2
0

user_settings.h 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
  1. /* user_settings.h
  2. *
  3. * Copyright (C) 2006-2022 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. /* Example 'user_settings.h' for IoT-Safe demo */
  22. #ifndef IOTSAFE_EXAMPLE_USER_SETTINGS_H
  23. #define IOTSAFE_EXAMPLE_USER_SETTINGS_H
  24. #include <stdint.h>
  25. /* Uncomment next line to enable 2-bytes ID demo */
  26. /* #define TWO_BYTES_ID_DEMO */
  27. /* IOT-Safe slot configurations for this example:
  28. * - TWO_BYTES_ID_DEMO: two-bytes ID sim, with hardcoded CA
  29. * - Default: one-byte ID sim, with hardcoded server certificate
  30. */
  31. #ifdef TWO_BYTES_ID_DEMO
  32. #define IOTSAFE_ID_SIZE 2
  33. #define CRT_CLIENT_FILE_ID 0x3430 /* pre-provisioned */
  34. #define CRT_SERVER_FILE_ID 0x3330
  35. #define PRIVKEY_ID 0x3230 /* pre-provisioned */
  36. #define ECDH_KEYPAIR_ID 0x3330
  37. #define PEER_PUBKEY_ID 0x3730
  38. #define PEER_CERT_ID 0x3430
  39. /* In this version of the demo, the server certificate is
  40. * stored in a buffer, while the CA is read from a file slot in IoT-SAFE
  41. */
  42. #define SOFT_SERVER_CERT
  43. #else
  44. #define IOTSAFE_ID_SIZE 1
  45. #define CRT_CLIENT_FILE_ID 0x03 /* pre-provisioned */
  46. #define CRT_SERVER_FILE_ID 0x04
  47. #define PRIVKEY_ID 0x02 /* pre-provisioned */
  48. #define ECDH_KEYPAIR_ID 0x03
  49. #define PEER_PUBKEY_ID 0x04
  50. #define PEER_CERT_ID 0x05
  51. /* In this version of the demo, the server certificate is
  52. * read from a file slot in IoT-SAFE, while the CA is stored in buffer in memory
  53. */
  54. #define SOFT_SERVER_CA
  55. #endif
  56. /* Platform */
  57. #define WOLFSSL_IOTSAFE
  58. #define WOLFSSL_SMALL_STACK
  59. #define WOLFSSL_GENERAL_ALIGNMENT 4
  60. #define SINGLE_THREADED
  61. #define WOLFSSL_USER_IO
  62. /* Debugging */
  63. #define WOLFSSL_LOG_PRINTF
  64. /* Change to "if 1" to enable debug */
  65. #if 0
  66. #define DEBUG_WOLFSSL
  67. #define WOLFSSL_DEBUG_TLS
  68. #define DEBUG_IOTSAFE
  69. #endif
  70. /* Features */
  71. #define HAVE_PK_CALLBACKS /* Connect IoT-safe with PK_CALLBACKS */
  72. #define SMALL_SESSION_CACHE
  73. #define USE_CERT_BUFFERS_256
  74. /* RNG */
  75. #define HAVE_IOTSAFE_HWRNG
  76. #define HAVE_HASHDRBG
  77. #define NO_OLD_RNGNAME
  78. //#define USE_GENSEED_FORTEST
  79. /* Time porting */
  80. #define TIME_OVERRIDES
  81. extern volatile unsigned long jiffies;
  82. static inline long XTIME(long *x) { return jiffies;}
  83. #define WOLFSSL_USER_CURRTIME
  84. #define NO_ASN_TIME
  85. /* Math */
  86. #define TFM_TIMING_RESISTANT
  87. #define TFM_ARM
  88. #define WOLFSSL_SP_MATH
  89. #define WOLFSSL_SP_MATH_ALL
  90. #define WOLFSSL_SP_SMALL
  91. #define WOLFSSL_HAVE_SP_DH
  92. #define WOLFSSL_HAVE_SP_ECC
  93. #define WOLFSSL_HAVE_SP_RSA
  94. #define SP_WORD_SIZE 32
  95. /* ECC */
  96. #define HAVE_ECC
  97. #define ECC_ALT_SIZE
  98. #define ECC_TIMING_RESISTANT
  99. /* RSA */
  100. #define RSA_LOW_MEM
  101. #define WC_RSA_BLINDING
  102. #define WC_RSA_PSS
  103. /* DH - on by default */
  104. #define WOLFSSL_DH_CONST
  105. #define HAVE_FFDHE_2048
  106. /* AES */
  107. #define HAVE_AES_DECRYPT
  108. #define HAVE_AESGCM
  109. #define GCM_SMALL
  110. #define HAVE_AESCCM
  111. #define WOLFSSL_AES_COUNTER
  112. #define WOLFSSL_AES_DIRECT
  113. /* Hashing */
  114. #define HAVE_SHA384
  115. #define HAVE_SHA512
  116. #define HAVE_HKDF
  117. /* TLS */
  118. #if 0
  119. /* TLS v1.3 only */
  120. #define WOLFSSL_TLS13
  121. #define WOLFSSL_NO_TLS12
  122. #else
  123. /* TLS v1.2 only */
  124. #endif
  125. #define NO_OLD_TLS
  126. #define HAVE_TLS_EXTENSIONS
  127. #define HAVE_SUPPORTED_CURVES
  128. /* Disable Features */
  129. #define NO_WRITEV
  130. #define NO_FILESYSTEM
  131. #define NO_MAIN_DRIVER
  132. //#define NO_ERROR_STRINGS
  133. /* Disable Algorithms */
  134. #define NO_DES3
  135. #define NO_DSA
  136. #define NO_RC4
  137. #define NO_MD4
  138. #define NO_MD5
  139. #define NO_SHA
  140. #define NO_PKCS12
  141. /* helpers */
  142. #define htons(x) __builtin_bswap16(x)
  143. #define ntohs(x) __builtin_bswap16(x)
  144. #define ntohl(x) __builtin_bswap32(x)
  145. #define htonl(x) __builtin_bswap32(x)
  146. #endif /* !IOTSAFE_EXAMPLE_USER_SETTINGS_H */