seperate build of QSH from build of NTRU

2017-08-16 14:19:38 -06:00 · 2017-08-16 14:19:38 -06:00 · 3fda99cbc4
commit 3fda99cbc4
parent 53e05786da
2 changed files with 26 additions and 9 deletions
--- a/configure.ac
+++ b/configure.ac
@ -2217,7 +2217,7 @@ AC_ARG_WITH([ntru],
    [AS_HELP_STRING([--with-ntru=PATH],[Path to NTRU install (default /usr/)])],
    [
        AC_MSG_CHECKING([for NTRU])
-        CPPFLAGS="$CPPFLAGS -DHAVE_NTRU -DHAVE_QSH -DHAVE_TLS_EXTENSIONS"
+        CPPFLAGS="$CPPFLAGS -DHAVE_NTRU -DHAVE_TLS_EXTENSIONS"
        LIBS="$LIBS -lntruencrypt"

        AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <libntruencrypt/ntru_crypto_drbg.h>]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
@ -2245,7 +2245,7 @@ AC_ARG_WITH([ntru],
            AC_MSG_RESULT([yes])
        fi

-        AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -DHAVE_QSH -DHAVE_TLS_EXTENSIONS"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -DHAVE_TLS_EXTENSIONS"
        ENABLED_NTRU="yes"
    ]
 )
@ -2253,6 +2253,24 @@ AC_ARG_WITH([ntru],
 AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])


+# QSH
+AC_ARG_ENABLE([qsh],
+    [AS_HELP_STRING([--enable-qsh],[Enable QSH (default: disabled)])],
+    [ ENABLED_QSH=$enableval ],
+    [ ENABLED_QSH=no ]
+    )
+
+if test "x$ENABLED_QSH" = "xyes"
+then
+    if test "x$ENABLED_NTRU" = "xno"
+    then
+        AC_MSG_ERROR([cannot enable qsh without NTRU])
+    fi
+
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_QSH"
+fi
+
+
 # Whitewood netRandom client library
 ENABLED_WNR="no"
 trywnrdir=""
@ -3898,6 +3916,7 @@ echo "   * Persistent cert    cache:   $ENABLED_SAVECERT"
 echo "   * Atomic User Record Layer:   $ENABLED_ATOMICUSER"
 echo "   * Public Key Callbacks:       $ENABLED_PKCALLBACKS"
 echo "   * NTRU:                       $ENABLED_NTRU"
+echo "   * QSH:                        $ENABLED_QSH"
 echo "   * Whitewood netRandom:        $ENABLED_WNR"
 echo "   * Server Name Indication:     $ENABLED_SNI"
 echo "   * ALPN:                       $ENABLED_ALPN"
--- a/src/tls.c
+++ b/src/tls.c
@ -51,10 +51,10 @@
 #ifdef HAVE_QSH
    static int TLSX_AddQSHKey(QSHKey** list, QSHKey* key);
    static byte* TLSX_QSHKeyFind_Pub(QSHKey* qsh, word16* pubLen, word16 name);
-#endif
-#if defined(HAVE_NTRU) || defined(HAVE_QSH)
+#if defined(HAVE_NTRU)
    static int TLSX_CreateNtruKey(WOLFSSL* ssl, int type);
 #endif
+#endif /* HAVE_QSH */


 #ifndef NO_TLS
@ -3708,12 +3708,12 @@ int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket, void* heap)
 /* Quantum-Safe-Hybrid                                                        */
 /******************************************************************************/

+#ifdef HAVE_QSH
 #if defined(HAVE_NTRU)
 static WC_RNG* gRng;
 static wolfSSL_Mutex* gRngMutex;
 #endif

-#ifdef HAVE_QSH
 static void TLSX_QSH_FreeAll(QSHScheme* list, void* heap)
 {
    QSHScheme* current;
@ -7166,7 +7166,7 @@ static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore,
 }


-#ifdef HAVE_NTRU
+#if defined(HAVE_NTRU) && defined(HAVE_QSH)

 static word32 GetEntropy(unsigned char* out, word32 num_bytes)
 {
@ -7253,11 +7253,10 @@ static int TLSX_AddQSHKey(QSHKey** list, QSHKey* key)
 }


-#if defined(HAVE_NTRU) || defined(HAVE_QSH)
+#if defined(HAVE_NTRU)
 int TLSX_CreateNtruKey(WOLFSSL* ssl, int type)
 {
    int ret = -1;
-#ifdef HAVE_NTRU
    int ntruType;

    /* variable declarations for NTRU*/
@ -7320,7 +7319,6 @@ int TLSX_CreateNtruKey(WOLFSSL* ssl, int type)
    temp->next = NULL;

    TLSX_AddQSHKey(&ssl->QSH_Key, temp);
-#endif

    (void)ssl;
    (void)type;