SharkSSL™ Embedded SSL/TLS Stack
SharkSSL_cfg.h
1/*
2 * ____ _________ __ _
3 * / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____
4 * / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/
5 * / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__
6 * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
7 * /____/
8 *
9 * SharkSSL Embedded SSL/TLS Stack
10 ****************************************************************************
11 * PROGRAM MODULE
12 *
13 * $Id: SharkSSL_cfg.h 5463 2023-07-10 21:29:12Z gianluca $
14 *
15 * COPYRIGHT: Real Time Logic LLC, 2010 - 2022
16 *
17 * This software is copyrighted by and is the sole property of Real
18 * Time Logic LLC. All rights, title, ownership, or other interests in
19 * the software remain the property of Real Time Logic LLC. This
20 * software may only be used in accordance with the terms and
21 * conditions stipulated in the corresponding license agreement under
22 * which the software has been supplied. Any unauthorized use,
23 * duplication, transmission, distribution, or disclosure of this
24 * software is expressly forbidden.
25 *
26 * This Copyright notice may not be removed or modified without prior
27 * written consent of Real Time Logic LLC.
28 *
29 * Real Time Logic LLC. reserves the right to modify this software
30 * without notice.
31 *
32 * http://www.realtimelogic.com
33 * http://www.sharkssl.com
34 ****************************************************************************
35
36
37 Do not directly edit the options in this file. Instead, add your
38 custom options in SharkSSL_opts.h
39
40 */
41#ifndef _SharkSsl_cfg_h
42#define _SharkSsl_cfg_h
43
44#include "SharkSSL_opts.h"
45
53#ifndef SHARKSSL_TLS_1_3
54#define SHARKSSL_TLS_1_3 1
55#endif
56
60#ifndef SHARKSSL_TLS_1_2
61#define SHARKSSL_TLS_1_2 1
62#endif
63
66#ifndef SHARKSSL_USE_AES_256
67#define SHARKSSL_USE_AES_256 1
68#endif
69
72#ifndef SHARKSSL_USE_AES_128
73#define SHARKSSL_USE_AES_128 1
74#endif
75
80#ifndef SHARKSSL_USE_AES_192
81#define SHARKSSL_USE_AES_192 0
82#endif
83
88#ifndef SHARKSSL_ENABLE_AES_GCM
89#define SHARKSSL_ENABLE_AES_GCM 1
90#endif
91
96#ifndef SHARKSSL_ENABLE_AES_CCM
97#define SHARKSSL_ENABLE_AES_CCM 0
98#endif
99
105#ifndef SHARKSSL_ENABLE_AES_CBC
106#define SHARKSSL_ENABLE_AES_CBC 0
107#endif
108
113#ifndef SHARKSSL_USE_CHACHA20
114#define SHARKSSL_USE_CHACHA20 1
115#endif
116
117
127#ifndef SHARKSSL_USE_SHA_256
128#define SHARKSSL_USE_SHA_256 1
129#endif
130
134#ifndef SHARKSSL_USE_SHA_384
135#define SHARKSSL_USE_SHA_384 1
136#endif
137
141#ifndef SHARKSSL_USE_SHA_512
142#define SHARKSSL_USE_SHA_512 0
143#endif
144
145
150#ifndef SHARKSSL_USE_SHA1
151#define SHARKSSL_USE_SHA1 0
152#endif
153
156#ifndef SHARKSSL_USE_MD5
157#define SHARKSSL_USE_MD5 0
158#endif
159
164#ifndef SHARKSSL_USE_POLY1305
165#define SHARKSSL_USE_POLY1305 1
166#endif
167 /* end group SharkSslCfgHash */
169
170
173#ifndef SHARKSSL_SSL_SERVER_CODE
174#define SHARKSSL_SSL_SERVER_CODE 1
175#endif
176
177
180#ifndef SHARKSSL_ENABLE_CLIENT_AUTH
181#define SHARKSSL_ENABLE_CLIENT_AUTH 1
182#endif
183
184
187#ifndef SHARKSSL_SSL_CLIENT_CODE
188#define SHARKSSL_SSL_CLIENT_CODE 1
189#endif
190
191
194#ifndef SHARKSSL_RANDOMIZE_EXTENSIONS
195#define SHARKSSL_RANDOMIZE_EXTENSIONS 1
196#endif
197
198
201#ifndef SHARKSSL_ENABLE_SNI
202#define SHARKSSL_ENABLE_SNI 1
203#endif
204
205
210#ifndef SHARKSSL_ENABLE_CA_EXTENSION
211#define SHARKSSL_ENABLE_CA_EXTENSION 1
212#endif
213
214
217#ifndef SHARKSSL_ENABLE_RSA
218#define SHARKSSL_ENABLE_RSA 1
219#endif
220
221
224#ifndef SHARKSSL_ENABLE_SESSION_CACHE
225#define SHARKSSL_ENABLE_SESSION_CACHE 1
226#endif
227
228
235#ifndef SHARKSSL_ENABLE_SECURE_RENEGOTIATION
236#define SHARKSSL_ENABLE_SECURE_RENEGOTIATION SHARKSSL_TLS_1_2
237#endif
238
239
244#ifndef SHARKSSL_ENABLE_DHE_RSA
245#define SHARKSSL_ENABLE_DHE_RSA SHARKSSL_TLS_1_2
246#endif
247
248
252#undef SHARKSSL_USE_SHA_256
253#define SHARKSSL_USE_SHA_256 1
254
255
258#ifndef SHARKSSL_ENABLE_SELECT_CIPHERSUITE
259#define SHARKSSL_ENABLE_SELECT_CIPHERSUITE 1
260#endif
261
262
267#ifndef SHARKSSL_SELECT_CIPHERSUITE_LIST_DEPTH
268#define SHARKSSL_SELECT_CIPHERSUITE_LIST_DEPTH 8
269#endif
270
271
274#ifndef SHARKSSL_ENABLE_ALPN_EXTENSION
275#define SHARKSSL_ENABLE_ALPN_EXTENSION 1
276#endif
277
278
283#ifndef SHARKSSL_ENABLE_RSA_API
284#define SHARKSSL_ENABLE_RSA_API 1
285#endif
286
287
292#ifndef SHARKSSL_ENABLE_RSA_PKCS1
293#define SHARKSSL_ENABLE_RSA_PKCS1 1
294#endif
295
296
302#ifndef SHARKSSL_ENABLE_RSASSA_PSS
303#define SHARKSSL_ENABLE_RSASSA_PSS SHARKSSL_TLS_1_3
304#endif
305
309#ifndef SHARKSSL_ENABLE_RSA_OAEP
310#define SHARKSSL_ENABLE_RSA_OAEP 0
311#endif
312
313
317#ifndef SHARKSSL_ENABLE_ECDSA_API
318#define SHARKSSL_ENABLE_ECDSA_API 1
319#endif
320
321
328#ifndef SHARKSSL_ECDSA_ONLY_VERIFY
329#define SHARKSSL_ECDSA_ONLY_VERIFY 0
330#endif
331
332
339#ifndef SHARKSSL_ENABLE_PEM_API
340#define SHARKSSL_ENABLE_PEM_API 1
341#endif
342
343
348#ifndef SHARKSSL_ENABLE_ENCRYPTED_PKCS8_SUPPORT
349#define SHARKSSL_ENABLE_ENCRYPTED_PKCS8_SUPPORT 0
350#endif
351
352
355#ifndef SHARKSSL_ENABLE_INFO_API
356#define SHARKSSL_ENABLE_INFO_API 1
357#endif
358
359
362#ifndef SHARKSSL_ENABLE_CERT_CHAIN
363#define SHARKSSL_ENABLE_CERT_CHAIN 1
364#endif
365
366
370#ifndef SHARKSSL_ENABLE_CA_LIST
371#define SHARKSSL_ENABLE_CA_LIST 1
372#endif
373
374
377#ifndef SHARKSSL_ENABLE_CERTSTORE_API
378#define SHARKSSL_ENABLE_CERTSTORE_API 1
379#endif
380
381
384#ifdef SHARKSSL_ENABLE_CLONE_CERTINFO
385#if !SHARKSSL_ENABLE_CLONE_CERTINFO
386#error SHARKSSL_ENABLE_CLONE_CERTINFO is now enabled by default - please remove its #define
387#endif
388#endif
389
390
394#ifndef SHARKSSL_ENABLE_CERT_KEYUSAGE
395#define SHARKSSL_ENABLE_CERT_KEYUSAGE 0
396#endif
397
398
405#ifndef SHARKSSL_MD5_SMALL_FOOTPRINT
406#define SHARKSSL_MD5_SMALL_FOOTPRINT 0
407#endif
408
409#ifndef SHARKSSL_SHA1_SMALL_FOOTPRINT
410#define SHARKSSL_SHA1_SMALL_FOOTPRINT 0
411#endif
412
415#ifndef SHARKSSL_SHA256_SMALL_FOOTPRINT
416#define SHARKSSL_SHA256_SMALL_FOOTPRINT 0
417#endif
418
419
422#ifndef SHARKSSL_BIGINT_EXP_SLIDING_WINDOW_K
423#define SHARKSSL_BIGINT_EXP_SLIDING_WINDOW_K 4
424#endif
425
426
429#ifndef SHARKSSL_BIGINT_MULT_LOOP_UNROLL
430#define SHARKSSL_BIGINT_MULT_LOOP_UNROLL 1
431#endif
432
433
436#ifndef SHARKSSL_ENABLE_AES_CTR_MODE
437#define SHARKSSL_ENABLE_AES_CTR_MODE 1
438#endif
439
440
443#ifndef SHARKSSL_AES_CIPHER_LOOP_UNROLL
444#define SHARKSSL_AES_CIPHER_LOOP_UNROLL 1
445#endif
446
447
451#ifndef SHARKSSL_UNALIGNED_ACCESS
452#ifdef UNALIGNED_ACCESS
453#define SHARKSSL_UNALIGNED_ACCESS 1
454#else
455#define SHARKSSL_UNALIGNED_ACCESS 0
456#endif
457#endif
458
459
462#ifndef SHARKSSL_BIGINT_WORDSIZE
463#define SHARKSSL_BIGINT_WORDSIZE 32
464#endif
465
466
469#ifndef SHARKSSL_USE_ECC
470#define SHARKSSL_USE_ECC 1
471#endif
472
473
477#ifndef SHARKSSL_ENABLE_ECDSA
478#define SHARKSSL_ENABLE_ECDSA 1
479#endif
480
481
487#ifndef SHARKSSL_ECC_VERIFY_POINT
488#define SHARKSSL_ECC_VERIFY_POINT 1
489#endif
490
491
495#ifndef SHARKSSL_ECC_TIMING_RESISTANT
496#define SHARKSSL_ECC_TIMING_RESISTANT 1
497#endif
498
503#ifndef SHARKSSL_BIGINT_TIMING_RESISTANT
504#define SHARKSSL_BIGINT_TIMING_RESISTANT 1
505#endif
506
507
510#ifndef SHARKSSL_ECC_USE_SECP256R1
511#define SHARKSSL_ECC_USE_SECP256R1 1
512#endif
513
516#ifndef SHARKSSL_ECC_USE_SECP384R1
517#define SHARKSSL_ECC_USE_SECP384R1 1
518#endif
519
522#ifndef SHARKSSL_ECC_USE_SECP521R1
523#define SHARKSSL_ECC_USE_SECP521R1 1
524#endif
525
526
529#ifndef SHARKSSL_ECC_USE_BRAINPOOLP256R1
530#define SHARKSSL_ECC_USE_BRAINPOOLP256R1 1
531#endif
532
535#ifndef SHARKSSL_ECC_USE_BRAINPOOLP384R1
536#define SHARKSSL_ECC_USE_BRAINPOOLP384R1 1
537#endif
538
541#ifndef SHARKSSL_ECC_USE_BRAINPOOLP512R1
542#define SHARKSSL_ECC_USE_BRAINPOOLP512R1 1
543#endif
544
545
548#ifndef SHARKSSL_ECC_USE_CURVE25519
549#define SHARKSSL_ECC_USE_CURVE25519 1
550#endif
551
552
555#ifndef SHARKSSL_ECC_USE_CURVE448
556#define SHARKSSL_ECC_USE_CURVE448 0
557#endif
558
559
564#ifndef SHARKSSL_ENABLE_ECDHE_RSA
565#define SHARKSSL_ENABLE_ECDHE_RSA 1
566#endif
567
568
573#ifndef SHARKSSL_ENABLE_ECDHE_ECDSA
574#define SHARKSSL_ENABLE_ECDHE_ECDSA 1
575#endif
576
577
580#ifndef SHARKSSL_OPTIMIZED_BIGINT_ASM
581#define SHARKSSL_OPTIMIZED_BIGINT_ASM 0
582#endif
583
586#ifndef SHARKSSL_OPTIMIZED_CHACHA_ASM
587#define SHARKSSL_OPTIMIZED_CHACHA_ASM 0
588#endif
589
592#ifndef SHARKSSL_OPTIMIZED_POLY1305_ASM
593#define SHARKSSL_OPTIMIZED_POLY1305_ASM 0
594#endif
595
596
603#ifndef SHARKSSL_USE_RNG_TINYMT
604#define SHARKSSL_USE_RNG_TINYMT 0
605#endif
606
614#ifndef SHARKSSL_USE_RNG_FORTUNA
615#define SHARKSSL_USE_RNG_FORTUNA 0
616#endif
617
618
624#ifndef SHARKSSL_RNG_MULTITHREADED
625#define SHARKSSL_RNG_MULTITHREADED 1
626#endif
627
628
631#ifndef SHARKSSL_NOPACK
632#define SHARKSSL_NOPACK 0
633#endif
634
640#ifdef __DOXYGEN__
641#define SHARKSSL_CHECK_DATE 0
642#endif
643#ifndef SHARKSSL_CHECK_DATE
644#ifdef SHARKSSL_BA /* if SharkSSL embedded in BAS */
645#define SHARKSSL_CHECK_DATE 1
646#else
647#define SHARKSSL_CHECK_DATE 0
648#endif
649#endif
650
651 /* end group SharkSslCfg */
653
656#if SHARKSSL_ECC_TIMING_RESISTANT
657#undef SHARKSSL_BIGINT_TIMING_RESISTANT
658#define SHARKSSL_BIGINT_TIMING_RESISTANT 1
659#endif
660
663#if SHARKSSL_TLS_1_3
664#if !SHARKSSL_TLS_1_2
665#if SHARKSSL_ENABLE_SECURE_RENEGOTIATION
666#undef SHARKSSL_ENABLE_SECURE_RENEGOTIATION
667#define SHARKSSL_ENABLE_SECURE_RENEGOTIATION 0
668#endif
669#if SHARKSSL_ENABLE_DHE_RSA
670#undef SHARKSSL_ENABLE_DHE_RSA
671#define SHARKSSL_ENABLE_DHE_RSA 0
672#endif
673#endif
674#if (0 == SHARKSSL_ECC_USE_SECP256R1)
675#error TLS 1.3 requires NIST curve secp256r1
676#endif
677#if (0 == SHARKSSL_USE_AES_128)
678#error TLS 1.3 requires AES 128
679#endif
680#if (0 == SHARKSSL_USE_SHA_256)
681#error TLS 1.3 requires SHA 256
682#endif
683#endif /* SHARKSSL_TLS_1_3 */
684
685#endif