1 /* Example custom user settings for wolfSSL */ 2 3 #ifndef WOLFSSL_USER_SETTINGS_H 4 #define WOLFSSL_USER_SETTINGS_H 5 6 #ifdef __cplusplus 7 extern "C" { 8 #endif 9 10 #include <stddef.h> /* for size_t */ 11 12 13 /* ------------------------------------------------------------------------- */ 14 /* Platform */ 15 /* ------------------------------------------------------------------------- */ 16 #undef WOLFSSL_GENERAL_ALIGNMENT 17 #define WOLFSSL_GENERAL_ALIGNMENT 4 18 19 #undef SINGLE_THREADED 20 #define SINGLE_THREADED 21 22 #undef WOLFSSL_SMALL_STACK 23 #define WOLFSSL_SMALL_STACK 24 25 #undef MICROCHIP_PIC32 26 #define MICROCHIP_PIC32 27 28 #undef WOLFSSL_MICROCHIP_PIC32MZ 29 #define WOLFSSL_MICROCHIP_PIC32MZ 30 31 32 /* ------------------------------------------------------------------------- */ 33 /* Math Configuration */ 34 /* ------------------------------------------------------------------------- */ 35 #undef USE_FAST_MATH 36 #define USE_FAST_MATH 37 38 #ifdef USE_FAST_MATH 39 #undef TFM_TIMING_RESISTANT 40 #define TFM_TIMING_RESISTANT 41 42 /* Optimizations */ 43 //#define TFM_MIPS 44 #endif 45 46 47 /* ------------------------------------------------------------------------- */ 48 /* Crypto */ 49 /* ------------------------------------------------------------------------- */ 50 /* ECC */ 51 #if 1 52 #undef HAVE_ECC 53 #define HAVE_ECC 54 55 /* Manually define enabled curves */ 56 #undef ECC_USER_CURVES 57 #define ECC_USER_CURVES 58 59 //#define HAVE_ECC192 60 //#define HAVE_ECC224 61 #undef NO_ECC256 62 //#define HAVE_ECC384 63 //#define HAVE_ECC521 64 65 /* Fixed point cache (speeds repeated operations against same private key) */ 66 #undef FP_ECC 67 //#define FP_ECC 68 #ifdef FP_ECC 69 /* Bits / Entries */ 70 #undef FP_ENTRIES 71 #define FP_ENTRIES 2 72 #undef FP_LUT 73 #define FP_LUT 4 74 #endif 75 76 /* Optional ECC calculation method */ 77 /* Note: doubles heap usage, but slightly faster */ 78 #undef ECC_SHAMIR 79 #define ECC_SHAMIR 80 81 /* Reduces heap usage, but slower */ 82 #undef ECC_TIMING_RESISTANT 83 #define ECC_TIMING_RESISTANT 84 85 #ifdef USE_FAST_MATH 86 /* use reduced size math buffers for ecc points */ 87 #undef ALT_ECC_SIZE 88 #define ALT_ECC_SIZE 89 90 /* Enable TFM optimizations for ECC */ 91 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) 92 #define TFM_ECC192 93 #endif 94 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) 95 #define TFM_ECC224 96 #endif 97 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 98 #define TFM_ECC256 99 #endif 100 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 101 #define TFM_ECC384 102 #endif 103 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 104 #define TFM_ECC521 105 #endif 106 #endif 107 #endif 108 109 /* RSA */ 110 #undef NO_RSA 111 #if 1 112 #ifdef USE_FAST_MATH 113 /* Maximum math bits (Max RSA key bits * 2) */ 114 #undef FP_MAX_BITS 115 #define FP_MAX_BITS 4096 116 #endif 117 118 /* half as much memory but twice as slow */ 119 #undef RSA_LOW_MEM 120 //#define RSA_LOW_MEM 121 122 /* timing resistance */ 123 #undef WC_RSA_BLINDING 124 #define WC_RSA_BLINDING 125 #else 126 #define NO_RSA 127 #endif 128 129 /* AES */ 130 #undef NO_AES 131 #if 1 132 #undef HAVE_AES_DECRYPT 133 #define HAVE_AES_DECRYPT 134 135 #undef HAVE_AESGCM 136 #define HAVE_AESGCM 137 138 /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */ 139 #undef GCM_SMALL 140 #define GCM_SMALL 141 142 #undef HAVE_AESCCM 143 #define HAVE_AESCCM 144 145 #undef WOLFSSL_AES_COUNTER 146 #define WOLFSSL_AES_COUNTER 147 148 #undef WOLFSSL_AES_DIRECT 149 #define WOLFSSL_AES_DIRECT 150 #else 151 #define NO_AES 152 #endif 153 154 /* DES3 */ 155 #undef NO_DES3 156 #if 1 157 #undef WOLFSSL_DES_ECB 158 #define WOLFSSL_DES_ECB 159 #else 160 #define NO_DES3 161 #endif 162 163 164 /* ChaCha20 / Poly1305 */ 165 #undef HAVE_CHACHA 166 #undef HAVE_POLY1305 167 #if 0 168 #define HAVE_CHACHA 169 #define HAVE_POLY1305 170 171 /* Needed for Poly1305 */ 172 #undef HAVE_ONE_TIME_AUTH 173 #define HAVE_ONE_TIME_AUTH 174 #endif 175 176 /* Ed25519 / Curve25519 */ 177 #undef HAVE_CURVE25519 178 #undef HAVE_ED25519 179 #if 0 180 #define HAVE_CURVE25519 181 #define HAVE_ED25519 182 183 /* Optionally use small math (less flash usage, but much slower) */ 184 #if 0 185 #define CURVED25519_SMALL 186 #endif 187 #endif 188 189 190 /* ------------------------------------------------------------------------- */ 191 /* Hashing */ 192 /* ------------------------------------------------------------------------- */ 193 /* Sha */ 194 #undef NO_SHA 195 #if 1 196 /* 1k smaller, but 25% slower */ 197 //#define USE_SLOW_SHA 198 #else 199 #define NO_SHA 200 #endif 201 202 /* Sha256 */ 203 #undef NO_SHA256 204 #if 1 205 #else 206 #define NO_SHA256 207 #endif 208 209 /* Sha512 */ 210 #undef WOLFSSL_SHA512 211 #if 1 212 #define WOLFSSL_SHA512 213 214 /* Sha384 */ 215 #undef WOLFSSL_SHA384 216 #if 1 217 #define WOLFSSL_SHA384 218 #endif 219 220 /* over twice as small, but 50% slower */ 221 //#define USE_SLOW_SHA2 222 #endif 223 224 /* MD5 */ 225 #undef NO_MD5 226 #if 1 227 #else 228 #define NO_MD5 229 #endif 230 231 232 /* ------------------------------------------------------------------------- */ 233 /* Benchmark / Test */ 234 /* ------------------------------------------------------------------------- */ 235 /* Use reduced benchmark / test sizes */ 236 #undef BENCH_EMBEDDED 237 #define BENCH_EMBEDDED 238 239 #undef USE_CERT_BUFFERS_2048 240 #define USE_CERT_BUFFERS_2048 241 242 #undef USE_CERT_BUFFERS_1024 243 //#define USE_CERT_BUFFERS_1024 244 245 #undef USE_CERT_BUFFERS_256 246 #define USE_CERT_BUFFERS_256 247 248 249 /* ------------------------------------------------------------------------- */ 250 /* Time */ 251 /* ------------------------------------------------------------------------- */ 252 #if 0 253 /* Override Current Time */ 254 /* Allows custom "custom_time()" function to be used for benchmark */ 255 #define WOLFSSL_USER_CURRTIME 256 #define USER_TICKS 257 extern unsigned long custom_time(unsigned long* timer); 258 #define XTIME custom_time 259 #else 260 #warning Time/RTC disabled 261 #undef NO_ASN_TIME 262 #define NO_ASN_TIME 263 #endif 264 265 /* ------------------------------------------------------------------------- */ 266 /* Debugging */ 267 /* ------------------------------------------------------------------------- */ 268 #undef DEBUG_WOLFSSL 269 #define DEBUG_WOLFSSL 270 271 #ifdef DEBUG_WOLFSSL 272 /* Use this to measure / print heap usage */ 273 #if 0 274 #undef USE_WOLFSSL_MEMORY 275 #define USE_WOLFSSL_MEMORY 276 #undef WOLFSSL_TRACK_MEMORY 277 #define WOLFSSL_TRACK_MEMORY 278 #endif 279 #else 280 #undef NO_WOLFSSL_MEMORY 281 #define NO_WOLFSSL_MEMORY 282 283 #undef NO_ERROR_STRINGS 284 //#define NO_ERROR_STRINGS 285 #endif 286 287 288 /* ------------------------------------------------------------------------- */ 289 /* Enable Features */ 290 /* ------------------------------------------------------------------------- */ 291 #undef KEEP_PEER_CERT 292 //#define KEEP_PEER_CERT 293 294 #undef HAVE_COMP_KEY 295 //#define HAVE_COMP_KEY 296 297 #undef HAVE_TLS_EXTENSIONS 298 //#define HAVE_TLS_EXTENSIONS 299 300 #undef HAVE_SUPPORTED_CURVES 301 //#define HAVE_SUPPORTED_CURVES 302 303 #undef WOLFSSL_BASE64_ENCODE 304 //#define WOLFSSL_BASE64_ENCODE 305 306 /* TLS Session Cache */ 307 #if 0 308 #define SMALL_SESSION_CACHE 309 #else 310 #define NO_SESSION_CACHE 311 #endif 312 313 314 /* ------------------------------------------------------------------------- */ 315 /* Disable Features */ 316 /* ------------------------------------------------------------------------- */ 317 #undef NO_WOLFSSL_SERVER 318 //#define NO_WOLFSSL_SERVER 319 320 #undef NO_WOLFSSL_CLIENT 321 //#define NO_WOLFSSL_CLIENT 322 323 #undef NO_CRYPT_TEST 324 //#define NO_CRYPT_TEST 325 326 #undef NO_CRYPT_BENCHMARK 327 //#define NO_CRYPT_BENCHMARK 328 329 /* In-lining of misc.c functions */ 330 /* If defined, must include wolfcrypt/src/misc.c in build */ 331 /* Slower, but about 1k smaller */ 332 #undef NO_INLINE 333 //#define NO_INLINE 334 335 #undef NO_FILESYSTEM 336 #define NO_FILESYSTEM 337 338 #undef NO_WRITEV 339 #define NO_WRITEV 340 341 #undef NO_MAIN_DRIVER 342 #define NO_MAIN_DRIVER 343 344 #undef NO_DEV_RANDOM 345 #define NO_DEV_RANDOM 346 347 #undef NO_DSA 348 #define NO_DSA 349 350 #undef NO_DH 351 #define NO_DH 352 353 #undef NO_RC4 354 #define NO_RC4 355 356 #undef NO_OLD_TLS 357 #define NO_OLD_TLS 358 359 #undef NO_HC128 360 #define NO_HC128 361 362 #undef NO_RABBIT 363 #define NO_RABBIT 364 365 #undef NO_PSK 366 #define NO_PSK 367 368 #undef NO_MD4 369 #define NO_MD4 370 371 #undef NO_PWDBASED 372 #define NO_PWDBASED 373 374 #undef NO_CODING 375 //#define NO_CODING 376 377 378 /* Suppress array-bounds */ 379 #pragma GCC diagnostic ignored "-Warray-bounds" 380 381 382 #ifdef __cplusplus 383 } 384 #endif 385 386 #endif /* WOLFSSL_USER_SETTINGS_H */ 387