Doug Anson / mbedTLSLibrary

mbed TLS library

Dependents:   HTTPClient-SSL WS_SERVER

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers config-ccm-psk-tls1_2.h Source File

config-ccm-psk-tls1_2.h

00001 /*
00002  * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
00003  * Distinguishing features:
00004  * - no bignum, no PK, no X509
00005  * - fully modern and secure (provided the pre-shared keys have high entropy)
00006  * - very low record overhead with CCM-8
00007  * - optimized for low RAM usage
00008  *
00009  * See README.txt for usage instructions.
00010  */
00011 #ifndef POLARSSL_CONFIG_H
00012 #define POLARSSL_CONFIG_H
00013 
00014 /* System support */
00015 #define POLARSSL_HAVE_IPV6 /* Now mandatory for NET_C */
00016 //#define POLARSSL_HAVE_TIME /* Optionally used in Hello messages */
00017 /* Other POLARSSL_HAVE_XXX flags irrelevant for this configuration */
00018 
00019 /* mbed TLS feature support */
00020 #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
00021 #define POLARSSL_SSL_PROTO_TLS1_2
00022 #define POLARSSL_SSL_DISABLE_RENEGOTIATION
00023 
00024 /* mbed TLS modules */
00025 #define POLARSSL_AES_C
00026 #define POLARSSL_CCM_C
00027 #define POLARSSL_CIPHER_C
00028 #define POLARSSL_CTR_DRBG_C
00029 #define POLARSSL_ENTROPY_C
00030 #define POLARSSL_MD_C
00031 #define POLARSSL_NET_C
00032 #define POLARSSL_SHA256_C
00033 #define POLARSSL_SSL_CLI_C
00034 #define POLARSSL_SSL_SRV_C
00035 #define POLARSSL_SSL_TLS_C
00036 
00037 /* Save RAM at the expense of ROM */
00038 #define POLARSSL_AES_ROM_TABLES
00039 
00040 /* Save some RAM by adjusting to your exact needs */
00041 #define POLARSSL_PSK_MAX_LEN    16 /* 128-bits keys are generally enough */
00042 
00043 /*
00044  * You should adjust this to the exact number of sources you're using: default
00045  * is the "platform_entropy_poll" source, but you may want to add other ones
00046  * Minimum is 2 for the entropy test suite.
00047  */
00048 #define ENTROPY_MAX_SOURCES 2
00049 
00050 /*
00051  * Use only CCM_8 ciphersuites, and
00052  * save ROM and a few bytes of RAM by specifying our own ciphersuite list
00053  */
00054 #define SSL_CIPHERSUITES                        \
00055         TLS_PSK_WITH_AES_256_CCM_8,             \
00056         TLS_PSK_WITH_AES_128_CCM_8
00057 
00058 /*
00059  * Save RAM at the expense of interoperability: do this only if you control
00060  * both ends of the connection!  (See comments in "polarssl/ssl.h".)
00061  * The optimal size here depends on the typical size of records.
00062  */
00063 #define SSL_MAX_CONTENT_LEN             512
00064 
00065 #include "check_config.h"
00066 
00067 #endif /* POLARSSL_CONFIG_H */
00068
Generated on Tue Jul 12 2022 13:50:36 by  doxygen 1.7.2