- Timestamp:
- Jun 22, 2021, 9:00:19 PM (3 years ago)
- Location:
- azure_iot_hub_f767zi/trunk/wolfssl-4.7.0
- Files:
-
- 1 edited
- 1 moved
Legend:
- Unmodified
- Added
- Removed
-
azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfssl/wolfcrypt/settings.h
r457 r464 63 63 /* #define MICROCHIP_TCPIP */ 64 64 65 /* Uncomment next line if using above Microchip TCP/IP defines with BSD API */ 66 /* #define MICROCHIP_TCPIP_BSD_API */ 67 65 68 /* Uncomment next line if using PIC32MZ Crypto Engine */ 66 69 /* #define WOLFSSL_MICROCHIP_PIC32MZ */ … … 210 213 /* #define WOLFSSL_RENESAS_RX65N */ 211 214 215 /* Uncomment next line if using Solaris OS*/ 216 /* #define WOLFSSL_SOLARIS */ 217 218 /* Uncomment next line if building for Linux Kernel Module */ 219 /* #define WOLFSSL_LINUXKM */ 220 221 212 222 #include <wolfssl/wolfcrypt/visibility.h> 213 223 214 224 #ifdef WOLFSSL_USER_SETTINGS 215 225 #include "user_settings.h" 216 #endif 217 226 #elif defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H) 227 /* STM Configuration File (generated by CubeMX) */ 228 #include "wolfSSL.I-CUBE-wolfSSL_conf.h" 229 #endif 218 230 219 231 /* make sure old RNG name is used with CTaoCrypt FIPS */ … … 293 305 #endif 294 306 295 #if defined(WOLFSSL_RENESAS_RA6M3G) 307 #if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) 296 308 /* settings in user_settings.h */ 297 309 #endif … … 338 350 #define SIZEOF_LONG_LONG 8 339 351 #define SINGLE_THREADED 340 #define WOLFSSL_USER_IO 352 #ifndef MICROCHIP_TCPIP_BSD_API 353 #define WOLFSSL_USER_IO 354 #endif 341 355 #define NO_WRITEV 342 356 #define NO_DEV_RANDOM … … 344 358 #define USE_FAST_MATH 345 359 #define TFM_TIMING_RESISTANT 360 #define NO_BIG_INT 361 #endif 362 363 #ifdef WOLFSSL_MICROCHIP_PIC32MZ 346 364 #define WOLFSSL_HAVE_MIN 347 365 #define WOLFSSL_HAVE_MAX 348 #define NO_BIG_INT 349 #endif 350 351 #ifdef WOLFSSL_MICROCHIP_PIC32MZ 366 352 367 #ifndef NO_PIC32MZ_CRYPT 353 368 #define WOLFSSL_PIC32MZ_CRYPT … … 373 388 #include "system/system_services.h" 374 389 #include "tcpip/sntp.h" 390 #endif 391 #endif 392 393 #ifdef WOLFSSL_ATECC508A 394 /* backwards compatibility */ 395 #ifndef WOLFSSL_ATECC_NO_ECDH_ENC 396 #define WOLFSSL_ATECC_ECDH_ENC 397 #endif 398 #ifdef WOLFSSL_ATECC508A_DEBUG 399 #define WOLFSSL_ATECC_DEBUG 375 400 #endif 376 401 #endif … … 602 627 #define SIZEOF_LONG 4 603 628 #define SIZEOF_LONG_LONG 8 604 #define NO_ASN_TIME605 629 #define NO_DEV_RANDOM 606 630 #define NO_FILESYSTEM … … 610 634 #define USE_FAST_MATH 611 635 #define TFM_TIMING_RESISTANT 612 #define USE_WOLFSSL_MEMORY613 636 #define WOLFSSL_NRF51 614 637 #define WOLFSSL_USER_IO … … 656 679 /* static char* gets(char *buff); */ 657 680 static char* fgets(char *buff, int sz, XFILE fp) { 658 char * p= buff;659 * p= '\0';681 char * s = buff; 682 *s = '\0'; 660 683 while (1) { 661 * p= tm_getchar(-1);662 tm_putchar(* p);663 if (* p== '\r') {684 *s = tm_getchar(-1); 685 tm_putchar(*s); 686 if (*s == '\r') { 664 687 tm_putchar('\n'); 665 * p= '\0';688 *s = '\0'; 666 689 break; 667 690 } 668 p++;691 s++; 669 692 } 670 693 return buff; … … 699 722 #define XMALLOC(s, h, type) pvPortMalloc((s)) 700 723 #define XFREE(p, h, type) vPortFree((p)) 701 #endif 702 /* FreeRTOS pvPortRealloc() implementation can be found here: 703 https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ 704 #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448) 705 #if defined(WOLFSSL_ESPIDF) 706 /*In IDF, realloc(p, n) is equivalent to 707 heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ 708 #define XREALLOC(p, n, h, t) realloc((p), (n)) 709 #else 710 #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) 711 #endif 712 #endif 724 /* FreeRTOS pvPortRealloc() implementation can be found here: 725 https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ 726 #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \ 727 defined(HAVE_ED448) 728 #if defined(WOLFSSL_ESPIDF) 729 /*In IDF, realloc(p, n) is equivalent to 730 heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ 731 #define XREALLOC(p, n, h, t) realloc((p), (n)) 732 #else 733 #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) 734 #endif 735 #endif 736 #endif 737 713 738 #ifndef NO_WRITEV 714 739 #define NO_WRITEV … … 813 838 #define SIZEOF_LONG_LONG 8 814 839 #else 815 #error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG 840 #if !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG) 841 #error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG 842 #endif 816 843 #endif 817 844 … … 823 850 #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n)) 824 851 #else 825 #sslpro: settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC 852 #ifndef XSTRNCASECMP 853 #error settings.h - please implement XSTRNCASECMP - needed for HAVE_ECC 854 #endif 826 855 #endif 827 856 … … 884 913 #define XMALLOC(s, h, type) pvPortMalloc((s)) 885 914 #define XFREE(p, h, type) vPortFree((p)) 886 #endif 887 /* FreeRTOS pvPortRealloc() implementation can be found here: 888 https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ 889 #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || defined(HAVE_ED448) 890 #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) 915 916 /* FreeRTOS pvPortRealloc() implementation can be found here: 917 https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ 918 #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \ 919 defined(HAVE_ED448) 920 #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) 921 #endif 891 922 #endif 892 923 #endif … … 899 930 #undef TFM_TIMING_RESISTANT 900 931 #define TFM_TIMING_RESISTANT 932 #endif 933 934 /* To support storing some of the large constant tables in flash memory rather than SRAM. 935 Useful for processors that have limited SRAM, such as the AVR family of microtrollers. */ 936 #ifdef WOLFSSL_USE_FLASHMEM 937 /* This is supported on the avr-gcc compiler, for more information see: 938 https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html */ 939 #define FLASH_QUALIFIER __flash 940 941 /* Copy data out of flash memory and into SRAM */ 942 #define XMEMCPY_P(pdest, psrc, size) memcpy_P((pdest), (psrc), (size)) 943 #else 944 #define FLASH_QUALIFIER 901 945 #endif 902 946 … … 934 978 /* Note: MQX has no realloc, using fastmath above */ 935 979 #endif 980 #ifdef USE_FAST_MATH 981 /* Undef first to avoid re-definition if user_settings.h defines */ 982 #undef TFM_TIMING_RESISTANT 983 #define TFM_TIMING_RESISTANT 984 #undef ECC_TIMING_RESISTANT 985 #define ECC_TIMING_RESISTANT 986 #undef WC_RSA_BLINDING 987 #define WC_RSA_BLINDING 988 #endif 936 989 #endif 937 990 … … 1022 1075 1023 1076 #undef HAVE_ECC 1077 #ifndef WOLFCRYPT_FIPS_RAND 1024 1078 #define HAVE_ECC 1079 #endif 1025 1080 #ifndef NO_AES 1026 1081 #undef HAVE_AESCCM … … 1043 1098 /* random seed */ 1044 1099 #define NO_OLD_RNGNAME 1045 #if defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0) 1100 #if defined(FREESCALE_NO_RNG) 1101 /* nothing to define */ 1102 #elif defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0) 1046 1103 #define FREESCALE_KSDK_2_0_TRNG 1047 1104 #elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0) … … 1115 1172 1116 1173 #if defined(FSL_FEATURE_LTC_HAS_PKHA) && FSL_FEATURE_LTC_HAS_PKHA 1174 #ifndef WOLFCRYPT_FIPS_RAND 1117 1175 #define FREESCALE_LTC_ECC 1176 #endif 1118 1177 #define FREESCALE_LTC_TFM 1119 1178 … … 1165 1224 #undef FP_MAX_BITS 1166 1225 #define FP_MAX_BITS (8192) 1226 #undef SP_INT_BITS 1227 #define SP_INT_BITS (4096) 1167 1228 1168 1229 #undef NO_DH … … 1179 1240 #if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \ 1180 1241 defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \ 1181 defined(WOLFSSL_STM32L4) 1242 defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \ 1243 defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) 1182 1244 1183 1245 #define SIZEOF_LONG_LONG 8 … … 1200 1262 #define STM32_CRYPTO 1201 1263 1202 #ifdef WOLFSSL_STM32L4 1264 #if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \ 1265 defined(WOLFSSL_STM32WB) 1203 1266 #define NO_AES_192 /* hardware does not support 192-bit */ 1204 1267 #endif … … 1213 1276 #define NO_OLD_RNGNAME 1214 1277 #ifdef WOLFSSL_STM32_CUBEMX 1215 #if defined(WOLFSSL_STM32F2) 1278 #if defined(WOLFSSL_STM32F1) 1279 #include "stm32f1xx_hal.h" 1280 #elif defined(WOLFSSL_STM32F2) 1216 1281 #include "stm32f2xx_hal.h" 1282 #elif defined(WOLFSSL_STM32L5) 1283 #include "stm32l5xx_hal.h" 1217 1284 #elif defined(WOLFSSL_STM32L4) 1218 1285 #include "stm32l4xx_hal.h" … … 1223 1290 #elif defined(WOLFSSL_STM32F1) 1224 1291 #include "stm32f1xx_hal.h" 1292 #elif defined(WOLFSSL_STM32H7) 1293 #include "stm32h7xx_hal.h" 1294 #elif defined(WOLFSSL_STM32WB) 1295 #include "stm32wbxx_hal.h" 1225 1296 #endif 1226 1297 #if defined(WOLFSSL_CUBEMX_USE_LL) && defined(WOLFSSL_STM32L4) … … 1248 1319 #include "stm32f4xx_hash.h" 1249 1320 #endif 1321 #elif defined(WOLFSSL_STM32L5) 1322 #include "stm32l5xx.h" 1323 #ifdef STM32_CRYPTO 1324 #include "stm32l5xx_cryp.h" 1325 #endif 1326 #ifdef STM32_HASH 1327 #include "stm32l5xx_hash.h" 1328 #endif 1250 1329 #elif defined(WOLFSSL_STM32L4) 1251 1330 #include "stm32l4xx.h" … … 1258 1337 #elif defined(WOLFSSL_STM32F7) 1259 1338 #include "stm32f7xx.h" 1339 #elif defined(WOLFSSL_STM32H7) 1340 #include "stm32h7xx.h" 1260 1341 #elif defined(WOLFSSL_STM32F1) 1261 1342 #include "stm32f1xx.h" 1262 1343 #endif 1263 1344 #endif /* WOLFSSL_STM32_CUBEMX */ 1264 #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */ 1345 #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || 1346 WOLFSSL_STM32L5 || WOLFSSL_STM32F7 || WOLFSSL_STMWB || WOLFSSL_STM32H7 */ 1265 1347 #ifdef WOLFSSL_DEOS 1266 1348 #include <deos.h> … … 1316 1398 #include <stdlib.h> 1317 1399 #include <os.h> 1318 #include <net_cfg.h> 1319 #include <net_sock.h> 1320 #include <net_err.h> 1400 #if defined(RTOS_MODULE_NET_AVAIL) || (APP_CFG_TCPIP_EN == DEF_ENABLED) 1401 #include <net_cfg.h> 1402 #include <net_sock.h> 1403 #if (OS_VERSION < 50000) 1404 #include <net_err.h> 1405 #endif 1406 #endif 1321 1407 #include <lib_mem.h> 1322 1408 #include <lib_math.h> 1409 #include <lib_str.h> 1410 #include <stdio.h> 1411 #include <string.h> 1323 1412 1324 1413 #define USE_FAST_MATH … … 1344 1433 #define NO_WRITEV 1345 1434 1346 #if ndef CUSTOM_RAND_GENERATE1435 #if ! defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(CUSTOM_RAND_GENERATE) 1347 1436 #define CUSTOM_RAND_TYPE RAND_NBR 1348 1437 #define CUSTOM_RAND_GENERATE Math_Rand … … 1374 1463 #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ 1375 1464 (void *)(psrc), (CPU_SIZE_T)(size))) 1376 #define XMEMCMP(pmem_1, pmem_2, size) \ 1377 (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \ 1378 (void *)(pmem_2), \ 1465 1466 #if (OS_VERSION < 50000) 1467 #define XMEMCMP(pmem_1, pmem_2, size) \ 1468 (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \ 1469 (void *)(pmem_2), \ 1379 1470 (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) 1471 #else 1472 /* Work around for Micrium OS version 5.8 change in behavior 1473 * that returns DEF_NO for 0 size compare 1474 */ 1475 #define XMEMCMP(pmem_1, pmem_2, size) \ 1476 (( (size < 1 ) || \ 1477 ((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), \ 1478 (void *)(pmem_2), \ 1479 (CPU_SIZE_T)(size)) == DEF_YES)) \ 1480 ? 0 : 1) 1481 #define XSNPRINTF snprintf 1482 #endif 1483 1380 1484 #define XMEMMOVE XMEMCPY 1381 1485 … … 1391 1495 #endif 1392 1496 #endif /* MICRIUM */ 1497 1498 #if defined(sun) || defined(__sun) 1499 # if defined(__SVR4) || defined(__svr4__) 1500 /* Solaris */ 1501 #ifndef WOLFSSL_SOLARIS 1502 #define WOLFSSL_SOLARIS 1503 #endif 1504 # else 1505 /* SunOS */ 1506 # endif 1507 #endif 1508 1509 #ifdef WOLFSSL_SOLARIS 1510 /* Avoid naming clash with fp_zero from math.h > ieefp.h */ 1511 #define WOLFSSL_DH_CONST 1512 #endif 1393 1513 1394 1514 #ifdef WOLFSSL_MCF5441X … … 1534 1654 #define HAVE_AES_ECB 1535 1655 #endif 1656 #endif 1657 1658 /* If DCP is used without SINGLE_THREADED, enforce WOLFSSL_CRYPT_HW_MUTEX */ 1659 #if defined(WOLFSSL_IMXRT_DCP) && !defined(SINGLE_THREADED) 1660 #undef WOLFSSL_CRYPT_HW_MUTEX 1661 #define WOLFSSL_CRYPT_HW_MUTEX 1 1536 1662 #endif 1537 1663 … … 1653 1779 #endif 1654 1780 1781 /* The minimum allowed ECC key size */ 1782 /* Note: 224-bits is equivelant to 2048-bit RSA */ 1783 #ifndef ECC_MIN_KEY_SZ 1784 #ifdef WOLFSSL_MIN_ECC_BITS 1785 #define ECC_MIN_KEY_SZ WOLFSSL_MIN_ECC_BITS 1786 #else 1787 #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2 1788 /* FIPSv2 and ready (for now) includes 192-bit support */ 1789 #define ECC_MIN_KEY_SZ 192 1790 #else 1791 #define ECC_MIN_KEY_SZ 224 1792 #endif 1793 #endif 1794 #endif 1795 1655 1796 /* ECC Configs */ 1656 1797 #ifdef HAVE_ECC … … 1836 1977 #endif 1837 1978 #endif 1979 #if defined(HAVE_FFDHE) && defined(SP_INT_BITS) 1980 #if MIN_FFDHE_FP_MAX_BITS > SP_INT_BITS * 2 1981 #error "FFDHE parameters are too large for SP_INT_BIT as set" 1982 #endif 1983 #endif 1838 1984 1839 1985 /* if desktop type system and fastmath increase default max bits */ 1840 #if def WOLFSSL_X86_64_BUILD1986 #if defined(WOLFSSL_X86_64_BUILD) || defined(WOLFSSL_AARCH64_BUILD) 1841 1987 #if defined(USE_FAST_MATH) && !defined(FP_MAX_BITS) 1842 1988 #if MIN_FFDHE_FP_MAX_BITS <= 8192 … … 1844 1990 #else 1845 1991 #define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS 1992 #endif 1993 #endif 1994 #if defined(WOLFSSL_SP_MATH_ALL) && !defined(SP_INT_BITS) 1995 #if MIN_FFDHE_FP_MAX_BITS <= 8192 1996 #define SP_INT_BITS 4096 1997 #else 1998 #define PS_INT_BITS MIN_FFDHE_FP_MAX_BITS / 2 1846 1999 #endif 1847 2000 #endif … … 2000 2153 2001 2154 2155 #ifdef WOLFSSL_LINUXKM 2156 #ifndef NO_DEV_RANDOM 2157 #define NO_DEV_RANDOM 2158 #endif 2159 #ifndef NO_WRITEV 2160 #define NO_WRITEV 2161 #endif 2162 #ifndef NO_FILESYSTEM 2163 #define NO_FILESYSTEM 2164 #endif 2165 #ifndef NO_STDIO_FILESYSTEM 2166 #define NO_STDIO_FILESYSTEM 2167 #endif 2168 #ifndef WOLFSSL_NO_SOCK 2169 #define WOLFSSL_NO_SOCK 2170 #endif 2171 #ifndef WOLFSSL_DH_CONST 2172 #define WOLFSSL_DH_CONST 2173 #endif 2174 #ifndef WOLFSSL_USER_IO 2175 #define WOLFSSL_USER_IO 2176 #endif 2177 #ifndef USE_WOLF_STRTOK 2178 #define USE_WOLF_STRTOK 2179 #endif 2180 #ifndef WOLFSSL_SP_DIV_WORD_HALF 2181 #define WOLFSSL_SP_DIV_WORD_HALF 2182 #endif 2183 #ifndef WOLFSSL_OLD_PRIME_CHECK 2184 #define WOLFSSL_OLD_PRIME_CHECK 2185 #endif 2186 #ifndef WOLFSSL_TEST_SUBROUTINE 2187 #define WOLFSSL_TEST_SUBROUTINE static 2188 #endif 2189 #undef HAVE_STRINGS_H 2190 #undef HAVE_ERRNO_H 2191 #undef HAVE_THREAD_LS 2192 #undef WOLFSSL_HAVE_MIN 2193 #undef WOLFSSL_HAVE_MAX 2194 #define SIZEOF_LONG 8 2195 #define SIZEOF_LONG_LONG 8 2196 #define CHAR_BIT 8 2197 #ifndef WOLFSSL_SP_DIV_64 2198 #define WOLFSSL_SP_DIV_64 2199 #endif 2200 #ifndef WOLFSSL_SP_DIV_WORD_HALF 2201 #define WOLFSSL_SP_DIV_WORD_HALF 2202 #endif 2203 #endif 2204 2205 2002 2206 /* Place any other flags or defines here */ 2003 2207 … … 2007 2211 #endif /* WOLFSSL_MYSQL_COMPATIBLE */ 2008 2212 2009 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2213 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 2214 || defined(HAVE_LIGHTY) 2010 2215 #define SSL_OP_NO_COMPRESSION SSL_OP_NO_COMPRESSION 2011 2216 #define OPENSSL_NO_ENGINE … … 2028 2233 #endif 2029 2234 2030 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_QT) || defined(OPENSSL_ALL)2235 #ifdef HAVE_SNI 2031 2236 #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 2032 2237 #endif … … 2101 2306 2102 2307 /* Parts of the openssl compatibility layer require peer certs */ 2103 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) 2308 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ 2309 || defined(HAVE_LIGHTY) 2104 2310 #undef KEEP_PEER_CERT 2105 2311 #define KEEP_PEER_CERT 2106 2312 #endif 2107 2313 2108 /* RAW hash function APIs are not implemented with ARMv8 hardware acceleration*/2109 #if def WOLFSSL_ARMASM2314 /* RAW hash function APIs are not implemented */ 2315 #if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_AFALG_HASH) 2110 2316 #undef WOLFSSL_NO_HASH_RAW 2111 2317 #define WOLFSSL_NO_HASH_RAW 2318 #endif 2319 2320 /* XChacha not implemented with ARM assembly ChaCha */ 2321 #if defined(WOLFSSL_ARMASM) 2322 #undef HAVE_XCHACHA 2112 2323 #endif 2113 2324 … … 2150 2361 #if defined(WOLFCRYPT_ONLY) && defined(NO_AES) && !defined(WOLFSSL_SHA384) && \ 2151 2362 !defined(WOLFSSL_SHA512) && defined(WC_NO_RNG) && \ 2152 defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_RSA_PUBLIC_ONLY) 2363 (defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \ 2364 defined(WOLFSSL_RSA_PUBLIC_ONLY) 2153 2365 #undef WOLFSSL_NO_FORCE_ZERO 2154 2366 #define WOLFSSL_NO_FORCE_ZERO … … 2174 2386 #ifdef NO_WOLFSSL_SMALL_STACK 2175 2387 #undef WOLFSSL_SMALL_STACK 2388 #endif 2389 2390 #ifdef WOLFSSL_SMALL_STACK_STATIC 2391 #undef WOLFSSL_SMALL_STACK_STATIC 2392 #define WOLFSSL_SMALL_STACK_STATIC static 2393 #else 2394 #define WOLFSSL_SMALL_STACK_STATIC 2176 2395 #endif 2177 2396 … … 2188 2407 #endif 2189 2408 2409 /* FIPS v1 does not support TLS v1.3 (requires RSA PSS and HKDF) */ 2410 #if defined(HAVE_FIPS) && !defined(HAVE_FIPS_VERSION) 2411 #undef WC_RSA_PSS 2412 #undef WOLFSSL_TLS13 2413 #endif 2414 2415 /* For FIPSv2 make sure the ECDSA encoding allows extra bytes 2416 * but make sure users consider enabling it */ 2417 #if !defined(NO_STRICT_ECDSA_LEN) && defined(HAVE_FIPS) && \ 2418 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 2419 /* ECDSA length checks off by default for CAVP testing 2420 * consider enabling strict checks in production */ 2421 #define NO_STRICT_ECDSA_LEN 2422 #endif 2423 2190 2424 2191 2425 #ifdef __cplusplus
Note:
See TracChangeset
for help on using the changeset viewer.