From 9ca9c2ba6f83a4c8d064b464fd4c4051faf11819 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Tue, 6 Jun 2023 14:26:06 +1000
Subject: [PATCH] Kyber: allow compilation with limited sizes with liboqs

---
 configure.ac                   | 21 +++++++++++----------
 wolfssl/wolfcrypt/asn_public.h |  3 ++-
 wolfssl/wolfcrypt/settings.h   | 10 ++++++----
 3 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/configure.ac b/configure.ac
index 788219b52..9b43e5577 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1115,18 +1115,19 @@ done
 if test "$ENABLED_KYBER" != "no"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_KYBER"
+
+    if test "$ENABLED_KYBER512" = ""; then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER512"
+    fi
+    if test "$ENABLED_KYBER768" = ""; then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER768"
+    fi
+    if test "$ENABLED_KYBER1024" = ""; then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024"
+    fi
+
     if test "$ENABLED_WC_KYBER" = "yes"
     then
-        if test "$ENABLED_KYBER512" = ""; then
-            AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER512"
-        fi
-        if test "$ENABLED_KYBER768" = ""; then
-            AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER768"
-        fi
-        if test "$ENABLED_KYBER1024" = ""; then
-            AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024"
-        fi
-
         test "$enable_sha3" = "" && enable_sha3=yes
         test "$enable_shake128" = "" && enable_shake128=yes
         test "$enable_shake256" = "" && enable_shake256=yes
diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h
index 7e8b8f52e..94303e462 100644
--- a/wolfssl/wolfcrypt/asn_public.h
+++ b/wolfssl/wolfcrypt/asn_public.h
@@ -761,7 +761,8 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
      (defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT)) || \
      (defined(HAVE_ED448)      && defined(HAVE_ED448_KEY_IMPORT)) || \
      (defined(HAVE_CURVE448)   && defined(HAVE_CURVE448_KEY_IMPORT)) || \
-     (defined(HAVE_PQC)))
+     (defined(HAVE_PQC) && (defined(HAVE_FALCON) || \
+                            defined(HAVE_DILITHIUM) || defined(HAVE_SPHINCS))))
     #define WC_ENABLE_ASYM_KEY_IMPORT
 #endif
 
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index d18ddcc31..51ff0bcdc 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -2923,10 +2923,12 @@ extern void uITRON4_free(void *p) ;
 #define HAVE_FALCON
 #define HAVE_DILITHIUM
 #define HAVE_SPHINCS
-#define WOLFSSL_HAVE_KYBER
-#define WOLFSSL_KYBER512
-#define WOLFSSL_KYBER768
-#define WOLFSSL_KYBER1024
+#ifndef WOLFSSL_HAVE_KYBER
+    #define WOLFSSL_HAVE_KYBER
+    #define WOLFSSL_KYBER512
+    #define WOLFSSL_KYBER768
+    #define WOLFSSL_KYBER1024
+#endif
 #endif
 
 #ifdef HAVE_PQM4