From 0afd09d90010c497168b5e99d366f670e9f6872f Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Fri, 20 Mar 2015 11:25:22 -0600
Subject: [PATCH] fix OPENSSL_EXTRA + NO_AES build

---
 src/ssl.c             | 24 +++++++++++++++++++++++-
 wolfcrypt/test/test.c |  4 ++++
 wolfssl/openssl/evp.h |  6 ++++++
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index f0aa9f28c..1a6696e6e 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -2474,6 +2474,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                                                                  key, info->iv);
             }
 #endif
+#ifndef NO_AES
             else if (XSTRNCMP(info->name, "AES-128-CBC", 13) == 0) {
                 ret = wc_AesCbcDecryptWithKey(der.buffer, der.buffer, der.length,
                                                key, AES_128_KEY_SIZE, info->iv);
@@ -2486,6 +2487,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                 ret = wc_AesCbcDecryptWithKey(der.buffer, der.buffer, der.length,
                                                key, AES_256_KEY_SIZE, info->iv);
             }
+#endif
             else {
                 ret = SSL_BAD_FILE;
             }
@@ -7481,7 +7483,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                                const WOLFSSL_EVP_CIPHER* type, byte* key,
                                byte* iv, int enc)
     {
+#if defined(NO_AES) && defined(NO_DES3)
+        (void)iv;
+        (void)enc;
+#else
         int ret = 0;
+#endif
 
         WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
         if (ctx == NULL) {
@@ -7494,6 +7501,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             return 0;   /* failure */
         }
 
+#ifndef NO_AES
         if (ctx->cipherType == AES_128_CBC_TYPE || (type &&
                                        XSTRNCMP(type, "AES128-CBC", 10) == 0)) {
             WOLFSSL_MSG("AES-128-CBC");
@@ -7610,6 +7618,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             }
         }
 #endif /* WOLFSSL_AES_CTR */
+#endif /* NO_AES */
+
 #ifndef NO_DES3
         else if (ctx->cipherType == DES_CBC_TYPE || (type &&
                                        XSTRNCMP(type, "DES-CBC", 7) == 0)) {
@@ -7716,6 +7726,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
 
         switch (ctx->cipherType) {
 
+#ifndef NO_AES
             case AES_128_CBC_TYPE :
             case AES_192_CBC_TYPE :
             case AES_256_CBC_TYPE :
@@ -7734,6 +7745,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                     wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
                 break;
 #endif
+#endif /* NO_AES */
 
 #ifndef NO_DES3
             case DES_CBC_TYPE :
@@ -7787,6 +7799,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
 
         switch (ctx->cipherType) {
 
+#ifndef NO_AES
             case AES_128_CBC_TYPE :
             case AES_192_CBC_TYPE :
             case AES_256_CBC_TYPE :
@@ -7801,7 +7814,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                 WOLFSSL_MSG("AES CTR");
                 memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE);
                 break;
-#endif
+#endif /* WOLFSSL_AES_COUNTER */
+
+#endif /* NO_AES */
 
 #ifndef NO_DES3
             case DES_CBC_TYPE :
@@ -7845,6 +7860,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
 
         switch (ctx->cipherType) {
 
+#ifndef NO_AES
             case AES_128_CBC_TYPE :
             case AES_192_CBC_TYPE :
             case AES_256_CBC_TYPE :
@@ -7861,6 +7877,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                 break;
 #endif
 
+#endif /* NO_AES */
+
 #ifndef NO_DES3
             case DES_CBC_TYPE :
                 WOLFSSL_MSG("DES CBC");
@@ -11980,6 +11998,8 @@ void wolfSSL_3des_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
 #endif /* NO_DES3 */
 
 
+#ifndef NO_AES
+
 void wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
                       unsigned char* iv, int len)
 {
@@ -11998,6 +12018,8 @@ void wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
         memcpy(iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE);
 }
 
+#endif /* NO_AES */
+
 
 const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void)
 {
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index 118683b30..7ee96f221 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -4562,6 +4562,8 @@ int openssl_test(void)
 
 #endif /* NO_DES3 */
 
+#ifndef NO_AES
+
     {  /* evp_cipher test */
         EVP_CIPHER_CTX ctx;
 
@@ -4607,6 +4609,8 @@ int openssl_test(void)
 
     }  /* end evp_cipher test */
 
+#endif /* NO_AES */
+
     return 0;
 }
 
diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h
index 3a05a5dfd..f6071ba7d 100644
--- a/wolfssl/openssl/evp.h
+++ b/wolfssl/openssl/evp.h
@@ -94,7 +94,9 @@ typedef struct WOLFSSL_EVP_MD_CTX {
 
 
 typedef union {
+#ifndef NO_AES
     Aes  aes;
+#endif
 #ifndef NO_DES3
     Des  des;
     Des3 des3;
@@ -125,7 +127,11 @@ typedef struct WOLFSSL_EVP_CIPHER_CTX {
     int            keyLen;         /* user may set for variable */
     unsigned char  enc;            /* if encrypt side, then true */
     unsigned char  cipherType;
+#ifndef NO_AES
     unsigned char  iv[AES_BLOCK_SIZE];    /* working iv pointer into cipher */
+#elif !defined(NO_DES3)
+    unsigned char  iv[DES_BLOCK_SIZE];    /* working iv pointer into cipher */
+#endif
     WOLFSSL_Cipher  cipher;
 } WOLFSSL_EVP_CIPHER_CTX;