Mercurial > dropbear

comparison libtomcrypt/src/headers/tomcrypt_custom.h @ 1476:8305ebe45940

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Put Dropbear config in a separate file Patch out MECC DER
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 23:35:07 +0800
parents 6dba84798cd5
children 2d450c1056e3
comparison
equal deleted inserted replaced
1475:59e66cdaf10f 1476:8305ebe45940
7 * guarantee it works. 7 * guarantee it works.
8 */ 8 */
9 9
10 #ifndef TOMCRYPT_CUSTOM_H_ 10 #ifndef TOMCRYPT_CUSTOM_H_
11 #define TOMCRYPT_CUSTOM_H_ 11 #define TOMCRYPT_CUSTOM_H_
12
13 #include "tomcrypt_dropbear.h"
12 14
13 /* macros for various libc functions you can change for embedded targets */ 15 /* macros for various libc functions you can change for embedded targets */
14 #ifndef XMALLOC 16 #ifndef XMALLOC
15 #define XMALLOC malloc 17 #define XMALLOC malloc
16 #endif 18 #endif
136 #endif 138 #endif
137 /* Enable extended self-tests */ 139 /* Enable extended self-tests */
138 /* #define LTC_TEST_EXT */ 140 /* #define LTC_TEST_EXT */
139 141
140 /* Use small code where possible */ 142 /* Use small code where possible */
141 #if DROPBEAR_SMALL_CODE 143 /* #define LTC_SMALL_CODE */
142 #define LTC_SMALL_CODE
143 #endif
144 144
145 /* clean the stack of functions which put private information on stack */ 145 /* clean the stack of functions which put private information on stack */
146 /* #define LTC_CLEAN_STACK */ 146 /* #define LTC_CLEAN_STACK */
147 147
148 /* disable all file related functions */ 148 /* disable all file related functions */
172 #endif /* LTC_NO_MATH */ 172 #endif /* LTC_NO_MATH */
173 173
174 /* ---> Symmetric Block Ciphers <--- */ 174 /* ---> Symmetric Block Ciphers <--- */
175 #ifndef LTC_NO_CIPHERS 175 #ifndef LTC_NO_CIPHERS
176 176
177 #if DROPBEAR_BLOWFISH
178 #define LTC_BLOWFISH 177 #define LTC_BLOWFISH
179 #endif 178 #define LTC_RC2
180 #if DROPBEAR_AES 179 #define LTC_RC5
180 #define LTC_RC6
181 #define LTC_SAFERP
181 #define LTC_RIJNDAEL 182 #define LTC_RIJNDAEL
182 #endif 183 #define LTC_XTEA
183 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format 184 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format
184 * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */ 185 * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */
185 #if DROPBEAR_TWOFISH
186 #define LTC_TWOFISH 186 #define LTC_TWOFISH
187 #define LTC_TWOFISH_SMALL 187 #ifndef LTC_NO_TABLES
188 #endif 188 #define LTC_TWOFISH_TABLES
189 189 /* #define LTC_TWOFISH_ALL_TABLES */
190 #if DROPBEAR_3DES 190 #else
191 #define LTC_TWOFISH_SMALL
192 #endif
193 /* #define LTC_TWOFISH_SMALL */
194 /* LTC_DES includes EDE triple-DES */
191 #define LTC_DES 195 #define LTC_DES
192 #endif 196 #define LTC_CAST5
197 #define LTC_NOEKEON
198 #define LTC_SKIPJACK
199 #define LTC_SAFER
200 #define LTC_KHAZAD
201 #define LTC_ANUBIS
202 #define LTC_ANUBIS_TWEAK
203 #define LTC_KSEED
204 #define LTC_KASUMI
205 #define LTC_MULTI2
206 #define LTC_CAMELLIA
193 207
194 /* stream ciphers */ 208 /* stream ciphers */
209 #define LTC_CHACHA
210 #define LTC_RC4_STREAM
211 #define LTC_SOBER128_STREAM
195 212
196 #endif /* LTC_NO_CIPHERS */ 213 #endif /* LTC_NO_CIPHERS */
197 214
198 215
199 /* ---> Block Cipher Modes of Operation <--- */ 216 /* ---> Block Cipher Modes of Operation <--- */
200 #ifndef LTC_NO_MODES 217 #ifndef LTC_NO_MODES
201 218
202 #if DROPBEAR_ENABLE_CTR_MODE 219 #define LTC_CFB_MODE
220 #define LTC_OFB_MODE
221 #define LTC_ECB_MODE
203 #define LTC_CBC_MODE 222 #define LTC_CBC_MODE
204 #endif
205
206 #if DROPBEAR_ENABLE_CTR_MODE
207 #define LTC_CTR_MODE 223 #define LTC_CTR_MODE
208 #endif 224
225 /* F8 chaining mode */
226 #define LTC_F8_MODE
227
228 /* LRW mode */
229 #define LTC_LRW_MODE
230 #ifndef LTC_NO_TABLES
231 /* like GCM mode this will enable 16 8x128 tables [64KB] that make
232 * seeking very fast.
233 */
234 #define LTC_LRW_TABLES
235 #endif
236
237 /* XTS mode */
238 #define LTC_XTS_MODE
209 239
210 #endif /* LTC_NO_MODES */ 240 #endif /* LTC_NO_MODES */
211 241
212 /* ---> One-Way Hash Functions <--- */ 242 /* ---> One-Way Hash Functions <--- */
213 #ifndef LTC_NO_HASHES 243 #ifndef LTC_NO_HASHES
214 244
215 #if DROPBEAR_SHA512 245 #define LTC_CHC_HASH
246 #define LTC_WHIRLPOOL
247 #define LTC_SHA3
216 #define LTC_SHA512 248 #define LTC_SHA512
217 #endif 249 #define LTC_SHA512_256
218 250 #define LTC_SHA512_224
219 #if DROPBEAR_SHA384
220 #define LTC_SHA384 251 #define LTC_SHA384
221 #endif
222
223 #if DROPBEAR_SHA256
224 #define LTC_SHA256 252 #define LTC_SHA256
225 #endif 253 #define LTC_SHA224
226 254 #define LTC_TIGER
227 #define LTC_SHA1 255 #define LTC_SHA1
228
229 #if DROPBEAR_MD5
230 #define LTC_MD5 256 #define LTC_MD5
231 #endif 257 #define LTC_MD4
258 #define LTC_MD2
259 #define LTC_RIPEMD128
260 #define LTC_RIPEMD160
261 #define LTC_RIPEMD256
262 #define LTC_RIPEMD320
263 #define LTC_BLAKE2S
264 #define LTC_BLAKE2B
265
266 #define LTC_HASH_HELPERS
232 267
233 #endif /* LTC_NO_HASHES */ 268 #endif /* LTC_NO_HASHES */
234 269
235 270
236 /* ---> MAC functions <--- */ 271 /* ---> MAC functions <--- */
237 #ifndef LTC_NO_MACS 272 #ifndef LTC_NO_MACS
238 273
239 #define LTC_HMAC 274 #define LTC_HMAC
275 #define LTC_OMAC
276 #define LTC_PMAC
277 #define LTC_XCBC
278 #define LTC_F9_MODE
279 #define LTC_PELICAN
280 #define LTC_POLY1305
281 #define LTC_BLAKE2SMAC
282 #define LTC_BLAKE2BMAC
240 283
241 /* ---> Encrypt + Authenticate Modes <--- */ 284 /* ---> Encrypt + Authenticate Modes <--- */
285
286 #define LTC_EAX_MODE
287
288 #define LTC_OCB_MODE
289 #define LTC_OCB3_MODE
290 #define LTC_CCM_MODE
291 #define LTC_GCM_MODE
292 #define LTC_CHACHA20POLY1305_MODE
242 293
243 /* Use 64KiB tables */ 294 /* Use 64KiB tables */
244 #ifndef LTC_NO_TABLES 295 #ifndef LTC_NO_TABLES
245 #define LTC_GCM_TABLES 296 #define LTC_GCM_TABLES
246 #endif 297 #endif
254 305
255 306
256 /* --> Pseudo Random Number Generators <--- */ 307 /* --> Pseudo Random Number Generators <--- */
257 #ifndef LTC_NO_PRNGS 308 #ifndef LTC_NO_PRNGS
258 309
310 /* Yarrow */
311 #define LTC_YARROW
312
313 /* a PRNG that simply reads from an available system source */
314 #define LTC_SPRNG
315
316 /* The RC4 stream cipher based PRNG */
317 #define LTC_RC4
318
319 /* The ChaCha20 stream cipher based PRNG */
320 #define LTC_CHACHA20_PRNG
321
322 /* Fortuna PRNG */
323 #define LTC_FORTUNA
324
325 /* Greg's SOBER128 stream cipher based PRNG */
326 #define LTC_SOBER128
327
328 /* the *nix style /dev/random device */
329 #define LTC_DEVRANDOM
259 /* try /dev/urandom before trying /dev/random 330 /* try /dev/urandom before trying /dev/random
260 * are you sure you want to disable this? http://www.2uo.de/myths-about-urandom/ */ 331 * are you sure you want to disable this? http://www.2uo.de/myths-about-urandom/ */
261 #define LTC_TRY_URANDOM_FIRST 332 #define LTC_TRY_URANDOM_FIRST
262 /* rng_get_bytes() */ 333 /* rng_get_bytes() */
263 #define LTC_RNG_GET_BYTES 334 #define LTC_RNG_GET_BYTES
288 #define LTC_FORTUNA_WD 10 359 #define LTC_FORTUNA_WD 10
289 #endif 360 #endif
290 361
291 #ifndef LTC_FORTUNA_POOLS 362 #ifndef LTC_FORTUNA_POOLS
292 /* number of pools (4..32) can save a bit of ram by lowering the count */ 363 /* number of pools (4..32) can save a bit of ram by lowering the count */
293 #define LTC_FORTUNA_POOLS 0 364 #define LTC_FORTUNA_POOLS 32
294 #endif 365 #endif
295 366
296 #endif /* LTC_FORTUNA */ 367 #endif /* LTC_FORTUNA */
297 368
298 369
299 /* ---> Public Key Crypto <--- */ 370 /* ---> Public Key Crypto <--- */
300 #ifndef LTC_NO_PK 371 #ifndef LTC_NO_PK
301 372
373 /* Include RSA support */
374 #define LTC_MRSA
375
376 /* Include Diffie-Hellman support */
377 /* is_prime fails for GMP */
378 #define LTC_MDH
379 /* Supported Key Sizes */
380 #define LTC_DH768
381 #define LTC_DH1024
382 #define LTC_DH1536
383 #define LTC_DH2048
384
385 #ifndef TFM_DESC
386 /* tfm has a problem in fp_isprime for larger key sizes */
387 #define LTC_DH3072
388 #define LTC_DH4096
389 #define LTC_DH6144
390 #define LTC_DH8192
391 #endif
392
302 /* Include Katja (a Rabin variant like RSA) */ 393 /* Include Katja (a Rabin variant like RSA) */
303 /* #define LTC_MKAT */ 394 /* #define LTC_MKAT */
304 395
396 /* Digital Signature Algorithm */
397 #define LTC_MDSA
398
305 /* ECC */ 399 /* ECC */
306 #if DROPBEAR_ECC
307 #define LTC_MECC 400 #define LTC_MECC
308 #define LTM_DESC
309 401
310 /* use Shamir's trick for point mul (speeds up signature verification) */ 402 /* use Shamir's trick for point mul (speeds up signature verification) */
311 #define LTC_ECC_SHAMIR 403 #define LTC_ECC_SHAMIR
312 404
313 #if DROPBEAR_ECC_256
314 #define ECC256
315 #endif
316 #if DROPBEAR_ECC_384
317 #define ECC384
318 #endif
319 #if DROPBEAR_ECC_521
320 #define ECC521
321 #endif
322
323 #endif /* DROPBEAR_ECC */
324
325 #if defined(TFM_DESC) && defined(LTC_MECC) 405 #if defined(TFM_DESC) && defined(LTC_MECC)
326 #define LTC_MECC_ACCEL 406 #define LTC_MECC_ACCEL
327 #endif 407 #endif
328 408
329 /* do we want fixed point ECC */ 409 /* do we want fixed point ECC */
330 /* #define LTC_MECC_FP */ 410 /* #define LTC_MECC_FP */
331 411
332 #endif /* LTC_NO_PK */ 412 #endif /* LTC_NO_PK */
360 /* misc stuff */ 440 /* misc stuff */
361 #ifndef LTC_NO_MISC 441 #ifndef LTC_NO_MISC
362 442
363 /* Various tidbits of modern neatoness */ 443 /* Various tidbits of modern neatoness */
364 #define LTC_BASE64 444 #define LTC_BASE64
445 /* ... and it's URL safe version */
446 #define LTC_BASE64_URL
365 447
366 /* Keep LTC_NO_HKDF for compatibility reasons 448 /* Keep LTC_NO_HKDF for compatibility reasons
367 * superseeded by LTC_NO_MISC*/ 449 * superseeded by LTC_NO_MISC*/
368 #ifndef LTC_NO_HKDF 450 #ifndef LTC_NO_HKDF
369 /* HKDF Key Derivation/Expansion stuff */ 451 /* HKDF Key Derivation/Expansion stuff */
376 458
377 #endif /* LTC_NO_MISC */ 459 #endif /* LTC_NO_MISC */
378 460
379 /* cleanup */ 461 /* cleanup */
380 462
463 #ifdef LTC_MECC
464 /* Supported ECC Key Sizes */
465 #ifndef LTC_NO_CURVES
466 #define LTC_ECC112
467 #define LTC_ECC128
468 #define LTC_ECC160
469 #define LTC_ECC192
470 #define LTC_ECC224
471 #define LTC_ECC256
472 #define LTC_ECC384
473 #define LTC_ECC521
474 #endif
475 #endif
476
381 #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT) 477 #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT)
382 /* Include the MPI functionality? (required by the PK algorithms) */ 478 /* Include the MPI functionality? (required by the PK algorithms) */
383 #define LTC_MPI 479 #define LTC_MPI
384 480
385 #ifndef LTC_PK_MAX_RETRIES 481 #ifndef LTC_PK_MAX_RETRIES
388 #endif 484 #endif
389 #endif 485 #endif
390 486
391 #ifdef LTC_MRSA 487 #ifdef LTC_MRSA
392 #define LTC_PKCS_1 488 #define LTC_PKCS_1
393 #endif 489 #endif
394 490
395 #if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL) 491 #if defined(LTC_PELICAN) && !defined(LTC_RIJNDAEL)
396 #error Pelican-MAC requires LTC_RIJNDAEL 492 #error Pelican-MAC requires LTC_RIJNDAEL
397 #endif 493 #endif
398 494
406 502
407 #if defined(LTC_DER) && !defined(LTC_MPI) 503 #if defined(LTC_DER) && !defined(LTC_MPI)
408 #error ASN.1 DER requires MPI functionality 504 #error ASN.1 DER requires MPI functionality
409 #endif 505 #endif
410 506
411 #if (defined(LTC_MDSA) || defined(LTC_MRSA) || defined(LTC_MECC) || defined(LTC_MKAT)) && !defined(LTC_DER) 507 /* Dropbear patched out LTC_MECC */
508 #if (defined(LTC_MDSA) || defined(LTC_MRSA) || /*defined(LTC_MECC) ||*/ defined(LTC_MKAT)) && !defined(LTC_DER)
412 #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled 509 #error PK requires ASN.1 DER functionality, make sure LTC_DER is enabled
413 #endif 510 #endif
414 511
415 #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305)) 512 #if defined(LTC_CHACHA20POLY1305_MODE) && (!defined(LTC_CHACHA) || !defined(LTC_POLY1305))
416 #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305 513 #error LTC_CHACHA20POLY1305_MODE requires LTC_CHACHA + LTC_POLY1305