TI's CC3100 websocket camera demo with Arducam mini ov5642 and freertos. Should work with other M3's. Work in progress test demo.
SHA1/polarssl/config.h@1:e448e81c416f, 2015-09-11 (annotated)
- Committer:
- dflet
- Date:
- Fri Sep 11 15:38:33 2015 +0000
- Revision:
- 1:e448e81c416f
- Parent:
- 0:400d8e75a8d0
Removed some debud.
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
dflet | 0:400d8e75a8d0 | 1 | /** |
dflet | 0:400d8e75a8d0 | 2 | * \file config.h |
dflet | 0:400d8e75a8d0 | 3 | * |
dflet | 0:400d8e75a8d0 | 4 | * \brief Configuration options (set of defines) |
dflet | 0:400d8e75a8d0 | 5 | * |
dflet | 0:400d8e75a8d0 | 6 | * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved |
dflet | 0:400d8e75a8d0 | 7 | * |
dflet | 0:400d8e75a8d0 | 8 | * This file is part of mbed TLS (https://tls.mbed.org) |
dflet | 0:400d8e75a8d0 | 9 | * |
dflet | 0:400d8e75a8d0 | 10 | * This program is free software; you can redistribute it and/or modify |
dflet | 0:400d8e75a8d0 | 11 | * it under the terms of the GNU General Public License as published by |
dflet | 0:400d8e75a8d0 | 12 | * the Free Software Foundation; either version 2 of the License, or |
dflet | 0:400d8e75a8d0 | 13 | * (at your option) any later version. |
dflet | 0:400d8e75a8d0 | 14 | * |
dflet | 0:400d8e75a8d0 | 15 | * This program is distributed in the hope that it will be useful, |
dflet | 0:400d8e75a8d0 | 16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
dflet | 0:400d8e75a8d0 | 17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
dflet | 0:400d8e75a8d0 | 18 | * GNU General Public License for more details. |
dflet | 0:400d8e75a8d0 | 19 | * |
dflet | 0:400d8e75a8d0 | 20 | * You should have received a copy of the GNU General Public License along |
dflet | 0:400d8e75a8d0 | 21 | * with this program; if not, write to the Free Software Foundation, Inc., |
dflet | 0:400d8e75a8d0 | 22 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
dflet | 0:400d8e75a8d0 | 23 | * |
dflet | 0:400d8e75a8d0 | 24 | * This set of compile-time options may be used to enable |
dflet | 0:400d8e75a8d0 | 25 | * or disable features selectively, and reduce the global |
dflet | 0:400d8e75a8d0 | 26 | * memory footprint. |
dflet | 0:400d8e75a8d0 | 27 | */ |
dflet | 0:400d8e75a8d0 | 28 | #ifndef POLARSSL_CONFIG_H |
dflet | 0:400d8e75a8d0 | 29 | #define POLARSSL_CONFIG_H |
dflet | 0:400d8e75a8d0 | 30 | |
dflet | 0:400d8e75a8d0 | 31 | #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) |
dflet | 0:400d8e75a8d0 | 32 | #define _CRT_SECURE_NO_DEPRECATE 1 |
dflet | 0:400d8e75a8d0 | 33 | #endif |
dflet | 0:400d8e75a8d0 | 34 | |
dflet | 0:400d8e75a8d0 | 35 | /** |
dflet | 0:400d8e75a8d0 | 36 | * \name SECTION: System support |
dflet | 0:400d8e75a8d0 | 37 | * |
dflet | 0:400d8e75a8d0 | 38 | * This section sets system specific settings. |
dflet | 0:400d8e75a8d0 | 39 | * \{ |
dflet | 0:400d8e75a8d0 | 40 | */ |
dflet | 0:400d8e75a8d0 | 41 | |
dflet | 0:400d8e75a8d0 | 42 | /** |
dflet | 0:400d8e75a8d0 | 43 | * \def POLARSSL_HAVE_INT8 |
dflet | 0:400d8e75a8d0 | 44 | * |
dflet | 0:400d8e75a8d0 | 45 | * The system uses 8-bit wide native integers. |
dflet | 0:400d8e75a8d0 | 46 | * |
dflet | 0:400d8e75a8d0 | 47 | * \deprecated The compiler should be able to generate code for 32-bit |
dflet | 0:400d8e75a8d0 | 48 | * arithmetic (required by C89). This code is likely to be at least as |
dflet | 0:400d8e75a8d0 | 49 | * efficient as ours. |
dflet | 0:400d8e75a8d0 | 50 | * |
dflet | 0:400d8e75a8d0 | 51 | * Uncomment if native integers are 8-bit wide. |
dflet | 0:400d8e75a8d0 | 52 | */ |
dflet | 0:400d8e75a8d0 | 53 | //#define POLARSSL_HAVE_INT8 |
dflet | 0:400d8e75a8d0 | 54 | |
dflet | 0:400d8e75a8d0 | 55 | /** |
dflet | 0:400d8e75a8d0 | 56 | * \def POLARSSL_HAVE_INT16 |
dflet | 0:400d8e75a8d0 | 57 | * |
dflet | 0:400d8e75a8d0 | 58 | * The system uses 16-bit wide native integers. |
dflet | 0:400d8e75a8d0 | 59 | * |
dflet | 0:400d8e75a8d0 | 60 | * \deprecated The compiler should be able to generate code for 32-bit |
dflet | 0:400d8e75a8d0 | 61 | * arithmetic (required by C89). This code is likely to be at least as |
dflet | 0:400d8e75a8d0 | 62 | * efficient as ours. |
dflet | 0:400d8e75a8d0 | 63 | * |
dflet | 0:400d8e75a8d0 | 64 | * Uncomment if native integers are 16-bit wide. |
dflet | 0:400d8e75a8d0 | 65 | */ |
dflet | 0:400d8e75a8d0 | 66 | //#define POLARSSL_HAVE_INT16 |
dflet | 0:400d8e75a8d0 | 67 | |
dflet | 0:400d8e75a8d0 | 68 | /** |
dflet | 0:400d8e75a8d0 | 69 | * \def POLARSSL_HAVE_LONGLONG |
dflet | 0:400d8e75a8d0 | 70 | * |
dflet | 0:400d8e75a8d0 | 71 | * The compiler supports the 'long long' type. |
dflet | 0:400d8e75a8d0 | 72 | * (Only used on 32-bit platforms) |
dflet | 0:400d8e75a8d0 | 73 | */ |
dflet | 0:400d8e75a8d0 | 74 | #define POLARSSL_HAVE_LONGLONG |
dflet | 0:400d8e75a8d0 | 75 | |
dflet | 0:400d8e75a8d0 | 76 | /** |
dflet | 0:400d8e75a8d0 | 77 | * \def POLARSSL_HAVE_ASM |
dflet | 0:400d8e75a8d0 | 78 | * |
dflet | 0:400d8e75a8d0 | 79 | * The compiler has support for asm(). |
dflet | 0:400d8e75a8d0 | 80 | * |
dflet | 0:400d8e75a8d0 | 81 | * Requires support for asm() in compiler. |
dflet | 0:400d8e75a8d0 | 82 | * |
dflet | 0:400d8e75a8d0 | 83 | * Used in: |
dflet | 0:400d8e75a8d0 | 84 | * library/timing.c |
dflet | 0:400d8e75a8d0 | 85 | * library/padlock.c |
dflet | 0:400d8e75a8d0 | 86 | * include/polarssl/bn_mul.h |
dflet | 0:400d8e75a8d0 | 87 | * |
dflet | 0:400d8e75a8d0 | 88 | * Comment to disable the use of assembly code. |
dflet | 0:400d8e75a8d0 | 89 | */ |
dflet | 0:400d8e75a8d0 | 90 | #define POLARSSL_HAVE_ASM |
dflet | 0:400d8e75a8d0 | 91 | |
dflet | 0:400d8e75a8d0 | 92 | /** |
dflet | 0:400d8e75a8d0 | 93 | * \def POLARSSL_HAVE_SSE2 |
dflet | 0:400d8e75a8d0 | 94 | * |
dflet | 0:400d8e75a8d0 | 95 | * CPU supports SSE2 instruction set. |
dflet | 0:400d8e75a8d0 | 96 | * |
dflet | 0:400d8e75a8d0 | 97 | * Uncomment if the CPU supports SSE2 (IA-32 specific). |
dflet | 0:400d8e75a8d0 | 98 | */ |
dflet | 0:400d8e75a8d0 | 99 | //#define POLARSSL_HAVE_SSE2 |
dflet | 0:400d8e75a8d0 | 100 | |
dflet | 0:400d8e75a8d0 | 101 | /** |
dflet | 0:400d8e75a8d0 | 102 | * \def POLARSSL_HAVE_TIME |
dflet | 0:400d8e75a8d0 | 103 | * |
dflet | 0:400d8e75a8d0 | 104 | * System has time.h and time() / localtime() / gettimeofday(). |
dflet | 0:400d8e75a8d0 | 105 | * |
dflet | 0:400d8e75a8d0 | 106 | * Comment if your system does not support time functions |
dflet | 0:400d8e75a8d0 | 107 | */ |
dflet | 0:400d8e75a8d0 | 108 | #define POLARSSL_HAVE_TIME |
dflet | 0:400d8e75a8d0 | 109 | |
dflet | 0:400d8e75a8d0 | 110 | /** |
dflet | 0:400d8e75a8d0 | 111 | * \def POLARSSL_HAVE_IPV6 |
dflet | 0:400d8e75a8d0 | 112 | * |
dflet | 0:400d8e75a8d0 | 113 | * System supports the basic socket interface for IPv6 (RFC 3493), |
dflet | 0:400d8e75a8d0 | 114 | * specifically getaddrinfo(), freeaddrinfo() and struct sockaddr_storage. |
dflet | 0:400d8e75a8d0 | 115 | * |
dflet | 0:400d8e75a8d0 | 116 | * Note: on Windows/MingW, XP or higher is required. |
dflet | 0:400d8e75a8d0 | 117 | * |
dflet | 0:400d8e75a8d0 | 118 | * \warning As of 1.3.11, *not* using this flag when POLARSSL_NET_C is |
dflet | 0:400d8e75a8d0 | 119 | * defined, is deprecated. The alternative legacy code will be removed in 2.0. |
dflet | 0:400d8e75a8d0 | 120 | * |
dflet | 0:400d8e75a8d0 | 121 | * Comment if your system does not support the IPv6 socket interface |
dflet | 0:400d8e75a8d0 | 122 | */ |
dflet | 0:400d8e75a8d0 | 123 | #define POLARSSL_HAVE_IPV6 |
dflet | 0:400d8e75a8d0 | 124 | |
dflet | 0:400d8e75a8d0 | 125 | /** |
dflet | 0:400d8e75a8d0 | 126 | * \def POLARSSL_PLATFORM_MEMORY |
dflet | 0:400d8e75a8d0 | 127 | * |
dflet | 0:400d8e75a8d0 | 128 | * Enable the memory allocation layer. |
dflet | 0:400d8e75a8d0 | 129 | * |
dflet | 0:400d8e75a8d0 | 130 | * By default mbed TLS uses the system-provided malloc() and free(). |
dflet | 0:400d8e75a8d0 | 131 | * This allows different allocators (self-implemented or provided) to be |
dflet | 0:400d8e75a8d0 | 132 | * provided to the platform abstraction layer. |
dflet | 0:400d8e75a8d0 | 133 | * |
dflet | 0:400d8e75a8d0 | 134 | * Enabling POLARSSL_PLATFORM_MEMORY without the |
dflet | 0:400d8e75a8d0 | 135 | * POLARSSL_PLATFORM_{FREE,MALLOC}_MACROs will provide |
dflet | 0:400d8e75a8d0 | 136 | * "platform_set_malloc_free()" allowing you to set an alternative malloc() and |
dflet | 0:400d8e75a8d0 | 137 | * free() function pointer at runtime. |
dflet | 0:400d8e75a8d0 | 138 | * |
dflet | 0:400d8e75a8d0 | 139 | * Enabling POLARSSL_PLATFORM_MEMORY and specifying |
dflet | 0:400d8e75a8d0 | 140 | * POLARSSL_PLATFORM_{MALLOC,FREE}_MACROs will allow you to specify the |
dflet | 0:400d8e75a8d0 | 141 | * alternate function at compile time. |
dflet | 0:400d8e75a8d0 | 142 | * |
dflet | 0:400d8e75a8d0 | 143 | * Requires: POLARSSL_PLATFORM_C |
dflet | 0:400d8e75a8d0 | 144 | * |
dflet | 0:400d8e75a8d0 | 145 | * Enable this layer to allow use of alternative memory allocators. |
dflet | 0:400d8e75a8d0 | 146 | */ |
dflet | 0:400d8e75a8d0 | 147 | //#define POLARSSL_PLATFORM_MEMORY |
dflet | 0:400d8e75a8d0 | 148 | |
dflet | 0:400d8e75a8d0 | 149 | /** |
dflet | 0:400d8e75a8d0 | 150 | * \def POLARSSL_PLATFORM_NO_STD_FUNCTIONS |
dflet | 0:400d8e75a8d0 | 151 | * |
dflet | 0:400d8e75a8d0 | 152 | * Do not assign standard functions in the platform layer (e.g. malloc() to |
dflet | 0:400d8e75a8d0 | 153 | * POLARSSL_PLATFORM_STD_MALLOC and printf() to POLARSSL_PLATFORM_STD_PRINTF) |
dflet | 0:400d8e75a8d0 | 154 | * |
dflet | 0:400d8e75a8d0 | 155 | * This makes sure there are no linking errors on platforms that do not support |
dflet | 0:400d8e75a8d0 | 156 | * these functions. You will HAVE to provide alternatives, either at runtime |
dflet | 0:400d8e75a8d0 | 157 | * via the platform_set_xxx() functions or at compile time by setting |
dflet | 0:400d8e75a8d0 | 158 | * the POLARSSL_PLATFORM_STD_XXX defines, or enabling a |
dflet | 0:400d8e75a8d0 | 159 | * POLARSSL_PLATFORM_XXX_MACRO. |
dflet | 0:400d8e75a8d0 | 160 | * |
dflet | 0:400d8e75a8d0 | 161 | * Requires: POLARSSL_PLATFORM_C |
dflet | 0:400d8e75a8d0 | 162 | * |
dflet | 0:400d8e75a8d0 | 163 | * Uncomment to prevent default assignment of standard functions in the |
dflet | 0:400d8e75a8d0 | 164 | * platform layer. |
dflet | 0:400d8e75a8d0 | 165 | */ |
dflet | 0:400d8e75a8d0 | 166 | //#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS |
dflet | 0:400d8e75a8d0 | 167 | |
dflet | 0:400d8e75a8d0 | 168 | /** |
dflet | 0:400d8e75a8d0 | 169 | * \def POLARSSL_PLATFORM_XXX_ALT |
dflet | 0:400d8e75a8d0 | 170 | * |
dflet | 0:400d8e75a8d0 | 171 | * Uncomment a macro to let mbed TLS support the function in the platform |
dflet | 0:400d8e75a8d0 | 172 | * abstraction layer. |
dflet | 0:400d8e75a8d0 | 173 | * |
dflet | 0:400d8e75a8d0 | 174 | * Example: In case you uncomment POLARSSL_PLATFORM_PRINTF_ALT, mbed TLS will |
dflet | 0:400d8e75a8d0 | 175 | * provide a function "platform_set_printf()" that allows you to set an |
dflet | 0:400d8e75a8d0 | 176 | * alternative printf function pointer. |
dflet | 0:400d8e75a8d0 | 177 | * |
dflet | 0:400d8e75a8d0 | 178 | * All these define require POLARSSL_PLATFORM_C to be defined! |
dflet | 0:400d8e75a8d0 | 179 | * |
dflet | 0:400d8e75a8d0 | 180 | * WARNING: POLARSSL_PLATFORM_SNPRINTF_ALT is not available on Windows |
dflet | 0:400d8e75a8d0 | 181 | * for compatibility reasons. |
dflet | 0:400d8e75a8d0 | 182 | * |
dflet | 0:400d8e75a8d0 | 183 | * WARNING: POLARSSL_PLATFORM_XXX_ALT cannot be defined at the same time as |
dflet | 0:400d8e75a8d0 | 184 | * POLARSSL_PLATFORM_XXX_MACRO! |
dflet | 0:400d8e75a8d0 | 185 | * |
dflet | 0:400d8e75a8d0 | 186 | * Uncomment a macro to enable alternate implementation of specific base |
dflet | 0:400d8e75a8d0 | 187 | * platform function |
dflet | 0:400d8e75a8d0 | 188 | */ |
dflet | 0:400d8e75a8d0 | 189 | //#define POLARSSL_PLATFORM_EXIT_ALT |
dflet | 0:400d8e75a8d0 | 190 | //#define POLARSSL_PLATFORM_FPRINTF_ALT |
dflet | 0:400d8e75a8d0 | 191 | //#define POLARSSL_PLATFORM_PRINTF_ALT |
dflet | 0:400d8e75a8d0 | 192 | //#define POLARSSL_PLATFORM_SNPRINTF_ALT |
dflet | 0:400d8e75a8d0 | 193 | |
dflet | 0:400d8e75a8d0 | 194 | /** |
dflet | 0:400d8e75a8d0 | 195 | * \def POLARSSL_DEPRECATED_WARNING |
dflet | 0:400d8e75a8d0 | 196 | * |
dflet | 0:400d8e75a8d0 | 197 | * Mark deprecated functions so that they generate a warning if used. |
dflet | 0:400d8e75a8d0 | 198 | * Functions deprecated in one version will usually be removed in the next |
dflet | 0:400d8e75a8d0 | 199 | * version. You can enable this to help you prepare the transition to a new |
dflet | 0:400d8e75a8d0 | 200 | * major version by making sure your code is not using these functions. |
dflet | 0:400d8e75a8d0 | 201 | * |
dflet | 0:400d8e75a8d0 | 202 | * This only works with GCC and Clang. With other compilers, you may want to |
dflet | 0:400d8e75a8d0 | 203 | * use POLARSSL_DEPRECATED_REMOVED |
dflet | 0:400d8e75a8d0 | 204 | * |
dflet | 0:400d8e75a8d0 | 205 | * Uncomment to get warnings on using deprecated functions. |
dflet | 0:400d8e75a8d0 | 206 | */ |
dflet | 0:400d8e75a8d0 | 207 | //#define POLARSSL_DEPRECATED_WARNING |
dflet | 0:400d8e75a8d0 | 208 | |
dflet | 0:400d8e75a8d0 | 209 | /** |
dflet | 0:400d8e75a8d0 | 210 | * \def POLARSSL_DEPRECATED_REMOVED |
dflet | 0:400d8e75a8d0 | 211 | * |
dflet | 0:400d8e75a8d0 | 212 | * Remove deprecated functions so that they generate an error if used. |
dflet | 0:400d8e75a8d0 | 213 | * Functions deprecated in one version will usually be removed in the next |
dflet | 0:400d8e75a8d0 | 214 | * version. You can enable this to help you prepare the transition to a new |
dflet | 0:400d8e75a8d0 | 215 | * major version by making sure your code is not using these functions. |
dflet | 0:400d8e75a8d0 | 216 | * |
dflet | 0:400d8e75a8d0 | 217 | * Uncomment to get errors on using deprecated functions. |
dflet | 0:400d8e75a8d0 | 218 | */ |
dflet | 0:400d8e75a8d0 | 219 | //#define POLARSSL_DEPRECATED_REMOVED |
dflet | 0:400d8e75a8d0 | 220 | |
dflet | 0:400d8e75a8d0 | 221 | /* \} name SECTION: System support */ |
dflet | 0:400d8e75a8d0 | 222 | |
dflet | 0:400d8e75a8d0 | 223 | /** |
dflet | 0:400d8e75a8d0 | 224 | * \name SECTION: mbed TLS feature support |
dflet | 0:400d8e75a8d0 | 225 | * |
dflet | 0:400d8e75a8d0 | 226 | * This section sets support for features that are or are not needed |
dflet | 0:400d8e75a8d0 | 227 | * within the modules that are enabled. |
dflet | 0:400d8e75a8d0 | 228 | * \{ |
dflet | 0:400d8e75a8d0 | 229 | */ |
dflet | 0:400d8e75a8d0 | 230 | |
dflet | 0:400d8e75a8d0 | 231 | /** |
dflet | 0:400d8e75a8d0 | 232 | * \def POLARSSL_TIMING_ALT |
dflet | 0:400d8e75a8d0 | 233 | * |
dflet | 0:400d8e75a8d0 | 234 | * Uncomment to provide your own alternate implementation for hardclock(), |
dflet | 0:400d8e75a8d0 | 235 | * get_timer(), set_alarm() and m_sleep(). |
dflet | 0:400d8e75a8d0 | 236 | * |
dflet | 0:400d8e75a8d0 | 237 | * Only works if you have POLARSSL_TIMING_C enabled. |
dflet | 0:400d8e75a8d0 | 238 | * |
dflet | 0:400d8e75a8d0 | 239 | * You will need to provide a header "timing_alt.h" and an implementation at |
dflet | 0:400d8e75a8d0 | 240 | * compile time. |
dflet | 0:400d8e75a8d0 | 241 | */ |
dflet | 0:400d8e75a8d0 | 242 | //#define POLARSSL_TIMING_ALT |
dflet | 0:400d8e75a8d0 | 243 | |
dflet | 0:400d8e75a8d0 | 244 | /** |
dflet | 0:400d8e75a8d0 | 245 | * \def POLARSSL_XXX_ALT |
dflet | 0:400d8e75a8d0 | 246 | * |
dflet | 0:400d8e75a8d0 | 247 | * Uncomment a macro to let mbed TLS use your alternate core implementation of |
dflet | 0:400d8e75a8d0 | 248 | * a symmetric or hash algorithm (e.g. platform specific assembly optimized |
dflet | 0:400d8e75a8d0 | 249 | * implementations). Keep in mind that the function prototypes should remain |
dflet | 0:400d8e75a8d0 | 250 | * the same. |
dflet | 0:400d8e75a8d0 | 251 | * |
dflet | 0:400d8e75a8d0 | 252 | * Example: In case you uncomment POLARSSL_AES_ALT, mbed TLS will no longer |
dflet | 0:400d8e75a8d0 | 253 | * provide the "struct aes_context" definition and omit the base function |
dflet | 0:400d8e75a8d0 | 254 | * declarations and implementations. "aes_alt.h" will be included from |
dflet | 0:400d8e75a8d0 | 255 | * "aes.h" to include the new function definitions. |
dflet | 0:400d8e75a8d0 | 256 | * |
dflet | 0:400d8e75a8d0 | 257 | * Uncomment a macro to enable alternate implementation for core algorithm |
dflet | 0:400d8e75a8d0 | 258 | * functions |
dflet | 0:400d8e75a8d0 | 259 | */ |
dflet | 0:400d8e75a8d0 | 260 | //#define POLARSSL_AES_ALT |
dflet | 0:400d8e75a8d0 | 261 | //#define POLARSSL_ARC4_ALT |
dflet | 0:400d8e75a8d0 | 262 | //#define POLARSSL_BLOWFISH_ALT |
dflet | 0:400d8e75a8d0 | 263 | //#define POLARSSL_CAMELLIA_ALT |
dflet | 0:400d8e75a8d0 | 264 | //#define POLARSSL_DES_ALT |
dflet | 0:400d8e75a8d0 | 265 | //#define POLARSSL_XTEA_ALT |
dflet | 0:400d8e75a8d0 | 266 | //#define POLARSSL_MD2_ALT |
dflet | 0:400d8e75a8d0 | 267 | //#define POLARSSL_MD4_ALT |
dflet | 0:400d8e75a8d0 | 268 | //#define POLARSSL_MD5_ALT |
dflet | 0:400d8e75a8d0 | 269 | //#define POLARSSL_RIPEMD160_ALT |
dflet | 0:400d8e75a8d0 | 270 | //#define POLARSSL_SHA1_ALT |
dflet | 0:400d8e75a8d0 | 271 | //#define POLARSSL_SHA256_ALT |
dflet | 0:400d8e75a8d0 | 272 | //#define POLARSSL_SHA512_ALT |
dflet | 0:400d8e75a8d0 | 273 | |
dflet | 0:400d8e75a8d0 | 274 | /** |
dflet | 0:400d8e75a8d0 | 275 | * \def POLARSSL_AES_ROM_TABLES |
dflet | 0:400d8e75a8d0 | 276 | * |
dflet | 0:400d8e75a8d0 | 277 | * Store the AES tables in ROM. |
dflet | 0:400d8e75a8d0 | 278 | * |
dflet | 0:400d8e75a8d0 | 279 | * Uncomment this macro to store the AES tables in ROM. |
dflet | 0:400d8e75a8d0 | 280 | */ |
dflet | 0:400d8e75a8d0 | 281 | //#define POLARSSL_AES_ROM_TABLES |
dflet | 0:400d8e75a8d0 | 282 | |
dflet | 0:400d8e75a8d0 | 283 | /** |
dflet | 0:400d8e75a8d0 | 284 | * \def POLARSSL_CAMELLIA_SMALL_MEMORY |
dflet | 0:400d8e75a8d0 | 285 | * |
dflet | 0:400d8e75a8d0 | 286 | * Use less ROM for the Camellia implementation (saves about 768 bytes). |
dflet | 0:400d8e75a8d0 | 287 | * |
dflet | 0:400d8e75a8d0 | 288 | * Uncomment this macro to use less memory for Camellia. |
dflet | 0:400d8e75a8d0 | 289 | */ |
dflet | 0:400d8e75a8d0 | 290 | //#define POLARSSL_CAMELLIA_SMALL_MEMORY |
dflet | 0:400d8e75a8d0 | 291 | |
dflet | 0:400d8e75a8d0 | 292 | /** |
dflet | 0:400d8e75a8d0 | 293 | * \def POLARSSL_CIPHER_MODE_CBC |
dflet | 0:400d8e75a8d0 | 294 | * |
dflet | 0:400d8e75a8d0 | 295 | * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. |
dflet | 0:400d8e75a8d0 | 296 | */ |
dflet | 0:400d8e75a8d0 | 297 | #define POLARSSL_CIPHER_MODE_CBC |
dflet | 0:400d8e75a8d0 | 298 | |
dflet | 0:400d8e75a8d0 | 299 | /** |
dflet | 0:400d8e75a8d0 | 300 | * \def POLARSSL_CIPHER_MODE_CFB |
dflet | 0:400d8e75a8d0 | 301 | * |
dflet | 0:400d8e75a8d0 | 302 | * Enable Cipher Feedback mode (CFB) for symmetric ciphers. |
dflet | 0:400d8e75a8d0 | 303 | */ |
dflet | 0:400d8e75a8d0 | 304 | #define POLARSSL_CIPHER_MODE_CFB |
dflet | 0:400d8e75a8d0 | 305 | |
dflet | 0:400d8e75a8d0 | 306 | /** |
dflet | 0:400d8e75a8d0 | 307 | * \def POLARSSL_CIPHER_MODE_CTR |
dflet | 0:400d8e75a8d0 | 308 | * |
dflet | 0:400d8e75a8d0 | 309 | * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. |
dflet | 0:400d8e75a8d0 | 310 | */ |
dflet | 0:400d8e75a8d0 | 311 | #define POLARSSL_CIPHER_MODE_CTR |
dflet | 0:400d8e75a8d0 | 312 | |
dflet | 0:400d8e75a8d0 | 313 | /** |
dflet | 0:400d8e75a8d0 | 314 | * \def POLARSSL_CIPHER_NULL_CIPHER |
dflet | 0:400d8e75a8d0 | 315 | * |
dflet | 0:400d8e75a8d0 | 316 | * Enable NULL cipher. |
dflet | 0:400d8e75a8d0 | 317 | * Warning: Only do so when you know what you are doing. This allows for |
dflet | 0:400d8e75a8d0 | 318 | * encryption or channels without any security! |
dflet | 0:400d8e75a8d0 | 319 | * |
dflet | 0:400d8e75a8d0 | 320 | * Requires POLARSSL_ENABLE_WEAK_CIPHERSUITES as well to enable |
dflet | 0:400d8e75a8d0 | 321 | * the following ciphersuites: |
dflet | 0:400d8e75a8d0 | 322 | * TLS_ECDH_ECDSA_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 323 | * TLS_ECDH_RSA_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 324 | * TLS_ECDHE_ECDSA_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 325 | * TLS_ECDHE_RSA_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 326 | * TLS_ECDHE_PSK_WITH_NULL_SHA384 |
dflet | 0:400d8e75a8d0 | 327 | * TLS_ECDHE_PSK_WITH_NULL_SHA256 |
dflet | 0:400d8e75a8d0 | 328 | * TLS_ECDHE_PSK_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 329 | * TLS_DHE_PSK_WITH_NULL_SHA384 |
dflet | 0:400d8e75a8d0 | 330 | * TLS_DHE_PSK_WITH_NULL_SHA256 |
dflet | 0:400d8e75a8d0 | 331 | * TLS_DHE_PSK_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 332 | * TLS_RSA_WITH_NULL_SHA256 |
dflet | 0:400d8e75a8d0 | 333 | * TLS_RSA_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 334 | * TLS_RSA_WITH_NULL_MD5 |
dflet | 0:400d8e75a8d0 | 335 | * TLS_RSA_PSK_WITH_NULL_SHA384 |
dflet | 0:400d8e75a8d0 | 336 | * TLS_RSA_PSK_WITH_NULL_SHA256 |
dflet | 0:400d8e75a8d0 | 337 | * TLS_RSA_PSK_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 338 | * TLS_PSK_WITH_NULL_SHA384 |
dflet | 0:400d8e75a8d0 | 339 | * TLS_PSK_WITH_NULL_SHA256 |
dflet | 0:400d8e75a8d0 | 340 | * TLS_PSK_WITH_NULL_SHA |
dflet | 0:400d8e75a8d0 | 341 | * |
dflet | 0:400d8e75a8d0 | 342 | * Uncomment this macro to enable the NULL cipher and ciphersuites |
dflet | 0:400d8e75a8d0 | 343 | */ |
dflet | 0:400d8e75a8d0 | 344 | //#define POLARSSL_CIPHER_NULL_CIPHER |
dflet | 0:400d8e75a8d0 | 345 | |
dflet | 0:400d8e75a8d0 | 346 | /** |
dflet | 0:400d8e75a8d0 | 347 | * \def POLARSSL_CIPHER_PADDING_XXX |
dflet | 0:400d8e75a8d0 | 348 | * |
dflet | 0:400d8e75a8d0 | 349 | * Uncomment or comment macros to add support for specific padding modes |
dflet | 0:400d8e75a8d0 | 350 | * in the cipher layer with cipher modes that support padding (e.g. CBC) |
dflet | 0:400d8e75a8d0 | 351 | * |
dflet | 0:400d8e75a8d0 | 352 | * If you disable all padding modes, only full blocks can be used with CBC. |
dflet | 0:400d8e75a8d0 | 353 | * |
dflet | 0:400d8e75a8d0 | 354 | * Enable padding modes in the cipher layer. |
dflet | 0:400d8e75a8d0 | 355 | */ |
dflet | 0:400d8e75a8d0 | 356 | #define POLARSSL_CIPHER_PADDING_PKCS7 |
dflet | 0:400d8e75a8d0 | 357 | #define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS |
dflet | 0:400d8e75a8d0 | 358 | #define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN |
dflet | 0:400d8e75a8d0 | 359 | #define POLARSSL_CIPHER_PADDING_ZEROS |
dflet | 0:400d8e75a8d0 | 360 | |
dflet | 0:400d8e75a8d0 | 361 | /** |
dflet | 0:400d8e75a8d0 | 362 | * \def POLARSSL_ENABLE_WEAK_CIPHERSUITES |
dflet | 0:400d8e75a8d0 | 363 | * |
dflet | 0:400d8e75a8d0 | 364 | * Enable weak ciphersuites in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 365 | * Warning: Only do so when you know what you are doing. This allows for |
dflet | 0:400d8e75a8d0 | 366 | * channels with virtually no security at all! |
dflet | 0:400d8e75a8d0 | 367 | * |
dflet | 0:400d8e75a8d0 | 368 | * This enables the following ciphersuites: |
dflet | 0:400d8e75a8d0 | 369 | * TLS_RSA_WITH_DES_CBC_SHA |
dflet | 0:400d8e75a8d0 | 370 | * TLS_DHE_RSA_WITH_DES_CBC_SHA |
dflet | 0:400d8e75a8d0 | 371 | * |
dflet | 0:400d8e75a8d0 | 372 | * Uncomment this macro to enable weak ciphersuites |
dflet | 0:400d8e75a8d0 | 373 | */ |
dflet | 0:400d8e75a8d0 | 374 | //#define POLARSSL_ENABLE_WEAK_CIPHERSUITES |
dflet | 0:400d8e75a8d0 | 375 | |
dflet | 0:400d8e75a8d0 | 376 | /** |
dflet | 0:400d8e75a8d0 | 377 | * \def POLARSSL_REMOVE_ARC4_CIPHERSUITES |
dflet | 0:400d8e75a8d0 | 378 | * |
dflet | 0:400d8e75a8d0 | 379 | * Remove RC4 ciphersuites by default in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 380 | * This flag removes the ciphersuites based on RC4 from the default list as |
dflet | 0:400d8e75a8d0 | 381 | * returned by ssl_list_ciphersuites(). However, it is still possible to |
dflet | 0:400d8e75a8d0 | 382 | * enable (some of) them with ssl_set_ciphersuites() by including them |
dflet | 0:400d8e75a8d0 | 383 | * explicitly. |
dflet | 0:400d8e75a8d0 | 384 | * |
dflet | 0:400d8e75a8d0 | 385 | * Uncomment this macro to remove RC4 ciphersuites by default. |
dflet | 0:400d8e75a8d0 | 386 | */ |
dflet | 0:400d8e75a8d0 | 387 | //#define POLARSSL_REMOVE_ARC4_CIPHERSUITES |
dflet | 0:400d8e75a8d0 | 388 | |
dflet | 0:400d8e75a8d0 | 389 | /** |
dflet | 0:400d8e75a8d0 | 390 | * \def POLARSSL_ECP_XXXX_ENABLED |
dflet | 0:400d8e75a8d0 | 391 | * |
dflet | 0:400d8e75a8d0 | 392 | * Enables specific curves within the Elliptic Curve module. |
dflet | 0:400d8e75a8d0 | 393 | * By default all supported curves are enabled. |
dflet | 0:400d8e75a8d0 | 394 | * |
dflet | 0:400d8e75a8d0 | 395 | * Comment macros to disable the curve and functions for it |
dflet | 0:400d8e75a8d0 | 396 | */ |
dflet | 0:400d8e75a8d0 | 397 | #define POLARSSL_ECP_DP_SECP192R1_ENABLED |
dflet | 0:400d8e75a8d0 | 398 | #define POLARSSL_ECP_DP_SECP224R1_ENABLED |
dflet | 0:400d8e75a8d0 | 399 | #define POLARSSL_ECP_DP_SECP256R1_ENABLED |
dflet | 0:400d8e75a8d0 | 400 | #define POLARSSL_ECP_DP_SECP384R1_ENABLED |
dflet | 0:400d8e75a8d0 | 401 | #define POLARSSL_ECP_DP_SECP521R1_ENABLED |
dflet | 0:400d8e75a8d0 | 402 | #define POLARSSL_ECP_DP_SECP192K1_ENABLED |
dflet | 0:400d8e75a8d0 | 403 | #define POLARSSL_ECP_DP_SECP224K1_ENABLED |
dflet | 0:400d8e75a8d0 | 404 | #define POLARSSL_ECP_DP_SECP256K1_ENABLED |
dflet | 0:400d8e75a8d0 | 405 | #define POLARSSL_ECP_DP_BP256R1_ENABLED |
dflet | 0:400d8e75a8d0 | 406 | #define POLARSSL_ECP_DP_BP384R1_ENABLED |
dflet | 0:400d8e75a8d0 | 407 | #define POLARSSL_ECP_DP_BP512R1_ENABLED |
dflet | 0:400d8e75a8d0 | 408 | //#define POLARSSL_ECP_DP_M221_ENABLED // Not implemented yet! |
dflet | 0:400d8e75a8d0 | 409 | #define POLARSSL_ECP_DP_M255_ENABLED |
dflet | 0:400d8e75a8d0 | 410 | //#define POLARSSL_ECP_DP_M383_ENABLED // Not implemented yet! |
dflet | 0:400d8e75a8d0 | 411 | //#define POLARSSL_ECP_DP_M511_ENABLED // Not implemented yet! |
dflet | 0:400d8e75a8d0 | 412 | |
dflet | 0:400d8e75a8d0 | 413 | /** |
dflet | 0:400d8e75a8d0 | 414 | * \def POLARSSL_ECP_NIST_OPTIM |
dflet | 0:400d8e75a8d0 | 415 | * |
dflet | 0:400d8e75a8d0 | 416 | * Enable specific 'modulo p' routines for each NIST prime. |
dflet | 0:400d8e75a8d0 | 417 | * Depending on the prime and architecture, makes operations 4 to 8 times |
dflet | 0:400d8e75a8d0 | 418 | * faster on the corresponding curve. |
dflet | 0:400d8e75a8d0 | 419 | * |
dflet | 0:400d8e75a8d0 | 420 | * Comment this macro to disable NIST curves optimisation. |
dflet | 0:400d8e75a8d0 | 421 | */ |
dflet | 0:400d8e75a8d0 | 422 | #define POLARSSL_ECP_NIST_OPTIM |
dflet | 0:400d8e75a8d0 | 423 | |
dflet | 0:400d8e75a8d0 | 424 | /** |
dflet | 0:400d8e75a8d0 | 425 | * \def POLARSSL_ECDSA_DETERMINISTIC |
dflet | 0:400d8e75a8d0 | 426 | * |
dflet | 0:400d8e75a8d0 | 427 | * Enable deterministic ECDSA (RFC 6979). |
dflet | 0:400d8e75a8d0 | 428 | * Standard ECDSA is "fragile" in the sense that lack of entropy when signing |
dflet | 0:400d8e75a8d0 | 429 | * may result in a compromise of the long-term signing key. This is avoided by |
dflet | 0:400d8e75a8d0 | 430 | * the deterministic variant. |
dflet | 0:400d8e75a8d0 | 431 | * |
dflet | 0:400d8e75a8d0 | 432 | * Requires: POLARSSL_HMAC_DRBG_C |
dflet | 0:400d8e75a8d0 | 433 | * |
dflet | 0:400d8e75a8d0 | 434 | * Comment this macro to disable deterministic ECDSA. |
dflet | 0:400d8e75a8d0 | 435 | */ |
dflet | 0:400d8e75a8d0 | 436 | #define POLARSSL_ECDSA_DETERMINISTIC |
dflet | 0:400d8e75a8d0 | 437 | |
dflet | 0:400d8e75a8d0 | 438 | /** |
dflet | 0:400d8e75a8d0 | 439 | * \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 440 | * |
dflet | 0:400d8e75a8d0 | 441 | * Enable the PSK based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 442 | * |
dflet | 0:400d8e75a8d0 | 443 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 444 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 445 | * TLS_PSK_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 446 | * TLS_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 447 | * TLS_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 448 | * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 449 | * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 450 | * TLS_PSK_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 451 | * TLS_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 452 | * TLS_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 453 | * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 454 | * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 455 | * TLS_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 456 | * TLS_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 457 | */ |
dflet | 0:400d8e75a8d0 | 458 | #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 459 | |
dflet | 0:400d8e75a8d0 | 460 | /** |
dflet | 0:400d8e75a8d0 | 461 | * \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 462 | * |
dflet | 0:400d8e75a8d0 | 463 | * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 464 | * |
dflet | 0:400d8e75a8d0 | 465 | * Requires: POLARSSL_DHM_C |
dflet | 0:400d8e75a8d0 | 466 | * |
dflet | 0:400d8e75a8d0 | 467 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 468 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 469 | * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 470 | * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 471 | * TLS_DHE_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 472 | * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 473 | * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 474 | * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 475 | * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 476 | * TLS_DHE_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 477 | * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 478 | * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 479 | * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 480 | * TLS_DHE_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 481 | */ |
dflet | 0:400d8e75a8d0 | 482 | #define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 483 | |
dflet | 0:400d8e75a8d0 | 484 | /** |
dflet | 0:400d8e75a8d0 | 485 | * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 486 | * |
dflet | 0:400d8e75a8d0 | 487 | * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 488 | * |
dflet | 0:400d8e75a8d0 | 489 | * Requires: POLARSSL_ECDH_C |
dflet | 0:400d8e75a8d0 | 490 | * |
dflet | 0:400d8e75a8d0 | 491 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 492 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 493 | * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 494 | * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 495 | * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 496 | * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 497 | * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 498 | * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 499 | * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 500 | * TLS_ECDHE_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 501 | */ |
dflet | 0:400d8e75a8d0 | 502 | #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 503 | |
dflet | 0:400d8e75a8d0 | 504 | /** |
dflet | 0:400d8e75a8d0 | 505 | * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 506 | * |
dflet | 0:400d8e75a8d0 | 507 | * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 508 | * |
dflet | 0:400d8e75a8d0 | 509 | * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, |
dflet | 0:400d8e75a8d0 | 510 | * POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 511 | * |
dflet | 0:400d8e75a8d0 | 512 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 513 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 514 | * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 515 | * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 516 | * TLS_RSA_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 517 | * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 518 | * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 519 | * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 520 | * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 521 | * TLS_RSA_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 522 | * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 523 | * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 524 | * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 525 | * TLS_RSA_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 526 | */ |
dflet | 0:400d8e75a8d0 | 527 | #define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED |
dflet | 0:400d8e75a8d0 | 528 | |
dflet | 0:400d8e75a8d0 | 529 | /** |
dflet | 0:400d8e75a8d0 | 530 | * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 531 | * |
dflet | 0:400d8e75a8d0 | 532 | * Enable the RSA-only based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 533 | * |
dflet | 0:400d8e75a8d0 | 534 | * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, |
dflet | 0:400d8e75a8d0 | 535 | * POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 536 | * |
dflet | 0:400d8e75a8d0 | 537 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 538 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 539 | * TLS_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 540 | * TLS_RSA_WITH_AES_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 541 | * TLS_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 542 | * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 543 | * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 544 | * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 545 | * TLS_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 546 | * TLS_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 547 | * TLS_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 548 | * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 549 | * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 550 | * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 551 | * TLS_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 552 | * TLS_RSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 553 | * TLS_RSA_WITH_RC4_128_MD5 |
dflet | 0:400d8e75a8d0 | 554 | */ |
dflet | 0:400d8e75a8d0 | 555 | #define POLARSSL_KEY_EXCHANGE_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 556 | |
dflet | 0:400d8e75a8d0 | 557 | /** |
dflet | 0:400d8e75a8d0 | 558 | * \def POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 559 | * |
dflet | 0:400d8e75a8d0 | 560 | * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 561 | * |
dflet | 0:400d8e75a8d0 | 562 | * Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, |
dflet | 0:400d8e75a8d0 | 563 | * POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 564 | * |
dflet | 0:400d8e75a8d0 | 565 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 566 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 567 | * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 568 | * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 569 | * TLS_DHE_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 570 | * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 571 | * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 572 | * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 573 | * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 574 | * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 575 | * TLS_DHE_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 576 | * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 577 | * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 578 | * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 579 | * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 580 | */ |
dflet | 0:400d8e75a8d0 | 581 | #define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 582 | |
dflet | 0:400d8e75a8d0 | 583 | /** |
dflet | 0:400d8e75a8d0 | 584 | * \def POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 585 | * |
dflet | 0:400d8e75a8d0 | 586 | * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 587 | * |
dflet | 0:400d8e75a8d0 | 588 | * Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, |
dflet | 0:400d8e75a8d0 | 589 | * POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 590 | * |
dflet | 0:400d8e75a8d0 | 591 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 592 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 593 | * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 594 | * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 595 | * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 596 | * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 597 | * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 598 | * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 599 | * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 600 | * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 601 | * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 602 | * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 603 | * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 604 | * TLS_ECDHE_RSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 605 | */ |
dflet | 0:400d8e75a8d0 | 606 | #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 607 | |
dflet | 0:400d8e75a8d0 | 608 | /** |
dflet | 0:400d8e75a8d0 | 609 | * \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
dflet | 0:400d8e75a8d0 | 610 | * |
dflet | 0:400d8e75a8d0 | 611 | * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 612 | * |
dflet | 0:400d8e75a8d0 | 613 | * Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C, |
dflet | 0:400d8e75a8d0 | 614 | * |
dflet | 0:400d8e75a8d0 | 615 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 616 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 617 | * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 618 | * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 619 | * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 620 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 621 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 622 | * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 623 | * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 624 | * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 625 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 626 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 627 | * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 628 | * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 629 | */ |
dflet | 0:400d8e75a8d0 | 630 | #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
dflet | 0:400d8e75a8d0 | 631 | |
dflet | 0:400d8e75a8d0 | 632 | /** |
dflet | 0:400d8e75a8d0 | 633 | * \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
dflet | 0:400d8e75a8d0 | 634 | * |
dflet | 0:400d8e75a8d0 | 635 | * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 636 | * |
dflet | 0:400d8e75a8d0 | 637 | * Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 638 | * |
dflet | 0:400d8e75a8d0 | 639 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 640 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 641 | * TLS_ECDH_ECDSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 642 | * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 643 | * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 644 | * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 645 | * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 646 | * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 647 | * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 648 | * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 649 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 650 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 651 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 652 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 653 | */ |
dflet | 0:400d8e75a8d0 | 654 | #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
dflet | 0:400d8e75a8d0 | 655 | |
dflet | 0:400d8e75a8d0 | 656 | /** |
dflet | 0:400d8e75a8d0 | 657 | * \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 658 | * |
dflet | 0:400d8e75a8d0 | 659 | * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. |
dflet | 0:400d8e75a8d0 | 660 | * |
dflet | 0:400d8e75a8d0 | 661 | * Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 662 | * |
dflet | 0:400d8e75a8d0 | 663 | * This enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 664 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 665 | * TLS_ECDH_RSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 666 | * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 667 | * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 668 | * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 669 | * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 670 | * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 671 | * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 672 | * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 673 | * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 674 | * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 675 | * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 676 | * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 677 | */ |
dflet | 0:400d8e75a8d0 | 678 | #define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED |
dflet | 0:400d8e75a8d0 | 679 | |
dflet | 0:400d8e75a8d0 | 680 | /** |
dflet | 0:400d8e75a8d0 | 681 | * \def POLARSSL_PK_PARSE_EC_EXTENDED |
dflet | 0:400d8e75a8d0 | 682 | * |
dflet | 0:400d8e75a8d0 | 683 | * Enhance support for reading EC keys using variants of SEC1 not allowed by |
dflet | 0:400d8e75a8d0 | 684 | * RFC 5915 and RFC 5480. |
dflet | 0:400d8e75a8d0 | 685 | * |
dflet | 0:400d8e75a8d0 | 686 | * Currently this means parsing the SpecifiedECDomain choice of EC |
dflet | 0:400d8e75a8d0 | 687 | * parameters (only known groups are supported, not arbitrary domains, to |
dflet | 0:400d8e75a8d0 | 688 | * avoid validation issues). |
dflet | 0:400d8e75a8d0 | 689 | * |
dflet | 0:400d8e75a8d0 | 690 | * Disable if you only need to support RFC 5915 + 5480 key formats. |
dflet | 0:400d8e75a8d0 | 691 | */ |
dflet | 0:400d8e75a8d0 | 692 | #define POLARSSL_PK_PARSE_EC_EXTENDED |
dflet | 0:400d8e75a8d0 | 693 | |
dflet | 0:400d8e75a8d0 | 694 | /** |
dflet | 0:400d8e75a8d0 | 695 | * \def POLARSSL_ERROR_STRERROR_BC |
dflet | 0:400d8e75a8d0 | 696 | * |
dflet | 0:400d8e75a8d0 | 697 | * Make available the backward compatible error_strerror() next to the |
dflet | 0:400d8e75a8d0 | 698 | * current polarssl_strerror(). |
dflet | 0:400d8e75a8d0 | 699 | * |
dflet | 0:400d8e75a8d0 | 700 | * \deprecated Do not define this and use polarssl_strerror() instead |
dflet | 0:400d8e75a8d0 | 701 | * |
dflet | 0:400d8e75a8d0 | 702 | * Disable if you want to really remove the error_strerror() name |
dflet | 0:400d8e75a8d0 | 703 | */ |
dflet | 0:400d8e75a8d0 | 704 | #define POLARSSL_ERROR_STRERROR_BC |
dflet | 0:400d8e75a8d0 | 705 | |
dflet | 0:400d8e75a8d0 | 706 | /** |
dflet | 0:400d8e75a8d0 | 707 | * \def POLARSSL_ERROR_STRERROR_DUMMY |
dflet | 0:400d8e75a8d0 | 708 | * |
dflet | 0:400d8e75a8d0 | 709 | * Enable a dummy error function to make use of polarssl_strerror() in |
dflet | 0:400d8e75a8d0 | 710 | * third party libraries easier when POLARSSL_ERROR_C is disabled |
dflet | 0:400d8e75a8d0 | 711 | * (no effect when POLARSSL_ERROR_C is enabled). |
dflet | 0:400d8e75a8d0 | 712 | * |
dflet | 0:400d8e75a8d0 | 713 | * You can safely disable this if POLARSSL_ERROR_C is enabled, or if you're |
dflet | 0:400d8e75a8d0 | 714 | * not using polarssl_strerror() or error_strerror() in your application. |
dflet | 0:400d8e75a8d0 | 715 | * |
dflet | 0:400d8e75a8d0 | 716 | * Disable if you run into name conflicts and want to really remove the |
dflet | 0:400d8e75a8d0 | 717 | * polarssl_strerror() |
dflet | 0:400d8e75a8d0 | 718 | */ |
dflet | 0:400d8e75a8d0 | 719 | #define POLARSSL_ERROR_STRERROR_DUMMY |
dflet | 0:400d8e75a8d0 | 720 | |
dflet | 0:400d8e75a8d0 | 721 | /** |
dflet | 0:400d8e75a8d0 | 722 | * \def POLARSSL_GENPRIME |
dflet | 0:400d8e75a8d0 | 723 | * |
dflet | 0:400d8e75a8d0 | 724 | * Enable the prime-number generation code. |
dflet | 0:400d8e75a8d0 | 725 | * |
dflet | 0:400d8e75a8d0 | 726 | * Requires: POLARSSL_BIGNUM_C |
dflet | 0:400d8e75a8d0 | 727 | */ |
dflet | 0:400d8e75a8d0 | 728 | #define POLARSSL_GENPRIME |
dflet | 0:400d8e75a8d0 | 729 | |
dflet | 0:400d8e75a8d0 | 730 | /** |
dflet | 0:400d8e75a8d0 | 731 | * \def POLARSSL_FS_IO |
dflet | 0:400d8e75a8d0 | 732 | * |
dflet | 0:400d8e75a8d0 | 733 | * Enable functions that use the filesystem. |
dflet | 0:400d8e75a8d0 | 734 | */ |
dflet | 0:400d8e75a8d0 | 735 | #define POLARSSL_FS_IO |
dflet | 0:400d8e75a8d0 | 736 | |
dflet | 0:400d8e75a8d0 | 737 | /** |
dflet | 0:400d8e75a8d0 | 738 | * \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES |
dflet | 0:400d8e75a8d0 | 739 | * |
dflet | 0:400d8e75a8d0 | 740 | * Do not add default entropy sources. These are the platform specific, |
dflet | 0:400d8e75a8d0 | 741 | * hardclock and HAVEGE based poll functions. |
dflet | 0:400d8e75a8d0 | 742 | * |
dflet | 0:400d8e75a8d0 | 743 | * This is useful to have more control over the added entropy sources in an |
dflet | 0:400d8e75a8d0 | 744 | * application. |
dflet | 0:400d8e75a8d0 | 745 | * |
dflet | 0:400d8e75a8d0 | 746 | * Uncomment this macro to prevent loading of default entropy functions. |
dflet | 0:400d8e75a8d0 | 747 | */ |
dflet | 0:400d8e75a8d0 | 748 | //#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES |
dflet | 0:400d8e75a8d0 | 749 | |
dflet | 0:400d8e75a8d0 | 750 | /** |
dflet | 0:400d8e75a8d0 | 751 | * \def POLARSSL_NO_PLATFORM_ENTROPY |
dflet | 0:400d8e75a8d0 | 752 | * |
dflet | 0:400d8e75a8d0 | 753 | * Do not use built-in platform entropy functions. |
dflet | 0:400d8e75a8d0 | 754 | * This is useful if your platform does not support |
dflet | 0:400d8e75a8d0 | 755 | * standards like the /dev/urandom or Windows CryptoAPI. |
dflet | 0:400d8e75a8d0 | 756 | * |
dflet | 0:400d8e75a8d0 | 757 | * Uncomment this macro to disable the built-in platform entropy functions. |
dflet | 0:400d8e75a8d0 | 758 | */ |
dflet | 0:400d8e75a8d0 | 759 | //#define POLARSSL_NO_PLATFORM_ENTROPY |
dflet | 0:400d8e75a8d0 | 760 | |
dflet | 0:400d8e75a8d0 | 761 | /** |
dflet | 0:400d8e75a8d0 | 762 | * \def POLARSSL_ENTROPY_FORCE_SHA256 |
dflet | 0:400d8e75a8d0 | 763 | * |
dflet | 0:400d8e75a8d0 | 764 | * Force the entropy accumulator to use a SHA-256 accumulator instead of the |
dflet | 0:400d8e75a8d0 | 765 | * default SHA-512 based one (if both are available). |
dflet | 0:400d8e75a8d0 | 766 | * |
dflet | 0:400d8e75a8d0 | 767 | * Requires: POLARSSL_SHA256_C |
dflet | 0:400d8e75a8d0 | 768 | * |
dflet | 0:400d8e75a8d0 | 769 | * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option |
dflet | 0:400d8e75a8d0 | 770 | * if you have performance concerns. |
dflet | 0:400d8e75a8d0 | 771 | * |
dflet | 0:400d8e75a8d0 | 772 | * This option is only useful if both POLARSSL_SHA256_C and |
dflet | 0:400d8e75a8d0 | 773 | * POLARSSL_SHA512_C are defined. Otherwise the available hash module is used. |
dflet | 0:400d8e75a8d0 | 774 | */ |
dflet | 0:400d8e75a8d0 | 775 | //#define POLARSSL_ENTROPY_FORCE_SHA256 |
dflet | 0:400d8e75a8d0 | 776 | |
dflet | 0:400d8e75a8d0 | 777 | /** |
dflet | 0:400d8e75a8d0 | 778 | * \def POLARSSL_MEMORY_DEBUG |
dflet | 0:400d8e75a8d0 | 779 | * |
dflet | 0:400d8e75a8d0 | 780 | * Enable debugging of buffer allocator memory issues. Automatically prints |
dflet | 0:400d8e75a8d0 | 781 | * (to stderr) all (fatal) messages on memory allocation issues. Enables |
dflet | 0:400d8e75a8d0 | 782 | * function for 'debug output' of allocated memory. |
dflet | 0:400d8e75a8d0 | 783 | * |
dflet | 0:400d8e75a8d0 | 784 | * Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C |
dflet | 0:400d8e75a8d0 | 785 | * |
dflet | 0:400d8e75a8d0 | 786 | * Uncomment this macro to let the buffer allocator print out error messages. |
dflet | 0:400d8e75a8d0 | 787 | */ |
dflet | 0:400d8e75a8d0 | 788 | //#define POLARSSL_MEMORY_DEBUG |
dflet | 0:400d8e75a8d0 | 789 | |
dflet | 0:400d8e75a8d0 | 790 | /** |
dflet | 0:400d8e75a8d0 | 791 | * \def POLARSSL_MEMORY_BACKTRACE |
dflet | 0:400d8e75a8d0 | 792 | * |
dflet | 0:400d8e75a8d0 | 793 | * Include backtrace information with each allocated block. |
dflet | 0:400d8e75a8d0 | 794 | * |
dflet | 0:400d8e75a8d0 | 795 | * Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C |
dflet | 0:400d8e75a8d0 | 796 | * GLIBC-compatible backtrace() an backtrace_symbols() support |
dflet | 0:400d8e75a8d0 | 797 | * |
dflet | 0:400d8e75a8d0 | 798 | * Uncomment this macro to include backtrace information |
dflet | 0:400d8e75a8d0 | 799 | */ |
dflet | 0:400d8e75a8d0 | 800 | //#define POLARSSL_MEMORY_BACKTRACE |
dflet | 0:400d8e75a8d0 | 801 | |
dflet | 0:400d8e75a8d0 | 802 | /** |
dflet | 0:400d8e75a8d0 | 803 | * \def POLARSSL_PKCS1_V15 |
dflet | 0:400d8e75a8d0 | 804 | * |
dflet | 0:400d8e75a8d0 | 805 | * Enable support for PKCS#1 v1.5 encoding. |
dflet | 0:400d8e75a8d0 | 806 | * |
dflet | 0:400d8e75a8d0 | 807 | * Requires: POLARSSL_RSA_C |
dflet | 0:400d8e75a8d0 | 808 | * |
dflet | 0:400d8e75a8d0 | 809 | * This enables support for PKCS#1 v1.5 operations. |
dflet | 0:400d8e75a8d0 | 810 | */ |
dflet | 0:400d8e75a8d0 | 811 | #define POLARSSL_PKCS1_V15 |
dflet | 0:400d8e75a8d0 | 812 | |
dflet | 0:400d8e75a8d0 | 813 | /** |
dflet | 0:400d8e75a8d0 | 814 | * \def POLARSSL_PKCS1_V21 |
dflet | 0:400d8e75a8d0 | 815 | * |
dflet | 0:400d8e75a8d0 | 816 | * Enable support for PKCS#1 v2.1 encoding. |
dflet | 0:400d8e75a8d0 | 817 | * |
dflet | 0:400d8e75a8d0 | 818 | * Requires: POLARSSL_MD_C, POLARSSL_RSA_C |
dflet | 0:400d8e75a8d0 | 819 | * |
dflet | 0:400d8e75a8d0 | 820 | * This enables support for RSAES-OAEP and RSASSA-PSS operations. |
dflet | 0:400d8e75a8d0 | 821 | */ |
dflet | 0:400d8e75a8d0 | 822 | #define POLARSSL_PKCS1_V21 |
dflet | 0:400d8e75a8d0 | 823 | |
dflet | 0:400d8e75a8d0 | 824 | /** |
dflet | 0:400d8e75a8d0 | 825 | * \def POLARSSL_RSA_NO_CRT |
dflet | 0:400d8e75a8d0 | 826 | * |
dflet | 0:400d8e75a8d0 | 827 | * Do not use the Chinese Remainder Theorem for the RSA private operation. |
dflet | 0:400d8e75a8d0 | 828 | * |
dflet | 0:400d8e75a8d0 | 829 | * Uncomment this macro to disable the use of CRT in RSA. |
dflet | 0:400d8e75a8d0 | 830 | * |
dflet | 0:400d8e75a8d0 | 831 | */ |
dflet | 0:400d8e75a8d0 | 832 | //#define POLARSSL_RSA_NO_CRT |
dflet | 0:400d8e75a8d0 | 833 | |
dflet | 0:400d8e75a8d0 | 834 | /** |
dflet | 0:400d8e75a8d0 | 835 | * \def POLARSSL_SELF_TEST |
dflet | 0:400d8e75a8d0 | 836 | * |
dflet | 0:400d8e75a8d0 | 837 | * Enable the checkup functions (*_self_test). |
dflet | 0:400d8e75a8d0 | 838 | */ |
dflet | 0:400d8e75a8d0 | 839 | #define POLARSSL_SELF_TEST |
dflet | 0:400d8e75a8d0 | 840 | |
dflet | 0:400d8e75a8d0 | 841 | /** |
dflet | 0:400d8e75a8d0 | 842 | * \def POLARSSL_SSL_AEAD_RANDOM_IV |
dflet | 0:400d8e75a8d0 | 843 | * |
dflet | 0:400d8e75a8d0 | 844 | * Generate a random IV rather than using the record sequence number as a |
dflet | 0:400d8e75a8d0 | 845 | * nonce for ciphersuites using and AEAD algorithm (GCM or CCM). |
dflet | 0:400d8e75a8d0 | 846 | * |
dflet | 0:400d8e75a8d0 | 847 | * Using the sequence number is generally recommended. |
dflet | 0:400d8e75a8d0 | 848 | * |
dflet | 0:400d8e75a8d0 | 849 | * Uncomment this macro to always use random IVs with AEAD ciphersuites. |
dflet | 0:400d8e75a8d0 | 850 | */ |
dflet | 0:400d8e75a8d0 | 851 | //#define POLARSSL_SSL_AEAD_RANDOM_IV |
dflet | 0:400d8e75a8d0 | 852 | |
dflet | 0:400d8e75a8d0 | 853 | /** |
dflet | 0:400d8e75a8d0 | 854 | * \def POLARSSL_SSL_ALL_ALERT_MESSAGES |
dflet | 0:400d8e75a8d0 | 855 | * |
dflet | 0:400d8e75a8d0 | 856 | * Enable sending of alert messages in case of encountered errors as per RFC. |
dflet | 0:400d8e75a8d0 | 857 | * If you choose not to send the alert messages, mbed TLS can still communicate |
dflet | 0:400d8e75a8d0 | 858 | * with other servers, only debugging of failures is harder. |
dflet | 0:400d8e75a8d0 | 859 | * |
dflet | 0:400d8e75a8d0 | 860 | * The advantage of not sending alert messages, is that no information is given |
dflet | 0:400d8e75a8d0 | 861 | * about reasons for failures thus preventing adversaries of gaining intel. |
dflet | 0:400d8e75a8d0 | 862 | * |
dflet | 0:400d8e75a8d0 | 863 | * Enable sending of all alert messages |
dflet | 0:400d8e75a8d0 | 864 | */ |
dflet | 0:400d8e75a8d0 | 865 | #define POLARSSL_SSL_ALERT_MESSAGES |
dflet | 0:400d8e75a8d0 | 866 | |
dflet | 0:400d8e75a8d0 | 867 | /** |
dflet | 0:400d8e75a8d0 | 868 | * \def POLARSSL_SSL_DEBUG_ALL |
dflet | 0:400d8e75a8d0 | 869 | * |
dflet | 0:400d8e75a8d0 | 870 | * Enable the debug messages in SSL module for all issues. |
dflet | 0:400d8e75a8d0 | 871 | * Debug messages have been disabled in some places to prevent timing |
dflet | 0:400d8e75a8d0 | 872 | * attacks due to (unbalanced) debugging function calls. |
dflet | 0:400d8e75a8d0 | 873 | * |
dflet | 0:400d8e75a8d0 | 874 | * If you need all error reporting you should enable this during debugging, |
dflet | 0:400d8e75a8d0 | 875 | * but remove this for production servers that should log as well. |
dflet | 0:400d8e75a8d0 | 876 | * |
dflet | 0:400d8e75a8d0 | 877 | * Uncomment this macro to report all debug messages on errors introducing |
dflet | 0:400d8e75a8d0 | 878 | * a timing side-channel. |
dflet | 0:400d8e75a8d0 | 879 | * |
dflet | 0:400d8e75a8d0 | 880 | */ |
dflet | 0:400d8e75a8d0 | 881 | //#define POLARSSL_SSL_DEBUG_ALL |
dflet | 0:400d8e75a8d0 | 882 | |
dflet | 0:400d8e75a8d0 | 883 | /** \def POLARSSL_SSL_ENCRYPT_THEN_MAC |
dflet | 0:400d8e75a8d0 | 884 | * |
dflet | 0:400d8e75a8d0 | 885 | * Enable support for Encrypt-then-MAC, RFC 7366. |
dflet | 0:400d8e75a8d0 | 886 | * |
dflet | 0:400d8e75a8d0 | 887 | * This allows peers that both support it to use a more robust protection for |
dflet | 0:400d8e75a8d0 | 888 | * ciphersuites using CBC, providing deep resistance against timing attacks |
dflet | 0:400d8e75a8d0 | 889 | * on the padding or underlying cipher. |
dflet | 0:400d8e75a8d0 | 890 | * |
dflet | 0:400d8e75a8d0 | 891 | * This only affects CBC ciphersuites, and is useless if none is defined. |
dflet | 0:400d8e75a8d0 | 892 | * |
dflet | 0:400d8e75a8d0 | 893 | * Requires: POLARSSL_SSL_PROTO_TLS1 or |
dflet | 0:400d8e75a8d0 | 894 | * POLARSSL_SSL_PROTO_TLS1_1 or |
dflet | 0:400d8e75a8d0 | 895 | * POLARSSL_SSL_PROTO_TLS1_2 |
dflet | 0:400d8e75a8d0 | 896 | * |
dflet | 0:400d8e75a8d0 | 897 | * Comment this macro to disable support for Encrypt-then-MAC |
dflet | 0:400d8e75a8d0 | 898 | */ |
dflet | 0:400d8e75a8d0 | 899 | #define POLARSSL_SSL_ENCRYPT_THEN_MAC |
dflet | 0:400d8e75a8d0 | 900 | |
dflet | 0:400d8e75a8d0 | 901 | /** \def POLARSSL_SSL_EXTENDED_MASTER_SECRET |
dflet | 0:400d8e75a8d0 | 902 | * |
dflet | 0:400d8e75a8d0 | 903 | * Enable support for Extended Master Secret, aka Session Hash |
dflet | 0:400d8e75a8d0 | 904 | * (draft-ietf-tls-session-hash-02). |
dflet | 0:400d8e75a8d0 | 905 | * |
dflet | 0:400d8e75a8d0 | 906 | * This was introduced as "the proper fix" to the Triple Handshake familiy of |
dflet | 0:400d8e75a8d0 | 907 | * attacks, but it is recommended to always use it (even if you disable |
dflet | 0:400d8e75a8d0 | 908 | * renegotiation), since it actually fixes a more fundamental issue in the |
dflet | 0:400d8e75a8d0 | 909 | * original SSL/TLS design, and has implications beyond Triple Handshake. |
dflet | 0:400d8e75a8d0 | 910 | * |
dflet | 0:400d8e75a8d0 | 911 | * Requires: POLARSSL_SSL_PROTO_TLS1 or |
dflet | 0:400d8e75a8d0 | 912 | * POLARSSL_SSL_PROTO_TLS1_1 or |
dflet | 0:400d8e75a8d0 | 913 | * POLARSSL_SSL_PROTO_TLS1_2 |
dflet | 0:400d8e75a8d0 | 914 | * |
dflet | 0:400d8e75a8d0 | 915 | * Comment this macro to disable support for Extended Master Secret. |
dflet | 0:400d8e75a8d0 | 916 | */ |
dflet | 0:400d8e75a8d0 | 917 | #define POLARSSL_SSL_EXTENDED_MASTER_SECRET |
dflet | 0:400d8e75a8d0 | 918 | |
dflet | 0:400d8e75a8d0 | 919 | /** |
dflet | 0:400d8e75a8d0 | 920 | * \def POLARSSL_SSL_FALLBACK_SCSV |
dflet | 0:400d8e75a8d0 | 921 | * |
dflet | 0:400d8e75a8d0 | 922 | * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). |
dflet | 0:400d8e75a8d0 | 923 | * |
dflet | 0:400d8e75a8d0 | 924 | * For servers, it is recommended to always enable this, unless you support |
dflet | 0:400d8e75a8d0 | 925 | * only one version of TLS, or know for sure that none of your clients |
dflet | 0:400d8e75a8d0 | 926 | * implements a fallback strategy. |
dflet | 0:400d8e75a8d0 | 927 | * |
dflet | 0:400d8e75a8d0 | 928 | * For clients, you only need this if you're using a fallback strategy, which |
dflet | 0:400d8e75a8d0 | 929 | * is not recommended in the first place, unless you absolutely need it to |
dflet | 0:400d8e75a8d0 | 930 | * interoperate with buggy (version-intolerant) servers. |
dflet | 0:400d8e75a8d0 | 931 | * |
dflet | 0:400d8e75a8d0 | 932 | * Comment this macro to disable support for FALLBACK_SCSV |
dflet | 0:400d8e75a8d0 | 933 | */ |
dflet | 0:400d8e75a8d0 | 934 | #define POLARSSL_SSL_FALLBACK_SCSV |
dflet | 0:400d8e75a8d0 | 935 | |
dflet | 0:400d8e75a8d0 | 936 | /** |
dflet | 0:400d8e75a8d0 | 937 | * \def POLARSSL_SSL_HW_RECORD_ACCEL |
dflet | 0:400d8e75a8d0 | 938 | * |
dflet | 0:400d8e75a8d0 | 939 | * Enable hooking functions in SSL module for hardware acceleration of |
dflet | 0:400d8e75a8d0 | 940 | * individual records. |
dflet | 0:400d8e75a8d0 | 941 | * |
dflet | 0:400d8e75a8d0 | 942 | * Uncomment this macro to enable hooking functions. |
dflet | 0:400d8e75a8d0 | 943 | */ |
dflet | 0:400d8e75a8d0 | 944 | //#define POLARSSL_SSL_HW_RECORD_ACCEL |
dflet | 0:400d8e75a8d0 | 945 | |
dflet | 0:400d8e75a8d0 | 946 | /** |
dflet | 0:400d8e75a8d0 | 947 | * \def POLARSSL_SSL_CBC_RECORD_SPLITTING |
dflet | 0:400d8e75a8d0 | 948 | * |
dflet | 0:400d8e75a8d0 | 949 | * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. |
dflet | 0:400d8e75a8d0 | 950 | * |
dflet | 0:400d8e75a8d0 | 951 | * This is a countermeasure to the BEAST attack, which also minimizes the risk |
dflet | 0:400d8e75a8d0 | 952 | * of interoperability issues compared to sending 0-length records. |
dflet | 0:400d8e75a8d0 | 953 | * |
dflet | 0:400d8e75a8d0 | 954 | * Comment this macro to disable 1/n-1 record splitting. |
dflet | 0:400d8e75a8d0 | 955 | */ |
dflet | 0:400d8e75a8d0 | 956 | #define POLARSSL_SSL_CBC_RECORD_SPLITTING |
dflet | 0:400d8e75a8d0 | 957 | |
dflet | 0:400d8e75a8d0 | 958 | /** |
dflet | 0:400d8e75a8d0 | 959 | * \def POLARSSL_SSL_DISABLE_RENEGOTIATION |
dflet | 0:400d8e75a8d0 | 960 | * |
dflet | 0:400d8e75a8d0 | 961 | * Disable support for TLS renegotiation. |
dflet | 0:400d8e75a8d0 | 962 | * |
dflet | 0:400d8e75a8d0 | 963 | * The two main uses of renegotiation are (1) refresh keys on long-lived |
dflet | 0:400d8e75a8d0 | 964 | * connections and (2) client authentication after the initial handshake. |
dflet | 0:400d8e75a8d0 | 965 | * If you don't need renegotiation, it's probably better to disable it, since |
dflet | 0:400d8e75a8d0 | 966 | * it has been associated with security issues in the past and is easy to |
dflet | 0:400d8e75a8d0 | 967 | * misuse/misunderstand. |
dflet | 0:400d8e75a8d0 | 968 | * |
dflet | 0:400d8e75a8d0 | 969 | * Warning: in the next stable branch, this switch will be replaced by |
dflet | 0:400d8e75a8d0 | 970 | * POLARSSL_SSL_RENEGOTIATION to enable support for renegotiation. |
dflet | 0:400d8e75a8d0 | 971 | * |
dflet | 0:400d8e75a8d0 | 972 | * Uncomment this to disable support for renegotiation. |
dflet | 0:400d8e75a8d0 | 973 | */ |
dflet | 0:400d8e75a8d0 | 974 | //#define POLARSSL_SSL_DISABLE_RENEGOTIATION |
dflet | 0:400d8e75a8d0 | 975 | |
dflet | 0:400d8e75a8d0 | 976 | /** |
dflet | 0:400d8e75a8d0 | 977 | * \def POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
dflet | 0:400d8e75a8d0 | 978 | * |
dflet | 0:400d8e75a8d0 | 979 | * Enable support for receiving and parsing SSLv2 Client Hello messages for the |
dflet | 0:400d8e75a8d0 | 980 | * SSL Server module (POLARSSL_SSL_SRV_C). |
dflet | 0:400d8e75a8d0 | 981 | * |
dflet | 0:400d8e75a8d0 | 982 | * Comment this macro to disable support for SSLv2 Client Hello messages. |
dflet | 0:400d8e75a8d0 | 983 | */ |
dflet | 0:400d8e75a8d0 | 984 | #define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
dflet | 0:400d8e75a8d0 | 985 | |
dflet | 0:400d8e75a8d0 | 986 | /** |
dflet | 0:400d8e75a8d0 | 987 | * \def POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE |
dflet | 0:400d8e75a8d0 | 988 | * |
dflet | 0:400d8e75a8d0 | 989 | * Pick the ciphersuite according to the client's preferences rather than ours |
dflet | 0:400d8e75a8d0 | 990 | * in the SSL Server module (POLARSSL_SSL_SRV_C). |
dflet | 0:400d8e75a8d0 | 991 | * |
dflet | 0:400d8e75a8d0 | 992 | * Uncomment this macro to respect client's ciphersuite order |
dflet | 0:400d8e75a8d0 | 993 | */ |
dflet | 0:400d8e75a8d0 | 994 | //#define POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE |
dflet | 0:400d8e75a8d0 | 995 | |
dflet | 0:400d8e75a8d0 | 996 | /** |
dflet | 0:400d8e75a8d0 | 997 | * \def POLARSSL_SSL_MAX_FRAGMENT_LENGTH |
dflet | 0:400d8e75a8d0 | 998 | * |
dflet | 0:400d8e75a8d0 | 999 | * Enable support for RFC 6066 max_fragment_length extension in SSL. |
dflet | 0:400d8e75a8d0 | 1000 | * |
dflet | 0:400d8e75a8d0 | 1001 | * Comment this macro to disable support for the max_fragment_length extension |
dflet | 0:400d8e75a8d0 | 1002 | */ |
dflet | 0:400d8e75a8d0 | 1003 | #define POLARSSL_SSL_MAX_FRAGMENT_LENGTH |
dflet | 0:400d8e75a8d0 | 1004 | |
dflet | 0:400d8e75a8d0 | 1005 | /** |
dflet | 0:400d8e75a8d0 | 1006 | * \def POLARSSL_SSL_PROTO_SSL3 |
dflet | 0:400d8e75a8d0 | 1007 | * |
dflet | 0:400d8e75a8d0 | 1008 | * Enable support for SSL 3.0. |
dflet | 0:400d8e75a8d0 | 1009 | * |
dflet | 0:400d8e75a8d0 | 1010 | * Requires: POLARSSL_MD5_C |
dflet | 0:400d8e75a8d0 | 1011 | * POLARSSL_SHA1_C |
dflet | 0:400d8e75a8d0 | 1012 | * |
dflet | 0:400d8e75a8d0 | 1013 | * Comment this macro to disable support for SSL 3.0 |
dflet | 0:400d8e75a8d0 | 1014 | */ |
dflet | 0:400d8e75a8d0 | 1015 | #define POLARSSL_SSL_PROTO_SSL3 |
dflet | 0:400d8e75a8d0 | 1016 | |
dflet | 0:400d8e75a8d0 | 1017 | /** |
dflet | 0:400d8e75a8d0 | 1018 | * \def POLARSSL_SSL_PROTO_TLS1 |
dflet | 0:400d8e75a8d0 | 1019 | * |
dflet | 0:400d8e75a8d0 | 1020 | * Enable support for TLS 1.0. |
dflet | 0:400d8e75a8d0 | 1021 | * |
dflet | 0:400d8e75a8d0 | 1022 | * Requires: POLARSSL_MD5_C |
dflet | 0:400d8e75a8d0 | 1023 | * POLARSSL_SHA1_C |
dflet | 0:400d8e75a8d0 | 1024 | * |
dflet | 0:400d8e75a8d0 | 1025 | * Comment this macro to disable support for TLS 1.0 |
dflet | 0:400d8e75a8d0 | 1026 | */ |
dflet | 0:400d8e75a8d0 | 1027 | #define POLARSSL_SSL_PROTO_TLS1 |
dflet | 0:400d8e75a8d0 | 1028 | |
dflet | 0:400d8e75a8d0 | 1029 | /** |
dflet | 0:400d8e75a8d0 | 1030 | * \def POLARSSL_SSL_PROTO_TLS1_1 |
dflet | 0:400d8e75a8d0 | 1031 | * |
dflet | 0:400d8e75a8d0 | 1032 | * Enable support for TLS 1.1. |
dflet | 0:400d8e75a8d0 | 1033 | * |
dflet | 0:400d8e75a8d0 | 1034 | * Requires: POLARSSL_MD5_C |
dflet | 0:400d8e75a8d0 | 1035 | * POLARSSL_SHA1_C |
dflet | 0:400d8e75a8d0 | 1036 | * |
dflet | 0:400d8e75a8d0 | 1037 | * Comment this macro to disable support for TLS 1.1 |
dflet | 0:400d8e75a8d0 | 1038 | */ |
dflet | 0:400d8e75a8d0 | 1039 | #define POLARSSL_SSL_PROTO_TLS1_1 |
dflet | 0:400d8e75a8d0 | 1040 | |
dflet | 0:400d8e75a8d0 | 1041 | /** |
dflet | 0:400d8e75a8d0 | 1042 | * \def POLARSSL_SSL_PROTO_TLS1_2 |
dflet | 0:400d8e75a8d0 | 1043 | * |
dflet | 0:400d8e75a8d0 | 1044 | * Enable support for TLS 1.2. |
dflet | 0:400d8e75a8d0 | 1045 | * |
dflet | 0:400d8e75a8d0 | 1046 | * Requires: POLARSSL_SHA1_C or POLARSSL_SHA256_C or POLARSSL_SHA512_C |
dflet | 0:400d8e75a8d0 | 1047 | * (Depends on ciphersuites) |
dflet | 0:400d8e75a8d0 | 1048 | * |
dflet | 0:400d8e75a8d0 | 1049 | * Comment this macro to disable support for TLS 1.2 |
dflet | 0:400d8e75a8d0 | 1050 | */ |
dflet | 0:400d8e75a8d0 | 1051 | #define POLARSSL_SSL_PROTO_TLS1_2 |
dflet | 0:400d8e75a8d0 | 1052 | |
dflet | 0:400d8e75a8d0 | 1053 | /** |
dflet | 0:400d8e75a8d0 | 1054 | * \def POLARSSL_SSL_ALPN |
dflet | 0:400d8e75a8d0 | 1055 | * |
dflet | 0:400d8e75a8d0 | 1056 | * Enable support for RFC 7301 Application Layer Protocol Negotiation. |
dflet | 0:400d8e75a8d0 | 1057 | * |
dflet | 0:400d8e75a8d0 | 1058 | * Comment this macro to disable support for ALPN. |
dflet | 0:400d8e75a8d0 | 1059 | */ |
dflet | 0:400d8e75a8d0 | 1060 | #define POLARSSL_SSL_ALPN |
dflet | 0:400d8e75a8d0 | 1061 | |
dflet | 0:400d8e75a8d0 | 1062 | /** |
dflet | 0:400d8e75a8d0 | 1063 | * \def POLARSSL_SSL_SESSION_TICKETS |
dflet | 0:400d8e75a8d0 | 1064 | * |
dflet | 0:400d8e75a8d0 | 1065 | * Enable support for RFC 5077 session tickets in SSL. |
dflet | 0:400d8e75a8d0 | 1066 | * |
dflet | 0:400d8e75a8d0 | 1067 | * Requires: POLARSSL_AES_C |
dflet | 0:400d8e75a8d0 | 1068 | * POLARSSL_SHA256_C |
dflet | 0:400d8e75a8d0 | 1069 | * POLARSSL_CIPHER_MODE_CBC |
dflet | 0:400d8e75a8d0 | 1070 | * |
dflet | 0:400d8e75a8d0 | 1071 | * Comment this macro to disable support for SSL session tickets |
dflet | 0:400d8e75a8d0 | 1072 | */ |
dflet | 0:400d8e75a8d0 | 1073 | #define POLARSSL_SSL_SESSION_TICKETS |
dflet | 0:400d8e75a8d0 | 1074 | |
dflet | 0:400d8e75a8d0 | 1075 | /** |
dflet | 0:400d8e75a8d0 | 1076 | * \def POLARSSL_SSL_SERVER_NAME_INDICATION |
dflet | 0:400d8e75a8d0 | 1077 | * |
dflet | 0:400d8e75a8d0 | 1078 | * Enable support for RFC 6066 server name indication (SNI) in SSL. |
dflet | 0:400d8e75a8d0 | 1079 | * |
dflet | 0:400d8e75a8d0 | 1080 | * Requires: POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 1081 | * |
dflet | 0:400d8e75a8d0 | 1082 | * Comment this macro to disable support for server name indication in SSL |
dflet | 0:400d8e75a8d0 | 1083 | */ |
dflet | 0:400d8e75a8d0 | 1084 | #define POLARSSL_SSL_SERVER_NAME_INDICATION |
dflet | 0:400d8e75a8d0 | 1085 | |
dflet | 0:400d8e75a8d0 | 1086 | /** |
dflet | 0:400d8e75a8d0 | 1087 | * \def POLARSSL_SSL_TRUNCATED_HMAC |
dflet | 0:400d8e75a8d0 | 1088 | * |
dflet | 0:400d8e75a8d0 | 1089 | * Enable support for RFC 6066 truncated HMAC in SSL. |
dflet | 0:400d8e75a8d0 | 1090 | * |
dflet | 0:400d8e75a8d0 | 1091 | * Comment this macro to disable support for truncated HMAC in SSL |
dflet | 0:400d8e75a8d0 | 1092 | */ |
dflet | 0:400d8e75a8d0 | 1093 | #define POLARSSL_SSL_TRUNCATED_HMAC |
dflet | 0:400d8e75a8d0 | 1094 | |
dflet | 0:400d8e75a8d0 | 1095 | /** |
dflet | 0:400d8e75a8d0 | 1096 | * \def POLARSSL_SSL_SET_CURVES |
dflet | 0:400d8e75a8d0 | 1097 | * |
dflet | 0:400d8e75a8d0 | 1098 | * Enable ssl_set_curves(). |
dflet | 0:400d8e75a8d0 | 1099 | * |
dflet | 0:400d8e75a8d0 | 1100 | * This is disabled by default since it breaks binary compatibility with the |
dflet | 0:400d8e75a8d0 | 1101 | * 1.3.x line. If you choose to enable it, you will need to rebuild your |
dflet | 0:400d8e75a8d0 | 1102 | * application against the new header files, relinking will not be enough. |
dflet | 0:400d8e75a8d0 | 1103 | * It will be enabled by default, or no longer an option, in the 1.4 branch. |
dflet | 0:400d8e75a8d0 | 1104 | * |
dflet | 0:400d8e75a8d0 | 1105 | * Uncomment to make ssl_set_curves() available. |
dflet | 0:400d8e75a8d0 | 1106 | */ |
dflet | 0:400d8e75a8d0 | 1107 | //#define POLARSSL_SSL_SET_CURVES |
dflet | 0:400d8e75a8d0 | 1108 | |
dflet | 0:400d8e75a8d0 | 1109 | /** |
dflet | 0:400d8e75a8d0 | 1110 | * \def POLARSSL_THREADING_ALT |
dflet | 0:400d8e75a8d0 | 1111 | * |
dflet | 0:400d8e75a8d0 | 1112 | * Provide your own alternate threading implementation. |
dflet | 0:400d8e75a8d0 | 1113 | * |
dflet | 0:400d8e75a8d0 | 1114 | * Requires: POLARSSL_THREADING_C |
dflet | 0:400d8e75a8d0 | 1115 | * |
dflet | 0:400d8e75a8d0 | 1116 | * Uncomment this to allow your own alternate threading implementation. |
dflet | 0:400d8e75a8d0 | 1117 | */ |
dflet | 0:400d8e75a8d0 | 1118 | //#define POLARSSL_THREADING_ALT |
dflet | 0:400d8e75a8d0 | 1119 | |
dflet | 0:400d8e75a8d0 | 1120 | /** |
dflet | 0:400d8e75a8d0 | 1121 | * \def POLARSSL_THREADING_PTHREAD |
dflet | 0:400d8e75a8d0 | 1122 | * |
dflet | 0:400d8e75a8d0 | 1123 | * Enable the pthread wrapper layer for the threading layer. |
dflet | 0:400d8e75a8d0 | 1124 | * |
dflet | 0:400d8e75a8d0 | 1125 | * Requires: POLARSSL_THREADING_C |
dflet | 0:400d8e75a8d0 | 1126 | * |
dflet | 0:400d8e75a8d0 | 1127 | * Uncomment this to enable pthread mutexes. |
dflet | 0:400d8e75a8d0 | 1128 | */ |
dflet | 0:400d8e75a8d0 | 1129 | //#define POLARSSL_THREADING_PTHREAD |
dflet | 0:400d8e75a8d0 | 1130 | |
dflet | 0:400d8e75a8d0 | 1131 | /** |
dflet | 0:400d8e75a8d0 | 1132 | * \def POLARSSL_VERSION_FEATURES |
dflet | 0:400d8e75a8d0 | 1133 | * |
dflet | 0:400d8e75a8d0 | 1134 | * Allow run-time checking of compile-time enabled features. Thus allowing users |
dflet | 0:400d8e75a8d0 | 1135 | * to check at run-time if the library is for instance compiled with threading |
dflet | 0:400d8e75a8d0 | 1136 | * support via version_check_feature(). |
dflet | 0:400d8e75a8d0 | 1137 | * |
dflet | 0:400d8e75a8d0 | 1138 | * Requires: POLARSSL_VERSION_C |
dflet | 0:400d8e75a8d0 | 1139 | * |
dflet | 0:400d8e75a8d0 | 1140 | * Comment this to disable run-time checking and save ROM space |
dflet | 0:400d8e75a8d0 | 1141 | */ |
dflet | 0:400d8e75a8d0 | 1142 | #define POLARSSL_VERSION_FEATURES |
dflet | 0:400d8e75a8d0 | 1143 | |
dflet | 0:400d8e75a8d0 | 1144 | /** |
dflet | 0:400d8e75a8d0 | 1145 | * \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 |
dflet | 0:400d8e75a8d0 | 1146 | * |
dflet | 0:400d8e75a8d0 | 1147 | * If set, the X509 parser will not break-off when parsing an X509 certificate |
dflet | 0:400d8e75a8d0 | 1148 | * and encountering an extension in a v1 or v2 certificate. |
dflet | 0:400d8e75a8d0 | 1149 | * |
dflet | 0:400d8e75a8d0 | 1150 | * Uncomment to prevent an error. |
dflet | 0:400d8e75a8d0 | 1151 | */ |
dflet | 0:400d8e75a8d0 | 1152 | //#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 |
dflet | 0:400d8e75a8d0 | 1153 | |
dflet | 0:400d8e75a8d0 | 1154 | /** |
dflet | 0:400d8e75a8d0 | 1155 | * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
dflet | 0:400d8e75a8d0 | 1156 | * |
dflet | 0:400d8e75a8d0 | 1157 | * If set, the X509 parser will not break-off when parsing an X509 certificate |
dflet | 0:400d8e75a8d0 | 1158 | * and encountering an unknown critical extension. |
dflet | 0:400d8e75a8d0 | 1159 | * |
dflet | 0:400d8e75a8d0 | 1160 | * Uncomment to prevent an error. |
dflet | 0:400d8e75a8d0 | 1161 | */ |
dflet | 0:400d8e75a8d0 | 1162 | //#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
dflet | 0:400d8e75a8d0 | 1163 | |
dflet | 0:400d8e75a8d0 | 1164 | /** |
dflet | 0:400d8e75a8d0 | 1165 | * \def POLARSSL_X509_CHECK_KEY_USAGE |
dflet | 0:400d8e75a8d0 | 1166 | * |
dflet | 0:400d8e75a8d0 | 1167 | * Enable verification of the keyUsage extension (CA and leaf certificates). |
dflet | 0:400d8e75a8d0 | 1168 | * |
dflet | 0:400d8e75a8d0 | 1169 | * Disabling this avoids problems with mis-issued and/or misused |
dflet | 0:400d8e75a8d0 | 1170 | * (intermediate) CA and leaf certificates. |
dflet | 0:400d8e75a8d0 | 1171 | * |
dflet | 0:400d8e75a8d0 | 1172 | * \warning Depending on your PKI use, disabling this can be a security risk! |
dflet | 0:400d8e75a8d0 | 1173 | * |
dflet | 0:400d8e75a8d0 | 1174 | * Comment to skip keyUsage checking for both CA and leaf certificates. |
dflet | 0:400d8e75a8d0 | 1175 | */ |
dflet | 0:400d8e75a8d0 | 1176 | #define POLARSSL_X509_CHECK_KEY_USAGE |
dflet | 0:400d8e75a8d0 | 1177 | |
dflet | 0:400d8e75a8d0 | 1178 | /** |
dflet | 0:400d8e75a8d0 | 1179 | * \def POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE |
dflet | 0:400d8e75a8d0 | 1180 | * |
dflet | 0:400d8e75a8d0 | 1181 | * Enable verification of the extendedKeyUsage extension (leaf certificates). |
dflet | 0:400d8e75a8d0 | 1182 | * |
dflet | 0:400d8e75a8d0 | 1183 | * Disabling this avoids problems with mis-issued and/or misused certificates. |
dflet | 0:400d8e75a8d0 | 1184 | * |
dflet | 0:400d8e75a8d0 | 1185 | * \warning Depending on your PKI use, disabling this can be a security risk! |
dflet | 0:400d8e75a8d0 | 1186 | * |
dflet | 0:400d8e75a8d0 | 1187 | * Comment to skip extendedKeyUsage checking for certificates. |
dflet | 0:400d8e75a8d0 | 1188 | */ |
dflet | 0:400d8e75a8d0 | 1189 | #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE |
dflet | 0:400d8e75a8d0 | 1190 | |
dflet | 0:400d8e75a8d0 | 1191 | /** |
dflet | 0:400d8e75a8d0 | 1192 | * \def POLARSSL_X509_RSASSA_PSS_SUPPORT |
dflet | 0:400d8e75a8d0 | 1193 | * |
dflet | 0:400d8e75a8d0 | 1194 | * Enable parsing and verification of X.509 certificates, CRLs and CSRS |
dflet | 0:400d8e75a8d0 | 1195 | * signed with RSASSA-PSS (aka PKCS#1 v2.1). |
dflet | 0:400d8e75a8d0 | 1196 | * |
dflet | 0:400d8e75a8d0 | 1197 | * Comment this macro to disallow using RSASSA-PSS in certificates. |
dflet | 0:400d8e75a8d0 | 1198 | */ |
dflet | 0:400d8e75a8d0 | 1199 | #define POLARSSL_X509_RSASSA_PSS_SUPPORT |
dflet | 0:400d8e75a8d0 | 1200 | |
dflet | 0:400d8e75a8d0 | 1201 | /** |
dflet | 0:400d8e75a8d0 | 1202 | * \def POLARSSL_ZLIB_SUPPORT |
dflet | 0:400d8e75a8d0 | 1203 | * |
dflet | 0:400d8e75a8d0 | 1204 | * If set, the SSL/TLS module uses ZLIB to support compression and |
dflet | 0:400d8e75a8d0 | 1205 | * decompression of packet data. |
dflet | 0:400d8e75a8d0 | 1206 | * |
dflet | 0:400d8e75a8d0 | 1207 | * \warning TLS-level compression MAY REDUCE SECURITY! See for example the |
dflet | 0:400d8e75a8d0 | 1208 | * CRIME attack. Before enabling this option, you should examine with care if |
dflet | 0:400d8e75a8d0 | 1209 | * CRIME or similar exploits may be a applicable to your use case. |
dflet | 0:400d8e75a8d0 | 1210 | * |
dflet | 0:400d8e75a8d0 | 1211 | * Used in: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1212 | * library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 1213 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 1214 | * |
dflet | 0:400d8e75a8d0 | 1215 | * This feature requires zlib library and headers to be present. |
dflet | 0:400d8e75a8d0 | 1216 | * |
dflet | 0:400d8e75a8d0 | 1217 | * Uncomment to enable use of ZLIB |
dflet | 0:400d8e75a8d0 | 1218 | */ |
dflet | 0:400d8e75a8d0 | 1219 | //#define POLARSSL_ZLIB_SUPPORT |
dflet | 0:400d8e75a8d0 | 1220 | /* \} name SECTION: mbed TLS feature support */ |
dflet | 0:400d8e75a8d0 | 1221 | |
dflet | 0:400d8e75a8d0 | 1222 | /** |
dflet | 0:400d8e75a8d0 | 1223 | * \name SECTION: mbed TLS modules |
dflet | 0:400d8e75a8d0 | 1224 | * |
dflet | 0:400d8e75a8d0 | 1225 | * This section enables or disables entire modules in mbed TLS |
dflet | 0:400d8e75a8d0 | 1226 | * \{ |
dflet | 0:400d8e75a8d0 | 1227 | */ |
dflet | 0:400d8e75a8d0 | 1228 | |
dflet | 0:400d8e75a8d0 | 1229 | /** |
dflet | 0:400d8e75a8d0 | 1230 | * \def POLARSSL_AESNI_C |
dflet | 0:400d8e75a8d0 | 1231 | * |
dflet | 0:400d8e75a8d0 | 1232 | * Enable AES-NI support on x86-64. |
dflet | 0:400d8e75a8d0 | 1233 | * |
dflet | 0:400d8e75a8d0 | 1234 | * Module: library/aesni.c |
dflet | 0:400d8e75a8d0 | 1235 | * Caller: library/aes.c |
dflet | 0:400d8e75a8d0 | 1236 | * |
dflet | 0:400d8e75a8d0 | 1237 | * Requires: POLARSSL_HAVE_ASM |
dflet | 0:400d8e75a8d0 | 1238 | * |
dflet | 0:400d8e75a8d0 | 1239 | * This modules adds support for the AES-NI instructions on x86-64 |
dflet | 0:400d8e75a8d0 | 1240 | */ |
dflet | 0:400d8e75a8d0 | 1241 | #define POLARSSL_AESNI_C |
dflet | 0:400d8e75a8d0 | 1242 | |
dflet | 0:400d8e75a8d0 | 1243 | /** |
dflet | 0:400d8e75a8d0 | 1244 | * \def POLARSSL_AES_C |
dflet | 0:400d8e75a8d0 | 1245 | * |
dflet | 0:400d8e75a8d0 | 1246 | * Enable the AES block cipher. |
dflet | 0:400d8e75a8d0 | 1247 | * |
dflet | 0:400d8e75a8d0 | 1248 | * Module: library/aes.c |
dflet | 0:400d8e75a8d0 | 1249 | * Caller: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1250 | * library/pem.c |
dflet | 0:400d8e75a8d0 | 1251 | * library/ctr_drbg.c |
dflet | 0:400d8e75a8d0 | 1252 | * |
dflet | 0:400d8e75a8d0 | 1253 | * This module enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 1254 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 1255 | * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1256 | * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1257 | * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1258 | * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1259 | * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1260 | * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1261 | * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1262 | * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1263 | * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1264 | * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1265 | * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1266 | * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1267 | * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1268 | * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1269 | * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1270 | * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1271 | * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1272 | * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1273 | * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1274 | * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1275 | * TLS_DHE_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1276 | * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1277 | * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1278 | * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1279 | * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1280 | * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1281 | * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1282 | * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1283 | * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1284 | * TLS_DHE_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1285 | * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1286 | * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1287 | * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1288 | * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1289 | * TLS_DHE_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1290 | * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1291 | * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1292 | * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1293 | * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1294 | * TLS_DHE_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1295 | * TLS_RSA_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1296 | * TLS_RSA_WITH_AES_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1297 | * TLS_RSA_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1298 | * TLS_RSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1299 | * TLS_RSA_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1300 | * TLS_RSA_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1301 | * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1302 | * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1303 | * TLS_RSA_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1304 | * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1305 | * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1306 | * TLS_RSA_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1307 | * TLS_PSK_WITH_AES_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1308 | * TLS_PSK_WITH_AES_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1309 | * TLS_PSK_WITH_AES_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1310 | * TLS_PSK_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1311 | * TLS_PSK_WITH_AES_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1312 | * TLS_PSK_WITH_AES_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1313 | * |
dflet | 0:400d8e75a8d0 | 1314 | * PEM_PARSE uses AES for decrypting encrypted keys. |
dflet | 0:400d8e75a8d0 | 1315 | */ |
dflet | 0:400d8e75a8d0 | 1316 | #define POLARSSL_AES_C |
dflet | 0:400d8e75a8d0 | 1317 | |
dflet | 0:400d8e75a8d0 | 1318 | /** |
dflet | 0:400d8e75a8d0 | 1319 | * \def POLARSSL_ARC4_C |
dflet | 0:400d8e75a8d0 | 1320 | * |
dflet | 0:400d8e75a8d0 | 1321 | * Enable the ARCFOUR stream cipher. |
dflet | 0:400d8e75a8d0 | 1322 | * |
dflet | 0:400d8e75a8d0 | 1323 | * Module: library/arc4.c |
dflet | 0:400d8e75a8d0 | 1324 | * Caller: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1325 | * |
dflet | 0:400d8e75a8d0 | 1326 | * This module enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 1327 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 1328 | * TLS_ECDH_ECDSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1329 | * TLS_ECDH_RSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1330 | * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1331 | * TLS_ECDHE_RSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1332 | * TLS_ECDHE_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1333 | * TLS_DHE_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1334 | * TLS_RSA_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1335 | * TLS_RSA_WITH_RC4_128_MD5 |
dflet | 0:400d8e75a8d0 | 1336 | * TLS_RSA_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1337 | * TLS_PSK_WITH_RC4_128_SHA |
dflet | 0:400d8e75a8d0 | 1338 | */ |
dflet | 0:400d8e75a8d0 | 1339 | #define POLARSSL_ARC4_C |
dflet | 0:400d8e75a8d0 | 1340 | |
dflet | 0:400d8e75a8d0 | 1341 | /** |
dflet | 0:400d8e75a8d0 | 1342 | * \def POLARSSL_ASN1_PARSE_C |
dflet | 0:400d8e75a8d0 | 1343 | * |
dflet | 0:400d8e75a8d0 | 1344 | * Enable the generic ASN1 parser. |
dflet | 0:400d8e75a8d0 | 1345 | * |
dflet | 0:400d8e75a8d0 | 1346 | * Module: library/asn1.c |
dflet | 0:400d8e75a8d0 | 1347 | * Caller: library/x509.c |
dflet | 0:400d8e75a8d0 | 1348 | * library/dhm.c |
dflet | 0:400d8e75a8d0 | 1349 | * library/pkcs12.c |
dflet | 0:400d8e75a8d0 | 1350 | * library/pkcs5.c |
dflet | 0:400d8e75a8d0 | 1351 | * library/pkparse.c |
dflet | 0:400d8e75a8d0 | 1352 | */ |
dflet | 0:400d8e75a8d0 | 1353 | #define POLARSSL_ASN1_PARSE_C |
dflet | 0:400d8e75a8d0 | 1354 | |
dflet | 0:400d8e75a8d0 | 1355 | /** |
dflet | 0:400d8e75a8d0 | 1356 | * \def POLARSSL_ASN1_WRITE_C |
dflet | 0:400d8e75a8d0 | 1357 | * |
dflet | 0:400d8e75a8d0 | 1358 | * Enable the generic ASN1 writer. |
dflet | 0:400d8e75a8d0 | 1359 | * |
dflet | 0:400d8e75a8d0 | 1360 | * Module: library/asn1write.c |
dflet | 0:400d8e75a8d0 | 1361 | * Caller: library/ecdsa.c |
dflet | 0:400d8e75a8d0 | 1362 | * library/pkwrite.c |
dflet | 0:400d8e75a8d0 | 1363 | * library/x509_create.c |
dflet | 0:400d8e75a8d0 | 1364 | * library/x509write_crt.c |
dflet | 0:400d8e75a8d0 | 1365 | * library/x509write_csr.c |
dflet | 0:400d8e75a8d0 | 1366 | */ |
dflet | 0:400d8e75a8d0 | 1367 | #define POLARSSL_ASN1_WRITE_C |
dflet | 0:400d8e75a8d0 | 1368 | |
dflet | 0:400d8e75a8d0 | 1369 | /** |
dflet | 0:400d8e75a8d0 | 1370 | * \def POLARSSL_BASE64_C |
dflet | 0:400d8e75a8d0 | 1371 | * |
dflet | 0:400d8e75a8d0 | 1372 | * Enable the Base64 module. |
dflet | 0:400d8e75a8d0 | 1373 | * |
dflet | 0:400d8e75a8d0 | 1374 | * Module: library/base64.c |
dflet | 0:400d8e75a8d0 | 1375 | * Caller: library/pem.c |
dflet | 0:400d8e75a8d0 | 1376 | * |
dflet | 0:400d8e75a8d0 | 1377 | * This module is required for PEM support (required by X.509). |
dflet | 0:400d8e75a8d0 | 1378 | */ |
dflet | 0:400d8e75a8d0 | 1379 | #define POLARSSL_BASE64_C |
dflet | 0:400d8e75a8d0 | 1380 | |
dflet | 0:400d8e75a8d0 | 1381 | /** |
dflet | 0:400d8e75a8d0 | 1382 | * \def POLARSSL_BIGNUM_C |
dflet | 0:400d8e75a8d0 | 1383 | * |
dflet | 0:400d8e75a8d0 | 1384 | * Enable the multi-precision integer library. |
dflet | 0:400d8e75a8d0 | 1385 | * |
dflet | 0:400d8e75a8d0 | 1386 | * Module: library/bignum.c |
dflet | 0:400d8e75a8d0 | 1387 | * Caller: library/dhm.c |
dflet | 0:400d8e75a8d0 | 1388 | * library/ecp.c |
dflet | 0:400d8e75a8d0 | 1389 | * library/ecdsa.c |
dflet | 0:400d8e75a8d0 | 1390 | * library/rsa.c |
dflet | 0:400d8e75a8d0 | 1391 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1392 | * |
dflet | 0:400d8e75a8d0 | 1393 | * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. |
dflet | 0:400d8e75a8d0 | 1394 | */ |
dflet | 0:400d8e75a8d0 | 1395 | #define POLARSSL_BIGNUM_C |
dflet | 0:400d8e75a8d0 | 1396 | |
dflet | 0:400d8e75a8d0 | 1397 | /** |
dflet | 0:400d8e75a8d0 | 1398 | * \def POLARSSL_BLOWFISH_C |
dflet | 0:400d8e75a8d0 | 1399 | * |
dflet | 0:400d8e75a8d0 | 1400 | * Enable the Blowfish block cipher. |
dflet | 0:400d8e75a8d0 | 1401 | * |
dflet | 0:400d8e75a8d0 | 1402 | * Module: library/blowfish.c |
dflet | 0:400d8e75a8d0 | 1403 | */ |
dflet | 0:400d8e75a8d0 | 1404 | #define POLARSSL_BLOWFISH_C |
dflet | 0:400d8e75a8d0 | 1405 | |
dflet | 0:400d8e75a8d0 | 1406 | /** |
dflet | 0:400d8e75a8d0 | 1407 | * \def POLARSSL_CAMELLIA_C |
dflet | 0:400d8e75a8d0 | 1408 | * |
dflet | 0:400d8e75a8d0 | 1409 | * Enable the Camellia block cipher. |
dflet | 0:400d8e75a8d0 | 1410 | * |
dflet | 0:400d8e75a8d0 | 1411 | * Module: library/camellia.c |
dflet | 0:400d8e75a8d0 | 1412 | * Caller: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1413 | * |
dflet | 0:400d8e75a8d0 | 1414 | * This module enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 1415 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 1416 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1417 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1418 | * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1419 | * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1420 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1421 | * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1422 | * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1423 | * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1424 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1425 | * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1426 | * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1427 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1428 | * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1429 | * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1430 | * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1431 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1432 | * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1433 | * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1434 | * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1435 | * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1436 | * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1437 | * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1438 | * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1439 | * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1440 | * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1441 | * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1442 | * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1443 | * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1444 | * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1445 | * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1446 | * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1447 | * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1448 | * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1449 | * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1450 | * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1451 | * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1452 | * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1453 | * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1454 | * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 |
dflet | 0:400d8e75a8d0 | 1455 | * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 |
dflet | 0:400d8e75a8d0 | 1456 | * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 1457 | * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 |
dflet | 0:400d8e75a8d0 | 1458 | */ |
dflet | 0:400d8e75a8d0 | 1459 | #define POLARSSL_CAMELLIA_C |
dflet | 0:400d8e75a8d0 | 1460 | |
dflet | 0:400d8e75a8d0 | 1461 | /** |
dflet | 0:400d8e75a8d0 | 1462 | * \def POLARSSL_CCM_C |
dflet | 0:400d8e75a8d0 | 1463 | * |
dflet | 0:400d8e75a8d0 | 1464 | * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. |
dflet | 0:400d8e75a8d0 | 1465 | * |
dflet | 0:400d8e75a8d0 | 1466 | * Module: library/ccm.c |
dflet | 0:400d8e75a8d0 | 1467 | * |
dflet | 0:400d8e75a8d0 | 1468 | * Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C |
dflet | 0:400d8e75a8d0 | 1469 | * |
dflet | 0:400d8e75a8d0 | 1470 | * This module enables the AES-CCM ciphersuites, if other requisites are |
dflet | 0:400d8e75a8d0 | 1471 | * enabled as well. |
dflet | 0:400d8e75a8d0 | 1472 | */ |
dflet | 0:400d8e75a8d0 | 1473 | #define POLARSSL_CCM_C |
dflet | 0:400d8e75a8d0 | 1474 | |
dflet | 0:400d8e75a8d0 | 1475 | /** |
dflet | 0:400d8e75a8d0 | 1476 | * \def POLARSSL_CERTS_C |
dflet | 0:400d8e75a8d0 | 1477 | * |
dflet | 0:400d8e75a8d0 | 1478 | * Enable the test certificates. |
dflet | 0:400d8e75a8d0 | 1479 | * |
dflet | 0:400d8e75a8d0 | 1480 | * Module: library/certs.c |
dflet | 0:400d8e75a8d0 | 1481 | * Caller: |
dflet | 0:400d8e75a8d0 | 1482 | * |
dflet | 0:400d8e75a8d0 | 1483 | * Requires: POLARSSL_PEM_PARSE_C |
dflet | 0:400d8e75a8d0 | 1484 | * |
dflet | 0:400d8e75a8d0 | 1485 | * This module is used for testing (ssl_client/server). |
dflet | 0:400d8e75a8d0 | 1486 | */ |
dflet | 0:400d8e75a8d0 | 1487 | #define POLARSSL_CERTS_C |
dflet | 0:400d8e75a8d0 | 1488 | |
dflet | 0:400d8e75a8d0 | 1489 | /** |
dflet | 0:400d8e75a8d0 | 1490 | * \def POLARSSL_CIPHER_C |
dflet | 0:400d8e75a8d0 | 1491 | * |
dflet | 0:400d8e75a8d0 | 1492 | * Enable the generic cipher layer. |
dflet | 0:400d8e75a8d0 | 1493 | * |
dflet | 0:400d8e75a8d0 | 1494 | * Module: library/cipher.c |
dflet | 0:400d8e75a8d0 | 1495 | * Caller: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1496 | * |
dflet | 0:400d8e75a8d0 | 1497 | * Uncomment to enable generic cipher wrappers. |
dflet | 0:400d8e75a8d0 | 1498 | */ |
dflet | 0:400d8e75a8d0 | 1499 | #define POLARSSL_CIPHER_C |
dflet | 0:400d8e75a8d0 | 1500 | |
dflet | 0:400d8e75a8d0 | 1501 | /** |
dflet | 0:400d8e75a8d0 | 1502 | * \def POLARSSL_CTR_DRBG_C |
dflet | 0:400d8e75a8d0 | 1503 | * |
dflet | 0:400d8e75a8d0 | 1504 | * Enable the CTR_DRBG AES-256-based random generator. |
dflet | 0:400d8e75a8d0 | 1505 | * |
dflet | 0:400d8e75a8d0 | 1506 | * Module: library/ctr_drbg.c |
dflet | 0:400d8e75a8d0 | 1507 | * Caller: |
dflet | 0:400d8e75a8d0 | 1508 | * |
dflet | 0:400d8e75a8d0 | 1509 | * Requires: POLARSSL_AES_C |
dflet | 0:400d8e75a8d0 | 1510 | * |
dflet | 0:400d8e75a8d0 | 1511 | * This module provides the CTR_DRBG AES-256 random number generator. |
dflet | 0:400d8e75a8d0 | 1512 | */ |
dflet | 0:400d8e75a8d0 | 1513 | #define POLARSSL_CTR_DRBG_C |
dflet | 0:400d8e75a8d0 | 1514 | |
dflet | 0:400d8e75a8d0 | 1515 | /** |
dflet | 0:400d8e75a8d0 | 1516 | * \def POLARSSL_DEBUG_C |
dflet | 0:400d8e75a8d0 | 1517 | * |
dflet | 0:400d8e75a8d0 | 1518 | * Enable the debug functions. |
dflet | 0:400d8e75a8d0 | 1519 | * |
dflet | 0:400d8e75a8d0 | 1520 | * Module: library/debug.c |
dflet | 0:400d8e75a8d0 | 1521 | * Caller: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 1522 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 1523 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1524 | * |
dflet | 0:400d8e75a8d0 | 1525 | * This module provides debugging functions. |
dflet | 0:400d8e75a8d0 | 1526 | */ |
dflet | 0:400d8e75a8d0 | 1527 | #define POLARSSL_DEBUG_C |
dflet | 0:400d8e75a8d0 | 1528 | |
dflet | 0:400d8e75a8d0 | 1529 | /** |
dflet | 0:400d8e75a8d0 | 1530 | * \def POLARSSL_DES_C |
dflet | 0:400d8e75a8d0 | 1531 | * |
dflet | 0:400d8e75a8d0 | 1532 | * Enable the DES block cipher. |
dflet | 0:400d8e75a8d0 | 1533 | * |
dflet | 0:400d8e75a8d0 | 1534 | * Module: library/des.c |
dflet | 0:400d8e75a8d0 | 1535 | * Caller: library/pem.c |
dflet | 0:400d8e75a8d0 | 1536 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1537 | * |
dflet | 0:400d8e75a8d0 | 1538 | * This module enables the following ciphersuites (if other requisites are |
dflet | 0:400d8e75a8d0 | 1539 | * enabled as well): |
dflet | 0:400d8e75a8d0 | 1540 | * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1541 | * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1542 | * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1543 | * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1544 | * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1545 | * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1546 | * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1547 | * TLS_RSA_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1548 | * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1549 | * TLS_PSK_WITH_3DES_EDE_CBC_SHA |
dflet | 0:400d8e75a8d0 | 1550 | * |
dflet | 0:400d8e75a8d0 | 1551 | * PEM_PARSE uses DES/3DES for decrypting encrypted keys. |
dflet | 0:400d8e75a8d0 | 1552 | */ |
dflet | 0:400d8e75a8d0 | 1553 | #define POLARSSL_DES_C |
dflet | 0:400d8e75a8d0 | 1554 | |
dflet | 0:400d8e75a8d0 | 1555 | /** |
dflet | 0:400d8e75a8d0 | 1556 | * \def POLARSSL_DHM_C |
dflet | 0:400d8e75a8d0 | 1557 | * |
dflet | 0:400d8e75a8d0 | 1558 | * Enable the Diffie-Hellman-Merkle module. |
dflet | 0:400d8e75a8d0 | 1559 | * |
dflet | 0:400d8e75a8d0 | 1560 | * Module: library/dhm.c |
dflet | 0:400d8e75a8d0 | 1561 | * Caller: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 1562 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 1563 | * |
dflet | 0:400d8e75a8d0 | 1564 | * This module is used by the following key exchanges: |
dflet | 0:400d8e75a8d0 | 1565 | * DHE-RSA, DHE-PSK |
dflet | 0:400d8e75a8d0 | 1566 | */ |
dflet | 0:400d8e75a8d0 | 1567 | #define POLARSSL_DHM_C |
dflet | 0:400d8e75a8d0 | 1568 | |
dflet | 0:400d8e75a8d0 | 1569 | /** |
dflet | 0:400d8e75a8d0 | 1570 | * \def POLARSSL_ECDH_C |
dflet | 0:400d8e75a8d0 | 1571 | * |
dflet | 0:400d8e75a8d0 | 1572 | * Enable the elliptic curve Diffie-Hellman library. |
dflet | 0:400d8e75a8d0 | 1573 | * |
dflet | 0:400d8e75a8d0 | 1574 | * Module: library/ecdh.c |
dflet | 0:400d8e75a8d0 | 1575 | * Caller: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 1576 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 1577 | * |
dflet | 0:400d8e75a8d0 | 1578 | * This module is used by the following key exchanges: |
dflet | 0:400d8e75a8d0 | 1579 | * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK |
dflet | 0:400d8e75a8d0 | 1580 | * |
dflet | 0:400d8e75a8d0 | 1581 | * Requires: POLARSSL_ECP_C |
dflet | 0:400d8e75a8d0 | 1582 | */ |
dflet | 0:400d8e75a8d0 | 1583 | #define POLARSSL_ECDH_C |
dflet | 0:400d8e75a8d0 | 1584 | |
dflet | 0:400d8e75a8d0 | 1585 | /** |
dflet | 0:400d8e75a8d0 | 1586 | * \def POLARSSL_ECDSA_C |
dflet | 0:400d8e75a8d0 | 1587 | * |
dflet | 0:400d8e75a8d0 | 1588 | * Enable the elliptic curve DSA library. |
dflet | 0:400d8e75a8d0 | 1589 | * |
dflet | 0:400d8e75a8d0 | 1590 | * Module: library/ecdsa.c |
dflet | 0:400d8e75a8d0 | 1591 | * Caller: |
dflet | 0:400d8e75a8d0 | 1592 | * |
dflet | 0:400d8e75a8d0 | 1593 | * This module is used by the following key exchanges: |
dflet | 0:400d8e75a8d0 | 1594 | * ECDHE-ECDSA |
dflet | 0:400d8e75a8d0 | 1595 | * |
dflet | 0:400d8e75a8d0 | 1596 | * Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C |
dflet | 0:400d8e75a8d0 | 1597 | */ |
dflet | 0:400d8e75a8d0 | 1598 | #define POLARSSL_ECDSA_C |
dflet | 0:400d8e75a8d0 | 1599 | |
dflet | 0:400d8e75a8d0 | 1600 | /** |
dflet | 0:400d8e75a8d0 | 1601 | * \def POLARSSL_ECP_C |
dflet | 0:400d8e75a8d0 | 1602 | * |
dflet | 0:400d8e75a8d0 | 1603 | * Enable the elliptic curve over GF(p) library. |
dflet | 0:400d8e75a8d0 | 1604 | * |
dflet | 0:400d8e75a8d0 | 1605 | * Module: library/ecp.c |
dflet | 0:400d8e75a8d0 | 1606 | * Caller: library/ecdh.c |
dflet | 0:400d8e75a8d0 | 1607 | * library/ecdsa.c |
dflet | 0:400d8e75a8d0 | 1608 | * |
dflet | 0:400d8e75a8d0 | 1609 | * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED |
dflet | 0:400d8e75a8d0 | 1610 | */ |
dflet | 0:400d8e75a8d0 | 1611 | #define POLARSSL_ECP_C |
dflet | 0:400d8e75a8d0 | 1612 | |
dflet | 0:400d8e75a8d0 | 1613 | /** |
dflet | 0:400d8e75a8d0 | 1614 | * \def POLARSSL_ENTROPY_C |
dflet | 0:400d8e75a8d0 | 1615 | * |
dflet | 0:400d8e75a8d0 | 1616 | * Enable the platform-specific entropy code. |
dflet | 0:400d8e75a8d0 | 1617 | * |
dflet | 0:400d8e75a8d0 | 1618 | * Module: library/entropy.c |
dflet | 0:400d8e75a8d0 | 1619 | * Caller: |
dflet | 0:400d8e75a8d0 | 1620 | * |
dflet | 0:400d8e75a8d0 | 1621 | * Requires: POLARSSL_SHA512_C or POLARSSL_SHA256_C |
dflet | 0:400d8e75a8d0 | 1622 | * |
dflet | 0:400d8e75a8d0 | 1623 | * This module provides a generic entropy pool |
dflet | 0:400d8e75a8d0 | 1624 | */ |
dflet | 0:400d8e75a8d0 | 1625 | #define POLARSSL_ENTROPY_C |
dflet | 0:400d8e75a8d0 | 1626 | |
dflet | 0:400d8e75a8d0 | 1627 | /** |
dflet | 0:400d8e75a8d0 | 1628 | * \def POLARSSL_ERROR_C |
dflet | 0:400d8e75a8d0 | 1629 | * |
dflet | 0:400d8e75a8d0 | 1630 | * Enable error code to error string conversion. |
dflet | 0:400d8e75a8d0 | 1631 | * |
dflet | 0:400d8e75a8d0 | 1632 | * Module: library/error.c |
dflet | 0:400d8e75a8d0 | 1633 | * Caller: |
dflet | 0:400d8e75a8d0 | 1634 | * |
dflet | 0:400d8e75a8d0 | 1635 | * This module enables polarssl_strerror(). |
dflet | 0:400d8e75a8d0 | 1636 | */ |
dflet | 0:400d8e75a8d0 | 1637 | #define POLARSSL_ERROR_C |
dflet | 0:400d8e75a8d0 | 1638 | |
dflet | 0:400d8e75a8d0 | 1639 | /** |
dflet | 0:400d8e75a8d0 | 1640 | * \def POLARSSL_GCM_C |
dflet | 0:400d8e75a8d0 | 1641 | * |
dflet | 0:400d8e75a8d0 | 1642 | * Enable the Galois/Counter Mode (GCM) for AES. |
dflet | 0:400d8e75a8d0 | 1643 | * |
dflet | 0:400d8e75a8d0 | 1644 | * Module: library/gcm.c |
dflet | 0:400d8e75a8d0 | 1645 | * |
dflet | 0:400d8e75a8d0 | 1646 | * Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C |
dflet | 0:400d8e75a8d0 | 1647 | * |
dflet | 0:400d8e75a8d0 | 1648 | * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other |
dflet | 0:400d8e75a8d0 | 1649 | * requisites are enabled as well. |
dflet | 0:400d8e75a8d0 | 1650 | */ |
dflet | 0:400d8e75a8d0 | 1651 | #define POLARSSL_GCM_C |
dflet | 0:400d8e75a8d0 | 1652 | |
dflet | 0:400d8e75a8d0 | 1653 | /** |
dflet | 0:400d8e75a8d0 | 1654 | * \def POLARSSL_HAVEGE_C |
dflet | 0:400d8e75a8d0 | 1655 | * |
dflet | 0:400d8e75a8d0 | 1656 | * Enable the HAVEGE random generator. |
dflet | 0:400d8e75a8d0 | 1657 | * |
dflet | 0:400d8e75a8d0 | 1658 | * Warning: the HAVEGE random generator is not suitable for virtualized |
dflet | 0:400d8e75a8d0 | 1659 | * environments |
dflet | 0:400d8e75a8d0 | 1660 | * |
dflet | 0:400d8e75a8d0 | 1661 | * Warning: the HAVEGE random generator is dependent on timing and specific |
dflet | 0:400d8e75a8d0 | 1662 | * processor traits. It is therefore not advised to use HAVEGE as |
dflet | 0:400d8e75a8d0 | 1663 | * your applications primary random generator or primary entropy pool |
dflet | 0:400d8e75a8d0 | 1664 | * input. As a secondary input to your entropy pool, it IS able add |
dflet | 0:400d8e75a8d0 | 1665 | * the (limited) extra entropy it provides. |
dflet | 0:400d8e75a8d0 | 1666 | * |
dflet | 0:400d8e75a8d0 | 1667 | * Module: library/havege.c |
dflet | 0:400d8e75a8d0 | 1668 | * Caller: |
dflet | 0:400d8e75a8d0 | 1669 | * |
dflet | 0:400d8e75a8d0 | 1670 | * Requires: POLARSSL_TIMING_C |
dflet | 0:400d8e75a8d0 | 1671 | * |
dflet | 0:400d8e75a8d0 | 1672 | * Uncomment to enable the HAVEGE random generator. |
dflet | 0:400d8e75a8d0 | 1673 | */ |
dflet | 0:400d8e75a8d0 | 1674 | //#define POLARSSL_HAVEGE_C |
dflet | 0:400d8e75a8d0 | 1675 | |
dflet | 0:400d8e75a8d0 | 1676 | /** |
dflet | 0:400d8e75a8d0 | 1677 | * \def POLARSSL_HMAC_DRBG_C |
dflet | 0:400d8e75a8d0 | 1678 | * |
dflet | 0:400d8e75a8d0 | 1679 | * Enable the HMAC_DRBG random generator. |
dflet | 0:400d8e75a8d0 | 1680 | * |
dflet | 0:400d8e75a8d0 | 1681 | * Module: library/hmac_drbg.c |
dflet | 0:400d8e75a8d0 | 1682 | * Caller: |
dflet | 0:400d8e75a8d0 | 1683 | * |
dflet | 0:400d8e75a8d0 | 1684 | * Requires: POLARSSL_MD_C |
dflet | 0:400d8e75a8d0 | 1685 | * |
dflet | 0:400d8e75a8d0 | 1686 | * Uncomment to enable the HMAC_DRBG random number geerator. |
dflet | 0:400d8e75a8d0 | 1687 | */ |
dflet | 0:400d8e75a8d0 | 1688 | #define POLARSSL_HMAC_DRBG_C |
dflet | 0:400d8e75a8d0 | 1689 | |
dflet | 0:400d8e75a8d0 | 1690 | /** |
dflet | 0:400d8e75a8d0 | 1691 | * \def POLARSSL_MD_C |
dflet | 0:400d8e75a8d0 | 1692 | * |
dflet | 0:400d8e75a8d0 | 1693 | * Enable the generic message digest layer. |
dflet | 0:400d8e75a8d0 | 1694 | * |
dflet | 0:400d8e75a8d0 | 1695 | * Module: library/md.c |
dflet | 0:400d8e75a8d0 | 1696 | * Caller: |
dflet | 0:400d8e75a8d0 | 1697 | * |
dflet | 0:400d8e75a8d0 | 1698 | * Uncomment to enable generic message digest wrappers. |
dflet | 0:400d8e75a8d0 | 1699 | */ |
dflet | 0:400d8e75a8d0 | 1700 | #define POLARSSL_MD_C |
dflet | 0:400d8e75a8d0 | 1701 | |
dflet | 0:400d8e75a8d0 | 1702 | /** |
dflet | 0:400d8e75a8d0 | 1703 | * \def POLARSSL_MD2_C |
dflet | 0:400d8e75a8d0 | 1704 | * |
dflet | 0:400d8e75a8d0 | 1705 | * Enable the MD2 hash algorithm. |
dflet | 0:400d8e75a8d0 | 1706 | * |
dflet | 0:400d8e75a8d0 | 1707 | * Module: library/md2.c |
dflet | 0:400d8e75a8d0 | 1708 | * Caller: |
dflet | 0:400d8e75a8d0 | 1709 | * |
dflet | 0:400d8e75a8d0 | 1710 | * Uncomment to enable support for (rare) MD2-signed X.509 certs. |
dflet | 0:400d8e75a8d0 | 1711 | */ |
dflet | 0:400d8e75a8d0 | 1712 | //#define POLARSSL_MD2_C |
dflet | 0:400d8e75a8d0 | 1713 | |
dflet | 0:400d8e75a8d0 | 1714 | /** |
dflet | 0:400d8e75a8d0 | 1715 | * \def POLARSSL_MD4_C |
dflet | 0:400d8e75a8d0 | 1716 | * |
dflet | 0:400d8e75a8d0 | 1717 | * Enable the MD4 hash algorithm. |
dflet | 0:400d8e75a8d0 | 1718 | * |
dflet | 0:400d8e75a8d0 | 1719 | * Module: library/md4.c |
dflet | 0:400d8e75a8d0 | 1720 | * Caller: |
dflet | 0:400d8e75a8d0 | 1721 | * |
dflet | 0:400d8e75a8d0 | 1722 | * Uncomment to enable support for (rare) MD4-signed X.509 certs. |
dflet | 0:400d8e75a8d0 | 1723 | */ |
dflet | 0:400d8e75a8d0 | 1724 | //#define POLARSSL_MD4_C |
dflet | 0:400d8e75a8d0 | 1725 | |
dflet | 0:400d8e75a8d0 | 1726 | /** |
dflet | 0:400d8e75a8d0 | 1727 | * \def POLARSSL_MD5_C |
dflet | 0:400d8e75a8d0 | 1728 | * |
dflet | 0:400d8e75a8d0 | 1729 | * Enable the MD5 hash algorithm. |
dflet | 0:400d8e75a8d0 | 1730 | * |
dflet | 0:400d8e75a8d0 | 1731 | * Module: library/md5.c |
dflet | 0:400d8e75a8d0 | 1732 | * Caller: library/md.c |
dflet | 0:400d8e75a8d0 | 1733 | * library/pem.c |
dflet | 0:400d8e75a8d0 | 1734 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1735 | * |
dflet | 0:400d8e75a8d0 | 1736 | * This module is required for SSL/TLS and X.509. |
dflet | 0:400d8e75a8d0 | 1737 | * PEM_PARSE uses MD5 for decrypting encrypted keys. |
dflet | 0:400d8e75a8d0 | 1738 | */ |
dflet | 0:400d8e75a8d0 | 1739 | #define POLARSSL_MD5_C |
dflet | 0:400d8e75a8d0 | 1740 | |
dflet | 0:400d8e75a8d0 | 1741 | /** |
dflet | 0:400d8e75a8d0 | 1742 | * \def POLARSSL_MEMORY_C |
dflet | 0:400d8e75a8d0 | 1743 | * |
dflet | 0:400d8e75a8d0 | 1744 | * \deprecated Use POLARSSL_PLATFORM_MEMORY instead. |
dflet | 0:400d8e75a8d0 | 1745 | * |
dflet | 0:400d8e75a8d0 | 1746 | * Depends on: POLARSSL_PLATFORM_C |
dflet | 0:400d8e75a8d0 | 1747 | */ |
dflet | 0:400d8e75a8d0 | 1748 | //#define POLARSSL_MEMORY_C |
dflet | 0:400d8e75a8d0 | 1749 | |
dflet | 0:400d8e75a8d0 | 1750 | /** |
dflet | 0:400d8e75a8d0 | 1751 | * \def POLARSSL_MEMORY_BUFFER_ALLOC_C |
dflet | 0:400d8e75a8d0 | 1752 | * |
dflet | 0:400d8e75a8d0 | 1753 | * Enable the buffer allocator implementation that makes use of a (stack) |
dflet | 0:400d8e75a8d0 | 1754 | * based buffer to 'allocate' dynamic memory. (replaces malloc() and free() |
dflet | 0:400d8e75a8d0 | 1755 | * calls) |
dflet | 0:400d8e75a8d0 | 1756 | * |
dflet | 0:400d8e75a8d0 | 1757 | * Module: library/memory_buffer_alloc.c |
dflet | 0:400d8e75a8d0 | 1758 | * |
dflet | 0:400d8e75a8d0 | 1759 | * Requires: POLARSSL_PLATFORM_C |
dflet | 0:400d8e75a8d0 | 1760 | * POLARSSL_PLATFORM_MEMORY (to use it within mbed TLS) |
dflet | 0:400d8e75a8d0 | 1761 | * |
dflet | 0:400d8e75a8d0 | 1762 | * Enable this module to enable the buffer memory allocator. |
dflet | 0:400d8e75a8d0 | 1763 | */ |
dflet | 0:400d8e75a8d0 | 1764 | //#define POLARSSL_MEMORY_BUFFER_ALLOC_C |
dflet | 0:400d8e75a8d0 | 1765 | |
dflet | 0:400d8e75a8d0 | 1766 | /** |
dflet | 0:400d8e75a8d0 | 1767 | * \def POLARSSL_NET_C |
dflet | 0:400d8e75a8d0 | 1768 | * |
dflet | 0:400d8e75a8d0 | 1769 | * Enable the TCP/IP networking routines. |
dflet | 0:400d8e75a8d0 | 1770 | * |
dflet | 0:400d8e75a8d0 | 1771 | * \warning As of 1.3.11, it is deprecated to enable this module without |
dflet | 0:400d8e75a8d0 | 1772 | * POLARSSL_HAVE_IPV6. The alternative legacy code will be removed in 2.0. |
dflet | 0:400d8e75a8d0 | 1773 | * |
dflet | 0:400d8e75a8d0 | 1774 | * Module: library/net.c |
dflet | 0:400d8e75a8d0 | 1775 | * |
dflet | 0:400d8e75a8d0 | 1776 | * This module provides TCP/IP networking routines. |
dflet | 0:400d8e75a8d0 | 1777 | */ |
dflet | 0:400d8e75a8d0 | 1778 | #define POLARSSL_NET_C |
dflet | 0:400d8e75a8d0 | 1779 | |
dflet | 0:400d8e75a8d0 | 1780 | /** |
dflet | 0:400d8e75a8d0 | 1781 | * \def POLARSSL_OID_C |
dflet | 0:400d8e75a8d0 | 1782 | * |
dflet | 0:400d8e75a8d0 | 1783 | * Enable the OID database. |
dflet | 0:400d8e75a8d0 | 1784 | * |
dflet | 0:400d8e75a8d0 | 1785 | * Module: library/oid.c |
dflet | 0:400d8e75a8d0 | 1786 | * Caller: library/asn1write.c |
dflet | 0:400d8e75a8d0 | 1787 | * library/pkcs5.c |
dflet | 0:400d8e75a8d0 | 1788 | * library/pkparse.c |
dflet | 0:400d8e75a8d0 | 1789 | * library/pkwrite.c |
dflet | 0:400d8e75a8d0 | 1790 | * library/rsa.c |
dflet | 0:400d8e75a8d0 | 1791 | * library/x509.c |
dflet | 0:400d8e75a8d0 | 1792 | * library/x509_create.c |
dflet | 0:400d8e75a8d0 | 1793 | * library/x509_crl.c |
dflet | 0:400d8e75a8d0 | 1794 | * library/x509_crt.c |
dflet | 0:400d8e75a8d0 | 1795 | * library/x509_csr.c |
dflet | 0:400d8e75a8d0 | 1796 | * library/x509write_crt.c |
dflet | 0:400d8e75a8d0 | 1797 | * library/x509write_csr.c |
dflet | 0:400d8e75a8d0 | 1798 | * |
dflet | 0:400d8e75a8d0 | 1799 | * This modules translates between OIDs and internal values. |
dflet | 0:400d8e75a8d0 | 1800 | */ |
dflet | 0:400d8e75a8d0 | 1801 | #define POLARSSL_OID_C |
dflet | 0:400d8e75a8d0 | 1802 | |
dflet | 0:400d8e75a8d0 | 1803 | /** |
dflet | 0:400d8e75a8d0 | 1804 | * \def POLARSSL_PADLOCK_C |
dflet | 0:400d8e75a8d0 | 1805 | * |
dflet | 0:400d8e75a8d0 | 1806 | * Enable VIA Padlock support on x86. |
dflet | 0:400d8e75a8d0 | 1807 | * |
dflet | 0:400d8e75a8d0 | 1808 | * Module: library/padlock.c |
dflet | 0:400d8e75a8d0 | 1809 | * Caller: library/aes.c |
dflet | 0:400d8e75a8d0 | 1810 | * |
dflet | 0:400d8e75a8d0 | 1811 | * Requires: POLARSSL_HAVE_ASM |
dflet | 0:400d8e75a8d0 | 1812 | * |
dflet | 0:400d8e75a8d0 | 1813 | * This modules adds support for the VIA PadLock on x86. |
dflet | 0:400d8e75a8d0 | 1814 | */ |
dflet | 0:400d8e75a8d0 | 1815 | #define POLARSSL_PADLOCK_C |
dflet | 0:400d8e75a8d0 | 1816 | |
dflet | 0:400d8e75a8d0 | 1817 | /** |
dflet | 0:400d8e75a8d0 | 1818 | * \def POLARSSL_PBKDF2_C |
dflet | 0:400d8e75a8d0 | 1819 | * |
dflet | 0:400d8e75a8d0 | 1820 | * Enable PKCS#5 PBKDF2 key derivation function. |
dflet | 0:400d8e75a8d0 | 1821 | * |
dflet | 0:400d8e75a8d0 | 1822 | * \deprecated Use POLARSSL_PKCS5_C instead |
dflet | 0:400d8e75a8d0 | 1823 | * |
dflet | 0:400d8e75a8d0 | 1824 | * Module: library/pbkdf2.c |
dflet | 0:400d8e75a8d0 | 1825 | * |
dflet | 0:400d8e75a8d0 | 1826 | * Requires: POLARSSL_PKCS5_C |
dflet | 0:400d8e75a8d0 | 1827 | * |
dflet | 0:400d8e75a8d0 | 1828 | * This module adds support for the PKCS#5 PBKDF2 key derivation function. |
dflet | 0:400d8e75a8d0 | 1829 | */ |
dflet | 0:400d8e75a8d0 | 1830 | #define POLARSSL_PBKDF2_C |
dflet | 0:400d8e75a8d0 | 1831 | |
dflet | 0:400d8e75a8d0 | 1832 | /** |
dflet | 0:400d8e75a8d0 | 1833 | * \def POLARSSL_PEM_PARSE_C |
dflet | 0:400d8e75a8d0 | 1834 | * |
dflet | 0:400d8e75a8d0 | 1835 | * Enable PEM decoding / parsing. |
dflet | 0:400d8e75a8d0 | 1836 | * |
dflet | 0:400d8e75a8d0 | 1837 | * Module: library/pem.c |
dflet | 0:400d8e75a8d0 | 1838 | * Caller: library/dhm.c |
dflet | 0:400d8e75a8d0 | 1839 | * library/pkparse.c |
dflet | 0:400d8e75a8d0 | 1840 | * library/x509_crl.c |
dflet | 0:400d8e75a8d0 | 1841 | * library/x509_crt.c |
dflet | 0:400d8e75a8d0 | 1842 | * library/x509_csr.c |
dflet | 0:400d8e75a8d0 | 1843 | * |
dflet | 0:400d8e75a8d0 | 1844 | * Requires: POLARSSL_BASE64_C |
dflet | 0:400d8e75a8d0 | 1845 | * |
dflet | 0:400d8e75a8d0 | 1846 | * This modules adds support for decoding / parsing PEM files. |
dflet | 0:400d8e75a8d0 | 1847 | */ |
dflet | 0:400d8e75a8d0 | 1848 | #define POLARSSL_PEM_PARSE_C |
dflet | 0:400d8e75a8d0 | 1849 | |
dflet | 0:400d8e75a8d0 | 1850 | /** |
dflet | 0:400d8e75a8d0 | 1851 | * \def POLARSSL_PEM_WRITE_C |
dflet | 0:400d8e75a8d0 | 1852 | * |
dflet | 0:400d8e75a8d0 | 1853 | * Enable PEM encoding / writing. |
dflet | 0:400d8e75a8d0 | 1854 | * |
dflet | 0:400d8e75a8d0 | 1855 | * Module: library/pem.c |
dflet | 0:400d8e75a8d0 | 1856 | * Caller: library/pkwrite.c |
dflet | 0:400d8e75a8d0 | 1857 | * library/x509write_crt.c |
dflet | 0:400d8e75a8d0 | 1858 | * library/x509write_csr.c |
dflet | 0:400d8e75a8d0 | 1859 | * |
dflet | 0:400d8e75a8d0 | 1860 | * Requires: POLARSSL_BASE64_C |
dflet | 0:400d8e75a8d0 | 1861 | * |
dflet | 0:400d8e75a8d0 | 1862 | * This modules adds support for encoding / writing PEM files. |
dflet | 0:400d8e75a8d0 | 1863 | */ |
dflet | 0:400d8e75a8d0 | 1864 | #define POLARSSL_PEM_WRITE_C |
dflet | 0:400d8e75a8d0 | 1865 | |
dflet | 0:400d8e75a8d0 | 1866 | /** |
dflet | 0:400d8e75a8d0 | 1867 | * \def POLARSSL_PK_C |
dflet | 0:400d8e75a8d0 | 1868 | * |
dflet | 0:400d8e75a8d0 | 1869 | * Enable the generic public (asymetric) key layer. |
dflet | 0:400d8e75a8d0 | 1870 | * |
dflet | 0:400d8e75a8d0 | 1871 | * Module: library/pk.c |
dflet | 0:400d8e75a8d0 | 1872 | * Caller: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1873 | * library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 1874 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 1875 | * |
dflet | 0:400d8e75a8d0 | 1876 | * Requires: POLARSSL_RSA_C or POLARSSL_ECP_C |
dflet | 0:400d8e75a8d0 | 1877 | * |
dflet | 0:400d8e75a8d0 | 1878 | * Uncomment to enable generic public key wrappers. |
dflet | 0:400d8e75a8d0 | 1879 | */ |
dflet | 0:400d8e75a8d0 | 1880 | #define POLARSSL_PK_C |
dflet | 0:400d8e75a8d0 | 1881 | |
dflet | 0:400d8e75a8d0 | 1882 | /** |
dflet | 0:400d8e75a8d0 | 1883 | * \def POLARSSL_PK_PARSE_C |
dflet | 0:400d8e75a8d0 | 1884 | * |
dflet | 0:400d8e75a8d0 | 1885 | * Enable the generic public (asymetric) key parser. |
dflet | 0:400d8e75a8d0 | 1886 | * |
dflet | 0:400d8e75a8d0 | 1887 | * Module: library/pkparse.c |
dflet | 0:400d8e75a8d0 | 1888 | * Caller: library/x509_crt.c |
dflet | 0:400d8e75a8d0 | 1889 | * library/x509_csr.c |
dflet | 0:400d8e75a8d0 | 1890 | * |
dflet | 0:400d8e75a8d0 | 1891 | * Requires: POLARSSL_PK_C |
dflet | 0:400d8e75a8d0 | 1892 | * |
dflet | 0:400d8e75a8d0 | 1893 | * Uncomment to enable generic public key parse functions. |
dflet | 0:400d8e75a8d0 | 1894 | */ |
dflet | 0:400d8e75a8d0 | 1895 | #define POLARSSL_PK_PARSE_C |
dflet | 0:400d8e75a8d0 | 1896 | |
dflet | 0:400d8e75a8d0 | 1897 | /** |
dflet | 0:400d8e75a8d0 | 1898 | * \def POLARSSL_PK_WRITE_C |
dflet | 0:400d8e75a8d0 | 1899 | * |
dflet | 0:400d8e75a8d0 | 1900 | * Enable the generic public (asymetric) key writer. |
dflet | 0:400d8e75a8d0 | 1901 | * |
dflet | 0:400d8e75a8d0 | 1902 | * Module: library/pkwrite.c |
dflet | 0:400d8e75a8d0 | 1903 | * Caller: library/x509write.c |
dflet | 0:400d8e75a8d0 | 1904 | * |
dflet | 0:400d8e75a8d0 | 1905 | * Requires: POLARSSL_PK_C |
dflet | 0:400d8e75a8d0 | 1906 | * |
dflet | 0:400d8e75a8d0 | 1907 | * Uncomment to enable generic public key write functions. |
dflet | 0:400d8e75a8d0 | 1908 | */ |
dflet | 0:400d8e75a8d0 | 1909 | #define POLARSSL_PK_WRITE_C |
dflet | 0:400d8e75a8d0 | 1910 | |
dflet | 0:400d8e75a8d0 | 1911 | /** |
dflet | 0:400d8e75a8d0 | 1912 | * \def POLARSSL_PKCS5_C |
dflet | 0:400d8e75a8d0 | 1913 | * |
dflet | 0:400d8e75a8d0 | 1914 | * Enable PKCS#5 functions. |
dflet | 0:400d8e75a8d0 | 1915 | * |
dflet | 0:400d8e75a8d0 | 1916 | * Module: library/pkcs5.c |
dflet | 0:400d8e75a8d0 | 1917 | * |
dflet | 0:400d8e75a8d0 | 1918 | * Requires: POLARSSL_MD_C |
dflet | 0:400d8e75a8d0 | 1919 | * |
dflet | 0:400d8e75a8d0 | 1920 | * This module adds support for the PKCS#5 functions. |
dflet | 0:400d8e75a8d0 | 1921 | */ |
dflet | 0:400d8e75a8d0 | 1922 | #define POLARSSL_PKCS5_C |
dflet | 0:400d8e75a8d0 | 1923 | |
dflet | 0:400d8e75a8d0 | 1924 | /** |
dflet | 0:400d8e75a8d0 | 1925 | * \def POLARSSL_PKCS11_C |
dflet | 0:400d8e75a8d0 | 1926 | * |
dflet | 0:400d8e75a8d0 | 1927 | * Enable wrapper for PKCS#11 smartcard support. |
dflet | 0:400d8e75a8d0 | 1928 | * |
dflet | 0:400d8e75a8d0 | 1929 | * Module: library/pkcs11.c |
dflet | 0:400d8e75a8d0 | 1930 | * Caller: library/pk.c |
dflet | 0:400d8e75a8d0 | 1931 | * |
dflet | 0:400d8e75a8d0 | 1932 | * Requires: POLARSSL_PK_C |
dflet | 0:400d8e75a8d0 | 1933 | * |
dflet | 0:400d8e75a8d0 | 1934 | * This module enables SSL/TLS PKCS #11 smartcard support. |
dflet | 0:400d8e75a8d0 | 1935 | * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) |
dflet | 0:400d8e75a8d0 | 1936 | */ |
dflet | 0:400d8e75a8d0 | 1937 | //#define POLARSSL_PKCS11_C |
dflet | 0:400d8e75a8d0 | 1938 | |
dflet | 0:400d8e75a8d0 | 1939 | /** |
dflet | 0:400d8e75a8d0 | 1940 | * \def POLARSSL_PKCS12_C |
dflet | 0:400d8e75a8d0 | 1941 | * |
dflet | 0:400d8e75a8d0 | 1942 | * Enable PKCS#12 PBE functions. |
dflet | 0:400d8e75a8d0 | 1943 | * Adds algorithms for parsing PKCS#8 encrypted private keys |
dflet | 0:400d8e75a8d0 | 1944 | * |
dflet | 0:400d8e75a8d0 | 1945 | * Module: library/pkcs12.c |
dflet | 0:400d8e75a8d0 | 1946 | * Caller: library/pkparse.c |
dflet | 0:400d8e75a8d0 | 1947 | * |
dflet | 0:400d8e75a8d0 | 1948 | * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_CIPHER_C, POLARSSL_MD_C |
dflet | 0:400d8e75a8d0 | 1949 | * Can use: POLARSSL_ARC4_C |
dflet | 0:400d8e75a8d0 | 1950 | * |
dflet | 0:400d8e75a8d0 | 1951 | * This module enables PKCS#12 functions. |
dflet | 0:400d8e75a8d0 | 1952 | */ |
dflet | 0:400d8e75a8d0 | 1953 | #define POLARSSL_PKCS12_C |
dflet | 0:400d8e75a8d0 | 1954 | |
dflet | 0:400d8e75a8d0 | 1955 | /** |
dflet | 0:400d8e75a8d0 | 1956 | * \def POLARSSL_PLATFORM_C |
dflet | 0:400d8e75a8d0 | 1957 | * |
dflet | 0:400d8e75a8d0 | 1958 | * Enable the platform abstraction layer that allows you to re-assign |
dflet | 0:400d8e75a8d0 | 1959 | * functions like malloc(), free(), snprintf(), printf(), fprintf(), exit() |
dflet | 0:400d8e75a8d0 | 1960 | * |
dflet | 0:400d8e75a8d0 | 1961 | * Enabling POLARSSL_PLATFORM_C enables to use of POLARSSL_PLATFORM_XXX_ALT |
dflet | 0:400d8e75a8d0 | 1962 | * or POLARSSL_PLATFORM_XXX_MACRO directives, allowing the functions mentioned |
dflet | 0:400d8e75a8d0 | 1963 | * above to be specified at runtime or compile time respectively. |
dflet | 0:400d8e75a8d0 | 1964 | * |
dflet | 0:400d8e75a8d0 | 1965 | * Module: library/platform.c |
dflet | 0:400d8e75a8d0 | 1966 | * Caller: Most other .c files |
dflet | 0:400d8e75a8d0 | 1967 | * |
dflet | 0:400d8e75a8d0 | 1968 | * This module enables abstraction of common (libc) functions. |
dflet | 0:400d8e75a8d0 | 1969 | */ |
dflet | 0:400d8e75a8d0 | 1970 | #define POLARSSL_PLATFORM_C |
dflet | 0:400d8e75a8d0 | 1971 | |
dflet | 0:400d8e75a8d0 | 1972 | /** |
dflet | 0:400d8e75a8d0 | 1973 | * \def POLARSSL_RIPEMD160_C |
dflet | 0:400d8e75a8d0 | 1974 | * |
dflet | 0:400d8e75a8d0 | 1975 | * Enable the RIPEMD-160 hash algorithm. |
dflet | 0:400d8e75a8d0 | 1976 | * |
dflet | 0:400d8e75a8d0 | 1977 | * Module: library/ripemd160.c |
dflet | 0:400d8e75a8d0 | 1978 | * Caller: library/md.c |
dflet | 0:400d8e75a8d0 | 1979 | * |
dflet | 0:400d8e75a8d0 | 1980 | */ |
dflet | 0:400d8e75a8d0 | 1981 | #define POLARSSL_RIPEMD160_C |
dflet | 0:400d8e75a8d0 | 1982 | |
dflet | 0:400d8e75a8d0 | 1983 | /** |
dflet | 0:400d8e75a8d0 | 1984 | * \def POLARSSL_RSA_C |
dflet | 0:400d8e75a8d0 | 1985 | * |
dflet | 0:400d8e75a8d0 | 1986 | * Enable the RSA public-key cryptosystem. |
dflet | 0:400d8e75a8d0 | 1987 | * |
dflet | 0:400d8e75a8d0 | 1988 | * Module: library/rsa.c |
dflet | 0:400d8e75a8d0 | 1989 | * Caller: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 1990 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 1991 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 1992 | * library/x509.c |
dflet | 0:400d8e75a8d0 | 1993 | * |
dflet | 0:400d8e75a8d0 | 1994 | * This module is used by the following key exchanges: |
dflet | 0:400d8e75a8d0 | 1995 | * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK |
dflet | 0:400d8e75a8d0 | 1996 | * |
dflet | 0:400d8e75a8d0 | 1997 | * Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C |
dflet | 0:400d8e75a8d0 | 1998 | */ |
dflet | 0:400d8e75a8d0 | 1999 | #define POLARSSL_RSA_C |
dflet | 0:400d8e75a8d0 | 2000 | |
dflet | 0:400d8e75a8d0 | 2001 | /** |
dflet | 0:400d8e75a8d0 | 2002 | * \def POLARSSL_SHA1_C |
dflet | 0:400d8e75a8d0 | 2003 | * |
dflet | 0:400d8e75a8d0 | 2004 | * Enable the SHA1 cryptographic hash algorithm. |
dflet | 0:400d8e75a8d0 | 2005 | * |
dflet | 0:400d8e75a8d0 | 2006 | * Module: library/sha1.c |
dflet | 0:400d8e75a8d0 | 2007 | * Caller: library/md.c |
dflet | 0:400d8e75a8d0 | 2008 | * library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 2009 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 2010 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 2011 | * library/x509write_crt.c |
dflet | 0:400d8e75a8d0 | 2012 | * |
dflet | 0:400d8e75a8d0 | 2013 | * This module is required for SSL/TLS and SHA1-signed certificates. |
dflet | 0:400d8e75a8d0 | 2014 | */ |
dflet | 0:400d8e75a8d0 | 2015 | #define POLARSSL_SHA1_C |
dflet | 0:400d8e75a8d0 | 2016 | |
dflet | 0:400d8e75a8d0 | 2017 | /** |
dflet | 0:400d8e75a8d0 | 2018 | * \def POLARSSL_SHA256_C |
dflet | 0:400d8e75a8d0 | 2019 | * |
dflet | 0:400d8e75a8d0 | 2020 | * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. |
dflet | 0:400d8e75a8d0 | 2021 | * (Used to be POLARSSL_SHA2_C) |
dflet | 0:400d8e75a8d0 | 2022 | * |
dflet | 0:400d8e75a8d0 | 2023 | * Module: library/sha256.c |
dflet | 0:400d8e75a8d0 | 2024 | * Caller: library/entropy.c |
dflet | 0:400d8e75a8d0 | 2025 | * library/md.c |
dflet | 0:400d8e75a8d0 | 2026 | * library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 2027 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 2028 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 2029 | * |
dflet | 0:400d8e75a8d0 | 2030 | * This module adds support for SHA-224 and SHA-256. |
dflet | 0:400d8e75a8d0 | 2031 | * This module is required for the SSL/TLS 1.2 PRF function. |
dflet | 0:400d8e75a8d0 | 2032 | */ |
dflet | 0:400d8e75a8d0 | 2033 | #define POLARSSL_SHA256_C |
dflet | 0:400d8e75a8d0 | 2034 | |
dflet | 0:400d8e75a8d0 | 2035 | /** |
dflet | 0:400d8e75a8d0 | 2036 | * \def POLARSSL_SHA512_C |
dflet | 0:400d8e75a8d0 | 2037 | * |
dflet | 0:400d8e75a8d0 | 2038 | * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. |
dflet | 0:400d8e75a8d0 | 2039 | * (Used to be POLARSSL_SHA4_C) |
dflet | 0:400d8e75a8d0 | 2040 | * |
dflet | 0:400d8e75a8d0 | 2041 | * Module: library/sha512.c |
dflet | 0:400d8e75a8d0 | 2042 | * Caller: library/entropy.c |
dflet | 0:400d8e75a8d0 | 2043 | * library/md.c |
dflet | 0:400d8e75a8d0 | 2044 | * library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 2045 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 2046 | * |
dflet | 0:400d8e75a8d0 | 2047 | * This module adds support for SHA-384 and SHA-512. |
dflet | 0:400d8e75a8d0 | 2048 | */ |
dflet | 0:400d8e75a8d0 | 2049 | #define POLARSSL_SHA512_C |
dflet | 0:400d8e75a8d0 | 2050 | |
dflet | 0:400d8e75a8d0 | 2051 | /** |
dflet | 0:400d8e75a8d0 | 2052 | * \def POLARSSL_SSL_CACHE_C |
dflet | 0:400d8e75a8d0 | 2053 | * |
dflet | 0:400d8e75a8d0 | 2054 | * Enable simple SSL cache implementation. |
dflet | 0:400d8e75a8d0 | 2055 | * |
dflet | 0:400d8e75a8d0 | 2056 | * Module: library/ssl_cache.c |
dflet | 0:400d8e75a8d0 | 2057 | * Caller: |
dflet | 0:400d8e75a8d0 | 2058 | * |
dflet | 0:400d8e75a8d0 | 2059 | * Requires: POLARSSL_SSL_CACHE_C |
dflet | 0:400d8e75a8d0 | 2060 | */ |
dflet | 0:400d8e75a8d0 | 2061 | #define POLARSSL_SSL_CACHE_C |
dflet | 0:400d8e75a8d0 | 2062 | |
dflet | 0:400d8e75a8d0 | 2063 | /** |
dflet | 0:400d8e75a8d0 | 2064 | * \def POLARSSL_SSL_CLI_C |
dflet | 0:400d8e75a8d0 | 2065 | * |
dflet | 0:400d8e75a8d0 | 2066 | * Enable the SSL/TLS client code. |
dflet | 0:400d8e75a8d0 | 2067 | * |
dflet | 0:400d8e75a8d0 | 2068 | * Module: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 2069 | * Caller: |
dflet | 0:400d8e75a8d0 | 2070 | * |
dflet | 0:400d8e75a8d0 | 2071 | * Requires: POLARSSL_SSL_TLS_C |
dflet | 0:400d8e75a8d0 | 2072 | * |
dflet | 0:400d8e75a8d0 | 2073 | * This module is required for SSL/TLS client support. |
dflet | 0:400d8e75a8d0 | 2074 | */ |
dflet | 0:400d8e75a8d0 | 2075 | #define POLARSSL_SSL_CLI_C |
dflet | 0:400d8e75a8d0 | 2076 | |
dflet | 0:400d8e75a8d0 | 2077 | /** |
dflet | 0:400d8e75a8d0 | 2078 | * \def POLARSSL_SSL_SRV_C |
dflet | 0:400d8e75a8d0 | 2079 | * |
dflet | 0:400d8e75a8d0 | 2080 | * Enable the SSL/TLS server code. |
dflet | 0:400d8e75a8d0 | 2081 | * |
dflet | 0:400d8e75a8d0 | 2082 | * Module: library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 2083 | * Caller: |
dflet | 0:400d8e75a8d0 | 2084 | * |
dflet | 0:400d8e75a8d0 | 2085 | * Requires: POLARSSL_SSL_TLS_C |
dflet | 0:400d8e75a8d0 | 2086 | * |
dflet | 0:400d8e75a8d0 | 2087 | * This module is required for SSL/TLS server support. |
dflet | 0:400d8e75a8d0 | 2088 | */ |
dflet | 0:400d8e75a8d0 | 2089 | #define POLARSSL_SSL_SRV_C |
dflet | 0:400d8e75a8d0 | 2090 | |
dflet | 0:400d8e75a8d0 | 2091 | /** |
dflet | 0:400d8e75a8d0 | 2092 | * \def POLARSSL_SSL_TLS_C |
dflet | 0:400d8e75a8d0 | 2093 | * |
dflet | 0:400d8e75a8d0 | 2094 | * Enable the generic SSL/TLS code. |
dflet | 0:400d8e75a8d0 | 2095 | * |
dflet | 0:400d8e75a8d0 | 2096 | * Module: library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 2097 | * Caller: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 2098 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 2099 | * |
dflet | 0:400d8e75a8d0 | 2100 | * Requires: POLARSSL_CIPHER_C, POLARSSL_MD_C |
dflet | 0:400d8e75a8d0 | 2101 | * and at least one of the POLARSSL_SSL_PROTO_* defines |
dflet | 0:400d8e75a8d0 | 2102 | * |
dflet | 0:400d8e75a8d0 | 2103 | * This module is required for SSL/TLS. |
dflet | 0:400d8e75a8d0 | 2104 | */ |
dflet | 0:400d8e75a8d0 | 2105 | #define POLARSSL_SSL_TLS_C |
dflet | 0:400d8e75a8d0 | 2106 | |
dflet | 0:400d8e75a8d0 | 2107 | /** |
dflet | 0:400d8e75a8d0 | 2108 | * \def POLARSSL_THREADING_C |
dflet | 0:400d8e75a8d0 | 2109 | * |
dflet | 0:400d8e75a8d0 | 2110 | * Enable the threading abstraction layer. |
dflet | 0:400d8e75a8d0 | 2111 | * By default mbed TLS assumes it is used in a non-threaded environment or that |
dflet | 0:400d8e75a8d0 | 2112 | * contexts are not shared between threads. If you do intend to use contexts |
dflet | 0:400d8e75a8d0 | 2113 | * between threads, you will need to enable this layer to prevent race |
dflet | 0:400d8e75a8d0 | 2114 | * conditions. |
dflet | 0:400d8e75a8d0 | 2115 | * |
dflet | 0:400d8e75a8d0 | 2116 | * Module: library/threading.c |
dflet | 0:400d8e75a8d0 | 2117 | * |
dflet | 0:400d8e75a8d0 | 2118 | * This allows different threading implementations (self-implemented or |
dflet | 0:400d8e75a8d0 | 2119 | * provided). |
dflet | 0:400d8e75a8d0 | 2120 | * |
dflet | 0:400d8e75a8d0 | 2121 | * You will have to enable either POLARSSL_THREADING_ALT or |
dflet | 0:400d8e75a8d0 | 2122 | * POLARSSL_THREADING_PTHREAD. |
dflet | 0:400d8e75a8d0 | 2123 | * |
dflet | 0:400d8e75a8d0 | 2124 | * Enable this layer to allow use of mutexes within mbed TLS |
dflet | 0:400d8e75a8d0 | 2125 | */ |
dflet | 0:400d8e75a8d0 | 2126 | //#define POLARSSL_THREADING_C |
dflet | 0:400d8e75a8d0 | 2127 | |
dflet | 0:400d8e75a8d0 | 2128 | /** |
dflet | 0:400d8e75a8d0 | 2129 | * \def POLARSSL_TIMING_C |
dflet | 0:400d8e75a8d0 | 2130 | * |
dflet | 0:400d8e75a8d0 | 2131 | * Enable the portable timing interface. |
dflet | 0:400d8e75a8d0 | 2132 | * |
dflet | 0:400d8e75a8d0 | 2133 | * Module: library/timing.c |
dflet | 0:400d8e75a8d0 | 2134 | * Caller: library/havege.c |
dflet | 0:400d8e75a8d0 | 2135 | * |
dflet | 0:400d8e75a8d0 | 2136 | * This module is used by the HAVEGE random number generator. |
dflet | 0:400d8e75a8d0 | 2137 | */ |
dflet | 0:400d8e75a8d0 | 2138 | #define POLARSSL_TIMING_C |
dflet | 0:400d8e75a8d0 | 2139 | |
dflet | 0:400d8e75a8d0 | 2140 | /** |
dflet | 0:400d8e75a8d0 | 2141 | * \def POLARSSL_VERSION_C |
dflet | 0:400d8e75a8d0 | 2142 | * |
dflet | 0:400d8e75a8d0 | 2143 | * Enable run-time version information. |
dflet | 0:400d8e75a8d0 | 2144 | * |
dflet | 0:400d8e75a8d0 | 2145 | * Module: library/version.c |
dflet | 0:400d8e75a8d0 | 2146 | * |
dflet | 0:400d8e75a8d0 | 2147 | * This module provides run-time version information. |
dflet | 0:400d8e75a8d0 | 2148 | */ |
dflet | 0:400d8e75a8d0 | 2149 | #define POLARSSL_VERSION_C |
dflet | 0:400d8e75a8d0 | 2150 | |
dflet | 0:400d8e75a8d0 | 2151 | /** |
dflet | 0:400d8e75a8d0 | 2152 | * \def POLARSSL_X509_USE_C |
dflet | 0:400d8e75a8d0 | 2153 | * |
dflet | 0:400d8e75a8d0 | 2154 | * Enable X.509 core for using certificates. |
dflet | 0:400d8e75a8d0 | 2155 | * |
dflet | 0:400d8e75a8d0 | 2156 | * Module: library/x509.c |
dflet | 0:400d8e75a8d0 | 2157 | * Caller: library/x509_crl.c |
dflet | 0:400d8e75a8d0 | 2158 | * library/x509_crt.c |
dflet | 0:400d8e75a8d0 | 2159 | * library/x509_csr.c |
dflet | 0:400d8e75a8d0 | 2160 | * |
dflet | 0:400d8e75a8d0 | 2161 | * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_OID_C, |
dflet | 0:400d8e75a8d0 | 2162 | * POLARSSL_PK_PARSE_C |
dflet | 0:400d8e75a8d0 | 2163 | * |
dflet | 0:400d8e75a8d0 | 2164 | * This module is required for the X.509 parsing modules. |
dflet | 0:400d8e75a8d0 | 2165 | */ |
dflet | 0:400d8e75a8d0 | 2166 | #define POLARSSL_X509_USE_C |
dflet | 0:400d8e75a8d0 | 2167 | |
dflet | 0:400d8e75a8d0 | 2168 | /** |
dflet | 0:400d8e75a8d0 | 2169 | * \def POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 2170 | * |
dflet | 0:400d8e75a8d0 | 2171 | * Enable X.509 certificate parsing. |
dflet | 0:400d8e75a8d0 | 2172 | * |
dflet | 0:400d8e75a8d0 | 2173 | * Module: library/x509_crt.c |
dflet | 0:400d8e75a8d0 | 2174 | * Caller: library/ssl_cli.c |
dflet | 0:400d8e75a8d0 | 2175 | * library/ssl_srv.c |
dflet | 0:400d8e75a8d0 | 2176 | * library/ssl_tls.c |
dflet | 0:400d8e75a8d0 | 2177 | * |
dflet | 0:400d8e75a8d0 | 2178 | * Requires: POLARSSL_X509_USE_C |
dflet | 0:400d8e75a8d0 | 2179 | * |
dflet | 0:400d8e75a8d0 | 2180 | * This module is required for X.509 certificate parsing. |
dflet | 0:400d8e75a8d0 | 2181 | */ |
dflet | 0:400d8e75a8d0 | 2182 | #define POLARSSL_X509_CRT_PARSE_C |
dflet | 0:400d8e75a8d0 | 2183 | |
dflet | 0:400d8e75a8d0 | 2184 | /** |
dflet | 0:400d8e75a8d0 | 2185 | * \def POLARSSL_X509_CRL_PARSE_C |
dflet | 0:400d8e75a8d0 | 2186 | * |
dflet | 0:400d8e75a8d0 | 2187 | * Enable X.509 CRL parsing. |
dflet | 0:400d8e75a8d0 | 2188 | * |
dflet | 0:400d8e75a8d0 | 2189 | * Module: library/x509_crl.c |
dflet | 0:400d8e75a8d0 | 2190 | * Caller: library/x509_crt.c |
dflet | 0:400d8e75a8d0 | 2191 | * |
dflet | 0:400d8e75a8d0 | 2192 | * Requires: POLARSSL_X509_USE_C |
dflet | 0:400d8e75a8d0 | 2193 | * |
dflet | 0:400d8e75a8d0 | 2194 | * This module is required for X.509 CRL parsing. |
dflet | 0:400d8e75a8d0 | 2195 | */ |
dflet | 0:400d8e75a8d0 | 2196 | #define POLARSSL_X509_CRL_PARSE_C |
dflet | 0:400d8e75a8d0 | 2197 | |
dflet | 0:400d8e75a8d0 | 2198 | /** |
dflet | 0:400d8e75a8d0 | 2199 | * \def POLARSSL_X509_CSR_PARSE_C |
dflet | 0:400d8e75a8d0 | 2200 | * |
dflet | 0:400d8e75a8d0 | 2201 | * Enable X.509 Certificate Signing Request (CSR) parsing. |
dflet | 0:400d8e75a8d0 | 2202 | * |
dflet | 0:400d8e75a8d0 | 2203 | * Module: library/x509_csr.c |
dflet | 0:400d8e75a8d0 | 2204 | * Caller: library/x509_crt_write.c |
dflet | 0:400d8e75a8d0 | 2205 | * |
dflet | 0:400d8e75a8d0 | 2206 | * Requires: POLARSSL_X509_USE_C |
dflet | 0:400d8e75a8d0 | 2207 | * |
dflet | 0:400d8e75a8d0 | 2208 | * This module is used for reading X.509 certificate request. |
dflet | 0:400d8e75a8d0 | 2209 | */ |
dflet | 0:400d8e75a8d0 | 2210 | #define POLARSSL_X509_CSR_PARSE_C |
dflet | 0:400d8e75a8d0 | 2211 | |
dflet | 0:400d8e75a8d0 | 2212 | /** |
dflet | 0:400d8e75a8d0 | 2213 | * \def POLARSSL_X509_CREATE_C |
dflet | 0:400d8e75a8d0 | 2214 | * |
dflet | 0:400d8e75a8d0 | 2215 | * Enable X.509 core for creating certificates. |
dflet | 0:400d8e75a8d0 | 2216 | * |
dflet | 0:400d8e75a8d0 | 2217 | * Module: library/x509_create.c |
dflet | 0:400d8e75a8d0 | 2218 | * |
dflet | 0:400d8e75a8d0 | 2219 | * Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_WRITE_C |
dflet | 0:400d8e75a8d0 | 2220 | * |
dflet | 0:400d8e75a8d0 | 2221 | * This module is the basis for creating X.509 certificates and CSRs. |
dflet | 0:400d8e75a8d0 | 2222 | */ |
dflet | 0:400d8e75a8d0 | 2223 | #define POLARSSL_X509_CREATE_C |
dflet | 0:400d8e75a8d0 | 2224 | |
dflet | 0:400d8e75a8d0 | 2225 | /** |
dflet | 0:400d8e75a8d0 | 2226 | * \def POLARSSL_X509_CRT_WRITE_C |
dflet | 0:400d8e75a8d0 | 2227 | * |
dflet | 0:400d8e75a8d0 | 2228 | * Enable creating X.509 certificates. |
dflet | 0:400d8e75a8d0 | 2229 | * |
dflet | 0:400d8e75a8d0 | 2230 | * Module: library/x509_crt_write.c |
dflet | 0:400d8e75a8d0 | 2231 | * |
dflet | 0:400d8e75a8d0 | 2232 | * Requires: POLARSSL_CREATE_C |
dflet | 0:400d8e75a8d0 | 2233 | * |
dflet | 0:400d8e75a8d0 | 2234 | * This module is required for X.509 certificate creation. |
dflet | 0:400d8e75a8d0 | 2235 | */ |
dflet | 0:400d8e75a8d0 | 2236 | #define POLARSSL_X509_CRT_WRITE_C |
dflet | 0:400d8e75a8d0 | 2237 | |
dflet | 0:400d8e75a8d0 | 2238 | /** |
dflet | 0:400d8e75a8d0 | 2239 | * \def POLARSSL_X509_CSR_WRITE_C |
dflet | 0:400d8e75a8d0 | 2240 | * |
dflet | 0:400d8e75a8d0 | 2241 | * Enable creating X.509 Certificate Signing Requests (CSR). |
dflet | 0:400d8e75a8d0 | 2242 | * |
dflet | 0:400d8e75a8d0 | 2243 | * Module: library/x509_csr_write.c |
dflet | 0:400d8e75a8d0 | 2244 | * |
dflet | 0:400d8e75a8d0 | 2245 | * Requires: POLARSSL_CREATE_C |
dflet | 0:400d8e75a8d0 | 2246 | * |
dflet | 0:400d8e75a8d0 | 2247 | * This module is required for X.509 certificate request writing. |
dflet | 0:400d8e75a8d0 | 2248 | */ |
dflet | 0:400d8e75a8d0 | 2249 | #define POLARSSL_X509_CSR_WRITE_C |
dflet | 0:400d8e75a8d0 | 2250 | |
dflet | 0:400d8e75a8d0 | 2251 | /** |
dflet | 0:400d8e75a8d0 | 2252 | * \def POLARSSL_XTEA_C |
dflet | 0:400d8e75a8d0 | 2253 | * |
dflet | 0:400d8e75a8d0 | 2254 | * Enable the XTEA block cipher. |
dflet | 0:400d8e75a8d0 | 2255 | * |
dflet | 0:400d8e75a8d0 | 2256 | * Module: library/xtea.c |
dflet | 0:400d8e75a8d0 | 2257 | * Caller: |
dflet | 0:400d8e75a8d0 | 2258 | */ |
dflet | 0:400d8e75a8d0 | 2259 | #define POLARSSL_XTEA_C |
dflet | 0:400d8e75a8d0 | 2260 | |
dflet | 0:400d8e75a8d0 | 2261 | /* \} name SECTION: mbed TLS modules */ |
dflet | 0:400d8e75a8d0 | 2262 | |
dflet | 0:400d8e75a8d0 | 2263 | /** |
dflet | 0:400d8e75a8d0 | 2264 | * \name SECTION: Module configuration options |
dflet | 0:400d8e75a8d0 | 2265 | * |
dflet | 0:400d8e75a8d0 | 2266 | * This section allows for the setting of module specific sizes and |
dflet | 0:400d8e75a8d0 | 2267 | * configuration options. The default values are already present in the |
dflet | 0:400d8e75a8d0 | 2268 | * relevant header files and should suffice for the regular use cases. |
dflet | 0:400d8e75a8d0 | 2269 | * |
dflet | 0:400d8e75a8d0 | 2270 | * Our advice is to enable options and change their values here |
dflet | 0:400d8e75a8d0 | 2271 | * only if you have a good reason and know the consequences. |
dflet | 0:400d8e75a8d0 | 2272 | * |
dflet | 0:400d8e75a8d0 | 2273 | * Please check the respective header file for documentation on these |
dflet | 0:400d8e75a8d0 | 2274 | * parameters (to prevent duplicate documentation). |
dflet | 0:400d8e75a8d0 | 2275 | * \{ |
dflet | 0:400d8e75a8d0 | 2276 | */ |
dflet | 0:400d8e75a8d0 | 2277 | |
dflet | 0:400d8e75a8d0 | 2278 | /* MPI / BIGNUM options */ |
dflet | 0:400d8e75a8d0 | 2279 | //#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ |
dflet | 0:400d8e75a8d0 | 2280 | //#define POLARSSL_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ |
dflet | 0:400d8e75a8d0 | 2281 | |
dflet | 0:400d8e75a8d0 | 2282 | /* CTR_DRBG options */ |
dflet | 0:400d8e75a8d0 | 2283 | //#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ |
dflet | 0:400d8e75a8d0 | 2284 | //#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ |
dflet | 0:400d8e75a8d0 | 2285 | //#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ |
dflet | 0:400d8e75a8d0 | 2286 | //#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ |
dflet | 0:400d8e75a8d0 | 2287 | //#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ |
dflet | 0:400d8e75a8d0 | 2288 | |
dflet | 0:400d8e75a8d0 | 2289 | /* HMAC_DRBG options */ |
dflet | 0:400d8e75a8d0 | 2290 | //#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ |
dflet | 0:400d8e75a8d0 | 2291 | //#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ |
dflet | 0:400d8e75a8d0 | 2292 | //#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ |
dflet | 0:400d8e75a8d0 | 2293 | //#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ |
dflet | 0:400d8e75a8d0 | 2294 | |
dflet | 0:400d8e75a8d0 | 2295 | /* ECP options */ |
dflet | 0:400d8e75a8d0 | 2296 | //#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ |
dflet | 0:400d8e75a8d0 | 2297 | //#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ |
dflet | 0:400d8e75a8d0 | 2298 | //#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ |
dflet | 0:400d8e75a8d0 | 2299 | |
dflet | 0:400d8e75a8d0 | 2300 | /* Entropy options */ |
dflet | 0:400d8e75a8d0 | 2301 | //#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ |
dflet | 0:400d8e75a8d0 | 2302 | //#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ |
dflet | 0:400d8e75a8d0 | 2303 | |
dflet | 0:400d8e75a8d0 | 2304 | /* Memory buffer allocator options */ |
dflet | 0:400d8e75a8d0 | 2305 | //#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ |
dflet | 0:400d8e75a8d0 | 2306 | |
dflet | 0:400d8e75a8d0 | 2307 | /* Platform options */ |
dflet | 0:400d8e75a8d0 | 2308 | //#define POLARSSL_PLATFORM_STD_MEM_HDR <stdlib.h> /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ |
dflet | 0:400d8e75a8d0 | 2309 | //#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2310 | //#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2311 | //#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2312 | //#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2313 | //#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2314 | //#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2315 | |
dflet | 0:400d8e75a8d0 | 2316 | /* To Use Function Macros POLARSSL_PLATFORM_C must be enabled */ |
dflet | 0:400d8e75a8d0 | 2317 | /* POLARSSL_PLATFORM_XXX_MACRO and POLARSSL_PLATFORM_XXX_ALT cannot both be defined */ |
dflet | 0:400d8e75a8d0 | 2318 | //#define POLARSSL_PLATFORM_MALLOC_MACRO malloc /**< Default allocator macro to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2319 | //#define POLARSSL_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2320 | //#define POLARSSL_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2321 | //#define POLARSSL_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2322 | //#define POLARSSL_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2323 | //#define POLARSSL_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ |
dflet | 0:400d8e75a8d0 | 2324 | |
dflet | 0:400d8e75a8d0 | 2325 | /* SSL Cache options */ |
dflet | 0:400d8e75a8d0 | 2326 | //#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ |
dflet | 0:400d8e75a8d0 | 2327 | //#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ |
dflet | 0:400d8e75a8d0 | 2328 | |
dflet | 0:400d8e75a8d0 | 2329 | /* SSL options */ |
dflet | 0:400d8e75a8d0 | 2330 | //#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ |
dflet | 0:400d8e75a8d0 | 2331 | //#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ |
dflet | 0:400d8e75a8d0 | 2332 | //#define POLARSSL_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ |
dflet | 0:400d8e75a8d0 | 2333 | |
dflet | 0:400d8e75a8d0 | 2334 | /** |
dflet | 0:400d8e75a8d0 | 2335 | * Complete list of ciphersuites to use, in order of preference. |
dflet | 0:400d8e75a8d0 | 2336 | * |
dflet | 0:400d8e75a8d0 | 2337 | * \warning No dependency checking is done on that field! This option can only |
dflet | 0:400d8e75a8d0 | 2338 | * be used to restrict the set of available ciphersuites. It is your |
dflet | 0:400d8e75a8d0 | 2339 | * responsibility to make sure the needed modules are active. |
dflet | 0:400d8e75a8d0 | 2340 | * |
dflet | 0:400d8e75a8d0 | 2341 | * Use this to save a few hundred bytes of ROM (default ordering of all |
dflet | 0:400d8e75a8d0 | 2342 | * available ciphersuites) and a few to a few hundred bytes of RAM. |
dflet | 0:400d8e75a8d0 | 2343 | * |
dflet | 0:400d8e75a8d0 | 2344 | * The value below is only an example, not the default. |
dflet | 0:400d8e75a8d0 | 2345 | */ |
dflet | 0:400d8e75a8d0 | 2346 | //#define SSL_CIPHERSUITES TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
dflet | 0:400d8e75a8d0 | 2347 | |
dflet | 0:400d8e75a8d0 | 2348 | /* Debug options */ |
dflet | 0:400d8e75a8d0 | 2349 | //#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */ |
dflet | 0:400d8e75a8d0 | 2350 | |
dflet | 0:400d8e75a8d0 | 2351 | /* X509 options */ |
dflet | 0:400d8e75a8d0 | 2352 | //#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ |
dflet | 0:400d8e75a8d0 | 2353 | |
dflet | 0:400d8e75a8d0 | 2354 | /* \} name SECTION: Module configuration options */ |
dflet | 0:400d8e75a8d0 | 2355 | |
dflet | 0:400d8e75a8d0 | 2356 | #include "check_config.h" |
dflet | 0:400d8e75a8d0 | 2357 | |
dflet | 0:400d8e75a8d0 | 2358 | #endif /* POLARSSL_CONFIG_H */ |
dflet | 0:400d8e75a8d0 | 2359 |