![]() |
TrustCore SDK NanoCrypto API reference
version 7.0
|
This page lists the compilation flags (compiler directives) that may be used to customize DigiCert® TrustCore SDK.
TrustCore SDK code may be easily customized by defining compilation flags. For example, the memory footprint may be reduced by defining compilation flags to disable products or features that are not running, which removes those products' code from the resultant executable. Similarly, debug flags may be undefined, which also serves to increase execution speed.
These compilation flags also enable easy porting of TrustCore SDK code to any operating system. For additional guidance on defining flags for common tasks, refer DigiCert® NanoCrypto documentation.
__DISABLE_MOCANA_
or __ENABLE_MOCANA_
) for internal development and testing. Do not define such flags in your implementation because the results may be unexpected.The following table describes the set of compilation flags, presented in alphabetical order:
Flag | Description |
---|---|
__3DES_HARDWARE_CIPHER__ | Turns on hardware 3DES support (and disables corresponding software). |
__AES_HARDWARE_CIPHER__ | Turns on hardware AES support (and disables corresponding software). |
__ARC2_HARDWARE_CIPHER__ | Turns on hardware ARC2 support (and disables corresponding software). |
__ARC4_HARDWARE_CIPHER__ | Turns on hardware ARC4 support (and disables corresponding software). |
__ASM_386__ | Turns on assembly language optimizations for Intel x86 processors using Microsoft compilers. |
__ASM_386_GCC__ | Turns on assembly language optimizations for Intel x86 processors using GCC compilers. |
__ASM_ARM__ | Turns on assembly language optimizations for ARM processors. (This flag replaces the older __ASM_ARM7__ flag.) |
__ASM_COLDFIRE_DIABDATA__ | Turns on assembly language optimizations for Freescale Coldfire processors using the DiabData compiler. |
__ASM_H8S__ | Turns on assembly language optimizations for Hitachi/Renasas H8S processors. |
__ASM_M68K_CROSSCODE__ | Turns on assembly language optimizations for Motorola/Freescale 68K series processors. |
__ASM_MIPS__ | Turns on assembly language optimizations for MIPS processors. |
__ASM_PPC__ | Turns on assembly language optimizations for PowerPC processors. If your PowerPC has an Altivec unit, be sure to use the correct flags for the compiler to enable using the Altivec unit; for example, -maltivec for the GCC compiler. |
__ATMOS_RTOS__ | Enables ATM operating system support. |
__ATMOS_TCP__ | Abstraction layer flag that enables ATM operating system support. |
__CYGWIN_RTOS__ | Enables Cygwin operating system support. |
__CYGWIN_TCP__ | Abstraction layer flag that enables Cygwin operating system support. |
__DES_HARDWARE_CIPHER__ | Turns on hardware DES support (and disables corresponding software). |
__DISABLE_3DES_CIPHERS__ | Disables 3DES cipher suite support (both hardware and software). |
__DISABLE_AES_CIPHERS__ | Disables AES cipher suite support (both hardware and software). |
__DISABLE_AES128_CIPHER__ | Disables AES 128-bit keys cipher suite support (both hardware and software). |
__DISABLE_AES192_CIPHER__ | Disables AES 192-bit keys cipher suite support (both hardware and software). |
__DISABLE_AES256_CIPHER__ | Disables AES 256-bit keys cipher suite support (both hardware and software). |
__DISABLE_ARC4_CIPHERS__ | Disables ARC-4 cipher suite support (both hardware and software). |
__DISABLE_CERT_VALIDATE_TIME__ | Disables certificate expiration checks if calendar clock is not available. |
__DEBUG_* | (Recommended to leave undefined) Enables debug information for TrustCore SDK support. |
__DISABLE_IPSEC_TUNNEL_MODE__ | (Default = defined/enabled) Enables IPsec tunnel mode, which is used for IPsec VPN support. |
__DISABLE_MOCANA_ADD_ENTROPY__ | Disables TrustCore SDK functions that allow system entropy (random data) to update the random number generator. If you're using your own random number generator, you can define this flag. |
__DISABLE_MOCANA_CERTIFICATE_GENERATION__ | Disables TrustCore SDK certificate generation code. If you define this flag, you should also define the __DISABLE_MOCANA_RSA_SIGN__ flag. |
__DISABLE_MOCANA_CERTIFICATE_PARSING__ | Disables TrustCore SDK certificate parsing code. If you're using IKE, this flag should not be defined. If you define this flag, you should also define the __DISABLE_MOCANA_RSA_SIGN__ flag. |
__DISABLE_MOCANA_ECC__ | Disables elliptical curve cryptography — a very fast asymmetrical crypto algorithm for key exchanges and authentication. |
__DISABLE_MOCANA_ECC_P256__ | Disables ECC P-256 primes. Define for Suite B cipher support. |
__DISABLE_MOCANA_ECC_P384__ | Disables ECC P-384 primes. Define for Suite B cipher support. |
__DISABLE_MOCANA_ECC_P521__ | Disables ECC P-521 primes. Define for Suite B cipher support. |
__DISABLE_MOCANA_ECC_P192__ | Disables ECC P-192 primes. Define for Suite B cipher support. |
__DISABLE_MOCANA_ECC_P224__ | Disables ECC P-224 primes. Define for Suite B cipher support. |
__DISABLE_MOCANA_ECDH__ | Disables Elliptic Curve Diffie-Hellman cipher suite support. |
__DISABLE_MOCANA_FILE_SYSTEM_HELPER__ | Disables TrustCore SDK ANSI file system helper functions, such as MOCANA_readFile and MOCANA_writeFile. |
__DISABLE_MOCANA_IKE_EAP__ | Disables EAP methods when both IKE and EAP are enabled. |
__DISABLE_MOCANA_INIT__ | Disables TrustCore SDK common initialization and de-initialization code (in common/mocana.c). |
__DISABLE_MOCANA_KEY_GENERATION__ | Disables TrustCore SDK key generation code. |
__DISABLE_MOCANA_MAIN_FUNC_ENTRY__ | Disables the main function in the TrustCore SDK example code, allowing operation on embedded systems (as opposed to Linux-based desktop systems). |
__DISABLE_MOCANA_MODEXP_SLIDING_WINDOW__ | Disables memory-intensive (but faster executing) algorithm for calculating MOD exponents. The result is less memory use and slower calculations. |
__DISABLE_MOCANA_PRIME_TEST__ | Disables TrustCore SDK prime test code used to verify whether a number is prime. (If it's left enabled, and hardware prime test support is enabled, then the hardware can use the TrustCore SDK prime test code.) |
__DISABLE_MOCANA_RAND_ENTROPY_THREADS__ | Disables TrustCore SDK entropy threads; initialization of the random number seed is still performed. |
__DISABLE_MOCANA_RAND_SEED__ | Disables TrustCore SDK entropy threads and initialization of random number seed. |
__DISABLE_MOCANA_RNG__ | Disables TrustCore SDK default random number generator (in random.c). If you define this flag, you must provide your own random number generator factory that is API compatible with TrustCore SDK's random number generator. |
__DISABLE_MOCANA_RSA_DECRYPTION__ | Disables RSA decryption support. |
__DISABLE_MOCANA_RSA_SIGN__ | Disables TrustCore SDK certificate signing code. If you've disabled TrustCore SDK certificate code (by defining the __DISABLE_MOCANA_CERTIFICATE_GENERATION__ or __DISABLE_MOCANA_CERTIFICATE_PARSING__ flags), it's safe to define this flag. |
__DISABLE_MOCANA_RSA_VERIFY__ | Disables TrustCore SDK RSA signature verification code. If you're running SSL client but not SSL server, define this flag to disable mutual authentication. |
__DISABLE_MOCANA_SHA256__ | Disables SHA256 cipher support (both hardware and software). |
__DISABLE_MOCANA_SHA512__ | Disables SHA512 cipher support (both hardware and software). |
__DISABLE_MOCANA_SSH_COMMON_NAME_CHECK__ | (Not recommended) Disables common name validation during SSH handshaking. |
__DISABLE_MOCANA_SSH_RSA_KEY_EXCHANGE__ | Disables RSA support for SSH key exchange. |
__DISABLE_MOCANA_SSL_COMMON_NAME_CHECK__ | (Not recommended) Disables common name validation during SSL handshaking. |
__DISABLE_MOCANA_STARTUP_GUARD__ | Disables TrustCore SDK initialization code guard, which ignores subsequent calls to MOCANA_initTrustCore SDK(). |
__DISABLE_NULL_MD5_CIPHER__ | Disables SSL NULL MD5 cipher suite support. |
__DISABLE_OPEN_SSH_AES_GCM__ | Disables the aes128-gcm@openssh.com and aes256-gcm@openssh.com ciphers. |
__DISABLE_SSL_GET_SOCKET_API__ | Disables function that retrieves an original socket ID for a connection instance. |
__DISABLE_SSL_IOCTL_API__ | Disables the IOCTL function, which sets the version number (SSLv3 or TLS 1.0) to use for connection. |
__DISABLE_SSL_IS_SESSION_API__ | Disables function that verifies whether a given connection instance is for a given SSL session. |
__DISABLE_SSL_SESSION_FLAGS_API__ | Disables functions that set SSL flags (in ssl.h). |
__DP_USE_WPCAP__ | (WPA2 only) For TrustCore SDK internal use to enable the Windows XP packet capture library for lower-layer communications; must be defined to enable pre-authentication. If you define this flag, you must not define the __XP_NDIS_5_1__ flag. |
__ENABLE_ALL_DEBUGGING__ | Displays extensive debug information from all TrustCore SDK modules to the debug console. |
__ENABLE_2KEY_3DES_CIPHER__ | Enables 3DES with 2 keys cipher suite support. |
__ENABLE_BCM582x_HARDWARE_ACCEL__ | Enables hardware accelerator support for the Broadcomm 582x chipset. |
__ENABLE_BLOWFISH_CIPHERS__ | (Default = undefined/disabled) Enables Blowfish cipher suite support. |
__ENABLE_DES_CIPHER__ | (Default = undefined/disabled) Enables DES cipher suite support. This is disabled by default because it's a weak cipher; however, 3DES is enabled by default. |
__ENABLE_FREESCALE_8248_HARDWARE_ACCEL__ | Enables hardware accelerator support for the Freescale 8248 chipset. |
__ENABLE_FREESCALE_875_HARDWARE_ACCEL__ | Enables hardware accelerator support for the Freescale 875 chipset. |
__ENABLE_HARDWARE_ACCEL_ASYNC_CRYPTO__ | Enables asynchronous hardware accelerator support. |
__ENABLE_HARDWARE_ACCEL_SYNC_CRYPTO__ | Enables synchronous hardware accelerator support. |
__ENABLE_IKE_AGGRESSIVE_MODE__ | Enables IKE aggressive mode for key exchanges. |
__ENABLE_IKE_CP__ | Enables IKE configuration payload; typically used when implementing a VPN client or server. |
__ENABLE_IKE_FRAGMENTATION__ | Enables IKE [v1] fragmentation. |
__ENABLE_IKE_MODE_CFG__ | Enables support for the ISAKMP configuration method (draft-dukes-ike-mode-cfg-02.txt). |
__ENABLE_IKE_REDIRECT__ | Enables the redirect mechanism for IKEv2 to redirect the VPN client to another gateway. |
__ENABLE_IKE_SIG_AUTH_RFC7427__ | Enables support for RFC 7427 (Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)). |
__ENABLE_IKE_XAUTH__ | Enables IKE XAUTH; typically used when implementing a VPN client or server. |
__ENABLE_IPSEC_COOKIE__ | Enables IPsec Cookie support, which allows customized filtering, such as VLAN ID, for IPsec security policies. |
__ENABLE_IPSEC_ESN__ | Enables support for RFC 4304 (Extended Sequence Number to IPsecDOI for ISAKMP). |
__ENABLE_IPSEC_FRAGMENTATION__ | Enables TrustCore SDK IP fragmentation reassembly code. Do not define this if you do not want to use TrustCore SDK fragmentation code; for example, if you have your own fragmentation code. |
__ENABLE_IPSEC_NAT_T__ | Enables IPsec NAT-Traversal. |
__ENABLE_IPSEC_NULL_TUNNEL__ | Enables IPsec tunnels with NULL encryption and no authorization. |
__ENABLE_IPSEC_OCSP_EXT__ | Enables support for RFC 4806 (Online Certificate Status Protocol (OCSP) Extensions to IKEv2). |
__ENABLE_IPSEC_PORT_RANGE__ | Enables you to specify a range of ports in the SPD (security policy database). If you do not define this flag, you can specify only a single port value (which does include specifying 0 for all ports). |
__ENABLE_LOOKUP_TABLE__ | Enables retrieval of C-string error messages corresponding to error codes. |
__ENABLE_MOCANA_64_BIT__ | (Products using TrustCore SDK cryptography) Enables support for 64-bit processors (x86_64: Intel, AMD, and PowerPC), thereby improving performance for 64-bit executables. |
__ENABLE_MOCANA_AEAD_CIPHER__ | Enables AEAD (Authenticated Encryption with Associated Data) cipher mode. |
__ENABLE_MOCANA_BASIC_TYPES_OVERRIDE__ | Disables TrustCore SDK default typedefs, allowing custom typedefs to be defined in moptions.h. |
__ENABLE_MOCANA_CERTIFICATE_SEARCH_SUPPORT__ | Enables search support for certificate attributes such as serial number and CRL. |
__ENABLE_MOCANA_CMP_CLIENT__ | Enables TrustCore SDK CMP client. |
__ENABLE_MOCANA_CMP_CLIENT_EXAMPLE__ | Enables TrustCore SDK CMP client example code. |
__ENABLE_MOCANA_CMS__ | Enables streaming CMS support. |
__ENABLE_MOCANA_DEBUG_CONSOLE__ | Enables the TrustCore SDK debug console, which logs debugging information to stdout or (if __MOCANA_DUMP_CONSOLE_TO_STDOUT__ is not defined) to a telnet port. |
__ENABLE_MOCANA_DEBUG_MEMORY__ | Enables the TrustCore SDK memory leak debugger, which detects memory leaks, double frees, and other memory issues. File and line numbers for every call to malloc and free are recorded. |
__ENABLE_MOCANA_DER_CONVERSION__ | Enables TrustCore SDK's DER file support. Allows reading public and private key data from an OpenSSL DER file. |
__ENABLE_MOCANA_DSA__ | Enables TrustCore SDK digital signature algorithm code. This flag must be defined to enable SSH DSA support (as configured by the __ENABLE_MOCANA_SSH_DSA_SUPPORT__ flag). |
__ENABLE_MOCANA_DTLS_CLIENT__ | Enables TrustCore SDK DTLS (asynchronous) client. |
__ENABLE_MOCANA_DTLS_SERVER__ | Enables TrustCore SDK DTLS (asynchronous) server. |
__ENABLE_MOCANA_EAP_AUTH__ | Enables the EAP-AUTH method. |
__ENABLE_MOCANA_EAP_FAST__ | Enables the EAP-FAST method. |
__ENABLE_MOCANA_EAP_GTC__ | Enables the EAP-GTC method. |
__ENABLE_MOCANA_EAP_LEAP__ | Enables the EAP-LEAP method. |
__ENABLE_MOCANA_EAP_MD5__ | Enables the EAP-MD5 method. |
__ENABLE_MOCANA_EAP_MSCHAPv2__ | Enables the EAP-MS-CHAP-V2 method. |
__ENABLE_MOCANA_EAP_PEAP__ | Enables the EAP-PEAP method. |
__ENABLE_MOCANA_EAP_PEAPV2__ | Enables the EAP-PEAPV2 method. |
__ENABLE_MOCANA_EAP_PEER__ | Enables TrustCore SDK EAP client (which functions as the peer/supplicant). |
__ENABLE_MOCANA_EAP_PSK__ | Enables the EAP-PSK method. |
__ENABLE_MOCANA_EAP_RADIUS__ | Enables the EAP-RADIUS method. |
__ENABLE_MOCANA_EAP_SIM__ | Enables the EAP-SIM method. |
__ENABLE_MOCANA_EAP_SIM_PEER__ | (Test use only) Enables the EAP-SIM 802.1x client. |
__ENABLE_MOCANA_EAP_SRP__ | Enables the EAP-SRP method. |
__ENABLE_MOCANA_EAP_TLS__ | Enables the EAP-TLS method. If you enable EAP-TLS, you must also define the __ENABLE_MOCANA_SSL_ASYNC_API_EXTENSIONS__ flag. |
__ENABLE_MOCANA_EAP_TTLS__ | Enables the EAP-TTLS method. |
__ENABLE_MOCANA_EAPOL__ | (Test use only) Enables EAP over LAN support. |
__ENABLE_MOCANA_ECC__ | Enables elliptical curve cryptography — a very fast asymmetrical crypto algorithm for key exchanges and authentication. Define for Suite B cipher support. |
__ENABLE_MOCANA_EST_CLIENT__ | Enables TrustCore SDK EST protocol client code. |
__ENABLE_MOCANA_EXAMPLES__ | Enables TrustCore SDK example code. |
__ENABLE_MOCANA_EXAMPLE_SSH_RADIUS_PASSWORD_AUTH__ | Enables example code for using RADIUS Client with SSH server. |
__ENABLE_MOCANA_EXTRACT_CERT_BLOB__ | Enables bit (raw data) access to a certificate's subject or issuer data. |
__ENABLE_MOCANA_FAST_PRIME_SEARCH__ | Enables the use of a larger table for prime searches, which increases speed but also increases the memory footprint. |
__ENABLE_MOCANA_FAST_RAND__ | Enables random number generator initialization even if entropy threads are disabled; also enables an additional round of entropy generation. |
__ENABLE_MOCANA_FIREWALL__ | Enables TrustCore SDK NanoWall. |
__ENABLE_MOCANA_FW_INBOUND_FLOW__ | Enables NanoWall INBOUND TCP flow. |
__ENABLE_MOCANA_GCM__ | Enables GCM (Galois/Counter Mode) symmetric key ciphers. Define for Suite B cipher support. |
__ENABLE_MOCANA_GCM_64K__ | Enables GCM 64 KB table size cipher. |
__ENABLE_MOCANA_GCM_4K__ | Enables GCM 4 KB table size cipher. |
__ENABLE_MOCANA_GCM_256B__ | Enables GCM 256 KB table size cipher. |
__ENABLE_MOCANA_HARDWARE_CRYPTO_ACCEL__ | Enables TrustCore SDK hardware acceleration support, which allows the hardware acceleration to be initialized when MOCANA_initTrustCore SDK() is called. |
__ENABLE_MOCANA_HARNESS__ | Enables TrustCore SDK acceleration harness for hardware offload, improving performance. |
__ENABLE_MOCANA_HARNESS_MEMORY_DEBUG__ | (For development use only) Enables the TrustCore SDK harness memory tracker, which confirms that memory allocation takes place on the hardware offload target. |
__ENABLE_MOCANA_HW_SECURITY_MODULE__ | Enables the TrustCore SDK secmod abstraction layer. |
__ENABLE_MOCANA_HTTP_CLIENT__ | Enables TrustCore SDK HTTP client. |
__ENABLE_MOCANA_HTTP_CLIENT_EXAMPLE__ | Enables TrustCore SDK HTTP client example code. |
__ENABLE_MOCANA_HTTPCC_CLIENT__ | Enables TrustCore SDK HTTPCC client. |
__ENABLE_MOCANA_HTTPCC_SERVER__ | Enables TrustCore SDK HTTPCC server. |
__ENABLE_MOCANA_IKE_SERVER__ | Enables TrustCore SDK IKE server/peer code. |
__ENABLE_MOCANA_INNER_APP__ | Enables TTLSv1 support. (TTLsv1 uses the SSL inner application payload.) |
__ENABLE_MOCANA_IPSEC_SERVICE__ | Enables TrustCore SDK IPsec stack. |
__ENABLE_MOCANA_IPV6__ | Enables TrustCore SDK IPv6 support. |
__ENABLE_MOCANA_KEY_UTILS__ | Enables TrustCore SDK key utilities function support. |
__ENABLE_MOCANA_LDAP_CLIENT__ | Enables TrustCore SDK LDAP client. |
__ENABLE_MOCANA_LDAP_TLS_EXTENSION__ | Enables secure LDAP client (LDAP with TLS stack). |
__ENABLE_MOCANA_LEAP__ | Enables the EAP-LEAP method. |
__ENABLE_MOCANA_MEM_PART__ | Enables TrustCore SDK memory partition code. |
__ENABLE_MOCANA_MEM_PART_MUTEX__ | Enables race condition prevention in synchronous applications; not necessary for asynchronous applications. |
__ENABLE_MOCANA_MULTIPLE_COMMON_NAMES | Enables accessing all a certificate's common names. If disabled, only the certificate's first common name is accessible. |
__ENABLE_MOCANA_NETWORK_TYPES_OVERRIDE__ | Enables redefinition of the IP address data type (by default, an unsigned long). |
__ENABLE_MOCANA_OCSP_CLIENT__ | Enables TrustCore SDK OCSP client. If you define this flag, you should also define the __ENABLE_MOCANA_HTTP_CLIENT__ flag. |
__ENABLE_MOCANA_PEM_CONVERSION__ | Enables code that allows OpenSSH and OpenSSL PEM files to be used. |
__ENABLE_MOCANA_PFKEY__ | Enables IKE PF_KEY functionality. |
__ENABLE_MOCANA_PKCS5__ | Enables code to support PKCS #5 — key strengthened key derivation functions using an input password or passphrase and a salt value. |
__ENABLE_MOCANA_PKCS7__ | Enables code to support PKCS #7 — a standard for signing and encrypting messages, as well as certificate dissemination. |
__ENABLE_MOCANA_PKCS8__ | Enables code to support PKCS #8 — a syntax for private-key information. |
__ENABLE_MOCANA_PKCS10__ | Enables code to support PKCS #10 — a standard for a certificate authority to upgrade a self-signed certificate to one signed by a certificate authority. |
__ENABLE_MOCANA_PKCS12__ | Enables code to support PKCS #12 — a file format for password-based symmetric key certificate protection. |
__ENABLE_MOCANA_PKI_CLIENT__ | Enables TrustCore SDK NanoCert LTE PKI client. |
__ENABLE_MOCANA_PKI_CLIENT_BACKROUND__ | Sets up the PKI client for background processing. |
__ENABLE_MOCANA_PKI_CLIENT_FOREROUND__ | Sets up the PKI client for foreground processing. |
__ENABLE_MOCANA_PKI_CLIENT_EXAMPLE__ | Enables PKI client example code. |
__ENABLE_MOCANA_PROPAGATING_FIREWALL__ | For future use. |
__ENABLE_MOCANA_RADIUS_CLIENT__ | Enables TrustCore SDK RADIUS client. |
__ENABLE_MOCANA_RNG_DRBG_CTR__ | Enables the CTR based NIST Random Number Generator (RNG). |
__ENABLE_MOCANA_RNG_DRBG_ECC__ | Enables the ECC based NIST Random Number Generator (RNG). |
__ENABLE_MOCANA_SCEPCC_SERVER__ | Enables TrustCore SDK SCEP server connection concentrator. |
__ENABLE_MOCANA_SCEP_CLIENT__ | Enables TrustCore SDK SCEP client. If you define this flag, you should also define the __ENABLE_MOCANA_HTTP_CLIENT__ flag. |
__ENABLE_MOCANA_SEC_BOOT__ | Enables the TrustCore SDK NanoBoot security verification program. |
__ENABLE_MOCANA_SIGN_BOOT__ | Enables the TrustCore SDK NanoBoot signing program. |
__ENABLE_MOCANA_SMALL_CODE_FOOTPRINT__ | Reduces the size of the executable, at the expense of execution speed. Depending on which products are included and which options are enabled, defining this flag may reduce heap and stack requirements. |
__ENABLE_MOCANA_SMP__ | Enables SMP features in NanoTAP. |
__ENABLE_MOCANA_SRTP__ | Enables TrustCore SDK NanoSRTP. |
__ENABLE_MOCANA_SRTP_DTLS_EXAMPLE__ | Enables DTLS-SRTP example code. |
__ENABLE_MOCANA_SRTP_POLICY_STRING_DATA__ | Enables retrieving a string representation of an SRTP session's security policies. |
__ENABLE_MOCANA_SSH_ASYNC_SERVER_API__ | Enables TrustCore SDK SSH asynchronous server. |
__ENABLE_MOCANA_SSH_AUTH_BANNER__ | Enables TrustCore SDK SSH display banner support for the client. |
__ENABLE_MOCANA_SSH_CHANNEL_ID_DEBUG__ | Enables inclusion of channel Id in NanoSSH (client and server) debug and log messages. |
__ENABLE_MOCANA_SSH_CLIENT__ | Enables TrustCore SDK SSH synchronous client. |
__ENABLE_MOCANA_SSH_DSA_SUPPORT__ | Enables DSA use by TrustCore SDK SSH. This flag has no effect unless both the following flags are also defined: __ENABLE_MOCANA_SSH_SERVER__ and __ENABLE_MOCANA_DSA__ . |
__ENABLE_MOCANA_SSH_FTP_CLIENT__ | Enables TrustCore SDK SSH SFTP client. |
__ENABLE_MOCANA_SSH_FTP_SERVER__ | Enables TrustCore SDK SSH SFTP server. |
__ENABLE_MOCANA_SSH_MAX_SESSION_TIME_LIMIT__ | Enables configuring a maximum user session time, after which the user is automatically logged out (regardless of whether the session is active or idle). |
__ENABLE_MOCANA_SSH_OLD_DSA_CONVERSION__ | Enables converting key blobs from Embedded SSH versions 1.4 and earlier to version 2.02 and later. (The 2.02 format adds RSA and ECC keys.) |
__ENABLE_MOCANA_SSH_PING__ | Enables TrustCore SDK SSH connection pings. |
__ENABLE_MOCANA_SSH_PORT_FORWARDING__ | Enables TrustCore SDK SSH server support for port forwarding. (TrustCore SDK SSH client does not support port forwarding.) |
__ENABLE_MOCANA_SSH_RADIUS_PASSWORD_AUTH_API__ | For future use. |
__ENABLE_MOCANA_SSH_RSA_SUPPORT__ | Enables RSA use by TrustCore SDK SSH. |
__ENABLE_MOCANA_SSH_SCP_SERVER__ | Should not be defined. |
__ENABLE_MOCANA_SSH_SENDER_RECV__ | Enables deadlock prevention by allowing the SSH server to receive the SSH client Acks for the smaller blocks already sent. |
__ENABLE_MOCANA_SSH_SERVER__ | Enables TrustCore SDK SSH synchronous server code. (Note that this is distinct from the __USE_MOCANA_SSH_SERVER__ flag, which enables TrustCore SDK's SSH daemon for handling accepts and spawning threads for servicing requests.) |
__ENABLE_MOCANA_SSH_STREAM_API__ | Enables TrustCore SDK SSH Stream API support, which allows data to be streamed rather than delivered as an entire message. |
__ENABLE_MOCANA_SSH_X509V3_SIGN_SUPPORT__ | Enables SSH certificate support. |
__ENABLE_MOCANA_SSH_X509V3_RFC_6187_SUPPORT__ | Enables SSH RFC 6187 support. |
__ENABLE_MOCANA_SSL_ALERTS__ | Enables SSL/TLS alert support. Required for EAP-TLS, EAP-PEAP, EAP-FAST, and EAP-TTLS methods. |
__ENABLE_MOCANA_SSL_ANON_SUPPORT__ | (SSL only) Enables Anonymous Diffie-Hellman cipher suite support. |
__ENABLE_MOCANA_SSL_ASYNC_API_EXTENSIONS__ | Enables copy-less receive buffer processing. This flag must be defined if EAP-TLS is enabled (by defining the __ENABLE_MOCANA_EAP_TLS__ flag). |
__ENABLE_MOCANA_SSL_ASYNC_CLIENT_API__ | Enables TrustCore SDK SSL asynchronous client. |
__ENABLE_MOCANA_SSL_ASYNC_SERVER_API__ | Enables TrustCore SDK SSL asynchronous server. |
__ENABLE_MOCANA_SSL_CIPHER_SUITES_SELECT__ | Enables dynamic cipher suite selection through a user callback in the SSL Server. |
__ENABLE_MOCANA_SSL_CLIENT__ | Enables TrustCore SDK SSL synchronous client code. |
__ENABLE_MOCANA_SSL_DH_ANON_SUPPORT__ | Enables SSL Diffie-Hellman Anonymous cipher suite support. |
__ENABLE_MOCANA_SSL_DHE_SUPPORT__ | Enables SSL Diffie-Hellman Ephemeral cipher suite support. |
__ENABLE_MOCANA_SSL_DUAL_MODE_API__ | Enables simultaneous synchronous and asynchronous operation (client or server). |
__ENABLE_MOCANA_SSL_ECDH_ANON_SUPPORT__ | Enables Anonymous Elliptic Curve Diffie-Hellman cipher suite support in SSL products. |
__ENABLE_MOCANA_SSL_ECDH_SUPPORT__ | Enables Elliptic Curve Diffie-Hellman cipher suite support in SSL products. |
__ENABLE_MOCANA_SSL_ECDHE_SUPPORT__ | Enables Ephemeral Elliptic Curve Diffie-Hellman cipher suite support in SSL products. |
__ENABLE_MOCANA_SSL_MUTUAL_AUTH_CERT_SINGLE_ONLY__ | Enables authentication using only a single certificate (instead of a certificate chain). |
__ENABLE_MOCANA_SSL_MUTUAL_AUTH_SUPPORT__ | Enables SSL mutual authentication; can be set for NanoSSH client or server. This flag must be defined to enable setting the SSL_FLAG_REQUIRE_MUTUAL_AUTH runtime flag. |
__ENABLE_MOCANA_SSL_NEW_HANDSHAKE__ | Enables the callback to be activated when a peer that's already successfully performed handshaking asks again. |
__ENABLE_MOCANA_SSL_REHANDSHAKE__ | Enables the SSL Rehandshake feature. |
__ENABLE_MOCANA_SSL_PSK_SUPPORT__ | Enables SSL Pre-shared Key support. |
__ENABLE_MOCANA_SSL_SERVER__ | Enables TrustCore SDK SSL synchronous server code. |
__ENABLE_MOCANA_SUPPORT_FOR_NATIVE_STDLIB__ | Disables TrustCore SDK standard library functions and enables your native stdlib() functions, such as memcpy() and memcmp() . |
__ENABLE_MOCANA_TAP__ | Enables the NanoTAP module. |
__ENABLE_MOCANA_TPM__ | Enables support for TPM 1.2 chips under the TrustCore SDK secmod abstraction layer. This flag also requires __ENABLE_MOCANA_HW_SECURITY_MODULE__ to be set. |
__ENABLE_MOCANA_TPM2__ | Enables the TPM 2.0 SMP features in NanoTAP. |
__ENABLE_MOCANA_UMP__ | Enables TrustCore SDK Secure Firmware Update (update-message processor). |
__ENABLE_MOCANA_URI__ | (SCEP client example code and CMP code only) Enables code to support parsing and constructing URIs. |
__ENABLE_MOCANA_VERIFY_RSA_SIGNATURE__ | Enables a self-test (internal to the TrustCore SDK certificate code) to ensure that the signature can be verified via CRT (Chinese remainder theorem); if the self-test shows that the signature can't be verified via CRT, then the long algorithm will be used. |
__ENABLE_MOCANA_WPA2__ | Enables TrustCore SDK WPA2. |
__ENABLE_MOCANA_WPA2_SUITE_B__ | Enables Suite-B compliant connection, access points, and other Suite-B specific features for TrustCore SDK WPA2. |
__ENABLE_MOCANA_WPA2_ROAMING__ | Enables software based roaming when the driver/hardware lacks roaming capability. |
__ENABLE_MOCANA_WPA2_WEXT__ | Required on Linux platforms (in addition to __RTOS_LINUX__ ) when using WEXT (Wireless extension) to manage the WLAN driver. |
__ENABLE_MOCTPM_ESTC__ | Enables the EST client; needed for the shim. |
__ENABLE_MW_ASM__ | Enables MetroWerks assembly language optimizations. |
__ENABLE_MW_PROFILER__ | Enables MetroWerks profiler optimizations. |
__ENABLE_NIL_CIPHER__ | Enables SSL NULL cipher suite support. |
__ENABLE_RFC3546__ | Enables TLS extensions support (as defined by RFC 3546), which is required for elliptic curve ciphers and EAP. |
__ENABLE_RFC3576__ | Enables RADIUS extensions for CoA (change of authorization) support. |
__ENABLE_SSH_VERSION1_SUPPORT__ | Enables the coexistence of an SSHv1 stack with the TrustCore SDK SSHv2 stack. (SSHv1 should not be used alone.) |
__ENABLE_SSL_DYNAMIC_CERTIFICATE__ | Enables your application to dynamically select (through a user callback) which certificate to use for the given SSL server. |
__ENABLE_SSL_TO_REMOTE_TPM__ | Specifies to use SSL for remote connections instead of TCP. |
__ENABLE_TAP_REMOTE__ | Enables remote support for a NanoTAP client-server build. Without this flag, NanoTAP is built in local-only mode. |
__ENABLE_TLSEXT_RFC6066__ | Enables support in the SSL API for the RFC 6066 extentsions: Server Name Indication (SNI) and Certificate Status (OCSP stapling). For more information, see the descriptions for: SSL_setCertifcateStatusRequestExtensions(), SSL_setOcspResponderUrl(), and SSL_setSNI(). |
__ENABLE_UNICODE__ | Enables Unicode support for password entry in the secmod abstraction layer. |
__ENABLE_VXWORKS_PIPE_EXAMPLE__ | Enables example code for the SSH server to use VxWorks pipes. |
__ENABLE_VXWORKS_SOCKET_EXAMPLE__ | Enables example code for the SSH server to use VxWorks sockets. |
__ERROR_LOOKUP_TABLE__ | For TrustCore SDK internal use for displaying error messages; do not define. |
__FAST_DSA_KEY_GENERATION__ | Enables faster, but less secure, DSA key generation. If defined, __VERIFY_DSA_KEY_GENERATION__ is automatically defined. |
__FUSION_TCP__ | Abstraction layer flag enabling Fusion operating system support. |
__FUSION_TCP_API_7_DOT_1__ | Abstraction layer flag that enables Fusion 7.1 operating system support. |
__HMAC_MD5_HARDWARE_HASH__ | Enables hardware support for HMAC MD5. |
__HMAC_SHA1_HARDWARE_HASH__ | Enables hardware support for HMAC SHA1. |
__IKE_MULTI_HOMING__ | Enables IKE multihoming applications. |
__INCREMENTAL_DSA_KEYGEN__ | Enables a small speed increase for DSA key generation, with no security weakness (unlike key generation with the __FAST_DSA_KEY_GENERATION__ flag defined). |
__LINUX_RTOS__ | Enables Linux operating system support. |
__LINUX_TCP__ | Abstraction layer flag that enables Linux operating system support. |
__LINUX_UDP__ | Abstraction layer flag that enables Linux operating system support. |
__MD5_HARDWARE_HASH__ | Enables hardware support for MD5. |
__MD5_ONE_STEP_HARDWARE_HASH__ | Enables hardware support for one-step MD5 operations. |
__MOCANA_DISABLE_CERT_TIME_VERIFY__ | Disables the certificate verification code from checking the certificate's expiration date. |
__MOCANA_DUMP_CONSOLE_TO_STDOUT__ | Sends enabled debug messages to stdout . (When this flag is defined, the __MOCANA_DUMP_CONSOLE_TO_STDOUT__ setting is ignored). |
__MOCANA_ENABLE_LONG_LONG__ | Enables optimization of big integer math code. (Whether this results in faster code execution depends on your CPU.) |
__MOCANA_FORCE_ENTROPY__ | If enabled, calls the function MOCANA_addExternalEntropy from the function MOCANA_initTrustCore SDK to add entropy from an external source (/dev/random on Linux). In addition,\ DISABLE_MOCANA_ADD_ENTROPY must not be defined. |
__MQX_RTOS__ | Enables MQX operating system support. |
__NATIVE_INT64__ | (Recommended to leave undefined; SHA-512 only) Redefines integer sizes. |
__NETBURNER_RTOS__ | Enables NetBurner operating system support. |
__NNOS_RTOS__ | Enables NNOS operating system support. |
__NNOS_TCP__ | Abstraction layer flag that enables NNOS operating system support. |
__NO_CATL_SHIM__ | Specifies to not use the TrustCore SDK EST shim for AIKs. The EST shim handles AIK certificate requests until a CA exists to implement the TCG-defined identity proof request. |
__NO_SELF_SIGNED_CERTIFICATES__ | Prevents SSL clients and servers from using self-signed certificates to authenticate themselves. |
__NUCLEUS_RTOS__ | Enables Nucleus operating system support. |
__NUCLEUS_TCP__ | Abstraction layer flag that enables Nucleus operating system support. |
__OSE_RTOS__ | Enables OSE operating system support. |
__OSE_TCP__ | Abstraction layer flag that enables OSE operating system support. |
__OSX_RTOS__ | Enables OS X operating system support. |
__OSX_TCP__ | Abstraction layer flag that enables OS X operating system support. |
__OSX_UDP__ | Abstraction layer flag that enables OS X operating system support. |
__PLATFORM_HAS_GETOPT__ | Facilitates parsing command-line tokens. Define for operating systems that provide a getopt function (such as Linux); otherwise leave undefined, in which case the Nano code will perform rudimentary command-line parsing to attempt to extract the arguments. |
__PRIME_GEN_HARDWARE__ | Enables hardware acceleration chip support for prime number generation. |
__PSOS_RTOS__ | Enables pSOS operating system support. |
__PSOS_TCP__ | Abstraction layer flag that enables pSOS operating system support. |
__PSOS_UDP__ | Abstraction layer flag that enables pSOS operating system support. |
__RSA_HARDWARE_ACCELERATOR__ | Enables hardware support for RSA. |
__RTCS_TCP__ | Abstraction layer flag that enables ARC operating system support. |
__RTOS_ARC__ | Defines the __MQX_* and __RTCS_* flags for ARC operating system support. |
__RTOS_CYGWIN__ | Defines the __CYGWIN_* flags for Cygwin operating system support. |
__RTOS_LINUX__ | Defines the __LINUX_* flags for Linux operating system support. |
__RTOS_NETBURNER__ | Defines the __NETBURNER_* flags for NetBurner operating system support. |
__RTOS_NNOS__ | Defines the __NNOS_* flags for NNOS operating system support. |
__RTOS_NUCLEUS__ | Defines the __NUCLEUS_* flags for Nucleus operating system support. |
__RTOS_OSE__ | Defines the __OSE_* flags for OSE operating system support. |
__RTOS_OSX__ | Defines the __OSX_* flags for OS X operating system support. |
__RTOS_PSOS__ | Defines the __PSOS_* flags for pSOS operating system support. |
__RTOS_SOLARIS__ | Defines the __SOLARIS_* flags for Solaris operating system support. |
__RTOS_THREADX__ | Defines the __THREADX_* flags for ThreadX operating system support. |
__RTOS_VXWORKS__ | Defines the __VXWORKS_* flags for VxWorks operating system support. |
__RTOS_WIN32__ | Defines the __WIN32_* flags for 32-bit Windows operating system support. |
__SHA1_HARDWARE_HASH__ | Enables hardware support for SHA1. |
__SHA1_ONE_STEP_HARDWARE_HASH__ | Enables hardware support for one-step SHA1. |
__SHA224_ONE_STEP_HARDWARE_HASH__ | Enables hardware support for one-step SHA-224. |
__SHA256_HARDWARE_HASH__ | Enables hardware support for SHA-256. |
__SHA256_ONE_STEP_HARDWARE_HASH__ | Enables hardware support for one-step SHA-256. |
__SHA384_ONE_STEP_HARDWARE_HASH__ | Enables hardware support for one-step SHA-384. |
__SHA512_HARDWARE_HASH__ | Enables hardware support for SHA-512. |
__SHA512_ONE_STEP_HARDWARE_HASH__ | Enables hardware support for one-step SHA-256. |
__SINGLE_THREAD_SSH_SERVER__ | Disables spawning threads for new SSH server connections if the __USE_MOCANA_SSH_SERVER__ flag is defined. |
__SOLARIS_RTOS__ | Enables Solaris operating system support. |
__SOLARIS_TCP__ | Abstraction layer flag that enables Solaris operating system support. |
__SOLARIS_UDP__ | Abstraction layer flag that enables Solaris operating system support. |
__THREADX_RTOS__ | Enables ThreadX operating system support. |
__THREADX_TCP__ | Abstraction layer flag that enables ThreadX operating system support. |
__TRECK_TCP__ | Abstraction layer flag that enables Treck operating system support. |
__USE_MOCANA_SSH_SERVER__ | Enables TrustCore SDK's SSH daemon, used for handling accepts and spawning threads for servicing requests. In most instances, this will not be enabled; instead, the existing telnet daemon will be used. (Note that this is distinct from the __ENABLE_MOCANA_SSH_SERVER__ flag, which enables inclusion of the SSH server into the executable. |
__USE_TPM_EMULATOR__ | NanoTAP flag used to run against TPM 1.2 SW emulator instead of actual HW. |
__VERIFY_DSA_KEY_GENERATION__ | (Default = defined/enabled if __FAST_DSA_KEY_GENERATION__ is defined) Enables verification of successful DSA key generation. |
__VLONG_MOD_OPERATOR_HARDWARE_ACCELERATOR__ | Disables TrustCore SDK very long integer mod() function (in vlong.c), and uses the equivalent code in the chip's hardware accelerator. |
__VLONG_MODEXP_OPERATOR_HARDWARE_ACCELERATOR__ | Disables TrustCore SDK very long integer modexp() function (in vlong.c), and uses the equivalent code in the chip's hardware accelerator. |
__VLONG_MODINV_OPERATOR_HARDWARE_ACCELERATOR__ | Disables TrustCore SDK very long integer modinv() function (in vlong.c), and uses the equivalent code in the chip's hardware accelerator. |
__VXWORKS_IPV6__ | Enables the proper connection call selection based on the protocol version in use. |
__VXWORKS_RTOS__ | Enables VxWorks operating system support. |
__VXWORKS_TCP__ | Abstraction layer flag that enables VxWorks operating system support. |
__VXWORKS_UDP__ | Abstraction layer flag that enables VxWorks operating system support. |
__WIN32_RTOS__ | Enables 32-bit Windows operating system support. |
__WIN32_TCP__ | Abstraction layer flag that enables 32-bit Windows operating system support. |
__WIN32_UDP__ | Abstraction layer flag that enables 32-bit Windows operating system support. |
__XP_NDIS_5_1__ | (WPA2 only) For TrustCore SDK internal use to enable the Windows XP NDISUIO 5.1 protocol driver for lower-layer communications. If you define this flag, you must not define the __DP_USE_WPCAP__ flag. |
_AFX_NO_AFXCMN_SUPPORT | Enables MFC support for Windows common controls in IPsec/IKE example code. |
_BMAP_PAD_AFTER | Adds padding after ID map entries so that each entry falls on a block boundary. |
_BMAP_PAD_BEFORE | Prepends padding to ID map entries so that each entry falls on a block boundary. |
_BMAP_PAGEALIGN | Adds padding to D maps so that they fall on page boundaries. |
_BMAP_PROTECT | Defines MPROTECT and _BMAP_PAGEALIGN flags. |
_CONSIST | Enables bitmap consistency checks. |
_FULL_CONSIST | Enables more frequent consistency checks. |
_MSC_VER | Enables strict compilation of example code for Microsoft compiler support. |
ASM_SHIFT_LEFT_DEFINED | Enables assembly language implementation of big integer shift left operations, which is faster than the corresponding C function. |
ASM_SHIFT_RIGHT_DEFINED | Enables assembly language implementation of big integer shift right operations, which is faster than the corresponding C function. |
AUTH_MAX_NUM_PROMPTS | Maximum number of times a user can attempt to log on. SSH clients will typically use one attempt to log on without a password without the user's knowledge. Therefore, if you set this value to n, only (n-1) prompts will be provided. |
AUTH_MAX_NUM_PROMPTS | Maximum number of times a user can attempt to log on. SSH clients will typically use one attempt to log on without a password without the user's knowledge. Therefore, if you set this value to n, only (n-1) prompts will be provided. |
BIG_ENDIAN | (IPsec, IKE, and EAP only) Specifies that the CPU is big endian. For EAP, if you define this flag, LITTLE_ENDIAN must be undefined. |
COUNTOF | Constant used throughout TrustCore SDK code. |
CSR_LINE_LENGTH | Maximum Base 64 encoded output length of PKS10 certificate request. |
CUSTOM_IKE_GET_PSK | (IKE only) Enables custom pre-shared key functions. |
CUSTOM_IKE_USE_RSA_SIG | (IKE only) Enables custom host certificate functions. |
EAP_EXAMPLE_MD5 | Enables EAP-MD5 example code. |
EAP_EXAMPLE_TLS | Enables EAP-TLS example code. |
FALSE | Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable. (Internal structures are initialized to 0, so redefining NULL and FALSE can be problematic within the code.) |
FREE | Enables redefinition of the FREE function to something other than the default (free()). |
FSL_SEC_SYNC_TIMEOUT_MS | (Default = 1000) Timeout in milliseconds for Freescale crypto operations. |
IKE_CERT_CACHE_MAX | (IKE only) Maximum number of entries in the cache table of peer certificates. |
IKE_CERT_CHAIN_MAX | (IKE only) Maximum number of certificates (including the root and all leaves) allowed in a single certificate chain. |
IKE_EVENT_MAX | (IKE only) Maximum number of concurrent pending phase 2 exchanges allowed. |
IKE_IPSECSA_MAX | (IKE only) Maximum number of concurrent phase 2 quick mode negotiations allowed per established phase 1 channel. |
IKE_P2_SA_MAX | (IKE only) Maximum number of SA payloads allowed per phase 2 quick mode negotiation. |
IKE_SA_MAX | (IKE only) Maximum number of concurrent phase 1 negotiations (both established and pending) allowed. |
IMMR_ADDRESS | (Freescale processors only) Internal Memory Map Register address necessary to enable hardware offload. |
IPSEC_DGRAM_MAX | Maximum number of pending IP datagrams allowed for IP reassembly. |
IPSEC_DGRAM_SIZE_MAX | Maximum IP payload size (in bytes) for IP fragmentation reassembly. |
IPSEC_NEST_MAX | Maximum SA bundle size — how many separate headers can protect the payload. For example, if a payload can be protected by both AH and ESP, then define IPSEC_NEXT_MAX as 2. |
IPSEC_PACKETS_MAX | Maximum number of packets per IP datagram (reassembly only). |
IPSEC_REPLAY_SIZE | Replay window size in packets/bits. Values must be multiples of 8; and >= 32 is recommended. |
IPSEC_SADB_MAX | Maximum number of IPsec SAs to include in the SADB. |
IPSEC_SPD_MAX | Maximum number of IPsec policies per direction; must be <= 65536. |
kMaxAsnParseStackDepth | (Default = 40) Recursive call depth for a certificate. |
LITTLE_ENDIAN | (IPsec, IKE, and EAP only) Specifies that the CPU is little endian. For EAP, if you define this flag, BIG_ENDIAN must be undefined. |
MACRO_MULTIPLICATION_LOOP | Enables custom assembly language code to handle big integer multiplication. |
MACRO_SHIFT_LEFT | Optimizes the shift-left functions of shlVlong() (in vlong.c) to assembly code. |
MACRO_SHIFT_RIGHT | Optimizes the shift-right functions of shrVlong() (in vlong.c) to assembly code. |
MACRO_SQR_LOOP | Enables custom assembly language code to handle big integer squares. |
MALLOC | Enables redefinition of the MALLOC function to something than the default (malloc()). |
MAX_DNE_STRING_LENGTH | Maximum number of bytes (excluding the terminating NULL) of the string containing a distinguished name element. |
MAX_SESSION_WINDOW_SIZE | Maximum amount of data (in bytes) the SSH server allows an SSH client to push. |
MOC_BIG_ENDIAN | (IPsec, IKE, and EAP only) Specifies that the CPU is big endian. For EAP, if you define this flag, MOC_LITTLE_ENDIAN must be undefined. |
MOC_LITTLE_ENDIAN | (IPsec, IKE, and EAP only) Specifies that the CPU is little endian. For EAP, if you define this flag, MOC_BIG_ENDIAN must be undefined. |
MOC_MIN_PARTITION_SIZE | (Do not change) Minimum number of bytes required for the TrustCore SDK memory partition code. |
MOC_UNUSED | Prevents the compiler from issuing unused argument warnings. For most compilers, add the following to moptions.h: #define MOC_UNUSED(X) X=X |
MOCANA_DEBUG_CONSOLE_PORT | Port number to which enabled debug messages are sent(if __MOCANA_DUMP_CONSOLE_TO_STDOUT__ is not defined). |
MOCANA_RNG_GET_PERSONALIZATION_STRING | Points to an arbitrary function that will return a personalization string. By default, this flag points to a function that returns a NULL personalization string. |
MOCANA_SSH_CONNECT_STR_LEN | Maximum number of bytes (excluding the terminating NULL) of the string containing the port forwarding destination host name. |
MOCANA_SSH_SOCKET_STREAM_SIZE | Stream buffer size (in bytes) used for SSH asynchronous non-blocking sockets. |
MOCANA_THREAD_PRIO | Priority assigned to all threads spawned by TrustCore SDK code. |
MOCANA_UPPER_PRIVILEGE_PORT | Port number to use for SSH port forwarding. |
MULT_ADDCX | Optimizes big integer math operations; redefine based on your compiler. |
NULL | Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable. (Internal structures are initialized to 0, so redefining NULL and FALSE can be problematic within the code.) |
OFFSETOF | Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable. |
PATCH_CONST | Defines static data as a constant, as required by some environments' compiler/patch management code. |
RADIUS_CLEANUP_TIME_MS | Age in milliseconds at which an authentication record is considered stale; the record will subsequently be recycled. |
RADIUS_MAX_CONNECTIONS | Maximum number of concurrent requests (all RADIUS requests are for authentication). |
RADIUS_MAX_SERVERS | Maximum number of RADIUS servers with which a client will communicate. |
RADIUS_REQUEST_ALLOCATION | Maximum number of bytes per radius packet (header + payload), from 20 to 4096. |
RADIUS_RETRY_COUNT | Maximum number of times a RADIUS client can re-request authentication (excludes the initial request). |
RADIUS_RETRY_INTERVAL_MS | Time in milliseconds between a RADIUS client's retries for authentication. |
RBTREE_OUTSIDE_NODE | (Recommended to leave undefined) Enables use of the red-black tree — a very fast self-balancing binary search tree. |
RFC3576_NASPORT | Default port number to which the RADIUS server sends messages in cases of authorization issues. |
SFTP_MAX_FILENAME_LENGTH | (Default = 64) Maximum length (in bytes) of SFTP filenames and directory names. |
SFTP_MAX_PATH_DEPTH | (Default = 32) Maximum folder depth. For example, if folder A contains folder B, which in turn contains folder C, then folder A has a depth of 3. |
SFTP_READFILE_BUF_SIZE | Maximum number of bytes at a time that can be read or written to a file for the SFTP server. |
SFTP_SERVER_STREAM_BUF_SIZE | Number of bytes of the circular buffer used to stream data. This streaming buffer provides a work around for SSH SFTP clients that do not support the shorter block sizes used by TrustCore SDK to conserve the server's memory usage. |
SOMAXCONN | Depth of the TCP listen queue (used for pending TCP connections). |
SSH_MAX_BUFFER_SIZE | Maximum number of bytes of the buffer for messages received by the SSH server. |
SSH_OUT_CUSTOM_MUTEX | Prevents messages from being interlaced during crypto operations when multiple threads or processes send data to the same SSH client. |
SSHC_MAX_BUFFER_SIZE | Maximum number of bytes in the SSH client message buffer (headers + payload). |
SSL_CERT_VERIFY_ARG | Sum of bitmaps specifying which items out of the header's policy field must be checked. |
SSL_DEFAULT_SMALL_BUFFER | Default number of bytes for initial SSL message buffers. |
SSL_MALLOC_BLOCK_SIZE | (Recommended to leave unchanged) Number of bytes allocated per block; defined for efficient hardware accelerator use so that the SSL payload is on a 16-byte paragraph boundary. |
SSL_MESG_TOO_LONG_COUNTER | Mapping to a global variable to increment when an SSL message is longer than the maximum size. |
SSL_PACKED | Prevents compilers from padding field structures so that they end on boundaries. |
SSL_PACKED_POST | Prevents compilers from padding field structures so that they end on boundaries. |
SSL_RECORDSIZE | (Recommended to leave unchanged) Maximum SSL record size (in bytes); defined as 16384 per the SSL specification. |
SSL_SESSION_RESUME_TIMEOUT | Number of milliseconds a client-server connection can remain inactive before handshaking is required to resume the connection. |
SSL_WRITE_FAIL_RETRY_TIME | (Synchronous SSL only) Enables SSL handshaking to handle a write failure with a non-blocking socket. |
TCP_SHARE_SOCKET | (Example code only) Enables a parent thread to share a socket with a client thread. |
TIMEOUT_IPSEC_REASSEMBLY | (Default = 1500) Number of milliseconds allowed for an IPsec reassembly operation before a timeout error is generated. |
TLS_EAP_PAD | (Recommended to leave unchanged) Buffer padding for EAP-TLS message. |
TRUE | Constant used throughout TrustCore SDK code. Can be redefined, but results are unpredictable. |
__USE_WLAN_API__ | Enables NanoWireless to be built for Windows 8 and 10 target platforms. |
ULONG_PTR | (IKE example code) Data type definition for an unsigned long pointer. |
VC_EXTRALEAN | (IPsec examples for Visual C compiler) Reduces the size of Windows header files. |