Compiling for Arduino Leonardo

[flacidsnake]

Hi,

I know this is closed, but I'm having similar problems as @AnthonyDeroche at #539

After doing what he posted, I'm having these compilation problems:

arduino-1.8.5\libraries\wolfssl/wolfssl/wolfcrypt/wc_port.h:469:31: error: expected unqualified-id before 'const'

 extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);

                           ^

E:\arduino-1.8.5\libraries\wolfssl/wolfssl/wolfcrypt/wc_port.h:469:31: error: expected ')' before 'const'

E:\arduino-1.8.5\libraries\wolfssl/wolfssl/wolfcrypt/wc_port.h:469:31: error: expected initializer before 'const'

exit status 1 Error compilando para la tarjeta Arduino Leonardo.

Files I think are involved are pasted below. Please, any clue? Thanks in advance

My file settings.h ` / settings.h

• Copyright (C) 2006-2017 wolfSSL Inc.
• This file is part of wolfSSL.
• wolfSSL is free software; you can redistribute it and/or modify
• it under the terms of the GNU General Public License as published by
• the Free Software Foundation; either version 2 of the License, or
• (at your option) any later version.
• wolfSSL is distributed in the hope that it will be useful,
• but WITHOUT ANY WARRANTY; without even the implied warranty of
• MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
• GNU General Public License for more details.
• You should have received a copy of the GNU General Public License
• along with this program; if not, write to the Free Software
• Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */

/ Place OS specific preprocessor flags, defines, includes here, will be included into every file because types.h includes it /

define XTIME fnSecondsSinceEpoch

define XGMTIME

ifndef WOLF_CRYPT_SETTINGS_H

define WOLF_CRYPT_SETTINGS_H

ifdef __cplusplus

extern "C" {

endif

/ Uncomment next line if using IPHONE / / #define IPHONE /

/ Uncomment next line if using ThreadX / / #define THREADX /

/ Uncomment next line if using Micrium uC/OS-III / / #define MICRIUM /

/ Uncomment next line if using Mbed / / #define MBED /

/ Uncomment next line if using Microchip PIC32 ethernet starter kit / / #define MICROCHIP_PIC32 /

/ Uncomment next line if using Microchip TCP/IP stack, version 5 / / #define MICROCHIP_TCPIP_V5 /

/ Uncomment next line if using Microchip TCP/IP stack, version 6 or later / / #define MICROCHIP_TCPIP /

/ Uncomment next line if using PIC32MZ Crypto Engine / / #define WOLFSSL_MICROCHIP_PIC32MZ /

/ Uncomment next line if using FreeRTOS / / #define FREERTOS /

/ Uncomment next line if using FreeRTOS+ TCP / / #define FREERTOS_TCP /

/ Uncomment next line if using FreeRTOS Windows Simulator / / #define FREERTOS_WINSIM /

/ Uncomment next line if using RTIP / / #define EBSNET /

/ Uncomment next line if using lwip / / #define WOLFSSL_LWIP /

/ Uncomment next line if building wolfSSL for a game console / / #define WOLFSSL_GAME_BUILD /

/ Uncomment next line if building wolfSSL for LSR / / #define WOLFSSL_LSR /

/ Uncomment next line if building for Freescale Classic MQX/RTCS/MFS / / #define FREESCALE_MQX /

/ Uncomment next line if building for Freescale KSDK MQX/RTCS/MFS / / #define FREESCALE_KSDK_MQX /

/ Uncomment next line if building for Freescale KSDK Bare Metal / / #define FREESCALE_KSDK_BM /

/ Uncomment next line if building for Freescale KSDK FreeRTOS (old name FREESCALE_FREE_RTOS) / / #define FREESCALE_KSDK_FREERTOS /

/ Uncomment next line if using STM32F2 / / #define WOLFSSL_STM32F2 /

/ Uncomment next line if using STM32F4 / / #define WOLFSSL_STM32F4 /

/ Uncomment next line if using STM32F7 / / #define WOLFSSL_STM32F7 /

/ Uncomment next line if using QL SEP settings / / #define WOLFSSL_QL /

/ Uncomment next line if building for EROAD / / #define WOLFSSL_EROAD /

/ Uncomment next line if building for IAR EWARM / / #define WOLFSSL_IAR_ARM /

/ Uncomment next line if building for Rowley CrossWorks ARM / / #define WOLFSSL_ROWLEY_ARM /

/ Uncomment next line if using TI-RTOS settings / / #define WOLFSSL_TIRTOS /

/ Uncomment next line if building with PicoTCP / / #define WOLFSSL_PICOTCP /

/ Uncomment next line if building for PicoTCP demo bundle / / #define WOLFSSL_PICOTCP_DEMO /

/ Uncomment next line if building for uITRON4 / / #define WOLFSSL_uITRON4 /

/ Uncomment next line if building for uT-Kernel / / #define WOLFSSL_uTKERNEL2 /

/ Uncomment next line if using Max Strength build / / #define WOLFSSL_MAX_STRENGTH /

/ Uncomment next line if building for VxWorks / / #define WOLFSSL_VXWORKS /

/ Uncomment next line if building for Nordic nRF5x platofrm / / #define WOLFSSL_NRF5x /

/ Uncomment next line to enable deprecated less secure static DH suites / / #define WOLFSSL_STATIC_DH /

/ Uncomment next line to enable deprecated less secure static RSA suites / / #define WOLFSSL_STATIC_RSA /

/ Uncomment next line if building for ARDUINO / / Uncomment both lines if building for ARDUINO on INTEL_GALILEO /

define WOLFSSL_ARDUINO

//#define NO_INLINE // Don't know if this is mandatory for Leonardo / #define INTEL_GALILEO /

/ Uncomment next line to enable asynchronous crypto WC_PENDING_E / / #define WOLFSSL_ASYNC_CRYPT /

/ Uncomment next line if building for uTasker / / #define WOLFSSL_UTASKER /

/ Uncomment next line if building for embOS / / #define WOLFSSL_EMBOS /

/ Uncomment next line if building for RIOT-OS / / #define WOLFSSL_RIOT_OS /

/ Uncomment next line if building for using XILINX hardened crypto / / #define WOLFSSL_XILINX_CRYPT /

/ Uncomment next line if building for using XILINX / / #define WOLFSSL_XILINX /

include <wolfssl/wolfcrypt/visibility.h>

ifdef WOLFSSL_USER_SETTINGS

#include "user_settings.h"

endif

/ make sure old RNG name is used with CTaoCrypt FIPS /

ifdef HAVE_FIPS

#define WC_RNG RNG
/* blinding adds API not available yet in FIPS mode */
#undef WC_RSA_BLINDING

endif

if defined(_WIN32) && !defined(_M_X64) && \

defined(HAVE_AESGCM) && defined(WOLFSSL_AESNI)

/* The _M_X64 macro is what's used in the headers for MSC to tell if it

• has the 64-bit versions of the 128-bit integers available. If one is
• building on 32-bit Windows with AES-NI, turn off the AES-GCMloop

• unrolling. */

  define AES_GCM_AESNI_NO_UNROLL

  endif

ifdef IPHONE

#define SIZEOF_LONG_LONG 8

endif

ifdef THREADX

#define SIZEOF_LONG_LONG 8

endif

ifdef HAVE_NETX

#ifdef NEED_THREADX_TYPES
    #include <types.h>
#endif
#include <nx_api.h>

endif

if defined(HAVE_LWIP_NATIVE) / using LwIP native TCP socket /

#define WOLFSSL_LWIP
#define NO_WRITEV
#define SINGLE_THREADED
#define WOLFSSL_USER_IO
#define NO_FILESYSTEM

endif

if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM)

#define NO_MAIN_DRIVER
#define SINGLE_THREADED
#if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096)
    #define USE_CERT_BUFFERS_1024
#endif
#define BENCH_EMBEDDED
#define NO_FILESYSTEM
#define NO_WRITEV
#define WOLFSSL_USER_IO
#define BENCH_EMBEDDED

endif

ifdef MICROCHIP_PIC32

/* #define WOLFSSL_MICROCHIP_PIC32MZ */
#define SIZEOF_LONG_LONG 8
#define SINGLE_THREADED
#define WOLFSSL_USER_IO
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MAX
#define NO_BIG_INT

endif

ifdef WOLFSSL_MICROCHIP_PIC32MZ

#define WOLFSSL_PIC32MZ_CRYPT
#define WOLFSSL_PIC32MZ_RNG
#define WOLFSSL_PIC32MZ_HASH

endif

ifdef MICROCHIP_TCPIP_V5

/* include timer functions */
#include "TCPIP Stack/TCPIP.h"

endif

ifdef MICROCHIP_TCPIP

/* include timer, NTP functions */
#ifdef MICROCHIP_MPLAB_HARMONY
    #include "tcpip/tcpip.h"
#else
    #include "system/system_services.h"
    #include "tcpip/sntp.h"
#endif

endif

ifdef MBED

#define WOLFSSL_USER_IO
#define NO_FILESYSTEM
#define NO_CERT
#if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_4096)
    #define USE_CERT_BUFFERS_1024
#endif
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_SHA512
#define NO_DH
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
#define NO_DSA
#define NO_HC128
#define HAVE_ECC
#define NO_SESSION_CACHE
#define WOLFSSL_CMSIS_RTOS

endif

ifdef WOLFSSL_EROAD

#define FREESCALE_MQX
#define FREESCALE_MMCAU
#define SINGLE_THREADED
#define NO_STDIO_FILESYSTEM
#define WOLFSSL_LEANPSK
#define HAVE_NULL_CIPHER
#define NO_OLD_TLS
#define NO_ASN
#define NO_BIG_INT
#define NO_RSA
#define NO_DSA
#define NO_DH
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
#define NO_CERTS
#define NO_PWDBASED
#define NO_DES3
#define NO_MD4
#define NO_RC4
#define NO_MD5
#define NO_SESSION_CACHE
#define NO_MAIN_DRIVER

endif

ifdef WOLFSSL_PICOTCP

#ifndef errno
    #define errno pico_err
#endif
#include "pico_defines.h"
#include "pico_stack.h"
#include "pico_constants.h"
#include "pico_protocol.h"
#define CUSTOM_RAND_GENERATE pico_rand

endif

ifdef WOLFSSL_PICOTCP_DEMO

#define WOLFSSL_STM32
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define XMALLOC(s, h, type)  PICO_ZALLOC((s))
#define XFREE(p, h, type)    PICO_FREE((p))
#define SINGLE_THREADED
#define NO_WRITEV
#define WOLFSSL_USER_IO
#define NO_DEV_RANDOM
#define NO_FILESYSTEM

endif

ifdef FREERTOS_WINSIM

#define FREERTOS
#define USE_WINDOWS_API

endif

ifdef WOLFSSL_VXWORKS

/* VxWorks simulator incorrectly detects building for i386 */
#ifdef VXWORKS_SIM
    #define TFM_NO_ASM
#endif
#define WOLFSSL_PTHREADS
#define WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MAX
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define NO_MAIN_DRIVER
#define NO_DEV_RANDOM
#define NO_WRITEV

endif

ifdef WOLFSSL_ARDUINO

#define NO_WRITEV
#define NO_WOLFSSL_DIR
#define SINGLE_THREADED
#define NO_DEV_RANDOM
#ifndef INTEL_GALILEO /* Galileo has time.h compatibility */
    #define TIME_OVERRIDES /* must define XTIME and XGMTIME externally */
#endif
#define WOLFSSL_USER_IO
#define HAVE_ECC
#define NO_DH
#define NO_SESSION_CACHE
#define USE_SLOW_SHA
#define NO_WOLFSSL_SERVER
#define NO_ERROR_STRINGS

endif

ifdef WOLFSSL_UTASKER

/* uTasker configuration - used for fnRandom() */
#include "config.h"

#define SINGLE_THREADED
#define NO_WOLFSSL_DIR
#define WOLFSSL_HAVE_MIN
#define NO_WRITEV

#define HAVE_ECC
#define ALT_ECC_SIZE
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT

/* used in wolfCrypt test */
#define NO_MAIN_DRIVER
#define USE_CERT_BUFFERS_2048

/* uTasker port uses RAW sockets, use I/O callbacks
 * See wolfSSL uTasker example for sample callbacks */
#define WOLFSSL_USER_IO

/* uTasker filesystem not ported  */
#define NO_FILESYSTEM

/* uTasker RNG is abstracted, calls HW RNG when available */
#define CUSTOM_RAND_GENERATE    fnRandom
#define CUSTOM_RAND_TYPE        unsigned short

/* user needs to define XTIME to function that provides
 * seconds since Unix epoch */
#ifndef XTIME
    //#error XTIME must be defined in wolfSSL settings.h
    //#define XTIME fnSecondsSinceEpoch
#endif

/* use uTasker std library replacements where available */
#define STRING_USER
#define XMEMCPY(d,s,l)         uMemcpy((d),(s),(l))
#define XMEMSET(b,c,l)         uMemset((b),(c),(l))
#define XMEMCMP(s1,s2,n)       uMemcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l)        memmove((d),(s),(l))

#define XSTRLEN(s1)            uStrlen((s1))
#define XSTRNCPY(s1,s2,n)      strncpy((s1),(s2),(n))
#define XSTRSTR(s1,s2)         strstr((s1),(s2))
#define XSTRNSTR(s1,s2,n)      mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n)      strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n)      strncat((s1),(s2),(n))
#define XSTRNCASECMP(s1,s2,n)  _strnicmp((s1),(s2),(n))
#if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN)
    #define XSTRTOK            strtok_r
#endif

endif

ifdef WOLFSSL_EMBOS

#define NO_FILESYSTEM           /* Not ported at this time */
#define USE_CERT_BUFFERS_2048   /* use when NO_FILESYSTEM */
#define NO_MAIN_DRIVER
#define NO_RC4
#define SINGLE_THREADED         /* Not ported at this time */

endif

ifdef WOLFSSL_RIOT_OS

#define NO_WRITEV
#define TFM_NO_ASM
#define USE_FAST_MATH
#define NO_FILESYSTEM
#define USE_CERT_BUFFERS_2048

endif

ifdef WOLFSSL_CHIBIOS

/* ChibiOS definitions. This file is distributed with chibiOS. */
#include "wolfssl_chibios.h"

endif

ifdef WOLFSSL_NRF5x

    #define SIZEOF_LONG 4
    #define SIZEOF_LONG_LONG 8
    #define NO_ASN_TIME
    #define NO_DEV_RANDOM
    #define NO_FILESYSTEM
    #define NO_MAIN_DRIVER
    #define NO_WRITEV
    #define SINGLE_THREADED
    #define USE_FAST_MATH
    #define TFM_TIMING_RESISTANT
    #define USE_WOLFSSL_MEMORY
    #define WOLFSSL_NRF51
    #define WOLFSSL_USER_IO
    #define NO_SESSION_CACHE

endif

/ Micrium will use Visual Studio for compilation but not the Win32 API /

if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \

!defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_EROAD) && \
!defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
#define USE_WINDOWS_API

endif

if defined(WOLFSSL_uITRON4)

define XMALLOC_USER

include

define ITRON_POOL_SIZE 1024*20

extern int uITRON4_minit(size_t poolsz) ; extern void uITRON4_malloc(size_t sz) ; extern void uITRON4_realloc(void p, size_t sz) ; extern void uITRON4_free(void p) ;

define XMALLOC(sz, heap, type) uITRON4_malloc(sz)

define XREALLOC(p, sz, heap, type) uITRON4_realloc(p, sz)

define XFREE(p, heap, type) uITRON4_free(p)

endif

if defined(WOLFSSL_uTKERNEL2)

ifndef NO_TKERNEL_MEM_POOL

#define XMALLOC_OVERRIDE
int   uTKernel_init_mpool(unsigned int sz); /* initializing malloc pool */
void* uTKernel_malloc(unsigned int sz);
void* uTKernel_realloc(void *p, unsigned int sz);
void  uTKernel_free(void *p);
#define XMALLOC(s, h, type)  uTKernel_malloc((s))
#define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n))
#define XFREE(p, h, type)    uTKernel_free((p))

endif

ifndef NO_STDIO_FGETS_REMAP

#include <stdio.h>
#include "tm/tmonitor.h"

/* static char* gets(char *buff); */
static char* fgets(char *buff, int sz, FILE *fp) {
    char * p = buff;
    *p = '\0';
    while (1) {
        *p = tm_getchar(-1);
        tm_putchar(*p);
        if (*p == '\r') {
            tm_putchar('\n');
            *p = '\0';
            break;
        }
        p++;
    }
    return buff;
}

endif / !NO_STDIO_FGETS_REMAP /

endif

if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER)

#include <stdlib.h>
#define XMALLOC(s, h, type)  malloc((s))
#define XFREE(p, h, type)    free((p))
#define XREALLOC(p, n, h, t) realloc((p), (n))

endif

if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)

#undef  XMALLOC
#define XMALLOC     yaXMALLOC
#undef  XFREE
#define XFREE       yaXFREE
#undef  XREALLOC
#define XREALLOC    yaXREALLOC

endif

ifdef FREERTOS

#include "FreeRTOS.h"

/* FreeRTOS pvPortRealloc() only in AVR32_UC3 port */
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
    !defined(WOLFSSL_STATIC_MEMORY)
    #define XMALLOC(s, h, type)  pvPortMalloc((s))
    #define XFREE(p, h, type)    vPortFree((p))
#endif

#ifndef NO_WRITEV
    #define NO_WRITEV
#endif
#ifndef HAVE_SHA512
    #ifndef NO_SHA512
        #define NO_SHA512
    #endif
#endif
#ifndef HAVE_DH
    #ifndef NO_DH
        #define NO_DH
    #endif
#endif
#ifndef NO_DSA
    #define NO_DSA
#endif
#ifndef NO_HC128
    #define NO_HC128
#endif

#ifndef SINGLE_THREADED
    #include "semphr.h"
#endif

endif

ifdef FREERTOS_TCP

#if !defined(NO_WOLFSSL_MEMORY) && !defined(XMALLOC_USER) && \
    !defined(WOLFSSL_STATIC_MEMORY)
    #define XMALLOC(s, h, type)  pvPortMalloc((s))
    #define XFREE(p, h, type)    vPortFree((p))
#endif

#define WOLFSSL_GENSEED_FORTEST

#define NO_WOLFSSL_DIR
#define NO_WRITEV
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define NO_MAIN_DRIVER

endif

ifdef WOLFSSL_TIRTOS

#define SIZEOF_LONG_LONG 8
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define NO_DEV_RANDOM
#define NO_FILESYSTEM
#define USE_CERT_BUFFERS_2048
#define NO_ERROR_STRINGS
#define USER_TIME
#define HAVE_ECC
#define HAVE_ALPN
#define USE_WOLF_STRTOK /* use with HAVE_ALPN */
#define HAVE_TLS_EXTENSIONS
#define HAVE_AESGCM
#define HAVE_SUPPORTED_CURVES
#define ALT_ECC_SIZE

#ifdef __IAR_SYSTEMS_ICC__
    #pragma diag_suppress=Pa089
#elif !defined(__GNUC__)
    /* Suppress the sslpro warning */
    #pragma diag_suppress=11
#endif

#include <ti/sysbios/hal/Seconds.h>

endif

ifdef EBSNET

#include "rtip.h"

/* #define DEBUG_WOLFSSL */
#define NO_WOLFSSL_DIR  /* tbd */

#if (POLLOS)
    #define SINGLE_THREADED
#endif

#if (RTPLATFORM)
    #if (!RTP_LITTLE_ENDIAN)
        #define BIG_ENDIAN_ORDER
    #endif
#else
    #if (!KS_LITTLE_ENDIAN)
        #define BIG_ENDIAN_ORDER
    #endif
#endif

#if (WINMSP3)
    #undef SIZEOF_LONG
    #define SIZEOF_LONG_LONG 8
#else
    #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
#endif

#define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
#define XFREE(p, h, type) (rtp_free(p))
#define XREALLOC(p, n, h, t) realloc((p), (n))

endif / EBSNET /

ifdef WOLFSSL_GAME_BUILD

#define SIZEOF_LONG_LONG 8
#if defined(__PPU) || defined(__XENON)
    #define BIG_ENDIAN_ORDER
#endif

endif

ifdef WOLFSSL_LSR

#define HAVE_WEBSERVER
#define SIZEOF_LONG_LONG 8
#define WOLFSSL_LOW_MEMORY
#define NO_WRITEV
#define NO_SHA512
#define NO_DH
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
#define NO_DSA
#define NO_HC128
#define NO_DEV_RANDOM
#define NO_WOLFSSL_DIR
#define NO_RABBIT
#ifndef NO_FILESYSTEM
    #define LSR_FS
    #include "inc/hw_types.h"
    #include "fs.h"
#endif
#define WOLFSSL_LWIP
#include <errno.h>  /* for tcp errno */
#define WOLFSSL_SAFERTOS
#if defined(__IAR_SYSTEMS_ICC__)
    /* enum uses enum */
    #pragma diag_suppress=Pa089
#endif

endif

ifdef WOLFSSL_SAFERTOS

#ifndef SINGLE_THREADED
    #include "SafeRTOS/semphr.h"
#endif

#include "SafeRTOS/heap.h"
#define XMALLOC(s, h, type)  pvPortMalloc((s))
#define XFREE(p, h, type)    vPortFree((p))
#define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))

endif

ifdef WOLFSSL_LOW_MEMORY

#undef  RSA_LOW_MEM
#define RSA_LOW_MEM
#undef  WOLFSSL_SMALL_STACK
#define WOLFSSL_SMALL_STACK
#undef  TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT

endif

ifdef FREESCALE_MQX

#define FREESCALE_COMMON
#include "mqx.h"
#ifndef NO_FILESYSTEM
    #include "mfs.h"
    #if MQX_USE_IO_OLD
        #include "fio.h"
        #define NO_STDIO_FILESYSTEM
    #else
        #include "nio.h"
    #endif
#endif
#ifndef SINGLE_THREADED
    #include "mutex.h"
#endif

#define XMALLOC_OVERRIDE
#define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
#define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */

endif

ifdef FREESCALE_KSDK_MQX

#define FREESCALE_COMMON
#include <mqx.h>
#ifndef NO_FILESYSTEM
    #if MQX_USE_IO_OLD
        #include <fio.h>
    #else
        #include <stdio.h>
        #include <nio.h>
    #endif
#endif
#ifndef SINGLE_THREADED
    #include <mutex.h>
#endif

#define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
#define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
#define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */

#define MQX_FILE_PTR FILE *
#define IO_SEEK_SET  SEEK_SET
#define IO_SEEK_END  SEEK_END

endif / FREESCALE_KSDK_MQX /

if defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)

/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
#define NO_FILESYSTEM
#define WOLFSSL_CRYPT_HW_MUTEX 1

#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY)
    #define XMALLOC(s, h, type)  pvPortMalloc((s))
    #define XFREE(p, h, type)    vPortFree((p))
#endif

//#define USER_TICKS
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
#define WOLFSSL_LWIP
#define FREERTOS_TCP

#define FREESCALE_FREE_RTOS
#define FREERTOS_SOCKET_ERROR ( -1 )
#define FREERTOS_EWOULDBLOCK ( -2 )
#define FREERTOS_EINVAL ( -4 )
#define FREERTOS_EADDRNOTAVAIL ( -5 )
#define FREERTOS_EADDRINUSE ( -6 )
#define FREERTOS_ENOBUFS ( -7 )
#define FREERTOS_ENOPROTOOPT ( -8 )

endif / FREESCALE_FREE_RTOS || FREESCALE_KSDK_FREERTOS /

ifdef FREESCALE_KSDK_BM

#define FREESCALE_COMMON
#define WOLFSSL_USER_IO
#define SINGLE_THREADED
#define NO_FILESYSTEM
#ifndef TIME_OVERRIDES
    #define USER_TICKS
#endif

endif / FREESCALE_KSDK_BM /

ifdef FREESCALE_COMMON

#define SIZEOF_LONG_LONG 8

/* disable features */
#undef  NO_WRITEV
#define NO_WRITEV
#undef  NO_DEV_RANDOM
#define NO_DEV_RANDOM
#undef  NO_RABBIT
#define NO_RABBIT
#undef  NO_WOLFSSL_DIR
#define NO_WOLFSSL_DIR
#undef  NO_RC4
#define NO_RC4

/* enable features */
#undef  USE_FAST_MATH
#define USE_FAST_MATH

#define USE_CERT_BUFFERS_2048
#define BENCH_EMBEDDED

#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT

#undef  HAVE_ECC
#define HAVE_ECC
#ifndef NO_AES
    #undef  HAVE_AESCCM
    #define HAVE_AESCCM
    #undef  HAVE_AESGCM
    #define HAVE_AESGCM
    #undef  WOLFSSL_AES_COUNTER
    #define WOLFSSL_AES_COUNTER
    #undef  WOLFSSL_AES_DIRECT
    #define WOLFSSL_AES_DIRECT
#endif

#ifdef FREESCALE_KSDK_1_3
    #include "fsl_device_registers.h"
#elif !defined(FREESCALE_MQX)
    /* Classic MQX does not have fsl_common.h */
    #include "fsl_common.h"
#endif

/* random seed */
#define NO_OLD_RNGNAME
#if defined(FSL_FEATURE_SOC_TRNG_COUNT) && (FSL_FEATURE_SOC_TRNG_COUNT > 0)
    #define FREESCALE_KSDK_2_0_TRNG
#elif defined(FSL_FEATURE_SOC_RNG_COUNT) && (FSL_FEATURE_SOC_RNG_COUNT > 0)
    #ifdef FREESCALE_KSDK_1_3
        #include "fsl_rnga_driver.h"
        #define FREESCALE_RNGA
        #define RNGA_INSTANCE (0)
    #else
        #define FREESCALE_KSDK_2_0_RNGA
    #endif
#elif !defined(FREESCALE_KSDK_BM) && !defined(FREESCALE_FREE_RTOS) && !defined(FREESCALE_KSDK_FREERTOS)
    #define FREESCALE_RNGA
    #define RNGA_INSTANCE (0)
    /* defaulting to K70 RNGA, user should change if different */
    /* #define FREESCALE_K53_RNGB */
    #define FREESCALE_K70_RNGA
#endif

/* HW crypto */
/* automatic enable based on Kinetis feature */
/* if case manual selection is required, for example for benchmarking purposes,
 * just define FREESCALE_USE_MMCAU or FREESCALE_USE_LTC or none of these two macros (for software only)
 * both can be enabled simultaneously as LTC has priority over MMCAU in source code.
 */
/* #define FSL_HW_CRYPTO_MANUAL_SELECTION */
#ifndef FSL_HW_CRYPTO_MANUAL_SELECTION
    #if defined(FSL_FEATURE_SOC_MMCAU_COUNT) && FSL_FEATURE_SOC_MMCAU_COUNT
        #define FREESCALE_USE_MMCAU
    #endif

    #if defined(FSL_FEATURE_SOC_LTC_COUNT) && FSL_FEATURE_SOC_LTC_COUNT
        #define FREESCALE_USE_LTC
    #endif
#else
    /* #define FREESCALE_USE_MMCAU */
    /* #define FREESCALE_USE_LTC */
#endif

endif / FREESCALE_COMMON /

/ Classic pre-KSDK mmCAU library /

ifdef FREESCALE_USE_MMCAU_CLASSIC

#define FREESCALE_USE_MMCAU
#define FREESCALE_MMCAU_CLASSIC
#define FREESCALE_MMCAU_CLASSIC_SHA

endif

/ KSDK mmCAU library /

ifdef FREESCALE_USE_MMCAU

/* AES and DES */
#define FREESCALE_MMCAU
/* MD5, SHA-1 and SHA-256 */
#define FREESCALE_MMCAU_SHA

endif / FREESCALE_USE_MMCAU /

ifdef FREESCALE_USE_LTC

#if defined(FSL_FEATURE_SOC_LTC_COUNT) && FSL_FEATURE_SOC_LTC_COUNT
    #define FREESCALE_LTC
    #define LTC_BASE LTC0

    #if defined(FSL_FEATURE_LTC_HAS_DES) && FSL_FEATURE_LTC_HAS_DES
        #define FREESCALE_LTC_DES
    #endif

    #if defined(FSL_FEATURE_LTC_HAS_GCM) && FSL_FEATURE_LTC_HAS_GCM
        #define FREESCALE_LTC_AES_GCM
    #endif

    #if defined(FSL_FEATURE_LTC_HAS_SHA) && FSL_FEATURE_LTC_HAS_SHA
        #define FREESCALE_LTC_SHA
    #endif

    #if defined(FSL_FEATURE_LTC_HAS_PKHA) && FSL_FEATURE_LTC_HAS_PKHA
        #define FREESCALE_LTC_ECC
        #define FREESCALE_LTC_TFM

        /* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic.
           the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */
        #ifndef LTC_MAX_INT_BYTES
            #define LTC_MAX_INT_BYTES (256)
        #endif

        /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined.
         * In such a case both software and hardware algorithm
         * for TFM is linked in. The decision for which algorithm is used is determined at runtime
         * from size of inputs. If inputs and result can fit into LTC (see LTC_MAX_INT_BYTES)
         * then we call hardware algorithm, otherwise we call software algorithm.
         *
         * Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and private key)
         * into several computations with 2048-bit modulus and exponents.
         */
        /* #define FREESCALE_LTC_TFM_RSA_4096_ENABLE */

        /* ECC-384, ECC-256, ECC-224 and ECC-192 have been enabled with LTC PKHA acceleration */
        #ifdef HAVE_ECC
            #undef  ECC_TIMING_RESISTANT
            #define ECC_TIMING_RESISTANT

            /* the LTC PKHA hardware limit is 512 bits (64 bytes) for ECC.
               the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters
               and point coordinates */
            #ifndef LTC_MAX_ECC_BITS
                #define LTC_MAX_ECC_BITS (384)
            #endif

            /* Enable curves up to 384 bits */
            #if !defined(ECC_USER_CURVES) && !defined(HAVE_ALL_CURVES)
                #define ECC_USER_CURVES
                #define HAVE_ECC192
                #define HAVE_ECC224
                #undef  NO_ECC256
                #define HAVE_ECC384
            #endif

            /* enable features */
            #undef  HAVE_CURVE25519
            #define HAVE_CURVE25519
            #undef  HAVE_ED25519
            #define HAVE_ED25519
            #undef  WOLFSSL_SHA512
            #define WOLFSSL_SHA512
        #endif
    #endif
#endif

endif / FREESCALE_USE_LTC /

ifdef FREESCALE_LTC_TFM_RSA_4096_ENABLE

#undef  USE_CERT_BUFFERS_4096
#define USE_CERT_BUFFERS_4096
#undef  FP_MAX_BITS
#define FP_MAX_BITS (8192)

#undef  NO_DH
#define NO_DH
#undef  NO_DSA
#define NO_DSA

endif / FREESCALE_LTC_TFM_RSA_4096_ENABLE /

/ if LTC has AES engine but doesn't have GCM, use software with LTC AES ECB mode /

if defined(FREESCALE_USE_LTC) && !defined(FREESCALE_LTC_AES_GCM)

#define GCM_TABLE

endif

if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \

defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1)

#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
#define NO_WOLFSSL_DIR
#undef  NO_RABBIT
#define NO_RABBIT
#ifndef NO_STM32_RNG
    #undef  STM32_RNG
    #define STM32_RNG
#endif
#ifndef NO_STM32_CRYPTO
    #undef  STM32_CRYPTO
    #define STM32_CRYPTO
#endif
#ifndef NO_STM32_HASH
    #undef  STM32_HASH
    #define STM32_HASH
#endif
#if !defined(__GNUC__) && !defined(__ICCARM__)
    #define KEIL_INTRINSICS
#endif
#define NO_OLD_RNGNAME
#ifdef WOLFSSL_STM32_CUBEMX
    #if defined(WOLFSSL_STM32F2)
        #include "stm32f2xx_hal.h"
    #elif defined(WOLFSSL_STM32F4)
        #include "stm32f4xx_hal.h"
    #elif defined(WOLFSSL_STM32F7)
        #include "stm32f7xx_hal.h"
    #elif defined(WOLFSSL_STM32F1)
        #include "stm32f1xx_hal.h"
    #endif

    #ifndef STM32_HAL_TIMEOUT
        #define STM32_HAL_TIMEOUT   0xFF
    #endif
#else
    #if defined(WOLFSSL_STM32F2)
        #include "stm32f2xx.h"
        #ifdef STM32_CRYPTO
            #include "stm32f2xx_cryp.h"
        #endif
        #ifdef STM32_HASH
            #include "stm32f2xx_hash.h"
        #endif
    #elif defined(WOLFSSL_STM32F4)
        #include "stm32f4xx.h"
        #ifdef STM32_CRYPTO
            #include "stm32f4xx_cryp.h"
        #endif
        #ifdef STM32_HASH
            #include "stm32f4xx_hash.h"
        #endif
    #elif defined(WOLFSSL_STM32F7)
        #include "stm32f7xx.h"
    #elif defined(WOLFSSL_STM32F1)
        #include "stm32f1xx.h"
    #endif
#endif /* WOLFSSL_STM32_CUBEMX */

endif / WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32F7 /

ifdef MICRIUM

#include <stdlib.h>
#include <os.h>
#include <net_cfg.h>
#include <net_sock.h>
#include <net_err.h>
#include <lib_mem.h>
#include <lib_math.h>

#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define HAVE_HASHDRBG

#define HAVE_ECC
#define ALT_ECC_SIZE
#define TFM_ECC192
#define TFM_ECC224
#define TFM_ECC256
#define TFM_ECC384
#define TFM_ECC521

#define NO_RC4
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_EXTENDED_MASTER

#define NO_WOLFSSL_DIR
#define NO_WRITEV

#ifndef CUSTOM_RAND_GENERATE
    #define CUSTOM_RAND_TYPE     RAND_NBR
    #define CUSTOM_RAND_GENERATE Math_Rand
#endif

#define WOLFSSL_TYPES
typedef CPU_INT08U byte;
typedef CPU_INT16U word16;
typedef CPU_INT32U word32;

#define STRING_USER
#define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
#define XSTRNCPY(pstr_dest, pstr_src, len_max) \
                ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
                 (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
#define XSTRNCMP(pstr_1, pstr_2, len_max) \
                ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
                 (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
#define XSTRNCASECMP(pstr_1, pstr_2, len_max) \
                ((CPU_INT16S)Str_CmpIgnoreCase_N((CPU_CHAR *)(pstr_1), \
                 (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
#define XSTRSTR(pstr, pstr_srch) \
                ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
                 (CPU_CHAR *)(pstr_srch)))
#define XSTRNSTR(pstr, pstr_srch, len_max) \
                ((CPU_CHAR *)Str_Str_N((CPU_CHAR *)(pstr), \
                 (CPU_CHAR *)(pstr_srch),(CPU_SIZE_T)(len_max)))
#define XSTRNCAT(pstr_dest, pstr_cat, len_max) \
                ((CPU_CHAR *)Str_Cat_N((CPU_CHAR *)(pstr_dest), \
                 (const CPU_CHAR *)(pstr_cat),(CPU_SIZE_T)(len_max)))
#define XMEMSET(pmem, data_val, size) \
                ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
                (CPU_SIZE_T)(size)))
#define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
                 (void *)(psrc), (CPU_SIZE_T)(size)))
#define XMEMCMP(pmem_1, pmem_2, size) \
               (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
                 (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
#define XMEMMOVE XMEMCPY

#if (OS_CFG_MUTEX_EN == DEF_DISABLED)
    #define SINGLE_THREADED
#endif

#if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
    #define BIG_ENDIAN_ORDER
#else
    #undef  BIG_ENDIAN_ORDER
    #define LITTLE_ENDIAN_ORDER
#endif

endif / MICRIUM /

ifdef WOLFSSL_QL

#ifndef WOLFSSL_SEP
    #define WOLFSSL_SEP
#endif
#ifndef OPENSSL_EXTRA
    #define OPENSSL_EXTRA
#endif
#ifndef SESSION_CERTS
    #define SESSION_CERTS
#endif
#ifndef HAVE_AESCCM
    #define HAVE_AESCCM
#endif
#ifndef ATOMIC_USER
    #define ATOMIC_USER
#endif
#ifndef WOLFSSL_DER_LOAD
    #define WOLFSSL_DER_LOAD
#endif
#ifndef KEEP_PEER_CERT
    #define KEEP_PEER_CERT
#endif
#ifndef HAVE_ECC
    #define HAVE_ECC
#endif
#ifndef SESSION_INDEX
    #define SESSION_INDEX
#endif

endif / WOLFSSL_QL /

if defined(WOLFSSL_XILINX)

#define USER_TIME /* XTIME in asn.c */
#define NO_WOLFSSL_DIR
#define NO_DEV_RANDOM
#define HAVE_AESGCM

endif

if defined(WOLFSSL_XILINX_CRYPT)

#if defined(WOLFSSL_ARMASM)
    #error can not use both ARMv8 instructions and XILINX hardened crypto
#endif
#if defined(WOLFSSL_SHA3)
    /* only SHA3-384 is supported */
    #undef WOLFSSL_NOSHA3_224
    #undef WOLFSSL_NOSHA3_256
    #undef WOLFSSL_NOSHA3_512
    #define WOLFSSL_NOSHA3_224
    #define WOLFSSL_NOSHA3_256
    #define WOLFSSL_NOSHA3_512
#endif

endif /(WOLFSSL_XILINX_CRYPT)/

ifdef WOLFSSL_IMX6

#ifndef SIZEOF_LONG_LONG
    #define SIZEOF_LONG_LONG 8
#endif

endif

/ if defined turn on all CAAM support /

ifdef WOLFSSL_IMX6_CAAM

#undef  WOLFSSL_IMX6_CAAM_RNG
#define WOLFSSL_IMX6_CAAM_RNG

#undef  WOLFSSL_IMX6_CAAM_BLOB
#define WOLFSSL_IMX6_CAAM_BLOB

if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_XTS)

/* large performance gain with HAVE_AES_ECB defined */
#undef HAVE_AES_ECB
#define HAVE_AES_ECB

endif

endif

if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \

!defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY) && \
!defined(XMALLOC_OVERRIDE)
#define USE_WOLFSSL_MEMORY

endif

if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)

#undef  KEEP_PEER_CERT
#define KEEP_PEER_CERT

endif

/ stream ciphers except arc4 need 32bit alignment, intel ok without /

ifndef XSTREAM_ALIGN

#if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
    #define NO_XSTREAM_ALIGN
#else
    #define XSTREAM_ALIGN
#endif

endif

/* write dup cannot be used with secure renegotiation because write dup

• make write side write only and read side read only */

  if defined(HAVE_WRITE_DUP) && defined(HAVE_SECURE_RENEGOTIATION)

  error "WRITE DUP and SECURE RENEGOTIATION cannot both be on"

  endif

ifdef WOLFSSL_SGX

#ifdef _MSC_VER
    #define NO_RC4
    #ifndef HAVE_FIPS
        #define WOLFCRYPT_ONLY
        #define NO_DES3
        #define NO_SHA
        #define NO_MD5
    #else
        #define TFM_TIMING_RESISTANT
        #define NO_WOLFSSL_DIR
        #define NO_FILESYSTEM
        #define NO_WRITEV
        #define NO_MAIN_DRIVER
        #define WOLFSSL_LOG_PRINTF
        #define WOLFSSL_DH_CONST
    #endif
#else
    #define HAVE_ECC
    #define ECC_TIMING_RESISTANT
    #define TFM_TIMING_RESISTANT
    #define NO_FILESYSTEM
    #define NO_WRITEV
    #define NO_MAIN_DRIVER
    #define USER_TICKS
    #define WOLFSSL_LOG_PRINTF
    #define WOLFSSL_DH_CONST
#endif /* _MSC_VER */
#if !defined(HAVE_FIPS) && !defined(NO_RSA)
    #define WC_RSA_BLINDING
#endif
#define SINGLE_THREADED
#define NO_ASN_TIME /* can not use headers such as windows.h */
#define HAVE_AESGCM
#define USE_CERT_BUFFERS_2048
#define USE_FAST_MATH

endif / WOLFSSL_SGX /

/ FreeScale MMCAU hardware crypto has 4 byte alignment. However, KSDK fsl_mmcau.h gives API with no alignment requirements (4 byte alignment is managed internally by fsl_mmcau.c) /

ifdef FREESCALE_MMCAU

#ifdef FREESCALE_MMCAU_CLASSIC
    #define WOLFSSL_MMCAU_ALIGNMENT 4
#else
    #define WOLFSSL_MMCAU_ALIGNMENT 0
#endif

endif

/ if using hardware crypto and have alignment requirements, specify the requirement here. The record header of SSL/TLS will prevent easy alignment. This hint tries to help as much as possible. /

ifndef WOLFSSL_GENERAL_ALIGNMENT

#ifdef WOLFSSL_AESNI
    #define WOLFSSL_GENERAL_ALIGNMENT 16
#elif defined(XSTREAM_ALIGN)
    #define WOLFSSL_GENERAL_ALIGNMENT  4
#elif defined(FREESCALE_MMCAU) || defined(FREESCALE_MMCAU_CLASSIC)
    #define WOLFSSL_GENERAL_ALIGNMENT  WOLFSSL_MMCAU_ALIGNMENT
#else
    #define WOLFSSL_GENERAL_ALIGNMENT  0
#endif

endif

if defined(WOLFSSL_GENERAL_ALIGNMENT) && (WOLFSSL_GENERAL_ALIGNMENT > 0)

#if defined(_MSC_VER)
    #define XGEN_ALIGN __declspec(align(WOLFSSL_GENERAL_ALIGNMENT))
#elif defined(__GNUC__)
    #define XGEN_ALIGN __attribute__((aligned(WOLFSSL_GENERAL_ALIGNMENT)))
#else
    #define XGEN_ALIGN
#endif

else

#define XGEN_ALIGN

endif

ifdef HAVE_CRL

/* not widely supported yet */
#undef NO_SKID
#define NO_SKID

endif

ifdef __INTEL_COMPILER

#pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */

endif

/* user can specify what curves they want with ECC_USER_CURVES otherwise

• all curves are on by default for now */

  ifndef ECC_USER_CURVES

  if !defined(WOLFSSL_SP_MATH) && !defined(HAVE_ALL_CURVES)

  #define HAVE_ALL_CURVES

  endif

  endif

/ ECC Configs /

ifdef HAVE_ECC

/* By default enable Sign, Verify, DHE, Key Import and Key Export unless explicitly disabled */
#ifndef NO_ECC_SIGN
    #undef HAVE_ECC_SIGN
    #define HAVE_ECC_SIGN
#endif
#ifndef NO_ECC_VERIFY
    #undef HAVE_ECC_VERIFY
    #define HAVE_ECC_VERIFY
#endif
#ifndef NO_ECC_CHECK_KEY
    #undef HAVE_ECC_CHECK_KEY
    #define HAVE_ECC_CHECK_KEY
#endif
#ifndef NO_ECC_DHE
    #undef HAVE_ECC_DHE
    #define HAVE_ECC_DHE
#endif
#ifndef NO_ECC_KEY_IMPORT
    #undef HAVE_ECC_KEY_IMPORT
    #define HAVE_ECC_KEY_IMPORT
#endif
#ifndef NO_ECC_KEY_EXPORT
    #undef HAVE_ECC_KEY_EXPORT
    #define HAVE_ECC_KEY_EXPORT
#endif

endif / HAVE_ECC /

/ Curve255519 Configs /

ifdef HAVE_CURVE25519

/* By default enable shared secret, key export and import */
#ifndef NO_CURVE25519_SHARED_SECRET
    #undef HAVE_CURVE25519_SHARED_SECRET
    #define HAVE_CURVE25519_SHARED_SECRET
#endif
#ifndef NO_CURVE25519_KEY_EXPORT
    #undef HAVE_CURVE25519_KEY_EXPORT
    #define HAVE_CURVE25519_KEY_EXPORT
#endif
#ifndef NO_CURVE25519_KEY_IMPORT
    #undef HAVE_CURVE25519_KEY_IMPORT
    #define HAVE_CURVE25519_KEY_IMPORT
#endif

endif / HAVE_CURVE25519 /

/ Ed255519 Configs /

ifdef HAVE_ED25519

/* By default enable sign, verify, key export and import */
#ifndef NO_ED25519_SIGN
    #undef HAVE_ED25519_SIGN
    #define HAVE_ED25519_SIGN
#endif
#ifndef NO_ED25519_VERIFY
    #undef HAVE_ED25519_VERIFY
    #define HAVE_ED25519_VERIFY
#endif
#ifndef NO_ED25519_KEY_EXPORT
    #undef HAVE_ED25519_KEY_EXPORT
    #define HAVE_ED25519_KEY_EXPORT
#endif
#ifndef NO_ED25519_KEY_IMPORT
    #undef HAVE_ED25519_KEY_IMPORT
    #define HAVE_ED25519_KEY_IMPORT
#endif

endif / HAVE_ED25519 /

/ AES Config /

ifndef NO_AES

/* By default enable all AES key sizes, decryption and CBC */
#ifndef AES_MAX_KEY_SIZE
    #undef  AES_MAX_KEY_SIZE
    #define AES_MAX_KEY_SIZE    256
#endif

#ifndef NO_AES_128
    #undef  WOLFSSL_AES_128
    #define WOLFSSL_AES_128
#endif
#if !defined(NO_AES_192) && AES_MAX_KEY_SIZE >= 192
    #undef  WOLFSSL_AES_192
    #define WOLFSSL_AES_192
#endif
#if !defined(NO_AES_256) && AES_MAX_KEY_SIZE >= 256
    #undef  WOLFSSL_AES_256
    #define WOLFSSL_AES_256
#endif
#if !defined(WOLFSSL_AES_128) && defined(HAVE_ECC_ENCRYPT)
    #warning HAVE_ECC_ENCRYPT uses AES 128 bit keys
 #endif

#ifndef NO_AES_DECRYPT
    #undef  HAVE_AES_DECRYPT
    #define HAVE_AES_DECRYPT
#endif
#ifndef NO_AES_CBC
    #undef  HAVE_AES_CBC
    #define HAVE_AES_CBC
#else
    #ifndef WOLFCRYPT_ONLY
        #error "AES CBC is required for TLS and can only be disabled for WOLFCRYPT_ONLY builds"
    #endif
#endif
#ifdef WOLFSSL_AES_XTS
    /* AES-XTS makes calls to AES direct functions */
    #ifndef WOLFSSL_AES_DIRECT
    #define WOLFSSL_AES_DIRECT
    #endif
#endif
#ifdef WOLFSSL_AES_CFB
    /* AES-CFB makes calls to AES direct functions */
    #ifndef WOLFSSL_AES_DIRECT
    #define WOLFSSL_AES_DIRECT
    #endif
#endif

endif

/ if desktop type system and fastmath increase default max bits /

ifdef WOLFSSL_X86_64_BUILD

#ifdef USE_FAST_MATH
    #ifndef FP_MAX_BITS
        #define FP_MAX_BITS 8192
    #endif
#endif

endif

/ If using the max strength build, ensure OLD TLS is disabled. /

ifdef WOLFSSL_MAX_STRENGTH

#undef NO_OLD_TLS
#define NO_OLD_TLS

endif

/ Default AES minimum auth tag sz, allow user to override /

ifndef WOLFSSL_MIN_AUTH_TAG_SZ

#define WOLFSSL_MIN_AUTH_TAG_SZ 12

endif

/* sniffer requires:

• static RSA cipher suites
• session stats and peak stats */

  ifdef WOLFSSL_SNIFFER

  ifndef WOLFSSL_STATIC_RSA

  #define WOLFSSL_STATIC_RSA

  endif

  ifndef WOLFSSL_SESSION_STATS

  #define WOLFSSL_SESSION_STATS

  endif

  ifndef WOLFSSL_PEAK_SESSIONS

  #define WOLFSSL_PEAK_SESSIONS

  endif

  endif

/* Decode Public Key extras on by default, user can turn off with

• WOLFSSL_NO_DECODE_EXTRA */

  ifndef WOLFSSL_NO_DECODE_EXTRA

  ifndef RSA_DECODE_EXTRA

  #define RSA_DECODE_EXTRA

  endif

  ifndef ECC_DECODE_EXTRA

  #define ECC_DECODE_EXTRA

  endif

  endif

/ C Sharp wrapper defines /

ifdef HAVE_CSHARP

#ifndef WOLFSSL_DTLS
    #define WOLFSSL_DTLS
#endif
#undef NO_PSK
#undef NO_SHA256
#undef NO_DH

endif

/ Asynchronous Crypto /

ifdef WOLFSSL_ASYNC_CRYPT

/* Make sure wolf events are enabled */
#undef HAVE_WOLF_EVENT
#define HAVE_WOLF_EVENT

#ifdef WOLFSSL_ASYNC_CRYPT_TEST
    #define WC_ASYNC_DEV_SIZE 320+24
#else
    #define WC_ASYNC_DEV_SIZE 320
#endif

#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
    !defined(WOLFSSL_ASYNC_CRYPT_TEST)
    #error No async hardware defined with WOLFSSL_ASYNC_CRYPT!
#endif

/* Enable ECC_CACHE_CURVE for ASYNC */
#if !defined(ECC_CACHE_CURVE)
    #define ECC_CACHE_CURVE
#endif

endif / WOLFSSL_ASYNC_CRYPT /

ifndef WC_ASYNC_DEV_SIZE

#define WC_ASYNC_DEV_SIZE 0

endif

/ leantls checks /

ifdef WOLFSSL_LEANTLS

#ifndef HAVE_ECC
    #error leantls build needs ECC
#endif

endif / WOLFSSL_LEANTLS/

/ restriction with static memory /

ifdef WOLFSSL_STATIC_MEMORY

#if defined(HAVE_IO_POOL) || defined(XMALLOC_USER) || defined(NO_WOLFSSL_MEMORY)
     #error static memory cannot be used with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY
#endif
#if !defined(USE_FAST_MATH) && !defined(NO_BIG_INT)
    #error static memory requires fast math please define USE_FAST_MATH
#endif
#ifdef WOLFSSL_SMALL_STACK
    #error static memory does not support small stack please undefine
#endif

endif / WOLFSSL_STATIC_MEMORY /

ifdef HAVE_AES_KEYWRAP

#ifndef WOLFSSL_AES_DIRECT
    #error AES key wrap requires AES direct please define WOLFSSL_AES_DIRECT
#endif

endif

ifdef HAVE_PKCS7

#if defined(NO_AES) && defined(NO_DES3)
    #error PKCS7 needs either AES or 3DES enabled, please enable one
#endif
#ifndef HAVE_AES_KEYWRAP
    #error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP
#endif
#if defined(HAVE_ECC) && !defined(HAVE_X963_KDF)
    #error PKCS7 requires X963 KDF please define HAVE_X963_KDF
#endif

endif

if !defined(WOLFCRYPT_ONLY) && !defined(NO_OLD_TLS) && \

    (defined(NO_SHA) || defined(NO_MD5))
#error old TLS requires MD5 and SHA

endif

/ for backwards compatibility /

if defined(TEST_IPV6) && !defined(WOLFSSL_IPV6)

#define WOLFSSL_IPV6

endif

/ Place any other flags or defines here /

if defined(WOLFSSL_MYSQL_COMPATIBLE) && defined(_WIN32) \

                                  && defined(HAVE_GMTIME_R)
#undef HAVE_GMTIME_R /* don't trust macro with windows */

endif / WOLFSSL_MYSQL_COMPATIBLE /

if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)

#define SSL_OP_NO_COMPRESSION    SSL_OP_NO_COMPRESSION
#define OPENSSL_NO_ENGINE
#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT
#ifndef OPENSSL_EXTRA
    #define OPENSSL_EXTRA
#endif
#ifndef HAVE_SESSION_TICKET
    #define HAVE_SESSION_TICKET
#endif
#ifndef HAVE_OCSP
    #define HAVE_OCSP
#endif
#ifndef KEEP_OUR_CERT
    #define KEEP_OUR_CERT
#endif
#ifndef HAVE_SNI
    #define HAVE_SNI
#endif

endif

if defined(WOLFSSL_NGINX)

#define SSL_CTRL_SET_TLSEXT_HOSTNAME

endif

/ both CURVE and ED small math should be enabled /

ifdef CURVED25519_SMALL

    #define CURVE25519_SMALL
    #define ED25519_SMALL

endif

ifndef WOLFSSL_ALERT_COUNT_MAX

#define WOLFSSL_ALERT_COUNT_MAX 5

endif

/ warning for not using harden build options (default with ./configure) /

ifndef WC_NO_HARDEN

#if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \
    (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \
    (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS))

    #ifndef _MSC_VER
        #warning "For timing resistance / side-channel attack prevention consider using harden options"
    #else
        #pragma message("Warning: For timing resistance / side-channel attack prevention consider using harden options")
    #endif
#endif

endif

if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA)

/* added to have compatibility with SHA256() */
#if !defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
    #define NO_OLD_SHA256_NAMES
#endif

endif

/* switch for compatibility layer functionality. Has subparts i.e. BIO/X509

• When opensslextra is enabled all subparts should be turned on. */

  ifdef OPENSSL_EXTRA

  undef OPENSSL_EXTRA_X509_SMALL

  define OPENSSL_EXTRA_X509_SMALL

  endif / OPENSSL_EXTRA /

ifdef __cplusplus

}   /* extern "C" */

endif

endif

`

_My file wcport.h ` / wc_port.h

• Copyright (C) 2006-2017 wolfSSL Inc.
• This file is part of wolfSSL.
• wolfSSL is free software; you can redistribute it and/or modify
• it under the terms of the GNU General Public License as published by
• the Free Software Foundation; either version 2 of the License, or
• (at your option) any later version.
• wolfSSL is distributed in the hope that it will be useful,
• but WITHOUT ANY WARRANTY; without even the implied warranty of
• MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
• GNU General Public License for more details.
• You should have received a copy of the GNU General Public License
• along with this program; if not, write to the Free Software
• Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */

/! \file wolfssl/wolfcrypt/wc_port.h /

ifndef WOLF_CRYPT_PORT_H

define WOLF_CRYPT_PORT_H

include <wolfssl/wolfcrypt/settings.h>

include <wolfssl/wolfcrypt/visibility.h>

ifdef __cplusplus

extern "C" {

endif

ifdef USE_WINDOWS_API

#ifdef WOLFSSL_GAME_BUILD
    #include "system/xtl.h"
#else
    #ifndef WIN32_LEAN_AND_MEAN
        #define WIN32_LEAN_AND_MEAN
    #endif
    #ifndef WOLFSSL_SGX
        #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
            /* On WinCE winsock2.h must be included before windows.h */
            #include <winsock2.h>
        #endif
        #include <windows.h>
    #endif /* WOLFSSL_SGX */
#endif

elif defined(THREADX)

#ifndef SINGLE_THREADED
    #ifdef NEED_THREADX_TYPES
        #include <types.h>
    #endif
    #include <tx_api.h>
#endif

elif defined(MICRIUM)

/* do nothing, just don't pick Unix */

elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)

/* do nothing */

elif defined(EBSNET)

/* do nothing */

elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)

/* do nothing */

elif defined(FREESCALE_FREE_RTOS)

#include "fsl_os_abstraction.h"

elif defined(WOLFSSL_uITRON4)

#include "stddef.h"
#include "kernel.h"

elif defined(WOLFSSL_uTKERNEL2)

#include "tk/tkernel.h"

elif defined(WOLFSSL_CMSIS_RTOS)

#include "cmsis_os.h"

elif defined(WOLFSSL_MDK_ARM)

#if defined(WOLFSSL_MDK5)
    #include "cmsis_os.h"
#else
    #include <rtl.h>
#endif

elif defined(WOLFSSL_CMSIS_RTOS)

#include "cmsis_os.h"

elif defined(WOLFSSL_TIRTOS)

#include <ti/sysbios/BIOS.h>
#include <ti/sysbios/knl/Semaphore.h>

elif defined(WOLFSSL_FROSTED)

#include <semaphore.h>

elif defined(INTIME_RTOS)

#include <rt.h>
#include <io.h>

else

#ifndef SINGLE_THREADED
    #define WOLFSSL_PTHREADS
    #include <pthread.h>
#endif
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
    #include <unistd.h>      /* for close of BIO */
#endif

endif

/ For FIPS keep the function names the same /

ifdef HAVE_FIPS

define wc_InitMutex InitMutex

define wc_FreeMutex FreeMutex

define wc_LockMutex LockMutex

define wc_UnLockMutex UnLockMutex

endif / HAVE_FIPS /

ifdef SINGLE_THREADED

typedef int wolfSSL_Mutex;

else / MULTI_THREADED /

/* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */
#if defined(FREERTOS)
    typedef xSemaphoreHandle wolfSSL_Mutex;
#elif defined(FREERTOS_TCP)
    #include "FreeRTOS.h"
    #include "semphr.h"
    typedef SemaphoreHandle_t  wolfSSL_Mutex;
#elif defined(WOLFSSL_SAFERTOS)
    typedef struct wolfSSL_Mutex {
        signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
        xSemaphoreHandle mutex;
    } wolfSSL_Mutex;
#elif defined(USE_WINDOWS_API)
    typedef CRITICAL_SECTION wolfSSL_Mutex;
#elif defined(WOLFSSL_PTHREADS)
    typedef pthread_mutex_t wolfSSL_Mutex;
#elif defined(THREADX)
    typedef TX_MUTEX wolfSSL_Mutex;
#elif defined(MICRIUM)
    typedef OS_MUTEX wolfSSL_Mutex;
#elif defined(EBSNET)
    typedef RTP_MUTEX wolfSSL_Mutex;
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
    typedef MUTEX_STRUCT wolfSSL_Mutex;
#elif defined(FREESCALE_FREE_RTOS)
    typedef mutex_t wolfSSL_Mutex;
#elif defined(WOLFSSL_uITRON4)
    typedef struct wolfSSL_Mutex {
        T_CSEM sem ;
        ID     id ;
    } wolfSSL_Mutex;
#elif defined(WOLFSSL_uTKERNEL2)
    typedef struct wolfSSL_Mutex {
        T_CSEM sem ;
        ID     id ;
    } wolfSSL_Mutex;
#elif defined(WOLFSSL_MDK_ARM)
    #if defined(WOLFSSL_CMSIS_RTOS)
        typedef osMutexId wolfSSL_Mutex;
    #else
        typedef OS_MUT wolfSSL_Mutex;
    #endif
#elif defined(WOLFSSL_CMSIS_RTOS)
    typedef osMutexId wolfSSL_Mutex;
#elif defined(WOLFSSL_TIRTOS)
    typedef ti_sysbios_knl_Semaphore_Handle wolfSSL_Mutex;
#elif defined(WOLFSSL_FROSTED)
    typedef mutex_t * wolfSSL_Mutex;
#elif defined(INTIME_RTOS)
    typedef RTHANDLE wolfSSL_Mutex;
#else
    #error Need a mutex type in multithreaded mode
#endif /* USE_WINDOWS_API */

endif / SINGLE_THREADED /

/ Enable crypt HW mutex for Freescale MMCAU or PIC32MZ /

if defined(FREESCALE_MMCAU) || defined(WOLFSSL_MICROCHIP_PIC32MZ)

#ifndef WOLFSSL_CRYPT_HW_MUTEX
    #define WOLFSSL_CRYPT_HW_MUTEX  1
#endif

endif / FREESCALE_MMCAU /

ifndef WOLFSSL_CRYPT_HW_MUTEX

#define WOLFSSL_CRYPT_HW_MUTEX  0

endif

if WOLFSSL_CRYPT_HW_MUTEX

/* wolfSSL_CryptHwMutexInit is called on first wolfSSL_CryptHwMutexLock,
   however it's recommended to call this directly on Hw init to avoid possible
   race condition where two calls to wolfSSL_CryptHwMutexLock are made at
   the same time. */
int wolfSSL_CryptHwMutexInit(void);
int wolfSSL_CryptHwMutexLock(void);
int wolfSSL_CryptHwMutexUnLock(void);

else

/* Define stubs, since HW mutex is disabled */
#define wolfSSL_CryptHwMutexInit()      0 /* Success */
#define wolfSSL_CryptHwMutexLock()      0 /* Success */
#define wolfSSL_CryptHwMutexUnLock()    (void)0 /* Success */

endif / WOLFSSL_CRYPT_HW_MUTEX /

/ Mutex functions / WOLFSSL_API int wc_InitMutex(wolfSSL_Mutex); WOLFSSL_API wolfSSL_Mutex wc_InitAndAllocMutex(void); WOLFSSL_API int wc_FreeMutex(wolfSSL_Mutex); WOLFSSL_API int wc_LockMutex(wolfSSL_Mutex); WOLFSSL_API int wc_UnLockMutex(wolfSSL_Mutex*);

if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)

/ dynamiclly set which mutex to use. unlock / lock is controlled by flag / typedef void (mutex_cb)(int flag, int type, const char* file, int line);

WOLFSSL_API int wc_LockMutex_ex(int flag, int type, const char file, int line); WOLFSSL_API int wc_SetMutexCb(mutex_cb cb);

endif

/ main crypto initialization function / WOLFSSL_API int wolfCrypt_Init(void); WOLFSSL_API int wolfCrypt_Cleanup(void);

/ filesystem abstraction layer, used by ssl.c /

ifndef NO_FILESYSTEM

if defined(EBSNET)

#include "vfapi.h"
#include "vfile.h"

#define XFILE                    int
#define XFOPEN(NAME, MODE)       vf_open((const char *)NAME, VO_RDONLY, 0);
#define XFSEEK                   vf_lseek
#define XFTELL                   vf_tell
#define XREWIND                  vf_rewind
#define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT)
#define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT)
#define XFCLOSE                  vf_close
#define XSEEK_END                VSEEK_END
#define XBADFILE                 -1
#define XFGETS(b,s,f)            -2 /* Not ported yet */

elif defined(LSR_FS)

#include <fs.h>
#define XFILE                   struct fs_file*
#define XFOPEN(NAME, MODE)      fs_open((char*)NAME);
#define XFSEEK(F, O, W)         (void)F
#define XFTELL(F)               (F)->len
#define XREWIND(F)              (void)F
#define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT)
#define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT)
#define XFCLOSE                 fs_close
#define XSEEK_END               0
#define XBADFILE                NULL
#define XFGETS(b,s,f)            -2 /* Not ported yet */

elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)

#define XFILE                   MQX_FILE_PTR
#define XFOPEN                  fopen
#define XFSEEK                  fseek
#define XFTELL                  ftell
#define XREWIND(F)              fseek(F, 0, IO_SEEK_SET)
#define XFREAD                  fread
#define XFWRITE                 fwrite
#define XFCLOSE                 fclose
#define XSEEK_END               IO_SEEK_END
#define XBADFILE                NULL
#define XFGETS                  fgets

elif defined(MICRIUM)

#include <fs_api.h>
#define XFILE      FS_FILE*
#define XFOPEN     fs_fopen
#define XFSEEK     fs_fseek
#define XFTELL     fs_ftell
#define XREWIND    fs_rewind
#define XFREAD     fs_fread
#define XFWRITE    fs_fwrite
#define XFCLOSE    fs_fclose
#define XSEEK_END  FS_SEEK_END
#define XBADFILE   NULL
#define XFGETS(b,s,f) -2 /* Not ported yet */

else

/* stdio, default case */
#include <stdio.h>
#define XFILE      FILE*
#if defined(WOLFSSL_MDK_ARM)
    extern FILE * wolfSSL_fopen(const char *name, const char *mode) ;
    #define XFOPEN     wolfSSL_fopen
#else
    #define XFOPEN     fopen
#endif
#define XFSEEK     fseek
#define XFTELL     ftell
#define XREWIND    rewind
#define XFREAD     fread
#define XFWRITE    fwrite
#define XFCLOSE    fclose
#define XSEEK_END  SEEK_END
#define XBADFILE   NULL
#define XFGETS     fgets

#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)
    #include <dirent.h>
    #include <unistd.h>
    #include <sys/stat.h>
#endif

endif

#ifndef MAX_FILENAME_SZ
    #define MAX_FILENAME_SZ  256 /* max file name length */
#endif
#ifndef MAX_PATH
    #define MAX_PATH 256
#endif

if !defined(NO_WOLFSSL_DIR)

typedef struct ReadDirCtx {
#ifdef USE_WINDOWS_API
    WIN32_FIND_DATAA FindFileData;
    HANDLE hFind;
#else
    struct dirent* entry;
    DIR*   dir;
    struct stat s;
#endif
    char name[MAX_FILENAME_SZ];
} ReadDirCtx;

WOLFSSL_API int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name);
WOLFSSL_API int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name);
WOLFSSL_API void wc_ReadDirClose(ReadDirCtx* ctx);

endif / !NO_WOLFSSL_DIR /

endif / !NO_FILESYSTEM /

/ Windows API defines its own min() macro. /

if defined(USE_WINDOWS_API)

#if defined(min) || defined(WOLFSSL_MYSQL_COMPATIBLE)
    #define WOLFSSL_HAVE_MIN
#endif /* min */
#if defined(max) || defined(WOLFSSL_MYSQL_COMPATIBLE)
    #define WOLFSSL_HAVE_MAX
#endif /* max */

endif / USE_WINDOWS_API /

/ Time functions /

ifndef NO_ASN_TIME

if defined(USER_TIME)

/* Use our gmtime and time_t/struct tm types.
   Only needs seconds since EPOCH using XTIME function.
   time_t XTIME(time_t * timer) {}
*/
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T

elif defined(TIME_OVERRIDES)

/* Override XTIME() and XGMTIME() functionality.
   Requires user to provide these functions:
    time_t XTIME(time_t * timer) {}
    struct tm* XGMTIME(const time_t* timer, struct tm* tmp) {}
*/
#ifndef HAVE_TIME_T_TYPE
    #define USE_WOLF_TIME_T
#endif
#ifndef HAVE_TM_TYPE
    #define USE_WOLF_TM
#endif
#define NEED_TMP_TIME

elif defined(HAVE_RTP_SYS)

#include "os.h"           /* dc_rtc_api needs    */
#include "dc_rtc_api.h"   /* to get current time */

/* uses parital <time.h> structures */
#define XTIME(tl)       (0)
#define XGMTIME(c, t)   rtpsys_gmtime((c))

elif defined(MICRIUM)

#include <clk.h>
#include <time.h>
#define XTIME(t1)       micrium_time((t1))
#define WOLFSSL_GMTIME

elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)

#include <time.h>
#define XTIME(t1)       pic32_time((t1))
#define XGMTIME(c, t)   gmtime((c))

elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)

#define XTIME(t1)       mqx_time((t1))
#define HAVE_GMTIME_R

elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)

#include <time.h>
#ifndef XTIME
    /*extern time_t ksdk_time(time_t* timer);*/
    #define XTIME(t1)   ksdk_time((t1))
#endif
#define XGMTIME(c, t)   gmtime((c))

elif defined(WOLFSSL_ATMEL)

#define XTIME(t1)       atmel_get_curr_time_and_date((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T

elif defined(IDIRECT_DEV_TIME)

/*Gets the timestamp from cloak software owned by VT iDirect
in place of time() from <time.h> */
#include <time.h>
#define XTIME(t1)       idirect_time((t1))
#define XGMTIME(c, t)   gmtime((c))

elif defined(_WIN32_WCE)

#include <windows.h>
#define XTIME(t1)       windows_time((t1))
#define WOLFSSL_GMTIME

else

/* default */
/* uses complete <time.h> facility */
#include <time.h>

/* PowerPC time_t is int */
#ifdef __PPC__
    #define TIME_T_NOT_LONG
#endif

endif

/ Map default time functions /

if !defined(XTIME) && !defined(TIME_OVERRIDES) && !defined(USER_TIME)

#define XTIME(tl)       time((tl))

endif

if !defined(XGMTIME) && !defined(TIME_OVERRIDES)

#if defined(WOLFSSL_GMTIME) || !defined(HAVE_GMTIME_R)
    #define XGMTIME(c, t)   gmtime((c))
#else
    #define XGMTIME(c, t)   gmtime_r((c), (t))
    #define NEED_TMP_TIME
#endif

endif

if !defined(XVALIDATE_DATE) && !defined(HAVE_VALIDATE_DATE)

#define USE_WOLF_VALIDDATE
#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))

endif

/ wolf struct tm and time_t /

if defined(USE_WOLF_TM)

struct tm {
    int  tm_sec;     /* seconds after the minute [0-60] */
    int  tm_min;     /* minutes after the hour [0-59] */
    int  tm_hour;    /* hours since midnight [0-23] */
    int  tm_mday;    /* day of the month [1-31] */
    int  tm_mon;     /* months since January [0-11] */
    int  tm_year;    /* years since 1900 */
    int  tm_wday;    /* days since Sunday [0-6] */
    int  tm_yday;    /* days since January 1 [0-365] */
    int  tm_isdst;   /* Daylight Savings Time flag */
    long tm_gmtoff;  /* offset from CUT in seconds */
    char *tm_zone;   /* timezone abbreviation */
};

endif / USE_WOLF_TM /

if defined(USE_WOLF_TIME_T)

typedef long time_t;

endif

/ forward declarations /

if defined(USER_TIME)

struct tm* gmtime(const time_t* timer);
extern time_t XTIME(time_t * timer);

#ifdef STACK_TRAP
    /* for stack trap tracking, don't call os gmtime on OS X/linux,
       uses a lot of stack spce */
    extern time_t time(time_t * timer);
    #define XTIME(tl)  time((tl))
#endif /* STACK_TRAP */

elif defined(TIME_OVERRIDES)

extern time_t XTIME(time_t * timer);
extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);

elif defined(WOLFSSL_GMTIME)

struct tm* gmtime(const time_t* timer);

endif

endif / NO_ASN_TIME /

ifdef __cplusplus

}  /* extern "C" */

endif

endif / WOLF_CRYPT_PORT_H /

`

[kaleb-himes]

Hi @flacidsnake,

Could you try adding the define NO_ASN_TIME to your settings and let me know if that resolved the GMTIME issues?

• KH

[kaleb-himes]

Hi @flacidsnake,

I also wanted to let you know that define will disable all time checks on certificates so it should ONLY be used for testing purposes. Once you have everything working in a test environment I would highly recommend adding a solution for XGMTIME before putting anything out in the wild.

This can impact security in that you could end up trusting expired or bad certificates when connecting to peers.

• KH

[flacidsnake]

Hi @kaleb-himes

First of all. Thank you very much for your fast reply.

Indeed, defining NO_ASN_TIME at settings.h an uncommenting it at wc_port.h solved the issue and I could finally compile the example wolfssl_client.ino.

But, when compilation ends, I get this message telling the sketch is too big for Leonardo:

El Sketch usa 131036 bytes (457%) del espacio de almacenamiento de programa. El máximo es 28672 bytes. Las variables Globales usan 11352 bytes (443%) de la memoria dinámica, dejando -8792 bytes para las variables locales. El máximo es 2560 bytes.

Programa muy grande: visite http://www.arduino.cc/en/Guide/Troubleshooting#size para ver cómo reducirlo. Error compilando para la tarjeta Arduino Leonardo.

Basically, the example sketch is too big. Any idea on how to make it work?

On the other hand, what I want to do with wolf_ssl is: I just want to receive HTTPS requests and parse the JSON inside them to know if the Leonardo's LED should be ON or OFF.

How can I achieve this? Maybe disabling some cipher options to reduce the size of the sketch?

Edit: How can I disable all the cipher suites and just keep TLS 1.2 with the TLS_RSA_WITH_AES_128_CBC_SHA256 cipher suite?

Thanks in advance! Regards.

[kaleb-himes]

@flacidsnake,

Glad to hear that got you past the build issues. To customize the build see in that same "settings.h" header where we check #ifdef WOLFSSL_USER_SETTINGS and then include the header user_settings.h if that is defined?

The easiest way to track changes is to add the file user_settings.h to the library root for Arduino and then define WOLFSSL_USER_SETTINGS in settings.h so your new header gets pulled in.

Then chapter 2 of our manual has a section "2.4.1 REMOVING FEATURES" which covers the features that can be disabled to reduce build size.

If your device really only has 28k available, the smallest build of wolfSSL to date is 23k and that's with the lean-psk option. It's pretty uncommon to come across servers in the wild that support PSK.

If you configure wolfSSL to use ECC cipher suites at a minimum you'll need roughly 60K of flash available and to use RSA cipher suites you'll need closer to 80K of flash. With such a limited flash space I am not sure you will be able to get SSL/TLS running on your device. Do you have an alternate platform you can use with more flash space?

• KH

[kaleb-himes]

@flacidsnake,

I never heard back from you on this item, is your device really limited to just 28K of flash? If so were you able to evaluate using a device with more available flash?

Warm Regards,

K