configure.ac: in setup for enable-all and enable-all-crypto with enable-32bit, fix inconsistency whereby SHAKE was enabled but SHA512 and SHA3 weren't; remove unneeded+unwanted ENABLED_32BIT conditional force-off of SHA512, SHA384, SHA3, ED25519 (harmonizes with FIPS v6).

2024-04-17 00:40:39 -05:00
parent d0edb3d0a9
commit fac834c80a
1 changed files with 18 additions and 32 deletions
--- a/configure.ac
+++ b/configure.ac
@@ -809,6 +809,8 @@ then
    test "$enable_camellia" = "" && enable_camellia=yes
    test "$enable_ripemd" = "" && enable_ripemd=yes
    test "$enable_sha224" = "" && enable_sha224=yes
+    test "$enable_sha512" = "" && enable_sha512=yes
+    test "$enable_sha3" = "" && enable_sha3=yes
    test "$enable_shake128" = "" && enable_shake128=yes
    test "$enable_shake256" = "" && enable_shake256=yes
    test "$enable_sessioncerts" = "" && enable_sessioncerts=yes
@@ -867,12 +869,6 @@ then
    test "$enable_ech" = "" && enable_ech=yes
    test "$enable_srtp" = "" && enable_srtp=yes

-    if test "$ENABLED_32BIT" != "yes"
-    then
-        test "$enable_sha512" = "" && enable_sha512=yes
-        test "$enable_sha3" = "" && enable_sha3=yes
-    fi
-
    if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
    then
        test "$enable_compkey" = "" && enable_compkey=yes
@@ -923,13 +919,10 @@ then
        test "$enable_pkcs7" = "" && enable_pkcs7=yes
        test "$enable_nullcipher" = "" && enable_nullcipher=yes
        test "$enable_mcast" = "" && enable_mcast=yes
-        if test "$ENABLED_32BIT" != "yes"
-        then
-            test "$enable_ed25519" = "" && enable_ed25519=yes
-            test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
-            test "$enable_ed448" = "" && enable_ed448=yes
-            test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
-        fi
+        test "$enable_ed25519" = "" && enable_ed25519=yes
+        test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
+        test "$enable_ed448" = "" && enable_ed448=yes
+        test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes

        if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
        then
@@ -1005,6 +998,8 @@ then
    test "$enable_camellia" = "" && enable_camellia=yes
    test "$enable_ripemd" = "" && enable_ripemd=yes
    test "$enable_sha224" = "" && enable_sha224=yes
+    test "$enable_sha512" = "" && enable_sha512=yes
+    test "$enable_sha3" = "" && enable_sha3=yes
    test "$enable_shake128" = "" && enable_shake128=yes
    test "$enable_shake256" = "" && enable_shake256=yes
    test "$enable_sessioncerts" = "" && enable_sessioncerts=yes
@@ -1047,12 +1042,6 @@ then
    test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
    test "$enable_srtp_kdf" = "" && enable_srtp_kdf=yes

-    if test "$ENABLED_32BIT" != "yes"
-    then
-        test "$enable_sha512" = "" && enable_sha512=yes
-        test "$enable_sha3" = "" && enable_sha3=yes
-    fi
-
    if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
    then
        test "$enable_compkey" = "" && enable_compkey=yes
@@ -1074,13 +1063,10 @@ then
        test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes
        test "$enable_pkcs7" = "" && enable_pkcs7=yes
        test "$enable_nullcipher" = "" && enable_nullcipher=yes
-        if test "$ENABLED_32BIT" != "yes"
-        then
-            test "$enable_ed25519" = "" && enable_ed25519=yes
-            test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
-            test "$enable_ed448" = "" && enable_ed448=yes
-            test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
-        fi
+        test "$enable_ed25519" = "" && enable_ed25519=yes
+        test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
+        test "$enable_ed448" = "" && enable_ed448=yes
+        test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes

        if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
        then
@@ -3433,7 +3419,7 @@ fi
 # set sha3 default
 SHA3_DEFAULT=no
 if (test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" ||
-    test "$host_cpu" = "amd64") && test "$ENABLED_32BIT" = "no"
+    test "$host_cpu" = "amd64")
 then
    if test "x$ENABLED_FIPS" = "xno" || test "$HAVE_FIPS_VERSION" -ge 2
    then
@@ -3475,7 +3461,7 @@ AC_ARG_ENABLE([sha512],
    )

 # options that don't require sha512
-if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes"
+if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes"
 then
    ENABLED_SHA512="no"
 fi
@@ -3501,7 +3487,7 @@ AC_ARG_ENABLE([sha384],
    )

 # options that don't require sha384
-if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes"
+if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes"
 then
    ENABLED_SHA384="no"
 fi
@@ -5406,7 +5392,7 @@ then
 fi

 # Set SHA-3 flags
-if test "$ENABLED_SHA3" != "no" && test "$ENABLED_32BIT" = "no"
+if test "$ENABLED_SHA3" != "no"
 then
    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA3"
 fi
@@ -8835,9 +8821,9 @@ AS_IF([test "x$ENABLED_CERTGEN" = "xyes"],
 AS_IF([test "x$ENABLED_CERTEXT" = "xyes"],
      [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_EXT"])

-AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
+AS_IF([test "x$ENABLED_ED25519" = "xyes"],
      [AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"])
-AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
+AS_IF([test "x$ENABLED_ED25519" = "xyes"],
      [AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_ED25519"])

 AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"],