Xuyi Wang
/
wolfSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Diff: wolfssl/wolfcrypt/settings.h
- Revision:
- 10:6c2db0c97d5a
- Parent:
- 9:52ec7c02b1e1
- Child:
- 12:1a06964c2adb
diff -r 52ec7c02b1e1 -r 6c2db0c97d5a wolfssl/wolfcrypt/settings.h
--- a/wolfssl/wolfcrypt/settings.h Tue May 02 08:47:53 2017 +0000
+++ b/wolfssl/wolfcrypt/settings.h Tue May 30 01:43:52 2017 +0000
@@ -151,7 +151,6 @@
/* #define WOLFSSL_RIOT_OS */
#include <wolfssl/wolfcrypt/visibility.h>
-
#define WOLFSSL_USER_SETTINGS
#ifdef WOLFSSL_USER_SETTINGS
#include <user_settings.h>
@@ -368,7 +367,7 @@
#define USE_CERT_BUFFERS_2048
/* uTasker port uses RAW sockets, use I/O callbacks
- * See wolfSSL uTasker example for sample callbacks */
+ * See wolfSSL uTasker example for sample callbacks */
#define WOLFSSL_USER_IO
/* uTasker filesystem not ported */
@@ -422,26 +421,26 @@
#endif
#ifdef WOLFSSL_NRF5x
- #define SIZEOF_LONG 4
- #define SIZEOF_LONG_LONG 8
- #define NO_ASN_TIME
- #define NO_DEV_RANDOM
- #define NO_FILESYSTEM
- #define NO_MAIN_DRIVER
- #define NO_WRITEV
- #define SINGLE_THREADED
- #define USE_FAST_MATH
- #define TFM_TIMING_RESISTANT
- #define USE_WOLFSSL_MEMORY
- #define WOLFSSL_NRF51
- #define WOLFSSL_USER_IO
- #define NO_SESSION_CACHE
+ #define SIZEOF_LONG 4
+ #define SIZEOF_LONG_LONG 8
+ #define NO_ASN_TIME
+ #define NO_DEV_RANDOM
+ #define NO_FILESYSTEM
+ #define NO_MAIN_DRIVER
+ #define NO_WRITEV
+ #define SINGLE_THREADED
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+ #define USE_WOLFSSL_MEMORY
+ #define WOLFSSL_NRF51
+ #define WOLFSSL_USER_IO
+ #define NO_SESSION_CACHE
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
- !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_EROAD) && \
- !defined(WOLFSSL_UTASKER)
+ !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_EROAD) && \
+ !defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
#define USE_WINDOWS_API
#endif
@@ -461,36 +460,38 @@
#endif
#if defined(WOLFSSL_uTKERNEL2)
-#define WOLFSSL_CLOSESOCKET
-#define XMALLOC_USER
-int uTKernel_init_mpool(unsigned int sz) ; /* initializing malloc pool */
-void *uTKernel_malloc(unsigned int sz) ;
-void *uTKernel_realloc(void *p, unsigned int sz) ;
-void uTKernel_free(void *p) ;
-#define XMALLOC(s, h, type) uTKernel_malloc((s))
-#define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n))
-#define XFREE(p, h, type) uTKernel_free((p))
+ #ifndef NO_TKERNEL_MEM_POOL
+ #define XMALLOC_OVERRIDE
+ int uTKernel_init_mpool(unsigned int sz); /* initializing malloc pool */
+ void* uTKernel_malloc(unsigned int sz);
+ void* uTKernel_realloc(void *p, unsigned int sz);
+ void uTKernel_free(void *p);
+ #define XMALLOC(s, h, type) uTKernel_malloc((s))
+ #define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n))
+ #define XFREE(p, h, type) uTKernel_free((p))
+ #endif
+
+ #ifndef NO_STDIO_FGETS_REMAP
+ #include <stdio.h>
+ #include "tm/tmonitor.h"
-#include <stdio.h>
-#include "tm/tmonitor.h"
-static char *fgets(char *buff, int sz, FILE *fp)
-/*static char * gets(char *buff)*/
-{
- char * p = buff ;
- *p = '\0' ;
- while(1) {
- *p = tm_getchar(-1) ;
- tm_putchar(*p) ;
- if(*p == '\r') {
- tm_putchar('\n') ;
- *p = '\0' ;
- break ;
+ /* static char* gets(char *buff); */
+ static char* fgets(char *buff, int sz, FILE *fp) {
+ char * p = buff;
+ *p = '\0';
+ while (1) {
+ *p = tm_getchar(-1);
+ tm_putchar(*p);
+ if (*p == '\r') {
+ tm_putchar('\n');
+ *p = '\0';
+ break;
+ }
+ p++;
}
- p ++ ;
+ return buff;
}
- return buff ;
-}
-
+ #endif /* !NO_STDIO_FGETS_REMAP */
#endif
@@ -731,12 +732,12 @@
/* WOLFSSL_DH_CONST */
#define NO_FILESYSTEM
#define WOLFSSL_CRYPT_HW_MUTEX 1
-
+
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY)
#define XMALLOC(s, h, type) pvPortMalloc((s))
#define XFREE(p, h, type) vPortFree((p))
#endif
-
+
//#define USER_TICKS
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
@@ -758,7 +759,9 @@
#define WOLFSSL_USER_IO
#define SINGLE_THREADED
#define NO_FILESYSTEM
- #define USER_TICKS
+ #ifndef TIME_OVERRIDES
+ #define USER_TICKS
+ #endif
#endif /* FREESCALE_KSDK_BM */
#ifdef FREESCALE_COMMON
@@ -799,14 +802,24 @@
#define WOLFSSL_AES_DIRECT
#endif
- #include "fsl_common.h"
+ #ifdef FREESCALE_KSDK_1_3
+ #include "fsl_device_registers.h"
+ #else
+ #include "fsl_common.h"
+ #endif
/* random seed */
#define NO_OLD_RNGNAME
#if defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
#define FREESCALE_KSDK_2_0_TRNG
#elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0)
- #define FREESCALE_KSDK_2_0_RNGA
+ #ifdef FREESCALE_KSDK_1_3
+ #include "fsl_rnga_driver.h"
+ #define FREESCALE_RNGA
+ #define RNGA_INSTANCE (0)
+ #else
+ #define FREESCALE_KSDK_2_0_RNGA
+ #endif
#elif !defined(FREESCALE_KSDK_BM) && !defined(FREESCALE_FREE_RTOS) && !defined(FREESCALE_KSDK_FREERTOS)
#define FREESCALE_RNGA
#define RNGA_INSTANCE (0)
@@ -855,7 +868,7 @@
#if defined(FSL_FEATURE_LTC_HAS_GCM) && FSL_FEATURE_LTC_HAS_GCM
#define FREESCALE_LTC_AES_GCM
#endif
-
+
#if defined(FSL_FEATURE_LTC_HAS_SHA) && FSL_FEATURE_LTC_HAS_SHA
#define FREESCALE_LTC_SHA
#endif
@@ -870,12 +883,12 @@
#define LTC_MAX_INT_BYTES (256)
#endif
- /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined.
+ /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined.
* In such a case both software and hardware algorithm
* for TFM is linked in. The decision for which algorithm is used is determined at runtime
* from size of inputs. If inputs and result can fit into LTC (see LTC_MAX_INT_BYTES)
* then we call hardware algorithm, otherwise we call software algorithm.
- *
+ *
* Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and private key)
* into several computations with 2048-bit modulus and exponents.
*/
@@ -887,7 +900,7 @@
#define ECC_TIMING_RESISTANT
/* the LTC PKHA hardware limit is 512 bits (64 bytes) for ECC.
- the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters
+ the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters
and point coordinates */
#ifndef LTC_MAX_ECC_BITS
#define LTC_MAX_ECC_BITS (384)
@@ -947,9 +960,9 @@
#define NO_OLD_RNGNAME
#ifdef WOLFSSL_STM32_CUBEMX
#include "stm32f2xx_hal.h"
- #ifndef STM32_HAL_TIMEOUT
- #define STM32_HAL_TIMEOUT 0xFF
- #endif
+ #ifndef STM32_HAL_TIMEOUT
+ #define STM32_HAL_TIMEOUT 0xFF
+ #endif
#else
#include "stm32f2xx.h"
#include "stm32f2xx_cryp.h"
@@ -973,9 +986,9 @@
#endif
#ifdef WOLFSSL_STM32_CUBEMX
#include "stm32f4xx_hal.h"
- #ifndef STM32_HAL_TIMEOUT
- #define STM32_HAL_TIMEOUT 0xFF
- #endif
+ #ifndef STM32_HAL_TIMEOUT
+ #define STM32_HAL_TIMEOUT 0xFF
+ #endif
#else
#include "stm32f4xx.h"
#include "stm32f4xx_cryp.h"
@@ -1211,7 +1224,8 @@
#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
- !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY)
+ !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
+ !defined(XMALLOC_OVERRIDE)
#define USE_WOLFSSL_MEMORY
#endif
@@ -1231,6 +1245,12 @@
#endif
#endif
+/* write dup cannot be used with secure renegotiation because write dup
+ * make write side write only and read side read only */
+#if defined(HAVE_WRITE_DUP) && defined(HAVE_SECURE_RENEGOTIATION)
+ #error "WRITE DUP and SECURE RENEGOTIATION cannot both be on"
+#endif
+
#ifdef WOLFSSL_SGX
#define WOLFCRYPT_ONLY /* limitation until IO resolved */
#define SINGLE_THREADED
@@ -1403,12 +1423,6 @@
#define WOLFSSL_MIN_AUTH_TAG_SZ 12
#endif
-/* If not forcing ARC4 as the DRBG or using custom RNG block gen, enable Hash_DRBG */
-#undef HAVE_HASHDRBG
-#if !defined(WOLFSSL_FORCE_RC4_DRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK)
- #define HAVE_HASHDRBG
-#endif
-
/* sniffer requires:
* static RSA cipher suites
@@ -1453,11 +1467,25 @@
#undef HAVE_WOLF_EVENT
#define HAVE_WOLF_EVENT
+ #ifdef WOLFSSL_ASYNC_CRYPT_TEST
+ #define WC_ASYNC_DEV_SIZE 320+24
+ #else
+ #define WC_ASYNC_DEV_SIZE 320
+ #endif
+
#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
!defined(WOLFSSL_ASYNC_CRYPT_TEST)
#error No async hardware defined with WOLFSSL_ASYNC_CRYPT!
#endif
+
+ /* Enable ECC_CACHE_CURVE for ASYNC */
+ #if !defined(ECC_CACHE_CURVE)
+ #define ECC_CACHE_CURVE
+ #endif
#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifndef WC_ASYNC_DEV_SIZE
+ #define WC_ASYNC_DEV_SIZE 0
+#endif
/* leantls checks */
#ifdef WOLFSSL_LEANTLS
@@ -1494,6 +1522,16 @@
#endif
#endif
+#if !defined(WOLFCRYPT_ONLY) && !defined(NO_OLD_TLS) && \
+ (defined(NO_SHA) || defined(NO_MD5))
+ #error old TLS requires MD5 and SHA
+#endif
+
+/* for backwards compatibility */
+#if defined(TEST_IPV6) && !defined(WOLFSSL_IPV6)
+ #define WOLFSSL_IPV6
+#endif
+
/* Place any other flags or defines here */
@@ -1502,6 +1540,30 @@
#undef HAVE_GMTIME_R /* don't trust macro with windows */
#endif /* WOLFSSL_MYSQL_COMPATIBLE */
+#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+ #define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION
+ #define OPENSSL_NO_ENGINE
+ #define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
+ #ifndef OPENSSL_EXTRA
+ #define OPENSSL_EXTRA
+ #endif
+ #ifndef HAVE_SESSION_TICKET
+ #define HAVE_SESSION_TICKET
+ #endif
+ #ifndef HAVE_OCSP
+ #define HAVE_OCSP
+ #endif
+ #ifndef KEEP_OUR_CERT
+ #define KEEP_OUR_CERT
+ #endif
+ #ifndef HAVE_SNI
+ #define HAVE_SNI
+ #endif
+#endif
+
+#if defined(WOLFSSL_NGINX)
+ #define SSL_CTRL_SET_TLSEXT_HOSTNAME
+#endif
#ifdef __cplusplus
} /* extern "C" */