diff --git a/doc/dox_comments/header_files/ssl.h b/doc/dox_comments/header_files/ssl.h index f55534c86..9b57fb150 100644 --- a/doc/dox_comments/header_files/ssl.h +++ b/doc/dox_comments/header_files/ssl.h @@ -908,8 +908,9 @@ WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int) If using an external key store and do not have the private key you can instead provide the public key and register the crypro callback to handle - the signing. For this you can build with --enable-cryptocb or - WOLF_CRYPTO_CB and register a crypto callback using + the signing. For this you can build with either build with crypto callbacks + or PK callbacks. To enable crypto callbacks use --enable-cryptocb + or WOLF_CRYPTO_CB and register a crypto callback using wc_CryptoCb_RegisterDevice and set the associated devId using wolfSSL_CTX_SetDevId. @@ -1322,7 +1323,8 @@ WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); If using an external key store and do not have the private key you can instead provide the public key and register the crypro callback to handle - the signing. For this you can build with --enable-cryptocb or + the signing. For this you can build with either build with crypto callbacks + or PK callbacks. To enable crypto callbacks use --enable-cryptocb or WOLF_CRYPTO_CB and register a crypto callback using wc_CryptoCb_RegisterDevice and set the associated devId using wolfSSL_SetDevId. diff --git a/src/internal.c b/src/internal.c index 47f809a0f..e0f3c899b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -22084,8 +22084,8 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) /* Decode the key assuming it is an RSA private key. */ ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx, (RsaKey*)ssl->hsKey, ssl->buffers.key->length); - #ifdef WOLF_CRYPTO_CB - /* if using crypto callbacks allow using a public key */ + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) + /* if using crypto or PK callbacks allow using a public key */ if (ret != 0 && ssl->devId != INVALID_DEVID) { WOLFSSL_MSG("Trying RSA public key with crypto callbacks"); idx = 0; @@ -22139,8 +22139,8 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx, (ecc_key*)ssl->hsKey, ssl->buffers.key->length); - #ifdef WOLF_CRYPTO_CB - /* if using crypto callbacks allow using a public key */ + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) + /* if using crypto or PK callbacks allow using a public key */ if (ret != 0 && ssl->devId != INVALID_DEVID) { WOLFSSL_MSG("Trying ECC public key with crypto callbacks"); idx = 0; @@ -22192,8 +22192,8 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx, (ed25519_key*)ssl->hsKey, ssl->buffers.key->length); - #ifdef WOLF_CRYPTO_CB - /* if using crypto callbacks allow using a public key */ + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) + /* if using crypto or PK callbacks allow using a public key */ if (ret != 0 && ssl->devId != INVALID_DEVID) { WOLFSSL_MSG("Trying ED25519 public key with crypto callbacks"); idx = 0; diff --git a/src/ssl.c b/src/ssl.c index 033f2caa7..958673554 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5373,9 +5373,9 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der if (ret == 0) { *idx = 0; ret = wc_RsaPrivateKeyDecode(der->buffer, idx, key, der->length); - #ifdef WOLF_CRYPTO_CB + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) if (ret != 0 && devId != INVALID_DEVID) { - /* if using crypto callbacks, try public key decode */ + /* if using crypto or PK callbacks, try public key decode */ *idx = 0; ret = wc_RsaPublicKeyDecode(der->buffer, idx, key, der->length); } @@ -5443,9 +5443,9 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der if (wc_ecc_init_ex(key, heap, devId) == 0) { *idx = 0; ret = wc_EccPrivateKeyDecode(der->buffer, idx, key, der->length); - #ifdef WOLF_CRYPTO_CB + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) if (ret != 0 && devId != INVALID_DEVID) { - /* if using crypto callbacks, try public key decode */ + /* if using crypto or PK callbacks, try public key decode */ *idx = 0; ret = wc_EccPublicKeyDecode(der->buffer, idx, key, der->length); } @@ -5508,9 +5508,9 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der if (ret == 0) { *idx = 0; ret = wc_Ed25519PrivateKeyDecode(der->buffer, idx, key, der->length); - #ifdef WOLF_CRYPTO_CB + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) if (ret != 0 && devId != INVALID_DEVID) { - /* if using crypto callbacks, try public key decode */ + /* if using crypto or PK callbacks, try public key decode */ *idx = 0; ret = wc_Ed25519PublicKeyDecode(der->buffer, idx, key, der->length); } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 666c011e6..e658efbfe 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -18825,8 +18825,8 @@ int PemToDer(const unsigned char* buff, long longSz, int type, } #endif else { - #ifdef WOLF_CRYPTO_CB - /* allow loading a public key for use with crypto callbacks */ + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) + /* allow loading a public key for use with crypto or PK callbacks */ type = PUBLICKEY_TYPE; header = BEGIN_PUB_KEY; footer = END_PUB_KEY; @@ -18949,7 +18949,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type, *keyFormat = DSAk; #endif } - #ifdef WOLF_CRYPTO_CB + #if defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS) else if (type == PUBLICKEY_TYPE) { #ifndef NO_RSA if (header == BEGIN_RSA_PUB)