3 * Copyright (c) 2020-2021 Project CHIP Authors
4 * Copyright (c) 2019 Google LLC.
5 * Copyright (c) 2013-2018 Nest Labs, Inc.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
22 * This file defines default compile-time configuration constants
25 * Package integrators that wish to override these values should
26 * either use preprocessor definitions or create a project-
27 * specific chipProjectConfig.h header and then assert
28 * HAVE_CHIPPROJECTCONFIG_H via the package configuration tool
29 * via --with-chip-project-includes=DIR where DIR is the
30 * directory that contains the header.
32 * NOTE WELL: On some platforms, this header is included by C-language programs.
38 #if CHIP_HAVE_CONFIG_H
39 #include <core/CHIPBuildConfig.h>
42 #include <ble/BleConfig.h>
43 #include <system/SystemConfig.h>
45 /* COMING SOON: making the INET Layer optional entails making this inclusion optional. */
46 //#include "InetConfig.h"
48 #if INET_CONFIG_ENABLE_TCP_ENDPOINT && INET_TCP_IDLE_CHECK_INTERVAL <= 0
49 #error "chip SDK requires INET_TCP_IDLE_CHECK_INTERVAL > 0"
50 #endif // INET_CONFIG_ENABLE_TCP_ENDPOINT && INET_TCP_IDLE_CHECK_INTERVAL <= 0
52 /* Include a project-specific configuration file, if defined.
54 * An application or module that incorporates chip can define a project configuration
55 * file to override standard chip configuration with application-specific values.
56 * The chipProjectConfig.h file is typically located outside the Openchip source tree,
57 * alongside the source code for the application.
59 #ifdef CHIP_PROJECT_CONFIG_INCLUDE
60 #include CHIP_PROJECT_CONFIG_INCLUDE
63 /* Include a platform-specific configuration file, if defined.
65 * A platform configuration file contains overrides to standard chip configuration
66 * that are specific to the platform or OS on which chip is running. It is typically
67 * provided as apart of an adaptation layer that adapts Openchip to the target
68 * environment. This adaptation layer may be included in the Openchip source tree
69 * itself or implemented externally.
71 #ifdef CHIP_PLATFORM_CONFIG_INCLUDE
72 #include CHIP_PLATFORM_CONFIG_INCLUDE
75 // Profile-specific Configuration Headers
77 * @def CHIP_CONFIG_ERROR_TYPE
80 * This defines the data type used to represent errors for chip.
83 #ifndef CHIP_CONFIG_ERROR_TYPE
86 #define CHIP_CONFIG_ERROR_TYPE int32_t
87 #endif // CHIP_CONFIG_ERROR_TYPE
90 * @def CHIP_CONFIG_NO_ERROR
93 * This defines the chip error code for no error or success.
96 #ifndef CHIP_CONFIG_NO_ERROR
97 #define CHIP_CONFIG_NO_ERROR 0
98 #endif // CHIP_CONFIG_NO_ERROR
101 * @def CHIP_CONFIG_ERROR_MIN
104 * This defines the base or minimum chip error number range.
107 #ifndef CHIP_CONFIG_ERROR_MIN
108 #define CHIP_CONFIG_ERROR_MIN 4000
109 #endif // CHIP_CONFIG_ERROR_MIN
112 * @def CHIP_CONFIG_ERROR_MAX
115 * This defines the top or maximum chip error number range.
118 #ifndef CHIP_CONFIG_ERROR_MAX
119 #define CHIP_CONFIG_ERROR_MAX 4999
120 #endif // CHIP_CONFIG_ERROR_MAX
123 * @def _CHIP_CONFIG_ERROR
126 * This defines a mapping function for chip errors that allows
127 * mapping such errors into a platform- or system-specific manner.
130 #ifndef _CHIP_CONFIG_ERROR
131 #define _CHIP_CONFIG_ERROR(e) (CHIP_ERROR_MIN + (e))
132 #endif // _CHIP_CONFIG_ERROR
135 * @def CHIP_CONFIG_USE_OPENSSL_ECC
138 * Use the OpenSSL implementation of the elliptic curve primitives
139 * for chip communication.
141 * Note that this option is mutually exclusive with
142 * #CHIP_CONFIG_USE_MICRO_ECC.
144 #ifndef CHIP_CONFIG_USE_OPENSSL_ECC
145 #define CHIP_CONFIG_USE_OPENSSL_ECC 1
146 #endif // CHIP_CONFIG_USE_OPENSSL_ECC
149 * @def CHIP_CONFIG_USE_MICRO_ECC
152 * Use the Micro ECC implementation of the elliptic curve primitives
153 * for chip communication.
155 * Note that this option is mutually exclusive with
156 * #CHIP_CONFIG_USE_OPENSSL_ECC.
159 #ifndef CHIP_CONFIG_USE_MICRO_ECC
160 #define CHIP_CONFIG_USE_MICRO_ECC 0
161 #endif // CHIP_CONFIG_USE_MICRO_ECC
163 #if CHIP_CONFIG_USE_MICRO_ECC && CHIP_CONFIG_USE_OPENSSL_ECC
164 #error "Please assert one of either CHIP_CONFIG_USE_MICRO_ECC or CHIP_CONFIG_USE_OPENSSL_ECC, but not both."
165 #endif // CHIP_CONFIG_USE_MICRO_ECC && CHIP_CONFIG_USE_OPENSSL_ECC
168 * @name chip Elliptic Curve Security Configuration
171 * The following definitions enable one or more of four potential
174 * * #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1
175 * * #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
176 * * #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
177 * * #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
183 * @def CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1
186 * Enable (1) or disable (0) support for the Standards for
187 * Efficient Cryptography Group (SECG) secp160r1 elliptic curve.
190 #ifndef CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1
191 #define CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1 0
192 #endif // CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1
195 * @def CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
198 * Enable (1) or disable (0) support for the Standards for
199 * Efficient Cryptography Group (SECG) secp192r1 elliptic curve.
202 #ifndef CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
203 #define CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1 1
204 #endif // CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
207 * @def CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
210 * Enable (1) or disable (0) support for the Standards for
211 * Efficient Cryptography Group (SECG) secp224r1 / National
212 * Institute of Standards (NIST) P-224 elliptic curve.
215 #ifndef CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
216 #define CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1 1
217 #endif // CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
220 * @def CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
223 * Enable (1) or disable (0) support for the Standards for
224 * Efficient Cryptography Group (SECG) secp256r1 / American
225 * National Standards Institute (ANSI) prime256v1 / National
226 * Institute of Standards (NIST) P-256 elliptic curve.
229 #ifndef CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
230 #define CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1 1
231 #endif // CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
238 * @name chip Password Authenticated Session Establishment (PASE) Configuration
241 * The following definitions define the configurations supported
242 * for chip's Password Authenticated Session Establishment (PASE)
245 * This protocol is used primarily for establishing a secure
246 * session for provisioning. chip supports the following PASE
249 * * #CHIP_CONFIG_SUPPORT_PASE_CONFIG0_TEST_ONLY
250 * * #CHIP_CONFIG_SUPPORT_PASE_CONFIG1
251 * * #CHIP_CONFIG_SUPPORT_PASE_CONFIG2
252 * * #CHIP_CONFIG_SUPPORT_PASE_CONFIG3
253 * * #CHIP_CONFIG_SUPPORT_PASE_CONFIG4
254 * * #CHIP_CONFIG_SUPPORT_PASE_CONFIG5
256 * which are summarized in the table below:
258 * | Configuration | J-PAKE Style | Curve | Test Only | Notes |
259 * | :------------: | :-------------- | :-------: | :---------: | :----------------------------------- |
260 * | 0 | - | - | Y | Test-only |
261 * | 1 | Finite Field | - | N | Original chip default configuration |
262 * | 2 | Elliptic Curve | secp160r1 | N | |
263 * | 3 | Elliptic Curve | secp192r1 | N | |
264 * | 4 | Elliptic Curve | secp224r1 | N | Future chip default configuration |
265 * | 5 | Elliptic Curve | secp256r1 | N | |
272 * @def CHIP_CONFIG_SUPPORT_PASE_CONFIG0_TEST_ONLY
275 * This chip PASE configuration does not use the J-PAKE algorithm
276 * and sends deterministic messages over the communications
277 * channel. The size and structure of the messages are similar to
278 * #CHIP_CONFIG_SUPPORT_PASE_CONFIG5.
280 * @note The results of this configuration are insecure because the
281 * computational overhead of the cryptography has largely been
282 * disabled since the focus of this configuration is testing
283 * the overall PASE protocol exchange, independently of the
287 #ifndef CHIP_CONFIG_SUPPORT_PASE_CONFIG0_TEST_ONLY
288 #define CHIP_CONFIG_SUPPORT_PASE_CONFIG0_TEST_ONLY 0
289 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG0_TEST_ONLY
292 * @def CHIP_CONFIG_SUPPORT_PASE_CONFIG1
295 * This chip PASE configuration uses Finite Field J-PAKE and is
296 * the original, default chip PASE configuration.
299 #ifndef CHIP_CONFIG_SUPPORT_PASE_CONFIG1
300 #define CHIP_CONFIG_SUPPORT_PASE_CONFIG1 1
301 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG1
304 * @def CHIP_CONFIG_SUPPORT_PASE_CONFIG2
307 * This chip PASE configuration uses Elliptic Curve J-PAKE with a
308 * SECG secp160r1 curve.
310 * @note When this PASE configuration is enabled, the corresponding
311 * elliptic curve (i.e. #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1)
312 * should also be enabled.
315 #ifndef CHIP_CONFIG_SUPPORT_PASE_CONFIG2
316 #define CHIP_CONFIG_SUPPORT_PASE_CONFIG2 0
317 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG2
320 * @def CHIP_CONFIG_SUPPORT_PASE_CONFIG3
323 * This chip PASE configuration uses Elliptic Curve J-PAKE with a
324 * SECG secp192r1 curve.
326 * @note When this PASE configuration is enabled, the corresponding
327 * elliptic curve (i.e. #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1)
328 * should also be enabled.
331 #ifndef CHIP_CONFIG_SUPPORT_PASE_CONFIG3
332 #define CHIP_CONFIG_SUPPORT_PASE_CONFIG3 0
333 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG3
336 * @def CHIP_CONFIG_SUPPORT_PASE_CONFIG4
339 * This chip PASE configuration uses Elliptic Curve J-PAKE with a
340 * SECG secp224r1 curve and will be the new, default chip PASE
343 * @note When this PASE configuration is enabled, the corresponding
344 * elliptic curve (i.e. #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1)
345 * should also be enabled.
348 #ifndef CHIP_CONFIG_SUPPORT_PASE_CONFIG4
349 #define CHIP_CONFIG_SUPPORT_PASE_CONFIG4 1
350 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG4
353 * @def CHIP_CONFIG_SUPPORT_PASE_CONFIG5
356 * This chip PASE configuration uses Elliptic Curve J-PAKE with a
357 * SECG secp256r1 curve.
359 * @note When this PASE configuration is enabled, the corresponding
360 * elliptic curve (i.e. #CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1)
361 * should also be enabled.
364 #ifndef CHIP_CONFIG_SUPPORT_PASE_CONFIG5
365 #define CHIP_CONFIG_SUPPORT_PASE_CONFIG5 0
366 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG5
372 #if CHIP_CONFIG_SUPPORT_PASE_CONFIG2 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1
373 #error "Please assert CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1 when CHIP_CONFIG_SUPPORT_PASE_CONFIG2 is asserted"
374 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG2 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP160R1
376 #if CHIP_CONFIG_SUPPORT_PASE_CONFIG3 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
377 #error "Please assert CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1 when CHIP_CONFIG_SUPPORT_PASE_CONFIG3 is asserted"
378 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG3 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
380 #if CHIP_CONFIG_SUPPORT_PASE_CONFIG4 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
381 #error "Please assert CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1 when CHIP_CONFIG_SUPPORT_PASE_CONFIG4 is asserted"
382 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG4 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
384 #if CHIP_CONFIG_SUPPORT_PASE_CONFIG5 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
385 #error "Please assert CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1 when CHIP_CONFIG_SUPPORT_PASE_CONFIG5 is asserted"
386 #endif // CHIP_CONFIG_SUPPORT_PASE_CONFIG5 && !CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
389 * @def CHIP_CONFIG_PASE_MESSAGE_PAYLOAD_ALIGNMENT
392 * Align payload on 4-byte boundary for PASE messages.
393 * Currently, payload alignment is required only when micro-ecc
394 * library is used and it is compiled with ARM assembly.
395 * If implementation guarantees that payload is always 4-byte
396 * aligned this option should stay deasserted to save code size.
399 #ifndef CHIP_CONFIG_PASE_MESSAGE_PAYLOAD_ALIGNMENT
400 #if CHIP_CONFIG_USE_MICRO_ECC
401 #define CHIP_CONFIG_PASE_MESSAGE_PAYLOAD_ALIGNMENT 1
403 #define CHIP_CONFIG_PASE_MESSAGE_PAYLOAD_ALIGNMENT 0
404 #endif // CHIP_CONFIG_USE_MICRO_ECC
405 #endif // CHIP_CONFIG_PASE_MESSAGE_PAYLOAD_ALIGNMENT
408 * @def CHIP_CONFIG_PASE_RATE_LIMITER_TIMEOUT
411 * The amount of time (in milliseconds) in which the Security Manager
412 * is allowed to have maximum #CHIP_CONFIG_PASE_RATE_LIMITER_MAX_ATTEMPTS
413 * counted PASE attempts.
416 #ifndef CHIP_CONFIG_PASE_RATE_LIMITER_TIMEOUT
417 #define CHIP_CONFIG_PASE_RATE_LIMITER_TIMEOUT 15000
418 #endif // CHIP_CONFIG_PASE_RATE_LIMITER_TIMEOUT
421 * @def CHIP_CONFIG_PASE_RATE_LIMITER_MAX_ATTEMPTS
424 * The maximum number of PASE attempts after which the
425 * next PASE session establishment attempt will be allowed
426 * only after #CHIP_CONFIG_PASE_RATE_LIMITER_TIMEOUT expires.
427 * * For PASE negotiations with key confirmation option enabled:
428 * only attempts that failed with key confirmation error are counted.
429 * Successful PASE negotiations do not reset the rate limiter.
430 * * For PASE negotiations with key confirmation option disabled:
431 * every PASE negotiation, successful or otherwise, is added
432 * to the rate limiter.
435 #ifndef CHIP_CONFIG_PASE_RATE_LIMITER_MAX_ATTEMPTS
436 #define CHIP_CONFIG_PASE_RATE_LIMITER_MAX_ATTEMPTS 3
437 #endif // CHIP_CONFIG_PASE_RATE_LIMITER_MAX_ATTEMPTS
440 * @name chip Security Manager Memory Management Configuration
443 * The following definitions enable one of three potential chip
444 * Security Manager memory-management options:
446 * * #CHIP_CONFIG_MEMORY_MGMT_PLATFORM
447 * * #CHIP_CONFIG_MEMORY_MGMT_SIMPLE
448 * * #CHIP_CONFIG_MEMORY_MGMT_MALLOC
450 * Note that these options are mutually exclusive and only one
451 * of these options should be set.
457 * @def CHIP_CONFIG_MEMORY_MGMT_PLATFORM
460 * Enable (1) or disable (0) support for platform-specific
461 * implementation of chip Security Manager memory-management
464 * @note This configuration is mutual exclusive with
465 * #CHIP_CONFIG_MEMORY_MGMT_SIMPLE and
466 * #CHIP_CONFIG_MEMORY_MGMT_MALLOC.
469 #ifndef CHIP_CONFIG_MEMORY_MGMT_PLATFORM
470 #define CHIP_CONFIG_MEMORY_MGMT_PLATFORM 0
471 #endif // CHIP_CONFIG_MEMORY_MGMT_PLATFORM
474 * @def CHIP_CONFIG_MEMORY_MGMT_SIMPLE
477 * Enable (1) or disable (0) support for a chip-provided
478 * implementation of chip Security Manager memory-management
479 * functions based on temporary network buffer allocation /
482 * @note This configuration is mutual exclusive with
483 * #CHIP_CONFIG_MEMORY_MGMT_PLATFORM and
484 * #CHIP_CONFIG_MEMORY_MGMT_MALLOC.
487 #ifndef CHIP_CONFIG_MEMORY_MGMT_SIMPLE
488 #define CHIP_CONFIG_MEMORY_MGMT_SIMPLE 0
489 #endif // CHIP_CONFIG_MEMORY_MGMT_SIMPLE
492 * @def CHIP_CONFIG_MEMORY_MGMT_MALLOC
495 * Enable (1) or disable (0) support for a chip-provided
496 * implementation of chip Security Manager memory-management
497 * functions based on the C Standard Library malloc / free
500 * @note This configuration is mutual exclusive with
501 * #CHIP_CONFIG_MEMORY_MGMT_PLATFORM and
502 * #CHIP_CONFIG_MEMORY_MGMT_SIMPLE.
505 #ifndef CHIP_CONFIG_MEMORY_MGMT_MALLOC
506 #define CHIP_CONFIG_MEMORY_MGMT_MALLOC 1
507 #endif // CHIP_CONFIG_MEMORY_MGMT_MALLOC
513 #if ((CHIP_CONFIG_MEMORY_MGMT_PLATFORM + CHIP_CONFIG_MEMORY_MGMT_SIMPLE + CHIP_CONFIG_MEMORY_MGMT_MALLOC) != 1)
515 "Please assert exactly one of CHIP_CONFIG_MEMORY_MGMT_PLATFORM, CHIP_CONFIG_MEMORY_MGMT_SIMPLE, or CHIP_CONFIG_MEMORY_MGMT_MALLOC."
516 #endif // ((CHIP_CONFIG_MEMORY_MGMT_PLATFORM + CHIP_CONFIG_MEMORY_MGMT_SIMPLE + CHIP_CONFIG_MEMORY_MGMT_MALLOC) != 1)
518 #if !CHIP_CONFIG_MEMORY_MGMT_MALLOC && CHIP_SYSTEM_CONFIG_USE_BSD_IFADDRS
519 #error "!CHIP_CONFIG_MEMORY_MGMT_MALLOC but getifaddrs() uses malloc()"
523 * @def CHIP_CONFIG_SIMPLE_ALLOCATOR_USE_SMALL_BUFFERS
526 * Enable (1) or disable (0) simple memory allocator support
527 * for small size network buffers. When enabled, this configuration
528 * requires 4 network buffers with minimum available payload size of
531 * @note This configuration is only relevant when
532 * #CHIP_CONFIG_MEMORY_MGMT_SIMPLE is set and
536 #ifndef CHIP_CONFIG_SIMPLE_ALLOCATOR_USE_SMALL_BUFFERS
537 #define CHIP_CONFIG_SIMPLE_ALLOCATOR_USE_SMALL_BUFFERS 0
538 #endif // CHIP_CONFIG_SIMPLE_ALLOCATOR_USE_SMALL_BUFFERS
541 * @def CHIP_CONFIG_MEMORY_DEBUG_CHECKS
544 * Enable (1) or disable (0) building with additional code
545 * for memory-related checks.
547 #ifndef CHIP_CONFIG_MEMORY_DEBUG_CHECKS
548 #define CHIP_CONFIG_MEMORY_DEBUG_CHECKS 0
549 #endif // CHIP_CONFIG_MEMORY_DEBUG_CHECKS
552 * @def CHIP_CONFIG_MEMORY_DEBUG_DMALLOC
555 * Enable (1) or disable (0) malloc memory allocator support
556 * for dmalloc, an open-source debug malloc library. When enabled,
557 * additional checks and logging of allocations may be performed,
558 * with some performance cost.
560 * @note This configuration is most relevant when
561 * #CHIP_CONFIG_MEMORY_MGMT_MALLOC is set, but may also
562 * affect other configurations where application or platform
563 * code uses the malloc() family.
566 #ifndef CHIP_CONFIG_MEMORY_DEBUG_DMALLOC
567 #define CHIP_CONFIG_MEMORY_DEBUG_DMALLOC 0
568 #endif // CHIP_CONFIG_MEMORY_DEBUG_DMALLOC
571 * @name chip Security Manager Time-Consuming Crypto Alerts.
574 * The following definitions enable one of two potential chip
575 * Security Manager time-consuming crypto alerts implementations:
577 * * #CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY
578 * * #CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM
580 * Note that these options are mutually exclusive and only one
581 * of these options should be set.
587 * @def CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY
590 * Enable (1) or disable (0) support for chip-provided dummy
591 * implementation of chip security manager time-consuming
592 * crypto alerts functions.
594 * @note This configuration is mutual exclusive with
595 * #CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM.
598 #ifndef CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY
599 #define CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY 1
600 #endif // CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY
603 * @def CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM
606 * Enable (1) or disable (0) support for a platform-specific
607 * implementation of chip security manager time-consuming
608 * crypto alerts functions.
610 * @note This configuration is mutual exclusive with
611 * #CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY.
614 #ifndef CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM
615 #define CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM 0
616 #endif // CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM
622 #if ((CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY + CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM) != 1)
623 #error "Please assert exactly one of CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY or CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM."
624 #endif // ((CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_DUMMY + CHIP_CONFIG_SECURITY_MGR_TIME_ALERTS_PLATFORM) != 1)
627 * @name chip Random Number Generator (RNG) Implementation Configuration
630 * The following definitions enable one of three potential chip
631 * RNG implementation options:
633 * * #CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM
634 * * #CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG
635 * * #CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL
637 * Note that these options are mutually exclusive and only one of
638 * these options should be set.
644 * @def CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM
647 * Enable (1) or disable (0) support for platform-specific
648 * implementation of the chip Random Number Generator.
650 * @note This configuration is mutual exclusive with
651 * #CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG and
652 * #CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL.
655 #ifndef CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM
656 #define CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM 0
657 #endif // CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM
660 * @def CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG
663 * Enable (1) or disable (0) support for a chip-provided
664 * implementation of the chip Random Number Generator.
665 * This implementation is based on AES-CTR DRBG as
666 * specified in the NIST SP800-90A document.
668 * @note This configuration is mutual exclusive with
669 * #CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM and
670 * #CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL.
673 #ifndef CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG
674 #define CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG 0
675 #endif // CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG
678 * @def CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL
681 * Enable (1) or disable (0) support for a standard OpenSSL
682 * implementation of the chip Random Number Generator.
684 * @note This configuration is mutual exclusive with
685 * #CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM and
686 * #CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG.
689 #ifndef CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL
690 #define CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL 1
691 #endif // CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL
697 #if ((CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM + CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG + \
698 CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL) != 1)
700 "Please assert exactly one of CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM, CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG, or CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL."
701 #endif // ((CHIP_CONFIG_RNG_IMPLEMENTATION_PLATFORM + CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG +
702 // CHIP_CONFIG_RNG_IMPLEMENTATION_OPENSSL) != 1)
705 * @def CHIP_CONFIG_DEV_RANDOM_DRBG_SEED
708 * Enable (1) or disable (0) a function for seeding the DRBG with
709 * entropy from the /dev/(u)random device.
711 * @note When enabled along with #CHIP_CONFIG_RNG_IMPLEMENTATION_CHIPDRBG
712 * this function becomes the default seeding function for the DRBG if
713 * another isn't specified at initialization time.
716 #ifndef CHIP_CONFIG_DEV_RANDOM_DRBG_SEED
717 #define CHIP_CONFIG_DEV_RANDOM_DRBG_SEED 0
718 #endif // CHIP_CONFIG_DEV_RANDOM_DRBG_SEED
721 * @def CHIP_CONFIG_DEV_RANDOM_DEVICE_NAME
724 * The device name used by the dev random entropy function.
726 * @note Only meaningful when #CHIP_CONFIG_DEV_RANDOM_DRBG_SEED is enabled.
729 #ifndef CHIP_CONFIG_DEV_RANDOM_DEVICE_NAME
730 #define CHIP_CONFIG_DEV_RANDOM_DEVICE_NAME "/dev/urandom"
731 #endif // CHIP_CONFIG_DEV_RANDOM_DEVICE_NAME
734 * @name chip AES Block Cipher Algorithm Implementation Configuration.
737 * The following definitions enable one of the potential chip
738 * AES implementation options:
740 * * #CHIP_CONFIG_AES_IMPLEMENTATION_PLATFORM
741 * * #CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL
743 * Note that these options are mutually exclusive and only one of
744 * these options should be set.
750 * @def CHIP_CONFIG_AES_IMPLEMENTATION_PLATFORM
753 * Enable (1) or disable (0) support for platform-specific
754 * implementation of the chip AES functions.
756 * @note This configuration is mutual exclusive with
757 * #CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL and
758 * #CHIP_CONFIG_AES_IMPLEMENTATION_AESNI
761 #ifndef CHIP_CONFIG_AES_IMPLEMENTATION_PLATFORM
762 #define CHIP_CONFIG_AES_IMPLEMENTATION_PLATFORM 0
763 #endif // CHIP_CONFIG_AES_IMPLEMENTATION_PLATFORM
766 * @def CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL
769 * Enable (1) or disable (0) support for the OpenSSL
770 * implementation of the chip AES functions.
772 * @note This configuration is mutual exclusive with other
773 * CHIP_CONFIG_AES_IMPLEMENTATION options.
776 #ifndef CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL
777 #define CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL 1
778 #endif // CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL
781 * @def CHIP_CONFIG_AES_IMPLEMENTATION_AESNI
784 * Enable (1) or disable (0) support for an implementation
785 * of the chip AES functions using Intel AES-NI intrinsics.
787 * @note This configuration is mutual exclusive with other
788 * CHIP_CONFIG_AES_IMPLEMENTATION options.
791 #ifndef CHIP_CONFIG_AES_IMPLEMENTATION_AESNI
792 #define CHIP_CONFIG_AES_IMPLEMENTATION_AESNI 0
793 #endif // CHIP_CONFIG_AES_IMPLEMENTATION_AESNI
796 * @def CHIP_CONFIG_AES_IMPLEMENTATION_MBEDTLS
799 * Enable (1) or disable (0) support the mbed TLS
800 * implementation of the chip AES functions.
802 * @note This configuration is mutual exclusive with other
803 * CHIP_CONFIG_AES_IMPLEMENTATION options.
806 #ifndef CHIP_CONFIG_AES_IMPLEMENTATION_MBEDTLS
807 #define CHIP_CONFIG_AES_IMPLEMENTATION_MBEDTLS 0
808 #endif // CHIP_CONFIG_AES_IMPLEMENTATION_MBEDTLS
814 #if ((CHIP_CONFIG_AES_IMPLEMENTATION_PLATFORM + CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL + CHIP_CONFIG_AES_IMPLEMENTATION_AESNI + \
815 CHIP_CONFIG_AES_IMPLEMENTATION_MBEDTLS) != 1)
816 #error "Please assert exactly one CHIP_CONFIG_AES_IMPLEMENTATION_... option."
820 * @def CHIP_CONFIG_AES_USE_EXPANDED_KEY
823 * Defines whether AES key is used in its expanded (1) or native (0) form.
825 * @note OpenSSL AES implementation uses its own AES key declaration
826 * and this configuration option is ignored when
827 * #CHIP_CONFIG_AES_IMPLEMENTATION_OPENSSL is set.
830 #ifndef CHIP_CONFIG_AES_USE_EXPANDED_KEY
831 #define CHIP_CONFIG_AES_USE_EXPANDED_KEY 0
832 #endif // CHIP_CONFIG_AES_USE_EXPANDED_KEY
835 * @name chip SHA1 and SHA256 Hash Algorithms Implementation Configuration.
838 * The following definitions enable one of three potential chip
839 * hash implementation options:
841 * * #CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM
842 * * #CHIP_CONFIG_HASH_IMPLEMENTATION_MINCRYPT
843 * * #CHIP_CONFIG_HASH_IMPLEMENTATION_OPENSSL
844 * * #CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS
846 * Note that these options are mutually exclusive and only one of
847 * these options should be set.
853 * @def CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM
856 * Enable (1) or disable (0) support for platform-specific
857 * implementation of the chip SHA1 and SHA256 hashes.
859 * @note This configuration is mutual exclusive with other
860 * CHIP_CONFIG_HASH_IMPLEMENTATION options.
863 #ifndef CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM
864 #define CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM 0
865 #endif // CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM
868 * @def CHIP_CONFIG_HASH_IMPLEMENTATION_MINCRYPT
871 * Enable (1) or disable (0) support for a chip-provided
872 * implementation of the chip SHA1 and SHA256 hash functions.
873 * This implementation is using sha1 and sha256 engines from
874 * mincrypt library of Android core.
876 * @note This configuration is mutual exclusive with other
877 * CHIP_CONFIG_HASH_IMPLEMENTATION options.
880 #ifndef CHIP_CONFIG_HASH_IMPLEMENTATION_MINCRYPT
881 #define CHIP_CONFIG_HASH_IMPLEMENTATION_MINCRYPT 0
882 #endif // CHIP_CONFIG_HASH_IMPLEMENTATION_MINCRYPT
885 * @def CHIP_CONFIG_HASH_IMPLEMENTATION_OPENSSL
888 * Enable (1) or disable (0) support for the OpenSSL
889 * implementation of the chip SHA1 and SHA256 hash functions.
891 * @note This configuration is mutual exclusive with other
892 * CHIP_CONFIG_HASH_IMPLEMENTATION options.
895 #ifndef CHIP_CONFIG_HASH_IMPLEMENTATION_OPENSSL
896 #define CHIP_CONFIG_HASH_IMPLEMENTATION_OPENSSL 1
897 #endif // CHIP_CONFIG_HASH_IMPLEMENTATION_OPENSSL
900 * @def CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS
903 * Enable (1) or disable (0) support for the mbedTLS
904 * implementation of the chip SHA1 and SHA256 hash functions.
906 * @note This configuration is mutual exclusive with other
907 * CHIP_CONFIG_HASH_IMPLEMENTATION options.
910 #ifndef CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS
911 #define CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS 0
912 #endif // CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS
918 #if ((CHIP_CONFIG_HASH_IMPLEMENTATION_PLATFORM + CHIP_CONFIG_HASH_IMPLEMENTATION_MINCRYPT + \
919 CHIP_CONFIG_HASH_IMPLEMENTATION_OPENSSL + CHIP_CONFIG_HASH_IMPLEMENTATION_MBEDTLS) != 1)
920 #error "Please assert exactly one CHIP_CONFIG_HASH_IMPLEMENTATION_... option."
924 * @name chip key export protocol configuration.
927 * The following definitions define the configurations supported
928 * for chip's key export protocol.
930 * This protocol is used to export secret key material from chip device.
931 * chip supports the following protocol configurations:
933 * * #CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG1
934 * * #CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG2
936 * which are summarized in the table below:
938 * | Configuration | Curve | Notes |
939 * | :------------: | :-------: | :---------------------- |
940 * | 1 | secp224r1 | Default configuration |
941 * | 2 | secp256r1 | |
948 * @def CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG1
951 * This chip key export protocol configuration uses secp224r1
955 #ifndef CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG1
956 #define CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG1 1
957 #endif // CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG1
960 * @def CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG2
963 * This chip key export protocol configuration uses secp256r1
967 #ifndef CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG2
968 #define CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG2 1
969 #endif // CHIP_CONFIG_SUPPORT_KEY_EXPORT_CONFIG2
976 * @def CHIP_CONFIG_ALLOW_NON_STANDARD_ELLIPTIC_CURVES
979 * Allow the use of elliptic curves beyond the standard ones
983 #ifndef CHIP_CONFIG_ALLOW_NON_STANDARD_ELLIPTIC_CURVES
984 #define CHIP_CONFIG_ALLOW_NON_STANDARD_ELLIPTIC_CURVES 0
985 #endif // CHIP_CONFIG_ALLOW_NON_STANDARD_ELLIPTIC_CURVES
988 * @def CHIP_CONFIG_MAX_EC_BITS
991 * The maximum size elliptic curve supported, in bits.
994 #ifndef CHIP_CONFIG_MAX_EC_BITS
995 #define CHIP_CONFIG_MAX_EC_BITS 256
996 #endif // CHIP_CONFIG_MAX_EC_BITS
999 * @def CHIP_CONFIG_MAX_RSA_BITS
1002 * The maximum size RSA modulus supported, in bits.
1005 #ifndef CHIP_CONFIG_MAX_RSA_BITS
1006 #define CHIP_CONFIG_MAX_RSA_BITS 4096
1007 #endif // CHIP_CONFIG_MAX_RSA_BITS
1010 * @def CHIP_CONFIG_MAX_PEER_NODES
1013 * Maximum number of peer nodes that the local node can communicate
1017 #ifndef CHIP_CONFIG_MAX_PEER_NODES
1018 #define CHIP_CONFIG_MAX_PEER_NODES 128
1019 #endif // CHIP_CONFIG_MAX_PEER_NODES
1022 * @def CHIP_CONFIG_MAX_CONNECTIONS
1025 * Maximum number of simultaneously active connections.
1028 #ifndef CHIP_CONFIG_MAX_CONNECTIONS
1029 #define CHIP_CONFIG_MAX_CONNECTIONS INET_CONFIG_NUM_TCP_ENDPOINTS
1030 #endif // CHIP_CONFIG_MAX_CONNECTIONS
1033 * @def CHIP_CONFIG_MAX_INCOMING_TCP_CONNECTIONS
1036 * Maximum number of simultaneously active inbound TCP connections.
1038 * Regardless of what #CHIP_CONFIG_MAX_INCOMING_TCP_CONNECTIONS
1039 * is set to, the total number of inbound connections cannot exceed
1040 * #CHIP_CONFIG_MAX_CONNECTIONS, which is the overall limit for
1041 * inbound and outbound connections.
1043 #ifndef CHIP_CONFIG_MAX_INCOMING_TCP_CONNECTIONS
1044 #define CHIP_CONFIG_MAX_INCOMING_TCP_CONNECTIONS (CHIP_CONFIG_MAX_CONNECTIONS * 4 / 5)
1045 #endif // CHIP_CONFIG_MAX_INCOMING_TCP_CONNECTIONS
1048 * @def CHIP_CONFIG_MAX_INCOMING_TCP_CON_FROM_SINGLE_IP
1051 * Maximum number of simultaneously active inbound TCP connections
1052 * from the single IP address.
1054 * Regardless of what #CHIP_CONFIG_MAX_INCOMING_TCP_CON_FROM_SINGLE_IP
1055 * is set to, the total number of inbound connections from a single IP
1056 * address cannot exceed #CHIP_CONFIG_MAX_CONNECTIONS or
1057 * #CHIP_CONFIG_MAX_INCOMING_TCP_CONNECTIONS.
1059 #ifndef CHIP_CONFIG_MAX_INCOMING_TCP_CON_FROM_SINGLE_IP
1060 #define CHIP_CONFIG_MAX_INCOMING_TCP_CON_FROM_SINGLE_IP 2
1061 #endif // CHIP_CONFIG_MAX_INCOMING_TCP_CON_FROM_SINGLE_IP
1064 * @def CHIP_CONFIG_MAX_SESSION_KEYS
1067 * Maximum number of simultaneously active session keys.
1070 #ifndef CHIP_CONFIG_MAX_SESSION_KEYS
1071 #define CHIP_CONFIG_MAX_SESSION_KEYS CHIP_CONFIG_MAX_CONNECTIONS
1072 #endif // CHIP_CONFIG_MAX_SESSION_KEYS
1075 * @def CHIP_CONFIG_MAX_APPLICATION_EPOCH_KEYS
1078 * Maximum number of simultaneously supported application epoch keys.
1079 * This define should be set to the maximum number of epoch keys
1080 * that can be simultaneously provisioned on chip node by chip
1081 * service. The maximum supported value is 8, however, in most cases
1082 * only two such keys will exist on device at any given point in time.
1085 #ifndef CHIP_CONFIG_MAX_APPLICATION_EPOCH_KEYS
1086 #define CHIP_CONFIG_MAX_APPLICATION_EPOCH_KEYS 4
1087 #endif // CHIP_CONFIG_MAX_APPLICATION_EPOCH_KEYS
1090 * @def CHIP_CONFIG_MAX_APPLICATION_GROUPS
1093 * Maximum number of simultaneously supported application groups.
1094 * This define should be set to the number of chip application
1095 * groups, in which associated chip node has membership.
1098 #ifndef CHIP_CONFIG_MAX_APPLICATION_GROUPS
1099 #define CHIP_CONFIG_MAX_APPLICATION_GROUPS 8
1100 #endif // CHIP_CONFIG_MAX_APPLICATION_GROUPS
1103 * @def CHIP_CONFIG_USE_APP_GROUP_KEYS_FOR_MSG_ENC
1106 * Enable (1) or disable (0) support for the application group keys
1107 * used for chip message encryption.
1110 #ifndef CHIP_CONFIG_USE_APP_GROUP_KEYS_FOR_MSG_ENC
1111 #define CHIP_CONFIG_USE_APP_GROUP_KEYS_FOR_MSG_ENC 1
1112 #endif // CHIP_CONFIG_USE_APP_GROUP_KEYS_FOR_MSG_ENC
1115 * @def CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS
1118 * Maximum number of simultaneously cached chip message encryption
1120 * Caching these keys speeds up message encoding/decoding processes
1121 * and eliminates the need to retrieve constituent key material from
1122 * the platform memory every time we derive these keys.
1123 * This define can be set equal to the number of application groups
1124 * (#CHIP_CONFIG_MAX_APPLICATION_GROUPS) supported by the chip node
1125 * such that exactly one key can be cached for each application group.
1126 * It might be a good idea to allocate few more entries in the key
1127 * cache for the corner cases, where application group is having
1128 * simultaneous conversations using an 'old' and a 'new' epoch key.
1130 * @note This configuration is only relevant when
1131 * #CHIP_CONFIG_USE_APP_GROUP_KEYS_FOR_MSG_ENC is set and
1132 * ignored otherwise.
1135 #ifndef CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS
1136 #define CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS (CHIP_CONFIG_MAX_APPLICATION_GROUPS + 1)
1137 #endif // CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS
1139 #if !(CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS > 0 && CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS < 256)
1140 #error "Please set CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS to a value greater than zero and smaller than 256."
1141 #endif // !(CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS > 0 && CHIP_CONFIG_MAX_CACHED_MSG_ENC_APP_KEYS < 256)
1144 * @name chip Encrypted Passcode Configuration
1147 * The following definitions enable (1) or disable (0) supported for
1148 * chip encrypted passcode configurations. Each configuration
1149 * uniquely specifies how chip passcode was encrypted, authenticated,
1150 * and structured. chip supports the following passcode
1153 * * #CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG1_TEST_ONLY
1154 * * #CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG2
1156 * which are summarized in the table below:
1158 * | Configuration | Encryption | Authentication | Fingerprint | Notes |
1159 * | :-----------: | :--------: | :------------: | :---------: | :-------------------- |
1160 * | 1 | - | SHA1 Hash | SHA1 Hash | Test-only |
1161 * | 2 | AES128-ECB | SHA1 HMAC | SHA1 HMAC | Default configuration |
1168 * @def CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG1_TEST_ONLY
1171 * This chip passcode configuration does not encrypt the passcode
1172 * and doesn't use secret keys to authenticate and uniquely identify
1173 * (fingerprint) the passcode.
1175 * @note For this configuration the computational overhead of the
1176 * cryptography has largely been disabled since the focus
1177 * of this configuration is testing the overall passcode
1178 * encryption/decryption protocol, independently of the
1182 #ifndef CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG1_TEST_ONLY
1183 #define CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG1_TEST_ONLY 0
1184 #endif // CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG1_TEST_ONLY
1187 * @def CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG2
1190 * This chip passcode configuration uses AES128 algorithm in ECB
1191 * mode to encrypt passcodes. It also uses SHA1 Hash-based Message
1192 * Authentication Code (HMAC) to authenticate and uniquely identify
1193 * (fingerprint) the passcode.
1196 #ifndef CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG2
1197 #define CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG2 1
1198 #endif // CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG2
1205 * @def CHIP_CONFIG_DEFAULT_SECURITY_SESSION_ESTABLISHMENT_TIMEOUT
1208 * The default amount of time, in milliseconds, after which an in-progess
1209 * session establishment will fail due to a timeout.
1212 #ifndef CHIP_CONFIG_DEFAULT_SECURITY_SESSION_ESTABLISHMENT_TIMEOUT
1213 #define CHIP_CONFIG_DEFAULT_SECURITY_SESSION_ESTABLISHMENT_TIMEOUT 30000
1214 #endif // CHIP_CONFIG_DEFAULT_SECURITY_SESSION_ESTABLISHMENT_TIMEOUT
1217 * @def CHIP_CONFIG_DEFAULT_SECURITY_SESSION_IDLE_TIMEOUT
1220 * The default minimum amount of time, in milliseconds, that an unreserved and idle
1221 * security session will be allowed to exist before being destroyed. In practice,
1222 * unreserved idle sessions can exist for up to twice this value.
1225 #ifndef CHIP_CONFIG_DEFAULT_SECURITY_SESSION_IDLE_TIMEOUT
1226 #define CHIP_CONFIG_DEFAULT_SECURITY_SESSION_IDLE_TIMEOUT 15000
1227 #endif // CHIP_CONFIG_DEFAULT_SECURITY_SESSION_IDLE_TIMEOUT
1230 * @def CHIP_CONFIG_NUM_MESSAGE_BUFS
1233 * Total number of message buffers. Only used for the BSD sockets
1237 #ifndef CHIP_CONFIG_NUM_MESSAGE_BUFS
1238 #define CHIP_CONFIG_NUM_MESSAGE_BUFS 16
1239 #endif // CHIP_CONFIG_NUM_MESSAGE_BUFS
1242 * @def CHIP_CONFIG_MAX_UNSOLICITED_MESSAGE_HANDLERS
1245 * Maximum number of simultaneously active unsolicited message
1249 #ifndef CHIP_CONFIG_MAX_UNSOLICITED_MESSAGE_HANDLERS
1250 #define CHIP_CONFIG_MAX_UNSOLICITED_MESSAGE_HANDLERS 32
1251 #endif // CHIP_CONFIG_MAX_UNSOLICITED_MESSAGE_HANDLERS
1254 * @def CHIP_CONFIG_MAX_EXCHANGE_CONTEXTS
1257 * Maximum number of simultaneously active exchange contexts.
1260 #ifndef CHIP_CONFIG_MAX_EXCHANGE_CONTEXTS
1261 #define CHIP_CONFIG_MAX_EXCHANGE_CONTEXTS 16
1262 #endif // CHIP_CONFIG_MAX_EXCHANGE_CONTEXTS
1265 * @def CHIP_CONFIG_MAX_ACTIVE_CHANNELS
1268 * Maximum number of simultaneously active channels
1270 #ifndef CHIP_CONFIG_MAX_ACTIVE_CHANNELS
1271 #define CHIP_CONFIG_MAX_ACTIVE_CHANNELS 16
1272 #endif // CHIP_CONFIG_MAX_ACTIVE_CHANNELS
1275 * @def CHIP_CONFIG_MAX_CHANNEL_HANDLES
1278 * Maximum number of channel handles
1280 #ifndef CHIP_CONFIG_MAX_CHANNEL_HANDLES
1281 #define CHIP_CONFIG_MAX_CHANNEL_HANDLES 64
1282 #endif // CHIP_CONFIG_MAX_CHANNEL_HANDLES
1285 * @def CHIP_CONFIG_NODE_ADDRESS_RESOLVE_TIMEOUT_MSECS
1288 * This is the default timeout for node addres resolve over mDNS
1291 #ifndef CHIP_CONFIG_NODE_ADDRESS_RESOLVE_TIMEOUT_MSECS
1292 #define CHIP_CONFIG_NODE_ADDRESS_RESOLVE_TIMEOUT_MSECS (5000)
1293 #endif // CHIP_CONFIG_NODE_ADDRESS_RESOLVE_TIMEOUT_MSECS
1296 * @def CHIP_CONFIG_CONNECT_IP_ADDRS
1299 * Maximum number of IP addresses tried when connecting to a
1303 #ifndef CHIP_CONFIG_CONNECT_IP_ADDRS
1304 #define CHIP_CONFIG_CONNECT_IP_ADDRS 4
1305 #endif // CHIP_CONFIG_CONNECT_IP_ADDRS
1308 * @def CHIP_CONFIG_DEFAULT_UDP_MTU_SIZE
1311 * The default MTU size for an IPv6 datagram carrying UDP. This is useful
1312 * for senders who want to send UDP chip messages that fit within a single
1315 * 1280 is the guaranteed minimum IPv6 MTU.
1318 #ifndef CHIP_CONFIG_DEFAULT_UDP_MTU_SIZE
1319 #define CHIP_CONFIG_DEFAULT_UDP_MTU_SIZE 1280
1320 #endif // CHIP_CONFIG_DEFAULT_UDP_MTU_SIZE
1323 * @def CHIP_HEADER_RESERVE_SIZE
1326 * The number of bytes to reserve in a network packet buffer to contain the
1327 * chip message and exchange headers.
1329 * This number was calculated as follows:
1331 * chip Message Header:
1334 * 2 -- Message Header
1336 * 8 -- Source Node Id
1337 * 8 -- Destination Node Id
1340 * chip Exchange Header:
1342 * 1 -- Application Version
1346 * 4 -- Acknowleged Message Id
1348 * @note A number of these fields are optional or not presently used.
1349 * So most headers will be considerably smaller than this.
1352 #ifndef CHIP_HEADER_RESERVE_SIZE
1353 #define CHIP_HEADER_RESERVE_SIZE 38
1354 #endif // CHIP_HEADER_RESERVE_SIZE
1357 * @def CHIP_TRAILER_RESERVE_SIZE
1363 #ifndef CHIP_TRAILER_RESERVE_SIZE
1364 #define CHIP_TRAILER_RESERVE_SIZE 20
1365 #endif // CHIP_TRAILER_RESERVE_SIZE
1371 * chip TCP/UDP port for secured chip traffic.
1375 #define CHIP_PORT 11097
1379 * @def CHIP_UNSECURED_PORT
1382 * chip TCP/UDP port for unsecured chip traffic.
1385 #ifndef CHIP_UNSECURED_PORT
1386 #define CHIP_UNSECURED_PORT 11096
1387 #endif // CHIP_UNSECURED_PORT
1390 * @def CHIP_CONFIG_ENABLE_EPHEMERAL_UDP_PORT
1393 * Enable use of an ephemeral UDP source port for locally initiated chip exchanges.
1395 #ifndef CHIP_CONFIG_ENABLE_EPHEMERAL_UDP_PORT
1396 #define CHIP_CONFIG_ENABLE_EPHEMERAL_UDP_PORT 0
1397 #endif // CHIP_CONFIG_ENABLE_EPHEMERAL_UDP_PORT
1400 * @def CHIP_CONFIG_SECURITY_TEST_MODE
1403 * Enable various features that make it easier to debug secure chip communication.
1406 * WARNING: This option makes it possible to circumvent basic chip security functionality,
1407 * including message encryption. Because of this it SHOULD NEVER BE ENABLED IN PRODUCTION BUILDS.
1409 #ifndef CHIP_CONFIG_SECURITY_TEST_MODE
1410 #define CHIP_CONFIG_SECURITY_TEST_MODE 0
1411 #endif // CHIP_CONFIG_SECURITY_TEST_MODE
1414 * @def CHIP_CONFIG_ENABLE_DNS_RESOLVER
1417 * Enable support for resolving hostnames with a DNS resolver.
1419 #ifndef CHIP_CONFIG_ENABLE_DNS_RESOLVER
1420 #define CHIP_CONFIG_ENABLE_DNS_RESOLVER (INET_CONFIG_ENABLE_DNS_RESOLVER)
1421 #endif // CHIP_CONFIG_ENABLE_DNS_RESOLVER
1424 * @def CHIP_CONFIG_RESOLVE_IPADDR_LITERAL
1427 * Enable support for resolving hostnames as literal IP addresses without a DNS resolver.
1429 * For historical reasons, the default is \c TRUE where \c CHIP_SYSTEM_CONFIG_USE_SOCKETS=1,
1430 * and \c FALSE otherwise. The exception in the LwIP-only case was originally made to facilitate
1431 * integration and change management with existing development lines. The default may
1432 * change in the future to \c TRUE in all cases.
1434 #ifndef CHIP_CONFIG_RESOLVE_IPADDR_LITERAL
1435 #define CHIP_CONFIG_RESOLVE_IPADDR_LITERAL (CHIP_SYSTEM_CONFIG_USE_SOCKETS)
1436 #endif // CHIP_CONFIG_RESOLVE_IPADDR_LITERAL
1439 * @def CHIP_CONFIG_ENABLE_TARGETED_LISTEN
1442 * Enable support for listening on particular addresses/interfaces.
1444 * This allows testing multiple instances of the chip stack
1445 * running on a single host.
1448 #ifndef CHIP_CONFIG_ENABLE_TARGETED_LISTEN
1449 #define CHIP_CONFIG_ENABLE_TARGETED_LISTEN (!CHIP_SYSTEM_CONFIG_USE_LWIP)
1450 #endif // CHIP_CONFIG_ENABLE_TARGETED_LISTEN
1453 * @def CHIP_CONFIG_ENABLE_UNSECURED_TCP_LISTEN
1456 * Enable support for receiving TCP connections over an unsecured
1457 * network layer (for example, from a device that is provisionally joined
1458 * to a 6LowPAN network but does not possess the 802.15.4 network
1462 #ifndef CHIP_CONFIG_ENABLE_UNSECURED_TCP_LISTEN
1463 #define CHIP_CONFIG_ENABLE_UNSECURED_TCP_LISTEN 0
1464 #endif // CHIP_CONFIG_ENABLE_UNSECURED_TCP_LISTEN
1467 * @def CHIP_CONFIG_DEBUG_CERT_VALIDATION
1470 * Enable support for debugging output from certificate validation.
1473 #ifndef CHIP_CONFIG_DEBUG_CERT_VALIDATION
1474 #define CHIP_CONFIG_DEBUG_CERT_VALIDATION 1
1475 #endif // CHIP_CONFIG_DEBUG_CERT_VALIDATION
1478 * @def CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID
1481 * EC curve to be used to generate chip operational device certificate.
1484 #ifndef CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID
1485 #define CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID (chip::Profiles::Security::kChipCurveId_prime256v1)
1486 #endif // CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID
1489 * @def CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_BEFORE
1492 * This is a packed valid date to be encoded in the chip
1493 * operational device certificate. Any date before
1494 * that date the certificate is considered invalid.
1495 * The following functions can be used to calculate packed
1496 * date/time: PackCertTime() and PackedCertTimeToDate().
1497 * chip packed certificate dates are limited to representing
1498 * dates that are on or after 2000/01/01.
1499 * Mathematical expression to calculate packed date is:
1500 * (((year - 2000) * 12 + (mon - 1)) * 31 + (day - 1))
1501 * Currently encoded value corresponds to 2019/01/01.
1504 #ifndef CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_BEFORE
1505 #define CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_BEFORE 0x1B9C
1506 #endif // CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_BEFORE
1509 * @def CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_AFTER
1512 * This is the valid date to be encoded in the chip
1513 * operational device certificate. Any date after
1514 * that date the certificate is considered invalid.
1515 * The following functions can be used to calculate packed
1516 * date/time: PackCertTime() and PackedCertTimeToDate().
1517 * chip packed certificate dates are limited to representing
1518 * dates that are on or after 2000/01/01.
1519 * Mathematical expression to calculate packed date is:
1520 * (((year - 2000) * 12 + (mon - 1)) * 31 + (day - 1))
1521 * Currently encoded value corresponds to 2069/01/01.
1524 #ifndef CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_AFTER
1525 #define CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_AFTER 0x6444
1526 #endif // CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_AFTER
1529 * @def CHIP_CONFIG_ENABLE_PASE_INITIATOR
1532 * Enable support for initiating PASE sessions.
1535 #ifndef CHIP_CONFIG_ENABLE_PASE_INITIATOR
1536 #define CHIP_CONFIG_ENABLE_PASE_INITIATOR 1
1537 #endif // CHIP_CONFIG_ENABLE_PASE_INITIATOR
1540 * @def CHIP_CONFIG_ENABLE_PASE_RESPONDER
1543 * Enable support for responding to PASE sessions initiated by
1547 #ifndef CHIP_CONFIG_ENABLE_PASE_RESPONDER
1548 #define CHIP_CONFIG_ENABLE_PASE_RESPONDER 1
1549 #endif // CHIP_CONFIG_ENABLE_PASE_RESPONDER
1552 * @def CHIP_CONFIG_ENABLE_CASE_INITIATOR
1555 * Enable support for initiating CASE sessions.
1558 #ifndef CHIP_CONFIG_ENABLE_CASE_INITIATOR
1559 #define CHIP_CONFIG_ENABLE_CASE_INITIATOR 1
1560 #endif // CHIP_CONFIG_ENABLE_CASE_INITIATOR
1563 * @def CHIP_CONFIG_ENABLE_CASE_RESPONDER
1566 * Enable support for responding to CASE sessions initiated by other nodes.
1569 #ifndef CHIP_CONFIG_ENABLE_CASE_RESPONDER
1570 #define CHIP_CONFIG_ENABLE_CASE_RESPONDER 1
1571 #endif // CHIP_CONFIG_ENABLE_CASE_RESPONDER
1574 * @def CHIP_CONFIG_SUPPORT_CASE_CONFIG1
1577 * Enable use of CASE protocol configuration 1.
1579 * @note CASE config 1 uses SHA-1 for message signatures, which is deprecated.
1582 #ifndef CHIP_CONFIG_SUPPORT_CASE_CONFIG1
1583 #define CHIP_CONFIG_SUPPORT_CASE_CONFIG1 1
1584 #endif // CHIP_CONFIG_SUPPORT_CASE_CONFIG1
1587 * @def CHIP_CONFIG_DEFAULT_CASE_CURVE_ID
1590 * Default ECDH curve to be used when initiating a CASE session, if not overridden by the application.
1593 #ifndef CHIP_CONFIG_DEFAULT_CASE_CURVE_ID
1594 #if CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1
1595 #define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_secp224r1)
1596 #elif CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
1597 #define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_prime256v1)
1598 #elif CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1
1599 #define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_prime192v1)
1601 #define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_secp160r1)
1603 #endif // CHIP_CONFIG_DEFAULT_CASE_CURVE_ID
1606 * @def CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES
1609 * Default set of ECDH curves allowed to be used in a CASE session (initiating or responding), if not overridden by the
1613 #ifndef CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES
1614 #if CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1 || CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1
1615 #define CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES \
1616 (chip::Profiles::Security::kChipCurveSet_secp224r1 | chip::Profiles::Security::kChipCurveSet_prime256v1)
1618 #define CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES (chip::Profiles::Security::kChipCurveSet_All)
1620 #endif // CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES
1623 * @def CHIP_CONFIG_LEGACY_CASE_AUTH_DELEGATE
1626 * Enable use of the legacy chipCASEAuthDelegate interface.
1628 #ifndef CHIP_CONFIG_LEGACY_CASE_AUTH_DELEGATE
1629 #define CHIP_CONFIG_LEGACY_CASE_AUTH_DELEGATE 1
1633 * @def CHIP_CONFIG_MAX_SHARED_SESSIONS_END_NODES
1636 * The maximum number of end nodes simultaneously supported
1637 * for all active shared sessions.
1640 #ifndef CHIP_CONFIG_MAX_SHARED_SESSIONS_END_NODES
1641 #define CHIP_CONFIG_MAX_SHARED_SESSIONS_END_NODES 10
1642 #endif // CHIP_CONFIG_MAX_SHARED_SESSIONS_END_NODES
1645 * @def CHIP_CONFIG_MAX_END_NODES_PER_SHARED_SESSION
1648 * The maximum number of end nodes simultaneously supported
1649 * per active shared session.
1652 #ifndef CHIP_CONFIG_MAX_END_NODES_PER_SHARED_SESSION
1653 #define CHIP_CONFIG_MAX_END_NODES_PER_SHARED_SESSION 10
1654 #endif // CHIP_CONFIG_MAX_END_NODES_PER_SHARED_SESSION
1657 * @def CHIP_CONFIG_ENABLE_TAKE_INITIATOR
1660 * Enable support for initiating TAKE sessions.
1663 #ifndef CHIP_CONFIG_ENABLE_TAKE_INITIATOR
1664 #define CHIP_CONFIG_ENABLE_TAKE_INITIATOR 0
1665 #endif // CHIP_CONFIG_ENABLE_TAKE_INITIATOR
1668 * @def CHIP_CONFIG_ENABLE_TAKE_RESPONDER
1671 * Enable support for responding to TAKE sessions initiated by other nodes.
1674 #ifndef CHIP_CONFIG_ENABLE_TAKE_RESPONDER
1675 #define CHIP_CONFIG_ENABLE_TAKE_RESPONDER 0
1676 #endif // CHIP_CONFIG_ENABLE_TAKE_RESPONDER
1679 * @def CHIP_CONFIG_ENABLE_KEY_EXPORT_INITIATOR
1682 * Enable support for initiating key export request.
1685 #ifndef CHIP_CONFIG_ENABLE_KEY_EXPORT_INITIATOR
1686 #define CHIP_CONFIG_ENABLE_KEY_EXPORT_INITIATOR 1
1687 #endif // CHIP_CONFIG_ENABLE_KEY_EXPORT_INITIATOR
1690 * @def CHIP_CONFIG_ENABLE_KEY_EXPORT_RESPONDER
1693 * Enable support for responding to key export request initiated by other nodes.
1696 #ifndef CHIP_CONFIG_ENABLE_KEY_EXPORT_RESPONDER
1697 #define CHIP_CONFIG_ENABLE_KEY_EXPORT_RESPONDER 1
1698 #endif // CHIP_CONFIG_ENABLE_KEY_EXPORT_RESPONDER
1701 * @def CHIP_CONFIG_LEGACY_KEY_EXPORT_DELEGATE
1704 * Enable use of the legacy chipKeyExportDelegate interface.
1706 #ifndef CHIP_CONFIG_LEGACY_KEY_EXPORT_DELEGATE
1707 #define CHIP_CONFIG_LEGACY_KEY_EXPORT_DELEGATE 1
1711 * @def CHIP_CONFIG_REQUIRE_AUTH
1714 * Enable (1) or disable (0) support for client requests via an
1715 * authenticated session.
1717 * This broadly controls whether or not a number of chip servers
1718 * require client requests to be sent via an authenticated session
1719 * and provides a default configuration value to these related
1722 * * #CHIP_CONFIG_REQUIRE_AUTH_DEVICE_CONTROL
1723 * * #CHIP_CONFIG_REQUIRE_AUTH_FABRIC_PROV
1724 * * #CHIP_CONFIG_REQUIRE_AUTH_NETWORK_PROV
1725 * * #CHIP_CONFIG_REQUIRE_AUTH_SERVICE_PROV
1727 * @note These configurations shall be deasserted for development
1728 * and testing purposes only. No chip-enabled device shall
1729 * be certified without these asserted.
1732 #ifndef CHIP_CONFIG_REQUIRE_AUTH
1733 #define CHIP_CONFIG_REQUIRE_AUTH 1
1734 #endif // CHIP_CONFIG_REQUIRE_AUTH
1737 * @def CHIP_CONFIG_REQUIRE_AUTH_DEVICE_CONTROL
1740 * Enable (1) or disable (0) support for client requests to the
1741 * chip Device Control server via an authenticated session. See
1742 * also #CHIP_CONFIG_REQUIRE_AUTH.
1744 * @note This configuration shall be deasserted for development
1745 * and testing purposes only. No chip-enabled device shall
1746 * be certified without this asserted.
1749 #ifndef CHIP_CONFIG_REQUIRE_AUTH_DEVICE_CONTROL
1750 #define CHIP_CONFIG_REQUIRE_AUTH_DEVICE_CONTROL CHIP_CONFIG_REQUIRE_AUTH
1751 #endif // CHIP_CONFIG_REQUIRE_AUTH_DEVICE_CONTROL
1754 * @def CHIP_CONFIG_REQUIRE_AUTH_FABRIC_PROV
1757 * Enable (1) or disable (0) support for client requests to the
1758 * chip Fabric Provisioning server via an authenticated
1759 * session. See also #CHIP_CONFIG_REQUIRE_AUTH.
1761 * @note This configuration shall be deasserted for development
1762 * and testing purposes only. No chip-enabled device shall
1763 * be certified without this asserted.
1766 #ifndef CHIP_CONFIG_REQUIRE_AUTH_FABRIC_PROV
1767 #define CHIP_CONFIG_REQUIRE_AUTH_FABRIC_PROV CHIP_CONFIG_REQUIRE_AUTH
1768 #endif // CHIP_CONFIG_REQUIRE_AUTH_FABRIC_PROV
1771 * @def CHIP_CONFIG_REQUIRE_AUTH_NETWORK_PROV
1774 * Enable (1) or disable (0) support for client requests to the
1775 * chip Network Provisioning server via an authenticated
1776 * session. See also #CHIP_CONFIG_REQUIRE_AUTH.
1778 * @note This configuration shall be deasserted for development
1779 * and testing purposes only. No chip-enabled device shall
1780 * be certified without this asserted.
1783 #ifndef CHIP_CONFIG_REQUIRE_AUTH_NETWORK_PROV
1784 #define CHIP_CONFIG_REQUIRE_AUTH_NETWORK_PROV CHIP_CONFIG_REQUIRE_AUTH
1785 #endif // CHIP_CONFIG_REQUIRE_AUTH_NETWORK_PROV
1788 * @def CHIP_CONFIG_REQUIRE_AUTH_SERVICE_PROV
1791 * Enable (1) or disable (0) support for client requests to the
1792 * chip Service Provisioning server via an authenticated
1793 * session. See also #CHIP_CONFIG_REQUIRE_AUTH.
1795 * @note This configuration shall be deasserted for development
1796 * and testing purposes only. No chip-enabled device shall
1797 * be certified without this asserted.
1800 #ifndef CHIP_CONFIG_REQUIRE_AUTH_SERVICE_PROV
1801 #define CHIP_CONFIG_REQUIRE_AUTH_SERVICE_PROV CHIP_CONFIG_REQUIRE_AUTH
1802 #endif // CHIP_CONFIG_REQUIRE_AUTH_SERVICE_PROV
1805 * @def CHIP_CONFIG_ENABLE_PROVISIONING_BUNDLE_SUPPORT
1808 * Enable (1) or disable (0) support for the handling of chip
1809 * Provisioning Bundles.
1811 * chip Provisioning Bundles are a chip TLV payload containing
1812 * the chip certificate, corresponding private key, and pairing
1813 * code / entry key that a chip device would have otherwise
1814 * received at its time of manufacture.
1816 * Enable this if your family of device needs to support in-field
1817 * provisioning (IFP). IFP for chip devices is neither generally
1818 * supported nor recommended.
1821 #ifndef CHIP_CONFIG_ENABLE_PROVISIONING_BUNDLE_SUPPORT
1822 #define CHIP_CONFIG_ENABLE_PROVISIONING_BUNDLE_SUPPORT 1
1823 #endif // CHIP_CONFIG_ENABLE_PROVISIONING_BUNDLE_SUPPORT
1826 * @def CHIP_ERROR_LOGGING
1829 * If asserted (1), enable logging of all messages in the
1830 * chip::Logging::LogCategory::kLogCategory_Error category.
1833 #ifndef CHIP_ERROR_LOGGING
1834 #define CHIP_ERROR_LOGGING 1
1835 #endif // CHIP_ERROR_LOGGING
1838 * @def CHIP_PROGRESS_LOGGING
1841 * If asserted (1), enable logging of all messages in the
1842 * chip::Logging::LogCategory::kLogCategory_Progress category.
1845 #ifndef CHIP_PROGRESS_LOGGING
1846 #define CHIP_PROGRESS_LOGGING 1
1847 #endif // CHIP_PROGRESS_LOGGING
1850 * @def CHIP_DETAIL_LOGGING
1853 * If asserted (1), enable logging of all messages in the
1854 * chip::Logging::kLogCategory_Detail category.
1857 #ifndef CHIP_DETAIL_LOGGING
1858 #define CHIP_DETAIL_LOGGING 1
1859 #endif // CHIP_DETAIL_LOGGING
1862 * CHIP_CONFIG_LOG_MESSAGE_MAX_SIZE
1864 * The maximum size (in bytes) of a log message
1866 #ifndef CHIP_CONFIG_LOG_MESSAGE_MAX_SIZE
1867 #define CHIP_CONFIG_LOG_MESSAGE_MAX_SIZE 256
1871 * @def CHIP_CONFIG_ENABLE_FUNCT_ERROR_LOGGING
1874 * If asserted (1), enable logging of errors at function exit via the
1875 * ChipLogFunctError() macro.
1877 #ifndef CHIP_CONFIG_ENABLE_FUNCT_ERROR_LOGGING
1878 #define CHIP_CONFIG_ENABLE_FUNCT_ERROR_LOGGING 0
1879 #endif // CHIP_CONFIG_ENABLE_FUNCT_ERROR_LOGGING
1882 * @def CHIP_CONFIG_ENABLE_CONDITION_LOGGING
1885 * If asserted (1), enable logging of failed conditions via the
1886 * ChipLogIfFalse() macro.
1888 #ifndef CHIP_CONFIG_ENABLE_CONDITION_LOGGING
1889 #define CHIP_CONFIG_ENABLE_CONDITION_LOGGING 0
1890 #endif // CHIP_CONFIG_ENABLE_CONDITION_LOGGING
1893 * @def CHIP_CONFIG_SERVICE_DIR_CONNECT_TIMEOUT_MSECS
1896 * This is the default timeout for the connect call to the
1897 * directory server to wait for success or being notified
1901 #ifndef CHIP_CONFIG_SERVICE_DIR_CONNECT_TIMEOUT_MSECS
1902 #define CHIP_CONFIG_SERVICE_DIR_CONNECT_TIMEOUT_MSECS (10000)
1903 #endif // CHIP_CONFIG_SERVICE_DIR_CONNECT_TIMEOUT_MSECS
1906 * @def CHIP_CONFIG_DEFAULT_INCOMING_CONNECTION_IDLE_TIMEOUT
1909 * The maximum amount of time, in milliseconds, that an idle inbound
1910 * chip connection will be allowed to exist before being closed.
1912 * This is a default value that can be overridden at runtime by the
1915 * A value of 0 disables automatic closing of idle connections.
1918 #ifndef CHIP_CONFIG_DEFAULT_INCOMING_CONNECTION_IDLE_TIMEOUT
1919 #define CHIP_CONFIG_DEFAULT_INCOMING_CONNECTION_IDLE_TIMEOUT 15000
1920 #endif // CHIP_CONFIG_DEFAULT_INCOMING_CONNECTION_IDLE_TIMEOUT
1923 * @def CHIP_CONFIG_MSG_COUNTER_SYNC_RESP_TIMEOUT
1926 * The amount of time (in milliseconds) which a peer is given
1927 * to respond to a message counter synchronization request.
1928 * Depending on when the request is sent, peers may
1929 * actually have up to twice this time.
1932 #ifndef CHIP_CONFIG_MSG_COUNTER_SYNC_RESP_TIMEOUT
1933 #define CHIP_CONFIG_MSG_COUNTER_SYNC_RESP_TIMEOUT 2000
1934 #endif // CHIP_CONFIG_MSG_COUNTER_SYNC_RESP_TIMEOUT
1937 * @def CHIP_CONFIG_TEST
1940 * If asserted (1), enable APIs that help implement
1941 * unit and integration tests.
1944 #ifndef CHIP_CONFIG_TEST
1945 #define CHIP_CONFIG_TEST 0
1946 #endif // CHIP_CONFIG_TEST
1949 * @def CHIP_CONFIG_SHORT_ERROR_STR
1952 * If asserted (1), produce shorter error strings that only carry a
1953 * minimum of information.
1956 #ifndef CHIP_CONFIG_SHORT_ERROR_STR
1957 #define CHIP_CONFIG_SHORT_ERROR_STR 0
1958 #endif // CHIP_CONFIG_SHORT_ERROR_STR
1961 * @def CHIP_CONFIG_ERROR_STR_SIZE
1964 * This defines the size of the buffer to store a formatted error string.
1965 * If the formatting of an error string exceeds this size it will be truncated.
1967 * The default size varies based on the CHIP_CONFIG_SHORT_ERROR_STR option.
1969 * When CHIP_CONFIG_SHORT_ERROR_STR is 0, a large default buffer size is used
1970 * to accommodate descriptive text summarizing the cause of the error. E.g.:
1972 * "chip Error 4047 (0x00000FCF): Invalid Argument"
1974 * When CHIP_CONFIG_SHORT_ERROR_STR is 1, the buffer size is set to accommodate
1975 * a minimal error string consisting of a 10 character subsystem name followed
1976 * by an 8 character error number, plus boilerplate. E.g.:
1978 * "Error chip:0x00000FCF"
1981 #ifndef CHIP_CONFIG_ERROR_STR_SIZE
1982 #if CHIP_CONFIG_SHORT_ERROR_STR
1983 #define CHIP_CONFIG_ERROR_STR_SIZE (5 + 1 + 10 + 3 + 8 + 1)
1984 #else // CHIP_CONFIG_SHORT_ERROR_STR
1985 #define CHIP_CONFIG_ERROR_STR_SIZE 256
1986 #endif // CHIP_CONFIG_SHORT_ERROR_STR
1987 #endif // CHIP_CONFIG_ERROR_STR_SIZE
1990 * @def CHIP_CONFIG_CUSTOM_ERROR_FORMATTER
1993 * If asserted (1), suppress definition of the standard error formatting function
1994 * (#FormatError()) allowing an application-specific implementation to be used.
1997 #ifndef CHIP_CONFIG_CUSTOM_ERROR_FORMATTER
1998 #define CHIP_CONFIG_CUSTOM_ERROR_FORMATTER 0
1999 #endif // CHIP_CONFIG_CUSTOM_ERROR_FORMATTER
2002 * @def CHIP_CONFIG_SHORT_FORM_ERROR_VALUE_FORMAT
2005 * The printf-style format string used to format error values.
2007 * On some platforms, the structure of error values makes them more convenient to
2008 * read in either hex or decimal format. This option can be used to override
2009 * the default hex format.
2011 * Note that this option only affects short-form error strings (i.e. when
2012 * CHIP_CONFIG_SHORT_ERROR_STR == 1). Long form error strings always show both hex
2013 * and decimal values
2015 #ifndef CHIP_CONFIG_SHORT_FORM_ERROR_VALUE_FORMAT
2016 #define CHIP_CONFIG_SHORT_FORM_ERROR_VALUE_FORMAT "0x%08" PRIX32
2017 #endif // CHIP_CONFIG_SHORT_FORM_ERROR_VALUE_FORMAT
2020 * @def CHIP_CONFIG_BLE_PKT_RESERVED_SIZE
2023 * The number of bytes that chip should reserve at the front of
2024 * every outgoing BLE packet for the sake of the underlying BLE
2028 #ifndef CHIP_CONFIG_BLE_PKT_RESERVED_SIZE
2029 #define CHIP_CONFIG_BLE_PKT_RESERVED_SIZE 0
2030 #endif // CHIP_CONFIG_BLE_PKT_RESERVED_SIZE
2033 * @def CHIP_CONFIG_ENABLE_SECURITY_DEBUG_FUNCS
2036 * Enable (1) or disable (0) support for utility functions for
2037 * decoding and outputing information related to chip security.
2040 #ifndef CHIP_CONFIG_ENABLE_SECURITY_DEBUG_FUNCS
2041 #define CHIP_CONFIG_ENABLE_SECURITY_DEBUG_FUNCS 1
2042 #endif // CHIP_CONFIG_ENABLE_SECURITY_DEBUG_FUNCS
2045 * @def CHIP_CONFIG_IsPlatformErrorNonCritical(CODE)
2047 * This macro checks if a platform generated error is critical and
2048 * needs to be reported to the application/caller. The criticality
2049 * of an error (in the context of that platform) is determined by how
2050 * it impacts the logic flow, i.e., whether or not the current flow
2051 * can continue despite the error or it needs to be reported back
2052 * resulting in a potential stoppage.
2055 * This is a default set of platform errors which are configured as
2056 * non-critical from the context of that platform. Any new error that
2057 * the platforms deem as non-critical could be added by overriding
2058 * this default macro definition after careful thought towards its
2059 * implication in the logic flow in that platform.
2061 * @param[in] CODE The #CHIP_ERROR being checked for criticality.
2063 * @return true if the error is non-critical; false otherwise.
2066 #ifndef CHIP_CONFIG_IsPlatformErrorNonCritical
2067 #if CHIP_SYSTEM_CONFIG_USE_LWIP
2068 #define _CHIP_CONFIG_IsPlatformLwIPErrorNonCritical(CODE) \
2069 ((CODE) == chip::System::MapErrorLwIP(ERR_RTE) || (CODE) == chip::System::MapErrorLwIP(ERR_MEM))
2070 #else // !CHIP_SYSTEM_CONFIG_USE_LWIP
2071 #define _CHIP_CONFIG_IsPlatformLwIPErrorNonCritical(CODE) 0
2072 #endif // !CHIP_SYSTEM_CONFIG_USE_LWIP
2074 #if CHIP_SYSTEM_CONFIG_USE_SOCKETS
2075 #define _CHIP_CONFIG_IsPlatformPOSIXErrorNonCritical(CODE) \
2076 ((CODE) == chip::System::MapErrorPOSIX(EHOSTUNREACH) || (CODE) == chip::System::MapErrorPOSIX(ENETUNREACH) || \
2077 (CODE) == chip::System::MapErrorPOSIX(EADDRNOTAVAIL) || (CODE) == chip::System::MapErrorPOSIX(EPIPE))
2078 #else // !CHIP_SYSTEM_CONFIG_USE_SOCKETS
2079 #define _CHIP_CONFIG_IsPlatformPOSIXErrorNonCritical(CODE) 0
2080 #endif // !CHIP_SYSTEM_CONFIG_USE_SOCKETS
2082 #define CHIP_CONFIG_IsPlatformErrorNonCritical(CODE) \
2083 (_CHIP_CONFIG_IsPlatformPOSIXErrorNonCritical(CODE) || _CHIP_CONFIG_IsPlatformLwIPErrorNonCritical(CODE))
2084 #endif // CHIP_CONFIG_IsPlatformErrorNonCritical
2087 * @def CHIP_CONFIG_WILL_OVERRIDE_PLATFORM_MATH_FUNCS
2090 * Enable (1) or disable (0) replacing math functions
2091 * which may not be available in the standard/intrinsic library,
2092 * and hence require special support from the platform.
2095 #ifndef CHIP_CONFIG_WILL_OVERRIDE_PLATFORM_MATH_FUNCS
2096 #define CHIP_CONFIG_WILL_OVERRIDE_PLATFORM_MATH_FUNCS 0
2097 #endif // CHIP_CONFIG_WILL_OVERRIDE_PLATFORM_MATH_FUNCS
2100 * @def CHIP_CONFIG_SERIALIZATION_USE_MALLOC
2102 * @brief If turned on, then schema event serialization and
2103 * deserialization will use the stdlib implementations of malloc,
2104 * free, and realloc by default (if no other implementations have
2105 * been provided). We will fail at compile time if the stdlib
2106 * implementations are not present.
2108 #ifndef CHIP_CONFIG_SERIALIZATION_USE_MALLOC
2109 #define CHIP_CONFIG_SERIALIZATION_USE_MALLOC 0
2113 * @def CHIP_CONFIG_SERIALIZATION_DEBUG_LOGGING
2115 * @brief Enable debug logging for the serialization/deserialization APIs.
2117 #ifndef CHIP_CONFIG_SERIALIZATION_DEBUG_LOGGING
2118 #define CHIP_CONFIG_SERIALIZATION_DEBUG_LOGGING 0
2122 * @def CHIP_CONFIG_SERIALIZATION_LOG_FLOATS
2124 * @brief Enable debug logging of floats and doubles for the
2125 * serialization/deserialization APIs. Not all platforms
2126 * support these types, and may not compile if there are
2127 * any references to them. Only matters if
2128 * CHIP_CONFIG_SERIALIZATION_DEBUG_LOGGING is enabled.
2130 #ifndef CHIP_CONFIG_SERIALIZATION_LOG_FLOATS
2131 #define CHIP_CONFIG_SERIALIZATION_LOG_FLOATS 1
2135 * @def CHIP_CONFIG_PERSISTED_STORAGE_KEY_TYPE
2138 * The data type used to represent the key of a persistedly-stored
2141 #ifndef CHIP_CONFIG_PERSISTED_STORAGE_KEY_TYPE
2142 #define CHIP_CONFIG_PERSISTED_STORAGE_KEY_TYPE const char *
2146 * @def CHIP_CONFIG_LIFETIIME_PERSISTED_COUNTER_KEY
2149 * Lifetime Counter Key.
2151 #ifndef CHIP_CONFIG_LIFETIIME_PERSISTED_COUNTER_KEY
2152 #define CHIP_CONFIG_LIFETIIME_PERSISTED_COUNTER_KEY "life-count"
2156 * @def CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_ID
2159 * The group key message counter persisted storage Id.
2162 #ifndef CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_ID
2163 #define CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_ID "EncMsgCntr"
2164 #endif // CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_ID
2167 * @def CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_EPOCH
2170 * The group key message counter persisted storage epoch.
2173 #ifndef CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_EPOCH
2174 #define CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_EPOCH 0x1000
2175 #endif // CHIP_CONFIG_PERSISTED_STORAGE_ENC_MSG_CNTR_EPOCH
2178 * @def CHIP_CONFIG_PERSISTED_STORAGE_MAX_KEY_LENGTH
2180 * @brief The maximum length of the key in a key/value pair
2181 * stored in the platform's persistent storage.
2183 #ifndef CHIP_CONFIG_PERSISTED_STORAGE_MAX_KEY_LENGTH
2184 #define CHIP_CONFIG_PERSISTED_STORAGE_MAX_KEY_LENGTH 16
2188 * @def CHIP_CONFIG_PERSISTED_STORAGE_MAX_VALUE_LENGTH
2190 * @brief The maximum length of the value in a key/value pair
2191 * stored in the platform's persistent storage.
2193 #ifndef CHIP_CONFIG_PERSISTED_STORAGE_MAX_VALUE_LENGTH
2194 #define CHIP_CONFIG_PERSISTED_STORAGE_MAX_VALUE_LENGTH 256
2198 * @def CHIP_CONFIG_PERSISTED_COUNTER_DEBUG_LOGGING
2200 * @brief Enable debug logging for the PersistedCounter API.
2202 #ifndef CHIP_CONFIG_PERSISTED_COUNTER_DEBUG_LOGGING
2203 #define CHIP_CONFIG_PERSISTED_COUNTER_DEBUG_LOGGING 0
2207 * @def CHIP_CONFIG_EVENT_LOGGING_VERBOSE_DEBUG_LOGS
2209 * @brief Enable verbose debug logging for the EventLogging API.
2210 * This setting is incompatible with platforms that route console
2211 * logs into event logging, as it would result in circular logic.
2213 #ifndef CHIP_CONFIG_EVENT_LOGGING_VERBOSE_DEBUG_LOGS
2214 #define CHIP_CONFIG_EVENT_LOGGING_VERBOSE_DEBUG_LOGS 1
2218 * @def CHIP_CONFIG_ENABLE_ARG_PARSER
2220 * @brief Enable support functions for parsing command-line arguments
2222 #ifndef CHIP_CONFIG_ENABLE_ARG_PARSER
2223 #define CHIP_CONFIG_ENABLE_ARG_PARSER 0
2227 * @def CHIP_CONFIG_ENABLE_ARG_PARSER_SANTIY_CHECK
2229 * @brief Enable santiy checking of command-line argument definitions.
2231 #ifndef CHIP_CONFIG_ENABLE_ARG_PARSER_SANTIY_CHECK
2232 #define CHIP_CONFIG_ENABLE_ARG_PARSER_SANTIY_CHECK 1
2236 * @def CHIP_CONFIG_SERVICE_PROV_RESPONSE_TIMEOUT
2239 * The amount of time (in milliseconds) which the service is given
2240 * to respond to a pair device to account request.
2242 #ifndef CHIP_CONFIG_SERVICE_PROV_RESPONSE_TIMEOUT
2243 #define CHIP_CONFIG_SERVICE_PROV_RESPONSE_TIMEOUT 60000
2247 * @def CHIP_CONFIG_SUPPORT_LEGACY_ADD_NETWORK_MESSAGE
2250 * Enable (1) or disable (0) support for the depricated
2251 * version of AddNetwork() message in the Network Provisioning
2253 * This option should be enabled to support pairing with CHIP
2254 * legacy devices that don't have latest SW.
2257 #ifndef CHIP_CONFIG_SUPPORT_LEGACY_ADD_NETWORK_MESSAGE
2258 #define CHIP_CONFIG_SUPPORT_LEGACY_ADD_NETWORK_MESSAGE 1
2259 #endif // CHIP_CONFIG_SUPPORT_LEGACY_ADD_NETWORK_MESSAGE
2262 * @def CHIP_CONFIG_ALWAYS_USE_LEGACY_ADD_NETWORK_MESSAGE
2265 * Enable (1) or disable (0) the exclusive use of the depricated
2266 * version of AddNetwork() message in the Network Provisioning
2268 * This option should be enabled when exclusively pairing with CHIP
2269 * legacy devices that don't have latest SW.
2270 * This option requires that
2271 * CHIP_CONFIG_SUPPORT_LEGACY_ADD_NETWORK_MESSAGE is enabled.
2274 #ifndef CHIP_CONFIG_ALWAYS_USE_LEGACY_ADD_NETWORK_MESSAGE
2275 #define CHIP_CONFIG_ALWAYS_USE_LEGACY_ADD_NETWORK_MESSAGE 0
2276 #endif // CHIP_CONFIG_ALWAYS_USE_LEGACY_ADD_NETWORK_MESSAGE
2279 * @def CHIP_CONFIG_ENABLE_IFJ_SERVICE_FABRIC_JOIN
2281 * @brief Enable the Service Provisioning profile message
2282 * for notification of successful in-field joining of the
2285 #ifndef CHIP_CONFIG_ENABLE_IFJ_SERVICE_FABRIC_JOIN
2286 #define CHIP_CONFIG_ENABLE_IFJ_SERVICE_FABRIC_JOIN 0
2287 #endif // CHIP_CONFIG_ENABLE_IFJ_SERVICE_FABRIC_JOIN
2290 * @def CHIP_CONFIG_PEER_CONNECTION_POOL_SIZE
2292 * @brief Define the size of the pool used for tracking CHIP
2293 * Peer connections. This defines maximum number of concurrent
2294 * device connections across all supported transports.
2296 #ifndef CHIP_CONFIG_PEER_CONNECTION_POOL_SIZE
2297 #define CHIP_CONFIG_PEER_CONNECTION_POOL_SIZE 16
2298 #endif // CHIP_CONFIG_PEER_CONNECTION_POOL_SIZE
2301 * @def CHIP_PEER_CONNECTION_TIMEOUT_MS
2303 * @brief After what period of inactivity is a peer connection considered
2306 #ifndef CHIP_PEER_CONNECTION_TIMEOUT_MS
2307 #define CHIP_PEER_CONNECTION_TIMEOUT_MS 120000
2308 #endif // CHIP_PEER_CONNECTION_TIMEOUT_MS
2311 * @def CHIP_PEER_CONNECTION_TIMEOUT_CHECK_FREQUENCY_MS
2313 * @brief How frequent are peer connections checked for timeouts.
2315 #ifndef CHIP_PEER_CONNECTION_TIMEOUT_CHECK_FREQUENCY_MS
2316 #define CHIP_PEER_CONNECTION_TIMEOUT_CHECK_FREQUENCY_MS 5000
2317 #endif // CHIP_PEER_CONNECTION_TIMEOUT_CHECK_FREQUENCY_MS
2320 * @def CHIP_CONFIG_MAX_BINDINGS
2323 * Maximum number of simultaneously active bindings per WeaveExchangeManager
2324 * The new single source TimeSync client takes one binding.
2325 * Every WDM one-way subscription takes one binding. Mutual subscription counts as two one-way subscriptions.
2326 * A reserved slot is needed to take an incoming subscription request.
2327 * For a device with 2 mutual subscriptions, and one single source time sync client, it needs 2 x 2 + 1 = 5 bindings at least.
2328 * At least six is needed if it still wants to take new WDM subscriptions under this load.
2330 #ifndef CHIP_CONFIG_MAX_BINDINGS
2331 #define CHIP_CONFIG_MAX_BINDINGS 6
2332 #endif // CHIP_CONFIG_MAX_BINDINGS
2335 * @def CHIP_CONFIG_MAX_DEVICE_ADMINS
2338 * Maximum number of administrators that can provision the device. Each admin
2339 * can provision the device with their unique operational credentials and manage
2340 * their access control lists.
2342 #ifndef CHIP_CONFIG_MAX_DEVICE_ADMINS
2343 #define CHIP_CONFIG_MAX_DEVICE_ADMINS 16
2344 #endif // CHIP_CONFIG_MAX_DEVICE_ADMINS
2347 * @def CHIP_NON_PRODUCTION_MARKER
2349 * @brief Defines the name of a mark symbol whose presence signals that the chip code
2350 * includes development/testing features that should never be used in production contexts.
2352 #ifndef CHIP_NON_PRODUCTION_MARKER
2353 #if (CHIP_CONFIG_SECURITY_TEST_MODE || CHIP_CONFIG_SUPPORT_PASE_CONFIG0_TEST_ONLY || \
2354 CHIP_CONFIG_SUPPORT_PASSCODE_CONFIG1_TEST_ONLY || (!CHIP_CONFIG_REQUIRE_AUTH) || CHIP_FUZZING_ENABLED)
2355 #define CHIP_NON_PRODUCTION_MARKER WARNING__DO_NOT_SHIP__CONTAINS_NON_PRODUCTION_CHIP_CODE
2359 #ifdef CHIP_NON_PRODUCTION_MARKER
2360 extern const char CHIP_NON_PRODUCTION_MARKER[];