user_settings.h 8.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273
  1. /* user_settings.h
  2. *
  3. * Copyright (C) 2006-2024 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. /*-- Renesas MCU type ---------------------------------------------------------
  22. *
  23. *
  24. *----------------------------------------------------------------------------*/
  25. #define WOLFSSL_RENESAS_RX65N
  26. /*-- Renesas TSIP usage and its version ---------------------------------------
  27. *
  28. * "WOLFSSL_RENESAS_TSIP" definition makes wolfSSL to use H/W acceleration
  29. * for cipher operations.
  30. * TSIP definition asks to have its version number.
  31. * "WOLFSSL_RENESAS_TSIP_VER" takes following value:
  32. * 106: TSIPv1.06
  33. * 109: TSIPv1.09
  34. * 113: TSIPv1.13
  35. * 114: TSIPv1.14
  36. * 115: TSIPv1.15
  37. * 117: TSIPv1.17
  38. * 121: TSIPv1.21
  39. *----------------------------------------------------------------------------*/
  40. #define WOLFSSL_RENESAS_TSIP
  41. #define WOLFSSL_RENESAS_TSIP_VER 121
  42. /*-- TLS version definitions --------------------------------------------------
  43. *
  44. * wolfSSL supports TLSv1.2 by default. In case you want your system to support
  45. * TLSv1.3, uncomment line below.
  46. *
  47. *----------------------------------------------------------------------------*/
  48. #define WOLFSSL_TLS13
  49. /*-- Operating System related definitions --------------------------------------
  50. *
  51. * In case any real-time OS is used, define its name(e.g. FREERTOS).
  52. * Otherwise, define "SINGLE_THREADED". They are exclusive each other.
  53. *
  54. *----------------------------------------------------------------------------*/
  55. #define FREERTOS
  56. #define FREERTOS_TCP
  57. /*-- Compiler related definitions ---------------------------------------------
  58. *
  59. * CC-RX is C99 compliant, but may not provide the features wolfSSL requires.
  60. * This section defines macros for such cases to avoid build-time or run-time
  61. * failures.
  62. *
  63. *----------------------------------------------------------------------------*/
  64. /* CC-RX does not support variable length array */
  65. #define WOLFSSL_SP_NO_DYN_STACK
  66. /*-- Cipher related definitions -----------------------------------------------
  67. *
  68. *
  69. *----------------------------------------------------------------------------*/
  70. #define NO_DEV_RANDOM
  71. #define NO_MD4
  72. #define WOLFSSL_DH_CONST
  73. #define HAVE_TLS_EXTENSIONS
  74. #define HAVE_AESGCM
  75. #define HAVE_AESCCM
  76. #define HAVE_AES_CBC
  77. #define WOLFSSL_SHA512
  78. #define HAVE_SUPPORTED_CURVES
  79. #define HAVE_ECC
  80. #define HAVE_CURVE25519
  81. #define CURVE25519_SMALL
  82. #define WOLFSSL_STATIC_RSA
  83. /* USE_ECC_CERT
  84. * This macro is for selecting root CA certificate to load, it is valid only
  85. * in example applications. wolfSSL does not refer this macro.
  86. * If you want to use cipher suites including ECDSA authentication in
  87. * the example applications with TSIP, enable this macro.
  88. * In TSIP 1.13 or later version, following cipher suites are
  89. * available:
  90. * - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  91. * - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SAH256
  92. *
  93. * Note that, this macro disables cipher suites including RSA
  94. * authentication such as:
  95. * - TLS_RSA_WITH_AES_128_CBC_SHA
  96. * - TLS_RSA_WITH_AES_256_CBC_SHA
  97. * - TLS_RSA_WITH_AES_128_CBC_SHA256
  98. * - TLS_RSA_WITH_AES_256_CBC_SHA256
  99. * - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  100. * - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
  101. *
  102. */
  103. #define USE_ECC_CERT
  104. /* Enable WOLFSSL_CHECK_SIG_FAULTS definition when self-verify for
  105. * Ecc signature is required. It is disabled by default.
  106. */
  107. /*#define WOLFSSL_CHECK_SIG_FAULTS*/
  108. /* In this example application, Root CA cert buffer named
  109. * "ca_ecc_cert_der_256" is used under the following macro definition
  110. * for ECDSA.
  111. */
  112. #define USE_CERT_BUFFERS_256
  113. /* In this example application, Root CA cert buffer named
  114. * "ca_cert_der_2048" is used under the following macro definition
  115. * for RSA authentication.
  116. */
  117. #define USE_CERT_BUFFERS_2048
  118. /*-- Misc definitions ---------------------------------------------------------
  119. *
  120. *
  121. *----------------------------------------------------------------------------*/
  122. #define SIZEOF_LONG_LONG 8
  123. #define WOLFSSL_SMALL_STACK
  124. /*
  125. * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
  126. *
  127. * Note. In your actual products, do not forget to comment-out
  128. * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
  129. * otherwise, certificate expiration validation will not work.
  130. */
  131. /*#define NO_ASN_TIME*/
  132. #define NO_MAIN_DRIVER
  133. #define BENCH_EMBEDDED
  134. #define NO_WOLFSSL_DIR
  135. #define WOLFSSL_NO_CURRDIR
  136. #define NO_FILESYSTEM
  137. #define WOLFSSL_LOG_PRINTF
  138. #define WOLFSSL_HAVE_MIN
  139. #define WOLFSSL_HAVE_MAX
  140. #define NO_WRITEV
  141. #define WOLFSSL_USER_CURRTIME /* for benchmark */
  142. #define TIME_OVERRIDES
  143. #define XTIME time
  144. #define WOLFSSL_GMTIME
  145. #define XGMTIME(c,t) gmtime(c)
  146. #define USE_WOLF_SUSECONDS_T
  147. #define USE_WOLF_TIMEVAL_T
  148. #define XSTRNCASECMP(s1,s2,n) strncmp(s1,s2,n)
  149. #define WC_RSA_BLINDING
  150. #define TFM_TIMING_RESISTANT
  151. #define ECC_TIMING_RESISTANT
  152. #define FP_MAX_BITS 4096
  153. #define WOLFSSL_SP_MATH
  154. #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
  155. #define WOLFSSL_HAVE_SP_RSA
  156. #define WOLFSSL_HAVE_SP_DH
  157. #define WOLFSSL_HAVE_SP_ECC
  158. /*-- Debugging options ------------------------------------------------------
  159. *
  160. * "DEBUG_WOLFSSL" definition enables log to output into stdout.
  161. * Note: wolfSSL_Debugging_ON() must be called just after wolfSSL_Init().
  162. *----------------------------------------------------------------------------*/
  163. /*#define DEBUG_WOLFSSL*/
  164. /*-- Definitions for functionality negation -----------------------------------
  165. *
  166. *
  167. *----------------------------------------------------------------------------*/
  168. /*#define NO_RENESAS_TSIP_CRYPT*/
  169. /*#define NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION*/
  170. #if defined(WOLFCRYPT_ONLY)
  171. #undef WOLFSSL_RENESAS_TSIP
  172. #endif
  173. /*-- Consistency checking between definitions ---------------------------------
  174. *
  175. *
  176. *----------------------------------------------------------------------------*/
  177. /*-- TSIP TLS specific definitions --*/
  178. #if defined(WOLFSSL_RENESAS_TSIP)
  179. #if !defined(WOLFSSL_RENESAS_TSIP_VER)
  180. #error "WOLFSSL_RENESAS_TSIP_VER is required to be defined and have value"
  181. #endif
  182. #endif
  183. /*-- Complementary definitions ------------------------------------------------
  184. *
  185. *
  186. *----------------------------------------------------------------------------*/
  187. #if defined(WOLFSSL_RENESAS_TSIP)
  188. /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
  189. /* Enable TSIP TLS (default)
  190. * TSIP CRYPTONLY is also enabled.
  191. * Disable TSIP TLS
  192. * TSIP CRYPTONLY is only enabled.
  193. */
  194. #define WOLFSSL_RENESAS_TSIP_TLS
  195. #if !defined(NO_RENESAS_TSIP_CRYPT)
  196. #define HAVE_PK_CALLBACKS
  197. #define WOLF_CRYPTO_CB
  198. #if defined(WOLFSSL_RENESAS_TSIP_TLS)
  199. #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
  200. #define WOLF_PRIVATE_KEY_ID
  201. #endif
  202. #endif
  203. #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
  204. defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
  205. # undef WOLFSSL_RENESAS_TSIP_TLS
  206. # undef WOLFSSL_RENESAS_TSIP_CRYPT
  207. #endif
  208. /*-------------------------------------------------------------------------
  209. * TSIP generates random numbers using the CRT-DRBG described
  210. * in NIST SP800-90A. Recommend to define the CUSTOM_RAND_GENERATE_BLOCK
  211. * so that wc_RNG_GenerateByte/Block() call TSIP random generatoion API
  212. * directly. Comment out the macro will generate random number by
  213. * wolfSSL Hash DRBG by using a seed which is generated by TSIP API.
  214. *-----------------------------------------------------------------------*/
  215. #define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
  216. #else
  217. #define OPENSSL_EXTRA
  218. #define WOLFSSL_GENSEED_FORTEST /* Warning: define your own seed gen */
  219. #endif
  220. /*-- TLS version and required definitions --*/
  221. #if defined(WOLFSSL_TLS13)
  222. #define HAVE_FFDHE_2048
  223. #define HAVE_HKDF
  224. #define WC_RSA_PSS
  225. #endif
  226. /*-- strcasecmp */
  227. #define XSTRCASECMP(s1,s2) strcmp((s1),(s2))