user_settings.h 10.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427
  1. /* Example custom user settings for wolfSSL */
  2. #ifndef WOLFSSL_USER_SETTINGS_H
  3. #define WOLFSSL_USER_SETTINGS_H
  4. #ifdef __cplusplus
  5. extern "C" {
  6. #endif
  7. #include <stddef.h> /* for size_t */
  8. /* ------------------------------------------------------------------------- */
  9. /* Platform */
  10. /* ------------------------------------------------------------------------- */
  11. #undef WOLFSSL_GENERAL_ALIGNMENT
  12. #define WOLFSSL_GENERAL_ALIGNMENT 4
  13. #undef SINGLE_THREADED
  14. #define SINGLE_THREADED
  15. #undef WOLFSSL_SMALL_STACK
  16. //#define WOLFSSL_SMALL_STACK
  17. #undef WOLFSSL_SMALL_STACK_CACHE
  18. //#define WOLFSSL_SMALL_STACK_CACHE
  19. #define WOLFSSL_IGNORE_FILE_WARN
  20. /* ------------------------------------------------------------------------- */
  21. /* Math Configuration */
  22. /* ------------------------------------------------------------------------- */
  23. #undef USE_FAST_MATH
  24. #define USE_FAST_MATH
  25. #ifdef USE_FAST_MATH
  26. #undef TFM_TIMING_RESISTANT
  27. #define TFM_TIMING_RESISTANT
  28. /* Optimizations (TFM_ARM, TFM_ASM or none) */
  29. #define TFM_ARM
  30. //#define TFM_ASM
  31. #endif
  32. /* Math debugging (adds support for mp_dump) */
  33. #undef WOLFSSL_DEBUG_MATH
  34. //#define WOLFSSL_DEBUG_MATH
  35. /* Wolf Single Precision Math */
  36. #undef WOLFSSL_SP
  37. #if 0
  38. #define WOLFSSL_SP
  39. #define WOLFSSL_SP_SMALL /* use smaller version of code */
  40. #define WOLFSSL_HAVE_SP_RSA
  41. #define WOLFSSL_HAVE_SP_DH
  42. #define WOLFSSL_HAVE_SP_ECC
  43. //#define WOLFSSL_SP_CACHE_RESISTANT
  44. #define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
  45. /* SP Assembly Speedups */
  46. #define WOLFSSL_SP_ASM /* required if using the ASM versions */
  47. //#define WOLFSSL_SP_ARM32_ASM
  48. //#define WOLFSSL_SP_ARM64_ASM
  49. //#define WOLFSSL_SP_ARM_THUMB_ASM
  50. #define WOLFSSL_SP_ARM_CORTEX_M_ASM
  51. #endif
  52. /* ------------------------------------------------------------------------- */
  53. /* Crypto */
  54. /* ------------------------------------------------------------------------- */
  55. /* ECC */
  56. #if 1
  57. #undef HAVE_ECC
  58. #define HAVE_ECC
  59. /* Manually define enabled curves */
  60. #undef ECC_USER_CURVES
  61. #define ECC_USER_CURVES
  62. #define HAVE_ECC192
  63. #define HAVE_ECC224
  64. #undef NO_ECC256
  65. #define HAVE_ECC384
  66. #ifndef USE_NXP_LTC /* NXP LTC HW supports up to 384 */
  67. #define HAVE_ECC521
  68. #endif
  69. /* Fixed point cache (speeds repeated operations against same private key) */
  70. #undef FP_ECC
  71. //#define FP_ECC
  72. #ifdef FP_ECC
  73. /* Bits / Entries */
  74. #undef FP_ENTRIES
  75. #define FP_ENTRIES 2
  76. #undef FP_LUT
  77. #define FP_LUT 4
  78. #endif
  79. /* Optional ECC calculation method */
  80. /* Note: doubles heap usage, but slightly faster */
  81. #undef ECC_SHAMIR
  82. #ifndef USE_NXP_LTC /* Don't enable Shamir code for HW ECC */
  83. #define ECC_SHAMIR
  84. #endif
  85. /* Reduces heap usage, but slower */
  86. #undef ECC_TIMING_RESISTANT
  87. #define ECC_TIMING_RESISTANT
  88. #ifdef USE_FAST_MATH
  89. /* use reduced size math buffers for ecc points */
  90. #undef ALT_ECC_SIZE
  91. #define ALT_ECC_SIZE
  92. /* Enable TFM optimizations for ECC */
  93. #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
  94. #define TFM_ECC192
  95. #endif
  96. #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
  97. #define TFM_ECC224
  98. #endif
  99. #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
  100. #define TFM_ECC256
  101. #endif
  102. #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
  103. #define TFM_ECC384
  104. #endif
  105. #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
  106. #define TFM_ECC521
  107. #endif
  108. #endif
  109. #endif
  110. /* RSA */
  111. #undef NO_RSA
  112. #if 1
  113. #ifdef USE_FAST_MATH
  114. /* Maximum math bits (Max RSA key bits * 2) */
  115. #undef FP_MAX_BITS
  116. #define FP_MAX_BITS 4096
  117. #endif
  118. /* half as much memory but twice as slow */
  119. #undef RSA_LOW_MEM
  120. //#define RSA_LOW_MEM
  121. /* Enables blinding mode, to prevent timing attacks */
  122. #undef WC_RSA_BLINDING
  123. #define WC_RSA_BLINDING
  124. #else
  125. #define NO_RSA
  126. #endif
  127. /* AES */
  128. #undef NO_AES
  129. #if 1
  130. #undef HAVE_AESGCM
  131. #define HAVE_AESGCM
  132. /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
  133. #undef GCM_SMALL
  134. #define GCM_SMALL
  135. #else
  136. #define NO_AES
  137. #endif
  138. /* ChaCha20 / Poly1305 */
  139. #undef HAVE_CHACHA
  140. #undef HAVE_POLY1305
  141. #if 1
  142. #define HAVE_CHACHA
  143. #define HAVE_POLY1305
  144. /* Needed for Poly1305 */
  145. #undef HAVE_ONE_TIME_AUTH
  146. #define HAVE_ONE_TIME_AUTH
  147. #endif
  148. /* Ed25519 / Curve25519 */
  149. #undef HAVE_CURVE25519
  150. #undef HAVE_ED25519
  151. #if 1
  152. #define HAVE_CURVE25519
  153. #define HAVE_ED25519
  154. /* Optionally use small math (less flash usage, but much slower) */
  155. #if 0
  156. #define CURVED25519_SMALL
  157. #endif
  158. #endif
  159. /* ------------------------------------------------------------------------- */
  160. /* Hashing */
  161. /* ------------------------------------------------------------------------- */
  162. /* Sha */
  163. #undef NO_SHA
  164. #if 1
  165. /* 1k smaller, but 25% slower */
  166. //#define USE_SLOW_SHA
  167. #else
  168. #define NO_SHA
  169. #endif
  170. /* Sha256 */
  171. #undef NO_SHA256
  172. #if 1
  173. #else
  174. #define NO_SHA256
  175. #endif
  176. /* Sha512 */
  177. #undef WOLFSSL_SHA512
  178. #if 1
  179. #define WOLFSSL_SHA512
  180. /* Sha384 */
  181. #undef WOLFSSL_SHA384
  182. #if 1
  183. #define WOLFSSL_SHA384
  184. #endif
  185. /* over twice as small, but 50% slower */
  186. //#define USE_SLOW_SHA2
  187. #endif
  188. /* MD5 */
  189. #undef NO_MD5
  190. #if 1
  191. #else
  192. #define NO_MD5
  193. #endif
  194. /* ------------------------------------------------------------------------- */
  195. /* HW Crypto Acceleration */
  196. /* ------------------------------------------------------------------------- */
  197. #define FSL_HW_CRYPTO_MANUAL_SELECTION
  198. #if 1
  199. /* NXP MMCAU / LTC Support (See README.md for instructions) */
  200. #if defined(USE_NXP_MMCAU) || defined(USE_NXP_LTC)
  201. #ifdef USE_NXP_MMCAU
  202. #define FREESCALE_USE_MMCAU
  203. #endif
  204. #ifdef USE_NXP_LTC
  205. #define FREESCALE_USE_LTC
  206. #define LTC_MAX_ECC_BITS (384)
  207. #define LTC_MAX_INT_BYTES (256)
  208. //#define FREESCALE_LTC_TFM_RSA_4096_ENABLE
  209. #endif
  210. #endif
  211. #endif
  212. /* ------------------------------------------------------------------------- */
  213. /* Benchmark / Test */
  214. /* ------------------------------------------------------------------------- */
  215. /* Use reduced benchmark / test sizes */
  216. #undef BENCH_EMBEDDED
  217. #define BENCH_EMBEDDED
  218. #undef USE_CERT_BUFFERS_2048
  219. #define USE_CERT_BUFFERS_2048
  220. #undef USE_CERT_BUFFERS_256
  221. #define USE_CERT_BUFFERS_256
  222. /* ------------------------------------------------------------------------- */
  223. /* Debugging */
  224. /* ------------------------------------------------------------------------- */
  225. #undef DEBUG_WOLFSSL
  226. //#define DEBUG_WOLFSSL
  227. #ifdef DEBUG_WOLFSSL
  228. #define fprintf(file, format, ...) printf(format, ##__VA_ARGS__)
  229. /* Use this to measure / print heap usage */
  230. #if 0
  231. #undef USE_WOLFSSL_MEMORY
  232. #define USE_WOLFSSL_MEMORY
  233. #undef WOLFSSL_TRACK_MEMORY
  234. #define WOLFSSL_TRACK_MEMORY
  235. #endif
  236. #else
  237. #undef NO_WOLFSSL_MEMORY
  238. #define NO_WOLFSSL_MEMORY
  239. #undef NO_ERROR_STRINGS
  240. //#define NO_ERROR_STRINGS
  241. #endif
  242. /* ------------------------------------------------------------------------- */
  243. /* Port */
  244. /* ------------------------------------------------------------------------- */
  245. /* Override Current Time */
  246. /* Allows custom "custom_time()" function to be used for benchmark */
  247. #define WOLFSSL_USER_CURRTIME
  248. #define USER_TICKS
  249. extern unsigned long ksdk_time(unsigned long* timer);
  250. #define XTIME ksdk_time
  251. /* ------------------------------------------------------------------------- */
  252. /* RNG */
  253. /* ------------------------------------------------------------------------- */
  254. /* Size of returned HW RNG value */
  255. #define CUSTOM_RAND_TYPE unsigned int
  256. /* Seed source */
  257. extern unsigned int custom_rand_generate(void);
  258. #undef CUSTOM_RAND_GENERATE
  259. #define CUSTOM_RAND_GENERATE custom_rand_generate
  260. /* Choose RNG method */
  261. #if 1
  262. /* Use built-in P-RNG (SHA256 based) with HW RNG */
  263. /* P-RNG + HW RNG (P-RNG is ~8K) */
  264. #undef HAVE_HASHDRBG
  265. #define HAVE_HASHDRBG
  266. #else
  267. #undef WC_NO_HASHDRBG
  268. #define WC_NO_HASHDRBG
  269. /* Bypass P-RNG and use only HW RNG */
  270. extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);
  271. #undef CUSTOM_RAND_GENERATE_BLOCK
  272. #define CUSTOM_RAND_GENERATE_BLOCK custom_rand_generate_block
  273. #endif
  274. /* ------------------------------------------------------------------------- */
  275. /* Enable Features */
  276. /* ------------------------------------------------------------------------- */
  277. #undef KEEP_PEER_CERT
  278. //#define KEEP_PEER_CERT
  279. #undef HAVE_COMP_KEY
  280. //#define HAVE_COMP_KEY
  281. #undef HAVE_TLS_EXTENSIONS
  282. //#define HAVE_TLS_EXTENSIONS
  283. #undef HAVE_SUPPORTED_CURVES
  284. //#define HAVE_SUPPORTED_CURVES
  285. #undef WOLFSSL_BASE64_ENCODE
  286. //#define WOLFSSL_BASE64_ENCODE
  287. /* TLS Session Cache */
  288. #if 0
  289. #define SMALL_SESSION_CACHE
  290. #else
  291. #define NO_SESSION_CACHE
  292. #endif
  293. /* ------------------------------------------------------------------------- */
  294. /* Disable Features */
  295. /* ------------------------------------------------------------------------- */
  296. #undef NO_WOLFSSL_SERVER
  297. //#define NO_WOLFSSL_SERVER
  298. #undef NO_WOLFSSL_CLIENT
  299. //#define NO_WOLFSSL_CLIENT
  300. #undef NO_CRYPT_TEST
  301. //#define NO_CRYPT_TEST
  302. #undef NO_CRYPT_BENCHMARK
  303. //#define NO_CRYPT_BENCHMARK
  304. /* In-lining of misc.c functions */
  305. /* If defined, must include wolfcrypt/src/misc.c in build */
  306. /* Slower, but about 1k smaller */
  307. #undef NO_INLINE
  308. //#define NO_INLINE
  309. #undef NO_FILESYSTEM
  310. #define NO_FILESYSTEM
  311. #undef NO_WRITEV
  312. #define NO_WRITEV
  313. #undef NO_MAIN_DRIVER
  314. #define NO_MAIN_DRIVER
  315. #undef NO_DEV_RANDOM
  316. #define NO_DEV_RANDOM
  317. #undef NO_DSA
  318. #define NO_DSA
  319. #undef NO_DH
  320. #define NO_DH
  321. #undef NO_DES3
  322. #define NO_DES3
  323. #undef NO_RC4
  324. #define NO_RC4
  325. #undef NO_OLD_TLS
  326. #define NO_OLD_TLS
  327. #undef NO_PSK
  328. #define NO_PSK
  329. #undef NO_MD4
  330. #define NO_MD4
  331. #undef NO_PWDBASED
  332. #define NO_PWDBASED
  333. #undef NO_CODING
  334. #define NO_CODING
  335. #ifdef __cplusplus
  336. }
  337. #endif
  338. #endif /* WOLFSSL_USER_SETTINGS_H */