From bfebeae53350ec7970d50571783447077f6adb9e Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 23 Jun 2025 14:36:35 -0700 Subject: [PATCH] Revert PR #8911. For TLS v1.2 RSA only is only supported with `WOLFSSL_STATIC_RSA`. For TLS v1.3 RSA only is not supported (must be PFS). --- src/internal.c | 6 +++--- src/ssl.c | 6 ++---- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/internal.c b/src/internal.c index 0a48149a7..760b521ae 100644 --- a/src/internal.c +++ b/src/internal.c @@ -19621,8 +19621,8 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input, #endif (void)out; - (void)input; (void)sz; + (void)type; if (input == NULL) { return BAD_FUNC_ARG; @@ -19699,8 +19699,8 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input, additionalSz = writeAeadAuthData(ssl, /* Length of the plain text minus the explicit * IV length minus the authentication tag size. */ - sz - (word16)(AESGCM_EXP_IV_SZ) - ssl->specs.aead_mac_size, type, - ssl->encrypt.additional, 0, NULL, CUR_ORDER); + sz - (word16)(AESGCM_EXP_IV_SZ) - ssl->specs.aead_mac_size, + type, ssl->encrypt.additional, 0, NULL, CUR_ORDER); if (additionalSz < 0) { ret = additionalSz; break; diff --git a/src/ssl.c b/src/ssl.c index a188b87f1..ecc7b60c8 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -48,11 +48,9 @@ #if !defined(WOLFSSL_ALLOW_NO_SUITES) && !defined(WOLFCRYPT_ONLY) #if defined(NO_DH) && !defined(HAVE_ECC) && !defined(WOLFSSL_STATIC_RSA) \ && !defined(WOLFSSL_STATIC_DH) && !defined(WOLFSSL_STATIC_PSK) \ - && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) \ - && defined(NO_RSA) + && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) #error "No cipher suites defined because DH disabled, ECC disabled, " \ - "RSA disabled and no static suites defined. " \ - "Please see top of README" + "and no static suites defined. Please see top of README" #endif #ifdef WOLFSSL_CERT_GEN /* need access to Cert struct for creating certificate */