Skip to content

Commit f58ae30

Browse files
author
Andras Fekete
committed
Add in CMake flags 'HPKE', 'HKDF', 'ECH'
1 parent e1f2c0b commit f58ae30

2 files changed

Lines changed: 45 additions & 0 deletions

File tree

CMakeLists.txt

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1774,11 +1774,49 @@ if(WOLFSSL_AESKEYWRAP)
17741774
)
17751775
endif()
17761776

1777+
# Hybrid Key Derivation Function
1778+
add_option("WOLFSSL_HKDF"
1779+
"Enable wolfSSL HKDF (HMAC-KDF) support (default: disabled)"
1780+
"no" "yes;no")
1781+
1782+
1783+
# Hybrid Public Key Encryption (RFC9180)
1784+
add_option("WOLFSSL_HPKE"
1785+
"Enable wolfSSL hybrid public key encryption (default: disabled)"
1786+
"no" "yes;no")
1787+
1788+
# Encrypted Client Hello (ECH)
1789+
add_option("WOLFSSL_ECH"
1790+
"Enable wolfSSL encrypted client hello (default: disabled)"
1791+
"no" "yes;no")
1792+
17771793
# Keying Material Exporter / TLS Exporter
17781794
add_option("WOLFSSL_KEYING_MATERIAL"
17791795
"Enable wolfSSL keying material export (default: disabled)"
17801796
"no" "yes;no")
17811797

1798+
if(WOLFSSL_HPKE)
1799+
if(NOT WOLFSSL_ECC)
1800+
message(FATAL_ERROR "HPKE supported only with ECC (WOLFSSL_ECC)")
1801+
endif()
1802+
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_HPKE")
1803+
override_cache(WOLFSSL_HKDF "yes")
1804+
endif()
1805+
1806+
if(WOLFSSL_HKDF)
1807+
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_HKDF")
1808+
endif()
1809+
1810+
if(WOLFSSL_ECH)
1811+
if(NOT WOLFSSL_HPKE)
1812+
message(FATAL_ERROR "ECH supported only with HPKE (WOLFSSL_HPKE)")
1813+
endif()
1814+
if(NOT WOLFSSL_SNI)
1815+
message(FATAL_ERROR "ECH supported only with SNI (WOLFSSL_SNI)")
1816+
endif()
1817+
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECH")
1818+
endif()
1819+
17821820
if(WOLFSSL_KEYING_MATERIAL)
17831821
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_KEYING_MATERIAL")
17841822
endif()

cmake/functions.cmake

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -304,6 +304,9 @@ function(generate_build_flags)
304304
if(WOLFSSL_CAAM)
305305
set(BUILD_CAAM "yes" PARENT_SCOPE)
306306
endif()
307+
if(WOLFSSL_HPKE OR WOLFSSL_USER_SETTINGS)
308+
set(BUILD_HPKE "yes" PARENT_SCOPE)
309+
endif()
307310

308311
set(BUILD_FLAGS_GENERATED "yes" PARENT_SCOPE)
309312
endfunction()
@@ -910,6 +913,10 @@ function(generate_lib_src_list LIB_SOURCES)
910913
wolfcrypt/src/port/caam/wolfcaam_hmac.c)
911914
endif()
912915

916+
if(BUILD_HPKE)
917+
list(APPEND LIB_SOURCES wolfcrypt/src/hpke.c)
918+
endif()
919+
913920
set(LIB_SOURCES ${LIB_SOURCES} PARENT_SCOPE)
914921
endfunction()
915922

0 commit comments

Comments
 (0)