From 29986dd1e5385007574bdf1614bb1989617b802f Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 23 May 2025 11:34:35 +0200
Subject: [PATCH] wolfssl: Remove unused drbg_t instance when building without
 testable KE

---
 src/libstrongswan/plugins/wolfssl/wolfssl_kem.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c b/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c
index aff7e56bd1..042a7e7061 100644
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c
@@ -67,10 +67,12 @@ struct private_key_exchange_t {
 	 */
 	chunk_t shared_secret;
 
+#ifdef TESTABLE_KE
 	/**
 	 * DRBG for testing.
 	 */
 	drbg_t *drbg;
+#endif
 };
 
 /**
@@ -81,10 +83,13 @@ static bool get_random(private_key_exchange_t *this, size_t len, uint8_t *out)
 {
 	WC_RNG rng;
 
+#ifdef TESTABLE_KE
 	if (this->drbg)
 	{
 		return this->drbg->generate(this->drbg, len, out);
 	}
+#endif
+
 	if (wc_InitRng(&rng) != 0)
 	{
 		return FALSE;
@@ -272,7 +277,9 @@ METHOD(key_exchange_t, destroy, void,
 	chunk_free(&this->ciphertext);
 	wc_MlKemKey_Free(this->kem);
 	free(this->kem);
+#ifdef TESTABLE_KE
 	DESTROY_IF(this->drbg);
+#endif
 	free(this);
 }
 
-- 
2.47.2