forked from wolfSSL/wolfHSM
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathuser_settings.h
More file actions
190 lines (161 loc) · 4.26 KB
/
user_settings.h
File metadata and controls
190 lines (161 loc) · 4.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
/*
* Copyright (C) 2024 wolfSSL Inc.
*
* This file is part of wolfHSM.
*
* wolfHSM is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfHSM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with wolfHSM. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* user_settings.h
*
* Configured to support library testing
*/
#ifndef USER_SETTINGS_H
#define USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/** Settings specific to the host arch, OS, and compiler */
/* #define BIG_ENDIAN_ORDER */
/* #define SINGLE_THREADED */
/* #define WC_NO_ASYNC_THREADING */
/*
#define DEBUG_CRYPTOCB
#define DEBUG_CRYPTOCB_VERBOSE
*/
/** wolfHSM required settings for wolfCrypt */
/* #define WOLFCRYPT_ONLY */
#define WOLF_CRYPTO_CB
#define HAVE_HASHDRBG
#define WOLFSSL_KEY_GEN
#define WOLFSSL_ASN_TEMPLATE
#define WOLFSSL_BASE64_ENCODE
#define HAVE_ANONYMOUS_INLINE_AGGREGATES 1
/* For cert manager */
#define NO_TLS
/* Elminates need for IO layer since we only use CM */
#define WOLFSSL_USER_IO
/* For ACert support (also requires WOLFSSL_ASN_TEMPLATE) */
#define WOLFSSL_ACERT
/** Math library selection for test */
#define USE_FAST_MATH
/** wolfHSM recommended */
/* #define WOLFSSL_NO_MALLOC */
#define WOLFSSL_USE_ALIGN
#define WOLFSSL_IGNORE_FILE_WARN
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
/** Remove unneeded features*/
#define NO_MAIN_DRIVER
#define NO_ERROR_STRINGS
#define NO_ERROR_QUEUE
#define NO_FILESYSTEM
#define NO_INLINE
#define NO_OLD_TLS
#define WOLFSSL_NO_TLS12
#define NO_DO178
/* Prevents certain functions (SHA, hash.c) on server from falling back to
* client cryptoCb when using non-devId APIs */
#define WC_NO_DEFAULT_DEVID
/** Remove unneded namespace */
#define NO_OLD_RNGNAME
#define NO_OLD_WC_NAMES
#define NO_OLD_SSL_NAMES
#define NO_OLD_SHA_NAMES
#define NO_OLD_MD5_NAME
/** RSA Options */
/*#define NO_RSA */
#define RSA_MIN_SIZE 1024
#define WC_RSA_PSS
#define WOLFSSL_PSS_LONG_SALT
#define FP_MAX_BITS 8192
/** ECC Options */
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
/** Curve25519 Options */
#define HAVE_CURVE25519
/** DH and DHE Options */
#define NO_DH
#define HAVE_DH_DEFAULT_PARAMS
#define HAVE_FFDHE_2048
/** AES Options */
/* #define NO_AES */
#define HAVE_AESGCM
#define GCM_TABLE_4BIT
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define WOLFSSL_CMAC
/** SHA Options */
#define NO_SHA
/* #define NO_SHA256 */
/* #define WOLFSSL_SHA384 */
/* #define WOLFSSL_SHA512 */
/* Dilithium Options */
#define HAVE_DILITHIUM
#define WOLFSSL_WC_DILITHIUM /* use wolfCrypt implementation, not libOQS */
#define WOLFSSL_SHA3
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
/* The following options can be individually controlled to customize the
* ML-DSA configuration */
#if 0
#define WOLFSSL_DILITHIUM_VERIFY_ONLY
#endif
#if 0
#define WOLFSSL_DILITHIUM_NO_VERIFY
#endif
#if 0
#define WOLFSSL_DILITHIUM_NO_SIGN
#endif
#if 0
#define WOLFSSL_DILITHIUM_NO_MAKE_KEY
#endif
/** Composite features */
#define HAVE_HKDF
/* Remove unneeded crypto */
#define NO_DSA
#define NO_RC4
#define NO_PSK
#define NO_MD4
#define NO_MD5
#define NO_DES3
#define NO_PWDBASED
/* Allows custom "custom_time()" function to be used for benchmark */
/*
#define WOLFSSL_USER_CURRTIME
#define USER_TICKS
#define HAVE_WC_INTROSPECTION
*/
/* Standard Lib - C89 */
/*
#define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
*/
/* ------------------------------------------------------------------------- */
/* Memory */
/* ------------------------------------------------------------------------- */
#if 0
/* Static memory requires fast math or SP math with no malloc */
#define WOLFSSL_STATIC_MEMORY
/* Disable fallback malloc/free */
#define WOLFSSL_NO_MALLOC
#if 1
#define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
#endif
#endif
#ifdef __cplusplus
}
#endif
#endif /* USER_SETTINGS_H */