From 08f2b36678e7c864ce8a96b00cb0a4d773fa50ef Mon Sep 17 00:00:00 2001 From: Josh Holtrop Date: Mon, 1 Dec 2025 10:25:18 -0500 Subject: [PATCH] Add several library configurations from os-check.yml to the Rust wrapper CI build --- .github/workflows/rust-wrapper.yml | 47 +++++++++++++++++++++- wolfssl/wolfcrypt/rsa.h | 4 ++ wrapper/rust/wolfssl/build.rs | 9 +++++ wrapper/rust/wolfssl/src/wolfcrypt/dh.rs | 38 +++++++++++++++++ wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs | 2 + wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs | 1 + wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs | 16 ++++++++ wrapper/rust/wolfssl/tests/test_dh.rs | 5 ++- wrapper/rust/wolfssl/tests/test_hkdf.rs | 2 + wrapper/rust/wolfssl/tests/test_kdf.rs | 2 + wrapper/rust/wolfssl/tests/test_rsa.rs | 2 +- 11 files changed, 124 insertions(+), 4 deletions(-) diff --git a/.github/workflows/rust-wrapper.yml b/.github/workflows/rust-wrapper.yml index de923792c..44f382123 100644 --- a/.github/workflows/rust-wrapper.yml +++ b/.github/workflows/rust-wrapper.yml @@ -24,10 +24,55 @@ jobs: uses: wolfSSL/actions-build-autotools-project@v1 with: path: wolfssl - configure: --enable-all + configure: ${{ matrix.config }} - name: Build Rust Wrapper working-directory: wolfssl run: make -C wrapper/rust - name: Run Rust Wrapper Tests working-directory: wolfssl run: make -C wrapper/rust test + strategy: + matrix: + config: [ + # Add new configs here + '', + '--enable-all --enable-asn=template', + '--enable-all --enable-asn=original', + '--enable-all --enable-asn=template CPPFLAGS=-DWOLFSSL_OLD_OID_SUM', + '--enable-all --enable-asn=original CPPFLAGS=-DWOLFSSL_OLD_OID_SUM', + '--enable-harden-tls', + '--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13 + --enable-opensslextra --enable-sessioncerts + CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE + -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ', + '--enable-all --enable-secure-renegotiation', + '--enable-all --enable-haproxy --enable-quic', + '--enable-dtls --enable-dtls13 --enable-earlydata + --enable-session-ticket --enable-psk + CPPFLAGS=''-DWOLFSSL_DTLS13_NO_HRR_ON_RESUME'' ', + '--enable-experimental --enable-kyber --enable-dtls --enable-dtls13 + --enable-dtls-frag-ch', + '--enable-all --enable-dtls13 --enable-dtls-frag-ch', + '--enable-dtls --enable-dtls13 --enable-dtls-frag-ch + --enable-dtls-mtu', + '--enable-dtls --enable-dtlscid --enable-dtls13 --enable-secure-renegotiation + --enable-psk --enable-aesccm --enable-nullcipher + CPPFLAGS=-DWOLFSSL_STATIC_RSA', + '--enable-ascon --enable-experimental', + '--enable-ascon CPPFLAGS=-DWOLFSSL_ASCON_UNROLL --enable-experimental', + '--enable-sniffer --enable-curve25519 --enable-curve448 --enable-enckeys + CPPFLAGS=-DWOLFSSL_DH_EXTRA', + '--enable-dtls --enable-dtls13 --enable-dtls-frag-ch + --enable-dtls-mtu CPPFLAGS=-DWOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS', + '--enable-opensslextra CPPFLAGS=''-DWOLFSSL_NO_CA_NAMES'' ', + '--enable-opensslextra=x509small', + 'CPPFLAGS=''-DWOLFSSL_EXTRA'' ', + '--enable-lms=small,verify-only --enable-xmss=small,verify-only', + '--disable-sys-ca-certs', + '--enable-all CPPFLAGS=-DWOLFSSL_DEBUG_CERTS ', + '--enable-coding=no', + '--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2 + --enable-cert-setup-cb --enable-sessioncerts', + '--disable-sni --disable-ecc --disable-tls13 --disable-secure-renegotiation-info', + 'CPPFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY', + ] diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index f3841301e..94350fcab 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -330,6 +330,7 @@ WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key); WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key, WC_RNG* rng); +#ifdef WC_RSA_PSS WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, enum wc_HashType hash, int mgf, RsaKey* key, WC_RNG* rng); @@ -337,6 +338,7 @@ WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out, word32 outLen, enum wc_HashType hash, int mgf, int saltLen, RsaKey* key, WC_RNG* rng); +#endif WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key); WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, @@ -346,6 +348,7 @@ WOLFSSL_API int wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out, WOLFSSL_API int wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key, int pad_type, enum wc_HashType hash); +#ifdef WC_RSA_PSS WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out, enum wc_HashType hash, int mgf, RsaKey* key); @@ -378,6 +381,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck(const byte* in, word32 inLen, const byte* digest, word32 digestLen, enum wc_HashType hash, int mgf, RsaKey* key); +#endif WOLFSSL_API int wc_RsaEncryptSize(const RsaKey* key); diff --git a/wrapper/rust/wolfssl/build.rs b/wrapper/rust/wolfssl/build.rs index e07d608b6..53e6827e5 100644 --- a/wrapper/rust/wolfssl/build.rs +++ b/wrapper/rust/wolfssl/build.rs @@ -125,6 +125,11 @@ fn scan_cfg() -> Result<()> { /* dh */ check_cfg(&binding, "wc_InitDhKey", "dh"); check_cfg(&binding, "wc_DhGenerateParams", "dh_keygen"); + check_cfg(&binding, "wc_Dh_ffdhe2048_Get", "dh_ffdhe_2048"); + check_cfg(&binding, "wc_Dh_ffdhe3072_Get", "dh_ffdhe_3072"); + check_cfg(&binding, "wc_Dh_ffdhe4096_Get", "dh_ffdhe_4096"); + check_cfg(&binding, "wc_Dh_ffdhe6144_Get", "dh_ffdhe_6144"); + check_cfg(&binding, "wc_Dh_ffdhe8192_Get", "dh_ffdhe_8192"); /* ecc */ check_cfg(&binding, "wc_ecc_init", "ecc"); @@ -155,6 +160,9 @@ fn scan_cfg() -> Result<()> { check_cfg(&binding, "wc_ed448_verify_msg_ex", "ed448_verify"); check_cfg(&binding, "wc_ed448_verify_msg_init", "ed448_streaming_verify"); + /* hkdf */ + check_cfg(&binding, "wc_HKDF_Extract_ex", "hkdf"); + /* kdf */ check_cfg(&binding, "wc_PBKDF2", "kdf_pbkdf2"); check_cfg(&binding, "wc_PKCS12_PBKDF_ex", "kdf_pkcs12"); @@ -169,6 +177,7 @@ fn scan_cfg() -> Result<()> { check_cfg(&binding, "wc_InitRsaKey", "rsa"); check_cfg(&binding, "wc_RsaDirect", "rsa_direct"); check_cfg(&binding, "wc_MakeRsaKey", "rsa_keygen"); + check_cfg(&binding, "wc_RsaPSS_Sign", "rsa_pss"); /* sha */ check_cfg(&binding, "wc_InitSha", "sha"); diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs b/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs index 573d4179f..af3e5a826 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs @@ -38,14 +38,19 @@ pub struct DH { impl DH { /// ffdhe2048 named parameter group. + #[cfg(dh_ffdhe_2048)] pub const FFDHE_2048: i32 = sys::WC_FFDHE_2048 as i32; /// ffdhe3072 named parameter group. + #[cfg(dh_ffdhe_3072)] pub const FFDHE_3072: i32 = sys::WC_FFDHE_3072 as i32; /// ffdhe4096 named parameter group. + #[cfg(dh_ffdhe_4096)] pub const FFDHE_4096: i32 = sys::WC_FFDHE_4096 as i32; /// ffdhe6144 named parameter group. + #[cfg(dh_ffdhe_6144)] pub const FFDHE_6144: i32 = sys::WC_FFDHE_6144 as i32; /// ffdhe8192 named parameter group. + #[cfg(dh_ffdhe_8192)] pub const FFDHE_8192: i32 = sys::WC_FFDHE_8192 as i32; /// Perform quick validity check of public key value against prime. @@ -68,6 +73,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut rng = RNG::new().expect("Failed to create RNG"); @@ -87,6 +94,7 @@ impl DH { /// dh.export_params_raw(&mut p, &mut p_size, &mut q, &mut q_size, &mut g, &mut g_size).expect("Error with export_params_raw()"); /// let p = &p[0..(p_size as usize)]; /// DH::check_pub_value(p, public).expect("Error with check_pub_value()"); + /// } /// ``` pub fn check_pub_value(prime: &[u8], public: &[u8]) -> Result<(), i32> { let prime_size = prime.len() as u32; @@ -117,6 +125,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut dh = DH::new_named(DH::FFDHE_2048).expect("Error with new_named()"); @@ -130,6 +140,7 @@ impl DH { /// let p = &p[0..(p_size as usize)]; /// let g = &g[0..(g_size as usize)]; /// assert!(DH::compare_named_key(DH::FFDHE_2048, p, g, None)); + /// } /// ``` pub fn compare_named_key(name: i32, p: &[u8], g: &[u8], q: Option<&[u8]>) -> bool { let p_size = p.len() as u32; @@ -244,10 +255,13 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let min_key_size = DH::get_min_key_size_for_named_parameters(DH::FFDHE_2048); /// assert_eq!(min_key_size, 29); + /// } /// ``` pub fn get_min_key_size_for_named_parameters(name: i32) -> u32 { unsafe { sys::wc_DhGetNamedKeyMinSize(name) } @@ -265,12 +279,15 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut p_size = 0u32; /// let mut g_size = 0u32; /// let mut q_size = 0u32; /// DH::get_named_parameter_sizes(DH::FFDHE_2048, &mut p_size, &mut g_size, &mut q_size); + /// } /// ``` pub fn get_named_parameter_sizes(name: i32, p_size: &mut u32, g_size: &mut u32, q_size: &mut u32) { unsafe { @@ -292,9 +309,12 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut dh = DH::new_named(DH::FFDHE_2048).expect("Error with new_named()"); + /// } /// ``` pub fn new_named(name: i32) -> Result { Self::new_named_ex(name, None, None) @@ -317,9 +337,12 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut dh = DH::new_named_ex(DH::FFDHE_2048, None, None).expect("Error with new_named_ex()"); + /// } /// ``` pub fn new_named_ex(name: i32, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_dhkey: MaybeUninit = MaybeUninit::uninit(); @@ -1023,6 +1046,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut rng = RNG::new().expect("Error with RNG::new()"); @@ -1035,6 +1060,7 @@ impl DH { /// let private = &private[0..(private_size as usize)]; /// let public = &public[0..(public_size as usize)]; /// dh.check_key_pair(public, private).expect("Error with check_key_pair()"); + /// } /// ``` pub fn check_key_pair(&mut self, public: &[u8], private: &[u8]) -> Result<(), i32> { let public_size = public.len() as u32; @@ -1066,6 +1092,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut rng = RNG::new().expect("Error with RNG::new()"); @@ -1077,6 +1105,7 @@ impl DH { /// dh.generate_key_pair(&mut rng, &mut private, &mut private_size, &mut public, &mut public_size).expect("Error with generate_key_pair()"); /// let private = &private[0..(private_size as usize)]; /// dh.check_priv_key(private).expect("Error with check_priv_key()"); + /// } /// ``` pub fn check_priv_key(&mut self, private: &[u8]) -> Result<(), i32> { let private_size = private.len() as u32; @@ -1230,6 +1259,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut rng = RNG::new().expect("Error with RNG::new()"); @@ -1241,6 +1272,7 @@ impl DH { /// dh.generate_key_pair(&mut rng, &mut private, &mut private_size, &mut public, &mut public_size).expect("Error with generate_key_pair()"); /// let public = &public[0..(public_size as usize)]; /// dh.check_pub_key(public).expect("Error with check_pub_key()"); + /// } /// ``` pub fn check_pub_key(&mut self, public: &[u8]) -> Result<(), i32> { let public_size = public.len() as u32; @@ -1429,6 +1461,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut rng = RNG::new().expect("Failed to create RNG"); @@ -1438,6 +1472,7 @@ impl DH { /// let mut public = [0u8; 256]; /// let mut public_size = 0u32; /// dh.generate_key_pair(&mut rng, &mut private, &mut private_size, &mut public, &mut public_size).expect("Error with generate_key_pair()"); + /// } /// ``` pub fn generate_key_pair(&mut self, rng: &mut RNG, private: &mut [u8], private_size: &mut u32, @@ -1471,6 +1506,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(dh_ffdhe_2048)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let mut rng = RNG::new().expect("Error with RNG::new()"); @@ -1488,6 +1525,7 @@ impl DH { /// let mut ss0 = [0u8; 256]; /// let ss0_size = dh.shared_secret(&mut ss0, &private0, &public1).expect("Error with shared_secret()"); /// let ss0 = &ss0[0..ss0_size]; + /// } /// ``` pub fn shared_secret(&mut self, dout: &mut [u8], private: &[u8], other_pub: &[u8]) -> Result { let mut dout_size = dout.len() as u32; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs b/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs index 4f7c43e0a..6dd52ffa6 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs @@ -23,6 +23,8 @@ This module provides a Rust wrapper for the wolfCrypt library's HMAC Key Derivation Function (HKDF) functionality. */ +#![cfg(hkdf)] + use crate::sys; use crate::wolfcrypt::hmac::HMAC; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs b/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs index 534e8f72b..c2a564c1b 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs @@ -24,6 +24,7 @@ Function (KDF) functionality. */ use crate::sys; +#[cfg(kdf_tls13)] use crate::wolfcrypt::hmac::HMAC; #[cfg(kdf_srtp)] diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs b/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs index ab36152e5..2625a4cf2 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs @@ -754,6 +754,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(rsa_pss)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -780,7 +782,9 @@ impl RSA { /// /// let mut verify_out: [u8; 512] = [0; 512]; /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()"); + /// } /// ``` + #[cfg(rsa_pss)] pub fn pss_sign(&mut self, din: &[u8], dout: &mut [u8], hash_algo: u32, mgf: i32, rng: &mut RNG) -> Result { let din_size = din.len() as u32; let dout_size = dout.len() as u32; @@ -813,6 +817,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(rsa_pss)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -839,7 +845,9 @@ impl RSA { /// /// let mut verify_out: [u8; 512] = [0; 512]; /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()"); + /// } /// ``` + #[cfg(rsa_pss)] pub fn pss_check_padding(&mut self, din: &[u8], sig: &[u8], hash_algo: u32) -> Result<(), i32> { let din_size = din.len() as u32; let sig_size = sig.len() as u32; @@ -875,6 +883,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(rsa_pss)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -901,7 +911,9 @@ impl RSA { /// /// let mut verify_out: [u8; 512] = [0; 512]; /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()"); + /// } /// ``` + #[cfg(rsa_pss)] pub fn pss_verify(&mut self, din: &[u8], dout: &mut [u8], hash_algo: u32, mgf: i32) -> Result { let din_size = din.len() as u32; let dout_size = dout.len() as u32; @@ -942,6 +954,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(rsa_pss)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -968,7 +982,9 @@ impl RSA { /// /// let mut verify_out: [u8; 512] = [0; 512]; /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()"); + /// } /// ``` + #[cfg(rsa_pss)] pub fn pss_verify_check(&mut self, din: &[u8], dout: &mut [u8], digest: &[u8], hash_algo: u32, mgf: i32) -> Result { let din_size = din.len() as u32; let dout_size = dout.len() as u32; diff --git a/wrapper/rust/wolfssl/tests/test_dh.rs b/wrapper/rust/wolfssl/tests/test_dh.rs index 88abf0291..a4f717416 100644 --- a/wrapper/rust/wolfssl/tests/test_dh.rs +++ b/wrapper/rust/wolfssl/tests/test_dh.rs @@ -4,7 +4,7 @@ use wolfssl::wolfcrypt::dh::DH; use wolfssl::wolfcrypt::random::RNG; #[test] -#[cfg(dh_keygen)] +#[cfg(all(dh_keygen, dh_ffdhe_2048))] fn test_dh_named_parameters() { assert_eq!(DH::get_min_key_size_for_named_parameters(DH::FFDHE_2048), 29); @@ -40,7 +40,7 @@ fn test_generate_params() { } #[test] -#[cfg(dh_keygen)] +#[cfg(all(dh_keygen, dh_ffdhe_2048))] fn test_generate_key_pair() { let mut rng = RNG::new().expect("Error with RNG::new()"); let mut dh = DH::new_named(DH::FFDHE_2048).expect("Error with new_named()"); @@ -171,6 +171,7 @@ fn test_dh_checks() { } #[test] +#[cfg(dh_ffdhe_2048)] fn test_dh_shared_secret() { let mut rng = RNG::new().expect("Error with RNG::new()"); let mut dh = DH::new_named(DH::FFDHE_2048).expect("Error with new_named()"); diff --git a/wrapper/rust/wolfssl/tests/test_hkdf.rs b/wrapper/rust/wolfssl/tests/test_hkdf.rs index a6052bada..6d66e22c7 100644 --- a/wrapper/rust/wolfssl/tests/test_hkdf.rs +++ b/wrapper/rust/wolfssl/tests/test_hkdf.rs @@ -1,3 +1,5 @@ +#![cfg(hkdf)] + use wolfssl::wolfcrypt::hkdf::*; use wolfssl::wolfcrypt::hmac::HMAC; use wolfssl::wolfcrypt::sha::SHA256; diff --git a/wrapper/rust/wolfssl/tests/test_kdf.rs b/wrapper/rust/wolfssl/tests/test_kdf.rs index 5b4ffe103..01912bd7e 100644 --- a/wrapper/rust/wolfssl/tests/test_kdf.rs +++ b/wrapper/rust/wolfssl/tests/test_kdf.rs @@ -1,5 +1,7 @@ +#[cfg(any(kdf_pbkdf2, kdf_tls13))] use wolfssl::wolfcrypt::hmac::HMAC; use wolfssl::wolfcrypt::kdf::*; +#[cfg(kdf_tls13)] use wolfssl::wolfcrypt::sha::SHA256; #[test] diff --git a/wrapper/rust/wolfssl/tests/test_rsa.rs b/wrapper/rust/wolfssl/tests/test_rsa.rs index db760b5cf..4bedeb4c4 100644 --- a/wrapper/rust/wolfssl/tests/test_rsa.rs +++ b/wrapper/rust/wolfssl/tests/test_rsa.rs @@ -71,7 +71,7 @@ fn test_rsa_encrypt_decrypt() { } #[test] -#[cfg(sha256)] +#[cfg(all(sha256, rsa_pss))] fn test_rsa_pss() { let mut rng = RNG::new().expect("Error creating RNG");