Fixes for building wolfCrypt without PEM to DER support.

wolfSSL · Nov 16, 2023 · 249f9d4 · 249f9d4
1 parent a33ed5b
commit 249f9d4
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 22 deletions.
diff --git a/examples/pcr/policy_sign.c b/examples/pcr/policy_sign.c
@@ -109,7 +109,7 @@ static int PolicySign(TPM_ALG_ID alg, const char* keyFile, const char* password,
     if (rc == 0) {
         /* handle PEM conversion to DER */
         if (encType == ENCODING_TYPE_PEM) {
-        #if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER)
+        #ifdef WOLFTPM2_PEM_DECODE
             /* der size is base 64 decode length */
             word32 derSz = (word32)bufSz * 3 / 4 + 1;
             byte* derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);

diff --git a/src/tpm2_wrap.c b/src/tpm2_wrap.c
@@ -2717,9 +2717,7 @@ int wolfTPM2_ImportPublicKeyBuffer(WOLFTPM2_DEV* dev, int keyType,
     }
 
     if (encodingType == ENCODING_TYPE_PEM) {
-    #if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER) && \
-        (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)) && \
-        !defined(NO_ASN)
+    #ifdef WOLFTPM2_PEM_DECODE
         /* der size is base 64 decode length */
         derSz = inSz * 3 / 4 + 1;
         derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -2755,7 +2753,7 @@ int wolfTPM2_ImportPublicKeyBuffer(WOLFTPM2_DEV* dev, int keyType,
     #endif
     }
 
-#if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER)
+#ifdef WOLFTPM2_PEM_DECODE
     if (derBuf != (byte*)input) {
         XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     }
@@ -2785,7 +2783,7 @@ int wolfTPM2_ImportPrivateKeyBuffer(WOLFTPM2_DEV* dev,
     XMEMSET(&sens, 0, sizeof(sens));
 
     if (encodingType == ENCODING_TYPE_PEM) {
-    #if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER)
+    #ifdef WOLFTPM2_PEM_DECODE
         /* der size is base 64 decode length */
         derSz = inSz * 3 / 4 + 1;
         derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -2856,7 +2854,7 @@ int wolfTPM2_ImportPrivateKeyBuffer(WOLFTPM2_DEV* dev,
         rc = wolfTPM2_ImportPrivateKey(dev, parentKey, keyBlob, pub, &sens);
     }
 
-#if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER)
+#ifdef WOLFTPM2_PEM_DECODE
     if (derBuf != (byte*)input) {
         XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     }
@@ -2915,8 +2913,7 @@ int wolfTPM2_RsaPrivateKeyImportDer(WOLFTPM2_DEV* dev,
 }
 #endif /* !NO_ASN */
 
-#if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER)
-
+#ifdef WOLFTPM2_PEM_DECODE
 int wolfTPM2_RsaPrivateKeyImportPem(WOLFTPM2_DEV* dev,
     const WOLFTPM2_KEY* parentKey, WOLFTPM2_KEYBLOB* keyBlob,
     const char* input, word32 inSz, char* pass,
@@ -2927,8 +2924,7 @@ int wolfTPM2_RsaPrivateKeyImportPem(WOLFTPM2_DEV* dev,
     return wolfTPM2_ImportPrivateKeyBuffer(dev, parentKey, TPM_ALG_RSA, keyBlob,
         ENCODING_TYPE_PEM, input, inSz, pass, 0, NULL, 0);
 }
-
-#endif /* !WOLFTPM2_NO_HEAP && WOLFSSL_PEM_TO_DER */
+#endif /* WOLFTPM2_PEM_DECODE */
 
 
 int wolfTPM2_RsaKey_TpmToWolf(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* tpmKey,
@@ -3097,17 +3093,14 @@ int wolfTPM2_RsaKey_PubPemToTpm(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* tpmKey,
     const byte* pem, word32 pemSz)
 {
     int rc = TPM_RC_FAILURE;
-#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(WOLFSSL_PEM_TO_DER) && \
-    (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
+#ifdef WOLFTPM2_PEM_DECODE
     RsaKey rsaKey;
 #endif
 
     if (dev == NULL || tpmKey == NULL || pem == NULL)
         return BAD_FUNC_ARG;
 
-#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(WOLFSSL_PEM_TO_DER) && \
-    (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)) && \
-    !defined(NO_ASN)
+#ifdef WOLFTPM2_PEM_DECODE
     /* Prepare wolfCrypt key structure */
     rc = wc_InitRsaKey(&rsaKey, NULL);
     if (rc == 0) {

diff --git a/tests/unit_tests.c b/tests/unit_tests.c
@@ -328,7 +328,7 @@ static void test_wolfTPM2_CSR(void)
 #endif
 }
 
-#ifndef WOLFTPM2_NO_WOLFCRYPT
+#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(WOLFTPM2_PEM_DECODE)
 static WOLFTPM2_KEY authKey; /* also used for test_wolfTPM2_PCRPolicy */
 
 static void test_wolfTPM_ImportPublicKey(void)
@@ -364,9 +364,7 @@ static void test_wolfTPM_ImportPublicKey(void)
         pemPublicKey, (word32)XSTRLEN(pemPublicKey),
         attributes
     );
-    if (rc != 0 && rc != NOT_COMPILED_IN) {
-        AssertIntEQ(rc, 0);
-    }
+    AssertIntEQ(rc, 0);
 
     wolfTPM2_Cleanup(&dev);
 }
@@ -435,7 +433,7 @@ static void test_wolfTPM2_PCRPolicy(void)
 
     wolfTPM2_Cleanup(&dev);
 }
-#endif /* !WOLFTPM2_NO_WOLFCRYPT */
+#endif /* !WOLFTPM2_NO_WOLFCRYPT && WOLFTPM2_PEM_DECODE */
 
 #if defined(HAVE_THREAD_LS) && defined(HAVE_PTHREAD)
 #include <pthread.h>
@@ -507,7 +505,7 @@ int unit_tests(int argc, char *argv[])
     test_TPM2_KDFa();
     test_wolfTPM2_ReadPublicKey();
     test_wolfTPM2_CSR();
-    #ifndef WOLFTPM2_NO_WOLFCRYPT
+    #if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(WOLFTPM2_PEM_DECODE)
     test_wolfTPM_ImportPublicKey();
     test_wolfTPM2_PCRPolicy();
     #endif

diff --git a/wolftpm/tpm2_types.h b/wolftpm/tpm2_types.h
@@ -650,6 +650,11 @@ typedef int64_t  INT64;
     #define WOLFTPM2_CERT_GEN
 #endif
 
+#if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER) && \
+    (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)) && \
+    !defined(NO_ASN)
+    #define WOLFTPM2_PEM_DECODE
+#endif
 
 /* ---------------------------------------------------------------------------*/
 /* ENDIANESS HELPERS */