Merge pull request #2649 from SparkiDev/rsa_pubonly

Fix RSA public key only builds
2026-03-24 13:07:21 +01:00 · 2019-12-27 12:55:34 -08:00
parent dd28f26c44 2528121925
commit 78fa84be00
5 changed files with 32 additions and 11 deletions
--- a/src/internal.c
+++ b/src/internal.c
@@ -3533,7 +3533,8 @@ static word32 MacSize(WOLFSSL* ssl)

 #ifndef NO_RSA
 #ifndef WOLFSSL_NO_TLS12
-#if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)
+#if !defined(NO_WOLFSSL_SERVER) || (!defined(NO_WOLFSSL_CLIENT) && \
+                                               !defined(WOLFSSL_NO_CLIENT_AUTH))
 static int TypeHash(int hashAlgo)
 {
    switch (hashAlgo) {
@@ -3597,6 +3598,7 @@ int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf)
 }
 #endif

+#if !defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)
 int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
            word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key,
            DerBuffer* keyBufInfo)
@@ -3680,6 +3682,7 @@ int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,

    return ret;
 }
+#endif

 int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
              int hashAlgo, RsaKey* key, buffer* keyBufInfo)
@@ -3887,6 +3890,7 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,

 #ifndef WOLFSSL_NO_TLS12

+#if !defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)
 int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
    RsaKey* key, DerBuffer* keyBufInfo)
 {
@@ -3946,6 +3950,7 @@ int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,

    return ret;
 }
+#endif /* !NO_WOLFSSL_SERVER) || !WOLFSSL_NO_CLIENT_AUTH */

 int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
    RsaKey* key, buffer* keyBufInfo)
@@ -7383,7 +7388,8 @@ static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl)


 #ifndef WOLFSSL_NO_TLS12
-#ifndef NO_CERTS
+#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_SERVER) || \
+                                               !defined(WOLFSSL_NO_CLIENT_AUTH))
 static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset,
                           word32 length, byte type, WOLFSSL* ssl)
 {
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -5216,6 +5216,9 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
 {
    int ret = 0;

+    (void)heap;
+    (void)devId;
+
    if (ctx == NULL && ssl == NULL)
        return BAD_FUNC_ARG;
    if (!der || !keySz || !idx || !resetSuites || !rsaKey || !eccKey || !ed25519Key)
--- a/tests/api.c
+++ b/tests/api.c
@@ -252,7 +252,8 @@
    #include <wolfssl/wolfcrypt/asn.h>
 #endif

-#if defined(WOLFSSL_SHA3) || defined(HAVE_PKCS7) || !defined(NO_RSA)
+#if defined(WOLFSSL_SHA3) || defined(HAVE_PKCS7) || (!defined(NO_RSA) && \
+                  !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || !defined(NO_SIG_WRAPPER)
    static int  devId = INVALID_DEVID;
 #endif
 #ifndef NO_DSA
@@ -12384,6 +12385,7 @@ static int test_wc_RsaPublicEncryptDecrypt_ex (void)
        return ret;
    }

+#ifndef WOLFSSL_RSA_PUBLIC_ONLY
    /* Decrypt */
    printf(testingFmt, "wc_RsaPrivateDecrypt_ex()");
    #if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
@@ -12396,7 +12398,7 @@ static int test_wc_RsaPublicEncryptDecrypt_ex (void)
                plain, plainSz, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA,
                WC_MGF1SHA1, NULL, 0);
    }
-   if (ret >= 0) {
+    if (ret >= 0) {
        if (!XMEMCMP(plain, inStr, plainSz)) {
            ret = 0;
        } else {
@@ -12425,6 +12427,7 @@ static int test_wc_RsaPublicEncryptDecrypt_ex (void)
            }
        }
    }
+#endif

    FREE_VAR(in, NULL);
    FREE_VAR(plain, NULL);
--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@@ -555,7 +555,8 @@ static const char* bench_result_words1[][4] = {
    defined(HAVE_ECC) || !defined(NO_DH) || defined(HAVE_ECC_ENCRYPT) || \
    defined(HAVE_CURVE25519) || defined(HAVE_CURVE25519_SHARED_SECRET)  || \
    defined(HAVE_ED25519)
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP)
+#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP) || \
+                                                                 !defined(NO_DH)

 static const char* bench_desc_words[][9] = {
    /* 0           1          2         3        4        5         6            7            8 */
@@ -676,7 +677,8 @@ static const char* bench_desc_words[][9] = {
 #endif

 #if defined(BENCH_ASYM)
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP)
+#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP) || \
+                                                                 !defined(NO_DH)
 static const char* bench_result_words2[][5] = {
    { "ops took", "sec"     , "avg" , "ops/sec", NULL },            /* 0 English  */
 #ifndef NO_MULTIBYTE_PRINT
@@ -1206,7 +1208,8 @@ static void bench_stats_sym_finish(const char* desc, int doAsync, int count,
 }

 #ifdef BENCH_ASYM
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP)
+#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP) || \
+                                                                 !defined(NO_DH)
 static void bench_stats_asym_finish(const char* algo, int strength,
    const char* desc, int doAsync, int count, double start, int ret)
 {
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -9738,7 +9738,7 @@ int decodedCertCache_test(void)
 #endif /* defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) &&
          defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) */

-#if !defined(NO_ASN) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
+#if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
 static int rsa_flatten_test(RsaKey* key)
 {
    int    ret;
@@ -11581,14 +11581,18 @@ int rsa_test(void)
 #if defined(HAVE_NTRU)
    RsaKey caKey;
 #endif
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP)
+#ifndef NO_ASN
    word32 idx = 0;
+#endif
+#if !defined(WOLFSSL_RSA_VERIFY_ONLY) || defined(WOLFSSL_PUBLIC_MP)
    const char* inStr = "Everyone gets Friday off.";
    word32      inLen = (word32)XSTRLEN((char*)inStr);
-    byte*  res;
    const word32 outSz   = RSA_TEST_BYTES;
    const word32 plainSz = RSA_TEST_BYTES;
 #endif
+#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP)
+    byte*  res;
+#endif
 #ifndef NO_SIG_WRAPPER
    int modLen;
 #endif
@@ -11601,7 +11605,7 @@ int rsa_test(void)
    DecodedCert cert;
 #endif

-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_PUBLIC_MP)
+#if !defined(WOLFSSL_RSA_VERIFY_ONLY) || defined(WOLFSSL_PUBLIC_MP)
    DECLARE_VAR_INIT(in, byte, inLen, inStr, HEAP_HINT);
    DECLARE_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT);
    DECLARE_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT);
@@ -11897,6 +11901,7 @@ int rsa_test(void)
    }
    TEST_SLEEP();

+#ifndef WOLFSSL_RSA_PUBLIC_ONLY
    idx = (word32)ret;
    do {
 #if defined(WOLFSSL_ASYNC_CRYPT)
@@ -11916,6 +11921,7 @@ int rsa_test(void)
    }
    TEST_SLEEP();
    #endif /* NO_SHA */
+#endif

    #ifndef NO_SHA256
    XMEMSET(plain, 0, plainSz);