1 /* user_settings.h
2  *
3  * Copyright (C) 2006-2021 wolfSSL Inc.
4  *
5  * This file is part of wolfSSL.
6  *
7  * wolfSSL is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * wolfSSL is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20  */
21 
22 /*-- Renesas MCU type ---------------------------------------------------------
23  *
24  *
25  *----------------------------------------------------------------------------*/
26   #define WOLFSSL_RENESAS_RX72N
27 
28 
29 /*-- Renesas TSIP usage and its version ---------------------------------------
30  *
31  *  "WOLFSSL_RENESAS_TSIP" definition makes wolfSSL to use H/W acceleration
32  *   for cipher operations.
33  *  TSIP definition asks to have its version number.
34  *  "WOLFSSL_RENESAS_TSIP_VER" takes following value:
35  *      106: TSIPv1.06
36  *      109: TSIPv1.09
37  *      113: TSIPv1.13
38  *      114: TSIPv1.14
39  *----------------------------------------------------------------------------*/
40   #define WOLFSSL_RENESAS_TSIP
41   #define WOLFSSL_RENESAS_TSIP_VER     114
42 
43 
44 /*-- TLS version definitions  --------------------------------------------------
45  *
46  * wolfSSL supports TLSv1.2 by default. In case you want your system to support
47  * TLSv1.3, uncomment line below.
48  *
49  *----------------------------------------------------------------------------*/
50 /*#define WOLFSSL_TLS13*/
51 
52 
53 /*-- Operating System related definitions --------------------------------------
54  *
55  *  In case any real-time OS is used, define its name(e.g. FREERTOS).
56  *  Otherwise, define "SINGLE_THREADED". They are exclusive each other.
57  *
58  *----------------------------------------------------------------------------*/
59   #define SINGLE_THREADED
60 /*#define FREERTOS*/
61 
62 
63 /*-- Cipher related definitions  -----------------------------------------------
64  *
65  *
66  *----------------------------------------------------------------------------*/
67 
68   #define NO_DEV_RANDOM
69 
70   #define WOLFSSL_DH_CONST
71   #define HAVE_TLS_EXTENSIONS
72 
73   #define HAVE_AESGCM
74   #define HAVE_AES_CBC
75   #define WOLFSSL_SHA512
76 
77   #define HAVE_SUPPORTED_CURVES
78   #define HAVE_ECC
79   #define HAVE_CURVE25519
80   #define CURVE25519_SMALL
81   #define HAVE_ED25519
82 
83   #define WOLFSSL_STATIC_RSA
84 
85   /* USE_ECC_CERT
86    * This macro is for selecting root CA certificate to load, it is valid only
87    * in example applications. wolfSSL does not refer this macro.
88    * If you want to use cipher suites including ECDSA authentication in
89    * the example applications with TSIP, enable this macro.
90    * In TSIP 1.13 or later version, following cipher suites are
91    * available:
92    * - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
93    * - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SAH256
94    *
95    * Note that, this macro disables cipher suites including RSA
96    * authentication such as:
97    * - TLS_RSA_WITH_AES_128_CBC_SHA
98    * - TLS_RSA_WITH_AES_256_CBC_SHA
99    * - TLS_RSA_WITH_AES_128_CBC_SHA256
100    * - TLS_RSA_WITH_AES_256_CBC_SHA256
101    * - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
102    * - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
103    *
104    */
105   /*#define USE_ECC_CERT*/
106 
107   /* In this example application, Root CA cert buffer named
108    * "ca_ecc_cert_der_256" is used under the following macro definition
109    * for ECDSA.
110    */
111   #define USE_CERT_BUFFERS_256
112 
113   /* In this example application, Root CA cert buffer named
114    * "ca_cert_der_2048" is used under the following macro definition
115    * for RSA authentication.
116    */
117   #define USE_CERT_BUFFERS_2048
118 
119 /*-- Misc definitions  ---------------------------------------------------------
120  *
121  *
122  *----------------------------------------------------------------------------*/
123   #define SIZEOF_LONG_LONG 8
124 
125 #if !defined(min)
126   #define min(data1, data2)                _builtin_min(data1, data2)
127 #endif
128 
129  /*
130   * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
131   *
132   * Note. In your actual products, do not forget to comment-out
133   * "NO_ASN_TIME" macro. And prepare time function to get calender time,
134   * otherwise, certificate expiration validation will not work.
135   */
136   /*#define NO_ASN_TIME*/
137 
138   #define NO_MAIN_DRIVER
139   #define BENCH_EMBEDDED
140   #define NO_WOLFSSL_DIR
141   #define WOLFSSL_NO_CURRDIR
142   #define NO_FILESYSTEM
143   #define WOLFSSL_LOG_PRINTF
144   #define WOLFSSL_HAVE_MIN
145   #define WOLFSSL_HAVE_MAX
146   #define WOLFSSL_SMALL_STACK
147   #define NO_WRITEV
148   #define WOLFSSL_USER_IO
149 
150   #define WOLFSSL_USER_CURRTIME /* for benchmark */
151   #define USER_TIME
152   #define XTIME time
153   #define USE_WOLF_SUSECONDS_T
154   #define USE_WOLF_TIMEVAL_T
155 
156 
157   #define WC_RSA_BLINDING
158   #define TFM_TIMING_RESISTANT
159   #define ECC_TIMING_RESISTANT
160 
161 
162 /*-- Debugging options  ------------------------------------------------------
163  *
164  * "DEBUG_WOLFSSL" definition enables log to output into stdout.
165  * Note: wolfSSL_Debugging_ON() must be called just after wolfSSL_Init().
166  *----------------------------------------------------------------------------*/
167 
168 /*#define DEBUG_WOLFSSL*/
169 
170 /*-- Definitions for functionality negation  -----------------------------------
171  *
172  *
173  *----------------------------------------------------------------------------*/
174 
175 /*#define NO_RENESAS_TSIP_CRYPT*/
176 /*#define NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION*/
177 
178 #if defined(WOLFCRYPT_ONLY)
179     #undef WOLFSSL_RENESAS_TSIP
180 #endif
181 /*-- Consistency checking between definitions  ---------------------------------
182  *
183  *
184  *----------------------------------------------------------------------------*/
185 
186 /*-- TSIP TLS specific definitions --*/
187 #if defined(WOLFSSL_RENESAS_TSIP)
188     #if !defined(WOLFSSL_RENESAS_TSIP_VER)
189       #error "WOLFSSL_RENESAS_TSIP_VER is required to be defined and have value"
190     #endif
191 #endif
192 
193 /*-- Complementary definitions  ------------------------------------------------
194  *
195  *
196  *----------------------------------------------------------------------------*/
197 
198 #if defined(WOLFSSL_RENESAS_TSIP)
199 
200     #if !defined(NO_RENESAS_TSIP_CRYPT)
201         #define WOLFSSL_RENESAS_TSIP_CRYPT
202         #define WOLFSSL_RENESAS_TSIP_TLS
203         #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
204         #define HAVE_PK_CALLBACKS
205         #define WOLF_CRYPTO_CB
206     #endif
207 
208 #else
209     #define OPENSSL_EXTRA
210     #define WOLFSSL_GENSEED_FORTEST /* Warning: define your own seed gen */
211 #endif
212 
213 
214 /*-- TLS version and required definitions --*/
215 #if defined(WOLFSSL_TLS13)
216     #define HAVE_FFDHE_2048
217     #define HAVE_HKDF
218     #define WC_RSA_PSS
219 #endif
220