1 #ifndef CONFIG_CRYPTO_H
2 #define CONFIG_CRYPTO_H
6 * Cryptographic configuration
10 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
12 /** RSA public-key algorithm */
13 #define CRYPTO_PUBKEY_RSA
15 /** AES-CBC block cipher */
16 #define CRYPTO_CIPHER_AES_CBC
18 /** MD5 digest algorithm
20 * Note that use of MD5 is implicit when using TLSv1.1 or earlier.
22 #define CRYPTO_DIGEST_MD5
24 /** SHA-1 digest algorithm
26 * Note that use of SHA-1 is implicit when using TLSv1.1 or earlier.
28 #define CRYPTO_DIGEST_SHA1
30 /** SHA-224 digest algorithm */
31 #define CRYPTO_DIGEST_SHA224
33 /** SHA-256 digest algorithm
35 * Note that use of SHA-256 is implicit when using TLSv1.2.
37 #define CRYPTO_DIGEST_SHA256
39 /** SHA-384 digest algorithm */
40 #define CRYPTO_DIGEST_SHA384
42 /** SHA-512 digest algorithm */
43 #define CRYPTO_DIGEST_SHA512
45 /** Margin of error (in seconds) allowed in signed timestamps
47 * We default to allowing a reasonable margin of error: 12 hours to
48 * allow for the local time zone being non-GMT, plus 30 minutes to
49 * allow for general clock drift.
51 #define TIMESTAMP_ERROR_MARGIN ( ( 12 * 60 + 30 ) * 60 )
53 #include <config/named.h>
54 #include NAMED_CONFIG(crypto.h)
55 #include <config/local/crypto.h>
56 #include LOCAL_NAMED_CONFIG(crypto.h)
58 #endif /* CONFIG_CRYPTO_H */