Merge pull request #113 from dgarske/alg_enables

Fixes to support build disables like SHA1, SHA3 and PRF

Author: mattia-moffa

examples/add_cert_file.c

@@ -39,7 +39,7 @@
 #include <dlfcn.h>
 #endif
 
-#ifndef WOLFPKCS11_NO_STORE
+#if !defined(WOLFPKCS11_NO_STORE) && !defined(NO_FILESYSTEM)
 
 #ifdef DEBUG_WOLFPKCS11
     #define CHECK_CKR(rv, op)                       \
@@ -397,5 +397,4 @@ int add_cert(int argc, char* argv[])
     return 0;
 }
 
-#endif
-
+#endif /* !WOLFPKCS11_NO_STORE && !NO_FILESYSTEM */

examples/add_rsa_key_file.c

@@ -40,7 +40,7 @@
 #include <dlfcn.h>
 #endif
 
-#if !defined(WOLFPKCS11_NO_STORE) && !defined(NO_RSA)
+#if !defined(WOLFPKCS11_NO_STORE) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
 
 #ifdef DEBUG_WOLFPKCS11
     #define CHECK_CKR(rv, op)                                   \
@@ -422,5 +422,4 @@ int add_rsa_key_file(int argc, char* argv[])
     return 0;
 }
 
-#endif
-
+#endif /* !WOLFPKCS11_NO_STORE && !NO_RSA && !NO_FILESYSTEM */

src/crypto.c

@@ -1088,8 +1088,8 @@ CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
     WOLFPKCS11_ENTER("C_CopyObject");
     #ifdef DEBUG_WOLFPKCS11
     if (wolfpkcs11_debugging) {
-        WOLFPKCS11_MSG("  hSession=%lu, hObject=%lu, ulCount=%lu", 
-                       (unsigned long)hSession, (unsigned long)hObject, 
+        WOLFPKCS11_MSG("  hSession=%lu, hObject=%lu, ulCount=%lu",
+                       (unsigned long)hSession, (unsigned long)hObject,
                        (unsigned long)ulCount);
     }
     #endif
@@ -1312,8 +1312,8 @@ CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession,
     WOLFPKCS11_ENTER("C_GetAttributeValue");
     #ifdef DEBUG_WOLFPKCS11
     if (wolfpkcs11_debugging) {
-        WOLFPKCS11_MSG("  hSession=%lu, hObject=%lu, ulCount=%lu", 
-                       (unsigned long)hSession, (unsigned long)hObject, 
+        WOLFPKCS11_MSG("  hSession=%lu, hObject=%lu, ulCount=%lu",
+                       (unsigned long)hSession, (unsigned long)hObject,
                        (unsigned long)ulCount);
     }
     #endif
@@ -1414,8 +1414,8 @@ CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession,
     WOLFPKCS11_ENTER("C_SetAttributeValue");
     #ifdef DEBUG_WOLFPKCS11
     if (wolfpkcs11_debugging) {
-        WOLFPKCS11_MSG("  hSession=%lu, hObject=%lu, ulCount=%lu", 
-                       (unsigned long)hSession, (unsigned long)hObject, 
+        WOLFPKCS11_MSG("  hSession=%lu, hObject=%lu, ulCount=%lu",
+                       (unsigned long)hSession, (unsigned long)hObject,
                        (unsigned long)ulCount);
     }
     #endif
@@ -6534,6 +6534,7 @@ CK_RV C_WrapKey(CK_SESSION_HANDLE hSession,
             break;
     }
     (void)pWrappedKey;
+    (void)wrapkeyType;
 
 err_out:
 
@@ -6724,6 +6725,7 @@ CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession,
             rv = CKR_KEY_NOT_WRAPPABLE;
             goto err_out;
     }
+    (void)wrapkeyType;
 
 err_out:
 
@@ -6772,6 +6774,7 @@ static int SymmKeyLen(WP11_Object* obj, word32 len, word32* symmKeyLen)
 }
 #endif
 
+#ifdef WOLFSSL_HAVE_PRF
 static int SetKeyExtract(WP11_Session* session, byte* ptr, CK_ULONG length,
                          CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
                          CK_BBOOL isMac, CK_OBJECT_HANDLE* handle)
@@ -6909,6 +6912,7 @@ static int Tls12_Extract_Keys(WP11_Session* session,
     }
     return ret;
 }
+#endif
 
 /**
  * Generate a symmetric key into a new key object.

src/internal.c

@@ -9570,6 +9570,7 @@ int WP11_AesCbc_DeriveKey(unsigned char* plain, word32 plainSz,
     return ret;
 }
 
+#ifdef WOLFSSL_HAVE_PRF
 /* Used for wc_PRF_TLS, less than sha256_mac not possible */
 static enum wc_MACAlgorithm MechToMac(CK_MECHANISM_TYPE mech)
 {
@@ -9589,7 +9590,6 @@ static enum wc_MACAlgorithm MechToMac(CK_MECHANISM_TYPE mech)
     }
 }
 
-#ifdef WOLFSSL_HAVE_PRF
 int WP11_Tls12_Master_Key_Derive(CK_SSL3_RANDOM_DATA* random,
                                  CK_MECHANISM_TYPE mech, const char* label,
                                  CK_ULONG ulLabelLen, byte* enc,
@@ -9667,7 +9667,7 @@ int WP11_Nss_Tls12_Master_Key_Derive(CK_BYTE_PTR pSessionHash,
     return ret;
 }
 #endif
-#endif
+#endif /* WOLFSSL_HAVE_PRF */
 
 /**
  * Encrypt plain text with AES-CBC.

src/slot.c

@@ -643,9 +643,11 @@ static CK_MECHANISM_INFO ssl3MasterKeyDeriveInfo = {
     48, 48, CKF_DERIVE
 };
 #endif
+#ifdef WOLFSSL_HAVE_PRF
 static CK_MECHANISM_INFO tlsMacMechInfo = {
     0, 512, CKF_SIGN | CKF_VERIFY
 };
+#endif
 #ifndef NO_AES
 static CK_MECHANISM_INFO aesKeyGenMechInfo = {
     16, 32, CKF_GENERATE
@@ -1295,7 +1297,7 @@ CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
     WOLFPKCS11_ENTER("C_SetPIN");
     #ifdef DEBUG_WOLFPKCS11
     if (wolfpkcs11_debugging) {
-        WOLFPKCS11_MSG("  hSession=%lu, ulOldLen=%lu, ulNewLen=%lu", 
+        WOLFPKCS11_MSG("  hSession=%lu, ulOldLen=%lu, ulNewLen=%lu",
                        (unsigned long)hSession, (unsigned long)ulOldLen, (unsigned long)ulNewLen);
     }
     #endif
@@ -1658,7 +1660,7 @@ CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession,
     WOLFPKCS11_ENTER("C_SetOperationState");
     #ifdef DEBUG_WOLFPKCS11
     if (wolfpkcs11_debugging) {
-        WOLFPKCS11_MSG("  hSession=%lu, ulOperationStateLen=%lu", 
+        WOLFPKCS11_MSG("  hSession=%lu, ulOperationStateLen=%lu",
                        (unsigned long)hSession, (unsigned long)ulOperationStateLen);
     }
     #endif
@@ -1719,7 +1721,7 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
     WOLFPKCS11_ENTER("C_Login");
     #ifdef DEBUG_WOLFPKCS11
     if (wolfpkcs11_debugging) {
-        WOLFPKCS11_MSG("  hSession=%lu, userType=%lu, ulPinLen=%lu", 
+        WOLFPKCS11_MSG("  hSession=%lu, userType=%lu, ulPinLen=%lu",
                        (unsigned long)hSession, (unsigned long)userType, (unsigned long)ulPinLen);
     }
     #endif

tests/debug_test.c

@@ -23,7 +23,25 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#include "wolfpkcs11/pkcs11.h"
+
+#ifdef HAVE_CONFIG_H
+    #include <wolfpkcs11/config.h>
+#endif
+
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef WOLFPKCS11_USER_SETTINGS
+    #include <wolfpkcs11/options.h>
+#endif
+#include <wolfpkcs11/pkcs11.h>
+
+#ifndef HAVE_PKCS11_STATIC
+#include <dlfcn.h>
+#endif
 
 #ifdef DEBUG_WOLFPKCS11
 static FILE* original_stdout = NULL;
@@ -42,23 +60,23 @@ static int check_debug_output(void)
 {
     char buffer[1024];
     int found_debug = 0;
-    
+
     if (!capture_file) {
         return 0;
     }
-    
+
     stdout = original_stdout;
     rewind(capture_file);
-    
+
     while (fgets(buffer, sizeof(buffer), capture_file)) {
-        if (strstr(buffer, "WOLFPKCS11 ENTER:") || 
+        if (strstr(buffer, "WOLFPKCS11 ENTER:") ||
             strstr(buffer, "WOLFPKCS11 LEAVE:") ||
             strstr(buffer, "WOLFPKCS11:")) {
             found_debug = 1;
             break;
         }
     }
-    
+
     fclose(capture_file);
     return found_debug;
 }
@@ -83,48 +101,48 @@ int main(void)
 
     printf("=== wolfPKCS11 Debug Test Program ===\n");
     printf("Debug mode is ENABLED (DEBUG_WOLFPKCS11 defined)\n");
-    
+
     printf("\nTesting debug control functions:\n");
     wolfPKCS11_Debugging_On();
     printf("Debug enabled\n");
-    
+
     wolfPKCS11_Debugging_Off();
     printf("Debug disabled\n");
-    
+
     wolfPKCS11_Debugging_On();
     printf("Debug re-enabled\n");
-    
+
     printf("\nTesting PKCS#11 functions with debug output capture:\n");
-    
+
     setup_output_capture();
-    
+
     rv = C_GetFunctionList(&pFunctionList);
-    
+
     if (rv == CKR_OK && pFunctionList != NULL) {
         rv = pFunctionList->C_Initialize(NULL);
-        
+
         if (rv == CKR_OK) {
             CK_INFO info;
             rv = pFunctionList->C_GetInfo(&info);
             pFunctionList->C_Finalize(NULL);
         }
     }
-    
+
     debug_found = check_debug_output();
-    
+
     printf("C_GetFunctionList returned: %lu\n", (unsigned long)rv);
     printf("Debug output detection: %s\n", debug_found ? "PASS" : "FAIL");
-    
+
     wolfPKCS11_Debugging_Off();
     printf("Debug disabled at end\n");
-    
+
     printf("\n=== Test Complete ===\n");
-    
+
     if (!debug_found) {
         printf("ERROR: No debug output was detected during PKCS#11 function calls\n");
         return 1;
     }
-    
+
     printf("SUCCESS: Debug output was properly generated\n");
     return 0;
 #endif

tests/pkcs11mtt.c

@@ -2766,26 +2766,34 @@ static CK_RV test_rsa_fixed_keys_oaep(void* args)
                                                       (unsigned char*)"aad", 3);
         CHECK_CKR(ret, "SHA256 with AAD");
     }
+#ifndef NO_SHA
     if (ret == CKR_OK) {
         ret = rsa_oaep_test(session, priv, pub, CKM_SHA1, CKG_MGF1_SHA1, NULL,
                                                                              0);
         CHECK_CKR(ret, "SHA1 No AAD");
     }
+#endif
+#ifdef WOLFSSL_SHA224
     if (ret == CKR_OK) {
         ret = rsa_oaep_test(session, priv, pub, CKM_SHA224, CKG_MGF1_SHA224,
                                                                        NULL, 0);
         CHECK_CKR(ret, "SHA224 No AAD");
     }
+#endif
+#ifdef WOLFSSL_SHA384
     if (ret == CKR_OK) {
         ret = rsa_oaep_test(session, priv, pub, CKM_SHA384, CKG_MGF1_SHA384,
                                                                        NULL, 0);
         CHECK_CKR(ret, "SHA384 No AAD");
     }
+#endif
+#ifdef WOLFSSL_SHA512
     if (ret == CKR_OK) {
         ret = rsa_oaep_test(session, priv, pub, CKM_SHA512, CKG_MGF1_SHA512,
                                                                        NULL, 0);
         CHECK_CKR(ret, "SHA512 No AAD");
     }
+#endif
 
     funcList->C_DestroyObject(session, pub);
     funcList->C_DestroyObject(session, priv);
@@ -2842,22 +2850,30 @@ static CK_RV test_rsa_fixed_keys_pss(void* args)
         ret = rsa_pss_test(session, priv, pub, CKM_SHA256, CKG_MGF1_SHA256, 32);
         CHECK_CKR(ret, "RSA PKCS#1 PSS - SHA256");
     }
+#ifndef NO_SHA
     if (ret == CKR_OK) {
         ret = rsa_pss_test(session, priv, pub, CKM_SHA1, CKG_MGF1_SHA1, 20);
         CHECK_CKR(ret, "RSA PKCS#1 PSS - SHA1");
     }
+#endif
+#ifdef WOLFSSL_SHA224
     if (ret == CKR_OK) {
         ret = rsa_pss_test(session, priv, pub, CKM_SHA224, CKG_MGF1_SHA224, 28);
         CHECK_CKR(ret, "RSA PKCS#1 PSS - SHA224");
     }
+#endif
+#ifdef WOLFSSL_SHA384
     if (ret == CKR_OK) {
         ret = rsa_pss_test(session, priv, pub, CKM_SHA384, CKG_MGF1_SHA384, 48);
         CHECK_CKR(ret, "RSA PKCS#1 PSS - SHA384");
     }
+#endif
+#ifdef WOLFSSL_SHA512
     if (ret == CKR_OK) {
         ret = rsa_pss_test(session, priv, pub, CKM_SHA512, CKG_MGF1_SHA512, 64);
         CHECK_CKR(ret, "RSA PKCS#1 PSS - SHA512");
     }
+#endif
 
     funcList->C_DestroyObject(session, pub);
     funcList->C_DestroyObject(session, priv);