PolarSSL v1.3.7
|
Configuration options (set of defines) More...
#include "check_config.h"
Go to the source code of this file.
Macros | |
SECTION: System support | |
This section sets system specific settings. | |
#define | POLARSSL_HAVE_LONGLONG |
The compiler supports the 'long long' type. More... | |
#define | POLARSSL_HAVE_ASM |
The compiler has support for asm(). More... | |
#define | POLARSSL_HAVE_TIME |
System has time.h and time() / localtime() / gettimeofday(). More... | |
#define | POLARSSL_HAVE_IPV6 |
System supports the basic socket interface for IPv6 (RFC 3493), specifically getaddrinfo(), freeaddrinfo() and struct sockaddr_storage. More... | |
SECTION: PolarSSL feature support | |
This section sets support for features that are or are not needed within the modules that are enabled. | |
#define | POLARSSL_CIPHER_MODE_CBC |
Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. More... | |
#define | POLARSSL_CIPHER_MODE_CFB |
Enable Cipher Feedback mode (CFB) for symmetric ciphers. More... | |
#define | POLARSSL_CIPHER_MODE_CTR |
Enable Counter Block Cipher mode (CTR) for symmetric ciphers. More... | |
#define | POLARSSL_CIPHER_PADDING_PKCS7 |
#define | POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS |
#define | POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN |
#define | POLARSSL_CIPHER_PADDING_ZEROS |
#define | POLARSSL_ECP_DP_SECP192R1_ENABLED |
#define | POLARSSL_ECP_DP_SECP224R1_ENABLED |
#define | POLARSSL_ECP_DP_SECP256R1_ENABLED |
#define | POLARSSL_ECP_DP_SECP384R1_ENABLED |
#define | POLARSSL_ECP_DP_SECP521R1_ENABLED |
#define | POLARSSL_ECP_DP_SECP192K1_ENABLED |
#define | POLARSSL_ECP_DP_SECP224K1_ENABLED |
#define | POLARSSL_ECP_DP_SECP256K1_ENABLED |
#define | POLARSSL_ECP_DP_BP256R1_ENABLED |
#define | POLARSSL_ECP_DP_BP384R1_ENABLED |
#define | POLARSSL_ECP_DP_BP512R1_ENABLED |
#define | POLARSSL_ECP_DP_M255_ENABLED |
#define | POLARSSL_ECP_NIST_OPTIM |
Enable specific 'modulo p' routines for each NIST prime. More... | |
#define | POLARSSL_ECDSA_DETERMINISTIC |
Enable deterministic ECDSA (RFC 6979). More... | |
#define | POLARSSL_KEY_EXCHANGE_PSK_ENABLED |
Enable the PSK based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED |
Enable the DHE-PSK based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED |
Enable the RSA-PSK based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_RSA_ENABLED |
Enable the RSA-only based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED |
Enable the DHE-RSA based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED |
Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. More... | |
#define | POLARSSL_PK_PARSE_EC_EXTENDED |
Enhance support for reading EC keys using variants of SEC1 not allowed by RFC 5915 and RFC 5480. More... | |
#define | POLARSSL_ERROR_STRERROR_BC |
Make available the backward compatible error_strerror() next to the current polarssl_strerror(). More... | |
#define | POLARSSL_ERROR_STRERROR_DUMMY |
Enable a dummy error function to make use of polarssl_strerror() in third party libraries easier. More... | |
#define | POLARSSL_GENPRIME |
Enable the prime-number generation code. More... | |
#define | POLARSSL_FS_IO |
Enable functions that use the filesystem. More... | |
#define | POLARSSL_PKCS1_V15 |
Enable support for PKCS#1 v1.5 encoding. More... | |
#define | POLARSSL_PKCS1_V21 |
Enable support for PKCS#1 v2.1 encoding. More... | |
#define | POLARSSL_SELF_TEST |
Enable the checkup functions (*_self_test). More... | |
#define | POLARSSL_SSL_ALERT_MESSAGES |
#define | POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
Enable support for receiving and parsing SSLv2 Client Hello messages for the SSL Server module (POLARSSL_SSL_SRV_C). More... | |
#define | POLARSSL_SSL_MAX_FRAGMENT_LENGTH |
Enable support for RFC 6066 max_fragment_length extension in SSL. More... | |
#define | POLARSSL_SSL_PROTO_SSL3 |
Enable support for SSL 3.0. More... | |
#define | POLARSSL_SSL_PROTO_TLS1 |
Enable support for TLS 1.0. More... | |
#define | POLARSSL_SSL_PROTO_TLS1_1 |
Enable support for TLS 1.1. More... | |
#define | POLARSSL_SSL_PROTO_TLS1_2 |
Enable support for TLS 1.2. More... | |
#define | POLARSSL_SSL_ALPN |
Enable support for Application Layer Protocol Negotiation. More... | |
#define | POLARSSL_SSL_SESSION_TICKETS |
Enable support for RFC 5077 session tickets in SSL. More... | |
#define | POLARSSL_SSL_SERVER_NAME_INDICATION |
Enable support for RFC 6066 server name indication (SNI) in SSL. More... | |
#define | POLARSSL_SSL_TRUNCATED_HMAC |
Enable support for RFC 6066 truncated HMAC in SSL. More... | |
#define | POLARSSL_VERSION_FEATURES |
Allow run-time checking of compile-time enabled features. More... | |
#define | POLARSSL_X509_CHECK_KEY_USAGE |
Enable verification of the keyUsage extension (CA and leaf certificates). More... | |
#define | POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE |
Enable verification of the extendedKeyUsage extension (leaf certificates). More... | |
SECTION: PolarSSL modules | |
This section enables or disables entire modules in PolarSSL | |
#define | POLARSSL_AESNI_C |
Enable AES-NI support on x86-64. More... | |
#define | POLARSSL_AES_C |
Enable the AES block cipher. More... | |
#define | POLARSSL_ARC4_C |
Enable the ARCFOUR stream cipher. More... | |
#define | POLARSSL_ASN1_PARSE_C |
Enable the generic ASN1 parser. More... | |
#define | POLARSSL_ASN1_WRITE_C |
Enable the generic ASN1 writer. More... | |
#define | POLARSSL_BASE64_C |
Enable the Base64 module. More... | |
#define | POLARSSL_BIGNUM_C |
Enable the multi-precision integer library. More... | |
#define | POLARSSL_BLOWFISH_C |
Enable the Blowfish block cipher. More... | |
#define | POLARSSL_CAMELLIA_C |
Enable the Camellia block cipher. More... | |
#define | POLARSSL_CERTS_C |
Enable the test certificates. More... | |
#define | POLARSSL_CIPHER_C |
Enable the generic cipher layer. More... | |
#define | POLARSSL_CTR_DRBG_C |
Enable the CTR_DRBG AES-256-based random generator. More... | |
#define | POLARSSL_DEBUG_C |
Enable the debug functions. More... | |
#define | POLARSSL_DES_C |
Enable the DES block cipher. More... | |
#define | POLARSSL_DHM_C |
Enable the Diffie-Hellman-Merkle module. More... | |
#define | POLARSSL_ECDH_C |
Enable the elliptic curve Diffie-Hellman library. More... | |
#define | POLARSSL_ECDSA_C |
Enable the elliptic curve DSA library. More... | |
#define | POLARSSL_ECP_C |
Enable the elliptic curve over GF(p) library. More... | |
#define | POLARSSL_ENTROPY_C |
Enable the platform-specific entropy code. More... | |
#define | POLARSSL_ERROR_C |
Enable error code to error string conversion. More... | |
#define | POLARSSL_GCM_C |
Enable the Galois/Counter Mode (GCM) for AES. More... | |
#define | POLARSSL_HMAC_DRBG_C |
Enable the HMAC_DRBG random generator. More... | |
#define | POLARSSL_MD_C |
Enable the generic message digest layer. More... | |
#define | POLARSSL_MD5_C |
Enable the MD5 hash algorithm. More... | |
#define | POLARSSL_NET_C |
Enable the TCP/IP networking routines. More... | |
#define | POLARSSL_OID_C |
Enable the OID database. More... | |
#define | POLARSSL_PADLOCK_C |
Enable VIA Padlock support on x86. More... | |
#define | POLARSSL_PBKDF2_C |
Enable PKCS#5 PBKDF2 key derivation function. More... | |
#define | POLARSSL_PEM_PARSE_C |
Enable PEM decoding / parsing. More... | |
#define | POLARSSL_PEM_WRITE_C |
Enable PEM encoding / writing. More... | |
#define | POLARSSL_PK_C |
Enable the generic public (asymetric) key layer. More... | |
#define | POLARSSL_PK_PARSE_C |
Enable the generic public (asymetric) key parser. More... | |
#define | POLARSSL_PK_WRITE_C |
Enable the generic public (asymetric) key writer. More... | |
#define | POLARSSL_PKCS5_C |
Enable PKCS#5 functions. More... | |
#define | POLARSSL_PKCS12_C |
Enable PKCS#12 PBE functions. More... | |
#define | POLARSSL_PLATFORM_C |
Enable the platform abstraction layer that allows you to re-assign functions like malloc(), free(), printf(), fprintf() More... | |
#define | POLARSSL_RIPEMD160_C |
Enable the RIPEMD-160 hash algorithm. More... | |
#define | POLARSSL_RSA_C |
Enable the RSA public-key cryptosystem. More... | |
#define | POLARSSL_SHA1_C |
Enable the SHA1 cryptographic hash algorithm. More... | |
#define | POLARSSL_SHA256_C |
Enable the SHA-224 and SHA-256 cryptographic hash algorithms. More... | |
#define | POLARSSL_SHA512_C |
Enable the SHA-384 and SHA-512 cryptographic hash algorithms. More... | |
#define | POLARSSL_SSL_CACHE_C |
Enable simple SSL cache implementation. More... | |
#define | POLARSSL_SSL_CLI_C |
Enable the SSL/TLS client code. More... | |
#define | POLARSSL_SSL_SRV_C |
Enable the SSL/TLS server code. More... | |
#define | POLARSSL_SSL_TLS_C |
Enable the generic SSL/TLS code. More... | |
#define | POLARSSL_TIMING_C |
Enable the portable timing interface. More... | |
#define | POLARSSL_VERSION_C |
Enable run-time version information. More... | |
#define | POLARSSL_X509_USE_C |
Enable X.509 core for using certificates. More... | |
#define | POLARSSL_X509_CRT_PARSE_C |
Enable X.509 certificate parsing. More... | |
#define | POLARSSL_X509_CRL_PARSE_C |
Enable X.509 CRL parsing. More... | |
#define | POLARSSL_X509_CSR_PARSE_C |
Enable X.509 Certificate Signing Request (CSR) parsing. More... | |
#define | POLARSSL_X509_CREATE_C |
Enable X.509 core for creating certificates. More... | |
#define | POLARSSL_X509_CRT_WRITE_C |
Enable creating X.509 certificates. More... | |
#define | POLARSSL_X509_CSR_WRITE_C |
Enable creating X.509 Certificate Signing Requests (CSR). More... | |
#define | POLARSSL_XTEA_C |
Enable the XTEA block cipher. More... | |
Configuration options (set of defines)
Copyright (C) 2006-2014, Brainspark B.V.
This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
This set of compile-time options may be used to enable or disable features selectively, and reduce the global memory footprint.
Definition in file config.h.
#define POLARSSL_AES_C |
Enable the AES block cipher.
Module: library/aes.c Caller: library/ssl_tls.c library/pem.c library/ctr_drbg.c
This module enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA TLS_DHE_PSK_WITH_AES_256_CBC_SHA TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA TLS_DHE_PSK_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 TLS_RSA_PSK_WITH_AES_256_CBC_SHA TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 TLS_RSA_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_AES_256_GCM_SHA384 TLS_PSK_WITH_AES_256_CBC_SHA384 TLS_PSK_WITH_AES_256_CBC_SHA TLS_PSK_WITH_AES_128_GCM_SHA256 TLS_PSK_WITH_AES_128_CBC_SHA256 TLS_PSK_WITH_AES_128_CBC_SHA
PEM_PARSE uses AES for decrypting encrypted keys.
#define POLARSSL_AESNI_C |
Enable AES-NI support on x86-64.
Module: library/aesni.c Caller: library/aes.c
Requires: POLARSSL_HAVE_ASM
This modules adds support for the AES-NI instructions on x86-64
#define POLARSSL_ARC4_C |
Enable the ARCFOUR stream cipher.
Module: library/arc4.c Caller: library/ssl_tls.c
This module enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDH_ECDSA_WITH_RC4_128_SHA TLS_ECDH_RSA_WITH_RC4_128_SHA TLS_ECDHE_ECDSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDHE_PSK_WITH_RC4_128_SHA TLS_DHE_PSK_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_PSK_WITH_RC4_128_SHA TLS_PSK_WITH_RC4_128_SHA
#define POLARSSL_ASN1_PARSE_C |
Enable the generic ASN1 parser.
Module: library/asn1.c Caller: library/x509.c library/dhm.c library/pkcs12.c library/pkcs5.c library/pkparse.c
#define POLARSSL_ASN1_WRITE_C |
Enable the generic ASN1 writer.
Module: library/asn1write.c Caller: library/ecdsa.c library/pkwrite.c library/x509_create.c library/x509write_crt.c library/x509write_csr.c
#define POLARSSL_BASE64_C |
Enable the Base64 module.
Module: library/base64.c Caller: library/pem.c
This module is required for PEM support (required by X.509).
#define POLARSSL_BIGNUM_C |
Enable the multi-precision integer library.
Module: library/bignum.c Caller: library/dhm.c library/ecp.c library/rsa.c library/ssl_tls.c
This module is required for RSA and DHM support.
#define POLARSSL_BLOWFISH_C |
Enable the Blowfish block cipher.
Module: library/blowfish.c
#define POLARSSL_CAMELLIA_C |
Enable the Camellia block cipher.
Module: library/camellia.c Caller: library/ssl_tls.c
This module enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
#define POLARSSL_CERTS_C |
Enable the test certificates.
Module: library/certs.c Caller:
Requires: POLARSSL_PEM_PARSE_C
This module is used for testing (ssl_client/server).
#define POLARSSL_CIPHER_C |
Enable the generic cipher layer.
Module: library/cipher.c Caller: library/ssl_tls.c
Uncomment to enable generic cipher wrappers.
#define POLARSSL_CIPHER_MODE_CBC |
#define POLARSSL_CIPHER_MODE_CFB |
#define POLARSSL_CIPHER_MODE_CTR |
#define POLARSSL_CTR_DRBG_C |
Enable the CTR_DRBG AES-256-based random generator.
Module: library/ctr_drbg.c Caller:
Requires: POLARSSL_AES_C
This module provides the CTR_DRBG AES-256 random number generator.
#define POLARSSL_DEBUG_C |
Enable the debug functions.
Module: library/debug.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c
This module provides debugging functions.
#define POLARSSL_DES_C |
Enable the DES block cipher.
Module: library/des.c Caller: library/pem.c library/ssl_tls.c
This module enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA TLS_PSK_WITH_3DES_EDE_CBC_SHA
PEM_PARSE uses DES/3DES for decrypting encrypted keys.
#define POLARSSL_DHM_C |
Enable the Diffie-Hellman-Merkle module.
Module: library/dhm.c Caller: library/ssl_cli.c library/ssl_srv.c
This module is used by the following key exchanges: DHE-RSA, DHE-PSK
#define POLARSSL_ECDH_C |
Enable the elliptic curve Diffie-Hellman library.
Module: library/ecdh.c Caller: library/ssl_cli.c library/ssl_srv.c
This module is used by the following key exchanges: ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
Requires: POLARSSL_ECP_C
#define POLARSSL_ECDSA_C |
Enable the elliptic curve DSA library.
Module: library/ecdsa.c Caller:
This module is used by the following key exchanges: ECDHE-ECDSA
Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
#define POLARSSL_ECDSA_DETERMINISTIC |
Enable deterministic ECDSA (RFC 6979).
Standard ECDSA is "fragile" in the sense that lack of entropy when signing may result in a compromise of the long-term signing key. This is avoided by the deterministic variant.
Requires: POLARSSL_HMAC_DRBG_C
Comment this macro to disable deterministic ECDSA.
#define POLARSSL_ECP_C |
Enable the elliptic curve over GF(p) library.
Module: library/ecp.c Caller: library/ecdh.c library/ecdsa.c
Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
#define POLARSSL_ECP_NIST_OPTIM |
#define POLARSSL_ENTROPY_C |
Enable the platform-specific entropy code.
Module: library/entropy.c Caller:
Requires: POLARSSL_SHA512_C or POLARSSL_SHA256_C
This module provides a generic entropy pool
#define POLARSSL_ERROR_C |
Enable error code to error string conversion.
Module: library/error.c Caller:
This module enables polarssl_strerror().
#define POLARSSL_ERROR_STRERROR_BC |
Make available the backward compatible error_strerror() next to the current polarssl_strerror().
Disable if you run into name conflicts and want to really remove the error_strerror()
#define POLARSSL_ERROR_STRERROR_DUMMY |
Enable a dummy error function to make use of polarssl_strerror() in third party libraries easier.
Disable if you run into name conflicts and want to really remove the polarssl_strerror()
#define POLARSSL_FS_IO |
#define POLARSSL_GCM_C |
Enable the Galois/Counter Mode (GCM) for AES.
Module: library/gcm.c
Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C
This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other requisites are enabled as well.
#define POLARSSL_GENPRIME |
#define POLARSSL_HAVE_ASM |
The compiler has support for asm().
Requires support for asm() in compiler.
Used in: library/timing.c library/padlock.c include/polarssl/bn_mul.h
Comment to disable the use of assembly code.
#define POLARSSL_HAVE_IPV6 |
#define POLARSSL_HAVE_LONGLONG |
#define POLARSSL_HAVE_TIME |
#define POLARSSL_HMAC_DRBG_C |
Enable the HMAC_DRBG random generator.
Module: library/hmac_drbg.c Caller:
Requires: POLARSSL_MD_C
Uncomment to enable the HMAC_DRBG random number geerator.
#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED |
Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_DHM_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 TLS_DHE_PSK_WITH_AES_256_CBC_SHA TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 TLS_DHE_PSK_WITH_AES_128_CBC_SHA TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_DHE_PSK_WITH_RC4_128_SHA
#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED |
Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDH_ECDSA_WITH_RC4_128_SHA TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED |
Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDH_RSA_WITH_RC4_128_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C,
This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_ECDH_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_PSK_WITH_RC4_128_SHA
#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED |
Enable the PSK based ciphersuite modes in SSL / TLS.
This enables the following ciphersuites (if other requisites are enabled as well): TLS_PSK_WITH_AES_256_GCM_SHA384 TLS_PSK_WITH_AES_256_CBC_SHA384 TLS_PSK_WITH_AES_256_CBC_SHA TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_PSK_WITH_AES_128_GCM_SHA256 TLS_PSK_WITH_AES_128_CBC_SHA256 TLS_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_PSK_WITH_3DES_EDE_CBC_SHA TLS_PSK_WITH_RC4_128_SHA
#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED |
Enable the RSA-only based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5
#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED |
Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, POLARSSL_X509_CRT_PARSE_C
This enables the following ciphersuites (if other requisites are enabled as well): TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 TLS_RSA_PSK_WITH_AES_256_CBC_SHA TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 TLS_RSA_PSK_WITH_AES_128_CBC_SHA TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA TLS_RSA_PSK_WITH_RC4_128_SHA
#define POLARSSL_MD5_C |
Enable the MD5 hash algorithm.
Module: library/md5.c Caller: library/md.c library/pem.c library/ssl_tls.c
This module is required for SSL/TLS and X.509. PEM_PARSE uses MD5 for decrypting encrypted keys.
#define POLARSSL_MD_C |
Enable the generic message digest layer.
Module: library/md.c Caller:
Uncomment to enable generic message digest wrappers.
#define POLARSSL_NET_C |
Enable the TCP/IP networking routines.
Module: library/net.c
This module provides TCP/IP networking routines.
#define POLARSSL_OID_C |
Enable the OID database.
Module: library/oid.c Caller: library/asn1write.c library/pkcs5.c library/pkparse.c library/pkwrite.c library/rsa.c library/x509.c library/x509_create.c library/x509_crl.c library/x509_crt.c library/x509_csr.c library/x509write_crt.c library/x509write_csr.c
This modules translates between OIDs and internal values.
#define POLARSSL_PADLOCK_C |
Enable VIA Padlock support on x86.
Module: library/padlock.c Caller: library/aes.c
Requires: POLARSSL_HAVE_ASM
This modules adds support for the VIA PadLock on x86.
#define POLARSSL_PBKDF2_C |
Enable PKCS#5 PBKDF2 key derivation function.
DEPRECATED: Use POLARSSL_PKCS5_C instead
Module: library/pbkdf2.c
Requires: POLARSSL_PKCS5_C
This module adds support for the PKCS#5 PBKDF2 key derivation function.
#define POLARSSL_PEM_PARSE_C |
Enable PEM decoding / parsing.
Module: library/pem.c Caller: library/dhm.c library/pkparse.c library/x509_crl.c library/x509_crt.c library/x509_csr.c
Requires: POLARSSL_BASE64_C
This modules adds support for decoding / parsing PEM files.
#define POLARSSL_PEM_WRITE_C |
Enable PEM encoding / writing.
Module: library/pem.c Caller: library/pkwrite.c library/x509write_crt.c library/x509write_csr.c
Requires: POLARSSL_BASE64_C
This modules adds support for encoding / writing PEM files.
#define POLARSSL_PK_C |
Enable the generic public (asymetric) key layer.
Module: library/pk.c Caller: library/ssl_tls.c library/ssl_cli.c library/ssl_srv.c
Requires: POLARSSL_RSA_C or POLARSSL_ECP_C
Uncomment to enable generic public key wrappers.
#define POLARSSL_PK_PARSE_C |
Enable the generic public (asymetric) key parser.
Module: library/pkparse.c Caller: library/x509_crt.c library/x509_csr.c
Requires: POLARSSL_PK_C
Uncomment to enable generic public key parse functions.
#define POLARSSL_PK_PARSE_EC_EXTENDED |
Enhance support for reading EC keys using variants of SEC1 not allowed by RFC 5915 and RFC 5480.
Currently this means parsing the SpecifiedECDomain choice of EC parameters (only known groups are supported, not arbitrary domains, to avoid validation issues).
Disable if you only need to support RFC 5915 + 5480 key formats.
#define POLARSSL_PK_WRITE_C |
Enable the generic public (asymetric) key writer.
Module: library/pkwrite.c Caller: library/x509write.c
Requires: POLARSSL_PK_C
Uncomment to enable generic public key write functions.
#define POLARSSL_PKCS12_C |
Enable PKCS#12 PBE functions.
Adds algorithms for parsing PKCS#8 encrypted private keys
Module: library/pkcs12.c Caller: library/pkparse.c
Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_CIPHER_C, POLARSSL_MD_C Can use: POLARSSL_ARC4_C
This module enables PKCS#12 functions.
#define POLARSSL_PKCS1_V15 |
#define POLARSSL_PKCS1_V21 |
#define POLARSSL_PKCS5_C |
Enable PKCS#5 functions.
Module: library/pkcs5.c
Requires: POLARSSL_MD_C
This module adds support for the PKCS#5 functions.
#define POLARSSL_PLATFORM_C |
Enable the platform abstraction layer that allows you to re-assign functions like malloc(), free(), printf(), fprintf()
Module: library/platform.c Caller: Most other .c files
This module enables abstraction of common (libc) functions.
#define POLARSSL_RIPEMD160_C |
Enable the RIPEMD-160 hash algorithm.
Module: library/ripemd160.c Caller: library/md.c
#define POLARSSL_RSA_C |
Enable the RSA public-key cryptosystem.
Module: library/rsa.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c library/x509.c
This module is used by the following key exchanges: RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C
#define POLARSSL_SELF_TEST |
#define POLARSSL_SHA1_C |
Enable the SHA1 cryptographic hash algorithm.
Module: library/sha1.c Caller: library/md.c library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c library/x509write_crt.c
This module is required for SSL/TLS and SHA1-signed certificates.
#define POLARSSL_SHA256_C |
Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
(Used to be POLARSSL_SHA2_C)
Module: library/sha256.c Caller: library/entropy.c library/md.c library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c
This module adds support for SHA-224 and SHA-256. This module is required for the SSL/TLS 1.2 PRF function.
#define POLARSSL_SHA512_C |
Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
(Used to be POLARSSL_SHA4_C)
Module: library/sha512.c Caller: library/entropy.c library/md.c library/ssl_cli.c library/ssl_srv.c
This module adds support for SHA-384 and SHA-512.
#define POLARSSL_SSL_ALPN |
#define POLARSSL_SSL_CACHE_C |
Enable simple SSL cache implementation.
Module: library/ssl_cache.c Caller:
Requires: POLARSSL_SSL_CACHE_C
#define POLARSSL_SSL_CLI_C |
Enable the SSL/TLS client code.
Module: library/ssl_cli.c Caller:
Requires: POLARSSL_SSL_TLS_C
This module is required for SSL/TLS client support.
#define POLARSSL_SSL_MAX_FRAGMENT_LENGTH |
#define POLARSSL_SSL_PROTO_SSL3 |
#define POLARSSL_SSL_PROTO_TLS1 |
#define POLARSSL_SSL_PROTO_TLS1_1 |
#define POLARSSL_SSL_PROTO_TLS1_2 |
#define POLARSSL_SSL_SERVER_NAME_INDICATION |
#define POLARSSL_SSL_SESSION_TICKETS |
#define POLARSSL_SSL_SRV_C |
Enable the SSL/TLS server code.
Module: library/ssl_srv.c Caller:
Requires: POLARSSL_SSL_TLS_C
This module is required for SSL/TLS server support.
#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO |
#define POLARSSL_SSL_TLS_C |
Enable the generic SSL/TLS code.
Module: library/ssl_tls.c Caller: library/ssl_cli.c library/ssl_srv.c
Requires: POLARSSL_CIPHER_C, POLARSSL_MD_C and at least one of the POLARSSL_SSL_PROTO_* defines
This module is required for SSL/TLS.
#define POLARSSL_SSL_TRUNCATED_HMAC |
#define POLARSSL_TIMING_C |
Enable the portable timing interface.
Module: library/timing.c Caller: library/havege.c
This module is used by the HAVEGE random number generator.
#define POLARSSL_VERSION_C |
Enable run-time version information.
Module: library/version.c
This module provides run-time version information.
#define POLARSSL_VERSION_FEATURES |
Allow run-time checking of compile-time enabled features.
Thus allowing users to check at run-time if the library is for instance compiled with threading support via version_check_feature().
Requires: POLARSSL_VERSION_C
Comment this to disable run-time checking and save ROM space
#define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE |
Enable verification of the extendedKeyUsage extension (leaf certificates).
Disabling this avoids problems with mis-issued and/or misused certificates.
Comment to skip extendedKeyUsage checking for certificates.
#define POLARSSL_X509_CHECK_KEY_USAGE |
Enable verification of the keyUsage extension (CA and leaf certificates).
Disabling this avoids problems with mis-issued and/or misused (intermediate) CA and leaf certificates.
Comment to skip keyUsage checking for both CA and leaf certificates.
#define POLARSSL_X509_CREATE_C |
Enable X.509 core for creating certificates.
Module: library/x509_create.c
Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_WRITE_C
This module is the basis for creating X.509 certificates and CSRs.
#define POLARSSL_X509_CRL_PARSE_C |
Enable X.509 CRL parsing.
Module: library/x509_crl.c Caller: library/x509_crt.c
Requires: POLARSSL_X509_USE_C
This module is required for X.509 CRL parsing.
#define POLARSSL_X509_CRT_PARSE_C |
Enable X.509 certificate parsing.
Module: library/x509_crt.c Caller: library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c
Requires: POLARSSL_X509_USE_C
This module is required for X.509 certificate parsing.
#define POLARSSL_X509_CRT_WRITE_C |
#define POLARSSL_X509_CSR_PARSE_C |
Enable X.509 Certificate Signing Request (CSR) parsing.
Module: library/x509_csr.c Caller: library/x509_crt_write.c
Requires: POLARSSL_X509_USE_C
This module is used for reading X.509 certificate request.
#define POLARSSL_X509_CSR_WRITE_C |
#define POLARSSL_X509_USE_C |
Enable X.509 core for using certificates.
Module: library/x509.c Caller: library/x509_crl.c library/x509_crt.c library/x509_csr.c
Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_PARSE_C
This module is required for the X.509 parsing modules.
#define POLARSSL_XTEA_C |
Enable the XTEA block cipher.
Module: library/xtea.c Caller: