1 /* Example custom user settings for wolfSSL and INtime RTOS port */ 2 3 #ifndef WOLFSSL_USER_SETTINGS_H 4 #define WOLFSSL_USER_SETTINGS_H 5 6 #ifdef __cplusplus 7 extern "C" { 8 #endif 9 10 /* ------------------------------------------------------------------------- */ 11 /* Port - Platform */ 12 /* ------------------------------------------------------------------------- */ 13 #undef INTIME_RTOS 14 #define INTIME_RTOS 15 16 #undef WOLF_EXAMPLES_STACK 17 #define WOLF_EXAMPLES_STACK (1<<17) 18 19 #undef WOLFSSL_GENERAL_ALIGNMENT 20 #define WOLFSSL_GENERAL_ALIGNMENT 4 21 22 /* platform already has min()/max() */ 23 #undef WOLFSSL_HAVE_MIN 24 #define WOLFSSL_HAVE_MIN 25 #undef WOLFSSL_HAVE_MAX 26 #define WOLFSSL_HAVE_MAX 27 28 /* disable directory support */ 29 #undef NO_WOLFSSL_DIR 30 //#define NO_WOLFSSL_DIR 31 32 /* disable writev */ 33 #undef NO_WRITEV 34 #define NO_WRITEV 35 36 /* we provide main entry point */ 37 #undef NO_MAIN_DRIVER 38 #define NO_MAIN_DRIVER 39 40 /* if using in single threaded mode */ 41 #undef SINGLE_THREADED 42 //#define SINGLE_THREADED 43 /* Note: HAVE_THREAD_LS is not support for INtime RTOS */ 44 45 /* reduces stack usage, by using malloc/free for stack variables over 100 bytes */ 46 #undef WOLFSSL_SMALL_STACK 47 //#define WOLFSSL_SMALL_STACK 48 49 50 /* ------------------------------------------------------------------------- */ 51 /* Math Configuration */ 52 /* ------------------------------------------------------------------------- */ 53 /* fast math uses stack and inline assembly to speed up math */ 54 #undef USE_FAST_MATH 55 #define USE_FAST_MATH 56 57 #ifdef USE_FAST_MATH 58 /* timing resistance for side-channel attack protection */ 59 #undef TFM_TIMING_RESISTANT 60 #define TFM_TIMING_RESISTANT 61 #endif 62 63 64 /* ------------------------------------------------------------------------- */ 65 /* Crypto */ 66 /* ------------------------------------------------------------------------- */ 67 /* ECC */ 68 #if 1 69 #undef HAVE_ECC 70 #define HAVE_ECC 71 72 /* Support for custom curves */ 73 #define WOLFSSL_CUSTOM_CURVES 74 75 /* Curve types */ 76 //#define NO_ECC_SECP 77 #define HAVE_ECC_SECPR2 78 #define HAVE_ECC_SECPR3 79 #define HAVE_ECC_BRAINPOOL 80 #define HAVE_ECC_KOBLITZ 81 82 /* Curve sizes */ 83 #undef HAVE_ALL_CURVES 84 //#define HAVE_ALL_CURVES 85 #ifndef HAVE_ALL_CURVES 86 /* allows enabling custom curve sizes */ 87 #undef ECC_USER_CURVES 88 #define ECC_USER_CURVES 89 90 //#define HAVE_ECC112 91 //#define HAVE_ECC128 92 //#define HAVE_ECC160 93 #define HAVE_ECC192 94 #define HAVE_ECC224 95 //#define NO_ECC256 96 #define HAVE_ECC384 97 #define HAVE_ECC521 98 #endif 99 100 /* Fixed point cache (speeds repeated operations against same private key) */ 101 #undef FP_ECC 102 #define FP_ECC 103 #ifdef FP_ECC 104 /* Bits / Entries */ 105 #undef FP_ENTRIES 106 #define FP_ENTRIES 2 107 #undef FP_LUT 108 #define FP_LUT 4 109 #endif 110 111 /* Optional ECC calculation method */ 112 /* Note: doubles heap usage, but slightly faster */ 113 #undef ECC_SHAMIR 114 #define ECC_SHAMIR 115 116 /* Reduces heap usage, but slower */ 117 /* timing resistance for side-channel attack protection */ 118 #undef ECC_TIMING_RESISTANT 119 #define ECC_TIMING_RESISTANT 120 121 #ifdef USE_FAST_MATH 122 /* use reduced size math buffers for ecc points */ 123 #undef ALT_ECC_SIZE 124 #define ALT_ECC_SIZE 125 126 /* Enable TFM optimizations for ECC */ 127 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) 128 #define TFM_ECC192 129 #endif 130 #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) 131 #define TFM_ECC224 132 #endif 133 #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) 134 #define TFM_ECC256 135 #endif 136 #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) 137 #define TFM_ECC384 138 #endif 139 #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) 140 #define TFM_ECC521 141 #endif 142 #endif 143 #endif 144 145 /* RSA */ 146 #undef NO_RSA 147 #if 1 148 #ifdef USE_FAST_MATH 149 /* Maximum math bits (Max RSA key bits * 2) */ 150 #undef FP_MAX_BITS 151 #define FP_MAX_BITS 4096 152 #endif 153 154 /* half as much memory but twice as slow */ 155 #undef RSA_LOW_MEM 156 //#define RSA_LOW_MEM 157 158 /* RSA blinding countermeasures */ 159 #undef WC_RSA_BLINDING 160 #define WC_RSA_BLINDING 161 #else 162 #define NO_RSA 163 #endif 164 165 /* AES */ 166 #undef NO_AES 167 #if 1 168 #undef HAVE_AESGCM 169 #define HAVE_AESGCM 170 171 #ifdef HAVE_AESGCM 172 /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */ 173 //#define GCM_SMALL 174 #define GCM_TABLE 175 #endif 176 177 #undef WOLFSSL_AES_COUNTER 178 #define WOLFSSL_AES_COUNTER 179 180 #undef HAVE_AESCCM 181 #define HAVE_AESCCM 182 183 #undef WOLFSSL_AES_DIRECT 184 #define WOLFSSL_AES_DIRECT 185 186 #undef HAVE_AES_KEYWRAP 187 #define HAVE_AES_KEYWRAP 188 #else 189 #define NO_AES 190 #endif 191 192 /* ChaCha20 / Poly1305 */ 193 #undef HAVE_CHACHA 194 #undef HAVE_POLY1305 195 #if 1 196 #define HAVE_CHACHA 197 #define HAVE_POLY1305 198 199 /* Needed for Poly1305 */ 200 #undef HAVE_ONE_TIME_AUTH 201 #define HAVE_ONE_TIME_AUTH 202 #endif 203 204 /* Ed25519 / Curve25519 */ 205 #undef HAVE_CURVE25519 206 #undef HAVE_ED25519 207 #if 1 208 #define HAVE_CURVE25519 209 #define HAVE_ED25519 210 211 /* Optionally use small math (less flash usage, but much slower) */ 212 #if 0 213 #define CURVED25519_SMALL 214 #endif 215 #endif 216 217 218 /* ------------------------------------------------------------------------- */ 219 /* Hashing */ 220 /* ------------------------------------------------------------------------- */ 221 /* Sha */ 222 #undef NO_SHA 223 #if 1 224 /* 1k smaller, but 25% slower */ 225 //#define USE_SLOW_SHA 226 #else 227 #define NO_SHA 228 #endif 229 230 /* Sha256 */ 231 #undef NO_SHA256 232 #if 1 233 #else 234 #define NO_SHA256 235 #endif 236 237 /* Sha512 */ 238 #undef WOLFSSL_SHA512 239 #if 1 240 #define WOLFSSL_SHA512 241 242 /* Sha384 */ 243 #undef WOLFSSL_SHA384 244 #if 1 245 #define WOLFSSL_SHA384 246 #endif 247 248 /* over twice as small, but 50% slower */ 249 //#define USE_SLOW_SHA2 250 #endif 251 252 /* MD5 */ 253 #undef NO_MD5 254 #if 1 255 #else 256 #define NO_MD5 257 #endif 258 259 260 /* ------------------------------------------------------------------------- */ 261 /* Enable Features */ 262 /* ------------------------------------------------------------------------- */ 263 #undef KEEP_PEER_CERT 264 #define KEEP_PEER_CERT 265 266 #undef HAVE_COMP_KEY 267 #define HAVE_COMP_KEY 268 269 #undef HAVE_ECC_ENCRYPT 270 #define HAVE_ECC_ENCRYPT 271 272 #undef HAVE_TLS_EXTENSIONS 273 #define HAVE_TLS_EXTENSIONS 274 275 #undef HAVE_SUPPORTED_CURVES 276 #define HAVE_SUPPORTED_CURVES 277 278 #undef HAVE_EXTENDED_MASTER 279 #define HAVE_EXTENDED_MASTER 280 281 #undef WOLFSSL_DTLS 282 #define WOLFSSL_DTLS 283 284 #undef OPENSSL_EXTRA 285 #define OPENSSL_EXTRA 286 287 #undef WOLFSSL_BASE64_ENCODE 288 #define WOLFSSL_BASE64_ENCODE 289 290 #undef HAVE_HKDF 291 #define HAVE_HKDF 292 293 #undef WOLFSSL_CMAC 294 #define WOLFSSL_CMAC 295 296 #undef WOLFSSL_KEY_GEN 297 #define WOLFSSL_KEY_GEN 298 299 #undef WOLFSSL_CERT_GEN 300 #define WOLFSSL_CERT_GEN 301 302 #undef WOLFSSL_CERT_REQ 303 #define WOLFSSL_CERT_REQ 304 305 #undef WOLFSSL_CERT_EXT 306 #define WOLFSSL_CERT_EXT 307 308 #undef HAVE_PK_CALLBACKS 309 #define HAVE_PK_CALLBACKS 310 311 #undef HAVE_ALPN 312 #define HAVE_ALPN 313 314 #undef HAVE_SNI 315 #define HAVE_SNI 316 317 #undef HAVE_MAX_FRAGMENT 318 #define HAVE_MAX_FRAGMENT 319 320 #undef HAVE_TRUNCATED_HMAC 321 #define HAVE_TRUNCATED_HMAC 322 323 #undef SESSION_CERTS 324 #define SESSION_CERTS 325 326 #undef HAVE_SESSION_TICKET 327 #define HAVE_SESSION_TICKET 328 329 #undef WOLFCRYPT_HAVE_SRP 330 #define WOLFCRYPT_HAVE_SRP 331 332 #undef WOLFSSL_HAVE_CERT_SERVICE 333 #define WOLFSSL_HAVE_CERT_SERVICE 334 335 #undef HAVE_PKCS7 336 #define HAVE_PKCS7 337 338 #undef HAVE_X963_KDF 339 #define HAVE_X963_KDF 340 341 #undef WOLFSSL_HAVE_WOLFSCEP 342 #define WOLFSSL_HAVE_WOLFSCEP 343 344 #undef WOLFSSL_ALWAYS_KEEP_SNI 345 #define WOLFSSL_ALWAYS_KEEP_SNI 346 347 #undef WOLFSSL_ALWAYS_VERIFY_CB 348 #define WOLFSSL_ALWAYS_VERIFY_CB 349 350 #undef WOLFSSL_SEP 351 #define WOLFSSL_SEP 352 353 #undef ATOMIC_USER 354 #define ATOMIC_USER 355 356 #undef HAVE_OCSP 357 #define HAVE_OCSP 358 359 #undef HAVE_CERTIFICATE_STATUS_REQUEST 360 #define HAVE_CERTIFICATE_STATUS_REQUEST 361 362 #undef HAVE_CERTIFICATE_STATUS_REQUEST_V2 363 #define HAVE_CERTIFICATE_STATUS_REQUEST_V2 364 365 #undef HAVE_CRL 366 #define HAVE_CRL 367 368 #undef PERSIST_CERT_CACHE 369 //#define PERSIST_CERT_CACHE 370 371 #undef PERSIST_SESSION_CACHE 372 //#define PERSIST_SESSION_CACHE 373 374 #undef WOLFSSL_DER_LOAD 375 //#define WOLFSSL_DER_LOAD 376 377 #undef WOLFSSL_DES_ECB 378 //#define WOLFSSL_DES_ECB 379 380 #undef HAVE_CAMELLIA 381 //#define HAVE_CAMELLIA 382 383 #undef HAVE_NULL_CIPHER 384 //#define HAVE_NULL_CIPHER 385 386 #undef WOLFSSL_RIPEMD 387 //#define WOLFSSL_RIPEMD 388 389 390 /* TLS Session Cache */ 391 #if 1 392 #define SMALL_SESSION_CACHE 393 //#define MEDIUM_SESSION_CACHE 394 //#define BIG_SESSION_CACHE 395 //#define HUGE_SESSION_CACHE 396 #else 397 #define NO_SESSION_CACHE 398 #endif 399 400 401 /* ------------------------------------------------------------------------- */ 402 /* Disable Features */ 403 /* ------------------------------------------------------------------------- */ 404 #undef NO_WOLFSSL_SERVER 405 //#define NO_WOLFSSL_SERVER 406 407 #undef NO_WOLFSSL_CLIENT 408 //#define NO_WOLFSSL_CLIENT 409 410 /* disables TLS 1.0/1.1 support */ 411 #undef NO_OLD_TLS 412 //#define NO_OLD_TLS 413 414 /* disable access to filesystem */ 415 #undef NO_FILESYSTEM 416 //#define NO_FILESYSTEM 417 418 #undef NO_RC4 419 #define NO_RC4 420 421 #undef NO_HC128 422 #define NO_HC128 423 424 #undef NO_RABBIT 425 #define NO_RABBIT 426 427 #undef NO_MD4 428 #define NO_MD4 429 430 /* Pre-shared keys */ 431 #undef NO_PSK 432 //#define NO_PSK 433 434 #undef NO_DSA 435 //#define NO_DSA 436 437 #undef NO_DH 438 //#define NO_DH 439 440 #undef NO_DES3 441 //#define NO_DES3 442 443 #undef NO_PWDBASED 444 //#define NO_PWDBASED 445 446 /* encoding/decoding support */ 447 #undef NO_CODING 448 //#define NO_CODING 449 450 /* memory wrappers and memory callbacks */ 451 #undef NO_WOLFSSL_MEMORY 452 //#define NO_WOLFSSL_MEMORY 453 454 /* In-lining of misc.c functions */ 455 /* If defined, must include wolfcrypt/src/misc.c in build */ 456 /* Slower, but about 1k smaller */ 457 #undef NO_INLINE 458 //#define NO_INLINE 459 460 461 462 /* ------------------------------------------------------------------------- */ 463 /* Benchmark / Test */ 464 /* ------------------------------------------------------------------------- */ 465 #undef NO_CRYPT_TEST 466 //#define NO_CRYPT_TEST 467 468 #undef NO_CRYPT_BENCHMARK 469 //#define NO_CRYPT_BENCHMARK 470 471 /* Use reduced benchmark / test sizes */ 472 #undef BENCH_EMBEDDED 473 #define BENCH_EMBEDDED 474 475 #undef USE_CERT_BUFFERS_2048 476 #define USE_CERT_BUFFERS_2048 477 478 #undef USE_CERT_BUFFERS_256 479 #define USE_CERT_BUFFERS_256 480 481 482 483 /* ------------------------------------------------------------------------- */ 484 /* Debugging */ 485 /* ------------------------------------------------------------------------- */ 486 #undef DEBUG_WOLFSSL 487 //#define DEBUG_WOLFSSL 488 #ifdef DEBUG_WOLFSSL 489 /* Use this to measure / print heap usage */ 490 #if 0 491 #undef USE_WOLFSSL_MEMORY 492 #define USE_WOLFSSL_MEMORY 493 494 #undef WOLFSSL_TRACK_MEMORY 495 #define WOLFSSL_TRACK_MEMORY 496 #endif 497 498 /* Math debugging (adds support for mp_dump) */ 499 #undef WOLFSSL_DEBUG_MATH 500 //#define WOLFSSL_DEBUG_MATH 501 #else 502 #undef NO_ERROR_STRINGS 503 //#define NO_ERROR_STRINGS 504 #endif 505 506 507 #ifdef __cplusplus 508 } 509 #endif 510 511 #endif /* WOLFSSL_USER_SETTINGS_H */ 512