|
22 | 22 | #include <wolfssl/wolfcrypt/libwolfssl_sources.h> |
23 | 23 |
|
24 | 24 | /* |
25 | | - * WOLFSSL_SMALL_CERT_VERIFY: |
26 | | - * Verify the certificate signature without using DecodedCert. Doubles up |
27 | | - * on some code but allows smaller peak heap memory usage. |
28 | | - * Cannot be used with WOLFSSL_NONBLOCK_OCSP. |
29 | | - * WOLFSSL_ALT_CERT_CHAINS: |
30 | | - * Allows CA's to be presented by peer, but not part of a valid chain. |
31 | | - * Default wolfSSL behavior is to require validation of all presented peer |
32 | | - * certificates. This also allows loading intermediate CA's as trusted |
33 | | - * and ignoring no signer failures for CA's up the chain to root. |
34 | | - * WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT: |
35 | | - * Enable resending the previous DTLS handshake flight only on a network |
36 | | - * read timeout. By default we resend in two more cases, when we receive: |
37 | | - * - an out of order last msg of the peer's flight |
38 | | - * - a duplicate of the first msg from the peer's flight |
| 25 | + * internal.c Build Options: |
| 26 | + * |
| 27 | + * See also: tls.c for TLS extension/protocol options, tls13.c for TLS 1.3, |
| 28 | + * ssl.c for SSL API layer, wc_port.c for platform/memory. |
| 29 | + * |
| 30 | + * Connection & Buffers: |
| 31 | + * LARGE_STATIC_BUFFERS: Use large static I/O buffers default: on |
| 32 | + * WOLFSSL_DISABLE_EARLY_SANITY_CHECKS: |
| 33 | + * Disable early sanity checks on TLS messages default: off |
| 34 | + * WOLFSSL_NO_DTLS_SIZE_CHECK: Disable DTLS record size validation default: off |
| 35 | + * |
| 36 | + * Cipher Suite Selection: |
| 37 | + * NO_CHAPOL_AEAD: Disable ChaCha20-Poly1305 AEAD suites default: off |
| 38 | + * WOLFSSL_OLDTLS_AEAD_CIPHERSUITES: |
| 39 | + * Enable AEAD cipher suites for pre-TLS 1.2 default: off |
| 40 | + * WOLFSSL_OLDTLS_SHA2_CIPHERSUITES: |
| 41 | + * Enable SHA-2 cipher suites for pre-TLS 1.2 default: off |
| 42 | + * WOLFSSL_NO_STRICT_CIPHER_SUITE: |
| 43 | + * Relax strict cipher suite validation default: off |
| 44 | + * NO_RESUME_SUITE_CHECK: Skip cipher suite check on resume default: off |
| 45 | + * NO_FORCE_SCR_SAME_SUITE: Allow different suite in renegotiation default: off |
| 46 | + * CIPHER_NONCE: Per-record cipher nonce for AEAD default: off |
| 47 | + * |
| 48 | + * Certificate Validation: |
| 49 | + * WOLFSSL_SMALL_CERT_VERIFY: Verify cert sig without DecodedCert default: off |
| 50 | + * WOLFSSL_ALT_CERT_CHAINS: Allow non-validated intermediate CAs default: off |
| 51 | + * NO_CHECK_PRIVATE_KEY: Skip key/cert matching validation default: off |
| 52 | + * WOLFSSL_VERIFY_CB_ALL_CERTS: |
| 53 | + * Call verify callback for all chain certs default: off |
| 54 | + * WOLFSSL_ALWAYS_VERIFY_CB: Always invoke verify callback default: off |
| 55 | + * WOLFSSL_ALLOW_NO_CN_IN_SAN: Allow certs with SAN but no CN default: off |
| 56 | + * WOLFSSL_TRUST_PEER_CERT: Direct trust of specific peer certs default: off |
| 57 | + * WOLFSSL_LOCAL_X509_STORE: Per-context X509 store default: off |
| 58 | + * WOLFSSL_APPLE_NATIVE_CERT_VALIDATION: |
| 59 | + * Use Apple native cert validation on macOS/iOS default: off |
| 60 | + * WOLFSSL_TEST_APPLE_NATIVE_CERT_VALIDATION: |
| 61 | + * Testing mode for Apple cert validation default: off |
| 62 | + * HAVE_DANE: DNS-based cert validation (DNSSEC) default: off |
| 63 | + * HAVE_FALLBACK_SCSV: TLS Fallback SCSV anti-downgrade default: off |
| 64 | + * WOLFSSL_ACERT: Attribute certificate support default: off |
| 65 | + * WOLFSSL_DEBUG_CERTS: Debug logging for cert processing default: off |
| 66 | + * WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY: |
| 67 | + * Verify hostname using SAN only (not CN) default: off |
| 68 | + * |
| 69 | + * Handshake Behavior: |
| 70 | + * OLD_HELLO_ALLOWED: Allow SSLv2-format ClientHello default: off |
| 71 | + * WOLFSSL_ALTERNATIVE_DOWNGRADE: |
| 72 | + * Alternative protocol downgrade detection default: off |
| 73 | + * WOLFSSL_OLD_TIMINGPADVERIFY: |
| 74 | + * Old timing-based CBC padding verification default: off |
| 75 | + * WOLFSSL_ECDSA_MATCH_HASH: Match ECDSA hash to curve preference default: off |
| 76 | + * WOLFSSL_STRONGEST_HASH_SIG: Prefer strongest hash in signatures default: off |
| 77 | + * USE_ECDSA_KEYSZ_HASH_ALGO: Select ECDSA hash by key size default: off |
| 78 | + * WOLFSSL_ALLOW_TLS_SHA1: Allow SHA-1 cipher suites/signatures default: off |
| 79 | + * WOLFSSL_EXTRA_ALERTS: Send additional TLS alert messages default: off |
| 80 | + * WOLFSSL_NO_ETM_ALERT: No alert on Encrypt-Then-MAC failure default: off |
| 81 | + * |
| 82 | + * Secure Renegotiation & PSK: |
| 83 | + * WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT: |
| 84 | + * Enable secure renegotiation by default default: off |
| 85 | + * WOLFSSL_PSK_IDENTITY_ALERT: Alert on PSK identity lookup failure default: off |
| 86 | + * |
| 87 | + * Session Tickets: |
39 | 88 | * WOLFSSL_NO_DEF_TICKET_ENC_CB: |
40 | | - * No default ticket encryption callback. |
41 | | - * Server only. |
42 | | - * Application must set its own callback to use session tickets. |
43 | | - * WOLFSSL_TICKET_ENC_CHACHA20_POLY1305 |
44 | | - * Use ChaCha20-Poly1305 to encrypt/decrypt session tickets in default |
45 | | - * callback. Default algorithm if none defined and algorithms compiled in. |
46 | | - * Server only. |
47 | | - * WOLFSSL_TICKET_ENC_AES128_GCM |
48 | | - * Use AES128-GCM to encrypt/decrypt session tickets in default callback. |
49 | | - * Server only. Default algorithm if ChaCha20/Poly1305 not compiled in. |
50 | | - * WOLFSSL_TICKET_ENC_AES256_GCM |
51 | | - * Use AES256-GCM to encrypt/decrypt session tickets in default callback. |
52 | | - * Server only. |
53 | | - * WOLFSSL_TICKET_DECRYPT_NO_CREATE |
54 | | - * Default callback will not request creation of new ticket on successful |
55 | | - * decryption. |
56 | | - * Server only. |
57 | | - * WOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE |
58 | | - * Once a normal TLS 1.3 handshake is complete, a session ticket message |
59 | | - * may be received by a client. To support detecting this, peek will |
60 | | - * return WOLFSSL_ERROR_WANT_READ. |
61 | | - * This define turns off this behaviour. |
62 | | - * WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY |
63 | | - * Verify hostname/ip address using alternate name (SAN) only and do not |
64 | | - * use the common name. Forces use of the alternate name, so certificates |
65 | | - * missing SAN will be rejected during the handshake |
66 | | - * WOLFSSL_CHECK_SIG_FAULTS |
67 | | - * Verifies the ECC signature after signing in case of faults in the |
68 | | - * calculation of the signature. Useful when signature fault injection is a |
69 | | - * possible attack. |
70 | | - * WOLFSSL_TLS13_IGNORE_AEAD_LIMITS |
71 | | - * Ignore the AEAD limits for messages specified in the RFC. After |
72 | | - * reaching the limit, we initiate a key update. We enforce the AEAD limits |
73 | | - * by default. |
74 | | - * https://www.rfc-editor.org/rfc/rfc8446#section-5.5 |
75 | | - * https://www.rfc-editor.org/rfc/rfc9147.html#name-aead-limits |
76 | | - * WOLFSSL_HARDEN_TLS |
77 | | - * Implement the recommendations specified in RFC9325. This macro needs to |
78 | | - * be defined to the desired number of bits of security. The currently |
79 | | - * implemented values are 112 and 128 bits. The following macros disable |
80 | | - * certain checks. |
81 | | - * - WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC |
82 | | - * - WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS |
83 | | - * - WOLFSSL_HARDEN_TLS_NO_SCR_CHECK |
84 | | - * - WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK |
85 | | - * - WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES |
86 | | - * WOLFSSL_NO_INIT_CTX_KEY |
87 | | - * Allows SSL objects to be created from a CTX without a loaded key/cert |
88 | | - * pair |
| 89 | + * No default ticket encryption callback default: off |
| 90 | + * WOLFSSL_TICKET_ENC_CHACHA20_POLY1305: |
| 91 | + * ChaCha20-Poly1305 for ticket encryption default: auto |
| 92 | + * WOLFSSL_TICKET_ENC_AES128_GCM: |
| 93 | + * AES128-GCM for ticket encryption default: auto |
| 94 | + * WOLFSSL_TICKET_ENC_AES256_GCM: |
| 95 | + * AES256-GCM for ticket encryption default: off |
| 96 | + * WOLFSSL_TICKET_DECRYPT_NO_CREATE: |
| 97 | + * No new ticket on successful decryption default: off |
| 98 | + * WOLFSSL_TICKET_ENC_CBC_HMAC: |
| 99 | + * CBC+HMAC for ticket encryption (non-AEAD) default: off |
| 100 | + * WOLFSSL_NO_TICKET_EXPIRE: Disable ticket expiration checking default: off |
| 101 | + * |
| 102 | + * TLS 1.3 Internals: |
| 103 | + * WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC: |
| 104 | + * Ignore plaintext alerts when encrypted expected default: off |
| 105 | + * WOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE: |
| 106 | + * Disable peek returning WANT_READ for tickets default: off |
| 107 | + * WOLFSSL_TLS13_IGNORE_AEAD_LIMITS: |
| 108 | + * Ignore AEAD message limits from RFC 8446 default: off |
| 109 | + * WOLFSSL_DTLS13_SEND_MOREACK_DEFAULT: |
| 110 | + * Send more ACKs by default in DTLS 1.3 default: off |
| 111 | + * |
| 112 | + * DTLS: |
| 113 | + * WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT: |
| 114 | + * Resend previous flight only on timeout default: off |
| 115 | + * WOLFSSL_DTLS_DISALLOW_FUTURE: |
| 116 | + * Reject DTLS records with future epoch default: off |
89 | 117 | * WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS: |
90 | | - * When defined, allows DTLS records to span across multiple datagrams. |
| 118 | + * Allow DTLS records to span datagrams default: off |
| 119 | + * WOLFSSL_DEBUG_DTLS: Debug logging for DTLS operations default: off |
| 120 | + * |
| 121 | + * Session Export: |
| 122 | + * WOLFSSL_SESSION_EXPORT: Enable session export/import default: off |
| 123 | + * WOLFSSL_SESSION_EXPORT_DEBUG: |
| 124 | + * Debug logging for session export/import default: off |
| 125 | + * WOLFSSL_SESSION_EXPORT_NOPEER: |
| 126 | + * Export sessions without peer cert info default: off |
| 127 | + * |
| 128 | + * Compatibility Layers: |
| 129 | + * WOLFSSL_MYSQL_COMPATIBLE: MySQL protocol compatibility default: off |
| 130 | + * WOLFSSL_OPENVPN: OpenVPN compatibility behaviors default: off |
| 131 | + * |
| 132 | + * Async & Non-blocking: |
| 133 | + * WOLFSSL_ASYNC_CRYPT_SW: Software async crypto simulation default: off |
| 134 | + * WC_X25519_NONBLOCK: Non-blocking X25519 operations default: off |
| 135 | + * HAVE_WOLF_EVENT: Event-driven async processing default: off |
| 136 | + * |
| 137 | + * Hardware/Platform TLS: |
| 138 | + * WOLFSSL_MAXQ10XX_TLS: Maxim MAXQ10xx secure element default: off |
| 139 | + * WOLFSSL_IOTSAFE: IoTSAFE (GSMA) applet support default: off |
| 140 | + * WOLFSSL_QNX_CAAM: QNX CAAM crypto module support default: off |
| 141 | + * HAVE_DH_DEFAULT_PARAMS: Include default DH parameters default: off |
| 142 | + * HAVE_EXT_CACHE: External session cache callbacks default: off |
| 143 | + * |
| 144 | + * Hardening: |
| 145 | + * WOLFSSL_HARDEN_TLS: Implement RFC 9325 recommendations default: off |
| 146 | + * WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC: Allow truncated HMAC |
| 147 | + * WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS: Allow old TLS versions |
| 148 | + * WOLFSSL_HARDEN_TLS_NO_SCR_CHECK: No SCR check |
| 149 | + * WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK: No public key check |
| 150 | + * WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES: Allow all suites |
| 151 | + * WOLFSSL_NO_INIT_CTX_KEY: Allow SSL objects without loaded keys default: off |
91 | 152 | */ |
92 | 153 |
|
93 | 154 | #ifndef WOLFCRYPT_ONLY |
|
0 commit comments