TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move trailing macro comments to previous line.

Browse Source 
Clang-format was severy confused with following construct:
\\#define MBEDTLS_macro_name     /**< description */

Used script:
```
import re
import sys

for arg in sys.argv[1:]:
    print(arg)
with open(arg, 'r') as file:
    content = file.read()
    content = re.sub(r"((//)?#define MBEDTLS_\w+ *(?<= )-?\w+) *(/\*\*<(.*))", r"/**\4\n\1", \
        content, flags = re.M)
with open(arg, 'w') as file:
    file.write(content)
```

Executed with:
`find . -regextype posix-egrep -regex ".*\.([hc]|fmt|function)" | xargs -L1 python script.py`

One comment in ctr_drbg.h had to be fixed manually, because /**< was spanning on multiple line.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
Mateusz Starzyk
2021-07-22 16:43:35 +02:00
parent d30917c65a
commit 16fec33e59
21 changed files with 530 additions and 266 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
include/mbedtls/aes.h
View File

@@ -47,8 +47,10 @@
#include <stdint.h>
/* padlock.c and aesni.c rely on these values! */
#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */
#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
/** AES encryption. */
#define MBEDTLS_AES_ENCRYPT 1
/** AES decryption. */
#define MBEDTLS_AES_DECRYPT 0
/* Error codes in range 0x0020-0x0022 */
/** Invalid key length. */

15
include/mbedtls/aria.h
View File

@@ -37,12 +37,17 @@
#include "mbedtls/platform_util.h"
#define MBEDTLS_ARIA_ENCRYPT 1 /**< ARIA encryption. */
#define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */
/** ARIA encryption. */
#define MBEDTLS_ARIA_ENCRYPT 1
/** ARIA decryption. */
#define MBEDTLS_ARIA_DECRYPT 0
#define MBEDTLS_ARIA_BLOCKSIZE 16 /**< ARIA block size in bytes. */
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
/** ARIA block size in bytes. */
#define MBEDTLS_ARIA_BLOCKSIZE 16
/** Maxiumum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_ROUNDS 16
/** Maximum size of an ARIA key in bytes. */
#define MBEDTLS_ARIA_MAX_KEYSIZE 32
/** Bad input data. */
#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C

6
include/mbedtls/bignum.h
View File

@@ -71,7 +71,8 @@
*
* Reduction in size, reduces speed.
*/
#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
/** Maximum window size used. */
#define MBEDTLS_MPI_WINDOW_SIZE 6
#endif /* !MBEDTLS_MPI_WINDOW_SIZE */
#if !defined(MBEDTLS_MPI_MAX_SIZE)
@@ -82,7 +83,8 @@
* Note: Calculations can temporarily result in larger MPIs. So the number
* of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher.
*/
#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
/** Maximum number of bytes for usable MPIs. */
#define MBEDTLS_MPI_MAX_SIZE 1024
#endif /* !MBEDTLS_MPI_MAX_SIZE */
#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */

6
include/mbedtls/cipher.h
View File

@@ -66,8 +66,10 @@
/** The context is invalid. For example, because it was freed. */
#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */
/** Cipher accepts IVs of variable length. */
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
/** Cipher accepts keys of variable length. */
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
#ifdef __cplusplus
extern "C" {

6
include/mbedtls/cmac.h
View File

@@ -39,9 +39,11 @@ extern "C" {
#define MBEDTLS_DES3_BLOCK_SIZE 8
#if defined(MBEDTLS_AES_C)
#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */
/** The longest block used by CMAC is that of AES. */
#define MBEDTLS_CIPHER_BLKSIZE_MAX 16
#else
#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */
/** The longest block used by CMAC is that of 3DES. */
#define MBEDTLS_CIPHER_BLKSIZE_MAX 8
#endif
#if !defined(MBEDTLS_CMAC_ALT)

3
include/mbedtls/ctr_drbg.h
View File

@@ -59,7 +59,8 @@
/** Read or write error in file. */
#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */
/** The block size used by the cipher. */
#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
#define MBEDTLS_CTR_DRBG_KEYSIZE 16

15
include/mbedtls/ecp.h
View File

@@ -278,7 +278,8 @@ mbedtls_ecp_group;
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< The maximum window size used. */
/** The maximum window size used. */
#define MBEDTLS_ECP_WINDOW_SIZE 4
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
@@ -294,7 +295,8 @@ mbedtls_ecp_group;
*
* Change this value to 0 to reduce code size.
*/
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
/** Enable fixed-point speed-up. */
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
@@ -427,13 +429,16 @@ mbedtls_ecp_keypair;
/*
* Point formats, from RFC 4492's enum ECPointFormat
*/
#define MBEDTLS_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format. */
#define MBEDTLS_ECP_PF_COMPRESSED 1 /**< Compressed point format. */
/** Uncompressed point format. */
#define MBEDTLS_ECP_PF_UNCOMPRESSED 0
/** Compressed point format. */
#define MBEDTLS_ECP_PF_COMPRESSED 1
/*
* Some other constants from RFC 4492
*/
#define MBEDTLS_ECP_TLS_NAMED_CURVE 3 /**< The named_curve of ECCurveType. */
/** The named_curve of ECCurveType. */
#define MBEDTLS_ECP_TLS_NAMED_CURVE 3
#if defined(MBEDTLS_ECP_RESTARTABLE)
/**

21
include/mbedtls/entropy.h
View File

@@ -62,26 +62,33 @@
*/
#if !defined(MBEDTLS_ENTROPY_MAX_SOURCES)
#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
/** Maximum number of sources supported */
#define MBEDTLS_ENTROPY_MAX_SOURCES 20
#endif
#if !defined(MBEDTLS_ENTROPY_MAX_GATHER)
#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
/** Maximum amount requested from entropy sources */
#define MBEDTLS_ENTROPY_MAX_GATHER 128
#endif
/* \} name SECTION: Module settings */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
/** Block size of entropy accumulator (SHA-512) */
#define MBEDTLS_ENTROPY_BLOCK_SIZE 64
#else
#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
/** Block size of entropy accumulator (SHA-256) */
#define MBEDTLS_ENTROPY_BLOCK_SIZE 32
#endif
#define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */
/** Maximum size of seed we read from seed file */
#define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024
#define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES
#define MBEDTLS_ENTROPY_SOURCE_STRONG 1 /**< Entropy source is strong */
#define MBEDTLS_ENTROPY_SOURCE_WEAK 0 /**< Entropy source is weak */
/** Entropy source is strong */
#define MBEDTLS_ENTROPY_SOURCE_STRONG 1
/** Entropy source is weak */
#define MBEDTLS_ENTROPY_SOURCE_WEAK 0
#ifdef __cplusplus
extern "C" {

18
include/mbedtls/hmac_drbg.h
View File

@@ -56,25 +56,31 @@
*/
#if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
/** Interval before reseed is performed by default */
#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000
#endif
#if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
/** Maximum number of additional input bytes */
#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256
#endif
#if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
/** Maximum number of requested bytes per call */
#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024
#endif
#if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
/** Maximum size of (re)seed buffer */
#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384
#endif
/* \} name SECTION: Module settings */
#define MBEDTLS_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
#define MBEDTLS_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
/** No prediction resistance */
#define MBEDTLS_HMAC_DRBG_PR_OFF 0
/** Prediction resistance enabled */
#define MBEDTLS_HMAC_DRBG_PR_ON 1
#ifdef __cplusplus
extern "C" {

135
include/mbedtls/mbedtls_config.h
View File

@@ -3014,64 +3014,103 @@
*/
/* MPI / BIGNUM options */
//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
/** Maximum window size used. */
//#define MBEDTLS_MPI_WINDOW_SIZE 6
/** Maximum number of bytes for usable MPIs. */
//#define MBEDTLS_MPI_MAX_SIZE 1024
/* CTR_DRBG options */
//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
/** Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
/** Interval before reseed is performed by default */
//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
/** Maximum number of additional input bytes */
//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256
/** Maximum number of requested bytes per call */
//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
/** Maximum size of (re)seed buffer */
//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
/* HMAC_DRBG options */
//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
/** Interval before reseed is performed by default */
//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000
/** Maximum number of additional input bytes */
//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256
/** Maximum number of requested bytes per call */
//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024
/** Maximum size of (re)seed buffer */
//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384
/* ECP options */
//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
/** Maximum window size used */
//#define MBEDTLS_ECP_WINDOW_SIZE 4
/** Enable fixed-point speed-up */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1
/* Entropy options */
//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
/** Maximum number of sources supported */
//#define MBEDTLS_ENTROPY_MAX_SOURCES 20
/** Maximum amount requested from entropy sources */
//#define MBEDTLS_ENTROPY_MAX_GATHER 128
/** Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32
/* Memory buffer allocator options */
//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
/** Align on multiples of this value */
//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4
/* Platform options */
//#define MBEDTLS_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
/** Default allocator to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_CALLOC calloc
/** Default free to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_FREE free
/** Default exit to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT exit
/** Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_STD_TIME time
/** Default fprintf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf
/** Default printf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_PRINTF printf
/* Note: your snprintf must correctly zero-terminate the buffer! */
//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
/** Default snprintf to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf
/** Default exit value to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0
/** Default exit value to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1
/** Default nv_seed_read function to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read
/** Default nv_seed_write function to use, can be undefined */
//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write
//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */
/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
/** Default allocator macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc
/** Default free macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_FREE_MACRO free
/** Default exit macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_EXIT_MACRO exit
/** Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_TIME_MACRO time
/** Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t
/** Default fprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf
/** Default printf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf
/* Note: your snprintf must correctly zero-terminate the buffer! */
//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
/** Default snprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf
/** Default vsnprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf
/** Default nv_seed_read function to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read
/** Default nv_seed_write function to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write
/* PSA options */
/**
@@ -3098,8 +3137,10 @@
//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
/* SSL Cache options */
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
/** 1 day */
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400
/** Maximum entries in cache */
//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50
/* SSL options */
@@ -3191,8 +3232,10 @@
*/
//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768
//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
/** Max size of TLS pre-shared keys, in bytes (default 256 bits) */
//#define MBEDTLS_PSK_MAX_LEN 32
/** Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60
/**
* Complete list of ciphersuites to use, in order of preference.
@@ -3209,8 +3252,10 @@
//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
/* X509 options */
//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
/** Maximum number of intermediate CAs in a verification chain. */
//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8
/** Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
/**
* Uncomment the macro to let mbed TLS use your alternate implementation of

3
include/mbedtls/memory_buffer_alloc.h
View File

@@ -35,7 +35,8 @@
*/
#if !defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
/** Align on multiples of this value */
#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4
#endif
/* \} name SECTION: Module settings */

15
include/mbedtls/net_sockets.h
View File

@@ -73,13 +73,18 @@
/** Input invalid. */
#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049
#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
/** The backlog that listen() should use. */
#define MBEDTLS_NET_LISTEN_BACKLOG 10
#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
/** The TCP transport protocol */
#define MBEDTLS_NET_PROTO_TCP 0
/** The UDP transport protocol */
#define MBEDTLS_NET_PROTO_UDP 1
#define MBEDTLS_NET_POLL_READ 1 /**< Used in \c mbedtls_net_poll to check for pending data */
#define MBEDTLS_NET_POLL_WRITE 2 /**< Used in \c mbedtls_net_poll to check if write possible */
/** Used in \c mbedtls_net_poll to check for pending data */
#define MBEDTLS_NET_POLL_READ 1
/** Used in \c mbedtls_net_poll to check if write possible */
#define MBEDTLS_NET_POLL_WRITE 2
#ifdef __cplusplus
extern "C" {

9
include/mbedtls/pkcs12.h
View File

@@ -39,9 +39,12 @@
/** Given private key password does not allow for correct decryption. */
#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00
#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
#define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
/** encryption/decryption key */
#define MBEDTLS_PKCS12_DERIVE_KEY 1
/** initialization vector */
#define MBEDTLS_PKCS12_DERIVE_IV 2
/** integrity / MAC key */
#define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3
#define MBEDTLS_PKCS12_PBE_DECRYPT 0
#define MBEDTLS_PKCS12_PBE_ENCRYPT 1

36
include/mbedtls/platform.h
View File

@@ -65,41 +65,53 @@ extern "C" {
#include <time.h>
#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */
/** The default \c snprintf function to use. */
#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf
#else
#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< The default \c snprintf function to use. */
/** The default \c snprintf function to use. */
#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf
#endif
#endif
#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
#define MBEDTLS_PLATFORM_STD_VSNPRINTF mbedtls_platform_win32_vsnprintf /**< The default \c vsnprintf function to use. */
/** The default \c vsnprintf function to use. */
#define MBEDTLS_PLATFORM_STD_VSNPRINTF mbedtls_platform_win32_vsnprintf
#else
#define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf /**< The default \c vsnprintf function to use. */
/** The default \c vsnprintf function to use. */
#define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf
#endif
#endif
#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< The default \c printf function to use. */
/** The default \c printf function to use. */
#define MBEDTLS_PLATFORM_STD_PRINTF printf
#endif
#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< The default \c fprintf function to use. */
/** The default \c fprintf function to use. */
#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf
#endif
#if !defined(MBEDTLS_PLATFORM_STD_CALLOC)
#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< The default \c calloc function to use. */
/** The default \c calloc function to use. */
#define MBEDTLS_PLATFORM_STD_CALLOC calloc
#endif
#if !defined(MBEDTLS_PLATFORM_STD_FREE)
#define MBEDTLS_PLATFORM_STD_FREE free /**< The default \c free function to use. */
/** The default \c free function to use. */
#define MBEDTLS_PLATFORM_STD_FREE free
#endif
#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
#define MBEDTLS_PLATFORM_STD_EXIT exit /**< The default \c exit function to use. */
/** The default \c exit function to use. */
#define MBEDTLS_PLATFORM_STD_EXIT exit
#endif
#if !defined(MBEDTLS_PLATFORM_STD_TIME)
#define MBEDTLS_PLATFORM_STD_TIME time /**< The default \c time function to use. */
/** The default \c time function to use. */
#define MBEDTLS_PLATFORM_STD_TIME time
#endif
#if !defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS /**< The default exit value to use. */
/** The default exit value to use. */
#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS
#endif
#if !defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE EXIT_FAILURE /**< The default exit value to use. */
/** The default exit value to use. */
#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE EXIT_FAILURE
#endif
#if defined(MBEDTLS_FS_IO)
#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)

12
include/mbedtls/rsa.h
View File

@@ -64,11 +64,15 @@
* RSA constants
*/
#define MBEDTLS_RSA_PKCS_V15 0 /**< Use PKCS#1 v1.5 encoding. */
#define MBEDTLS_RSA_PKCS_V21 1 /**< Use PKCS#1 v2.1 encoding. */
/** Use PKCS#1 v1.5 encoding. */
#define MBEDTLS_RSA_PKCS_V15 0
/** Use PKCS#1 v2.1 encoding. */
#define MBEDTLS_RSA_PKCS_V21 1
#define MBEDTLS_RSA_SIGN 1 /**< Identifier for RSA signature operations. */
#define MBEDTLS_RSA_CRYPT 2 /**< Identifier for RSA encryption and decryption operations. */
/** Identifier for RSA signature operations. */
#define MBEDTLS_RSA_SIGN 1
/** Identifier for RSA encryption and decryption operations. */
#define MBEDTLS_RSA_CRYPT 2
#define MBEDTLS_RSA_SALT_LEN_ANY -1

3
include/mbedtls/ssl.h
View File

@@ -319,7 +319,8 @@
/*
* Signaling ciphersuite values (SCSV)
*/
#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
/** renegotiation info ext */
#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF
/*
* Supported Signature and Hash algorithms (For TLS 1.2)

412
include/mbedtls/ssl_ciphersuites.h
View File

@@ -36,27 +36,37 @@ extern "C" {
/*
* Supported ciphersuites (Official IANA names)
*/
#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */
#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
/** Weak! */
#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
/** Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
/** Weak! */
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */
/** Weak! */
#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
@@ -70,72 +80,112 @@ extern "C" {
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
/** Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
/** Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
/** Weak! */
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */
/** Weak! */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
@@ -145,44 +195,82 @@ extern "C" {
#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
@@ -193,25 +281,43 @@ extern "C" {
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
@@ -222,39 +328,67 @@ extern "C" {
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
/* The last two are named with PSK_DHE in the RFC, which looks like a typo */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF /**< experimental */
/** experimental */
#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
/* RFC 7905 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA
/** TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB
/** TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC
/** TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD
/** TLS 1.2 */
#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE
/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
* Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below
@@ -349,10 +483,12 @@ typedef enum {
typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
#define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */
#define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag,
eg for CCM_8 */
#define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */
/** Weak ciphersuite flag */
#define MBEDTLS_CIPHERSUITE_WEAK 0x01
/** Short authentication tag, eg for CCM_8 */
#define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
/** Can't be used with DTLS */
#define MBEDTLS_CIPHERSUITE_NODTLS 0x04
/**
* \brief This structure is used for storing ciphersuite information

3
include/mbedtls/ssl_cookie.h
View File

@@ -39,7 +39,8 @@
* \{
*/
#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
/** Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
#define MBEDTLS_SSL_COOKIE_TIMEOUT 60
#endif
/* \} name SECTION: Module settings */

63
include/mbedtls/x509.h
View File

@@ -100,26 +100,46 @@
* \{
*/
/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */
#define MBEDTLS_X509_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
#define MBEDTLS_X509_BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */
#define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
#define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */
#define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 /**< The CRL is not correctly signed by the trusted CA. */
#define MBEDTLS_X509_BADCRL_EXPIRED 0x20 /**< The CRL is expired. */
#define MBEDTLS_X509_BADCERT_MISSING 0x40 /**< Certificate was missing. */
#define MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
#define MBEDTLS_X509_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
#define MBEDTLS_X509_BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */
#define MBEDTLS_X509_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */
#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */
#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */
#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */
#define MBEDTLS_X509_BADCERT_BAD_MD 0x4000 /**< The certificate is signed with an unacceptable hash. */
#define MBEDTLS_X509_BADCERT_BAD_PK 0x8000 /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
#define MBEDTLS_X509_BADCERT_BAD_KEY 0x010000 /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */
#define MBEDTLS_X509_BADCRL_BAD_MD 0x020000 /**< The CRL is signed with an unacceptable hash. */
#define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
#define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
/** The certificate validity has expired. */
#define MBEDTLS_X509_BADCERT_EXPIRED 0x01
/** The certificate has been revoked (is on a CRL). */
#define MBEDTLS_X509_BADCERT_REVOKED 0x02
/** The certificate Common Name (CN) does not match with the expected CN. */
#define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04
/** The certificate is not correctly signed by the trusted CA. */
#define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08
/** The CRL is not correctly signed by the trusted CA. */
#define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10
/** The CRL is expired. */
#define MBEDTLS_X509_BADCRL_EXPIRED 0x20
/** Certificate was missing. */
#define MBEDTLS_X509_BADCERT_MISSING 0x40
/** Certificate verification was skipped. */
#define MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80
/** Other reason (can be used by verify callback) */
#define MBEDTLS_X509_BADCERT_OTHER 0x0100
/** The certificate validity starts in the future. */
#define MBEDTLS_X509_BADCERT_FUTURE 0x0200
/** The CRL is from the future */
#define MBEDTLS_X509_BADCRL_FUTURE 0x0400
/** Usage does not match the keyUsage extension. */
#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800
/** Usage does not match the extendedKeyUsage extension. */
#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000
/** Usage does not match the nsCertType extension. */
#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000
/** The certificate is signed with an unacceptable hash. */
#define MBEDTLS_X509_BADCERT_BAD_MD 0x4000
/** The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
#define MBEDTLS_X509_BADCERT_BAD_PK 0x8000
/** The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */
#define MBEDTLS_X509_BADCERT_BAD_KEY 0x010000
/** The CRL is signed with an unacceptable hash. */
#define MBEDTLS_X509_BADCRL_BAD_MD 0x020000
/** The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
#define MBEDTLS_X509_BADCRL_BAD_PK 0x040000
/** The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
#define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000
/* \} name */
/* \} addtogroup x509_module */
@@ -207,7 +227,8 @@
#define MBEDTLS_X509_FORMAT_DER 1
#define MBEDTLS_X509_FORMAT_PEM 2
#define MBEDTLS_X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */
/** Maximum value size of a DN entry */
#define MBEDTLS_X509_MAX_DN_NAME_SIZE 256
#ifdef __cplusplus
extern "C" {

6
library/entropy_poll.h
View File

@@ -33,9 +33,11 @@ extern "C" {
/*
* Default thresholds for built-in sources, in bytes
*/
#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */
/** Minimum for platform source */
#define MBEDTLS_ENTROPY_MIN_PLATFORM 32
#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
/** Minimum for the hardware source */
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32
#endif
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)

3
library/padlock.h
View File

@@ -30,7 +30,8 @@
#include "mbedtls/aes.h"
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
/** Input data should be aligned. */
#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030
#if defined(__has_feature)
#if __has_feature(address_sanitizer)