My Project
Loading...
Searching...
No Matches
user_settings.h
1/* user_settings.h
2 *
3 * Copyright (C) 2020 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22/* Example Settings for SiFive HiFive1 */
23
24#ifndef WOLFSSL_USER_SETTINGS_H
25#define WOLFSSL_USER_SETTINGS_H
26
27#ifdef __cplusplus
28extern "C" {
29#endif
30
31/* ------------------------------------------------------------------------- */
32/* SiFive HiFive */
33/* ------------------------------------------------------------------------- */
34#undef WOLFSSL_SIFIVE_RISC_V
35#define WOLFSSL_SIFIVE_RISC_V
36
37
38/* ------------------------------------------------------------------------- */
39/* Platform */
40/* ------------------------------------------------------------------------- */
41
42#undef WOLFSSL_GENERAL_ALIGNMENT
43#define WOLFSSL_GENERAL_ALIGNMENT 4
44
45#undef SINGLE_THREADED
46#define SINGLE_THREADED
47
48#undef WOLFSSL_SMALL_STACK
49#define WOLFSSL_SMALL_STACK
50
51#undef WOLFSSL_USER_IO
52#define WOLFSSL_USER_IO
53
54
55/* ------------------------------------------------------------------------- */
56/* Math Configuration */
57/* ------------------------------------------------------------------------- */
58#undef SIZEOF_LONG_LONG
59#define SIZEOF_LONG_LONG 8
60
61#undef USE_FAST_MATH
62
63#if 1
64 #define USE_FAST_MATH
65
66 #undef TFM_TIMING_RESISTANT
67 #define TFM_TIMING_RESISTANT
68
69 /* Optimizations */
70 //#define TFM_ARM
71#endif
72
73
74/* ------------------------------------------------------------------------- */
75/* Asymmetric */
76/* ------------------------------------------------------------------------- */
77/* RSA */
78/* Not enabled due to memory constraints on HiFive1 */
79#undef NO_RSA
80#if 0
81 #ifdef USE_FAST_MATH
82 /* Maximum math bits (Max RSA key bits * 2) */
83 #undef FP_MAX_BITS
84 #define FP_MAX_BITS 4096
85 #endif
86
87 /* half as much memory but twice as slow */
88 #undef RSA_LOW_MEM
89 #define RSA_LOW_MEM
90
91 /* Enables blinding mode, to prevent timing attacks */
92 #if 1
93 #undef WC_RSA_BLINDING
94 #define WC_RSA_BLINDING
95 #else
96 #undef WC_NO_HARDEN
97 #define WC_NO_HARDEN
98 #endif
99
100 /* RSA PSS Support */
101 #if 0
102 #define WC_RSA_PSS
103 #endif
104
105 #if 0
106 #define WC_RSA_NO_PADDING
107 #endif
108#else
109 #define NO_RSA
110#endif
111
112/* ECC */
113#undef HAVE_ECC
114#if 1
115 #define HAVE_ECC
116
117 /* Manually define enabled curves */
118 #undef ECC_USER_CURVES
119 #define ECC_USER_CURVES
120
121 #ifdef ECC_USER_CURVES
122 /* Manual Curve Selection, FP_MAX_BITS must be adjusted accordingly */
123 // #define HAVE_ECC192
124 // #define HAVE_ECC224
125 #undef NO_ECC256
126 // #define HAVE_ECC384
127 // #define HAVE_ECC521
128 #endif
129
130 /* Fixed point cache (speeds repeated operations against same private key) */
131 #undef FP_ECC
132 //#define FP_ECC
133 #ifdef FP_ECC
134 /* Bits / Entries */
135 #undef FP_ENTRIES
136 #define FP_ENTRIES 2
137 #undef FP_LUT
138 #define FP_LUT 4
139 #endif
140
141 /* Optional ECC calculation method */
142 /* Note: doubles heap usage, but slightly faster */
143 #undef ECC_SHAMIR
144 //#define ECC_SHAMIR
145
146 /* Reduces heap usage, but slower */
147 #undef ECC_TIMING_RESISTANT
148 #define ECC_TIMING_RESISTANT
149
150 /* Enable cofactor support */
151 #undef HAVE_ECC_CDH
152 //#define HAVE_ECC_CDH
153
154 /* Validate import */
155 #undef WOLFSSL_VALIDATE_ECC_IMPORT
156 //#define WOLFSSL_VALIDATE_ECC_IMPORT
157
158 /* Compressed Key Support */
159 #undef HAVE_COMP_KEY
160 //#define HAVE_COMP_KEY
161
162 /* Use alternate ECC size for ECC math */
163 #ifdef USE_FAST_MATH
164 #ifdef NO_RSA
165 /* Custom fastmath size if not using RSA */
166 /* MAX = ROUND32(ECC BITS 256) + SIZE_OF_MP_DIGIT(32) */
167 #undef FP_MAX_BITS
168 #define FP_MAX_BITS (256 + 32)
169 #else
170 #undef ALT_ECC_SIZE
171 /* Disable alternate ECC size, since it uses HEAP allocations.
172 Heap is limited resource on HiFive1 */
173 //#define ALT_ECC_SIZE
174 #endif
175 #endif
176#endif
177
178/* DH */
179#undef NO_DH
180#if 0
181 /* Use table for DH instead of -lm (math) lib dependency */
182 #if 0
183 #define WOLFSSL_DH_CONST
184 #endif
185
186 #define HAVE_FFDHE_2048
187 //#define HAVE_FFDHE_4096
188 //#define HAVE_FFDHE_6144
189 //#define HAVE_FFDHE_8192
190#else
191 #define NO_DH
192#endif
193
194
195/* Wolf Single Precision Math */
196/* Optional ECC SECP256R1 acceleration using optimized C code */
197#undef WOLFSSL_SP
198#if 1
199 #define WOLFSSL_SP
200 #define WOLFSSL_SP_SMALL /* use smaller version of code (requires heap) */
201 #define SP_WORD_SIZE 32 /* force 32-bit type */
202 #define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
203 //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
204
205 #ifdef HAVE_ECC
206 #define WOLFSSL_HAVE_SP_ECC
207 #endif
208 #ifndef NO_RSA
209 #define WOLFSSL_HAVE_SP_RSA
210 #endif
211#endif
212
213/* Ed25519 / Curve25519 */
214#undef HAVE_CURVE25519
215#undef HAVE_ED25519
216#if 1
217 #define HAVE_CURVE25519
218 #define HAVE_ED25519 /* ED25519 Requires SHA512 */
219
220 /* Optionally use small math (less flash usage, but much slower) */
221 #if 1
222 /* Curve and Ed 25519 small */
223 #define CURVED25519_SMALL
224 #endif
225#endif
226
227
228/* ------------------------------------------------------------------------- */
229/* Symmetric Ciphers */
230/* ------------------------------------------------------------------------- */
231
232/* AES */
233#undef NO_AES
234#if 1
235 #undef HAVE_AES_CBC
236 #define HAVE_AES_CBC
237
238 #undef HAVE_AESGCM
239 #define HAVE_AESGCM
240
241 /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
242 #define GCM_SMALL
243
244 #undef WOLFSSL_AES_DIRECT
245 //#define WOLFSSL_AES_DIRECT
246
247 #undef HAVE_AES_ECB
248 //#define HAVE_AES_ECB
249
250 #undef WOLFSSL_AES_COUNTER
251 //#define WOLFSSL_AES_COUNTER
252
253 #undef HAVE_AESCCM
254 //#define HAVE_AESCCM
255#endif
256
257/* DES3 */
258#undef NO_DES3
259#if 0
260#else
261 #define NO_DES3
262#endif
263
264/* ChaCha20 / Poly1305 */
265#undef HAVE_CHACHA
266#undef HAVE_POLY1305
267#if 1
268 #define HAVE_CHACHA
269 #define HAVE_POLY1305
270
271 /* Needed for Poly1305 */
272 #undef HAVE_ONE_TIME_AUTH
273 #define HAVE_ONE_TIME_AUTH
274#endif
275
276
277/* ------------------------------------------------------------------------- */
278/* Symmetric Hashing */
279/* ------------------------------------------------------------------------- */
280/* Sha */
281#undef NO_SHA
282#if 1
283 /* 1k smaller, but 25% slower */
284 //#define USE_SLOW_SHA
285#else
286 #define NO_SHA
287#endif
288
289/* Sha256 */
290#undef NO_SHA256
291#if 1
292 /* not unrolled - ~2k smaller and ~25% slower */
293 //#define USE_SLOW_SHA256
294
295 /* Sha224 */
296 #if 0
297 #define WOLFSSL_SHA224
298 #endif
299#else
300 #define NO_SHA256
301#endif
302
303/* Sha512 */
304#undef WOLFSSL_SHA512
305#if 1
306 #define WOLFSSL_SHA512
307
308 /* Sha384 */
309 #undef WOLFSSL_SHA384
310 #if 0
311 #define WOLFSSL_SHA384
312 #endif
313
314 /* over twice as small, but 50% slower */
315 #define USE_SLOW_SHA512
316#endif
317
318/* Sha3 */
319#undef WOLFSSL_SHA3
320#if 0
321 #define WOLFSSL_SHA3
322#endif
323
324/* MD5 */
325#undef NO_MD5
326#if 0
327
328#else
329 #define NO_MD5
330#endif
331
332/* Blake2B */
333#undef HAVE_BLAKE2
334#if 0
335 #define HAVE_BLAKE2
336#endif
337
338/* Blake2S */
339#undef HAVE_BLAKE2S
340#if 0
341 #define HAVE_BLAKE2S
342#endif
343
344/* HKDF */
345#undef HAVE_HKDF
346#if 0
347 #define HAVE_HKDF
348#endif
349
350/* CMAC */
351#undef WOLFSSL_CMAC
352#if 0
353 #define WOLFSSL_CMAC
354#endif
355
356
357/* ------------------------------------------------------------------------- */
358/* Benchmark / Test */
359/* ------------------------------------------------------------------------- */
360/* Use reduced benchmark / test sizes */
361#undef BENCH_EMBEDDED
362#define BENCH_EMBEDDED
363
364#undef USE_CERT_BUFFERS_2048
365#define USE_CERT_BUFFERS_2048
366
367#undef USE_CERT_BUFFERS_1024
368//#define USE_CERT_BUFFERS_1024
369
370#undef USE_CERT_BUFFERS_256
371#define USE_CERT_BUFFERS_256
372
373
374/* ------------------------------------------------------------------------- */
375/* Debugging */
376/* ------------------------------------------------------------------------- */
377
378#undef DEBUG_WOLFSSL
379#undef NO_ERROR_STRINGS
380#if 0
381 #define DEBUG_WOLFSSL
382#else
383 #if 0
384 #define NO_ERROR_STRINGS
385 #endif
386#endif
387
388
389/* ------------------------------------------------------------------------- */
390/* Memory */
391/* ------------------------------------------------------------------------- */
392
393/* Override Memory API's */
394#if 0
395 #undef XMALLOC_OVERRIDE
396 #define XMALLOC_OVERRIDE
397
398 /* prototypes for user heap override functions */
399 /* Note: Realloc only required for normal math */
400 #include <stddef.h> /* for size_t */
401 extern void *myMalloc(size_t n, void* heap, int type);
402 extern void myFree(void *p, void* heap, int type);
403 extern void *myRealloc(void *p, size_t n, void* heap, int type);
404
405 #define XMALLOC(n, h, t) myMalloc(n, h, t)
406 #define XFREE(p, h, t) myFree(p, h, t)
407 #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
408#endif
409
410/* Static memory */
411#if 0
412 /* Static memory requires fast math */
413 #define WOLFSSL_STATIC_MEMORY
414
415 /* Disable fallback malloc/free */
416 #define WOLFSSL_NO_MALLOC
417 #if 1
418 #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
419 #endif
420#endif
421
422/* Memory callbacks */
423#if 0
424 #undef USE_WOLFSSL_MEMORY
425 #define USE_WOLFSSL_MEMORY
426
427 /* Use this to measure / print heap usage */
428 #if 1
429 #undef WOLFSSL_TRACK_MEMORY
430 #define WOLFSSL_TRACK_MEMORY
431
432 #undef WOLFSSL_DEBUG_MEMORY
433 #define WOLFSSL_DEBUG_MEMORY
434 #endif
435#else
436 #ifndef WOLFSSL_STATIC_MEMORY
437 #define NO_WOLFSSL_MEMORY
438 /* Otherwise we will use stdlib malloc, free and realloc */
439 #endif
440#endif
441
442
443/* ------------------------------------------------------------------------- */
444/* Port */
445/* ------------------------------------------------------------------------- */
446
447/* Override Current Time */
448#if defined(WOLFSSL_SIFIVE_RISC_V)
449 #define WOLFSSL_USER_CURRTIME /* for benchmarks, uses "custom_time()" function */
450 #define WOLFSSL_GMTIME
451 #define USER_TICKS
452#else
453 // extern unsigned long my_time(unsigned long* timer);
454 // #define XTIME my_time
455#endif
456
457/* ------------------------------------------------------------------------- */
458/* RNG */
459/* ------------------------------------------------------------------------- */
460#if 0
461 /* Bypass P-RNG and use only HW RNG */
462 #define CUSTOM_RAND_TYPE unsigned int
463 extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
464 #undef CUSTOM_RAND_GENERATE_BLOCK
465 #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
466#else
467 #define HAVE_HASHDRBG
468
469 /* Seed Source */
470 /* Size of returned HW RNG value */
471 #define CUSTOM_RAND_TYPE unsigned int
472 extern unsigned int my_rng_seed_gen(void);
473 #undef CUSTOM_RAND_GENERATE
474 #define CUSTOM_RAND_GENERATE my_rng_seed_gen
475#endif
476
477/* ------------------------------------------------------------------------- */
478/* Enable Features */
479/* ------------------------------------------------------------------------- */
480#undef WOLFSSL_TLS13
481#if 0
482 #define WOLFSSL_TLS13
483#endif
484
485#undef WOLFSSL_KEY_GEN
486#if 0
487 #define WOLFSSL_KEY_GEN
488#endif
489
490/* reduce DH test time */
491#define WOLFSSL_OLD_PRIME_CHECK
492
493#undef KEEP_PEER_CERT
494//#define KEEP_PEER_CERT
495
496#undef HAVE_COMP_KEY
497//#define HAVE_COMP_KEY
498
499#undef HAVE_TLS_EXTENSIONS
500#define HAVE_TLS_EXTENSIONS
501
502#undef HAVE_SUPPORTED_CURVES
503#define HAVE_SUPPORTED_CURVES
504
505#undef WOLFSSL_BASE64_ENCODE
506//#define WOLFSSL_BASE64_ENCODE
507
508/* TLS Session Cache */
509#if 0
510 #define SMALL_SESSION_CACHE
511#else
512 #define NO_SESSION_CACHE
513#endif
514
515
516/* ------------------------------------------------------------------------- */
517/* Disable Features */
518/* ------------------------------------------------------------------------- */
519#undef NO_WOLFSSL_SERVER
520//#define NO_WOLFSSL_SERVER
521
522#undef NO_WOLFSSL_CLIENT
523//#define NO_WOLFSSL_CLIENT
524
525#undef NO_CRYPT_TEST
526//#define NO_CRYPT_TEST
527
528#undef NO_CRYPT_BENCHMARK
529//#define NO_CRYPT_BENCHMARK
530
531#undef WOLFCRYPT_ONLY
532//#define WOLFCRYPT_ONLY
533
534/* In-lining of misc.c functions */
535/* If defined, must include wolfcrypt/src/misc.c in build */
536/* Slower, but about 1k smaller */
537#undef NO_INLINE
538//#define NO_INLINE
539
540#undef NO_FILESYSTEM
541#define NO_FILESYSTEM
542
543#undef NO_WRITEV
544#define NO_WRITEV
545
546#undef NO_MAIN_DRIVER
547#define NO_MAIN_DRIVER
548
549#undef NO_DEV_RANDOM
550#define NO_DEV_RANDOM
551
552#undef NO_DSA
553#define NO_DSA
554
555#undef NO_RC4
556#define NO_RC4
557
558#undef NO_OLD_TLS
559#define NO_OLD_TLS
560
561#undef NO_HC128
562#define NO_HC128
563
564#undef NO_RABBIT
565#define NO_RABBIT
566
567#undef NO_PSK
568#define NO_PSK
569
570#undef NO_MD4
571#define NO_MD4
572
573#undef NO_PWDBASED
574#define NO_PWDBASED
575
576#undef NO_CODING
577//#define NO_CODING
578
579#undef NO_ASN_TIME
580//#define NO_ASN_TIME
581
582#undef NO_CERTS
583//#define NO_CERTS
584
585#undef NO_SIG_WRAPPER
586//#define NO_SIG_WRAPPER
587
588#ifdef __cplusplus
589}
590#endif
591
592#endif /* WOLFSSL_USER_SETTINGS_H */