SharkSSL™ Embedded SSL/TLS Stack
SharkSSL_cfg.h
1/*
2 * ____ _________ __ _
3 * / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____
4 * / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/
5 * / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__
6 * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
7 * /____/
8 *
9 * SharkSSL Embedded SSL/TLS Stack
10 ****************************************************************************
11 * PROGRAM MODULE
12 *
13 * $Id: SharkSSL_cfg.h 5532 2024-04-20 08:12:12Z gianluca $
14 *
15 * COPYRIGHT: Real Time Logic LLC, 2010 - 2022
16 *
17 * This software is copyrighted by and is the sole property of Real
18 * Time Logic LLC. All rights, title, ownership, or other interests in
19 * the software remain the property of Real Time Logic LLC. This
20 * software may only be used in accordance with the terms and
21 * conditions stipulated in the corresponding license agreement under
22 * which the software has been supplied. Any unauthorized use,
23 * duplication, transmission, distribution, or disclosure of this
24 * software is expressly forbidden.
25 *
26 * This Copyright notice may not be removed or modified without prior
27 * written consent of Real Time Logic LLC.
28 *
29 * Real Time Logic LLC. reserves the right to modify this software
30 * without notice.
31 *
32 * http://www.realtimelogic.com
33 * http://www.sharkssl.com
34 ****************************************************************************
35
36
37 Do not directly edit the options in this file. Instead, add your
38 custom options in SharkSSL_opts.h
39
40 */
41#ifndef _SharkSsl_cfg_h
42#define _SharkSsl_cfg_h
43
44#include "SharkSSL_opts.h"
45
53#ifndef SHARKSSL_TLS_1_3
54#define SHARKSSL_TLS_1_3 1
55#endif
56
60#ifndef SHARKSSL_TLS_1_2
61#define SHARKSSL_TLS_1_2 1
62#endif
63
66#ifndef SHARKSSL_USE_AES_256
67#define SHARKSSL_USE_AES_256 1
68#endif
69
72#ifndef SHARKSSL_USE_AES_128
73#define SHARKSSL_USE_AES_128 1
74#endif
75
80#ifndef SHARKSSL_USE_AES_192
81#define SHARKSSL_USE_AES_192 0
82#endif
83
88#ifndef SHARKSSL_ENABLE_AES_GCM
89#define SHARKSSL_ENABLE_AES_GCM 1
90#endif
91
96#ifndef SHARKSSL_ENABLE_AES_CCM
97#define SHARKSSL_ENABLE_AES_CCM 0
98#endif
99
105#ifndef SHARKSSL_ENABLE_AES_CBC
106#define SHARKSSL_ENABLE_AES_CBC 0
107#endif
108
113#ifndef SHARKSSL_USE_CHACHA20
114#define SHARKSSL_USE_CHACHA20 1
115#endif
116
117
127#ifndef SHARKSSL_USE_SHA_256
128#define SHARKSSL_USE_SHA_256 1
129#endif
130
134#ifndef SHARKSSL_USE_SHA_384
135#define SHARKSSL_USE_SHA_384 1
136#endif
137
141#ifndef SHARKSSL_USE_SHA_512
142#define SHARKSSL_USE_SHA_512 0
143#endif
144
145
150#ifndef SHARKSSL_USE_SHA1
151#define SHARKSSL_USE_SHA1 0
152#endif
153
156#ifndef SHARKSSL_USE_MD5
157#define SHARKSSL_USE_MD5 0
158#endif
159
164#ifndef SHARKSSL_USE_POLY1305
165#define SHARKSSL_USE_POLY1305 1
166#endif
167 /* end group SharkSslCfgHash */
169
170
173#ifndef SHARKSSL_SSL_SERVER_CODE
174#define SHARKSSL_SSL_SERVER_CODE 1
175#endif
176
177
180#ifndef SHARKSSL_ENABLE_CLIENT_AUTH
181#define SHARKSSL_ENABLE_CLIENT_AUTH 1
182#endif
183
184
187#ifndef SHARKSSL_SSL_CLIENT_CODE
188#define SHARKSSL_SSL_CLIENT_CODE 1
189#endif
190
191
194#ifndef SHARKSSL_RANDOMIZE_EXTENSIONS
195#define SHARKSSL_RANDOMIZE_EXTENSIONS 1
196#endif
197
198
201#ifndef SHARKSSL_ENABLE_SNI
202#define SHARKSSL_ENABLE_SNI 1
203#endif
204
205
210#ifndef SHARKSSL_ENABLE_CA_EXTENSION
211#define SHARKSSL_ENABLE_CA_EXTENSION 1
212#endif
213
214
217#ifndef SHARKSSL_ENABLE_RSA
218#define SHARKSSL_ENABLE_RSA 1
219#endif
220
221
224#ifndef SHARKSSL_ENABLE_SESSION_CACHE
225#define SHARKSSL_ENABLE_SESSION_CACHE 1
226#endif
227
228
235#ifndef SHARKSSL_ENABLE_SECURE_RENEGOTIATION
236#define SHARKSSL_ENABLE_SECURE_RENEGOTIATION SHARKSSL_TLS_1_2
237#endif
238
239
244#ifndef SHARKSSL_ENABLE_DHE_RSA
245#define SHARKSSL_ENABLE_DHE_RSA SHARKSSL_TLS_1_2
246#endif
247
248
252#undef SHARKSSL_USE_SHA_256
253#define SHARKSSL_USE_SHA_256 1
254
255
258#ifndef SHARKSSL_ENABLE_SELECT_CIPHERSUITE
259#define SHARKSSL_ENABLE_SELECT_CIPHERSUITE 1
260#endif
261
262
267#ifndef SHARKSSL_SELECT_CIPHERSUITE_LIST_DEPTH
268#define SHARKSSL_SELECT_CIPHERSUITE_LIST_DEPTH 8
269#endif
270
271
274#ifndef SHARKSSL_ENABLE_ALPN_EXTENSION
275#define SHARKSSL_ENABLE_ALPN_EXTENSION 1
276#endif
277
278
283#ifndef SHARKSSL_ENABLE_RSA_API
284#define SHARKSSL_ENABLE_RSA_API 1
285#endif
286
287
292#ifndef SHARKSSL_ENABLE_RSA_PKCS1
293#define SHARKSSL_ENABLE_RSA_PKCS1 1
294#endif
295
296
302#ifndef SHARKSSL_ENABLE_RSASSA_PSS
303#define SHARKSSL_ENABLE_RSASSA_PSS SHARKSSL_TLS_1_3
304#endif
305
309#ifndef SHARKSSL_ENABLE_RSA_OAEP
310#define SHARKSSL_ENABLE_RSA_OAEP 0
311#endif
312
313
317#ifndef SHARKSSL_ENABLE_ECDSA_API
318#define SHARKSSL_ENABLE_ECDSA_API 1
319#endif
320
321
328#ifndef SHARKSSL_ECDSA_ONLY_VERIFY
329#define SHARKSSL_ECDSA_ONLY_VERIFY 0
330#endif
331
332
339#ifndef SHARKSSL_ENABLE_PEM_API
340#define SHARKSSL_ENABLE_PEM_API 1
341#endif
342
343
348#ifndef SHARKSSL_ENABLE_ENCRYPTED_PKCS8_SUPPORT
349#define SHARKSSL_ENABLE_ENCRYPTED_PKCS8_SUPPORT 0
350#endif
351
352
355#ifndef SHARKSSL_ENABLE_INFO_API
356#define SHARKSSL_ENABLE_INFO_API 1
357#endif
358
359
362#ifndef SHARKSSL_ENABLE_CERT_CHAIN
363#define SHARKSSL_ENABLE_CERT_CHAIN 1
364#endif
365
366
370#ifndef SHARKSSL_ENABLE_CA_LIST
371#define SHARKSSL_ENABLE_CA_LIST 1
372#endif
373
374
377#ifndef SHARKSSL_ENABLE_CERTSTORE_API
378#define SHARKSSL_ENABLE_CERTSTORE_API 1
379#endif
380
381
384#ifdef SHARKSSL_ENABLE_CLONE_CERTINFO
385#if !SHARKSSL_ENABLE_CLONE_CERTINFO
386#error SHARKSSL_ENABLE_CLONE_CERTINFO is now enabled by default - please remove its #define
387#endif
388#endif
389
390
394#ifndef SHARKSSL_ENABLE_CERT_KEYUSAGE
395#define SHARKSSL_ENABLE_CERT_KEYUSAGE 0
396#endif
397
398
405#ifndef SHARKSSL_MD5_SMALL_FOOTPRINT
406#define SHARKSSL_MD5_SMALL_FOOTPRINT 0
407#endif
408
409#ifndef SHARKSSL_SHA1_SMALL_FOOTPRINT
410#define SHARKSSL_SHA1_SMALL_FOOTPRINT 0
411#endif
412
415#ifndef SHARKSSL_SHA256_SMALL_FOOTPRINT
416#define SHARKSSL_SHA256_SMALL_FOOTPRINT 0
417#endif
418
419
422#ifndef SHARKSSL_BIGINT_EXP_SLIDING_WINDOW_K
423#define SHARKSSL_BIGINT_EXP_SLIDING_WINDOW_K 4
424#endif
425
426
429#ifndef SHARKSSL_BIGINT_MULT_LOOP_UNROLL
430#define SHARKSSL_BIGINT_MULT_LOOP_UNROLL 1
431#endif
432
433
436#ifndef SHARKSSL_ENABLE_AES_CTR_MODE
437#define SHARKSSL_ENABLE_AES_CTR_MODE 1
438#endif
439
440
443#ifndef SHARKSSL_AES_CIPHER_LOOP_UNROLL
444#define SHARKSSL_AES_CIPHER_LOOP_UNROLL 1
445#endif
446
447
451#ifndef SHARKSSL_UNALIGNED_ACCESS
452#ifdef UNALIGNED_ACCESS
453#define SHARKSSL_UNALIGNED_ACCESS 1
454#else
455#define SHARKSSL_UNALIGNED_ACCESS 0
456#endif
457#endif
458
459
462#ifndef SHARKSSL_BIGINT_WORDSIZE
463#define SHARKSSL_BIGINT_WORDSIZE 32
464#endif
465
466
469#ifndef SHARKSSL_USE_ECC
470#define SHARKSSL_USE_ECC 1
471#endif
472
473
477#ifndef SHARKSSL_ENABLE_ECDSA
478#define SHARKSSL_ENABLE_ECDSA 1
479#endif
480
481
487#ifndef SHARKSSL_ECC_VERIFY_POINT
488#define SHARKSSL_ECC_VERIFY_POINT 1
489#endif
490
491
495#ifndef SHARKSSL_ENABLE_EDDSA
496#define SHARKSSL_ENABLE_EDDSA 1
497#endif
498
499
503#ifndef SHARKSSL_ECC_TIMING_RESISTANT
504#define SHARKSSL_ECC_TIMING_RESISTANT 1
505#endif
506
507
512#ifndef SHARKSSL_BIGINT_TIMING_RESISTANT
513#define SHARKSSL_BIGINT_TIMING_RESISTANT 1
514#endif
515
516
519#ifndef SHARKSSL_ECC_USE_SECP256R1
520#define SHARKSSL_ECC_USE_SECP256R1 1
521#endif
522
525#ifndef SHARKSSL_ECC_USE_SECP384R1
526#define SHARKSSL_ECC_USE_SECP384R1 1
527#endif
528
531#ifndef SHARKSSL_ECC_USE_SECP521R1
532#define SHARKSSL_ECC_USE_SECP521R1 1
533#endif
534
535
538#ifndef SHARKSSL_ECC_USE_BRAINPOOLP256R1
539#define SHARKSSL_ECC_USE_BRAINPOOLP256R1 1
540#endif
541
544#ifndef SHARKSSL_ECC_USE_BRAINPOOLP384R1
545#define SHARKSSL_ECC_USE_BRAINPOOLP384R1 1
546#endif
547
550#ifndef SHARKSSL_ECC_USE_BRAINPOOLP512R1
551#define SHARKSSL_ECC_USE_BRAINPOOLP512R1 1
552#endif
553
554
557#ifndef SHARKSSL_ECC_USE_CURVE25519
558#define SHARKSSL_ECC_USE_CURVE25519 1
559#endif
560
561
564#ifndef SHARKSSL_ECC_USE_CURVE448
565#define SHARKSSL_ECC_USE_CURVE448 0
566#endif
567
568
573#ifndef SHARKSSL_ENABLE_ECDHE_RSA
574#define SHARKSSL_ENABLE_ECDHE_RSA 1
575#endif
576
577
582#ifndef SHARKSSL_ENABLE_ECDHE_ECDSA
583#define SHARKSSL_ENABLE_ECDHE_ECDSA 1
584#endif
585
586
589#ifndef SHARKSSL_OPTIMIZED_BIGINT_ASM
590#define SHARKSSL_OPTIMIZED_BIGINT_ASM 0
591#endif
592
595#ifndef SHARKSSL_OPTIMIZED_CHACHA_ASM
596#define SHARKSSL_OPTIMIZED_CHACHA_ASM 0
597#endif
598
601#ifndef SHARKSSL_OPTIMIZED_POLY1305_ASM
602#define SHARKSSL_OPTIMIZED_POLY1305_ASM 0
603#endif
604
605
612#ifndef SHARKSSL_USE_RNG_TINYMT
613#define SHARKSSL_USE_RNG_TINYMT 0
614#endif
615
623#ifndef SHARKSSL_USE_RNG_FORTUNA
624#define SHARKSSL_USE_RNG_FORTUNA 0
625#endif
626
627
633#ifndef SHARKSSL_RNG_MULTITHREADED
634#define SHARKSSL_RNG_MULTITHREADED 1
635#endif
636
637
640#ifndef SHARKSSL_NOPACK
641#define SHARKSSL_NOPACK 0
642#endif
643
649#ifdef __DOXYGEN__
650#define SHARKSSL_CHECK_DATE 0
651#endif
652#ifndef SHARKSSL_CHECK_DATE
653#ifdef SHARKSSL_BA /* if SharkSSL embedded in BAS */
654#define SHARKSSL_CHECK_DATE 1
655#else
656#define SHARKSSL_CHECK_DATE 0
657#endif
658#endif
659
660 /* end group SharkSslCfg */
662
665#if SHARKSSL_ECC_TIMING_RESISTANT
666#undef SHARKSSL_BIGINT_TIMING_RESISTANT
667#define SHARKSSL_BIGINT_TIMING_RESISTANT 1
668#endif
669
672#if SHARKSSL_TLS_1_3
673#if !SHARKSSL_TLS_1_2
674#if SHARKSSL_ENABLE_SECURE_RENEGOTIATION
675#undef SHARKSSL_ENABLE_SECURE_RENEGOTIATION
676#define SHARKSSL_ENABLE_SECURE_RENEGOTIATION 0
677#endif
678#if SHARKSSL_ENABLE_DHE_RSA
679#undef SHARKSSL_ENABLE_DHE_RSA
680#define SHARKSSL_ENABLE_DHE_RSA 0
681#endif
682#endif
683#if (0 == SHARKSSL_ECC_USE_SECP256R1)
684#error TLS 1.3 requires NIST curve secp256r1
685#endif
686#if (0 == SHARKSSL_USE_AES_128)
687#error TLS 1.3 requires AES 128
688#endif
689#if (0 == SHARKSSL_USE_SHA_256)
690#error TLS 1.3 requires SHA 256
691#endif
692#endif /* SHARKSSL_TLS_1_3 */
693
694#endif