diff --git a/include/user_settings.h b/include/user_settings.h index 3b2a37626..3ba861bcc 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -51,6 +51,9 @@ extern int tolower(int c); #if defined(WOLFBOOT_TPM_KEYSTORE) || defined(WOLFBOOT_TPM_SEAL) # define WOLFBOOT_TPM_PARMENC /* used in this file to gate features */ +# if defined(SIGN_ECC256) || defined(SIGN_ECC384) || defined(SIGN_ECC521) +# define HAVE_ECC_KEY_EXPORT +# endif #endif /* ED25519 and SHA512 */ @@ -103,21 +106,22 @@ extern int tolower(int c); /* ECC options disabled to reduce size */ -#ifndef WOLFCRYPT_SECURE_MODE +#if !defined(WOLFCRYPT_SECURE_MODE) # define HAVE_ECC -# define NO_ECC_SIGN -# define NO_ECC_EXPORT -# define NO_ECC_KEY_EXPORT -# define NO_ASN +# if !defined(WOLFBOOT_TPM_PARMENC) +# define NO_ECC_SIGN +# define NO_ECC_EXPORT +# define NO_ECC_KEY_EXPORT +# endif #else # define HAVE_ECC_SIGN -//# define HAVE_ECC_CDH +# define HAVE_ECC_CDH # define WOLFSSL_SP # define WOLFSSL_SP_MATH # define WOLFSSL_SP_SMALL # define SP_WORD_SIZE 32 # define WOLFSSL_HAVE_SP_ECC -//# define WOLFSSL_SP_MATH_ALL +# define WOLFSSL_SP_MATH_ALL # define WOLFSSL_KEY_GEN # define HAVE_ECC_KEY_EXPORT @@ -151,7 +155,6 @@ int hal_trng_get_entropy(unsigned char *out, unsigned len); # endif #endif # define NO_RSA - #endif /* WOLFBOOT_SIGN_ECC521 || WOLFBOOT_SIGN_ECC384 || WOLFBOOT_SIGN_ECC256 */ #ifdef WOLFBOOT_SIGN_RSA2048 @@ -343,6 +346,7 @@ int hal_trng_get_entropy(unsigned char *out, unsigned len); #define WC_NO_HASHDRBG #define NO_DEV_RANDOM #define NO_ECC_KEY_EXPORT + #define NO_ASN #endif #define NO_CMAC