Skip to content

Commit c12c3e0

Browse files
dgarskedgarske
committed
Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384.
1 parent 2b55041 commit c12c3e0

File tree

11 files changed

+139
-81
lines changed

11 files changed

+139
-81
lines changed

.github/workflows/os-check.yml

+1
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ jobs:
4242
--enable-psk --enable-aesccm --enable-nullcipher CPPFLAGS=-DWOLFSSL_STATIC_RSA',
4343
'--enable-ascon --enable-experimental',
4444
'--enable-ascon CPPFLAGS=-DWOLFSSL_ASCON_UNROLL --enable-experimental',
45+
'--enable-all CPPFLAGS=''-DNO_AES_192 -DNO_AES_256'' ',
4546
]
4647
name: make check
4748
if: github.repository_owner == 'wolfssl'

src/quic.c

+4
Original file line numberDiff line numberDiff line change
@@ -989,12 +989,16 @@ const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
989989

990990
switch (cipher->cipherSuite) {
991991
#if !defined(NO_AES) && defined(HAVE_AESGCM)
992+
#ifdef WOLFSSL_AES_128
992993
case TLS_AES_128_GCM_SHA256:
993994
evp_cipher = wolfSSL_EVP_aes_128_gcm();
994995
break;
996+
#endif
997+
#ifdef WOLFSSL_AES_256
995998
case TLS_AES_256_GCM_SHA384:
996999
evp_cipher = wolfSSL_EVP_aes_256_gcm();
9971000
break;
1001+
#endif
9981002
#endif
9991003
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
10001004
case TLS_CHACHA20_POLY1305_SHA256:

src/ssl_crypto.c

+11-2
Original file line numberDiff line numberDiff line change
@@ -2149,8 +2149,17 @@ int wolfSSL_CMAC_Init(WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keySz,
21492149
ret = 0;
21502150
}
21512151
/* Only AES-CBC ciphers are supported. */
2152-
if ((ret == 1) && (cipher != EVP_AES_128_CBC) &&
2153-
(cipher != EVP_AES_192_CBC) && (cipher != EVP_AES_256_CBC)) {
2152+
if ((ret == 1)
2153+
#ifdef WOLFSSL_AES_128
2154+
&& (cipher != EVP_AES_128_CBC)
2155+
#endif
2156+
#ifdef WOLFSSL_AES_192
2157+
&& (cipher != EVP_AES_192_CBC)
2158+
#endif
2159+
#ifdef WOLFSSL_AES_256
2160+
&& (cipher != EVP_AES_256_CBC)
2161+
#endif
2162+
) {
21542163
WOLFSSL_MSG("wolfSSL_CMAC_Init: requested cipher is unsupported");
21552164
ret = 0;
21562165
}

0 commit comments

Comments
 (0)