Centralized module option values in config.h

Allow user-defined settings without editing header files by using
POLARSSL_CONFIG_OPTIONS in config.h
(cherry picked from commit 6fa5488779)

Conflicts:
	include/polarssl/config.h
This commit is contained in:
Paul Bakker 2013-06-24 19:31:17 +02:00
parent 28144decef
commit 9bcf16c55d
6 changed files with 84 additions and 10 deletions

View file

@ -3,7 +3,7 @@
* *
* \brief Multi-precision integer library * \brief Multi-precision integer library
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2013, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -65,6 +65,7 @@ typedef UINT64 uint64_t;
*/ */
#define POLARSSL_MPI_MAX_LIMBS 10000 #define POLARSSL_MPI_MAX_LIMBS 10000
#if !defined(POLARSSL_CONFIG_OPTIONS)
/* /*
* Maximum window size used for modular exponentiation. Default: 6 * Maximum window size used for modular exponentiation. Default: 6
* Minimum value: 1. Maximum value: 6. * Minimum value: 1. Maximum value: 6.
@ -84,6 +85,9 @@ typedef UINT64 uint64_t;
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher. * of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher.
*/ */
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */ #define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ #define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
/* /*

View file

@ -3,7 +3,7 @@
* *
* \brief Configuration options (set of defines) * \brief Configuration options (set of defines)
* *
* Copyright (C) 2006-2012, Brainspark B.V. * Copyright (C) 2006-2013, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -1164,6 +1164,59 @@
/* \} name */ /* \} name */
/**
* \name SECTION: Module configuration options
*
* This section allows for the setting of module specific sizes and
* configuration options. The default values are already present in the
* relevant header files and should suffice for the regular use cases.
* Our advice is to enable POLARSSL_CONFIG_OPTIONS and change values here
* only if you have a good reason and know the consequences.
*
* If POLARSSL_CONFIG_OPTIONS is undefined here the options in the module
* header file take precedence.
*
* Please check the respective header file for documentation on these
* parameters (to prevent duplicate documentation).
*
* Uncomment POLARSSL_CONFIG_OPTIONS to enable using the values defined here.
* \{
*/
//#define POLARSSL_CONFIG_OPTIONS /**< Enable config.h module value configuration */
#if defined(POLARSSL_CONFIG_OPTIONS)
// MPI / BIGNUM options
//
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
// CTR_DRBG options
//
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
// Entropy options
//
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
// SSL Cache options
//
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
// SSL options
//
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
#endif /* POLARSSL_CONFIG_OPTIONS */
/* \} name */
/* /*
* Sanity checks on defines and dependencies * Sanity checks on defines and dependencies
*/ */

View file

@ -3,7 +3,7 @@
* *
* \brief CTR_DRBG based on AES-256 (NIST SP 800-90) * \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2013, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -41,11 +41,14 @@
#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 ) #define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 )
#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE ) #define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )
/**< The seed length (counter + AES key) */ /**< The seed length (counter + AES key) */
#if !defined(POLARSSL_CONFIG_OPTIONS)
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */ #define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ #define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ #define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ #define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ #define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */ #define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */ #define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */

View file

@ -3,7 +3,7 @@
* *
* \brief Entropy accumulator implementation * \brief Entropy accumulator implementation
* *
* Copyright (C) 2006-2011, Brainspark B.V. * Copyright (C) 2006-2013, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -40,8 +40,11 @@
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ #define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ #define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
#if !defined(POLARSSL_CONFIG_OPTIONS)
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ #define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ #define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ #define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES #define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES

View file

@ -137,7 +137,16 @@
#define SSL_LEGACY_ALLOW_RENEGOTIATION 1 #define SSL_LEGACY_ALLOW_RENEGOTIATION 1
#define SSL_LEGACY_BREAK_HANDSHAKE 2 #define SSL_LEGACY_BREAK_HANDSHAKE 2
#define SSL_MAX_CONTENT_LEN 16384 /*
* Size of the input / output buffer.
* Note: the RFC defines the default size of SSL / TLS messages. If you
* change the value here, other clients / servers may not be able to
* communicate with you anymore. Only change this value if you control
* both sides of the connection and have it reduced at both sides!
*/
#if !defined(POLARSSL_CONFIG_OPTIONS)
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
#endif /* !POLARSSL_CONFIG_OPTIONS */
/* /*
* Allow an extra 512 bytes for the record header * Allow an extra 512 bytes for the record header

View file

@ -3,7 +3,7 @@
* *
* \brief SSL session cache implementation * \brief SSL session cache implementation
* *
* Copyright (C) 2006-2012, Brainspark B.V. * Copyright (C) 2006-2013, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -29,8 +29,10 @@
#include "ssl.h" #include "ssl.h"
#if !defined(POLARSSL_CONFIG_OPTIONS)
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ #define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ #define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
#endif /* !POLARSSL_CONFIG_OPTIONS */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {