<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <meta http-equiv="X-UA-Compatible" content="IE=9"/> <meta name="generator" content="Doxygen 1.8.5"/> <title>PolarSSL v1.3.9: config-suite-b.h Source File</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="dynsections.js"></script> <link href="doxygen.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="top"><!-- do not remove this div, it is closed by doxygen! --> <div id="titlearea"> <table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;"> <td style="padding-left: 0.5em;"> <div id="projectname">PolarSSL v1.3.9 </div> </td> </tr> </tbody> </table> </div> <!-- end header part --> <!-- Generated by Doxygen 1.8.5 --> <div id="navrow1" class="tabs"> <ul class="tablist"> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="modules.html"><span>Modules</span></a></li> <li><a href="annotated.html"><span>Data Structures</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <div id="navrow2" class="tabs2"> <ul class="tablist"> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>Globals</span></a></li> </ul> </div> <div id="nav-path" class="navpath"> <ul> <li class="navelem"><a class="el" href="dir_de0cef8ce562a0c2fb5d058c81875cbd.html">configs</a></li> </ul> </div> </div><!-- top --> <div class="header"> <div class="headertitle"> <div class="title">config-suite-b.h</div> </div> </div><!--header--> <div class="contents"> <a href="config-suite-b_8h.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">/*</span></div> <div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment"> * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)</span></div> <div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment"> *</span></div> <div class="line"><a name="l00004"></a><span class="lineno"> 4</span> <span class="comment"> * Distinguishing features:</span></div> <div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment"> * - no RSA or classic DH, fully based on ECC</span></div> <div class="line"><a name="l00006"></a><span class="lineno"> 6</span> <span class="comment"> * - optimized for low RAM usage</span></div> <div class="line"><a name="l00007"></a><span class="lineno"> 7</span> <span class="comment"> *</span></div> <div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="comment"> * Possible improvements:</span></div> <div class="line"><a name="l00009"></a><span class="lineno"> 9</span> <span class="comment"> * - if 128-bit security is enough, disable secp384r1 and SHA-512</span></div> <div class="line"><a name="l00010"></a><span class="lineno"> 10</span> <span class="comment"> * - use embedded certs in DER format and disable PEM_PARSE_C and BASE64_C</span></div> <div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="comment"> *</span></div> <div class="line"><a name="l00012"></a><span class="lineno"> 12</span> <span class="comment"> * See README.txt for usage instructions.</span></div> <div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="comment"> */</span></div> <div class="line"><a name="l00014"></a><span class="lineno"> 14</span> </div> <div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="preprocessor">#ifndef POLARSSL_CONFIG_H</span></div> <div class="line"><a name="l00016"></a><span class="lineno"> 16</span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_CONFIG_H</span></div> <div class="line"><a name="l00017"></a><span class="lineno"> 17</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00018"></a><span class="lineno"> 18</span> <span class="comment">/* System support */</span></div> <div class="line"><a name="l00019"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#aaf950f213522f157d2d5b9a8aee3fda0"> 19</a></span> <span class="preprocessor">#define POLARSSL_HAVE_ASM</span></div> <div class="line"><a name="l00020"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a723ca00bc7dce607d0491f0d54af8712"> 20</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_HAVE_TIME</span></div> <div class="line"><a name="l00021"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a3bc8e995339545bbd793276e956490c9"> 21</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_HAVE_IPV6</span></div> <div class="line"><a name="l00022"></a><span class="lineno"> 22</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00023"></a><span class="lineno"> 23</span> <span class="comment">/* PolarSSL feature support */</span></div> <div class="line"><a name="l00024"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a8d0e38f3a34d85fe574237552228bc99"> 24</a></span> <span class="preprocessor">#define POLARSSL_ECP_DP_SECP256R1_ENABLED</span></div> <div class="line"><a name="l00025"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ad404685792fda36ac3c8b9d2bab1d3cd"> 25</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ECP_DP_SECP384R1_ENABLED</span></div> <div class="line"><a name="l00026"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a271d0a0f0c2fb09c2f22c05750884514"> 26</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED</span></div> <div class="line"><a name="l00027"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a73b7dcb9072ea5db3a35c3cf5b3d859e"> 27</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_SSL_PROTO_TLS1_2</span></div> <div class="line"><a name="l00028"></a><span class="lineno"> 28</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00029"></a><span class="lineno"> 29</span> <span class="comment">/* PolarSSL modules */</span></div> <div class="line"><a name="l00030"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a3310b96b376135cdd739f1d1b1e309a8"> 30</a></span> <span class="preprocessor">#define POLARSSL_AES_C</span></div> <div class="line"><a name="l00031"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#afb5afec52eecb3ef0cd4fbb7130c1c5a"> 31</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ASN1_PARSE_C</span></div> <div class="line"><a name="l00032"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a9eb3a56af08642f73f99e470050f360e"> 32</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ASN1_WRITE_C</span></div> <div class="line"><a name="l00033"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a9db8a047df8fba178ecca64a497f20de"> 33</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_BIGNUM_C</span></div> <div class="line"><a name="l00034"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ad19dd8aaf92e684518f3ea50314e779b"> 34</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_CIPHER_C</span></div> <div class="line"><a name="l00035"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a110dc4418f57b7b3b4f5c94479c8fa0c"> 35</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_CTR_DRBG_C</span></div> <div class="line"><a name="l00036"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#acb8542825c51ac31009196532712da99"> 36</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ECDH_C</span></div> <div class="line"><a name="l00037"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a71166564f6b116264c15fae1f28227aa"> 37</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ECDSA_C</span></div> <div class="line"><a name="l00038"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a6754e7deb93480e253beebded4fd9c6d"> 38</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ECP_C</span></div> <div class="line"><a name="l00039"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a99fb86fb5ae02c8b652a2f1b003d2c76"> 39</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ENTROPY_C</span></div> <div class="line"><a name="l00040"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a8d11f1b1e96442d1dbfb16b73a06930b"> 40</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_GCM_C</span></div> <div class="line"><a name="l00041"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ae87e3dca8e39209137f7aeb3fc1ad4fd"> 41</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_MD_C</span></div> <div class="line"><a name="l00042"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a152f79d8afbf6676a45b6103169f8b1b"> 42</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_NET_C</span></div> <div class="line"><a name="l00043"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#aa0d2210e21ad6ef2a3ddb1f6e129f820"> 43</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_OID_C</span></div> <div class="line"><a name="l00044"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ae52910687360c49b39dbbb8a687a2a36"> 44</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_PK_C</span></div> <div class="line"><a name="l00045"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#aeace2873738577763514ed69f289a6ae"> 45</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_PK_PARSE_C</span></div> <div class="line"><a name="l00046"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a953ccd4b55da116c3572126292df3fb2"> 46</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_SHA256_C</span></div> <div class="line"><a name="l00047"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a14c012e9054f1047096a60a3760478dc"> 47</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_SHA512_C</span></div> <div class="line"><a name="l00048"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a7004f00316cf53a70221441e62730fb2"> 48</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_SSL_CLI_C</span></div> <div class="line"><a name="l00049"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ab7e0e775b47f9651aa04ccf3a2ebd6f2"> 49</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_SSL_SRV_C</span></div> <div class="line"><a name="l00050"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a4d9bde1b523dcd9a4e009cfcaba96096"> 50</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_SSL_TLS_C</span></div> <div class="line"><a name="l00051"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#afd33a5d863daec0a3c2fe83c092840f3"> 51</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_X509_CRT_PARSE_C</span></div> <div class="line"><a name="l00052"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#aab6ae64b3cc742cd39b22314ec61dee5"> 52</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_X509_USE_C</span></div> <div class="line"><a name="l00053"></a><span class="lineno"> 53</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00054"></a><span class="lineno"> 54</span> <span class="comment">/* For test certificates */</span></div> <div class="line"><a name="l00055"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ab8ab42de2bcdd82cee48255bd2883d00"> 55</a></span> <span class="preprocessor">#define POLARSSL_BASE64_C</span></div> <div class="line"><a name="l00056"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a78f7857b1edc60e5091fc61ffd734ffb"> 56</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_CERTS_C</span></div> <div class="line"><a name="l00057"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a7af171fb0645a3ea6cd6e7fe34a72f8b"> 57</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_PEM_PARSE_C</span></div> <div class="line"><a name="l00058"></a><span class="lineno"> 58</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00059"></a><span class="lineno"> 59</span> <span class="comment">/* Save RAM at the expense of ROM */</span></div> <div class="line"><a name="l00060"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#afdee84e240d9d1420aa45c7adca21473"> 60</a></span> <span class="preprocessor">#define POLARSSL_AES_ROM_TABLES</span></div> <div class="line"><a name="l00061"></a><span class="lineno"> 61</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00062"></a><span class="lineno"> 62</span> <span class="comment">/* Save RAM by adjusting to our exact needs */</span></div> <div class="line"><a name="l00063"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ab658f29021bf6d4a27feb3204b7c5248"> 63</a></span> <span class="preprocessor">#define POLARSSL_ECP_MAX_BITS 384</span></div> <div class="line"><a name="l00064"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#aae43600df723c0b882201f556c028b1f"> 64</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_MPI_MAX_SIZE 48 // 384 bits is 48 bytes</span></div> <div class="line"><a name="l00065"></a><span class="lineno"> 65</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00066"></a><span class="lineno"> 66</span> <span class="comment">/* Save RAM at the expense of speed, see ecp.h */</span></div> <div class="line"><a name="l00067"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a387aeb9fc0d3468b3d3fa47e9cabbf10"> 67</a></span> <span class="preprocessor">#define POLARSSL_ECP_WINDOW_SIZE 2</span></div> <div class="line"><a name="l00068"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#ab4e509bdbb60ce679ed5072a4f4a7c97"> 68</a></span> <span class="preprocessor"></span><span class="preprocessor">#define POLARSSL_ECP_FIXED_POINT_OPTIM 0</span></div> <div class="line"><a name="l00069"></a><span class="lineno"> 69</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00070"></a><span class="lineno"> 70</span> <span class="comment">/* Uncomment for a significant speed benefit at the expense of some ROM */</span></div> <div class="line"><a name="l00071"></a><span class="lineno"> 71</span> <span class="comment">//#define POLARSSL_ECP_NIST_OPTIM</span></div> <div class="line"><a name="l00072"></a><span class="lineno"> 72</span> </div> <div class="line"><a name="l00073"></a><span class="lineno"> 73</span> <span class="comment">/*</span></div> <div class="line"><a name="l00074"></a><span class="lineno"> 74</span> <span class="comment"> * You should adjust this to the exact number of sources you're using: default</span></div> <div class="line"><a name="l00075"></a><span class="lineno"> 75</span> <span class="comment"> * is the "platform_entropy_poll" source, but you may want to add other ones.</span></div> <div class="line"><a name="l00076"></a><span class="lineno"> 76</span> <span class="comment"> * Minimum is 2 for the entropy test suite.</span></div> <div class="line"><a name="l00077"></a><span class="lineno"> 77</span> <span class="comment"> */</span></div> <div class="line"><a name="l00078"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a5e9ba2c083acc78efc758deca62d162d"> 78</a></span> <span class="preprocessor">#define ENTROPY_MAX_SOURCES 2</span></div> <div class="line"><a name="l00079"></a><span class="lineno"> 79</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00080"></a><span class="lineno"> 80</span> <span class="comment">/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */</span></div> <div class="line"><a name="l00081"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#af73cc539c9d46097e9cb75a5bfc43393"> 81</a></span> <span class="preprocessor">#define SSL_CIPHERSUITES \</span></div> <div class="line"><a name="l00082"></a><span class="lineno"> 82</span> <span class="preprocessor"> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \</span></div> <div class="line"><a name="l00083"></a><span class="lineno"> 83</span> <span class="preprocessor"> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</span></div> <div class="line"><a name="l00084"></a><span class="lineno"> 84</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00085"></a><span class="lineno"> 85</span> <span class="comment">/*</span></div> <div class="line"><a name="l00086"></a><span class="lineno"> 86</span> <span class="comment"> * Save RAM at the expense of interoperability: do this only if you control</span></div> <div class="line"><a name="l00087"></a><span class="lineno"> 87</span> <span class="comment"> * both ends of the connection! (See coments in "polarssl/ssl.h".)</span></div> <div class="line"><a name="l00088"></a><span class="lineno"> 88</span> <span class="comment"> * The minimum size here depends on the certificate chain used as well as the</span></div> <div class="line"><a name="l00089"></a><span class="lineno"> 89</span> <span class="comment"> * typical size of records.</span></div> <div class="line"><a name="l00090"></a><span class="lineno"> 90</span> <span class="comment"> */</span></div> <div class="line"><a name="l00091"></a><span class="lineno"><a class="line" href="config-suite-b_8h.html#a70bafb07a819e6bf9df2c97ce6dd139d"> 91</a></span> <span class="preprocessor">#define SSL_MAX_CONTENT_LEN 1024</span></div> <div class="line"><a name="l00092"></a><span class="lineno"> 92</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00093"></a><span class="lineno"> 93</span> <span class="preprocessor">#include "<a class="code" href="check__config_8h.html">polarssl/check_config.h</a>"</span></div> <div class="line"><a name="l00094"></a><span class="lineno"> 94</span> </div> <div class="line"><a name="l00095"></a><span class="lineno"> 95</span> <span class="preprocessor">#endif </span><span class="comment">/* POLARSSL_CONFIG_H */</span><span class="preprocessor"></span></div> <div class="ttc" id="check__config_8h_html"><div class="ttname"><a href="check__config_8h.html">check_config.h</a></div><div class="ttdoc">Consistency checks for configuration options. </div></div> </div><!-- fragment --></div><!-- contents --> <!-- start footer part --> <hr class="footer"/><address class="footer"><small> Generated on Mon May 4 2015 10:42:40 for PolarSSL v1.3.9 by  <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/> </a> 1.8.5 </small></address> </body> </html>