Willie Solano / mbedtls-slave-prot-prod

mbed TLS Build

Dependents:   Slave-prot-prod

configs/config-ccm-psk-tls1_2.h@0:cdf462088d13, 2017-01-05 (annotated)

Committer:
markrad
Date:
Thu Jan 05 00:18:44 2017 +0000
Revision:
0:cdf462088d13
Initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
markrad 0:cdf462088d13 1 /*
markrad 0:cdf462088d13 2 * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
markrad 0:cdf462088d13 3 *
markrad 0:cdf462088d13 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
markrad 0:cdf462088d13 5 * SPDX-License-Identifier: Apache-2.0
markrad 0:cdf462088d13 6 *
markrad 0:cdf462088d13 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
markrad 0:cdf462088d13 8 * not use this file except in compliance with the License.
markrad 0:cdf462088d13 9 * You may obtain a copy of the License at
markrad 0:cdf462088d13 10 *
markrad 0:cdf462088d13 11 * http://www.apache.org/licenses/LICENSE-2.0
markrad 0:cdf462088d13 12 *
markrad 0:cdf462088d13 13 * Unless required by applicable law or agreed to in writing, software
markrad 0:cdf462088d13 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
markrad 0:cdf462088d13 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
markrad 0:cdf462088d13 16 * See the License for the specific language governing permissions and
markrad 0:cdf462088d13 17 * limitations under the License.
markrad 0:cdf462088d13 18 *
markrad 0:cdf462088d13 19 * This file is part of mbed TLS (https://tls.mbed.org)
markrad 0:cdf462088d13 20 */
markrad 0:cdf462088d13 21 /*
markrad 0:cdf462088d13 22 * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
markrad 0:cdf462088d13 23 * Distinguishing features:
markrad 0:cdf462088d13 24 * - no bignum, no PK, no X509
markrad 0:cdf462088d13 25 * - fully modern and secure (provided the pre-shared keys have high entropy)
markrad 0:cdf462088d13 26 * - very low record overhead with CCM-8
markrad 0:cdf462088d13 27 * - optimized for low RAM usage
markrad 0:cdf462088d13 28 *
markrad 0:cdf462088d13 29 * See README.txt for usage instructions.
markrad 0:cdf462088d13 30 */
markrad 0:cdf462088d13 31 #ifndef MBEDTLS_CONFIG_H
markrad 0:cdf462088d13 32 #define MBEDTLS_CONFIG_H
markrad 0:cdf462088d13 33
markrad 0:cdf462088d13 34 /* System support */
markrad 0:cdf462088d13 35 //#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
markrad 0:cdf462088d13 36 /* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
markrad 0:cdf462088d13 37
markrad 0:cdf462088d13 38 /* mbed TLS feature support */
markrad 0:cdf462088d13 39 #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
markrad 0:cdf462088d13 40 #define MBEDTLS_SSL_PROTO_TLS1_2
markrad 0:cdf462088d13 41
markrad 0:cdf462088d13 42 /* mbed TLS modules */
markrad 0:cdf462088d13 43 #define MBEDTLS_AES_C
markrad 0:cdf462088d13 44 #define MBEDTLS_CCM_C
markrad 0:cdf462088d13 45 #define MBEDTLS_CIPHER_C
markrad 0:cdf462088d13 46 #define MBEDTLS_CTR_DRBG_C
markrad 0:cdf462088d13 47 #define MBEDTLS_ENTROPY_C
markrad 0:cdf462088d13 48 #define MBEDTLS_MD_C
markrad 0:cdf462088d13 49 #define MBEDTLS_NET_C
markrad 0:cdf462088d13 50 #define MBEDTLS_SHA256_C
markrad 0:cdf462088d13 51 #define MBEDTLS_SSL_CLI_C
markrad 0:cdf462088d13 52 #define MBEDTLS_SSL_SRV_C
markrad 0:cdf462088d13 53 #define MBEDTLS_SSL_TLS_C
markrad 0:cdf462088d13 54
markrad 0:cdf462088d13 55 /* Save RAM at the expense of ROM */
markrad 0:cdf462088d13 56 #define MBEDTLS_AES_ROM_TABLES
markrad 0:cdf462088d13 57
markrad 0:cdf462088d13 58 /* Save some RAM by adjusting to your exact needs */
markrad 0:cdf462088d13 59 #define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
markrad 0:cdf462088d13 60
markrad 0:cdf462088d13 61 /*
markrad 0:cdf462088d13 62 * You should adjust this to the exact number of sources you're using: default
markrad 0:cdf462088d13 63 * is the "platform_entropy_poll" source, but you may want to add other ones
markrad 0:cdf462088d13 64 * Minimum is 2 for the entropy test suite.
markrad 0:cdf462088d13 65 */
markrad 0:cdf462088d13 66 #define MBEDTLS_ENTROPY_MAX_SOURCES 2
markrad 0:cdf462088d13 67
markrad 0:cdf462088d13 68 /*
markrad 0:cdf462088d13 69 * Use only CCM_8 ciphersuites, and
markrad 0:cdf462088d13 70 * save ROM and a few bytes of RAM by specifying our own ciphersuite list
markrad 0:cdf462088d13 71 */
markrad 0:cdf462088d13 72 #define MBEDTLS_SSL_CIPHERSUITES \
markrad 0:cdf462088d13 73 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
markrad 0:cdf462088d13 74 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
markrad 0:cdf462088d13 75
markrad 0:cdf462088d13 76 /*
markrad 0:cdf462088d13 77 * Save RAM at the expense of interoperability: do this only if you control
markrad 0:cdf462088d13 78 * both ends of the connection! (See comments in "mbedtls/ssl.h".)
markrad 0:cdf462088d13 79 * The optimal size here depends on the typical size of records.
markrad 0:cdf462088d13 80 */
markrad 0:cdf462088d13 81 #define MBEDTLS_SSL_MAX_CONTENT_LEN 512
markrad 0:cdf462088d13 82
markrad 0:cdf462088d13 83 #include "mbedtls/check_config.h"
markrad 0:cdf462088d13 84
markrad 0:cdf462088d13 85 #endif /* MBEDTLS_CONFIG_H */