// Copyright Open Logistics Foundation
//
// Licensed under the Open Logistics Foundation License 1.3.
// For details on the licensing terms, see the LICENSE file.
// SPDX-License-Identifier: OLFL-1.3

// Config file inspired by the config-ccm-psk-dtls1_2.h file from the mbedtls release

// For the TLS_PSK_WITH_AES_128_CCM_8 suite:
// AES
#define MBEDTLS_AES_C
// CCM
#define MBEDTLS_CCM_C
// SHA256
#define MBEDTLS_MD_C
#define MBEDTLS_SHA256_C
// PSK
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_PSK_MAX_LEN 16

// Enable TLS with DTLS support
#define MBEDTLS_SSL_TLS_C
#define MBEDTLS_CIPHER_C
#define MBEDTLS_SSL_PROTO_TLS1_2
#define MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_COOKIE_C
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY

// Client
#define MBEDTLS_SSL_CLI_C
// Server
//#define MBEDTLS_SSL_SRV_C

// Cryptographic Pseudo Random Number Generator (PRNG). Still, a good entropy source is required to
// seed/initialize the PRNG.
// Alternatively to this one, MBEDTLS_HMAC_DRBG_C could be used.
#define MBEDTLS_CTR_DRBG_C

// Enables support for RFC 6066 max_fragment_length extension in SSL.
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH

// Error messages and TLS debugging traces
// (huge code size increase, e.g. around 30kB in release mode for thumbv7em-none-eabihf)
//
// TODO Enable via Rust feature
//#define MBEDTLS_DEBUG_C
#define MBEDTLS_ERROR_C