From 88f847de90fe0a363791b4c969f09facae0b8115 Mon Sep 17 00:00:00 2001
From: toddouska <todd@wolfssl.com>
Date: Mon, 25 Jul 2016 13:24:36 -0700
Subject: [PATCH] add --enable-harden swtich for timing resistance and
 blinding, on by default

---
 configure.ac | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/configure.ac b/configure.ac
index 753457d48..bf5a27fbe 100644
--- a/configure.ac
+++ b/configure.ac
@@ -192,6 +192,18 @@ AC_ARG_ENABLE([maxstrength],
     [ENABLED_MAXSTRENGTH=no])
 
 
+# Harden, enable Timing Resistance and Blinding by default
+AC_ARG_ENABLE([harden],
+    [AS_HELP_STRING([--enable-harden],[Enable Hardened build, Enables Timing Resistance and Blinding (default: enabled)])],
+    [ENABLED_HARDEN=$enableval],
+    [ENABLED_HARDEN=yes])
+
+if test "$ENABLED_HARDEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING"
+fi
+
+
 # IPv6 Test Apps
 AC_ARG_ENABLE([ipv6],
     [  --enable-ipv6           Enable testing of IPV6 (default: disabled)],