Remove unneeded CONFIG_INTERNAL_X509 and NEED_SHA256 defines

hostapd/Makefile

@@ -460,6 +460,7 @@ OBJS += ../src/tls/x509v3.o
 OBJS += ../src/tls/pkcs1.o
 OBJS += ../src/tls/pkcs5.o
 OBJS += ../src/tls/pkcs8.o
+NEED_SHA256=y
 NEED_BASE64=y
 NEED_TLS_PRF=y
 NEED_MODEXP=y
@@ -476,7 +477,6 @@ OBJS += ../src/crypto/crypto_internal-modexp.o
 OBJS += ../src/tls/bignum.o
 endif
 ifeq ($(CONFIG_CRYPTO), libtomcrypt)
-CFLAGS += -DCONFIG_INTERNAL_X509
 OBJS += ../src/crypto/crypto_libtomcrypt.o
 LIBS += -ltomcrypt -ltfm
 LIBS_h += -ltomcrypt -ltfm
@@ -485,7 +485,6 @@ CONFIG_INTERNAL_RC4=y
 CONFIG_INTERNAL_DH_GROUP5=y
 endif
 ifeq ($(CONFIG_CRYPTO), internal)
-CFLAGS += -DCONFIG_INTERNAL_X509
 OBJS += ../src/crypto/crypto_internal.o
 NEED_AES_DEC=y
 CFLAGS += -DCONFIG_CRYPTO_INTERNAL

src/tls/asn1.c

@@ -15,9 +15,6 @@
 #include "includes.h"
 
 #include "common.h"
-
-#ifdef CONFIG_INTERNAL_X509
-
 #include "asn1.h"
 
 int asn1_get_next(const u8 *buf, size_t len, struct asn1_hdr *hdr)
@@ -213,5 +210,3 @@ unsigned long asn1_bit_string_to_long(const u8 *buf, size_t len)
 
 	return val;
 }
-
-#endif /* CONFIG_INTERNAL_X509 */

src/tls/x509v3.c

@@ -15,9 +15,6 @@
 #include "includes.h"
 
 #include "common.h"
-
-#ifdef CONFIG_INTERNAL_X509
-
 #include "crypto/crypto.h"
 #include "asn1.h"
 #include "x509v3.h"
@@ -1745,18 +1742,12 @@ skip_digest_oid:
 			    hash, hash_len);
 		break;
 	case 11: /* sha256WithRSAEncryption */
-#ifdef NEED_SHA256
 		sha256_vector(1, &cert->tbs_cert_start, &cert->tbs_cert_len,
 			      hash);
 		hash_len = 32;
 		wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (SHA256)",
 			    hash, hash_len);
 		break;
-#else /* NEED_SHA256 */
-		wpa_printf(MSG_INFO, "X509: SHA256 support disabled");
-		os_free(data);
-		return -1;
-#endif /* NEED_SHA256 */
 	case 2: /* md2WithRSAEncryption */
 	case 12: /* sha384WithRSAEncryption */
 	case 13: /* sha512WithRSAEncryption */
@@ -1970,5 +1961,3 @@ int x509_certificate_self_signed(struct x509_certificate *cert)
 {
 	return x509_name_compare(&cert->issuer, &cert->subject) == 0;
 }
-
-#endif /* CONFIG_INTERNAL_X509 */

src/tls/x509v3.h

@@ -99,8 +99,6 @@ enum {
 	X509_VALIDATE_UNKNOWN_CA
 };
 
-#ifdef CONFIG_INTERNAL_X509
-
 void x509_certificate_free(struct x509_certificate *cert);
 struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len);
 void x509_name_string(struct x509_name *name, char *buf, size_t len);
@@ -116,49 +114,4 @@ x509_certificate_get_subject(struct x509_certificate *chain,
 			     struct x509_name *name);
 int x509_certificate_self_signed(struct x509_certificate *cert);
 
-#else /* CONFIG_INTERNAL_X509 */
-
-static inline void x509_certificate_free(struct x509_certificate *cert)
-{
-}
-
-static inline struct x509_certificate *
-x509_certificate_parse(const u8 *buf, size_t len)
-{
-	return NULL;
-}
-
-static inline void x509_name_string(struct x509_name *name, char *buf,
-				    size_t len)
-{
-	if (len)
-		buf[0] = '\0';
-}
-
-static inline void x509_certificate_chain_free(struct x509_certificate *cert)
-{
-}
-
-static inline int
-x509_certificate_chain_validate(struct x509_certificate *trusted,
-				struct x509_certificate *chain,
-				int *reason)
-{
-	return -1;
-}
-
-static inline struct x509_certificate *
-x509_certificate_get_subject(struct x509_certificate *chain,
-			     struct x509_name *name)
-{
-	return NULL;
-}
-
-static inline int x509_certificate_self_signed(struct x509_certificate *cert)
-{
-	return -1;
-}
-
-#endif /* CONFIG_INTERNAL_X509 */
-
 #endif /* X509V3_H */

src/utils/build_config.h

@@ -49,7 +49,6 @@
 #ifdef USE_INTERNAL_CRYPTO
 #define CONFIG_TLS_INTERNAL_CLIENT
 #define CONFIG_INTERNAL_LIBTOMMATH
-#define CONFIG_INTERNAL_X509
 #define CONFIG_CRYPTO_INTERNAL
 #endif /* USE_INTERNAL_CRYPTO */
 #endif /* CONFIG_WIN32_DEFAULTS */
@@ -62,7 +61,6 @@
 #define CONFIG_NO_STDOUT_DEBUG
 #define CONFIG_BACKEND_FILE
 #define CONFIG_INTERNAL_LIBTOMMATH
-#define CONFIG_INTERNAL_X509
 #define CONFIG_CRYPTO_INTERNAL
 #define IEEE8021X_EAPOL
 #define PKCS12_FUNCS
@@ -100,7 +98,6 @@
 #ifdef USE_INTERNAL_CRYPTO
 #define CONFIG_TLS_INTERNAL_CLIENT
 #define CONFIG_INTERNAL_LIBTOMMATH
-#define CONFIG_INTERNAL_X509
 #define CONFIG_CRYPTO_INTERNAL
 #endif /* USE_INTERNAL_CRYPTO */
 #endif /* CONFIG_XCODE_DEFAULTS */

wpa_supplicant/Makefile

@@ -787,6 +787,7 @@ OBJS += ../src/tls/x509v3.o
 OBJS += ../src/tls/pkcs1.o
 OBJS += ../src/tls/pkcs5.o
 OBJS += ../src/tls/pkcs8.o
+NEED_SHA256=y
 NEED_BASE64=y
 NEED_TLS_PRF=y
 NEED_MODEXP=y
@@ -802,7 +803,6 @@ OBJS += ../src/crypto/crypto_internal-modexp.o
 OBJS += ../src/tls/bignum.o
 endif
 ifeq ($(CONFIG_CRYPTO), libtomcrypt)
-CFLAGS += -DCONFIG_INTERNAL_X509
 OBJS += ../src/crypto/crypto_libtomcrypt.o
 OBJS_p += ../src/crypto/crypto_libtomcrypt.o
 LIBS += -ltomcrypt -ltfm
@@ -812,7 +812,6 @@ CONFIG_INTERNAL_RC4=y
 CONFIG_INTERNAL_DH_GROUP5=y
 endif
 ifeq ($(CONFIG_CRYPTO), internal)
-CFLAGS += -DCONFIG_INTERNAL_X509
 OBJS += ../src/crypto/crypto_internal.o
 OBJS_p += ../src/crypto/crypto_internal.o
 NEED_AES_ENC=y
@@ -968,7 +967,6 @@ endif
 SHA256OBJS = # none by default
 ifdef NEED_SHA256
 SHA256OBJS += ../src/crypto/sha256.o
-CFLAGS += -DNEED_SHA256
 ifdef CONFIG_INTERNAL_SHA256
 SHA256OBJS += ../src/crypto/sha256-internal.o
 endif