From 94e031e9052ea8c8d263c1f6134ce7502d8f6ca4 Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Mon, 25 Mar 2024 14:47:00 -0600 Subject: [PATCH] Manually check-in pre-operational-testing changes for WinCE port effort --- IDE/WINCE/user_settings.h | 980 +++++++++++++++++++++++++++--------- wolfcrypt/src/wc_port.c | 3 +- wolfssl/wolfcrypt/wc_port.h | 8 +- 3 files changed, 745 insertions(+), 246 deletions(-) diff --git a/IDE/WINCE/user_settings.h b/IDE/WINCE/user_settings.h index 2c472db89e..228ed9b739 100644 --- a/IDE/WINCE/user_settings.h +++ b/IDE/WINCE/user_settings.h @@ -1,21 +1,93 @@ -#ifndef _WIN_USER_SETTINGS_H_ -#define _WIN_USER_SETTINGS_H_ +/* user_settings.h + * + * Copyright (C) 2006-2024 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +/* Custom wolfSSL user settings for GCC ARM */ + +#ifndef WOLFSSL_USER_SETTINGS_H +#define WOLFSSL_USER_SETTINGS_H +#ifdef __cplusplus +extern "C" { +#endif + +/* ------------------------------------------------------------------------- */ +/* Platform */ +/* ------------------------------------------------------------------------- */ +#undef WOLFSSL_GENERAL_ALIGNMENT +#define WOLFSSL_GENERAL_ALIGNMENT 4 -/* For FIPS Ready, uncomment the following: */ -/* #define WOLFSSL_FIPS_READY */ -#ifdef WOLFSSL_FIPS_READY - #undef HAVE_FIPS_VERSION - #define HAVE_FIPS_VERSION 3 +/* Multi-threaded support */ +#undef SINGLE_THREADED +#if 0 + #define SINGLE_THREADED +#else + #define ERROR_QUEUE_PER_THREAD /* if applicable otherwise comment out */ +#endif + +#ifdef SINGLE_THREADED + #undef NO_THREAD_LS + #define NO_THREAD_LS #endif +#undef WOLFSSL_USER_IO +//#define WOLFSSL_USER_IO + +#undef NO_WRITE_TEMP_FILES +#define NO_WRITE_TEMP_FILES -/* Verify this is Windows */ -#ifndef _WIN32 -#error This user_settings.h header is only designed for Windows +/* FIPS 140-3 OE specific section(s) */ + +/* Uncomment for Android devices */ +#undef ANDROID_V454 +/* #define ANDROID_V454 */ +#ifdef ANDROID_V454 + #if 1 + /* To have all printouts go to the app view on the device use: */ + extern int appendToTextView(const char* fmt, ...); + #undef printf + #define printf(format, ...) appendToTextView(format, ## __VA_ARGS__) + #else + #include + #define WOLFLOGV(...) __android_log_print(ANDROID_LOG_VERBOSE, "wolfCrypt_android", __VA_ARGS__) + #undef printf + #define printf WOLFLOGV + #endif #endif -/* Configurations */ -#define WOLFCRYPT_ONLY +/* Uncomment for WINCE 6.0 devices. NOTE: _WIN32_WCE defined by system */ +#if 1 + #define NO_WOLFSSL_DIR + #define WOLFSSL_NO_ATOMICS + #define WC_NO_ASYNC_THREADING + #define USE_WINDOWS_API + #define WOLFSSL_SMALL_STACK + #define MAX_SUPPORTED_THREADS 1024 + #define MAX_SUPPORTED_PRIV_KEYS 1024 + #define MAX_CONFIGURED_THREAD 512 +#endif + +/* ------------------------------------------------------------------------- */ +/* Math Configuration */ +/* ------------------------------------------------------------------------- */ +#undef SIZEOF_LONG_LONG +#define SIZEOF_LONG_LONG 8 #undef USE_FAST_MATH #if 1 @@ -24,26 +96,39 @@ #undef TFM_TIMING_RESISTANT #define TFM_TIMING_RESISTANT + #undef TFM_NO_ASM + #define TFM_NO_ASM + /* Optimizations */ //#define TFM_ARM + + /* Maximum math bits (Max RSA key bits * 2) */ + #undef FP_MAX_BITS + #define FP_MAX_BITS 16384 +#else + #define WOLFSSL_SP_MATH_ALL + #define WOLFSSL_SP_INT_NEGATIVE + /* Maximum math bits (largest supported key bits) */ + #undef SP_INT_BITS + #define SP_INT_BITS 8192 #endif /* Wolf Single Precision Math */ #undef WOLFSSL_SP -#if 0 - #define WOLFSSL_SP +#if 0 /* SP Assembly Speedups (wPAA) */ + //#define WOLFSSL_SP //#define WOLFSSL_SP_SMALL /* use smaller version of code */ - #define WOLFSSL_HAVE_SP_RSA - #define WOLFSSL_HAVE_SP_DH - #define WOLFSSL_HAVE_SP_ECC - //#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */ - - /* SP Assembly Speedups */ - //#define WOLFSSL_SP_ASM /* required if using the ASM versions */ - //#define WOLFSSL_SP_ARM32_ASM + //#define WOLFSSL_SP_1024 + //#define WOLFCRYPT_HAVE_SAKKE /* Note: Sakke can be enabled with 1024-bit support */ + //#define WOLFSSL_SP_4096 /* Explicitly enable 4096-bit support (2048/3072 on by default) */ + //#define WOLFSSL_SP_384 /* Explicitly enable 384-bit support (others on by default) */ + //#define WOLFSSL_SP_521 /* Explicitly enable 521-bit support (others on by default) */ + //#define WOLFSSL_HAVE_SP_RSA + //#define WOLFSSL_HAVE_SP_DH + //#define WOLFSSL_HAVE_SP_ECC + /* If no PAA, leave out */ + //#define WOLFSSL_ARMASM //#define WOLFSSL_SP_ARM64_ASM - //#define WOLFSSL_SP_ARM_THUMB_ASM - //#define WOLFSSL_SP_ARM_CORTEX_M_ASM #endif /* ------------------------------------------------------------------------- */ @@ -51,288 +136,697 @@ /* ------------------------------------------------------------------------- */ #undef HAVE_FIPS #if 1 + + #define WOLFCRYPT_FIPS_CORE_HASH_VALUE C82E8BD05125ED82DE72A521EEB369E026526D089ADCB6FB2B943479A9D5DB63 #define HAVE_FIPS #undef HAVE_FIPS_VERSION - #define HAVE_FIPS_VERSION 2 + #define HAVE_FIPS_VERSION 5 - #ifdef SINGLE_THREADED - #undef NO_THREAD_LS - #define NO_THREAD_LS - #else - #ifndef USE_WINDOWS_API - #define USE_WINDOWS_API - #endif - #endif + #undef HAVE_FIPS_VERSION_MINOR + #define HAVE_FIPS_VERSION_MINOR 2 + + #undef WOLFSSL_WOLFSSH + #define WOLFSSL_WOLFSSH - #undef NO_ATTRIBUTE_CONSTRUCTOR - //#define NO_ATTRIBUTE_CONSTRUCTOR + #undef WC_RNG_SEED_CB + #define WC_RNG_SEED_CB + + #if 0 + #undef NO_ATTRIBUTE_CONSTRUCTOR + #define NO_ATTRIBUTE_CONSTRUCTOR + #endif #endif -/* FIPS */ -//#define OPENSSL_EXTRA -//#define HAVE_THREAD_LS -#define WOLFSSL_KEY_GEN -#define HAVE_AESGCM -#define HAVE_HASHDRBG -#define WOLFSSL_SHA384 -#define WOLFSSL_SHA512 -#define NO_PSK -#define NO_RC4 -//#define NO_DSA -#define NO_MD4 +/* ------------------------------------------------------------------------- */ +/* Crypto */ +/* ------------------------------------------------------------------------- */ +/* RSA */ +#undef NO_RSA +#if 1 -#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - /* ------------------------------------------------------------------------- */ - /* Crypto */ - /* ------------------------------------------------------------------------- */ - #define USE_CERT_BUFFERS_2048 - #define USE_CERT_BUFFERS_256 - /* RSA */ - #undef NO_RSA - #if 1 - #ifdef USE_FAST_MATH - /* Maximum math bits (Max RSA key bits * 2) */ - #undef FP_MAX_BITS - #define FP_MAX_BITS 8192 - #endif + /* half as much memory but twice as slow */ + #undef RSA_LOW_MEM + //#define RSA_LOW_MEM - /* half as much memory but twice as slow */ - #undef RSA_LOW_MEM - //#define RSA_LOW_MEM + /* Enables blinding mode, to prevent timing attacks */ + #if 1 + #undef WC_RSA_BLINDING + #define WC_RSA_BLINDING + #else + #undef WC_NO_HARDEN + #define WC_NO_HARDEN + #endif - /* Enables blinding mode, to prevent timing attacks */ - #if 0 - #undef WC_RSA_BLINDING - #define WC_RSA_BLINDING - #else - #undef WC_NO_HARDEN - #define WC_NO_HARDEN - #endif + /* RSA PSS Support */ + #if 1 + #undef WC_RSA_PSS + #define WC_RSA_PSS - /* RSA PSS Support */ - #if 1 - #define WC_RSA_PSS - #endif + #undef WOLFSSL_PSS_LONG_SALT + #define WOLFSSL_PSS_LONG_SALT - #if 1 - #define WC_RSA_NO_PADDING - #endif - #else - #define NO_RSA + #undef WOLFSSL_PSS_SALT_LEN_DISCOVER + #define WOLFSSL_PSS_SALT_LEN_DISCOVER #endif - /* ECC */ - #undef HAVE_ECC + #if 1 - #define HAVE_ECC - - /* Manually define enabled curves */ - #undef ECC_USER_CURVES - //#define ECC_USER_CURVES - - #ifdef ECC_USER_CURVES - /* Manual Curve Selection */ - //#define HAVE_ECC192 - //#define HAVE_ECC224 - #undef NO_ECC256 - //#define HAVE_ECC384 - //#define HAVE_ECC521 - #endif + #define WC_RSA_NO_PADDING + #endif +#else + #define NO_RSA +#endif - /* Fixed point cache (speeds repeated operations against same private key) */ - #undef FP_ECC - //#define FP_ECC - #ifdef FP_ECC - /* Bits / Entries */ - #undef FP_ENTRIES - #define FP_ENTRIES 2 - #undef FP_LUT - #define FP_LUT 4 - #endif +/* ECC */ +#undef HAVE_ECC +#if 1 + #define HAVE_ECC + + /* Manually define enabled curves */ + #undef ECC_USER_CURVES + //#define ECC_USER_CURVES + + #ifdef ECC_USER_CURVES + /* Manual Curve Selection */ + #define HAVE_ECC192 + #define HAVE_ECC224 + #undef NO_ECC256 + #define HAVE_ECC256 + #define HAVE_ECC384 + #define HAVE_ECC521 + #endif + + /* Fixed point cache (speeds repeated operations against same private key) */ + #undef FP_ECC + //#define FP_ECC + #ifdef FP_ECC + /* Bits / Entries */ + #undef FP_ENTRIES + #define FP_ENTRIES 2 + #undef FP_LUT + #define FP_LUT 4 + #endif + + /* Optional ECC calculation method */ + /* Note: doubles heap usage, but slightly faster */ + #undef ECC_SHAMIR + #define ECC_SHAMIR + + /* Reduces heap usage, but slower */ + #undef ECC_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + + #ifdef HAVE_FIPS + #undef HAVE_ECC_CDH + #define HAVE_ECC_CDH /* Enable cofactor support */ + + #undef NO_STRICT_ECDSA_LEN + #define NO_STRICT_ECDSA_LEN /* Do not force fixed len w/ FIPS */ - /* Optional ECC calculation method */ - /* Note: doubles heap usage, but slightly faster */ - #undef ECC_SHAMIR - #define ECC_SHAMIR + #undef WOLFSSL_VALIDATE_ECC_IMPORT + #define WOLFSSL_VALIDATE_ECC_IMPORT /* Validate import */ - /* Reduces heap usage, but slower */ - #undef ECC_TIMING_RESISTANT - #define ECC_TIMING_RESISTANT + #undef WOLFSSL_VALIDATE_ECC_KEYGEN + #define WOLFSSL_VALIDATE_ECC_KEYGEN /* Validate generated keys */ - #ifdef HAVE_FIPS - #undef HAVE_ECC_CDH - #define HAVE_ECC_CDH /* Enable cofactor support */ + #undef WOLFSSL_ECDSA_SET_K + #define WOLFSSL_ECDSA_SET_K - #undef NO_STRICT_ECDSA_LEN - #define NO_STRICT_ECDSA_LEN /* Do not force fixed len w/ FIPS */ + #endif + + /* Compressed Key Support */ + #undef HAVE_COMP_KEY + //#define HAVE_COMP_KEY - #undef WOLFSSL_VALIDATE_ECC_IMPORT - #define WOLFSSL_VALIDATE_ECC_IMPORT /* Validate import */ + /* Use alternate ECC size for ECC math */ + #ifdef USE_FAST_MATH + /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */ + #ifdef NO_RSA + /* Custom fastmath size if not using RSA */ + #undef FP_MAX_BITS + #define FP_MAX_BITS (256 * 2) + #else + #undef ALT_ECC_SIZE + #define ALT_ECC_SIZE + /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */ + //#undef FP_MAX_BITS_ECC + //#define FP_MAX_BITS_ECC (256 * 2) #endif - /* Compressed Key Support */ - #undef HAVE_COMP_KEY - //#define HAVE_COMP_KEY - - /* Use alternate ECC size for ECC math */ - #ifdef USE_FAST_MATH - /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */ - #ifdef NO_RSA - /* Custom fastmath size if not using RSA */ - #undef FP_MAX_BITS - #define FP_MAX_BITS (256 * 2) - #else - #undef ALT_ECC_SIZE - #define ALT_ECC_SIZE - /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */ - //#undef FP_MAX_BITS_ECC - //#define FP_MAX_BITS_ECC (256 * 2) - #endif - - /* Speedups specific to curve */ - #ifndef NO_ECC256 - #undef TFM_ECC256 - #define TFM_ECC256 - #endif + /* Speedups specific to curve */ + #ifndef NO_ECC256 + #undef TFM_ECC256 + #define TFM_ECC256 #endif #endif +#endif - /* AES */ - #undef NO_AES +/* DH */ +#undef NO_DH +#if 1 + /* Use table for DH instead of -lm (math) lib dependency */ #if 1 - #undef HAVE_AES_CBC - #define HAVE_AES_CBC + #define HAVE_DH_DEFAULT_PARAMS + #define WOLFSSL_DH_CONST + #define HAVE_FFDHE_2048 + #define HAVE_FFDHE_3072 + #define HAVE_FFDHE_4096 + #define HAVE_FFDHE_6144 + #define HAVE_FFDHE_8192 + #endif + + #ifdef HAVE_FIPS + #define WOLFSSL_VALIDATE_FFC_IMPORT + #define HAVE_FFDHE_Q + #endif +#else + #define NO_DH +#endif - #undef HAVE_AESGCM - #define HAVE_AESGCM - /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */ - //#define GCM_SMALL - //#define GCM_WORD32 - #define GCM_TABLE +/* AES */ +#undef NO_AES +#if 1 + #undef HAVE_AES_CBC + #define HAVE_AES_CBC - #undef WOLFSSL_AES_DIRECT - #define WOLFSSL_AES_DIRECT + #undef HAVE_AESGCM + #define HAVE_AESGCM - #undef HAVE_AES_ECB - #define HAVE_AES_ECB + /* GCM Method (slowest to fastest): GCM_SMALL, GCM_WORD32, GCM_TABLE or + * GCM_TABLE_4BIT */ + #define GCM_TABLE_4BIT - #undef WOLFSSL_AES_COUNTER - #define WOLFSSL_AES_COUNTER + #undef WOLFSSL_AES_DIRECT + #define WOLFSSL_AES_DIRECT - #undef HAVE_AESCCM - #define HAVE_AESCCM + #undef HAVE_AES_ECB + #define HAVE_AES_ECB - #else - #define NO_AES - #endif + #undef WOLFSSL_AES_COUNTER + #define WOLFSSL_AES_COUNTER + + #undef HAVE_AESCCM + #define HAVE_AESCCM + + #undef WOLFSSL_AES_OFB + #define WOLFSSL_AES_OFB +#else + #define NO_AES +#endif - /* DES3 */ - #undef NO_DES3 +/* DES3 */ +#undef NO_DES3 +#if 0 #if 1 - #else - #define NO_DES3 + #undef WOLFSSL_DES_ECB + #define WOLFSSL_DES_ECB #endif +#else + #define NO_DES3 +#endif + +/* ChaCha20 / Poly1305 */ +#undef HAVE_CHACHA +#undef HAVE_POLY1305 +#if 0 + #define HAVE_CHACHA + #define HAVE_POLY1305 + + /* Needed for Poly1305 */ + #undef HAVE_ONE_TIME_AUTH + #define HAVE_ONE_TIME_AUTH +#endif - /* ------------------------------------------------------------------------- */ - /* Hashing */ - /* ------------------------------------------------------------------------- */ - /* Sha */ - #undef NO_SHA +/* Ed25519 / Curve25519 */ +#undef HAVE_CURVE25519 +#undef HAVE_ED25519 +#if 0 + #define HAVE_CURVE25519 + #define HAVE_ED25519 /* ED25519 Requires SHA512 */ + + /* Optionally use small math (less flash usage, but much slower) */ #if 1 - /* 1k smaller, but 25% slower */ - //#define USE_SLOW_SHA - #else - #define NO_SHA + #define CURVED25519_SMALL #endif +#endif - /* Sha256 */ - #undef NO_SHA256 - #if 1 - /* not unrolled - ~2k smaller and ~25% slower */ - //#define USE_SLOW_SHA256 - /* Sha224 */ - #if 1 - #define WOLFSSL_SHA224 - #endif - #else - #define NO_SHA256 - #endif +/* ------------------------------------------------------------------------- */ +/* Hashing */ +/* ------------------------------------------------------------------------- */ +/* Sha */ +#undef NO_SHA +#if 1 + /* 1k smaller, but 25% slower */ + //#define USE_SLOW_SHA +#else + #define NO_SHA +#endif - /* Sha512 */ - #undef WOLFSSL_SHA512 +/* Sha256 */ +#undef NO_SHA256 +#if 1 + /* not unrolled - ~2k smaller and ~25% slower */ + //#define USE_SLOW_SHA256 + + /* Sha224 */ #if 1 - #define WOLFSSL_SHA512 + #define WOLFSSL_SHA224 + #endif +#else + #define NO_SHA256 +#endif - /* Sha384 */ - #undef WOLFSSL_SHA384 - #if 1 - #define WOLFSSL_SHA384 - #endif +/* Sha512 */ +#undef WOLFSSL_SHA512 +#if 1 + #define WOLFSSL_SHA512 - /* over twice as small, but 50% slower */ - //#define USE_SLOW_SHA512 - #endif + #undef WOLFSSL_NOSHA512_224 /* Not in FIPS mode */ + #undef WOLFSSL_NOSHA512_256 /* Not in FIPS mode */ - /* Sha3 */ - #undef WOLFSSL_SHA3 + /* Sha384 */ + #undef WOLFSSL_SHA384 #if 1 - #define WOLFSSL_SHA3 + #define WOLFSSL_SHA384 #endif - /* MD5 */ - #undef NO_MD5 - #if 0 + /* over twice as small, but 50% slower */ + //#define USE_SLOW_SHA512 +#endif - #else - #define NO_MD5 - #endif +/* Sha3 */ +#undef WOLFSSL_SHA3 +#if 1 + #define WOLFSSL_SHA3 + #define Sha3 wc_Sha3 +#endif - /* HKDF */ - #undef HAVE_HKDF - #if 1 - #define HAVE_HKDF +/* MD5 */ +#undef NO_MD5 +#if 0 + +#else + #define NO_MD5 +#endif + +/* HKDF / PRF */ +#undef HAVE_HKDF +#if 1 + #define HAVE_HKDF + #define WOLFSSL_HAVE_PRF +#endif + +/* CMAC */ +#undef WOLFSSL_CMAC +#if 1 + #define WOLFSSL_CMAC +#endif + + +/* ------------------------------------------------------------------------- */ +/* Benchmark / Test */ +/* ------------------------------------------------------------------------- */ +/* Use reduced benchmark / test sizes */ +#undef BENCH_EMBEDDED +#define BENCH_EMBEDDED + +#undef USE_CERT_BUFFERS_2048 +#define USE_CERT_BUFFERS_2048 + +#undef USE_CERT_BUFFERS_1024 +//#define USE_CERT_BUFFERS_1024 + +#undef USE_CERT_BUFFERS_256 +#define USE_CERT_BUFFERS_256 + + +/* ------------------------------------------------------------------------- */ +/* Debugging */ +/* ------------------------------------------------------------------------- */ + +#undef DEBUG_WOLFSSL +#undef NO_ERROR_STRINGS +#if 1 + #define DEBUG_WOLFSSL +#else + #if 0 + #define NO_ERROR_STRINGS #endif +#endif + + +/* ------------------------------------------------------------------------- */ +/* Memory */ +/* ------------------------------------------------------------------------- */ - /* CMAC */ - #undef WOLFSSL_CMAC +/* Override Memory API's */ +#if 0 + #undef XMALLOC_OVERRIDE + #define XMALLOC_OVERRIDE + + /* prototypes for user heap override functions */ + /* Note: Realloc only required for normal math */ + #include /* for size_t */ + extern void *myMalloc(size_t n, void* heap, int type); + extern void myFree(void *p, void* heap, int type); + extern void *myRealloc(void *p, size_t n, void* heap, int type); + + #define XMALLOC(n, h, t) myMalloc(n, h, t) + #define XFREE(p, h, t) myFree(p, h, t) + #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t) +#endif + +#if 0 + /* Static memory requires fast math */ + #define WOLFSSL_STATIC_MEMORY + + /* Disable fallback malloc/free */ + #define WOLFSSL_NO_MALLOC #if 1 - #define WOLFSSL_CMAC + #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */ #endif +#endif - /* DH */ - #undef NO_DH - #if 1 - /* Use table for DH instead of -lm (math) lib dependency */ - #if 0 - #define WOLFSSL_DH_CONST - #define HAVE_FFDHE_2048 - #define HAVE_FFDHE_4096 - //#define HAVE_FFDHE_6144 - //#define HAVE_FFDHE_8192 - #endif +/* Memory callbacks */ +#if 1 + #undef USE_WOLFSSL_MEMORY + #define USE_WOLFSSL_MEMORY - #ifdef HAVE_FIPS - #define WOLFSSL_VALIDATE_FFC_IMPORT - #define HAVE_FFDHE_Q - #endif - #else - #define NO_DH + /* Use this to measure / print heap usage */ + #if 0 + #undef WOLFSSL_TRACK_MEMORY +// #define WOLFSSL_TRACK_MEMORY + + #undef WOLFSSL_DEBUG_MEMORY + //#define WOLFSSL_DEBUG_MEMORY + + #undef WOLFSSL_DEBUG_MEMORY_PRINT + //#define WOLFSSL_DEBUG_MEMORY_PRINT + #endif +#else + #ifndef WOLFSSL_STATIC_MEMORY + #define NO_WOLFSSL_MEMORY + /* Otherwise we will use stdlib malloc, free and realloc */ #endif -#endif /* FIPS v2 */ +#endif + + +/* ------------------------------------------------------------------------- */ +/* Port */ +/* ------------------------------------------------------------------------- */ + +/* Override Current Time */ +/* Allows custom "custom_time()" function to be used for benchmark */ +//#define WOLFSSL_USER_CURRTIME +//#define WOLFSSL_GMTIME +//#define USER_TICKS +//extern unsigned long my_time(unsigned long* timer); +//#define XTIME my_time + + +/* ------------------------------------------------------------------------- */ +/* RNG */ +/* ------------------------------------------------------------------------- */ + +/* Seed Source */ + /* Seed Source */ +// extern int my_rng_generate_seed(unsigned char* output, int sz); +// #undef CUSTOM_RAND_GENERATE_SEED +// #define CUSTOM_RAND_GENERATE_SEED my_rng_generate_seed + +/* Choose RNG method */ +#if 1 + /* Use built-in P-RNG (SHA256 based) with HW RNG */ + /* P-RNG + HW RNG (P-RNG is ~8K) */ + //#define WOLFSSL_GENSEED_FORTEST + #undef HAVE_HASHDRBG + #define HAVE_HASHDRBG +#else + #undef WC_NO_HASHDRBG + #define WC_NO_HASHDRBG + + /* Bypass P-RNG and use only HW RNG */ + extern int my_rng_gen_block(unsigned char* output, unsigned int sz); + #undef CUSTOM_RAND_GENERATE_BLOCK + #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block +#endif + + +/* ------------------------------------------------------------------------- */ +/* Custom Standard Lib */ +/* ------------------------------------------------------------------------- */ +/* Allows override of all standard library functions */ +#undef STRING_USER +#if 0 + #define STRING_USER + + #include + + #undef USE_WOLF_STRSEP + #define USE_WOLF_STRSEP + #define XSTRSEP(s1,d) wc_strsep((s1),(d)) + + #undef USE_WOLF_STRTOK + #define USE_WOLF_STRTOK + #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr)) + + #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n)) + + #define XMEMCPY(d,s,l) memcpy((d),(s),(l)) + #define XMEMSET(b,c,l) memset((b),(c),(l)) + #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n)) + #define XMEMMOVE(d,s,l) memmove((d),(s),(l)) + + #define XSTRLEN(s1) strlen((s1)) + #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n)) + #define XSTRSTR(s1,s2) strstr((s1),(s2)) + + #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) + #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) + #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) + + #define XSNPRINTF snprintf +#endif + + -//#define DEBUG_WOLFSSL +/* ------------------------------------------------------------------------- */ +/* Enable Features */ +/* ------------------------------------------------------------------------- */ +#undef WOLFSSL_ASN_TEMPLATE +#define WOLFSSL_ASN_TEMPLATE + +#undef WOLFSSL_ASN_PRINT +#define WOLFSSL_ASN_PRINT + +#undef WOLFSSL_TLS13 +#if 1 + #define WOLFSSL_TLS13 +#endif + +#undef WOLFSSL_KEY_GEN +#if 1 + #define WOLFSSL_KEY_GEN +#endif + +#undef KEEP_PEER_CERT +//#define KEEP_PEER_CERT + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef WOLFSSL_BASE64_ENCODE +#define WOLFSSL_BASE64_ENCODE + +#undef WOLFSSL_NO_HASH_RAW +#define WOLFSSL_NO_HASH_RAW + +/* TLS Session Cache */ +#if 0 + #define SMALL_SESSION_CACHE +#else + #define NO_SESSION_CACHE +#endif + +#undef OPENSSL_EXTRA +//#define OPENSSL_EXTRA + +#undef WOLFSSL_DER_LOAD +#define WOLFSSL_DER_LOAD + +#undef HAVE_SESSION_TICKET +#define HAVE_SESSION_TICKET + +#undef HAVE_EX_DATA +#define HAVE_EX_DATA + +#undef HAVE_ENCRYPT_THEN_MAC +#define HAVE_ENCRYPT_THEN_MAC + +#undef WOLFSSL_CERT_GEN +#define WOLFSSL_CERT_GEN + +#undef ATOMIC_USER +#define ATOMIC_USER + +#undef HAVE_SECRET_CALLBACK +#define HAVE_SECRET_CALLBACK + +/* wolfEngine */ +#if 1 + #define OPENSSL_COEXIST + + /* HKDF for engine */ + #undef HAVE_HKDF + #if 1 + #define HAVE_HKDF + #define HAVE_X963_KDF + #endif + + #undef WOLFSSL_PUBLIC_MP + #define WOLFSSL_PUBLIC_MP + + #undef NO_OLD_RNGNAME + #define NO_OLD_RNGNAME + + #undef NO_OLD_WC_NAMES + #define NO_OLD_WC_NAMES + + #undef NO_OLD_SSL_NAMES + #define NO_OLD_SSL_NAMES + + #undef NO_OLD_SHA_NAMES + #define NO_OLD_SHA_NAMES + + #undef NO_OLD_MD5_NAME + #define NO_OLD_MD5_NAME + + #undef NO_OLD_SHA256_NAMES + #define NO_OLD_SHA256_NAMES +#endif + +#undef WOLFSSL_SYS_CA_CERTS +#define WOLFSSL_SYS_CA_CERTS + +#undef LIBWOLFSSL_GLOBAL_EXTRA_CFLAGS +#define LIBWOLFSSL_GLOBAL_EXTRA_CFLAGS + +#undef HAVE_SERVER_RENEGOTIATION_INFO +#define HAVE_SERVER_RENEGOTIATION_INFO + +/* ------------------------------------------------------------------------- */ +/* Disable Features */ +/* ------------------------------------------------------------------------- */ +#undef NO_WOLFSSL_SERVER +//#define NO_WOLFSSL_SERVER + +#undef NO_WOLFSSL_CLIENT +//#define NO_WOLFSSL_CLIENT + +#undef NO_CRYPT_TEST +//#define NO_CRYPT_TEST + +#undef NO_CRYPT_BENCHMARK +//#define NO_CRYPT_BENCHMARK + +#undef WOLFCRYPT_ONLY +#define WOLFCRYPT_ONLY + +/* In-lining of misc.c functions */ +/* If defined, must include wolfcrypt/src/misc.c in build */ +/* Slower, but about 1k smaller */ +#undef NO_INLINE +//#define NO_INLINE + +#undef NO_FILESYSTEM +//#define NO_FILESYSTEM + +#undef NO_WRITEV +//#define NO_WRITEV + +#undef NO_MAIN_DRIVER #define NO_MAIN_DRIVER -/* wolfEngine settings */ -#define WOLFSSL_PUBLIC_MP -#define NO_WOLFSSL_DIR +#undef NO_DEV_RANDOM +//#define NO_DEV_RANDOM + +#undef NO_DSA +#define NO_DSA + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_OLD_TLS +#define NO_OLD_TLS + +#undef NO_PSK +#define NO_PSK + +#undef NO_MD4 +#define NO_MD4 + +#undef NO_PWDBASED +//#define NO_PWDBASED + +#undef NO_CODING +//#define NO_CODING + +#undef NO_ASN_TIME +//#define NO_ASN_TIME + +#undef NO_CERTS +//#define NO_CERTS + +#undef NO_SIG_WRAPPER +//#define NO_SIG_WRAPPER + +#undef NO_DO178 +#define NO_DO178 + +#undef WOLFSSL_NO_SHAKE128 +#define WOLFSSL_NO_SHAKE128 + +#undef WOLFSSL_NO_SHAKE256 +#define WOLFSSL_NO_SHAKE256 + +/* wolfSSL engineering ACVP algo and operational testing only (Default: Off) */ +#if 1 + #undef WOLFSSL_PUBLIC_MP + #define WOLFSSL_PUBLIC_MP + + #undef OPTEST_LOGGING_ENABLED + //#define OPTEST_LOGGING_ENABLED + + #undef OPTEST_INVALID_LOGGING_ENABLED + //#define OPTEST_INVALID_LOGGING_ENABLED + + #undef NO_MAIN_OPTEST_DRIVER + #define NO_MAIN_OPTEST_DRIVER + + #undef DEBUG_FIPS_VERBOSE + #define DEBUG_FIPS_VERBOSE + + #undef HAVE_FORCE_FIPS_FAILURE + #define HAVE_FORCE_FIPS_FAILURE + + #undef NO_WRITE_TEMP_FILES + #define NO_WRITE_TEMPT_FILES +#endif + +#ifdef __cplusplus +} +#endif -//#define WOLFENGINE_DEBUG -/* TODO: Add WE_HAVE_* settings here */ -#endif /* _WIN_USER_SETTINGS_H_ */ +#endif /* WOLFSSL_USER_SETTINGS_H */ \ No newline at end of file diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index d026d10487..ef97b181ca 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -3430,7 +3430,8 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n) #ifndef SINGLE_THREADED /* Environment-specific multi-thread implementation check */ -#if defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS) +#if defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS) && \ + !defined(_WIN32_WCE) int wolfSSL_NewThread(THREAD_TYPE* thread, THREAD_CB cb, void* arg) { diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 3414cd6373..23110b94c7 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -80,7 +80,7 @@ #endif #endif /* WOLFSSL_SGX */ #endif - #ifndef SINGLE_THREADED + #if !defined(SINGLE_THREADED) && !defined(_WIN32_WCE) #include #endif #elif defined(THREADX) @@ -342,7 +342,11 @@ #endif #elif defined(_MSC_VER) /* Use MSVC compiler intrinsics for atomic ops */ - #include + #ifdef _WIN32_WCE + #include + #else + #include + #endif typedef volatile long wolfSSL_Atomic_Int; #define WOLFSSL_ATOMIC_OPS #endif