Skip to content

Commit 0dd5009

Browse files
dgarskedgarske
authored
Merge pull request wolfSSL#9768 from anhu/wc_CheckPrivateKey
wc_CheckPrivateKey returns NOT_COMPILED_IN for certain gating flags
2 parents 63b9d13 + 50fbf7f commit 0dd5009

File tree

2 files changed

+22
-0
lines changed

2 files changed

+22
-0
lines changed

tests/api.c

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21634,6 +21634,23 @@ static int test_EccSigFailure_cm(void)
2163421634
#endif /* !NO_RSA || HAVE_ECC */
2163521635
#endif /* NO_CERTS */
2163621636

21637+
static int test_wc_CheckPrivateKey_RSA_pub_only(void)
21638+
{
21639+
EXPECT_DECLS;
21640+
#if !defined(NO_RSA) && !defined(NO_ASN_CRYPT) && \
21641+
!defined(NO_CHECK_PRIVATE_KEY) && \
21642+
(defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_RSA_VERIFY_ONLY))
21643+
/* With RSA public-only or verify-only, wc_CheckPrivateKey should return
21644+
* NOT_COMPILED_IN for RSA key types since private key operations are not
21645+
* available. */
21646+
ExpectIntEQ(wc_CheckPrivateKey(server_key_der_2048,
21647+
sizeof_server_key_der_2048, server_cert_der_2048,
21648+
sizeof_server_cert_der_2048, RSAk, NULL),
21649+
WC_NO_ERR_TRACE(NOT_COMPILED_IN));
21650+
#endif
21651+
return EXPECT_RESULT();
21652+
}
21653+
2163721654
#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
2163821655
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \
2163921656
!defined(NO_AES) && defined(HAVE_AES_CBC) && \
@@ -32683,6 +32700,7 @@ TEST_CASE testCases[] = {
3268332700
TEST_DECL(test_EccSigFailure_cm),
3268432701
TEST_DECL(test_RsaSigFailure_cm),
3268532702
#endif
32703+
TEST_DECL(test_wc_CheckPrivateKey_RSA_pub_only),
3268632704

3268732705
/* PKCS8 testing */
3268832706
TEST_DECL(test_wolfSSL_no_password_cb),

wolfcrypt/src/asn.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8565,6 +8565,9 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
85658565
|| ks == RSAPSSk
85668566
#endif
85678567
) {
8568+
#if defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_RSA_VERIFY_ONLY)
8569+
ret = NOT_COMPILED_IN;
8570+
#else
85688571
#ifdef WOLFSSL_SMALL_STACK
85698572
RsaKey* a;
85708573
RsaKey* b = NULL;
@@ -8619,6 +8622,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
86198622
wc_FreeRsaKey(a);
86208623
WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_RSA);
86218624
WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_RSA);
8625+
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
86228626
}
86238627
else
86248628
#endif /* !NO_RSA && !NO_ASN_CRYPT */

0 commit comments

Comments
 (0)