From: Anthony Hu Date: Wed, 24 Jul 2024 22:23:09 +0000 (-0400) Subject: wolfSSL: allow wolfSSL's implementation of kyber to be used X-Git-Tag: curl-8_9_1~38 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=11e248b782d9a7919f0b138a81ea4c4b693dc91e;p=thirdparty%2Fcurl.git wolfSSL: allow wolfSSL's implementation of kyber to be used Closes #14268 --- diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 0ff36d99d6..43460dd9e5 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -212,7 +212,7 @@ static int do_file_type(const char *type) return -1; } -#ifdef HAVE_LIBOQS +#ifdef WOLFSSL_HAVE_KYBER struct group_name_map { const word16 group; const char *name; @@ -611,8 +611,8 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); const struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); WOLFSSL_METHOD* req_method = NULL; -#ifdef HAVE_LIBOQS - word16 oqsAlg = 0; +#ifdef WOLFSSL_HAVE_KYBER + word16 pqkem = 0; size_t idx = 0; #endif #ifdef HAVE_SNI @@ -739,15 +739,15 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) curves = conn_config->curves; if(curves) { -#ifdef HAVE_LIBOQS +#ifdef WOLFSSL_HAVE_KYBER for(idx = 0; gnm[idx].name != NULL; idx++) { if(strncmp(curves, gnm[idx].name, strlen(gnm[idx].name)) == 0) { - oqsAlg = gnm[idx].group; + pqkem = gnm[idx].group; break; } } - if(oqsAlg == 0) + if(pqkem == 0) #endif { if(!SSL_CTX_set1_curves_list(backend->ctx, curves)) { @@ -847,10 +847,10 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_OUT_OF_MEMORY; } -#ifdef HAVE_LIBOQS - if(oqsAlg) { - if(wolfSSL_UseKeyShare(backend->handle, oqsAlg) != WOLFSSL_SUCCESS) { - failf(data, "unable to use oqs KEM"); +#ifdef WOLFSSL_HAVE_KYBER + if(pqkem) { + if(wolfSSL_UseKeyShare(backend->handle, pqkem) != WOLFSSL_SUCCESS) { + failf(data, "unable to use PQ KEM"); } } #endif