Xuyi Wang / wolfSSL

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

Diff: wolfssl/wolfcrypt/settings.h

Revision:
12:1a06964c2adb
Parent:
10:6c2db0c97d5a
Child:
14:167253f4e170
--- a/wolfssl/wolfcrypt/settings.h	Tue May 30 01:44:10 2017 +0000
+++ b/wolfssl/wolfcrypt/settings.h	Tue Aug 22 10:47:28 2017 +0000
@@ -150,10 +150,16 @@
 /* Uncomment next line if building for RIOT-OS */
 /* #define WOLFSSL_RIOT_OS */
 
+/* Uncomment next line if building for using XILINX hardened crypto */
+/* #define WOLFSSL_XILINX_CRYPT */
+
+/* Uncomment next line if building for using XILINX */
+/* #define WOLFSSL_XILINX */
+
 #include <wolfssl/wolfcrypt/visibility.h>
 #define WOLFSSL_USER_SETTINGS
 #ifdef WOLFSSL_USER_SETTINGS
-    #include <user_settings.h>
+    #include "user_settings.h"
 #endif
 
 
@@ -174,7 +180,10 @@
 #endif
 
 #ifdef HAVE_NETX
-    #include "nx_api.h"
+    #ifdef NEED_THREADX_TYPES
+        #include <types.h>
+    #endif
+    #include <nx_api.h>
 #endif
 
 #if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
@@ -208,19 +217,15 @@
     #define NO_FILESYSTEM
     #define USE_FAST_MATH
     #define TFM_TIMING_RESISTANT
-    #define NEED_AES_TABLES
     #define WOLFSSL_HAVE_MIN
+    #define WOLFSSL_HAVE_MAX
+    #define NO_BIG_INT
 #endif
 
 #ifdef WOLFSSL_MICROCHIP_PIC32MZ
-    #define WOLFSSL_PIC32MZ_CE
     #define WOLFSSL_PIC32MZ_CRYPT
-    #define HAVE_AES_ENGINE
     #define WOLFSSL_PIC32MZ_RNG
-    /* #define WOLFSSL_PIC32MZ_HASH */
-    #define WOLFSSL_AES_COUNTER
-    #define HAVE_AESGCM
-    #define NO_BIG_INT
+    #define WOLFSSL_PIC32MZ_HASH
 #endif
 
 #ifdef MICROCHIP_TCPIP_V5
@@ -321,6 +326,7 @@
     #endif
     #define WOLFSSL_PTHREADS
     #define WOLFSSL_HAVE_MIN
+    #define WOLFSSL_HAVE_MAX
     #define USE_FAST_MATH
     #define TFM_TIMING_RESISTANT
     #define NO_MAIN_DRIVER
@@ -415,9 +421,8 @@
     #define NO_WRITEV
     #define TFM_NO_ASM
     #define USE_FAST_MATH
-    #define NO_FILE_SYSTEM
+    #define NO_FILESYSTEM
     #define USE_CERT_BUFFERS_2048
-    #define HAVE_ECC
 #endif
 
 #ifdef WOLFSSL_NRF5x
@@ -686,6 +691,7 @@
         #include "mfs.h"
         #if MQX_USE_IO_OLD
             #include "fio.h"
+            #define NO_STDIO_FILESYSTEM
         #else
             #include "nio.h"
         #endif
@@ -694,6 +700,7 @@
         #include "mutex.h"
     #endif
 
+    #define XMALLOC_OVERRIDE
     #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
     #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
     /* Note: MQX has no realloc, using fastmath above */
@@ -804,7 +811,8 @@
 
     #ifdef FREESCALE_KSDK_1_3
         #include "fsl_device_registers.h"
-    #else
+    #elif !defined(FREESCALE_MQX)
+        /* Classic MQX does not have fsl_common.h */
         #include "fsl_common.h"
     #endif
 
@@ -849,6 +857,14 @@
     #endif
 #endif /* FREESCALE_COMMON */
 
+/* Classic pre-KSDK mmCAU library */
+#ifdef FREESCALE_USE_MMCAU_CLASSIC
+    #define FREESCALE_USE_MMCAU
+    #define FREESCALE_MMCAU_CLASSIC
+    #define FREESCALE_MMCAU_CLASSIC_SHA
+#endif
+
+/* KSDK mmCAU library */
 #ifdef FREESCALE_USE_MMCAU
     /* AES and DES */
     #define FREESCALE_MMCAU
@@ -1223,6 +1239,28 @@
 #endif /* WOLFSSL_QL */
 
 
+#if defined(WOLFSSL_XILINX)
+    #define USER_TIME /* XTIME in asn.c */
+    #define NO_WOLFSSL_DIR
+    #define NO_DEV_RANDOM
+    #define HAVE_AESGCM
+#endif
+
+#if defined(WOLFSSL_XILINX_CRYPT)
+    #if defined(WOLFSSL_ARMASM)
+        #error can not use both ARMv8 instructions and XILINX hardened crypto
+    #endif
+    #if defined(WOLFSSL_SHA3)
+        /* only SHA3-384 is supported */
+        #undef WOLFSSL_NOSHA3_224
+        #undef WOLFSSL_NOSHA3_256
+        #undef WOLFSSL_NOSHA3_512
+        #define WOLFSSL_NOSHA3_224
+        #define WOLFSSL_NOSHA3_256
+        #define WOLFSSL_NOSHA3_512
+    #endif
+#endif /*(WOLFSSL_XILINX_CRYPT)*/
+
 #if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
     !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
     !defined(XMALLOC_OVERRIDE)
@@ -1252,24 +1290,42 @@
 #endif
 
 #ifdef WOLFSSL_SGX
-    #define WOLFCRYPT_ONLY   /* limitation until IO resolved */
+    #ifdef _MSC_VER
+        #define WOLFCRYPT_ONLY
+        #define NO_RC4
+        #define NO_DES3
+        #define NO_SHA
+        #define NO_MD5
+    #else
+        #define HAVE_ECC
+        #define ECC_TIMING_RESISTANT
+        #define TFM_TIMING_RESISTANT
+        #define NO_FILESYSTEM
+        #define NO_WRITEV
+        #define NO_MAIN_DRIVER
+        #define USER_TICKS
+        #define WOLFSSL_LOG_PRINTF
+        #define WOLFSSL_DH_CONST
+    #endif /* _MSC_VER */
+    #ifndef NO_RSA
+        #define WC_RSA_BLINDING
+    #endif
     #define SINGLE_THREADED
     #define NO_ASN_TIME /* can not use headers such as windows.h */
-
-    /* options used in created example */
     #define HAVE_AESGCM
     #define USE_CERT_BUFFERS_2048
     #define USE_FAST_MATH
-    #define NO_RC4
-    #define NO_DES3
-    #define NO_SHA
-    #define NO_MD5
 #endif /* WOLFSSL_SGX */
 
 /* FreeScale MMCAU hardware crypto has 4 byte alignment.
-   However, fsl_mmcau.h gives API with no alignment requirements (4 byte alignment is managed internally by fsl_mmcau.c) */
+   However, KSDK fsl_mmcau.h gives API with no alignment
+   requirements (4 byte alignment is managed internally by fsl_mmcau.c) */
 #ifdef FREESCALE_MMCAU
-    #define WOLFSSL_MMCAU_ALIGNMENT 0
+    #ifdef FREESCALE_MMCAU_CLASSIC
+        #define WOLFSSL_MMCAU_ALIGNMENT 4
+    #else
+        #define WOLFSSL_MMCAU_ALIGNMENT 0
+    #endif
 #endif
 
 /* if using hardware crypto and have alignment requirements, specify the
@@ -1280,7 +1336,7 @@
         #define WOLFSSL_GENERAL_ALIGNMENT 16
     #elif defined(XSTREAM_ALIGN)
         #define WOLFSSL_GENERAL_ALIGNMENT  4
-    #elif defined(FREESCALE_MMCAU)
+    #elif defined(FREESCALE_MMCAU) || defined(FREESCALE_MMCAU_CLASSIC)
         #define WOLFSSL_GENERAL_ALIGNMENT  WOLFSSL_MMCAU_ALIGNMENT
     #else
         #define WOLFSSL_GENERAL_ALIGNMENT  0
@@ -1565,6 +1621,31 @@
     #define SSL_CTRL_SET_TLSEXT_HOSTNAME
 #endif
 
+/* both CURVE and ED small math should be enabled */
+#ifdef CURVED25519_SMALL
+        #define CURVE25519_SMALL
+        #define ED25519_SMALL
+#endif
+
+
+#ifndef WOLFSSL_ALERT_COUNT_MAX
+    #define WOLFSSL_ALERT_COUNT_MAX 5
+#endif
+
+/* warning for not using harden build options (default with ./configure) */
+#ifndef WC_NO_HARDEN
+    #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
+        (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
+        (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))
+
+        #ifndef _MSC_VER
+            #warning "For timing resistance / side-channel attack prevention consider using harden options"
+        #else
+            #pragma message("Warning: For timing resistance / side-channel attack prevention consider using harden options")
+        #endif
+    #endif
+#endif
+
 #ifdef __cplusplus
     }   /* extern "C" */
 #endif