Mercurial > dropbear
comparison libtomcrypt/src/headers/tomcrypt_custom.h @ 1476:8305ebe45940
Put Dropbear config in a separate file
Patch out MECC DER
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 09 Feb 2018 23:35:07 +0800 |
parents | 6dba84798cd5 |
children | 2d450c1056e3 |
comparison
equal
deleted
inserted
replaced
1475:59e66cdaf10f | 1476:8305ebe45940 |
---|---|
7 * guarantee it works. | 7 * guarantee it works. |
8 */ | 8 */ |
9 | 9 |
10 #ifndef TOMCRYPT_CUSTOM_H_ | 10 #ifndef TOMCRYPT_CUSTOM_H_ |
11 #define TOMCRYPT_CUSTOM_H_ | 11 #define TOMCRYPT_CUSTOM_H_ |
12 | |
13 #include "tomcrypt_dropbear.h" | |
12 | 14 |
13 /* macros for various libc functions you can change for embedded targets */ | 15 /* macros for various libc functions you can change for embedded targets */ |
14 #ifndef XMALLOC | 16 #ifndef XMALLOC |
15 #define XMALLOC malloc | 17 #define XMALLOC malloc |
16 #endif | 18 #endif |
136 #endif | 138 #endif |
137 /* Enable extended self-tests */ | 139 /* Enable extended self-tests */ |
138 /* #define LTC_TEST_EXT */ | 140 /* #define LTC_TEST_EXT */ |
139 | 141 |
140 /* Use small code where possible */ | 142 /* Use small code where possible */ |
141 #if DROPBEAR_SMALL_CODE | 143 /* #define LTC_SMALL_CODE */ |
142 #define LTC_SMALL_CODE | |
143 #endif | |
144 | 144 |
145 /* clean the stack of functions which put private information on stack */ | 145 /* clean the stack of functions which put private information on stack */ |
146 /* #define LTC_CLEAN_STACK */ | 146 /* #define LTC_CLEAN_STACK */ |
147 | 147 |
148 /* disable all file related functions */ | 148 /* disable all file related functions */ |
172 #endif /* LTC_NO_MATH */ | 172 #endif /* LTC_NO_MATH */ |
173 | 173 |
174 /* ---> Symmetric Block Ciphers <--- */ | 174 /* ---> Symmetric Block Ciphers <--- */ |
175 #ifndef LTC_NO_CIPHERS | 175 #ifndef LTC_NO_CIPHERS |
176 | 176 |
177 #if DROPBEAR_BLOWFISH | |
178 #define LTC_BLOWFISH | 177 #define LTC_BLOWFISH |
179 #endif | 178 #define LTC_RC2 |
180 #if DROPBEAR_AES | 179 #define LTC_RC5 |
180 #define LTC_RC6 | |
181 #define LTC_SAFERP | |
181 #define LTC_RIJNDAEL | 182 #define LTC_RIJNDAEL |
182 #endif | 183 #define LTC_XTEA |
183 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format | 184 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format |
184 * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */ | 185 * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */ |
185 #if DROPBEAR_TWOFISH | |
186 #define LTC_TWOFISH | 186 #define LTC_TWOFISH |
187 #define LTC_TWOFISH_SMALL | 187 #ifndef LTC_NO_TABLES |
188 #endif | 188 #define LTC_TWOFISH_TABLES |
189 | 189 /* #define LTC_TWOFISH_ALL_TABLES */ |
190 #if DROPBEAR_3DES | 190 #else |
191 #define LTC_TWOFISH_SMALL | |
192 #endif | |
193 /* #define LTC_TWOFISH_SMALL */ | |
194 /* LTC_DES includes EDE triple-DES */ | |
191 #define LTC_DES | 195 #define LTC_DES |
192 #endif | 196 #define LTC_CAST5 |
197 #define LTC_NOEKEON | |
198 #define LTC_SKIPJACK | |
199 #define LTC_SAFER | |
200 #define LTC_KHAZAD | |
201 #define LTC_ANUBIS | |
202 #define LTC_ANUBIS_TWEAK | |
203 #define LTC_KSEED | |
204 #define LTC_KASUMI | |
205 #define LTC_MULTI2 | |
206 #define LTC_CAMELLIA | |
193 | 207 |
194 /* stream ciphers */ | 208 /* stream ciphers */ |
209 #define LTC_CHACHA | |
210 #define LTC_RC4_STREAM | |
211 #define LTC_SOBER128_STREAM | |
195 | 212 |
196 #endif /* LTC_NO_CIPHERS */ | 213 #endif /* LTC_NO_CIPHERS */ |
197 | 214 |
198 | 215 |
199 /* ---> Block Cipher Modes of Operation <--- */ | 216 /* ---> Block Cipher Modes of Operation <--- */ |
200 #ifndef LTC_NO_MODES | 217 #ifndef LTC_NO_MODES |
201 | 218 |
202 #if DROPBEAR_ENABLE_CTR_MODE | 219 #define LTC_CFB_MODE |
220 #define LTC_OFB_MODE | |
221 #define LTC_ECB_MODE | |
203 #define LTC_CBC_MODE | 222 #define LTC_CBC_MODE |
204 #endif | |
205 | |
206 #if DROPBEAR_ENABLE_CTR_MODE | |
207 #define LTC_CTR_MODE | 223 #define LTC_CTR_MODE |
208 #endif | 224 |
225 /* F8 chaining mode */ | |
226 #define LTC_F8_MODE | |
227 | |
228 /* LRW mode */ | |
229 #define LTC_LRW_MODE | |
230 #ifndef LTC_NO_TABLES | |
231 /* like GCM mode this will enable 16 8x128 tables [64KB] that make | |
232 * seeking very fast. | |
233 */ | |
234 #define LTC_LRW_TABLES | |
235 #endif | |
236 | |
237 /* XTS mode */ | |
238 #define LTC_XTS_MODE | |
209 | 239 |
210 #endif /* LTC_NO_MODES */ | 240 #endif /* LTC_NO_MODES */ |
211 | 241 |
212 /* ---> One-Way Hash Functions <--- */ | 242 /* ---> One-Way Hash Functions <--- */ |
213 #ifndef LTC_NO_HASHES | 243 #ifndef LTC_NO_HASHES |
214 | 244 |
215 #if DROPBEAR_SHA512 | 245 #define LTC_CHC_HASH |
246 #define LTC_WHIRLPOOL | |
247 #define LTC_SHA3 | |
216 #define LTC_SHA512 | 248 #define LTC_SHA512 |
217 #endif | 249 #define LTC_SHA512_256 |
218 | 250 #define LTC_SHA512_224 |
219 #if DROPBEAR_SHA384 | |
220 #define LTC_SHA384 | 251 #define LTC_SHA384 |
221 #endif | |
222 | |
223 #if DROPBEAR_SHA256 | |
224 #define LTC_SHA256 | 252 #define LTC_SHA256 |
225 #endif | 253 #define LTC_SHA224 |
226 | 254 #define LTC_TIGER |
227 #define LTC_SHA1 | 255 #define LTC_SHA1 |
228 | |
229 #if DROPBEAR_MD5 | |
230 #define LTC_MD5 | 256 #define LTC_MD5 |
231 #endif | 257 #define LTC_MD4 |
258 #define LTC_MD2 | |
259 #define LTC_RIPEMD128 | |
260 #define LTC_RIPEMD160 | |
261 #define LTC_RIPEMD256 | |
262 #define LTC_RIPEMD320 | |
263 #define LTC_BLAKE2S | |
264 #define LTC_BLAKE2B | |
265 | |
266 #define LTC_HASH_HELPERS | |
232 | 267 |
233 #endif /* LTC_NO_HASHES */ | 268 #endif /* LTC_NO_HASHES */ |
234 | 269 |
235 | 270 |
236 /* ---> MAC functions <--- */ | 271 /* ---> MAC functions <--- */ |
237 #ifndef LTC_NO_MACS | 272 #ifndef LTC_NO_MACS |
238 | 273 |
239 #define LTC_HMAC | 274 #define LTC_HMAC |
275 #define LTC_OMAC | |
276 #define LTC_PMAC | |
277 #define LTC_XCBC | |
278 #define LTC_F9_MODE | |
279 #define LTC_PELICAN | |
280 #define LTC_POLY1305 | |
281 #define LTC_BLAKE2SMAC | |
282 #define LTC_BLAKE2BMAC | |
240 | 283 |
241 /* ---> Encrypt + Authenticate Modes <--- */ | 284 /* ---> Encrypt + Authenticate Modes <--- */ |
285 | |
286 #define LTC_EAX_MODE | |
287 | |
288 #define LTC_OCB_MODE | |
289 #define LTC_OCB3_MODE | |
290 #define LTC_CCM_MODE | |
291 #define LTC_GCM_MODE | |
292 #define LTC_CHACHA20POLY1305_MODE | |
242 | 293 |
243 /* Use 64KiB tables */ | 294 /* Use 64KiB tables */ |
244 #ifndef LTC_NO_TABLES | 295 #ifndef LTC_NO_TABLES |
245 #define LTC_GCM_TABLES | 296 #define LTC_GCM_TABLES |
246 #endif | 297 #endif |
254 | 305 |
255 | 306 |
256 /* --> Pseudo Random Number Generators <--- */ | 307 /* --> Pseudo Random Number Generators <--- */ |
257 #ifndef LTC_NO_PRNGS | 308 #ifndef LTC_NO_PRNGS |
258 | 309 |
310 /* Yarrow */ | |
311 #define LTC_YARROW | |
312 | |
313 /* a PRNG that simply reads from an available system source */ | |
314 #define LTC_SPRNG | |
315 | |
316 /* The RC4 stream cipher based PRNG */ | |
317 #define LTC_RC4 | |
318 | |
319 /* The ChaCha20 stream cipher based PRNG */ | |
320 #define LTC_CHACHA20_PRNG | |
321 | |
322 /* Fortuna PRNG */ | |
323 #define LTC_FORTUNA | |
324 | |
325 /* Greg's SOBER128 stream cipher based PRNG */ | |
326 #define LTC_SOBER128 | |
327 | |
328 /* the *nix style /dev/random device */ | |
329 #define LTC_DEVRANDOM | |
259 /* try /dev/urandom before trying /dev/random | 330 /* try /dev/urandom before trying /dev/random |
260 * are you sure you want to disable this? http://www.2uo.de/myths-about-urandom/ */ | 331 * are you sure you want to disable this? http://www.2uo.de/myths-about-urandom/ */ |
261 #define LTC_TRY_URANDOM_FIRST | 332 #define LTC_TRY_URANDOM_FIRST |
262 /* rng_get_bytes() */ | 333 /* rng_get_bytes() */ |
263 #define LTC_RNG_GET_BYTES | 334 #define LTC_RNG_GET_BYTES |
288 #define LTC_FORTUNA_WD 10 | 359 #define LTC_FORTUNA_WD 10 |
289 #endif | 360 #endif |
290 | 361 |
291 #ifndef LTC_FORTUNA_POOLS | 362 #ifndef LTC_FORTUNA_POOLS |
292 /* number of pools (4..32) can save a bit of ram by lowering the count */ | 363 /* number of pools (4..32) can save a bit of ram by lowering the count */ |
293 #define LTC_FORTUNA_POOLS 0 | 364 #define LTC_FORTUNA_POOLS 32 |
294 #endif | 365 #endif |
295 | 366 |
296 #endif /* LTC_FORTUNA */ | 367 #endif /* LTC_FORTUNA */ |
297 | 368 |
298 | 369 |
299 /* ---> Public Key Crypto <--- */ | 370 /* ---> Public Key Crypto <--- */ |
300 #ifndef LTC_NO_PK | 371 #ifndef LTC_NO_PK |
301 | 372 |
373 /* Include RSA support */ | |
374 #define LTC_MRSA | |
375 | |
376 /* Include Diffie-Hellman support */ | |
377 /* is_prime fails for GMP */ | |
378 #define LTC_MDH | |
379 /* Supported Key Sizes */ | |
380 #define LTC_DH768 | |
381 #define LTC_DH1024 | |
382 #define LTC_DH1536 | |
383 #define LTC_DH2048 | |
384 | |
385 #ifndef TFM_DESC | |
386 /* tfm has a problem in fp_isprime for larger key sizes */ | |
387 #define LTC_DH3072 | |
388 #define LTC_DH4096 | |
389 #define LTC_DH6144 | |
390 #define LTC_DH8192 | |
391 #endif | |
392 | |
302 /* Include Katja (a Rabin variant like RSA) */ | 393 /* Include Katja (a Rabin variant like RSA) */ |
303 /* #define LTC_MKAT */ | 394 /* #define LTC_MKAT */ |
304 | 395 |
396 /* Digital Signature Algorithm */ | |
397 #define LTC_MDSA | |
398 | |
305 /* ECC */ | 399 /* ECC */ |
306 #if DROPBEAR_ECC | |
307 #define LTC_MECC | 400 #define LTC_MECC |
308 #define LTM_DESC | |
309 | 401 |
310 /* use Shamir's trick for point mul (speeds up signature verification) */ | 402 /* use Shamir's trick for point mul (speeds up signature verification) */ |
311 #define LTC_ECC_SHAMIR | 403 #define LTC_ECC_SHAMIR |
312 | 404 |
313 #if DROPBEAR_ECC_256 | |
314 #define ECC256 | |
315 #endif | |
316 #if DROPBEAR_ECC_384 | |
317 #define ECC384 | |
318 #endif | |
319 #if DROPBEAR_ECC_521 | |
320 #define ECC521 | |
321 #endif | |
322 | |
323 #endif /* DROPBEAR_ECC */ | |
324 | |
325 #if defined(TFM_DESC) && defined(LTC_MECC) | 405 #if defined(TFM_DESC) && defined(LTC_MECC) |
326 #define LTC_MECC_ACCEL | 406 #define LTC_MECC_ACCEL |
327 #endif | 407 #endif |
328 | 408 |
329 /* do we want fixed point ECC */ | 409 /* do we want fixed point ECC */ |
330 /* #define LTC_MECC_FP */ | 410 /* #define LTC_MECC_FP */ |
331 | 411 |
332 #endif /* LTC_NO_PK */ | 412 #endif /* LTC_NO_PK */ |
360 /* misc stuff */ | 440 /* misc stuff */ |
361 #ifndef LTC_NO_MISC | 441 #ifndef LTC_NO_MISC |
362 | 442 |
363 /* Various tidbits of modern neatoness */ | 443 /* Various tidbits of modern neatoness */ |
364 #define LTC_BASE64 | 444 #define LTC_BASE64 |
445 /* ... and it's URL safe version */ | |
446 #define LTC_BASE64_URL | |
365 | 447 |
366 /* Keep LTC_NO_HKDF for compatibility reasons | 448 /* Keep LTC_NO_HKDF for compatibility reasons |
367 * superseeded by LTC_NO_MISC*/ | 449 * superseeded by LTC_NO_MISC*/ |
368 #ifndef LTC_NO_HKDF | 450 #ifndef LTC_NO_HKDF |
369 /* HKDF Key Derivation/Expansion stuff */ | 451 /* HKDF Key Derivation/Expansion stuff */ |
376 | 458 |
377 #endif /* LTC_NO_MISC */ | 459 #endif /* LTC_NO_MISC */ |
378 | 460 |
379 /* cleanup */ | 461 /* cleanup */ |
380 | 462 |
463 #ifdef LTC_MECC | |
464 /* Supported ECC Key Sizes */ | |
465 #ifndef LTC_NO_CURVES | |
466 #define LTC_ECC112 | |
467 #define LTC_ECC128 | |
468 #define LTC_ECC160 | |
469 #define LTC_ECC192 | |
470 #define LTC_ECC224 | |
471 #define LTC_ECC256 | |
472 #define LTC_ECC384 | |
473 #define LTC_ECC521 | |
474 #endif | |
475 #endif | |
476 | |
381 #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) | 477 #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) |
382 /* Include the MPI functionality? (required by the PK algorithms) */ | 478 /* Include the MPI functionality? (required by the PK algorithms) */ |
383 #define LTC_MPI | 479 #define LTC_MPI |
384 | 480 |
385 #ifndef LTC_PK_MAX_RETRIES | 481 #ifndef LTC_PK_MAX_RETRIES |
388 #endif | 484 #endif |
389 #endif | 485 #endif |
390 | 486 |
391 #ifdef LTC_MRSA | 487 #ifdef LTC_MRSA |
392 #define LTC_PKCS_1 | 488 #define LTC_PKCS_1 |
393 #endif | 489 #endif |
394 | 490 |
395 #if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL) | 491 #if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL) |
396 #error Pelican-MAC requires LTC_RIJNDAEL | 492 #error Pelican-MAC requires LTC_RIJNDAEL |
397 #endif | 493 #endif |
398 | 494 |
406 | 502 |
407 #if defined(LTC_DER) && !defined(LTC_MPI) | 503 #if defined(LTC_DER) && !defined(LTC_MPI) |
408 #error ASN.1 DER requires MPI functionality | 504 #error ASN.1 DER requires MPI functionality |
409 #endif | 505 #endif |
410 | 506 |
411 #if (defined(LTC_MDSA) || defined(LTC_MRSA) || defined(LTC_MECC) || defined(LTC_MKAT)) && !defined(LTC_DER) | 507 /* Dropbear patched out LTC_MECC */ |
508 #if (defined(LTC_MDSA) || defined(LTC_MRSA) || /*defined(LTC_MECC) ||*/ defined(LTC_MKAT)) && !defined(LTC_DER) | |
412 #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled | 509 #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled |
413 #endif | 510 #endif |
414 | 511 |
415 #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) | 512 #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) |
416 #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 | 513 #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 |