diff --git a/src/modules/pki/path_keys.rs b/src/modules/pki/path_keys.rs index 734810c2..f2907274 100644 --- a/src/modules/pki/path_keys.rs +++ b/src/modules/pki/path_keys.rs @@ -314,9 +314,9 @@ impl PkiBackendInner { }; let iv_value = req.get_data_or_default("iv")?; let is_iv_required = matches!(key_type, "aes-gcm" | "aes-cbc" | "sm4-gcm" | "sm4-ccm"); - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] let is_valid_key_type = matches!(key_type, "aes-gcm" | "aes-cbc" | "aes-ecb" | "sm4-gcm" | "sm4-ccm"); - #[cfg(not(tongsuo))] + #[cfg(not(feature = "crypto_adaptor_tongsuo"))] let is_valid_key_type = matches!(key_type, "aes-gcm" | "aes-cbc" | "aes-ecb"); // Check if the key type is valid, if not return an error. diff --git a/src/utils/key.rs b/src/utils/key.rs index 03483454..8e20a8de 100644 --- a/src/utils/key.rs +++ b/src/utils/key.rs @@ -51,6 +51,7 @@ fn key_bits_default(key_type: &str) -> u32 { } } +// TODO: this function needs to be refactored to use crypto adaptors. fn cipher_from_key_type_and_bits(key_type: &str, bits: u32) -> Result { match (key_type, bits) { ("aes-gcm", 128) => Ok(Cipher::aes_128_gcm()), @@ -62,9 +63,9 @@ fn cipher_from_key_type_and_bits(key_type: &str, bits: u32) -> Result Ok(Cipher::aes_128_ecb()), ("aes-ecb", 192) => Ok(Cipher::aes_192_ecb()), ("aes-ecb", 256) => Ok(Cipher::aes_256_ecb()), - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] ("sm4-gcm", 128) => Ok(Cipher::sm4_gcm()), - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] ("sm4-ccm", 128) => Ok(Cipher::sm4_ccm()), _ => Err(RvError::ErrPkiKeyBitsInvalid), } @@ -104,7 +105,7 @@ impl KeyBundle { let ec_key = EcKey::generate(&ec_group)?; PKey::from_ec_key(ec_key)?.private_key_to_pem_pkcs8()? }, - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] "sm2" => { self.bits = 256; let ec_group = EcGroup::from_curve_name(Nid::SM2)?; @@ -114,7 +115,7 @@ impl KeyBundle { "aes-gcm" | "aes-cbc" | "aes-ecb" | "sm4-gcm" | "sm4-ccm" => { let _ = cipher_from_key_type_and_bits(self.key_type.as_str(), self.bits)?; - #[cfg(not(tongsuo))] + #[cfg(not(feature = "crypto_adaptor_tongsuo"))] if self.key_type.starts_with("sm4-") { return Err(RvError::ErrPkiKeyTypeInvalid); } @@ -148,7 +149,7 @@ impl KeyBundle { pub fn sign(&self, data: &[u8]) -> Result, RvError> { let digest = match self.key_type.as_str() { "rsa" | "ec" => MessageDigest::sha256(), - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] "sm2" => MessageDigest::sm3(), _ => return Err(RvError::ErrPkiKeyOperationInvalid), }; @@ -167,7 +168,7 @@ impl KeyBundle { pub fn verify(&self, data: &[u8], signature: &[u8]) -> Result { let digest = match self.key_type.as_str() { "rsa" | "ec" => MessageDigest::sha256(), - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] "sm2" => MessageDigest::sm3(), _ => return Err(RvError::ErrPkiKeyOperationInvalid), }; @@ -343,7 +344,7 @@ mod test { } #[test] - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] fn test_sm2_key_operation() { let mut key_bundle = KeyBundle::new("sm2", "sm2", 256); test_key_sign_verify(&mut key_bundle); @@ -384,7 +385,7 @@ mod test { } #[test] - #[cfg(tongsuo)] + #[cfg(feature = "crypto_adaptor_tongsuo")] fn test_sm4_key_operation() { // test sm4-gcm let mut key_bundle = KeyBundle::new("sm4-gcm-128", "sm4-gcm", 128);