iPXE
crypto.h
Go to the documentation of this file.
00001 #ifndef CONFIG_CRYPTO_H
00002 #define CONFIG_CRYPTO_H
00003 
00004 /** @file
00005  *
00006  * Cryptographic configuration
00007  *
00008  */
00009 
00010 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
00011 
00012 /** RSA public-key algorithm */
00013 #define CRYPTO_PUBKEY_RSA
00014 
00015 /** AES-CBC block cipher */
00016 #define CRYPTO_CIPHER_AES_CBC
00017 
00018 /** MD5 digest algorithm
00019  *
00020  * Note that use of MD5 is implicit when using TLSv1.1 or earlier.
00021  */
00022 #define CRYPTO_DIGEST_MD5
00023 
00024 /** SHA-1 digest algorithm
00025  *
00026  * Note that use of SHA-1 is implicit when using TLSv1.1 or earlier.
00027  */
00028 #define CRYPTO_DIGEST_SHA1
00029 
00030 /** SHA-224 digest algorithm */
00031 #define CRYPTO_DIGEST_SHA224
00032 
00033 /** SHA-256 digest algorithm
00034  *
00035  * Note that use of SHA-256 is implicit when using TLSv1.2.
00036  */
00037 #define CRYPTO_DIGEST_SHA256
00038 
00039 /** SHA-384 digest algorithm */
00040 #define CRYPTO_DIGEST_SHA384
00041 
00042 /** SHA-512 digest algorithm */
00043 #define CRYPTO_DIGEST_SHA512
00044 
00045 /** Margin of error (in seconds) allowed in signed timestamps
00046  *
00047  * We default to allowing a reasonable margin of error: 12 hours to
00048  * allow for the local time zone being non-GMT, plus 30 minutes to
00049  * allow for general clock drift.
00050  */
00051 #define TIMESTAMP_ERROR_MARGIN ( ( 12 * 60 + 30 ) * 60 )
00052 
00053 /** Default cross-signed certificate source
00054  *
00055  * This is the default location from which iPXE will attempt to
00056  * download cross-signed certificates in order to complete a
00057  * certificate chain.
00058  */
00059 #define CROSSCERT "http://ca.ipxe.org/auto"
00060 
00061 #include <config/named.h>
00062 #include NAMED_CONFIG(crypto.h)
00063 #include <config/local/crypto.h>
00064 #include LOCAL_NAMED_CONFIG(crypto.h)
00065 
00066 #endif /* CONFIG_CRYPTO_H */