wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 14:32:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9219 from kareem-wolfssl/zd20538

Browse Source 
Fix building with --enable-keygen --enable-rsavfy.
This commit is contained in:
David Garske
2025-09-26 14:08:33 -07:00
committed by GitHub
parent b982f86d2f 23f595586d
commit eda6c184bb
6 changed files with 45 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/internal.c
View File

@@ -5013,7 +5013,8 @@ int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf)
}
#endif
#if !defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)
#if (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) && \
(!defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key,
DerBuffer* keyBufInfo)
@@ -5317,7 +5318,8 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
#ifndef WOLFSSL_NO_TLS12
#if !defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)
#if (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)
int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
RsaKey* key, DerBuffer* keyBufInfo)
{
@@ -5382,6 +5384,7 @@ int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
}
#endif /* !NO_WOLFSSL_SERVER) || !WOLFSSL_NO_CLIENT_AUTH */
#ifndef WOLFSSL_RSA_VERIFY_ONLY
int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
RsaKey* key, buffer* keyBufInfo)
{
@@ -5441,6 +5444,7 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
return ret;
}
#endif
#endif /* !WOLFSSL_NO_TLS12 */
@@ -33912,7 +33916,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
{
switch(ssl->specs.kea)
{
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
case rsa_kea:
{
ret = RsaEnc(ssl,
@@ -33928,7 +33932,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif /* !NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_VERIFY_ONLY */
#ifndef NO_DH
case diffie_hellman_kea:
{
@@ -34759,7 +34763,8 @@ int SendCertificateVerify(WOLFSSL* ssl)
);
}
#endif /* HAVE_ED448 && !NO_ED448_CLIENT_AUTH */
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
RsaKey* key = (RsaKey*)ssl->hsKey;
@@ -34773,7 +34778,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
ssl->buffers.key
);
}
#endif /* !NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
/* Check for error */
if (ret != 0) {
@@ -36837,7 +36842,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* Sign hash to create signature */
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
#if !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
#endif
@@ -36856,7 +36863,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
);
break;
}
#endif /* !NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_PUBLIC_ONLY
&& !WOLFSSL_RSA_VERIFY_ONLY */
#ifdef HAVE_ECC
#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
case sm2_sa_algo:
@@ -36950,7 +36958,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* Sign hash to create signature */
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
#if !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
#endif
@@ -36973,7 +36983,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
);
break;
}
#endif /* NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_PUBLIC_ONLY
&& !WOLFSSL_RSA_VERIFY_ONLY */
default:
break;
} /* switch (ssl->options.sigAlgo) */
@@ -41653,7 +41664,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
case TLS_ASYNC_DO:
{
switch (ssl->specs.kea) {
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
case rsa_kea:
{
RsaKey* key = (RsaKey*)ssl->hsKey;
@@ -41689,7 +41700,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
ret = 0;
break;
} /* rsa_kea */
#endif /* !NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_PUBLIC_ONLY */
#ifndef NO_PSK
case psk_kea:
{

10
src/tls13.c
View File

@@ -9549,7 +9549,8 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args->length = (word16)args->sigLen;
}
#endif /* HAVE_DILITHIUM */
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
args->toSign = rsaSigBuf->buffer;
args->toSignSz = (word32)rsaSigBuf->length;
@@ -9570,7 +9571,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
XMEMCPY(args->sigData, sigOut, args->sigLen);
}
}
#endif /* !NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
/* Check for error */
if (ret != 0) {
@@ -9603,7 +9604,8 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
);
}
#endif /* HAVE_ECC */
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
if (ssl->hsAltType == DYNAMIC_TYPE_RSA) {
args->toSign = rsaSigBuf->buffer;
args->toSignSz = (word32)rsaSigBuf->length;
@@ -9625,7 +9627,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
XMEMCPY(args->altSigData, sigOut, args->altSigLen);
}
}
#endif /* !NO_RSA */
#endif /* !NO_RSA && !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
#if defined(HAVE_FALCON)
if (ssl->hsAltType == DYNAMIC_TYPE_FALCON) {
ret = wc_falcon_sign_msg(args->altSigData,

11
tests/api/test_rsa.c
View File

@@ -771,7 +771,8 @@ int test_wc_RsaKeyToPublicDer(void)
int test_wc_RsaPublicEncryptDecrypt(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)
RsaKey key;
WC_RNG rng;
const char inStr[] = TEST_STRING;
@@ -840,14 +841,16 @@ int test_wc_RsaPublicEncryptDecrypt_ex(void)
WC_RNG rng;
const char inStr[] = TEST_STRING;
const word32 inLen = (word32)TEST_STRING_SZ;
const word32 plainSz = (word32)TEST_STRING_SZ;
byte* res = NULL;
int idx = 0;
int bits = TEST_RSA_BITS;
const word32 cipherSz = TEST_RSA_BYTES;
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
const word32 plainSz = (word32)TEST_STRING_SZ;
byte* res = NULL;
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
#endif
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL);

10
wolfcrypt/benchmark/benchmark.c
View File

@@ -3656,7 +3656,7 @@ static void* benchmarks_do(void* args)
#if !defined(NO_RSA) && !defined(WC_NO_RNG)
#ifndef HAVE_RENESAS_SYNC
#if defined(WOLFSSL_KEY_GEN)
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
if (bench_all || (bench_asym_algs & BENCH_RSA_KEYGEN)) {
#ifndef NO_SW_BENCH
if (((word32)bench_asym_algs == 0xFFFFFFFFU) ||
@@ -3686,7 +3686,7 @@ static void* benchmarks_do(void* args)
#endif
}
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
if (bench_asym_algs & BENCH_RSA_SZ) {
#ifndef NO_SW_BENCH
bench_rsa_key(0, bench_size);
@@ -8763,7 +8763,7 @@ void bench_srtpkdf(void)
#ifndef NO_RSA
#if defined(WOLFSSL_KEY_GEN)
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
{
WC_DECLARE_ARRAY(genKey, RsaKey, BENCH_MAX_PENDING,
@@ -8871,7 +8871,7 @@ void bench_rsaKeyGen_size(int useDeviceID, word32 keySz)
{
bench_rsaKeyGen_helper(useDeviceID, keySz);
}
#endif /* WOLFSSL_KEY_GEN */
#endif /* WOLFSSL_KEY_GEN && !WOLFSSL_RSA_PUBLIC_ONLY */
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \
!defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096)
@@ -9341,7 +9341,7 @@ exit:
}
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
/* bench any size of RSA key */
void bench_rsa_key(int useDeviceID, word32 rsaKeySz)
{

2
wolfcrypt/src/rsa.c
View File

@@ -4469,7 +4469,7 @@ int wc_RsaExportKey(RsaKey* key,
#endif
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
/* Check that |p-q| > 2^((size/2)-100) */
static int wc_CompareDiffPQ(mp_int* p, mp_int* q, int size, int* valid)

6
wolfcrypt/test/test.c
View File

@@ -19187,7 +19187,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void)
#endif /* !NO_RSA */
#if !defined(NO_RSA) || !defined(NO_DSA)
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
static const char* keyDerFile = CERT_WRITE_TEMP_DIR "key.der";
static const char* keyPemFile = CERT_WRITE_TEMP_DIR "key.pem";
#endif
@@ -21927,7 +21927,7 @@ exit_rsa:
}
#endif /* !NO_RSA && HAVE_ECC && WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
static wc_test_ret_t rsa_keygen_test(WC_RNG* rng)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -22861,7 +22861,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
#endif /* WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
ret = rsa_keygen_test(&rng);
if (ret != 0)
goto exit_rsa;