*
11 * Copyright The Mbed TLS Contributors
12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13 *
14 * This file is provided under the Apache License 2.0, or the
15 * GNU General Public License v2.0 or later.
16 *
17 * **********
18 * Apache License 2.0:
19 *
20 * Licensed under the Apache License, Version 2.0 (the "License"); you may
21 * not use this file except in compliance with the License.
22 * You may obtain a copy of the License at
23 *
24 * http://www.apache.org/licenses/LICENSE-2.0
25 *
26 * Unless required by applicable law or agreed to in writing, software
27 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
28 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29 * See the License for the specific language governing permissions and
30 * limitations under the License.
31 *
32 * **********
33 *
34 * **********
35 * GNU General Public License v2.0 or later:
36 *
37 * This program is free software; you can redistribute it and/or modify
38 * it under the terms of the GNU General Public License as published by
39 * the Free Software Foundation; either version 2 of the License, or
40 * (at your option) any later version.
41 *
42 * This program is distributed in the hope that it will be useful,
43 * but WITHOUT ANY WARRANTY; without even the implied warranty of
44 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45 * GNU General Public License for more details.
46 *
47 * You should have received a copy of the GNU General Public License along
48 * with this program; if not, write to the Free Software Foundation, Inc.,
49 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
50 *
51 * **********
52 */
53
54#ifndef MBEDTLS_CONFIG_H_TY
55#define MBEDTLS_CONFIG_H_TY
56
57#define MBEDTLS_SUPPORT_TUYA_PSK
58
59#include "tuya_iot_config.h"
60#include "tuya_cloud_types.h"
61
62#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
63#define _CRT_SECURE_NO_DEPRECATE 1
64#endif
65
91//#define MBEDTLS_HAVE_ASM
92
119//#define MBEDTLS_NO_UDBL_DIVISION
120
141//#define MBEDTLS_NO_64BIT_MULTIPLICATION
142
150//#define MBEDTLS_HAVE_SSE2
151
165#ifdef ENABLE_CUSTOM_CONFIG
166#ifdef ENABLE_MBEDTLS_HAVE_TIME
167#define MBEDTLS_HAVE_TIME
168#else
169#undef MBEDTLS_HAVE_TIME
170#endif
171#else
172//MBEDTLS_HAVE_TIME
173#endif
193#ifdef ENABLE_CUSTOM_CONFIG
194#ifdef ENABLE_MBEDTLS_HAVE_TIME_DATE
195#define MBEDTLS_HAVE_TIME_DATE
196#else
197#undef MBEDTLS_HAVE_TIME_DATE
198#endif
199#else
200//MBEDTLS_HAVE_TIME
201#endif
224#define MBEDTLS_PLATFORM_MEMORY
242//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
243
267//#define MBEDTLS_PLATFORM_EXIT_ALT
268//#define MBEDTLS_PLATFORM_TIME_ALT
269//#define MBEDTLS_PLATFORM_FPRINTF_ALT
270//#define MBEDTLS_PLATFORM_PRINTF_ALT
271//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
272//#define MBEDTLS_PLATFORM_NV_SEED_ALT
273//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
274
288#define MBEDTLS_DEPRECATED_WARNING
289
300//#define MBEDTLS_DEPRECATED_REMOVED
301
352//#define MBEDTLS_CHECK_PARAMS
353
366//#define MBEDTLS_CHECK_PARAMS_ASSERT
367
368/* \} name SECTION: System support */
369
389//#define MBEDTLS_TIMING_ALT
390
416//#define MBEDTLS_AES_ALT
417//#define MBEDTLS_ARC4_ALT
418//#define MBEDTLS_ARIA_ALT
419//#define MBEDTLS_BLOWFISH_ALT
420//#define MBEDTLS_CAMELLIA_ALT
421//#define MBEDTLS_CCM_ALT
422//#define MBEDTLS_CHACHA20_ALT
423//#define MBEDTLS_CHACHAPOLY_ALT
424//#define MBEDTLS_CMAC_ALT
425//#define MBEDTLS_DES_ALT
426//#define MBEDTLS_DHM_ALT
427//#define MBEDTLS_ECJPAKE_ALT
428//#define MBEDTLS_GCM_ALT
429//#define MBEDTLS_NIST_KW_ALT
430//#define MBEDTLS_MD2_ALT
431//#define MBEDTLS_MD4_ALT
432//#define MBEDTLS_MD5_ALT
433//#define MBEDTLS_POLY1305_ALT
434//#define MBEDTLS_RIPEMD160_ALT
435//#define MBEDTLS_RSA_ALT
436//#define MBEDTLS_SHA1_ALT
437//#define MBEDTLS_SHA256_ALT
438//#define MBEDTLS_SHA512_ALT
439//#define MBEDTLS_XTEA_ALT
440
441/*
442 * When replacing the elliptic curve module, pleace consider, that it is
443 * implemented with two .c files:
444 * - ecp.c
445 * - ecp_curves.c
446 * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
447 * macros as described above. The only difference is that you have to make sure
448 * that you provide functionality for both .c files.
449 */
450//#define MBEDTLS_ECP_ALT
451
497//#define MBEDTLS_MD2_PROCESS_ALT
498//#define MBEDTLS_MD4_PROCESS_ALT
499//#define MBEDTLS_MD5_PROCESS_ALT
500//#define MBEDTLS_RIPEMD160_PROCESS_ALT
501//#define MBEDTLS_SHA1_PROCESS_ALT
502//#define MBEDTLS_SHA256_PROCESS_ALT
503//#define MBEDTLS_SHA512_PROCESS_ALT
504//#define MBEDTLS_DES_SETKEY_ALT
505//#define MBEDTLS_DES_CRYPT_ECB_ALT
506//#define MBEDTLS_DES3_CRYPT_ECB_ALT
507//#define MBEDTLS_AES_SETKEY_ENC_ALT
508//#define MBEDTLS_AES_SETKEY_DEC_ALT
509//#define MBEDTLS_AES_ENCRYPT_ALT
510//#define MBEDTLS_AES_DECRYPT_ALT
511//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
512//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
513//#define MBEDTLS_ECDSA_VERIFY_ALT
514//#define MBEDTLS_ECDSA_SIGN_ALT
515//#define MBEDTLS_ECDSA_GENKEY_ALT
516
557/* Required for all the functions in this section */
558//#define MBEDTLS_ECP_INTERNAL_ALT
559/* Support for Weierstrass curves with Jacobi representation */
560//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
561//#define MBEDTLS_ECP_ADD_MIXED_ALT
562//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
563//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
564//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
565/* Support for curves with Montgomery arithmetic */
566//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
567//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
568//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
569
585//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
586
604//#define MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
605
621//#define MBEDTLS_TEST_NULL_ENTROPY
622
634//#define MBEDTLS_ENTROPY_HARDWARE_ALT
635
654//#define MBEDTLS_AES_ROM_TABLES
655
676//#define MBEDTLS_AES_FEWER_TABLES
677
685//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
686
692#define MBEDTLS_CIPHER_MODE_CBC
693
699#define MBEDTLS_CIPHER_MODE_CFB
700
706#define MBEDTLS_CIPHER_MODE_CTR
707
713#define MBEDTLS_CIPHER_MODE_OFB
714
720#define MBEDTLS_CIPHER_MODE_XTS
721
753//#define MBEDTLS_CIPHER_NULL_CIPHER
754
766#define MBEDTLS_CIPHER_PADDING_PKCS7
767#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
768#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
769#define MBEDTLS_CIPHER_PADDING_ZEROS
770
776//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
777
794//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
795
807#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
808
827//#define MBEDTLS_REMOVE_3DES_CIPHERSUITES
828
837#ifdef ENABLE_CUSTOM_CONFIG
838#ifdef ENABLE_MBEDTLS_ECP_DP_SECP192R1_ENABLED
839#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
840#else
841#undef MBEDTLS_ECP_DP_SECP192R1_ENABLED
842#endif
843
844#ifdef ENABLE_MBEDTLS_ECP_DP_SECP224R1_ENABLED
845#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
846#else
847#undef MBEDTLS_ECP_DP_SECP224R1_ENABLED
848#endif
849
850#ifdef ENABLE_MBEDTLS_ECP_DP_SECP256R1_ENABLED
851#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
852#else
853#undef MBEDTLS_ECP_DP_SECP256R1_ENABLED
854#endif
855
856#ifdef ENABLE_MBEDTLS_ECP_DP_SECP384R1_ENABLED
857#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
858#else
859#undef MBEDTLS_ECP_DP_SECP384R1_ENABLED
860#endif
861
862#ifdef ENABLE_MBEDTLS_ECP_DP_SECP521R1_ENABLED
863#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
864#else
865#undef MBEDTLS_ECP_DP_SECP521R1_ENABLED
866#endif
867
868#ifdef ENABLE_MBEDTLS_ECP_DP_SECP192K1_ENABLED
869#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
870#else
871#undef MBEDTLS_ECP_DP_SECP192K1_ENABLED
872#endif
873
874#ifdef ENABLE_MBEDTLS_ECP_DP_SECP224K1_ENABLED
875#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
876#else
877#undef MBEDTLS_ECP_DP_SECP224K1_ENABLED
878#endif
879
880#ifdef ENABLE_MBEDTLS_ECP_DP_SECP256K1_ENABLED
881#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
882#else
883#undef MBEDTLS_ECP_DP_SECP256K1_ENABLED
884#endif
885
886#ifdef ENABLE_MBEDTLS_ECP_DP_BP256R1_ENABLED
887#define MBEDTLS_ECP_DP_BP256R1_ENABLED
888#else
889#undef MBEDTLS_ECP_DP_BP256R1_ENABLED
890#endif
891
892#ifdef ENABLE_MBEDTLS_ECP_DP_BP384R1_ENABLED
893#define MBEDTLS_ECP_DP_BP384R1_ENABLED
894#else
895#undef MBEDTLS_ECP_DP_BP384R1_ENABLED
896#endif
897
898#ifdef ENABLE_MBEDTLS_ECP_DP_BP512R1_ENABLED
899#define MBEDTLS_ECP_DP_BP512R1_ENABLED
900#else
901#undef MBEDTLS_ECP_DP_BP512R1_ENABLED
902#endif
903
904#ifdef ENABLE_MBEDTLS_ECP_DP_CURVE25519_ENABLED
905#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
906#else
907#undef MBEDTLS_ECP_DP_CURVE25519_ENABLED
908#endif
909
910#ifdef ENABLE_MBEDTLS_ECP_DP_CURVE448_ENABLED
911#define MBEDTLS_ECP_DP_CURVE448_ENABLED
912#else
913#undef MBEDTLS_ECP_DP_CURVE448_ENABLED
914#endif
915#else
916#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
917#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
918#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
919#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
920#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
921#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
922#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
923#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
924#define MBEDTLS_ECP_DP_BP256R1_ENABLED
925#define MBEDTLS_ECP_DP_BP384R1_ENABLED
926#define MBEDTLS_ECP_DP_BP512R1_ENABLED
927#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
928#define MBEDTLS_ECP_DP_CURVE448_ENABLED
929#endif
939#define MBEDTLS_ECP_NIST_OPTIM
940
963//#define MBEDTLS_ECP_RESTARTABLE
964
977//#define MBEDTLS_ECDSA_DETERMINISTIC
978
999#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
1000
1030#ifdef ENABLE_CUSTOM_CONFIG
1031#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_DHE_PSK
1032#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
1033#else
1034#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
1035#endif
1036#else
1037//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
1038#endif
1039
1058#ifdef ENABLE_CUSTOM_CONFIG
1059#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
1060#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1061#else
1062#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1063#endif
1064#else
1065#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
1066#endif
1067
1091#ifdef ENABLE_CUSTOM_CONFIG
1092#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_RSA_PSK
1093#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1094#else
1095#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1096#endif
1097#else
1098//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
1099#endif
1100
1127#ifdef ENABLE_CUSTOM_CONFIG
1128#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_RSA
1129#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1130#else
1131#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1132#endif
1133#else
1134//#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
1135#endif
1136
1168#ifdef ENABLE_CUSTOM_CONFIG
1169#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_DHE_RSA
1170#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1171#else
1172#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1173#endif
1174#else
1175//#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
1176#endif
1177
1201#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
1202
1225#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
1226
1249#ifdef ENABLE_CUSTOM_CONFIG
1250#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
1251#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1252#else
1253#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1254#endif
1255#else
1256//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
1257#endif
1258
1281#ifdef ENABLE_CUSTOM_CONFIG
1282#ifdef ENABLE_MBEDTLS_KEY_EXCHANGE_ECDH_RSA
1283#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1284#else
1285#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1286#endif
1287#else
1288//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
1289#endif
1290
1308//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1309
1322#define MBEDTLS_PK_PARSE_EC_EXTENDED
1323
1337#define MBEDTLS_ERROR_STRERROR_DUMMY
1338
1346#define MBEDTLS_GENPRIME
1347
1353#ifdef ENABLE_CUSTOM_CONFIG
1354#ifdef ENABLE_MBEDTLS_FS_IO
1355#define MBEDTLS_FS_IO
1356#else
1357#undef MBEDTLS_FS_IO
1358#endif
1359#else
1360//#define MBEDTLS_FS_IO
1361#endif
1373//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
1374
1384#define MBEDTLS_NO_PLATFORM_ENTROPY
1399//#define MBEDTLS_ENTROPY_FORCE_SHA256
1400
1427#define MBEDTLS_ENTROPY_NV_SEED
1428
1440//#define MBEDTLS_MEMORY_DEBUG
1441
1452//#define MBEDTLS_MEMORY_BACKTRACE
1453
1461#define MBEDTLS_PK_RSA_ALT_SUPPORT
1462
1472#define MBEDTLS_PKCS1_V15
1473
1483#define MBEDTLS_PKCS1_V21
1484
1494//#define MBEDTLS_RSA_NO_CRT
1495
1501// #define MBEDTLS_SELF_TEST
1502
1517//#define MBEDTLS_SHA256_SMALLER
1518
1531#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
1532
1542//#define MBEDTLS_SSL_ASYNC_PRIVATE
1543
1558//#define MBEDTLS_SSL_DEBUG_ALL
1559
1576#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
1577
1594#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
1595
1611#define MBEDTLS_SSL_FALLBACK_SCSV
1612
1621//#define MBEDTLS_SSL_HW_RECORD_ACCEL
1622
1633//#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
1634
1655//#define MBEDTLS_SSL_RENEGOTIATION
1656
1665//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
1666
1675//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
1676
1684#ifdef ENABLE_CUSTOM_CONFIG
1685#ifdef ENABLE_MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1686#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1687#else
1688#undef MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1689#endif
1690#else
1691#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
1692#endif
1703//#define MBEDTLS_SSL_PROTO_SSL3
1704
1715#ifdef ENABLE_CUSTOM_CONFIG
1716#ifdef ENABLE_MBEDTLS_SSL_PROTO_TLS1
1717#define MBEDTLS_SSL_PROTO_TLS1
1718#else
1719#undef MBEDTLS_SSL_PROTO_TLS1
1720#endif
1721#else
1722//#define MBEDTLS_SSL_PROTO_TLS1
1723#endif
1724
1735#ifdef ENABLE_CUSTOM_CONFIG
1736#ifdef ENABLE_MBEDTLS_SSL_PROTO_TLS1_1
1737#define MBEDTLS_SSL_PROTO_TLS1_1
1738#else
1739#undef MBEDTLS_SSL_PROTO_TLS1_1
1740#endif
1741#else
1742//#define MBEDTLS_SSL_PROTO_TLS1_1
1743#endif
1744
1755#define MBEDTLS_SSL_PROTO_TLS1_2
1756
1770#ifdef ENABLE_CUSTOM_CONFIG
1771#ifdef ENABLE_MBEDTLS_SSL_PROTO_DTLS
1772#define MBEDTLS_SSL_PROTO_DTLS
1773#else
1774#undef MBEDTLS_SSL_PROTO_DTLS
1775#endif
1776#else
1777//#define MBEDTLS_SSL_PROTO_DTLS
1778#endif
1779
1787//#define MBEDTLS_SSL_ALPN
1788
1802//#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
1803
1820#ifdef ENABLE_CUSTOM_CONFIG
1821#ifdef ENABLE_MBEDTLS_SSL_DTLS_HELLO_VERIFY
1822#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1823#else
1824#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
1825#endif
1826#else
1827//#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
1828#endif
1858#ifdef ENABLE_CUSTOM_CONFIG
1859#ifdef ENABLE_MBEDTLS_SSL_DTLS_SRTP
1860#define MBEDTLS_SSL_DTLS_SRTP
1861#else
1862#undef MBEDTLS_SSL_DTLS_SRTP
1863#endif
1864#else
1865//#define MBEDTLS_SSL_DTLS_SRTP
1866#endif
1881//#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
1882
1892//#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
1893
1906#ifdef ENABLE_CUSTOM_CONFIG
1907#ifdef ENABLE_MBEDTLS_CLIENT_SSL_SESSION_TICKETS
1908#define MBEDTLS_SSL_SESSION_TICKETS
1909#else
1910#undef MBEDTLS_SSL_SESSION_TICKETS
1911#endif
1912#else
1913#define MBEDTLS_SSL_SESSION_TICKETS
1914#endif
1923//#define MBEDTLS_SSL_EXPORT_KEYS
1924
1934#define MBEDTLS_SSL_SERVER_NAME_INDICATION
1935
1944#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1945#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
1946#define MBEDTLS_SUPPORT_HANDSHAKE_FRAGMENT
1947#endif
1948
1956//#define MBEDTLS_SSL_TRUNCATED_HMAC
1957
1980//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
1981
1997//#define MBEDTLS_TEST_HOOKS
1998
2008#define MBEDTLS_THREADING_ALT
2009
2019//#define MBEDTLS_THREADING_PTHREAD
2020
2032#define MBEDTLS_VERSION_FEATURES
2033
2042//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
2043
2054//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
2055
2068#define MBEDTLS_X509_CHECK_KEY_USAGE
2069
2081#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
2082
2091#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
2092
2116//#define MBEDTLS_ZLIB_SUPPORT
2117/* \} name SECTION: mbed TLS feature support */
2118
2138//#define MBEDTLS_AESNI_C
2139
2213#define MBEDTLS_AES_C
2214
2241#ifdef ENABLE_CUSTOM_CONFIG
2242#ifdef ENABLE_MBEDTLS_ARC4_C
2243#define MBEDTLS_ARC4_C
2244#else
2245#undef MBEDTLS_ARC4_C
2246#endif
2247#else
2248//#define MBEDTLS_ARC4_C
2249#endif
2250
2263#define MBEDTLS_ASN1_PARSE_C
2264
2277#define MBEDTLS_ASN1_WRITE_C
2278
2289#define MBEDTLS_BASE64_C
2290
2306#define MBEDTLS_BIGNUM_C
2307
2315#ifdef ENABLE_CUSTOM_CONFIG
2316#ifdef ENABLE_MBEDTLS_BLOWFISH_C
2317#define MBEDTLS_BLOWFISH_C
2318#else
2319#undef MBEDTLS_BLOWFISH_C
2320#endif
2321#else
2322//#define MBEDTLS_BLOWFISH_C
2323#endif
2324
2378#ifdef ENABLE_CUSTOM_CONFIG
2379#ifdef ENABLE_MBEDTLS_CAMELLIA_C
2380#define MBEDTLS_CAMELLIA_C
2381#else
2382#undef MBEDTLS_CAMELLIA_C
2383#endif
2384#else
2385//#define MBEDTLS_CAMELLIA_C
2386#endif
2387
2438//#define MBEDTLS_ARIA_C
2439
2452#define MBEDTLS_CCM_C
2453
2464//#define MBEDTLS_CERTS_C
2465
2473#ifdef ENABLE_CUSTOM_CONFIG
2474#ifdef ENABLE_MBEDTLS_CHACHA20_C
2475#define MBEDTLS_CHACHA20_C
2476#else
2477#undef MBEDTLS_CHACHA20_C
2478#endif
2479#else
2480//#define MBEDTLS_CHACHA20_C
2481#endif
2482
2492#ifdef ENABLE_CUSTOM_CONFIG
2493#ifdef ENABLE_MBEDTLS_CHACHAPOLY_C
2494#define MBEDTLS_CHACHAPOLY_C
2495#else
2496#undef MBEDTLS_CHACHAPOLY_C
2497#endif
2498#else
2499//#define MBEDTLS_CHACHAPOLY_C
2500#endif
2501
2512#define MBEDTLS_CIPHER_C
2513
2525#ifdef ENABLE_CUSTOM_CONFIG
2526#ifdef ENABLE_MBEDTLS_CMAC_C
2527#define MBEDTLS_CMAC_C
2528#else
2529#undef MBEDTLS_CMAC_C
2530#endif
2531#else
2532//#define MBEDTLS_CMAC_C
2533#endif
2552#define MBEDTLS_CTR_DRBG_C
2553
2566#ifdef ENABLE_MBEDTLS_DEBUG
2567#define MBEDTLS_DEBUG_C
2568#else
2569#undef MBEDTLS_DEBUG_C
2570#endif
2571
2599#ifdef ENABLE_CUSTOM_CONFIG
2600#ifdef ENABLE_MBEDTLS_DES_C
2601#define MBEDTLS_DES_C
2602#else
2603#undef MBEDTLS_DES_C
2604#endif
2605#else
2606//#define MBEDTLS_DES_C
2607#endif
2608
2628#ifdef ENABLE_CUSTOM_CONFIG
2629#ifdef ENABLE_MBEDTLS_DHM_C
2630#define MBEDTLS_DHM_C
2631#else
2632#undef MBEDTLS_DHM_C
2633#endif
2634#else
2635//#define MBEDTLS_DHM_C
2636#endif
2651#define MBEDTLS_ECDH_C
2652
2666#define MBEDTLS_ECDSA_C
2667
2685//#define MBEDTLS_ECJPAKE_C
2686
2699#define MBEDTLS_ECP_C
2700
2713#define MBEDTLS_ENTROPY_C
2714
2725#define MBEDTLS_ERROR_C
2726
2739#define MBEDTLS_GCM_C
2740//
2762#ifdef ENABLE_CUSTOM_CONFIG
2763#ifdef ENABLE_MBEDTLS_HAVEGE_C
2764#define MBEDTLS_HAVEGE_C
2765#else
2766#undef MBEDTLS_HAVEGE_C
2767#endif
2768#else
2769//#define MBEDTLS_HAVEGE_C
2770#endif
2771
2785#define MBEDTLS_HKDF_C
2786
2799#ifdef ENABLE_CUSTOM_CONFIG
2800#ifdef ENABLE_MBEDTLS_HMAC_DRBG_C
2801#define MBEDTLS_HMAC_DRBG_C
2802#else
2803#undef MBEDTLS_HMAC_DRBG_C
2804#endif
2805#else
2806//#define MBEDTLS_HMAC_DRBG_C
2807#endif
2819//#define MBEDTLS_NIST_KW_C
2820
2831#define MBEDTLS_MD_C
2832
2848//#define MBEDTLS_MD2_C
2849
2865//#define MBEDTLS_MD4_C
2866
2887#define MBEDTLS_MD5_C
2888
2903//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
2904
2922#ifdef ENABLE_CUSTOM_CONFIG
2923#ifdef ENABLE_MBEDTLS_NET_C
2924#define MBEDTLS_NET_C
2925#else
2926#undef MBEDTLS_NET_C
2927#endif
2928#else
2929//#define MBEDTLS_NET_C
2930#endif
2952#define MBEDTLS_OID_C
2953
2966//#define MBEDTLS_PADLOCK_C
2967
2984#define MBEDTLS_PEM_PARSE_C
2985
3000#define MBEDTLS_PEM_WRITE_C
3001
3016#define MBEDTLS_PK_C
3017
3031#define MBEDTLS_PK_PARSE_C
3032
3045#define MBEDTLS_PK_WRITE_C
3046
3058#define MBEDTLS_PKCS5_C
3059
3073//#define MBEDTLS_PKCS11_C
3074
3089#define MBEDTLS_PKCS12_C
3090
3109#define MBEDTLS_PLATFORM_C
3110
3119#ifdef ENABLE_CUSTOM_CONFIG
3120#ifdef ENABLE_MBEDTLS_POLY1305_C
3121#define MBEDTLS_POLY1305_C
3122#else
3123#undef MBEDTLS_POLY1305_C
3124#endif
3125#else
3126//#define MBEDTLS_POLY1305_C
3127#endif
3128
3138#ifdef ENABLE_CUSTOM_CONFIG
3139#ifdef ENABLE_MBEDTLS_RIPEMD160_C
3140#define MBEDTLS_RIPEMD160_C
3141#else
3142#undef MBEDTLS_RIPEMD160_C
3143#endif
3144#else
3145//#define MBEDTLS_RIPEMD160_C
3146#endif
3147
3165#define MBEDTLS_RSA_C
3166
3187#define MBEDTLS_SHA1_C
3188
3204#define MBEDTLS_SHA256_C
3205#define MBEDTLS_SHA224_C
3206
3220#define MBEDTLS_SHA384_C
3221#define MBEDTLS_SHA512_C
3222
3233//#define MBEDTLS_SSL_CACHE_C
3234
3243//#define MBEDTLS_SSL_COOKIE_C
3244
3255//#define MBEDTLS_SSL_TICKET_C
3256
3269#define MBEDTLS_SSL_CLI_C
3270
3283#ifdef ENABLE_CUSTOM_CONFIG
3284#ifdef ENABLE_MBEDTLS_SSL_SRV_C
3285#define MBEDTLS_SSL_SRV_C
3286#else
3287#undef MBEDTLS_SSL_SRV_C
3288#endif
3289#else
3290//#define MBEDTLS_SSL_SRV_C
3291#endif
3306#define MBEDTLS_SSL_TLS_C
3307
3328#define MBEDTLS_THREADING_C
3329
3351#ifdef ENABLE_CUSTOM_CONFIG
3352#ifdef ENABLE_MBEDTLS_TIMING_C
3353#define MBEDTLS_TIMING_C
3354#else
3355#undef MBEDTLS_TIMING_C
3356#endif
3357#else
3358//#define MBEDTLS_TIMING_C
3359#endif
3360
3370#define MBEDTLS_VERSION_C
3371
3387#define MBEDTLS_X509_USE_C
3388
3403#define MBEDTLS_X509_CRT_PARSE_C
3404
3418#define MBEDTLS_X509_CRL_PARSE_C
3419
3420
3433#define MBEDTLS_X509_CSR_PARSE_C
3434
3446#define MBEDTLS_X509_CREATE_C
3447
3459#define MBEDTLS_X509_CRT_WRITE_C
3460
3472#define MBEDTLS_X509_CSR_WRITE_C
3473
3482#ifdef ENABLE_CUSTOM_CONFIG
3483#ifdef ENABLE_MBEDTLS_XTEA_C
3484#define MBEDTLS_XTEA_C
3485#else
3486#undef MBEDTLS_XTEA_C
3487#endif
3488#else
3489//#define MBEDTLS_XTEA_C
3490#endif
3491
3492/* \} name SECTION: mbed TLS modules */
3493
3509/* MPI / BIGNUM options */
3510//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
3511//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
3512
3513/* CTR_DRBG options */
3514//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
3515//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3516//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3517//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3518//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3519
3520/* HMAC_DRBG options */
3521//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
3522//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
3523//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
3524//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
3525
3526/* ECP options */
3527//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
3528//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
3529//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
3530
3531/* Entropy options */
3532//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
3533//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
3534//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
3535
3536/* Memory buffer allocator options */
3537//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
3538
3539/* Platform options */
3540//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
3541//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
3542//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
3543//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
3544//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3545//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
3546//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
3547/* Note: your snprintf must correctly zero-terminate the buffer! */
3548//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
3549//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
3550//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
3551//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
3552//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
3553//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
3554
3555/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
3556/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
3557//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
3558//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
3559//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
3560//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3561//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
3562//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
3563//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
3564/* Note: your snprintf must correctly zero-terminate the buffer! */
3565//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
3566extern int __tuya_tls_nv_seed_write(unsigned char *buf, size_t buf_len);
3567extern int __tuya_tls_nv_seed_read(unsigned char *buf, size_t buf_len);
3568#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO __tuya_tls_nv_seed_read
3569#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO __tuya_tls_nv_seed_write
3605//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
3606
3607/* SSL Cache options */
3608//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
3609//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
3610
3611/* SSL options */
3612
3637#ifdef ENABLE_CUSTOM_CONFIG
3638#define MBEDTLS_SSL_MAX_CONTENT_LEN ENABLE_MBEDTLS_SSL_MAX_CONTENT_LEN
3639#else
3640#if OPERATING_SYSTEM <= SYSTEM_SMALL_MEMORY_END
3641#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
3642#else
3643#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
3644#endif
3645#endif
3646
3647
3648
3672#define MBEDTLS_SSL_IN_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN
3673
3696#define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN
3697
3713//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
3714
3715//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
3716#define MBEDTLS_PSK_MAX_LEN 64
3717//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
3718
3731//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
3732
3733/* X509 options */
3734//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
3735//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
3736
3749// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
3750
3766#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
3767
3786//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
3787
3805//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
3806
3807/* \} name SECTION: Customisation configuration options */
3808
3809/* Target and application specific configurations
3810 *
3811 * Allow user to override any previous default.
3812 *
3813 */
3814#if defined(MBEDTLS_USER_CONFIG_FILE)
3815#include MBEDTLS_USER_CONFIG_FILE
3816#endif
3817
3818//#include "check_config.h"
3819
3820#endif /* MBEDTLS_CONFIG_H_TY */