/* user_settings_min_ecc.h * * Copyright (C) 2006-2026 wolfSSL Inc. * * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ /* Minimal ECC and SHA-256 only (no TLS, no RSA, no AES) * * Derived from: * ./configure \ * --enable-cryptonly --enable-ecc --enable-sp \ * --disable-rsa --disable-dh --disable-sha3 \ * --disable-sha224 --disable-md5 \ * --disable-sha --disable-pkcs12 --disable-memory \ * --disable-chacha --disable-poly1305 \ * --disable-sha512 --disable-sha384 \ * --disable-aesgcm --disable-aescbc \ * --disable-aes --disable-rng \ * CFLAGS="-DNO_SIG_WRAPPER -DWOLFSSL_PUBLIC_MP \ * -DECC_USER_CURVES" * * Build and test: * cp ./examples/configs/user_settings_min_ecc.h \ * user_settings.h * ./configure --enable-usersettings --disable-examples * make * ./wolfcrypt/test/testwolfcrypt */ #ifndef WOLFSSL_USER_SETTINGS_H #define WOLFSSL_USER_SETTINGS_H #ifdef __cplusplus extern "C" { #endif /* ------------------------------------------------- */ /* Platform */ /* ------------------------------------------------- */ #define WOLFCRYPT_ONLY /* No TLS, wolfCrypt only */ /* Endianness - defaults to little endian */ #ifdef __BIG_ENDIAN__ #define BIG_ENDIAN_ORDER #endif #define WOLFSSL_PUBLIC_MP /* Expose mp_ math API's */ /* ------------------------------------------------- */ /* Math */ /* ------------------------------------------------- */ #define WOLFSSL_SP #define WOLFSSL_SP_SMALL #define WOLFSSL_SP_MATH #define WOLFSSL_HAVE_SP_ECC /* ------------------------------------------------- */ /* Timing Resistance */ /* ------------------------------------------------- */ #define TFM_TIMING_RESISTANT #define ECC_TIMING_RESISTANT /* ------------------------------------------------- */ /* ECC */ /* ------------------------------------------------- */ #define HAVE_ECC #define ECC_USER_CURVES /* Only P-256 by default */ #if 0 /* ECC Shamir - faster but more code/memory */ #define ECC_SHAMIR #endif /* ECC Feature Options */ #if 0 /* Disable ECC key export */ #define NO_ECC_KEY_EXPORT #endif #if 0 /* Disable ECDHE key agreement */ #define NO_ECC_DHE #endif #if 0 /* Disable ECC sign */ #define NO_ECC_SIGN #endif #if 0 /* Disable ECC verify */ #define NO_ECC_VERIFY #endif /* ------------------------------------------------- */ /* Hashing */ /* ------------------------------------------------- */ /* SHA-256 enabled by default */ /* ------------------------------------------------- */ /* Disabled Algorithms */ /* ------------------------------------------------- */ #define NO_AES #define NO_AES_CBC #define NO_DES3 #define NO_DSA #define NO_RSA #define NO_DH #define NO_RC4 #define NO_MD4 #define NO_MD5 #define NO_SHA #define NO_PWDBASED #define NO_PKCS12 #define NO_PKCS8 #define NO_SIG_WRAPPER /* ------------------------------------------------- */ /* Disabled Features */ /* ------------------------------------------------- */ #define NO_WOLFSSL_MEMORY #define WOLFSSL_NO_PEM #define NO_PSK #if 0 /* Disable ASN.1 / certificates */ #define NO_ASN #define NO_CERTS #define NO_CODING #endif #if 0 /* Disable RNG (ECC verify only) */ #define WC_NO_RNG #endif /* ------------------------------------------------- */ /* Debugging */ /* ------------------------------------------------- */ #if 0 /* Enable debug logging */ #define DEBUG_WOLFSSL #endif #if 1 /* Disable error strings to save flash */ #define NO_ERROR_STRINGS #endif #ifdef __cplusplus } #endif #endif /* WOLFSSL_USER_SETTINGS_H */