wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make wolfEntropy optional and bring settings.h in sync w/ master

Browse Source
This commit is contained in:
kaleb-himes
2024-04-09 10:44:17 -06:00
parent e45867bbc3
commit 0d83d0d199
2 changed files with 16 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configure.ac
View File

@ -4902,6 +4902,7 @@ AC_ARG_ENABLE([pwdbased],
) )
# MemUse Entropy # MemUse Entropy
# wolfEntropy Software Jitter SP800-90B certifiable entropy source
AC_ARG_ENABLE([wolfEntropy], AC_ARG_ENABLE([wolfEntropy],
[AS_HELP_STRING([--enable-wolfEntropy],[Enable memuse entropy support (default: disabled)])], [AS_HELP_STRING([--enable-wolfEntropy],[Enable memuse entropy support (default: disabled)])],
[ ENABLED_ENTROPY_MEMUSE=$enableval ], [ ENABLED_ENTROPY_MEMUSE=$enableval ],
@ -5061,10 +5062,6 @@ AS_CASE([$FIPS_VERSION],
AS_IF([test "x$ENABLED_AESKEYWRAP" != "xyes"], AS_IF([test "x$ENABLED_AESKEYWRAP" != "xyes"],
[ENABLED_AESKEYWRAP="yes"; AM_CFLAGS="$AM_CFLAGS -DHAVE_AES_KEYWRAP"]) [ENABLED_AESKEYWRAP="yes"; AM_CFLAGS="$AM_CFLAGS -DHAVE_AES_KEYWRAP"])
# wolfEntropy Software Jitter SP800-90B certifiable entropy source
AS_IF([test "x$ENABLED_ENTROPY_MEMUSE" != "xyes"],
[ENABLED_ENTROPY_MEMUSE="yes"])
# Old TLS requires MD5 + HMAC, which is not allowed under FIPS 140-3 # Old TLS requires MD5 + HMAC, which is not allowed under FIPS 140-3
AS_IF([test "$ENABLED_OLD_TLS" != "no"], AS_IF([test "$ENABLED_OLD_TLS" != "no"],
[ENABLED_OLD_TLS="no"; AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"]) [ENABLED_OLD_TLS="no"; AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"])

21
wolfssl/wolfcrypt/settings.h
View File

@ -314,32 +314,40 @@
#if !defined(HAVE_FIPS) #if !defined(HAVE_FIPS)
#define WOLFSSL_FIPS_VERSION_CODE WOLFSSL_MAKE_FIPS_VERSION3(0,0,0) #define WOLFSSL_FIPS_VERSION_CODE WOLFSSL_MAKE_FIPS_VERSION3(0,0,0)
#define WOLFSSL_FIPS_VERSION2_CODE WOLFSSL_FIPS_VERSION_CODE
#elif !defined(HAVE_FIPS_VERSION) #elif !defined(HAVE_FIPS_VERSION)
#define WOLFSSL_FIPS_VERSION_CODE WOLFSSL_MAKE_FIPS_VERSION3(1,0,0) #define WOLFSSL_FIPS_VERSION_CODE WOLFSSL_MAKE_FIPS_VERSION3(1,0,0)
#define WOLFSSL_FIPS_VERSION2_CODE WOLFSSL_FIPS_VERSION_CODE
#elif !defined(HAVE_FIPS_VERSION_MINOR) #elif !defined(HAVE_FIPS_VERSION_MINOR)
#define WOLFSSL_FIPS_VERSION_CODE \ #define WOLFSSL_FIPS_VERSION_CODE \
WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION,0,0) WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION,0,0)
#define WOLFSSL_FIPS_VERSION2_CODE WOLFSSL_FIPS_VERSION_CODE
#elif !defined(HAVE_FIPS_VERSION_PATCH) #elif !defined(HAVE_FIPS_VERSION_PATCH)
#define WOLFSSL_FIPS_VERSION_CODE \ #define WOLFSSL_FIPS_VERSION_CODE \
WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION, \ WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION, \
HAVE_FIPS_VERSION_MINOR, 0) HAVE_FIPS_VERSION_MINOR, 0)
#define WOLFSSL_FIPS_VERSION2_CODE WOLFSSL_FIPS_VERSION_CODE
#else #else
#define WOLFSSL_FIPS_VERSION_CODE \ #define WOLFSSL_FIPS_VERSION_CODE \
WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION,\ WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION,\
HAVE_FIPS_VERSION_MINOR, \ HAVE_FIPS_VERSION_MINOR, \
HAVE_FIPS_VERSION_PATCH) HAVE_FIPS_VERSION_PATCH)
#define WOLFSSL_FIPS_VERSION2_CODE \
WOLFSSL_MAKE_FIPS_VERSION3(HAVE_FIPS_VERSION,\
HAVE_FIPS_VERSION_MINOR, \
0)
#endif #endif
#define FIPS_VERSION_LT(major,minor) \ #define FIPS_VERSION_LT(major,minor) \
(WOLFSSL_FIPS_VERSION_CODE < WOLFSSL_MAKE_FIPS_VERSION(major,minor)) (WOLFSSL_FIPS_VERSION2_CODE < WOLFSSL_MAKE_FIPS_VERSION(major,minor))
#define FIPS_VERSION_LE(major,minor) \ #define FIPS_VERSION_LE(major,minor) \
(WOLFSSL_FIPS_VERSION_CODE <= WOLFSSL_MAKE_FIPS_VERSION(major,minor)) (WOLFSSL_FIPS_VERSION2_CODE <= WOLFSSL_MAKE_FIPS_VERSION(major,minor))
#define FIPS_VERSION_EQ(major,minor) \ #define FIPS_VERSION_EQ(major,minor) \
(WOLFSSL_FIPS_VERSION_CODE == WOLFSSL_MAKE_FIPS_VERSION(major,minor)) (WOLFSSL_FIPS_VERSION2_CODE == WOLFSSL_MAKE_FIPS_VERSION(major,minor))
#define FIPS_VERSION_GE(major,minor) \ #define FIPS_VERSION_GE(major,minor) \
(WOLFSSL_FIPS_VERSION_CODE >= WOLFSSL_MAKE_FIPS_VERSION(major,minor)) (WOLFSSL_FIPS_VERSION2_CODE >= WOLFSSL_MAKE_FIPS_VERSION(major,minor))
#define FIPS_VERSION_GT(major,minor) \ #define FIPS_VERSION_GT(major,minor) \
(WOLFSSL_FIPS_VERSION_CODE > WOLFSSL_MAKE_FIPS_VERSION(major,minor)) (WOLFSSL_FIPS_VERSION2_CODE > WOLFSSL_MAKE_FIPS_VERSION(major,minor))
#define FIPS_VERSION3_LT(major,minor,patch) \ #define FIPS_VERSION3_LT(major,minor,patch) \
(WOLFSSL_FIPS_VERSION_CODE < WOLFSSL_MAKE_FIPS_VERSION3(major,minor,patch)) (WOLFSSL_FIPS_VERSION_CODE < WOLFSSL_MAKE_FIPS_VERSION3(major,minor,patch))
@ -3486,7 +3494,8 @@ extern void uITRON4_free(void *p) ;
#endif #endif
#endif #endif
/* if configure.ac turned on, HAVE_ENTROPY_MEMUSE will be set */ /* if configure.ac turned on this feature, HAVE_ENTROPY_MEMUSE will be set,
* also define HAVE_WOLFENTROPY */
#ifdef HAVE_ENTROPY_MEMUSE #ifdef HAVE_ENTROPY_MEMUSE
#ifndef HAVE_WOLFENTROPY #ifndef HAVE_WOLFENTROPY
#define HAVE_WOLFENTROPY #define HAVE_WOLFENTROPY