David Fletcher / Mbed 2 deprecated cc3100_Test_websock_Camera_CM3

TI's CC3100 websocket camera demo with Arducam mini ov5642 and freertos. Should work with other M3's. Work in progress test demo.

Dependencies:   mbed

SHA1/polarssl/config.h@1:e448e81c416f, 2015-09-11 (annotated)

Committer:
dflet
Date:
Fri Sep 11 15:38:33 2015 +0000
Revision:
1:e448e81c416f
Parent:
0:400d8e75a8d0 
Removed some debud.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
dflet 0:400d8e75a8d0 1 /**
dflet 0:400d8e75a8d0 2 * \file config.h
dflet 0:400d8e75a8d0 3 *
dflet 0:400d8e75a8d0 4 * \brief Configuration options (set of defines)
dflet 0:400d8e75a8d0 5 *
dflet 0:400d8e75a8d0 6 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
dflet 0:400d8e75a8d0 7 *
dflet 0:400d8e75a8d0 8 * This file is part of mbed TLS (https://tls.mbed.org)
dflet 0:400d8e75a8d0 9 *
dflet 0:400d8e75a8d0 10 * This program is free software; you can redistribute it and/or modify
dflet 0:400d8e75a8d0 11 * it under the terms of the GNU General Public License as published by
dflet 0:400d8e75a8d0 12 * the Free Software Foundation; either version 2 of the License, or
dflet 0:400d8e75a8d0 13 * (at your option) any later version.
dflet 0:400d8e75a8d0 14 *
dflet 0:400d8e75a8d0 15 * This program is distributed in the hope that it will be useful,
dflet 0:400d8e75a8d0 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
dflet 0:400d8e75a8d0 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
dflet 0:400d8e75a8d0 18 * GNU General Public License for more details.
dflet 0:400d8e75a8d0 19 *
dflet 0:400d8e75a8d0 20 * You should have received a copy of the GNU General Public License along
dflet 0:400d8e75a8d0 21 * with this program; if not, write to the Free Software Foundation, Inc.,
dflet 0:400d8e75a8d0 22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
dflet 0:400d8e75a8d0 23 *
dflet 0:400d8e75a8d0 24 * This set of compile-time options may be used to enable
dflet 0:400d8e75a8d0 25 * or disable features selectively, and reduce the global
dflet 0:400d8e75a8d0 26 * memory footprint.
dflet 0:400d8e75a8d0 27 */
dflet 0:400d8e75a8d0 28 #ifndef POLARSSL_CONFIG_H
dflet 0:400d8e75a8d0 29 #define POLARSSL_CONFIG_H
dflet 0:400d8e75a8d0 30
dflet 0:400d8e75a8d0 31 #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
dflet 0:400d8e75a8d0 32 #define _CRT_SECURE_NO_DEPRECATE 1
dflet 0:400d8e75a8d0 33 #endif
dflet 0:400d8e75a8d0 34
dflet 0:400d8e75a8d0 35 /**
dflet 0:400d8e75a8d0 36 * \name SECTION: System support
dflet 0:400d8e75a8d0 37 *
dflet 0:400d8e75a8d0 38 * This section sets system specific settings.
dflet 0:400d8e75a8d0 39 * \{
dflet 0:400d8e75a8d0 40 */
dflet 0:400d8e75a8d0 41
dflet 0:400d8e75a8d0 42 /**
dflet 0:400d8e75a8d0 43 * \def POLARSSL_HAVE_INT8
dflet 0:400d8e75a8d0 44 *
dflet 0:400d8e75a8d0 45 * The system uses 8-bit wide native integers.
dflet 0:400d8e75a8d0 46 *
dflet 0:400d8e75a8d0 47 * \deprecated The compiler should be able to generate code for 32-bit
dflet 0:400d8e75a8d0 48 * arithmetic (required by C89). This code is likely to be at least as
dflet 0:400d8e75a8d0 49 * efficient as ours.
dflet 0:400d8e75a8d0 50 *
dflet 0:400d8e75a8d0 51 * Uncomment if native integers are 8-bit wide.
dflet 0:400d8e75a8d0 52 */
dflet 0:400d8e75a8d0 53 //#define POLARSSL_HAVE_INT8
dflet 0:400d8e75a8d0 54
dflet 0:400d8e75a8d0 55 /**
dflet 0:400d8e75a8d0 56 * \def POLARSSL_HAVE_INT16
dflet 0:400d8e75a8d0 57 *
dflet 0:400d8e75a8d0 58 * The system uses 16-bit wide native integers.
dflet 0:400d8e75a8d0 59 *
dflet 0:400d8e75a8d0 60 * \deprecated The compiler should be able to generate code for 32-bit
dflet 0:400d8e75a8d0 61 * arithmetic (required by C89). This code is likely to be at least as
dflet 0:400d8e75a8d0 62 * efficient as ours.
dflet 0:400d8e75a8d0 63 *
dflet 0:400d8e75a8d0 64 * Uncomment if native integers are 16-bit wide.
dflet 0:400d8e75a8d0 65 */
dflet 0:400d8e75a8d0 66 //#define POLARSSL_HAVE_INT16
dflet 0:400d8e75a8d0 67
dflet 0:400d8e75a8d0 68 /**
dflet 0:400d8e75a8d0 69 * \def POLARSSL_HAVE_LONGLONG
dflet 0:400d8e75a8d0 70 *
dflet 0:400d8e75a8d0 71 * The compiler supports the 'long long' type.
dflet 0:400d8e75a8d0 72 * (Only used on 32-bit platforms)
dflet 0:400d8e75a8d0 73 */
dflet 0:400d8e75a8d0 74 #define POLARSSL_HAVE_LONGLONG
dflet 0:400d8e75a8d0 75
dflet 0:400d8e75a8d0 76 /**
dflet 0:400d8e75a8d0 77 * \def POLARSSL_HAVE_ASM
dflet 0:400d8e75a8d0 78 *
dflet 0:400d8e75a8d0 79 * The compiler has support for asm().
dflet 0:400d8e75a8d0 80 *
dflet 0:400d8e75a8d0 81 * Requires support for asm() in compiler.
dflet 0:400d8e75a8d0 82 *
dflet 0:400d8e75a8d0 83 * Used in:
dflet 0:400d8e75a8d0 84 * library/timing.c
dflet 0:400d8e75a8d0 85 * library/padlock.c
dflet 0:400d8e75a8d0 86 * include/polarssl/bn_mul.h
dflet 0:400d8e75a8d0 87 *
dflet 0:400d8e75a8d0 88 * Comment to disable the use of assembly code.
dflet 0:400d8e75a8d0 89 */
dflet 0:400d8e75a8d0 90 #define POLARSSL_HAVE_ASM
dflet 0:400d8e75a8d0 91
dflet 0:400d8e75a8d0 92 /**
dflet 0:400d8e75a8d0 93 * \def POLARSSL_HAVE_SSE2
dflet 0:400d8e75a8d0 94 *
dflet 0:400d8e75a8d0 95 * CPU supports SSE2 instruction set.
dflet 0:400d8e75a8d0 96 *
dflet 0:400d8e75a8d0 97 * Uncomment if the CPU supports SSE2 (IA-32 specific).
dflet 0:400d8e75a8d0 98 */
dflet 0:400d8e75a8d0 99 //#define POLARSSL_HAVE_SSE2
dflet 0:400d8e75a8d0 100
dflet 0:400d8e75a8d0 101 /**
dflet 0:400d8e75a8d0 102 * \def POLARSSL_HAVE_TIME
dflet 0:400d8e75a8d0 103 *
dflet 0:400d8e75a8d0 104 * System has time.h and time() / localtime() / gettimeofday().
dflet 0:400d8e75a8d0 105 *
dflet 0:400d8e75a8d0 106 * Comment if your system does not support time functions
dflet 0:400d8e75a8d0 107 */
dflet 0:400d8e75a8d0 108 #define POLARSSL_HAVE_TIME
dflet 0:400d8e75a8d0 109
dflet 0:400d8e75a8d0 110 /**
dflet 0:400d8e75a8d0 111 * \def POLARSSL_HAVE_IPV6
dflet 0:400d8e75a8d0 112 *
dflet 0:400d8e75a8d0 113 * System supports the basic socket interface for IPv6 (RFC 3493),
dflet 0:400d8e75a8d0 114 * specifically getaddrinfo(), freeaddrinfo() and struct sockaddr_storage.
dflet 0:400d8e75a8d0 115 *
dflet 0:400d8e75a8d0 116 * Note: on Windows/MingW, XP or higher is required.
dflet 0:400d8e75a8d0 117 *
dflet 0:400d8e75a8d0 118 * \warning As of 1.3.11, *not* using this flag when POLARSSL_NET_C is
dflet 0:400d8e75a8d0 119 * defined, is deprecated. The alternative legacy code will be removed in 2.0.
dflet 0:400d8e75a8d0 120 *
dflet 0:400d8e75a8d0 121 * Comment if your system does not support the IPv6 socket interface
dflet 0:400d8e75a8d0 122 */
dflet 0:400d8e75a8d0 123 #define POLARSSL_HAVE_IPV6
dflet 0:400d8e75a8d0 124
dflet 0:400d8e75a8d0 125 /**
dflet 0:400d8e75a8d0 126 * \def POLARSSL_PLATFORM_MEMORY
dflet 0:400d8e75a8d0 127 *
dflet 0:400d8e75a8d0 128 * Enable the memory allocation layer.
dflet 0:400d8e75a8d0 129 *
dflet 0:400d8e75a8d0 130 * By default mbed TLS uses the system-provided malloc() and free().
dflet 0:400d8e75a8d0 131 * This allows different allocators (self-implemented or provided) to be
dflet 0:400d8e75a8d0 132 * provided to the platform abstraction layer.
dflet 0:400d8e75a8d0 133 *
dflet 0:400d8e75a8d0 134 * Enabling POLARSSL_PLATFORM_MEMORY without the
dflet 0:400d8e75a8d0 135 * POLARSSL_PLATFORM_{FREE,MALLOC}_MACROs will provide
dflet 0:400d8e75a8d0 136 * "platform_set_malloc_free()" allowing you to set an alternative malloc() and
dflet 0:400d8e75a8d0 137 * free() function pointer at runtime.
dflet 0:400d8e75a8d0 138 *
dflet 0:400d8e75a8d0 139 * Enabling POLARSSL_PLATFORM_MEMORY and specifying
dflet 0:400d8e75a8d0 140 * POLARSSL_PLATFORM_{MALLOC,FREE}_MACROs will allow you to specify the
dflet 0:400d8e75a8d0 141 * alternate function at compile time.
dflet 0:400d8e75a8d0 142 *
dflet 0:400d8e75a8d0 143 * Requires: POLARSSL_PLATFORM_C
dflet 0:400d8e75a8d0 144 *
dflet 0:400d8e75a8d0 145 * Enable this layer to allow use of alternative memory allocators.
dflet 0:400d8e75a8d0 146 */
dflet 0:400d8e75a8d0 147 //#define POLARSSL_PLATFORM_MEMORY
dflet 0:400d8e75a8d0 148
dflet 0:400d8e75a8d0 149 /**
dflet 0:400d8e75a8d0 150 * \def POLARSSL_PLATFORM_NO_STD_FUNCTIONS
dflet 0:400d8e75a8d0 151 *
dflet 0:400d8e75a8d0 152 * Do not assign standard functions in the platform layer (e.g. malloc() to
dflet 0:400d8e75a8d0 153 * POLARSSL_PLATFORM_STD_MALLOC and printf() to POLARSSL_PLATFORM_STD_PRINTF)
dflet 0:400d8e75a8d0 154 *
dflet 0:400d8e75a8d0 155 * This makes sure there are no linking errors on platforms that do not support
dflet 0:400d8e75a8d0 156 * these functions. You will HAVE to provide alternatives, either at runtime
dflet 0:400d8e75a8d0 157 * via the platform_set_xxx() functions or at compile time by setting
dflet 0:400d8e75a8d0 158 * the POLARSSL_PLATFORM_STD_XXX defines, or enabling a
dflet 0:400d8e75a8d0 159 * POLARSSL_PLATFORM_XXX_MACRO.
dflet 0:400d8e75a8d0 160 *
dflet 0:400d8e75a8d0 161 * Requires: POLARSSL_PLATFORM_C
dflet 0:400d8e75a8d0 162 *
dflet 0:400d8e75a8d0 163 * Uncomment to prevent default assignment of standard functions in the
dflet 0:400d8e75a8d0 164 * platform layer.
dflet 0:400d8e75a8d0 165 */
dflet 0:400d8e75a8d0 166 //#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS
dflet 0:400d8e75a8d0 167
dflet 0:400d8e75a8d0 168 /**
dflet 0:400d8e75a8d0 169 * \def POLARSSL_PLATFORM_XXX_ALT
dflet 0:400d8e75a8d0 170 *
dflet 0:400d8e75a8d0 171 * Uncomment a macro to let mbed TLS support the function in the platform
dflet 0:400d8e75a8d0 172 * abstraction layer.
dflet 0:400d8e75a8d0 173 *
dflet 0:400d8e75a8d0 174 * Example: In case you uncomment POLARSSL_PLATFORM_PRINTF_ALT, mbed TLS will
dflet 0:400d8e75a8d0 175 * provide a function "platform_set_printf()" that allows you to set an
dflet 0:400d8e75a8d0 176 * alternative printf function pointer.
dflet 0:400d8e75a8d0 177 *
dflet 0:400d8e75a8d0 178 * All these define require POLARSSL_PLATFORM_C to be defined!
dflet 0:400d8e75a8d0 179 *
dflet 0:400d8e75a8d0 180 * WARNING: POLARSSL_PLATFORM_SNPRINTF_ALT is not available on Windows
dflet 0:400d8e75a8d0 181 * for compatibility reasons.
dflet 0:400d8e75a8d0 182 *
dflet 0:400d8e75a8d0 183 * WARNING: POLARSSL_PLATFORM_XXX_ALT cannot be defined at the same time as
dflet 0:400d8e75a8d0 184 * POLARSSL_PLATFORM_XXX_MACRO!
dflet 0:400d8e75a8d0 185 *
dflet 0:400d8e75a8d0 186 * Uncomment a macro to enable alternate implementation of specific base
dflet 0:400d8e75a8d0 187 * platform function
dflet 0:400d8e75a8d0 188 */
dflet 0:400d8e75a8d0 189 //#define POLARSSL_PLATFORM_EXIT_ALT
dflet 0:400d8e75a8d0 190 //#define POLARSSL_PLATFORM_FPRINTF_ALT
dflet 0:400d8e75a8d0 191 //#define POLARSSL_PLATFORM_PRINTF_ALT
dflet 0:400d8e75a8d0 192 //#define POLARSSL_PLATFORM_SNPRINTF_ALT
dflet 0:400d8e75a8d0 193
dflet 0:400d8e75a8d0 194 /**
dflet 0:400d8e75a8d0 195 * \def POLARSSL_DEPRECATED_WARNING
dflet 0:400d8e75a8d0 196 *
dflet 0:400d8e75a8d0 197 * Mark deprecated functions so that they generate a warning if used.
dflet 0:400d8e75a8d0 198 * Functions deprecated in one version will usually be removed in the next
dflet 0:400d8e75a8d0 199 * version. You can enable this to help you prepare the transition to a new
dflet 0:400d8e75a8d0 200 * major version by making sure your code is not using these functions.
dflet 0:400d8e75a8d0 201 *
dflet 0:400d8e75a8d0 202 * This only works with GCC and Clang. With other compilers, you may want to
dflet 0:400d8e75a8d0 203 * use POLARSSL_DEPRECATED_REMOVED
dflet 0:400d8e75a8d0 204 *
dflet 0:400d8e75a8d0 205 * Uncomment to get warnings on using deprecated functions.
dflet 0:400d8e75a8d0 206 */
dflet 0:400d8e75a8d0 207 //#define POLARSSL_DEPRECATED_WARNING
dflet 0:400d8e75a8d0 208
dflet 0:400d8e75a8d0 209 /**
dflet 0:400d8e75a8d0 210 * \def POLARSSL_DEPRECATED_REMOVED
dflet 0:400d8e75a8d0 211 *
dflet 0:400d8e75a8d0 212 * Remove deprecated functions so that they generate an error if used.
dflet 0:400d8e75a8d0 213 * Functions deprecated in one version will usually be removed in the next
dflet 0:400d8e75a8d0 214 * version. You can enable this to help you prepare the transition to a new
dflet 0:400d8e75a8d0 215 * major version by making sure your code is not using these functions.
dflet 0:400d8e75a8d0 216 *
dflet 0:400d8e75a8d0 217 * Uncomment to get errors on using deprecated functions.
dflet 0:400d8e75a8d0 218 */
dflet 0:400d8e75a8d0 219 //#define POLARSSL_DEPRECATED_REMOVED
dflet 0:400d8e75a8d0 220
dflet 0:400d8e75a8d0 221 /* \} name SECTION: System support */
dflet 0:400d8e75a8d0 222
dflet 0:400d8e75a8d0 223 /**
dflet 0:400d8e75a8d0 224 * \name SECTION: mbed TLS feature support
dflet 0:400d8e75a8d0 225 *
dflet 0:400d8e75a8d0 226 * This section sets support for features that are or are not needed
dflet 0:400d8e75a8d0 227 * within the modules that are enabled.
dflet 0:400d8e75a8d0 228 * \{
dflet 0:400d8e75a8d0 229 */
dflet 0:400d8e75a8d0 230
dflet 0:400d8e75a8d0 231 /**
dflet 0:400d8e75a8d0 232 * \def POLARSSL_TIMING_ALT
dflet 0:400d8e75a8d0 233 *
dflet 0:400d8e75a8d0 234 * Uncomment to provide your own alternate implementation for hardclock(),
dflet 0:400d8e75a8d0 235 * get_timer(), set_alarm() and m_sleep().
dflet 0:400d8e75a8d0 236 *
dflet 0:400d8e75a8d0 237 * Only works if you have POLARSSL_TIMING_C enabled.
dflet 0:400d8e75a8d0 238 *
dflet 0:400d8e75a8d0 239 * You will need to provide a header "timing_alt.h" and an implementation at
dflet 0:400d8e75a8d0 240 * compile time.
dflet 0:400d8e75a8d0 241 */
dflet 0:400d8e75a8d0 242 //#define POLARSSL_TIMING_ALT
dflet 0:400d8e75a8d0 243
dflet 0:400d8e75a8d0 244 /**
dflet 0:400d8e75a8d0 245 * \def POLARSSL_XXX_ALT
dflet 0:400d8e75a8d0 246 *
dflet 0:400d8e75a8d0 247 * Uncomment a macro to let mbed TLS use your alternate core implementation of
dflet 0:400d8e75a8d0 248 * a symmetric or hash algorithm (e.g. platform specific assembly optimized
dflet 0:400d8e75a8d0 249 * implementations). Keep in mind that the function prototypes should remain
dflet 0:400d8e75a8d0 250 * the same.
dflet 0:400d8e75a8d0 251 *
dflet 0:400d8e75a8d0 252 * Example: In case you uncomment POLARSSL_AES_ALT, mbed TLS will no longer
dflet 0:400d8e75a8d0 253 * provide the "struct aes_context" definition and omit the base function
dflet 0:400d8e75a8d0 254 * declarations and implementations. "aes_alt.h" will be included from
dflet 0:400d8e75a8d0 255 * "aes.h" to include the new function definitions.
dflet 0:400d8e75a8d0 256 *
dflet 0:400d8e75a8d0 257 * Uncomment a macro to enable alternate implementation for core algorithm
dflet 0:400d8e75a8d0 258 * functions
dflet 0:400d8e75a8d0 259 */
dflet 0:400d8e75a8d0 260 //#define POLARSSL_AES_ALT
dflet 0:400d8e75a8d0 261 //#define POLARSSL_ARC4_ALT
dflet 0:400d8e75a8d0 262 //#define POLARSSL_BLOWFISH_ALT
dflet 0:400d8e75a8d0 263 //#define POLARSSL_CAMELLIA_ALT
dflet 0:400d8e75a8d0 264 //#define POLARSSL_DES_ALT
dflet 0:400d8e75a8d0 265 //#define POLARSSL_XTEA_ALT
dflet 0:400d8e75a8d0 266 //#define POLARSSL_MD2_ALT
dflet 0:400d8e75a8d0 267 //#define POLARSSL_MD4_ALT
dflet 0:400d8e75a8d0 268 //#define POLARSSL_MD5_ALT
dflet 0:400d8e75a8d0 269 //#define POLARSSL_RIPEMD160_ALT
dflet 0:400d8e75a8d0 270 //#define POLARSSL_SHA1_ALT
dflet 0:400d8e75a8d0 271 //#define POLARSSL_SHA256_ALT
dflet 0:400d8e75a8d0 272 //#define POLARSSL_SHA512_ALT
dflet 0:400d8e75a8d0 273
dflet 0:400d8e75a8d0 274 /**
dflet 0:400d8e75a8d0 275 * \def POLARSSL_AES_ROM_TABLES
dflet 0:400d8e75a8d0 276 *
dflet 0:400d8e75a8d0 277 * Store the AES tables in ROM.
dflet 0:400d8e75a8d0 278 *
dflet 0:400d8e75a8d0 279 * Uncomment this macro to store the AES tables in ROM.
dflet 0:400d8e75a8d0 280 */
dflet 0:400d8e75a8d0 281 //#define POLARSSL_AES_ROM_TABLES
dflet 0:400d8e75a8d0 282
dflet 0:400d8e75a8d0 283 /**
dflet 0:400d8e75a8d0 284 * \def POLARSSL_CAMELLIA_SMALL_MEMORY
dflet 0:400d8e75a8d0 285 *
dflet 0:400d8e75a8d0 286 * Use less ROM for the Camellia implementation (saves about 768 bytes).
dflet 0:400d8e75a8d0 287 *
dflet 0:400d8e75a8d0 288 * Uncomment this macro to use less memory for Camellia.
dflet 0:400d8e75a8d0 289 */
dflet 0:400d8e75a8d0 290 //#define POLARSSL_CAMELLIA_SMALL_MEMORY
dflet 0:400d8e75a8d0 291
dflet 0:400d8e75a8d0 292 /**
dflet 0:400d8e75a8d0 293 * \def POLARSSL_CIPHER_MODE_CBC
dflet 0:400d8e75a8d0 294 *
dflet 0:400d8e75a8d0 295 * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
dflet 0:400d8e75a8d0 296 */
dflet 0:400d8e75a8d0 297 #define POLARSSL_CIPHER_MODE_CBC
dflet 0:400d8e75a8d0 298
dflet 0:400d8e75a8d0 299 /**
dflet 0:400d8e75a8d0 300 * \def POLARSSL_CIPHER_MODE_CFB
dflet 0:400d8e75a8d0 301 *
dflet 0:400d8e75a8d0 302 * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
dflet 0:400d8e75a8d0 303 */
dflet 0:400d8e75a8d0 304 #define POLARSSL_CIPHER_MODE_CFB
dflet 0:400d8e75a8d0 305
dflet 0:400d8e75a8d0 306 /**
dflet 0:400d8e75a8d0 307 * \def POLARSSL_CIPHER_MODE_CTR
dflet 0:400d8e75a8d0 308 *
dflet 0:400d8e75a8d0 309 * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
dflet 0:400d8e75a8d0 310 */
dflet 0:400d8e75a8d0 311 #define POLARSSL_CIPHER_MODE_CTR
dflet 0:400d8e75a8d0 312
dflet 0:400d8e75a8d0 313 /**
dflet 0:400d8e75a8d0 314 * \def POLARSSL_CIPHER_NULL_CIPHER
dflet 0:400d8e75a8d0 315 *
dflet 0:400d8e75a8d0 316 * Enable NULL cipher.
dflet 0:400d8e75a8d0 317 * Warning: Only do so when you know what you are doing. This allows for
dflet 0:400d8e75a8d0 318 * encryption or channels without any security!
dflet 0:400d8e75a8d0 319 *
dflet 0:400d8e75a8d0 320 * Requires POLARSSL_ENABLE_WEAK_CIPHERSUITES as well to enable
dflet 0:400d8e75a8d0 321 * the following ciphersuites:
dflet 0:400d8e75a8d0 322 * TLS_ECDH_ECDSA_WITH_NULL_SHA
dflet 0:400d8e75a8d0 323 * TLS_ECDH_RSA_WITH_NULL_SHA
dflet 0:400d8e75a8d0 324 * TLS_ECDHE_ECDSA_WITH_NULL_SHA
dflet 0:400d8e75a8d0 325 * TLS_ECDHE_RSA_WITH_NULL_SHA
dflet 0:400d8e75a8d0 326 * TLS_ECDHE_PSK_WITH_NULL_SHA384
dflet 0:400d8e75a8d0 327 * TLS_ECDHE_PSK_WITH_NULL_SHA256
dflet 0:400d8e75a8d0 328 * TLS_ECDHE_PSK_WITH_NULL_SHA
dflet 0:400d8e75a8d0 329 * TLS_DHE_PSK_WITH_NULL_SHA384
dflet 0:400d8e75a8d0 330 * TLS_DHE_PSK_WITH_NULL_SHA256
dflet 0:400d8e75a8d0 331 * TLS_DHE_PSK_WITH_NULL_SHA
dflet 0:400d8e75a8d0 332 * TLS_RSA_WITH_NULL_SHA256
dflet 0:400d8e75a8d0 333 * TLS_RSA_WITH_NULL_SHA
dflet 0:400d8e75a8d0 334 * TLS_RSA_WITH_NULL_MD5
dflet 0:400d8e75a8d0 335 * TLS_RSA_PSK_WITH_NULL_SHA384
dflet 0:400d8e75a8d0 336 * TLS_RSA_PSK_WITH_NULL_SHA256
dflet 0:400d8e75a8d0 337 * TLS_RSA_PSK_WITH_NULL_SHA
dflet 0:400d8e75a8d0 338 * TLS_PSK_WITH_NULL_SHA384
dflet 0:400d8e75a8d0 339 * TLS_PSK_WITH_NULL_SHA256
dflet 0:400d8e75a8d0 340 * TLS_PSK_WITH_NULL_SHA
dflet 0:400d8e75a8d0 341 *
dflet 0:400d8e75a8d0 342 * Uncomment this macro to enable the NULL cipher and ciphersuites
dflet 0:400d8e75a8d0 343 */
dflet 0:400d8e75a8d0 344 //#define POLARSSL_CIPHER_NULL_CIPHER
dflet 0:400d8e75a8d0 345
dflet 0:400d8e75a8d0 346 /**
dflet 0:400d8e75a8d0 347 * \def POLARSSL_CIPHER_PADDING_XXX
dflet 0:400d8e75a8d0 348 *
dflet 0:400d8e75a8d0 349 * Uncomment or comment macros to add support for specific padding modes
dflet 0:400d8e75a8d0 350 * in the cipher layer with cipher modes that support padding (e.g. CBC)
dflet 0:400d8e75a8d0 351 *
dflet 0:400d8e75a8d0 352 * If you disable all padding modes, only full blocks can be used with CBC.
dflet 0:400d8e75a8d0 353 *
dflet 0:400d8e75a8d0 354 * Enable padding modes in the cipher layer.
dflet 0:400d8e75a8d0 355 */
dflet 0:400d8e75a8d0 356 #define POLARSSL_CIPHER_PADDING_PKCS7
dflet 0:400d8e75a8d0 357 #define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS
dflet 0:400d8e75a8d0 358 #define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN
dflet 0:400d8e75a8d0 359 #define POLARSSL_CIPHER_PADDING_ZEROS
dflet 0:400d8e75a8d0 360
dflet 0:400d8e75a8d0 361 /**
dflet 0:400d8e75a8d0 362 * \def POLARSSL_ENABLE_WEAK_CIPHERSUITES
dflet 0:400d8e75a8d0 363 *
dflet 0:400d8e75a8d0 364 * Enable weak ciphersuites in SSL / TLS.
dflet 0:400d8e75a8d0 365 * Warning: Only do so when you know what you are doing. This allows for
dflet 0:400d8e75a8d0 366 * channels with virtually no security at all!
dflet 0:400d8e75a8d0 367 *
dflet 0:400d8e75a8d0 368 * This enables the following ciphersuites:
dflet 0:400d8e75a8d0 369 * TLS_RSA_WITH_DES_CBC_SHA
dflet 0:400d8e75a8d0 370 * TLS_DHE_RSA_WITH_DES_CBC_SHA
dflet 0:400d8e75a8d0 371 *
dflet 0:400d8e75a8d0 372 * Uncomment this macro to enable weak ciphersuites
dflet 0:400d8e75a8d0 373 */
dflet 0:400d8e75a8d0 374 //#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
dflet 0:400d8e75a8d0 375
dflet 0:400d8e75a8d0 376 /**
dflet 0:400d8e75a8d0 377 * \def POLARSSL_REMOVE_ARC4_CIPHERSUITES
dflet 0:400d8e75a8d0 378 *
dflet 0:400d8e75a8d0 379 * Remove RC4 ciphersuites by default in SSL / TLS.
dflet 0:400d8e75a8d0 380 * This flag removes the ciphersuites based on RC4 from the default list as
dflet 0:400d8e75a8d0 381 * returned by ssl_list_ciphersuites(). However, it is still possible to
dflet 0:400d8e75a8d0 382 * enable (some of) them with ssl_set_ciphersuites() by including them
dflet 0:400d8e75a8d0 383 * explicitly.
dflet 0:400d8e75a8d0 384 *
dflet 0:400d8e75a8d0 385 * Uncomment this macro to remove RC4 ciphersuites by default.
dflet 0:400d8e75a8d0 386 */
dflet 0:400d8e75a8d0 387 //#define POLARSSL_REMOVE_ARC4_CIPHERSUITES
dflet 0:400d8e75a8d0 388
dflet 0:400d8e75a8d0 389 /**
dflet 0:400d8e75a8d0 390 * \def POLARSSL_ECP_XXXX_ENABLED
dflet 0:400d8e75a8d0 391 *
dflet 0:400d8e75a8d0 392 * Enables specific curves within the Elliptic Curve module.
dflet 0:400d8e75a8d0 393 * By default all supported curves are enabled.
dflet 0:400d8e75a8d0 394 *
dflet 0:400d8e75a8d0 395 * Comment macros to disable the curve and functions for it
dflet 0:400d8e75a8d0 396 */
dflet 0:400d8e75a8d0 397 #define POLARSSL_ECP_DP_SECP192R1_ENABLED
dflet 0:400d8e75a8d0 398 #define POLARSSL_ECP_DP_SECP224R1_ENABLED
dflet 0:400d8e75a8d0 399 #define POLARSSL_ECP_DP_SECP256R1_ENABLED
dflet 0:400d8e75a8d0 400 #define POLARSSL_ECP_DP_SECP384R1_ENABLED
dflet 0:400d8e75a8d0 401 #define POLARSSL_ECP_DP_SECP521R1_ENABLED
dflet 0:400d8e75a8d0 402 #define POLARSSL_ECP_DP_SECP192K1_ENABLED
dflet 0:400d8e75a8d0 403 #define POLARSSL_ECP_DP_SECP224K1_ENABLED
dflet 0:400d8e75a8d0 404 #define POLARSSL_ECP_DP_SECP256K1_ENABLED
dflet 0:400d8e75a8d0 405 #define POLARSSL_ECP_DP_BP256R1_ENABLED
dflet 0:400d8e75a8d0 406 #define POLARSSL_ECP_DP_BP384R1_ENABLED
dflet 0:400d8e75a8d0 407 #define POLARSSL_ECP_DP_BP512R1_ENABLED
dflet 0:400d8e75a8d0 408 //#define POLARSSL_ECP_DP_M221_ENABLED // Not implemented yet!
dflet 0:400d8e75a8d0 409 #define POLARSSL_ECP_DP_M255_ENABLED
dflet 0:400d8e75a8d0 410 //#define POLARSSL_ECP_DP_M383_ENABLED // Not implemented yet!
dflet 0:400d8e75a8d0 411 //#define POLARSSL_ECP_DP_M511_ENABLED // Not implemented yet!
dflet 0:400d8e75a8d0 412
dflet 0:400d8e75a8d0 413 /**
dflet 0:400d8e75a8d0 414 * \def POLARSSL_ECP_NIST_OPTIM
dflet 0:400d8e75a8d0 415 *
dflet 0:400d8e75a8d0 416 * Enable specific 'modulo p' routines for each NIST prime.
dflet 0:400d8e75a8d0 417 * Depending on the prime and architecture, makes operations 4 to 8 times
dflet 0:400d8e75a8d0 418 * faster on the corresponding curve.
dflet 0:400d8e75a8d0 419 *
dflet 0:400d8e75a8d0 420 * Comment this macro to disable NIST curves optimisation.
dflet 0:400d8e75a8d0 421 */
dflet 0:400d8e75a8d0 422 #define POLARSSL_ECP_NIST_OPTIM
dflet 0:400d8e75a8d0 423
dflet 0:400d8e75a8d0 424 /**
dflet 0:400d8e75a8d0 425 * \def POLARSSL_ECDSA_DETERMINISTIC
dflet 0:400d8e75a8d0 426 *
dflet 0:400d8e75a8d0 427 * Enable deterministic ECDSA (RFC 6979).
dflet 0:400d8e75a8d0 428 * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
dflet 0:400d8e75a8d0 429 * may result in a compromise of the long-term signing key. This is avoided by
dflet 0:400d8e75a8d0 430 * the deterministic variant.
dflet 0:400d8e75a8d0 431 *
dflet 0:400d8e75a8d0 432 * Requires: POLARSSL_HMAC_DRBG_C
dflet 0:400d8e75a8d0 433 *
dflet 0:400d8e75a8d0 434 * Comment this macro to disable deterministic ECDSA.
dflet 0:400d8e75a8d0 435 */
dflet 0:400d8e75a8d0 436 #define POLARSSL_ECDSA_DETERMINISTIC
dflet 0:400d8e75a8d0 437
dflet 0:400d8e75a8d0 438 /**
dflet 0:400d8e75a8d0 439 * \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
dflet 0:400d8e75a8d0 440 *
dflet 0:400d8e75a8d0 441 * Enable the PSK based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 442 *
dflet 0:400d8e75a8d0 443 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 444 * enabled as well):
dflet 0:400d8e75a8d0 445 * TLS_PSK_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 446 * TLS_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 447 * TLS_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 448 * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 449 * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 450 * TLS_PSK_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 451 * TLS_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 452 * TLS_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 453 * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 454 * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 455 * TLS_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 456 * TLS_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 457 */
dflet 0:400d8e75a8d0 458 #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
dflet 0:400d8e75a8d0 459
dflet 0:400d8e75a8d0 460 /**
dflet 0:400d8e75a8d0 461 * \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
dflet 0:400d8e75a8d0 462 *
dflet 0:400d8e75a8d0 463 * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 464 *
dflet 0:400d8e75a8d0 465 * Requires: POLARSSL_DHM_C
dflet 0:400d8e75a8d0 466 *
dflet 0:400d8e75a8d0 467 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 468 * enabled as well):
dflet 0:400d8e75a8d0 469 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 470 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 471 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 472 * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 473 * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 474 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 475 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 476 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 477 * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 478 * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 479 * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 480 * TLS_DHE_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 481 */
dflet 0:400d8e75a8d0 482 #define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
dflet 0:400d8e75a8d0 483
dflet 0:400d8e75a8d0 484 /**
dflet 0:400d8e75a8d0 485 * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
dflet 0:400d8e75a8d0 486 *
dflet 0:400d8e75a8d0 487 * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 488 *
dflet 0:400d8e75a8d0 489 * Requires: POLARSSL_ECDH_C
dflet 0:400d8e75a8d0 490 *
dflet 0:400d8e75a8d0 491 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 492 * enabled as well):
dflet 0:400d8e75a8d0 493 * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 494 * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 495 * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 496 * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 497 * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 498 * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 499 * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 500 * TLS_ECDHE_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 501 */
dflet 0:400d8e75a8d0 502 #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
dflet 0:400d8e75a8d0 503
dflet 0:400d8e75a8d0 504 /**
dflet 0:400d8e75a8d0 505 * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
dflet 0:400d8e75a8d0 506 *
dflet 0:400d8e75a8d0 507 * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 508 *
dflet 0:400d8e75a8d0 509 * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
dflet 0:400d8e75a8d0 510 * POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 511 *
dflet 0:400d8e75a8d0 512 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 513 * enabled as well):
dflet 0:400d8e75a8d0 514 * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 515 * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 516 * TLS_RSA_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 517 * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 518 * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 519 * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 520 * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 521 * TLS_RSA_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 522 * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 523 * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 524 * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 525 * TLS_RSA_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 526 */
dflet 0:400d8e75a8d0 527 #define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
dflet 0:400d8e75a8d0 528
dflet 0:400d8e75a8d0 529 /**
dflet 0:400d8e75a8d0 530 * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED
dflet 0:400d8e75a8d0 531 *
dflet 0:400d8e75a8d0 532 * Enable the RSA-only based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 533 *
dflet 0:400d8e75a8d0 534 * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
dflet 0:400d8e75a8d0 535 * POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 536 *
dflet 0:400d8e75a8d0 537 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 538 * enabled as well):
dflet 0:400d8e75a8d0 539 * TLS_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 540 * TLS_RSA_WITH_AES_256_CBC_SHA256
dflet 0:400d8e75a8d0 541 * TLS_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 542 * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 543 * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
dflet 0:400d8e75a8d0 544 * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
dflet 0:400d8e75a8d0 545 * TLS_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 546 * TLS_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 547 * TLS_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 548 * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 549 * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 550 * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
dflet 0:400d8e75a8d0 551 * TLS_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 552 * TLS_RSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 553 * TLS_RSA_WITH_RC4_128_MD5
dflet 0:400d8e75a8d0 554 */
dflet 0:400d8e75a8d0 555 #define POLARSSL_KEY_EXCHANGE_RSA_ENABLED
dflet 0:400d8e75a8d0 556
dflet 0:400d8e75a8d0 557 /**
dflet 0:400d8e75a8d0 558 * \def POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
dflet 0:400d8e75a8d0 559 *
dflet 0:400d8e75a8d0 560 * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 561 *
dflet 0:400d8e75a8d0 562 * Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
dflet 0:400d8e75a8d0 563 * POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 564 *
dflet 0:400d8e75a8d0 565 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 566 * enabled as well):
dflet 0:400d8e75a8d0 567 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 568 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
dflet 0:400d8e75a8d0 569 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 570 * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 571 * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
dflet 0:400d8e75a8d0 572 * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
dflet 0:400d8e75a8d0 573 * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 574 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 575 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 576 * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 577 * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 578 * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
dflet 0:400d8e75a8d0 579 * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 580 */
dflet 0:400d8e75a8d0 581 #define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
dflet 0:400d8e75a8d0 582
dflet 0:400d8e75a8d0 583 /**
dflet 0:400d8e75a8d0 584 * \def POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
dflet 0:400d8e75a8d0 585 *
dflet 0:400d8e75a8d0 586 * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 587 *
dflet 0:400d8e75a8d0 588 * Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
dflet 0:400d8e75a8d0 589 * POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 590 *
dflet 0:400d8e75a8d0 591 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 592 * enabled as well):
dflet 0:400d8e75a8d0 593 * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 594 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 595 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 596 * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 597 * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 598 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 599 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 600 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 601 * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 602 * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 603 * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 604 * TLS_ECDHE_RSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 605 */
dflet 0:400d8e75a8d0 606 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
dflet 0:400d8e75a8d0 607
dflet 0:400d8e75a8d0 608 /**
dflet 0:400d8e75a8d0 609 * \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
dflet 0:400d8e75a8d0 610 *
dflet 0:400d8e75a8d0 611 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 612 *
dflet 0:400d8e75a8d0 613 * Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C,
dflet 0:400d8e75a8d0 614 *
dflet 0:400d8e75a8d0 615 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 616 * enabled as well):
dflet 0:400d8e75a8d0 617 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 618 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 619 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 620 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 621 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 622 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 623 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 624 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 625 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 626 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 627 * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 628 * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 629 */
dflet 0:400d8e75a8d0 630 #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
dflet 0:400d8e75a8d0 631
dflet 0:400d8e75a8d0 632 /**
dflet 0:400d8e75a8d0 633 * \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
dflet 0:400d8e75a8d0 634 *
dflet 0:400d8e75a8d0 635 * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 636 *
dflet 0:400d8e75a8d0 637 * Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 638 *
dflet 0:400d8e75a8d0 639 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 640 * enabled as well):
dflet 0:400d8e75a8d0 641 * TLS_ECDH_ECDSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 642 * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 643 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 644 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 645 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 646 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 647 * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 648 * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 649 * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 650 * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 651 * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 652 * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 653 */
dflet 0:400d8e75a8d0 654 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
dflet 0:400d8e75a8d0 655
dflet 0:400d8e75a8d0 656 /**
dflet 0:400d8e75a8d0 657 * \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
dflet 0:400d8e75a8d0 658 *
dflet 0:400d8e75a8d0 659 * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
dflet 0:400d8e75a8d0 660 *
dflet 0:400d8e75a8d0 661 * Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 662 *
dflet 0:400d8e75a8d0 663 * This enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 664 * enabled as well):
dflet 0:400d8e75a8d0 665 * TLS_ECDH_RSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 666 * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 667 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 668 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 669 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 670 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 671 * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 672 * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 673 * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 674 * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 675 * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 676 * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 677 */
dflet 0:400d8e75a8d0 678 #define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
dflet 0:400d8e75a8d0 679
dflet 0:400d8e75a8d0 680 /**
dflet 0:400d8e75a8d0 681 * \def POLARSSL_PK_PARSE_EC_EXTENDED
dflet 0:400d8e75a8d0 682 *
dflet 0:400d8e75a8d0 683 * Enhance support for reading EC keys using variants of SEC1 not allowed by
dflet 0:400d8e75a8d0 684 * RFC 5915 and RFC 5480.
dflet 0:400d8e75a8d0 685 *
dflet 0:400d8e75a8d0 686 * Currently this means parsing the SpecifiedECDomain choice of EC
dflet 0:400d8e75a8d0 687 * parameters (only known groups are supported, not arbitrary domains, to
dflet 0:400d8e75a8d0 688 * avoid validation issues).
dflet 0:400d8e75a8d0 689 *
dflet 0:400d8e75a8d0 690 * Disable if you only need to support RFC 5915 + 5480 key formats.
dflet 0:400d8e75a8d0 691 */
dflet 0:400d8e75a8d0 692 #define POLARSSL_PK_PARSE_EC_EXTENDED
dflet 0:400d8e75a8d0 693
dflet 0:400d8e75a8d0 694 /**
dflet 0:400d8e75a8d0 695 * \def POLARSSL_ERROR_STRERROR_BC
dflet 0:400d8e75a8d0 696 *
dflet 0:400d8e75a8d0 697 * Make available the backward compatible error_strerror() next to the
dflet 0:400d8e75a8d0 698 * current polarssl_strerror().
dflet 0:400d8e75a8d0 699 *
dflet 0:400d8e75a8d0 700 * \deprecated Do not define this and use polarssl_strerror() instead
dflet 0:400d8e75a8d0 701 *
dflet 0:400d8e75a8d0 702 * Disable if you want to really remove the error_strerror() name
dflet 0:400d8e75a8d0 703 */
dflet 0:400d8e75a8d0 704 #define POLARSSL_ERROR_STRERROR_BC
dflet 0:400d8e75a8d0 705
dflet 0:400d8e75a8d0 706 /**
dflet 0:400d8e75a8d0 707 * \def POLARSSL_ERROR_STRERROR_DUMMY
dflet 0:400d8e75a8d0 708 *
dflet 0:400d8e75a8d0 709 * Enable a dummy error function to make use of polarssl_strerror() in
dflet 0:400d8e75a8d0 710 * third party libraries easier when POLARSSL_ERROR_C is disabled
dflet 0:400d8e75a8d0 711 * (no effect when POLARSSL_ERROR_C is enabled).
dflet 0:400d8e75a8d0 712 *
dflet 0:400d8e75a8d0 713 * You can safely disable this if POLARSSL_ERROR_C is enabled, or if you're
dflet 0:400d8e75a8d0 714 * not using polarssl_strerror() or error_strerror() in your application.
dflet 0:400d8e75a8d0 715 *
dflet 0:400d8e75a8d0 716 * Disable if you run into name conflicts and want to really remove the
dflet 0:400d8e75a8d0 717 * polarssl_strerror()
dflet 0:400d8e75a8d0 718 */
dflet 0:400d8e75a8d0 719 #define POLARSSL_ERROR_STRERROR_DUMMY
dflet 0:400d8e75a8d0 720
dflet 0:400d8e75a8d0 721 /**
dflet 0:400d8e75a8d0 722 * \def POLARSSL_GENPRIME
dflet 0:400d8e75a8d0 723 *
dflet 0:400d8e75a8d0 724 * Enable the prime-number generation code.
dflet 0:400d8e75a8d0 725 *
dflet 0:400d8e75a8d0 726 * Requires: POLARSSL_BIGNUM_C
dflet 0:400d8e75a8d0 727 */
dflet 0:400d8e75a8d0 728 #define POLARSSL_GENPRIME
dflet 0:400d8e75a8d0 729
dflet 0:400d8e75a8d0 730 /**
dflet 0:400d8e75a8d0 731 * \def POLARSSL_FS_IO
dflet 0:400d8e75a8d0 732 *
dflet 0:400d8e75a8d0 733 * Enable functions that use the filesystem.
dflet 0:400d8e75a8d0 734 */
dflet 0:400d8e75a8d0 735 #define POLARSSL_FS_IO
dflet 0:400d8e75a8d0 736
dflet 0:400d8e75a8d0 737 /**
dflet 0:400d8e75a8d0 738 * \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
dflet 0:400d8e75a8d0 739 *
dflet 0:400d8e75a8d0 740 * Do not add default entropy sources. These are the platform specific,
dflet 0:400d8e75a8d0 741 * hardclock and HAVEGE based poll functions.
dflet 0:400d8e75a8d0 742 *
dflet 0:400d8e75a8d0 743 * This is useful to have more control over the added entropy sources in an
dflet 0:400d8e75a8d0 744 * application.
dflet 0:400d8e75a8d0 745 *
dflet 0:400d8e75a8d0 746 * Uncomment this macro to prevent loading of default entropy functions.
dflet 0:400d8e75a8d0 747 */
dflet 0:400d8e75a8d0 748 //#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
dflet 0:400d8e75a8d0 749
dflet 0:400d8e75a8d0 750 /**
dflet 0:400d8e75a8d0 751 * \def POLARSSL_NO_PLATFORM_ENTROPY
dflet 0:400d8e75a8d0 752 *
dflet 0:400d8e75a8d0 753 * Do not use built-in platform entropy functions.
dflet 0:400d8e75a8d0 754 * This is useful if your platform does not support
dflet 0:400d8e75a8d0 755 * standards like the /dev/urandom or Windows CryptoAPI.
dflet 0:400d8e75a8d0 756 *
dflet 0:400d8e75a8d0 757 * Uncomment this macro to disable the built-in platform entropy functions.
dflet 0:400d8e75a8d0 758 */
dflet 0:400d8e75a8d0 759 //#define POLARSSL_NO_PLATFORM_ENTROPY
dflet 0:400d8e75a8d0 760
dflet 0:400d8e75a8d0 761 /**
dflet 0:400d8e75a8d0 762 * \def POLARSSL_ENTROPY_FORCE_SHA256
dflet 0:400d8e75a8d0 763 *
dflet 0:400d8e75a8d0 764 * Force the entropy accumulator to use a SHA-256 accumulator instead of the
dflet 0:400d8e75a8d0 765 * default SHA-512 based one (if both are available).
dflet 0:400d8e75a8d0 766 *
dflet 0:400d8e75a8d0 767 * Requires: POLARSSL_SHA256_C
dflet 0:400d8e75a8d0 768 *
dflet 0:400d8e75a8d0 769 * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
dflet 0:400d8e75a8d0 770 * if you have performance concerns.
dflet 0:400d8e75a8d0 771 *
dflet 0:400d8e75a8d0 772 * This option is only useful if both POLARSSL_SHA256_C and
dflet 0:400d8e75a8d0 773 * POLARSSL_SHA512_C are defined. Otherwise the available hash module is used.
dflet 0:400d8e75a8d0 774 */
dflet 0:400d8e75a8d0 775 //#define POLARSSL_ENTROPY_FORCE_SHA256
dflet 0:400d8e75a8d0 776
dflet 0:400d8e75a8d0 777 /**
dflet 0:400d8e75a8d0 778 * \def POLARSSL_MEMORY_DEBUG
dflet 0:400d8e75a8d0 779 *
dflet 0:400d8e75a8d0 780 * Enable debugging of buffer allocator memory issues. Automatically prints
dflet 0:400d8e75a8d0 781 * (to stderr) all (fatal) messages on memory allocation issues. Enables
dflet 0:400d8e75a8d0 782 * function for 'debug output' of allocated memory.
dflet 0:400d8e75a8d0 783 *
dflet 0:400d8e75a8d0 784 * Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C
dflet 0:400d8e75a8d0 785 *
dflet 0:400d8e75a8d0 786 * Uncomment this macro to let the buffer allocator print out error messages.
dflet 0:400d8e75a8d0 787 */
dflet 0:400d8e75a8d0 788 //#define POLARSSL_MEMORY_DEBUG
dflet 0:400d8e75a8d0 789
dflet 0:400d8e75a8d0 790 /**
dflet 0:400d8e75a8d0 791 * \def POLARSSL_MEMORY_BACKTRACE
dflet 0:400d8e75a8d0 792 *
dflet 0:400d8e75a8d0 793 * Include backtrace information with each allocated block.
dflet 0:400d8e75a8d0 794 *
dflet 0:400d8e75a8d0 795 * Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C
dflet 0:400d8e75a8d0 796 * GLIBC-compatible backtrace() an backtrace_symbols() support
dflet 0:400d8e75a8d0 797 *
dflet 0:400d8e75a8d0 798 * Uncomment this macro to include backtrace information
dflet 0:400d8e75a8d0 799 */
dflet 0:400d8e75a8d0 800 //#define POLARSSL_MEMORY_BACKTRACE
dflet 0:400d8e75a8d0 801
dflet 0:400d8e75a8d0 802 /**
dflet 0:400d8e75a8d0 803 * \def POLARSSL_PKCS1_V15
dflet 0:400d8e75a8d0 804 *
dflet 0:400d8e75a8d0 805 * Enable support for PKCS#1 v1.5 encoding.
dflet 0:400d8e75a8d0 806 *
dflet 0:400d8e75a8d0 807 * Requires: POLARSSL_RSA_C
dflet 0:400d8e75a8d0 808 *
dflet 0:400d8e75a8d0 809 * This enables support for PKCS#1 v1.5 operations.
dflet 0:400d8e75a8d0 810 */
dflet 0:400d8e75a8d0 811 #define POLARSSL_PKCS1_V15
dflet 0:400d8e75a8d0 812
dflet 0:400d8e75a8d0 813 /**
dflet 0:400d8e75a8d0 814 * \def POLARSSL_PKCS1_V21
dflet 0:400d8e75a8d0 815 *
dflet 0:400d8e75a8d0 816 * Enable support for PKCS#1 v2.1 encoding.
dflet 0:400d8e75a8d0 817 *
dflet 0:400d8e75a8d0 818 * Requires: POLARSSL_MD_C, POLARSSL_RSA_C
dflet 0:400d8e75a8d0 819 *
dflet 0:400d8e75a8d0 820 * This enables support for RSAES-OAEP and RSASSA-PSS operations.
dflet 0:400d8e75a8d0 821 */
dflet 0:400d8e75a8d0 822 #define POLARSSL_PKCS1_V21
dflet 0:400d8e75a8d0 823
dflet 0:400d8e75a8d0 824 /**
dflet 0:400d8e75a8d0 825 * \def POLARSSL_RSA_NO_CRT
dflet 0:400d8e75a8d0 826 *
dflet 0:400d8e75a8d0 827 * Do not use the Chinese Remainder Theorem for the RSA private operation.
dflet 0:400d8e75a8d0 828 *
dflet 0:400d8e75a8d0 829 * Uncomment this macro to disable the use of CRT in RSA.
dflet 0:400d8e75a8d0 830 *
dflet 0:400d8e75a8d0 831 */
dflet 0:400d8e75a8d0 832 //#define POLARSSL_RSA_NO_CRT
dflet 0:400d8e75a8d0 833
dflet 0:400d8e75a8d0 834 /**
dflet 0:400d8e75a8d0 835 * \def POLARSSL_SELF_TEST
dflet 0:400d8e75a8d0 836 *
dflet 0:400d8e75a8d0 837 * Enable the checkup functions (*_self_test).
dflet 0:400d8e75a8d0 838 */
dflet 0:400d8e75a8d0 839 #define POLARSSL_SELF_TEST
dflet 0:400d8e75a8d0 840
dflet 0:400d8e75a8d0 841 /**
dflet 0:400d8e75a8d0 842 * \def POLARSSL_SSL_AEAD_RANDOM_IV
dflet 0:400d8e75a8d0 843 *
dflet 0:400d8e75a8d0 844 * Generate a random IV rather than using the record sequence number as a
dflet 0:400d8e75a8d0 845 * nonce for ciphersuites using and AEAD algorithm (GCM or CCM).
dflet 0:400d8e75a8d0 846 *
dflet 0:400d8e75a8d0 847 * Using the sequence number is generally recommended.
dflet 0:400d8e75a8d0 848 *
dflet 0:400d8e75a8d0 849 * Uncomment this macro to always use random IVs with AEAD ciphersuites.
dflet 0:400d8e75a8d0 850 */
dflet 0:400d8e75a8d0 851 //#define POLARSSL_SSL_AEAD_RANDOM_IV
dflet 0:400d8e75a8d0 852
dflet 0:400d8e75a8d0 853 /**
dflet 0:400d8e75a8d0 854 * \def POLARSSL_SSL_ALL_ALERT_MESSAGES
dflet 0:400d8e75a8d0 855 *
dflet 0:400d8e75a8d0 856 * Enable sending of alert messages in case of encountered errors as per RFC.
dflet 0:400d8e75a8d0 857 * If you choose not to send the alert messages, mbed TLS can still communicate
dflet 0:400d8e75a8d0 858 * with other servers, only debugging of failures is harder.
dflet 0:400d8e75a8d0 859 *
dflet 0:400d8e75a8d0 860 * The advantage of not sending alert messages, is that no information is given
dflet 0:400d8e75a8d0 861 * about reasons for failures thus preventing adversaries of gaining intel.
dflet 0:400d8e75a8d0 862 *
dflet 0:400d8e75a8d0 863 * Enable sending of all alert messages
dflet 0:400d8e75a8d0 864 */
dflet 0:400d8e75a8d0 865 #define POLARSSL_SSL_ALERT_MESSAGES
dflet 0:400d8e75a8d0 866
dflet 0:400d8e75a8d0 867 /**
dflet 0:400d8e75a8d0 868 * \def POLARSSL_SSL_DEBUG_ALL
dflet 0:400d8e75a8d0 869 *
dflet 0:400d8e75a8d0 870 * Enable the debug messages in SSL module for all issues.
dflet 0:400d8e75a8d0 871 * Debug messages have been disabled in some places to prevent timing
dflet 0:400d8e75a8d0 872 * attacks due to (unbalanced) debugging function calls.
dflet 0:400d8e75a8d0 873 *
dflet 0:400d8e75a8d0 874 * If you need all error reporting you should enable this during debugging,
dflet 0:400d8e75a8d0 875 * but remove this for production servers that should log as well.
dflet 0:400d8e75a8d0 876 *
dflet 0:400d8e75a8d0 877 * Uncomment this macro to report all debug messages on errors introducing
dflet 0:400d8e75a8d0 878 * a timing side-channel.
dflet 0:400d8e75a8d0 879 *
dflet 0:400d8e75a8d0 880 */
dflet 0:400d8e75a8d0 881 //#define POLARSSL_SSL_DEBUG_ALL
dflet 0:400d8e75a8d0 882
dflet 0:400d8e75a8d0 883 /** \def POLARSSL_SSL_ENCRYPT_THEN_MAC
dflet 0:400d8e75a8d0 884 *
dflet 0:400d8e75a8d0 885 * Enable support for Encrypt-then-MAC, RFC 7366.
dflet 0:400d8e75a8d0 886 *
dflet 0:400d8e75a8d0 887 * This allows peers that both support it to use a more robust protection for
dflet 0:400d8e75a8d0 888 * ciphersuites using CBC, providing deep resistance against timing attacks
dflet 0:400d8e75a8d0 889 * on the padding or underlying cipher.
dflet 0:400d8e75a8d0 890 *
dflet 0:400d8e75a8d0 891 * This only affects CBC ciphersuites, and is useless if none is defined.
dflet 0:400d8e75a8d0 892 *
dflet 0:400d8e75a8d0 893 * Requires: POLARSSL_SSL_PROTO_TLS1 or
dflet 0:400d8e75a8d0 894 * POLARSSL_SSL_PROTO_TLS1_1 or
dflet 0:400d8e75a8d0 895 * POLARSSL_SSL_PROTO_TLS1_2
dflet 0:400d8e75a8d0 896 *
dflet 0:400d8e75a8d0 897 * Comment this macro to disable support for Encrypt-then-MAC
dflet 0:400d8e75a8d0 898 */
dflet 0:400d8e75a8d0 899 #define POLARSSL_SSL_ENCRYPT_THEN_MAC
dflet 0:400d8e75a8d0 900
dflet 0:400d8e75a8d0 901 /** \def POLARSSL_SSL_EXTENDED_MASTER_SECRET
dflet 0:400d8e75a8d0 902 *
dflet 0:400d8e75a8d0 903 * Enable support for Extended Master Secret, aka Session Hash
dflet 0:400d8e75a8d0 904 * (draft-ietf-tls-session-hash-02).
dflet 0:400d8e75a8d0 905 *
dflet 0:400d8e75a8d0 906 * This was introduced as "the proper fix" to the Triple Handshake familiy of
dflet 0:400d8e75a8d0 907 * attacks, but it is recommended to always use it (even if you disable
dflet 0:400d8e75a8d0 908 * renegotiation), since it actually fixes a more fundamental issue in the
dflet 0:400d8e75a8d0 909 * original SSL/TLS design, and has implications beyond Triple Handshake.
dflet 0:400d8e75a8d0 910 *
dflet 0:400d8e75a8d0 911 * Requires: POLARSSL_SSL_PROTO_TLS1 or
dflet 0:400d8e75a8d0 912 * POLARSSL_SSL_PROTO_TLS1_1 or
dflet 0:400d8e75a8d0 913 * POLARSSL_SSL_PROTO_TLS1_2
dflet 0:400d8e75a8d0 914 *
dflet 0:400d8e75a8d0 915 * Comment this macro to disable support for Extended Master Secret.
dflet 0:400d8e75a8d0 916 */
dflet 0:400d8e75a8d0 917 #define POLARSSL_SSL_EXTENDED_MASTER_SECRET
dflet 0:400d8e75a8d0 918
dflet 0:400d8e75a8d0 919 /**
dflet 0:400d8e75a8d0 920 * \def POLARSSL_SSL_FALLBACK_SCSV
dflet 0:400d8e75a8d0 921 *
dflet 0:400d8e75a8d0 922 * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
dflet 0:400d8e75a8d0 923 *
dflet 0:400d8e75a8d0 924 * For servers, it is recommended to always enable this, unless you support
dflet 0:400d8e75a8d0 925 * only one version of TLS, or know for sure that none of your clients
dflet 0:400d8e75a8d0 926 * implements a fallback strategy.
dflet 0:400d8e75a8d0 927 *
dflet 0:400d8e75a8d0 928 * For clients, you only need this if you're using a fallback strategy, which
dflet 0:400d8e75a8d0 929 * is not recommended in the first place, unless you absolutely need it to
dflet 0:400d8e75a8d0 930 * interoperate with buggy (version-intolerant) servers.
dflet 0:400d8e75a8d0 931 *
dflet 0:400d8e75a8d0 932 * Comment this macro to disable support for FALLBACK_SCSV
dflet 0:400d8e75a8d0 933 */
dflet 0:400d8e75a8d0 934 #define POLARSSL_SSL_FALLBACK_SCSV
dflet 0:400d8e75a8d0 935
dflet 0:400d8e75a8d0 936 /**
dflet 0:400d8e75a8d0 937 * \def POLARSSL_SSL_HW_RECORD_ACCEL
dflet 0:400d8e75a8d0 938 *
dflet 0:400d8e75a8d0 939 * Enable hooking functions in SSL module for hardware acceleration of
dflet 0:400d8e75a8d0 940 * individual records.
dflet 0:400d8e75a8d0 941 *
dflet 0:400d8e75a8d0 942 * Uncomment this macro to enable hooking functions.
dflet 0:400d8e75a8d0 943 */
dflet 0:400d8e75a8d0 944 //#define POLARSSL_SSL_HW_RECORD_ACCEL
dflet 0:400d8e75a8d0 945
dflet 0:400d8e75a8d0 946 /**
dflet 0:400d8e75a8d0 947 * \def POLARSSL_SSL_CBC_RECORD_SPLITTING
dflet 0:400d8e75a8d0 948 *
dflet 0:400d8e75a8d0 949 * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
dflet 0:400d8e75a8d0 950 *
dflet 0:400d8e75a8d0 951 * This is a countermeasure to the BEAST attack, which also minimizes the risk
dflet 0:400d8e75a8d0 952 * of interoperability issues compared to sending 0-length records.
dflet 0:400d8e75a8d0 953 *
dflet 0:400d8e75a8d0 954 * Comment this macro to disable 1/n-1 record splitting.
dflet 0:400d8e75a8d0 955 */
dflet 0:400d8e75a8d0 956 #define POLARSSL_SSL_CBC_RECORD_SPLITTING
dflet 0:400d8e75a8d0 957
dflet 0:400d8e75a8d0 958 /**
dflet 0:400d8e75a8d0 959 * \def POLARSSL_SSL_DISABLE_RENEGOTIATION
dflet 0:400d8e75a8d0 960 *
dflet 0:400d8e75a8d0 961 * Disable support for TLS renegotiation.
dflet 0:400d8e75a8d0 962 *
dflet 0:400d8e75a8d0 963 * The two main uses of renegotiation are (1) refresh keys on long-lived
dflet 0:400d8e75a8d0 964 * connections and (2) client authentication after the initial handshake.
dflet 0:400d8e75a8d0 965 * If you don't need renegotiation, it's probably better to disable it, since
dflet 0:400d8e75a8d0 966 * it has been associated with security issues in the past and is easy to
dflet 0:400d8e75a8d0 967 * misuse/misunderstand.
dflet 0:400d8e75a8d0 968 *
dflet 0:400d8e75a8d0 969 * Warning: in the next stable branch, this switch will be replaced by
dflet 0:400d8e75a8d0 970 * POLARSSL_SSL_RENEGOTIATION to enable support for renegotiation.
dflet 0:400d8e75a8d0 971 *
dflet 0:400d8e75a8d0 972 * Uncomment this to disable support for renegotiation.
dflet 0:400d8e75a8d0 973 */
dflet 0:400d8e75a8d0 974 //#define POLARSSL_SSL_DISABLE_RENEGOTIATION
dflet 0:400d8e75a8d0 975
dflet 0:400d8e75a8d0 976 /**
dflet 0:400d8e75a8d0 977 * \def POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
dflet 0:400d8e75a8d0 978 *
dflet 0:400d8e75a8d0 979 * Enable support for receiving and parsing SSLv2 Client Hello messages for the
dflet 0:400d8e75a8d0 980 * SSL Server module (POLARSSL_SSL_SRV_C).
dflet 0:400d8e75a8d0 981 *
dflet 0:400d8e75a8d0 982 * Comment this macro to disable support for SSLv2 Client Hello messages.
dflet 0:400d8e75a8d0 983 */
dflet 0:400d8e75a8d0 984 #define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
dflet 0:400d8e75a8d0 985
dflet 0:400d8e75a8d0 986 /**
dflet 0:400d8e75a8d0 987 * \def POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE
dflet 0:400d8e75a8d0 988 *
dflet 0:400d8e75a8d0 989 * Pick the ciphersuite according to the client's preferences rather than ours
dflet 0:400d8e75a8d0 990 * in the SSL Server module (POLARSSL_SSL_SRV_C).
dflet 0:400d8e75a8d0 991 *
dflet 0:400d8e75a8d0 992 * Uncomment this macro to respect client's ciphersuite order
dflet 0:400d8e75a8d0 993 */
dflet 0:400d8e75a8d0 994 //#define POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE
dflet 0:400d8e75a8d0 995
dflet 0:400d8e75a8d0 996 /**
dflet 0:400d8e75a8d0 997 * \def POLARSSL_SSL_MAX_FRAGMENT_LENGTH
dflet 0:400d8e75a8d0 998 *
dflet 0:400d8e75a8d0 999 * Enable support for RFC 6066 max_fragment_length extension in SSL.
dflet 0:400d8e75a8d0 1000 *
dflet 0:400d8e75a8d0 1001 * Comment this macro to disable support for the max_fragment_length extension
dflet 0:400d8e75a8d0 1002 */
dflet 0:400d8e75a8d0 1003 #define POLARSSL_SSL_MAX_FRAGMENT_LENGTH
dflet 0:400d8e75a8d0 1004
dflet 0:400d8e75a8d0 1005 /**
dflet 0:400d8e75a8d0 1006 * \def POLARSSL_SSL_PROTO_SSL3
dflet 0:400d8e75a8d0 1007 *
dflet 0:400d8e75a8d0 1008 * Enable support for SSL 3.0.
dflet 0:400d8e75a8d0 1009 *
dflet 0:400d8e75a8d0 1010 * Requires: POLARSSL_MD5_C
dflet 0:400d8e75a8d0 1011 * POLARSSL_SHA1_C
dflet 0:400d8e75a8d0 1012 *
dflet 0:400d8e75a8d0 1013 * Comment this macro to disable support for SSL 3.0
dflet 0:400d8e75a8d0 1014 */
dflet 0:400d8e75a8d0 1015 #define POLARSSL_SSL_PROTO_SSL3
dflet 0:400d8e75a8d0 1016
dflet 0:400d8e75a8d0 1017 /**
dflet 0:400d8e75a8d0 1018 * \def POLARSSL_SSL_PROTO_TLS1
dflet 0:400d8e75a8d0 1019 *
dflet 0:400d8e75a8d0 1020 * Enable support for TLS 1.0.
dflet 0:400d8e75a8d0 1021 *
dflet 0:400d8e75a8d0 1022 * Requires: POLARSSL_MD5_C
dflet 0:400d8e75a8d0 1023 * POLARSSL_SHA1_C
dflet 0:400d8e75a8d0 1024 *
dflet 0:400d8e75a8d0 1025 * Comment this macro to disable support for TLS 1.0
dflet 0:400d8e75a8d0 1026 */
dflet 0:400d8e75a8d0 1027 #define POLARSSL_SSL_PROTO_TLS1
dflet 0:400d8e75a8d0 1028
dflet 0:400d8e75a8d0 1029 /**
dflet 0:400d8e75a8d0 1030 * \def POLARSSL_SSL_PROTO_TLS1_1
dflet 0:400d8e75a8d0 1031 *
dflet 0:400d8e75a8d0 1032 * Enable support for TLS 1.1.
dflet 0:400d8e75a8d0 1033 *
dflet 0:400d8e75a8d0 1034 * Requires: POLARSSL_MD5_C
dflet 0:400d8e75a8d0 1035 * POLARSSL_SHA1_C
dflet 0:400d8e75a8d0 1036 *
dflet 0:400d8e75a8d0 1037 * Comment this macro to disable support for TLS 1.1
dflet 0:400d8e75a8d0 1038 */
dflet 0:400d8e75a8d0 1039 #define POLARSSL_SSL_PROTO_TLS1_1
dflet 0:400d8e75a8d0 1040
dflet 0:400d8e75a8d0 1041 /**
dflet 0:400d8e75a8d0 1042 * \def POLARSSL_SSL_PROTO_TLS1_2
dflet 0:400d8e75a8d0 1043 *
dflet 0:400d8e75a8d0 1044 * Enable support for TLS 1.2.
dflet 0:400d8e75a8d0 1045 *
dflet 0:400d8e75a8d0 1046 * Requires: POLARSSL_SHA1_C or POLARSSL_SHA256_C or POLARSSL_SHA512_C
dflet 0:400d8e75a8d0 1047 * (Depends on ciphersuites)
dflet 0:400d8e75a8d0 1048 *
dflet 0:400d8e75a8d0 1049 * Comment this macro to disable support for TLS 1.2
dflet 0:400d8e75a8d0 1050 */
dflet 0:400d8e75a8d0 1051 #define POLARSSL_SSL_PROTO_TLS1_2
dflet 0:400d8e75a8d0 1052
dflet 0:400d8e75a8d0 1053 /**
dflet 0:400d8e75a8d0 1054 * \def POLARSSL_SSL_ALPN
dflet 0:400d8e75a8d0 1055 *
dflet 0:400d8e75a8d0 1056 * Enable support for RFC 7301 Application Layer Protocol Negotiation.
dflet 0:400d8e75a8d0 1057 *
dflet 0:400d8e75a8d0 1058 * Comment this macro to disable support for ALPN.
dflet 0:400d8e75a8d0 1059 */
dflet 0:400d8e75a8d0 1060 #define POLARSSL_SSL_ALPN
dflet 0:400d8e75a8d0 1061
dflet 0:400d8e75a8d0 1062 /**
dflet 0:400d8e75a8d0 1063 * \def POLARSSL_SSL_SESSION_TICKETS
dflet 0:400d8e75a8d0 1064 *
dflet 0:400d8e75a8d0 1065 * Enable support for RFC 5077 session tickets in SSL.
dflet 0:400d8e75a8d0 1066 *
dflet 0:400d8e75a8d0 1067 * Requires: POLARSSL_AES_C
dflet 0:400d8e75a8d0 1068 * POLARSSL_SHA256_C
dflet 0:400d8e75a8d0 1069 * POLARSSL_CIPHER_MODE_CBC
dflet 0:400d8e75a8d0 1070 *
dflet 0:400d8e75a8d0 1071 * Comment this macro to disable support for SSL session tickets
dflet 0:400d8e75a8d0 1072 */
dflet 0:400d8e75a8d0 1073 #define POLARSSL_SSL_SESSION_TICKETS
dflet 0:400d8e75a8d0 1074
dflet 0:400d8e75a8d0 1075 /**
dflet 0:400d8e75a8d0 1076 * \def POLARSSL_SSL_SERVER_NAME_INDICATION
dflet 0:400d8e75a8d0 1077 *
dflet 0:400d8e75a8d0 1078 * Enable support for RFC 6066 server name indication (SNI) in SSL.
dflet 0:400d8e75a8d0 1079 *
dflet 0:400d8e75a8d0 1080 * Requires: POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 1081 *
dflet 0:400d8e75a8d0 1082 * Comment this macro to disable support for server name indication in SSL
dflet 0:400d8e75a8d0 1083 */
dflet 0:400d8e75a8d0 1084 #define POLARSSL_SSL_SERVER_NAME_INDICATION
dflet 0:400d8e75a8d0 1085
dflet 0:400d8e75a8d0 1086 /**
dflet 0:400d8e75a8d0 1087 * \def POLARSSL_SSL_TRUNCATED_HMAC
dflet 0:400d8e75a8d0 1088 *
dflet 0:400d8e75a8d0 1089 * Enable support for RFC 6066 truncated HMAC in SSL.
dflet 0:400d8e75a8d0 1090 *
dflet 0:400d8e75a8d0 1091 * Comment this macro to disable support for truncated HMAC in SSL
dflet 0:400d8e75a8d0 1092 */
dflet 0:400d8e75a8d0 1093 #define POLARSSL_SSL_TRUNCATED_HMAC
dflet 0:400d8e75a8d0 1094
dflet 0:400d8e75a8d0 1095 /**
dflet 0:400d8e75a8d0 1096 * \def POLARSSL_SSL_SET_CURVES
dflet 0:400d8e75a8d0 1097 *
dflet 0:400d8e75a8d0 1098 * Enable ssl_set_curves().
dflet 0:400d8e75a8d0 1099 *
dflet 0:400d8e75a8d0 1100 * This is disabled by default since it breaks binary compatibility with the
dflet 0:400d8e75a8d0 1101 * 1.3.x line. If you choose to enable it, you will need to rebuild your
dflet 0:400d8e75a8d0 1102 * application against the new header files, relinking will not be enough.
dflet 0:400d8e75a8d0 1103 * It will be enabled by default, or no longer an option, in the 1.4 branch.
dflet 0:400d8e75a8d0 1104 *
dflet 0:400d8e75a8d0 1105 * Uncomment to make ssl_set_curves() available.
dflet 0:400d8e75a8d0 1106 */
dflet 0:400d8e75a8d0 1107 //#define POLARSSL_SSL_SET_CURVES
dflet 0:400d8e75a8d0 1108
dflet 0:400d8e75a8d0 1109 /**
dflet 0:400d8e75a8d0 1110 * \def POLARSSL_THREADING_ALT
dflet 0:400d8e75a8d0 1111 *
dflet 0:400d8e75a8d0 1112 * Provide your own alternate threading implementation.
dflet 0:400d8e75a8d0 1113 *
dflet 0:400d8e75a8d0 1114 * Requires: POLARSSL_THREADING_C
dflet 0:400d8e75a8d0 1115 *
dflet 0:400d8e75a8d0 1116 * Uncomment this to allow your own alternate threading implementation.
dflet 0:400d8e75a8d0 1117 */
dflet 0:400d8e75a8d0 1118 //#define POLARSSL_THREADING_ALT
dflet 0:400d8e75a8d0 1119
dflet 0:400d8e75a8d0 1120 /**
dflet 0:400d8e75a8d0 1121 * \def POLARSSL_THREADING_PTHREAD
dflet 0:400d8e75a8d0 1122 *
dflet 0:400d8e75a8d0 1123 * Enable the pthread wrapper layer for the threading layer.
dflet 0:400d8e75a8d0 1124 *
dflet 0:400d8e75a8d0 1125 * Requires: POLARSSL_THREADING_C
dflet 0:400d8e75a8d0 1126 *
dflet 0:400d8e75a8d0 1127 * Uncomment this to enable pthread mutexes.
dflet 0:400d8e75a8d0 1128 */
dflet 0:400d8e75a8d0 1129 //#define POLARSSL_THREADING_PTHREAD
dflet 0:400d8e75a8d0 1130
dflet 0:400d8e75a8d0 1131 /**
dflet 0:400d8e75a8d0 1132 * \def POLARSSL_VERSION_FEATURES
dflet 0:400d8e75a8d0 1133 *
dflet 0:400d8e75a8d0 1134 * Allow run-time checking of compile-time enabled features. Thus allowing users
dflet 0:400d8e75a8d0 1135 * to check at run-time if the library is for instance compiled with threading
dflet 0:400d8e75a8d0 1136 * support via version_check_feature().
dflet 0:400d8e75a8d0 1137 *
dflet 0:400d8e75a8d0 1138 * Requires: POLARSSL_VERSION_C
dflet 0:400d8e75a8d0 1139 *
dflet 0:400d8e75a8d0 1140 * Comment this to disable run-time checking and save ROM space
dflet 0:400d8e75a8d0 1141 */
dflet 0:400d8e75a8d0 1142 #define POLARSSL_VERSION_FEATURES
dflet 0:400d8e75a8d0 1143
dflet 0:400d8e75a8d0 1144 /**
dflet 0:400d8e75a8d0 1145 * \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
dflet 0:400d8e75a8d0 1146 *
dflet 0:400d8e75a8d0 1147 * If set, the X509 parser will not break-off when parsing an X509 certificate
dflet 0:400d8e75a8d0 1148 * and encountering an extension in a v1 or v2 certificate.
dflet 0:400d8e75a8d0 1149 *
dflet 0:400d8e75a8d0 1150 * Uncomment to prevent an error.
dflet 0:400d8e75a8d0 1151 */
dflet 0:400d8e75a8d0 1152 //#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
dflet 0:400d8e75a8d0 1153
dflet 0:400d8e75a8d0 1154 /**
dflet 0:400d8e75a8d0 1155 * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
dflet 0:400d8e75a8d0 1156 *
dflet 0:400d8e75a8d0 1157 * If set, the X509 parser will not break-off when parsing an X509 certificate
dflet 0:400d8e75a8d0 1158 * and encountering an unknown critical extension.
dflet 0:400d8e75a8d0 1159 *
dflet 0:400d8e75a8d0 1160 * Uncomment to prevent an error.
dflet 0:400d8e75a8d0 1161 */
dflet 0:400d8e75a8d0 1162 //#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
dflet 0:400d8e75a8d0 1163
dflet 0:400d8e75a8d0 1164 /**
dflet 0:400d8e75a8d0 1165 * \def POLARSSL_X509_CHECK_KEY_USAGE
dflet 0:400d8e75a8d0 1166 *
dflet 0:400d8e75a8d0 1167 * Enable verification of the keyUsage extension (CA and leaf certificates).
dflet 0:400d8e75a8d0 1168 *
dflet 0:400d8e75a8d0 1169 * Disabling this avoids problems with mis-issued and/or misused
dflet 0:400d8e75a8d0 1170 * (intermediate) CA and leaf certificates.
dflet 0:400d8e75a8d0 1171 *
dflet 0:400d8e75a8d0 1172 * \warning Depending on your PKI use, disabling this can be a security risk!
dflet 0:400d8e75a8d0 1173 *
dflet 0:400d8e75a8d0 1174 * Comment to skip keyUsage checking for both CA and leaf certificates.
dflet 0:400d8e75a8d0 1175 */
dflet 0:400d8e75a8d0 1176 #define POLARSSL_X509_CHECK_KEY_USAGE
dflet 0:400d8e75a8d0 1177
dflet 0:400d8e75a8d0 1178 /**
dflet 0:400d8e75a8d0 1179 * \def POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
dflet 0:400d8e75a8d0 1180 *
dflet 0:400d8e75a8d0 1181 * Enable verification of the extendedKeyUsage extension (leaf certificates).
dflet 0:400d8e75a8d0 1182 *
dflet 0:400d8e75a8d0 1183 * Disabling this avoids problems with mis-issued and/or misused certificates.
dflet 0:400d8e75a8d0 1184 *
dflet 0:400d8e75a8d0 1185 * \warning Depending on your PKI use, disabling this can be a security risk!
dflet 0:400d8e75a8d0 1186 *
dflet 0:400d8e75a8d0 1187 * Comment to skip extendedKeyUsage checking for certificates.
dflet 0:400d8e75a8d0 1188 */
dflet 0:400d8e75a8d0 1189 #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
dflet 0:400d8e75a8d0 1190
dflet 0:400d8e75a8d0 1191 /**
dflet 0:400d8e75a8d0 1192 * \def POLARSSL_X509_RSASSA_PSS_SUPPORT
dflet 0:400d8e75a8d0 1193 *
dflet 0:400d8e75a8d0 1194 * Enable parsing and verification of X.509 certificates, CRLs and CSRS
dflet 0:400d8e75a8d0 1195 * signed with RSASSA-PSS (aka PKCS#1 v2.1).
dflet 0:400d8e75a8d0 1196 *
dflet 0:400d8e75a8d0 1197 * Comment this macro to disallow using RSASSA-PSS in certificates.
dflet 0:400d8e75a8d0 1198 */
dflet 0:400d8e75a8d0 1199 #define POLARSSL_X509_RSASSA_PSS_SUPPORT
dflet 0:400d8e75a8d0 1200
dflet 0:400d8e75a8d0 1201 /**
dflet 0:400d8e75a8d0 1202 * \def POLARSSL_ZLIB_SUPPORT
dflet 0:400d8e75a8d0 1203 *
dflet 0:400d8e75a8d0 1204 * If set, the SSL/TLS module uses ZLIB to support compression and
dflet 0:400d8e75a8d0 1205 * decompression of packet data.
dflet 0:400d8e75a8d0 1206 *
dflet 0:400d8e75a8d0 1207 * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
dflet 0:400d8e75a8d0 1208 * CRIME attack. Before enabling this option, you should examine with care if
dflet 0:400d8e75a8d0 1209 * CRIME or similar exploits may be a applicable to your use case.
dflet 0:400d8e75a8d0 1210 *
dflet 0:400d8e75a8d0 1211 * Used in: library/ssl_tls.c
dflet 0:400d8e75a8d0 1212 * library/ssl_cli.c
dflet 0:400d8e75a8d0 1213 * library/ssl_srv.c
dflet 0:400d8e75a8d0 1214 *
dflet 0:400d8e75a8d0 1215 * This feature requires zlib library and headers to be present.
dflet 0:400d8e75a8d0 1216 *
dflet 0:400d8e75a8d0 1217 * Uncomment to enable use of ZLIB
dflet 0:400d8e75a8d0 1218 */
dflet 0:400d8e75a8d0 1219 //#define POLARSSL_ZLIB_SUPPORT
dflet 0:400d8e75a8d0 1220 /* \} name SECTION: mbed TLS feature support */
dflet 0:400d8e75a8d0 1221
dflet 0:400d8e75a8d0 1222 /**
dflet 0:400d8e75a8d0 1223 * \name SECTION: mbed TLS modules
dflet 0:400d8e75a8d0 1224 *
dflet 0:400d8e75a8d0 1225 * This section enables or disables entire modules in mbed TLS
dflet 0:400d8e75a8d0 1226 * \{
dflet 0:400d8e75a8d0 1227 */
dflet 0:400d8e75a8d0 1228
dflet 0:400d8e75a8d0 1229 /**
dflet 0:400d8e75a8d0 1230 * \def POLARSSL_AESNI_C
dflet 0:400d8e75a8d0 1231 *
dflet 0:400d8e75a8d0 1232 * Enable AES-NI support on x86-64.
dflet 0:400d8e75a8d0 1233 *
dflet 0:400d8e75a8d0 1234 * Module: library/aesni.c
dflet 0:400d8e75a8d0 1235 * Caller: library/aes.c
dflet 0:400d8e75a8d0 1236 *
dflet 0:400d8e75a8d0 1237 * Requires: POLARSSL_HAVE_ASM
dflet 0:400d8e75a8d0 1238 *
dflet 0:400d8e75a8d0 1239 * This modules adds support for the AES-NI instructions on x86-64
dflet 0:400d8e75a8d0 1240 */
dflet 0:400d8e75a8d0 1241 #define POLARSSL_AESNI_C
dflet 0:400d8e75a8d0 1242
dflet 0:400d8e75a8d0 1243 /**
dflet 0:400d8e75a8d0 1244 * \def POLARSSL_AES_C
dflet 0:400d8e75a8d0 1245 *
dflet 0:400d8e75a8d0 1246 * Enable the AES block cipher.
dflet 0:400d8e75a8d0 1247 *
dflet 0:400d8e75a8d0 1248 * Module: library/aes.c
dflet 0:400d8e75a8d0 1249 * Caller: library/ssl_tls.c
dflet 0:400d8e75a8d0 1250 * library/pem.c
dflet 0:400d8e75a8d0 1251 * library/ctr_drbg.c
dflet 0:400d8e75a8d0 1252 *
dflet 0:400d8e75a8d0 1253 * This module enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 1254 * enabled as well):
dflet 0:400d8e75a8d0 1255 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1256 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1257 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1258 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1259 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1260 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1261 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1262 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1263 * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1264 * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1265 * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1266 * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1267 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1268 * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1269 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1270 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1271 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1272 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
dflet 0:400d8e75a8d0 1273 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1274 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1275 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1276 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1277 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1278 * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1279 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1280 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1281 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1282 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1283 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1284 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1285 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1286 * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1287 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1288 * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1289 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1290 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1291 * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1292 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1293 * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1294 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1295 * TLS_RSA_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1296 * TLS_RSA_WITH_AES_256_CBC_SHA256
dflet 0:400d8e75a8d0 1297 * TLS_RSA_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1298 * TLS_RSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1299 * TLS_RSA_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1300 * TLS_RSA_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1301 * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1302 * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1303 * TLS_RSA_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1304 * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1305 * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1306 * TLS_RSA_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1307 * TLS_PSK_WITH_AES_256_GCM_SHA384
dflet 0:400d8e75a8d0 1308 * TLS_PSK_WITH_AES_256_CBC_SHA384
dflet 0:400d8e75a8d0 1309 * TLS_PSK_WITH_AES_256_CBC_SHA
dflet 0:400d8e75a8d0 1310 * TLS_PSK_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 1311 * TLS_PSK_WITH_AES_128_CBC_SHA256
dflet 0:400d8e75a8d0 1312 * TLS_PSK_WITH_AES_128_CBC_SHA
dflet 0:400d8e75a8d0 1313 *
dflet 0:400d8e75a8d0 1314 * PEM_PARSE uses AES for decrypting encrypted keys.
dflet 0:400d8e75a8d0 1315 */
dflet 0:400d8e75a8d0 1316 #define POLARSSL_AES_C
dflet 0:400d8e75a8d0 1317
dflet 0:400d8e75a8d0 1318 /**
dflet 0:400d8e75a8d0 1319 * \def POLARSSL_ARC4_C
dflet 0:400d8e75a8d0 1320 *
dflet 0:400d8e75a8d0 1321 * Enable the ARCFOUR stream cipher.
dflet 0:400d8e75a8d0 1322 *
dflet 0:400d8e75a8d0 1323 * Module: library/arc4.c
dflet 0:400d8e75a8d0 1324 * Caller: library/ssl_tls.c
dflet 0:400d8e75a8d0 1325 *
dflet 0:400d8e75a8d0 1326 * This module enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 1327 * enabled as well):
dflet 0:400d8e75a8d0 1328 * TLS_ECDH_ECDSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1329 * TLS_ECDH_RSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1330 * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1331 * TLS_ECDHE_RSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1332 * TLS_ECDHE_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1333 * TLS_DHE_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1334 * TLS_RSA_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1335 * TLS_RSA_WITH_RC4_128_MD5
dflet 0:400d8e75a8d0 1336 * TLS_RSA_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1337 * TLS_PSK_WITH_RC4_128_SHA
dflet 0:400d8e75a8d0 1338 */
dflet 0:400d8e75a8d0 1339 #define POLARSSL_ARC4_C
dflet 0:400d8e75a8d0 1340
dflet 0:400d8e75a8d0 1341 /**
dflet 0:400d8e75a8d0 1342 * \def POLARSSL_ASN1_PARSE_C
dflet 0:400d8e75a8d0 1343 *
dflet 0:400d8e75a8d0 1344 * Enable the generic ASN1 parser.
dflet 0:400d8e75a8d0 1345 *
dflet 0:400d8e75a8d0 1346 * Module: library/asn1.c
dflet 0:400d8e75a8d0 1347 * Caller: library/x509.c
dflet 0:400d8e75a8d0 1348 * library/dhm.c
dflet 0:400d8e75a8d0 1349 * library/pkcs12.c
dflet 0:400d8e75a8d0 1350 * library/pkcs5.c
dflet 0:400d8e75a8d0 1351 * library/pkparse.c
dflet 0:400d8e75a8d0 1352 */
dflet 0:400d8e75a8d0 1353 #define POLARSSL_ASN1_PARSE_C
dflet 0:400d8e75a8d0 1354
dflet 0:400d8e75a8d0 1355 /**
dflet 0:400d8e75a8d0 1356 * \def POLARSSL_ASN1_WRITE_C
dflet 0:400d8e75a8d0 1357 *
dflet 0:400d8e75a8d0 1358 * Enable the generic ASN1 writer.
dflet 0:400d8e75a8d0 1359 *
dflet 0:400d8e75a8d0 1360 * Module: library/asn1write.c
dflet 0:400d8e75a8d0 1361 * Caller: library/ecdsa.c
dflet 0:400d8e75a8d0 1362 * library/pkwrite.c
dflet 0:400d8e75a8d0 1363 * library/x509_create.c
dflet 0:400d8e75a8d0 1364 * library/x509write_crt.c
dflet 0:400d8e75a8d0 1365 * library/x509write_csr.c
dflet 0:400d8e75a8d0 1366 */
dflet 0:400d8e75a8d0 1367 #define POLARSSL_ASN1_WRITE_C
dflet 0:400d8e75a8d0 1368
dflet 0:400d8e75a8d0 1369 /**
dflet 0:400d8e75a8d0 1370 * \def POLARSSL_BASE64_C
dflet 0:400d8e75a8d0 1371 *
dflet 0:400d8e75a8d0 1372 * Enable the Base64 module.
dflet 0:400d8e75a8d0 1373 *
dflet 0:400d8e75a8d0 1374 * Module: library/base64.c
dflet 0:400d8e75a8d0 1375 * Caller: library/pem.c
dflet 0:400d8e75a8d0 1376 *
dflet 0:400d8e75a8d0 1377 * This module is required for PEM support (required by X.509).
dflet 0:400d8e75a8d0 1378 */
dflet 0:400d8e75a8d0 1379 #define POLARSSL_BASE64_C
dflet 0:400d8e75a8d0 1380
dflet 0:400d8e75a8d0 1381 /**
dflet 0:400d8e75a8d0 1382 * \def POLARSSL_BIGNUM_C
dflet 0:400d8e75a8d0 1383 *
dflet 0:400d8e75a8d0 1384 * Enable the multi-precision integer library.
dflet 0:400d8e75a8d0 1385 *
dflet 0:400d8e75a8d0 1386 * Module: library/bignum.c
dflet 0:400d8e75a8d0 1387 * Caller: library/dhm.c
dflet 0:400d8e75a8d0 1388 * library/ecp.c
dflet 0:400d8e75a8d0 1389 * library/ecdsa.c
dflet 0:400d8e75a8d0 1390 * library/rsa.c
dflet 0:400d8e75a8d0 1391 * library/ssl_tls.c
dflet 0:400d8e75a8d0 1392 *
dflet 0:400d8e75a8d0 1393 * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
dflet 0:400d8e75a8d0 1394 */
dflet 0:400d8e75a8d0 1395 #define POLARSSL_BIGNUM_C
dflet 0:400d8e75a8d0 1396
dflet 0:400d8e75a8d0 1397 /**
dflet 0:400d8e75a8d0 1398 * \def POLARSSL_BLOWFISH_C
dflet 0:400d8e75a8d0 1399 *
dflet 0:400d8e75a8d0 1400 * Enable the Blowfish block cipher.
dflet 0:400d8e75a8d0 1401 *
dflet 0:400d8e75a8d0 1402 * Module: library/blowfish.c
dflet 0:400d8e75a8d0 1403 */
dflet 0:400d8e75a8d0 1404 #define POLARSSL_BLOWFISH_C
dflet 0:400d8e75a8d0 1405
dflet 0:400d8e75a8d0 1406 /**
dflet 0:400d8e75a8d0 1407 * \def POLARSSL_CAMELLIA_C
dflet 0:400d8e75a8d0 1408 *
dflet 0:400d8e75a8d0 1409 * Enable the Camellia block cipher.
dflet 0:400d8e75a8d0 1410 *
dflet 0:400d8e75a8d0 1411 * Module: library/camellia.c
dflet 0:400d8e75a8d0 1412 * Caller: library/ssl_tls.c
dflet 0:400d8e75a8d0 1413 *
dflet 0:400d8e75a8d0 1414 * This module enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 1415 * enabled as well):
dflet 0:400d8e75a8d0 1416 * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1417 * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1418 * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1419 * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1420 * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1421 * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1422 * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1423 * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1424 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1425 * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1426 * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1427 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1428 * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1429 * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
dflet 0:400d8e75a8d0 1430 * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
dflet 0:400d8e75a8d0 1431 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1432 * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1433 * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1434 * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1435 * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1436 * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1437 * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
dflet 0:400d8e75a8d0 1438 * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1439 * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1440 * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1441 * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1442 * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1443 * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1444 * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1445 * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
dflet 0:400d8e75a8d0 1446 * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
dflet 0:400d8e75a8d0 1447 * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1448 * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1449 * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
dflet 0:400d8e75a8d0 1450 * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1451 * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1452 * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1453 * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1454 * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
dflet 0:400d8e75a8d0 1455 * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
dflet 0:400d8e75a8d0 1456 * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
dflet 0:400d8e75a8d0 1457 * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
dflet 0:400d8e75a8d0 1458 */
dflet 0:400d8e75a8d0 1459 #define POLARSSL_CAMELLIA_C
dflet 0:400d8e75a8d0 1460
dflet 0:400d8e75a8d0 1461 /**
dflet 0:400d8e75a8d0 1462 * \def POLARSSL_CCM_C
dflet 0:400d8e75a8d0 1463 *
dflet 0:400d8e75a8d0 1464 * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
dflet 0:400d8e75a8d0 1465 *
dflet 0:400d8e75a8d0 1466 * Module: library/ccm.c
dflet 0:400d8e75a8d0 1467 *
dflet 0:400d8e75a8d0 1468 * Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C
dflet 0:400d8e75a8d0 1469 *
dflet 0:400d8e75a8d0 1470 * This module enables the AES-CCM ciphersuites, if other requisites are
dflet 0:400d8e75a8d0 1471 * enabled as well.
dflet 0:400d8e75a8d0 1472 */
dflet 0:400d8e75a8d0 1473 #define POLARSSL_CCM_C
dflet 0:400d8e75a8d0 1474
dflet 0:400d8e75a8d0 1475 /**
dflet 0:400d8e75a8d0 1476 * \def POLARSSL_CERTS_C
dflet 0:400d8e75a8d0 1477 *
dflet 0:400d8e75a8d0 1478 * Enable the test certificates.
dflet 0:400d8e75a8d0 1479 *
dflet 0:400d8e75a8d0 1480 * Module: library/certs.c
dflet 0:400d8e75a8d0 1481 * Caller:
dflet 0:400d8e75a8d0 1482 *
dflet 0:400d8e75a8d0 1483 * Requires: POLARSSL_PEM_PARSE_C
dflet 0:400d8e75a8d0 1484 *
dflet 0:400d8e75a8d0 1485 * This module is used for testing (ssl_client/server).
dflet 0:400d8e75a8d0 1486 */
dflet 0:400d8e75a8d0 1487 #define POLARSSL_CERTS_C
dflet 0:400d8e75a8d0 1488
dflet 0:400d8e75a8d0 1489 /**
dflet 0:400d8e75a8d0 1490 * \def POLARSSL_CIPHER_C
dflet 0:400d8e75a8d0 1491 *
dflet 0:400d8e75a8d0 1492 * Enable the generic cipher layer.
dflet 0:400d8e75a8d0 1493 *
dflet 0:400d8e75a8d0 1494 * Module: library/cipher.c
dflet 0:400d8e75a8d0 1495 * Caller: library/ssl_tls.c
dflet 0:400d8e75a8d0 1496 *
dflet 0:400d8e75a8d0 1497 * Uncomment to enable generic cipher wrappers.
dflet 0:400d8e75a8d0 1498 */
dflet 0:400d8e75a8d0 1499 #define POLARSSL_CIPHER_C
dflet 0:400d8e75a8d0 1500
dflet 0:400d8e75a8d0 1501 /**
dflet 0:400d8e75a8d0 1502 * \def POLARSSL_CTR_DRBG_C
dflet 0:400d8e75a8d0 1503 *
dflet 0:400d8e75a8d0 1504 * Enable the CTR_DRBG AES-256-based random generator.
dflet 0:400d8e75a8d0 1505 *
dflet 0:400d8e75a8d0 1506 * Module: library/ctr_drbg.c
dflet 0:400d8e75a8d0 1507 * Caller:
dflet 0:400d8e75a8d0 1508 *
dflet 0:400d8e75a8d0 1509 * Requires: POLARSSL_AES_C
dflet 0:400d8e75a8d0 1510 *
dflet 0:400d8e75a8d0 1511 * This module provides the CTR_DRBG AES-256 random number generator.
dflet 0:400d8e75a8d0 1512 */
dflet 0:400d8e75a8d0 1513 #define POLARSSL_CTR_DRBG_C
dflet 0:400d8e75a8d0 1514
dflet 0:400d8e75a8d0 1515 /**
dflet 0:400d8e75a8d0 1516 * \def POLARSSL_DEBUG_C
dflet 0:400d8e75a8d0 1517 *
dflet 0:400d8e75a8d0 1518 * Enable the debug functions.
dflet 0:400d8e75a8d0 1519 *
dflet 0:400d8e75a8d0 1520 * Module: library/debug.c
dflet 0:400d8e75a8d0 1521 * Caller: library/ssl_cli.c
dflet 0:400d8e75a8d0 1522 * library/ssl_srv.c
dflet 0:400d8e75a8d0 1523 * library/ssl_tls.c
dflet 0:400d8e75a8d0 1524 *
dflet 0:400d8e75a8d0 1525 * This module provides debugging functions.
dflet 0:400d8e75a8d0 1526 */
dflet 0:400d8e75a8d0 1527 #define POLARSSL_DEBUG_C
dflet 0:400d8e75a8d0 1528
dflet 0:400d8e75a8d0 1529 /**
dflet 0:400d8e75a8d0 1530 * \def POLARSSL_DES_C
dflet 0:400d8e75a8d0 1531 *
dflet 0:400d8e75a8d0 1532 * Enable the DES block cipher.
dflet 0:400d8e75a8d0 1533 *
dflet 0:400d8e75a8d0 1534 * Module: library/des.c
dflet 0:400d8e75a8d0 1535 * Caller: library/pem.c
dflet 0:400d8e75a8d0 1536 * library/ssl_tls.c
dflet 0:400d8e75a8d0 1537 *
dflet 0:400d8e75a8d0 1538 * This module enables the following ciphersuites (if other requisites are
dflet 0:400d8e75a8d0 1539 * enabled as well):
dflet 0:400d8e75a8d0 1540 * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1541 * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1542 * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1543 * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1544 * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1545 * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1546 * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1547 * TLS_RSA_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1548 * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1549 * TLS_PSK_WITH_3DES_EDE_CBC_SHA
dflet 0:400d8e75a8d0 1550 *
dflet 0:400d8e75a8d0 1551 * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
dflet 0:400d8e75a8d0 1552 */
dflet 0:400d8e75a8d0 1553 #define POLARSSL_DES_C
dflet 0:400d8e75a8d0 1554
dflet 0:400d8e75a8d0 1555 /**
dflet 0:400d8e75a8d0 1556 * \def POLARSSL_DHM_C
dflet 0:400d8e75a8d0 1557 *
dflet 0:400d8e75a8d0 1558 * Enable the Diffie-Hellman-Merkle module.
dflet 0:400d8e75a8d0 1559 *
dflet 0:400d8e75a8d0 1560 * Module: library/dhm.c
dflet 0:400d8e75a8d0 1561 * Caller: library/ssl_cli.c
dflet 0:400d8e75a8d0 1562 * library/ssl_srv.c
dflet 0:400d8e75a8d0 1563 *
dflet 0:400d8e75a8d0 1564 * This module is used by the following key exchanges:
dflet 0:400d8e75a8d0 1565 * DHE-RSA, DHE-PSK
dflet 0:400d8e75a8d0 1566 */
dflet 0:400d8e75a8d0 1567 #define POLARSSL_DHM_C
dflet 0:400d8e75a8d0 1568
dflet 0:400d8e75a8d0 1569 /**
dflet 0:400d8e75a8d0 1570 * \def POLARSSL_ECDH_C
dflet 0:400d8e75a8d0 1571 *
dflet 0:400d8e75a8d0 1572 * Enable the elliptic curve Diffie-Hellman library.
dflet 0:400d8e75a8d0 1573 *
dflet 0:400d8e75a8d0 1574 * Module: library/ecdh.c
dflet 0:400d8e75a8d0 1575 * Caller: library/ssl_cli.c
dflet 0:400d8e75a8d0 1576 * library/ssl_srv.c
dflet 0:400d8e75a8d0 1577 *
dflet 0:400d8e75a8d0 1578 * This module is used by the following key exchanges:
dflet 0:400d8e75a8d0 1579 * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
dflet 0:400d8e75a8d0 1580 *
dflet 0:400d8e75a8d0 1581 * Requires: POLARSSL_ECP_C
dflet 0:400d8e75a8d0 1582 */
dflet 0:400d8e75a8d0 1583 #define POLARSSL_ECDH_C
dflet 0:400d8e75a8d0 1584
dflet 0:400d8e75a8d0 1585 /**
dflet 0:400d8e75a8d0 1586 * \def POLARSSL_ECDSA_C
dflet 0:400d8e75a8d0 1587 *
dflet 0:400d8e75a8d0 1588 * Enable the elliptic curve DSA library.
dflet 0:400d8e75a8d0 1589 *
dflet 0:400d8e75a8d0 1590 * Module: library/ecdsa.c
dflet 0:400d8e75a8d0 1591 * Caller:
dflet 0:400d8e75a8d0 1592 *
dflet 0:400d8e75a8d0 1593 * This module is used by the following key exchanges:
dflet 0:400d8e75a8d0 1594 * ECDHE-ECDSA
dflet 0:400d8e75a8d0 1595 *
dflet 0:400d8e75a8d0 1596 * Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
dflet 0:400d8e75a8d0 1597 */
dflet 0:400d8e75a8d0 1598 #define POLARSSL_ECDSA_C
dflet 0:400d8e75a8d0 1599
dflet 0:400d8e75a8d0 1600 /**
dflet 0:400d8e75a8d0 1601 * \def POLARSSL_ECP_C
dflet 0:400d8e75a8d0 1602 *
dflet 0:400d8e75a8d0 1603 * Enable the elliptic curve over GF(p) library.
dflet 0:400d8e75a8d0 1604 *
dflet 0:400d8e75a8d0 1605 * Module: library/ecp.c
dflet 0:400d8e75a8d0 1606 * Caller: library/ecdh.c
dflet 0:400d8e75a8d0 1607 * library/ecdsa.c
dflet 0:400d8e75a8d0 1608 *
dflet 0:400d8e75a8d0 1609 * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
dflet 0:400d8e75a8d0 1610 */
dflet 0:400d8e75a8d0 1611 #define POLARSSL_ECP_C
dflet 0:400d8e75a8d0 1612
dflet 0:400d8e75a8d0 1613 /**
dflet 0:400d8e75a8d0 1614 * \def POLARSSL_ENTROPY_C
dflet 0:400d8e75a8d0 1615 *
dflet 0:400d8e75a8d0 1616 * Enable the platform-specific entropy code.
dflet 0:400d8e75a8d0 1617 *
dflet 0:400d8e75a8d0 1618 * Module: library/entropy.c
dflet 0:400d8e75a8d0 1619 * Caller:
dflet 0:400d8e75a8d0 1620 *
dflet 0:400d8e75a8d0 1621 * Requires: POLARSSL_SHA512_C or POLARSSL_SHA256_C
dflet 0:400d8e75a8d0 1622 *
dflet 0:400d8e75a8d0 1623 * This module provides a generic entropy pool
dflet 0:400d8e75a8d0 1624 */
dflet 0:400d8e75a8d0 1625 #define POLARSSL_ENTROPY_C
dflet 0:400d8e75a8d0 1626
dflet 0:400d8e75a8d0 1627 /**
dflet 0:400d8e75a8d0 1628 * \def POLARSSL_ERROR_C
dflet 0:400d8e75a8d0 1629 *
dflet 0:400d8e75a8d0 1630 * Enable error code to error string conversion.
dflet 0:400d8e75a8d0 1631 *
dflet 0:400d8e75a8d0 1632 * Module: library/error.c
dflet 0:400d8e75a8d0 1633 * Caller:
dflet 0:400d8e75a8d0 1634 *
dflet 0:400d8e75a8d0 1635 * This module enables polarssl_strerror().
dflet 0:400d8e75a8d0 1636 */
dflet 0:400d8e75a8d0 1637 #define POLARSSL_ERROR_C
dflet 0:400d8e75a8d0 1638
dflet 0:400d8e75a8d0 1639 /**
dflet 0:400d8e75a8d0 1640 * \def POLARSSL_GCM_C
dflet 0:400d8e75a8d0 1641 *
dflet 0:400d8e75a8d0 1642 * Enable the Galois/Counter Mode (GCM) for AES.
dflet 0:400d8e75a8d0 1643 *
dflet 0:400d8e75a8d0 1644 * Module: library/gcm.c
dflet 0:400d8e75a8d0 1645 *
dflet 0:400d8e75a8d0 1646 * Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C
dflet 0:400d8e75a8d0 1647 *
dflet 0:400d8e75a8d0 1648 * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
dflet 0:400d8e75a8d0 1649 * requisites are enabled as well.
dflet 0:400d8e75a8d0 1650 */
dflet 0:400d8e75a8d0 1651 #define POLARSSL_GCM_C
dflet 0:400d8e75a8d0 1652
dflet 0:400d8e75a8d0 1653 /**
dflet 0:400d8e75a8d0 1654 * \def POLARSSL_HAVEGE_C
dflet 0:400d8e75a8d0 1655 *
dflet 0:400d8e75a8d0 1656 * Enable the HAVEGE random generator.
dflet 0:400d8e75a8d0 1657 *
dflet 0:400d8e75a8d0 1658 * Warning: the HAVEGE random generator is not suitable for virtualized
dflet 0:400d8e75a8d0 1659 * environments
dflet 0:400d8e75a8d0 1660 *
dflet 0:400d8e75a8d0 1661 * Warning: the HAVEGE random generator is dependent on timing and specific
dflet 0:400d8e75a8d0 1662 * processor traits. It is therefore not advised to use HAVEGE as
dflet 0:400d8e75a8d0 1663 * your applications primary random generator or primary entropy pool
dflet 0:400d8e75a8d0 1664 * input. As a secondary input to your entropy pool, it IS able add
dflet 0:400d8e75a8d0 1665 * the (limited) extra entropy it provides.
dflet 0:400d8e75a8d0 1666 *
dflet 0:400d8e75a8d0 1667 * Module: library/havege.c
dflet 0:400d8e75a8d0 1668 * Caller:
dflet 0:400d8e75a8d0 1669 *
dflet 0:400d8e75a8d0 1670 * Requires: POLARSSL_TIMING_C
dflet 0:400d8e75a8d0 1671 *
dflet 0:400d8e75a8d0 1672 * Uncomment to enable the HAVEGE random generator.
dflet 0:400d8e75a8d0 1673 */
dflet 0:400d8e75a8d0 1674 //#define POLARSSL_HAVEGE_C
dflet 0:400d8e75a8d0 1675
dflet 0:400d8e75a8d0 1676 /**
dflet 0:400d8e75a8d0 1677 * \def POLARSSL_HMAC_DRBG_C
dflet 0:400d8e75a8d0 1678 *
dflet 0:400d8e75a8d0 1679 * Enable the HMAC_DRBG random generator.
dflet 0:400d8e75a8d0 1680 *
dflet 0:400d8e75a8d0 1681 * Module: library/hmac_drbg.c
dflet 0:400d8e75a8d0 1682 * Caller:
dflet 0:400d8e75a8d0 1683 *
dflet 0:400d8e75a8d0 1684 * Requires: POLARSSL_MD_C
dflet 0:400d8e75a8d0 1685 *
dflet 0:400d8e75a8d0 1686 * Uncomment to enable the HMAC_DRBG random number geerator.
dflet 0:400d8e75a8d0 1687 */
dflet 0:400d8e75a8d0 1688 #define POLARSSL_HMAC_DRBG_C
dflet 0:400d8e75a8d0 1689
dflet 0:400d8e75a8d0 1690 /**
dflet 0:400d8e75a8d0 1691 * \def POLARSSL_MD_C
dflet 0:400d8e75a8d0 1692 *
dflet 0:400d8e75a8d0 1693 * Enable the generic message digest layer.
dflet 0:400d8e75a8d0 1694 *
dflet 0:400d8e75a8d0 1695 * Module: library/md.c
dflet 0:400d8e75a8d0 1696 * Caller:
dflet 0:400d8e75a8d0 1697 *
dflet 0:400d8e75a8d0 1698 * Uncomment to enable generic message digest wrappers.
dflet 0:400d8e75a8d0 1699 */
dflet 0:400d8e75a8d0 1700 #define POLARSSL_MD_C
dflet 0:400d8e75a8d0 1701
dflet 0:400d8e75a8d0 1702 /**
dflet 0:400d8e75a8d0 1703 * \def POLARSSL_MD2_C
dflet 0:400d8e75a8d0 1704 *
dflet 0:400d8e75a8d0 1705 * Enable the MD2 hash algorithm.
dflet 0:400d8e75a8d0 1706 *
dflet 0:400d8e75a8d0 1707 * Module: library/md2.c
dflet 0:400d8e75a8d0 1708 * Caller:
dflet 0:400d8e75a8d0 1709 *
dflet 0:400d8e75a8d0 1710 * Uncomment to enable support for (rare) MD2-signed X.509 certs.
dflet 0:400d8e75a8d0 1711 */
dflet 0:400d8e75a8d0 1712 //#define POLARSSL_MD2_C
dflet 0:400d8e75a8d0 1713
dflet 0:400d8e75a8d0 1714 /**
dflet 0:400d8e75a8d0 1715 * \def POLARSSL_MD4_C
dflet 0:400d8e75a8d0 1716 *
dflet 0:400d8e75a8d0 1717 * Enable the MD4 hash algorithm.
dflet 0:400d8e75a8d0 1718 *
dflet 0:400d8e75a8d0 1719 * Module: library/md4.c
dflet 0:400d8e75a8d0 1720 * Caller:
dflet 0:400d8e75a8d0 1721 *
dflet 0:400d8e75a8d0 1722 * Uncomment to enable support for (rare) MD4-signed X.509 certs.
dflet 0:400d8e75a8d0 1723 */
dflet 0:400d8e75a8d0 1724 //#define POLARSSL_MD4_C
dflet 0:400d8e75a8d0 1725
dflet 0:400d8e75a8d0 1726 /**
dflet 0:400d8e75a8d0 1727 * \def POLARSSL_MD5_C
dflet 0:400d8e75a8d0 1728 *
dflet 0:400d8e75a8d0 1729 * Enable the MD5 hash algorithm.
dflet 0:400d8e75a8d0 1730 *
dflet 0:400d8e75a8d0 1731 * Module: library/md5.c
dflet 0:400d8e75a8d0 1732 * Caller: library/md.c
dflet 0:400d8e75a8d0 1733 * library/pem.c
dflet 0:400d8e75a8d0 1734 * library/ssl_tls.c
dflet 0:400d8e75a8d0 1735 *
dflet 0:400d8e75a8d0 1736 * This module is required for SSL/TLS and X.509.
dflet 0:400d8e75a8d0 1737 * PEM_PARSE uses MD5 for decrypting encrypted keys.
dflet 0:400d8e75a8d0 1738 */
dflet 0:400d8e75a8d0 1739 #define POLARSSL_MD5_C
dflet 0:400d8e75a8d0 1740
dflet 0:400d8e75a8d0 1741 /**
dflet 0:400d8e75a8d0 1742 * \def POLARSSL_MEMORY_C
dflet 0:400d8e75a8d0 1743 *
dflet 0:400d8e75a8d0 1744 * \deprecated Use POLARSSL_PLATFORM_MEMORY instead.
dflet 0:400d8e75a8d0 1745 *
dflet 0:400d8e75a8d0 1746 * Depends on: POLARSSL_PLATFORM_C
dflet 0:400d8e75a8d0 1747 */
dflet 0:400d8e75a8d0 1748 //#define POLARSSL_MEMORY_C
dflet 0:400d8e75a8d0 1749
dflet 0:400d8e75a8d0 1750 /**
dflet 0:400d8e75a8d0 1751 * \def POLARSSL_MEMORY_BUFFER_ALLOC_C
dflet 0:400d8e75a8d0 1752 *
dflet 0:400d8e75a8d0 1753 * Enable the buffer allocator implementation that makes use of a (stack)
dflet 0:400d8e75a8d0 1754 * based buffer to 'allocate' dynamic memory. (replaces malloc() and free()
dflet 0:400d8e75a8d0 1755 * calls)
dflet 0:400d8e75a8d0 1756 *
dflet 0:400d8e75a8d0 1757 * Module: library/memory_buffer_alloc.c
dflet 0:400d8e75a8d0 1758 *
dflet 0:400d8e75a8d0 1759 * Requires: POLARSSL_PLATFORM_C
dflet 0:400d8e75a8d0 1760 * POLARSSL_PLATFORM_MEMORY (to use it within mbed TLS)
dflet 0:400d8e75a8d0 1761 *
dflet 0:400d8e75a8d0 1762 * Enable this module to enable the buffer memory allocator.
dflet 0:400d8e75a8d0 1763 */
dflet 0:400d8e75a8d0 1764 //#define POLARSSL_MEMORY_BUFFER_ALLOC_C
dflet 0:400d8e75a8d0 1765
dflet 0:400d8e75a8d0 1766 /**
dflet 0:400d8e75a8d0 1767 * \def POLARSSL_NET_C
dflet 0:400d8e75a8d0 1768 *
dflet 0:400d8e75a8d0 1769 * Enable the TCP/IP networking routines.
dflet 0:400d8e75a8d0 1770 *
dflet 0:400d8e75a8d0 1771 * \warning As of 1.3.11, it is deprecated to enable this module without
dflet 0:400d8e75a8d0 1772 * POLARSSL_HAVE_IPV6. The alternative legacy code will be removed in 2.0.
dflet 0:400d8e75a8d0 1773 *
dflet 0:400d8e75a8d0 1774 * Module: library/net.c
dflet 0:400d8e75a8d0 1775 *
dflet 0:400d8e75a8d0 1776 * This module provides TCP/IP networking routines.
dflet 0:400d8e75a8d0 1777 */
dflet 0:400d8e75a8d0 1778 #define POLARSSL_NET_C
dflet 0:400d8e75a8d0 1779
dflet 0:400d8e75a8d0 1780 /**
dflet 0:400d8e75a8d0 1781 * \def POLARSSL_OID_C
dflet 0:400d8e75a8d0 1782 *
dflet 0:400d8e75a8d0 1783 * Enable the OID database.
dflet 0:400d8e75a8d0 1784 *
dflet 0:400d8e75a8d0 1785 * Module: library/oid.c
dflet 0:400d8e75a8d0 1786 * Caller: library/asn1write.c
dflet 0:400d8e75a8d0 1787 * library/pkcs5.c
dflet 0:400d8e75a8d0 1788 * library/pkparse.c
dflet 0:400d8e75a8d0 1789 * library/pkwrite.c
dflet 0:400d8e75a8d0 1790 * library/rsa.c
dflet 0:400d8e75a8d0 1791 * library/x509.c
dflet 0:400d8e75a8d0 1792 * library/x509_create.c
dflet 0:400d8e75a8d0 1793 * library/x509_crl.c
dflet 0:400d8e75a8d0 1794 * library/x509_crt.c
dflet 0:400d8e75a8d0 1795 * library/x509_csr.c
dflet 0:400d8e75a8d0 1796 * library/x509write_crt.c
dflet 0:400d8e75a8d0 1797 * library/x509write_csr.c
dflet 0:400d8e75a8d0 1798 *
dflet 0:400d8e75a8d0 1799 * This modules translates between OIDs and internal values.
dflet 0:400d8e75a8d0 1800 */
dflet 0:400d8e75a8d0 1801 #define POLARSSL_OID_C
dflet 0:400d8e75a8d0 1802
dflet 0:400d8e75a8d0 1803 /**
dflet 0:400d8e75a8d0 1804 * \def POLARSSL_PADLOCK_C
dflet 0:400d8e75a8d0 1805 *
dflet 0:400d8e75a8d0 1806 * Enable VIA Padlock support on x86.
dflet 0:400d8e75a8d0 1807 *
dflet 0:400d8e75a8d0 1808 * Module: library/padlock.c
dflet 0:400d8e75a8d0 1809 * Caller: library/aes.c
dflet 0:400d8e75a8d0 1810 *
dflet 0:400d8e75a8d0 1811 * Requires: POLARSSL_HAVE_ASM
dflet 0:400d8e75a8d0 1812 *
dflet 0:400d8e75a8d0 1813 * This modules adds support for the VIA PadLock on x86.
dflet 0:400d8e75a8d0 1814 */
dflet 0:400d8e75a8d0 1815 #define POLARSSL_PADLOCK_C
dflet 0:400d8e75a8d0 1816
dflet 0:400d8e75a8d0 1817 /**
dflet 0:400d8e75a8d0 1818 * \def POLARSSL_PBKDF2_C
dflet 0:400d8e75a8d0 1819 *
dflet 0:400d8e75a8d0 1820 * Enable PKCS#5 PBKDF2 key derivation function.
dflet 0:400d8e75a8d0 1821 *
dflet 0:400d8e75a8d0 1822 * \deprecated Use POLARSSL_PKCS5_C instead
dflet 0:400d8e75a8d0 1823 *
dflet 0:400d8e75a8d0 1824 * Module: library/pbkdf2.c
dflet 0:400d8e75a8d0 1825 *
dflet 0:400d8e75a8d0 1826 * Requires: POLARSSL_PKCS5_C
dflet 0:400d8e75a8d0 1827 *
dflet 0:400d8e75a8d0 1828 * This module adds support for the PKCS#5 PBKDF2 key derivation function.
dflet 0:400d8e75a8d0 1829 */
dflet 0:400d8e75a8d0 1830 #define POLARSSL_PBKDF2_C
dflet 0:400d8e75a8d0 1831
dflet 0:400d8e75a8d0 1832 /**
dflet 0:400d8e75a8d0 1833 * \def POLARSSL_PEM_PARSE_C
dflet 0:400d8e75a8d0 1834 *
dflet 0:400d8e75a8d0 1835 * Enable PEM decoding / parsing.
dflet 0:400d8e75a8d0 1836 *
dflet 0:400d8e75a8d0 1837 * Module: library/pem.c
dflet 0:400d8e75a8d0 1838 * Caller: library/dhm.c
dflet 0:400d8e75a8d0 1839 * library/pkparse.c
dflet 0:400d8e75a8d0 1840 * library/x509_crl.c
dflet 0:400d8e75a8d0 1841 * library/x509_crt.c
dflet 0:400d8e75a8d0 1842 * library/x509_csr.c
dflet 0:400d8e75a8d0 1843 *
dflet 0:400d8e75a8d0 1844 * Requires: POLARSSL_BASE64_C
dflet 0:400d8e75a8d0 1845 *
dflet 0:400d8e75a8d0 1846 * This modules adds support for decoding / parsing PEM files.
dflet 0:400d8e75a8d0 1847 */
dflet 0:400d8e75a8d0 1848 #define POLARSSL_PEM_PARSE_C
dflet 0:400d8e75a8d0 1849
dflet 0:400d8e75a8d0 1850 /**
dflet 0:400d8e75a8d0 1851 * \def POLARSSL_PEM_WRITE_C
dflet 0:400d8e75a8d0 1852 *
dflet 0:400d8e75a8d0 1853 * Enable PEM encoding / writing.
dflet 0:400d8e75a8d0 1854 *
dflet 0:400d8e75a8d0 1855 * Module: library/pem.c
dflet 0:400d8e75a8d0 1856 * Caller: library/pkwrite.c
dflet 0:400d8e75a8d0 1857 * library/x509write_crt.c
dflet 0:400d8e75a8d0 1858 * library/x509write_csr.c
dflet 0:400d8e75a8d0 1859 *
dflet 0:400d8e75a8d0 1860 * Requires: POLARSSL_BASE64_C
dflet 0:400d8e75a8d0 1861 *
dflet 0:400d8e75a8d0 1862 * This modules adds support for encoding / writing PEM files.
dflet 0:400d8e75a8d0 1863 */
dflet 0:400d8e75a8d0 1864 #define POLARSSL_PEM_WRITE_C
dflet 0:400d8e75a8d0 1865
dflet 0:400d8e75a8d0 1866 /**
dflet 0:400d8e75a8d0 1867 * \def POLARSSL_PK_C
dflet 0:400d8e75a8d0 1868 *
dflet 0:400d8e75a8d0 1869 * Enable the generic public (asymetric) key layer.
dflet 0:400d8e75a8d0 1870 *
dflet 0:400d8e75a8d0 1871 * Module: library/pk.c
dflet 0:400d8e75a8d0 1872 * Caller: library/ssl_tls.c
dflet 0:400d8e75a8d0 1873 * library/ssl_cli.c
dflet 0:400d8e75a8d0 1874 * library/ssl_srv.c
dflet 0:400d8e75a8d0 1875 *
dflet 0:400d8e75a8d0 1876 * Requires: POLARSSL_RSA_C or POLARSSL_ECP_C
dflet 0:400d8e75a8d0 1877 *
dflet 0:400d8e75a8d0 1878 * Uncomment to enable generic public key wrappers.
dflet 0:400d8e75a8d0 1879 */
dflet 0:400d8e75a8d0 1880 #define POLARSSL_PK_C
dflet 0:400d8e75a8d0 1881
dflet 0:400d8e75a8d0 1882 /**
dflet 0:400d8e75a8d0 1883 * \def POLARSSL_PK_PARSE_C
dflet 0:400d8e75a8d0 1884 *
dflet 0:400d8e75a8d0 1885 * Enable the generic public (asymetric) key parser.
dflet 0:400d8e75a8d0 1886 *
dflet 0:400d8e75a8d0 1887 * Module: library/pkparse.c
dflet 0:400d8e75a8d0 1888 * Caller: library/x509_crt.c
dflet 0:400d8e75a8d0 1889 * library/x509_csr.c
dflet 0:400d8e75a8d0 1890 *
dflet 0:400d8e75a8d0 1891 * Requires: POLARSSL_PK_C
dflet 0:400d8e75a8d0 1892 *
dflet 0:400d8e75a8d0 1893 * Uncomment to enable generic public key parse functions.
dflet 0:400d8e75a8d0 1894 */
dflet 0:400d8e75a8d0 1895 #define POLARSSL_PK_PARSE_C
dflet 0:400d8e75a8d0 1896
dflet 0:400d8e75a8d0 1897 /**
dflet 0:400d8e75a8d0 1898 * \def POLARSSL_PK_WRITE_C
dflet 0:400d8e75a8d0 1899 *
dflet 0:400d8e75a8d0 1900 * Enable the generic public (asymetric) key writer.
dflet 0:400d8e75a8d0 1901 *
dflet 0:400d8e75a8d0 1902 * Module: library/pkwrite.c
dflet 0:400d8e75a8d0 1903 * Caller: library/x509write.c
dflet 0:400d8e75a8d0 1904 *
dflet 0:400d8e75a8d0 1905 * Requires: POLARSSL_PK_C
dflet 0:400d8e75a8d0 1906 *
dflet 0:400d8e75a8d0 1907 * Uncomment to enable generic public key write functions.
dflet 0:400d8e75a8d0 1908 */
dflet 0:400d8e75a8d0 1909 #define POLARSSL_PK_WRITE_C
dflet 0:400d8e75a8d0 1910
dflet 0:400d8e75a8d0 1911 /**
dflet 0:400d8e75a8d0 1912 * \def POLARSSL_PKCS5_C
dflet 0:400d8e75a8d0 1913 *
dflet 0:400d8e75a8d0 1914 * Enable PKCS#5 functions.
dflet 0:400d8e75a8d0 1915 *
dflet 0:400d8e75a8d0 1916 * Module: library/pkcs5.c
dflet 0:400d8e75a8d0 1917 *
dflet 0:400d8e75a8d0 1918 * Requires: POLARSSL_MD_C
dflet 0:400d8e75a8d0 1919 *
dflet 0:400d8e75a8d0 1920 * This module adds support for the PKCS#5 functions.
dflet 0:400d8e75a8d0 1921 */
dflet 0:400d8e75a8d0 1922 #define POLARSSL_PKCS5_C
dflet 0:400d8e75a8d0 1923
dflet 0:400d8e75a8d0 1924 /**
dflet 0:400d8e75a8d0 1925 * \def POLARSSL_PKCS11_C
dflet 0:400d8e75a8d0 1926 *
dflet 0:400d8e75a8d0 1927 * Enable wrapper for PKCS#11 smartcard support.
dflet 0:400d8e75a8d0 1928 *
dflet 0:400d8e75a8d0 1929 * Module: library/pkcs11.c
dflet 0:400d8e75a8d0 1930 * Caller: library/pk.c
dflet 0:400d8e75a8d0 1931 *
dflet 0:400d8e75a8d0 1932 * Requires: POLARSSL_PK_C
dflet 0:400d8e75a8d0 1933 *
dflet 0:400d8e75a8d0 1934 * This module enables SSL/TLS PKCS #11 smartcard support.
dflet 0:400d8e75a8d0 1935 * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
dflet 0:400d8e75a8d0 1936 */
dflet 0:400d8e75a8d0 1937 //#define POLARSSL_PKCS11_C
dflet 0:400d8e75a8d0 1938
dflet 0:400d8e75a8d0 1939 /**
dflet 0:400d8e75a8d0 1940 * \def POLARSSL_PKCS12_C
dflet 0:400d8e75a8d0 1941 *
dflet 0:400d8e75a8d0 1942 * Enable PKCS#12 PBE functions.
dflet 0:400d8e75a8d0 1943 * Adds algorithms for parsing PKCS#8 encrypted private keys
dflet 0:400d8e75a8d0 1944 *
dflet 0:400d8e75a8d0 1945 * Module: library/pkcs12.c
dflet 0:400d8e75a8d0 1946 * Caller: library/pkparse.c
dflet 0:400d8e75a8d0 1947 *
dflet 0:400d8e75a8d0 1948 * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_CIPHER_C, POLARSSL_MD_C
dflet 0:400d8e75a8d0 1949 * Can use: POLARSSL_ARC4_C
dflet 0:400d8e75a8d0 1950 *
dflet 0:400d8e75a8d0 1951 * This module enables PKCS#12 functions.
dflet 0:400d8e75a8d0 1952 */
dflet 0:400d8e75a8d0 1953 #define POLARSSL_PKCS12_C
dflet 0:400d8e75a8d0 1954
dflet 0:400d8e75a8d0 1955 /**
dflet 0:400d8e75a8d0 1956 * \def POLARSSL_PLATFORM_C
dflet 0:400d8e75a8d0 1957 *
dflet 0:400d8e75a8d0 1958 * Enable the platform abstraction layer that allows you to re-assign
dflet 0:400d8e75a8d0 1959 * functions like malloc(), free(), snprintf(), printf(), fprintf(), exit()
dflet 0:400d8e75a8d0 1960 *
dflet 0:400d8e75a8d0 1961 * Enabling POLARSSL_PLATFORM_C enables to use of POLARSSL_PLATFORM_XXX_ALT
dflet 0:400d8e75a8d0 1962 * or POLARSSL_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
dflet 0:400d8e75a8d0 1963 * above to be specified at runtime or compile time respectively.
dflet 0:400d8e75a8d0 1964 *
dflet 0:400d8e75a8d0 1965 * Module: library/platform.c
dflet 0:400d8e75a8d0 1966 * Caller: Most other .c files
dflet 0:400d8e75a8d0 1967 *
dflet 0:400d8e75a8d0 1968 * This module enables abstraction of common (libc) functions.
dflet 0:400d8e75a8d0 1969 */
dflet 0:400d8e75a8d0 1970 #define POLARSSL_PLATFORM_C
dflet 0:400d8e75a8d0 1971
dflet 0:400d8e75a8d0 1972 /**
dflet 0:400d8e75a8d0 1973 * \def POLARSSL_RIPEMD160_C
dflet 0:400d8e75a8d0 1974 *
dflet 0:400d8e75a8d0 1975 * Enable the RIPEMD-160 hash algorithm.
dflet 0:400d8e75a8d0 1976 *
dflet 0:400d8e75a8d0 1977 * Module: library/ripemd160.c
dflet 0:400d8e75a8d0 1978 * Caller: library/md.c
dflet 0:400d8e75a8d0 1979 *
dflet 0:400d8e75a8d0 1980 */
dflet 0:400d8e75a8d0 1981 #define POLARSSL_RIPEMD160_C
dflet 0:400d8e75a8d0 1982
dflet 0:400d8e75a8d0 1983 /**
dflet 0:400d8e75a8d0 1984 * \def POLARSSL_RSA_C
dflet 0:400d8e75a8d0 1985 *
dflet 0:400d8e75a8d0 1986 * Enable the RSA public-key cryptosystem.
dflet 0:400d8e75a8d0 1987 *
dflet 0:400d8e75a8d0 1988 * Module: library/rsa.c
dflet 0:400d8e75a8d0 1989 * Caller: library/ssl_cli.c
dflet 0:400d8e75a8d0 1990 * library/ssl_srv.c
dflet 0:400d8e75a8d0 1991 * library/ssl_tls.c
dflet 0:400d8e75a8d0 1992 * library/x509.c
dflet 0:400d8e75a8d0 1993 *
dflet 0:400d8e75a8d0 1994 * This module is used by the following key exchanges:
dflet 0:400d8e75a8d0 1995 * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
dflet 0:400d8e75a8d0 1996 *
dflet 0:400d8e75a8d0 1997 * Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C
dflet 0:400d8e75a8d0 1998 */
dflet 0:400d8e75a8d0 1999 #define POLARSSL_RSA_C
dflet 0:400d8e75a8d0 2000
dflet 0:400d8e75a8d0 2001 /**
dflet 0:400d8e75a8d0 2002 * \def POLARSSL_SHA1_C
dflet 0:400d8e75a8d0 2003 *
dflet 0:400d8e75a8d0 2004 * Enable the SHA1 cryptographic hash algorithm.
dflet 0:400d8e75a8d0 2005 *
dflet 0:400d8e75a8d0 2006 * Module: library/sha1.c
dflet 0:400d8e75a8d0 2007 * Caller: library/md.c
dflet 0:400d8e75a8d0 2008 * library/ssl_cli.c
dflet 0:400d8e75a8d0 2009 * library/ssl_srv.c
dflet 0:400d8e75a8d0 2010 * library/ssl_tls.c
dflet 0:400d8e75a8d0 2011 * library/x509write_crt.c
dflet 0:400d8e75a8d0 2012 *
dflet 0:400d8e75a8d0 2013 * This module is required for SSL/TLS and SHA1-signed certificates.
dflet 0:400d8e75a8d0 2014 */
dflet 0:400d8e75a8d0 2015 #define POLARSSL_SHA1_C
dflet 0:400d8e75a8d0 2016
dflet 0:400d8e75a8d0 2017 /**
dflet 0:400d8e75a8d0 2018 * \def POLARSSL_SHA256_C
dflet 0:400d8e75a8d0 2019 *
dflet 0:400d8e75a8d0 2020 * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
dflet 0:400d8e75a8d0 2021 * (Used to be POLARSSL_SHA2_C)
dflet 0:400d8e75a8d0 2022 *
dflet 0:400d8e75a8d0 2023 * Module: library/sha256.c
dflet 0:400d8e75a8d0 2024 * Caller: library/entropy.c
dflet 0:400d8e75a8d0 2025 * library/md.c
dflet 0:400d8e75a8d0 2026 * library/ssl_cli.c
dflet 0:400d8e75a8d0 2027 * library/ssl_srv.c
dflet 0:400d8e75a8d0 2028 * library/ssl_tls.c
dflet 0:400d8e75a8d0 2029 *
dflet 0:400d8e75a8d0 2030 * This module adds support for SHA-224 and SHA-256.
dflet 0:400d8e75a8d0 2031 * This module is required for the SSL/TLS 1.2 PRF function.
dflet 0:400d8e75a8d0 2032 */
dflet 0:400d8e75a8d0 2033 #define POLARSSL_SHA256_C
dflet 0:400d8e75a8d0 2034
dflet 0:400d8e75a8d0 2035 /**
dflet 0:400d8e75a8d0 2036 * \def POLARSSL_SHA512_C
dflet 0:400d8e75a8d0 2037 *
dflet 0:400d8e75a8d0 2038 * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
dflet 0:400d8e75a8d0 2039 * (Used to be POLARSSL_SHA4_C)
dflet 0:400d8e75a8d0 2040 *
dflet 0:400d8e75a8d0 2041 * Module: library/sha512.c
dflet 0:400d8e75a8d0 2042 * Caller: library/entropy.c
dflet 0:400d8e75a8d0 2043 * library/md.c
dflet 0:400d8e75a8d0 2044 * library/ssl_cli.c
dflet 0:400d8e75a8d0 2045 * library/ssl_srv.c
dflet 0:400d8e75a8d0 2046 *
dflet 0:400d8e75a8d0 2047 * This module adds support for SHA-384 and SHA-512.
dflet 0:400d8e75a8d0 2048 */
dflet 0:400d8e75a8d0 2049 #define POLARSSL_SHA512_C
dflet 0:400d8e75a8d0 2050
dflet 0:400d8e75a8d0 2051 /**
dflet 0:400d8e75a8d0 2052 * \def POLARSSL_SSL_CACHE_C
dflet 0:400d8e75a8d0 2053 *
dflet 0:400d8e75a8d0 2054 * Enable simple SSL cache implementation.
dflet 0:400d8e75a8d0 2055 *
dflet 0:400d8e75a8d0 2056 * Module: library/ssl_cache.c
dflet 0:400d8e75a8d0 2057 * Caller:
dflet 0:400d8e75a8d0 2058 *
dflet 0:400d8e75a8d0 2059 * Requires: POLARSSL_SSL_CACHE_C
dflet 0:400d8e75a8d0 2060 */
dflet 0:400d8e75a8d0 2061 #define POLARSSL_SSL_CACHE_C
dflet 0:400d8e75a8d0 2062
dflet 0:400d8e75a8d0 2063 /**
dflet 0:400d8e75a8d0 2064 * \def POLARSSL_SSL_CLI_C
dflet 0:400d8e75a8d0 2065 *
dflet 0:400d8e75a8d0 2066 * Enable the SSL/TLS client code.
dflet 0:400d8e75a8d0 2067 *
dflet 0:400d8e75a8d0 2068 * Module: library/ssl_cli.c
dflet 0:400d8e75a8d0 2069 * Caller:
dflet 0:400d8e75a8d0 2070 *
dflet 0:400d8e75a8d0 2071 * Requires: POLARSSL_SSL_TLS_C
dflet 0:400d8e75a8d0 2072 *
dflet 0:400d8e75a8d0 2073 * This module is required for SSL/TLS client support.
dflet 0:400d8e75a8d0 2074 */
dflet 0:400d8e75a8d0 2075 #define POLARSSL_SSL_CLI_C
dflet 0:400d8e75a8d0 2076
dflet 0:400d8e75a8d0 2077 /**
dflet 0:400d8e75a8d0 2078 * \def POLARSSL_SSL_SRV_C
dflet 0:400d8e75a8d0 2079 *
dflet 0:400d8e75a8d0 2080 * Enable the SSL/TLS server code.
dflet 0:400d8e75a8d0 2081 *
dflet 0:400d8e75a8d0 2082 * Module: library/ssl_srv.c
dflet 0:400d8e75a8d0 2083 * Caller:
dflet 0:400d8e75a8d0 2084 *
dflet 0:400d8e75a8d0 2085 * Requires: POLARSSL_SSL_TLS_C
dflet 0:400d8e75a8d0 2086 *
dflet 0:400d8e75a8d0 2087 * This module is required for SSL/TLS server support.
dflet 0:400d8e75a8d0 2088 */
dflet 0:400d8e75a8d0 2089 #define POLARSSL_SSL_SRV_C
dflet 0:400d8e75a8d0 2090
dflet 0:400d8e75a8d0 2091 /**
dflet 0:400d8e75a8d0 2092 * \def POLARSSL_SSL_TLS_C
dflet 0:400d8e75a8d0 2093 *
dflet 0:400d8e75a8d0 2094 * Enable the generic SSL/TLS code.
dflet 0:400d8e75a8d0 2095 *
dflet 0:400d8e75a8d0 2096 * Module: library/ssl_tls.c
dflet 0:400d8e75a8d0 2097 * Caller: library/ssl_cli.c
dflet 0:400d8e75a8d0 2098 * library/ssl_srv.c
dflet 0:400d8e75a8d0 2099 *
dflet 0:400d8e75a8d0 2100 * Requires: POLARSSL_CIPHER_C, POLARSSL_MD_C
dflet 0:400d8e75a8d0 2101 * and at least one of the POLARSSL_SSL_PROTO_* defines
dflet 0:400d8e75a8d0 2102 *
dflet 0:400d8e75a8d0 2103 * This module is required for SSL/TLS.
dflet 0:400d8e75a8d0 2104 */
dflet 0:400d8e75a8d0 2105 #define POLARSSL_SSL_TLS_C
dflet 0:400d8e75a8d0 2106
dflet 0:400d8e75a8d0 2107 /**
dflet 0:400d8e75a8d0 2108 * \def POLARSSL_THREADING_C
dflet 0:400d8e75a8d0 2109 *
dflet 0:400d8e75a8d0 2110 * Enable the threading abstraction layer.
dflet 0:400d8e75a8d0 2111 * By default mbed TLS assumes it is used in a non-threaded environment or that
dflet 0:400d8e75a8d0 2112 * contexts are not shared between threads. If you do intend to use contexts
dflet 0:400d8e75a8d0 2113 * between threads, you will need to enable this layer to prevent race
dflet 0:400d8e75a8d0 2114 * conditions.
dflet 0:400d8e75a8d0 2115 *
dflet 0:400d8e75a8d0 2116 * Module: library/threading.c
dflet 0:400d8e75a8d0 2117 *
dflet 0:400d8e75a8d0 2118 * This allows different threading implementations (self-implemented or
dflet 0:400d8e75a8d0 2119 * provided).
dflet 0:400d8e75a8d0 2120 *
dflet 0:400d8e75a8d0 2121 * You will have to enable either POLARSSL_THREADING_ALT or
dflet 0:400d8e75a8d0 2122 * POLARSSL_THREADING_PTHREAD.
dflet 0:400d8e75a8d0 2123 *
dflet 0:400d8e75a8d0 2124 * Enable this layer to allow use of mutexes within mbed TLS
dflet 0:400d8e75a8d0 2125 */
dflet 0:400d8e75a8d0 2126 //#define POLARSSL_THREADING_C
dflet 0:400d8e75a8d0 2127
dflet 0:400d8e75a8d0 2128 /**
dflet 0:400d8e75a8d0 2129 * \def POLARSSL_TIMING_C
dflet 0:400d8e75a8d0 2130 *
dflet 0:400d8e75a8d0 2131 * Enable the portable timing interface.
dflet 0:400d8e75a8d0 2132 *
dflet 0:400d8e75a8d0 2133 * Module: library/timing.c
dflet 0:400d8e75a8d0 2134 * Caller: library/havege.c
dflet 0:400d8e75a8d0 2135 *
dflet 0:400d8e75a8d0 2136 * This module is used by the HAVEGE random number generator.
dflet 0:400d8e75a8d0 2137 */
dflet 0:400d8e75a8d0 2138 #define POLARSSL_TIMING_C
dflet 0:400d8e75a8d0 2139
dflet 0:400d8e75a8d0 2140 /**
dflet 0:400d8e75a8d0 2141 * \def POLARSSL_VERSION_C
dflet 0:400d8e75a8d0 2142 *
dflet 0:400d8e75a8d0 2143 * Enable run-time version information.
dflet 0:400d8e75a8d0 2144 *
dflet 0:400d8e75a8d0 2145 * Module: library/version.c
dflet 0:400d8e75a8d0 2146 *
dflet 0:400d8e75a8d0 2147 * This module provides run-time version information.
dflet 0:400d8e75a8d0 2148 */
dflet 0:400d8e75a8d0 2149 #define POLARSSL_VERSION_C
dflet 0:400d8e75a8d0 2150
dflet 0:400d8e75a8d0 2151 /**
dflet 0:400d8e75a8d0 2152 * \def POLARSSL_X509_USE_C
dflet 0:400d8e75a8d0 2153 *
dflet 0:400d8e75a8d0 2154 * Enable X.509 core for using certificates.
dflet 0:400d8e75a8d0 2155 *
dflet 0:400d8e75a8d0 2156 * Module: library/x509.c
dflet 0:400d8e75a8d0 2157 * Caller: library/x509_crl.c
dflet 0:400d8e75a8d0 2158 * library/x509_crt.c
dflet 0:400d8e75a8d0 2159 * library/x509_csr.c
dflet 0:400d8e75a8d0 2160 *
dflet 0:400d8e75a8d0 2161 * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_OID_C,
dflet 0:400d8e75a8d0 2162 * POLARSSL_PK_PARSE_C
dflet 0:400d8e75a8d0 2163 *
dflet 0:400d8e75a8d0 2164 * This module is required for the X.509 parsing modules.
dflet 0:400d8e75a8d0 2165 */
dflet 0:400d8e75a8d0 2166 #define POLARSSL_X509_USE_C
dflet 0:400d8e75a8d0 2167
dflet 0:400d8e75a8d0 2168 /**
dflet 0:400d8e75a8d0 2169 * \def POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 2170 *
dflet 0:400d8e75a8d0 2171 * Enable X.509 certificate parsing.
dflet 0:400d8e75a8d0 2172 *
dflet 0:400d8e75a8d0 2173 * Module: library/x509_crt.c
dflet 0:400d8e75a8d0 2174 * Caller: library/ssl_cli.c
dflet 0:400d8e75a8d0 2175 * library/ssl_srv.c
dflet 0:400d8e75a8d0 2176 * library/ssl_tls.c
dflet 0:400d8e75a8d0 2177 *
dflet 0:400d8e75a8d0 2178 * Requires: POLARSSL_X509_USE_C
dflet 0:400d8e75a8d0 2179 *
dflet 0:400d8e75a8d0 2180 * This module is required for X.509 certificate parsing.
dflet 0:400d8e75a8d0 2181 */
dflet 0:400d8e75a8d0 2182 #define POLARSSL_X509_CRT_PARSE_C
dflet 0:400d8e75a8d0 2183
dflet 0:400d8e75a8d0 2184 /**
dflet 0:400d8e75a8d0 2185 * \def POLARSSL_X509_CRL_PARSE_C
dflet 0:400d8e75a8d0 2186 *
dflet 0:400d8e75a8d0 2187 * Enable X.509 CRL parsing.
dflet 0:400d8e75a8d0 2188 *
dflet 0:400d8e75a8d0 2189 * Module: library/x509_crl.c
dflet 0:400d8e75a8d0 2190 * Caller: library/x509_crt.c
dflet 0:400d8e75a8d0 2191 *
dflet 0:400d8e75a8d0 2192 * Requires: POLARSSL_X509_USE_C
dflet 0:400d8e75a8d0 2193 *
dflet 0:400d8e75a8d0 2194 * This module is required for X.509 CRL parsing.
dflet 0:400d8e75a8d0 2195 */
dflet 0:400d8e75a8d0 2196 #define POLARSSL_X509_CRL_PARSE_C
dflet 0:400d8e75a8d0 2197
dflet 0:400d8e75a8d0 2198 /**
dflet 0:400d8e75a8d0 2199 * \def POLARSSL_X509_CSR_PARSE_C
dflet 0:400d8e75a8d0 2200 *
dflet 0:400d8e75a8d0 2201 * Enable X.509 Certificate Signing Request (CSR) parsing.
dflet 0:400d8e75a8d0 2202 *
dflet 0:400d8e75a8d0 2203 * Module: library/x509_csr.c
dflet 0:400d8e75a8d0 2204 * Caller: library/x509_crt_write.c
dflet 0:400d8e75a8d0 2205 *
dflet 0:400d8e75a8d0 2206 * Requires: POLARSSL_X509_USE_C
dflet 0:400d8e75a8d0 2207 *
dflet 0:400d8e75a8d0 2208 * This module is used for reading X.509 certificate request.
dflet 0:400d8e75a8d0 2209 */
dflet 0:400d8e75a8d0 2210 #define POLARSSL_X509_CSR_PARSE_C
dflet 0:400d8e75a8d0 2211
dflet 0:400d8e75a8d0 2212 /**
dflet 0:400d8e75a8d0 2213 * \def POLARSSL_X509_CREATE_C
dflet 0:400d8e75a8d0 2214 *
dflet 0:400d8e75a8d0 2215 * Enable X.509 core for creating certificates.
dflet 0:400d8e75a8d0 2216 *
dflet 0:400d8e75a8d0 2217 * Module: library/x509_create.c
dflet 0:400d8e75a8d0 2218 *
dflet 0:400d8e75a8d0 2219 * Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_WRITE_C
dflet 0:400d8e75a8d0 2220 *
dflet 0:400d8e75a8d0 2221 * This module is the basis for creating X.509 certificates and CSRs.
dflet 0:400d8e75a8d0 2222 */
dflet 0:400d8e75a8d0 2223 #define POLARSSL_X509_CREATE_C
dflet 0:400d8e75a8d0 2224
dflet 0:400d8e75a8d0 2225 /**
dflet 0:400d8e75a8d0 2226 * \def POLARSSL_X509_CRT_WRITE_C
dflet 0:400d8e75a8d0 2227 *
dflet 0:400d8e75a8d0 2228 * Enable creating X.509 certificates.
dflet 0:400d8e75a8d0 2229 *
dflet 0:400d8e75a8d0 2230 * Module: library/x509_crt_write.c
dflet 0:400d8e75a8d0 2231 *
dflet 0:400d8e75a8d0 2232 * Requires: POLARSSL_CREATE_C
dflet 0:400d8e75a8d0 2233 *
dflet 0:400d8e75a8d0 2234 * This module is required for X.509 certificate creation.
dflet 0:400d8e75a8d0 2235 */
dflet 0:400d8e75a8d0 2236 #define POLARSSL_X509_CRT_WRITE_C
dflet 0:400d8e75a8d0 2237
dflet 0:400d8e75a8d0 2238 /**
dflet 0:400d8e75a8d0 2239 * \def POLARSSL_X509_CSR_WRITE_C
dflet 0:400d8e75a8d0 2240 *
dflet 0:400d8e75a8d0 2241 * Enable creating X.509 Certificate Signing Requests (CSR).
dflet 0:400d8e75a8d0 2242 *
dflet 0:400d8e75a8d0 2243 * Module: library/x509_csr_write.c
dflet 0:400d8e75a8d0 2244 *
dflet 0:400d8e75a8d0 2245 * Requires: POLARSSL_CREATE_C
dflet 0:400d8e75a8d0 2246 *
dflet 0:400d8e75a8d0 2247 * This module is required for X.509 certificate request writing.
dflet 0:400d8e75a8d0 2248 */
dflet 0:400d8e75a8d0 2249 #define POLARSSL_X509_CSR_WRITE_C
dflet 0:400d8e75a8d0 2250
dflet 0:400d8e75a8d0 2251 /**
dflet 0:400d8e75a8d0 2252 * \def POLARSSL_XTEA_C
dflet 0:400d8e75a8d0 2253 *
dflet 0:400d8e75a8d0 2254 * Enable the XTEA block cipher.
dflet 0:400d8e75a8d0 2255 *
dflet 0:400d8e75a8d0 2256 * Module: library/xtea.c
dflet 0:400d8e75a8d0 2257 * Caller:
dflet 0:400d8e75a8d0 2258 */
dflet 0:400d8e75a8d0 2259 #define POLARSSL_XTEA_C
dflet 0:400d8e75a8d0 2260
dflet 0:400d8e75a8d0 2261 /* \} name SECTION: mbed TLS modules */
dflet 0:400d8e75a8d0 2262
dflet 0:400d8e75a8d0 2263 /**
dflet 0:400d8e75a8d0 2264 * \name SECTION: Module configuration options
dflet 0:400d8e75a8d0 2265 *
dflet 0:400d8e75a8d0 2266 * This section allows for the setting of module specific sizes and
dflet 0:400d8e75a8d0 2267 * configuration options. The default values are already present in the
dflet 0:400d8e75a8d0 2268 * relevant header files and should suffice for the regular use cases.
dflet 0:400d8e75a8d0 2269 *
dflet 0:400d8e75a8d0 2270 * Our advice is to enable options and change their values here
dflet 0:400d8e75a8d0 2271 * only if you have a good reason and know the consequences.
dflet 0:400d8e75a8d0 2272 *
dflet 0:400d8e75a8d0 2273 * Please check the respective header file for documentation on these
dflet 0:400d8e75a8d0 2274 * parameters (to prevent duplicate documentation).
dflet 0:400d8e75a8d0 2275 * \{
dflet 0:400d8e75a8d0 2276 */
dflet 0:400d8e75a8d0 2277
dflet 0:400d8e75a8d0 2278 /* MPI / BIGNUM options */
dflet 0:400d8e75a8d0 2279 //#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
dflet 0:400d8e75a8d0 2280 //#define POLARSSL_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
dflet 0:400d8e75a8d0 2281
dflet 0:400d8e75a8d0 2282 /* CTR_DRBG options */
dflet 0:400d8e75a8d0 2283 //#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
dflet 0:400d8e75a8d0 2284 //#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
dflet 0:400d8e75a8d0 2285 //#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
dflet 0:400d8e75a8d0 2286 //#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
dflet 0:400d8e75a8d0 2287 //#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
dflet 0:400d8e75a8d0 2288
dflet 0:400d8e75a8d0 2289 /* HMAC_DRBG options */
dflet 0:400d8e75a8d0 2290 //#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
dflet 0:400d8e75a8d0 2291 //#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
dflet 0:400d8e75a8d0 2292 //#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
dflet 0:400d8e75a8d0 2293 //#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
dflet 0:400d8e75a8d0 2294
dflet 0:400d8e75a8d0 2295 /* ECP options */
dflet 0:400d8e75a8d0 2296 //#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
dflet 0:400d8e75a8d0 2297 //#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
dflet 0:400d8e75a8d0 2298 //#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
dflet 0:400d8e75a8d0 2299
dflet 0:400d8e75a8d0 2300 /* Entropy options */
dflet 0:400d8e75a8d0 2301 //#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
dflet 0:400d8e75a8d0 2302 //#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
dflet 0:400d8e75a8d0 2303
dflet 0:400d8e75a8d0 2304 /* Memory buffer allocator options */
dflet 0:400d8e75a8d0 2305 //#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
dflet 0:400d8e75a8d0 2306
dflet 0:400d8e75a8d0 2307 /* Platform options */
dflet 0:400d8e75a8d0 2308 //#define POLARSSL_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
dflet 0:400d8e75a8d0 2309 //#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */
dflet 0:400d8e75a8d0 2310 //#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */
dflet 0:400d8e75a8d0 2311 //#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */
dflet 0:400d8e75a8d0 2312 //#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
dflet 0:400d8e75a8d0 2313 //#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
dflet 0:400d8e75a8d0 2314 //#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
dflet 0:400d8e75a8d0 2315
dflet 0:400d8e75a8d0 2316 /* To Use Function Macros POLARSSL_PLATFORM_C must be enabled */
dflet 0:400d8e75a8d0 2317 /* POLARSSL_PLATFORM_XXX_MACRO and POLARSSL_PLATFORM_XXX_ALT cannot both be defined */
dflet 0:400d8e75a8d0 2318 //#define POLARSSL_PLATFORM_MALLOC_MACRO malloc /**< Default allocator macro to use, can be undefined */
dflet 0:400d8e75a8d0 2319 //#define POLARSSL_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */
dflet 0:400d8e75a8d0 2320 //#define POLARSSL_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */
dflet 0:400d8e75a8d0 2321 //#define POLARSSL_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
dflet 0:400d8e75a8d0 2322 //#define POLARSSL_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
dflet 0:400d8e75a8d0 2323 //#define POLARSSL_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
dflet 0:400d8e75a8d0 2324
dflet 0:400d8e75a8d0 2325 /* SSL Cache options */
dflet 0:400d8e75a8d0 2326 //#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
dflet 0:400d8e75a8d0 2327 //#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
dflet 0:400d8e75a8d0 2328
dflet 0:400d8e75a8d0 2329 /* SSL options */
dflet 0:400d8e75a8d0 2330 //#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
dflet 0:400d8e75a8d0 2331 //#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
dflet 0:400d8e75a8d0 2332 //#define POLARSSL_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
dflet 0:400d8e75a8d0 2333
dflet 0:400d8e75a8d0 2334 /**
dflet 0:400d8e75a8d0 2335 * Complete list of ciphersuites to use, in order of preference.
dflet 0:400d8e75a8d0 2336 *
dflet 0:400d8e75a8d0 2337 * \warning No dependency checking is done on that field! This option can only
dflet 0:400d8e75a8d0 2338 * be used to restrict the set of available ciphersuites. It is your
dflet 0:400d8e75a8d0 2339 * responsibility to make sure the needed modules are active.
dflet 0:400d8e75a8d0 2340 *
dflet 0:400d8e75a8d0 2341 * Use this to save a few hundred bytes of ROM (default ordering of all
dflet 0:400d8e75a8d0 2342 * available ciphersuites) and a few to a few hundred bytes of RAM.
dflet 0:400d8e75a8d0 2343 *
dflet 0:400d8e75a8d0 2344 * The value below is only an example, not the default.
dflet 0:400d8e75a8d0 2345 */
dflet 0:400d8e75a8d0 2346 //#define SSL_CIPHERSUITES TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
dflet 0:400d8e75a8d0 2347
dflet 0:400d8e75a8d0 2348 /* Debug options */
dflet 0:400d8e75a8d0 2349 //#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */
dflet 0:400d8e75a8d0 2350
dflet 0:400d8e75a8d0 2351 /* X509 options */
dflet 0:400d8e75a8d0 2352 //#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
dflet 0:400d8e75a8d0 2353
dflet 0:400d8e75a8d0 2354 /* \} name SECTION: Module configuration options */
dflet 0:400d8e75a8d0 2355
dflet 0:400d8e75a8d0 2356 #include "check_config.h"
dflet 0:400d8e75a8d0 2357
dflet 0:400d8e75a8d0 2358 #endif /* POLARSSL_CONFIG_H */
dflet 0:400d8e75a8d0 2359