Commit e511ffca authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Allow compiling without RSA or DH

Only library and programs now, need to check test suites later.
parent ee98f8e7
......@@ -29,8 +29,6 @@
#include "config.h"
#if defined(POLARSSL_RSA_C)
#include "bignum.h"
#include "md.h"
......@@ -59,6 +57,12 @@
#define RSA_SIGN 1
#define RSA_CRYPT 2
/*
* The above constants may be used even if the RSA module is compile out,
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
*/
#if defined(POLARSSL_RSA_C)
#ifdef __cplusplus
extern "C" {
#endif
......
......@@ -29,9 +29,8 @@
#include "polarssl/pk_wrap.h"
#if defined(POLARSSL_RSA_C)
/* Even if RSA not activated, for the sake of RSA-alt */
#include "polarssl/rsa.h"
#endif
#if defined(POLARSSL_ECP_C)
#include "polarssl/ecp.h"
......@@ -49,12 +48,13 @@
#define polarssl_free free
#endif
#if defined(POLARSSL_RSA_C)
/* Used by RSA-alt too */
static int rsa_can_do( pk_type_t type )
{
return( type == POLARSSL_PK_RSA );
}
#if defined(POLARSSL_RSA_C)
static size_t rsa_get_size( const void *ctx )
{
return( 8 * ((rsa_context *) ctx)->len );
......
......@@ -1071,7 +1071,8 @@ static int ssl_parse_server_hello( ssl_context *ssl )
return( 0 );
}
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p,
unsigned char *end )
{
......@@ -1105,7 +1106,8 @@ static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p,
return( ret );
}
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
......
......@@ -2144,7 +2144,8 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p,
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
static int ssl_parse_client_ecdh_public( ssl_context *ssl )
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
......@@ -2173,7 +2174,8 @@ static int ssl_parse_client_ecdh_public( ssl_context *ssl )
return( ret );
}
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
......
......@@ -3937,7 +3937,7 @@ int x509_self_test( int verbose )
size_t i, j;
x509_cert cacert;
x509_cert clicert;
rsa_context rsa;
pk_context pkey;
#if defined(POLARSSL_DHM_C)
dhm_context dhm;
#endif
......@@ -3975,9 +3975,9 @@ int x509_self_test( int verbose )
i = strlen( test_ca_key );
j = strlen( test_ca_pwd );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
pk_init( &pkey );
if( ( ret = x509parse_key_rsa( &rsa,
if( ( ret = x509parse_key( &pkey,
(const unsigned char *) test_ca_key, i,
(const unsigned char *) test_ca_pwd, j ) ) != 0 )
{
......@@ -3990,12 +3990,14 @@ int x509_self_test( int verbose )
if( verbose != 0 )
printf( "passed\n X.509 signature verify: ");
ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
ret = x509parse_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
if( ret != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
printf("ret = %d, &flags = %04x\n", ret, flags);
return( ret );
}
......@@ -4020,7 +4022,7 @@ int x509_self_test( int verbose )
x509_free( &cacert );
x509_free( &clicert );
rsa_free( &rsa );
pk_free( &pkey );
#if defined(POLARSSL_DHM_C)
dhm_free( &dhm );
#endif
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment