diff --git a/hostapd/Makefile b/hostapd/Makefile index 6f8eef033..42b17499e 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -460,6 +460,7 @@ OBJS += ../src/tls/x509v3.o OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs8.o +NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y NEED_MODEXP=y @@ -476,7 +477,6 @@ OBJS += ../src/crypto/crypto_internal-modexp.o OBJS += ../src/tls/bignum.o endif ifeq ($(CONFIG_CRYPTO), libtomcrypt) -CFLAGS += -DCONFIG_INTERNAL_X509 OBJS += ../src/crypto/crypto_libtomcrypt.o LIBS += -ltomcrypt -ltfm LIBS_h += -ltomcrypt -ltfm @@ -485,7 +485,6 @@ CONFIG_INTERNAL_RC4=y CONFIG_INTERNAL_DH_GROUP5=y endif ifeq ($(CONFIG_CRYPTO), internal) -CFLAGS += -DCONFIG_INTERNAL_X509 OBJS += ../src/crypto/crypto_internal.o NEED_AES_DEC=y CFLAGS += -DCONFIG_CRYPTO_INTERNAL diff --git a/src/tls/asn1.c b/src/tls/asn1.c index 2cb9318ac..3391245fe 100644 --- a/src/tls/asn1.c +++ b/src/tls/asn1.c @@ -15,9 +15,6 @@ #include "includes.h" #include "common.h" - -#ifdef CONFIG_INTERNAL_X509 - #include "asn1.h" int asn1_get_next(const u8 *buf, size_t len, struct asn1_hdr *hdr) @@ -213,5 +210,3 @@ unsigned long asn1_bit_string_to_long(const u8 *buf, size_t len) return val; } - -#endif /* CONFIG_INTERNAL_X509 */ diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c index 87bcde99f..e9405cd4f 100644 --- a/src/tls/x509v3.c +++ b/src/tls/x509v3.c @@ -15,9 +15,6 @@ #include "includes.h" #include "common.h" - -#ifdef CONFIG_INTERNAL_X509 - #include "crypto/crypto.h" #include "asn1.h" #include "x509v3.h" @@ -1745,18 +1742,12 @@ skip_digest_oid: hash, hash_len); break; case 11: /* sha256WithRSAEncryption */ -#ifdef NEED_SHA256 sha256_vector(1, &cert->tbs_cert_start, &cert->tbs_cert_len, hash); hash_len = 32; wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (SHA256)", hash, hash_len); break; -#else /* NEED_SHA256 */ - wpa_printf(MSG_INFO, "X509: SHA256 support disabled"); - os_free(data); - return -1; -#endif /* NEED_SHA256 */ case 2: /* md2WithRSAEncryption */ case 12: /* sha384WithRSAEncryption */ case 13: /* sha512WithRSAEncryption */ @@ -1970,5 +1961,3 @@ int x509_certificate_self_signed(struct x509_certificate *cert) { return x509_name_compare(&cert->issuer, &cert->subject) == 0; } - -#endif /* CONFIG_INTERNAL_X509 */ diff --git a/src/tls/x509v3.h b/src/tls/x509v3.h index 4031cde9e..8b710cd3e 100644 --- a/src/tls/x509v3.h +++ b/src/tls/x509v3.h @@ -99,8 +99,6 @@ enum { X509_VALIDATE_UNKNOWN_CA }; -#ifdef CONFIG_INTERNAL_X509 - void x509_certificate_free(struct x509_certificate *cert); struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len); void x509_name_string(struct x509_name *name, char *buf, size_t len); @@ -116,49 +114,4 @@ x509_certificate_get_subject(struct x509_certificate *chain, struct x509_name *name); int x509_certificate_self_signed(struct x509_certificate *cert); -#else /* CONFIG_INTERNAL_X509 */ - -static inline void x509_certificate_free(struct x509_certificate *cert) -{ -} - -static inline struct x509_certificate * -x509_certificate_parse(const u8 *buf, size_t len) -{ - return NULL; -} - -static inline void x509_name_string(struct x509_name *name, char *buf, - size_t len) -{ - if (len) - buf[0] = '\0'; -} - -static inline void x509_certificate_chain_free(struct x509_certificate *cert) -{ -} - -static inline int -x509_certificate_chain_validate(struct x509_certificate *trusted, - struct x509_certificate *chain, - int *reason) -{ - return -1; -} - -static inline struct x509_certificate * -x509_certificate_get_subject(struct x509_certificate *chain, - struct x509_name *name) -{ - return NULL; -} - -static inline int x509_certificate_self_signed(struct x509_certificate *cert) -{ - return -1; -} - -#endif /* CONFIG_INTERNAL_X509 */ - #endif /* X509V3_H */ diff --git a/src/utils/build_config.h b/src/utils/build_config.h index 7f54b0444..366677849 100644 --- a/src/utils/build_config.h +++ b/src/utils/build_config.h @@ -49,7 +49,6 @@ #ifdef USE_INTERNAL_CRYPTO #define CONFIG_TLS_INTERNAL_CLIENT #define CONFIG_INTERNAL_LIBTOMMATH -#define CONFIG_INTERNAL_X509 #define CONFIG_CRYPTO_INTERNAL #endif /* USE_INTERNAL_CRYPTO */ #endif /* CONFIG_WIN32_DEFAULTS */ @@ -62,7 +61,6 @@ #define CONFIG_NO_STDOUT_DEBUG #define CONFIG_BACKEND_FILE #define CONFIG_INTERNAL_LIBTOMMATH -#define CONFIG_INTERNAL_X509 #define CONFIG_CRYPTO_INTERNAL #define IEEE8021X_EAPOL #define PKCS12_FUNCS @@ -100,7 +98,6 @@ #ifdef USE_INTERNAL_CRYPTO #define CONFIG_TLS_INTERNAL_CLIENT #define CONFIG_INTERNAL_LIBTOMMATH -#define CONFIG_INTERNAL_X509 #define CONFIG_CRYPTO_INTERNAL #endif /* USE_INTERNAL_CRYPTO */ #endif /* CONFIG_XCODE_DEFAULTS */ diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index 40a1d112e..19b34673d 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -787,6 +787,7 @@ OBJS += ../src/tls/x509v3.o OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs8.o +NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y NEED_MODEXP=y @@ -802,7 +803,6 @@ OBJS += ../src/crypto/crypto_internal-modexp.o OBJS += ../src/tls/bignum.o endif ifeq ($(CONFIG_CRYPTO), libtomcrypt) -CFLAGS += -DCONFIG_INTERNAL_X509 OBJS += ../src/crypto/crypto_libtomcrypt.o OBJS_p += ../src/crypto/crypto_libtomcrypt.o LIBS += -ltomcrypt -ltfm @@ -812,7 +812,6 @@ CONFIG_INTERNAL_RC4=y CONFIG_INTERNAL_DH_GROUP5=y endif ifeq ($(CONFIG_CRYPTO), internal) -CFLAGS += -DCONFIG_INTERNAL_X509 OBJS += ../src/crypto/crypto_internal.o OBJS_p += ../src/crypto/crypto_internal.o NEED_AES_ENC=y @@ -968,7 +967,6 @@ endif SHA256OBJS = # none by default ifdef NEED_SHA256 SHA256OBJS += ../src/crypto/sha256.o -CFLAGS += -DNEED_SHA256 ifdef CONFIG_INTERNAL_SHA256 SHA256OBJS += ../src/crypto/sha256-internal.o endif