Add several library configurations from os-check.yml to the Rust wrapper CI build

.github/workflows/rust-wrapper.yml

@@ -24,10 +24,50 @@ jobs:
       uses: wolfSSL/actions-build-autotools-project@v1
       with:
         path: wolfssl
-        configure: --enable-all
+        configure: ${{ matrix.config }}
     - name: Build Rust Wrapper
       working-directory: wolfssl
       run: make -C wrapper/rust
     - name: Run Rust Wrapper Tests
       working-directory: wolfssl
       run: make -C wrapper/rust test
+    strategy:
+      matrix:
+        config: [
+          # Add new configs here
+          '',
+          '--enable-all',
+          '--enable-cryptonly --disable-examples',
+          '--enable-cryptonly --disable-examples --disable-aes --disable-aesgcm',
+          '--enable-cryptonly --disable-examples --disable-aescbc',
+          '--enable-cryptonly --disable-examples --disable-aeseax',
+          '--enable-cryptonly --disable-examples --disable-aesecb',
+          '--enable-cryptonly --disable-examples --disable-aesccm',
+          '--enable-cryptonly --disable-examples --disable-aescfb',
+          '--enable-cryptonly --disable-examples --disable-aesctr',
+          '--enable-cryptonly --disable-examples --disable-aescts',
+          '--enable-cryptonly --disable-examples --disable-aesgcm',
+          '--enable-cryptonly --disable-examples --disable-aesgcm-stream',
+          '--enable-cryptonly --disable-examples --disable-aesofb',
+          '--enable-cryptonly --disable-examples --disable-aesxts',
+          '--enable-cryptonly --disable-examples --disable-cmac',
+          '--enable-cryptonly --disable-examples --disable-dh',
+          '--enable-cryptonly --disable-examples --disable-ecc',
+          '--enable-cryptonly --disable-examples --disable-ed25519',
+          '--enable-cryptonly --disable-examples --disable-ed25519-stream',
+          '--enable-cryptonly --disable-examples --disable-ed448',
+          '--enable-cryptonly --disable-examples --disable-ed448-stream',
+          '--enable-cryptonly --disable-examples --disable-hkdf',
+          '--enable-cryptonly --disable-examples --disable-hmac',
+          '--enable-cryptonly --disable-examples --disable-rng',
+          '--enable-cryptonly --disable-examples --disable-rsa',
+          '--enable-cryptonly --disable-examples --disable-rsapss',
+          '--enable-cryptonly --disable-examples --disable-sha224',
+          '--enable-cryptonly --disable-examples --disable-sha3',
+          '--enable-cryptonly --disable-examples --disable-sha384',
+          '--enable-cryptonly --disable-examples --disable-sha512',
+          '--enable-cryptonly --disable-examples --disable-shake128',
+          '--enable-cryptonly --disable-examples --disable-shake256',
+          '--enable-cryptonly --disable-examples --disable-srtp-kdf',
+          '--enable-cryptonly --disable-examples --disable-x963kdf',
+        ]

wolfssl/wolfcrypt/rsa.h

@@ -330,13 +330,15 @@ WOLFSSL_API int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
                                   word32 outLen, RsaKey* key);
 WOLFSSL_API int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
                             word32 outLen, RsaKey* key, WC_RNG* rng);
+#ifdef WC_RSA_PSS
 WOLFSSL_API int  wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
                                 word32 outLen, enum wc_HashType hash, int mgf,
                                 RsaKey* key, WC_RNG* rng);
 WOLFSSL_API int  wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out,
                                    word32 outLen, enum wc_HashType hash,
                                    int mgf, int saltLen, RsaKey* key,
                                    WC_RNG* rng);
+#endif
 WOLFSSL_API int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
                                     RsaKey* key);
 WOLFSSL_API int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
@@ -346,6 +348,7 @@ WOLFSSL_API int  wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out,
 WOLFSSL_API int  wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out,
                               word32 outLen, RsaKey* key, int pad_type,
                               enum wc_HashType hash);
+#ifdef WC_RSA_PSS
 WOLFSSL_API int  wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
                                         enum wc_HashType hash, int mgf,
                                         RsaKey* key);
@@ -378,6 +381,7 @@ WOLFSSL_API int  wc_RsaPSS_VerifyCheck(const byte* in, word32 inLen,
                                const byte* digest, word32 digestLen,
                                enum wc_HashType hash, int mgf,
                                RsaKey* key);
+#endif
 
 WOLFSSL_API int  wc_RsaEncryptSize(const RsaKey* key);
 

wolfssl/wolfcrypt/sha512.h

@@ -229,7 +229,7 @@ struct wc_Sha512 {
 
 #endif /* HAVE_FIPS */
 
-#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+#if defined(WOLFSSL_SHA512)
 
 #ifdef WOLFSSL_ARMASM
 #if !defined(WOLFSSL_ARMASM_NO_NEON)

wrapper/rust/wolfssl/build.rs

@@ -125,6 +125,11 @@ fn scan_cfg() -> Result<()> {
     /* dh */
     check_cfg(&binding, "wc_InitDhKey", "dh");
     check_cfg(&binding, "wc_DhGenerateParams", "dh_keygen");
+    check_cfg(&binding, "wc_Dh_ffdhe2048_Get", "dh_ffdhe_2048");
+    check_cfg(&binding, "wc_Dh_ffdhe3072_Get", "dh_ffdhe_3072");
+    check_cfg(&binding, "wc_Dh_ffdhe4096_Get", "dh_ffdhe_4096");
+    check_cfg(&binding, "wc_Dh_ffdhe6144_Get", "dh_ffdhe_6144");
+    check_cfg(&binding, "wc_Dh_ffdhe8192_Get", "dh_ffdhe_8192");
 
     /* ecc */
     check_cfg(&binding, "wc_ecc_init", "ecc");
@@ -155,24 +160,37 @@ fn scan_cfg() -> Result<()> {
     check_cfg(&binding, "wc_ed448_verify_msg_ex", "ed448_verify");
     check_cfg(&binding, "wc_ed448_verify_msg_init", "ed448_streaming_verify");
 
+    /* hkdf */
+    check_cfg(&binding, "wc_HKDF_Extract_ex", "hkdf");
+
+    /* hmac */
+    check_cfg(&binding, "wc_HmacSetKey", "hmac");
+
     /* kdf */
     check_cfg(&binding, "wc_PBKDF2", "kdf_pbkdf2");
     check_cfg(&binding, "wc_PKCS12_PBKDF_ex", "kdf_pkcs12");
     check_cfg(&binding, "wc_SRTP_KDF", "kdf_srtp");
     check_cfg(&binding, "wc_SSH_KDF", "kdf_ssh");
     check_cfg(&binding, "wc_Tls13_HKDF_Extract_ex", "kdf_tls13");
 
+    /* prf */
+    check_cfg(&binding, "wc_PRF", "prf");
+
     /* random */
     check_cfg(&binding, "wc_RNG_DRBG_Reseed", "random_hashdrbg");
+    check_cfg(&binding, "wc_InitRng", "random");
 
     /* rsa */
     check_cfg(&binding, "wc_InitRsaKey", "rsa");
     check_cfg(&binding, "wc_RsaDirect", "rsa_direct");
     check_cfg(&binding, "wc_MakeRsaKey", "rsa_keygen");
+    check_cfg(&binding, "wc_RsaPSS_Sign", "rsa_pss");
 
     /* sha */
     check_cfg(&binding, "wc_InitSha", "sha");
+    check_cfg(&binding, "wc_InitSha224", "sha224");
     check_cfg(&binding, "wc_InitSha256", "sha256");
+    check_cfg(&binding, "wc_InitSha384", "sha384");
     check_cfg(&binding, "wc_InitSha512", "sha512");
     check_cfg(&binding, "wc_InitSha3_224", "sha3");
     check_cfg(&binding, "wc_InitShake128", "shake128");