mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 14:15:37 +00:00
Centralized module option values in config.h
Allow user-defined settings without editing header files by using POLARSSL_CONFIG_OPTIONS in config.h
This commit is contained in:
parent
1fd4321ba2
commit
6fa5488779
|
@ -4,6 +4,8 @@ PolarSSL ChangeLog
|
|||
Features
|
||||
* Parsing of PKCS#8 encrypted private key files
|
||||
* PKCS#12 PBE and derivation functions
|
||||
* Centralized module option values in config.h to allow user-defined
|
||||
settings without editing header files by using POLARSSL_CONFIG_OPTIONS
|
||||
|
||||
Changes
|
||||
* HAVEGE random generator disabled by default
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* \brief Multi-precision integer library
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
|
@ -65,6 +65,7 @@ typedef UINT64 uint64_t;
|
|||
*/
|
||||
#define POLARSSL_MPI_MAX_LIMBS 10000
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
/*
|
||||
* Maximum window size used for modular exponentiation. Default: 6
|
||||
* Minimum value: 1. Maximum value: 6.
|
||||
|
@ -84,6 +85,9 @@ typedef UINT64 uint64_t;
|
|||
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher.
|
||||
*/
|
||||
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
|
||||
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
|
||||
|
||||
/*
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* \brief Configuration options (set of defines)
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
|
@ -957,4 +957,56 @@
|
|||
#define POLARSSL_XTEA_C
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
* \name SECTION: Module configuration options
|
||||
*
|
||||
* This section allows for the setting of module specific sizes and
|
||||
* configuration options. The default values are already present in the
|
||||
* relevant header files and should suffice for the regular use cases.
|
||||
* Our advice is to enable POLARSSL_CONFIG_OPTIONS and change values here
|
||||
* only if you have a good reason and know the consequences.
|
||||
*
|
||||
* If POLARSSL_CONFIG_OPTIONS is undefined here the options in the module
|
||||
* header file take precedence.
|
||||
*
|
||||
* Please check the respective header file for documentation on these
|
||||
* parameters (to prevent duplicate documentation).
|
||||
*
|
||||
* Uncomment POLARSSL_CONFIG_OPTIONS to enable using the values defined here.
|
||||
* \{
|
||||
*/
|
||||
//#define POLARSSL_CONFIG_OPTIONS /**< Enable config.h module value configuration */
|
||||
|
||||
#if defined(POLARSSL_CONFIG_OPTIONS)
|
||||
|
||||
// MPI / BIGNUM options
|
||||
//
|
||||
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
|
||||
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
|
||||
|
||||
// CTR_DRBG options
|
||||
//
|
||||
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
|
||||
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
||||
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
||||
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
||||
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
|
||||
|
||||
// Entropy options
|
||||
//
|
||||
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
|
||||
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
|
||||
|
||||
// SSL Cache options
|
||||
//
|
||||
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
|
||||
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
|
||||
|
||||
// SSL options
|
||||
//
|
||||
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
|
||||
|
||||
#endif /* POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
/* \} name */
|
||||
#endif /* config.h */
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
|
@ -41,11 +41,14 @@
|
|||
#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 )
|
||||
#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )
|
||||
/**< The seed length (counter + AES key) */
|
||||
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
|
||||
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
||||
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
||||
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
||||
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
|
||||
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
||||
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
||||
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
|
||||
#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* \brief Entropy accumulator implementation
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
|
@ -40,8 +40,11 @@
|
|||
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
|
||||
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
|
||||
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
|
||||
|
||||
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* \brief SSL/TLS functions.
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
|
@ -123,7 +123,16 @@
|
|||
#define SSL_LEGACY_ALLOW_RENEGOTIATION 1
|
||||
#define SSL_LEGACY_BREAK_HANDSHAKE 2
|
||||
|
||||
#define SSL_MAX_CONTENT_LEN 16384
|
||||
/*
|
||||
* Size of the input / output buffer.
|
||||
* Note: the RFC defines the default size of SSL / TLS messages. If you
|
||||
* change the value here, other clients / servers may not be able to
|
||||
* communicate with you anymore. Only change this value if you control
|
||||
* both sides of the connection and have it reduced at both sides!
|
||||
*/
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
/*
|
||||
* Allow an extra 512 bytes for the record header
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
*
|
||||
* \brief SSL session cache implementation
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
|
@ -29,8 +29,10 @@
|
|||
|
||||
#include "ssl.h"
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
|
||||
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
Loading…
Reference in a new issue