Support for Android KeyStore compatibility API's:

* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`. * Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`. * Adds `ECDSA_verify`. * Fix to allow `SHA256()` and `MD5()` with FIPSv2. * Decouple crypto callbacks and hash flags * Fix for possible use of uninitialized when building TLS bench without TLS v1.3. * Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`. * Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS. * Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`. * Added instructions for building wolfSSL with Android kernel.
2021-10-14 14:38:57 -07:00
parent f04380d624
commit a03ed32380
32 changed files with 682 additions and 237 deletions
--- a/IDE/Android/user_settings.h
+++ b/IDE/Android/user_settings.h
@@ -0,0 +1,101 @@
+/* Custom build settings for Android */
+
+#ifndef _WOLF_USER_SETTINGS_H_
+#define _WOLF_USER_SETTINGS_H_
+
+#if 0
+    #define HAVE_FIPS_VERSION 2
+    #define HAVE_FIPS
+#endif
+
+/* WPA Supplicant Support */
+#define WOLFSSL_WPAS_SMALL
+#define OPENSSL_ALL
+#define HAVE_THREAD_LS
+
+#define USE_FAST_MATH
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
+#define HAVE_HASHDRBG
+
+#define WOLFSSL_TLS13
+#define HAVE_SESSION_TICKET
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_EXTENDED_MASTER
+#define HAVE_ENCRYPT_THEN_MAC
+#define WOLFSSL_ENCRYPTED_KEYS
+#define HAVE_KEYING_MATERIAL
+#define NO_OLD_TLS
+#define NO_CHECK_PRIVATE_KEY
+
+#define WOLF_CRYPTO_CB
+#define HAVE_PK_CALLBACKS
+
+#define KEEP_OUR_CERT
+#define KEEP_PEER_CERT
+#define WOLFSSL_ALWAYS_VERIFY_CB
+#define WOLFSSL_ALWAYS_KEEP_SNI
+#define HAVE_EX_DATA
+#define HAVE_EXT_CACHE
+#define WOLFSSL_EITHER_SIDE
+#define WOLFSSL_PUBLIC_MP
+#define WOLFSSL_DER_LOAD
+
+#define WOLFSSL_KEY_GEN
+#define WC_RSA_PSS
+#define WC_RSA_NO_PADDING
+
+#define HAVE_FFDHE_2048
+#define HAVE_DH_DEFAULT_PARAMS
+#ifdef HAVE_FIPS
+    #define WOLFSSL_VALIDATE_FFC_IMPORT
+    #define HAVE_FFDHE_Q
+#endif
+
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA512
+#define WOLFSSL_SHA384
+
+#define HAVE_HKDF
+#define HAVE_PKCS8
+
+#define HAVE_ECC
+#define TFM_ECC256
+#define ECC_SHAMIR
+#ifdef HAVE_FIPS
+    #define HAVE_ECC_CDH
+    #define WOLFSSL_VALIDATE_ECC_IMPORT
+#endif
+
+#define HAVE_AESGCM
+#define HAVE_AESCCM
+#define WOLFSSL_AES_DIRECT
+#define WOLFSSL_AES_COUNTER
+#define HAVE_AES_ECB
+#define WOLFSSL_CMAC
+
+#define WOLFSSL_BASE64_ENCODE
+#define HAVE_CRL
+
+#define NO_DSA
+#define NO_RC4
+#define NO_HC128
+#define NO_RABBIT
+#define NO_RC4
+#define NO_PSK
+#define WOLFSSL_NO_SHAKE256
+#define NO_MD4
+#define NO_OLD_MD5_NAME
+#define NO_OLD_SHA_NAMES
+#define NO_OLD_SHA256_NAMES
+#define NO_OLD_WC_NAMES
+
+#if 0
+    #define DEBUG_WOLFSSL
+    #define WOLFSSL_ANDROID_DEBUG
+#endif
+
+#endif /* _WOLF_USER_SETTINGS_H_ */