linuxkm: add GetCAByKeyHash to wolfssl_linuxkm_pie_redirect_table.

2024-09-06 14:15:19 -05:00 · 2024-09-06 14:15:19 -05:00 · 87aef05f16
parent 945f97636a
commit 87aef05f16
3 changed files with 21 additions and 9 deletions
--- a/linuxkm/linuxkm_wc_port.h
+++ b/linuxkm/linuxkm_wc_port.h
@ -461,8 +461,11 @@
        struct Signer *GetCA(void *signers, unsigned char *hash);
        #ifndef NO_SKID
            struct Signer *GetCAByName(void* signers, unsigned char *hash);
-        #endif
-    #endif
+            #ifdef HAVE_OCSP
+                struct Signer* GetCAByKeyHash(void* vp, const unsigned char* keyHash);
+            #endif /* HAVE_OCSP */
+        #endif /* NO_SKID */
+    #endif /* !WOLFCRYPT_ONLY && !NO_CERTS */

    #if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
        #error "compiling -fPIE requires PIE redirect table."
@ -629,8 +632,11 @@
        typeof(GetCA) *GetCA;
        #ifndef NO_SKID
        typeof(GetCAByName) *GetCAByName;
-        #endif
-        #endif
+        #ifdef HAVE_OCSP
+        typeof(GetCAByKeyHash) *GetCAByKeyHash;
+        #endif /* HAVE_OCSP */
+        #endif /* NO_SKID */
+        #endif /* !WOLFCRYPT_ONLY && !NO_CERTS */

        #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
        typeof(dump_stack) *dump_stack;
@ -778,8 +784,11 @@
        #define GetCA (wolfssl_linuxkm_get_pie_redirect_table()->GetCA)
        #ifndef NO_SKID
            #define GetCAByName (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByName)
-        #endif
-    #endif
+            #ifdef HAVE_OCSP
+                #define GetCAByKeyHash (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByKeyHash)
+            #endif /* HAVE_OCSP */
+        #endif /* NO_SKID */
+    #endif /* !WOLFCRYPT_ONLY && !NO_CERTS */

    #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
        #define dump_stack (wolfssl_linuxkm_get_pie_redirect_table()->dump_stack)
--- a/linuxkm/module_hooks.c
+++ b/linuxkm/module_hooks.c
@ -577,8 +577,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
    wolfssl_linuxkm_pie_redirect_table.GetCA = GetCA;
 #ifndef NO_SKID
    wolfssl_linuxkm_pie_redirect_table.GetCAByName = GetCAByName;
-#endif
-#endif
+#ifdef HAVE_OCSP
+wolfssl_linuxkm_pie_redirect_table.GetCAByKeyHash = GetCAByKeyHash;
+#endif /* HAVE_OCSP */
+#endif /* NO_SKID */
+#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */

 #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
    wolfssl_linuxkm_pie_redirect_table.dump_stack = dump_stack;
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -6466,7 +6466,7 @@ WOLFSSL_LOCAL WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA *rsa, WC_RNG **tmpRNG,
        WOLFSSL_LOCAL Signer* GetCAByAKID(void* vp, const byte* issuer,
                word32 issuerSz, const byte* serial, word32 serialSz);
    #endif
-    #ifdef HAVE_OCSP
+    #if defined(HAVE_OCSP) && !defined(GetCAByKeyHash)
        WOLFSSL_LOCAL Signer* GetCAByKeyHash(void* vp, const byte* keyHash);
    #endif
    #if !defined(NO_SKID) && !defined(GetCAByName)