#ifndef BOTAN_BUILD_CONFIG_H__ #define BOTAN_BUILD_CONFIG_H__ /* * This file was automatically generated running * '%{command_line}' * * Target * - Compiler: %{cxx} %{cxx_abi_flags} %{cc_compile_flags} * - Arch: %{submodel}/%{arch} * - OS: %{os} */ #define BOTAN_VERSION_MAJOR %{version_major} #define BOTAN_VERSION_MINOR %{version_minor} #define BOTAN_VERSION_PATCH %{version_patch} #define BOTAN_VERSION_DATESTAMP %{version_datestamp} #define BOTAN_VERSION_RELEASE_TYPE "%{release_type}" #define BOTAN_VERSION_VC_REVISION "%{version_vc_rev}" #define BOTAN_DISTRIBUTION_INFO "%{distribution_info}" #define BOTAN_INSTALL_PREFIX R"(%{prefix})" #define BOTAN_INSTALL_HEADER_DIR "%{includedir}/botan-%{version_major}.%{version_minor}" #define BOTAN_INSTALL_LIB_DIR "%{libdir}" #define BOTAN_LIB_LINK "%{link_to}" #ifndef BOTAN_DLL #define BOTAN_DLL %{visibility_attribute} #endif /* How much to allocate for a buffer of no particular size */ #define BOTAN_DEFAULT_BUFFER_SIZE 1024 /* Minimum and maximum sizes to allocate out of the mlock pool (bytes) Default min is 16 as smaller values are easily bruteforceable and thus likely not cryptographic keys. */ #define BOTAN_MLOCK_ALLOCATOR_MIN_ALLOCATION 16 #define BOTAN_MLOCK_ALLOCATOR_MAX_ALLOCATION 128 /* * Total maximum amount of RAM (in KiB) we will lock into memory, even * if the OS would let us lock more */ #define BOTAN_MLOCK_ALLOCATOR_MAX_LOCKED_KB 512 /* Multiplier on a block cipher's native parallelism */ #define BOTAN_BLOCK_CIPHER_PAR_MULT 4 /* How many bits per limb in a BigInt */ #define BOTAN_MP_WORD_BITS %{mp_bits} /* * If enabled uses memset via volatile function pointer to zero memory, * otherwise does a byte at a time write via a volatile pointer. */ #define BOTAN_USE_VOLATILE_MEMSET_FOR_ZERO 1 /* * If enabled the ECC implementation will use Montgomery ladder * instead of a fixed window implementation. */ #define BOTAN_POINTGFP_BLINDED_MULTIPLY_USE_MONTGOMERY_LADDER 0 /* * Set number of bits used to generate mask for blinding the scalar of * a point multiplication. Set to zero to disable this side-channel * countermeasure. */ #define BOTAN_POINTGFP_SCALAR_BLINDING_BITS 20 /* * Set number of bits used to generate mask for blinding the * representation of an ECC point. Set to zero to diable this * side-channel countermeasure. */ #define BOTAN_POINTGFP_RANDOMIZE_BLINDING_BITS 80 /* * Normally blinding is performed by choosing a random starting point (plus * its inverse, of a form appropriate to the algorithm being blinded), and * then choosing new blinding operands by successive squaring of both * values. This is much faster than computing a new starting point but * introduces some possible coorelation * * To avoid possible leakage problems in long-running processes, the blinder * periodically reinitializes the sequence. This value specifies how often * a new sequence should be started. */ #define BOTAN_BLINDING_REINIT_INTERVAL 32 /* PK key consistency checking toggles */ #define BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD 1 #define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD 0 #define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_GENERATE 1 /* * Userspace RNGs like HMAC_DRBG will reseed after a specified number * of outputs are generated. Set to zero to disable automatic reseeding. */ #define BOTAN_RNG_DEFAULT_RESEED_INTERVAL 1024 #define BOTAN_RNG_RESEED_POLL_BITS 256 #define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(10) #define BOTAN_RNG_RESEED_DEFAULT_TIMEOUT std::chrono::milliseconds(50) /** * Controls how AutoSeeded_RNG is instantiated */ #define BOTAN_AUTO_RNG_DRBG HMAC_DRBG #define BOTAN_AUTO_RNG_HMAC "HMAC(SHA-384)" /* * Specifies (in order) the list of entropy sources that will be used * to seed an in-memory RNG. The first few in the default list * ("timer", "proc_info", etc) do not count as contributing any entropy * but are included as they are fast and help protect against a * seriously broken system RNG. */ #define BOTAN_ENTROPY_DEFAULT_SOURCES \ { "timestamp", "rdseed", "rdrand", "proc_info", \ "darwin_secrandom", "dev_random", "win32_cryptoapi", "egd", \ "proc_walk", "system_stats", "unix_procs" } /* * These control the RNG used by the system RNG interface */ #define BOTAN_SYSTEM_RNG_DEVICE "/dev/urandom" #define BOTAN_SYSTEM_RNG_CRYPTOAPI_PROV_TYPE PROV_RSA_FULL /* * These paramaters control how many bytes to read from the system * PRNG, and how long to block if applicable. * * Timeout is ignored on Windows as CryptGenRandom doesn't block */ #define BOTAN_SYSTEM_RNG_POLL_DEVICES { "/dev/urandom", "/dev/random", "/dev/srandom" } #define BOTAN_SYSTEM_RNG_POLL_REQUEST 64 #define BOTAN_SYSTEM_RNG_POLL_TIMEOUT_MS 20 #define BOTAN_ENTROPY_EGD_PATHS { "/var/run/egd-pool", "/dev/egd-pool" } #define BOTAN_ENTROPY_PROC_FS_PATH "/proc" #define BOTAN_ENTROPY_SAFE_PATHS { "/bin", "/sbin", "/usr/bin", "/usr/sbin" } /* How many times to read from the RDRAND/RDSEED RNGs. Each read generates 32 bits of output */ #define BOTAN_ENTROPY_INTEL_RNG_POLLS 32 // According to Intel, RDRAND is guaranteed to generate a random number within 10 retries on a working CPU #define BOTAN_ENTROPY_RDRAND_RETRIES 10 /* * RdSeed is not guaranteed to generate a random number within a specific number of retries * Define the number of retries here */ #define BOTAN_ENTROPY_RDSEED_RETRIES 20 /* * Compiler and target specific flags */ /* Should we use GCC-style inline assembler? */ #if !defined(BOTAN_USE_GCC_INLINE_ASM) && defined(__GNUG__) #define BOTAN_USE_GCC_INLINE_ASM 1 #endif #ifdef __GNUC__ #define BOTAN_GCC_VERSION \ (__GNUC__ * 100 + __GNUC_MINOR__ * 10 + __GNUC_PATCHLEVEL__) #else #define BOTAN_GCC_VERSION 0 #endif /* Target identification and feature test macros */ %{target_os_defines} %{target_cpu_defines} #if defined(BOTAN_TARGET_CPU_IS_LITTLE_ENDIAN) || \ defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN) #define BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS #endif /* * If no way of dynamically determining the cache line size for the * system exists, this value is used as the default. Used by the side * channel countermeasures rather than for alignment purposes, so it is * better to be on the smaller side if the exact value cannot be * determined. Typically 32 or 64 bytes on modern CPUs. */ #if !defined(BOTAN_TARGET_CPU_DEFAULT_CACHE_LINE_SIZE) #define BOTAN_TARGET_CPU_DEFAULT_CACHE_LINE_SIZE 32 #endif %{target_compiler_defines} /* * Compile-time deprecatation warnings */ #if !defined(BOTAN_NO_DEPRECATED_WARNINGS) #if defined(__clang__) #define BOTAN_DEPRECATED(msg) __attribute__ ((deprecated)) #elif defined(_MSC_VER) #define BOTAN_DEPRECATED(msg) __declspec(deprecated(msg)) #elif defined(__GNUG__) #if BOTAN_GCC_VERSION >= 450 #define BOTAN_DEPRECATED(msg) __attribute__ ((deprecated(msg))) #else #define BOTAN_DEPRECATED(msg) __attribute__ ((deprecated)) #endif #endif #endif #if !defined(BOTAN_NORETURN) #if defined (__clang__) || defined (__GNUG__) #define BOTAN_NORETURN __attribute__ ((__noreturn__)) #elif defined (_MSC_VER) #define BOTAN_NORETURN __declspec(noreturn) #else #define BOTAN_NORETURN #endif #endif #if defined(_MSC_VER) #define BOTAN_CURRENT_FUNCTION __FUNCTION__ #else #define BOTAN_CURRENT_FUNCTION __func__ #endif #if !defined(BOTAN_DEPRECATED) #define BOTAN_DEPRECATED(msg) #endif #if defined(_MSC_VER) && (_MSC_VER < 1900) // noexcept is not supported in VS 2013 #include #define BOTAN_NOEXCEPT _NOEXCEPT #else #define BOTAN_NOEXCEPT noexcept #endif /* * Module availability definitions */ %{module_defines} /* * Local configuration options (if any) follow */ %{local_config} // Append to macros living outside of functions, so that invocations must end with a semicolon. // The struct is only declared to force the semicolon, it is never defined. #define BOTAN_FORCE_SEMICOLON struct BOTAN_DUMMY_STRUCT #if defined(BOTAN_TARGET_ARCH_IS_X86_64) && (\ (defined(_MSC_VER) && !defined(_WIN64)) || \ (defined(__clang__) && !defined(__x86_64__)) || \ (defined(__GNUG__) && !defined(__x86_64__)) \ ) #error "Trying to compile Botan configured as x86_64 with non-x86_64 compiler." #endif #if defined(BOTAN_TARGET_ARCH_IS_X86_32) && (\ (defined(_MSC_VER) && defined(_WIN64)) || \ (defined(__clang__) && !defined(__i386__)) || \ (defined(__GNUG__) && !defined(__i386__)) \ ) #error "Trying to compile Botan configured as x86_32 with non-x86_32 compiler." #endif #endif