Merge pull request #10393 from JacobBarthelmeh/opensslextra

dgarske · web-flow · commit 9096bcc8fad0 · 2026-05-17T22:33:23.000-07:00
support build --enable-opensslextra with NO_BIO and NO_FILESYSTEM
diff --git a/.github/workflows/os-check.yml b/.github/workflows/os-check.yml
@@ -128,6 +128,7 @@ jobs:
             CPPFLAGS=''-DNO_WOLFSSL_SERVER -DWOLFSSL_NO_TLS12 -DNO_SESSION_CACHE
             -DWOLFSSL_AES_NO_UNROLL -DUSE_SLOW_SHA256 -DWOLFSSL_NO_ASYNC_IO
             -DWOLFSSL_DTLS_ONLY'' ',
+          '--enable-opensslextra --disable-filesystem CPPFLAGS="-DNO_BIO"',
           'CPPFLAGS=-DNO_VERIFY_OID',
           'CPPFLAGS="-DNO_VERIFY_OID -DWOLFSSL_FPKI"',
         ]
diff --git a/src/pk.c b/src/pk.c
@@ -211,7 +211,8 @@ static int pem_read_file_key(XFILE fp, wc_pem_password_cb* cb, void* pass,
 #endif
 
 #if defined(OPENSSL_EXTRA) && ((!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) \
-    || !defined(WOLFCRYPT_ONLY))
+    || !defined(WOLFCRYPT_ONLY)) \
+    && (!defined(NO_BIO) || !defined(NO_FILESYSTEM))
 /* Convert DER data to PEM in an allocated buffer.
  *
  * @param [in]  der    Buffer containing DER data.
diff --git a/src/pk_ec.c b/src/pk_ec.c
@@ -426,7 +426,6 @@ void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group)
 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
 
 #ifdef OPENSSL_EXTRA
-#ifndef NO_BIO
 
 /* Creates an EC group from the DER encoding.
  *
@@ -506,6 +505,7 @@ static WOLFSSL_EC_GROUP* wolfssl_ec_group_d2i(WOLFSSL_EC_GROUP** group,
     return ret;
 }
 
+#ifndef NO_BIO
 /* Creates a new EC group from the PEM encoding in the BIO.
  *
  * @param [in]  bio    BIO to read PEM encoding from.
@@ -545,6 +545,7 @@ WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,
     FreeDer(&der);
     return ret;
 }
+#endif /* !NO_BIO */
 
 WOLFSSL_EC_GROUP *wolfSSL_d2i_ECPKParameters(WOLFSSL_EC_GROUP **out,
         const unsigned char **in, long len)
@@ -592,7 +593,6 @@ int wolfSSL_i2d_ECPKParameters(const WOLFSSL_EC_GROUP* grp, unsigned char** pp)
 
     return len;
 }
-#endif /* !NO_BIO */
 
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS)
 /* Copy an EC group.
diff --git a/src/pk_rsa.c b/src/pk_rsa.c
@@ -986,7 +986,6 @@ int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa, const unsigned char* derBuf,
 
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
 
-#if !defined(NO_BIO) || !defined(NO_FILESYSTEM)
 /* Load DER encoded data into WOLFSSL_RSA object.
  *
  * Creates a new WOLFSSL_RSA object if one is not passed in.
@@ -1026,7 +1025,6 @@ static WOLFSSL_RSA* wolfssl_rsa_d2i(WOLFSSL_RSA** rsa, const unsigned char* in,
     }
     return ret;
 }
-#endif
 
 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
 
diff --git a/tests/api/test_ossl_ec.c b/tests/api/test_ossl_ec.c
@@ -1077,6 +1077,7 @@ int test_EC_i2d(void)
     ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 1));
     ExpectNull(d2i_ECPrivateKey(&key, &tmp, 0));
 
+#ifndef NO_BIO
     {
         EC_KEY *pubkey = NULL;
         BIO* bio = NULL;
@@ -1088,6 +1089,7 @@ int test_EC_i2d(void)
         BIO_free(bio);
         EC_KEY_free(pubkey);
     }
+#endif
 
     ExpectIntEQ(i2d_ECPrivateKey(NULL, &p), 0);
     ExpectIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);
diff --git a/tests/api/test_tls.c b/tests/api/test_tls.c
@@ -389,7 +389,8 @@ int test_tls_certreq_order(void)
 }
 
 #if !defined(WOLFSSL_NO_TLS12) && !defined(NO_RSA) && defined(HAVE_ECC) && \
-    !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH)
+    !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH) && \
+    !defined(NO_FILESYSTEM)
 /* Called when writing. */
 static int CsSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
@@ -425,7 +426,8 @@ int test_tls12_bad_cv_sig_alg(void)
 {
     EXPECT_DECLS;
 #if !defined(WOLFSSL_NO_TLS12) && !defined(NO_RSA) && defined(HAVE_ECC) && \
-    !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH)
+    !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH) && \
+    !defined(NO_FILESYSTEM)
     byte clientMsgs[] = {
         /* Client Hello */
         0x16, 0x03, 0x03, 0x00, 0xe7,
diff --git a/tests/api/test_tls13.c b/tests/api/test_tls13.c
@@ -3844,7 +3844,7 @@ int test_tls13_ch2_different_cs(void)
 }
 
 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) && \
-    defined(HAVE_ECC)
+    defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
 /* Called when writing. */
 static int MESend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
@@ -3881,7 +3881,7 @@ int test_tls13_sg_missing(void)
 {
     EXPECT_DECLS;
 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) && \
-    defined(HAVE_ECC)
+    defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL *ssl = NULL;
     byte clientHello[] = {
@@ -3952,7 +3952,7 @@ int test_tls13_ks_missing(void)
 {
     EXPECT_DECLS;
 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER) && \
-    defined(HAVE_ECC)
+    defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL *ssl = NULL;
     byte clientHello[] = {
@@ -4282,7 +4282,8 @@ int test_key_share_mismatch(void)
 
 
 #if defined(WOLFSSL_TLS13) && !defined(NO_RSA) && defined(HAVE_ECC) && \
-    defined(HAVE_AESGCM) && !defined(NO_WOLFSSL_SERVER)
+    defined(HAVE_AESGCM) && !defined(NO_WOLFSSL_SERVER) && \
+    !defined(NO_FILESYSTEM)
 /* Called when writing. */
 static int Tls13PTASend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
@@ -4410,7 +4411,8 @@ int test_tls13_plaintext_alert(void)
     EXPECT_DECLS;
 
 #if defined(WOLFSSL_TLS13) && !defined(NO_RSA) && defined(HAVE_ECC) && \
-    defined(HAVE_AESGCM) && !defined(NO_WOLFSSL_SERVER)
+    defined(HAVE_AESGCM) && !defined(NO_WOLFSSL_SERVER) && \
+    !defined(NO_FILESYSTEM)
     byte clientMsgs[] = {
         /* Client Hello */
         0x16, 0x03, 0x03, 0x01, 0x9b, 0x01, 0x00, 0x01,

Original file line number	Diff line number	Diff line change
`@@ -128,6 +128,7 @@ jobs:`
`128`	`128`	`CPPFLAGS=''-DNO_WOLFSSL_SERVER -DWOLFSSL_NO_TLS12 -DNO_SESSION_CACHE`
`129`	`129`	`-DWOLFSSL_AES_NO_UNROLL -DUSE_SLOW_SHA256 -DWOLFSSL_NO_ASYNC_IO`
`130`	`130`	`-DWOLFSSL_DTLS_ONLY'' ',`
	`131`	`+ '--enable-opensslextra --disable-filesystem CPPFLAGS="-DNO_BIO"',`
`131`	`132`	`'CPPFLAGS=-DNO_VERIFY_OID',`
`132`	`133`	`'CPPFLAGS="-DNO_VERIFY_OID -DWOLFSSL_FPKI"',`
`133`	`134`	`]`
Original file line number	Diff line number	Diff line change
`@@ -211,7 +211,8 @@ static int pem_read_file_key(XFILE fp, wc_pem_password_cb* cb, void* pass,`
`211`	`211`	`#endif`
`212`	`212`
`213`	`213`	`#if defined(OPENSSL_EXTRA) && ((!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)) \`
`214`		`- \|\| !defined(WOLFCRYPT_ONLY))`
	`214`	`+ \|\| !defined(WOLFCRYPT_ONLY)) \`
	`215`	`+ && (!defined(NO_BIO) \|\| !defined(NO_FILESYSTEM))`
`215`	`216`	`/* Convert DER data to PEM in an allocated buffer.`
`216`	`217`	`*`
`217`	`218`	`* @param [in] der Buffer containing DER data.`
Original file line number	Diff line number	Diff line change
`@@ -426,7 +426,6 @@ void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group)`
`426`	`426`	`#endif /* OPENSSL_EXTRA \|\| OPENSSL_EXTRA_X509_SMALL */`
`427`	`427`
`428`	`428`	`#ifdef OPENSSL_EXTRA`
`429`		`-#ifndef NO_BIO`
`430`	`429`
`431`	`430`	`/* Creates an EC group from the DER encoding.`
`432`	`431`	`*`
`@@ -506,6 +505,7 @@ static WOLFSSL_EC_GROUP* wolfssl_ec_group_d2i(WOLFSSL_EC_GROUP** group,`
`506`	`505`	`return ret;`
`507`	`506`	`}`
`508`	`507`
	`508`	`+#ifndef NO_BIO`
`509`	`509`	`/* Creates a new EC group from the PEM encoding in the BIO.`
`510`	`510`	`*`
`511`	`511`	`* @param [in] bio BIO to read PEM encoding from.`
`@@ -545,6 +545,7 @@ WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,`
`545`	`545`	`FreeDer(&der);`
`546`	`546`	`return ret;`
`547`	`547`	`}`
	`548`	`+#endif /* !NO_BIO */`
`548`	`549`
`549`	`550`	`WOLFSSL_EC_GROUP wolfSSL_d2i_ECPKParameters(WOLFSSL_EC_GROUP *out,`
`550`	`551`	`const unsigned char **in, long len)`
`@@ -592,7 +593,6 @@ int wolfSSL_i2d_ECPKParameters(const WOLFSSL_EC_GROUP* grp, unsigned char** pp)`
`592`	`593`
`593`	`594`	`return len;`
`594`	`595`	`}`
`595`		`-#endif /* !NO_BIO */`
`596`	`596`
`597`	`597`	`#if defined(OPENSSL_ALL) && !defined(NO_CERTS)`
`598`	`598`	`/* Copy an EC group.`
Original file line number	Diff line number	Diff line change
`@@ -986,7 +986,6 @@ int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA* rsa, const unsigned char* derBuf,`
`986`	`986`
`987`	`987`	`#if defined(OPENSSL_EXTRA) \|\| defined(WOLFSSL_WPAS_SMALL)`
`988`	`988`
`989`		`-#if !defined(NO_BIO) \|\| !defined(NO_FILESYSTEM)`
`990`	`989`	`/* Load DER encoded data into WOLFSSL_RSA object.`
`991`	`990`	`*`
`992`	`991`	`* Creates a new WOLFSSL_RSA object if one is not passed in.`
`@@ -1026,7 +1025,6 @@ static WOLFSSL_RSA* wolfssl_rsa_d2i(WOLFSSL_RSA** rsa, const unsigned char* in,`
`1026`	`1025`	`}`
`1027`	`1026`	`return ret;`
`1028`	`1027`	`}`
`1029`		`-#endif`
`1030`	`1028`
`1031`	`1029`	`#endif /* OPENSSL_EXTRA \|\| WOLFSSL_WPAS_SMALL */`
`1032`	`1030`
Original file line number	Diff line number	Diff line change
`@@ -1077,6 +1077,7 @@ int test_EC_i2d(void)`
`1077`	`1077`	`ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 1));`
`1078`	`1078`	`ExpectNull(d2i_ECPrivateKey(&key, &tmp, 0));`
`1079`	`1079`
	`1080`	`+#ifndef NO_BIO`
`1080`	`1081`	`{`
`1081`	`1082`	`EC_KEY *pubkey = NULL;`
`1082`	`1083`	`BIO* bio = NULL;`
`@@ -1088,6 +1089,7 @@ int test_EC_i2d(void)`
`1088`	`1089`	`BIO_free(bio);`
`1089`	`1090`	`EC_KEY_free(pubkey);`
`1090`	`1091`	`}`
	`1092`	`+#endif`
`1091`	`1093`
`1092`	`1094`	`ExpectIntEQ(i2d_ECPrivateKey(NULL, &p), 0);`
`1093`	`1095`	`ExpectIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);`
Original file line number	Diff line number	Diff line change
`@@ -389,7 +389,8 @@ int test_tls_certreq_order(void)`
`389`	`389`	`}`
`390`	`390`
`391`	`391`	`#if !defined(WOLFSSL_NO_TLS12) && !defined(NO_RSA) && defined(HAVE_ECC) && \`
`392`		`- !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH)`
	`392`	`+ !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH) && \`
	`393`	`+ !defined(NO_FILESYSTEM)`
`393`	`394`	`/* Called when writing. */`
`394`	`395`	`static int CsSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)`
`395`	`396`	`{`
`@@ -425,7 +426,8 @@ int test_tls12_bad_cv_sig_alg(void)`
`425`	`426`	`{`
`426`	`427`	`EXPECT_DECLS;`
`427`	`428`	`#if !defined(WOLFSSL_NO_TLS12) && !defined(NO_RSA) && defined(HAVE_ECC) && \`
`428`		`- !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH)`
	`429`	`+ !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_CLIENT_AUTH) && \`
	`430`	`+ !defined(NO_FILESYSTEM)`
`429`	`431`	`byte clientMsgs[] = {`
`430`	`432`	`/* Client Hello */`
`431`	`433`	`0x16, 0x03, 0x03, 0x00, 0xe7,`