123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273 |
- /* user_settings.h
- *
- * Copyright (C) 2006-2024 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- /*-- Renesas MCU type ---------------------------------------------------------
- *
- *
- *----------------------------------------------------------------------------*/
- #define WOLFSSL_RENESAS_RX65N
- /*-- Renesas TSIP usage and its version ---------------------------------------
- *
- * "WOLFSSL_RENESAS_TSIP" definition makes wolfSSL to use H/W acceleration
- * for cipher operations.
- * TSIP definition asks to have its version number.
- * "WOLFSSL_RENESAS_TSIP_VER" takes following value:
- * 106: TSIPv1.06
- * 109: TSIPv1.09
- * 113: TSIPv1.13
- * 114: TSIPv1.14
- * 115: TSIPv1.15
- * 117: TSIPv1.17
- * 121: TSIPv1.21
- *----------------------------------------------------------------------------*/
- #define WOLFSSL_RENESAS_TSIP
- #define WOLFSSL_RENESAS_TSIP_VER 121
- /*-- TLS version definitions --------------------------------------------------
- *
- * wolfSSL supports TLSv1.2 by default. In case you want your system to support
- * TLSv1.3, uncomment line below.
- *
- *----------------------------------------------------------------------------*/
- #define WOLFSSL_TLS13
- /*-- Operating System related definitions --------------------------------------
- *
- * In case any real-time OS is used, define its name(e.g. FREERTOS).
- * Otherwise, define "SINGLE_THREADED". They are exclusive each other.
- *
- *----------------------------------------------------------------------------*/
- #define FREERTOS
- #define FREERTOS_TCP
- /*-- Compiler related definitions ---------------------------------------------
- *
- * CC-RX is C99 compliant, but may not provide the features wolfSSL requires.
- * This section defines macros for such cases to avoid build-time or run-time
- * failures.
- *
- *----------------------------------------------------------------------------*/
- /* CC-RX does not support variable length array */
- #define WOLFSSL_SP_NO_DYN_STACK
- /*-- Cipher related definitions -----------------------------------------------
- *
- *
- *----------------------------------------------------------------------------*/
- #define NO_DEV_RANDOM
- #define NO_MD4
- #define WOLFSSL_DH_CONST
- #define HAVE_TLS_EXTENSIONS
- #define HAVE_AESGCM
- #define HAVE_AESCCM
- #define HAVE_AES_CBC
- #define WOLFSSL_SHA512
- #define HAVE_SUPPORTED_CURVES
- #define HAVE_ECC
- #define HAVE_CURVE25519
- #define CURVE25519_SMALL
- #define WOLFSSL_STATIC_RSA
- /* USE_ECC_CERT
- * This macro is for selecting root CA certificate to load, it is valid only
- * in example applications. wolfSSL does not refer this macro.
- * If you want to use cipher suites including ECDSA authentication in
- * the example applications with TSIP, enable this macro.
- * In TSIP 1.13 or later version, following cipher suites are
- * available:
- * - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- * - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SAH256
- *
- * Note that, this macro disables cipher suites including RSA
- * authentication such as:
- * - TLS_RSA_WITH_AES_128_CBC_SHA
- * - TLS_RSA_WITH_AES_256_CBC_SHA
- * - TLS_RSA_WITH_AES_128_CBC_SHA256
- * - TLS_RSA_WITH_AES_256_CBC_SHA256
- * - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- * - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
- *
- */
- #define USE_ECC_CERT
- /* Enable WOLFSSL_CHECK_SIG_FAULTS definition when self-verify for
- * Ecc signature is required. It is disabled by default.
- */
- /*#define WOLFSSL_CHECK_SIG_FAULTS*/
- /* In this example application, Root CA cert buffer named
- * "ca_ecc_cert_der_256" is used under the following macro definition
- * for ECDSA.
- */
- #define USE_CERT_BUFFERS_256
- /* In this example application, Root CA cert buffer named
- * "ca_cert_der_2048" is used under the following macro definition
- * for RSA authentication.
- */
- #define USE_CERT_BUFFERS_2048
- /*-- Misc definitions ---------------------------------------------------------
- *
- *
- *----------------------------------------------------------------------------*/
- #define SIZEOF_LONG_LONG 8
- #define WOLFSSL_SMALL_STACK
- /*
- * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
- *
- * Note. In your actual products, do not forget to comment-out
- * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
- * otherwise, certificate expiration validation will not work.
- */
- /*#define NO_ASN_TIME*/
- #define NO_MAIN_DRIVER
- #define BENCH_EMBEDDED
- #define NO_WOLFSSL_DIR
- #define WOLFSSL_NO_CURRDIR
- #define NO_FILESYSTEM
- #define WOLFSSL_LOG_PRINTF
- #define WOLFSSL_HAVE_MIN
- #define WOLFSSL_HAVE_MAX
- #define NO_WRITEV
- #define WOLFSSL_USER_CURRTIME /* for benchmark */
- #define TIME_OVERRIDES
- #define XTIME time
- #define WOLFSSL_GMTIME
- #define XGMTIME(c,t) gmtime(c)
- #define USE_WOLF_SUSECONDS_T
- #define USE_WOLF_TIMEVAL_T
- #define XSTRNCASECMP(s1,s2,n) strncmp(s1,s2,n)
- #define WC_RSA_BLINDING
- #define TFM_TIMING_RESISTANT
- #define ECC_TIMING_RESISTANT
- #define FP_MAX_BITS 4096
- #define WOLFSSL_SP_MATH
- #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
- #define WOLFSSL_HAVE_SP_RSA
- #define WOLFSSL_HAVE_SP_DH
- #define WOLFSSL_HAVE_SP_ECC
- /*-- Debugging options ------------------------------------------------------
- *
- * "DEBUG_WOLFSSL" definition enables log to output into stdout.
- * Note: wolfSSL_Debugging_ON() must be called just after wolfSSL_Init().
- *----------------------------------------------------------------------------*/
- /*#define DEBUG_WOLFSSL*/
- /*-- Definitions for functionality negation -----------------------------------
- *
- *
- *----------------------------------------------------------------------------*/
- /*#define NO_RENESAS_TSIP_CRYPT*/
- /*#define NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION*/
- #if defined(WOLFCRYPT_ONLY)
- #undef WOLFSSL_RENESAS_TSIP
- #endif
- /*-- Consistency checking between definitions ---------------------------------
- *
- *
- *----------------------------------------------------------------------------*/
- /*-- TSIP TLS specific definitions --*/
- #if defined(WOLFSSL_RENESAS_TSIP)
- #if !defined(WOLFSSL_RENESAS_TSIP_VER)
- #error "WOLFSSL_RENESAS_TSIP_VER is required to be defined and have value"
- #endif
- #endif
- /*-- Complementary definitions ------------------------------------------------
- *
- *
- *----------------------------------------------------------------------------*/
- #if defined(WOLFSSL_RENESAS_TSIP)
- /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
- /* Enable TSIP TLS (default)
- * TSIP CRYPTONLY is also enabled.
- * Disable TSIP TLS
- * TSIP CRYPTONLY is only enabled.
- */
- #define WOLFSSL_RENESAS_TSIP_TLS
- #if !defined(NO_RENESAS_TSIP_CRYPT)
- #define HAVE_PK_CALLBACKS
- #define WOLF_CRYPTO_CB
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
- #define WOLF_PRIVATE_KEY_ID
- #endif
- #endif
- #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
- defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
- # undef WOLFSSL_RENESAS_TSIP_TLS
- # undef WOLFSSL_RENESAS_TSIP_CRYPT
- #endif
- /*-------------------------------------------------------------------------
- * TSIP generates random numbers using the CRT-DRBG described
- * in NIST SP800-90A. Recommend to define the CUSTOM_RAND_GENERATE_BLOCK
- * so that wc_RNG_GenerateByte/Block() call TSIP random generatoion API
- * directly. Comment out the macro will generate random number by
- * wolfSSL Hash DRBG by using a seed which is generated by TSIP API.
- *-----------------------------------------------------------------------*/
- #define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
- #else
- #define OPENSSL_EXTRA
- #define WOLFSSL_GENSEED_FORTEST /* Warning: define your own seed gen */
- #endif
- /*-- TLS version and required definitions --*/
- #if defined(WOLFSSL_TLS13)
- #define HAVE_FFDHE_2048
- #define HAVE_HKDF
- #define WC_RSA_PSS
- #endif
- /*-- strcasecmp */
- #define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
|