forked from wolfSSL/wolfssl
-
Notifications
You must be signed in to change notification settings - Fork 2
/
user_settings.h
156 lines (142 loc) · 4.11 KB
/
user_settings.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
#ifndef _WIN_USER_SETTINGS_H_
#define _WIN_USER_SETTINGS_H_
/* For FIPS 140-2 3389 build set to "#if 1" */
#if 0
#undef HAVE_FIPS
#define HAVE_FIPS
#undef HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 2
#undef HAVE_FIPS_VERSION_MINOR
#define HAVE_FIPS_VERSION_MINOR 0
#endif
/* Set the following to 1 for WCv5.0-RC12 build. */
#if 0
#undef HAVE_FIPS
#define HAVE_FIPS
#undef HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 5
#undef HAVE_FIPS_VERSION_MINOR
#define HAVE_FIPS_VERSION_MINOR 2
#endif
/* For FIPS Ready, uncomment the following: */
/* #define WOLFSSL_FIPS_READY */
#ifdef WOLFSSL_FIPS_READY
#undef HAVE_FIPS
#define HAVE_FIPS
#undef HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 5
#undef HAVE_FIPS_VERSION_MINOR
#define HAVE_FIPS_VERSION_MINOR 3
#endif
/* Verify this is Windows */
#ifndef _WIN32
#error This user_settings.h header is only designed for Windows
#endif
/* Configurations */
#if defined(HAVE_FIPS)
/* FIPS */
#define OPENSSL_EXTRA
#define HAVE_THREAD_LS
#define WOLFSSL_KEY_GEN
#define HAVE_AESGCM
#define HAVE_HASHDRBG
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define NO_PSK
#define NO_RC4
#define NO_DSA
#define NO_MD4
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#define WOLFSSL_SHA224
#define WOLFSSL_SHA3
#define WC_RSA_PSS
#define WC_RSA_NO_PADDING
#define HAVE_ECC
#define HAVE_ECC384
#define HAVE_ECC521
#define HAVE_SUPPORTED_CURVES
#define HAVE_TLS_EXTENSIONS
#define ECC_SHAMIR
#define HAVE_ECC_CDH
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define WOLFSSL_AES_COUNTER
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define HAVE_AESCCM
#define WOLFSSL_CMAC
#define HAVE_HKDF
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#define HAVE_PUBLIC_FFDHE
#ifdef _WIN64
#define WOLFSSL_AESNI
#define HAVE_INTEL_RDSEED
#endif
#define FORCE_FAILURE_RDSEED
#endif /* FIPS v2 */
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
#undef WOLFSSL_AESNI /* Comment out if using PAA */
#undef HAVE_INTEL_RDSEED
#undef FORCE_FAILURE_RDSEED
#undef HAVE_PUBLIC_FFDHE
#define NO_DES
#define NO_DES3
#define NO_MD5
#define NO_OLD_TLS
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define GCM_TABLE_4BIT
#define WOLFSSL_NO_SHAKE256
#define WOLFSSL_VALIDATE_ECC_KEYGEN
#define WOLFSSL_ECDSA_SET_K
#define WOLFSSL_WOLFSSH
#define WOLFSSL_PUBLIC_MP
#define WC_RNG_SEED_CB
#define TFM_ECC256
#define ECC_USER_CURVES
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ECC384
#define HAVE_ECC521
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define WOLFSSL_AES_OFB
#define FP_MAX_BITS 16384
#endif /* FIPS v5 */
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 6)
#define WOLFSSL_AES_XTS
#endif
#else
/* Enables blinding mode, to prevent timing attacks */
#define WC_RSA_BLINDING
#if defined(WOLFSSL_LIB)
/* The lib */
#define OPENSSL_EXTRA
#define WOLFSSL_RIPEMD
#define NO_PSK
#define HAVE_EXTENDED_MASTER
#define WOLFSSL_SNIFFER
#define HAVE_SECURE_RENEGOTIATION
#define HAVE_AESGCM
#define WOLFSSL_AES_XTS
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define HAVE_SUPPORTED_CURVES
#define HAVE_TLS_EXTENSIONS
#define HAVE_ECC
#define ECC_SHAMIR
#define ECC_TIMING_RESISTANT
#else
/* The servers and clients */
#define OPENSSL_EXTRA
#define NO_PSK
#endif
#endif /* HAVE_FIPS */
#endif /* _WIN_USER_SETTINGS_H_ */