diff --git a/include/libssh/pki.h b/include/libssh/pki.h index 636fbe0e..795942d9 100644 --- a/include/libssh/pki.h +++ b/include/libssh/pki.h @@ -189,8 +189,10 @@ bool ssh_key_size_allowed(ssh_session session, ssh_key key); int ssh_key_size(ssh_key key); /* PKCS11 URI function to check if filename is a path or a PKCS11 URI */ +#ifdef WITH_PKCS11_URI bool ssh_pki_is_uri(const char *filename); char *ssh_pki_export_pub_uri_from_priv_uri(const char *priv_uri); +#endif /* WITH_PKCS11_URI */ #ifdef __cplusplus } diff --git a/include/libssh/pki_priv.h b/include/libssh/pki_priv.h index 9c41303b..d0e1ef44 100644 --- a/include/libssh/pki_priv.h +++ b/include/libssh/pki_priv.h @@ -168,8 +168,10 @@ ssh_key ssh_pki_openssh_privkey_import(const char *text_key, ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, const char *passphrase, ssh_auth_callback auth_fn, void *auth_data); +#ifdef WITH_PKCS11_URI /* URI Function */ int pki_uri_import(const char *uri_name, ssh_key *key, enum ssh_key_e key_type); +#endif /* WITH_PKCS11_URI */ bool ssh_key_size_allowed_rsa(int min_size, ssh_key key); #ifdef __cplusplus diff --git a/src/auth.c b/src/auth.c index cbbed637..7a6a90a1 100644 --- a/src/auth.c +++ b/src/auth.c @@ -1232,6 +1232,7 @@ int ssh_userauth_publickey_auto(ssh_session session, state->privkey = NULL; state->pubkey = NULL; +#ifdef WITH_PKCS11_URI if (ssh_pki_is_uri(privkey_file)) { char *pub_uri_from_priv = NULL; SSH_LOG(SSH_LOG_INFO, @@ -1244,7 +1245,9 @@ int ssh_userauth_publickey_auto(ssh_session session, pub_uri_from_priv); SAFE_FREE(pub_uri_from_priv); } - } else { + } else +#endif /* WITH_PKCS11_URI */ + { snprintf(pubkey_file, sizeof(pubkey_file), "%s.pub", privkey_file); } diff --git a/src/pki.c b/src/pki.c index 9f88557f..40e6da0c 100644 --- a/src/pki.c +++ b/src/pki.c @@ -1721,6 +1721,7 @@ fail: return SSH_ERROR; } +#ifdef WITH_PKCS11_URI /** *@brief Detect if the pathname in cmp is a PKCS #11 URI. * @@ -1764,6 +1765,7 @@ char *ssh_pki_export_pub_uri_from_priv_uri(const char *priv_uri) return pub_uri_temp; } +#endif /* WITH_PKCS11_URI */ /** * @brief Import a public key from a file or a PKCS #11 device. diff --git a/src/pki_crypto.c b/src/pki_crypto.c index c5489446..129ff334 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -3391,6 +3391,7 @@ ssh_signature pki_do_sign_hash(const ssh_key privkey, } #endif /* HAVE_LIBCRYPTO */ +#ifdef WITH_PKCS11_URI /** * @internal * @@ -3540,5 +3541,6 @@ fail: return SSH_ERROR; } +#endif /* WITH_PKCS11_URI */ #endif /* _PKI_CRYPTO_H */ diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index b8468a05..b68a1701 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -2543,6 +2543,7 @@ int ssh_key_size(ssh_key key) } } +#ifdef WITH_PKCS11_URI int pki_uri_import(const char *uri_name, ssh_key *key, enum ssh_key_e key_type) { (void) uri_name; @@ -2552,4 +2553,5 @@ int pki_uri_import(const char *uri_name, ssh_key *key, enum ssh_key_e key_type) "gcrypt does not support PKCS #11"); return SSH_ERROR; } +#endif /* WITH_PKCS11_URI */ #endif /* HAVE_LIBGCRYPT */ diff --git a/src/pki_mbedcrypto.c b/src/pki_mbedcrypto.c index 045bad50..278ba3a2 100644 --- a/src/pki_mbedcrypto.c +++ b/src/pki_mbedcrypto.c @@ -1936,6 +1936,7 @@ int ssh_key_size(ssh_key key) } } +#ifdef WITH_PKCS11_URI int pki_uri_import(const char *uri_name, ssh_key *key, enum ssh_key_e key_type) { (void) uri_name; @@ -1945,4 +1946,5 @@ int pki_uri_import(const char *uri_name, ssh_key *key, enum ssh_key_e key_type) "mbedcrypto does not support PKCS #11"); return SSH_ERROR; } +#endif /* WITH_PKCS11_URI */ #endif /* HAVE_LIBMBEDCRYPTO */