user_settings.h
1  /* Copyright (C) 2006-2018 wolfSSL Inc.
2  *
3  * This file is part of wolfSSL.
4  *
5  * wolfSSL is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * wolfSSL is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
18  */
19 
20 /* Custom wolfSSL user settings for Cypress WICED Studio. */
21 
22 #ifndef WOLFSSL_USER_SETTINGS_H
23 #define WOLFSSL_USER_SETTINGS_H
24 
25 #ifdef __cplusplus
26 extern "C" {
27 #endif
28 
29 
30 /* ------------------------------------------------------------------------- */
31 /* Platform */
32 /* ------------------------------------------------------------------------- */
33 #undef WOLFSSL_GENERAL_ALIGNMENT
34 #define WOLFSSL_GENERAL_ALIGNMENT 4
35 
36 #undef SINGLE_THREADED
37 #if 0
38  #define SINGLE_THREADED
39 #endif
40 
41 #undef WOLFSSL_SMALL_STACK
42 #if 1
43  #define WOLFSSL_SMALL_STACK
44 #endif
45 
46 #undef WOLFSSL_USER_IO
47 #define WOLFSSL_USER_IO
48 
49 
50 /* ------------------------------------------------------------------------- */
51 /* Math Configuration */
52 /* ------------------------------------------------------------------------- */
53 #undef USE_FAST_MATH
54 #define USE_FAST_MATH
55 
56 #undef SIZEOF_LONG_LONG
57 #define SIZEOF_LONG_LONG 8
58 
59 #undef USE_FAST_MATH
60 #if 1
61  #define USE_FAST_MATH
62 
63  #undef TFM_TIMING_RESISTANT
64  #define TFM_TIMING_RESISTANT
65 
66  /* Optimizations */
67  //#define TFM_ARM
68 #endif
69 
70 /* Wolf Single Precision Math */
71 #undef WOLFSSL_SP
72 #if 0
73  #define WOLFSSL_SP
74  #define WOLFSSL_SP_SMALL
75  #define WOLFSSL_HAVE_SP_RSA
76  #define WOLFSSL_HAVE_SP_DH
77  #define WOLFSSL_HAVE_SP_ECC
78  #define WOLFSSL_SP_CACHE_RESISTANT
79  //#define WOLFSSL_SP_MATH
80 
81  /* 64 or 32 bit version */
82  //#define WOLFSSL_SP_ARM32_ASM
83  //#define WOLFSSL_SP_ARM64_ASM
84 #endif
85 
86 /* ------------------------------------------------------------------------- */
87 /* FIPS - Requires eval or license from wolfSSL */
88 /* ------------------------------------------------------------------------- */
89 #undef HAVE_FIPS
90 #if 0
91  #define HAVE_FIPS
92 
93  #undef HAVE_FIPS_VERSION
94  #define HAVE_FIPS_VERSION 2
95 
96  #ifdef SINGLE_THREADED
97  #undef NO_THREAD_LS
98  #define NO_THREAD_LS
99  #endif
100 #endif
101 
102 
103 /* ------------------------------------------------------------------------- */
104 /* Crypto */
105 /* ------------------------------------------------------------------------- */
106 /* RSA */
107 #undef NO_RSA
108 #if 1
109  #ifdef USE_FAST_MATH
110  /* Maximum math bits (Max RSA key bits * 2) */
111  #undef FP_MAX_BITS
112  #define FP_MAX_BITS 4096
113  #endif
114 
115  /* half as much memory but twice as slow */
116  #undef RSA_LOW_MEM
117  //#define RSA_LOW_MEM
118 
119  /* Enables blinding mode, to prevent timing attacks */
120  #if 1
121  #undef WC_RSA_BLINDING
122  #define WC_RSA_BLINDING
123  #else
124  #undef WC_NO_HARDEN
125  #define WC_NO_HARDEN
126  #endif
127 
128  /* RSA PSS Support */
129  #if 1
130  #define WC_RSA_PSS
131  #endif
132 
133  #if 0
134  #define WC_RSA_NO_PADDING
135  #endif
136 #else
137  #define NO_RSA
138 #endif
139 
140 /* ECC */
141 #undef HAVE_ECC
142 #if 1
143  #define HAVE_ECC
144 
145  /* Manually define enabled curves */
146  #undef ECC_USER_CURVES
147  #define ECC_USER_CURVES
148 
149  #ifdef ECC_USER_CURVES
150  /* Manual Curve Selection */
151  //#define HAVE_ECC192
152  //#define HAVE_ECC224
153  #undef NO_ECC256
154  //#define HAVE_ECC384
155  //#define HAVE_ECC521
156  #endif
157 
158  /* Fixed point cache (speeds repeated operations against same private key) */
159  #undef FP_ECC
160  //#define FP_ECC
161  #ifdef FP_ECC
162  /* Bits / Entries */
163  #undef FP_ENTRIES
164  #define FP_ENTRIES 2
165  #undef FP_LUT
166  #define FP_LUT 4
167  #endif
168 
169  /* Optional ECC calculation method */
170  /* Note: doubles heap usage, but slightly faster */
171  #undef ECC_SHAMIR
172  #define ECC_SHAMIR
173 
174  #undef TFM_ECC256
175  #define TFM_ECC256
176 
177  /* Reduces heap usage, but slower */
178  #undef ECC_TIMING_RESISTANT
179  #define ECC_TIMING_RESISTANT
180 
181  /* Enable cofactor support */
182  #ifdef HAVE_FIPS
183  #undef HAVE_ECC_CDH
184  #define HAVE_ECC_CDH
185  #endif
186 
187  /* Validate import */
188  #ifdef HAVE_FIPS
189  #undef WOLFSSL_VALIDATE_ECC_IMPORT
190  #define WOLFSSL_VALIDATE_ECC_IMPORT
191  #endif
192 
193  /* Compressed Key Support */
194  #undef HAVE_COMP_KEY
195  //#define HAVE_COMP_KEY
196 
197  /* Use alternate ECC size for ECC math */
198  #ifdef USE_FAST_MATH
199  #ifdef NO_RSA
200  /* Custom fastmath size if not using RSA */
201  /* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */
202  #undef FP_MAX_BITS
203  #define FP_MAX_BITS (256 + 32)
204  #else
205  #undef ALT_ECC_SIZE
206  #define ALT_ECC_SIZE
207  #endif
208 
209  /* Speedups specific to curve */
210  #ifndef NO_ECC256
211  #undef TFM_ECC256
212  #define TFM_ECC256
213  #endif
214  #endif
215 #endif
216 
217 /* DH */
218 #undef NO_DH
219 #if 1
220  /* Use table for DH instead of -lm (math) lib dependency */
221  #if 1
222  #define WOLFSSL_DH_CONST
223  #define HAVE_FFDHE_2048
224  #define HAVE_FFDHE_4096
225  //#define HAVE_FFDHE_6144
226  //#define HAVE_FFDHE_8192
227  #endif
228 
229  #ifdef HAVE_FIPS
230  #define WOLFSSL_VALIDATE_FFC_IMPORT
231  #define HAVE_FFDHE_Q
232  #endif
233 #else
234  #define NO_DH
235 #endif
236 
237 
238 /* AES */
239 #undef NO_AES
240 #if 1
241  #undef HAVE_AES_CBC
242  #define HAVE_AES_CBC
243 
244  #undef HAVE_AESGCM
245  #define HAVE_AESGCM
246 
247  /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
248  #define GCM_SMALL
249 
250  #undef WOLFSSL_AES_DIRECT
251  #define WOLFSSL_AES_DIRECT
252 
253  #undef HAVE_AES_ECB
254  //#define HAVE_AES_ECB
255 
256  #undef WOLFSSL_AES_COUNTER
257  #define WOLFSSL_AES_COUNTER
258 
259  #undef HAVE_AESCCM
260  #define HAVE_AESCCM
261 #else
262  #define NO_AES
263 #endif
264 
265 
266 /* DES3 */
267 #undef NO_DES3
268 #if 1
269 #else
270  #define NO_DES3
271 #endif
272 
273 /* ChaCha20 / Poly1305 */
274 #undef HAVE_CHACHA
275 #undef HAVE_POLY1305
276 #if 1
277  #define HAVE_CHACHA
278  #define HAVE_POLY1305
279 
280  /* Needed for Poly1305 */
281  #undef HAVE_ONE_TIME_AUTH
282  #define HAVE_ONE_TIME_AUTH
283 #endif
284 
285 /* Ed25519 / Curve25519 */
286 #undef HAVE_CURVE25519
287 #undef HAVE_ED25519
288 #if 0
289  #define HAVE_CURVE25519
290  #define HAVE_ED25519 /* ED25519 Requires SHA512 */
291 
292  /* Optionally use small math (less flash usage, but much slower) */
293  #if 1
294  #define CURVED25519_SMALL
295  #endif
296 #endif
297 
298 
299 /* ------------------------------------------------------------------------- */
300 /* Hashing */
301 /* ------------------------------------------------------------------------- */
302 /* Sha */
303 #undef NO_SHA
304 #if 1
305  /* 1k smaller, but 25% slower */
306  #define USE_SLOW_SHA
307 #else
308  #define NO_SHA
309 #endif
310 
311 /* Sha256 */
312 #undef NO_SHA256
313 #if 1
314  /* not unrolled - ~2k smaller and ~25% slower */
315  //#define USE_SLOW_SHA256
316 
317  /* Sha224 */
318  #if 1
319  #define WOLFSSL_SHA224
320  #endif
321 #else
322  #define NO_SHA256
323 #endif
324 
325 /* Sha512 */
326 #undef WOLFSSL_SHA512
327 #if 1
328  #define WOLFSSL_SHA512
329 
330  /* Sha384 */
331  #undef WOLFSSL_SHA384
332  #if 1
333  #define WOLFSSL_SHA384
334  #endif
335 
336  #undef WOLFSSL_SHA224
337  #if 1
338  #define WOLFSSL_SHA224
339  #endif
340 
341  /* over twice as small, but 50% slower */
342  //#define USE_SLOW_SHA512
343 #endif
344 
345 /* Sha3 */
346 #undef WOLFSSL_SHA3
347 #if 0
348  #define WOLFSSL_SHA3
349 #endif
350 
351 /* MD5 */
352 #undef NO_MD5
353 #if 1
354 
355 #else
356  #define NO_MD5
357 #endif
358 
359 /* HKDF */
360 #undef HAVE_HKDF
361 #if 1
362  #define HAVE_HKDF
363 #endif
364 
365 /* CMAC */
366 #undef WOLFSSL_CMAC
367 #if 0
368  #define WOLFSSL_CMAC
369 #endif
370 
371 
372 /* ------------------------------------------------------------------------- */
373 /* Benchmark / Test */
374 /* ------------------------------------------------------------------------- */
375 /* Use reduced benchmark / test sizes */
376 #undef BENCH_EMBEDDED
377 #define BENCH_EMBEDDED
378 
379 #undef USE_CERT_BUFFERS_2048
380 #define USE_CERT_BUFFERS_2048
381 
382 #undef USE_CERT_BUFFERS_1024
383 #define USE_CERT_BUFFERS_1024
384 
385 #undef USE_CERT_BUFFERS_256
386 #define USE_CERT_BUFFERS_256
387 
388 
389 /* ------------------------------------------------------------------------- */
390 /* Debugging */
391 /* ------------------------------------------------------------------------- */
392 
393 #undef DEBUG_WOLFSSL
394 #undef NO_ERROR_STRINGS
395 #if 1
396  #define DEBUG_WOLFSSL
397 #else
398  #if 0
399  #define NO_ERROR_STRINGS
400  #endif
401 #endif
402 
403 
404 /* ------------------------------------------------------------------------- */
405 /* Memory */
406 /* ------------------------------------------------------------------------- */
407 
408 /* Override Memory API's */
409 #if 0
410  #undef XMALLOC_OVERRIDE
411  #define XMALLOC_OVERRIDE
412 
413  /* prototypes for user heap override functions */
414  /* Note: Realloc only required for normal math */
415  #include <stddef.h> /* for size_t */
416  extern void *myMalloc(size_t n, void* heap, int type);
417  extern void myFree(void *p, void* heap, int type);
418  extern void *myRealloc(void *p, size_t n, void* heap, int type);
419 
420  #define XMALLOC(n, h, t) myMalloc(n, h, t)
421  #define XFREE(p, h, t) myFree(p, h, t)
422  #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
423 #endif
424 
425 #if 0
426  /* Static memory requires fast math */
427  #define WOLFSSL_STATIC_MEMORY
428 
429  /* Disable fallback malloc/free */
430  #define WOLFSSL_NO_MALLOC
431  #if 1
432  #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
433  #endif
434 #endif
435 
436 /* Memory callbacks */
437 #if 0
438  #undef USE_WOLFSSL_MEMORY
439  #define USE_WOLFSSL_MEMORY
440 
441  /* Use this to measure / print heap usage */
442  #if 1
443  #undef WOLFSSL_TRACK_MEMORY
444  #define WOLFSSL_TRACK_MEMORY
445 
446  #undef WOLFSSL_DEBUG_MEMORY
447  #define WOLFSSL_DEBUG_MEMORY
448  #endif
449 #else
450  #ifndef WOLFSSL_STATIC_MEMORY
451  #define NO_WOLFSSL_MEMORY
452  /* Otherwise we will use stdlib malloc, free and realloc */
453  #endif
454 #endif
455 
456 
457 /* ------------------------------------------------------------------------- */
458 /* Port */
459 /* ------------------------------------------------------------------------- */
460 
461 /* Override Current Time */
462 /* Allows custom "custom_time()" function to be used for benchmark */
463 //#define WOLFSSL_USER_CURRTIME
464 //#define WOLFSSL_GMTIME
465 //#define USER_TICKS
466 extern unsigned long my_time(unsigned long* timer);
467 #if 0
468  #define XTIME my_time
469 #endif
470 
471 
472 /* ------------------------------------------------------------------------- */
473 /* RNG */
474 /* ------------------------------------------------------------------------- */
475 
476 /* Seed Source */
477 /* Size of returned HW RNG value */
478 //#define CUSTOM_RAND_TYPE unsigned int
479 extern unsigned int my_rng_seed_gen(void);
480 #undef CUSTOM_RAND_GENERATE
481 //#define CUSTOM_RAND_GENERATE my_rng_seed_gen
482 
483 /* Choose RNG method */
484 #if 1
485  /* Use built-in P-RNG (SHA256 based) with HW RNG */
486  /* P-RNG + HW RNG (P-RNG is ~8K) */
487  #undef HAVE_HASHDRBG
488  #define HAVE_HASHDRBG
489 #else
490  #undef WC_NO_HASHDRBG
491  #define WC_NO_HASHDRBG
492 
493  /* Bypass P-RNG and use only HW RNG */
494  extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
495  #undef CUSTOM_RAND_GENERATE_BLOCK
496  #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
497 #endif
498 
499 
500 /* ------------------------------------------------------------------------- */
501 /* Custom Standard Lib */
502 /* ------------------------------------------------------------------------- */
503 /* Allows override of all standard library functions */
504 #undef STRING_USER
505 #if 1
506  #define STRING_USER
507 
508  #include <string.h>
509 
510  #undef USE_WOLF_STRSEP
511  #define USE_WOLF_STRSEP
512  #define XSTRSEP(s1,d) wc_strsep((s1),(d))
513 
514  #undef USE_WOLF_STRTOK
515  #define USE_WOLF_STRTOK
516  #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
517 
518  #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
519 
520  #define XMEMCPY(d,s,l) memcpy((d),(s),(l))
521  #define XMEMSET(b,c,l) memset((b),(c),(l))
522  #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
523  #define XMEMMOVE(d,s,l) memmove((d),(s),(l))
524 
525  #define XSTRLEN(s1) strlen((s1))
526  #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
527  #define XSTRSTR(s1,s2) strstr((s1),(s2))
528 
529  #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
530  #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
531  #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
532 
533  #define XSNPRINTF snprintf
534 #endif
535 
536 
537 
538 /* ------------------------------------------------------------------------- */
539 /* Enable Features */
540 /* ------------------------------------------------------------------------- */
541 #undef WOLFSSL_TLS13
542 #if 1
543  #define WOLFSSL_TLS13
544 #endif
545 
546 #undef WOLFSSL_KEY_GEN
547 #if 0
548  #define WOLFSSL_KEY_GEN
549 #endif
550 
551 #if defined(HAVE_FIPS) && !defined(WOLFSSL_KEY_GEN)
552  #define WOLFSSL_OLD_PRIME_CHECK
553 #endif
554 
555 #undef KEEP_PEER_CERT
556 //#define KEEP_PEER_CERT
557 
558 #undef HAVE_COMP_KEY
559 //#define HAVE_COMP_KEY
560 
561 #undef HAVE_TLS_EXTENSIONS
562 #define HAVE_TLS_EXTENSIONS
563 
564 #undef HAVE_SUPPORTED_CURVES
565 #define HAVE_SUPPORTED_CURVES
566 
567 #undef WOLFSSL_BASE64_ENCODE
568 #define WOLFSSL_BASE64_ENCODE
569 
570 /* TLS Session Cache */
571 #if 1
572  #define SMALL_SESSION_CACHE
573 #else
574  #define NO_SESSION_CACHE
575 #endif
576 
577 #undef HAVE_EXTENDED_MASTER
578 #define HAVE_EXTENDED_MASTER
579 
580 #undef HAVE_TRUNCATED_HMAC
581 #define HAVE_TRUNCATED_HMAC
582 
583 #undef WOLFSSL_ALLOW_TLSV10
584 #define WOLFSSL_ALLOW_TLSV10
585 
586 #undef HAVE_SNI
587 #if 1
588  #define HAVE_SNI
589 #endif
590 
591 #undef HAVE_MAX_FRAGMENT
592 #if 1
593  /* Set maximum fragment size. */
594  #define HAVE_MAX_FRAGMENT
595 #endif
596 
597 #if 1
598  #define FP_MAX_BITS_ECC 512
599 #endif
600 
601 /* ------------------------------------------------------------------------- */
602 /* TCP STACK */
603 /* ------------------------------------------------------------------------- */
604 #undef HAVE_NETX
605 #if 1
606  #define HAVE_NETX
607 #endif
608 #undef WOLFSSL_LWIP
609 #if 0
610  #define WOLFSSL_LWIP
611 #endif
612 
613 /* ------------------------------------------------------------------------- */
614 /* RTOS */
615 /* ------------------------------------------------------------------------- */
616 #undef THREADX
617 #if 1
618  #define THREADX
619  #undef THREADX_NO_DC_PRINTF
620  #if 1
621  #define THREADX_NO_DC_PRINTF
622  #endif
623 #endif
624 
625 /* ------------------------------------------------------------------------- */
626 /* Disable Features */
627 /* ------------------------------------------------------------------------- */
628 #undef NO_WOLFSSL_SERVER
629 //#define NO_WOLFSSL_SERVER
630 
631 #undef NO_WOLFSSL_CLIENT
632 //#define NO_WOLFSSL_CLIENT
633 
634 #undef NO_CRYPT_TEST
635 //#define NO_CRYPT_TEST
636 
637 #undef NO_CRYPT_BENCHMARK
638 //#define NO_CRYPT_BENCHMARK
639 
640 #undef WOLFCRYPT_ONLY
641 //#define WOLFCRYPT_ONLY
642 
643 /* In-lining of misc.c functions */
644 /* If defined, must include wolfcrypt/src/misc.c in build */
645 /* Slower, but about 1k smaller */
646 #undef NO_INLINE
647 //#define NO_INLINE
648 
649 #undef NO_FILESYSTEM
650 #define NO_FILESYSTEM
651 
652 #undef NO_WRITEV
653 #define NO_WRITEV
654 
655 #undef NO_MAIN_DRIVER
656 #define NO_MAIN_DRIVER
657 
658 #undef NO_DEV_RANDOM
659 #define NO_DEV_RANDOM
660 
661 #undef NO_DSA
662 //#define NO_DSA
663 
664 #undef NO_RC4
665 //#define NO_RC4
666 
667 #undef NO_OLD_TLS
668 //#define NO_OLD_TLS
669 
670 #undef NO_HC128
671 //#define NO_HC128
672 
673 #undef NO_RABBIT
674 //#define NO_RABBIT
675 
676 #undef NO_PSK
677 //#define NO_PSK
678 
679 #undef NO_MD4
680 //#define NO_MD4
681 
682 #undef NO_PWDBASED
683 #define NO_PWDBASED
684 
685 #undef NO_CODING
686 //#define NO_CODING
687 
688 #undef NO_ASN_TIME
689 //#define NO_ASN_TIME
690 
691 #undef NO_CERTS
692 //#define NO_CERTS
693 
694 #undef NO_SIG_WRAPPER
695 //#define NO_SIG_WRAPPER
696 
697 #undef NO_OLD_WC_NAMES
698 //#define NO_OLD_WC_NAMES
699 
700 #undef NO_WOLFSSL_DIR
701 //#define NO_WOLFSSL_DIR
702 
703 /* ------------------------------------------------------------------------- */
704 /* WICED SDK */
705 /* ------------------------------------------------------------------------- */
706 #undef WOLFSSL_WICED
707 #if 1
708  #define WOLFSSL_WICED
709  #undef WICED_MBEDTLS
710 #endif
711 
712 
713 #ifdef __cplusplus
714 }
715 #endif
716 
717 #endif /* WOLFSSL_USER_SETTINGS_H */