user_settings.h 8.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275
  1. /* user_settings.h
  2. *
  3. * Copyright (C) 2006-2024 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. /*-- Renesas MCU type ---------------------------------------------------------
  22. *
  23. *
  24. *----------------------------------------------------------------------------*/
  25. #define WOLFSSL_RENESAS_RX65N
  26. /*-- Renesas TSIP usage and its version ---------------------------------------
  27. *
  28. * "WOLFSSL_RENESAS_TSIP" definition makes wolfSSL to use H/W acceleration
  29. * for cipher operations.
  30. * TSIP definition asks to have its version number.
  31. * "WOLFSSL_RENESAS_TSIP_VER" takes following value:
  32. * 106: TSIPv1.06
  33. * 109: TSIPv1.09
  34. * 113: TSIPv1.13
  35. * 114: TSIPv1.14
  36. * 115: TSIPv1.15
  37. * 117: TSIPv1.17
  38. * 121: TSIPv1.21
  39. *----------------------------------------------------------------------------*/
  40. #define WOLFSSL_RENESAS_TSIP
  41. #define WOLFSSL_RENESAS_TSIP_VER 121
  42. /*-- TLS version definitions --------------------------------------------------
  43. *
  44. * wolfSSL supports TLSv1.2 by default. In case you want your system to support
  45. * TLSv1.3, uncomment line below.
  46. *
  47. *----------------------------------------------------------------------------*/
  48. #define WOLFSSL_TLS13
  49. /*-- Operating System related definitions --------------------------------------
  50. *
  51. * In case any real-time OS is used, define its name(e.g. FREERTOS).
  52. * Otherwise, define "SINGLE_THREADED". They are exclusive each other.
  53. *
  54. *----------------------------------------------------------------------------*/
  55. #define SINGLE_THREADED
  56. /*#define FREERTOS*/
  57. /*-- Compiler related definitions ---------------------------------------------
  58. *
  59. * CC-RX is C99 compliant, but may not provide the features wolfSSL requires.
  60. * This section defines macros for such cases to avoid build-time or run-time
  61. * failures.
  62. *
  63. *----------------------------------------------------------------------------*/
  64. /* CC-RX does not support variable length array */
  65. #define WOLFSSL_SP_NO_DYN_STACK
  66. /*-- Cipher related definitions -----------------------------------------------
  67. *
  68. *
  69. *----------------------------------------------------------------------------*/
  70. #define NO_DEV_RANDOM
  71. #define NO_MD4
  72. #define WOLFSSL_DH_CONST
  73. #define HAVE_TLS_EXTENSIONS
  74. #define HAVE_AESGCM
  75. #define HAVE_AESCCM
  76. #define HAVE_AES_CBC
  77. #define WOLFSSL_SHA512
  78. #define HAVE_SUPPORTED_CURVES
  79. #define HAVE_ECC
  80. #define HAVE_CURVE25519
  81. #define CURVE25519_SMALL
  82. #define HAVE_ED25519
  83. #define WOLFSSL_STATIC_RSA
  84. /* USE_ECC_CERT
  85. * This macro is for selecting root CA certificate to load, it is valid only
  86. * in example applications. wolfSSL does not refer this macro.
  87. * If you want to use cipher suites including ECDSA authentication in
  88. * the example applications with TSIP, enable this macro.
  89. * In TSIP 1.13 or later version, following cipher suites are
  90. * available:
  91. * - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  92. * - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SAH256
  93. *
  94. * Note that, this macro disables cipher suites including RSA
  95. * authentication such as:
  96. * - TLS_RSA_WITH_AES_128_CBC_SHA
  97. * - TLS_RSA_WITH_AES_256_CBC_SHA
  98. * - TLS_RSA_WITH_AES_128_CBC_SHA256
  99. * - TLS_RSA_WITH_AES_256_CBC_SHA256
  100. * - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  101. * - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
  102. *
  103. */
  104. #define USE_ECC_CERT
  105. /* In this example application, Root CA cert buffer named
  106. * "ca_ecc_cert_der_256" is used under the following macro definition
  107. * for ECDSA.
  108. */
  109. #define USE_CERT_BUFFERS_256
  110. /* In this example application, Root CA cert buffer named
  111. * "ca_cert_der_2048" is used under the following macro definition
  112. * for RSA authentication.
  113. */
  114. #define USE_CERT_BUFFERS_2048
  115. /*-- Misc definitions ---------------------------------------------------------
  116. *
  117. *
  118. *----------------------------------------------------------------------------*/
  119. #define SIZEOF_LONG_LONG 8
  120. /*#define WOLFSSL_STATIC_MEMORY*/
  121. #if defined(WOLFSSL_STATIC_MEMORY)
  122. #define USE_FAST_MATH
  123. #else
  124. #define WOLFSSL_SMALL_STACK
  125. #endif /* WOLFSSL_STATIC_MEMORY */
  126. /*
  127. * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
  128. *
  129. * Note. In your actual products, do not forget to comment-out
  130. * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
  131. * otherwise, certificate expiration validation will not work.
  132. */
  133. /*#define NO_ASN_TIME*/
  134. #define NO_MAIN_DRIVER
  135. #define BENCH_EMBEDDED
  136. #define NO_WOLFSSL_DIR
  137. #define WOLFSSL_NO_CURRDIR
  138. #define NO_FILESYSTEM
  139. #define WOLFSSL_LOG_PRINTF
  140. #define WOLFSSL_HAVE_MIN
  141. #define WOLFSSL_HAVE_MAX
  142. #define NO_WRITEV
  143. #define WOLFSSL_USER_IO
  144. #define WOLFSSL_USER_CURRTIME /* for benchmark */
  145. #define TIME_OVERRIDES
  146. #define XTIME time
  147. #define WOLFSSL_GMTIME
  148. #define XGMTIME(c,t) gmtime(c)
  149. #define USE_WOLF_SUSECONDS_T
  150. #define USE_WOLF_TIMEVAL_T
  151. #define WC_RSA_BLINDING
  152. #define TFM_TIMING_RESISTANT
  153. #define ECC_TIMING_RESISTANT
  154. /*-- Debugging options ------------------------------------------------------
  155. *
  156. * "DEBUG_WOLFSSL" definition enables log to output into stdout.
  157. * Note: wolfSSL_Debugging_ON() must be called just after wolfSSL_Init().
  158. *----------------------------------------------------------------------------*/
  159. /*#define DEBUG_WOLFSSL*/
  160. /*-- Definitions for functionality negation -----------------------------------
  161. *
  162. *
  163. *----------------------------------------------------------------------------*/
  164. /*#define NO_RENESAS_TSIP_CRYPT*/
  165. /*#define NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION*/
  166. #if defined(WOLFCRYPT_ONLY)
  167. #undef WOLFSSL_RENESAS_TSIP
  168. #endif
  169. /*-- Consistency checking between definitions ---------------------------------
  170. *
  171. *
  172. *----------------------------------------------------------------------------*/
  173. /*-- TSIP TLS specific definitions --*/
  174. #if defined(WOLFSSL_RENESAS_TSIP)
  175. #if !defined(WOLFSSL_RENESAS_TSIP_VER)
  176. #error "WOLFSSL_RENESAS_TSIP_VER is required to be defined and have value"
  177. #endif
  178. #endif
  179. /*-- Complementary definitions ------------------------------------------------
  180. *
  181. *
  182. *----------------------------------------------------------------------------*/
  183. #if defined(WOLFSSL_RENESAS_TSIP)
  184. /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
  185. /* Enable TSIP TLS (default)
  186. * TSIP CRYPTONLY is also enabled.
  187. * Disable TSIP TLS
  188. * TSIP CRYPTONLY is only enabled.
  189. */
  190. #define WOLFSSL_RENESAS_TSIP_TLS
  191. #if !defined(NO_RENESAS_TSIP_CRYPT)
  192. #define HAVE_PK_CALLBACKS
  193. #define WOLF_CRYPTO_CB
  194. #if defined(WOLFSSL_RENESAS_TSIP_TLS)
  195. #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
  196. #define WOLF_PRIVATE_KEY_ID
  197. #endif
  198. #endif
  199. #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
  200. defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
  201. # undef WOLFSSL_RENESAS_TSIP_TLS
  202. # undef WOLFSSL_RENESAS_TSIP_CRYPT
  203. #endif
  204. /*-------------------------------------------------------------------------
  205. * TSIP generates random numbers using the CRT-DRBG described
  206. * in NIST SP800-90A. Recommend to define the CUSTOM_RAND_GENERATE_BLOCK
  207. * so that wc_RNG_GenerateByte/Block() call TSIP random generatoion API
  208. * directly. Comment out the macro will generate random number by
  209. * wolfSSL Hash DRBG by using a seed which is generated by TSIP API.
  210. *-----------------------------------------------------------------------*/
  211. #define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
  212. #else
  213. #define OPENSSL_EXTRA
  214. #define WOLFSSL_GENSEED_FORTEST /* Warning: define your own seed gen */
  215. #if !defined(min)
  216. #define min(data1, data2) _builtin_min(data1, data2)
  217. #endif
  218. #endif
  219. /*-- TLS version and required definitions --*/
  220. #if defined(WOLFSSL_TLS13)
  221. #define HAVE_FFDHE_2048
  222. #define HAVE_HKDF
  223. #define WC_RSA_PSS
  224. #endif
  225. #define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
  226. /* use original ASN parsing */
  227. #define WOLFSSL_ASN_ORIGINAL