From 10a12b76e63fe6678c46d4dbec67848ae45ef56d Mon Sep 17 00:00:00 2001 From: Josh Holtrop Date: Thu, 4 Dec 2025 09:09:04 -0500 Subject: [PATCH] Rust wrapper: support more wolfcrypt build configurations --- .github/workflows/rust-wrapper.yml | 73 ++++++++-------- wolfssl/wolfcrypt/sha512.h | 2 +- wrapper/rust/wolfssl/build.rs | 9 ++ wrapper/rust/wolfssl/src/wolfcrypt/dh.rs | 58 +++++++++---- wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs | 91 +++++++++++++++----- wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs | 2 + wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs | 26 +++--- wrapper/rust/wolfssl/src/wolfcrypt/prf.rs | 8 ++ wrapper/rust/wolfssl/src/wolfcrypt/random.rs | 2 + wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs | 48 +++++++++-- wrapper/rust/wolfssl/src/wolfcrypt/sha.rs | 12 +-- wrapper/rust/wolfssl/tests/test_dh.rs | 9 +- wrapper/rust/wolfssl/tests/test_ecc.rs | 48 ++++++----- wrapper/rust/wolfssl/tests/test_hmac.rs | 2 + wrapper/rust/wolfssl/tests/test_kdf.rs | 14 +-- wrapper/rust/wolfssl/tests/test_prf.rs | 4 +- wrapper/rust/wolfssl/tests/test_random.rs | 2 + wrapper/rust/wolfssl/tests/test_rsa.rs | 7 +- wrapper/rust/wolfssl/tests/test_sha.rs | 4 +- 19 files changed, 284 insertions(+), 137 deletions(-) diff --git a/.github/workflows/rust-wrapper.yml b/.github/workflows/rust-wrapper.yml index 44f382123..7f91a3074 100644 --- a/.github/workflows/rust-wrapper.yml +++ b/.github/workflows/rust-wrapper.yml @@ -36,43 +36,38 @@ jobs: config: [ # Add new configs here '', - '--enable-all --enable-asn=template', - '--enable-all --enable-asn=original', - '--enable-all --enable-asn=template CPPFLAGS=-DWOLFSSL_OLD_OID_SUM', - '--enable-all --enable-asn=original CPPFLAGS=-DWOLFSSL_OLD_OID_SUM', - '--enable-harden-tls', - '--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13 - --enable-opensslextra --enable-sessioncerts - CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE - -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ', - '--enable-all --enable-secure-renegotiation', - '--enable-all --enable-haproxy --enable-quic', - '--enable-dtls --enable-dtls13 --enable-earlydata - --enable-session-ticket --enable-psk - CPPFLAGS=''-DWOLFSSL_DTLS13_NO_HRR_ON_RESUME'' ', - '--enable-experimental --enable-kyber --enable-dtls --enable-dtls13 - --enable-dtls-frag-ch', - '--enable-all --enable-dtls13 --enable-dtls-frag-ch', - '--enable-dtls --enable-dtls13 --enable-dtls-frag-ch - --enable-dtls-mtu', - '--enable-dtls --enable-dtlscid --enable-dtls13 --enable-secure-renegotiation - --enable-psk --enable-aesccm --enable-nullcipher - CPPFLAGS=-DWOLFSSL_STATIC_RSA', - '--enable-ascon --enable-experimental', - '--enable-ascon CPPFLAGS=-DWOLFSSL_ASCON_UNROLL --enable-experimental', - '--enable-sniffer --enable-curve25519 --enable-curve448 --enable-enckeys - CPPFLAGS=-DWOLFSSL_DH_EXTRA', - '--enable-dtls --enable-dtls13 --enable-dtls-frag-ch - --enable-dtls-mtu CPPFLAGS=-DWOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS', - '--enable-opensslextra CPPFLAGS=''-DWOLFSSL_NO_CA_NAMES'' ', - '--enable-opensslextra=x509small', - 'CPPFLAGS=''-DWOLFSSL_EXTRA'' ', - '--enable-lms=small,verify-only --enable-xmss=small,verify-only', - '--disable-sys-ca-certs', - '--enable-all CPPFLAGS=-DWOLFSSL_DEBUG_CERTS ', - '--enable-coding=no', - '--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2 - --enable-cert-setup-cb --enable-sessioncerts', - '--disable-sni --disable-ecc --disable-tls13 --disable-secure-renegotiation-info', - 'CPPFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY', + '--enable-all', + '--enable-cryptonly --disable-examples', + '--enable-cryptonly --disable-examples --disable-aes --disable-aesgcm', + '--enable-cryptonly --disable-examples --disable-aescbc', + '--enable-cryptonly --disable-examples --disable-aeseax', + '--enable-cryptonly --disable-examples --disable-aesecb', + '--enable-cryptonly --disable-examples --disable-aesccm', + '--enable-cryptonly --disable-examples --disable-aescfb', + '--enable-cryptonly --disable-examples --disable-aesctr', + '--enable-cryptonly --disable-examples --disable-aescts', + '--enable-cryptonly --disable-examples --disable-aesgcm', + '--enable-cryptonly --disable-examples --disable-aesgcm-stream', + '--enable-cryptonly --disable-examples --disable-aesofb', + '--enable-cryptonly --disable-examples --disable-aesxts', + '--enable-cryptonly --disable-examples --disable-cmac', + '--enable-cryptonly --disable-examples --disable-dh', + '--enable-cryptonly --disable-examples --disable-ecc', + '--enable-cryptonly --disable-examples --disable-ed25519', + '--enable-cryptonly --disable-examples --disable-ed25519-stream', + '--enable-cryptonly --disable-examples --disable-ed448', + '--enable-cryptonly --disable-examples --disable-ed448-stream', + '--enable-cryptonly --disable-examples --disable-hkdf', + '--enable-cryptonly --disable-examples --disable-hmac', + '--enable-cryptonly --disable-examples --disable-rng', + '--enable-cryptonly --disable-examples --disable-rsa', + '--enable-cryptonly --disable-examples --disable-rsapss', + '--enable-cryptonly --disable-examples --disable-sha224', + '--enable-cryptonly --disable-examples --disable-sha3', + '--enable-cryptonly --disable-examples --disable-sha384', + '--enable-cryptonly --disable-examples --disable-sha512', + '--enable-cryptonly --disable-examples --disable-shake128', + '--enable-cryptonly --disable-examples --disable-shake256', + '--enable-cryptonly --disable-examples --disable-srtp-kdf', + '--enable-cryptonly --disable-examples --disable-x963kdf', ] diff --git a/wolfssl/wolfcrypt/sha512.h b/wolfssl/wolfcrypt/sha512.h index 7872c0b0e..41945927a 100644 --- a/wolfssl/wolfcrypt/sha512.h +++ b/wolfssl/wolfcrypt/sha512.h @@ -229,7 +229,7 @@ struct wc_Sha512 { #endif /* HAVE_FIPS */ -#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) +#if defined(WOLFSSL_SHA512) #ifdef WOLFSSL_ARMASM #if !defined(WOLFSSL_ARMASM_NO_NEON) diff --git a/wrapper/rust/wolfssl/build.rs b/wrapper/rust/wolfssl/build.rs index 53e6827e5..5a77eab0b 100644 --- a/wrapper/rust/wolfssl/build.rs +++ b/wrapper/rust/wolfssl/build.rs @@ -163,6 +163,9 @@ fn scan_cfg() -> Result<()> { /* hkdf */ check_cfg(&binding, "wc_HKDF_Extract_ex", "hkdf"); + /* hmac */ + check_cfg(&binding, "wc_HmacSetKey", "hmac"); + /* kdf */ check_cfg(&binding, "wc_PBKDF2", "kdf_pbkdf2"); check_cfg(&binding, "wc_PKCS12_PBKDF_ex", "kdf_pkcs12"); @@ -170,8 +173,12 @@ fn scan_cfg() -> Result<()> { check_cfg(&binding, "wc_SSH_KDF", "kdf_ssh"); check_cfg(&binding, "wc_Tls13_HKDF_Extract_ex", "kdf_tls13"); + /* prf */ + check_cfg(&binding, "wc_PRF", "prf"); + /* random */ check_cfg(&binding, "wc_RNG_DRBG_Reseed", "random_hashdrbg"); + check_cfg(&binding, "wc_InitRng", "random"); /* rsa */ check_cfg(&binding, "wc_InitRsaKey", "rsa"); @@ -181,7 +188,9 @@ fn scan_cfg() -> Result<()> { /* sha */ check_cfg(&binding, "wc_InitSha", "sha"); + check_cfg(&binding, "wc_InitSha224", "sha224"); check_cfg(&binding, "wc_InitSha256", "sha256"); + check_cfg(&binding, "wc_InitSha384", "sha384"); check_cfg(&binding, "wc_InitSha512", "sha512"); check_cfg(&binding, "wc_InitSha3_224", "sha3"); check_cfg(&binding, "wc_InitShake128", "shake128"); diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs b/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs index af3e5a826..0e0137ac0 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/dh.rs @@ -29,6 +29,7 @@ wolfSSL `DhKey` object. It ensures proper initialization and deallocation. #![cfg(dh)] use crate::sys; +#[cfg(random)] use crate::wolfcrypt::random::RNG; use std::mem::{MaybeUninit}; @@ -73,7 +74,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -125,7 +126,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -177,7 +178,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_keygen)] + /// #[cfg(all(dh_keygen, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -185,7 +186,7 @@ impl DH { /// let mut dh = DH::generate(&mut rng, 2048).expect("Error with generate()"); /// } /// ``` - #[cfg(dh_keygen)] + #[cfg(all(dh_keygen, random))] pub fn generate(rng: &mut RNG, modulus_size: i32) -> Result { Self::generate_ex(rng, modulus_size, None, None) } @@ -208,7 +209,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_keygen)] + /// #[cfg(all(dh_keygen, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -216,7 +217,7 @@ impl DH { /// let mut dh = DH::generate_ex(&mut rng, 2048, None, None).expect("Error with generate_ex()"); /// } /// ``` - #[cfg(dh_keygen)] + #[cfg(all(dh_keygen, random))] pub fn generate_ex(rng: &mut RNG, modulus_size: i32, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_dhkey: MaybeUninit = MaybeUninit::uninit(); let heap = match heap { @@ -255,7 +256,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -279,7 +280,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -309,7 +310,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -337,7 +338,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -382,6 +383,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -453,6 +456,7 @@ impl DH { /// 0x05, 0x45, 0x15, 0xf8, 0xa2, 0x4e, 0xf3, 0x0b /// ]; /// let dh = DH::new_from_pg(&p, &g).expect("Error with new_from_pg()"); + /// } /// ``` pub fn new_from_pg(p: &[u8], g: &[u8]) -> Result { Self::new_from_pg_ex(p, g, None, None) @@ -476,6 +480,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -547,6 +553,7 @@ impl DH { /// 0x05, 0x45, 0x15, 0xf8, 0xa2, 0x4e, 0xf3, 0x0b /// ]; /// let dh = DH::new_from_pg_ex(&p, &g, None, None).expect("Error with new_from_pg_ex()"); + /// } /// ``` pub fn new_from_pg_ex(p: &[u8], g: &[u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let p_size = p.len() as u32; @@ -591,6 +598,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -668,6 +677,7 @@ impl DH { /// 0x40, 0x52, 0xed, 0x41 /// ]; /// let dh = DH::new_from_pgq(&p, &g, &q).expect("Error with new_from_pgq()"); + /// } /// ``` pub fn new_from_pgq(p: &[u8], g: &[u8], q: &[u8]) -> Result { Self::new_from_pgq_ex(p, g, q, None, None) @@ -692,6 +702,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -769,6 +781,7 @@ impl DH { /// 0x40, 0x52, 0xed, 0x41 /// ]; /// let dh = DH::new_from_pgq_ex(&p, &g, &q, None, None).expect("Error with new_from_pgq_ex()"); + /// } /// ``` pub fn new_from_pgq_ex(p: &[u8], g: &[u8], q: &[u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let p_size = p.len() as u32; @@ -818,6 +831,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -896,7 +911,9 @@ impl DH { /// ]; /// let mut rng = RNG::new().expect("Failed to create RNG"); /// let dh = DH::new_from_pgq_with_check(&p, &g, &q, 0, &mut rng).expect("Error with new_from_pgq_with_check()"); + /// } /// ``` + #[cfg(random)] pub fn new_from_pgq_with_check(p: &[u8], g: &[u8], q: &[u8], trusted: i32, rng: &mut RNG) -> Result { Self::new_from_pgq_with_check_ex(p, g, q, trusted, rng, None, None) } @@ -923,6 +940,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -1001,7 +1020,9 @@ impl DH { /// ]; /// let mut rng = RNG::new().expect("Failed to create RNG"); /// let dh = DH::new_from_pgq_with_check_ex(&p, &g, &q, 0, &mut rng, None, None).expect("Error with new_from_pgq_with_check_ex()"); + /// } /// ``` + #[cfg(random)] pub fn new_from_pgq_with_check_ex(p: &[u8], g: &[u8], q: &[u8], trusted: i32, rng: &mut RNG, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let p_size = p.len() as u32; let g_size = g.len() as u32; @@ -1046,7 +1067,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -1092,7 +1113,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -1138,6 +1159,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -1223,6 +1246,7 @@ impl DH { /// dh.generate_key_pair(&mut rng, &mut private, &mut private_size, &mut public, &mut public_size).expect("Error with generate_key_pair()"); /// let private = &private[0..(private_size as usize)]; /// dh.check_priv_key_ex(private, Some(&q)).expect("Error with check_priv_key_ex()"); + /// } /// ``` pub fn check_priv_key_ex(&mut self, private: &[u8], prime: Option<&[u8]>) -> Result<(), i32> { let private_size = private.len() as u32; @@ -1259,7 +1283,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -1302,6 +1326,8 @@ impl DH { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; /// let p = [ @@ -1394,6 +1420,7 @@ impl DH { /// dh.generate_key_pair(&mut rng, &mut private, &mut private_size, &mut public, &mut public_size).expect("Error with generate_key_pair()"); /// let public = &public[0..(public_size as usize)]; /// dh.check_pub_key_ex(public, &q0).expect("Error with check_pub_key_ex()"); + /// } /// ``` pub fn check_pub_key_ex(&mut self, public: &[u8], prime: &[u8]) -> Result<(), i32> { let public_size = public.len() as u32; @@ -1461,7 +1488,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; @@ -1474,6 +1501,7 @@ impl DH { /// dh.generate_key_pair(&mut rng, &mut private, &mut private_size, &mut public, &mut public_size).expect("Error with generate_key_pair()"); /// } /// ``` + #[cfg(random)] pub fn generate_key_pair(&mut self, rng: &mut RNG, private: &mut [u8], private_size: &mut u32, public: &mut [u8], public_size: &mut u32) -> Result<(), i32> { @@ -1506,7 +1534,7 @@ impl DH { /// # Example /// /// ```rust - /// #[cfg(dh_ffdhe_2048)] + /// #[cfg(all(dh_ffdhe_2048, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::dh::DH; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs b/wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs index 68e2cb90d..89f3fe9e4 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs @@ -29,6 +29,7 @@ wolfSSL `ecc_key` object. It ensures proper initialization and deallocation. #![cfg(ecc)] use crate::sys; +#[cfg(random)] use crate::wolfcrypt::random::RNG; use std::mem::{MaybeUninit}; @@ -55,7 +56,7 @@ impl ECCPoint { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::{ECC,ECCPoint}; @@ -113,7 +114,7 @@ impl ECCPoint { /// # Example /// /// ```rust - /// #[cfg(all(ecc_import, ecc_export, ecc_comp_key))] + /// #[cfg(all(ecc_import, ecc_export, ecc_comp_key, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::{ECC,ECCPoint}; @@ -168,7 +169,7 @@ impl ECCPoint { /// # Example /// /// ```rust - /// #[cfg(ecc_export)] + /// #[cfg(all(ecc_export, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::{ECC,ECCPoint}; @@ -215,7 +216,7 @@ impl ECCPoint { /// # Example /// /// ```rust - /// #[cfg(all(ecc_export, ecc_comp_key))] + /// #[cfg(all(ecc_export, ecc_comp_key, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::{ECC,ECCPoint}; @@ -251,12 +252,15 @@ impl ECCPoint { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); /// let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); /// let mut ecc_point = ecc.make_pub_to_point(Some(&mut rng), None).expect("Error with make_pub_to_point()"); /// ecc_point.forcezero(); + /// } /// ``` pub fn forcezero(&mut self) { unsafe { sys::wc_ecc_forcezero_point(self.wc_ecc_point) }; @@ -350,12 +354,16 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); /// let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); /// ecc.check().expect("Error with check()"); + /// } /// ``` + #[cfg(random)] pub fn generate(size: i32, rng: &mut RNG, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_ecc_key: MaybeUninit = MaybeUninit::uninit(); let heap = match heap { @@ -401,6 +409,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); @@ -408,7 +418,9 @@ impl ECC { /// let curve_size = ECC::get_curve_size_from_id(curve_id).expect("Error with get_curve_size_from_id()"); /// let mut ecc = ECC::generate_ex(curve_size, &mut rng, curve_id, None, None).expect("Error with generate_ex()"); /// ecc.check().expect("Error with check()"); + /// } /// ``` + #[cfg(random)] pub fn generate_ex(size: i32, rng: &mut RNG, curve_id: i32, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_ecc_key: MaybeUninit = MaybeUninit::uninit(); let heap = match heap { @@ -455,6 +467,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); @@ -462,7 +476,9 @@ impl ECC { /// let curve_size = ECC::get_curve_size_from_id(curve_id).expect("Error with get_curve_size_from_id()"); /// let mut ecc = ECC::generate_ex2(curve_size, &mut rng, curve_id, ECC::FLAG_COFACTOR, None, None).expect("Error with generate_ex2()"); /// ecc.check().expect("Error with check()"); + /// } /// ``` + #[cfg(random)] pub fn generate_ex2(size: i32, rng: &mut RNG, curve_id: i32, flags: i32, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_ecc_key: MaybeUninit = MaybeUninit::uninit(); let heap = match heap { @@ -503,6 +519,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); @@ -510,6 +528,7 @@ impl ECC { /// let curve_size = ECC::get_curve_size_from_id(curve_id).expect("Error with get_curve_size_from_id()"); /// let mut ecc = ECC::generate_ex(curve_size, &mut rng, curve_id, None, None).expect("Error with generate()"); /// ecc.check().expect("Error with check()"); + /// } /// ``` pub fn get_curve_size_from_id(curve_id: i32) -> Result { let rc = unsafe { sys::wc_ecc_get_curve_size_from_id(curve_id) }; @@ -535,6 +554,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// use std::fs; @@ -542,6 +563,7 @@ impl ECC { /// let key_path = "../../../certs/ecc-client-key.der"; /// let der: Vec = fs::read(key_path).expect("Error reading key file"); /// let mut ecc = ECC::import_der(&der, None, None).expect("Error with import_der()"); + /// } /// ``` pub fn import_der(der: &[u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_ecc_key: MaybeUninit = MaybeUninit::uninit(); @@ -586,6 +608,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// use std::fs; @@ -601,6 +625,7 @@ impl ECC { /// let key_path = "../../../certs/ecc-client-keyPub.der"; /// let der: Vec = fs::read(key_path).expect("Error reading key file"); /// let mut ecc = ECC::import_public_der(&der, None, None).expect("Error with import_public_der()"); + /// } /// ``` pub fn import_public_der(der: &[u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_ecc_key: MaybeUninit = MaybeUninit::uninit(); @@ -650,7 +675,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -721,7 +746,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -794,7 +819,6 @@ impl ECC { /// ```rust /// #[cfg(ecc_import)] /// { - /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let qx = b"7a4e287890a1a47ad3457e52f2f76a83ce46cbc947616d0cbaa82323818a793d\0"; /// let qy = b"eec4084f5b29ebf29c44cce3b3059610922f8b30ea6e8811742ac7238fe87308\0"; @@ -855,7 +879,6 @@ impl ECC { /// ```rust /// #[cfg(ecc_import)] /// { - /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let qx = b"7a4e287890a1a47ad3457e52f2f76a83ce46cbc947616d0cbaa82323818a793d\0"; /// let qy = b"eec4084f5b29ebf29c44cce3b3059610922f8b30ea6e8811742ac7238fe87308\0"; @@ -913,7 +936,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -977,7 +1000,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1039,7 +1062,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1100,6 +1123,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1131,6 +1156,7 @@ impl ECC { /// let mut sig_out = [0u8; 128]; /// let sig_out_size = ECC::rs_hex_to_sig(&r_hex_string[0..r_hex_string.len()].as_bytes(), &s_hex_string[0..s_hex_string.len()].as_bytes(), &mut sig_out).expect("Error with rs_hex_to_sig()"); /// assert_eq!(*signature, *&sig_out[0..sig_out_size]); + /// } /// ``` pub fn rs_hex_to_sig(r: &[u8], s: &[u8], dout: &mut [u8]) -> Result { let mut dout_size = dout.len() as u32; @@ -1163,6 +1189,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1184,6 +1212,7 @@ impl ECC { /// let mut sig_out = [0u8; 128]; /// let sig_out_size = ECC::rs_bin_to_sig(r, s, &mut sig_out).expect("Error with rs_bin_to_sig()"); /// assert_eq!(*signature, *&sig_out[0..sig_out_size]); + /// } /// ``` pub fn rs_bin_to_sig(r: &[u8], s: &[u8], dout: &mut [u8]) -> Result { let r_size = r.len() as u32; @@ -1212,6 +1241,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1233,6 +1264,7 @@ impl ECC { /// let mut sig_out = [0u8; 128]; /// let sig_out_size = ECC::rs_bin_to_sig(r, s, &mut sig_out).expect("Error with rs_bin_to_sig()"); /// assert_eq!(*signature, *&sig_out[0..sig_out_size]); + /// } /// ``` pub fn sig_to_rs(sig: &[u8], r: &mut [u8], r_size: &mut u32, s: &mut [u8], s_size: &mut u32) -> Result<(), i32> { let sig_len = sig.len() as u32; @@ -1258,11 +1290,14 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); /// let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); /// ecc.check().expect("Error with check()"); + /// } /// ``` pub fn check(&mut self) -> Result<(), i32> { let rc = unsafe { sys::wc_ecc_check_key(&mut self.wc_ecc_key) }; @@ -1291,7 +1326,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1346,7 +1381,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_import)] + /// #[cfg(all(ecc_import, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1402,7 +1437,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_export)] + /// #[cfg(all(ecc_export, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1443,7 +1478,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_export)] + /// #[cfg(all(ecc_export, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1486,7 +1521,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_export)] + /// #[cfg(all(ecc_export, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1522,7 +1557,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(all(ecc_export, ecc_comp_key))] + /// #[cfg(all(ecc_export, ecc_comp_key, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1559,6 +1594,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1567,7 +1604,9 @@ impl ECC { /// let der: Vec = fs::read(key_path).expect("Error reading key file"); /// let mut ecc = ECC::import_der(&der, None, None).expect("Error with import_der()"); /// ecc.make_pub(Some(&mut rng)).expect("Error with make_pub()"); + /// } /// ``` + #[cfg(random)] pub fn make_pub(&mut self, rng: Option<&mut RNG>) -> Result<(), i32> { let rng_ptr = match rng { Some(rng) => &mut rng.wc_rng, @@ -1598,6 +1637,8 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1606,7 +1647,9 @@ impl ECC { /// let der: Vec = fs::read(key_path).expect("Error reading key file"); /// let mut ecc = ECC::import_der(&der, None, None).expect("Error with import_der()"); /// ecc.make_pub_to_point(Some(&mut rng), None).expect("Error with make_pub_to_point()"); + /// } /// ``` + #[cfg(random)] pub fn make_pub_to_point(&mut self, rng: Option<&mut RNG>, heap: Option<*mut std::os::raw::c_void>) -> Result { let rng_ptr = match rng { Some(rng) => &mut rng.wc_rng, @@ -1649,12 +1692,16 @@ impl ECC { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; /// let mut rng = RNG::new().expect("Failed to create RNG"); /// let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); /// ecc.set_rng(&mut rng).expect("Error with set_rng()"); + /// } /// ``` + #[cfg(random)] pub fn set_rng(&mut self, rng: &mut RNG) -> Result<(), i32> { let rc = unsafe { sys::wc_ecc_set_rng(&mut self.wc_ecc_key, &mut rng.wc_rng) @@ -1681,7 +1728,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_dh)] + /// #[cfg(all(ecc_dh, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1730,7 +1777,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_dh)] + /// #[cfg(all(ecc_dh, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1779,7 +1826,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_sign)] + /// #[cfg(all(ecc_sign, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; @@ -1793,7 +1840,7 @@ impl ECC { /// assert_eq!(valid, true); /// } /// ``` - #[cfg(ecc_sign)] + #[cfg(all(ecc_sign, random))] pub fn sign_hash(&mut self, din: &[u8], dout: &mut [u8], rng: &mut RNG) -> Result { let din_size = din.len() as u32; let mut dout_size = dout.len() as u32; @@ -1822,7 +1869,7 @@ impl ECC { /// # Example /// /// ```rust - /// #[cfg(ecc_verify)] + /// #[cfg(all(ecc_verify, random))] /// { /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::ecc::ECC; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs b/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs index d40c36874..b21cd0577 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs @@ -23,6 +23,8 @@ This module provides a Rust wrapper for the wolfCrypt library's HMAC functionality. */ +#![cfg(hmac)] + use crate::sys; use std::mem::MaybeUninit; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs b/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs index c2a564c1b..901f2f7f1 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs @@ -24,7 +24,7 @@ Function (KDF) functionality. */ use crate::sys; -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] use crate::wolfcrypt::hmac::HMAC; #[cfg(kdf_srtp)] @@ -64,7 +64,7 @@ pub const SRTP_LABEL_HDR_SALT: u8 = sys::WC_SRTP_LABEL_HDR_SALT as u8; /// # Example /// /// ```rust -/// #[cfg(kdf_pbkdf2)] +/// #[cfg(all(hmac, kdf_pbkdf2))] /// { /// use wolfssl::wolfcrypt::kdf::pbkdf2; /// use wolfssl::wolfcrypt::hmac::HMAC; @@ -108,7 +108,7 @@ pub fn pbkdf2(password: &[u8], salt: &[u8], iterations: i32, typ: i32, out: &mut /// # Example /// /// ```rust -/// #[cfg(kdf_pbkdf2)] +/// #[cfg(all(hmac, kdf_pbkdf2))] /// { /// use wolfssl::wolfcrypt::kdf::pbkdf2_ex; /// use wolfssl::wolfcrypt::hmac::HMAC; @@ -176,7 +176,7 @@ pub fn pbkdf2_ex(password: &[u8], salt: &[u8], iterations: i32, typ: i32, heap: /// # Example /// /// ```rust -/// #[cfg(kdf_pkcs12)] +/// #[cfg(all(hmac, kdf_pkcs12))] /// { /// use wolfssl::wolfcrypt::kdf::pkcs12_pbkdf; /// use wolfssl::wolfcrypt::hmac::HMAC; @@ -229,7 +229,7 @@ pub fn pkcs12_pbkdf(password: &[u8], salt: &[u8], iterations: i32, typ: i32, id: /// # Example /// /// ```rust -/// #[cfg(kdf_pkcs12)] +/// #[cfg(all(hmac, kdf_pkcs12))] /// { /// use wolfssl::wolfcrypt::kdf::pkcs12_pbkdf_ex; /// use wolfssl::wolfcrypt::hmac::HMAC; @@ -284,7 +284,7 @@ pub fn pkcs12_pbkdf_ex(password: &[u8], salt: &[u8], iterations: i32, typ: i32, /// # Example /// /// ```rust -/// #[cfg(kdf_tls13)] +/// #[cfg(all(hmac, kdf_tls13))] /// { /// use wolfssl::wolfcrypt::hmac::HMAC; /// use wolfssl::wolfcrypt::kdf::*; @@ -293,7 +293,7 @@ pub fn pkcs12_pbkdf_ex(password: &[u8], salt: &[u8], iterations: i32, typ: i32, /// tls13_hkdf_extract(HMAC::TYPE_SHA256, None, None, &mut secret).expect("Error with tls13_hkdf_extract()"); /// } /// ``` -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] pub fn tls13_hkdf_extract(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8]>, out: &mut [u8]) -> Result<(), i32> { tls13_hkdf_extract_ex(typ, salt, key, out, None, None) } @@ -320,7 +320,7 @@ pub fn tls13_hkdf_extract(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8]>, /// # Example /// /// ```rust -/// #[cfg(kdf_tls13)] +/// #[cfg(all(hmac, kdf_tls13))] /// { /// use wolfssl::wolfcrypt::hmac::HMAC; /// use wolfssl::wolfcrypt::kdf::*; @@ -329,7 +329,7 @@ pub fn tls13_hkdf_extract(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8]>, /// tls13_hkdf_extract_ex(HMAC::TYPE_SHA256, None, None, &mut secret, None, None).expect("Error with tls13_hkdf_extract_ex()"); /// } /// ``` -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] pub fn tls13_hkdf_extract_ex(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8]>, out: &mut [u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result<(), i32> { let mut salt_ptr = core::ptr::null(); let mut salt_size = 0u32; @@ -388,7 +388,7 @@ pub fn tls13_hkdf_extract_ex(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8 /// # Example /// /// ```rust -/// #[cfg(kdf_tls13)] +/// #[cfg(all(hmac, kdf_tls13))] /// { /// use wolfssl::wolfcrypt::hmac::HMAC; /// use wolfssl::wolfcrypt::kdf::*; @@ -414,7 +414,7 @@ pub fn tls13_hkdf_extract_ex(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8 /// &hash_hello1, &mut expand_out).expect("Error with tls13_hkdf_expand_label()"); /// } /// ``` -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] pub fn tls13_hkdf_expand_label(typ: i32, key: &[u8], protocol: &[u8], label: &[u8], info: &[u8], out: &mut [u8]) -> Result<(), i32> { tls13_hkdf_expand_label_ex(typ, key, protocol, label, info, out, None, None) } @@ -445,7 +445,7 @@ pub fn tls13_hkdf_expand_label(typ: i32, key: &[u8], protocol: &[u8], label: &[u /// # Example /// /// ```rust -/// #[cfg(kdf_tls13)] +/// #[cfg(all(hmac, kdf_tls13))] /// { /// use wolfssl::wolfcrypt::hmac::HMAC; /// use wolfssl::wolfcrypt::kdf::*; @@ -471,7 +471,7 @@ pub fn tls13_hkdf_expand_label(typ: i32, key: &[u8], protocol: &[u8], label: &[u /// &hash_hello1, &mut expand_out, None, None).expect("Error with tls13_hkdf_expand_label_ex()"); /// } /// ``` -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] #[allow(clippy::too_many_arguments)] pub fn tls13_hkdf_expand_label_ex(typ: i32, key: &[u8], protocol: &[u8], label: &[u8], info: &[u8], out: &mut [u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result<(), i32> { let key_size = key.len() as u32; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/prf.rs b/wrapper/rust/wolfssl/src/wolfcrypt/prf.rs index 9fbd1af61..5a88665cc 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/prf.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/prf.rs @@ -23,6 +23,8 @@ This module provides a Rust wrapper for the wolfCrypt library's Pseudo Random Function (PRF) functionality. */ +#![cfg(prf)] + use crate::sys; pub const PRF_HASH_NONE: i32 = sys::wc_MACAlgorithm_no_mac as i32; @@ -53,6 +55,8 @@ pub const PRF_HASH_SM3: i32 = sys::wc_MACAlgorithm_sm3_mac as i32; /// # Example /// /// ```rust +/// #[cfg(sha384)] +/// { /// use wolfssl::wolfcrypt::prf::*; /// let secret = [0x10u8, 0xbc, 0xb4, 0xa2, 0xe8, 0xdc, 0xf1, 0x9b, 0x4c, /// 0x51, 0x9c, 0xed, 0x31, 0x1b, 0x51, 0x57, 0x02, 0x3f, @@ -69,6 +73,7 @@ pub const PRF_HASH_SM3: i32 = sys::wc_MACAlgorithm_sm3_mac as i32; /// 0x5d, 0x93, 0x5f, 0x4c, 0x92, 0xcc, 0x98, 0x5b, 0x43]; /// let mut out = [0u8; 12]; /// prf(&secret, &seed, PRF_HASH_SHA384, &mut out).expect("Error with prf()"); +/// } /// ``` pub fn prf(secret: &[u8], seed: &[u8], hash_type: i32, dout: &mut [u8]) -> Result<(), i32> { prf_ex(secret, seed, hash_type, None, None, dout) @@ -94,6 +99,8 @@ pub fn prf(secret: &[u8], seed: &[u8], hash_type: i32, dout: &mut [u8]) -> Resul /// # Example /// /// ```rust +/// #[cfg(sha384)] +/// { /// use wolfssl::wolfcrypt::prf::*; /// let secret = [0x10u8, 0xbc, 0xb4, 0xa2, 0xe8, 0xdc, 0xf1, 0x9b, 0x4c, /// 0x51, 0x9c, 0xed, 0x31, 0x1b, 0x51, 0x57, 0x02, 0x3f, @@ -110,6 +117,7 @@ pub fn prf(secret: &[u8], seed: &[u8], hash_type: i32, dout: &mut [u8]) -> Resul /// 0x5d, 0x93, 0x5f, 0x4c, 0x92, 0xcc, 0x98, 0x5b, 0x43]; /// let mut out = [0u8; 12]; /// prf_ex(&secret, &seed, PRF_HASH_SHA384, None, None, &mut out).expect("Error with prf_ex()"); +/// } /// ``` pub fn prf_ex(secret: &[u8], seed: &[u8], hash_type: i32, heap: Option<*mut ::std::os::raw::c_void>, dev_id: Option, dout: &mut [u8]) -> Result<(), i32> { let secret_size = secret.len() as u32; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/random.rs b/wrapper/rust/wolfssl/src/wolfcrypt/random.rs index 7600f2276..820452282 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/random.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/random.rs @@ -42,6 +42,8 @@ rng.generate_block(&mut buffer).expect("Failed to generate a block"); ``` */ +#![cfg(random)] + use crate::sys; use std::mem::{size_of_val, MaybeUninit}; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs b/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs index 2625a4cf2..9b2f30070 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs @@ -28,6 +28,8 @@ wolfSSL `RsaKey` object. It ensures proper initialization and deallocation. # Examples ```rust +#[cfg(random)] +{ use std::fs; use wolfssl::wolfcrypt::random::RNG; use wolfssl::wolfcrypt::rsa::RSA; @@ -50,12 +52,14 @@ let mut plain_out: [u8; 512] = [0; 512]; let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); assert!(dec_len as usize == plain.len()); assert_eq!(plain_out[0..dec_len], *plain); +} ``` */ #![cfg(rsa)] use crate::sys; +#[cfg(random)] use crate::wolfcrypt::random::RNG; use std::mem::{MaybeUninit}; @@ -133,6 +137,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -155,6 +161,7 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` pub fn new_from_der(der: &[u8]) -> Result { Self::new_from_der_ex(der, None, None) @@ -177,6 +184,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -199,6 +208,7 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` pub fn new_from_der_ex(der: &[u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_rsakey: MaybeUninit = MaybeUninit::uninit(); @@ -242,6 +252,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -264,6 +276,7 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` pub fn new_public_from_der(der: &[u8]) -> Result { Self::new_public_from_der_ex(der, None, None) @@ -286,6 +299,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -308,6 +323,7 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` pub fn new_public_from_der_ex(der: &[u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_rsakey: MaybeUninit = MaybeUninit::uninit(); @@ -376,7 +392,7 @@ impl RSA { /// assert_eq!(encrypt_size, 256); /// } /// ``` - #[cfg(rsa_keygen)] + #[cfg(all(random, rsa_keygen))] pub fn generate(size: i32, e: i64, rng: &mut RNG) -> Result { Self::generate_ex(size, e, rng, None, None) } @@ -423,7 +439,7 @@ impl RSA { /// assert_eq!(encrypt_size, 256); /// } /// ``` - #[cfg(rsa_keygen)] + #[cfg(all(random, rsa_keygen))] pub fn generate_ex(size: i32, e: i64, rng: &mut RNG, heap: Option<*mut std::os::raw::c_void>, dev_id: Option) -> Result { let mut wc_rsakey: MaybeUninit = MaybeUninit::uninit(); let heap = match heap { @@ -642,6 +658,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -664,7 +682,9 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` + #[cfg(random)] pub fn public_encrypt(&mut self, din: &[u8], dout: &mut [u8], rng: &mut RNG) -> Result { let din_size = din.len() as u32; let dout_size = dout.len() as u32; @@ -696,6 +716,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -718,6 +740,7 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` pub fn private_decrypt(&mut self, din: &[u8], dout: &mut [u8]) -> Result { let din_size = din.len() as u32; @@ -754,7 +777,7 @@ impl RSA { /// # Example /// /// ```rust - /// #[cfg(rsa_pss)] + /// #[cfg(all(random, rsa_pss))] /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; @@ -784,7 +807,7 @@ impl RSA { /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()"); /// } /// ``` - #[cfg(rsa_pss)] + #[cfg(all(random, rsa_pss))] pub fn pss_sign(&mut self, din: &[u8], dout: &mut [u8], hash_algo: u32, mgf: i32, rng: &mut RNG) -> Result { let din_size = din.len() as u32; let dout_size = dout.len() as u32; @@ -817,7 +840,7 @@ impl RSA { /// # Example /// /// ```rust - /// #[cfg(rsa_pss)] + /// #[cfg(all(random, rsa_pss))] /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; @@ -883,7 +906,7 @@ impl RSA { /// # Example /// /// ```rust - /// #[cfg(rsa_pss)] + /// #[cfg(all(random, rsa_pss))] /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; @@ -954,7 +977,7 @@ impl RSA { /// # Example /// /// ```rust - /// #[cfg(rsa_pss)] + /// #[cfg(all(random, rsa_pss))] /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; @@ -1081,6 +1104,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -1102,7 +1127,9 @@ impl RSA { /// let dec_len = rsa.private_decrypt(&enc[0..enc_len], &mut plain_out).expect("Error with private_decrypt()"); /// assert!(dec_len as usize == plain.len()); /// assert_eq!(plain_out[0..dec_len], *plain); + /// } /// ``` + #[cfg(random)] pub fn set_rng(&mut self, rng: &mut RNG) -> Result<(), i32> { let rc = unsafe { sys::wc_RsaSetRNG(&mut self.wc_rsakey, &mut rng.wc_rng) @@ -1132,6 +1159,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -1154,7 +1183,9 @@ impl RSA { /// let mut verify_out: [u8; 512] = [0; 512]; /// let verify_out_size = rsa.ssl_verify(signature, &mut verify_out).expect("Error with ssl_verify()"); /// assert!(verify_out_size > 0 && verify_out_size <= 512); + /// } /// ``` + #[cfg(random)] pub fn ssl_sign(&mut self, din: &[u8], dout: &mut [u8], rng: &mut RNG) -> Result { let din_size = din.len() as u32; let dout_size = dout.len() as u32; @@ -1189,6 +1220,8 @@ impl RSA { /// # Example /// /// ```rust + /// #[cfg(random)] + /// { /// use std::fs; /// use wolfssl::wolfcrypt::random::RNG; /// use wolfssl::wolfcrypt::rsa::RSA; @@ -1211,6 +1244,7 @@ impl RSA { /// let mut verify_out: [u8; 512] = [0; 512]; /// let verify_out_size = rsa.ssl_verify(signature, &mut verify_out).expect("Error with ssl_verify()"); /// assert!(verify_out_size > 0 && verify_out_size <= 512); + /// } /// ``` pub fn ssl_verify(&mut self, din: &[u8], dout: &mut [u8]) -> Result { let din_size = din.len() as u32; diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/sha.rs b/wrapper/rust/wolfssl/src/wolfcrypt/sha.rs index a4873454f..ff5533837 100644 --- a/wrapper/rust/wolfssl/src/wolfcrypt/sha.rs +++ b/wrapper/rust/wolfssl/src/wolfcrypt/sha.rs @@ -230,12 +230,12 @@ impl Drop for SHA { } /// Context for SHA-224 (SHA-2) computation. -#[cfg(sha256)] +#[cfg(sha224)] pub struct SHA224 { wc_sha224: sys::wc_Sha224, } -#[cfg(sha256)] +#[cfg(sha224)] impl SHA224 { /// SHA-224 digest size in bytes. pub const DIGEST_SIZE: usize = sys::WC_SHA224_DIGEST_SIZE as usize; @@ -418,7 +418,7 @@ impl SHA224 { } } -#[cfg(sha256)] +#[cfg(sha224)] impl Drop for SHA224 { /// Safely free the underlying wolfSSL SHA224 context. /// @@ -636,12 +636,12 @@ impl Drop for SHA256 { } /// Context for SHA-384 (SHA-2) computation. -#[cfg(sha512)] +#[cfg(sha384)] pub struct SHA384 { wc_sha384: sys::wc_Sha384, } -#[cfg(sha512)] +#[cfg(sha384)] impl SHA384 { /// SHA-384 digest size in bytes. pub const DIGEST_SIZE: usize = sys::WC_SHA384_DIGEST_SIZE as usize; @@ -824,7 +824,7 @@ impl SHA384 { } } -#[cfg(sha512)] +#[cfg(sha384)] impl Drop for SHA384 { /// Safely free the underlying wolfSSL SHA384 context. /// diff --git a/wrapper/rust/wolfssl/tests/test_dh.rs b/wrapper/rust/wolfssl/tests/test_dh.rs index a4f717416..ae74ad93c 100644 --- a/wrapper/rust/wolfssl/tests/test_dh.rs +++ b/wrapper/rust/wolfssl/tests/test_dh.rs @@ -1,6 +1,8 @@ #![cfg(dh)] +#[cfg(any(all(dh_keygen, dh_ffdhe_2048), random))] use wolfssl::wolfcrypt::dh::DH; +#[cfg(random)] use wolfssl::wolfcrypt::random::RNG; #[test] @@ -27,7 +29,7 @@ fn test_dh_named_parameters() { } #[test] -#[cfg(dh_keygen)] +#[cfg(all(dh_keygen, random))] fn test_generate_params() { let mut rng = RNG::new().expect("Error with RNG::new()"); let mut dh = DH::generate(&mut rng, 2048).expect("Error with generate()"); @@ -40,7 +42,7 @@ fn test_generate_params() { } #[test] -#[cfg(all(dh_keygen, dh_ffdhe_2048))] +#[cfg(all(dh_keygen, dh_ffdhe_2048, random))] fn test_generate_key_pair() { let mut rng = RNG::new().expect("Error with RNG::new()"); let mut dh = DH::new_named(DH::FFDHE_2048).expect("Error with new_named()"); @@ -71,6 +73,7 @@ fn test_generate_key_pair() { } #[test] +#[cfg(random)] fn test_dh_checks() { let p = [ 0xc5u8, 0x7c, 0xa2, 0x4f, 0x4b, 0xd6, 0x8c, 0x3c, @@ -171,7 +174,7 @@ fn test_dh_checks() { } #[test] -#[cfg(dh_ffdhe_2048)] +#[cfg(all(dh_ffdhe_2048, random))] fn test_dh_shared_secret() { let mut rng = RNG::new().expect("Error with RNG::new()"); let mut dh = DH::new_named(DH::FFDHE_2048).expect("Error with new_named()"); diff --git a/wrapper/rust/wolfssl/tests/test_ecc.rs b/wrapper/rust/wolfssl/tests/test_ecc.rs index 0dbd1300b..91e2fe206 100644 --- a/wrapper/rust/wolfssl/tests/test_ecc.rs +++ b/wrapper/rust/wolfssl/tests/test_ecc.rs @@ -1,10 +1,13 @@ #![cfg(ecc)] +#[cfg(any(all(ecc_import, ecc_export, ecc_sign, ecc_verify, random), random))] use std::fs; use wolfssl::wolfcrypt::ecc::*; +#[cfg(random)] use wolfssl::wolfcrypt::random::RNG; #[test] +#[cfg(random)] fn test_ecc_generate() { let mut rng = RNG::new().expect("Failed to create RNG"); let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); @@ -12,6 +15,7 @@ fn test_ecc_generate() { } #[test] +#[cfg(random)] fn test_ecc_generate_ex() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -22,7 +26,7 @@ fn test_ecc_generate_ex() { } #[test] -#[cfg(all(ecc_import, ecc_export))] +#[cfg(all(ecc_import, ecc_export, random))] fn test_ecc_import_x963() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -39,6 +43,7 @@ fn test_ecc_import_x963() { } #[test] +#[cfg(random)] fn test_ecc_generate_ex2() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -48,17 +53,8 @@ fn test_ecc_generate_ex2() { ecc.check().expect("Error with check()"); } -fn bytes_to_asciiz_hex_string(bytes: &[u8]) -> String { - let mut hex_string = String::with_capacity(bytes.len() * 2 + 1); - for byte in bytes { - hex_string.push_str(&format!("{:02X}", byte)); - } - hex_string.push('\0'); - hex_string -} - #[test] -#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify))] +#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify, random))] fn test_ecc_import_export_sign_verify() { let mut rng = RNG::new().expect("Failed to create RNG"); let key_path = "../../../certs/ecc-client-key.der"; @@ -106,6 +102,15 @@ fn test_ecc_import_export_sign_verify() { let sig_out_size = ECC::rs_bin_to_sig(r, s, &mut sig_out).expect("Error with rs_bin_to_sig()"); assert_eq!(*signature, *&sig_out[0..sig_out_size]); + fn bytes_to_asciiz_hex_string(bytes: &[u8]) -> String { + let mut hex_string = String::with_capacity(bytes.len() * 2 + 1); + for byte in bytes { + hex_string.push_str(&format!("{:02X}", byte)); + } + hex_string.push('\0'); + hex_string + } + let r_hex_string = bytes_to_asciiz_hex_string(r); let s_hex_string = bytes_to_asciiz_hex_string(s); let mut sig_out = [0u8; 128]; @@ -121,7 +126,7 @@ fn test_ecc_import_export_sign_verify() { } #[test] -#[cfg(ecc_dh)] +#[cfg(all(ecc_dh, random))] fn test_ecc_shared_secret() { let mut rng = RNG::new().expect("Failed to create RNG"); let mut ecc0 = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); @@ -145,7 +150,7 @@ fn test_ecc_shared_secret() { } #[test] -#[cfg(ecc_export)] +#[cfg(all(ecc_export, random))] fn test_ecc_export() { let mut rng = RNG::new().expect("Failed to create RNG"); let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); @@ -159,7 +164,7 @@ fn test_ecc_export() { } #[test] -#[cfg(ecc_export)] +#[cfg(all(ecc_export, random))] fn test_ecc_export_ex() { let mut rng = RNG::new().expect("Failed to create RNG"); let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); @@ -173,7 +178,7 @@ fn test_ecc_export_ex() { } #[test] -#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify))] +#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify, random))] fn test_ecc_import_export_private() { let mut rng = RNG::new().expect("Failed to create RNG"); let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); @@ -195,7 +200,7 @@ fn test_ecc_import_export_private() { } #[test] -#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify))] +#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify, random))] fn test_ecc_import_export_private_ex() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -219,7 +224,7 @@ fn test_ecc_import_export_private_ex() { } #[test] -#[cfg(ecc_export)] +#[cfg(all(ecc_export, random))] fn test_ecc_export_public() { let mut rng = RNG::new().expect("Failed to create RNG"); let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()"); @@ -231,7 +236,7 @@ fn test_ecc_export_public() { } #[test] -#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify))] +#[cfg(all(ecc_import, ecc_export, ecc_sign, ecc_verify, random))] fn test_ecc_import_unsigned() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -256,6 +261,7 @@ fn test_ecc_import_unsigned() { } #[test] +#[cfg(random)] fn test_ecc_make_pub() { let mut rng = RNG::new().expect("Failed to create RNG"); let key_path = "../../../certs/ecc-client-key.der"; @@ -268,7 +274,7 @@ fn test_ecc_make_pub() { } #[test] -#[cfg(ecc_export)] +#[cfg(all(ecc_export, random))] fn test_ecc_point() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -282,7 +288,7 @@ fn test_ecc_point() { } #[test] -#[cfg(all(ecc_import, ecc_export))] +#[cfg(all(all(ecc_import, ecc_export, random)))] fn test_ecc_point_import() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; @@ -297,7 +303,7 @@ fn test_ecc_point_import() { } #[test] -#[cfg(all(ecc_import, ecc_export, ecc_comp_key))] +#[cfg(all(ecc_import, ecc_export, ecc_comp_key, random))] fn test_ecc_point_import_compressed() { let mut rng = RNG::new().expect("Failed to create RNG"); let curve_id = ECC::SECP256R1; diff --git a/wrapper/rust/wolfssl/tests/test_hmac.rs b/wrapper/rust/wolfssl/tests/test_hmac.rs index a927a82de..26bcf6aeb 100644 --- a/wrapper/rust/wolfssl/tests/test_hmac.rs +++ b/wrapper/rust/wolfssl/tests/test_hmac.rs @@ -1,3 +1,5 @@ +#![cfg(hmac)] + use wolfssl::wolfcrypt::hmac::*; use wolfssl::wolfcrypt::sha::SHA256; diff --git a/wrapper/rust/wolfssl/tests/test_kdf.rs b/wrapper/rust/wolfssl/tests/test_kdf.rs index 01912bd7e..51c554e8d 100644 --- a/wrapper/rust/wolfssl/tests/test_kdf.rs +++ b/wrapper/rust/wolfssl/tests/test_kdf.rs @@ -1,11 +1,13 @@ -#[cfg(any(kdf_pbkdf2, kdf_tls13))] +#![cfg(any(kdf_srtp, all(hmac, any(kdf_pbkdf2, kdf_ssh, kdf_tls13))))] + +#[cfg(all(hmac, any(kdf_pbkdf2, kdf_tls13)))] use wolfssl::wolfcrypt::hmac::HMAC; use wolfssl::wolfcrypt::kdf::*; -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] use wolfssl::wolfcrypt::sha::SHA256; #[test] -#[cfg(kdf_pbkdf2)] +#[cfg(all(hmac, kdf_pbkdf2))] fn test_pbkdf2() { let password = b"passwordpassword"; let salt = [0x78u8, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06]; @@ -25,7 +27,7 @@ fn test_pbkdf2() { } #[test] -#[cfg(kdf_pbkdf2)] +#[cfg(all(hmac, kdf_pbkdf2))] fn test_pkcs12_pbkdf() { let password = [0x00u8, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67, 0x00, 0x00]; let salt = [0x0au8, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f]; @@ -46,7 +48,7 @@ fn test_pkcs12_pbkdf() { } #[test] -#[cfg(kdf_tls13)] +#[cfg(all(hmac, kdf_tls13))] fn test_tls13_hkdf_extract_expand() { let hash_hello1 = [ 0x63u8, 0x83, 0x58, 0xab, 0x36, 0xcd, 0x0c, 0xf3, @@ -80,7 +82,7 @@ fn test_tls13_hkdf_extract_expand() { } #[test] -#[cfg(kdf_ssh)] +#[cfg(all(hmac, kdf_ssh))] fn test_ssh_kdf() { let ssh_kdf_set3_k = [ 0x6Au8, 0xC3, 0x82, 0xEA, 0xAC, 0xA0, 0x93, 0xE1, diff --git a/wrapper/rust/wolfssl/tests/test_prf.rs b/wrapper/rust/wolfssl/tests/test_prf.rs index e34d755a6..81ae1dbce 100644 --- a/wrapper/rust/wolfssl/tests/test_prf.rs +++ b/wrapper/rust/wolfssl/tests/test_prf.rs @@ -1,7 +1,9 @@ +#![cfg(all(prf, sha384))] + use wolfssl::wolfcrypt::prf::*; #[test] -fn test_kdf_prf() { +fn test_prf() { let secret = [0x10u8, 0xbc, 0xb4, 0xa2, 0xe8, 0xdc, 0xf1, 0x9b, 0x4c, 0x51, 0x9c, 0xed, 0x31, 0x1b, 0x51, 0x57, 0x02, 0x3f, 0xa1, 0x7d, 0xfb, 0x0e, 0xf3, 0x4e, 0x8f, 0x6f, 0x71, diff --git a/wrapper/rust/wolfssl/tests/test_random.rs b/wrapper/rust/wolfssl/tests/test_random.rs index f7d7cb794..fdf7808fc 100644 --- a/wrapper/rust/wolfssl/tests/test_random.rs +++ b/wrapper/rust/wolfssl/tests/test_random.rs @@ -1,3 +1,5 @@ +#![cfg(random)] + use wolfssl::wolfcrypt::random::RNG; // Test that RNG::new() returns successfully and that drop() does not panic. diff --git a/wrapper/rust/wolfssl/tests/test_rsa.rs b/wrapper/rust/wolfssl/tests/test_rsa.rs index 4bedeb4c4..600cceacd 100644 --- a/wrapper/rust/wolfssl/tests/test_rsa.rs +++ b/wrapper/rust/wolfssl/tests/test_rsa.rs @@ -1,7 +1,10 @@ #![cfg(rsa)] +#[cfg(any(all(sha256, random, rsa_pss), random, rsa_direct))] use std::fs; +#[cfg(random)] use wolfssl::wolfcrypt::random::RNG; +#[cfg(any(random, rsa_direct, rsa_keygen))] use wolfssl::wolfcrypt::rsa::*; #[test] @@ -49,6 +52,7 @@ fn test_rsa_generate() { } #[test] +#[cfg(random)] fn test_rsa_encrypt_decrypt() { let mut rng = RNG::new().expect("Error creating RNG"); let key_path = "../../../certs/client-keyPub.der"; @@ -71,7 +75,7 @@ fn test_rsa_encrypt_decrypt() { } #[test] -#[cfg(all(sha256, rsa_pss))] +#[cfg(all(sha256, random, rsa_pss))] fn test_rsa_pss() { let mut rng = RNG::new().expect("Error creating RNG"); @@ -118,6 +122,7 @@ fn test_rsa_direct() { } #[test] +#[cfg(random)] fn test_rsa_ssl() { let mut rng = RNG::new().expect("Error creating RNG"); diff --git a/wrapper/rust/wolfssl/tests/test_sha.rs b/wrapper/rust/wolfssl/tests/test_sha.rs index 748da48a5..eea53cd8e 100644 --- a/wrapper/rust/wolfssl/tests/test_sha.rs +++ b/wrapper/rust/wolfssl/tests/test_sha.rs @@ -27,7 +27,7 @@ fn test_sha() { } #[test] -#[cfg(sha256)] +#[cfg(sha224)] fn test_sha224() { let mut sha = SHA224::new().expect("Error with new()"); fn test1(sha: &mut SHA224, input: &[u8], expected_hash: &[u8]) { @@ -73,7 +73,7 @@ fn test_sha256() { } #[test] -#[cfg(sha512)] +#[cfg(sha384)] fn test_sha384() { let mut sha = SHA384::new().expect("Error with new()"); fn test1(sha: &mut SHA384, input: &[u8], expected_hash: &[u8]) {