amt630hv160-sdk-release/amt630hv160-freertos-beta/lib/wolfssl/user_settings.h

#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H

#ifdef __cplusplus
extern "C" {
#endif

#include "board.h"

/* ------------------------------------------------------------------------- */
/* Platform */
/* ------------------------------------------------------------------------- */
#undef  WOLFSSL_GENERAL_ALIGNMENT
#define WOLFSSL_GENERAL_ALIGNMENT           4

#undef  WOLFSSL_SMALL_STACK
#define WOLFSSL_SMALL_STACK

// 使用文件系统
#undef WOLFSSL_USER_FILESYSTEM
#define WOLFSSL_USER_FILESYSTEM
// 使用FREERTOS_FAT文件系统
#undef FREERTOS_FAT
#define FREERTOS_FAT

// 使用FREERTOS
#undef  FREERTOS
#define FREERTOS

#if USE_LWIP
// 使用LWIP
#undef  WOLFSSL_LWIP
#define WOLFSSL_LWIP
#else
// 使用FREERTOS_PLUS_TCP
#undef  FREERTOS_TCP
#define FREERTOS_TCP
#endif

// 已有 tm 类型定义
#define HAVE_TM_TYPE

// 已有 time_t 类型定义
#define HAVE_TIME_T_TYPE

#define SIZEOF_LONG_LONG                    8
#ifndef CHAR_BIT
#define CHAR_BIT                            8
#endif

#define NO_WOLFSSL_DIR

// 禁用 Rabbit 流密码算法
#undef  NO_RABBIT
#define NO_RABBIT

// 禁用ASN的时间检查。
#define NO_ASN_TIME

#define WOLFSSL_IGNORE_FILE_WARN

/* ------------------------------------------------------------------------- */
/* Debugging */
/* ------------------------------------------------------------------------- */
#undef  WOLFSSL_DEBUG
//#define WOLFSSL_DEBUG

#ifdef WOLFSSL_DEBUG
    /* Use this to measure / print heap usage */
    #if 0
        #undef  USE_WOLFSSL_MEMORY
        #define USE_WOLFSSL_MEMORY

        #undef  WOLFSSL_TRACK_MEMORY
        #define WOLFSSL_TRACK_MEMORY
    #endif
#else
//    #undef  NO_WOLFSSL_MEMORY
//    #define NO_WOLFSSL_MEMORY

    #undef  NO_ERROR_STRINGS
    //#define NO_ERROR_STRINGS
#endif

//Enable wolfssl log print
#define DEBUG_WOLFSSL
#ifdef DEBUG_WOLFSSL
	#undef  WOLFSSL_DEBUG_ERRORS_ONLY

	#define WOLFSSL_USER_LOG(x)	do { printf(x); printf("\n"); } while(0);
#endif

/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
#undef  USE_FAST_MATH
#define USE_FAST_MATH

#ifdef USE_FAST_MATH
    #undef  TFM_TIMING_RESISTANT
    #define TFM_TIMING_RESISTANT

    #undef  TFM_NO_ASM
    //#define TFM_NO_ASM

    /* Optimizations (TFM_ARM, TFM_ASM or none) */
    //#define TFM_ASM
#endif


/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
/* ECC */
#if 1
    #undef  HAVE_ECC
    #define HAVE_ECC

    /* Manually define enabled curves */
    #undef  ECC_USER_CURVES
    #define ECC_USER_CURVES

    //#define HAVE_ECC192
    //#define HAVE_ECC224
    #undef NO_ECC256
    //#define HAVE_ECC384
    //#define HAVE_ECC521

    /* Fixed point cache (speeds repeated operations against same private key) */
    #undef  FP_ECC
    //#define FP_ECC
    #ifdef FP_ECC
        /* Bits / Entries */
        #undef  FP_ENTRIES
        #define FP_ENTRIES  2
        #undef  FP_LUT
        #define FP_LUT      4
    #endif

    /* Optional ECC calculation method */
    /* Note: doubles heap usage, but slightly faster */
    #undef  ECC_SHAMIR
    #define ECC_SHAMIR

    /* Reduces heap usage, but slower */
    #undef  ECC_TIMING_RESISTANT
    #define ECC_TIMING_RESISTANT

    #ifdef USE_FAST_MATH
        /* use reduced size math buffers for ecc points */
        #undef  ALT_ECC_SIZE
        #define ALT_ECC_SIZE

        /* optionally override the default max ecc bits */
        //#undef  FP_MAX_BITS_ECC
        //#define FP_MAX_BITS_ECC     512

        /* Enable TFM optimizations for ECC */
        //#define TFM_ECC192
        //#define TFM_ECC224
        //#define TFM_ECC256
        //#define TFM_ECC384
        //#define TFM_ECC521
    #endif
#endif

/* RSA */
#undef NO_RSA
#if 1
    #ifdef USE_FAST_MATH
        /* Maximum math bits (Max RSA key bits * 2) */
        #undef  FP_MAX_BITS
        #define FP_MAX_BITS     4096
    #endif

    /* half as much memory but twice as slow */
    #undef  RSA_LOW_MEM
    //#define RSA_LOW_MEM

    /* Enables blinding mode, to prevent timing attacks */
    #undef  WC_RSA_BLINDING
    #define WC_RSA_BLINDING

#else
    #define NO_RSA
#endif

/* AES */
#undef NO_AES
#if 1
    #undef  HAVE_AESGCM
    #define HAVE_AESGCM

    #ifdef HAVE_AESGCM
        /* GCM with hardware acceleration requires AES counter/direct for unaligned sizes */
        #undef  WOLFSSL_AES_COUNTER
        #define WOLFSSL_AES_COUNTER

        #undef  WOLFSSL_AES_DIRECT
        #define WOLFSSL_AES_DIRECT
    #endif

    /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
    #undef  GCM_SMALL
    #define GCM_SMALL
#else
    #define NO_AES
#endif

/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
#if 0
    #define HAVE_CHACHA
    #define HAVE_POLY1305

    /* Needed for Poly1305 */
    #undef  HAVE_ONE_TIME_AUTH
    #define HAVE_ONE_TIME_AUTH
#endif

/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
#if 0
    #define HAVE_CURVE25519
    #define HAVE_ED25519

    /* Optionally use small math (less flash usage, but much slower) */
    #if 0
        #define CURVED25519_SMALL
    #endif
#endif


/* ------------------------------------------------------------------------- */
/* Hashing */
/* ------------------------------------------------------------------------- */
/* Sha */
#undef NO_SHA
#if 1
    /* 1k smaller, but 25% slower */
    //#define USE_SLOW_SHA
#else
    #define NO_SHA
#endif

/* Sha256 */
#undef NO_SHA256
#if 1
    #if 1
        #define WOLFSSL_SHA224
    #endif
#else
    #define NO_SHA256
#endif

/* Sha512 */
#undef WOLFSSL_SHA512
#if 1
    #define WOLFSSL_SHA512

    /* Sha384 */
    #undef  WOLFSSL_SHA384
    #if 1
        #define WOLFSSL_SHA384
    #endif

    /* over twice as small, but 50% slower */
    //#define USE_SLOW_SHA2
#endif

/* MD5 */
// #undef  NO_MD5
// #if 1
//    /* enabled */
// #else
//    #define NO_MD5
// #endif


/* ------------------------------------------------------------------------- */
/* HW Crypto Acceleration */
/* ------------------------------------------------------------------------- */
// See settings.h STM32F4 section


/* ------------------------------------------------------------------------- */
/* Benchmark / Test */
/* ------------------------------------------------------------------------- */
/* Use reduced benchmark / test sizes */
//#undef  BENCH_EMBEDDED
//#define BENCH_EMBEDDED

//#undef  USE_CERT_BUFFERS_2048
//#define USE_CERT_BUFFERS_2048

//#undef  USE_CERT_BUFFERS_256
//#define USE_CERT_BUFFERS_256




/* ------------------------------------------------------------------------- */
/* Port */
/* ------------------------------------------------------------------------- */

/* Override Current Time */
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME


/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
/* Size of returned HW RNG value */
#define CUSTOM_RAND_TYPE      unsigned int

// 使用ARK随机数发生器
#define ARK_RNG

#define NO_OLD_RNGNAME

/* Choose RNG method */
/* Use built-in P-RNG (SHA256 based) with HW RNG */
/* P-RNG + HW RNG (P-RNG is ~8K) */
#undef  HAVE_HASHDRBG
#define HAVE_HASHDRBG

/* ------------------------------------------------------------------------- */
/* Enable Features */
/* ------------------------------------------------------------------------- */
#undef  KEEP_PEER_CERT
//#define KEEP_PEER_CERT

#undef  HAVE_COMP_KEY
//#define HAVE_COMP_KEY

#undef  HAVE_TLS_EXTENSIONS
#define HAVE_TLS_EXTENSIONS

#undef  HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES

#undef  WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE64_ENCODE

/* TLS Session Cache */
#if 0
    #define SMALL_SESSION_CACHE
#else
    #define NO_SESSION_CACHE
#endif

#undef  USER_TIME
#define USER_TIME   //需要在应用层定义自己的 time_t XTIME(time_t * timer) 函数，直接定义即可

/* ------------------------------------------------------------------------- */
/* Disable Features */
/* ------------------------------------------------------------------------- */
//#undef  NO_WOLFSSL_SERVER
////#define NO_WOLFSSL_SERVER

//#undef  NO_WOLFSSL_CLIENT
////#define NO_WOLFSSL_CLIENT

//#undef  NO_CRYPT_TEST
////#define NO_CRYPT_TEST

//#undef  NO_CRYPT_BENCHMARK
////#define NO_CRYPT_BENCHMARK

///* In-lining of misc.c functions */
///* If defined, must include wolfcrypt/src/misc.c in build */
///* Slower, but about 1k smaller */
//#undef  NO_INLINE
////#define NO_INLINE

//#undef  NO_FILESYSTEM
//#define NO_FILESYSTEM

//#undef  NO_WRITEV
//#define NO_WRITEV

//#undef  NO_MAIN_DRIVER
//#define NO_MAIN_DRIVER

////#undef  NO_DEV_RANDOM
////#define NO_DEV_RANDOM

//#undef  NO_DSA
//#define NO_DSA

//#undef  NO_DH
//#define NO_DH

//#undef  NO_DES3
//#define NO_DES3

//#undef  NO_RC4
//#define NO_RC4

//#undef  NO_OLD_TLS
//#define NO_OLD_TLS

//#undef  NO_HC128
//#define NO_HC128

//#undef  NO_RABBIT
//#define NO_RABBIT

//#undef  NO_PSK
//#define NO_PSK

//#undef  NO_MD4
//#define NO_MD4

//#undef  NO_PWDBASED
//#define NO_PWDBASED

#ifdef __cplusplus
}
#endif

#endif /* WOLFSSL_USER_SETTINGS_H */