Fix guard context for forward declarations in asn split

Three fixes for guard-context correctness in the ASN.1 code split:

1. Strip WOLFSSL_ASN_ORIG_INCLUDED from forward declaration wrappers.
   The file-guard was being applied to fwd decls in asn.c, but at the
   fwd-decl site that macro is not yet defined, so #ifndef ... #else
   inverted the condition and hid all declarations.

2. Add outer feature guard tracking. Large feature sections (HAVE_OCSP,
   HAVE_CRL, WOLFSSL_CERT_GEN, etc.) that span many functions in asn.c
   are now tracked and re-emitted around the corresponding blocks in
   asn_orig.c, fixing 'unknown type name' errors in minimal builds.

3. Collect multi-line #if continuations in the outer guard map so that
   full guard conditions (e.g. #if !defined(NO_RSA) && \ continued
   across lines) are stored and compared as complete strings, preventing
   duplicate guard emission.

Both modes build and pass tests (5 PASS, 0 FAIL each):
  ./configure --enable-asn=original && make check
  ./configure && make check
This commit is contained in:
David Garske
2026-03-19 14:09:05 -07:00
parent 78a28d153a
commit 653aac2cd3
2 changed files with 425 additions and 74 deletions
+184 -63
View File
@@ -4343,41 +4343,183 @@ static word32 SetBitString16Bit(word16 val, byte* output)
* Needed so shared code can call them in non-template mode. */
#ifndef WOLFSSL_ASN_TEMPLATE
static int GetAlgoIdImpl(const byte* input, word32* inOutIdx, word32* oid, word32 oidType, word32 maxIdx, byte *absentParams);
#ifndef NO_RSA
#ifndef NO_RSA
static int _RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, int* keySz, word32 inSz);
#endif
#endif
#ifndef NO_DSA
#ifndef NO_DSA
static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen, int ints, int includeVersion);
#endif
#endif
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
static int SetEccPublicKey(byte* output, ecc_key* key, int outLen, int with_header, int comp);
#endif
#endif
#if !defined(NO_RSA) && !defined(NO_CERTS)
#if !defined(NO_RSA) && !defined(NO_CERTS)
static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx, word32 maxIdx);
#endif
#endif
#if defined(HAVE_ECC) && !defined(NO_CERTS)
#if defined(HAVE_ECC) && !defined(NO_CERTS)
static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx, word32 maxIdx, const byte* pubKey, word32 pubKeyLen);
#endif
#endif
#ifndef NO_CERTS
#if !defined(NO_DSA)
#if !defined(NO_DSA)
static int ParseDsaKey(const byte* source, word32* srcIdx, word32 maxIdx, void* heap);
#endif
#endif
#endif
static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, const byte* input, word32* inOutIdx, word32 maxIdx);
static int GetDateInfo(const byte* source, word32* idx, const byte** pDate, byte* pFormat, int* pLength, word32 maxIdx);
#ifndef NO_CERTS
static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx);
#endif
#ifndef NO_CERTS
static int GetSignature(DecodedCert* cert);
#endif
static word32 SetAlgoIDImpl(int algoOID, byte* output, int type, int curveSz, byte absentParams);
#ifndef NO_CERTS
static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert);
#endif
#ifndef NO_CERTS
static int DecodeCrlDist(const byte* input, word32 sz, DecodedCert* cert);
#endif
#ifndef NO_CERTS
static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert);
#endif
#ifndef NO_CERTS
#ifndef IGNORE_NAME_CONSTRAINTS
#ifndef IGNORE_NAME_CONSTRAINTS
static int DecodeSubtree(const byte* input, word32 sz, Base_entry** head, word32 limit, void* heap);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifndef IGNORE_NAME_CONSTRAINTS
#ifndef IGNORE_NAME_CONSTRAINTS
static int DecodeNameConstraints(const byte* input, word32 sz, DecodedCert* cert);
#endif
#endif
#endif
#ifndef NO_CERTS
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
static int DecodeCertPolicy(const byte* input, word32 sz, DecodedCert* cert);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_SUBJ_DIR_ATTR
#ifdef WOLFSSL_SUBJ_DIR_ATTR
static int DecodeSubjDirAttr(const byte* input, word32 sz, DecodedCert* cert);
#endif
#endif
#endif
#ifndef NO_CERTS
static int DecodeCertExtensions(DecodedCert* cert);
#endif
#ifndef NO_CERTS
#if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
#if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, void* cm, const byte* pubKey, word32 pubKeySz, int pubKeyOID, int req);
#endif
#endif
#endif
#ifndef NO_CERTS
#if !defined(NO_RSA) && \
(defined(WOLFSSL_KEY_TO_DER) || defined(WOLFSSL_CERT_GEN))
#if !defined(NO_RSA) && \
(defined(WOLFSSL_KEY_TO_DER) || defined(WOLFSSL_CERT_GEN))
static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen, int with_header);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
#ifdef WOLFSSL_CERT_EXT
static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input);
#endif
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
#ifdef WOLFSSL_CERT_EXT
static int SetCertificatePolicies(byte *output, word32 outputSz, char input[MAX_CERTPOL_NB][MAX_CERTPOL_SZ], word16 nb_certpol, void* heap);
#endif
#endif
#endif
#endif
#ifndef NO_CERTS
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
static int EncodeName(EncodedName* name, const char* nameStr, byte nameTag, byte type, byte emailTag, CertName* cname);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetValidity(byte* output, int daysValid);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng, DsaKey* dsaKey, ed25519_key* ed25519Key, ed448_key* ed448Key, falcon_key* falconKey, dilithium_key* dilithiumKey, sphincs_key* sphincsKey);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
#ifdef WOLFSSL_CERT_REQ
static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, DsaKey* dsaKey, ecc_key* eccKey, ed25519_key* ed25519Key, ed448_key* ed448Key, falcon_key* falconKey, dilithium_key* dilithiumKey, sphincs_key* sphincsKey);
#endif
#endif
#endif
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int OcspDecodeCertIDInt(const byte* input, word32* inOutIdx, word32 inSz, OcspEntry* entry);
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, int wrapperSz, OcspEntry* single);
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int DecodeOcspRespExtensions(byte* source, word32* ioIndex, OcspResponse* resp, word32 sz);
#endif
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int DecodeResponseData(byte* source, word32* ioIndex, OcspResponse* resp, word32 size);
#endif
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, OcspResponse* resp, word32 size, void* cm, void* heap, int noVerify, int noVerifySignature);
#endif
#endif
#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx, DecodedCRL* dcrl, word32 maxIdx);
#endif
#endif
#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
#ifndef NO_SKID
#ifndef NO_SKID
static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl);
#endif
#endif
#endif
#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32* inOutIdx, word32 sz);
#endif
#endif /* !WOLFSSL_ASN_TEMPLATE */
/* hashType */
@@ -9332,15 +9474,14 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
if (rsa == NULL)
return MEMORY_E;
if (wc_InitRsaKey(rsa, heap) == 0) {
if (wc_RsaPrivateKeyDecode(key, &tmpIdx, rsa, keySz) == 0) {
*algoID = RSAk;
}
else {
WOLFSSL_MSG("Not RSA DER key");
}
wc_FreeRsaKey(rsa);
wc_InitRsaKey(rsa, heap);
if (wc_RsaPrivateKeyDecode(key, &tmpIdx, rsa, keySz) == 0) {
*algoID = RSAk;
}
else {
WOLFSSL_MSG("Not RSA DER key");
}
wc_FreeRsaKey(rsa);
XFREE(rsa, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* !NO_RSA && !NO_ASN_CRYPT */
@@ -9351,23 +9492,22 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
return MEMORY_E;
tmpIdx = 0;
if (wc_ecc_init_ex(ecc, heap, INVALID_DEVID) == 0) {
if (wc_EccPrivateKeyDecode(key, &tmpIdx, ecc, keySz) == 0) {
*algoID = ECDSAk;
wc_ecc_init_ex(ecc, heap, INVALID_DEVID);
if (wc_EccPrivateKeyDecode(key, &tmpIdx, ecc, keySz) == 0) {
*algoID = ECDSAk;
/* now find oid */
if (wc_ecc_get_oid(ecc->dp->oidSum, curveOID, oidSz) < 0) {
WOLFSSL_MSG("Error getting ECC curve OID");
wc_ecc_free(ecc);
XFREE(ecc, heap, DYNAMIC_TYPE_TMP_BUFFER);
return BAD_FUNC_ARG;
}
/* now find oid */
if (wc_ecc_get_oid(ecc->dp->oidSum, curveOID, oidSz) < 0) {
WOLFSSL_MSG("Error getting ECC curve OID");
wc_ecc_free(ecc);
XFREE(ecc, heap, DYNAMIC_TYPE_TMP_BUFFER);
return BAD_FUNC_ARG;
}
else {
WOLFSSL_MSG("Not ECC DER key either");
}
wc_ecc_free(ecc);
}
else {
WOLFSSL_MSG("Not ECC DER key either");
}
wc_ecc_free(ecc);
XFREE(ecc, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* HAVE_ECC && !NO_ASN_CRYPT */
@@ -9425,8 +9565,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
return MEMORY_E;
if (wc_falcon_init(falcon) == 0) {
if ((*algoID == 0) && (wc_falcon_set_level(falcon, 1) == 0)) {
tmpIdx = 0;
tmpIdx = 0;
if (wc_falcon_set_level(falcon, 1) == 0) {
if (wc_Falcon_PrivateKeyDecode(key, &tmpIdx, falcon, keySz)
== 0) {
*algoID = FALCON_LEVEL1k;
@@ -9435,8 +9575,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Falcon Level 1 DER key");
}
}
if ((*algoID == 0) && (wc_falcon_set_level(falcon, 5) == 0)) {
tmpIdx = 0;
else if (wc_falcon_set_level(falcon, 5) == 0) {
if (wc_Falcon_PrivateKeyDecode(key, &tmpIdx, falcon, keySz)
== 0) {
*algoID = FALCON_LEVEL5k;
@@ -9445,7 +9584,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Falcon Level 5 DER key");
}
}
if (*algoID == 0) {
else {
WOLFSSL_MSG("GetKeyOID falcon initialization failed");
}
wc_falcon_free(falcon);
@@ -9513,10 +9652,9 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
return MEMORY_E;
if (wc_sphincs_init(sphincs) == 0) {
if ((*algoID == 0) &&
(wc_sphincs_set_level_and_optim(sphincs, 1, FAST_VARIANT)
== 0)) {
tmpIdx = 0;
tmpIdx = 0;
if (wc_sphincs_set_level_and_optim(sphincs, 1, FAST_VARIANT)
== 0) {
if (wc_Sphincs_PrivateKeyDecode(key, &tmpIdx, sphincs,
keySz) == 0) {
*algoID = SPHINCS_FAST_LEVEL1k;
@@ -9525,10 +9663,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Sphincs-fast Level 1 DER key");
}
}
if ((*algoID == 0) &&
(wc_sphincs_set_level_and_optim(sphincs, 3, FAST_VARIANT)
== 0)) {
tmpIdx = 0;
else if (wc_sphincs_set_level_and_optim(sphincs, 3, FAST_VARIANT)
== 0) {
if (wc_Sphincs_PrivateKeyDecode(key, &tmpIdx, sphincs,
keySz) == 0) {
*algoID = SPHINCS_FAST_LEVEL3k;
@@ -9537,10 +9673,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Sphincs-fast Level 3 DER key");
}
}
if ((*algoID == 0) &&
(wc_sphincs_set_level_and_optim(sphincs, 5, FAST_VARIANT)
== 0)) {
tmpIdx = 0;
else if (wc_sphincs_set_level_and_optim(sphincs, 5, FAST_VARIANT)
== 0) {
if (wc_Sphincs_PrivateKeyDecode(key, &tmpIdx, sphincs,
keySz) == 0) {
*algoID = SPHINCS_FAST_LEVEL5k;
@@ -9549,10 +9683,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Sphincs-fast Level 5 DER key");
}
}
if ((*algoID == 0) &&
(wc_sphincs_set_level_and_optim(sphincs, 1, SMALL_VARIANT)
== 0)) {
tmpIdx = 0;
else if (wc_sphincs_set_level_and_optim(sphincs, 1, SMALL_VARIANT)
== 0) {
if (wc_Sphincs_PrivateKeyDecode(key, &tmpIdx, sphincs,
keySz) == 0) {
*algoID = SPHINCS_SMALL_LEVEL1k;
@@ -9561,10 +9693,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Sphincs-small Level 1 DER key");
}
}
if ((*algoID == 0) &&
(wc_sphincs_set_level_and_optim(sphincs, 3, SMALL_VARIANT)
== 0)) {
tmpIdx = 0;
else if (wc_sphincs_set_level_and_optim(sphincs, 3, SMALL_VARIANT)
== 0) {
if (wc_Sphincs_PrivateKeyDecode(key, &tmpIdx, sphincs,
keySz) == 0) {
*algoID = SPHINCS_SMALL_LEVEL3k;
@@ -9573,10 +9703,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Sphincs-small Level 3 DER key");
}
}
if ((*algoID == 0) &&
(wc_sphincs_set_level_and_optim(sphincs, 5, SMALL_VARIANT)
== 0)) {
tmpIdx = 0;
else if (wc_sphincs_set_level_and_optim(sphincs, 5, SMALL_VARIANT)
== 0) {
if (wc_Sphincs_PrivateKeyDecode(key, &tmpIdx, sphincs,
keySz) == 0) {
*algoID = SPHINCS_SMALL_LEVEL5k;
@@ -9585,7 +9713,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
WOLFSSL_MSG("Not Sphincs-small Level 5 DER key");
}
}
if (*algoID == 0) {
else {
WOLFSSL_MSG("GetKeyOID sphincs initialization failed");
}
wc_sphincs_free(sphincs);
@@ -11425,16 +11553,14 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
/* dsaPubKeyASN is longer than dsaPublicKeyASN. */
DECL_ASNGETDATA(dataASN, dsaPubKeyASN_Length);
int ret = 0;
void* heap = NULL;
/* Validated parameters. */
if ((input == NULL) || (inOutIdx == NULL) || (key == NULL)) {
ret = BAD_FUNC_ARG;
}
heap = (key != NULL) ? key->heap : NULL;
if (ret == 0) {
ALLOC_ASNGETDATA(dataASN, dsaPubKeyASN_Length, ret, heap);
ALLOC_ASNGETDATA(dataASN, dsaPubKeyASN_Length, ret, key->heap);
}
if (ret == 0) {
@@ -11473,7 +11599,7 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
key->type = DSA_PUBLIC;
}
FREE_ASNGETDATA(dataASN, heap);
FREE_ASNGETDATA(dataASN, key->heap);
return ret;
}
#endif /* WOLFSSL_ASN_TEMPLATE */
@@ -30094,7 +30220,6 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
/* eccKeyASN is longer than eccPublicKeyASN. */
DECL_ASNGETDATA(dataASN, eccKeyASN_Length);
int ret = 0;
void* heap = NULL;
int curve_id = ECC_CURVE_DEF;
int oidIdx = ECCPUBLICKEYASN_IDX_ALGOID_CURVEID;
#ifdef WOLFSSL_CUSTOM_CURVES
@@ -30105,10 +30230,9 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
if ((input == NULL) || (inOutIdx == NULL) || (key == NULL) || (inSz == 0)) {
ret = BAD_FUNC_ARG;
}
heap = (key != NULL) ? key->heap : NULL;
if (ret == 0) {
ALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, heap);
ALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, key->heap);
}
if (ret == 0) {
@@ -30182,7 +30306,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
}
}
FREE_ASNGETDATA(dataASN, heap);
FREE_ASNGETDATA(dataASN, key->heap);
return ret;
}
#endif /* WOLFSSL_ASN_TEMPLATE */
@@ -33590,9 +33714,6 @@ void FreeDecodedCRL(DecodedCRL* dcrl)
while(tmp) {
RevokedCert* next = tmp->next;
#ifdef OPENSSL_EXTRA
XFREE(tmp->extensions, dcrl->heap, DYNAMIC_TYPE_REVOKED);
#endif
XFREE(tmp, dcrl->heap, DYNAMIC_TYPE_REVOKED);
tmp = next;
}
+241 -11
View File
@@ -36,47 +36,185 @@
#endif
#else
/* Forward declarations for static functions defined later
* in this file. */
/* Forward declarations for static functions defined later in this file. */
static int SkipObjectId(const byte* input, word32* inOutIdx, word32 maxIdx);
#ifndef NO_DSA
static WC_INLINE void FreeTmpDsas(byte** tmps, void* heap, int ints);
#endif
#ifndef NO_CERTS
static int GetCertHeader(DecodedCert* cert);
#endif
#ifndef NO_CERTS
static int GetDate(DecodedCert* cert, int dateType, int verify, int maxIdx);
#endif
#ifndef NO_CERTS
static int GetValidity(DecodedCert* cert, int verify, int maxIdx);
#endif
static word32 SetOctetString8Bit(word32 len, byte* output);
static word32 SetDigest(const byte* digest, word32 digSz, byte* output);
#ifndef NO_CERTS
static void AddAltName(DecodedCert* cert, DNS_entry* dnsEntry);
#endif
#ifndef NO_CERTS
#if defined(WOLFSSL_SEP)
static int DecodeSepHwAltName(DecodedCert* cert, const byte* input, word32* idxIn, word32 sz);
#endif
#endif
#ifndef NO_CERTS
static int DecodeConstructedOtherName(DecodedCert* cert, const byte* input, word32* idx, word32 sz, int oid);
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
static word32 SetPrintableString(word32 len, byte* output);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
static word32 SetUTF8String(word32 len, byte* output);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int CopyValidity(byte* output, Cert* cert);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetExtensions(byte* out, word32 outSz, int *IdxInOut, const byte* ext, int extSz);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetExtensionsHeader(byte* out, word32 outSz, word32 extSz);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetCaWithPathLen(byte* out, word32 outSz, byte pathLen);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetCaEx(byte* out, word32 outSz, byte isCa);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetCa(byte* out, word32 outSz);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
static int SetBC(byte* out, word32 outSz);
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
static int SetOidValue(byte* out, word32 outSz, const byte *oid, word32 oidSz, byte *in, word32 inSz);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
static int SetSKID(byte* output, word32 outSz, const byte *input, word32 length);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
static int SetAKID(byte* output, word32 outSz, byte *input, word32 length, byte rawAkid);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
static int SetKeyUsage(byte* output, word32 outSz, word16 input);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
static int SetOjectIdValue(byte* output, word32 outSz, word32* idx, const byte* oid, word32 oidSz);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
#ifndef IGNORE_NETSCAPE_CERT_TYPE
static int SetNsCertType(Cert* cert, byte* output, word32 outSz, byte input);
#endif
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_EXT
static int SetCRLInfo(Cert* cert, byte* output, word32 outSz, byte* input, int inSz);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_ALT_NAMES
static int SetAltNames(byte *output, word32 outSz, const byte *input, word32 length, int critical);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
static word32 SetReqAttribSingle(byte* output, word32* idx, char* attr, word32 attrSz, const byte* oid, word32 oidSz, byte printable, word32 extSz);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
static int SetReqAttrib(byte* output, Cert* cert, word32 extSz);
#endif
#endif
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
#ifdef WOLFSSL_CUSTOM_OID
static int SetCustomObjectId(Cert* cert, byte* output, word32 outSz, CertOidField* custom);
#endif
#endif
#endif
#endif
#if defined(HAVE_ECC) || !defined(NO_DSA)
static word32 is_leading_bit_set(const byte* input, word32 sz);
#endif
#if defined(HAVE_ECC) || !defined(NO_DSA)
static word32 trim_leading_zeros(const byte** input, word32 sz);
#endif
#ifdef HAVE_ECC
#ifdef WOLFSSL_CUSTOM_CURVES
static int ASNToHexString(const byte* input, word32* inOutIdx, char** out, word32 inSz, void* heap, int heapType);
#endif
#endif
#ifdef HAVE_ECC
#ifdef WOLFSSL_CUSTOM_CURVES
static int EccKeyParamCopy(char** dst, char* src, void* heap);
#endif
#endif
#if (defined(HAVE_OCSP) || defined(HAVE_CRL)) && !defined(WOLFCRYPT_ONLY)
static int GetBasicDate(const byte* source, word32* idx, byte* date, byte* format, int maxIdx);
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int GetEnumerated(const byte* input, word32* inOutIdx, int *value, int sz);
static int DecodeCerts(byte* source, word32* ioIndex, OcspResponse* resp, word32 size);
static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl, int maxIdx);
static int ParseCRL_CertList(RevokedCert* rcert, DecodedCRL* dcrl, const byte* buf,word32* inOutIdx, int sz, int verify);
#endif
int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
word32 oidType, word32 maxIdx)
@@ -147,6 +285,7 @@ static int GetAlgoIdImpl(const byte* input, word32* inOutIdx, word32* oid,
return 0;
}
#ifndef NO_RSA
#ifndef NO_RSA
static int _RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
RsaKey* key, int* keySz, word32 inSz)
@@ -228,6 +367,7 @@ static int _RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
}
#endif /* NO_RSA */
#endif
int ToTraditionalInline_ex2(const byte* input, word32* inOutIdx, word32 sz,
word32* algId, word32* eccOid)
{
@@ -302,6 +442,7 @@ int ToTraditionalInline_ex2(const byte* input, word32* inOutIdx, word32 sz,
return length;
}
#if defined(HAVE_PKCS8)
#if defined(HAVE_PKCS8)
int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
int algoID, const byte* curveOID, word32 oidSz)
@@ -396,6 +537,9 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
}
#endif /* HAVE_PKCS8 */
#endif
#ifndef NO_PWDBASED
#ifdef HAVE_PKCS8
#ifdef HAVE_PKCS8
int DecryptContent(byte* input, word32 sz, const char* password, int passwordSz)
{
@@ -546,6 +690,8 @@ exit_dc:
}
#endif /* HAVE_PKCS8 */
#endif
#ifdef HAVE_PKCS12
#ifdef HAVE_PKCS12
int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
const char* password, int passwordSz, int vPKCS, int vAlgo,
@@ -719,6 +865,10 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
}
#endif /* HAVE_PKCS12 */
#endif
#endif
#ifndef NO_RSA
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
static int RsaPublicKeyDecodeRawIndex(const byte* input, word32* inOutIdx,
word32 inSz, word32* key_n,
@@ -794,6 +944,7 @@ static int RsaPublicKeyDecodeRawIndex(const byte* input, word32* inOutIdx,
}
#endif /* WOLFSSL_RENESAS_TSIP */
#endif
#ifndef NO_RSA
int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, word32 inSz,
const byte** n, word32* nSz, const byte** e, word32* eSz)
@@ -900,6 +1051,8 @@ int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, word32 inSz,
}
#endif /* !NO_RSA */
#endif
#ifndef NO_DH
#ifndef NO_DH
int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
{
@@ -1005,6 +1158,7 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
}
#endif /* !NO_DH */
#ifdef WOLFSSL_DH_EXTRA
#ifdef WOLFSSL_DH_EXTRA
int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
{
@@ -1155,6 +1309,7 @@ int wc_DhParamsToDer(DhKey* key, byte* output, word32* outSz)
}
#endif /* WOLFSSL_DH_EXTRA */
#endif
#ifndef NO_DH
int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
byte* g, word32* gInOutSz)
@@ -1195,6 +1350,8 @@ int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
}
#endif /* !NO_DH */
#endif
#ifndef NO_DSA
#ifndef NO_DSA
int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
word32 inSz)
@@ -1341,6 +1498,8 @@ static WC_INLINE void FreeTmpDsas(byte** tmps, void* heap, int ints)
(void)heap;
}
#if !defined(HAVE_SELFTEST) && (defined(WOLFSSL_KEY_GEN) || \
defined(WOLFSSL_CERT_GEN))
#if !defined(HAVE_SELFTEST) && (defined(WOLFSSL_KEY_GEN) || \
defined(WOLFSSL_CERT_GEN))
int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header)
@@ -1500,6 +1659,7 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header)
}
#endif /* !HAVE_SELFTEST && (WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN) */
#endif
#ifndef NO_DSA
static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen,
int ints, int includeVersion)
@@ -1581,6 +1741,8 @@ static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen,
}
#endif /* NO_DSA */
#endif
#ifndef NO_CERTS
static int GetCertHeader(DecodedCert* cert)
{
int ret = 0, len;
@@ -1612,6 +1774,8 @@ static int GetCertHeader(DecodedCert* cert)
return ret;
}
#endif
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
int with_header, int comp)
@@ -1684,6 +1848,8 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
}
#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
#endif
#ifdef WC_ENABLE_ASYM_KEY_EXPORT
#ifdef WC_ENABLE_ASYM_KEY_EXPORT
int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
byte* output, word32 outLen, int keyType, int withHeader)
@@ -1743,6 +1909,8 @@ int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
}
#endif /* WC_ENABLE_ASYM_KEY_EXPORT */
#endif
#if !defined(NO_RSA) && !defined(NO_CERTS)
#if !defined(NO_RSA) && !defined(NO_CERTS)
static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
word32 maxIdx)
@@ -1778,6 +1946,8 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
}
#endif /* !NO_RSA && !NO_CERTS */
#endif
#if defined(HAVE_ECC) && !defined(NO_CERTS)
#if defined(HAVE_ECC) && !defined(NO_CERTS)
static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
word32 maxIdx, const byte* pubKey, word32 pubKeyLen)
@@ -1847,6 +2017,9 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
}
#endif /* HAVE_ECC && !NO_CERTS */
#endif
#ifndef NO_CERTS
#if !defined(NO_DSA)
#if !defined(NO_DSA)
static int ParseDsaKey(const byte* source, word32* srcIdx, word32 maxIdx,
void* heap)
@@ -1884,6 +2057,8 @@ static int ParseDsaKey(const byte* source, word32* srcIdx, word32 maxIdx,
}
#endif /* !NO_DSA */
#endif
#endif
static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
const byte* input, word32* inOutIdx, word32 maxIdx)
{
@@ -2785,6 +2960,7 @@ static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx)
}
#endif
#ifndef NO_CERTS
#ifndef NO_CERTS
int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate)
{
@@ -2893,6 +3069,7 @@ static int GetSignature(DecodedCert* cert)
return 0;
}
#endif
/* Set an octet header when length is only 7-bit.
*
* @param [in] len Length of data in OCTET_STRING. Value must be <= 127.
@@ -2977,6 +3154,7 @@ word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
return encDigSz + algoSz + seqSz;
}
#ifndef NO_CERTS
static void AddAltName(DecodedCert* cert, DNS_entry* dnsEntry)
{
#if (defined(WOLFSSL_ASN_ALL) || defined(OPENSSL_EXTRA)) && \
@@ -3974,6 +4152,7 @@ int DecodeExtKeyUsage(const byte* input, word32 sz,
return 0;
}
#ifndef IGNORE_NAME_CONSTRAINTS
#ifndef IGNORE_NAME_CONSTRAINTS
static int DecodeSubtree(const byte* input, word32 sz, Base_entry** head,
word32 limit, void* heap)
@@ -4107,6 +4286,8 @@ static int DecodeNameConstraints(const byte* input, word32 sz,
}
#endif /* IGNORE_NAME_CONSTRAINTS */
#endif
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
static int DecodeCertPolicy(const byte* input, word32 sz, DecodedCert* cert)
{
@@ -4216,6 +4397,8 @@ static int DecodeCertPolicy(const byte* input, word32 sz, DecodedCert* cert)
}
#endif /* WOLFSSL_SEP || WOLFSSL_CERT_EXT */
#endif
#ifdef WOLFSSL_SUBJ_DIR_ATTR
#ifdef WOLFSSL_SUBJ_DIR_ATTR
static int DecodeSubjDirAttr(const byte* input, word32 sz, DecodedCert* cert)
{
@@ -4279,6 +4462,7 @@ static int DecodeSubjDirAttr(const byte* input, word32 sz, DecodedCert* cert)
}
#endif /* WOLFSSL_SUBJ_DIR_ATTR */
#endif
static int DecodeCertExtensions(DecodedCert* cert)
{
int ret = 0;
@@ -4377,6 +4561,7 @@ end:
return ret;
}
#if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
#if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
void* cm, const byte* pubKey, word32 pubKeySz, int pubKeyOID, int req)
@@ -4725,6 +4910,8 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
}
#endif /* WOLFSSL_SMALL_CERT_VERIFY || OPENSSL_EXTRA */
#endif
#endif
int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
byte* serial, int* serialSz, word32 maxIdx)
{
@@ -4760,6 +4947,9 @@ int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
return result;
}
#ifndef NO_CERTS
#if !defined(NO_RSA) && \
(defined(WOLFSSL_KEY_TO_DER) || defined(WOLFSSL_CERT_GEN))
#if !defined(NO_RSA) && \
(defined(WOLFSSL_KEY_TO_DER) || defined(WOLFSSL_CERT_GEN))
static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen,
@@ -4833,6 +5023,9 @@ static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen,
}
#endif /* !NO_RSA && WOLFSSL_KEY_TO_DER */
#endif
#endif
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_TO_DER)
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_TO_DER)
int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
{
@@ -4948,6 +5141,9 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
}
#endif /* !NO_RSA && WOLFSSL_KEY_TO_DER */
#endif
#ifndef NO_CERTS
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
/* Write a set header to output */
@@ -4963,8 +5159,8 @@ static word32 SetUTF8String(word32 len, byte* output)
return SetLength(len, output + 1) + 1;
}
#endif /* WOLFSSL_CERT_REQ */
#endif
/* Copy Dates from cert, return bytes written */
static int CopyValidity(byte* output, Cert* cert)
@@ -5285,7 +5481,6 @@ static int SetOjectIdValue(byte* output, word32 outSz, word32* idx,
return 0;
}
#endif /* WOLFSSL_CERT_EXT */
#ifdef WOLFSSL_CERT_EXT
static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input)
@@ -5412,8 +5607,8 @@ static int SetNsCertType(Cert* cert, byte* output, word32 outSz, byte input)
return (int)idx;
}
#endif
#endif
static int SetCRLInfo(Cert* cert, byte* output, word32 outSz, byte* input,
int inSz)
{
@@ -5504,6 +5699,7 @@ static int SetCertificatePolicies(byte *output,
}
#endif /* WOLFSSL_CERT_EXT */
#endif
#ifdef WOLFSSL_ALT_NAMES
/* encode Alternative Names, return total bytes written */
static int SetAltNames(byte *output, word32 outSz,
@@ -5553,8 +5749,10 @@ static int SetAltNames(byte *output, word32 outSz,
return (int)idx;
}
#endif /* WOLFSSL_ALT_NAMES */
#endif
#endif
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
static int EncodeName(EncodedName* name, const char* nameStr,
byte nameTag, byte type, byte emailTag, CertName* cname)
@@ -5737,6 +5935,8 @@ static int EncodeName(EncodedName* name, const char* nameStr,
}
#endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif
#ifdef WOLFSSL_CERT_GEN
int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap)
{
int ret;
@@ -7115,7 +7315,6 @@ static int WriteCertReqBody(DerCert* der, byte* buf)
return idx;
}
#endif /* WOLFSSL_CERT_REQ */
#ifdef WOLFSSL_CERT_REQ
static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
@@ -7213,6 +7412,10 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
}
#endif /* WOLFSSL_CERT_REQ */
#endif
#endif
#endif
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL))
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL))
int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g)
{
@@ -7253,6 +7456,8 @@ int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g)
}
#endif /* !NO_DH && (WOLFSSL_QT || OPENSSL_ALL) */
#endif
#if defined(HAVE_ECC) || !defined(NO_DSA)
#if defined(HAVE_ECC) || !defined(NO_DSA)
int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
{
@@ -7478,6 +7683,8 @@ int DecodeECC_DSA_Sig_Ex(const byte* sig, word32 sigLen, mp_int* r, mp_int* s,
}
#endif
#endif
#ifdef HAVE_ECC
#ifdef HAVE_ECC
WOLFSSL_ABI
int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
@@ -7678,8 +7885,8 @@ static int EccKeyParamCopy(char** dst, char* src, void* heap)
return ret;
}
#endif /* WOLFSSL_CUSTOM_CURVES */
#endif
#ifdef HAVE_ECC
WOLFSSL_ABI
int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
@@ -7951,6 +8158,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
}
#endif /* HAVE_ECC */
#ifdef HAVE_ECC_KEY_EXPORT
#ifdef HAVE_ECC_KEY_EXPORT
int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
int pubIn, int curveIn)
@@ -8128,6 +8336,8 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
}
#endif /* HAVE_ECC_KEY_EXPORT */
#endif
#endif
#if (defined(HAVE_OCSP) || defined(HAVE_CRL)) && !defined(WOLFCRYPT_ONLY)
/* Get raw Date only, no processing, 0 on success */
@@ -8150,6 +8360,7 @@ static int GetBasicDate(const byte* source, word32* idx, byte* date,
#endif /* HAVE_OCSP || HAVE_CRL */
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int GetEnumerated(const byte* input, word32* inOutIdx, int *value,
int sz)
{
@@ -8183,6 +8394,7 @@ static int GetEnumerated(const byte* input, word32* inOutIdx, int *value,
return *value;
}
#ifdef HAVE_OCSP_RESPONDER
#ifdef HAVE_OCSP_RESPONDER
WC_MAYBE_UNUSED static int EncodeCertID(OcspEntry* entry, byte* out,
word32* outSz)
@@ -8195,6 +8407,7 @@ WC_MAYBE_UNUSED static int EncodeCertID(OcspEntry* entry, byte* out,
}
#endif /* HAVE_OCSP_RESPONDER */
#endif
static int OcspDecodeCertIDInt(const byte* input, word32* inOutIdx, word32 inSz,
OcspEntry* entry)
{
@@ -8238,6 +8451,7 @@ static int OcspDecodeCertIDInt(const byte* input, word32* inOutIdx, word32 inSz,
return 0;
}
#ifdef HAVE_OCSP_RESPONDER
#ifdef HAVE_OCSP_RESPONDER
WC_MAYBE_UNUSED static int EncodeSingleResponse(OcspEntry* single, byte* out,
word32* outSz, void* heap)
@@ -8251,6 +8465,7 @@ WC_MAYBE_UNUSED static int EncodeSingleResponse(OcspEntry* single, byte* out,
}
#endif /* HAVE_OCSP_RESPONDER */
#endif
static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
int wrapperSz, OcspEntry* single)
{
@@ -8479,6 +8694,7 @@ WC_MAYBE_UNUSED static int EncodeOcspRespExtensions(OcspResponse* resp,
}
#endif /* HAVE_OCSP */
#ifdef HAVE_OCSP_RESPONDER
#ifdef HAVE_OCSP_RESPONDER
WC_MAYBE_UNUSED static int EncodeResponseData(OcspResponse* resp, byte* out,
word32* outSz)
@@ -8491,6 +8707,7 @@ WC_MAYBE_UNUSED static int EncodeResponseData(OcspResponse* resp, byte* out,
}
#endif /* HAVE_OCSP_RESPONDER */
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int DecodeResponseData(byte* source, word32* ioIndex,
OcspResponse* resp, word32 size)
@@ -8648,6 +8865,7 @@ static int DecodeCerts(byte* source,
#endif /* WOLFSSL_NO_OCSP_OPTIONAL_CERTS */
#ifdef HAVE_OCSP_RESPONDER
#ifdef HAVE_OCSP_RESPONDER
WC_MAYBE_UNUSED static int EncodeBasicOcspResponse(OcspResponse* resp,
byte* out, word32* outSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng)
@@ -8663,6 +8881,7 @@ WC_MAYBE_UNUSED static int EncodeBasicOcspResponse(OcspResponse* resp,
}
#endif /* HAVE_OCSP_RESPONDER */
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
OcspResponse* resp, word32 size, void* cm, void* heap, int noVerify,
@@ -8773,6 +8992,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
}
#endif /* HAVE_OCSP */
#ifdef HAVE_OCSP_RESPONDER
#ifdef HAVE_OCSP_RESPONDER
int OcspResponseEncode(OcspResponse* resp, byte* out, word32* outSz,
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng)
@@ -8788,6 +9008,7 @@ int OcspResponseEncode(OcspResponse* resp, byte* out, word32* outSz,
}
#endif /* HAVE_OCSP_RESPONDER */
#endif
#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
int OcspResponseDecode(OcspResponse* resp, void* cm, void* heap,
int noVerifyCert, int noVerifySignature)
@@ -8948,6 +9169,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
}
#endif /* HAVE_OCSP */
#ifdef HAVE_OCSP_RESPONDER
#ifdef HAVE_OCSP_RESPONDER
int DecodeOcspRequest(OcspRequest* req, const byte* input, word32 size)
{
@@ -8959,6 +9181,8 @@ int DecodeOcspRequest(OcspRequest* req, const byte* input, word32 size)
}
#endif /* HAVE_OCSP_RESPONDER */
#endif
#endif
int GetNameHash_ex(const byte* source, word32* idx, byte* hash, int maxIdx,
word32 sigOID)
{
@@ -8996,6 +9220,7 @@ int GetNameHash_ex(const byte* source, word32* idx, byte* hash, int maxIdx,
return ret;
}
#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx,
DecodedCRL* dcrl, word32 maxIdx)
@@ -9231,6 +9456,7 @@ static int ParseCRL_CertList(RevokedCert* rcert, DecodedCRL* dcrl,
return 0;
}
#ifndef NO_SKID
#ifndef NO_SKID
static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
{
@@ -9269,6 +9495,7 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
}
#endif
#endif
static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf,
word32* inOutIdx, word32 sz)
{
@@ -9510,6 +9737,8 @@ end:
}
#endif /* HAVE_CRL */
#endif
#ifdef WOLFSSL_CERT_PIV
#ifdef WOLFSSL_CERT_PIV
int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
{
@@ -9589,5 +9818,6 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
}
#endif /* WOLFSSL_CERT_PIV */
#endif
#endif /* WOLFSSL_ASN_ORIG_INCLUDED */