My Project
Loading...
Searching...
No Matches
user_settings.h
1/* user_settings.h
2 *
3 * Copyright (C) 2006-2020 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22/* Custom wolfSSL user settings for GCC ARM */
23
24#ifndef WOLFSSL_USER_SETTINGS_H
25#define WOLFSSL_USER_SETTINGS_H
26
27#ifdef __cplusplus
28extern "C" {
29#endif
30
31
32/* ------------------------------------------------------------------------- */
33/* Platform */
34/* ------------------------------------------------------------------------- */
35#undef WOLFSSL_GENERAL_ALIGNMENT
36#define WOLFSSL_GENERAL_ALIGNMENT 4
37
38#undef SINGLE_THREADED
39#define SINGLE_THREADED
40
41#undef WOLFSSL_SMALL_STACK
42#define WOLFSSL_SMALL_STACK
43
44#undef WOLFSSL_USER_IO
45#define WOLFSSL_USER_IO
46
47
48/* ------------------------------------------------------------------------- */
49/* Math Configuration */
50/* ------------------------------------------------------------------------- */
51#undef SIZEOF_LONG_LONG
52#define SIZEOF_LONG_LONG 8
53
54#undef USE_FAST_MATH
55#if 1
56 #define USE_FAST_MATH
57
58 #undef TFM_TIMING_RESISTANT
59 #define TFM_TIMING_RESISTANT
60
61 /* Optimizations */
62 //#define TFM_ARM
63#endif
64
65/* Wolf Single Precision Math */
66#undef WOLFSSL_SP
67#if 0
68 #define WOLFSSL_SP
69 #define WOLFSSL_SP_SMALL /* use smaller version of code */
70 #define WOLFSSL_HAVE_SP_RSA
71 #define WOLFSSL_HAVE_SP_DH
72 #define WOLFSSL_HAVE_SP_ECC
73 #define WOLFSSL_SP_CACHE_RESISTANT
74 //#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
75
76 /* 64 or 32 bit version */
77 //#define WOLFSSL_SP_ASM /* required if using the ASM versions */
78 //#define WOLFSSL_SP_ARM32_ASM
79 //#define WOLFSSL_SP_ARM64_ASM
80#endif
81
82/* ------------------------------------------------------------------------- */
83/* FIPS - Requires eval or license from wolfSSL */
84/* ------------------------------------------------------------------------- */
85#undef HAVE_FIPS
86#if 0
87 #define HAVE_FIPS
88
89 #undef HAVE_FIPS_VERSION
90 #define HAVE_FIPS_VERSION 2
91
92 #ifdef SINGLE_THREADED
93 #undef NO_THREAD_LS
94 #define NO_THREAD_LS
95 #endif
96#endif
97
98
99/* ------------------------------------------------------------------------- */
100/* Crypto */
101/* ------------------------------------------------------------------------- */
102/* RSA */
103#undef NO_RSA
104#if 1
105 #ifdef USE_FAST_MATH
106 /* Maximum math bits (Max RSA key bits * 2) */
107 #undef FP_MAX_BITS
108 #define FP_MAX_BITS 4096
109 #endif
110
111 /* half as much memory but twice as slow */
112 #undef RSA_LOW_MEM
113 //#define RSA_LOW_MEM
114
115 /* Enables blinding mode, to prevent timing attacks */
116 #if 1
117 #undef WC_RSA_BLINDING
118 #define WC_RSA_BLINDING
119 #else
120 #undef WC_NO_HARDEN
121 #define WC_NO_HARDEN
122 #endif
123
124 /* RSA PSS Support */
125 #if 0
126 #define WC_RSA_PSS
127 #endif
128
129 #if 0
130 #define WC_RSA_NO_PADDING
131 #endif
132#else
133 #define NO_RSA
134#endif
135
136/* ECC */
137#undef HAVE_ECC
138#if 1
139 #define HAVE_ECC
140
141 /* Manually define enabled curves */
142 #undef ECC_USER_CURVES
143 #define ECC_USER_CURVES
144
145 #ifdef ECC_USER_CURVES
146 /* Manual Curve Selection */
147 //#define HAVE_ECC192
148 //#define HAVE_ECC224
149 #undef NO_ECC256
150 //#define HAVE_ECC384
151 //#define HAVE_ECC521
152 #endif
153
154 /* Fixed point cache (speeds repeated operations against same private key) */
155 #undef FP_ECC
156 //#define FP_ECC
157 #ifdef FP_ECC
158 /* Bits / Entries */
159 #undef FP_ENTRIES
160 #define FP_ENTRIES 2
161 #undef FP_LUT
162 #define FP_LUT 4
163 #endif
164
165 /* Optional ECC calculation method */
166 /* Note: doubles heap usage, but slightly faster */
167 #undef ECC_SHAMIR
168 #define ECC_SHAMIR
169
170 /* Reduces heap usage, but slower */
171 #undef ECC_TIMING_RESISTANT
172 #define ECC_TIMING_RESISTANT
173
174 /* Enable cofactor support */
175 #ifdef HAVE_FIPS
176 #undef HAVE_ECC_CDH
177 #define HAVE_ECC_CDH
178 #endif
179
180 /* Validate import */
181 #ifdef HAVE_FIPS
182 #undef WOLFSSL_VALIDATE_ECC_IMPORT
183 #define WOLFSSL_VALIDATE_ECC_IMPORT
184 #endif
185
186 /* Compressed Key Support */
187 #undef HAVE_COMP_KEY
188 //#define HAVE_COMP_KEY
189
190 /* Use alternate ECC size for ECC math */
191 #ifdef USE_FAST_MATH
192 #ifdef NO_RSA
193 /* Custom fastmath size if not using RSA */
194 /* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */
195 #undef FP_MAX_BITS
196 #define FP_MAX_BITS (256 + 32)
197 #else
198 #undef ALT_ECC_SIZE
199 #define ALT_ECC_SIZE
200 #endif
201
202 /* Speedups specific to curve */
203 #ifndef NO_ECC256
204 #undef TFM_ECC256
205 #define TFM_ECC256
206 #endif
207 #endif
208#endif
209
210/* DH */
211#undef NO_DH
212#if 1
213 /* Use table for DH instead of -lm (math) lib dependency */
214 #if 0
215 #define WOLFSSL_DH_CONST
216 #define HAVE_FFDHE_2048
217 #define HAVE_FFDHE_4096
218 //#define HAVE_FFDHE_6144
219 //#define HAVE_FFDHE_8192
220 #endif
221
222 #ifdef HAVE_FIPS
223 #define WOLFSSL_VALIDATE_FFC_IMPORT
224 #define HAVE_FFDHE_Q
225 #endif
226#else
227 #define NO_DH
228#endif
229
230
231/* AES */
232#undef NO_AES
233#if 1
234 #undef HAVE_AES_CBC
235 #define HAVE_AES_CBC
236
237 #undef HAVE_AESGCM
238 #define HAVE_AESGCM
239
240 /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
241 #define GCM_SMALL
242
243 #undef WOLFSSL_AES_DIRECT
244 //#define WOLFSSL_AES_DIRECT
245
246 #undef HAVE_AES_ECB
247 //#define HAVE_AES_ECB
248
249 #undef WOLFSSL_AES_COUNTER
250 //#define WOLFSSL_AES_COUNTER
251
252 #undef HAVE_AESCCM
253 //#define HAVE_AESCCM
254#else
255 #define NO_AES
256#endif
257
258
259/* DES3 */
260#undef NO_DES3
261#if 0
262#else
263 #define NO_DES3
264#endif
265
266/* ChaCha20 / Poly1305 */
267#undef HAVE_CHACHA
268#undef HAVE_POLY1305
269#if 0
270 #define HAVE_CHACHA
271 #define HAVE_POLY1305
272
273 /* Needed for Poly1305 */
274 #undef HAVE_ONE_TIME_AUTH
275 #define HAVE_ONE_TIME_AUTH
276#endif
277
278/* Ed25519 / Curve25519 */
279#undef HAVE_CURVE25519
280#undef HAVE_ED25519
281#if 0
282 #define HAVE_CURVE25519
283 #define HAVE_ED25519 /* ED25519 Requires SHA512 */
284
285 /* Optionally use small math (less flash usage, but much slower) */
286 #if 1
287 #define CURVED25519_SMALL
288 #endif
289#endif
290
291
292/* ------------------------------------------------------------------------- */
293/* Hashing */
294/* ------------------------------------------------------------------------- */
295/* Sha */
296#undef NO_SHA
297#if 1
298 /* 1k smaller, but 25% slower */
299 //#define USE_SLOW_SHA
300#else
301 #define NO_SHA
302#endif
303
304/* Sha256 */
305#undef NO_SHA256
306#if 1
307 /* not unrolled - ~2k smaller and ~25% slower */
308 //#define USE_SLOW_SHA256
309
310 /* Sha224 */
311 #if 0
312 #define WOLFSSL_SHA224
313 #endif
314#else
315 #define NO_SHA256
316#endif
317
318/* Sha512 */
319#undef WOLFSSL_SHA512
320#if 0
321 #define WOLFSSL_SHA512
322
323 /* Sha384 */
324 #undef WOLFSSL_SHA384
325 #if 0
326 #define WOLFSSL_SHA384
327 #endif
328
329 /* over twice as small, but 50% slower */
330 //#define USE_SLOW_SHA512
331#endif
332
333/* Sha3 */
334#undef WOLFSSL_SHA3
335#if 0
336 #define WOLFSSL_SHA3
337#endif
338
339/* MD5 */
340#undef NO_MD5
341#if 0
342
343#else
344 #define NO_MD5
345#endif
346
347/* HKDF */
348#undef HAVE_HKDF
349#if 0
350 #define HAVE_HKDF
351#endif
352
353/* CMAC */
354#undef WOLFSSL_CMAC
355#if 0
356 #define WOLFSSL_CMAC
357#endif
358
359
360/* ------------------------------------------------------------------------- */
361/* Benchmark / Test */
362/* ------------------------------------------------------------------------- */
363/* Use reduced benchmark / test sizes */
364#undef BENCH_EMBEDDED
365#define BENCH_EMBEDDED
366
367#undef USE_CERT_BUFFERS_2048
368#define USE_CERT_BUFFERS_2048
369
370//#undef USE_CERT_BUFFERS_1024
371//#define USE_CERT_BUFFERS_1024
372
373#undef USE_CERT_BUFFERS_256
374#define USE_CERT_BUFFERS_256
375
376
377/* ------------------------------------------------------------------------- */
378/* Debugging */
379/* ------------------------------------------------------------------------- */
380
381#undef DEBUG_WOLFSSL
382#undef NO_ERROR_STRINGS
383#if 0
384 #define DEBUG_WOLFSSL
385#else
386 #if 0
387 #define NO_ERROR_STRINGS
388 #endif
389#endif
390
391
392/* ------------------------------------------------------------------------- */
393/* Memory */
394/* ------------------------------------------------------------------------- */
395
396/* Override Memory API's */
397#if 0
398 #undef XMALLOC_OVERRIDE
399 #define XMALLOC_OVERRIDE
400
401 /* prototypes for user heap override functions */
402 /* Note: Realloc only required for normal math */
403 #include <stddef.h> /* for size_t */
404 extern void *myMalloc(size_t n, void* heap, int type);
405 extern void myFree(void *p, void* heap, int type);
406 extern void *myRealloc(void *p, size_t n, void* heap, int type);
407
408 #define XMALLOC(n, h, t) myMalloc(n, h, t)
409 #define XFREE(p, h, t) myFree(p, h, t)
410 #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
411#endif
412
413#if 0
414 /* Static memory requires fast math */
415 #define WOLFSSL_STATIC_MEMORY
416
417 /* Disable fallback malloc/free */
418 #define WOLFSSL_NO_MALLOC
419 #if 1
420 #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
421 #endif
422#endif
423
424/* Memory callbacks */
425#if 0
426 #undef USE_WOLFSSL_MEMORY
427 #define USE_WOLFSSL_MEMORY
428
429 /* Use this to measure / print heap usage */
430 #if 1
431 #undef WOLFSSL_TRACK_MEMORY
432 #define WOLFSSL_TRACK_MEMORY
433
434 #undef WOLFSSL_DEBUG_MEMORY
435 #define WOLFSSL_DEBUG_MEMORY
436 #endif
437#else
438 #ifndef WOLFSSL_STATIC_MEMORY
439 #define NO_WOLFSSL_MEMORY
440 /* Otherwise we will use stdlib malloc, free and realloc */
441 #endif
442#endif
443
444
445/* ------------------------------------------------------------------------- */
446/* Port */
447/* ------------------------------------------------------------------------- */
448
449/* Override Current Time */
450/* Allows custom "custom_time()" function to be used for benchmark */
451#define WOLFSSL_USER_CURRTIME
452#define WOLFSSL_GMTIME
453#define USER_TICKS
454extern unsigned long my_time(unsigned long* timer);
455#define XTIME my_time
456
457
458/* ------------------------------------------------------------------------- */
459/* RNG */
460/* ------------------------------------------------------------------------- */
461
462/* Seed Source */
463/* Size of returned HW RNG value */
464#define CUSTOM_RAND_TYPE unsigned int
465extern unsigned int my_rng_seed_gen(void);
466#undef CUSTOM_RAND_GENERATE
467#define CUSTOM_RAND_GENERATE my_rng_seed_gen
468
469/* Choose RNG method */
470#if 1
471 /* Use built-in P-RNG (SHA256 based) with HW RNG */
472 /* P-RNG + HW RNG (P-RNG is ~8K) */
473 #undef HAVE_HASHDRBG
474 #define HAVE_HASHDRBG
475#else
476 #undef WC_NO_HASHDRBG
477 #define WC_NO_HASHDRBG
478
479 /* Bypass P-RNG and use only HW RNG */
480 extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
481 #undef CUSTOM_RAND_GENERATE_BLOCK
482 #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
483#endif
484
485
486/* ------------------------------------------------------------------------- */
487/* Custom Standard Lib */
488/* ------------------------------------------------------------------------- */
489/* Allows override of all standard library functions */
490#undef STRING_USER
491#if 0
492 #define STRING_USER
493
494 #include <string.h>
495
496 #undef USE_WOLF_STRSEP
497 #define USE_WOLF_STRSEP
498 #define XSTRSEP(s1,d) wc_strsep((s1),(d))
499
500 #undef USE_WOLF_STRTOK
501 #define USE_WOLF_STRTOK
502 #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
503
504 #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
505
506 #define XMEMCPY(d,s,l) memcpy((d),(s),(l))
507 #define XMEMSET(b,c,l) memset((b),(c),(l))
508 #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
509 #define XMEMMOVE(d,s,l) memmove((d),(s),(l))
510
511 #define XSTRLEN(s1) strlen((s1))
512 #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
513 #define XSTRSTR(s1,s2) strstr((s1),(s2))
514
515 #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
516 #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
517 #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
518
519 #define XSNPRINTF snprintf
520#endif
521
522
523
524/* ------------------------------------------------------------------------- */
525/* Enable Features */
526/* ------------------------------------------------------------------------- */
527#undef WOLFSSL_TLS13
528#if 0
529 #define WOLFSSL_TLS13
530#endif
531
532#undef WOLFSSL_KEY_GEN
533#if 0
534 #define WOLFSSL_KEY_GEN
535#endif
536
537#if defined(HAVE_FIPS) && !defined(WOLFSSL_KEY_GEN)
538 #define WOLFSSL_OLD_PRIME_CHECK
539#endif
540
541#undef KEEP_PEER_CERT
542//#define KEEP_PEER_CERT
543
544#undef HAVE_COMP_KEY
545//#define HAVE_COMP_KEY
546
547#undef HAVE_TLS_EXTENSIONS
548#define HAVE_TLS_EXTENSIONS
549
550#undef HAVE_SUPPORTED_CURVES
551#define HAVE_SUPPORTED_CURVES
552
553#undef WOLFSSL_BASE64_ENCODE
554#define WOLFSSL_BASE64_ENCODE
555
556/* TLS Session Cache */
557#if 0
558 #define SMALL_SESSION_CACHE
559#else
560 #define NO_SESSION_CACHE
561#endif
562
563
564/* ------------------------------------------------------------------------- */
565/* Disable Features */
566/* ------------------------------------------------------------------------- */
567#undef NO_WOLFSSL_SERVER
568//#define NO_WOLFSSL_SERVER
569
570#undef NO_WOLFSSL_CLIENT
571//#define NO_WOLFSSL_CLIENT
572
573#undef NO_CRYPT_TEST
574//#define NO_CRYPT_TEST
575
576#undef NO_CRYPT_BENCHMARK
577//#define NO_CRYPT_BENCHMARK
578
579#undef WOLFCRYPT_ONLY
580//#define WOLFCRYPT_ONLY
581
582/* In-lining of misc.c functions */
583/* If defined, must include wolfcrypt/src/misc.c in build */
584/* Slower, but about 1k smaller */
585#undef NO_INLINE
586//#define NO_INLINE
587
588#undef NO_FILESYSTEM
589#define NO_FILESYSTEM
590
591#undef NO_WRITEV
592#define NO_WRITEV
593
594#undef NO_MAIN_DRIVER
595#define NO_MAIN_DRIVER
596
597#undef NO_DEV_RANDOM
598#define NO_DEV_RANDOM
599
600#undef NO_DSA
601#define NO_DSA
602
603#undef NO_RC4
604#define NO_RC4
605
606#undef NO_OLD_TLS
607#define NO_OLD_TLS
608
609#undef NO_HC128
610#define NO_HC128
611
612#undef NO_RABBIT
613#define NO_RABBIT
614
615#undef NO_PSK
616#define NO_PSK
617
618#undef NO_MD4
619#define NO_MD4
620
621#undef NO_PWDBASED
622#define NO_PWDBASED
623
624#undef NO_CODING
625//#define NO_CODING
626
627#undef NO_ASN_TIME
628//#define NO_ASN_TIME
629
630#undef NO_CERTS
631//#define NO_CERTS
632
633#undef NO_SIG_WRAPPER
634//#define NO_SIG_WRAPPER
635
636#ifdef __cplusplus
637}
638#endif
639
640#endif /* WOLFSSL_USER_SETTINGS_H */
641