starlight-apk/tiny_computer
1
0
Fork 0
mirror of https://github.com/Cateners/tiny_computer.git synced 2026-05-21 00:45:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update code to v1.0.14 (10)

Browse Source
This commit is contained in:
Caten
2024-02-29 19:35:00 +08:00
parent c2ee3b694c
commit a956d26f6d
3188 changed files with 2317293 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
android/extern/wolfssl/examples/configs/README.md vendored Normal file
View File

@@ -0,0 +1,26 @@
# Example build configurations
Example wolfSSL configuration file templates for use when autoconf is not available, such as building with a custom IDE.
## Files
* `user_settings_template.h`: Template that allows modular algorithm and feature selection using `#if 0` logic.
* `user_settings_all.h`: This is wolfSSL with all features enabled. Equivalent to `./configure --enable-all`.
* `user_settings_min_ecc.h`: This is ECC and SHA-256 only. For ECC verify only add `BUILD_VERIFY_ONLY`.
* `user_settings_wolfboot_keytools.h`: This from wolfBoot tools/keytools and is ECC, RSA, ED25519 and ChaCha20.
* `user_settings_fipsv2.h`: The FIPS v2 (3389) 140-2 certificate build options.
* `user_settings_fipsv5.h`: The FIPS v5 (ready) 140-3 build options. Equivalent to `./configure --enable-fips=v5-dev`.
* `user_settings_stm32.h`: Example configuration file generated from the wolfSSL STM32 Cube pack.
## Usage
1. Copy to your local project and rename to `user_settings.h`.
2. Add pre-processor macro `WOLFSSL_USER_SETTINGS` to your project.
3. Make sure and include `#include <wolfssl/wolfcrypt/settings.h>` prior to any other wolfSSL headers in your application.
## Testing with Autoconf
To use these with autoconf:
1. Copy file to root as `user_settings.h`.
2. Run `./configure --enable-usersettings --disable-examples && make`

11
android/extern/wolfssl/examples/configs/include.am vendored Normal file
View File

@@ -0,0 +1,11 @@
# vim:ft=automake
# All paths should be given relative to the root
EXTRA_DIST += examples/configs/README.md
EXTRA_DIST += examples/configs/user_settings_all.h
EXTRA_DIST += examples/configs/user_settings_min_ecc.h
EXTRA_DIST += examples/configs/user_settings_wolfboot_keytools.h
EXTRA_DIST += examples/configs/user_settings_template.h
EXTRA_DIST += examples/configs/user_settings_fipsv2.h
EXTRA_DIST += examples/configs/user_settings_fipsv5.h
EXTRA_DIST += examples/configs/user_settings_stm32.h

230
android/extern/wolfssl/examples/configs/user_settings_all.h vendored Normal file
View File

@@ -0,0 +1,230 @@
/* user_settings_all.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* should be renamed to user_settings.h for customer use
* generated from configure options ./configure --enable-all
*
* Cleaned up by David Garske
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* Features */
#define WOLFSSL_PUBLIC_MP /* Make math API's public */
#define KEEP_PEER_CERT /* Retain peer's certificate */
#define KEEP_OUR_CERT /* Keep our certificate */
#define WOLFSSL_ALWAYS_VERIFY_CB /* Always call verify callback (configured via wolfSSL_CTX_set_verify API) */
#define WOLFSSL_VERIFY_CB_ALL_CERTS /* Call verify callback for all intermediate certs */
#define WOLFSSL_ALWAYS_KEEP_SNI
#define WOLFSSL_EXTRA_ALERTS /* Allow sending other TLS alerts */
#define HAVE_EX_DATA /* Enable "extra" EX data API's for user information in CTX/WOLFSSL */
#define HAVE_EXT_CACHE
#define ATOMIC_USER /* Enable Atomic Record Layer callbacks */
#define HAVE_PK_CALLBACKS /* Enable public key callbacks */
#define WOLFSSL_ALT_NAMES /* Allow alternate cert chain validation to any trusted cert (not entire chain presented by peer) */
#define HAVE_NULL_CIPHER /* Enable use of TLS cipher suites without cipher (clear text / no encryption) */
#define WOLFSSL_HAVE_CERT_SERVICE
#define WOLFSSL_JNI
#define WOLFSSL_SEP
#define WOLFCRYPT_HAVE_SRP
#define WOLFSSL_HAVE_WOLFSCEP
#define WOLFSSL_ENCRYPTED_KEYS /* Support for encrypted keys PKCS8 */
#define HAVE_PKCS7
#define WOLFSSL_MULTI_ATTRIB
#define WOLFSSL_DER_LOAD
#define ASN_BER_TO_DER /* BER to DER support */
#define WOLFSSL_SIGNER_DER_CERT
//#define HAVE_THREAD_LS /* DG Commented: Thread local storage - may not be portable */
//#define WOLFSSL_AEAD_ONLY /* automatically set if TLS v1.3 only, but can be enabled for TLS v1.2 manually */
/* TLS Features */
#define WOLFSSL_DTLS
#define WOLFSSL_TLS13
#define WOLFSSL_EITHER_SIDE /* allow generic server/client method for WOLFSSL_CTX new */
/* DG Disabled SSLv3 and TLSv1.0 - should avoid using */
//#define WOLFSSL_ALLOW_SSLV3
//#define WOLFSSL_ALLOW_TLSV10
/* TLS Extensions */
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_ONE_TIME_AUTH
#define HAVE_SNI
#define HAVE_ALPN
#define HAVE_MAX_FRAGMENT
#define HAVE_TRUNCATED_HMAC
#define HAVE_SESSION_TICKET
#define HAVE_EXTENDED_MASTER
#define HAVE_TRUSTED_CA
#define HAVE_ENCRYPT_THEN_MAC
/* TLS Session Cache */
#define SESSION_CERTS
#define PERSIST_SESSION_CACHE
#define PERSIST_CERT_CACHE
/* Key and Certificate Generation */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_EXT
/* Certificate Revocation */
#define HAVE_OCSP
#define HAVE_CERTIFICATE_STATUS_REQUEST
#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
#define HAVE_CRL
#define HAVE_CRL_IO
#define HAVE_IO_TIMEOUT
//#define HAVE_CRL_MONITOR /* DG Disabled (Monitors CRL files on filesystem) - not portable feature */
/* Fast math key size 4096-bit max */
#define USE_FAST_MATH
#define FP_MAX_BITS 8192
//#define HAVE___UINT128_T 1 /* DG commented: May not be portable */
/* Timing Resistance */
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
/* DH Key Sizes */
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
/* ECC Features */
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define WOLFSSL_CUSTOM_CURVES /* enable other curves (not just prime) */
#define HAVE_ECC_SECPR2
#define HAVE_ECC_SECPR3
#define HAVE_ECC_BRAINPOOL
#define HAVE_ECC_KOBLITZ
#define HAVE_ECC_CDH /* Co-factor */
#define HAVE_COMP_KEY /* Compressed key support */
#define FP_ECC /* Fixed point caching - speed repeated operations against same key */
#define HAVE_ECC_ENCRYPT
/* RSA */
#define WC_RSA_PSS
/* AES */
#define HAVE_AES_DECRYPT
#define HAVE_AES_ECB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_COUNTER
#define HAVE_AESGCM
#define HAVE_AESCCM
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_CFB
#define WOLFSSL_AES_XTS
#define HAVE_AES_KEYWRAP
/* Hashing */
#define WOLFSSL_SHA224
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define WOLFSSL_SHAKE256
#define WOLFSSL_SHA3
#define WOLFSSL_HASH_FLAGS /* enable hash flag API's */
/* Additional Algorithms */
#define HAVE_HASHDRBG
#define HAVE_CURVE25519
#define HAVE_ED25519
#define CURVED25519_SMALL
#define HAVE_CURVE448
#define HAVE_POLY1305
#define HAVE_CHACHA
#define HAVE_HKDF
#define HAVE_X963_KDF
#define WOLFSSL_CMAC
#define WOLFSSL_DES_ECB
/* Non-Standard Algorithms (DG disabled) */
//#define HAVE_CAMELLIA
//#define WOLFSSL_RIPEMD
//#define HAVE_SCRYPT
/* Encoding */
#define WOLFSSL_BASE16
#define WOLFSSL_BASE64_ENCODE
/* Openssl compatibility */
#if 0 /* DG Disabled */
/* Openssl compatibility API's */
#define OPENSSL_EXTRA
#define OPENSSL_ALL
#define HAVE_OPENSSL_CMD
#define SSL_TXT_TLSV1_2
#define SSL_TXT_TLSV1_1
#define OPENSSL_NO_SSL2
#define OPENSSL_NO_SSL3
#define NO_OLD_RNGNAME
#define NO_OLD_WC_NAMES
#define NO_OLD_SSL_NAMES
#define NO_OLD_SHA_NAMES
/* Openssl compatibility application specific */
#define WOLFSSL_LIBWEBSOCKETS
#define WOLFSSL_OPENSSH
#define WOLFSSL_QT
#define FORTRESS
#define HAVE_WEBSERVER
#define HAVE_LIGHTY
#define WOLFSSL_NGINX
#define WOLFSSL_HAPROXY
#define HAVE_STUNNEL
#define WOLFSSL_ASIO
#define ASIO_USE_WOLFSSL
#define BOOST_ASIO_USE_WOLFSSL
#endif
/* TLS static cipher support - off by default */
#if 0
#define WOLFSSL_STATIC_RSA
#define WOLFSSL_STATIC_DH
#define WOLFSSL_STATIC_PSK
#endif
/* TLS sniffer support - off by default */
#if 0
#define WOLFSSL_STATIC_EPHEMERAL
#define WOLFSSL_SNIFFER
#endif
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */

115
android/extern/wolfssl/examples/configs/user_settings_fipsv2.h vendored Normal file
View File

@@ -0,0 +1,115 @@
/* user_settings_fipsv2.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* should be renamed to user_settings.h for customer use
* generated from configure options:
* ./fips-check.sh linuxv2 keep
* XXX-fips-test\wolfssl\options.h
*
* Cleaned up by David Garske
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* FIPS Version 3 (3389 Certificate) */
#define HAVE_FIPS
#define HAVE_FIPS_VERSION 2
#define HAVE_HASHDRBG /* NIST Certified DRBG - SHA256 based */
#define HAVE_THREAD_LS
/* Math */
#define USE_FAST_MATH
/* Timing Resistance */
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
/* TLS Features */
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_EXTENDED_MASTER
#define HAVE_ENCRYPT_THEN_MAC
/* DH */
#undef NO_DH
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_Q
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_DH_DEFAULT_PARAMS
/* ECC */
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define HAVE_ECC_CDH
/* RSA */
#undef NO_RSA
#define WC_RSA_PSS
#define WOLFSSL_KEY_GEN
#define WC_RSA_NO_PADDING
/* AES */
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define HAVE_AESGCM
#define GCM_TABLE_4BIT
#define HAVE_AESCCM
#define WOLFSSL_AES_COUNTER
/* Hashing */
#undef NO_SHA
#undef NO_SHA256
#define WOLFSSL_SHA224
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define WOLFSSL_SHA3
#define HAVE_HKDF
/* Other */
#define WOLFSSL_CMAC
#define WOLFSSL_BASE64_ENCODE
/* Disabled Algorithms */
#define NO_DSA
#define NO_MD4
#define NO_PSK
#define NO_PWDBASED
#define NO_RC4
#define WOLFSSL_NO_SHAKE256
#define NO_RABBIT
#define NO_HC128
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_OPTIONS_H */

181
android/extern/wolfssl/examples/configs/user_settings_fipsv5.h vendored Normal file
View File

@@ -0,0 +1,181 @@
/* user_settings_fipsv5.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* should be renamed to user_settings.h for customer use
* generated from configure options:
* ./fips-check.sh linuxv5-dev keep
* XXX-fips-test\wolfssl\options.h
* ./configure --enable-fips=v5-dev
*
* Cleaned up by David Garske
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* FIPS Version 5.3 */
#define HAVE_FIPS
#define HAVE_FIPS_VERSION 5
#define HAVE_FIPS_VERSION_MINOR 3
#define HAVE_HASHDRBG /* NIST Certified DRBG - SHA256 based */
#define HAVE_THREAD_LS
/* Math */
#define USE_FAST_MATH
#define FP_MAX_BITS 16384
#define SP_INT_BITS 8192
#define WOLFSSL_PUBLIC_MP /* expose the mp_ math API's */
/* Timing Resistance */
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
/* FIPS Features */
#define WC_RNG_SEED_CB
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_KEYGEN
#define WOLFSSL_VALIDATE_FFC_IMPORT
/* TLS Features */
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_ENCRYPT_THEN_MAC
#define HAVE_SUPPORTED_CURVES
#define HAVE_EXTENDED_MASTER
#define HAVE_ONE_TIME_AUTH /* TLS extension used with Poly1305 */
/* TLS Resumption */
#define HAVE_SECURE_RENEGOTIATION
#define HAVE_SERVER_RENEGOTIATION_INFO
#define HAVE_SESSION_TICKET
/* Other Features */
#define WOLFSSL_USE_ALIGN
#define WOLFSSL_BASE64_ENCODE
#if 0 /* optionally enable CRL (Certificate Revocation List) */
#define HAVE_CRL
#endif
#define HAVE_EXT_CACHE
#define WOLFSSL_VERIFY_CB_ALL_CERTS
#define WOLFSSL_ALWAYS_VERIFY_CB
#define WOLFSSL_DH_EXTRA /* DHE ASN.1 key import/export support */
#ifndef WOLFSSL_WOLFSSH /* ifndef check required due to configure already generating flag */
#define WOLFSSL_WOLFSSH
#endif
/* Compatibility Layer */
#define OPENSSL_EXTRA
#if 0 /* if full suite of compatibility API's are needed */
#define OPENSSL_ALL
#endif
/* DH */
#undef NO_DH
#define HAVE_FFDHE_Q
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define HAVE_DH_DEFAULT_PARAMS
#define HAVE_PUBLIC_FFDHE
/* ECC */
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define HAVE_ECC_CDH
#define ECC_USER_CURVES
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ECC384
#define HAVE_ECC521
#define WOLFSSL_ECDSA_SET_K
/* RSA */
#undef NO_RSA
#define WC_RSA_PSS
#define WOLFSSL_KEY_GEN
#define WC_RSA_NO_PADDING
/* AES */
#undef NO_AES
#define WOLFSSL_AES_COUNTER
#define HAVE_AESCCM
#define HAVE_AES_ECB
#define WOLFSSL_AES_COUNTER
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_OFB
#define HAVE_AESGCM
#define GCM_TABLE_4BIT
#define WOLFSSL_CMAC
/* ChaCha/Poly */
#define HAVE_CHACHA
#define HAVE_POLY1305
/* Hashing */
#undef NO_SHA
#undef NO_SHA256
#define WOLFSSL_SHA224
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define WOLFSSL_NO_SHAKE256
#define WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_256
#define WOLFSSL_SHA3
#define HAVE_HKDF
/* Disabled Features */
#define NO_OLD_TLS
#define NO_PSK
/* Disabled Algorithms */
#define NO_RC4
#define NO_MD4
#define NO_MD5
#define NO_DES3
#define NO_DSA
#define NO_RABBIT
#define NO_HC128
#define WOLFSSL_NO_SHAKE256
/* Debugging */
#if 0
#define DEBUG_WOLFSSL
#else
/* #define NO_ERROR_STRINGS */
#endif
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */

110
android/extern/wolfssl/examples/configs/user_settings_min_ecc.h vendored Normal file
View File

@@ -0,0 +1,110 @@
/* user_settings_min_ecc.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* should be renamed to user_settings.h for customer use
* generated from configure options:
* ./configure \
--enable-cryptonly --enable-ecc --enable-sp \
--disable-rsa --disable-dh --disable-sha3 --disable-sha224 --disable-md5 \
--disable-sha --disable-pkcs12 --disable-memory \
--disable-chacha --disable-poly1305 --disable-sha512 --disable-sha384 \
--disable-aesgcm --disable-aescbc --disable-aes --disable-rng \
CFLAGS="-DNO_SIG_WRAPPER -DWOLFSSL_PUBLIC_MP -DECC_USER_CURVES \
-DNO_ECC_SIGN -DNO_ECC_DHE -DNO_ECC_KEY_EXPORT"
*
* Cleaned up by David Garske
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* WolfCrypt Only (no TLS) */
#define WOLFCRYPT_ONLY
/* Endianness - defaults to little endian */
#ifdef __BIG_ENDIAN__
#define BIG_ENDIAN_ORDER
#endif
/* Expose the math mp_ API's */
#define WOLFSSL_PUBLIC_MP
/* Use single precision math only */
#define WOLFSSL_SP
#define WOLFSSL_SP_SMALL
#define WOLFSSL_SP_MATH
#define WOLFSSL_HAVE_SP_ECC
/* Enable Timing Resistance */
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
/* Enable ECC */
#define HAVE_ECC
#define ECC_USER_CURVES /* Only 256-Bit Curves */
//#define ECC_SHAMIR
/* Optional Feature Disables */
#define NO_SIG_WRAPPER
//#define NO_ECC_KEY_EXPORT
//#define NO_ECC_DHE
//#define NO_ECC_SIGN
//#define NO_ECC_VERIFY
/* Disable Algorithms */
#define NO_AES
#define NO_AES_CBC
#define NO_DES3
#define NO_DSA
#define NO_RSA
#define NO_DH
#define NO_RC4
#define NO_MD4
#define NO_MD5
#define NO_SHA
#define NO_PWDBASED
#define NO_PKCS12
#define NO_PKCS8
//#define WC_NO_RNG
/* Disable Features */
//#define NO_ASN
//#define NO_CERTS
#define NO_WOLFSSL_MEMORY
#define WOLFSSL_NO_PEM
//#define NO_CODING
#define NO_PSK
#ifndef DEBUG_WOLFSSL
#define DEBUG_WOLFSSL
#define NO_ERROR_STRINGS
#endif
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */

584
android/extern/wolfssl/examples/configs/user_settings_stm32.h vendored Normal file
View File

@@ -0,0 +1,584 @@
/* wolfSSL_conf.h (example of generated wolfSSL.I-CUBE-wolfSSL_conf.h)
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* STM32 Cube Sample Configuration File
* Generated automatically using `default_conf.ftl` template
*
* Included automatically when USE_HAL_DRIVER is defined
* (and not WOLFSSL_USER_SETTINGS or HAVE_CONF_H).
*/
#ifndef __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__
#define __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__
/*---------- WOLF_CONF_DEBUG -----------*/
#define WOLF_CONF_DEBUG 0
/*---------- WOLF_CONF_WOLFCRYPT_ONLY -----------*/
#define WOLF_CONF_WOLFCRYPT_ONLY 0
/*---------- WOLF_CONF_TLS13 -----------*/
#define WOLF_CONF_TLS13 1
/*---------- WOLF_CONF_TLS12 -----------*/
#define WOLF_CONF_TLS12 1
/*---------- WOLF_CONF_DTLS -----------*/
#define WOLF_CONF_DTLS 0
/*---------- WOLF_CONF_MATH -----------*/
#define WOLF_CONF_MATH 4
/*---------- WOLF_CONF_RTOS -----------*/
#define WOLF_CONF_RTOS 2
/*---------- WOLF_CONF_RSA -----------*/
#define WOLF_CONF_RSA 1
/*---------- WOLF_CONF_ECC -----------*/
#define WOLF_CONF_ECC 1
/*---------- WOLF_CONF_DH -----------*/
#define WOLF_CONF_DH 1
/*---------- WOLF_CONF_AESGCM -----------*/
#define WOLF_CONF_AESGCM 1
/*---------- WOLF_CONF_AESCBC -----------*/
#define WOLF_CONF_AESCBC 0
/*---------- WOLF_CONF_CHAPOLY -----------*/
#define WOLF_CONF_CHAPOLY 1
/*---------- WOLF_CONF_EDCURVE25519 -----------*/
#define WOLF_CONF_EDCURVE25519 0
/*---------- WOLF_CONF_MD5 -----------*/
#define WOLF_CONF_MD5 0
/*---------- WOLF_CONF_SHA1 -----------*/
#define WOLF_CONF_SHA1 0
/*---------- WOLF_CONF_SHA2_224 -----------*/
#define WOLF_CONF_SHA2_224 0
/*---------- WOLF_CONF_SHA2_256 -----------*/
#define WOLF_CONF_SHA2_256 1
/*---------- WOLF_CONF_SHA2_384 -----------*/
#define WOLF_CONF_SHA2_384 0
/*---------- WOLF_CONF_SHA2_512 -----------*/
#define WOLF_CONF_SHA2_512 0
/*---------- WOLF_CONF_SHA3 -----------*/
#define WOLF_CONF_SHA3 0
/*---------- WOLF_CONF_PSK -----------*/
#define WOLF_CONF_PSK 0
/*---------- WOLF_CONF_PWDBASED -----------*/
#define WOLF_CONF_PWDBASED 0
/*---------- WOLF_CONF_KEEP_PEER_CERT -----------*/
#define WOLF_CONF_KEEP_PEER_CERT 0
/*---------- WOLF_CONF_BASE64_ENCODE -----------*/
#define WOLF_CONF_BASE64_ENCODE 0
/*---------- WOLF_CONF_OPENSSL_EXTRA -----------*/
#define WOLF_CONF_OPENSSL_EXTRA 0
/*---------- WOLF_CONF_TEST -----------*/
#define WOLF_CONF_TEST 1
/* ------------------------------------------------------------------------- */
/* Hardware platform */
/* ------------------------------------------------------------------------- */
#define NO_STM32_HASH
#define NO_STM32_CRYPTO
#if defined(STM32WB55xx)
#define WOLFSSL_STM32WB
#define WOLFSSL_STM32_PKA
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart1
#elif defined(STM32F407xx)
#define WOLFSSL_STM32F4
#define HAL_CONSOLE_UART huart2
#elif defined(STM32F437xx)
#define WOLFSSL_STM32F4
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define STM32_HAL_V2
#define HAL_CONSOLE_UART huart4
#elif defined(STM32F777xx)
#define WOLFSSL_STM32F7
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define STM32_HAL_V2
#define HAL_CONSOLE_UART huart2
#elif defined(STM32H753xx)
#define WOLFSSL_STM32H7
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart3
#elif defined(STM32L4A6xx)
#define WOLFSSL_STM32L4
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART hlpuart1
#elif defined(STM32L475xx)
#define WOLFSSL_STM32L4
#define HAL_CONSOLE_UART huart1
#elif defined(STM32L562xx)
#define WOLFSSL_STM32L5
#define WOLFSSL_STM32_PKA
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart1
#elif defined(STM32L552xx)
#define WOLFSSL_STM32L5
#undef NO_STM32_HASH
#define HAL_CONSOLE_UART hlpuart1
#elif defined(STM32F207xx)
#define WOLFSSL_STM32F2
#define HAL_CONSOLE_UART huart3
#elif defined(STM32F107xC)
#define WOLFSSL_STM32F1
#define HAL_CONSOLE_UART huart4
#define NO_STM32_RNG
#elif defined(STM32F401xE)
#define WOLFSSL_STM32F4
#define HAL_CONSOLE_UART huart2
#define NO_STM32_RNG
#define WOLFSSL_GENSEED_FORTEST
#elif defined(STM32G071xx)
#define WOLFSSL_STM32G0
#define HAL_CONSOLE_UART huart2
#define NO_STM32_RNG
#define WOLFSSL_GENSEED_FORTEST
#else
#warning Please define a hardware platform!
/* This means there is not a pre-defined platform for your board/CPU */
/* You need to define a CPU type, HW crypto and debug UART */
/* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4,
WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4 and WOLFSSL_STM32L5 */
#define WOLFSSL_STM32F4
/* Debug UART used for printf */
/* The UART interface number varies for each board/CPU */
/* Typically this is the UART attached to the ST-Link USB CDC UART port */
#define HAL_CONSOLE_UART huart4
/* Hardware Crypto - uncomment as available on hardware */
//#define WOLFSSL_STM32_PKA
//#define NO_STM32_RNG
//#undef NO_STM32_HASH
//#undef NO_STM32_CRYPTO
//#define WOLFSSL_GENSEED_FORTEST
//#define STM32_HAL_V2
#endif
/* ------------------------------------------------------------------------- */
/* Platform */
/* ------------------------------------------------------------------------- */
#define SIZEOF_LONG_LONG 8
#define WOLFSSL_GENERAL_ALIGNMENT 4
#define WOLFSSL_STM32_CUBEMX
#define WOLFSSL_SMALL_STACK
#define WOLFSSL_USER_IO
#define WOLFSSL_NO_SOCK
#define WOLFSSL_IGNORE_FILE_WARN
/* ------------------------------------------------------------------------- */
/* Operating System */
/* ------------------------------------------------------------------------- */
#if defined(WOLF_CONF_RTOS) && WOLF_CONF_RTOS == 2
#define FREERTOS
#else
#define SINGLE_THREADED
#endif
/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
/* 1=Fast, 2=Normal, 3=SP C, 4=SP Cortex-M */
#if defined(WOLF_CONF_MATH) && WOLF_CONF_MATH != 2
/* fast (stack) math */
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
/* Optimizations (TFM_ARM, TFM_ASM or none) */
//#define TFM_NO_ASM
//#define TFM_ASM
#endif
#if defined(WOLF_CONF_MATH) && (WOLF_CONF_MATH == 3 || WOLF_CONF_MATH == 4)
/* single precision only */
#define WOLFSSL_SP
#define WOLFSSL_SP_SMALL /* use smaller version of code */
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_MATH
#define SP_WORD_SIZE 32
//#define WOLFSSL_SP_NO_MALLOC
//#define WOLFSSL_SP_CACHE_RESISTANT
/* single precision Cortex-M only */
#if WOLF_CONF_MATH == 4
#define WOLFSSL_SP_ASM /* required if using the ASM versions */
#define WOLFSSL_SP_ARM_CORTEX_M_ASM
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Enable Features */
/* ------------------------------------------------------------------------- */
/* Required for TLS */
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_ENCRYPT_THEN_MAC
#define HAVE_EXTENDED_MASTER
#if defined(WOLF_CONF_TLS13) && WOLF_CONF_TLS13 == 1
#define WOLFSSL_TLS13
#define HAVE_HKDF
#endif
#if defined(WOLF_CONF_DTLS) && WOLF_CONF_DTLS == 1
#define WOLFSSL_DTLS
#endif
#if defined(WOLF_CONF_PSK) && WOLF_CONF_PSK == 0
#define NO_PSK
#endif
#if defined(WOLF_CONF_PWDBASED) && WOLF_CONF_PWDBASED == 0
#define NO_PWDBASED
#endif
#if defined(WOLF_CONF_KEEP_PEER_CERT) && WOLF_CONF_KEEP_PEER_CERT == 1
#define KEEP_PEER_CERT
#endif
#if defined(WOLF_CONF_BASE64_ENCODE) && WOLF_CONF_BASE64_ENCODE == 1
#define WOLFSSL_BASE64_ENCODE
#endif
#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA == 1
#define OPENSSL_EXTRA
#endif
/* TLS Session Cache */
#if 0
#define SMALL_SESSION_CACHE
#else
#define NO_SESSION_CACHE
#endif
/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
/* RSA */
#undef NO_RSA
#if defined(WOLF_CONF_RSA) && WOLF_CONF_RSA == 1
#ifdef USE_FAST_MATH
/* Maximum math bits (Max RSA key bits * 2) */
#undef FP_MAX_BITS
#define FP_MAX_BITS 4096
#endif
/* half as much memory but twice as slow */
#undef RSA_LOW_MEM
//#define RSA_LOW_MEM
/* Enables blinding mode, to prevent timing attacks */
#undef WC_RSA_BLINDING
#define WC_RSA_BLINDING
/* RSA PSS Support (required for TLS v1.3) */
#ifdef WOLFSSL_TLS13
#define WC_RSA_PSS
#endif
#else
#define NO_RSA
#endif
/* ECC */
#undef HAVE_ECC
#if defined(WOLF_CONF_ECC) && WOLF_CONF_ECC == 1
#define HAVE_ECC
/* Manually define enabled curves */
#define ECC_USER_CURVES
//#define HAVE_ECC192
//#define HAVE_ECC224
#undef NO_ECC256
//#define HAVE_ECC384
//#define HAVE_ECC521
/* Fixed point cache (speeds repeated operations against same private key) */
#undef FP_ECC
//#define FP_ECC
#ifdef FP_ECC
/* Bits / Entries */
#undef FP_ENTRIES
#define FP_ENTRIES 2
#undef FP_LUT
#define FP_LUT 4
#endif
/* Optional ECC calculation method */
/* Note: doubles heap usage, but slightly faster */
#undef ECC_SHAMIR
#define ECC_SHAMIR
/* Reduces heap usage, but slower */
#define ECC_TIMING_RESISTANT
/* Compressed ECC key support */
//#define HAVE_COMP_KEY
#ifdef USE_FAST_MATH
#ifdef NO_RSA
/* Custom fastmath size if not using RSA */
/* MAX = ROUND32(ECC BITS) * 2 */
#define FP_MAX_BITS (256 * 2)
#else
#define ALT_ECC_SIZE
#endif
/* Enable TFM optimizations for ECC */
//#define TFM_ECC192
//#define TFM_ECC224
//#define TFM_ECC256
//#define TFM_ECC384
//#define TFM_ECC521
#endif
#endif
/* DH */
#undef NO_DH
#if defined(WOLF_CONF_DH) && WOLF_CONF_DH == 1
#define HAVE_DH /* freeRTOS settings.h requires this */
#define HAVE_FFDHE_2048
#define HAVE_DH_DEFAULT_PARAMS
#else
#define NO_DH
#endif
/* AES */
#if defined(WOLF_CONF_AESGCM) && WOLF_CONF_AESGCM == 1
#define HAVE_AESGCM
/* GCM Method: GCM_SMALL, GCM_WORD32, GCM_TABLE or GCM_TABLE_4BIT */
/* GCM_TABLE is about 4K larger and 3x faster for GHASH */
#define GCM_SMALL
#define HAVE_AES_DECRYPT
#endif
#if defined(WOLF_CONF_AESCBC) && WOLF_CONF_AESCBC == 1
#define HAVE_AES_CBC
#define HAVE_AES_DECRYPT
#endif
/* Other possible AES modes */
//#define WOLFSSL_AES_COUNTER
//#define HAVE_AESCCM
//#define WOLFSSL_AES_XTS
//#define WOLFSSL_AES_DIRECT
//#define HAVE_AES_ECB
//#define HAVE_AES_KEYWRAP
//#define AES_MAX_KEY_SIZE 256
/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
#if defined(WOLF_CONF_CHAPOLY) && WOLF_CONF_CHAPOLY == 1
#define HAVE_CHACHA
#define HAVE_POLY1305
/* Needed for Poly1305 */
#undef HAVE_ONE_TIME_AUTH
#define HAVE_ONE_TIME_AUTH
#endif
/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
#if defined(WOLF_CONF_EDCURVE25519) && WOLF_CONF_EDCURVE25519 == 1
#define HAVE_CURVE25519
#define HAVE_ED25519
/* Optionally use small math (less flash usage, but much slower) */
#define CURVED25519_SMALL
#endif
/* ------------------------------------------------------------------------- */
/* Hashing */
/* ------------------------------------------------------------------------- */
/* Sha1 */
#undef NO_SHA
#if defined(WOLF_CONF_SHA1) && WOLF_CONF_SHA1 == 1
/* 1k smaller, but 25% slower */
//#define USE_SLOW_SHA
#else
#define NO_SHA
#endif
/* Sha2-256 */
#undef NO_SHA256
#if defined(WOLF_CONF_SHA2_256) && WOLF_CONF_SHA2_256 == 1
/* not unrolled - ~2k smaller and ~25% slower */
//#define USE_SLOW_SHA256
//#define WOLFSSL_SHAKE256
/* Sha2-224 */
#if defined(WOLF_CONF_SHA2_224) && WOLF_CONF_SHA2_224 == 1
#define WOLFSSL_SHA224
#endif
#else
#define NO_SHA256
#endif
/* Sha2-512 */
#undef WOLFSSL_SHA512
#if defined(WOLF_CONF_SHA2_512) && WOLF_CONF_SHA2_512 == 1
/* over twice as small, but 50% slower */
//#define USE_SLOW_SHA512
#define WOLFSSL_SHA512
#define HAVE_SHA512 /* freeRTOS settings.h requires this */
#endif
/* Sha2-384 */
#undef WOLFSSL_SHA384
#if defined(WOLF_CONF_SHA2_384) && WOLF_CONF_SHA2_384 == 1
#define WOLFSSL_SHA384
#endif
/* Sha3 */
#undef WOLFSSL_SHA3
#if defined(WOLF_CONF_SHA3) && WOLF_CONF_SHA3 == 1
#define WOLFSSL_SHA3
#endif
/* MD5 */
#if defined(WOLF_CONF_MD5) && WOLF_CONF_MD5 == 1
/* enabled */
#else
#define NO_MD5
#endif
/* ------------------------------------------------------------------------- */
/* Benchmark / Test */
/* ------------------------------------------------------------------------- */
/* Use reduced benchmark / test sizes */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_256
/* ------------------------------------------------------------------------- */
/* Debugging */
/* ------------------------------------------------------------------------- */
#if defined(WOLF_CONF_DEBUG) && WOLF_CONF_DEBUG == 1
#define DEBUG_WOLFSSL
/* Use this to measure / print heap usage */
#if 0
#define USE_WOLFSSL_MEMORY
#define WOLFSSL_TRACK_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#define WOLFSSL_DEBUG_MEMORY_PRINT
#endif
#else
//#define NO_WOLFSSL_MEMORY
//#define NO_ERROR_STRINGS
#endif
/* ------------------------------------------------------------------------- */
/* Port */
/* ------------------------------------------------------------------------- */
/* Override Current Time */
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
#define NO_OLD_RNGNAME /* conflicts with STM RNG macro */
#if !defined(WOLF_CONF_RNG) || WOLF_CONF_RNG == 1
/* default is enabled */
#define HAVE_HASHDRBG
#else /* WOLF_CONF_RNG == 0 */
#define WC_NO_HASHDRBG
#define WC_NO_RNG
#endif
/* ------------------------------------------------------------------------- */
/* Disable Features */
/* ------------------------------------------------------------------------- */
#if defined(WOLF_CONF_TLS12) && WOLF_CONF_TLS12 == 0
#define WOLFSSL_NO_TLS12
#endif
#if defined(WOLF_CONF_WOLFCRYPT_ONLY) && WOLF_CONF_WOLFCRYPT_ONLY == 1
#define WOLFCRYPT_ONLY
#endif
//#define NO_WOLFSSL_SERVER
//#define NO_WOLFSSL_CLIENT
#if defined(WOLF_CONF_TEST) && WOLF_CONF_TEST == 0
#define NO_CRYPT_TEST
#define NO_CRYPT_BENCHMARK
#endif
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define NO_DEV_RANDOM
#define NO_OLD_TLS
#define WOLFSSL_NO_CLIENT_AUTH /* disable client auth for Ed25519/Ed448 */
#define NO_DSA
#define NO_RC4
#define NO_MD4
#define NO_DES3
/* In-lining of misc.c functions */
/* If defined, must include wolfcrypt/src/misc.c in build */
/* Slower, but about 1k smaller */
//#define NO_INLINE
/* Base16 / Base64 encoding */
//#define NO_CODING
/* bypass certificate date checking, due to lack of properly configured RTC source */
#ifndef HAL_RTC_MODULE_ENABLED
#define NO_ASN_TIME
#endif
#ifdef __cplusplus
}
#endif
#endif /* __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__ */

539
android/extern/wolfssl/examples/configs/user_settings_template.h vendored Normal file
View File

@@ -0,0 +1,539 @@
/* user_settings_template.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Example wolfSSL user settings with #if 0/1 gates to enable/disable algorithms and features.
* This file is included with wolfssl/wolfcrypt/settings.h when WOLFSSL_USER_SETTINGS is defined.
* Based on IDE/GCC-ARM/Headers/user_settings.h
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* If TARGET_EMBEDDED is defined then small target settings are used */
#if !(defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__) || defined(_WIN32))
#define TARGET_EMBEDDED
#endif
/* ------------------------------------------------------------------------- */
/* Platform */
/* ------------------------------------------------------------------------- */
#define WOLFSSL_GENERAL_ALIGNMENT 4
#define SIZEOF_LONG_LONG 8
#if 0
#define NO_64BIT /* disable use of 64-bit variables */
#endif
#ifdef TARGET_EMBEDDED
/* disable mutex locking */
#define SINGLE_THREADED
/* reduce stack use. For variables over 100 bytes allocate from heap */
#define WOLFSSL_SMALL_STACK
/* disable the built-in socket support and use the IO callbacks.
* Set with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
*/
#define WOLFSSL_USER_IO
#endif
/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
#undef USE_FAST_MATH
#if 1
/* fast math (tfmc.) (stack based and timing resistant) */
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#else
/* normal heap based integer.c (not timing resistant) */
#endif
/* Wolf Single Precision Math */
#undef WOLFSSL_SP
#if 1
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
//#define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
//#define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
//#define WOLFSSL_SP_CACHE_RESISTANT
#define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
//#define WOLFSSL_SP_NO_MALLOC
//#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
#ifdef TARGET_EMBEDDED
/* use smaller version of code */
#define WOLFSSL_SP_SMALL
#else
/* SP Assembly Speedups - specific to chip type */
#define WOLFSSL_SP_ASM
#endif
//#define WOLFSSL_SP_X86_64
//#define WOLFSSL_SP_X86
//#define WOLFSSL_SP_ARM32_ASM
//#define WOLFSSL_SP_ARM64_ASM
//#define WOLFSSL_SP_ARM_THUMB_ASM
//#define WOLFSSL_SP_ARM_CORTEX_M_ASM
#endif
/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
/* RSA */
#undef NO_RSA
#if 1
#ifdef USE_FAST_MATH
/* Maximum math bits (Max RSA key bits * 2) */
#define FP_MAX_BITS 4096
#endif
/* half as much memory but twice as slow */
//#define RSA_LOW_MEM
/* Enables blinding mode, to prevent timing attacks */
#define WC_RSA_BLINDING
/* RSA PSS Support */
#define WC_RSA_PSS
#else
#define NO_RSA
#endif
/* DH */
#undef NO_DH
#if 1
/* Use table for DH instead of -lm (math) lib dependency */
#if 1
#define WOLFSSL_DH_CONST
#define HAVE_FFDHE_2048
//#define HAVE_FFDHE_4096
//#define HAVE_FFDHE_6144
//#define HAVE_FFDHE_8192
#endif
#else
#define NO_DH
#endif
/* ECC */
#undef HAVE_ECC
#if 1
#define HAVE_ECC
/* Manually define enabled curves */
#define ECC_USER_CURVES
#ifdef ECC_USER_CURVES
/* Manual Curve Selection */
//#define HAVE_ECC192
//#define HAVE_ECC224
#undef NO_ECC256
//#define HAVE_ECC384
//#define HAVE_ECC521
#endif
/* Fixed point cache (speeds repeated operations against same private key) */
//#define FP_ECC
#ifdef FP_ECC
/* Bits / Entries */
#define FP_ENTRIES 2
#define FP_LUT 4
#endif
/* Optional ECC calculation method */
/* Note: doubles heap usage, but slightly faster */
#define ECC_SHAMIR
/* Reduces heap usage, but slower */
#define ECC_TIMING_RESISTANT
/* Compressed ECC Key Support */
//#define HAVE_COMP_KEY
/* Use alternate ECC size for ECC math */
#ifdef USE_FAST_MATH
/* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
#if defined(NO_RSA) && defined(NO_DH)
/* Custom fastmath size if not using RSA/DH */
#define FP_MAX_BITS (256 * 2)
#else
/* use heap allocation for ECC points */
#define ALT_ECC_SIZE
/* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
/* Speedups specific to curve */
#ifndef NO_ECC256
#define TFM_ECC256
#endif
#endif
#endif
/* AES */
#undef NO_AES
#if 1
#define HAVE_AES_CBC
/* GCM Method: GCM_TABLE_4BIT, GCM_SMALL, GCM_WORD32 or GCM_TABLE */
#define HAVE_AESGCM
#ifdef TARGET_EMBEDDED
#define GCM_SMALL
#else
#define GCM_TABLE_4BIT
#endif
//#define WOLFSSL_AES_DIRECT
//#define HAVE_AES_ECB
//#define WOLFSSL_AES_COUNTER
//#define HAVE_AESCCM
#else
#define NO_AES
#endif
/* DES3 */
#undef NO_DES3
#if 0
#else
#define NO_DES3
#endif
/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
#if 1
#define HAVE_CHACHA
#define HAVE_POLY1305
/* Needed for Poly1305 */
#define HAVE_ONE_TIME_AUTH
#endif
/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
#if 0
#define HAVE_CURVE25519
#define HAVE_ED25519 /* ED25519 Requires SHA512 */
/* Optionally use small math (less flash usage, but much slower) */
#if 1
#define CURVED25519_SMALL
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Hashing */
/* ------------------------------------------------------------------------- */
/* Sha */
#undef NO_SHA
#if 1
/* 1k smaller, but 25% slower */
//#define USE_SLOW_SHA
#else
#define NO_SHA
#endif
/* Sha256 */
#undef NO_SHA256
#if 1
/* not unrolled - ~2k smaller and ~25% slower */
//#define USE_SLOW_SHA256
/* Sha224 */
#if 0
#define WOLFSSL_SHA224
#endif
#else
#define NO_SHA256
#endif
/* Sha512 */
#undef WOLFSSL_SHA512
#if 0
#define WOLFSSL_SHA512
/* Sha384 */
#undef WOLFSSL_SHA384
#if 0
#define WOLFSSL_SHA384
#endif
/* over twice as small, but 50% slower */
//#define USE_SLOW_SHA512
#endif
/* Sha3 */
#undef WOLFSSL_SHA3
#if 0
#define WOLFSSL_SHA3
#endif
/* MD5 */
#undef NO_MD5
#if 0
#else
#define NO_MD5
#endif
/* HKDF */
#undef HAVE_HKDF
#if 1
#define HAVE_HKDF
#endif
/* CMAC */
#undef WOLFSSL_CMAC
#if 0
#define WOLFSSL_CMAC
#endif
/* ------------------------------------------------------------------------- */
/* Benchmark / Test */
/* ------------------------------------------------------------------------- */
#ifdef TARGET_EMBEDDED
/* Use reduced benchmark / test sizes */
#define BENCH_EMBEDDED
#endif
/* Use test buffers from array (not filesystem) */
#ifndef NO_FILESYSTEM
#define USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_2048
#endif
/* ------------------------------------------------------------------------- */
/* Debugging */
/* ------------------------------------------------------------------------- */
#undef DEBUG_WOLFSSL
#undef NO_ERROR_STRINGS
#if 0
#define DEBUG_WOLFSSL
#else
#if 0
#define NO_ERROR_STRINGS
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Memory */
/* ------------------------------------------------------------------------- */
/* Override Memory API's */
#if 0
#define XMALLOC_OVERRIDE
/* prototypes for user heap override functions */
/* Note: Realloc only required for normal math */
#include <stddef.h> /* for size_t */
extern void *myMalloc(size_t n, void* heap, int type);
extern void myFree(void *p, void* heap, int type);
extern void *myRealloc(void *p, size_t n, void* heap, int type);
#define XMALLOC(n, h, t) myMalloc(n, h, t)
#define XFREE(p, h, t) myFree(p, h, t)
#define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
#endif
#if 0
/* Static memory requires fast math */
#define WOLFSSL_STATIC_MEMORY
/* Disable fallback malloc/free */
#define WOLFSSL_NO_MALLOC
#if 1
#define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
#endif
#endif
/* Memory callbacks */
#if 0
#undef USE_WOLFSSL_MEMORY
#define USE_WOLFSSL_MEMORY
/* Use this to measure / print heap usage */
#if 0
#define WOLFSSL_TRACK_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#endif
#else
#ifndef WOLFSSL_STATIC_MEMORY
#define NO_WOLFSSL_MEMORY
/* Otherwise we will use stdlib malloc, free and realloc */
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Port */
/* ------------------------------------------------------------------------- */
/* Override Current Time */
#if 0
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
#define WOLFSSL_GMTIME
#define USER_TICKS
extern unsigned long my_time(unsigned long* timer);
#define XTIME my_time
#endif
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
/* Choose RNG method */
#if 1
/* Custom Seed Source */
#if 0
/* Size of returned HW RNG value */
#define CUSTOM_RAND_TYPE unsigned int
extern unsigned int my_rng_seed_gen(void);
#undef CUSTOM_RAND_GENERATE
#define CUSTOM_RAND_GENERATE my_rng_seed_gen
#endif
/* Use built-in P-RNG (SHA256 based) with HW RNG */
/* P-RNG + HW RNG (P-RNG is ~8K) */
#undef HAVE_HASHDRBG
#define HAVE_HASHDRBG
#else
#undef WC_NO_HASHDRBG
#define WC_NO_HASHDRBG
/* Bypass P-RNG and use only HW RNG */
extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
#undef CUSTOM_RAND_GENERATE_BLOCK
#define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#endif
/* ------------------------------------------------------------------------- */
/* Custom Standard Lib */
/* ------------------------------------------------------------------------- */
/* Allows override of all standard library functions */
#undef STRING_USER
#if 0
#define STRING_USER
#include <string.h>
#define USE_WOLF_STRSEP
#define XSTRSEP(s1,d) wc_strsep((s1),(d))
#define USE_WOLF_STRTOK
#define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#define XSNPRINTF snprintf
#endif
/* ------------------------------------------------------------------------- */
/* Enable Features */
/* ------------------------------------------------------------------------- */
#define WOLFSSL_TLS13
#define WOLFSSL_OLD_PRIME_CHECK /* Use faster DH prime checking */
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define WOLFSSL_BASE64_ENCODE
//#define WOLFSSL_KEY_GEN /* For RSA Key gen only */
//#define KEEP_PEER_CERT
//#define HAVE_COMP_KEY
/* TLS Session Cache */
#if 0
#define SMALL_SESSION_CACHE
#else
#define NO_SESSION_CACHE
#endif
/* ------------------------------------------------------------------------- */
/* Disable Features */
/* ------------------------------------------------------------------------- */
//#define NO_WOLFSSL_SERVER
//#define NO_WOLFSSL_CLIENT
//#define NO_CRYPT_TEST
//#define NO_CRYPT_BENCHMARK
//#define WOLFCRYPT_ONLY
/* In-lining of misc.c functions */
/* If defined, must include wolfcrypt/src/misc.c in build */
/* Slower, but about 1k smaller */
//#define NO_INLINE
#ifdef TARGET_EMBEDDED
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define NO_DEV_RANDOM
#endif
#define NO_OLD_TLS
#define NO_PSK
#define NO_DSA
#define NO_RC4
#define NO_MD4
#define NO_PWDBASED
//#define NO_CODING
//#define NO_ASN_TIME
//#define NO_CERTS
//#define NO_SIG_WRAPPER
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */

95
android/extern/wolfssl/examples/configs/user_settings_wolfboot_keytools.h vendored Normal file
View File

@@ -0,0 +1,95 @@
/* user_settings_wolfboot_keytools.h
*
* wolfCrypt build settings for wolfBoot keygen and signing tool
* Enabled via WOLFSSL_USER_SETTINGS.
*
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef H_USER_SETTINGS_
#define H_USER_SETTINGS_
#include <stdint.h>
/* System */
#define WOLFSSL_GENERAL_ALIGNMENT 4
#define SINGLE_THREADED
#define WOLFCRYPT_ONLY
#define SIZEOF_LONG_LONG 8
/* Math */
#define WOLFSSL_SP
#define WOLFSSL_SP_NO_3072
#define USE_FAST_MATH
#define FP_MAX_BITS (4096 * 2)
#define TFM_TIMING_RESISTANT
/* ECC */
#define HAVE_ECC
#define WOLFSSL_HAVE_SP_ECC
#define ECC_TIMING_RESISTANT
/* ED25519 */
#define HAVE_ED25519
#define CURVED25519_SMALL
/* RSA */
#define HAVE_RSA
#define WOLFSSL_HAVE_SP_RSA
#define WC_RSA_BLINDING
#define WOLFSSL_KEY_GEN
/* Hashing */
#define WOLFSSL_SHA512 /* Required for ED25519 */
#define WOLFSSL_SHA3
#undef NO_SHA256
/* Chacha stream cipher */
#define HAVE_CHACHA
/* Disables */
#define NO_AES
#define NO_CMAC
#define NO_HMAC
#define NO_RC4
#define NO_SHA
#define NO_DH
#define NO_DSA
#define NO_MD4
#define NO_MD5
#define NO_SIG_WRAPPER
#define NO_CERT
#define NO_SESSION_CACHE
#define NO_DES3
#define NO_PWDBASED
#define NO_WRITEV
#define NO_FILESYSTEM
//#define NO_MAIN_DRIVER
#define NO_OLD_RNGNAME
#define NO_WOLFSSL_DIR
#define WOLFSSL_NO_SOCK
#define WOLFSSL_IGNORE_FILE_WARN
#define NO_ERROR_STRINGS
#define BENCH_EMBEDDED
#define NO_CRYPT_TEST
#define NO_CRYPT_BENCHMARK
#endif /* !H_USER_SETTINGS_ */