tls_config.h

00001 /**
00002  * @file tls_config.h
00003  * @brief CycloneSSL configuration file
00004  *
00005  * @section License
00006  *
00007  * Copyright (C) 2010-2017 Oryx Embedded SARL. All rights reserved.
00008  *
00009  * This file is part of CycloneSSL Open.
00010  *
00011  * This program is free software; you can redistribute it and/or
00012  * modify it under the terms of the GNU General Public License
00013  * as published by the Free Software Foundation; either version 2
00014  * of the License, or (at your option) any later version.
00015  *
00016  * This program is distributed in the hope that it will be useful,
00017  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00018  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00019  * GNU General Public License for more details.
00020  *
00021  * You should have received a copy of the GNU General Public License
00022  * along with this program; if not, write to the Free Software Foundation,
00023  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
00024  *
00025  * @author Oryx Embedded SARL (www.oryx-embedded.com)
00026  * @version 1.7.6
00027  **/
00028 
00029 #ifndef _TLS_CONFIG_H
00030 #define _TLS_CONFIG_H
00031 
00032 //Desired trace level (for debugging purposes)
00033 #define TLS_TRACE_LEVEL TRACE_LEVEL_INFO
00034 
00035 //Enable SSL/TLS support
00036 #define TLS_SUPPORT ENABLED
00037 //Client mode of operation
00038 #define TLS_CLIENT_SUPPORT ENABLED
00039 //Server mode of operation
00040 #define TLS_SERVER_SUPPORT DISABLED
00041 
00042 //Minimum version that can be negotiated
00043 #define TLS_MIN_VERSION SSL_VERSION_3_0
00044 //Maximum version that can be negotiated
00045 #define TLS_MAX_VERSION TLS_VERSION_1_2
00046 
00047 //Session resumption mechanism
00048 #define TLS_SESSION_RESUME_SUPPORT ENABLED
00049 //Lifetime of session cache entries
00050 #define TLS_SESSION_CACHE_LIFETIME 3600000
00051 
00052 //SNI (Server Name Indication) extension
00053 #define TLS_SNI_SUPPORT ENABLED
00054 //ALPN (Application-Layer Protocol Negotiation) extension
00055 #define TLS_ALPN_SUPPORT DISABLED
00056 
00057 //Maximum number of certificates the end entity can load
00058 #define TLS_MAX_CERTIFICATES 3
00059 
00060 //RSA key exchange support
00061 #define TLS_RSA_SUPPORT ENABLED
00062 //DHE_RSA key exchange support
00063 #define TLS_DHE_RSA_SUPPORT DISABLED
00064 //DHE_DSS key exchange support
00065 #define TLS_DHE_DSS_SUPPORT DISABLED
00066 //DH_anon key exchange support
00067 #define TLS_DH_ANON_SUPPORT DISABLED
00068 //ECDHE_RSA key exchange support
00069 #define TLS_ECDHE_RSA_SUPPORT ENABLED
00070 //ECDHE_ECDSA key exchange support
00071 #define TLS_ECDHE_ECDSA_SUPPORT DISABLED
00072 //ECDH_anon key exchange support
00073 #define TLS_ECDH_ANON_SUPPORT DISABLED
00074 //PSK key exchange support
00075 #define TLS_PSK_SUPPORT DISABLED
00076 //RSA_PSK key exchange support
00077 #define TLS_RSA_PSK_SUPPORT DISABLED
00078 //DHE_PSK key exchange support
00079 #define TLS_DHE_PSK_SUPPORT DISABLED
00080 //ECDHE_PSK key exchange support
00081 #define TLS_ECDHE_PSK_SUPPORT DISABLED
00082 
00083 //RSA signature capability
00084 #define TLS_RSA_SIGN_SUPPORT ENABLED
00085 //DSA signature capability
00086 #define TLS_DSA_SIGN_SUPPORT ENABLED
00087 //ECDSA signature capability
00088 #define TLS_ECDSA_SIGN_SUPPORT ENABLED
00089 
00090 //Stream cipher support
00091 #define TLS_STREAM_CIPHER_SUPPORT ENABLED
00092 //CBC block cipher support
00093 #define TLS_CBC_CIPHER_SUPPORT ENABLED
00094 //CCM AEAD support
00095 #define TLS_CCM_CIPHER_SUPPORT ENABLED
00096 //GCM AEAD support
00097 #define TLS_GCM_CIPHER_SUPPORT ENABLED
00098 //ChaCha20Poly1305 AEAD support
00099 #define TLS_CHACHA20_POLY1305_SUPPORT ENABLED
00100 
00101 //RC4 cipher support
00102 #define TLS_RC4_SUPPORT ENABLED
00103 //IDEA cipher support
00104 #define TLS_IDEA_SUPPORT DISABLED
00105 //DES cipher support
00106 #define TLS_DES_SUPPORT DISABLED
00107 //Triple DES cipher support
00108 #define TLS_3DES_SUPPORT ENABLED
00109 //AES cipher support
00110 #define TLS_AES_SUPPORT ENABLED
00111 //Camellia cipher support
00112 #define TLS_CAMELLIA_SUPPORT ENABLED
00113 //SEED cipher support
00114 #define TLS_SEED_SUPPORT ENABLED
00115 //ARIA cipher support
00116 #define TLS_ARIA_SUPPORT ENABLED
00117 
00118 //MD5 hash support
00119 #define TLS_MD5_SUPPORT ENABLED
00120 //SHA-1 hash support
00121 #define TLS_SHA1_SUPPORT ENABLED
00122 //SHA-224 hash support
00123 #define TLS_SHA224_SUPPORT ENABLED
00124 //SHA-256 hash support
00125 #define TLS_SHA256_SUPPORT ENABLED
00126 //SHA-384 hash support
00127 #define TLS_SHA384_SUPPORT ENABLED
00128 //SHA-512 hash support
00129 #define TLS_SHA512_SUPPORT ENABLED
00130 
00131 //secp160k1 elliptic curve support
00132 #define TLS_SECP160K1_SUPPORT DISABLED
00133 //secp160r1 elliptic curve support
00134 #define TLS_SECP160R1_SUPPORT DISABLED
00135 //secp160r2 elliptic curve support
00136 #define TLS_SECP160R2_SUPPORT DISABLED
00137 //secp192k1 elliptic curve support
00138 #define TLS_SECP192K1_SUPPORT DISABLED
00139 //secp192r1 elliptic curve support
00140 #define TLS_SECP192R1_SUPPORT ENABLED
00141 //secp224k1 elliptic curve support
00142 #define TLS_SECP224K1_SUPPORT DISABLED
00143 //secp224r1 elliptic curve support
00144 #define TLS_SECP224R1_SUPPORT ENABLED
00145 //secp256k1 elliptic curve support
00146 #define TLS_SECP256K1_SUPPORT DISABLED
00147 //secp256r1 elliptic curve support
00148 #define TLS_SECP256R1_SUPPORT ENABLED
00149 //secp384r1 elliptic curve support
00150 #define TLS_SECP384R1_SUPPORT ENABLED
00151 //secp521r1 elliptic curve support
00152 #define TLS_SECP521R1_SUPPORT DISABLED
00153 //brainpoolP256r1 elliptic curve support
00154 #define TLS_BRAINPOOLP256R1_SUPPORT DISABLED
00155 //brainpoolP384r1 elliptic curve support
00156 #define TLS_BRAINPOOLP384R1_SUPPORT DISABLED
00157 //brainpoolP512r1 elliptic curve support
00158 #define TLS_BRAINPOOLP512R1_SUPPORT DISABLED
00159 
00160 #endif
00161