Files
wolfssl/examples/configs/user_settings_openssl_compat.h
Andrew Hutchings 61a77e2dd6 Add lots more membrowse platforms
Lots more ARM Cortex, RiscV, AArch64, linuxkm and some Zephyr
2026-06-03 11:21:35 +01:00

291 lines
7.5 KiB
C

/* user_settings_openssl_compat.h
*
* Copyright (C) 2006-2026 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* OpenSSL compatibility layer for drop-in replacement.
* Provides OpenSSL API compatibility for applications migrating from OpenSSL.
*
* Build and test:
* cp ./examples/configs/user_settings_openssl_compat.h user_settings.h
* ./configure --enable-usersettings --disable-examples
* make
* ./wolfcrypt/test/testwolfcrypt
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
/* ------------------------------------------------- */
/* OpenSSL Compatibility */
/* ------------------------------------------------- */
#define OPENSSL_EXTRA
#if 1 /* Full OpenSSL API compatibility */
#define OPENSSL_ALL
#endif
/* OpenSSL-compatible names and behavior */
#define WOLFSSL_VERBOSE_ERRORS
#define ERROR_QUEUE_PER_THREAD
#define WOLFSSL_ERROR_CODE_OPENSSL
#define HAVE_WOLFSSL_SSL_H
#define OPENSSL_COMPATIBLE_DEFAULTS
/* No-socket embedded builds still compile IP SAN helpers through OPENSSL_ALL.
* Provide local address-conversion stubs when the platform has no socket API. */
#ifdef WOLFSSL_NO_SOCK
#ifndef WOLFSSL_IP4
#define WOLFSSL_IP4 2
#endif
#ifndef WOLFSSL_IP6
#define WOLFSSL_IP6 10
#endif
#ifndef XINET_PTON
#define XINET_PTON(a,b,c) 0
#endif
#ifndef XINET_NTOP
#define XINET_NTOP(a,b,c,d) NULL
#endif
#endif
/* Avoid old name conflicts */
#define NO_OLD_RNGNAME
#define NO_OLD_WC_NAMES
#define NO_OLD_SSL_NAMES
#define NO_OLD_SHA_NAMES
#define NO_OLD_MD5_NAME
/* Extra data support (SSL_CTX_set_ex_data, etc.) */
#define HAVE_EX_DATA
/* ------------------------------------------------- */
/* Application Compatibility */
/* ------------------------------------------------- */
#if 0 /* nginx */
#define WOLFSSL_NGINX
#endif
#if 0 /* HAProxy */
#define WOLFSSL_HAPROXY
#endif
#if 0 /* Apache httpd */
#define HAVE_LIGHTY
#endif
#if 0 /* stunnel */
#define HAVE_STUNNEL
#endif
#if 0 /* OpenVPN */
#define WOLFSSL_OPENVPN
#endif
#if 0 /* Qt */
#define WOLFSSL_QT
#endif
#if 0 /* cURL */
#define WOLFSSL_LIBCURL
#endif
#if 0 /* OpenSSH */
#define WOLFSSL_OPENSSH
#endif
/* ------------------------------------------------- */
/* Math */
/* ------------------------------------------------- */
#define WOLFSSL_SP_MATH_ALL
/* ------------------------------------------------- */
/* TLS Versions */
/* ------------------------------------------------- */
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_EXTENDED_MASTER
#define HAVE_ENCRYPT_THEN_MAC
#define HAVE_HKDF
#define WC_RSA_PSS
#if 1 /* TLS 1.2 (for compatibility) */
#undef WOLFSSL_NO_TLS12
#endif
#if 0 /* Allow older TLS (not recommended) */
#undef NO_OLD_TLS
#else
#define NO_OLD_TLS
#endif
/* TLS Extensions */
#define HAVE_SESSION_TICKET
#define HAVE_SNI
#define HAVE_ALPN
#define HAVE_MAX_FRAGMENT
#define HAVE_TRUNCATED_HMAC
#define HAVE_SECURE_RENEGOTIATION
#define HAVE_SERVER_RENEGOTIATION_INFO
/* ------------------------------------------------- */
/* Timing Resistance */
/* ------------------------------------------------- */
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
/* ------------------------------------------------- */
/* ECC */
/* ------------------------------------------------- */
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define HAVE_ECC_CDH
#define HAVE_COMP_KEY
/* ------------------------------------------------- */
/* Curve25519 / Ed25519 */
/* ------------------------------------------------- */
#define HAVE_CURVE25519
#define HAVE_ED25519
/* ------------------------------------------------- */
/* Curve448 / Ed448 */
/* ------------------------------------------------- */
#if 1 /* Ed448/X448 */
#define HAVE_CURVE448
#define HAVE_ED448
#endif
/* ------------------------------------------------- */
/* RSA */
/* ------------------------------------------------- */
#undef NO_RSA
#define WC_RSA_NO_PADDING
#define WOLFSSL_KEY_GEN
/* ------------------------------------------------- */
/* DH */
/* ------------------------------------------------- */
#undef NO_DH
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_DH_DEFAULT_PARAMS
#define WOLFSSL_DH_EXTRA
/* ------------------------------------------------- */
/* Symmetric Ciphers */
/* ------------------------------------------------- */
#define HAVE_AESGCM
#define GCM_TABLE_4BIT
#define WOLFSSL_AESGCM_STREAM
#define HAVE_AESCCM
#define WOLFSSL_AES_COUNTER
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_CFB
#define HAVE_AES_ECB
#define HAVE_AES_KEYWRAP
#define HAVE_AES_DECRYPT
#define HAVE_CHACHA
#define HAVE_POLY1305
#define HAVE_ONE_TIME_AUTH
#define HAVE_XCHACHA
/* ------------------------------------------------- */
/* Hashing */
/* ------------------------------------------------- */
#define WOLFSSL_SHA224
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define WOLFSSL_SHA3
#define WOLFSSL_SHAKE256
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
/* ------------------------------------------------- */
/* Additional Features */
/* ------------------------------------------------- */
#define HAVE_HASHDRBG
#define WOLFSSL_CMAC
#define WOLFSSL_DES_ECB
#define HAVE_CTS
#define HAVE_HKDF
#define HAVE_X963_KDF
#define HAVE_KEYING_MATERIAL
#define WOLFSSL_HAVE_PRF
/* ------------------------------------------------- */
/* Certificates */
/* ------------------------------------------------- */
#define WOLFSSL_ASN_TEMPLATE
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_EXT
#define WOLFSSL_MULTI_ATTRIB
#define WOLFSSL_DER_LOAD
#define WOLFSSL_PEM_TO_DER
#define WOLFSSL_DER_TO_PEM
#define WOLFSSL_ALT_NAMES
#define HAVE_CRL
#define HAVE_OCSP
#define HAVE_CERTIFICATE_STATUS_REQUEST
#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
/* ------------------------------------------------- */
/* Encoding */
/* ------------------------------------------------- */
#define WOLFSSL_BASE16
#define WOLFSSL_BASE64_ENCODE
/* ------------------------------------------------- */
/* Session Cache */
/* ------------------------------------------------- */
#define HAVE_EXT_CACHE
#define SESSION_CERTS
#define PERSIST_SESSION_CACHE
#define PERSIST_CERT_CACHE
/* ------------------------------------------------- */
/* PKCS */
/* ------------------------------------------------- */
#define HAVE_PKCS8
/* ------------------------------------------------- */
/* Disabled Algorithms */
/* ------------------------------------------------- */
#define NO_DSA
#define NO_RC4
#define NO_MD4
#define NO_PSK
/* ------------------------------------------------- */
/* Debugging */
/* ------------------------------------------------- */
#if 0 /* Enable debug logging */
#define DEBUG_WOLFSSL
#endif
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */