This Trac instance is not used for development anymore!

We migrated our development workflow to git and Gitea.
To test the future redirection, replace trac by ariadne in the page URL.

source: ps/trunk/build/premake/premake5/contrib/mbedtls/configs/config-suite-b.h

Last change on this file was 20366, checked in by Itms, 7 years ago

Alpha 12 version of Premake 5, including prebuilt binary for Windows.
Directly taken from https://premake.github.io/.

Refs #3729.

File size: 3.5 KB
Line 
1/*
2 * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
3 *
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21/*
22 * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
23 *
24 * Distinguishing features:
25 * - no RSA or classic DH, fully based on ECC
26 * - optimized for low RAM usage
27 *
28 * Possible improvements:
29 * - if 128-bit security is enough, disable secp384r1 and SHA-512
30 * - use embedded certs in DER format and disable PEM_PARSE_C and BASE64_C
31 *
32 * See README.txt for usage instructions.
33 */
34
35#ifndef MBEDTLS_CONFIG_H
36#define MBEDTLS_CONFIG_H
37
38/* System support */
39#define MBEDTLS_HAVE_ASM
40#define MBEDTLS_HAVE_TIME
41
42/* mbed TLS feature support */
43#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
44#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
45#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
46#define MBEDTLS_SSL_PROTO_TLS1_2
47
48/* mbed TLS modules */
49#define MBEDTLS_AES_C
50#define MBEDTLS_ASN1_PARSE_C
51#define MBEDTLS_ASN1_WRITE_C
52#define MBEDTLS_BIGNUM_C
53#define MBEDTLS_CIPHER_C
54#define MBEDTLS_CTR_DRBG_C
55#define MBEDTLS_ECDH_C
56#define MBEDTLS_ECDSA_C
57#define MBEDTLS_ECP_C
58#define MBEDTLS_ENTROPY_C
59#define MBEDTLS_GCM_C
60#define MBEDTLS_MD_C
61#define MBEDTLS_NET_C
62#define MBEDTLS_OID_C
63#define MBEDTLS_PK_C
64#define MBEDTLS_PK_PARSE_C
65#define MBEDTLS_SHA256_C
66#define MBEDTLS_SHA512_C
67#define MBEDTLS_SSL_CLI_C
68#define MBEDTLS_SSL_SRV_C
69#define MBEDTLS_SSL_TLS_C
70#define MBEDTLS_X509_CRT_PARSE_C
71#define MBEDTLS_X509_USE_C
72
73/* For test certificates */
74#define MBEDTLS_BASE64_C
75#define MBEDTLS_CERTS_C
76#define MBEDTLS_PEM_PARSE_C
77
78/* Save RAM at the expense of ROM */
79#define MBEDTLS_AES_ROM_TABLES
80
81/* Save RAM by adjusting to our exact needs */
82#define MBEDTLS_ECP_MAX_BITS 384
83#define MBEDTLS_MPI_MAX_SIZE 48 // 384 bits is 48 bytes
84
85/* Save RAM at the expense of speed, see ecp.h */
86#define MBEDTLS_ECP_WINDOW_SIZE 2
87#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0
88
89/* Significant speed benefit at the expense of some ROM */
90#define MBEDTLS_ECP_NIST_OPTIM
91
92/*
93 * You should adjust this to the exact number of sources you're using: default
94 * is the "mbedtls_platform_entropy_poll" source, but you may want to add other ones.
95 * Minimum is 2 for the entropy test suite.
96 */
97#define MBEDTLS_ENTROPY_MAX_SOURCES 2
98
99/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
100#define MBEDTLS_SSL_CIPHERSUITES \
101 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
103
104/*
105 * Save RAM at the expense of interoperability: do this only if you control
106 * both ends of the connection! (See coments in "mbedtls/ssl.h".)
107 * The minimum size here depends on the certificate chain used as well as the
108 * typical size of records.
109 */
110#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
111
112#include "mbedtls/check_config.h"
113
114#endif /* MBEDTLS_CONFIG_H */
Note: See TracBrowser for help on using the repository browser.