Merge pull request #6531 from bandi13/extraCMakeOptions

Extra c make options
2023-06-27 13:26:03 -07:00 · 2023-06-27 13:26:03 -07:00 · 0d0d2cf50c
parent e0fa25eedc 155ce9aecf
commit 0d0d2cf50c
3 changed files with 46 additions and 3 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -1774,6 +1774,42 @@ if(WOLFSSL_AESKEYWRAP)
        )
 endif()

+# Hybrid Public Key Encryption (RFC9180)
+add_option("WOLFSSL_HPKE"
+        "Enable wolfSSL hybrid public key encryption (default: disabled)"
+        "no" "yes;no")
+
+# Encrypted Client Hello (ECH)
+add_option("WOLFSSL_ECH"
+        "Enable wolfSSL encrypted client hello (default: disabled)"
+        "no" "yes;no")
+
+# Keying Material Exporter / TLS Exporter
+add_option("WOLFSSL_KEYING_MATERIAL"
+        "Enable wolfSSL keying material export (default: disabled)"
+        "no" "yes;no")
+
+if(WOLFSSL_HPKE)
+    if(NOT WOLFSSL_ECC)
+        message(FATAL_ERROR "HPKE supported only with ECC (WOLFSSL_ECC)")
+    endif()
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_HPKE")
+    override_cache(WOLFSSL_HKDF "yes")
+endif()
+
+if(WOLFSSL_ECH)
+    if(NOT WOLFSSL_HPKE)
+        message(FATAL_ERROR "ECH supported only with HPKE (WOLFSSL_HPKE)")
+    endif()
+    if(NOT WOLFSSL_SNI)
+        message(FATAL_ERROR "ECH supported only with SNI (WOLFSSL_SNI)")
+    endif()
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECH")
+endif()
+
+if(WOLFSSL_KEYING_MATERIAL)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_KEYING_MATERIAL")
+endif()

 if(WOLFSSL_KEYGEN)
    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_KEY_GEN")
--- a/cmake/functions.cmake
+++ b/cmake/functions.cmake
@ -304,6 +304,9 @@ function(generate_build_flags)
    if(WOLFSSL_CAAM)
        set(BUILD_CAAM "yes" PARENT_SCOPE)
    endif()
+    if(WOLFSSL_HPKE OR WOLFSSL_USER_SETTINGS)
+        set(BUILD_HPKE "yes" PARENT_SCOPE)
+    endif()

    set(BUILD_FLAGS_GENERATED "yes" PARENT_SCOPE)
 endfunction()
@ -910,6 +913,10 @@ function(generate_lib_src_list LIB_SOURCES)
            wolfcrypt/src/port/caam/wolfcaam_hmac.c)
    endif()

+    if(BUILD_HPKE)
+         list(APPEND LIB_SOURCES wolfcrypt/src/hpke.c)
+    endif()
+
    set(LIB_SOURCES ${LIB_SOURCES} PARENT_SCOPE)
 endfunction()

--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -23255,10 +23255,10 @@ static wc_test_ret_t hpke_test_single(Hpke* hpke)
    void* receiverKey = NULL;
    void* ephemeralKey = NULL;
 #ifdef WOLFSSL_SMALL_STACK
-    uint8_t *pubKey = NULL; /* public key */
+    byte *pubKey = NULL; /* public key */
    word16 pubKeySz = (word16)HPKE_Npk_MAX;
 #else
-    uint8_t pubKey[HPKE_Npk_MAX]; /* public key */
+    byte pubKey[HPKE_Npk_MAX]; /* public key */
    word16 pubKeySz = (word16)sizeof(pubKey);
 #endif

@ -23269,7 +23269,7 @@ static wc_test_ret_t hpke_test_single(Hpke* hpke)

 #ifdef WOLFSSL_SMALL_STACK
    if (ret == 0) {
-        pubKey = (uint8_t *)XMALLOC(pubKeySz, HEAP_HINT,
+        pubKey = (byte *)XMALLOC(pubKeySz, HEAP_HINT,
                                    DYNAMIC_TYPE_TMP_BUFFER);
        if (pubKey == NULL)
            ret = MEMORY_E;