package/libs/mbedtls/Config.in

   1 if PACKAGE_libmbedtls
   2
   3 comment "Option details in source code: include/mbedtls/mbedtls_config.h"
   4
   5 comment "Ciphers - unselect old or less-used ciphers to reduce binary size"
   6
   7 config MBEDTLS_AES_C
   8         bool "MBEDTLS_AES_C"
   9         default y
  10
  11 config MBEDTLS_CAMELLIA_C
  12         bool "MBEDTLS_CAMELLIA_C"
  13         default n
  14
  15 config MBEDTLS_CCM_C
  16         bool "MBEDTLS_CCM_C"
  17         default n
  18
  19 config MBEDTLS_CMAC_C
  20         bool "MBEDTLS_CMAC_C (old but used by hostapd)"
  21         default y
  22
  23 config MBEDTLS_DES_C
  24         bool "MBEDTLS_DES_C (old but used by hostapd)"
  25         default y
  26
  27 config MBEDTLS_GCM_C
  28         bool "MBEDTLS_GCM_C"
  29         default y
  30
  31 config MBEDTLS_NIST_KW_C
  32         bool "MBEDTLS_NIST_KW_C (old but used by hostapd)"
  33         default y
  34
  35 config MBEDTLS_RIPEMD160_C
  36         bool "MBEDTLS_RIPEMD160_C"
  37         default n
  38
  39 config MBEDTLS_RSA_NO_CRT
  40         bool "MBEDTLS_RSA_NO_CRT"
  41         default y
  42
  43 config MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
  44         bool "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED"
  45         default y
  46
  47 config MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
  48         bool "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED"
  49         default n
  50
  51 config MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
  52         bool "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED"
  53         default y
  54
  55 config MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
  56         bool "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED"
  57         default n
  58
  59 config MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
  60         bool "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED"
  61         default n
  62
  63 config MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
  64         bool "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED"
  65         default n
  66
  67 config MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
  68         bool "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED"
  69         default y
  70
  71 config MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
  72         bool "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
  73         default y
  74
  75 config MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
  76         bool "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
  77         default n
  78
  79 config MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
  80         bool "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED"
  81         default n
  82
  83 comment "Curves - unselect old or less-used curves to reduce binary size"
  84
  85 config MBEDTLS_ECP_DP_SECP192R1_ENABLED
  86         bool "MBEDTLS_ECP_DP_SECP192R1_ENABLED"
  87         default n
  88
  89 config MBEDTLS_ECP_DP_SECP224R1_ENABLED
  90         bool "MBEDTLS_ECP_DP_SECP224R1_ENABLED"
  91         default n
  92
  93 config MBEDTLS_ECP_DP_SECP256R1_ENABLED
  94         bool "MBEDTLS_ECP_DP_SECP256R1_ENABLED"
  95         default y
  96
  97 config MBEDTLS_ECP_DP_SECP384R1_ENABLED
  98         bool "MBEDTLS_ECP_DP_SECP384R1_ENABLED"
  99         default y
 100
 101 config MBEDTLS_ECP_DP_SECP521R1_ENABLED
 102         bool "MBEDTLS_ECP_DP_SECP521R1_ENABLED"
 103         default y
 104
 105 config MBEDTLS_ECP_DP_SECP192K1_ENABLED
 106         bool "MBEDTLS_ECP_DP_SECP192K1_ENABLED"
 107         default n
 108
 109 config MBEDTLS_ECP_DP_SECP224K1_ENABLED
 110         bool "MBEDTLS_ECP_DP_SECP224K1_ENABLED"
 111         default n
 112
 113 config MBEDTLS_ECP_DP_SECP256K1_ENABLED
 114         bool "MBEDTLS_ECP_DP_SECP256K1_ENABLED"
 115         default y
 116
 117 config MBEDTLS_ECP_DP_BP256R1_ENABLED
 118         bool "MBEDTLS_ECP_DP_BP256R1_ENABLED"
 119         default n
 120
 121 config MBEDTLS_ECP_DP_BP384R1_ENABLED
 122         bool "MBEDTLS_ECP_DP_BP384R1_ENABLED"
 123         default n
 124
 125 config MBEDTLS_ECP_DP_BP512R1_ENABLED
 126         bool "MBEDTLS_ECP_DP_BP512R1_ENABLED"
 127         default n
 128
 129 config MBEDTLS_ECP_DP_CURVE25519_ENABLED
 130         bool "MBEDTLS_ECP_DP_CURVE25519_ENABLED"
 131         default y
 132
 133 config MBEDTLS_ECP_DP_CURVE448_ENABLED
 134         bool "MBEDTLS_ECP_DP_CURVE448_ENABLED"
 135         default n
 136
 137 comment "Build Options - unselect features to reduce binary size"
 138
 139 config MBEDTLS_CIPHER_MODE_OFB
 140         bool "MBEDTLS_CIPHER_MODE_OFB"
 141         default n
 142
 143 config MBEDTLS_CIPHER_MODE_XTS
 144         bool "MBEDTLS_CIPHER_MODE_XTS"
 145         default n
 146
 147 config MBEDTLS_DEBUG_C
 148         bool "MBEDTLS_DEBUG_C"
 149         default n
 150
 151 config MBEDTLS_HKDF_C
 152         bool "MBEDTLS_HKDF_C"
 153         default n
 154
 155 config MBEDTLS_PLATFORM_C
 156         bool "MBEDTLS_PLATFORM_C"
 157         default n
 158
 159 config MBEDTLS_SELF_TEST
 160         bool "MBEDTLS_SELF_TEST"
 161         default n
 162
 163 config MBEDTLS_THREADING_C
 164         bool "MBEDTLS_THREADING_C"
 165         default y
 166
 167 config MBEDTLS_THREADING_PTHREAD
 168         def_bool MBEDTLS_THREADING_C
 169
 170 config MBEDTLS_VERSION_C
 171         bool "MBEDTLS_VERSION_C"
 172         default n
 173
 174 config MBEDTLS_VERSION_FEATURES
 175         bool "MBEDTLS_VERSION_FEATURES"
 176         default n
 177
 178 config MBEDTLS_PSA_CRYPTO_CLIENT
 179         bool "MBEDTLS_PSA_CRYPTO_CLIENT"
 180
 181 config MBEDTLS_DEPRECATED_WARNING
 182         bool "MBEDTLS_DEPRECATED_WARNING"
 183         default n
 184
 185 config MBEDTLS_SSL_PROTO_TLS1_2
 186         bool "MBEDTLS_SSL_PROTO_TLS1_2"
 187         default y
 188
 189 config MBEDTLS_SSL_PROTO_TLS1_3
 190         bool "MBEDTLS_SSL_PROTO_TLS1_3"
 191         select MBEDTLS_PSA_CRYPTO_CLIENT
 192         select MBEDTLS_HKDF_C
 193         default y
 194
 195 config MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
 196         bool "MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE"
 197         depends on MBEDTLS_SSL_PROTO_TLS1_3
 198         default y
 199
 200 config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
 201         bool "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED"
 202         depends on MBEDTLS_SSL_PROTO_TLS1_3
 203         default y
 204
 205 config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
 206         bool "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED"
 207         depends on MBEDTLS_SSL_PROTO_TLS1_3
 208         default y
 209
 210 config MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
 211         bool "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED"
 212         depends on MBEDTLS_SSL_PROTO_TLS1_3
 213         default y
 214
 215 comment "Build Options"
 216
 217 config MBEDTLS_ENTROPY_FORCE_SHA256
 218         bool "MBEDTLS_ENTROPY_FORCE_SHA256"
 219         default y
 220
 221 config MBEDTLS_SSL_RENEGOTIATION
 222         bool "MBEDTLS_SSL_RENEGOTIATION"
 223         depends on MBEDTLS_SSL_PROTO_TLS1_2
 224         default n
 225
 226 endif