From 6de499e4359c773da716024a0286d2b4724b3f63 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Fri, 21 Feb 2025 20:29:42 +0100
Subject: [PATCH] Add EdDSA support as a conditional build.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/openpgp/cmd_import_data.c |  5 ++++-
 src/openpgp/openpgp.c         | 14 ++++++++++++--
 tests/build-in-docker.sh      |  2 +-
 3 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/openpgp/cmd_import_data.c b/src/openpgp/cmd_import_data.c
index e17df7d..109d159 100644
--- a/src/openpgp/cmd_import_data.c
+++ b/src/openpgp/cmd_import_data.c
@@ -177,10 +177,13 @@ int cmd_import_data() {
             mbedtls_ecp_keypair_free(&ecdsa);
             return SW_EXEC_ERROR();
         }
+#ifdef MBEDTLS_EDDSA_C
         if (ecdsa.grp.id == MBEDTLS_ECP_DP_ED25519) {
             r = mbedtls_ecp_point_edwards(&ecdsa.grp, &ecdsa.Q, &ecdsa.d, random_gen, NULL);
         }
-        else {
+        else
+#endif
+        {
             r = mbedtls_ecp_mul(&ecdsa.grp, &ecdsa.Q, &ecdsa.d, &ecdsa.grp.G, random_gen, NULL);
         }
         if (r != 0) {
diff --git a/src/openpgp/openpgp.c b/src/openpgp/openpgp.c
index 0b30b7a..132cc87 100644
--- a/src/openpgp/openpgp.c
+++ b/src/openpgp/openpgp.c
@@ -30,7 +30,9 @@
 #include "ccid/ccid.h"
 #include "otp.h"
 #include "do.h"
+#ifdef MBEDTLS_EDDSA_C
 #include "mbedtls/eddsa.h"
+#endif
 
 uint8_t PICO_PRODUCT = 3;
 
@@ -573,10 +575,13 @@ int load_private_key_ecdsa(mbedtls_ecp_keypair *ctx, file_t *fkey, bool use_dek)
         return PICOKEY_EXEC_ERROR;
     }
     mbedtls_platform_zeroize(kdata, sizeof(kdata));
+#ifdef MBEDTLS_EDDSA_C
     if (ctx->grp.id == MBEDTLS_ECP_DP_ED25519) {
         r = mbedtls_ecp_point_edwards(&ctx->grp, &ctx->Q, &ctx->d, random_gen, NULL);
     }
-    else {
+    else
+#endif
+    {
         r = mbedtls_ecp_mul(&ctx->grp, &ctx->Q, &ctx->d, &ctx->grp.G, random_gen, NULL);
     }
     if (r != 0) {
@@ -623,9 +628,11 @@ mbedtls_ecp_group_id get_ec_group_id_from_attr(const uint8_t *algo, size_t algo_
     else if (memcmp(algorithm_attr_x448 + 2, algo, algo_len) == 0) {
         return MBEDTLS_ECP_DP_CURVE448;
     }
+#ifdef MBEDTLS_EDDSA_C
     else if (memcmp(algorithm_attr_ed25519 + 2, algo, algo_len) == 0) {
         return MBEDTLS_ECP_DP_ED25519;
     }
+#endif
     return MBEDTLS_ECP_DP_NONE;
 }
 
@@ -744,10 +751,13 @@ int ecdsa_sign(mbedtls_ecp_keypair *ctx,
                size_t *out_len) {
 
     int r = 0;
+#ifdef MBEDTLS_EDDSA_C
     if (ctx->grp.id == MBEDTLS_ECP_DP_ED25519) {
         r = mbedtls_eddsa_write_signature(ctx, data, data_len, out, 64, out_len, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL);
     }
-    else {
+    else
+#endif
+    {
         mbedtls_mpi ri, si;
         mbedtls_mpi_init(&ri);
         mbedtls_mpi_init(&si);
diff --git a/tests/build-in-docker.sh b/tests/build-in-docker.sh
index d0b636e..79c31f1 100755
--- a/tests/build-in-docker.sh
+++ b/tests/build-in-docker.sh
@@ -3,5 +3,5 @@
 source tests/docker_env.sh
 #run_in_docker rm -rf CMakeFiles
 run_in_docker mkdir -p build_in_docker
-run_in_docker -w "$PWD/build_in_docker" cmake -DENABLE_EMULATION=1 ..
+run_in_docker -w "$PWD/build_in_docker" cmake -DENABLE_EMULATION=1 -DENABLE_EDDSA=1 ..
 run_in_docker -w "$PWD/build_in_docker" make -j ${NUM_PROC}