user_settings.h 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190
  1. /* user_settings.h
  2. *
  3. * Copyright (C) 2006-2023 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. /* Example 'user_settings.h' for IoT-Safe demo */
  22. #ifndef IOTSAFE_EXAMPLE_USER_SETTINGS_H
  23. #define IOTSAFE_EXAMPLE_USER_SETTINGS_H
  24. #include <stdint.h>
  25. /* Uncomment next line to enable 2-bytes ID demo */
  26. /* #define TWO_BYTES_ID_DEMO */
  27. /* IOT-Safe slot configurations for this example:
  28. * - TWO_BYTES_ID_DEMO: two-bytes ID sim, with hardcoded CA
  29. * - Default: one-byte ID sim, with hardcoded server certificate
  30. */
  31. #if defined(FOUR_BYTES_ID_DEMO)
  32. #define IOTSAFE_ID_SIZE 2
  33. #define CRT_CLIENT_FILE_ID 0xABCD3430 /* pre-provisioned */
  34. #define CRT_SERVER_FILE_ID 0xABCD3330
  35. #define PRIVKEY_ID 0xABCD3230 /* pre-provisioned */
  36. #define ECDH_KEYPAIR_ID 0xABCD3330
  37. #define PEER_PUBKEY_ID 0xABCD3730
  38. #define PEER_CERT_ID 0xABCD3430
  39. /* In this version of the demo, the server certificate is
  40. * stored in a buffer, while the CA is read from a file slot in IoT-SAFE
  41. */
  42. #define SOFT_SERVER_CERT
  43. #elif defined(TWO_BYTES_ID_DEMO)
  44. #define IOTSAFE_ID_SIZE 2
  45. #define CRT_CLIENT_FILE_ID 0x3430 /* pre-provisioned */
  46. #define CRT_SERVER_FILE_ID 0x3330
  47. #define PRIVKEY_ID 0x3230 /* pre-provisioned */
  48. #define ECDH_KEYPAIR_ID 0x3330
  49. #define PEER_PUBKEY_ID 0x3730
  50. #define PEER_CERT_ID 0x3430
  51. /* In this version of the demo, the server certificate is
  52. * stored in a buffer, while the CA is read from a file slot in IoT-SAFE
  53. */
  54. #define SOFT_SERVER_CERT
  55. #else
  56. #define IOTSAFE_ID_SIZE 1
  57. #define CRT_CLIENT_FILE_ID 0x03 /* pre-provisioned */
  58. #define CRT_SERVER_FILE_ID 0x04
  59. #define PRIVKEY_ID 0x02 /* pre-provisioned */
  60. #define ECDH_KEYPAIR_ID 0x03
  61. #define PEER_PUBKEY_ID 0x04
  62. #define PEER_CERT_ID 0x05
  63. /* In this version of the demo, the server certificate is
  64. * read from a file slot in IoT-SAFE, while the CA is stored in buffer in memory
  65. */
  66. #define SOFT_SERVER_CA
  67. #endif
  68. /* Platform */
  69. #define WOLFSSL_IOTSAFE
  70. #define WOLFSSL_SMALL_STACK
  71. #define WOLFSSL_GENERAL_ALIGNMENT 4
  72. #define SINGLE_THREADED
  73. #define WOLFSSL_USER_IO
  74. /* Debugging */
  75. #define WOLFSSL_LOG_PRINTF
  76. /* Change to "if 1" to enable debug */
  77. #if 0
  78. #define DEBUG_WOLFSSL
  79. #define WOLFSSL_DEBUG_TLS
  80. #define DEBUG_IOTSAFE
  81. #endif
  82. /* Features */
  83. #define HAVE_PK_CALLBACKS /* Connect IoT-safe with PK_CALLBACKS */
  84. #define SMALL_SESSION_CACHE
  85. #define USE_CERT_BUFFERS_256
  86. /* RNG */
  87. #define HAVE_IOTSAFE_HWRNG
  88. #define HAVE_HASHDRBG
  89. #define NO_OLD_RNGNAME
  90. //#define USE_GENSEED_FORTEST
  91. /* Time porting */
  92. #define TIME_OVERRIDES
  93. extern volatile unsigned long jiffies;
  94. static inline long XTIME(long *x) { return jiffies;}
  95. #define WOLFSSL_USER_CURRTIME
  96. #define NO_ASN_TIME
  97. /* Math */
  98. #define TFM_TIMING_RESISTANT
  99. #define TFM_ARM
  100. #define WOLFSSL_SP_MATH
  101. #define WOLFSSL_SP_MATH_ALL
  102. #define WOLFSSL_SP_SMALL
  103. #define WOLFSSL_HAVE_SP_DH
  104. #define WOLFSSL_HAVE_SP_ECC
  105. #define WOLFSSL_HAVE_SP_RSA
  106. #define SP_WORD_SIZE 32
  107. /* ECC */
  108. #define HAVE_ECC
  109. #define ECC_ALT_SIZE
  110. #define ECC_TIMING_RESISTANT
  111. /* RSA */
  112. #define RSA_LOW_MEM
  113. #define WC_RSA_BLINDING
  114. #define WC_RSA_PSS
  115. /* DH - on by default */
  116. #define WOLFSSL_DH_CONST
  117. #define HAVE_FFDHE_2048
  118. /* AES */
  119. #define HAVE_AES_DECRYPT
  120. #define HAVE_AESGCM
  121. #define GCM_SMALL
  122. #define HAVE_AESCCM
  123. #define WOLFSSL_AES_COUNTER
  124. #define WOLFSSL_AES_DIRECT
  125. /* Hashing */
  126. #define HAVE_SHA384
  127. #define HAVE_SHA512
  128. #define HAVE_HKDF
  129. /* TLS */
  130. #if 0
  131. /* TLS v1.3 only */
  132. #define WOLFSSL_TLS13
  133. #define WOLFSSL_NO_TLS12
  134. #else
  135. /* TLS v1.2 only */
  136. #endif
  137. #define NO_OLD_TLS
  138. #define HAVE_TLS_EXTENSIONS
  139. #define HAVE_SUPPORTED_CURVES
  140. /* Disable Features */
  141. #define NO_WRITEV
  142. #define NO_FILESYSTEM
  143. #define NO_MAIN_DRIVER
  144. //#define NO_ERROR_STRINGS
  145. /* Disable Algorithms */
  146. #define NO_DES3
  147. #define NO_DSA
  148. #define NO_RC4
  149. #define NO_MD4
  150. #define NO_MD5
  151. #define NO_SHA
  152. #define NO_PKCS12
  153. /* helpers */
  154. #define htons(x) __builtin_bswap16(x)
  155. #define ntohs(x) __builtin_bswap16(x)
  156. #define ntohl(x) __builtin_bswap32(x)
  157. #define htonl(x) __builtin_bswap32(x)
  158. #endif /* !IOTSAFE_EXAMPLE_USER_SETTINGS_H */