1 /* Example custom user settings for wolfSSL */ 2 3 #ifndef WOLFSSL_USER_SETTINGS_H 4 #define WOLFSSL_USER_SETTINGS_H 5 6 #ifdef __cplusplus 7 extern "C" { 8 #endif 9 10 #include <stddef.h> /* for size_t */ 11 12 /* ------------------------------------------------------------------------- */ 13 /* Platform */ 14 /* ------------------------------------------------------------------------- */ 15 #undef WOLFSSL_GENERAL_ALIGNMENT 16 #define WOLFSSL_GENERAL_ALIGNMENT 4 17 18 #undef SINGLE_THREADED 19 #define SINGLE_THREADED 20 21 #undef WOLFSSL_SMALL_STACK 22 //#define WOLFSSL_SMALL_STACK 23 24 #undef WOLFSSL_SMALL_STACK_CACHE 25 //#define WOLFSSL_SMALL_STACK_CACHE 26 27 #define WOLFSSL_IGNORE_FILE_WARN 28 29 /* ------------------------------------------------------------------------- */ 30 /* Math Configuration */ 31 /* ------------------------------------------------------------------------- */ 32 #undef USE_FAST_MATH 33 #define USE_FAST_MATH 34 35 #ifdef USE_FAST_MATH 36 #undef TFM_TIMING_RESISTANT 37 #define TFM_TIMING_RESISTANT 38 39 /* Optimizations (TFM_ARM, TFM_ASM or none) */ 40 #define TFM_ARM 41 //#define TFM_ASM 42 #endif 43 44 /* Math debugging (adds support for mp_dump) */ 45 #undef WOLFSSL_DEBUG_MATH 46 //#define WOLFSSL_DEBUG_MATH 47 48 /* Wolf Single Precision Math */ 49 #undef WOLFSSL_SP 50 #if 0 51 #define WOLFSSL_SP 52 #define WOLFSSL_SP_SMALL /* use smaller version of code */ 53 #define WOLFSSL_HAVE_SP_RSA 54 #define WOLFSSL_HAVE_SP_DH 55 #define WOLFSSL_HAVE_SP_ECC 56 //#define WOLFSSL_SP_CACHE_RESISTANT 57 #define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */ 58 59 /* SP Assembly Speedups */ 60 #define WOLFSSL_SP_ASM /* required if using the ASM versions */ 61 //#define WOLFSSL_SP_ARM32_ASM 62 //#define WOLFSSL_SP_ARM64_ASM 63 //#define WOLFSSL_SP_ARM_THUMB_ASM 64 #define WOLFSSL_SP_ARM_CORTEX_M_ASM 65 #endif 66 67 68 /* ------------------------------------------------------------------------- */ 69 /* Crypto */ 70 /* ------------------------------------------------------------------------- */ 71 /* ECC */ 72 #if 1 73 #undef HAVE_ECC 74 #define HAVE_ECC 75 76 /* Manually define enabled curves */ 77 #undef ECC_USER_CURVES 78 #define ECC_USER_CURVES 79 80 #define HAVE_ECC192 81 #define HAVE_ECC224 82 #undef NO_ECC256 83 #define HAVE_ECC384 84 #ifndef USE_NXP_LTC /* NXP LTC HW supports up to 384 */ 85 #define HAVE_ECC521 86 #endif 87 88 /* Fixed point cache (speeds repeated operations against same private key) */ 89 #undef FP_ECC 90 //#define FP_ECC 91 #ifdef FP_ECC 92 /* Bits / Entries */ 93 #undef FP_ENTRIES 94 #define FP_ENTRIES 2 95 #undef FP_LUT 96 #define FP_LUT 4 97 #endif 98 99 /* Optional ECC calculation method */ 100 /* Note: doubles heap usage, but slightly faster */ 101 #undef ECC_SHAMIR 102 #ifndef USE_NXP_LTC /* Don't enable Shamir code for HW ECC */ 103 #define ECC_SHAMIR 104 #endif 105 106 /* Reduces heap usage, but slower */ 107 #undef ECC_TIMING_RESISTANT 108 #define ECC_TIMING_RESISTANT 109 110 #ifdef USE_FAST_MATH 111 /* use reduced size math buffers for ecc points */ 112 #undef ALT_ECC_SIZE 113 #define ALT_ECC_SIZE 114 115 /* Enable TFM optimizations for ECC */ 116 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) 117 #define TFM_ECC192 118 #endif 119 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) 120 #define TFM_ECC224 121 #endif 122 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 123 #define TFM_ECC256 124 #endif 125 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 126 #define TFM_ECC384 127 #endif 128 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 129 #define TFM_ECC521 130 #endif 131 #endif 132 #endif 133 134 /* RSA */ 135 #undef NO_RSA 136 #if 1 137 #ifdef USE_FAST_MATH 138 /* Maximum math bits (Max RSA key bits * 2) */ 139 #undef FP_MAX_BITS 140 #define FP_MAX_BITS 4096 141 #endif 142 143 /* half as much memory but twice as slow */ 144 #undef RSA_LOW_MEM 145 //#define RSA_LOW_MEM 146 147 /* Enables blinding mode, to prevent timing attacks */ 148 #undef WC_RSA_BLINDING 149 #define WC_RSA_BLINDING 150 151 #else 152 #define NO_RSA 153 #endif 154 155 /* AES */ 156 #undef NO_AES 157 #if 1 158 #undef HAVE_AESGCM 159 #define HAVE_AESGCM 160 161 /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */ 162 #undef GCM_SMALL 163 #define GCM_SMALL 164 #else 165 #define NO_AES 166 #endif 167 168 /* ChaCha20 / Poly1305 */ 169 #undef HAVE_CHACHA 170 #undef HAVE_POLY1305 171 #if 1 172 #define HAVE_CHACHA 173 #define HAVE_POLY1305 174 175 /* Needed for Poly1305 */ 176 #undef HAVE_ONE_TIME_AUTH 177 #define HAVE_ONE_TIME_AUTH 178 #endif 179 180 /* Ed25519 / Curve25519 */ 181 #undef HAVE_CURVE25519 182 #undef HAVE_ED25519 183 #if 1 184 #define HAVE_CURVE25519 185 #define HAVE_ED25519 186 187 /* Optionally use small math (less flash usage, but much slower) */ 188 #if 0 189 #define CURVED25519_SMALL 190 #endif 191 #endif 192 193 194 /* ------------------------------------------------------------------------- */ 195 /* Hashing */ 196 /* ------------------------------------------------------------------------- */ 197 /* Sha */ 198 #undef NO_SHA 199 #if 1 200 /* 1k smaller, but 25% slower */ 201 //#define USE_SLOW_SHA 202 #else 203 #define NO_SHA 204 #endif 205 206 /* Sha256 */ 207 #undef NO_SHA256 208 #if 1 209 #else 210 #define NO_SHA256 211 #endif 212 213 /* Sha512 */ 214 #undef WOLFSSL_SHA512 215 #if 1 216 #define WOLFSSL_SHA512 217 218 /* Sha384 */ 219 #undef WOLFSSL_SHA384 220 #if 1 221 #define WOLFSSL_SHA384 222 #endif 223 224 /* over twice as small, but 50% slower */ 225 //#define USE_SLOW_SHA2 226 #endif 227 228 /* MD5 */ 229 #undef NO_MD5 230 #if 1 231 #else 232 #define NO_MD5 233 #endif 234 235 236 /* ------------------------------------------------------------------------- */ 237 /* HW Crypto Acceleration */ 238 /* ------------------------------------------------------------------------- */ 239 #define FSL_HW_CRYPTO_MANUAL_SELECTION 240 #if 1 241 /* NXP MMCAU / LTC Support (See README.md for instructions) */ 242 #if defined(USE_NXP_MMCAU) || defined(USE_NXP_LTC) 243 #ifdef USE_NXP_MMCAU 244 #define FREESCALE_USE_MMCAU 245 #endif 246 #ifdef USE_NXP_LTC 247 #define FREESCALE_USE_LTC 248 #define LTC_MAX_ECC_BITS (384) 249 #define LTC_MAX_INT_BYTES (256) 250 251 //#define FREESCALE_LTC_TFM_RSA_4096_ENABLE 252 #endif 253 #endif 254 #endif 255 256 /* ------------------------------------------------------------------------- */ 257 /* Benchmark / Test */ 258 /* ------------------------------------------------------------------------- */ 259 /* Use reduced benchmark / test sizes */ 260 #undef BENCH_EMBEDDED 261 #define BENCH_EMBEDDED 262 263 #undef USE_CERT_BUFFERS_2048 264 #define USE_CERT_BUFFERS_2048 265 266 #undef USE_CERT_BUFFERS_256 267 #define USE_CERT_BUFFERS_256 268 269 270 /* ------------------------------------------------------------------------- */ 271 /* Debugging */ 272 /* ------------------------------------------------------------------------- */ 273 #undef DEBUG_WOLFSSL 274 //#define DEBUG_WOLFSSL 275 276 #ifdef DEBUG_WOLFSSL 277 #define fprintf(file, format, ...) printf(format, ##__VA_ARGS__) 278 279 /* Use this to measure / print heap usage */ 280 #if 0 281 #undef USE_WOLFSSL_MEMORY 282 #define USE_WOLFSSL_MEMORY 283 284 #undef WOLFSSL_TRACK_MEMORY 285 #define WOLFSSL_TRACK_MEMORY 286 #endif 287 #else 288 #undef NO_WOLFSSL_MEMORY 289 #define NO_WOLFSSL_MEMORY 290 291 #undef NO_ERROR_STRINGS 292 //#define NO_ERROR_STRINGS 293 #endif 294 295 296 /* ------------------------------------------------------------------------- */ 297 /* Port */ 298 /* ------------------------------------------------------------------------- */ 299 300 /* Override Current Time */ 301 /* Allows custom "custom_time()" function to be used for benchmark */ 302 #define WOLFSSL_USER_CURRTIME 303 #define USER_TICKS 304 extern unsigned long ksdk_time(unsigned long* timer); 305 #define XTIME ksdk_time 306 307 308 /* ------------------------------------------------------------------------- */ 309 /* RNG */ 310 /* ------------------------------------------------------------------------- */ 311 /* Size of returned HW RNG value */ 312 #define CUSTOM_RAND_TYPE unsigned int 313 314 /* Seed source */ 315 extern unsigned int custom_rand_generate(void); 316 #undef CUSTOM_RAND_GENERATE 317 #define CUSTOM_RAND_GENERATE custom_rand_generate 318 319 /* Choose RNG method */ 320 #if 1 321 /* Use built-in P-RNG (SHA256 based) with HW RNG */ 322 /* P-RNG + HW RNG (P-RNG is ~8K) */ 323 #undef HAVE_HASHDRBG 324 #define HAVE_HASHDRBG 325 #else 326 #undef WC_NO_HASHDRBG 327 #define WC_NO_HASHDRBG 328 329 /* Bypass P-RNG and use only HW RNG */ 330 extern int custom_rand_generate_block(unsigned char* output, unsigned int sz); 331 #undef CUSTOM_RAND_GENERATE_BLOCK 332 #define CUSTOM_RAND_GENERATE_BLOCK custom_rand_generate_block 333 #endif 334 335 336 /* ------------------------------------------------------------------------- */ 337 /* Enable Features */ 338 /* ------------------------------------------------------------------------- */ 339 #undef KEEP_PEER_CERT 340 //#define KEEP_PEER_CERT 341 342 #undef HAVE_COMP_KEY 343 //#define HAVE_COMP_KEY 344 345 #undef HAVE_TLS_EXTENSIONS 346 //#define HAVE_TLS_EXTENSIONS 347 348 #undef HAVE_SUPPORTED_CURVES 349 //#define HAVE_SUPPORTED_CURVES 350 351 #undef WOLFSSL_BASE64_ENCODE 352 //#define WOLFSSL_BASE64_ENCODE 353 354 /* TLS Session Cache */ 355 #if 0 356 #define SMALL_SESSION_CACHE 357 #else 358 #define NO_SESSION_CACHE 359 #endif 360 361 362 /* ------------------------------------------------------------------------- */ 363 /* Disable Features */ 364 /* ------------------------------------------------------------------------- */ 365 #undef NO_WOLFSSL_SERVER 366 //#define NO_WOLFSSL_SERVER 367 368 #undef NO_WOLFSSL_CLIENT 369 //#define NO_WOLFSSL_CLIENT 370 371 #undef NO_CRYPT_TEST 372 //#define NO_CRYPT_TEST 373 374 #undef NO_CRYPT_BENCHMARK 375 //#define NO_CRYPT_BENCHMARK 376 377 /* In-lining of misc.c functions */ 378 /* If defined, must include wolfcrypt/src/misc.c in build */ 379 /* Slower, but about 1k smaller */ 380 #undef NO_INLINE 381 //#define NO_INLINE 382 383 #undef NO_FILESYSTEM 384 #define NO_FILESYSTEM 385 386 #undef NO_WRITEV 387 #define NO_WRITEV 388 389 #undef NO_MAIN_DRIVER 390 #define NO_MAIN_DRIVER 391 392 #undef NO_DEV_RANDOM 393 #define NO_DEV_RANDOM 394 395 #undef NO_DSA 396 #define NO_DSA 397 398 #undef NO_DH 399 #define NO_DH 400 401 #undef NO_DES3 402 #define NO_DES3 403 404 #undef NO_RC4 405 #define NO_RC4 406 407 #undef NO_OLD_TLS 408 #define NO_OLD_TLS 409 410 #undef NO_HC128 411 #define NO_HC128 412 413 #undef NO_RABBIT 414 #define NO_RABBIT 415 416 #undef NO_PSK 417 #define NO_PSK 418 419 #undef NO_MD4 420 #define NO_MD4 421 422 #undef NO_PWDBASED 423 #define NO_PWDBASED 424 425 #undef NO_CODING 426 #define NO_CODING 427 428 429 #ifdef __cplusplus 430 } 431 #endif 432 433 #endif /* WOLFSSL_USER_SETTINGS_H */ 434