mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 19:25:45 +01:00
dcb13af837
Many test cases in ssl-opt.sh need error messages (MBEDTLS_ERROR_C) or SSL traces (MBEDTLS_DEBUG_C). Some sample configurations don't include these options. When running ssl-opt.sh on those configurations, enable the required options. They must be listed in the config*.h file, commented out. Run ssl-opt in the following configurations with debug options: ccm-psk-tls1_2, ccm-psk-dtls1_2, suite-b. Skip mini-tls1_1 for now because it requires significant improvements to ssl-opt.sh (lots of missing requires_xxx). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
91 lines
2.5 KiB
C
91 lines
2.5 KiB
C
/**
|
|
* \file config-mini-tls1_1.h
|
|
*
|
|
* \brief Minimal configuration for TLS 1.1 (RFC 4346)
|
|
*/
|
|
/*
|
|
* Copyright The Mbed TLS Contributors
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
/*
|
|
* Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
|
|
* required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
|
*
|
|
* See README.txt for usage instructions.
|
|
*/
|
|
|
|
#ifndef MBEDTLS_CONFIG_H
|
|
#define MBEDTLS_CONFIG_H
|
|
|
|
/* System support */
|
|
#define MBEDTLS_HAVE_ASM
|
|
#define MBEDTLS_HAVE_TIME
|
|
|
|
/* mbed TLS feature support */
|
|
#define MBEDTLS_CIPHER_MODE_CBC
|
|
#define MBEDTLS_PKCS1_V15
|
|
#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
|
|
#define MBEDTLS_SSL_PROTO_TLS1_1
|
|
|
|
/* mbed TLS modules */
|
|
#define MBEDTLS_AES_C
|
|
#define MBEDTLS_ASN1_PARSE_C
|
|
#define MBEDTLS_ASN1_WRITE_C
|
|
#define MBEDTLS_BIGNUM_C
|
|
#define MBEDTLS_CIPHER_C
|
|
#define MBEDTLS_CTR_DRBG_C
|
|
#define MBEDTLS_DES_C
|
|
#define MBEDTLS_ENTROPY_C
|
|
#define MBEDTLS_MD_C
|
|
#define MBEDTLS_MD5_C
|
|
#define MBEDTLS_NET_C
|
|
#define MBEDTLS_OID_C
|
|
#define MBEDTLS_PK_C
|
|
#define MBEDTLS_PK_PARSE_C
|
|
#define MBEDTLS_RSA_C
|
|
#define MBEDTLS_SHA1_C
|
|
#define MBEDTLS_SHA256_C
|
|
#define MBEDTLS_SSL_CLI_C
|
|
#define MBEDTLS_SSL_SRV_C
|
|
#define MBEDTLS_SSL_TLS_C
|
|
#define MBEDTLS_X509_CRT_PARSE_C
|
|
#define MBEDTLS_X509_USE_C
|
|
|
|
/* For test certificates */
|
|
#define MBEDTLS_BASE64_C
|
|
#define MBEDTLS_CERTS_C
|
|
#define MBEDTLS_PEM_PARSE_C
|
|
|
|
/* For testing with compat.sh */
|
|
#define MBEDTLS_FS_IO
|
|
|
|
/* These defines are present so that the config modifying scripts can enable
|
|
* them during tests/scripts/test-ref-configs.pl */
|
|
//#define MBEDTLS_USE_PSA_CRYPTO
|
|
//#define MBEDTLS_PSA_CRYPTO_C
|
|
|
|
/* With MBEDTLS_PSA_CRYPTO_C, importing an RSA key requires MBEDTLS_PK_WRITE_C */
|
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
|
#define MBEDTLS_PK_WRITE_C
|
|
#endif
|
|
#include "mbedtls/check_config.h"
|
|
|
|
/* Error messages and TLS debugging traces
|
|
* (huge code size increase, needed for tests/ssl-opt.sh) */
|
|
//#define MBEDTLS_DEBUG_C
|
|
//#define MBEDTLS_ERROR_C
|
|
|
|
#endif /* MBEDTLS_CONFIG_H */
|