diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index e82d14349..475bdd008 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -954,6 +954,7 @@ int wc_FreeDhKey(DhKey* key) } +#ifndef WC_NO_RNG /* if defined to not use floating point values do not compile in */ #ifndef WOLFSSL_DH_CONST static word32 DiscreteLogWorkFactor(word32 n) @@ -1142,11 +1143,12 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv, return err; } #endif /* WOLFSSL_NO_DH186 */ - +#endif /* !WC_NO_RNG */ static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv, word32* privSz) { +#ifndef WC_NO_RNG int ret = 0; word32 sz = 0; @@ -1198,6 +1200,13 @@ static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv, } return ret; +#else + (void)key; + (void)rng; + (void)priv; + (void)privSz; + return NOT_COMPILED_IN; +#endif /* WC_NO_RNG */ } diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 380cc6856..5099a2c21 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -3677,6 +3677,7 @@ int wc_ecc_point_is_at_infinity(ecc_point* p) /* generate random and ensure its greater than 0 and less than order */ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order) { +#ifndef WC_NO_RNG int err; DECLARE_VAR(buf, byte, ECC_MAXSIZE_GEN, rng->heap); @@ -3708,8 +3709,15 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order) FREE_VAR(buf, rng->heap); return err; +#else + (void)rng; + (void)size; + (void)k; + (void)order; + return NOT_COMPILED_IN; +#endif /* !WC_NO_RNG */ } -#endif +#endif /* WOLFSSL_SP_MATH */ #endif /* !WOLFSSL_ATECC508A */ static WC_INLINE void wc_ecc_reset(ecc_key* key) diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 2aee35eae..ce7eecc8b 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -645,6 +645,7 @@ static int RsaMGF(int type, byte* seed, word32 seedSz, byte* out, /* Padding */ +#ifndef WC_NO_RNG #ifndef WC_NO_RSA_OAEP static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock, word32 pkcsBlockLen, byte padValue, WC_RNG* rng, @@ -896,7 +897,7 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock, return 0; } -#endif +#endif /* WC_RSA_PSS */ static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, word32 pkcsBlockLen, byte padValue, WC_RNG* rng) @@ -946,6 +947,7 @@ static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, return 0; } +#endif /* !WC_NO_RNG */ /* helper function to direct which padding is used */ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, @@ -955,6 +957,7 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, { int ret; +#ifndef WC_NO_RNG switch (padType) { case WC_RSA_PKCSV15_PAD: @@ -1000,8 +1003,18 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, WOLFSSL_MSG("Unknown RSA Pad Type"); ret = RSA_PAD_E; } +#else + ret = NOT_COMPILED_IN; +#endif /* silence warning if not used with padding scheme */ + (void)input; + (void)inputLen; + (void)pkcsBlock; + (void)pkcsBlockLen; + (void)padValue; + (void)rng; + (void)padType; (void)hType; (void)mgf; (void)optLabel; @@ -1455,7 +1468,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out, case RSA_PRIVATE_DECRYPT: case RSA_PRIVATE_ENCRYPT: { - #ifdef WC_RSA_BLINDING + #if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG) /* blind */ ret = mp_rand(rnd, get_digit_count(&key->n), rng); @@ -1470,7 +1483,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out, /* tmp = tmp*rnd mod n */ if (ret == 0 && mp_mulmod(tmp, rnd, &key->n, tmp) != MP_OKAY) ret = MP_MULMOD_E; - #endif /* WC_RSA_BLINDING */ + #endif /* WC_RSA_BLINDING && !WC_NO_RNG */ #ifdef RSA_LOW_MEM /* half as much memory but twice as slow */ if (ret == 0 && mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY) @@ -2896,6 +2909,7 @@ int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz, /* Make an RSA key for size bits, with e specified, 65537 is a good e */ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) { +#ifndef WC_NO_RNG mp_int p, q, tmp1, tmp2, tmp3; int err, i, failCount, primeSz, isPrime = 0; byte* buf = NULL; @@ -3086,8 +3100,10 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) return BAD_STATE_E; } #endif - return 0; +#else + return NOT_COMPILED_IN; +#endif } #endif /* !FIPS || FIPS_VER >= 2 */ #endif /* WOLFSSL_KEY_GEN */ diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index 8a53827b3..2147275dc 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -2947,6 +2947,7 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) } } +#ifndef WC_NO_RNG /* now do a miller rabin with up to t random numbers, this should * give a (1/4)^t chance of a false prime. */ if (ret == FP_YES) { @@ -2989,12 +2990,14 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif } +#else + (void)t; +#endif /* !WC_NO_RNG */ *result = ret; return FP_OKAY; } - -#endif /* NO_RSA NO_DSA NO_DH WOLFSSL_KEY_GEN */ +#endif /* !NO_RSA || !NO_DSA || !NO_DH || WOLFSSL_KEY_GEN */ #ifdef WOLFSSL_KEY_GEN diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c index f5b1a0a4b..b9fc47877 100644 --- a/wolfcrypt/src/wolfmath.c +++ b/wolfcrypt/src/wolfmath.c @@ -91,6 +91,7 @@ mp_digit get_digit(mp_int* a, int n) return (n >= a->used || n < 0) ? 0 : a->dp[n]; } +#ifndef WC_NO_RNG int get_rand_digit(WC_RNG* rng, mp_digit* d) { return wc_RNG_GenerateBlock(rng, (byte*)d, sizeof(mp_digit)); @@ -149,6 +150,7 @@ exit: return ret; } #endif /* WC_RSA_BLINDING */ +#endif /* export an mp_int as unsigned char or hex string * encType is WC_TYPE_UNSIGNED_BIN or WC_TYPE_HEX_STR diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 697e2e9c3..0d8db723c 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -178,7 +178,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz); WOLFSSL_API int wc_FreeNetRandom(void); #endif /* HAVE_WNR */ - +#ifndef WC_NO_RNG WOLFSSL_API int wc_InitRng(WC_RNG*); WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId); WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz); @@ -187,6 +187,16 @@ WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz, WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz); WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*); WOLFSSL_API int wc_FreeRng(WC_RNG*); +#else +#define wc_InitRng(rng) NOT_COMPILED_IN +#define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN +#define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN +#define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN +#define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN +#define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN +#define wc_FreeRng(rng) NOT_COMPILED_IN +#endif + #ifdef HAVE_HASHDRBG diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h index 8aebfd2e0..b693c97d7 100644 --- a/wolfssl/wolfcrypt/tfm.h +++ b/wolfssl/wolfcrypt/tfm.h @@ -732,7 +732,7 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size); #if !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) || defined(WOLFSSL_KEY_GEN) MP_API int mp_prime_is_prime(mp_int* a, int t, int* result); MP_API int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); -#endif /* NO_DH NO_DSA NO_RSA WOLFSSL_KEY_GEN */ +#endif /* !NO_DH || !NO_DSA || !NO_RSA || WOLFSSL_KEY_GEN */ #ifdef WOLFSSL_KEY_GEN MP_API int mp_gcd(fp_int *a, fp_int *b, fp_int *c); MP_API int mp_lcm(fp_int *a, fp_int *b, fp_int *c);