New file for adding needed configuration options to enable DTLS including DTLS version 1.3. This is an example file to be used for testing, eval, demos, etc.

2022-07-08 11:26:14 -05:00 · 2022-07-08 11:26:14 -05:00 · a4e452ec6a
commit a4e452ec6a
parent 357ace8408
1 changed files with 98 additions and 0 deletions
--- a/IDE/WIN/user_settings_dtls.h
+++ b/IDE/WIN/user_settings_dtls.h
@ -0,0 +1,98 @@
+#ifndef _WIN_USER_SETTINGS_H_
+#define _WIN_USER_SETTINGS_H_
+
+/* Verify this is Windows */
+#ifndef _WIN32
+#error This user_settings.h header is only designed for Windows
+#endif
+
+/* DTLS configuration including DTLS v.1.3 which requires TLS v.1.3. */
+
+/* The below DTLS configurations can be copied in to another user_settings.h 
+   file that may have other settings that need to be preserved. 
+*/
+#define WOLFSSL_TLS13
+#define WOLFSSL_DTLS
+#define WOLFSSL_DTLS13
+#define HAVE_HKDF
+#define HAVE_FFDHE_2048
+#define WC_RSA_PSS
+
+/* DTLS configuration */
+
+/* Configurations */
+#if defined(HAVE_FIPS)
+    /* FIPS */
+    #define OPENSSL_EXTRA
+    #define HAVE_THREAD_LS
+    #define WOLFSSL_KEY_GEN
+    #define HAVE_AESGCM
+    #define HAVE_HASHDRBG
+    #define WOLFSSL_SHA384
+    #define WOLFSSL_SHA512
+    #define NO_PSK
+    #define NO_RC4
+    #define NO_DSA
+    #define NO_MD4
+
+    #define GCM_NONCE_MID_SZ 12
+#else
+    /* Enables blinding mode, to prevent timing attacks */
+    #define WC_RSA_BLINDING
+    #define NO_MULTIBYTE_PRINT
+
+    #if defined(WOLFSSL_LIB)
+        /* The lib */
+        #define OPENSSL_EXTRA
+        #define WOLFSSL_RIPEMD
+        #define NO_PSK
+        #define HAVE_EXTENDED_MASTER
+        #define WOLFSSL_SNIFFER
+        #define HAVE_SECURE_RENEGOTIATION
+
+        #define HAVE_AESGCM
+        #define WOLFSSL_SHA384
+        #define WOLFSSL_SHA512
+
+        #define HAVE_SUPPORTED_CURVES
+        #define HAVE_TLS_EXTENSIONS
+
+        #define HAVE_ECC
+        #define ECC_SHAMIR
+        #define ECC_TIMING_RESISTANT
+
+        /* Optional Performance Speedups */
+        #if 0
+            /* AESNI on x64 */
+            #ifdef _WIN64
+                #define HAVE_INTEL_RDSEED
+                #define WOLFSSL_AESNI
+            #endif
+
+            /* Single Precision Support for RSA/DH 1024/2048/3072 and
+             * ECC P-256/P-384 */
+            #define WOLFSSL_SP
+            #define WOLFSSL_HAVE_SP_ECC
+            #define WOLFSSL_HAVE_SP_DH
+            #define WOLFSSL_HAVE_SP_RSA
+
+            #ifdef _WIN64
+                /* Old versions of MASM compiler do not recognize newer
+                 * instructions. */
+                #if 0
+                    #define NO_AVX2_SUPPORT
+                    #define NO_MOVBE_SUPPORT
+                #endif
+                #define WOLFSSL_SP_ASM
+                #define WOLFSSL_SP_X86_64_ASM
+            #endif
+        #endif
+
+    #else
+        /* The servers and clients */
+        #define OPENSSL_EXTRA
+        #define NO_PSK
+    #endif
+#endif /* HAVE_FIPS */
+
+#endif /* _WIN_USER_SETTINGS_H_ */