mbed TLS v3.3.0
Loading...
Searching...
No Matches
check_config.h
Go to the documentation of this file.
1
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 */
22
23#ifndef MBEDTLS_CHECK_CONFIG_H
24#define MBEDTLS_CHECK_CONFIG_H
25
26/*
27 * We assume CHAR_BIT is 8 in many places. In practice, this is true on our
28 * target platforms, so not an issue, but let's just be extra sure.
29 */
30#include <limits.h>
31#if CHAR_BIT != 8
32#error "mbed TLS requires a platform with 8-bit chars"
33#endif
34
35#include <stdint.h>
36
37#if defined(_WIN32)
38#if !defined(MBEDTLS_PLATFORM_C)
39#error "MBEDTLS_PLATFORM_C is required on Windows"
40#endif
41
42/* Fix the config here. Not convenient to put an #ifdef _WIN32 in mbedtls_config.h as
43 * it would confuse config.py. */
44#if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \
45 !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
46#define MBEDTLS_PLATFORM_SNPRINTF_ALT
47#endif
48
49#if !defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && \
50 !defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
51#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
52#endif
53#endif /* _WIN32 */
54
55#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C)
56#error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS"
57#endif
58
59#if defined(MBEDTLS_DEPRECATED_WARNING) && \
60 !defined(__GNUC__) && !defined(__clang__)
61#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang"
62#endif
63
64#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_HAVE_TIME)
65#error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense"
66#endif
67
68#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM)
69#error "MBEDTLS_AESNI_C defined, but not all prerequisites"
70#endif
71
72#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
73#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
74#endif
75
76#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C)
77#error "MBEDTLS_DHM_C defined, but not all prerequisites"
78#endif
79
80#if defined(MBEDTLS_CMAC_C) && \
81 ( !defined(MBEDTLS_CIPHER_C ) || ( !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) ) )
82#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
83#endif
84
85#if defined(MBEDTLS_NIST_KW_C) && \
86 ( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CIPHER_C) )
87#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites"
88#endif
89
90#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
91#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
92#endif
93
94#if defined(MBEDTLS_ECDSA_C) && \
95 ( !defined(MBEDTLS_ECP_C) || \
96 !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
97 defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
98 defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
99 defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
100 defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
101 defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
102 defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
103 defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \
104 defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
105 defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
106 defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \
107 !defined(MBEDTLS_ASN1_PARSE_C) || \
108 !defined(MBEDTLS_ASN1_WRITE_C) )
109#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
110#endif
111
112#if defined(MBEDTLS_ECJPAKE_C) && \
113 ( !defined(MBEDTLS_ECP_C) || \
114 !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) )
115#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
116#endif
117
118#if defined(MBEDTLS_ECP_RESTARTABLE) && \
119 ( defined(MBEDTLS_USE_PSA_CRYPTO) || \
120 defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \
121 defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) || \
122 defined(MBEDTLS_ECDSA_SIGN_ALT) || \
123 defined(MBEDTLS_ECDSA_VERIFY_ALT) || \
124 defined(MBEDTLS_ECDSA_GENKEY_ALT) || \
125 defined(MBEDTLS_ECP_INTERNAL_ALT) || \
126 defined(MBEDTLS_ECP_ALT) )
127#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative or PSA-based ECP implementation"
128#endif
129
130#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
131#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
132#endif
133
134#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \
135 !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \
136 !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \
137 !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \
138 !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \
139 !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \
140 !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \
141 !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \
142 !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
143 !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
144 !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
145 !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \
146 !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \
147 !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) )
148#error "MBEDTLS_ECP_C defined, but not all prerequisites"
149#endif
150
151#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C)
152#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
153#endif
154
155#if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_CIPHER_C)
156#error "MBEDTLS_PKCS12_C defined, but not all prerequisites"
157#endif
158
159#if defined(MBEDTLS_PKCS5_C) && \
160 ( !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) || \
161 !defined(MBEDTLS_CIPHER_C) )
162#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
163#endif
164
165#if defined(MBEDTLS_PKCS12_C) && \
166 !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) )
167#error "MBEDTLS_PKCS12_C defined, but not all prerequisites"
168#endif
169
170#if defined(MBEDTLS_PKCS1_V21) && \
171 !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) )
172#error "MBEDTLS_PKCS1_V21 defined, but not all prerequisites"
173#endif
174
175#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \
176 !defined(MBEDTLS_SHA256_C))
177#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
178#endif
179#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_SHA512_C) && \
180 defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64)
181#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
182#endif
183#if defined(MBEDTLS_ENTROPY_C) && \
184 ( !defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_ENTROPY_FORCE_SHA256) ) \
185 && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32)
186#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
187#endif
188#if defined(MBEDTLS_ENTROPY_C) && \
189 defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_SHA256_C)
190#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
191#endif
192
193#if defined(__has_feature)
194#if __has_feature(memory_sanitizer)
195#define MBEDTLS_HAS_MEMSAN
196#endif
197#endif
198#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) && !defined(MBEDTLS_HAS_MEMSAN)
199#error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer"
200#endif
201#undef MBEDTLS_HAS_MEMSAN
202
203#if defined(MBEDTLS_CCM_C) && ( \
204 !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
205#error "MBEDTLS_CCM_C defined, but not all prerequisites"
206#endif
207
208#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C)
209#error "MBEDTLS_CCM_C defined, but not all prerequisites"
210#endif
211
212#if defined(MBEDTLS_GCM_C) && ( \
213 !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
214#error "MBEDTLS_GCM_C defined, but not all prerequisites"
215#endif
216
217#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C)
218#error "MBEDTLS_GCM_C defined, but not all prerequisites"
219#endif
220
221#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C)
222#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
223#endif
224
225#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C)
226#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
227#endif
228
229#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
230#error "MBEDTLS_ECP_RANDOMIZE_JAC_ALT defined, but not all prerequisites"
231#endif
232
233#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
234#error "MBEDTLS_ECP_ADD_MIXED_ALT defined, but not all prerequisites"
235#endif
236
237#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
238#error "MBEDTLS_ECP_DOUBLE_JAC_ALT defined, but not all prerequisites"
239#endif
240
241#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
242#error "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT defined, but not all prerequisites"
243#endif
244
245#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
246#error "MBEDTLS_ECP_NORMALIZE_JAC_ALT defined, but not all prerequisites"
247#endif
248
249#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
250#error "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT defined, but not all prerequisites"
251#endif
252
253#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
254#error "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT defined, but not all prerequisites"
255#endif
256
257#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
258#error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites"
259#endif
260
261#if defined(MBEDTLS_ECP_NO_FALLBACK) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
262#error "MBEDTLS_ECP_NO_FALLBACK defined, but no alternative implementation enabled"
263#endif
264
265#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C)
266#error "MBEDTLS_HKDF_C defined, but not all prerequisites"
267#endif
268
269#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C)
270#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites"
271#endif
272
273#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
274 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
275 !defined(MBEDTLS_X509_CRT_PARSE_C) )
276#error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
277#endif
278
279#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
280 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \
281 !defined(MBEDTLS_X509_CRT_PARSE_C) )
282#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
283#endif
284
285#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C)
286#error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
287#endif
288
289#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
290 !defined(MBEDTLS_ECDH_C)
291#error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
292#endif
293
294#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
295 ( !defined(MBEDTLS_DHM_C) || !defined(MBEDTLS_RSA_C) || \
296 !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) )
297#error "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
298#endif
299
300#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
301 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \
302 !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) )
303#error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
304#endif
305
306#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
307 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
308 !defined(MBEDTLS_X509_CRT_PARSE_C) )
309#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
310#endif
311
312#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
313 ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
314 !defined(MBEDTLS_PKCS1_V15) )
315#error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
316#endif
317
318#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
319 ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
320 !defined(MBEDTLS_PKCS1_V15) )
321#error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
322#endif
323
324#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
325 ( !defined(MBEDTLS_ECJPAKE_C) || \
326 !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) )
327#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites"
328#endif
329
330/* Use of EC J-PAKE in TLS requires SHA-256.
331 * This will be taken from MD if it is present, or from PSA if MD is absent.
332 * Note: ECJPAKE_C depends on MD_C || PSA_CRYPTO_C. */
333#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
334 !( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) && \
335 !( !defined(MBEDTLS_MD_C) && defined(PSA_WANT_ALG_SHA_256) )
336#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites"
337#endif
338
339#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
340 !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) && \
341 ( !defined(MBEDTLS_SHA256_C) && \
342 !defined(MBEDTLS_SHA512_C) && \
343 !defined(MBEDTLS_SHA1_C) )
344#error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires MBEDTLS_SHA512_C, MBEDTLS_SHA256_C or MBEDTLS_SHA1_C"
345#endif
346
347#if defined(MBEDTLS_MD_C) && !( \
348 defined(MBEDTLS_MD5_C) || \
349 defined(MBEDTLS_RIPEMD160_C) || \
350 defined(MBEDTLS_SHA1_C) || \
351 defined(MBEDTLS_SHA224_C) || \
352 defined(MBEDTLS_SHA256_C) || \
353 defined(MBEDTLS_SHA384_C) || \
354 defined(MBEDTLS_SHA512_C) )
355#error "MBEDTLS_MD_C defined, but not all prerequisites"
356#endif
357
358#if defined(MBEDTLS_LMS_C) && \
359 ! ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
360#error "MBEDTLS_LMS_C requires MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256"
361#endif
362
363#if defined(MBEDTLS_LMS_PRIVATE) && \
364 ( !defined(MBEDTLS_LMS_C) )
365#error "MBEDTLS_LMS_PRIVATE requires MBEDTLS_LMS_C"
366#endif
367
368#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
369 ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
370#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
371#endif
372
373#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
374#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites"
375#endif
376
377#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
378#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
379#endif
380
381#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
382#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
383#endif
384
385#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
386#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
387#endif
388
389#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C)
390#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites"
391#endif
392
393#if defined(MBEDTLS_PK_C) && \
394 !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C)
395#error "MBEDTLS_PK_C defined, but not all prerequisites"
396#endif
397
398#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_PK_C)
399#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
400#endif
401
402#if defined(MBEDTLS_PK_WRITE_C) && !defined(MBEDTLS_PK_C)
403#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites"
404#endif
405
406#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C)
407#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites"
408#endif
409
410#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C)
411#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites"
412#endif
413
414#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\
415 ( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\
416 defined(MBEDTLS_PLATFORM_EXIT_ALT) )
417#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously"
418#endif
419
420#if defined(MBEDTLS_PLATFORM_SETBUF_ALT) && !defined(MBEDTLS_PLATFORM_C)
421#error "MBEDTLS_PLATFORM_SETBUF_ALT defined, but not all prerequisites"
422#endif
423
424#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
425#error "MBEDTLS_PLATFORM_SETBUF_MACRO defined, but not all prerequisites"
426#endif
427
428#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) &&\
429 ( defined(MBEDTLS_PLATFORM_STD_SETBUF) ||\
430 defined(MBEDTLS_PLATFORM_SETBUF_ALT) )
431#error "MBEDTLS_PLATFORM_SETBUF_MACRO and MBEDTLS_PLATFORM_STD_SETBUF/MBEDTLS_PLATFORM_SETBUF_ALT cannot be defined simultaneously"
432#endif
433
434#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\
435 ( !defined(MBEDTLS_PLATFORM_C) ||\
436 !defined(MBEDTLS_HAVE_TIME) )
437#error "MBEDTLS_PLATFORM_TIME_ALT defined, but not all prerequisites"
438#endif
439
440#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
441 ( !defined(MBEDTLS_PLATFORM_C) ||\
442 !defined(MBEDTLS_HAVE_TIME) )
443#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites"
444#endif
445
446#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
447 ( !defined(MBEDTLS_PLATFORM_C) ||\
448 !defined(MBEDTLS_HAVE_TIME) )
449#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO defined, but not all prerequisites"
450#endif
451
452#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
453 ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
454 defined(MBEDTLS_PLATFORM_TIME_ALT) )
455#error "MBEDTLS_PLATFORM_TIME_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
456#endif
457
458#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
459 ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
460 defined(MBEDTLS_PLATFORM_TIME_ALT) )
461#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
462#endif
463
464#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
465#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites"
466#endif
467
468#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
469#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites"
470#endif
471
472#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\
473 ( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\
474 defined(MBEDTLS_PLATFORM_FPRINTF_ALT) )
475#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously"
476#endif
477
478#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
479 ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
480#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites"
481#endif
482
483#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
484 defined(MBEDTLS_PLATFORM_STD_FREE)
485#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously"
486#endif
487
488#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
489#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is"
490#endif
491
492#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
493 ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
494#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites"
495#endif
496
497#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
498 defined(MBEDTLS_PLATFORM_STD_CALLOC)
499#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously"
500#endif
501
502#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO)
503#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is"
504#endif
505
506#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C)
507#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites"
508#endif
509
510#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
511#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites"
512#endif
513
514#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
515#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites"
516#endif
517
518#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\
519 ( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\
520 defined(MBEDTLS_PLATFORM_PRINTF_ALT) )
521#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously"
522#endif
523
524#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
525#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites"
526#endif
527
528#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
529#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites"
530#endif
531
532#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\
533 ( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\
534 defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) )
535#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously"
536#endif
537
538#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
539#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites"
540#endif
541
542#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
543#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites"
544#endif
545
546#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\
547 ( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\
548 defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) )
549#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously"
550#endif
551
552#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\
553 !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
554#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites"
555#endif
556
557#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
558#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
559#endif
560
561#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
562#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
563#endif
564
565#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\
566 !defined(MBEDTLS_PLATFORM_EXIT_ALT)
567#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites"
568#endif
569
570#if defined(MBEDTLS_PLATFORM_STD_TIME) &&\
571 ( !defined(MBEDTLS_PLATFORM_TIME_ALT) ||\
572 !defined(MBEDTLS_HAVE_TIME) )
573#error "MBEDTLS_PLATFORM_STD_TIME defined, but not all prerequisites"
574#endif
575
576#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\
577 !defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
578#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites"
579#endif
580
581#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\
582 !defined(MBEDTLS_PLATFORM_PRINTF_ALT)
583#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites"
584#endif
585
586#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\
587 !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
588#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites"
589#endif
590
591#if defined(MBEDTLS_ENTROPY_NV_SEED) &&\
592 ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_ENTROPY_C) )
593#error "MBEDTLS_ENTROPY_NV_SEED defined, but not all prerequisites"
594#endif
595
596#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) &&\
597 !defined(MBEDTLS_ENTROPY_NV_SEED)
598#error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites"
599#endif
600
601#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) &&\
602 !defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
603#error "MBEDTLS_PLATFORM_STD_NV_SEED_READ defined, but not all prerequisites"
604#endif
605
606#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) &&\
607 !defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
608#error "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE defined, but not all prerequisites"
609#endif
610
611#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) &&\
612 ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) ||\
613 defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
614#error "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_READ cannot be defined simultaneously"
615#endif
616
617#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) &&\
618 ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) ||\
619 defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
620#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
621#endif
622
623#if defined(MBEDTLS_PSA_CRYPTO_C) && \
624 !( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \
625 defined(MBEDTLS_ENTROPY_C) ) || \
626 defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) )
627#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)"
628#endif
629
630#if defined(MBEDTLS_PSA_CRYPTO_C) && !defined(MBEDTLS_CIPHER_C )
631#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
632#endif
633
634#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
635#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
636#endif
637
638#if defined(MBEDTLS_PSA_CRYPTO_SE_C) && \
639 ! ( defined(MBEDTLS_PSA_CRYPTO_C) && \
640 defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) )
641#error "MBEDTLS_PSA_CRYPTO_SE_C defined, but not all prerequisites"
642#endif
643
644#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
645#if defined(MBEDTLS_DEPRECATED_REMOVED)
646#error "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS"
647#elif defined(MBEDTLS_DEPRECATED_WARNING)
648#warning "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS"
649#endif
650#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
651
652#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
653 ! defined(MBEDTLS_PSA_CRYPTO_C)
654#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
655#endif
656
657#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
658 !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
659 defined(MBEDTLS_ENTROPY_NV_SEED) )
660#error "MBEDTLS_PSA_INJECT_ENTROPY defined, but not all prerequisites"
661#endif
662
663#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
664 !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
665#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources"
666#endif
667
668#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
669 defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
670#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG"
671#endif
672
673#if defined(MBEDTLS_PSA_ITS_FILE_C) && \
674 !defined(MBEDTLS_FS_IO)
675#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites"
676#endif
677
678#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
679 !defined(MBEDTLS_OID_C) )
680#error "MBEDTLS_RSA_C defined, but not all prerequisites"
681#endif
682
683#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \
684 !defined(MBEDTLS_PKCS1_V15) )
685#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled"
686#endif
687
688#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
689 ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) )
690#error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
691#endif
692
693#if defined(MBEDTLS_SHA384_C) && !defined(MBEDTLS_SHA512_C)
694#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C"
695#endif
696
697#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \
698 defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
699#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*"
700#endif
701
702#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \
703 defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
704#if !defined(MBEDTLS_SHA512_C)
705#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C"
706#endif
707#if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT)
708#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*"
709#endif
710/*
711 * Best performance comes from most recent compilers, with intrinsics and -O3.
712 * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and
713 * can't always detect __ARM_FEATURE_SHA512 (notably clang 7-12).
714 *
715 * GCC < 8 won't work at all (lacks the sha512 instructions)
716 * GCC >= 8 uses intrinsics, sets __ARM_FEATURE_SHA512
717 *
718 * Clang < 7 won't work at all (lacks the sha512 instructions)
719 * Clang 7-12 don't have intrinsics (but we work around that with inline
720 * assembler) or __ARM_FEATURE_SHA512
721 * Clang == 13.0.0 same as clang 12 (only seen on macOS)
722 * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics
723 */
724#if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512)
725 /* Test Clang first, as it defines __GNUC__ */
726# if defined(__clang__)
727# if __clang_major__ < 7
728# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
729# elif __clang_major__ < 13 || \
730 (__clang_major__ == 13 && __clang_minor__ == 0 && __clang_patchlevel__ == 0)
731 /* We implement the intrinsics with inline assembler, so don't error */
732# else
733# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
734# endif
735# elif defined(__GNUC__)
736# if __GNUC__ < 8
737# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
738# else
739# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
740# endif
741# else
742# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
743# endif
744#endif
745
746#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */
747
748#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__)
749#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
750#endif
751
752#if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_C)
753#error "MBEDTLS_SHA224_C defined without MBEDTLS_SHA256_C"
754#endif
755
756#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA224_C)
757#error "MBEDTLS_SHA256_C defined without MBEDTLS_SHA224_C"
758#endif
759
760#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \
761 defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)
762#error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*"
763#endif
764
765#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \
766 defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)
767#if !defined(MBEDTLS_SHA256_C)
768#error "MBEDTLS_SHA256_USE_A64_CRYPTO_* defined without MBEDTLS_SHA256_C"
769#endif
770#if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT)
771#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*"
772#endif
773#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO)
774#error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*"
775#endif
776#endif
777
778#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \
779 !defined(__aarch64__) && !defined(_M_ARM64)
780#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
781#endif
782
783#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_USE_PSA_CRYPTO) && \
784 !( defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) )
785#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
786#endif
787
788/* TLS 1.3 requires separate HKDF parts from PSA */
789#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
790 !( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_HKDF_EXTRACT) && defined(PSA_WANT_ALG_HKDF_EXPAND) )
791#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites"
792#endif
793
794/* TLS 1.3 requires at least one ciphersuite, so at least SHA-256 or SHA-384 */
795#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
796/* We always need at least one of the hashes via PSA (for use with HKDF) */
797#if !( defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384) )
798#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites"
799#endif /* !(PSA_WANT_ALG_SHA_256 || PSA_WANT_ALG_SHA_384) */
800#if !defined(MBEDTLS_USE_PSA_CRYPTO)
801/* When USE_PSA_CRYPTO is not defined, we also need SHA-256 or SHA-384 via the
802 * legacy interface, including via the MD layer, for the parts of the code
803 * that are shared with TLS 1.2 (running handshake hash). */
804#if !defined(MBEDTLS_MD_C) || \
805 !( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA384_C) )
806#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites"
807#endif /* !MBEDTLS_MD_C || !(MBEDTLS_SHA256_C || MBEDTLS_SHA384_C) */
808#endif /* !MBEDTLS_USE_PSA_CRYPTO */
809#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
810
811#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
812#if !( defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
813 ( defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_PKCS1_V21) ) )
814#error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites"
815#endif
816#endif
817
818#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
819#if !( defined(MBEDTLS_ECDH_C) )
820#error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED defined, but not all prerequisites"
821#endif
822#endif
823
824/*
825 * The current implementation of TLS 1.3 requires MBEDTLS_SSL_KEEP_PEER_CERTIFICATE.
826 */
827#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
828#error "MBEDTLS_SSL_PROTO_TLS1_3 defined without MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
829#endif
830
831#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
832 !(defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
833 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
834 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
835 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
836 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
837 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
838 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
839 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
840 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
841 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
842 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) )
843#error "One or more versions of the TLS protocol are enabled " \
844 "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx"
845#endif
846
847#if defined(MBEDTLS_SSL_EARLY_DATA) && \
848 ( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \
849 ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \
850 !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) ) )
851#error "MBEDTLS_SSL_EARLY_DATA defined, but not all prerequisites"
852#endif
853
854#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
855 ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) || \
856 ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 ) || \
857 ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
858#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)"
859#endif
860
861#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
862 !defined(MBEDTLS_SSL_PROTO_TLS1_2)
863#error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites"
864#endif
865
866#if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C)
867#error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites"
868#endif
869
870#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \
871 ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
872#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites"
873#endif
874
875#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C)
876#error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites"
877#endif
878
879#if defined(MBEDTLS_SSL_TLS_C) && \
880 !( defined(MBEDTLS_SSL_PROTO_TLS1_2) || defined(MBEDTLS_SSL_PROTO_TLS1_3) )
881#error "MBEDTLS_SSL_TLS_C defined, but no protocols are active"
882#endif
883
884#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS)
885#error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites"
886#endif
887
888#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \
889 !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
890#error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE defined, but not all prerequisites"
891#endif
892
893#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) && \
894 ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
895#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites"
896#endif
897
898#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
899 ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
900#error "MBEDTLS_SSL_DTLS_CONNECTION_ID defined, but not all prerequisites"
901#endif
902
903#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
904 defined(MBEDTLS_SSL_CID_IN_LEN_MAX) && \
905 MBEDTLS_SSL_CID_IN_LEN_MAX > 255
906#error "MBEDTLS_SSL_CID_IN_LEN_MAX too large (max 255)"
907#endif
908
909#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
910 defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) && \
911 MBEDTLS_SSL_CID_OUT_LEN_MAX > 255
912#error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)"
913#endif
914
915#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT) && \
916 !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
917#error "MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT defined, but not all prerequisites"
918#endif
919
920#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT) && MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT != 0
921#if defined(MBEDTLS_DEPRECATED_REMOVED)
922#error "MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT is deprecated and will be removed in a future version of Mbed TLS"
923#elif defined(MBEDTLS_DEPRECATED_WARNING)
924#warning "MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT is deprecated and will be removed in a future version of Mbed TLS"
925#endif
926#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT && MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT != 0 */
927
928#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
929 !defined(MBEDTLS_SSL_PROTO_TLS1_2)
930#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequisites"
931#endif
932
933#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
934 !defined(MBEDTLS_SSL_PROTO_TLS1_2)
935#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites"
936#endif
937
938#if defined(MBEDTLS_SSL_TICKET_C) && ( !defined(MBEDTLS_CIPHER_C) && \
939 !defined(MBEDTLS_USE_PSA_CRYPTO) )
940#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
941#endif
942
943#if defined(MBEDTLS_SSL_TICKET_C) && \
944 !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) )
945#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
946#endif
947
948#if defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH) && \
949 MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH >= 256
950#error "MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH must be less than 256"
951#endif
952
953#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
954 !defined(MBEDTLS_X509_CRT_PARSE_C)
955#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
956#endif
957
958#if defined(MBEDTLS_THREADING_PTHREAD)
959#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
960#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"
961#endif
962#define MBEDTLS_THREADING_IMPL
963#endif
964
965#if defined(MBEDTLS_THREADING_ALT)
966#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
967#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"
968#endif
969#define MBEDTLS_THREADING_IMPL
970#endif
971
972#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL)
973#error "MBEDTLS_THREADING_C defined, single threading implementation required"
974#endif
975#undef MBEDTLS_THREADING_IMPL
976
977#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_C)
978#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
979#endif
980
981#if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
982#error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
983#endif
984
985#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
986 !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
987 !defined(MBEDTLS_PK_PARSE_C) || \
988 ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
989#error "MBEDTLS_X509_USE_C defined, but not all prerequisites"
990#endif
991
992#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
993 !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \
994 !defined(MBEDTLS_PK_PARSE_C) || \
995 ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
996#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
997#endif
998
999#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
1000#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites"
1001#endif
1002
1003#if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
1004#error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites"
1005#endif
1006
1007#if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
1008#error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites"
1009#endif
1010
1011#if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) )
1012#error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites"
1013#endif
1014
1015#if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) )
1016#error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites"
1017#endif
1018
1019#if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)
1020#error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously"
1021#endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */
1022
1023#if ( defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64) ) && \
1024 defined(MBEDTLS_HAVE_ASM)
1025#error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously"
1026#endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */
1027
1028#if defined(MBEDTLS_SSL_DTLS_SRTP) && ( !defined(MBEDTLS_SSL_PROTO_DTLS) )
1029#error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
1030#endif
1031
1032#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) && ( !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) )
1033#error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites"
1034#endif
1035
1036#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) )
1037#error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites"
1038#endif
1039
1040/* Reject attempts to enable options that have been removed and that could
1041 * cause a build to succeed but with features removed. */
1042
1043#if defined(MBEDTLS_HAVEGE_C) //no-check-names
1044#error "MBEDTLS_HAVEGE_C was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/2599"
1045#endif
1046
1047#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) //no-check-names
1048#error "MBEDTLS_SSL_HW_RECORD_ACCEL was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031"
1049#endif
1050
1051#if defined(MBEDTLS_SSL_PROTO_SSL3) //no-check-names
1052#error "MBEDTLS_SSL_PROTO_SSL3 (SSL v3.0 support) was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031"
1053#endif
1054
1055#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) //no-check-names
1056#error "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO (SSL v2 ClientHello support) was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031"
1057#endif
1058
1059#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) //no-check-names
1060#error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT (compatibility with the buggy implementation of truncated HMAC in Mbed TLS up to 2.7) was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031"
1061#endif
1062
1063#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES) //no-check-names
1064#error "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES was removed in Mbed TLS 3.0. See the ChangeLog entry if you really need SHA-1-signed certificates."
1065#endif
1066
1067#if defined(MBEDTLS_ZLIB_SUPPORT) //no-check-names
1068#error "MBEDTLS_ZLIB_SUPPORT was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4031"
1069#endif
1070
1071#if defined(MBEDTLS_CHECK_PARAMS) //no-check-names
1072#error "MBEDTLS_CHECK_PARAMS was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4313"
1073#endif
1074
1075#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY) //no-check-names
1076#error "MBEDTLS_SSL_CID_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4335"
1077#endif
1078
1079#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY) //no-check-names
1080#error "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4335"
1081#endif
1082
1083#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) //no-check-names
1084#error "MBEDTLS_SSL_TRUNCATED_HMAC was removed in Mbed TLS 3.0. See https://github.com/Mbed-TLS/mbedtls/issues/4341"
1085#endif
1086
1087#if defined(MBEDTLS_PKCS7_C) && ( ( !defined(MBEDTLS_ASN1_PARSE_C) ) || \
1088 ( !defined(MBEDTLS_OID_C) ) || ( !defined(MBEDTLS_PK_PARSE_C) ) || \
1089 ( !defined(MBEDTLS_X509_CRT_PARSE_C) ) ||\
1090 ( !defined(MBEDTLS_X509_CRL_PARSE_C) ) || ( !defined(MBEDTLS_BIGNUM_C) ) || \
1091 ( !defined(MBEDTLS_MD_C) ) )
1092#error "MBEDTLS_PKCS7_C is defined, but not all prerequisites"
1093#endif
1094
1095/*
1096 * Avoid warning from -pedantic. This is a convenient place for this
1097 * workaround since this is included by every single file before the
1098 * #if defined(MBEDTLS_xxx_C) that results in empty translation units.
1099 */
1101
1102#endif /* MBEDTLS_CHECK_CONFIG_H */
int mbedtls_iso_c_forbids_empty_translation_units