Merge pull request #1960 from SparkiDev/sp_rsavfy

Allow a very small build based on SHA-256 and RSA verify

wolfcrypt/test/test.c

@@ -9015,6 +9015,7 @@ int certext_test(void)
 }
 #endif /* WOLFSSL_CERT_EXT && WOLFSSL_TEST_CERT */
 
+#ifndef NO_ASN
 static int rsa_flatten_test(RsaKey* key)
 {
     int    ret;
@@ -9106,8 +9107,9 @@ static int rsa_flatten_test(RsaKey* key)
 
     return 0;
 }
+#endif /* NO_ASN */
 
-#if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA)
+#if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(NO_ASN)
 static int rsa_export_key_test(RsaKey* key)
 {
     int ret;
@@ -9179,7 +9181,7 @@ static int rsa_export_key_test(RsaKey* key)
 
     return 0;
 }
-#endif /* !HAVE_FIPS */
+#endif /* !HAVE_FIPS && !USER_RSA && !NO_ASN */
 
 #ifndef NO_SIG_WRAPPER
 static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
@@ -9438,7 +9440,7 @@ static int rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
 }
 #endif
 
-#ifndef HAVE_USER_RSA
+#if !defined(HAVE_USER_RSA) && !defined(NO_ASN)
 static int rsa_decode_test(RsaKey* keyPub)
 {
     int        ret;
@@ -10812,7 +10814,7 @@ int rsa_test(void)
     XMEMSET(&caKey, 0, sizeof(caKey));
 #endif
 
-#ifndef HAVE_USER_RSA
+#if !defined(HAVE_USER_RSA) && !defined(NO_ASN)
     ret = rsa_decode_test(&key);
     if (ret != 0)
         return ret;
@@ -10862,11 +10864,27 @@ int rsa_test(void)
     if (ret != 0) {
         ERROR_OUT(-7003, exit_rsa);
     }
+#ifndef NO_ASN
     ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
     if (ret != 0) {
         ERROR_OUT(-7004, exit_rsa);
     }
+#elif defined(WOLFSSL_RSA_VERIFY_ONLY)
+    #ifdef USE_CERT_BUFFERS_2048
+        ret = mp_read_unsigned_bin(&key.n, &tmp[12], 256);
+        if (ret != 0) {
+            ERROR_OUT(-7004, exit_rsa);
+        }
+        ret = mp_set_int(&key.e, WC_RSA_EXPONENT);
+        if (ret != 0) {
+            ERROR_OUT(-7004, exit_rsa);
+        }
+    #else
+        #error Not supported yet!
+    #endif
+#endif
 
+#ifndef WC_NO_RNG
 #ifndef HAVE_FIPS
     ret = wc_InitRng_ex(&rng, HEAP_HINT, devId);
 #else
@@ -10875,6 +10893,7 @@ int rsa_test(void)
     if (ret != 0) {
         ERROR_OUT(-7005, exit_rsa);
     }
+#endif
 
 #ifndef NO_SIG_WRAPPER
     ret = rsa_sig_test(&key, sizeof(RsaKey), wc_RsaEncryptSize(&key), &rng);
@@ -10888,6 +10907,7 @@ int rsa_test(void)
         goto exit_rsa;
 #endif
 
+#ifndef WOLFSSL_RSA_VERIFY_ONLY
     do {
 #if defined(WOLFSSL_ASYNC_CRYPT)
         ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
@@ -10956,6 +10976,49 @@ int rsa_test(void)
     if (ret < 0) {
         ERROR_OUT(-7013, exit_rsa);
     }
+#else
+    (void)outSz;
+    (void)inLen;
+    (void)res;
+    {
+        byte signature_2048[] = {
+            0x07, 0x6f, 0xc9, 0x85, 0x73, 0x9e, 0x21, 0x79,
+            0x47, 0xf1, 0xa3, 0xd7, 0xf4, 0x27, 0x29, 0xbe,
+            0x99, 0x5d, 0xac, 0xb2, 0x10, 0x3f, 0x95, 0xda,
+            0x89, 0x23, 0xb8, 0x96, 0x13, 0x57, 0x72, 0x30,
+            0xa1, 0xfe, 0x5a, 0x68, 0x9c, 0x99, 0x9d, 0x1e,
+            0x05, 0xa4, 0x80, 0xb0, 0xbb, 0xd9, 0xd9, 0xa1,
+            0x69, 0x97, 0x74, 0xb3, 0x41, 0x21, 0x3b, 0x47,
+            0xf5, 0x51, 0xb1, 0xfb, 0xc7, 0xaa, 0xcc, 0xdc,
+            0xcd, 0x76, 0xa0, 0x28, 0x4d, 0x27, 0x14, 0xa4,
+            0xb9, 0x41, 0x68, 0x7c, 0xb3, 0x66, 0xe6, 0x6f,
+            0x40, 0x76, 0xe4, 0x12, 0xfd, 0xae, 0x29, 0xb5,
+            0x63, 0x60, 0x87, 0xce, 0x49, 0x6b, 0xf3, 0x05,
+            0x9a, 0x14, 0xb5, 0xcc, 0xcd, 0xf7, 0x30, 0x95,
+            0xd2, 0x72, 0x52, 0x1d, 0x5b, 0x7e, 0xef, 0x4a,
+            0x02, 0x96, 0x21, 0x6c, 0x55, 0xa5, 0x15, 0xb1,
+            0x57, 0x63, 0x2c, 0xa3, 0x8e, 0x9d, 0x3d, 0x45,
+            0xcc, 0xb8, 0xe6, 0xa1, 0xc8, 0x59, 0xcd, 0xf5,
+            0xdc, 0x0a, 0x51, 0xb6, 0x9d, 0xfb, 0xf4, 0x6b,
+            0xfd, 0x32, 0x71, 0x6e, 0xcf, 0xcb, 0xb3, 0xd9,
+            0xe0, 0x4a, 0x77, 0x34, 0xd6, 0x61, 0xf5, 0x7c,
+            0xf9, 0xa9, 0xa4, 0xb0, 0x8e, 0x3b, 0xd6, 0x04,
+            0xe0, 0xde, 0x2b, 0x5b, 0x5a, 0xbf, 0xd9, 0xef,
+            0x8d, 0xa3, 0xf5, 0xb1, 0x67, 0xf3, 0xb9, 0x72,
+            0x0a, 0x37, 0x12, 0x35, 0x6c, 0x8e, 0x10, 0x8b,
+            0x38, 0x06, 0x16, 0x4b, 0x20, 0x20, 0x13, 0x00,
+            0x2e, 0x6d, 0xc2, 0x59, 0x23, 0x67, 0x4a, 0x6d,
+            0xa1, 0x46, 0x8b, 0xee, 0xcf, 0x44, 0xb4, 0x3e,
+            0x56, 0x75, 0x00, 0x68, 0xb5, 0x7d, 0x0f, 0x20,
+            0x79, 0x5d, 0x7f, 0x12, 0x15, 0x32, 0x89, 0x61,
+            0x6b, 0x29, 0xb7, 0x52, 0xf5, 0x25, 0xd8, 0x98,
+            0xe8, 0x6f, 0xf9, 0x22, 0xb4, 0xbb, 0xe5, 0xff,
+            0xd0, 0x92, 0x86, 0x9a, 0x88, 0xa2, 0xaf, 0x6b
+        };
+        ret = sizeof(signature_2048);
+        XMEMCPY(out, signature_2048, ret);
+    }
+#endif
 
     idx = (word32)ret;
     XMEMSET(plain, 0, plainSz);
@@ -10964,7 +11027,15 @@ int rsa_test(void)
         ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
 #endif
         if (ret >= 0) {
+#ifndef WOLFSSL_RSA_VERIFY_INLINE
             ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, &key);
+#else
+            byte* dec = NULL;
+            ret = wc_RsaSSL_VerifyInline(out, idx, &dec, &key);
+            if (ret > 0) {
+                XMEMCPY(plain, dec, ret);
+            }
+#endif
         }
     } while (ret == WC_PENDING_E);
     if (ret < 0) {
@@ -11245,15 +11316,17 @@ int rsa_test(void)
     #endif /* !HAVE_FAST_RSA && !HAVE_FIPS */
     #endif /* WC_NO_RSA_OAEP */
 
-#if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA)
+#if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(NO_ASN)
     ret = rsa_export_key_test(&key);
     if (ret != 0)
         return ret;
 #endif
 
+#ifndef NO_ASN
     ret = rsa_flatten_test(&key);
     if (ret != 0)
         return ret;
+#endif
 
 #if defined(WOLFSSL_MDK_ARM)
     #define sizeof(s) XSTRLEN((char *)(s))