No more OPENSSL_ALL

Author: anhu

tests/api.c

@@ -14431,7 +14431,7 @@ static int test_wolfSSL_X509_ACERT_misc_api(void)
 {
     EXPECT_DECLS;
 #if defined(WOLFSSL_ACERT) && !defined(NO_CERTS) && !defined(NO_RSA) && \
-    !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
+    !defined(NO_FILESYSTEM) && defined(WC_RSA_PSS)
     const char * acerts[4] = {"certs/acert/acert.pem",
                               "certs/acert/acert_ietf.pem",
                               "certs/acert/rsa_pss/acert.pem",
@@ -24189,7 +24189,7 @@ static int test_wolfSSL_PEM_read_PrivateKey(void)
 #ifndef NO_DH
     /* Read in a DH key. */
     ExpectTrue((file = XFOPEN(fname_dh, "rb")) != XBADFILE);
-#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
+#if (defined(WOLFSSL_QT) || defined(WC_RSA_PSS) || \
      defined(WOLFSSL_OPENSSH)) && (!defined(HAVE_FIPS) || \
      (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
     ExpectNotNull(pkey = PEM_read_PrivateKey(file, NULL, NULL, NULL));
@@ -24591,7 +24591,7 @@ static int test_wolfSSL_PEM_PrivateKey_dh(void)
     EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_DH) && \
     !defined(NO_FILESYSTEM) && !defined(NO_BIO)
-#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
+#if (defined(WOLFSSL_QT) || defined(WC_RSA_PSS) || \
      defined(WOLFSSL_OPENSSH)) && (!defined(HAVE_FIPS) || \
      (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
     BIO*      bio = NULL;

wolfcrypt/src/evp.c

@@ -2541,9 +2541,11 @@ WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_E
 #if !defined(NO_RSA)
     ctx->padding = WC_RSA_PKCS1_PADDING;
     ctx->md = NULL;
+#ifdef WC_RSA_PSS
     ctx->mgf1_md = NULL;
     ctx->saltlen = 0;
 #endif
+#endif
 #ifdef HAVE_ECC
     if (pkey->ecc && pkey->ecc->group) {
         /* set curve NID from pkey if available */
@@ -3330,7 +3332,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
             return WOLFSSL_SUCCESS;
         }
 
-#if defined(OPENSSL_ALL) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
+#if defined(WC_RSA_PSS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
         /* Handle PSS padding using RSA_padding_add_PKCS1_PSS_mgf1 if saltlen
          * or mgf1 hash were set.  Use generic signing otherwise. */
         if (ctx->mgf1_md || ctx->saltlen) {
@@ -3372,7 +3374,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
             *siglen = (size_t)usiglen;
             return WOLFSSL_SUCCESS;
         } else
-#endif /* OPENSSL_ALL */
+#endif /* WC_RSA_PSS && (!HAVE_FIPS || FIPS_VERSION > 2.0) */
         {
             /* Use existing method for other padding types */
             if (wolfSSL_RSA_sign_generic_padding(wolfSSL_EVP_MD_type(ctx->md), tbs,
@@ -3519,7 +3521,7 @@ int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig,
     switch (ctx->pkey->type) {
 #ifndef NO_RSA
     case WC_EVP_PKEY_RSA:
-#if defined(OPENSSL_ALL) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
+#if defined(WC_RSA_PSS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
         /* Verify PSS padding using wolfSSL_RSA_verify_PKCS1_PSS_mgf1 if saltlen
          * or mgf1 hash were set. Do generic verification otherwise. */
         if (ctx->mgf1_md || ctx->saltlen) {
@@ -3557,7 +3559,7 @@ int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig,
 
             return WOLFSSL_SUCCESS;
         } else
-#endif /* OPENSSL_ALL */
+#endif /* WC_RSA_PSS && (!HAVE_FIPS || FIPS_VERSION > 2.0) */
         {
             /* Use existing method for other padding types */
             return wolfSSL_RSA_verify_ex(wolfSSL_EVP_MD_type(ctx->md), tbs,