diff options
author | Sergio Rodriguez <sergio.sf.rodriguez@intel.com> | 2016-07-21 13:54:53 -0700 |
---|---|---|
committer | Sergio Rodriguez <sergio.sf.rodriguez@intel.com> | 2016-07-26 22:48:18 +0000 |
commit | 96c69cc29ff7574c808566cbbac495d9995ef361 (patch) | |
tree | 3b16f0086d218586b0b091e188b956fc9188abab /ext | |
parent | aca6e991068dea1325a530163bd4943211ae37f3 (diff) |
ext/lib : mbedTLS Configuration modifications
Adding the mbedTLS configuration neede for Thread Network Protocol
support, this shows the modifications needed to be able to compile
on Zephyr
Jira: ZEP-327
Jira: ZEP-340
Change-Id: I80a8f44bc302905b7aa4568a40a6ca66dcaf42f8
Signed-off-by: Sergio Rodriguez <sergio.sf.rodriguez@intel.com>
Diffstat (limited to 'ext')
-rw-r--r-- | ext/lib/crypto/mbedtls/configs/config-threadnet.h | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/ext/lib/crypto/mbedtls/configs/config-threadnet.h b/ext/lib/crypto/mbedtls/configs/config-threadnet.h new file mode 100644 index 000000000..02ae3328c --- /dev/null +++ b/ext/lib/crypto/mbedtls/configs/config-threadnet.h @@ -0,0 +1,100 @@ +/* + * Minimal configuration for using TLS as part of Thread + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +/* + * Minimal configuration for using TLS a part of Thread + * http://threadgroup.org/ + * + * Distinguishing features: + * - no RSA or classic DH, fully based on ECC + * - no X.509 + * - support for experimental EC J-PAKE key exchange + * + * See README.txt for usage instructions. + */ + +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +#define MBEDTLS_HAVE_ASM +#define MBEDTLS_PLATFORM_C +#define MBEDTLS_PLATFORM_MEMORY +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#define MBEDTLS_PLATFORM_EXIT_ALT +#define MBEDTLS_NO_PLATFORM_ENTROPY +#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES +#define MBEDTLS_TEST_NULL_ENTROPY +#define MBEDTLS_PLATFORM_PRINTF_ALT +#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO int + +/* mbed TLS feature support */ +#define MBEDTLS_AES_ROM_TABLES +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_NIST_OPTIM +#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#define MBEDTLS_SSL_PROTO_TLS1_2 +#define MBEDTLS_SSL_PROTO_DTLS +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY +#define MBEDTLS_SSL_EXPORT_KEYS + +/* mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_CCM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ECJPAKE_C +#define MBEDTLS_ECP_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_HMAC_DRBG_C +#define MBEDTLS_MD_C +#define MBEDTLS_OID_C +#define MBEDTLS_PK_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED +#define MBEDTLS_SHA256_C +#define MBEDTLS_SSL_COOKIE_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C + + +/* Save RAM at the expense of ROM */ +#define MBEDTLS_AES_ROM_TABLES + +/* Save RAM by adjusting to our exact needs */ +#define MBEDTLS_ECP_MAX_BITS 256 +#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes + +#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 + +/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ +#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ |