From ee45cfdbcbf79ac50e4da785869b3e4f2a6a64b6 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 17 Jan 2019 11:01:14 -0800
Subject: [PATCH] Refactor and rename of cryptodev to cryptocb. Refactor API
 names from `wc_CryptoDev` to use `wc_CryptoCb`. Backwards compatibility is
 retained for anyone using old `WOLF_CRYPTO_DEV` name. Added comment about
 fall-through case when CryptoCb return `NOT_COMPILED_IN`.

---
 IDE/GCC-ARM/Makefile.common                   |   2 +-
 .../e2studio/Projects/wolfssl/.project        |   4 +-
 configure.ac                                  |  20 +--
 rpm/spec.in                                   |   4 +-
 wolfcrypt/src/aes.c                           |  28 +++--
 wolfcrypt/src/{cryptodev.c => cryptocb.c}     | 116 +++++++++---------
 wolfcrypt/src/ecc.c                           |  22 ++--
 wolfcrypt/src/include.am                      |   4 +-
 wolfcrypt/src/random.c                        |  23 ++--
 wolfcrypt/src/rsa.c                           |  18 +--
 wolfcrypt/src/sha.c                           |  16 +--
 wolfcrypt/src/sha256.c                        |  18 +--
 wolfcrypt/src/sha3.c                          |   2 +
 wolfcrypt/src/wc_port.c                       |   8 +-
 wolfcrypt/test/test.c                         |  26 ++--
 wolfssl/wolfcrypt/aes.h                       |   2 +-
 wolfssl/wolfcrypt/asn.h                       |   2 +-
 wolfssl/wolfcrypt/{cryptodev.h => cryptocb.h} |  54 ++++----
 wolfssl/wolfcrypt/ecc.h                       |   2 +-
 wolfssl/wolfcrypt/include.am                  |   2 +-
 wolfssl/wolfcrypt/random.h                    |   2 +-
 wolfssl/wolfcrypt/rsa.h                       |   2 +-
 wolfssl/wolfcrypt/settings.h                  |   6 +
 wolfssl/wolfcrypt/sha.h                       |   2 +-
 wolfssl/wolfcrypt/sha256.h                    |   2 +-
 wolfssl/wolfcrypt/wc_pkcs11.h                 |   6 +-
 26 files changed, 213 insertions(+), 180 deletions(-)
 rename wolfcrypt/src/{cryptodev.c => cryptocb.c} (83%)
 rename wolfssl/wolfcrypt/{cryptodev.h => cryptocb.h} (77%)

diff --git a/IDE/GCC-ARM/Makefile.common b/IDE/GCC-ARM/Makefile.common
index f68b28d06..9a184b5fa 100644
--- a/IDE/GCC-ARM/Makefile.common
+++ b/IDE/GCC-ARM/Makefile.common
@@ -110,7 +110,7 @@ SRC_C += ../../wolfcrypt/src/cmac.c
 SRC_C += ../../wolfcrypt/src/coding.c
 SRC_C += ../../wolfcrypt/src/compress.c
 SRC_C += ../../wolfcrypt/src/cpuid.c
-SRC_C += ../../wolfcrypt/src/cryptodev.c
+SRC_C += ../../wolfcrypt/src/cryptocb.c
 SRC_C += ../../wolfcrypt/src/curve25519.c
 SRC_C += ../../wolfcrypt/src/ed25519.c
 SRC_C += ../../wolfcrypt/src/error.c
diff --git a/IDE/Renesas/e2studio/Projects/wolfssl/.project b/IDE/Renesas/e2studio/Projects/wolfssl/.project
index 6b30ca2c6..847db14cb 100644
--- a/IDE/Renesas/e2studio/Projects/wolfssl/.project
+++ b/IDE/Renesas/e2studio/Projects/wolfssl/.project
@@ -130,9 +130,9 @@
 			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cpuid.c</locationURI>
 		</link>
 		<link>
-			<name>wolfcrypt/src/cryptodev.c</name>
+			<name>wolfcrypt/src/cryptocb.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptodev.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptocb.c</locationURI>
 		</link>
 		<link>
 			<name>wolfcrypt/src/curve25519.c</name>
diff --git a/configure.ac b/configure.ac
index c1a53c1ad..c1adab12b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4233,22 +4233,24 @@ else
 fi
 
 
-# Support for crypto device hardware
-AC_ARG_ENABLE([cryptodev],
-    [AS_HELP_STRING([--enable-cryptodev],[Enable crypto hardware support (default: disabled)])],
-    [ ENABLED_CRYPTODEV=$enableval ],
-    [ ENABLED_CRYPTODEV=no ]
+# Support for crypto callbacks
+AC_ARG_ENABLE([cryptocb],
+    [AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
+    [ ENABLED_CRYPTOCB=$enableval ],
+    [ ENABLED_CRYPTOCB=no ]
     )
+# cryptodev is old name, replaced with cryptocb
+AC_ARG_ENABLE([cryptodev],,[ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
 
 if test "x$ENABLED_PKCS11" = "xyes"
 then
-    ENABLED_CRYPTODEV=yes
+    ENABLED_CRYPTOCB=yes
 fi
-if test "$ENABLED_CRYPTODEV" = "yes"
+if test "$ENABLED_CRYPTOCB" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_DEV"
+    AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
 fi
-AM_CONDITIONAL([BUILD_CRYPTODEV], [test "x$ENABLED_CRYPTODEV" = "xyes"])
+AM_CONDITIONAL([BUILD_CRYPTOCB], [test "x$ENABLED_CRYPTOCB" = "xyes"])
 
 
 # Session Export
diff --git a/rpm/spec.in b/rpm/spec.in
index e5aac8429..d26fb373b 100644
--- a/rpm/spec.in
+++ b/rpm/spec.in
@@ -190,7 +190,7 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_includedir}/wolfssl/wolfcrypt/compress.h
 %{_includedir}/wolfssl/wolfcrypt/cpuid.h
 %{_includedir}/wolfssl/wolfcrypt/curve25519.h
-%{_includedir}/wolfssl/wolfcrypt/cryptodev.h
+%{_includedir}/wolfssl/wolfcrypt/cryptocb.h
 %{_includedir}/wolfssl/wolfcrypt/des3.h
 %{_includedir}/wolfssl/wolfcrypt/dh.h
 %{_includedir}/wolfssl/wolfcrypt/dsa.h
@@ -291,7 +291,7 @@ mkdir -p $RPM_BUILD_ROOT/
 * Thu Dec 20 2018 Jacob Barthelmeh <jacob@wolfssl.com>
 - Remove wolfssl/wolfcrypt/fips.h, add wolfssl/openssl/pkcs7.h
 * Wed Jun 20 2018 Jacob Barthelmeh <jacob@wolfssl.com>
-- Remove NEWS, update ChangeLog to ChangeLog.md, remove wolfssl/wolfcrypt/fips.h, add wolfssl/wolfcrypt/cryptodev.h
+- Remove NEWS, update ChangeLog to ChangeLog.md, remove wolfssl/wolfcrypt/fips.h, add wolfssl/wolfcrypt/cryptocb.h
 * Thu May 31 2018 John Safranek <john@wolfssl.com>
 - Update the version number on the library SO file.
 * Fri Mar 02 2018 Jacob Barthelmeh <jacob@wolfssl.com>
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index b2053c831..c6cbf62fc 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -46,8 +46,8 @@
 #include <wolfssl/wolfcrypt/aes.h>
 #include <wolfssl/wolfcrypt/cpuid.h>
 
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 
@@ -2210,7 +2210,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
                 XMEMCPY(aes->asyncIv, iv, AES_BLOCK_SIZE);
         }
     #endif /* WOLFSSL_ASYNC_CRYPT */
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         if (aes->devId != INVALID_DEVID) {
             XMEMCPY(aes->devKey, userKey, keylen);
         }
@@ -2909,11 +2909,12 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return BAD_FUNC_ARG;
         }
 
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         if (aes->devId != INVALID_DEVID) {
-            int ret = wc_CryptoDev_AesCbcEncrypt(aes, out, in, sz);
+            int ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz);
             if (ret != NOT_COMPILED_IN)
                 return ret;
+            /* fall-through on not compiled in */
         }
     #endif
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
@@ -3007,11 +3008,12 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return BAD_FUNC_ARG;
         }
 
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         if (aes->devId != INVALID_DEVID) {
-            int ret = wc_CryptoDev_AesCbcDecrypt(aes, out, in, sz);
+            int ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz);
             if (ret != NOT_COMPILED_IN)
                 return ret;
+            /* fall-through on not compiled in */
         }
     #endif
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
@@ -8508,12 +8510,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         return BAD_FUNC_ARG;
     }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (aes->devId != INVALID_DEVID) {
-        int ret = wc_CryptoDev_AesGcmEncrypt(aes, out, in, sz, iv, ivSz,
+        int ret = wc_CryptoCb_AesGcmEncrypt(aes, out, in, sz, iv, ivSz,
             authTag, authTagSz, authIn, authInSz);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
     }
 #endif
 
@@ -8910,12 +8913,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         return BAD_FUNC_ARG;
     }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (aes->devId != INVALID_DEVID) {
-        int ret = wc_CryptoDev_AesGcmDecrypt(aes, out, in, sz, iv, ivSz,
+        int ret = wc_CryptoCb_AesGcmDecrypt(aes, out, in, sz, iv, ivSz,
             authTag, authTagSz, authIn, authInSz);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
     }
 #endif
 
@@ -9598,7 +9602,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
 
     aes->heap = heap;
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     aes->devId = devId;
 #else
     (void)devId;
diff --git a/wolfcrypt/src/cryptodev.c b/wolfcrypt/src/cryptocb.c
similarity index 83%
rename from wolfcrypt/src/cryptodev.c
rename to wolfcrypt/src/cryptocb.c
index 2edaf74da..00e2d04c1 100644
--- a/wolfcrypt/src/cryptodev.c
+++ b/wolfcrypt/src/cryptocb.c
@@ -1,4 +1,4 @@
-/* cryptodev.c
+/* cryptocb.c
  *
  * Copyright (C) 2006-2018 wolfSSL Inc.
  *
@@ -27,49 +27,49 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
 
-#include <wolfssl/wolfcrypt/cryptodev.h>
+#include <wolfssl/wolfcrypt/cryptocb.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
 
 /* TODO: Consider linked list with mutex */
-#ifndef MAX_CRYPTO_DEVICES
-#define MAX_CRYPTO_DEVICES 8
+#ifndef MAX_CRYPTO_DEVID_CALLBACKS
+#define MAX_CRYPTO_DEVID_CALLBACKS 8
 #endif
 
-typedef struct CryptoDev {
+typedef struct CryptoCb {
     int devId;
-    CryptoDevCallbackFunc cb;
+    wc_CryptoCallbackFunc cb;
     void* ctx;
-} CryptoDev;
-static CryptoDev gCryptoDev[MAX_CRYPTO_DEVICES];
+} CryptoCb;
+static CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS];
 
-static CryptoDev* wc_CryptoDev_FindDevice(int devId)
+static CryptoCb* wc_CryptoCb_FindDevice(int devId)
 {
     int i;
-    for (i=0; i<MAX_CRYPTO_DEVICES; i++) {
+    for (i=0; i<MAX_CRYPTO_DEVID_CALLBACKS; i++) {
         if (gCryptoDev[i].devId == devId)
             return &gCryptoDev[i];
     }
     return NULL;
 }
 
-void wc_CryptoDev_Init(void)
+void wc_CryptoCb_Init(void)
 {
     int i;
-    for (i=0; i<MAX_CRYPTO_DEVICES; i++) {
+    for (i=0; i<MAX_CRYPTO_DEVID_CALLBACKS; i++) {
         gCryptoDev[i].devId = INVALID_DEVID;
     }
 }
 
-int wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
+int wc_CryptoCb_RegisterDevice(int devId, wc_CryptoCallbackFunc cb, void* ctx)
 {
     /* find existing or new */
-    CryptoDev* dev = wc_CryptoDev_FindDevice(devId);
+    CryptoCb* dev = wc_CryptoCb_FindDevice(devId);
     if (dev == NULL)
-        dev = wc_CryptoDev_FindDevice(INVALID_DEVID);
+        dev = wc_CryptoCb_FindDevice(INVALID_DEVID);
 
     if (dev == NULL)
         return BUFFER_E; /* out of devices */
@@ -81,9 +81,9 @@ int wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
     return 0;
 }
 
-void wc_CryptoDev_UnRegisterDevice(int devId)
+void wc_CryptoCb_UnRegisterDevice(int devId)
 {
-    CryptoDev* dev = wc_CryptoDev_FindDevice(devId);
+    CryptoCb* dev = wc_CryptoCb_FindDevice(devId);
     if (dev) {
         XMEMSET(dev, 0, sizeof(*dev));
         dev->devId = INVALID_DEVID;
@@ -91,14 +91,14 @@ void wc_CryptoDev_UnRegisterDevice(int devId)
 }
 
 #ifndef NO_RSA
-int wc_CryptoDev_Rsa(const byte* in, word32 inLen, byte* out,
+int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
     word32* outLen, int type, RsaKey* key, WC_RNG* rng)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(key->devId);
+    dev = wc_CryptoCb_FindDevice(key->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -121,13 +121,13 @@ int wc_CryptoDev_Rsa(const byte* in, word32 inLen, byte* out,
 }
 
 #ifdef WOLFSSL_KEY_GEN
-int wc_CryptoDev_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
+int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(key->devId);
+    dev = wc_CryptoCb_FindDevice(key->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -149,13 +149,13 @@ int wc_CryptoDev_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
 #endif /* !NO_RSA */
 
 #ifdef HAVE_ECC
-int wc_CryptoDev_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId)
+int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(key->devId);
+    dev = wc_CryptoCb_FindDevice(key->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -174,14 +174,14 @@ int wc_CryptoDev_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId)
     return ret;
 }
 
-int wc_CryptoDev_Ecdh(ecc_key* private_key, ecc_key* public_key,
+int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key,
     byte* out, word32* outlen)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(private_key->devId);
+    dev = wc_CryptoCb_FindDevice(private_key->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -200,14 +200,14 @@ int wc_CryptoDev_Ecdh(ecc_key* private_key, ecc_key* public_key,
     return ret;
 }
 
-int wc_CryptoDev_EccSign(const byte* in, word32 inlen, byte* out,
+int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
     word32 *outlen, WC_RNG* rng, ecc_key* key)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(key->devId);
+    dev = wc_CryptoCb_FindDevice(key->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -228,14 +228,14 @@ int wc_CryptoDev_EccSign(const byte* in, word32 inlen, byte* out,
     return ret;
 }
 
-int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
+int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
     const byte* hash, word32 hashlen, int* res, ecc_key* key)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(key->devId);
+    dev = wc_CryptoCb_FindDevice(key->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -259,17 +259,17 @@ int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
 
 #ifndef NO_AES
 #ifdef HAVE_AESGCM
-int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
+int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz,
                                const byte* iv, word32 ivSz,
                                byte* authTag, word32 authTagSz,
                                const byte* authIn, word32 authInSz)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(aes->devId);
+    dev = wc_CryptoCb_FindDevice(aes->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -295,17 +295,17 @@ int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
     return ret;
 }
 
-int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
+int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz,
                                const byte* iv, word32 ivSz,
                                const byte* authTag, word32 authTagSz,
                                const byte* authIn, word32 authInSz)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(aes->devId);
+    dev = wc_CryptoCb_FindDevice(aes->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -333,14 +333,14 @@ int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
 #endif /* HAVE_AESGCM */
 
 #ifdef HAVE_AES_CBC
-int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
+int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(aes->devId);
+    dev = wc_CryptoCb_FindDevice(aes->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -360,14 +360,14 @@ int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
     return ret;
 }
 
-int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
+int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(aes->devId);
+    dev = wc_CryptoCb_FindDevice(aes->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -390,14 +390,14 @@ int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
 #endif /* !NO_AES */
 
 #ifndef NO_SHA
-int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
+int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in,
     word32 inSz, byte* digest)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(sha->devId);
+    dev = wc_CryptoCb_FindDevice(sha->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -418,14 +418,14 @@ int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
 #endif /* !NO_SHA */
 
 #ifndef NO_SHA256
-int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
+int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in,
     word32 inSz, byte* digest)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(sha256->devId);
+    dev = wc_CryptoCb_FindDevice(sha256->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -446,13 +446,13 @@ int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
 #endif /* !NO_SHA256 */
 
 #ifndef WC_NO_RNG
-int wc_CryptoDev_RandomBlock(WC_RNG* rng, byte* out, word32 sz)
+int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz)
 {
     int ret = NOT_COMPILED_IN;
-    CryptoDev* dev;
+    CryptoCb* dev;
 
     /* locate registered callback */
-    dev = wc_CryptoDev_FindDevice(rng->devId);
+    dev = wc_CryptoCb_FindDevice(rng->devId);
     if (dev) {
         if (dev->cb) {
             wc_CryptoInfo cryptoInfo;
@@ -470,4 +470,4 @@ int wc_CryptoDev_RandomBlock(WC_RNG* rng, byte* out, word32 sz)
 }
 #endif /* !WC_NO_RNG */
 
-#endif /* WOLF_CRYPTO_DEV */
+#endif /* WOLF_CRYPTO_CB */
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 8cee95c6c..bb0c3b79e 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -122,8 +122,8 @@ ECC Curve Sizes:
     #include <wolfssl/wolfcrypt/hash.h>
 #endif
 
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 #ifdef NO_INLINE
@@ -3388,9 +3388,9 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
        return BAD_FUNC_ARG;
    }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (private_key->devId != INVALID_DEVID) {
-        err = wc_CryptoDev_Ecdh(private_key, public_key, out, outlen);
+        err = wc_CryptoCb_Ecdh(private_key, public_key, out, outlen);
         if (err != NOT_COMPILED_IN)
             return err;
     }
@@ -3949,9 +3949,9 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
         return err;
     }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (key->devId != INVALID_DEVID) {
-        err = wc_CryptoDev_MakeEccKey(rng, keysize, key, curve_id);
+        err = wc_CryptoCb_MakeEccKey(rng, keysize, key, curve_id);
         if (err != NOT_COMPILED_IN)
             return err;
     }
@@ -4142,7 +4142,7 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
     XMEMSET(key, 0, sizeof(ecc_key));
     key->state = ECC_STATE_NONE;
 
-#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_DEV)
+#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
     key->devId = devId;
 #else
     (void)devId;
@@ -4314,9 +4314,9 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
         return ECC_BAD_ARG_E;
     }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (key->devId != INVALID_DEVID) {
-        err = wc_CryptoDev_EccSign(in, inlen, out, outlen, rng, key);
+        err = wc_CryptoCb_EccSign(in, inlen, out, outlen, rng, key);
         if (err != NOT_COMPILED_IN)
             return err;
     }
@@ -5152,9 +5152,9 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
         return ECC_BAD_ARG_E;
     }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (key->devId != INVALID_DEVID) {
-        err = wc_CryptoDev_EccVerify(sig, siglen, hash, hashlen, res, key);
+        err = wc_CryptoCb_EccVerify(sig, siglen, hash, hashlen, res, key);
         if (err != NOT_COMPILED_IN)
             return err;
     }
diff --git a/wolfcrypt/src/include.am b/wolfcrypt/src/include.am
index d0db26500..a62f34667 100644
--- a/wolfcrypt/src/include.am
+++ b/wolfcrypt/src/include.am
@@ -74,8 +74,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/Espressif/esp32_util.c
 
 
-if BUILD_CRYPTODEV
-src_libwolfssl_la_SOURCES += wolfcrypt/src/cryptodev.c
+if BUILD_CRYPTOCB
+src_libwolfssl_la_SOURCES += wolfcrypt/src/cryptocb.c
 endif
 
 if BUILD_PKCS11
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index a7b872a82..0d5461635 100755
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -104,8 +104,8 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
 
 #include <wolfssl/wolfcrypt/sha256.h>
 
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 #ifdef NO_INLINE
@@ -276,7 +276,7 @@ typedef struct DRBG {
     word32 lastBlock;
     byte V[DRBG_SEED_LEN];
     byte C[DRBG_SEED_LEN];
-#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
     void* heap;
     int devId;
 #endif
@@ -325,7 +325,7 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
 
     for (i = 0, ctr = 1; i < len; i++, ctr++) {
 #ifndef WOLFSSL_SMALL_STACK_CACHE
-    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
         ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
     #else
         ret = wc_InitSha256(sha);
@@ -453,7 +453,7 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
     XMEMCPY(data, V, sizeof(data));
     for (i = 0; i < len; i++) {
 #ifndef WOLFSSL_SMALL_STACK_CACHE
-    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
         ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
     #else
         ret = wc_InitSha256(sha);
@@ -556,7 +556,7 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
         ret = Hash_gen(drbg, out, outSz, drbg->V);
         if (ret == DRBG_SUCCESS) {
 #ifndef WOLFSSL_SMALL_STACK_CACHE
-        #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+        #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
             ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
         #else
             ret = wc_InitSha256(sha);
@@ -602,7 +602,7 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
     int ret = DRBG_FAILURE;
 
     XMEMSET(drbg, 0, sizeof(DRBG));
-#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
     drbg->heap = heap;
     drbg->devId = devId;
 #else
@@ -611,7 +611,7 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
 #endif
 
 #ifdef WOLFSSL_SMALL_STACK_CACHE
-    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
         ret = wc_InitSha256_ex(&drbg->sha256, drbg->heap, drbg->devId);
     #else
         ret = wc_InitSha256(&drbg->sha256);
@@ -701,7 +701,7 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
 #else
     rng->heap = heap;
 #endif
-#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
     rng->devId = devId;
 #else
     (void)devId;
@@ -831,11 +831,12 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
     if (rng == NULL || output == NULL)
         return BAD_FUNC_ARG;
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (rng->devId != INVALID_DEVID) {
-        ret = wc_CryptoDev_RandomBlock(rng, output, sz);
+        ret = wc_CryptoCb_RandomBlock(rng, output, sz);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
     }
 #endif
 
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index d54b780cc..016966832 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -198,8 +198,8 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
 
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/logging.h>
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
@@ -266,7 +266,7 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
     key->rng = NULL;
 #endif
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     key->devId = devId;
 #else
     (void)devId;
@@ -1962,11 +1962,12 @@ int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
         return BAD_FUNC_ARG;
     }
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (key->devId != INVALID_DEVID) {
-        ret = wc_CryptoDev_Rsa(in, inLen, out, outLen, type, key, rng);
+        ret = wc_CryptoCb_Rsa(in, inLen, out, outLen, type, key, rng);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
         ret = 0; /* reset error code and try using software */
     }
 #endif
@@ -2818,7 +2819,7 @@ int wc_RsaEncryptSize(RsaKey* key)
 
     ret = mp_unsigned_bin_size(&key->n);
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (ret == 0 && key->devId != INVALID_DEVID) {
         ret = 2048/8; /* hardware handles, use 2048-bit as default */
     }
@@ -3170,11 +3171,12 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
     if (e < 3 || (e & 1) == 0)
         return BAD_FUNC_ARG;
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (key->devId != INVALID_DEVID) {
-        int ret = wc_CryptoDev_MakeRsaKey(key, size, e, rng);
+        int ret = wc_CryptoCb_MakeRsaKey(key, size, e, rng);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
     }
 #endif
 
diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c
index e84435371..753ef8d35 100644
--- a/wolfcrypt/src/sha.c
+++ b/wolfcrypt/src/sha.c
@@ -43,8 +43,8 @@
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 /* fips wrapper calls, user can call direct */
@@ -434,7 +434,7 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
         return BAD_FUNC_ARG;
 
     sha->heap = heap;
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     sha->devId = devId;
 #endif
 
@@ -468,11 +468,12 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
     /* do block size increments */
     local = (byte*)sha->buffer;
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (sha->devId != INVALID_DEVID) {
-        int ret = wc_CryptoDev_ShaHash(sha, data, len, NULL);
+        int ret = wc_CryptoCb_ShaHash(sha, data, len, NULL);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
     }
 #endif
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
@@ -550,11 +551,12 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
 
     local = (byte*)sha->buffer;
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     if (sha->devId != INVALID_DEVID) {
-        int ret = wc_CryptoDev_ShaHash(sha, NULL, 0, hash);
+        int ret = wc_CryptoCb_ShaHash(sha, NULL, 0, hash);
         if (ret != NOT_COMPILED_IN)
             return ret;
+        /* fall-through on not compiled in */
     }
 #endif
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
index 548b2f0b7..26831fa20 100644
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@@ -46,8 +46,8 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/cpuid.h>
 
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 /* fips wrapper calls, user can call direct */
@@ -312,7 +312,7 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
 
         sha256->heap = heap;
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         sha256->devId = devId;
     #endif
 
@@ -527,7 +527,7 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
 
         sha256->heap = heap;
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         sha256->devId = devId;
     #endif
 
@@ -818,11 +818,12 @@ static int InitSha256(wc_Sha256* sha256)
             return 0;
         }
 
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         if (sha256->devId != INVALID_DEVID) {
-            int ret = wc_CryptoDev_Sha256Hash(sha256, data, len, NULL);
+            int ret = wc_CryptoCb_Sha256Hash(sha256, data, len, NULL);
             if (ret != NOT_COMPILED_IN)
                 return ret;
+            /* fall-through on not compiled in */
         }
     #endif
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
@@ -965,11 +966,12 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
         }
 
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         if (sha256->devId != INVALID_DEVID) {
-            ret = wc_CryptoDev_Sha256Hash(sha256, NULL, 0, hash);
+            ret = wc_CryptoCb_Sha256Hash(sha256, NULL, 0, hash);
             if (ret != NOT_COMPILED_IN)
                 return ret;
+            /* fall-through on not compiled in */
         }
     #endif
 
diff --git a/wolfcrypt/src/sha3.c b/wolfcrypt/src/sha3.c
index d32b1ed8e..43efe6974 100644
--- a/wolfcrypt/src/sha3.c
+++ b/wolfcrypt/src/sha3.c
@@ -706,6 +706,7 @@ static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
             ret = IntelQaSymSha3(&sha3->asyncDev, NULL, data, len);
             if (ret != NOT_COMPILED_IN)
                 return ret;
+            /* fall-through on not compiled in */
         }
     #endif
     }
@@ -741,6 +742,7 @@ static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
             ret = IntelQaSymSha3(&sha3->asyncDev, hash, NULL, len);
             if (ret != NOT_COMPILED_IN)
                 return ret;
+            /* fall-through on not compiled in */
         }
     #endif
     }
diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c
index 0a8483b3a..e0dbb6159 100644
--- a/wolfcrypt/src/wc_port.c
+++ b/wolfcrypt/src/wc_port.c
@@ -68,8 +68,8 @@
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
 
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 #ifdef _MSC_VER
@@ -101,8 +101,8 @@ int wolfCrypt_Init(void)
         }
     #endif
 
-    #ifdef WOLF_CRYPTO_DEV
-        wc_CryptoDev_Init();
+    #ifdef WOLF_CRYPTO_CB
+        wc_CryptoCb_Init();
     #endif
 
     #ifdef WOLFSSL_ASYNC_CRYPT
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index df5b4b42f..2142364c3 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -119,8 +119,8 @@
 #ifdef WOLFSSL_IMX6_CAAM_BLOB
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
-#ifdef WOLF_CRYPTO_DEV
-    #include <wolfssl/wolfcrypt/cryptodev.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
 /* only for stack size check */
@@ -370,8 +370,8 @@ int memcb_test(void);
 int blob_test(void);
 #endif
 
-#ifdef WOLF_CRYPTO_DEV
-int cryptodev_test(void);
+#ifdef WOLF_CRYPTO_CB
+int cryptocb_test(void);
 #endif
 #ifdef WOLFSSL_CERT_PIV
 int certpiv_test(void);
@@ -1039,11 +1039,11 @@ initDefaultName();
         printf( "blob     test passed!\n");
 #endif
 
-#ifdef WOLF_CRYPTO_DEV
-    if ( (ret = cryptodev_test()) != 0)
-        return err_sys("crypto dev test failed!\n", ret);
+#ifdef WOLF_CRYPTO_CB
+    if ( (ret = cryptocb_test()) != 0)
+        return err_sys("crypto callback test failed!\n", ret);
     else
-        printf( "crypto dev test passed!\n");
+        printf( "crypto callback test passed!\n");
 #endif
 
 #ifdef WOLFSSL_CERT_PIV
@@ -9260,7 +9260,7 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
      *     -101 = USER_CRYPTO_ERROR
      */
     if (ret == 0)
-#elif defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+#elif defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
     /* async may not require RNG */
     if (ret != 0 && ret != MISSING_RNG_E)
 #elif defined(HAVE_FIPS) || defined(WOLFSSL_ASYNC_CRYPT) || \
@@ -22808,7 +22808,7 @@ int blob_test(void)
 }
 #endif /* WOLFSSL_IMX6_CAAM_BLOB */
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
 
 /* Example custom context for crypto callback */
 typedef struct {
@@ -23059,7 +23059,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     return ret;
 }
 
-int cryptodev_test(void)
+int cryptocb_test(void)
 {
     int ret = 0;
     myCryptoDevCtx myCtx;
@@ -23069,7 +23069,7 @@ int cryptodev_test(void)
 
     /* set devId to something other than INVALID_DEVID */
     devId = 1;
-    ret = wc_CryptoDev_RegisterDevice(devId, myCryptoDevCb, &myCtx);
+    ret = wc_CryptoCb_RegisterDevice(devId, myCryptoDevCb, &myCtx);
 
 #ifndef WC_NO_RNG
     if (ret == 0)
@@ -23109,7 +23109,7 @@ int cryptodev_test(void)
 
     return ret;
 }
-#endif /* WOLF_CRYPTO_DEV */
+#endif /* WOLF_CRYPTO_CB */
 
 #ifdef WOLFSSL_CERT_PIV
 int certpiv_test(void)
diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h
index b2119feb6..e05a58697 100644
--- a/wolfssl/wolfcrypt/aes.h
+++ b/wolfssl/wolfcrypt/aes.h
@@ -150,7 +150,7 @@ typedef struct Aes {
 #ifdef WOLFSSL_AESNI
     byte use_aesni;
 #endif /* WOLFSSL_AESNI */
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     int    devId;
     word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
 #endif
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index eab379bd6..873b9de1f 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -945,7 +945,7 @@ struct TrustedPeerCert {
 
 /* Macro for calculating hashId */
 #if defined(NO_SHA) && defined(NO_SHA256)
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         #define CalcHashId(data, len, hash) wc_CryptoDevSha256Hash(data, len, hash)
     #else
         #define CalcHashId(data, len, hash) NOT_COMPILED_IN
diff --git a/wolfssl/wolfcrypt/cryptodev.h b/wolfssl/wolfcrypt/cryptocb.h
similarity index 77%
rename from wolfssl/wolfcrypt/cryptodev.h
rename to wolfssl/wolfcrypt/cryptocb.h
index d27161d61..ee55cb7ba 100644
--- a/wolfssl/wolfcrypt/cryptodev.h
+++ b/wolfssl/wolfcrypt/cryptocb.h
@@ -1,4 +1,4 @@
-/* cryptodev.h
+/* cryptocb.h
  *
  * Copyright (C) 2006-2018 wolfSSL Inc.
  *
@@ -18,8 +18,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#ifndef _WOLF_CRYPTO_DEV_H_
-#define _WOLF_CRYPTO_DEV_H_
+#ifndef _WOLF_CRYPTO_CB_H_
+#define _WOLF_CRYPTO_CB_H_
 
 #include <wolfssl/wolfcrypt/types.h>
 
@@ -27,7 +27,7 @@
     extern "C" {
 #endif
 
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
 
 #ifndef NO_RSA
     #include <wolfssl/wolfcrypt/rsa.h>
@@ -172,76 +172,84 @@ typedef struct wc_CryptoInfo {
 #endif
 } wc_CryptoInfo;
 
-typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
+/* old naming */
+#ifdef WOLF_CRYPTO_DEV
+    /* old callback function name */
+    typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
+    /* old function names */
+    #define wc_CryptoDev_RegisterDevice   wc_CryptoCb_RegisterDevice
+    #define wc_CryptoDev_UnRegisterDevice wc_CryptoCb_UnRegisterDevice
+#endif
 
+typedef int (*wc_CryptoCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
 
+WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
 
-WOLFSSL_LOCAL void wc_CryptoDev_Init(void);
+WOLFSSL_API int  wc_CryptoCb_RegisterDevice(int devId, wc_CryptoCallbackFunc cb, void* ctx);
+WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
 
-WOLFSSL_API int  wc_CryptoDev_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
-WOLFSSL_API void wc_CryptoDev_UnRegisterDevice(int devId);
 
 #ifndef NO_RSA
-WOLFSSL_LOCAL int wc_CryptoDev_Rsa(const byte* in, word32 inLen, byte* out,
+WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
     word32* outLen, int type, RsaKey* key, WC_RNG* rng);
 
 #ifdef WOLFSSL_KEY_GEN
-WOLFSSL_LOCAL int wc_CryptoDev_MakeRsaKey(RsaKey* key, int size, long e,
+WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e,
     WC_RNG* rng);
 #endif /* WOLFSSL_KEY_GEN */
 #endif /* !NO_RSA */
 
 #ifdef HAVE_ECC
-WOLFSSL_LOCAL int wc_CryptoDev_MakeEccKey(WC_RNG* rng, int keySize,
+WOLFSSL_LOCAL int wc_CryptoCb_MakeEccKey(WC_RNG* rng, int keySize,
     ecc_key* key, int curveId);
 
-WOLFSSL_LOCAL int wc_CryptoDev_Ecdh(ecc_key* private_key, ecc_key* public_key,
+WOLFSSL_LOCAL int wc_CryptoCb_Ecdh(ecc_key* private_key, ecc_key* public_key,
     byte* out, word32* outlen);
 
-WOLFSSL_LOCAL int wc_CryptoDev_EccSign(const byte* in, word32 inlen, byte* out,
+WOLFSSL_LOCAL int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
     word32 *outlen, WC_RNG* rng, ecc_key* key);
 
-WOLFSSL_LOCAL int wc_CryptoDev_EccVerify(const byte* sig, word32 siglen,
+WOLFSSL_LOCAL int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
     const byte* hash, word32 hashlen, int* res, ecc_key* key);
 #endif /* HAVE_ECC */
 
 #ifndef NO_AES
 #ifdef HAVE_AESGCM
-WOLFSSL_LOCAL int wc_CryptoDev_AesGcmEncrypt(Aes* aes, byte* out,
+WOLFSSL_LOCAL int wc_CryptoCb_AesGcmEncrypt(Aes* aes, byte* out,
      const byte* in, word32 sz, const byte* iv, word32 ivSz,
      byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz);
 
-WOLFSSL_LOCAL int wc_CryptoDev_AesGcmDecrypt(Aes* aes, byte* out,
+WOLFSSL_LOCAL int wc_CryptoCb_AesGcmDecrypt(Aes* aes, byte* out,
      const byte* in, word32 sz, const byte* iv, word32 ivSz,
      const byte* authTag, word32 authTagSz,
      const byte* authIn, word32 authInSz);
 #endif /* HAVE_AESGCM */
 #ifdef HAVE_AES_CBC
-WOLFSSL_LOCAL int wc_CryptoDev_AesCbcEncrypt(Aes* aes, byte* out,
+WOLFSSL_LOCAL int wc_CryptoCb_AesCbcEncrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz);
-WOLFSSL_LOCAL int wc_CryptoDev_AesCbcDecrypt(Aes* aes, byte* out,
+WOLFSSL_LOCAL int wc_CryptoCb_AesCbcDecrypt(Aes* aes, byte* out,
                                const byte* in, word32 sz);
 #endif /* HAVE_AES_CBC */
 #endif /* !NO_AES */
 
 #ifndef NO_SHA
-WOLFSSL_LOCAL int wc_CryptoDev_ShaHash(wc_Sha* sha, const byte* in,
+WOLFSSL_LOCAL int wc_CryptoCb_ShaHash(wc_Sha* sha, const byte* in,
     word32 inSz, byte* digest);
 #endif /* !NO_SHA */
 
 #ifndef NO_SHA256
-WOLFSSL_LOCAL int wc_CryptoDev_Sha256Hash(wc_Sha256* sha256, const byte* in,
+WOLFSSL_LOCAL int wc_CryptoCb_Sha256Hash(wc_Sha256* sha256, const byte* in,
     word32 inSz, byte* digest);
 #endif /* !NO_SHA256 */
 
 #ifndef WC_NO_RNG
-WOLFSSL_LOCAL int wc_CryptoDev_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
+WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
 #endif
 
-#endif /* WOLF_CRYPTO_DEV */
+#endif /* WOLF_CRYPTO_CB */
 
 #ifdef __cplusplus
     } /* extern "C" */
 #endif
 
-#endif /* _WOLF_CRYPTO_DEV_H_ */
+#endif /* _WOLF_CRYPTO_CB_H_ */
diff --git a/wolfssl/wolfcrypt/ecc.h b/wolfssl/wolfcrypt/ecc.h
index 6790233ed..699b3ee5a 100644
--- a/wolfssl/wolfcrypt/ecc.h
+++ b/wolfssl/wolfcrypt/ecc.h
@@ -357,7 +357,7 @@ struct ecc_key {
     int  slot;        /* Key Slot Number (-1 unknown) */
     byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
 #endif
-#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_DEV)
+#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
     int devId;
 #endif
 #ifdef WOLFSSL_ASYNC_CRYPT
diff --git a/wolfssl/wolfcrypt/include.am b/wolfssl/wolfcrypt/include.am
index fde86f74b..a876f3ce7 100644
--- a/wolfssl/wolfcrypt/include.am
+++ b/wolfssl/wolfcrypt/include.am
@@ -62,7 +62,7 @@ nobase_include_HEADERS+= \
                          wolfssl/wolfcrypt/wolfmath.h \
                          wolfssl/wolfcrypt/sha3.h \
                          wolfssl/wolfcrypt/cpuid.h \
-                         wolfssl/wolfcrypt/cryptodev.h
+                         wolfssl/wolfcrypt/cryptocb.h
 
 noinst_HEADERS+= \
                          wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h
index f661dffa2..2286ff59c 100644
--- a/wolfssl/wolfcrypt/random.h
+++ b/wolfssl/wolfcrypt/random.h
@@ -158,7 +158,7 @@ struct WC_RNG {
 #ifdef WOLFSSL_ASYNC_CRYPT
     WC_ASYNC_DEV asyncDev;
 #endif
-#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_DEV)
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
     int devId;
 #endif
 };
diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h
index c68008bfb..9caeac0f8 100644
--- a/wolfssl/wolfcrypt/rsa.h
+++ b/wolfssl/wolfcrypt/rsa.h
@@ -155,7 +155,7 @@ struct RsaKey {
 #ifdef WC_RSA_BLINDING
     WC_RNG* rng;                              /* for PrivateDecrypt blinding */
 #endif
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     int   devId;
 #endif
 #ifdef WOLFSSL_ASYNC_CRYPT
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index e3a44eddd..6c8432b52 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -1863,6 +1863,12 @@ extern void uITRON4_free(void *p) ;
     #define WOLFSSL_NO_FORCE_ZERO
 #endif
 
+/* Detect old cryptodev name */
+#if defined(WOLF_CRYPTO_DEV) && !defined(WOLF_CRYPTO_CB)
+    #define WOLF_CRYPTO_CB
+#endif
+
+
 #ifdef __cplusplus
     }   /* extern "C" */
 #endif
diff --git a/wolfssl/wolfcrypt/sha.h b/wolfssl/wolfcrypt/sha.h
index 63ecff29c..2432a62e3 100644
--- a/wolfssl/wolfcrypt/sha.h
+++ b/wolfssl/wolfcrypt/sha.h
@@ -123,7 +123,7 @@ typedef struct wc_Sha {
     #ifdef WOLFSSL_ASYNC_CRYPT
         WC_ASYNC_DEV asyncDev;
     #endif /* WOLFSSL_ASYNC_CRYPT */
-    #ifdef WOLF_CRYPTO_DEV
+    #ifdef WOLF_CRYPTO_CB
         int    devId;
         void*  devCtx; /* generic crypto callback context */
     #endif
diff --git a/wolfssl/wolfcrypt/sha256.h b/wolfssl/wolfcrypt/sha256.h
index 1d91d4ae3..eceeed298 100644
--- a/wolfssl/wolfcrypt/sha256.h
+++ b/wolfssl/wolfcrypt/sha256.h
@@ -158,7 +158,7 @@ typedef struct wc_Sha256 {
    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
     WC_ESP32SHA ctx;
 #endif
-#ifdef WOLF_CRYPTO_DEV
+#ifdef WOLF_CRYPTO_CB
     int    devId;
     void*  devCtx; /* generic crypto callback context */
 #endif
diff --git a/wolfssl/wolfcrypt/wc_pkcs11.h b/wolfssl/wolfcrypt/wc_pkcs11.h
index 8ab1acaa5..39357dc3b 100644
--- a/wolfssl/wolfcrypt/wc_pkcs11.h
+++ b/wolfssl/wolfcrypt/wc_pkcs11.h
@@ -26,7 +26,11 @@
 
 #ifdef HAVE_PKCS11
 
-#include <wolfssl/wolfcrypt/cryptodev.h>
+#ifndef WOLF_CRYPTO_CB
+    #error PKCS11 support requires ./configure --enable-cryptocb or WOLF_CRYPTO_CB to be defined
+#endif
+
+#include <wolfssl/wolfcrypt/cryptocb.h>
 #include <wolfssl/wolfcrypt/pkcs11.h>
 
 typedef struct Pkcs11Dev {