Extend check to cover ECC and Curve25519 blinding + no RNG as well.

This commit is contained in:
Kareem
2026-05-11 15:56:33 -07:00
parent 1c63dad5d6
commit 62de1c1896
+10 -9
View File
@@ -4202,7 +4202,8 @@ extern void uITRON4_free(void *p) ;
#if defined(HAVE_CURVE25519) && !defined(CURVE25519_SMALL) && \
!defined(FREESCALE_LTC_ECC) && !defined(WOLFSSL_ARMASM) && \
(!defined(USE_INTEL_SPEEDUP) || defined(NO_CURVED25519_X64)) && \
!defined(WOLFSSL_CURVE25519_BLINDING) && !defined(NO_CURVE25519_BLINDING)
!defined(WOLFSSL_CURVE25519_BLINDING) && !defined(NO_CURVE25519_BLINDING) \
&& !defined(WC_NO_RNG)
#define WOLFSSL_CURVE25519_BLINDING
#endif
@@ -4225,14 +4226,14 @@ extern void uITRON4_free(void *p) ;
/* WC_NO_RNG silently removes RSA blinding, as blinding depends on the RNG.
* Refuse to build until the conflict is resolved or the loss of hardening is
* explicitly acknowledged via WC_RSA_NO_RNG_ACKNOWLEDGE_WEAKNESS. */
#if defined(WC_NO_RNG) && defined(WC_RSA_BLINDING) && !defined(NO_RSA) && \
!defined(WC_RSA_NO_RNG_ACKNOWLEDGE_WEAKNESS)
#error "WC_NO_RNG combined with WC_RSA_BLINDING silently disables RSA \
blinding as well as OAEP and PSS padding support, weakening RSA against \
side-channel and chosen-ciphertext attacks. Resolve the conflict by \
removing WC_NO_RNG, undefining WC_RSA_BLINDING, or defining NO_RSA. \
To proceed anyway and accept the loss of RSA hardening, \
define WC_RSA_NO_RNG_ACKNOWLEDGE_WEAKNESS."
#if defined(WC_NO_RNG) && ((defined(WC_RSA_BLINDING) && !defined(NO_RSA)) || \
(defined(HAVE_CURVE25519) && defined(WOLFSSL_CURVE25519_BLINDING)) || \
(defined(HAVE_ECC) && defined(WOLFSSL_ECC_BLIND_K))) && \
!defined(WC_BLINDING_NO_RNG_ACKNOWLEDGE_WEAKNESS)
#error "Blinding is enabled but the RNG is disabled. Either remove \
WC_NO_RNG to enable the RNG, disable blinding by removing WC_RSA_BLINDING/\
WOLFSSL_CURVE25519_BLINDING/WOLFSSL_ECC_BLIND_K, or acknowledge the loss of \
blinding by defining WC_BLINDING_NO_RNG_ACKNOWLEDGE_WEAKNESS."
#endif
#ifdef OPENSSL_COEXIST