search

wolfSSL / wolfssh

wolfSSH is a small, fast, portable SSH implementation, including support for SCP and SFTP.
https://www.wolfssl.com
370 stars 88 forks source link

Gate GetOpenSshKeyRsa with WOLFSSH_NO_RSA #642

Closed gojimmypi closed 8 months ago

gojimmypi commented 8 months ago

GetOpenSshKeyRsa() is not used with #define WOLFSSH_NO_RSA and thus the compiler complains it is unused when RSA is disabled.

gojimmypi commented 8 months ago

Add the similar guard around GetOpenSshKeyEcdsa() as well.

This one was a little more interesting. I assume you meant GetOpenSshKeyEcc(). Some related things seemed to need manual attention, such as turning on a curve.

Here's a segment of the user_settings.h I used for testing. Please confirm sanity:

#define MY_USE_ECC 0
#define MY_USE_RSA 1

/* We can use either or both ECC and RSA, but must use at least one. */
#if MY_USE_ECC || MY_USE_RSA
    #if MY_USE_ECC
        /* ---- ECDSA / ECC ---- */
        #define HAVE_ECC
        #define HAVE_CURVE25519
        #define HAVE_ED25519

        /*
        #define HAVE_ECC384
        #define CURVE25519_SMALL
        */
    #else
        #define WOLFSSH_NO_ECC
        /* WOLFSSH_NO_ECDSA is typically defined automatically,
         * here for clarity: */
        #define WOLFSSH_NO_ECDSA
    #endif

    #if MY_USE_RSA
        /* ---- RSA ----- */
        /* #define RSA_LOW_MEM */

        /* DH disabled by default, needed if ECDSA/ECC also turned off */
        #define HAVE_DH
    #else
        #define WOLFSSH_NO_RSA
    #endif
#else
    #error "Either RSA or ECC must be enabled"
#endif