Merge pull request #5583 from SparkiDev/psk_only_tls_fix

PSK only TLS: fix ENCRYPT_LEN
2022-09-12 09:26:28 -06:00
parent be72549388 005f77180b
commit ba5aeb3501
3 changed files with 82 additions and 71 deletions
--- a/examples/client/client.c
+++ b/examples/client/client.c
@@ -3093,8 +3093,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                ;
        #elif defined(HAVE_NULL_CIPHER)
                defaultCipherList = "PSK-NULL-SHA256";
-        #else
+        #elif !defined(NO_AES_CBC)
                defaultCipherList = "PSK-AES128-CBC-SHA256";
        #else
                defaultCipherList = "PSK-AES128-GCM-SHA256";
        #endif
            if (wolfSSL_CTX_set_cipher_list(ctx, defaultCipherList)
                                                            !=WOLFSSL_SUCCESS) {
--- a/examples/server/server.c
+++ b/examples/server/server.c
@@ -2720,8 +2720,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                ;
        #elif defined(HAVE_NULL_CIPHER)
                defaultCipherList = "PSK-NULL-SHA256";
-        #else
+        #elif !defined(NO_AES_CBC)
                defaultCipherList = "PSK-AES128-CBC-SHA256";
        #else
                defaultCipherList = "PSK-AES128-GCM-SHA256";
        #endif
            if (SSL_CTX_set_cipher_list(ctx, defaultCipherList)
                != WOLFSSL_SUCCESS)
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -1165,6 +1165,7 @@ enum {
    #define MAX_EARLY_DATA_SZ  4096
 #endif
 #ifndef NO_RSA
    #ifndef WOLFSSL_MAX_RSA_BITS
        #ifdef USE_FAST_MATH
            /* FP implementation support numbers up to FP_MAX_BITS / 2 bits. */
@@ -1180,8 +1181,10 @@ enum {
    #if (WOLFSSL_MAX_RSA_BITS % 8)
        #error RSA maximum bit size must be multiple of 8
    #endif
 #endif
 #if !defined(NO_RSA) || !defined(NO_DH) || defined(HAVE_ECC)
    /* MySQL wants to be able to use 8192-bit numbers. */
    #if defined(USE_FAST_MATH) && defined(FP_MAX_BITS)
        /* Use the FP size up to 8192-bit and down to a min of 1024-bit. */
@@ -1241,6 +1244,10 @@ enum {
        /* Integer/heap maths - support 4096-bit. */
        #define ENCRYPT_BASE_BITS  4096
    #endif
 #else
    /* No secret from public key operation but PSK key plus length used. */
    #define ENCRYPT_BASE_BITS  ((MAX_PSK_ID_LEN + 2) * 8)
 #endif
 #ifdef WOLFSSL_DTLS_CID
 #ifndef DTLS_CID_MAX_SIZE