|
15 | 15 | #ifndef MBEDTLS_PELION_LITE_CONFIG_H |
16 | 16 | #define MBEDTLS_PELION_LITE_CONFIG_H |
17 | 17 |
|
18 | | -/* TODO: Put the Pelion Lite config here */ |
| 18 | +#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && \ |
| 19 | + !defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_TEST_NULL_ENTROPY) |
| 20 | +#error "This hardware does not have an entropy source." |
| 21 | +#endif /* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_ENTROPY_NV_SEED && |
| 22 | + * !MBEDTLS_TEST_NULL_ENTROPY */ |
| 23 | + |
| 24 | +/* Minimize to semi-minimal base */ |
| 25 | +#undef MBEDTLS_ASN1_PARSE_C |
| 26 | +#undef MBEDTLS_ASN1_WRITE_C |
| 27 | +#undef MBEDTLS_CIPHER_MODE_CBC |
| 28 | +#undef MBEDTLS_CIPHER_PADDING_PKCS7 |
| 29 | +#undef MBEDTLS_ECDSA_DETERMINISTIC |
| 30 | +#undef MBEDTLS_ECDH_C |
| 31 | +#undef MBEDTLS_ECDSA_C |
| 32 | +#undef MBEDTLS_ECP_DP_SECP384R1_ENABLED |
| 33 | +#undef MBEDTLS_ECP_DP_CURVE25519_ENABLED |
| 34 | +#undef MBEDTLS_ECP_NIST_OPTIM |
| 35 | +#undef MBEDTLS_GCM_C |
| 36 | +#undef MBEDTLS_HMAC_DRBG_C |
| 37 | +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
| 38 | +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
| 39 | +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
| 40 | +#undef MBEDTLS_OID_C |
| 41 | +#undef MBEDTLS_PEM_PARSE_C |
| 42 | +#undef MBEDTLS_PK_C |
| 43 | +#undef MBEDTLS_PK_PARSE_C |
| 44 | +#undef MBEDTLS_PK_RSA_ALT_SUPPORT |
| 45 | +#undef MBEDTLS_PK_WRITE_C |
| 46 | +#undef MBEDTLS_RSA_C |
| 47 | +#undef MBEDTLS_SHA512_C |
| 48 | +#undef MBEDTLS_SSL_SERVER_NAME_INDICATION |
| 49 | +#undef MBEDTLS_SSL_TICKET_C |
| 50 | +#undef MBEDTLS_X509_USE_C |
| 51 | +#undef MBEDTLS_X509_CRT_PARSE_C |
| 52 | +#undef MBEDTLS_X509_CRL_PARSE_C |
| 53 | + |
| 54 | +/* These options are needed only if MBEDTLS_ECJPAKE_C is enabled (needed for thread security) */ |
| 55 | +#ifndef MBEDTLS_ECJPAKE_C |
| 56 | +#undef MBEDTLS_BIGNUM_C |
| 57 | +#undef MBEDTLS_ECP_C |
| 58 | +#undef MBEDTLS_ECP_DP_SECP256R1_ENABLED |
| 59 | +#undef MBEDTLS_SSL_EXPORT_KEYS |
| 60 | +#endif |
| 61 | + |
| 62 | +/* Client-only configuration */ |
| 63 | +#undef MBEDTLS_CERTS_C |
| 64 | +#undef MBEDTLS_SSL_CACHE_C |
| 65 | +#undef MBEDTLS_SSL_SRV_C |
| 66 | +// needed for Base64 encoding Opaque data for |
| 67 | +// registration payload, adds 500 bytes to flash. |
| 68 | +#define MBEDTLS_BASE64_C |
| 69 | + |
| 70 | +#define MBEDTLS_SSL_MAX_CONTENT_LEN 2048 |
| 71 | +#define MBEDTLS_ENTROPY_MAX_SOURCES 2 |
| 72 | + |
| 73 | +#define MBEDTLS_CIPHER_MODE_CTR |
| 74 | + |
| 75 | +/* Disable the speed optimizations of SHA256, makes binary size smaller |
| 76 | + * on Cortex-M by 1800B with ARMCC5 and 1384B with GCC 6.3. |
| 77 | + */ |
| 78 | +#define MBEDTLS_SHA256_SMALLER |
| 79 | + |
| 80 | +/* Support only PSK with AES 128 in CCM-8 mode */ |
| 81 | +#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 |
| 82 | + |
| 83 | +/* Disable some of the speed optimizations on AES code to save |
| 84 | + * ~6200 bytes of ROM. According to comments on the mbedtls PR 394, |
| 85 | + * the speed on Cortex M4 is not even reduced by this. */ |
| 86 | +#define MBEDTLS_AES_FEWER_TABLES |
| 87 | + |
| 88 | +/* Disable debug options */ |
| 89 | +#undef MBEDTLS_ERROR_C |
| 90 | +#undef MBEDTLS_SELF_TEST |
| 91 | +#undef MBEDTLS_ERROR_STRERROR_DUMMY |
| 92 | +#undef MBEDTLS_VERSION_FEATURES |
| 93 | +#undef MBEDTLS_VERSION_C |
| 94 | +#undef MBEDTLS_DEBUG_C |
19 | 95 |
|
20 | 96 | #include "mbedtls/check_config.h" |
21 | 97 |
|
|
0 commit comments