;;; -*-conf-*-
;;;
;;; Default configuration for Seccure keys
;;;
;;; (c) 2012 Mark Wooding
;;;

;;;----- Licensing notice ---------------------------------------------------
;;;
;;; This file is part of the distorted.org.uk key management suite.
;;;
;;; distorted-keys is free software; you can redistribute it and/or modify
;;; it under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 2 of the License, or
;;; (at your option) any later version.
;;;
;;; distorted-keys is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with distorted-keys; if not, write to the Free Software Foundation,
;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

;;;--------------------------------------------------------------------------
;;; Seccure configuration.
;;;
;;; Properties defined by the key-type are as follows.  All the properties
;;; are optional.
;;;
;;; curve		The name of the elliptic curve to use.  See the
;;;			seccure(1) man page for a list of curves.  The name
;;;			here can be any substring unique to a single curve.
;;;			The default is `p256', which selects the NIST P256
;;;			curve.
;;;
;;; tagsz		The size of the MAC tag used to ensure the integrity
;;;			of encrypted messages (and therefore security against
;;;			chosen-ciphertext attack).

[%seccure]
type = seccure

;; Curve selection.
curve = p256

;; MAC tag length.
tagsz = 128

[seccure-integrity]
@include = %seccure %asymmetric-integrity

[seccure-secrecy]
@include = %seccure %asymmetric-secrecy

[%seccure-infra]
@include = %seccure

;;;----- That's all, folks --------------------------------------------------