xref: /aosp_15_r20/external/ms-tpm-20-ref/TPMCmd/tpm/include/TpmBuildSwitches.h (revision 5c591343844d1f9da7da26467c4bf7efc8a7a413)

/* Microsoft Reference Implementation for TPM 2.0
 *
 *  The copyright in this software is being made available under the BSD License,
 *  included below. This software may be subject to other third party and
 *  contributor rights, including patent rights, and no such rights are granted
 *  under this license.
 *
 *  Copyright (c) Microsoft Corporation
 *
 *  All rights reserved.
 *
 *  BSD License
 *
 *  Redistribution and use in source and binary forms, with or without modification,
 *  are permitted provided that the following conditions are met:
 *
 *  Redistributions of source code must retain the above copyright notice, this list
 *  of conditions and the following disclaimer.
 *
 *  Redistributions in binary form must reproduce the above copyright notice, this
 *  list of conditions and the following disclaimer in the documentation and/or
 *  other materials provided with the distribution.
 *
 *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
 *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 *  DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
 *  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 *  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 *  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
 *  ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
// This file contains the build switches. This contains switches for multiple
// versions of the crypto-library so some may not apply to your environment.
//
// The switches are guarded so that they can either be set on the command line or
// set here. If the switch is listed on the command line (-DSOME_SWITCH) with NO
// setting, then the switch will be set to YES. If the switch setting is not on the
// command line or if the setting is other than YES or NO, then the switch will be set
// to the default value. The default can either be YES or NO as indicated on each line
// where the default is selected.
//
// A caution: do not try to test these macros by inserting #defines in this file. For
// some curious reason, a variable set on the command line with no setting will have a
// value of 1. An "#if SOME_VARIABLE" will work if the variable is not defined or is
// defined on the command line with no initial setting. However, a
// "#define SOME_VARIABLE" is a null string and when used in "#if SOME_VARIABLE" will
// not be a proper expression If you want to test various switches, either use the
// command line or change the default.
//
#ifndef _TPM_BUILD_SWITCHES_H_
#define _TPM_BUILD_SWITCHES_H_

#undef YES
#define YES 1
#undef NO
#define NO 0

// Allow the command line to specify a "profile" file
#ifdef PROFILE
#   define PROFILE_QUOTE(a) #a
#   define PROFILE_INCLUDE(a) PROFILE_QUOTE(a)
#   include PROFILE_INCLUDE(PROFILE)
#endif

// Need an unambiguous definition for DEBUG. Do not change this
#ifndef DEBUG
#   ifdef NDEBUG
#       define  DEBUG   NO
#   else
#       define  DEBUG   YES
#   endif
#elif (DEBUG != NO) && (DEBUG != YES)
#   undef   DEBUG
#   define  DEBUG                       YES     // Default: Either YES or NO
#endif

#include "CompilerDependencies.h"

// This definition is required for the re-factored code
#if (!defined USE_BN_ECC_DATA)                                                      \
                || ((USE_BN_ECC_DATA != NO) && (USE_BN_ECC_DATA != YES))
#   undef   USE_BN_ECC_DATA
#   define  USE_BN_ECC_DATA             YES     // Default: Either YES or NO
#endif

// The SIMULATION switch allows certain other macros to be enabled. The things that
// can be enabled in a simulation include key caching, reproducible "random"
// sequences, instrumentation of the RSA key generation process, and certain other
// debug code. SIMULATION Needs to be defined as either YES or NO. This grouping of
// macros will make sure that it is set correctly. A simulated TPM would include a
// Virtual TPM. The interfaces for a Virtual TPM should be modified from the standard
// ones in the Simulator project.
//
// If SIMULATION is in the compile parameters without modifiers,
// make SIMULATION == YES
#if !(defined SIMULATION) || ((SIMULATION != NO) && (SIMULATION != YES))
#   undef   SIMULATION
#   define  SIMULATION                  YES     // Default: Either YES or NO
#endif

// Define this to run the function that checks the compatibility between the
// chosen big number math library and the TPM code. Not all ports use this.
#if !(defined LIBRARY_COMPATIBILITY_CHECK)                                          \
        || (( LIBRARY_COMPATIBILITY_CHECK != NO)                                    \
            && (LIBRARY_COMPATIBILITY_CHECK != YES))
#   undef   LIBRARY_COMPATIBILITY_CHECK
#   define  LIBRARY_COMPATIBILITY_CHECK YES     // Default: Either YES or NO
#endif

#if !(defined FIPS_COMPLIANT) || ((FIPS_COMPLIANT != NO) && (FIPS_COMPLIANT != YES))
#   undef   FIPS_COMPLIANT
#   define  FIPS_COMPLIANT              YES     // Default: Either YES or NO
#endif

// Definition to allow alternate behavior for non-orderly startup. If there is a
// chance that the TPM could not update 'failedTries'
#if !(defined USE_DA_USED) || ((USE_DA_USED != NO) && (USE_DA_USED != YES))
#   undef   USE_DA_USED
#   define  USE_DA_USED                 YES     // Default: Either YES or NO
#endif

// Define TABLE_DRIVEN_DISPATCH to use tables rather than case statements
// for command dispatch and handle unmarshaling
#if !(defined TABLE_DRIVEN_DISPATCH)                                                \
        || ((TABLE_DRIVEN_DISPATCH != NO) && (TABLE_DRIVEN_DISPATCH != YES))
#   undef   TABLE_DRIVEN_DISPATCH
#   define  TABLE_DRIVEN_DISPATCH       YES     // Default: Either YES or NO
#endif

// This switch is used to enable the self-test capability in AlgorithmTests.c
#if !(defined SELF_TEST) || ((SELF_TEST != NO) && (SELF_TEST != YES))
#   undef   SELF_TEST
#   define  SELF_TEST                   YES     // Default: Either YES or NO
#endif

// Enable the generation of RSA primes using a sieve.
#if !(defined RSA_KEY_SIEVE) || ((RSA_KEY_SIEVE != NO) && (RSA_KEY_SIEVE != YES))
#   undef   RSA_KEY_SIEVE
#   define  RSA_KEY_SIEVE               YES     // Default: Either YES or NO
#endif

// Enable the instrumentation of the sieve process. This is used to tune the sieve
// variables.
#if RSA_KEY_SIEVE && SIMULATION
#   if !(defined RSA_INSTRUMENT)                                                    \
            || ((RSA_INSTRUMENT != NO) && (RSA_INSTRUMENT != YES))
#       undef   RSA_INSTRUMENT
#       define  RSA_INSTRUMENT          NO      // Default: Either YES or NO
#   endif
#endif

// This switch enables the RNG state save and restore
#if !(defined _DRBG_STATE_SAVE)                                                     \
    || ((_DRBG_STATE_SAVE != NO) && (_DRBG_STATE_SAVE != YES))
#   undef   _DRBG_STATE_SAVE
#   define  _DRBG_STATE_SAVE            YES     // Default: Either YES or NO
#endif

// Switch added to support packed lists that leave out space associated with
// unimplemented commands. Comment this out to use linear lists.
// Note: if vendor specific commands are present, the associated list is always
// in compressed form.
#if !(defined COMPRESSED_LISTS)                                                     \
    || ((COMPRESSED_LISTS != NO) && (COMPRESSED_LISTS != YES))
#   undef   COMPRESSED_LISTS
#   define  COMPRESSED_LISTS            YES     // Default: Either YES or NO
#endif

// This switch indicates where clock epoch value should be stored. If this value
// defined, then it is assumed that the timer will change at any time so the
// nonce should be a random number kept in RAM. When it is not defined, then the
// timer only stops during power outages.
#if !(defined CLOCK_STOPS) || ((CLOCK_STOPS != NO) && (CLOCK_STOPS != YES))
#   undef   CLOCK_STOPS
#   define  CLOCK_STOPS                 NO      // Default: Either YES or NO
#endif

// This switch allows use of #defines in place of pass-through marshaling or
// unmarshaling code. A pass-through function just calls another function to do
// the required function and does no parameter checking of its own. The
// table-driven dispatcher calls directly to the lowest level
// marshaling/unmarshaling code and by-passes any pass-through functions.
#if (defined USE_MARSHALING_DEFINES) && (USE_MARSHALING_DEFINES != NO)
#   undef   USE_MARSHALING_DEFINES
#   define  USE_MARSHALING_DEFINES      YES
#else
#   define USE_MARSHALING_DEFINES       YES     // Default: Either YES or NO
#endif

//**********************************
// The switches in this group can only be enabled when doing debug during simulation
#if SIMULATION && DEBUG
// This forces the use of a smaller context slot size. This reduction reduces the
// range of the epoch allowing the tester to force the epoch to occur faster than
// the normal defined in TpmProfile.h
#   if !(defined CONTEXT_SLOT)
#       define CONTEXT_SLOT             UINT8
#   endif
// Enables use of the key cache. Default is YES
#   if !(defined USE_RSA_KEY_CACHE)                                                 \
    || ((USE_RSA_KEY_CACHE != NO) && (USE_RSA_KEY_CACHE != YES))
#       undef   USE_RSA_KEY_CACHE
#       define  USE_RSA_KEY_CACHE       YES     // Default: Either YES or NO
#   endif

// Enables use of a file to store the key cache values so that the TPM will start
// faster during debug. Default for this is YES
#   if USE_RSA_KEY_CACHE
#       if !(defined USE_KEY_CACHE_FILE)                                            \
            || ((USE_KEY_CACHE_FILE != NO) && (USE_KEY_CACHE_FILE != YES))
#           undef   USE_KEY_CACHE_FILE
#           define  USE_KEY_CACHE_FILE  YES     // Default: Either YES or NO
#       endif
#   else
#       undef   USE_KEY_CACHE_FILE
#       define  USE_KEY_CACHE_FILE      NO
#   endif   // USE_RSA_KEY_CACHE

// This provides fixed seeding of the RNG when doing debug on a simulator. This
// should allow consistent results on test runs as long as the input parameters
// to the functions remains the same. There is no default value.
#   if !(defined USE_DEBUG_RNG) || ((USE_DEBUG_RNG != NO) && (USE_DEBUG_RNG != YES))
#       undef   USE_DEBUG_RNG
#       define  USE_DEBUG_RNG           YES     // Default: Either YES or NO
#   endif

// Do not change these. They are the settings needed when not doing a simulation and
// not doing debug. Can't use the key cache except during debug. Otherwise, all of the
// key values end up being the same
#else
#   define USE_RSA_KEY_CACHE            NO
#   define USE_RSA_KEY_CACHE_FILE       NO
#   define USE_DEBUG_RNG                NO
#endif  // DEBUG && SIMULATION

#if DEBUG

// In some cases, the relationship between two values may be dependent
// on things that change based on various selections like the chosen cryptographic
// libraries. It is possible that these selections will result in incompatible
// settings. These are often detectable by the compiler but it is not always
// possible to do the check in the preprocessor code. For example, when the
// check requires use of 'sizeof'() then the preprocessor can't do the comparison.
// For these cases, we include a special macro that, depending on the compiler
// will generate a warning to indicate if the check always passes or always fails
// because it involves fixed constants. To run these checks, define COMPILER_CHECKS.
#   if !(defined COMPILER_CHECKS)                                                   \
        || ((COMPILER_CHECKS != NO) && (COMPILER_CHECKS != YES))
#       undef   COMPILER_CHECKS
#       define  COMPILER_CHECKS         NO      // Default: Either YES or NO
#   endif

// Some of the values (such as sizes) are the result of different options set in
// TpmProfile.h. The combination might not be consistent. A function is defined
// (TpmSizeChecks()) that is used to verify the sizes at run time. To enable the
// function, define this parameter.
#   if !(defined RUNTIME_SIZE_CHECKS)                                               \
    || ((RUNTIME_SIZE_CHECKS != NO) && (RUNTIME_SIZE_CHECKS != YES))
#       undef RUNTIME_SIZE_CHECKS
#       define RUNTIME_SIZE_CHECKS      YES      // Default: Either YES or NO
#   endif

// If doing debug, can set the DRBG to print out the intermediate test values.
// Before enabling this, make sure that the dbgDumpMemBlock() function
// has been added someplace (preferably, somewhere in CryptRand.c)
#   if !(defined DRBG_DEBUG_PRINT)                                                  \
    || ((DRBG_DEBUG_PRINT != NO) && (DRBG_DEBUG_PRINT != YES))
#       undef   DRBG_DEBUG_PRINT
#       define  DRBG_DEBUG_PRINT        NO      // Default: Either YES or NO
#   endif

// If an assertion event it not going to produce any trace information (function and
// line number) then make FAIL_TRACE == NO
#   if !(defined FAIL_TRACE) || ((FAIL_TRACE != NO) && (FAIL_TRACE != YES))
#       undef   FAIL_TRACE
#       define  FAIL_TRACE              YES     // Default: Either YES or NO
#   endif

#endif // DEBUG

// Indicate if the implementation is going to give lockout time credit for time up to
// the last orderly shutdown.
#if !(defined ACCUMULATE_SELF_HEAL_TIMER)                                           \
    || ((ACCUMULATE_SELF_HEAL_TIMER != NO) && (ACCUMULATE_SELF_HEAL_TIMER != YES))
#   undef   ACCUMULATE_SELF_HEAL_TIMER
#   define  ACCUMULATE_SELF_HEAL_TIMER  YES     // Default: Either YES or NO
#endif

// Indicates if the implementation is to compute the sizes of the proof and primary
// seed size values based on the implemented algorithms.
#if !(defined USE_SPEC_COMPLIANT_PROOFS)                                            \
    || ((USE_SPEC_COMPLIANT_PROOFS != NO) && (USE_SPEC_COMPLIANT_PROOFS != YES))
#   undef   USE_SPEC_COMPLIANT_PROOFS
#   define  USE_SPEC_COMPLIANT_PROOFS   YES     // Default: Either YES or NO
#endif

// Comment this out to allow compile to continue even though the chosen proof values
// do not match the compliant values. This is written so that someone would
// have to proactively ignore errors.
#if !(defined SKIP_PROOF_ERRORS)                                                    \
    || ((SKIP_PROOF_ERRORS != NO) && (SKIP_PROOF_ERRORS != YES))
#   undef   SKIP_PROOF_ERRORS
#   define  SKIP_PROOF_ERRORS           NO      // Default: Either YES or NO
#endif

// This define is used to eliminate the use of bit-fields. It can be enabled for big-
// or little-endian machines. For big-endian architectures that numbers bits in
// registers from left to right (MSb0) this must be enabled. Little-endian machines
// number from right to left with the least significant bit having assigned a bit
// number of 0. These are LSb0 machines (they are also little-endian so they are also
// least-significant byte 0 (LSB0) machines. Big-endian (MSB0) machines may number in
// either direction (MSb0 or LSb0). For an MSB0+MSb0 machine this value is required to
// be 'NO'
#if !(defined USE_BIT_FIELD_STRUCTURES)                                             \
    || ((USE_BIT_FIELD_STRUCTURES != NO) && (USE_BIT_FIELD_STRUCTURES != YES))
#   undef   USE_BIT_FIELD_STRUCTURES
#   define  USE_BIT_FIELD_STRUCTURES    NO        // Default: Either YES or NO
#endif

// This define is used to control the debug for the CertifyX509 command.
#if !(defined CERTIFYX509_DEBUG)                                                    \
    || ((CERTIFYX509_DEBUG != NO) && (CERTIFYX509_DEBUG != YES))
#   undef   CERTIFYX509_DEBUG
#   define  CERTIFYX509_DEBUG YES               // Default: Either YES or NO
#endif

// This define is used to enable the new table-driven marshaling code.
#if !(defined TABLE_DRIVEN_MARSHAL)                                                 \
    || ((TABLE_DRIVEN_MARSHAL != NO) && (TABLE_DRIVEN_MARSHAL != YES))
#   undef   TABLE_DRIVEN_MARSHAL
#   define  TABLE_DRIVEN_MARSHAL NO  // Default: Either YES or NO
#endif

// Change these definitions to turn all algorithms or commands ON or OFF. That is,
// to turn all algorithms on, set ALG_NO to YES. This is mostly useful as a debug
// feature.
#define      ALG_YES      YES
#define      ALG_NO       NO
#define      CC_YES       YES
#define      CC_NO        NO

#endif // _TPM_BUILD_SWITCHES_H_