From fac834c80af93f990024373b160a72c32584fa1a Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 17 Apr 2024 00:40:39 -0500 Subject: [PATCH] configure.ac: in setup for enable-all and enable-all-crypto with enable-32bit, fix inconsistency whereby SHAKE was enabled but SHA512 and SHA3 weren't; remove unneeded+unwanted ENABLED_32BIT conditional force-off of SHA512, SHA384, SHA3, ED25519 (harmonizes with FIPS v6). --- configure.ac | 50 ++++++++++++++++++-------------------------------- 1 file changed, 18 insertions(+), 32 deletions(-) diff --git a/configure.ac b/configure.ac index c0d1194f1..152da7ed9 100644 --- a/configure.ac +++ b/configure.ac @@ -809,6 +809,8 @@ then test "$enable_camellia" = "" && enable_camellia=yes test "$enable_ripemd" = "" && enable_ripemd=yes test "$enable_sha224" = "" && enable_sha224=yes + test "$enable_sha512" = "" && enable_sha512=yes + test "$enable_sha3" = "" && enable_sha3=yes test "$enable_shake128" = "" && enable_shake128=yes test "$enable_shake256" = "" && enable_shake256=yes test "$enable_sessioncerts" = "" && enable_sessioncerts=yes @@ -867,12 +869,6 @@ then test "$enable_ech" = "" && enable_ech=yes test "$enable_srtp" = "" && enable_srtp=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_sha512" = "" && enable_sha512=yes - test "$enable_sha3" = "" && enable_sha3=yes - fi - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then test "$enable_compkey" = "" && enable_compkey=yes @@ -923,13 +919,10 @@ then test "$enable_pkcs7" = "" && enable_pkcs7=yes test "$enable_nullcipher" = "" && enable_nullcipher=yes test "$enable_mcast" = "" && enable_mcast=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_ed25519" = "" && enable_ed25519=yes - test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes - test "$enable_ed448" = "" && enable_ed448=yes - test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes - fi + test "$enable_ed25519" = "" && enable_ed25519=yes + test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes + test "$enable_ed448" = "" && enable_ed448=yes + test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then @@ -1005,6 +998,8 @@ then test "$enable_camellia" = "" && enable_camellia=yes test "$enable_ripemd" = "" && enable_ripemd=yes test "$enable_sha224" = "" && enable_sha224=yes + test "$enable_sha512" = "" && enable_sha512=yes + test "$enable_sha3" = "" && enable_sha3=yes test "$enable_shake128" = "" && enable_shake128=yes test "$enable_shake256" = "" && enable_shake256=yes test "$enable_sessioncerts" = "" && enable_sessioncerts=yes @@ -1047,12 +1042,6 @@ then test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes test "$enable_srtp_kdf" = "" && enable_srtp_kdf=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_sha512" = "" && enable_sha512=yes - test "$enable_sha3" = "" && enable_sha3=yes - fi - if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then test "$enable_compkey" = "" && enable_compkey=yes @@ -1074,13 +1063,10 @@ then test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes test "$enable_pkcs7" = "" && enable_pkcs7=yes test "$enable_nullcipher" = "" && enable_nullcipher=yes - if test "$ENABLED_32BIT" != "yes" - then - test "$enable_ed25519" = "" && enable_ed25519=yes - test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes - test "$enable_ed448" = "" && enable_ed448=yes - test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes - fi + test "$enable_ed25519" = "" && enable_ed25519=yes + test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes + test "$enable_ed448" = "" && enable_ed448=yes + test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" then @@ -3433,7 +3419,7 @@ fi # set sha3 default SHA3_DEFAULT=no if (test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" || - test "$host_cpu" = "amd64") && test "$ENABLED_32BIT" = "no" + test "$host_cpu" = "amd64") then if test "x$ENABLED_FIPS" = "xno" || test "$HAVE_FIPS_VERSION" -ge 2 then @@ -3475,7 +3461,7 @@ AC_ARG_ENABLE([sha512], ) # options that don't require sha512 -if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes" +if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes" then ENABLED_SHA512="no" fi @@ -3501,7 +3487,7 @@ AC_ARG_ENABLE([sha384], ) # options that don't require sha384 -if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_32BIT" = "yes" || test "$ENABLED_16BIT" = "yes" +if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes" || test "$ENABLED_16BIT" = "yes" then ENABLED_SHA384="no" fi @@ -5406,7 +5392,7 @@ then fi # Set SHA-3 flags -if test "$ENABLED_SHA3" != "no" && test "$ENABLED_32BIT" = "no" +if test "$ENABLED_SHA3" != "no" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA3" fi @@ -8835,9 +8821,9 @@ AS_IF([test "x$ENABLED_CERTGEN" = "xyes"], AS_IF([test "x$ENABLED_CERTEXT" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_EXT"]) -AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"], +AS_IF([test "x$ENABLED_ED25519" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"]) -AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"], +AS_IF([test "x$ENABLED_ED25519" = "xyes"], [AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_ED25519"]) AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"],