TrustCore SDK NanoCrypto API reference  version 7.0
Compilation Flags

This page lists the compilation flags (compiler directives) that may be used to customize DigiCert® TrustCore SDK.

TrustCore SDK code may be easily customized by defining compilation flags. For example, the memory footprint may be reduced by defining compilation flags to disable products or features that are not running, which removes those products' code from the resultant executable. Similarly, debug flags may be undefined, which also serves to increase execution speed.

These compilation flags also enable easy porting of TrustCore SDK code to any operating system. For additional guidance on defining flags for common tasks, refer DigiCert® NanoCrypto documentation.

Note
In addition to the documented flags, TrustCore SDK reserves the right to use undocumented compile-time flags (named with a prefix of __DISABLE_MOCANA_ or __ENABLE_MOCANA_) for internal development and testing. Do not define such flags in your implementation because the results may be unexpected.

The following table describes the set of compilation flags, presented in alphabetical order:

Flag Description
__3DES_HARDWARE_CIPHER__ Turns on hardware 3DES support (and disables corresponding software).
__AES_HARDWARE_CIPHER__ Turns on hardware AES support (and disables corresponding software).
__ARC2_HARDWARE_CIPHER__ Turns on hardware ARC2 support (and disables corresponding software).
__ARC4_HARDWARE_CIPHER__ Turns on hardware ARC4 support (and disables corresponding software).
__ASM_386__ Turns on assembly language optimizations for Intel x86 processors using Microsoft compilers.
__ASM_386_GCC__ Turns on assembly language optimizations for Intel x86 processors using GCC compilers.
__ASM_ARM__ Turns on assembly language optimizations for ARM processors. (This flag replaces the older __ASM_ARM7__ flag.)
__ASM_COLDFIRE_DIABDATA__ Turns on assembly language optimizations for Freescale Coldfire processors using the DiabData compiler.
__ASM_H8S__ Turns on assembly language optimizations for Hitachi/Renasas H8S processors.
__ASM_M68K_CROSSCODE__ Turns on assembly language optimizations for Motorola/Freescale 68K series processors.
__ASM_MIPS__ Turns on assembly language optimizations for MIPS processors.
__ASM_PPC__ Turns on assembly language optimizations for PowerPC processors. If your PowerPC has an Altivec unit, be sure to use the correct flags for the compiler to enable using the Altivec unit; for example, -maltivec for the GCC compiler.
__ATMOS_RTOS__ Enables ATM operating system support.
__ATMOS_TCP__ Abstraction layer flag that enables ATM operating system support.
__CYGWIN_RTOS__ Enables Cygwin operating system support.
__CYGWIN_TCP__ Abstraction layer flag that enables Cygwin operating system support.
__DES_HARDWARE_CIPHER__ Turns on hardware DES support (and disables corresponding software).
__DISABLE_3DES_CIPHERS__ Disables 3DES cipher suite support (both hardware and software).
__DISABLE_AES_CIPHERS__ Disables AES cipher suite support (both hardware and software).
__DISABLE_AES128_CIPHER__ Disables AES 128-bit keys cipher suite support (both hardware and software).
__DISABLE_AES192_CIPHER__ Disables AES 192-bit keys cipher suite support (both hardware and software).
__DISABLE_AES256_CIPHER__ Disables AES 256-bit keys cipher suite support (both hardware and software).
__DISABLE_ARC4_CIPHERS__ Disables ARC-4 cipher suite support (both hardware and software).
__DISABLE_CERT_VALIDATE_TIME__ Disables certificate expiration checks if calendar clock is not available.
__DEBUG_* (Recommended to leave undefined) Enables debug information for TrustCore SDK support.
__DISABLE_IPSEC_TUNNEL_MODE__ (Default = defined/enabled) Enables IPsec tunnel mode, which is used for IPsec VPN support.
__DISABLE_MOCANA_ADD_ENTROPY__ Disables TrustCore SDK functions that allow system entropy (random data) to update the random number generator. If you're using your own random number generator, you can define this flag.
__DISABLE_MOCANA_CERTIFICATE_GENERATION__ Disables TrustCore SDK certificate generation code. If you define this flag, you should also define the __DISABLE_MOCANA_RSA_SIGN__ flag.
__DISABLE_MOCANA_CERTIFICATE_PARSING__ Disables TrustCore SDK certificate parsing code. If you're using IKE, this flag should not be defined. If you define this flag, you should also define the __DISABLE_MOCANA_RSA_SIGN__ flag.
__DISABLE_MOCANA_ECC__ Disables elliptical curve cryptography — a very fast asymmetrical crypto algorithm for key exchanges and authentication.
__DISABLE_MOCANA_ECC_P256__ Disables ECC P-256 primes. Define for Suite B cipher support.
__DISABLE_MOCANA_ECC_P384__ Disables ECC P-384 primes. Define for Suite B cipher support.
__DISABLE_MOCANA_ECC_P521__ Disables ECC P-521 primes. Define for Suite B cipher support.
__DISABLE_MOCANA_ECC_P192__ Disables ECC P-192 primes. Define for Suite B cipher support.
__DISABLE_MOCANA_ECC_P224__ Disables ECC P-224 primes. Define for Suite B cipher support.
__DISABLE_MOCANA_ECDH__ Disables Elliptic Curve Diffie-Hellman cipher suite support.
__DISABLE_MOCANA_FILE_SYSTEM_HELPER__ Disables TrustCore SDK ANSI file system helper functions, such as MOCANA_readFile and MOCANA_writeFile.
__DISABLE_MOCANA_IKE_EAP__ Disables EAP methods when both IKE and EAP are enabled.
__DISABLE_MOCANA_INIT__ Disables TrustCore SDK common initialization and de-initialization code (in common/mocana.c).
__DISABLE_MOCANA_KEY_GENERATION__ Disables TrustCore SDK key generation code.
__DISABLE_MOCANA_MAIN_FUNC_ENTRY__ Disables the main function in the TrustCore SDK example code, allowing operation on embedded systems (as opposed to Linux-based desktop systems).
__DISABLE_MOCANA_MODEXP_SLIDING_WINDOW__ Disables memory-intensive (but faster executing) algorithm for calculating MOD exponents. The result is less memory use and slower calculations.
__DISABLE_MOCANA_PRIME_TEST__ Disables TrustCore SDK prime test code used to verify whether a number is prime. (If it's left enabled, and hardware prime test support is enabled, then the hardware can use the TrustCore SDK prime test code.)
__DISABLE_MOCANA_RAND_ENTROPY_THREADS__ Disables TrustCore SDK entropy threads; initialization of the random number seed is still performed.
__DISABLE_MOCANA_RAND_SEED__ Disables TrustCore SDK entropy threads and initialization of random number seed.
__DISABLE_MOCANA_RNG__ Disables TrustCore SDK default random number generator (in random.c). If you define this flag, you must provide your own random number generator factory that is API compatible with TrustCore SDK's random number generator.
__DISABLE_MOCANA_RSA_DECRYPTION__ Disables RSA decryption support.
__DISABLE_MOCANA_RSA_SIGN__ Disables TrustCore SDK certificate signing code. If you've disabled TrustCore SDK certificate code (by defining the __DISABLE_MOCANA_CERTIFICATE_GENERATION__ or __DISABLE_MOCANA_CERTIFICATE_PARSING__ flags), it's safe to define this flag.
__DISABLE_MOCANA_RSA_VERIFY__ Disables TrustCore SDK RSA signature verification code. If you're running SSL client but not SSL server, define this flag to disable mutual authentication.
__DISABLE_MOCANA_SHA256__ Disables SHA256 cipher support (both hardware and software).
__DISABLE_MOCANA_SHA512__ Disables SHA512 cipher support (both hardware and software).
__DISABLE_MOCANA_SSH_COMMON_NAME_CHECK__ (Not recommended) Disables common name validation during SSH handshaking.
__DISABLE_MOCANA_SSH_RSA_KEY_EXCHANGE__ Disables RSA support for SSH key exchange.
__DISABLE_MOCANA_SSL_COMMON_NAME_CHECK__ (Not recommended) Disables common name validation during SSL handshaking.
__DISABLE_MOCANA_STARTUP_GUARD__ Disables TrustCore SDK initialization code guard, which ignores subsequent calls to MOCANA_initTrustCore SDK().
__DISABLE_NULL_MD5_CIPHER__ Disables SSL NULL MD5 cipher suite support.
__DISABLE_OPEN_SSH_AES_GCM__ Disables the aes128-gcm@openssh.com and aes256-gcm@openssh.com ciphers.
__DISABLE_SSL_GET_SOCKET_API__ Disables function that retrieves an original socket ID for a connection instance.
__DISABLE_SSL_IOCTL_API__ Disables the IOCTL function, which sets the version number (SSLv3 or TLS 1.0) to use for connection.
__DISABLE_SSL_IS_SESSION_API__ Disables function that verifies whether a given connection instance is for a given SSL session.
__DISABLE_SSL_SESSION_FLAGS_API__ Disables functions that set SSL flags (in ssl.h).
__DP_USE_WPCAP__ (WPA2 only) For TrustCore SDK internal use to enable the Windows XP packet capture library for lower-layer communications; must be defined to enable pre-authentication. If you define this flag, you must not define the __XP_NDIS_5_1__ flag.
__ENABLE_ALL_DEBUGGING__ Displays extensive debug information from all TrustCore SDK modules to the debug console.
__ENABLE_2KEY_3DES_CIPHER__ Enables 3DES with 2 keys cipher suite support.
__ENABLE_BCM582x_HARDWARE_ACCEL__ Enables hardware accelerator support for the Broadcomm 582x chipset.
__ENABLE_BLOWFISH_CIPHERS__ (Default = undefined/disabled) Enables Blowfish cipher suite support.
__ENABLE_DES_CIPHER__ (Default = undefined/disabled) Enables DES cipher suite support. This is disabled by default because it's a weak cipher; however, 3DES is enabled by default.
__ENABLE_FREESCALE_8248_HARDWARE_ACCEL__ Enables hardware accelerator support for the Freescale 8248 chipset.
__ENABLE_FREESCALE_875_HARDWARE_ACCEL__ Enables hardware accelerator support for the Freescale 875 chipset.
__ENABLE_HARDWARE_ACCEL_ASYNC_CRYPTO__ Enables asynchronous hardware accelerator support.
__ENABLE_HARDWARE_ACCEL_SYNC_CRYPTO__ Enables synchronous hardware accelerator support.
__ENABLE_IKE_AGGRESSIVE_MODE__ Enables IKE aggressive mode for key exchanges.
__ENABLE_IKE_CP__ Enables IKE configuration payload; typically used when implementing a VPN client or server.
__ENABLE_IKE_FRAGMENTATION__ Enables IKE [v1] fragmentation.
__ENABLE_IKE_MODE_CFG__ Enables support for the ISAKMP configuration method (draft-dukes-ike-mode-cfg-02.txt).
__ENABLE_IKE_REDIRECT__ Enables the redirect mechanism for IKEv2 to redirect the VPN client to another gateway.
__ENABLE_IKE_SIG_AUTH_RFC7427__ Enables support for RFC 7427 (Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)).
__ENABLE_IKE_XAUTH__ Enables IKE XAUTH; typically used when implementing a VPN client or server.
__ENABLE_IPSEC_COOKIE__ Enables IPsec Cookie support, which allows customized filtering, such as VLAN ID, for IPsec security policies.
__ENABLE_IPSEC_ESN__ Enables support for RFC 4304 (Extended Sequence Number to IPsecDOI for ISAKMP).
__ENABLE_IPSEC_FRAGMENTATION__ Enables TrustCore SDK IP fragmentation reassembly code. Do not define this if you do not want to use TrustCore SDK fragmentation code; for example, if you have your own fragmentation code.
__ENABLE_IPSEC_NAT_T__ Enables IPsec NAT-Traversal.
__ENABLE_IPSEC_NULL_TUNNEL__ Enables IPsec tunnels with NULL encryption and no authorization.
__ENABLE_IPSEC_OCSP_EXT__ Enables support for RFC 4806 (Online Certificate Status Protocol (OCSP) Extensions to IKEv2).
__ENABLE_IPSEC_PORT_RANGE__ Enables you to specify a range of ports in the SPD (security policy database). If you do not define this flag, you can specify only a single port value (which does include specifying 0 for all ports).
__ENABLE_LOOKUP_TABLE__ Enables retrieval of C-string error messages corresponding to error codes.
__ENABLE_MOCANA_64_BIT__ (Products using TrustCore SDK cryptography) Enables support for 64-bit processors (x86_64: Intel, AMD, and PowerPC), thereby improving performance for 64-bit executables.
__ENABLE_MOCANA_AEAD_CIPHER__ Enables AEAD (Authenticated Encryption with Associated Data) cipher mode.
__ENABLE_MOCANA_BASIC_TYPES_OVERRIDE__ Disables TrustCore SDK default typedefs, allowing custom typedefs to be defined in moptions.h.
__ENABLE_MOCANA_CERTIFICATE_SEARCH_SUPPORT__ Enables search support for certificate attributes such as serial number and CRL.
__ENABLE_MOCANA_CMP_CLIENT__ Enables TrustCore SDK CMP client.
__ENABLE_MOCANA_CMP_CLIENT_EXAMPLE__ Enables TrustCore SDK CMP client example code.
__ENABLE_MOCANA_CMS__ Enables streaming CMS support.
__ENABLE_MOCANA_DEBUG_CONSOLE__ Enables the TrustCore SDK debug console, which logs debugging information to stdout or (if __MOCANA_DUMP_CONSOLE_TO_STDOUT__ is not defined) to a telnet port.
__ENABLE_MOCANA_DEBUG_MEMORY__ Enables the TrustCore SDK memory leak debugger, which detects memory leaks, double frees, and other memory issues. File and line numbers for every call to malloc and free are recorded.
__ENABLE_MOCANA_DER_CONVERSION__ Enables TrustCore SDK's DER file support. Allows reading public and private key data from an OpenSSL DER file.
__ENABLE_MOCANA_DSA__ Enables TrustCore SDK digital signature algorithm code. This flag must be defined to enable SSH DSA support (as configured by the __ENABLE_MOCANA_SSH_DSA_SUPPORT__ flag).
__ENABLE_MOCANA_DTLS_CLIENT__ Enables TrustCore SDK DTLS (asynchronous) client.
__ENABLE_MOCANA_DTLS_SERVER__ Enables TrustCore SDK DTLS (asynchronous) server.
__ENABLE_MOCANA_EAP_AUTH__ Enables the EAP-AUTH method.
__ENABLE_MOCANA_EAP_FAST__ Enables the EAP-FAST method.
__ENABLE_MOCANA_EAP_GTC__ Enables the EAP-GTC method.
__ENABLE_MOCANA_EAP_LEAP__ Enables the EAP-LEAP method.
__ENABLE_MOCANA_EAP_MD5__ Enables the EAP-MD5 method.
__ENABLE_MOCANA_EAP_MSCHAPv2__ Enables the EAP-MS-CHAP-V2 method.
__ENABLE_MOCANA_EAP_PEAP__ Enables the EAP-PEAP method.
__ENABLE_MOCANA_EAP_PEAPV2__ Enables the EAP-PEAPV2 method.
__ENABLE_MOCANA_EAP_PEER__ Enables TrustCore SDK EAP client (which functions as the peer/supplicant).
__ENABLE_MOCANA_EAP_PSK__ Enables the EAP-PSK method.
__ENABLE_MOCANA_EAP_RADIUS__ Enables the EAP-RADIUS method.
__ENABLE_MOCANA_EAP_SIM__ Enables the EAP-SIM method.
__ENABLE_MOCANA_EAP_SIM_PEER__ (Test use only) Enables the EAP-SIM 802.1x client.
__ENABLE_MOCANA_EAP_SRP__ Enables the EAP-SRP method.
__ENABLE_MOCANA_EAP_TLS__ Enables the EAP-TLS method. If you enable EAP-TLS, you must also define the __ENABLE_MOCANA_SSL_ASYNC_API_EXTENSIONS__ flag.
__ENABLE_MOCANA_EAP_TTLS__ Enables the EAP-TTLS method.
__ENABLE_MOCANA_EAPOL__ (Test use only) Enables EAP over LAN support.
__ENABLE_MOCANA_ECC__ Enables elliptical curve cryptography — a very fast asymmetrical crypto algorithm for key exchanges and authentication. Define for Suite B cipher support.
__ENABLE_MOCANA_EST_CLIENT__ Enables TrustCore SDK EST protocol client code.
__ENABLE_MOCANA_EXAMPLES__ Enables TrustCore SDK example code.
__ENABLE_MOCANA_EXAMPLE_SSH_RADIUS_PASSWORD_AUTH__ Enables example code for using RADIUS Client with SSH server.
__ENABLE_MOCANA_EXTRACT_CERT_BLOB__ Enables bit (raw data) access to a certificate's subject or issuer data.
__ENABLE_MOCANA_FAST_PRIME_SEARCH__ Enables the use of a larger table for prime searches, which increases speed but also increases the memory footprint.
__ENABLE_MOCANA_FAST_RAND__ Enables random number generator initialization even if entropy threads are disabled; also enables an additional round of entropy generation.
__ENABLE_MOCANA_FIREWALL__ Enables TrustCore SDK NanoWall.
__ENABLE_MOCANA_FW_INBOUND_FLOW__ Enables NanoWall INBOUND TCP flow.
__ENABLE_MOCANA_GCM__ Enables GCM (Galois/Counter Mode) symmetric key ciphers. Define for Suite B cipher support.
__ENABLE_MOCANA_GCM_64K__ Enables GCM 64 KB table size cipher.
__ENABLE_MOCANA_GCM_4K__ Enables GCM 4 KB table size cipher.
__ENABLE_MOCANA_GCM_256B__ Enables GCM 256 KB table size cipher.
__ENABLE_MOCANA_HARDWARE_CRYPTO_ACCEL__ Enables TrustCore SDK hardware acceleration support, which allows the hardware acceleration to be initialized when MOCANA_initTrustCore SDK() is called.
__ENABLE_MOCANA_HARNESS__ Enables TrustCore SDK acceleration harness for hardware offload, improving performance.
__ENABLE_MOCANA_HARNESS_MEMORY_DEBUG__ (For development use only) Enables the TrustCore SDK harness memory tracker, which confirms that memory allocation takes place on the hardware offload target.
__ENABLE_MOCANA_HW_SECURITY_MODULE__ Enables the TrustCore SDK secmod abstraction layer.
__ENABLE_MOCANA_HTTP_CLIENT__ Enables TrustCore SDK HTTP client.
__ENABLE_MOCANA_HTTP_CLIENT_EXAMPLE__ Enables TrustCore SDK HTTP client example code.
__ENABLE_MOCANA_HTTPCC_CLIENT__ Enables TrustCore SDK HTTPCC client.
__ENABLE_MOCANA_HTTPCC_SERVER__ Enables TrustCore SDK HTTPCC server.
__ENABLE_MOCANA_IKE_SERVER__ Enables TrustCore SDK IKE server/peer code.
__ENABLE_MOCANA_INNER_APP__ Enables TTLSv1 support. (TTLsv1 uses the SSL inner application payload.)
__ENABLE_MOCANA_IPSEC_SERVICE__ Enables TrustCore SDK IPsec stack.
__ENABLE_MOCANA_IPV6__ Enables TrustCore SDK IPv6 support.
__ENABLE_MOCANA_KEY_UTILS__ Enables TrustCore SDK key utilities function support.
__ENABLE_MOCANA_LDAP_CLIENT__ Enables TrustCore SDK LDAP client.
__ENABLE_MOCANA_LDAP_TLS_EXTENSION__ Enables secure LDAP client (LDAP with TLS stack).
__ENABLE_MOCANA_LEAP__ Enables the EAP-LEAP method.
__ENABLE_MOCANA_MEM_PART__ Enables TrustCore SDK memory partition code.
__ENABLE_MOCANA_MEM_PART_MUTEX__ Enables race condition prevention in synchronous applications; not necessary for asynchronous applications.
__ENABLE_MOCANA_MULTIPLE_COMMON_NAMES Enables accessing all a certificate's common names. If disabled, only the certificate's first common name is accessible.
__ENABLE_MOCANA_NETWORK_TYPES_OVERRIDE__ Enables redefinition of the IP address data type (by default, an unsigned long).
__ENABLE_MOCANA_OCSP_CLIENT__ Enables TrustCore SDK OCSP client. If you define this flag, you should also define the __ENABLE_MOCANA_HTTP_CLIENT__ flag.
__ENABLE_MOCANA_PEM_CONVERSION__ Enables code that allows OpenSSH and OpenSSL PEM files to be used.
__ENABLE_MOCANA_PFKEY__ Enables IKE PF_KEY functionality.
__ENABLE_MOCANA_PKCS5__ Enables code to support PKCS #5 — key strengthened key derivation functions using an input password or passphrase and a salt value.
__ENABLE_MOCANA_PKCS7__ Enables code to support PKCS #7 — a standard for signing and encrypting messages, as well as certificate dissemination.
__ENABLE_MOCANA_PKCS8__ Enables code to support PKCS #8 — a syntax for private-key information.
__ENABLE_MOCANA_PKCS10__ Enables code to support PKCS #10 — a standard for a certificate authority to upgrade a self-signed certificate to one signed by a certificate authority.
__ENABLE_MOCANA_PKCS12__ Enables code to support PKCS #12 — a file format for password-based symmetric key certificate protection.
__ENABLE_MOCANA_PKI_CLIENT__ Enables TrustCore SDK NanoCert LTE PKI client.
__ENABLE_MOCANA_PKI_CLIENT_BACKROUND__ Sets up the PKI client for background processing.
__ENABLE_MOCANA_PKI_CLIENT_FOREROUND__ Sets up the PKI client for foreground processing.
__ENABLE_MOCANA_PKI_CLIENT_EXAMPLE__ Enables PKI client example code.
__ENABLE_MOCANA_PROPAGATING_FIREWALL__ For future use.
__ENABLE_MOCANA_RADIUS_CLIENT__ Enables TrustCore SDK RADIUS client.
__ENABLE_MOCANA_RNG_DRBG_CTR__ Enables the CTR based NIST Random Number Generator (RNG).
__ENABLE_MOCANA_RNG_DRBG_ECC__ Enables the ECC based NIST Random Number Generator (RNG).
__ENABLE_MOCANA_SCEPCC_SERVER__ Enables TrustCore SDK SCEP server connection concentrator.
__ENABLE_MOCANA_SCEP_CLIENT__ Enables TrustCore SDK SCEP client. If you define this flag, you should also define the __ENABLE_MOCANA_HTTP_CLIENT__ flag.
__ENABLE_MOCANA_SEC_BOOT__ Enables the TrustCore SDK NanoBoot security verification program.
__ENABLE_MOCANA_SIGN_BOOT__ Enables the TrustCore SDK NanoBoot signing program.
__ENABLE_MOCANA_SMALL_CODE_FOOTPRINT__ Reduces the size of the executable, at the expense of execution speed. Depending on which products are included and which options are enabled, defining this flag may reduce heap and stack requirements.
__ENABLE_MOCANA_SMP__ Enables SMP features in NanoTAP.
__ENABLE_MOCANA_SRTP__ Enables TrustCore SDK NanoSRTP.
__ENABLE_MOCANA_SRTP_DTLS_EXAMPLE__ Enables DTLS-SRTP example code.
__ENABLE_MOCANA_SRTP_POLICY_STRING_DATA__ Enables retrieving a string representation of an SRTP session's security policies.
__ENABLE_MOCANA_SSH_ASYNC_SERVER_API__ Enables TrustCore SDK SSH asynchronous server.
__ENABLE_MOCANA_SSH_AUTH_BANNER__ Enables TrustCore SDK SSH display banner support for the client.
__ENABLE_MOCANA_SSH_CHANNEL_ID_DEBUG__ Enables inclusion of channel Id in NanoSSH (client and server) debug and log messages.
__ENABLE_MOCANA_SSH_CLIENT__ Enables TrustCore SDK SSH synchronous client.
__ENABLE_MOCANA_SSH_DSA_SUPPORT__ Enables DSA use by TrustCore SDK SSH. This flag has no effect unless both the following flags are also defined: __ENABLE_MOCANA_SSH_SERVER__ and __ENABLE_MOCANA_DSA__.
__ENABLE_MOCANA_SSH_FTP_CLIENT__ Enables TrustCore SDK SSH SFTP client.
__ENABLE_MOCANA_SSH_FTP_SERVER__ Enables TrustCore SDK SSH SFTP server.
__ENABLE_MOCANA_SSH_MAX_SESSION_TIME_LIMIT__ Enables configuring a maximum user session time, after which the user is automatically logged out (regardless of whether the session is active or idle).
__ENABLE_MOCANA_SSH_OLD_DSA_CONVERSION__ Enables converting key blobs from Embedded SSH versions 1.4 and earlier to version 2.02 and later. (The 2.02 format adds RSA and ECC keys.)
__ENABLE_MOCANA_SSH_PING__ Enables TrustCore SDK SSH connection pings.
__ENABLE_MOCANA_SSH_PORT_FORWARDING__ Enables TrustCore SDK SSH server support for port forwarding. (TrustCore SDK SSH client does not support port forwarding.)
__ENABLE_MOCANA_SSH_RADIUS_PASSWORD_AUTH_API__ For future use.
__ENABLE_MOCANA_SSH_RSA_SUPPORT__ Enables RSA use by TrustCore SDK SSH.
__ENABLE_MOCANA_SSH_SCP_SERVER__ Should not be defined.
__ENABLE_MOCANA_SSH_SENDER_RECV__ Enables deadlock prevention by allowing the SSH server to receive the SSH client Acks for the smaller blocks already sent.
__ENABLE_MOCANA_SSH_SERVER__ Enables TrustCore SDK SSH synchronous server code. (Note that this is distinct from the __USE_MOCANA_SSH_SERVER__ flag, which enables TrustCore SDK's SSH daemon for handling accepts and spawning threads for servicing requests.)
__ENABLE_MOCANA_SSH_STREAM_API__ Enables TrustCore SDK SSH Stream API support, which allows data to be streamed rather than delivered as an entire message.
__ENABLE_MOCANA_SSH_X509V3_SIGN_SUPPORT__ Enables SSH certificate support.
__ENABLE_MOCANA_SSH_X509V3_RFC_6187_SUPPORT__ Enables SSH RFC 6187 support.
__ENABLE_MOCANA_SSL_ALERTS__ Enables SSL/TLS alert support. Required for EAP-TLS, EAP-PEAP, EAP-FAST, and EAP-TTLS methods.
__ENABLE_MOCANA_SSL_ANON_SUPPORT__ (SSL only) Enables Anonymous Diffie-Hellman cipher suite support.
__ENABLE_MOCANA_SSL_ASYNC_API_EXTENSIONS__ Enables copy-less receive buffer processing. This flag must be defined if EAP-TLS is enabled (by defining the __ENABLE_MOCANA_EAP_TLS__ flag).
__ENABLE_MOCANA_SSL_ASYNC_CLIENT_API__ Enables TrustCore SDK SSL asynchronous client.
__ENABLE_MOCANA_SSL_ASYNC_SERVER_API__ Enables TrustCore SDK SSL asynchronous server.
__ENABLE_MOCANA_SSL_CIPHER_SUITES_SELECT__ Enables dynamic cipher suite selection through a user callback in the SSL Server.
__ENABLE_MOCANA_SSL_CLIENT__ Enables TrustCore SDK SSL synchronous client code.
__ENABLE_MOCANA_SSL_DH_ANON_SUPPORT__ Enables SSL Diffie-Hellman Anonymous cipher suite support.
__ENABLE_MOCANA_SSL_DHE_SUPPORT__ Enables SSL Diffie-Hellman Ephemeral cipher suite support.
__ENABLE_MOCANA_SSL_DUAL_MODE_API__ Enables simultaneous synchronous and asynchronous operation (client or server).
__ENABLE_MOCANA_SSL_ECDH_ANON_SUPPORT__ Enables Anonymous Elliptic Curve Diffie-Hellman cipher suite support in SSL products.
__ENABLE_MOCANA_SSL_ECDH_SUPPORT__ Enables Elliptic Curve Diffie-Hellman cipher suite support in SSL products.
__ENABLE_MOCANA_SSL_ECDHE_SUPPORT__ Enables Ephemeral Elliptic Curve Diffie-Hellman cipher suite support in SSL products.
__ENABLE_MOCANA_SSL_MUTUAL_AUTH_CERT_SINGLE_ONLY__ Enables authentication using only a single certificate (instead of a certificate chain).
__ENABLE_MOCANA_SSL_MUTUAL_AUTH_SUPPORT__ Enables SSL mutual authentication; can be set for NanoSSH client or server. This flag must be defined to enable setting the SSL_FLAG_REQUIRE_MUTUAL_AUTH runtime flag.
__ENABLE_MOCANA_SSL_NEW_HANDSHAKE__ Enables the callback to be activated when a peer that's already successfully performed handshaking asks again.
__ENABLE_MOCANA_SSL_REHANDSHAKE__ Enables the SSL Rehandshake feature.
__ENABLE_MOCANA_SSL_PSK_SUPPORT__ Enables SSL Pre-shared Key support.
__ENABLE_MOCANA_SSL_SERVER__ Enables TrustCore SDK SSL synchronous server code.
__ENABLE_MOCANA_SUPPORT_FOR_NATIVE_STDLIB__ Disables TrustCore SDK standard library functions and enables your native stdlib() functions, such as memcpy() and memcmp().
__ENABLE_MOCANA_TAP__ Enables the NanoTAP module.
__ENABLE_MOCANA_TPM__ Enables support for TPM 1.2 chips under the TrustCore SDK secmod abstraction layer. This flag also requires __ENABLE_MOCANA_HW_SECURITY_MODULE__ to be set.
__ENABLE_MOCANA_TPM2__ Enables the TPM 2.0 SMP features in NanoTAP.
__ENABLE_MOCANA_UMP__ Enables TrustCore SDK Secure Firmware Update (update-message processor).
__ENABLE_MOCANA_URI__ (SCEP client example code and CMP code only) Enables code to support parsing and constructing URIs.
__ENABLE_MOCANA_VERIFY_RSA_SIGNATURE__ Enables a self-test (internal to the TrustCore SDK certificate code) to ensure that the signature can be verified via CRT (Chinese remainder theorem); if the self-test shows that the signature can't be verified via CRT, then the long algorithm will be used.
__ENABLE_MOCANA_WPA2__ Enables TrustCore SDK WPA2.
__ENABLE_MOCANA_WPA2_SUITE_B__ Enables Suite-B compliant connection, access points, and other Suite-B specific features for TrustCore SDK WPA2.
__ENABLE_MOCANA_WPA2_ROAMING__ Enables software based roaming when the driver/hardware lacks roaming capability.
__ENABLE_MOCANA_WPA2_WEXT__ Required on Linux platforms (in addition to __RTOS_LINUX__) when using WEXT (Wireless extension) to manage the WLAN driver.
__ENABLE_MOCTPM_ESTC__ Enables the EST client; needed for the shim.
__ENABLE_MW_ASM__ Enables MetroWerks assembly language optimizations.
__ENABLE_MW_PROFILER__ Enables MetroWerks profiler optimizations.
__ENABLE_NIL_CIPHER__ Enables SSL NULL cipher suite support.
__ENABLE_RFC3546__ Enables TLS extensions support (as defined by RFC 3546), which is required for elliptic curve ciphers and EAP.
__ENABLE_RFC3576__ Enables RADIUS extensions for CoA (change of authorization) support.
__ENABLE_SSH_VERSION1_SUPPORT__ Enables the coexistence of an SSHv1 stack with the TrustCore SDK SSHv2 stack. (SSHv1 should not be used alone.)
__ENABLE_SSL_DYNAMIC_CERTIFICATE__ Enables your application to dynamically select (through a user callback) which certificate to use for the given SSL server.
__ENABLE_SSL_TO_REMOTE_TPM__ Specifies to use SSL for remote connections instead of TCP.
__ENABLE_TAP_REMOTE__ Enables remote support for a NanoTAP client-server build. Without this flag, NanoTAP is built in local-only mode.
__ENABLE_TLSEXT_RFC6066__ Enables support in the SSL API for the RFC 6066 extentsions: Server Name Indication (SNI) and Certificate Status (OCSP stapling). For more information, see the descriptions for: SSL_setCertifcateStatusRequestExtensions(), SSL_setOcspResponderUrl(), and SSL_setSNI().
__ENABLE_UNICODE__ Enables Unicode support for password entry in the secmod abstraction layer.
__ENABLE_VXWORKS_PIPE_EXAMPLE__ Enables example code for the SSH server to use VxWorks pipes.
__ENABLE_VXWORKS_SOCKET_EXAMPLE__ Enables example code for the SSH server to use VxWorks sockets.
__ERROR_LOOKUP_TABLE__ For TrustCore SDK internal use for displaying error messages; do not define.
__FAST_DSA_KEY_GENERATION__ Enables faster, but less secure, DSA key generation. If defined, __VERIFY_DSA_KEY_GENERATION__ is automatically defined.
__FUSION_TCP__ Abstraction layer flag enabling Fusion operating system support.
__FUSION_TCP_API_7_DOT_1__ Abstraction layer flag that enables Fusion 7.1 operating system support.
__HMAC_MD5_HARDWARE_HASH__ Enables hardware support for HMAC MD5.
__HMAC_SHA1_HARDWARE_HASH__ Enables hardware support for HMAC SHA1.
__IKE_MULTI_HOMING__ Enables IKE multihoming applications.
__INCREMENTAL_DSA_KEYGEN__ Enables a small speed increase for DSA key generation, with no security weakness (unlike key generation with the __FAST_DSA_KEY_GENERATION__ flag defined).
__LINUX_RTOS__ Enables Linux operating system support.
__LINUX_TCP__ Abstraction layer flag that enables Linux operating system support.
__LINUX_UDP__ Abstraction layer flag that enables Linux operating system support.
__MD5_HARDWARE_HASH__ Enables hardware support for MD5.
__MD5_ONE_STEP_HARDWARE_HASH__ Enables hardware support for one-step MD5 operations.
__MOCANA_DISABLE_CERT_TIME_VERIFY__ Disables the certificate verification code from checking the certificate's expiration date.
__MOCANA_DUMP_CONSOLE_TO_STDOUT__ Sends enabled debug messages to stdout. (When this flag is defined, the __MOCANA_DUMP_CONSOLE_TO_STDOUT__ setting is ignored).
__MOCANA_ENABLE_LONG_LONG__ Enables optimization of big integer math code. (Whether this results in faster code execution depends on your CPU.)
__MOCANA_FORCE_ENTROPY__ If enabled, calls the function MOCANA_addExternalEntropy from the function MOCANA_initTrustCore SDK to add entropy from an external source (/dev/random on Linux). In addition,\ DISABLE_MOCANA_ADD_ENTROPY must not be defined.
__MQX_RTOS__ Enables MQX operating system support.
__NATIVE_INT64__ (Recommended to leave undefined; SHA-512 only) Redefines integer sizes.
__NETBURNER_RTOS__ Enables NetBurner operating system support.
__NNOS_RTOS__ Enables NNOS operating system support.
__NNOS_TCP__ Abstraction layer flag that enables NNOS operating system support.
__NO_CATL_SHIM__ Specifies to not use the TrustCore SDK EST shim for AIKs. The EST shim handles AIK certificate requests until a CA exists to implement the TCG-defined identity proof request.
__NO_SELF_SIGNED_CERTIFICATES__ Prevents SSL clients and servers from using self-signed certificates to authenticate themselves.
__NUCLEUS_RTOS__ Enables Nucleus operating system support.
__NUCLEUS_TCP__ Abstraction layer flag that enables Nucleus operating system support.
__OSE_RTOS__ Enables OSE operating system support.
__OSE_TCP__ Abstraction layer flag that enables OSE operating system support.
__OSX_RTOS__ Enables OS X operating system support.
__OSX_TCP__ Abstraction layer flag that enables OS X operating system support.
__OSX_UDP__ Abstraction layer flag that enables OS X operating system support.
__PLATFORM_HAS_GETOPT__ Facilitates parsing command-line tokens. Define for operating systems that provide a getopt function (such as Linux); otherwise leave undefined, in which case the Nano code will perform rudimentary command-line parsing to attempt to extract the arguments.
__PRIME_GEN_HARDWARE__ Enables hardware acceleration chip support for prime number generation.
__PSOS_RTOS__ Enables pSOS operating system support.
__PSOS_TCP__ Abstraction layer flag that enables pSOS operating system support.
__PSOS_UDP__ Abstraction layer flag that enables pSOS operating system support.
__RSA_HARDWARE_ACCELERATOR__ Enables hardware support for RSA.
__RTCS_TCP__ Abstraction layer flag that enables ARC operating system support.
__RTOS_ARC__ Defines the __MQX_* and __RTCS_* flags for ARC operating system support.
__RTOS_CYGWIN__ Defines the __CYGWIN_* flags for Cygwin operating system support.
__RTOS_LINUX__ Defines the __LINUX_* flags for Linux operating system support.
__RTOS_NETBURNER__ Defines the __NETBURNER_* flags for NetBurner operating system support.
__RTOS_NNOS__ Defines the __NNOS_* flags for NNOS operating system support.
__RTOS_NUCLEUS__ Defines the __NUCLEUS_* flags for Nucleus operating system support.
__RTOS_OSE__ Defines the __OSE_* flags for OSE operating system support.
__RTOS_OSX__ Defines the __OSX_* flags for OS X operating system support.
__RTOS_PSOS__ Defines the __PSOS_* flags for pSOS operating system support.
__RTOS_SOLARIS__ Defines the __SOLARIS_* flags for Solaris operating system support.
__RTOS_THREADX__ Defines the __THREADX_* flags for ThreadX operating system support.
__RTOS_VXWORKS__ Defines the __VXWORKS_* flags for VxWorks operating system support.
__RTOS_WIN32__ Defines the __WIN32_* flags for 32-bit Windows operating system support.
__SHA1_HARDWARE_HASH__ Enables hardware support for SHA1.
__SHA1_ONE_STEP_HARDWARE_HASH__ Enables hardware support for one-step SHA1.
__SHA224_ONE_STEP_HARDWARE_HASH__ Enables hardware support for one-step SHA-224.
__SHA256_HARDWARE_HASH__ Enables hardware support for SHA-256.
__SHA256_ONE_STEP_HARDWARE_HASH__ Enables hardware support for one-step SHA-256.
__SHA384_ONE_STEP_HARDWARE_HASH__ Enables hardware support for one-step SHA-384.
__SHA512_HARDWARE_HASH__ Enables hardware support for SHA-512.
__SHA512_ONE_STEP_HARDWARE_HASH__ Enables hardware support for one-step SHA-256.
__SINGLE_THREAD_SSH_SERVER__ Disables spawning threads for new SSH server connections if the __USE_MOCANA_SSH_SERVER__ flag is defined.
__SOLARIS_RTOS__ Enables Solaris operating system support.
__SOLARIS_TCP__ Abstraction layer flag that enables Solaris operating system support.
__SOLARIS_UDP__ Abstraction layer flag that enables Solaris operating system support.
__THREADX_RTOS__ Enables ThreadX operating system support.
__THREADX_TCP__ Abstraction layer flag that enables ThreadX operating system support.
__TRECK_TCP__ Abstraction layer flag that enables Treck operating system support.
__USE_MOCANA_SSH_SERVER__ Enables TrustCore SDK's SSH daemon, used for handling accepts and spawning threads for servicing requests. In most instances, this will not be enabled; instead, the existing telnet daemon will be used. (Note that this is distinct from the __ENABLE_MOCANA_SSH_SERVER__ flag, which enables inclusion of the SSH server into the executable.
__USE_TPM_EMULATOR__ NanoTAP flag used to run against TPM 1.2 SW emulator instead of actual HW.
__VERIFY_DSA_KEY_GENERATION__ (Default = defined/enabled if __FAST_DSA_KEY_GENERATION__ is defined) Enables verification of successful DSA key generation.
__VLONG_MOD_OPERATOR_HARDWARE_ACCELERATOR__ Disables TrustCore SDK very long integer mod() function (in vlong.c), and uses the equivalent code in the chip's hardware accelerator.
__VLONG_MODEXP_OPERATOR_HARDWARE_ACCELERATOR__ Disables TrustCore SDK very long integer modexp() function (in vlong.c), and uses the equivalent code in the chip's hardware accelerator.
__VLONG_MODINV_OPERATOR_HARDWARE_ACCELERATOR__ Disables TrustCore SDK very long integer modinv() function (in vlong.c), and uses the equivalent code in the chip's hardware accelerator.
__VXWORKS_IPV6__ Enables the proper connection call selection based on the protocol version in use.
__VXWORKS_RTOS__ Enables VxWorks operating system support.
__VXWORKS_TCP__ Abstraction layer flag that enables VxWorks operating system support.
__VXWORKS_UDP__ Abstraction layer flag that enables VxWorks operating system support.
__WIN32_RTOS__ Enables 32-bit Windows operating system support.
__WIN32_TCP__ Abstraction layer flag that enables 32-bit Windows operating system support.
__WIN32_UDP__ Abstraction layer flag that enables 32-bit Windows operating system support.
__XP_NDIS_5_1__ (WPA2 only) For TrustCore SDK internal use to enable the Windows XP NDISUIO 5.1 protocol driver for lower-layer communications. If you define this flag, you must not define the __DP_USE_WPCAP__ flag.
_AFX_NO_AFXCMN_SUPPORT Enables MFC support for Windows common controls in IPsec/IKE example code.
_BMAP_PAD_AFTER Adds padding after ID map entries so that each entry falls on a block boundary.
_BMAP_PAD_BEFORE Prepends padding to ID map entries so that each entry falls on a block boundary.
_BMAP_PAGEALIGN Adds padding to D maps so that they fall on page boundaries.
_BMAP_PROTECT Defines MPROTECT and _BMAP_PAGEALIGN flags.
_CONSIST Enables bitmap consistency checks.
_FULL_CONSIST Enables more frequent consistency checks.
_MSC_VER Enables strict compilation of example code for Microsoft compiler support.
ASM_SHIFT_LEFT_DEFINED Enables assembly language implementation of big integer shift left operations, which is faster than the corresponding C function.
ASM_SHIFT_RIGHT_DEFINED Enables assembly language implementation of big integer shift right operations, which is faster than the corresponding C function.
AUTH_MAX_NUM_PROMPTS Maximum number of times a user can attempt to log on. SSH clients will typically use one attempt to log on without a password without the user's knowledge. Therefore, if you set this value to n, only (n-1) prompts will be provided.
AUTH_MAX_NUM_PROMPTS Maximum number of times a user can attempt to log on. SSH clients will typically use one attempt to log on without a password without the user's knowledge. Therefore, if you set this value to n, only (n-1) prompts will be provided.
BIG_ENDIAN (IPsec, IKE, and EAP only) Specifies that the CPU is big endian. For EAP, if you define this flag, LITTLE_ENDIAN must be undefined.
COUNTOF Constant used throughout TrustCore SDK code.
CSR_LINE_LENGTH Maximum Base 64 encoded output length of PKS10 certificate request.
CUSTOM_IKE_GET_PSK (IKE only) Enables custom pre-shared key functions.
CUSTOM_IKE_USE_RSA_SIG (IKE only) Enables custom host certificate functions.
EAP_EXAMPLE_MD5 Enables EAP-MD5 example code.
EAP_EXAMPLE_TLS Enables EAP-TLS example code.
FALSE Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable. (Internal structures are initialized to 0, so redefining NULL and FALSE can be problematic within the code.)
FREE Enables redefinition of the FREE function to something other than the default (free()).
FSL_SEC_SYNC_TIMEOUT_MS (Default = 1000) Timeout in milliseconds for Freescale crypto operations.
IKE_CERT_CACHE_MAX (IKE only) Maximum number of entries in the cache table of peer certificates.
IKE_CERT_CHAIN_MAX (IKE only) Maximum number of certificates (including the root and all leaves) allowed in a single certificate chain.
IKE_EVENT_MAX (IKE only) Maximum number of concurrent pending phase 2 exchanges allowed.
IKE_IPSECSA_MAX (IKE only) Maximum number of concurrent phase 2 quick mode negotiations allowed per established phase 1 channel.
IKE_P2_SA_MAX (IKE only) Maximum number of SA payloads allowed per phase 2 quick mode negotiation.
IKE_SA_MAX (IKE only) Maximum number of concurrent phase 1 negotiations (both established and pending) allowed.
IMMR_ADDRESS (Freescale processors only) Internal Memory Map Register address necessary to enable hardware offload.
IPSEC_DGRAM_MAX Maximum number of pending IP datagrams allowed for IP reassembly.
IPSEC_DGRAM_SIZE_MAX Maximum IP payload size (in bytes) for IP fragmentation reassembly.
IPSEC_NEST_MAX Maximum SA bundle size — how many separate headers can protect the payload. For example, if a payload can be protected by both AH and ESP, then define IPSEC_NEXT_MAX as 2.
IPSEC_PACKETS_MAX Maximum number of packets per IP datagram (reassembly only).
IPSEC_REPLAY_SIZE Replay window size in packets/bits. Values must be multiples of 8; and >= 32 is recommended.
IPSEC_SADB_MAX Maximum number of IPsec SAs to include in the SADB.
IPSEC_SPD_MAX Maximum number of IPsec policies per direction; must be <= 65536.
kMaxAsnParseStackDepth (Default = 40) Recursive call depth for a certificate.
LITTLE_ENDIAN (IPsec, IKE, and EAP only) Specifies that the CPU is little endian. For EAP, if you define this flag, BIG_ENDIAN must be undefined.
MACRO_MULTIPLICATION_LOOP Enables custom assembly language code to handle big integer multiplication.
MACRO_SHIFT_LEFT Optimizes the shift-left functions of shlVlong() (in vlong.c) to assembly code.
MACRO_SHIFT_RIGHT Optimizes the shift-right functions of shrVlong() (in vlong.c) to assembly code.
MACRO_SQR_LOOP Enables custom assembly language code to handle big integer squares.
MALLOC Enables redefinition of the MALLOC function to something than the default (malloc()).
MAX_DNE_STRING_LENGTH Maximum number of bytes (excluding the terminating NULL) of the string containing a distinguished name element.
MAX_SESSION_WINDOW_SIZE Maximum amount of data (in bytes) the SSH server allows an SSH client to push.
MOC_BIG_ENDIAN (IPsec, IKE, and EAP only) Specifies that the CPU is big endian. For EAP, if you define this flag, MOC_LITTLE_ENDIAN must be undefined.
MOC_LITTLE_ENDIAN (IPsec, IKE, and EAP only) Specifies that the CPU is little endian. For EAP, if you define this flag, MOC_BIG_ENDIAN must be undefined.
MOC_MIN_PARTITION_SIZE (Do not change) Minimum number of bytes required for the TrustCore SDK memory partition code.
MOC_UNUSED Prevents the compiler from issuing unused argument warnings. For most compilers, add the following to moptions.h: #define MOC_UNUSED(X) X=X
MOCANA_DEBUG_CONSOLE_PORT Port number to which enabled debug messages are sent(if __MOCANA_DUMP_CONSOLE_TO_STDOUT__ is not defined).
MOCANA_RNG_GET_PERSONALIZATION_STRING Points to an arbitrary function that will return a personalization string. By default, this flag points to a function that returns a NULL personalization string.
MOCANA_SSH_CONNECT_STR_LEN Maximum number of bytes (excluding the terminating NULL) of the string containing the port forwarding destination host name.
MOCANA_SSH_SOCKET_STREAM_SIZE Stream buffer size (in bytes) used for SSH asynchronous non-blocking sockets.
MOCANA_THREAD_PRIO Priority assigned to all threads spawned by TrustCore SDK code.
MOCANA_UPPER_PRIVILEGE_PORT Port number to use for SSH port forwarding.
MULT_ADDCX Optimizes big integer math operations; redefine based on your compiler.
NULL Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable. (Internal structures are initialized to 0, so redefining NULL and FALSE can be problematic within the code.)
OFFSETOF Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable.
PATCH_CONST Defines static data as a constant, as required by some environments' compiler/patch management code.
RADIUS_CLEANUP_TIME_MS Age in milliseconds at which an authentication record is considered stale; the record will subsequently be recycled.
RADIUS_MAX_CONNECTIONS Maximum number of concurrent requests (all RADIUS requests are for authentication).
RADIUS_MAX_SERVERS Maximum number of RADIUS servers with which a client will communicate.
RADIUS_REQUEST_ALLOCATION Maximum number of bytes per radius packet (header + payload), from 20 to 4096.
RADIUS_RETRY_COUNT Maximum number of times a RADIUS client can re-request authentication (excludes the initial request).
RADIUS_RETRY_INTERVAL_MS Time in milliseconds between a RADIUS client's retries for authentication.
RBTREE_OUTSIDE_NODE (Recommended to leave undefined) Enables use of the red-black tree — a very fast self-balancing binary search tree.
RFC3576_NASPORT Default port number to which the RADIUS server sends messages in cases of authorization issues.
SFTP_MAX_FILENAME_LENGTH (Default = 64) Maximum length (in bytes) of SFTP filenames and directory names.
SFTP_MAX_PATH_DEPTH (Default = 32) Maximum folder depth. For example, if folder A contains folder B, which in turn contains folder C, then folder A has a depth of 3.
SFTP_READFILE_BUF_SIZE Maximum number of bytes at a time that can be read or written to a file for the SFTP server.
SFTP_SERVER_STREAM_BUF_SIZE Number of bytes of the circular buffer used to stream data. This streaming buffer provides a work around for SSH SFTP clients that do not support the shorter block sizes used by TrustCore SDK to conserve the server's memory usage.
SOMAXCONN Depth of the TCP listen queue (used for pending TCP connections).
SSH_MAX_BUFFER_SIZE Maximum number of bytes of the buffer for messages received by the SSH server.
SSH_OUT_CUSTOM_MUTEX Prevents messages from being interlaced during crypto operations when multiple threads or processes send data to the same SSH client.
SSHC_MAX_BUFFER_SIZE Maximum number of bytes in the SSH client message buffer (headers + payload).
SSL_CERT_VERIFY_ARG Sum of bitmaps specifying which items out of the header's policy field must be checked.
SSL_DEFAULT_SMALL_BUFFER Default number of bytes for initial SSL message buffers.
SSL_MALLOC_BLOCK_SIZE (Recommended to leave unchanged) Number of bytes allocated per block; defined for efficient hardware accelerator use so that the SSL payload is on a 16-byte paragraph boundary.
SSL_MESG_TOO_LONG_COUNTER Mapping to a global variable to increment when an SSL message is longer than the maximum size.
SSL_PACKED Prevents compilers from padding field structures so that they end on boundaries.
SSL_PACKED_POST Prevents compilers from padding field structures so that they end on boundaries.
SSL_RECORDSIZE (Recommended to leave unchanged) Maximum SSL record size (in bytes); defined as 16384 per the SSL specification.
SSL_SESSION_RESUME_TIMEOUT Number of milliseconds a client-server connection can remain inactive before handshaking is required to resume the connection.
SSL_WRITE_FAIL_RETRY_TIME (Synchronous SSL only) Enables SSL handshaking to handle a write failure with a non-blocking socket.
TCP_SHARE_SOCKET (Example code only) Enables a parent thread to share a socket with a client thread.
TIMEOUT_IPSEC_REASSEMBLY (Default = 1500) Number of milliseconds allowed for an IPsec reassembly operation before a timeout error is generated.
TLS_EAP_PAD (Recommended to leave unchanged) Buffer padding for EAP-TLS message.
TRUE Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable.
__USE_WLAN_API__ Enables NanoWireless to be built for Windows 8 and 10 target platforms.
ULONG_PTR (IKE example code) Data type definition for an unsigned long pointer.
VC_EXTRALEAN (IPsec examples for Visual C compiler) Reduces the size of Windows header files.