From 62de1c1896ba7b38beeced1fc84ff27d84d67459 Mon Sep 17 00:00:00 2001 From: Kareem Date: Mon, 11 May 2026 15:56:33 -0700 Subject: [PATCH] Extend check to cover ECC and Curve25519 blinding + no RNG as well. --- wolfssl/wolfcrypt/settings.h | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index ca441eaef0..c6a57e7372 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -4202,7 +4202,8 @@ extern void uITRON4_free(void *p) ; #if defined(HAVE_CURVE25519) && !defined(CURVE25519_SMALL) && \ !defined(FREESCALE_LTC_ECC) && !defined(WOLFSSL_ARMASM) && \ (!defined(USE_INTEL_SPEEDUP) || defined(NO_CURVED25519_X64)) && \ - !defined(WOLFSSL_CURVE25519_BLINDING) && !defined(NO_CURVE25519_BLINDING) + !defined(WOLFSSL_CURVE25519_BLINDING) && !defined(NO_CURVE25519_BLINDING) \ + && !defined(WC_NO_RNG) #define WOLFSSL_CURVE25519_BLINDING #endif @@ -4225,14 +4226,14 @@ extern void uITRON4_free(void *p) ; /* WC_NO_RNG silently removes RSA blinding, as blinding depends on the RNG. * Refuse to build until the conflict is resolved or the loss of hardening is * explicitly acknowledged via WC_RSA_NO_RNG_ACKNOWLEDGE_WEAKNESS. */ -#if defined(WC_NO_RNG) && defined(WC_RSA_BLINDING) && !defined(NO_RSA) && \ - !defined(WC_RSA_NO_RNG_ACKNOWLEDGE_WEAKNESS) - #error "WC_NO_RNG combined with WC_RSA_BLINDING silently disables RSA \ -blinding as well as OAEP and PSS padding support, weakening RSA against \ -side-channel and chosen-ciphertext attacks. Resolve the conflict by \ -removing WC_NO_RNG, undefining WC_RSA_BLINDING, or defining NO_RSA. \ -To proceed anyway and accept the loss of RSA hardening, \ -define WC_RSA_NO_RNG_ACKNOWLEDGE_WEAKNESS." +#if defined(WC_NO_RNG) && ((defined(WC_RSA_BLINDING) && !defined(NO_RSA)) || \ + (defined(HAVE_CURVE25519) && defined(WOLFSSL_CURVE25519_BLINDING)) || \ + (defined(HAVE_ECC) && defined(WOLFSSL_ECC_BLIND_K))) && \ + !defined(WC_BLINDING_NO_RNG_ACKNOWLEDGE_WEAKNESS) + #error "Blinding is enabled but the RNG is disabled. Either remove \ +WC_NO_RNG to enable the RNG, disable blinding by removing WC_RSA_BLINDING/\ +WOLFSSL_CURVE25519_BLINDING/WOLFSSL_ECC_BLIND_K, or acknowledge the loss of \ +blinding by defining WC_BLINDING_NO_RNG_ACKNOWLEDGE_WEAKNESS." #endif #ifdef OPENSSL_COEXIST