Allow compiling without RSA or DH
Only library and programs now, need to check test suites later.
This commit is contained in:
Manuel Pégourié-Gonnard
parent
ee98f8e7a3
commit
e511ffca50
5 changed files with 24 additions and 14 deletions
|
|
@ -29,8 +29,6 @@
|
|||
|
||||
#include "config.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
|
||||
#include "bignum.h"
|
||||
#include "md.h"
|
||||
|
||||
|
|
@ -59,6 +57,12 @@
|
|||
#define RSA_SIGN 1
|
||||
#define RSA_CRYPT 2
|
||||
|
||||
/*
|
||||
* The above constants may be used even if the RSA module is compile out,
|
||||
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
|
||||
*/
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -29,9 +29,8 @@
|
|||
|
||||
#include "polarssl/pk_wrap.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/* Even if RSA not activated, for the sake of RSA-alt */
|
||||
#include "polarssl/rsa.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#include "polarssl/ecp.h"
|
||||
|
|
@ -49,12 +48,13 @@
|
|||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/* Used by RSA-alt too */
|
||||
static int rsa_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_RSA );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
static size_t rsa_get_size( const void *ctx )
|
||||
{
|
||||
return( 8 * ((rsa_context *) ctx)->len );
|
||||
|
|
|
|||
|
|
@ -1071,7 +1071,8 @@ static int ssl_parse_server_hello( ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p,
|
||||
unsigned char *end )
|
||||
{
|
||||
|
|
@ -1105,7 +1106,8 @@ static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p,
|
|||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
|
|
|
|||
|
|
@ -2144,7 +2144,8 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p,
|
|||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
static int ssl_parse_client_ecdh_public( ssl_context *ssl )
|
||||
{
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
|
@ -2173,7 +2174,8 @@ static int ssl_parse_client_ecdh_public( ssl_context *ssl )
|
|||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
|
||||
static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
|
||||
|
|
|
|||
|
|
@ -3937,7 +3937,7 @@ int x509_self_test( int verbose )
|
|||
size_t i, j;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
dhm_context dhm;
|
||||
#endif
|
||||
|
|
@ -3975,9 +3975,9 @@ int x509_self_test( int verbose )
|
|||
i = strlen( test_ca_key );
|
||||
j = strlen( test_ca_pwd );
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
pk_init( &pkey );
|
||||
|
||||
if( ( ret = x509parse_key_rsa( &rsa,
|
||||
if( ( ret = x509parse_key( &pkey,
|
||||
(const unsigned char *) test_ca_key, i,
|
||||
(const unsigned char *) test_ca_pwd, j ) ) != 0 )
|
||||
{
|
||||
|
|
@ -3990,12 +3990,14 @@ int x509_self_test( int verbose )
|
|||
if( verbose != 0 )
|
||||
printf( "passed\n X.509 signature verify: ");
|
||||
|
||||
ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
|
||||
ret = x509parse_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
|
||||
if( ret != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( "failed\n" );
|
||||
|
||||
printf("ret = %d, &flags = %04x\n", ret, flags);
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
|
@ -4020,7 +4022,7 @@ int x509_self_test( int verbose )
|
|||
|
||||
x509_free( &cacert );
|
||||
x509_free( &clicert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
dhm_free( &dhm );
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue