From 0c72dee315f7837bb0d2c93fdc93e9770ad3d1fe Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Wed, 26 Sep 2018 13:56:10 -0700
Subject: [PATCH] Fixes for building with `./configure --enable-asn=nocrypt`.
 Added wolfCrypt test template for `certpiv_test`, pending test PIV certs to
 use.

---
 configure.ac          |  3 ++-
 wolfcrypt/src/asn.c   |  5 ++++-
 wolfcrypt/test/test.c | 22 ++++++++++++++++++++++
 3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 62dc1ab0d..a544cd7e8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1830,6 +1830,7 @@ else
         if test "$ENABLED_ASN" = "nocrypt"
         then
             AM_CFLAGS="$AM_CFLAGS -DNO_ASN_CRYPT"
+            enable_pwdbased=no
         fi
     fi
 fi
@@ -1851,7 +1852,7 @@ then
     ENABLED_SLOWMATH=no
 fi
 
-AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" = "xyes"])
+AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" != "xno"])
 
 
 # AES
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 7e0e3d595..6bcb5768c 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -5803,6 +5803,9 @@ exit_cs:
 
 #endif /* !NO_ASN_CRYPT */
 
+    (void)keyOID;
+    (void)sigOID;
+
     WOLFSSL_LEAVE("ConfirmSignature", ret);
 
     if (ret != WC_PENDING_E) {
@@ -7454,7 +7457,7 @@ int CheckCertSignature(const byte* cert, word32 certSz, void* heap, void* cm)
 #endif
     return ret;
 }
-#endif
+#endif /* WOLFSSL_SMALL_CERT_VERIFY */
 
 int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
 {
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index cd45670c7..2f4cefeb0 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -360,6 +360,9 @@ int blob_test(void);
 #ifdef WOLF_CRYPTO_DEV
 int cryptodev_test(void);
 #endif
+#ifdef WOLFSSL_CERT_PIV
+int certpiv_test(void);
+#endif
 
 /* General big buffer size for many tests. */
 #define FOURK_BUF 4096
@@ -1017,6 +1020,13 @@ initDefaultName();
         printf( "crypto dev test passed!\n");
 #endif
 
+#ifdef WOLFSSL_CERT_PIV
+    if ( (ret = certpiv_test()) != 0)
+        return err_sys("cert piv test failed!\n", ret);
+    else
+        printf( "cert piv test passed!\n");
+#endif
+
 #ifdef WOLFSSL_ASYNC_CRYPT
     wolfAsync_DevClose(&devId);
 #endif
@@ -20318,6 +20328,18 @@ int cryptodev_test(void)
 }
 #endif /* WOLF_CRYPTO_DEV */
 
+#ifdef WOLFSSL_CERT_PIV
+int certpiv_test(void)
+{
+    /* TODO: Add test for wc_ParseCertPIV */
+#if 0
+    wc_CertPIV piv;
+    ret = wc_ParseCertPIV(&piv, buf, totalSz);
+#endif
+    return 0;
+}
+#endif /* WOLFSSL_CERT_PIV */
+
 
 #undef ERROR_OUT