MBEDTLS_CIPHER_MODE_CBC macro

\def MBEDTLS_TIMING_ALT Uncomment to provide your own alternate implementation for mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() Only works if you have MBEDTLS_TIMING_C enabled. You will need to provide a header "timing_alt.h" and an implementation at compile time. \def MBEDTLS_AES_ALT MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your alternate core implementation of a symmetric crypto, an arithmetic or hash module (e.g. platform specific assembly optimized implementations). Keep in mind that the function prototypes should remain the same. This replaces the whole module. If you only want to replace one of the functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer provide the "struct mbedtls_aes_context" definition and omit the base function declarations and implementations. "aes_alt.h" will be included from "aes.h" to include the new function definitions. Uncomment a macro to enable alternate implementation of the corresponding module. \warning MD5, DES and SHA-1 are considered weak and their use constitutes a security risk. If possible, we recommend avoiding dependencies on them, and considering stronger message digests and ciphers instead. \def MBEDTLS_SHA256_PROCESS_ALT MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you alternate core implementation of symmetric crypto or hash function. Keep in mind that function prototypes should remain the same. This replaces only one function. The header file from Mbed TLS is still used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will no longer provide the mbedtls_sha1_process() function, but it will still provide the other function (using your mbedtls_sha1_process() function) and the definition of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible with this definition. Uncomment a macro to enable alternate implementation of the corresponding function. \warning MD5, DES and SHA-1 are considered weak and their use constitutes a security risk. If possible, we recommend avoiding dependencies on them, and considering stronger message digests and ciphers instead. \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are enabled, then the deterministic ECDH signature functions pass the the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore alternative implementations should use the RNG only for generating the ephemeral key and nothing else. If this is not possible, then MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative implementation should be provided for mbedtls_ecdsa_sign_det_ext(). \def MBEDTLS_ECP_INTERNAL_ALT Expose a part of the internal interface of the Elliptic Curve Point module. MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your alternative core implementation of elliptic curve arithmetic. Keep in mind that function prototypes should remain the same. This partially replaces one function. The header file from Mbed TLS is still used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation is still present and it is used for group structures not supported by the alternative. The original implementation can in addition be removed by setting the MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be able to fallback to curves not supported by the alternative implementation. Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT and implementing the following functions: unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp ) int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) The mbedtls_internal_ecp_grp_capable function should return 1 if the replacement functions implement arithmetic for the given group and 0 otherwise. The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are called before and after each point operation and provide an opportunity to implement optimized set up and tear down instructions. Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() function, but will use your mbedtls_internal_ecp_double_jac() if the group for the operation is supported by your implementation (i.e. your mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the group is not supported by your implementation, then the original Mbed TLS implementation of ecp_double_jac() is used instead, unless this fallback behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). The function prototypes and the definition of mbedtls_ecp_group and mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your implementation of mbedtls_internal_ecp__function_name__ must be compatible with their definitions. Uncomment a macro to enable alternate implementation of the corresponding function. \def MBEDTLS_ENTROPY_HARDWARE_ALT Uncomment this macro to let Mbed TLS use your own implementation of a hardware entropy collector. Your function must be called \c mbedtls_hardware_poll(), have the same prototype as declared in library/entropy_poll.h, and accept NULL as first argument. Uncomment to use your own hardware entropy collector. \def MBEDTLS_AES_ROM_TABLES Use precomputed AES tables stored in ROM. Uncomment this macro to use precomputed AES tables stored in ROM. Comment this macro to generate AES tables in RAM at runtime. Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the initialization time before the first AES operation can be performed. It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded performance if ROM access is slower than RAM access. This option is independent of \c MBEDTLS_AES_FEWER_TABLES. \def MBEDTLS_AES_FEWER_TABLES Use less ROM/RAM for AES tables. Uncommenting this macro omits 75% of the AES tables from ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) by computing their values on the fly during operations (the tables are entry-wise rotations of one another). Tradeoff: Uncommenting this reduces the RAM / ROM footprint by ~6kb but at the cost of more arithmetic operations during runtime. Specifically, one has to compare 4 accesses within different tables to 4 accesses with additional arithmetic operations within the same table. The performance gain/loss depends on the system and memory details. This option is independent of \c MBEDTLS_AES_ROM_TABLES. \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Use only 128-bit keys in AES operations to save ROM. Uncomment this macro to remove support for AES operations that use 192- or 256-bit keys. Uncommenting this macro reduces the size of AES code by ~300 bytes on v8-M/Thumb2. Module: library/aes.c Requires: MBEDTLS_AES_C \def MBEDTLS_CAMELLIA_SMALL_MEMORY Use less ROM for the Camellia implementation (saves about 768 bytes). Uncomment this macro to use less memory for Camellia. \def MBEDTLS_CHECK_RETURN_WARNING If this macro is defined, emit a compile-time warning if application code calls a function without checking its return value, but the return value should generally be checked in portable applications. This is only supported on platforms where #MBEDTLS_CHECK_RETURN is implemented. Otherwise this option has no effect. Uncomment to get warnings on using fallible functions without checking their return value. \def MBEDTLS_CIPHER_MODE_CBC Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.