• Your recent searches
Crypt-MatrixSSL3
12 results

 view release on metacpan or  search on metacpan

Makefile.PL  view on Meta::CPAN 

use 5.00001;
use ExtUtils::MakeMaker 6.63_03;

use strict;
use warnings;

use Config;
use File::ShareDir::Install;
$File::ShareDir::Install::INCLUDE_DOTFILES = 1;
$File::ShareDir::Install::INCLUDE_DOTDIRS = 1;
install_share dist => 'share';

#
#  WARNING: Do not try to "make dist" under Windows; it destroys the Upper/lower CaSe of some files.
#
# See lib/ExtUtils/MakeMaker.pm for details of how to influence
# the contents of the Makefile that is written.
#
# Many thanks to Randy Kobes for helping me figure out how to make this work on Win32, which
# also laid the foundation for me getting it to work nicely on Linux and Macintosh
#

# Compile options
my @cOptions = (
    # ------
    # matrixSSL configuration
    # ------

    #-------
    # matrixSSL cipher suites selection
    #-------

    # matrixsslConfig.h Cipher Suites

    # ** WARNING **
    # If you enable DHE cipher suites you *must*:
    # - enable USE_DH in the options below (enabled by default)
    # - load DH params for the session keys by using $keys->load_DH_params( $DH_params_file )
    #
    # If you plan to support HTTP/2 you are required by specification to support the following cipher
    #   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    #******************************************************************************
    #
    #   Recommended cipher suites:
    #
    #   Define the following to enable various cipher suites
    #   At least one of these must be defined.  If multiple are defined,
    #   the handshake will determine which is best for the connection.
    #

    'USE_TLS_RSA_WITH_AES_128_CBC_SHA',
    'USE_TLS_RSA_WITH_AES_256_CBC_SHA',
    'USE_TLS_RSA_WITH_AES_128_CBC_SHA256', # TLS 1.2
    'USE_TLS_RSA_WITH_AES_256_CBC_SHA256', # TLS 1.2
    'USE_TLS_RSA_WITH_AES_128_GCM_SHA256', # TLS 1.2
    'USE_TLS_RSA_WITH_AES_256_GCM_SHA384', # TLS 1.2

    # Pre-Shared Key Ciphers
    #'USE_TLS_PSK_WITH_AES_256_CBC_SHA',
    #'USE_TLS_PSK_WITH_AES_128_CBC_SHA',
    #'USE_TLS_PSK_WITH_AES_256_CBC_SHA384', # TLS 1.2
    #'USE_TLS_PSK_WITH_AES_128_CBC_SHA256', # TLS 1.2

    # Ephemeral ECC DH keys, ECC DSA certificates
    #'USE_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA',
    #'USE_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA',
    #'USE_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256', # TLS 1.2
    #'USE_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384', # TLS 1.2
    #'USE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', # TLS 1.2 - HTTP/2 approved
    #'USE_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', # TLS 1.2 - HTTP/2 approved

    # Ephemeral ECC DH keys, RSA certificates
    'USE_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
    'USE_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
    'USE_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', # TLS 1.2
    'USE_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', # TLS 1.2
    'USE_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', # TLS 1.2 - HTTP/2 approved
    'USE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', # TLS 1.2 - HTTP/2 approved and *required*

    # Non-Ephemeral ECC DH keys, ECC DSA certificates
    #'USE_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA',
    #'USE_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA',
    #'USE_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256', # TLS 1.2
    #'USE_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384', # TLS 1.2
    #'USE_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256', # TLS 1.2
    #'USE_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384', # TLS 1.2

    # Non-Ephemeral ECC DH keys, RSA certificates
    #'USE_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA',
    #'USE_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA',
    #'USE_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384', # TLS 1.2
    #'USE_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256', # TLS 1.2
    #'USE_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384', # TLS 1.2
    #'USE_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256', # TLS 1.2

    #******************************************************************************
    #
    #   These cipher suites are secure, but not in general use. Enable only if
    #   specifically required by application.
    #
    'USE_TLS_DHE_PSK_WITH_AES_256_CBC_SHA',
    'USE_TLS_DHE_PSK_WITH_AES_128_CBC_SHA',
    'USE_TLS_DHE_RSA_WITH_AES_256_CBC_SHA',
    'USE_TLS_DHE_RSA_WITH_AES_128_CBC_SHA',
    'USE_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256', # TLS 1.2
    'USE_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256', # TLS 1.2

    #******************************************************************************
    #
    #   These cipher suites are generally considered weak, not recommended for use.
    #
    #'USE_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA', #x
    #'USE_SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA',
    #'USE_SSL_RSA_WITH_3DES_EDE_CBC_SHA',      #x
    #'USE_TLS_RSA_WITH_SEED_CBC_SHA',
    #'USE_SSL_RSA_WITH_RC4_128_SHA',
    #'USE_SSL_RSA_WITH_RC4_128_MD5',

    #******************************************************************************
    #
    #   These cipher suites do not combine authentication and encryption and
    #   are not recommended for use-cases that require strong security or
    #   Man-in-the-Middle protection.
    #
    #'USE_TLS_DH_anon_WITH_AES_256_CBC_SHA',
    #'USE_TLS_DH_anon_WITH_AES_128_CBC_SHA',
    #'USE_SSL_DH_anon_WITH_3DES_EDE_CBC_SHA',
    #'USE_SSL_DH_anon_WITH_RC4_128_MD5',
    #'USE_SSL_RSA_WITH_NULL_SHA',               # enabled just for test purposes
    #'USE_SSL_RSA_WITH_NULL_MD5',

    # include encryption algorithms
    'USE_AES',
    'USE_AES_GCM',
    'USE_3DES',
    'USE_DES',
    'USE_ARC4',
    'USE_RC2',

    # include digest algorithms
    'USE_SHA1',
    'USE_SHA256',
    'USE_SHA384',
    'USE_SHA512',
    'USE_MD5',
    'USE_HMAC',

    # certificates and keys
    'USE_ECC',
    'USE_DH',
    'USE_RSA',
    'USE_X509',
    'USE_BASE64_DECODE',

    # ------
    # matrixSSL compile options
    #-------

    # enable certificate and key parsing
    'USE_CERT_PARSE',
    'USE_FULL_CERT_PARSE',
    'USE_PRIVATE_KEY_PARSING',

    # Define in the build environment. Enables file access for parsing X.509
    # certificates and private keys.
    'MATRIX_USE_FILE_SYSTEM',

    # matrixsslConfig.h - Enables client side SSL support
    'USE_CLIENT_SIDE_SSL',

    # matrixsslConfig.h - Enables server side SSL support
    'USE_SERVER_SIDE_SSL',

    # matrixsslConfig.h - Enables TLS 1.0 protocol support and above (SSL version 3.1)
    'USE_TLS_1_0_AND_ABOVE',

    # matrixsslConfig.h - Disables SSL version 3.0
    # TODO: disable the definition in matrixSSL so users will be able to support it if they comment the next line
    'DISABLE_SSLV3',

    # matrixsslConfig.h - Disables TLS 1.0 if USE_TLS is enabled but only later versions of the protocol are desired
    #'DISABLE_TLS_1_0',

    # matrixsslConfig.h - Disables TLS 1.1 if USE_TLS_1_1 is enabled but
    # only later versions of the protocol are desired
    #'DISABLE_TLS_1_1',



( run in 1.120 second using v1.01-cache-2.11-cpan-e1769b4cff6 )