My Project
Loading...
Searching...
No Matches
IDE
OPENSTM32
Inc
user_settings.h
1
/* user_settings.h
2
*
3
* Copyright (C) 2006-2020 wolfSSL Inc.
4
*
5
* This file is part of wolfSSL.
6
*
7
* wolfSSL is free software; you can redistribute it and/or modify
8
* it under the terms of the GNU General Public License as published by
9
* the Free Software Foundation; either version 2 of the License, or
10
* (at your option) any later version.
11
*
12
* wolfSSL is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
* GNU General Public License for more details.
16
*
17
* You should have received a copy of the GNU General Public License
18
* along with this program; if not, write to the Free Software
19
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20
*/
21
22
/* Example wolfSSL user settings for STM32F4 with CubeMX */
23
24
#ifndef WOLFSSL_USER_SETTINGS_H
25
#define WOLFSSL_USER_SETTINGS_H
26
27
#ifdef __cplusplus
28
extern
"C"
{
29
#endif
30
31
/* ------------------------------------------------------------------------- */
32
/* Platform */
33
/* ------------------------------------------------------------------------- */
34
#undef WOLFSSL_GENERAL_ALIGNMENT
35
#define WOLFSSL_GENERAL_ALIGNMENT 4
36
37
#undef SINGLE_THREADED
38
//#define SINGLE_THREADED
39
40
#undef WOLFSSL_SMALL_STACK
41
#define WOLFSSL_SMALL_STACK
42
43
#undef WOLFSSL_STM32F4
44
#define WOLFSSL_STM32F4
45
46
#undef WOLFSSL_STM32_CUBEMX
47
#define WOLFSSL_STM32_CUBEMX
48
49
#undef FREERTOS
50
#define FREERTOS
51
52
#undef WOLFSSL_USER_IO
53
#define WOLFSSL_USER_IO
54
55
#undef WOLFSSL_NO_SOCK
56
#define WOLFSSL_NO_SOCK
57
58
59
/* ------------------------------------------------------------------------- */
60
/* HW Crypto Acceleration */
61
/* ------------------------------------------------------------------------- */
62
// See settings.h STM32F4 section
63
/* Optionally Disable Hardware Hashing Support */
64
//#define NO_STM32_HASH
65
//#define NO_STM32_RNG
66
//#define NO_STM32_CRYPTO
67
68
69
/* ------------------------------------------------------------------------- */
70
/* Math Configuration */
71
/* ------------------------------------------------------------------------- */
72
#undef USE_FAST_MATH
73
#define USE_FAST_MATH
74
75
#ifdef USE_FAST_MATH
76
#undef TFM_TIMING_RESISTANT
77
#define TFM_TIMING_RESISTANT
78
79
#undef TFM_NO_ASM
80
//#define TFM_NO_ASM
81
82
/* Optimizations (TFM_ARM, TFM_ASM or none) */
83
//#define TFM_ASM
84
#endif
85
86
/* Wolf Single Precision Math */
87
#undef WOLFSSL_SP
88
#if 0
89
#define WOLFSSL_SP
90
#define WOLFSSL_SP_SMALL
/* use smaller version of code */
91
#define WOLFSSL_HAVE_SP_RSA
92
//#define WOLFSSL_HAVE_SP_DH
93
#define WOLFSSL_HAVE_SP_ECC
94
#define WOLFSSL_SP_CACHE_RESISTANT
95
#define WOLFSSL_SP_MATH
/* only SP math - eliminates fast math code */
96
97
//#define WOLFSSL_SP_ASM /* required if using the ASM versions */
98
//#define WOLFSSL_SP_ARM_CORTEX_M_ASM
99
#endif
100
101
102
/* ------------------------------------------------------------------------- */
103
/* Crypto */
104
/* ------------------------------------------------------------------------- */
105
/* RSA */
106
#undef NO_RSA
107
#if 1
108
#ifdef USE_FAST_MATH
109
/* Maximum math bits (Max RSA key bits * 2) */
110
#undef FP_MAX_BITS
111
#define FP_MAX_BITS 4096
112
#endif
113
114
/* half as much memory but twice as slow */
115
#undef RSA_LOW_MEM
116
//#define RSA_LOW_MEM
117
118
/* Enables blinding mode, to prevent timing attacks */
119
#undef WC_RSA_BLINDING
120
#define WC_RSA_BLINDING
121
122
/* RSA PSS Support (required for TLS v1.3)*/
123
#if 0
124
#define WC_RSA_PSS
125
#endif
126
#else
127
#define NO_RSA
128
#endif
129
130
/* ECC */
131
#if 1
132
#undef HAVE_ECC
133
#define HAVE_ECC
134
135
/* Manually define enabled curves */
136
#undef ECC_USER_CURVES
137
#define ECC_USER_CURVES
138
139
//#define HAVE_ECC192
140
//#define HAVE_ECC224
141
#undef NO_ECC256
142
//#define HAVE_ECC384
143
//#define HAVE_ECC521
144
145
/* Fixed point cache (speeds repeated operations against same private key) */
146
#undef FP_ECC
147
//#define FP_ECC
148
#ifdef FP_ECC
149
/* Bits / Entries */
150
#undef FP_ENTRIES
151
#define FP_ENTRIES 2
152
#undef FP_LUT
153
#define FP_LUT 4
154
#endif
155
156
/* Optional ECC calculation method */
157
/* Note: doubles heap usage, but slightly faster */
158
#undef ECC_SHAMIR
159
#define ECC_SHAMIR
160
161
/* Reduces heap usage, but slower */
162
#undef ECC_TIMING_RESISTANT
163
#define ECC_TIMING_RESISTANT
164
165
#ifdef USE_FAST_MATH
166
#ifdef NO_RSA
167
/* Custom fastmath size if not using RSA */
168
/* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */
169
#undef FP_MAX_BITS
170
#define FP_MAX_BITS (256 + 32)
171
#else
172
#undef ALT_ECC_SIZE
173
#define ALT_ECC_SIZE
174
#endif
175
176
/* Enable TFM optimizations for ECC */
177
//#define TFM_ECC192
178
//#define TFM_ECC224
179
#define TFM_ECC256
180
//#define TFM_ECC384
181
//#define TFM_ECC521
182
#endif
183
#endif
184
185
/* DH */
186
#undef NO_DH
187
#if 0
188
#define HAVE_DH
/* freeRTOS settings.h requires this */
189
#else
190
//#define NO_DH
191
#endif
192
193
/* AES */
194
#undef NO_AES
195
#if 1
196
#undef HAVE_AESGCM
197
#define HAVE_AESGCM
198
199
/* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
200
#undef GCM_SMALL
201
#define GCM_SMALL
202
203
#undef WOLFSSL_AES_COUNTER
204
#define WOLFSSL_AES_COUNTER
205
206
#undef WOLFSSL_AES_DIRECT
207
#define WOLFSSL_AES_DIRECT
208
209
#undef HAVE_AES_ECB
210
#define HAVE_AES_ECB
211
#else
212
#define NO_AES
213
#endif
214
215
/* DES */
216
#undef NO_DES3
217
#if 1
218
219
#else
220
#define NO_DES3
221
#endif
222
223
/* ChaCha20 / Poly1305 */
224
#undef HAVE_CHACHA
225
#undef HAVE_POLY1305
226
#if 1
227
#define HAVE_CHACHA
228
#define HAVE_POLY1305
229
230
/* Needed for Poly1305 */
231
#undef HAVE_ONE_TIME_AUTH
232
#define HAVE_ONE_TIME_AUTH
233
#endif
234
235
/* Ed25519 / Curve25519 */
236
#undef HAVE_CURVE25519
237
#undef HAVE_ED25519
238
#if 0
239
#define HAVE_CURVE25519
240
#define HAVE_ED25519
241
242
/* Optionally use small math (less flash usage, but much slower) */
243
#if 0
244
#define CURVED25519_SMALL
245
#endif
246
#endif
247
248
249
/* ------------------------------------------------------------------------- */
250
/* Hashing */
251
/* ------------------------------------------------------------------------- */
252
/* Sha */
253
#undef NO_SHA
254
#if 1
255
/* 1k smaller, but 25% slower */
256
//#define USE_SLOW_SHA
257
#else
258
#define NO_SHA
259
#endif
260
261
/* Sha256 */
262
#undef NO_SHA256
263
#if 1
264
/* not unrolled - ~2k smaller and ~25% slower */
265
//#define USE_SLOW_SHA256
266
267
/* Sha224 */
268
#if 0
269
#define WOLFSSL_SHA224
270
#endif
271
#else
272
#define NO_SHA256
273
#endif
274
275
/* Sha512 */
276
#undef WOLFSSL_SHA512
277
#if 1
278
/* over twice as small, but 50% slower */
279
//#define USE_SLOW_SHA512
280
281
#define WOLFSSL_SHA512
282
#define HAVE_SHA512
/* freeRTOS settings.h requires this */
283
284
/* Sha384 */
285
#undef WOLFSSL_SHA384
286
#if 1
287
#define WOLFSSL_SHA384
288
#endif
289
#endif
290
291
/* MD5 */
292
#if 1
293
/* enabled */
294
#else
295
#define NO_MD5
296
#endif
297
298
299
/* ------------------------------------------------------------------------- */
300
/* Benchmark / Test */
301
/* ------------------------------------------------------------------------- */
302
/* Use reduced benchmark / test sizes */
303
#undef BENCH_EMBEDDED
304
#define BENCH_EMBEDDED
305
306
#undef USE_CERT_BUFFERS_2048
307
#define USE_CERT_BUFFERS_2048
308
309
#undef USE_CERT_BUFFERS_256
310
#define USE_CERT_BUFFERS_256
311
312
313
/* ------------------------------------------------------------------------- */
314
/* Debugging */
315
/* ------------------------------------------------------------------------- */
316
#undef DEBUG_WOLFSSL
317
//#define DEBUG_WOLFSSL
318
319
#ifdef DEBUG_WOLFSSL
320
/* Use this to measure / print heap usage */
321
#if 0
322
#undef USE_WOLFSSL_MEMORY
323
#define USE_WOLFSSL_MEMORY
324
325
#undef WOLFSSL_TRACK_MEMORY
326
#define WOLFSSL_TRACK_MEMORY
327
328
#define WOLFSSL_DEBUG_MEMORY
329
#define WOLFSSL_DEBUG_MEMORY_PRINT
330
#endif
331
#else
332
#undef NO_WOLFSSL_MEMORY
333
//#define NO_WOLFSSL_MEMORY
334
335
#undef NO_ERROR_STRINGS
336
//#define NO_ERROR_STRINGS
337
#endif
338
339
340
/* ------------------------------------------------------------------------- */
341
/* Port */
342
/* ------------------------------------------------------------------------- */
343
344
/* Override Current Time */
345
/* Allows custom "custom_time()" function to be used for benchmark */
346
#define WOLFSSL_USER_CURRTIME
347
348
349
/* ------------------------------------------------------------------------- */
350
/* RNG */
351
/* ------------------------------------------------------------------------- */
352
/* Size of returned HW RNG value */
353
#define NO_OLD_RNGNAME
354
355
/* Choose RNG method */
356
#if 1
357
#ifndef STM32_RNG
358
#define WOLFSSL_GENSEED_FORTEST
359
#endif
360
361
/* Use built-in P-RNG (SHA256 based) with HW RNG */
362
/* P-RNG + HW RNG (P-RNG is ~8K) */
363
#undef HAVE_HASHDRBG
364
#define HAVE_HASHDRBG
365
#else
366
/* Bypass P-RNG and use only HW RNG */
367
extern
int
custom_rand_generate_block(
unsigned
char
* output,
unsigned
int
sz);
368
#undef CUSTOM_RAND_GENERATE_BLOCK
369
#define CUSTOM_RAND_GENERATE_BLOCK custom_rand_generate_block
370
#endif
371
372
373
/* ------------------------------------------------------------------------- */
374
/* Enable Features */
375
/* ------------------------------------------------------------------------- */
376
#undef WOLFSSL_TLS13
377
#if 0
378
#define WOLFSSL_TLS13
379
#endif
380
381
#undef KEEP_PEER_CERT
382
//#define KEEP_PEER_CERT
383
384
#undef HAVE_COMP_KEY
385
//#define HAVE_COMP_KEY
386
387
#undef HAVE_TLS_EXTENSIONS
388
#define HAVE_TLS_EXTENSIONS
389
390
#undef HAVE_SUPPORTED_CURVES
391
#define HAVE_SUPPORTED_CURVES
392
393
#undef WOLFSSL_BASE64_ENCODE
394
//#define WOLFSSL_BASE64_ENCODE
395
396
/* TLS Session Cache */
397
#if 0
398
#define SMALL_SESSION_CACHE
399
#else
400
#define NO_SESSION_CACHE
401
#endif
402
403
404
/* ------------------------------------------------------------------------- */
405
/* Disable Features */
406
/* ------------------------------------------------------------------------- */
407
#undef NO_WOLFSSL_SERVER
408
//#define NO_WOLFSSL_SERVER
409
410
#undef NO_WOLFSSL_CLIENT
411
//#define NO_WOLFSSL_CLIENT
412
413
#undef NO_CRYPT_TEST
414
//#define NO_CRYPT_TEST
415
416
#undef NO_CRYPT_BENCHMARK
417
//#define NO_CRYPT_BENCHMARK
418
419
/* In-lining of misc.c functions */
420
/* If defined, must include wolfcrypt/src/misc.c in build */
421
/* Slower, but about 1k smaller */
422
#undef NO_INLINE
423
//#define NO_INLINE
424
425
#undef NO_FILESYSTEM
426
#define NO_FILESYSTEM
427
428
#undef NO_WRITEV
429
#define NO_WRITEV
430
431
#undef NO_MAIN_DRIVER
432
#define NO_MAIN_DRIVER
433
434
#undef NO_DEV_RANDOM
435
#define NO_DEV_RANDOM
436
437
#undef NO_DSA
438
#define NO_DSA
439
440
#undef NO_RC4
441
#define NO_RC4
442
443
#undef NO_OLD_TLS
444
#define NO_OLD_TLS
445
446
#undef NO_HC128
447
#define NO_HC128
448
449
#undef NO_RABBIT
450
#define NO_RABBIT
451
452
#undef NO_PSK
453
#define NO_PSK
454
455
#undef NO_MD4
456
#define NO_MD4
457
458
#undef NO_PWDBASED
459
#define NO_PWDBASED
460
461
#undef NO_CODING
462
//#define NO_CODING
463
464
/* bypass certificate date checking, due to lack of properly configured RTC source */
465
#undef NO_ASN_TIME
466
#define NO_ASN_TIME
467
468
469
#ifdef __cplusplus
470
}
471
#endif
472
473
#endif
/* WOLFSSL_USER_SETTINGS_H */
