user_settings_tls12.h 5.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158
  1. /* user_settings_tls12.h
  2. *
  3. * Copyright (C) 2006-2024 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. /* Example for TLS v1.2 client only, ECC only, AES GCM only, SHA2-256 only */
  22. /* Derived using:
  23. * ./configure --disable-rsa --disable-dh --disable-tls13 --disable-chacha \
  24. * --disable-poly1305 --disable-sha224 --disable-sha --disable-md5
  25. * From generated wolfssl/options.h
  26. * Build and Test using:
  27. * ./configure --enable-usersettings --disable-examples
  28. * make
  29. * ./wolfcrypt/test/testwolfcrypt
  30. */
  31. #ifndef WOLFSSL_USER_SETTINGS_H
  32. #define WOLFSSL_USER_SETTINGS_H
  33. #ifdef __cplusplus
  34. extern "C" {
  35. #endif
  36. /* ------------------------------------------------------------------------- */
  37. /* Platform */
  38. /* ------------------------------------------------------------------------- */
  39. /* Use the SetIO callbacks, not the internal wolfio.c socket code */
  40. #define WOLFSSL_USER_IO
  41. #define WOLFSSL_IGNORE_FILE_WARN /* ignore file includes not required */
  42. //#define WOLFSSL_SMALL_STACK /* option to reduce stack size, offload to heap */
  43. #define NO_FILESYSTEM
  44. #define NO_WRITEV
  45. #define NO_SIG_WRAPPER
  46. /* ------------------------------------------------------------------------- */
  47. /* Math */
  48. /* ------------------------------------------------------------------------- */
  49. /* Math Options */
  50. #if 1 /* Single-precision (SP) wolf math - ECC only */
  51. #define WOLFSSL_HAVE_SP_ECC /* use sp_c32.c for math */
  52. #define WOLFSSL_SP_SMALL /* use smaller version of code */
  53. #define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
  54. /* optional Cortex-M3+ speedup with inline assembly */
  55. //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
  56. #elif 1
  57. /* Multi-precision wolf math */
  58. #define WOLFSSL_SP_MATH_ALL /* use sp_int.c generic math */
  59. #define WOLFSSL_SP_SMALL /* use smaller version of code */
  60. #else
  61. /* Fast Math - tfm.c */
  62. #define USE_FAST_MATH
  63. #define TFM_TIMING_RESISTANT
  64. #define WOLFSSL_NO_ASM
  65. #endif
  66. /* ------------------------------------------------------------------------- */
  67. /* TLS */
  68. /* ------------------------------------------------------------------------- */
  69. /* Enable TLS v1.2 (on by default) */
  70. #undef WOLFSSL_NO_TLS12
  71. /* Disable TLS server code */
  72. #define NO_WOLFSSL_SERVER
  73. //#define NO_WOLFSSL_CLIENT
  74. /* Disable TLS v1.3 code */
  75. #undef WOLFSSL_TLS13
  76. /* Disable older TLS version prior to 1.2 */
  77. #define NO_OLD_TLS
  78. /* Enable default TLS extensions */
  79. #define HAVE_TLS_EXTENSIONS
  80. #define HAVE_SUPPORTED_CURVES
  81. #define HAVE_EXTENDED_MASTER
  82. #define HAVE_ENCRYPT_THEN_MAC
  83. #define HAVE_SERVER_RENEGOTIATION_INFO
  84. //#define HAVE_SNI /* optional Server Name Indicator (SNI) */
  85. /* ASN */
  86. #define WOLFSSL_ASN_TEMPLATE /* use newer ASN template asn.c code (default) */
  87. /* Disable Features */
  88. #define NO_SESSION_CACHE /* disable session resumption */
  89. #define NO_PSK /* pre-shared-key support */
  90. /* ------------------------------------------------------------------------- */
  91. /* Algorithms */
  92. /* ------------------------------------------------------------------------- */
  93. /* RNG */
  94. #define HAVE_HASHDRBG /* Use DRBG SHA2-256 and seed */
  95. /* Enable ECC */
  96. #define HAVE_ECC
  97. #define ECC_USER_CURVES /* Enable only ECC curves specific */
  98. #undef NO_ECC256 /* Enable SECP256R1 only (on by default) */
  99. #define ECC_TIMING_RESISTANT /* Enable Timing Resistance */
  100. /* Optional ECC calculation speed improvement if not using SP implementation */
  101. //#define ECC_SHAMIR
  102. /* Enable SHA2-256 only (on by default) */
  103. #undef NO_SHA256
  104. //#define USE_SLOW_SHA256 /* Reduces code size by not partially unrolling */
  105. /* Enable AES GCM only */
  106. #define HAVE_AESGCM
  107. #define GCM_SMALL /* use small GHASH table */
  108. #define NO_AES_CBC /* Disable AES CBC */
  109. /* Optional Features */
  110. //#define WOLFSSL_BASE64_ENCODE /* Enable Base64 encoding */
  111. /* Disable Algorithms */
  112. #define NO_RSA
  113. #define NO_DH
  114. #define NO_SHA
  115. #define NO_DSA
  116. #define NO_RC4
  117. #define NO_MD4
  118. #define NO_MD5
  119. #define NO_DES3
  120. #define NO_PWDBASED
  121. #define WOLFSSL_NO_SHAKE128
  122. #define WOLFSSL_NO_SHAKE256
  123. /* ------------------------------------------------------------------------- */
  124. /* Debugging */
  125. /* ------------------------------------------------------------------------- */
  126. #undef DEBUG_WOLFSSL
  127. #undef NO_ERROR_STRINGS
  128. #if 0
  129. #define DEBUG_WOLFSSL
  130. #else
  131. #if 1
  132. #define NO_ERROR_STRINGS
  133. #endif
  134. #endif
  135. #ifdef __cplusplus
  136. }
  137. #endif
  138. #endif /* WOLFSSL_USER_SETTINGS_H */