PolarSSL v1.3.1
config.h File Reference

Configuration options (set of defines) More...

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

SECTION: System support

This section sets system specific settings.

#define POLARSSL_HAVE_LONGLONG
 The compiler supports the 'long long' type.
 
#define POLARSSL_HAVE_ASM
 The compiler has support for asm().
 
#define POLARSSL_HAVE_READDIR_R
 (Non Windows) System has readdir_r().
 
#define POLARSSL_HAVE_TIME
 System has time.h and time() / localtime() / gettimeofday().
 
SECTION: PolarSSL feature support

This section sets support for features that are or are not needed within the modules that are enabled.

#define POLARSSL_CIPHER_MODE_CBC
 Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
 
#define POLARSSL_CIPHER_MODE_CFB
 Enable Cipher Feedback mode (CFB) for symmetric ciphers.
 
#define POLARSSL_CIPHER_MODE_CTR
 Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
 
#define POLARSSL_CIPHER_PADDING_PKCS7
 
#define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS
 
#define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN
 
#define POLARSSL_CIPHER_PADDING_ZEROS
 
#define POLARSSL_ECP_DP_SECP192R1_ENABLED
 
#define POLARSSL_ECP_DP_SECP224R1_ENABLED
 
#define POLARSSL_ECP_DP_SECP256R1_ENABLED
 
#define POLARSSL_ECP_DP_SECP384R1_ENABLED
 
#define POLARSSL_ECP_DP_SECP521R1_ENABLED
 
#define POLARSSL_ECP_DP_BP256R1_ENABLED
 
#define POLARSSL_ECP_DP_BP384R1_ENABLED
 
#define POLARSSL_ECP_DP_BP512R1_ENABLED
 
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
 Enable the PSK based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
 Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
 Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
 Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED
 Enable the RSA-only based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
 Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
 Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
 
#define POLARSSL_ERROR_STRERROR_BC
 Make available the backward compatible error_strerror() next to the current polarssl_strerror().
 
#define POLARSSL_ERROR_STRERROR_DUMMY
 Enable a dummy error function to make use of polarssl_strerror() in third party libraries easier.
 
#define POLARSSL_GENPRIME
 Enable the prime-number generation code.
 
#define POLARSSL_FS_IO
 Enable functions that use the filesystem.
 
#define POLARSSL_PKCS1_V15
 Enable support for PKCS#1 v1.5 encoding.
 
#define POLARSSL_PKCS1_V21
 Enable support for PKCS#1 v2.1 encoding.
 
#define POLARSSL_SELF_TEST
 Enable the checkup functions (*_self_test).
 
#define POLARSSL_SSL_ALERT_MESSAGES
 
#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
 Enable support for receiving and parsing SSLv2 Client Hello messages for the SSL Server module (POLARSSL_SSL_SRV_C).
 
#define POLARSSL_SSL_MAX_FRAGMENT_LENGTH
 Enable support for RFC 6066 max_fragment_length extension in SSL.
 
#define POLARSSL_SSL_PROTO_SSL3
 Enable support for SSL 3.0.
 
#define POLARSSL_SSL_PROTO_TLS1
 Enable support for TLS 1.0.
 
#define POLARSSL_SSL_PROTO_TLS1_1
 Enable support for TLS 1.1.
 
#define POLARSSL_SSL_PROTO_TLS1_2
 Enable support for TLS 1.2.
 
#define POLARSSL_SSL_SESSION_TICKETS
 Enable support for RFC 5077 session tickets in SSL.
 
#define POLARSSL_SSL_SERVER_NAME_INDICATION
 Enable support for RFC 6066 server name indication (SNI) in SSL.
 
#define POLARSSL_SSL_TRUNCATED_HMAC
 Enable support for RFC 6066 truncated HMAC in SSL.
 
SECTION: PolarSSL modules

This section enables or disables entire modules in PolarSSL

#define POLARSSL_AES_C
 Enable the AES block cipher.
 
#define POLARSSL_ARC4_C
 Enable the ARCFOUR stream cipher.
 
#define POLARSSL_ASN1_PARSE_C
 Enable the generic ASN1 parser.
 
#define POLARSSL_ASN1_WRITE_C
 Enable the generic ASN1 writer.
 
#define POLARSSL_BASE64_C
 Enable the Base64 module.
 
#define POLARSSL_BIGNUM_C
 Enable the multi-precision integer library.
 
#define POLARSSL_BLOWFISH_C
 Enable the Blowfish block cipher.
 
#define POLARSSL_CAMELLIA_C
 Enable the Camellia block cipher.
 
#define POLARSSL_CERTS_C
 Enable the test certificates.
 
#define POLARSSL_CIPHER_C
 Enable the generic cipher layer.
 
#define POLARSSL_CTR_DRBG_C
 Enable the CTR_DRBG AES-256-based random generator.
 
#define POLARSSL_DEBUG_C
 Enable the debug functions.
 
#define POLARSSL_DES_C
 Enable the DES block cipher.
 
#define POLARSSL_DHM_C
 Enable the Diffie-Hellman-Merkle key exchange.
 
#define POLARSSL_ECDH_C
 Enable the elliptic curve Diffie-Hellman library.
 
#define POLARSSL_ECDSA_C
 Enable the elliptic curve DSA library.
 
#define POLARSSL_ECP_C
 Enable the elliptic curve over GF(p) library.
 
#define POLARSSL_ENTROPY_C
 Enable the platform-specific entropy code.
 
#define POLARSSL_ERROR_C
 Enable error code to error string conversion.
 
#define POLARSSL_GCM_C
 Enable the Galois/Counter Mode (GCM) for AES.
 
#define POLARSSL_MD_C
 Enable the generic message digest layer.
 
#define POLARSSL_MD5_C
 Enable the MD5 hash algorithm.
 
#define POLARSSL_NET_C
 Enable the TCP/IP networking routines.
 
#define POLARSSL_OID_C
 Enable the OID database.
 
#define POLARSSL_PADLOCK_C
 Enable VIA Padlock support on x86.
 
#define POLARSSL_PBKDF2_C
 Enable PKCS#5 PBKDF2 key derivation function.
 
#define POLARSSL_PEM_PARSE_C
 Enable PEM decoding / parsing.
 
#define POLARSSL_PEM_WRITE_C
 Enable PEM encoding / writing.
 
#define POLARSSL_PK_C
 Enable the generic public (asymetric) key layer.
 
#define POLARSSL_PK_PARSE_C
 Enable the generic public (asymetric) key parser.
 
#define POLARSSL_PK_WRITE_C
 Enable the generic public (asymetric) key writer.
 
#define POLARSSL_PKCS5_C
 Enable PKCS#5 functions.
 
#define POLARSSL_PKCS12_C
 Enable PKCS#12 PBE functions.
 
#define POLARSSL_RSA_C
 Enable the RSA public-key cryptosystem.
 
#define POLARSSL_SHA1_C
 Enable the SHA1 cryptographic hash algorithm.
 
#define POLARSSL_SHA256_C
 Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
 
#define POLARSSL_SHA512_C
 Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
 
#define POLARSSL_SSL_CACHE_C
 Enable simple SSL cache implementation.
 
#define POLARSSL_SSL_CLI_C
 Enable the SSL/TLS client code.
 
#define POLARSSL_SSL_SRV_C
 Enable the SSL/TLS server code.
 
#define POLARSSL_SSL_TLS_C
 Enable the generic SSL/TLS code.
 
#define POLARSSL_TIMING_C
 Enable the portable timing interface.
 
#define POLARSSL_VERSION_C
 Enable run-time version information.
 
#define POLARSSL_X509_USE_C
 Enable X.509 core for using certificates.
 
#define POLARSSL_X509_CRT_PARSE_C
 Enable X.509 certificate parsing.
 
#define POLARSSL_X509_CRL_PARSE_C
 Enable X.509 CRL parsing.
 
#define POLARSSL_X509_CSR_PARSE_C
 Enable X.509 Certificate Signing Request (CSR) parsing.
 
#define POLARSSL_X509_CREATE_C
 Enable X.509 core for creating certificates.
 
#define POLARSSL_X509_CRT_WRITE_C
 Enable creating X.509 certificates.
 
#define POLARSSL_X509_CSR_WRITE_C
 Enable creating X.509 Certificate Signing Requests (CSR).
 
#define POLARSSL_XTEA_C
 Enable the XTEA block cipher.
 

Detailed Description

Configuration options (set of defines)

Copyright (C) 2006-2013, Brainspark B.V.

This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>

All rights reserved.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

This set of compile-time options may be used to enable or disable features selectively, and reduce the global memory footprint.

Definition in file config.h.

Macro Definition Documentation

#define POLARSSL_AES_C

Enable the AES block cipher.

Module: library/aes.c Caller: library/ssl_tls.c library/pem.c library/ctr_drbg.c

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_AES_256_CBC_SHA

PEM_PARSE uses AES for decrypting encrypted keys.

Definition at line 807 of file config.h.

#define POLARSSL_ARC4_C

Enable the ARCFOUR stream cipher.

Module: library/arc4.c Caller: library/ssl_tls.c

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_PSK_WITH_RC4_128_SHA

Definition at line 824 of file config.h.

#define POLARSSL_ASN1_PARSE_C

Enable the generic ASN1 parser.

Module: library/asn1.c Caller: library/x509.c library/dhm.c library/pkcs12.c library/pkcs5.c library/pkparse.c

Definition at line 838 of file config.h.

#define POLARSSL_ASN1_WRITE_C
#define POLARSSL_BASE64_C

Enable the Base64 module.

Module: library/base64.c Caller: library/pem.c

This module is required for PEM support (required by X.509).

Definition at line 864 of file config.h.

#define POLARSSL_BIGNUM_C

Enable the multi-precision integer library.

Module: library/bignum.c Caller: library/dhm.c library/ecp.c library/rsa.c library/ssl_tls.c

This module is required for RSA and DHM support.

Definition at line 879 of file config.h.

#define POLARSSL_BLOWFISH_C

Enable the Blowfish block cipher.

Module: library/blowfish.c

Definition at line 888 of file config.h.

#define POLARSSL_CAMELLIA_C

Enable the Camellia block cipher.

Module: library/camellia.c Caller: library/ssl_tls.c

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256

Definition at line 909 of file config.h.

#define POLARSSL_CERTS_C

Enable the test certificates.

Module: library/certs.c Caller:

This module is used for testing (ssl_client/server).

Definition at line 921 of file config.h.

#define POLARSSL_CIPHER_C

Enable the generic cipher layer.

Module: library/cipher.c Caller: library/ssl_tls.c

Uncomment to enable generic cipher wrappers.

Definition at line 933 of file config.h.

#define POLARSSL_CIPHER_MODE_CBC

Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.

Definition at line 169 of file config.h.

#define POLARSSL_CIPHER_MODE_CFB

Enable Cipher Feedback mode (CFB) for symmetric ciphers.

Definition at line 176 of file config.h.

#define POLARSSL_CIPHER_MODE_CTR

Enable Counter Block Cipher mode (CTR) for symmetric ciphers.

Definition at line 183 of file config.h.

#define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS

Definition at line 226 of file config.h.

#define POLARSSL_CIPHER_PADDING_PKCS7

Definition at line 225 of file config.h.

#define POLARSSL_CIPHER_PADDING_ZEROS

Definition at line 228 of file config.h.

#define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN

Definition at line 227 of file config.h.

#define POLARSSL_CTR_DRBG_C

Enable the CTR_DRBG AES-256-based random generator.

Module: library/ctr_drbg.c Caller:

Requires: POLARSSL_AES_C

This module provides the CTR_DRBG AES-256 random number generator.

Definition at line 947 of file config.h.

#define POLARSSL_DEBUG_C

Enable the debug functions.

Module: library/debug.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c

This module provides debugging functions.

Definition at line 961 of file config.h.

#define POLARSSL_DES_C

Enable the DES block cipher.

Module: library/des.c Caller: library/pem.c library/ssl_tls.c

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_PSK_WITH_3DES_EDE_CBC_SHA

PEM_PARSE uses DES/3DES for decrypting encrypted keys.

Definition at line 981 of file config.h.

#define POLARSSL_DHM_C

Enable the Diffie-Hellman-Merkle key exchange.

Module: library/dhm.c Caller: library/ssl_cli.c library/ssl_srv.c

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

Definition at line 1007 of file config.h.

#define POLARSSL_ECDH_C

Enable the elliptic curve Diffie-Hellman library.

Module: library/ecdh.c Caller: library/ssl_cli.c library/ssl_srv.c

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_RSA_WITH_NULL_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

Requires: POLARSSL_ECP_C

Definition at line 1028 of file config.h.

#define POLARSSL_ECDSA_C

Enable the elliptic curve DSA library.

Module: library/ecdsa.c Caller:

Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C

Definition at line 1040 of file config.h.

#define POLARSSL_ECP_C

Enable the elliptic curve over GF(p) library.

Module: library/ecp.c Caller: library/ecdh.c library/ecdsa.c

Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED

Definition at line 1053 of file config.h.

#define POLARSSL_ECP_DP_BP256R1_ENABLED

Definition at line 258 of file config.h.

#define POLARSSL_ECP_DP_BP384R1_ENABLED

Definition at line 259 of file config.h.

#define POLARSSL_ECP_DP_BP512R1_ENABLED

Definition at line 260 of file config.h.

#define POLARSSL_ECP_DP_SECP192R1_ENABLED

Definition at line 253 of file config.h.

#define POLARSSL_ECP_DP_SECP224R1_ENABLED

Definition at line 254 of file config.h.

#define POLARSSL_ECP_DP_SECP256R1_ENABLED

Definition at line 255 of file config.h.

#define POLARSSL_ECP_DP_SECP384R1_ENABLED

Definition at line 256 of file config.h.

#define POLARSSL_ECP_DP_SECP521R1_ENABLED

Definition at line 257 of file config.h.

#define POLARSSL_ENTROPY_C

Enable the platform-specific entropy code.

Module: library/entropy.c Caller:

Requires: POLARSSL_SHA512_C

This module provides a generic entropy pool

Definition at line 1067 of file config.h.

#define POLARSSL_ERROR_C

Enable error code to error string conversion.

Module: library/error.c Caller:

This module enables err_strerror().

Definition at line 1079 of file config.h.

#define POLARSSL_ERROR_STRERROR_BC

Make available the backward compatible error_strerror() next to the current polarssl_strerror().

Disable if you run into name conflicts and want to really remove the error_strerror()

Definition at line 443 of file config.h.

#define POLARSSL_ERROR_STRERROR_DUMMY

Enable a dummy error function to make use of polarssl_strerror() in third party libraries easier.

Disable if you run into name conflicts and want to really remove the polarssl_strerror()

Definition at line 454 of file config.h.

#define POLARSSL_FS_IO

Enable functions that use the filesystem.

Definition at line 470 of file config.h.

#define POLARSSL_GCM_C

Enable the Galois/Counter Mode (GCM) for AES.

Module: library/gcm.c

Requires: POLARSSL_AES_C

This module enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384

Definition at line 1095 of file config.h.

#define POLARSSL_GENPRIME

Enable the prime-number generation code.

Requires: POLARSSL_BIGNUM_C

Definition at line 463 of file config.h.

#define POLARSSL_HAVE_ASM

The compiler has support for asm().

Requires support for asm() in compiler.

Used in: library/timing.c library/padlock.c include/polarssl/bn_mul.h

Comment to disable the use of assembly code.

Definition at line 85 of file config.h.

#define POLARSSL_HAVE_LONGLONG

The compiler supports the 'long long' type.

(Only used on 32-bit platforms)

Definition at line 69 of file config.h.

#define POLARSSL_HAVE_READDIR_R

(Non Windows) System has readdir_r().

Required for x509_crt_parse_path() in non-Windows systems.

Comment if your system does not have support.

Definition at line 105 of file config.h.

#define POLARSSL_HAVE_TIME

System has time.h and time() / localtime() / gettimeofday().

Comment if your system does not support time functions

Definition at line 114 of file config.h.

#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED

Enable the DHE-PSK based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_DHM_C

This enables the following ciphersuites (if other requisites are enabled as well): TLS_DHE_PSK_WITH_RC4_128_SHA TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_DHE_PSK_WITH_AES_128_CBC_SHA TLS_DHE_PSK_WITH_AES_256_CBC_SHA TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384

Definition at line 298 of file config.h.

#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED

Enable the DHE-RSA based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C

This enables the following ciphersuites (if other requisites are enabled as well): TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

Definition at line 387 of file config.h.

#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED

Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C,

This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,

Definition at line 432 of file config.h.

#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED

Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_ECDH_C

This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_PSK_WITH_RC4_128_SHA TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384

Definition at line 318 of file config.h.

#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED

Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C

This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384

Definition at line 410 of file config.h.

#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED

Enable the PSK based ciphersuite modes in SSL / TLS.

This enables the following ciphersuites (if other requisites are enabled as well): TLS_PSK_WITH_RC4_128_SHA TLS_PSK_WITH_3DES_EDE_CBC_SHA TLS_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_AES_256_CBC_SHA TLS_PSK_WITH_AES_128_CBC_SHA256 TLS_PSK_WITH_AES_256_CBC_SHA384 TLS_PSK_WITH_AES_128_GCM_SHA256 TLS_PSK_WITH_AES_256_GCM_SHA384

Definition at line 278 of file config.h.

#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED

Enable the RSA-only based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C

This enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_RSA_WITH_3DES_EDE_CBC_SHA

Definition at line 365 of file config.h.

#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED

Enable the RSA-PSK based ciphersuite modes in SSL / TLS.

Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C

This enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_PSK_WITH_RC4_128_SHA TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA TLS_RSA_PSK_WITH_AES_128_CBC_SHA TLS_RSA_PSK_WITH_AES_256_CBC_SHA TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384

Definition at line 339 of file config.h.

#define POLARSSL_MD5_C

Enable the MD5 hash algorithm.

Module: library/md5.c Caller: library/md.c library/pem.c library/ssl_tls.c

This module is required for SSL/TLS and X.509. PEM_PARSE uses MD5 for decrypting encrypted keys.

Definition at line 1169 of file config.h.

#define POLARSSL_MD_C

Enable the generic message digest layer.

Module: library/md.c Caller:

Uncomment to enable generic message digest wrappers.

Definition at line 1130 of file config.h.

#define POLARSSL_NET_C

Enable the TCP/IP networking routines.

Module: library/net.c

This module provides TCP/IP networking routines.

Definition at line 1209 of file config.h.

#define POLARSSL_OID_C
#define POLARSSL_PADLOCK_C

Enable VIA Padlock support on x86.

Module: library/padlock.c Caller: library/aes.c

This modules adds support for the VIA PadLock on x86.

Definition at line 1244 of file config.h.

#define POLARSSL_PBKDF2_C

Enable PKCS#5 PBKDF2 key derivation function.

DEPRECATED: Use POLARSSL_PKCS5_C instead

Module: library/pbkdf2.c

Requires: POLARSSL_PKCS5_C

This module adds support for the PKCS#5 PBKDF2 key derivation function.

Definition at line 1258 of file config.h.

#define POLARSSL_PEM_PARSE_C

Enable PEM decoding / parsing.

Module: library/pem.c Caller: library/dhm.c library/pkparse.c library/x509_crl.c library/x509_crt.c library/x509_csr.c

Requires: POLARSSL_BASE64_C

This modules adds support for decoding / parsing PEM files.

Definition at line 1276 of file config.h.

#define POLARSSL_PEM_WRITE_C

Enable PEM encoding / writing.

Module: library/pem.c Caller: library/pkwrite.c library/x509write_crt.c library/x509write_csr.c

Requires: POLARSSL_BASE64_C

This modules adds support for encoding / writing PEM files.

Definition at line 1292 of file config.h.

#define POLARSSL_PK_C

Enable the generic public (asymetric) key layer.

Module: library/pk.c Caller: library/ssl_tls.c library/ssl_cli.c library/ssl_srv.c

Requires: POLARSSL_RSA_C or POLARSSL_ECP_C

Uncomment to enable generic public key wrappers.

Definition at line 1308 of file config.h.

#define POLARSSL_PK_PARSE_C

Enable the generic public (asymetric) key parser.

Module: library/pkparse.c Caller: library/x509_crt.c library/x509_csr.c

Requires: POLARSSL_PK_C

Uncomment to enable generic public key parse functions.

Definition at line 1323 of file config.h.

#define POLARSSL_PK_WRITE_C

Enable the generic public (asymetric) key writer.

Module: library/pkwrite.c Caller: library/x509write.c

Requires: POLARSSL_PK_C

Uncomment to enable generic public key write functions.

Definition at line 1337 of file config.h.

#define POLARSSL_PKCS12_C

Enable PKCS#12 PBE functions.

Adds algorithms for parsing PKCS#8 encrypted private keys

Module: library/pkcs12.c Caller: library/pkparse.c

Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_CIPHER_C, POLARSSL_MD_C Can use: POLARSSL_ARC4_C

This module enables PKCS#12 functions.

Definition at line 1381 of file config.h.

#define POLARSSL_PKCS1_V15

Enable support for PKCS#1 v1.5 encoding.

Requires: POLARSSL_RSA_C

This enables support for PKCS#1 v1.5 operations.

Definition at line 531 of file config.h.

#define POLARSSL_PKCS1_V21

Enable support for PKCS#1 v2.1 encoding.

Requires: POLARSSL_MD_C, POLARSSL_RSA_C

This enables support for RSAES-OAEP and RSASSA-PSS operations.

Definition at line 542 of file config.h.

#define POLARSSL_PKCS5_C

Enable PKCS#5 functions.

Module: library/pkcs5.c

Requires: POLARSSL_MD_C

This module adds support for the PKCS#5 functions.

Definition at line 1350 of file config.h.

#define POLARSSL_RSA_C

Enable the RSA public-key cryptosystem.

Module: library/rsa.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c library/x509.c

Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C

This module is required for SSL/TLS and MD5-signed certificates.

Definition at line 1398 of file config.h.

#define POLARSSL_SELF_TEST

Enable the checkup functions (*_self_test).

Definition at line 559 of file config.h.

#define POLARSSL_SHA1_C

Enable the SHA1 cryptographic hash algorithm.

Module: library/sha1.c Caller: library/md.c library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c library/x509write_crt.c

This module is required for SSL/TLS and SHA1-signed certificates.

Definition at line 1414 of file config.h.

#define POLARSSL_SHA256_C

Enable the SHA-224 and SHA-256 cryptographic hash algorithms.

(Used to be POLARSSL_SHA2_C)

Module: library/sha256.c Caller: library/entropy.c library/md.c library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c

This module adds support for SHA-224 and SHA-256. This module is required for the SSL/TLS 1.2 PRF function.

Definition at line 1432 of file config.h.

#define POLARSSL_SHA512_C

Enable the SHA-384 and SHA-512 cryptographic hash algorithms.

(Used to be POLARSSL_SHA4_C)

Module: library/sha512.c Caller: library/entropy.c library/md.c library/ssl_cli.c library/ssl_srv.c

This module adds support for SHA-384 and SHA-512.

Definition at line 1448 of file config.h.

#define POLARSSL_SSL_ALERT_MESSAGES

Definition at line 573 of file config.h.

#define POLARSSL_SSL_CACHE_C

Enable simple SSL cache implementation.

Module: library/ssl_cache.c Caller:

Requires: POLARSSL_SSL_CACHE_C

Definition at line 1460 of file config.h.

#define POLARSSL_SSL_CLI_C

Enable the SSL/TLS client code.

Module: library/ssl_cli.c Caller:

Requires: POLARSSL_SSL_TLS_C

This module is required for SSL/TLS client support.

Definition at line 1474 of file config.h.

#define POLARSSL_SSL_MAX_FRAGMENT_LENGTH

Enable support for RFC 6066 max_fragment_length extension in SSL.

Comment this macro to disable support for the max_fragment_length extension

Definition at line 618 of file config.h.

#define POLARSSL_SSL_PROTO_SSL3

Enable support for SSL 3.0.

Requires: POLARSSL_MD5_C POLARSSL_SHA1_C

Comment this macro to disable support for SSL 3.0

Definition at line 630 of file config.h.

#define POLARSSL_SSL_PROTO_TLS1

Enable support for TLS 1.0.

Requires: POLARSSL_MD5_C POLARSSL_SHA1_C

Comment this macro to disable support for TLS 1.0

Definition at line 642 of file config.h.

#define POLARSSL_SSL_PROTO_TLS1_1

Enable support for TLS 1.1.

Requires: POLARSSL_MD5_C POLARSSL_SHA1_C

Comment this macro to disable support for TLS 1.1

Definition at line 654 of file config.h.

#define POLARSSL_SSL_PROTO_TLS1_2

Enable support for TLS 1.2.

Requires: POLARSSL_SHA256_C or POLARSSL_SHA512_C (Depends on ciphersuites)

Comment this macro to disable support for TLS 1.2

Definition at line 666 of file config.h.

#define POLARSSL_SSL_SERVER_NAME_INDICATION

Enable support for RFC 6066 server name indication (SNI) in SSL.

Comment this macro to disable support for server name indication in SSL

Definition at line 688 of file config.h.

#define POLARSSL_SSL_SESSION_TICKETS

Enable support for RFC 5077 session tickets in SSL.

Requires: POLARSSL_AES_C POLARSSL_SHA256_C POLARSSL_CIPHER_MODE_CBC

Comment this macro to disable support for SSL session tickets

Definition at line 679 of file config.h.

#define POLARSSL_SSL_SRV_C

Enable the SSL/TLS server code.

Module: library/ssl_srv.c Caller:

Requires: POLARSSL_SSL_TLS_C

This module is required for SSL/TLS server support.

Definition at line 1488 of file config.h.

#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO

Enable support for receiving and parsing SSLv2 Client Hello messages for the SSL Server module (POLARSSL_SSL_SRV_C).

Comment this macro to disable support for SSLv2 Client Hello messages.

Definition at line 609 of file config.h.

#define POLARSSL_SSL_TLS_C

Enable the generic SSL/TLS code.

Module: library/ssl_tls.c Caller: library/ssl_cli.c library/ssl_srv.c

Requires: POLARSSL_CIPHER_C, POLARSSL_MD_C and at least one of the POLARSSL_SSL_PROTO_* defines

This module is required for SSL/TLS.

Definition at line 1504 of file config.h.

#define POLARSSL_SSL_TRUNCATED_HMAC

Enable support for RFC 6066 truncated HMAC in SSL.

Comment this macro to disable support for truncated HMAC in SSL

Definition at line 697 of file config.h.

#define POLARSSL_TIMING_C

Enable the portable timing interface.

Module: library/timing.c Caller: library/havege.c

This module is used by the HAVEGE random number generator.

Definition at line 1537 of file config.h.

#define POLARSSL_VERSION_C

Enable run-time version information.

Module: library/version.c

This module provides run-time version information.

Definition at line 1548 of file config.h.

#define POLARSSL_X509_CREATE_C

Enable X.509 core for creating certificates.

Module: library/x509_create.c

Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_WRITE_C

This module is the basis for creating X.509 certificates and CSRs.

Definition at line 1622 of file config.h.

#define POLARSSL_X509_CRL_PARSE_C

Enable X.509 CRL parsing.

Module: library/x509_crl.c Caller: library/x509_crt.c

Requires: POLARSSL_X509_USE_C

This module is required for X.509 CRL parsing.

Definition at line 1595 of file config.h.

#define POLARSSL_X509_CRT_PARSE_C

Enable X.509 certificate parsing.

Module: library/x509_crt.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c

Requires: POLARSSL_X509_USE_C

This module is required for X.509 certificate parsing.

Definition at line 1581 of file config.h.

#define POLARSSL_X509_CRT_WRITE_C

Enable creating X.509 certificates.

Module: library/x509_crt_write.c

Requires: POLARSSL_CREATE_C

This module is required for X.509 certificate creation.

Definition at line 1635 of file config.h.

#define POLARSSL_X509_CSR_PARSE_C

Enable X.509 Certificate Signing Request (CSR) parsing.

Module: library/x509_csr.c Caller: library/x509_crt_write.c

Requires: POLARSSL_X509_USE_C

This module is used for reading X.509 certificate request.

Definition at line 1609 of file config.h.

#define POLARSSL_X509_CSR_WRITE_C

Enable creating X.509 Certificate Signing Requests (CSR).

Module: library/x509_csr_write.c

Requires: POLARSSL_CREATE_C

This module is required for X.509 certificate request writing.

Definition at line 1648 of file config.h.

#define POLARSSL_X509_USE_C

Enable X.509 core for using certificates.

Module: library/x509.c Caller: library/x509_crl.c library/x509_crt.c library/x509_csr.c

Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_PARSE_C

This module is required for the X.509 parsing modules.

Definition at line 1565 of file config.h.

#define POLARSSL_XTEA_C

Enable the XTEA block cipher.

Module: library/xtea.c Caller:

Definition at line 1658 of file config.h.