diff --git a/examples/ocsp_responder/ocsp_responder.c b/examples/ocsp_responder/ocsp_responder.c index 79c9c0e286..54d1d9886c 100644 --- a/examples/ocsp_responder/ocsp_responder.c +++ b/examples/ocsp_responder/ocsp_responder.c @@ -434,7 +434,7 @@ static int PopulateResponderFromIndex(OcspResponder* responder, word32 serialLen = 0; enum Ocsp_Cert_Status status; time_t revTime = 0; - enum WC_CRL_Reason revReason = CRL_REASON_UNSPECIFIED; + enum WC_CRL_Reason revReason = WC_CRL_REASON_UNSPECIFIED; word32 validity = 86400; char* p = entry->serial; word32 i; @@ -487,7 +487,7 @@ static int PopulateResponderFromIndex(OcspResponder* responder, else if (entry->status == 'R') { status = CERT_REVOKED; revTime = entry->revocationTime; - revReason = CRL_REASON_UNSPECIFIED; + revReason = WC_CRL_REASON_UNSPECIFIED; validity = 0; } else { diff --git a/src/ocsp.c b/src/ocsp.c index 0eeec81538..d0dd56c3f7 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -2520,8 +2520,8 @@ int wc_OcspResponder_SetCertStatus(OcspResponder* responder, if (status == CERT_REVOKED) { if (revocationTime <= 0) goto out; - if (revocationReason < CRL_REASON_UNSPECIFIED || - revocationReason > CRL_REASON_AA_COMPROMISE) + if (revocationReason < WC_CRL_REASON_UNSPECIFIED || + revocationReason > WC_CRL_REASON_AA_COMPROMISE) goto out; /* Skip value 7 which is not used */ if (revocationReason == 7) diff --git a/tests/api/test_ocsp.c b/tests/api/test_ocsp.c index 06c527bf82..f447961fb6 100644 --- a/tests/api/test_ocsp.c +++ b/tests/api/test_ocsp.c @@ -1510,7 +1510,7 @@ int test_ocsp_responder(void) "./certs/ca-key.der", "./certs/server-cert.der", CERT_GOOD, - 0, CRL_REASON_UNSPECIFIED, + 0, WC_CRL_REASON_UNSPECIFIED, 86400, /* validityPeriod - 24 hours */ 0, "RSA server cert - GOOD status" @@ -1521,7 +1521,7 @@ int test_ocsp_responder(void) "./certs/ca-key.der", "./certs/server-cert.der", CERT_REVOKED, - now, CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */ + now, WC_CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */ 0, /* validityPeriod (not used for REVOKED) */ OCSP_CERT_REVOKED, "RSA server cert - REVOKED status" @@ -1532,7 +1532,7 @@ int test_ocsp_responder(void) "./certs/ca-key.der", "./certs/server-cert.der", CERT_UNKNOWN, - 0, CRL_REASON_UNSPECIFIED, + 0, WC_CRL_REASON_UNSPECIFIED, 0, /* validityPeriod (not used for UNKNOWN) */ OCSP_CERT_UNKNOWN, "RSA server cert - UNKNOWN status" @@ -1543,7 +1543,7 @@ int test_ocsp_responder(void) "./certs/ocsp/ocsp-responder-key.der", "./certs/ocsp/intermediate1-ca-cert.der", CERT_GOOD, - 0, CRL_REASON_UNSPECIFIED, + 0, WC_CRL_REASON_UNSPECIFIED, 86400, /* validityPeriod - 24 hours */ 0, "RSA int1 cert with responder - GOOD status" @@ -1554,7 +1554,7 @@ int test_ocsp_responder(void) "./certs/ocsp/ocsp-responder-key.der", "./certs/ocsp/intermediate1-ca-cert.der", CERT_REVOKED, - now, CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */ + now, WC_CRL_REASON_KEY_COMPROMISE, /* Revoked due to key compromise */ 0, /* validityPeriod (not used for REVOKED) */ OCSP_CERT_REVOKED, "RSA int1 cert with responder - REVOKED status" @@ -1565,7 +1565,7 @@ int test_ocsp_responder(void) "./certs/ocsp/ocsp-responder-key.der", "./certs/ocsp/intermediate1-ca-cert.der", CERT_UNKNOWN, - 0, CRL_REASON_UNSPECIFIED, + 0, WC_CRL_REASON_UNSPECIFIED, 0, /* validityPeriod (not used for UNKNOWN) */ OCSP_CERT_UNKNOWN, "RSA int1 cert with responder - UNKNOWN status" @@ -1577,7 +1577,7 @@ int test_ocsp_responder(void) "./certs/ca-ecc-key.der", "./certs/server-ecc.der", CERT_GOOD, - 0, CRL_REASON_UNSPECIFIED, + 0, WC_CRL_REASON_UNSPECIFIED, 86400, /* validityPeriod - 24 hours */ 0, "ECC server cert - GOOD status" @@ -1588,7 +1588,7 @@ int test_ocsp_responder(void) "./certs/ca-ecc-key.der", "./certs/server-ecc.der", CERT_REVOKED, - now, CRL_REASON_AFFILIATION_CHANGED, + now, WC_CRL_REASON_AFFILIATION_CHANGED, 0, /* validityPeriod (not used for REVOKED) */ OCSP_CERT_REVOKED, "ECC server cert - REVOKED status" @@ -1599,7 +1599,7 @@ int test_ocsp_responder(void) "./certs/ca-ecc-key.der", "./certs/server-ecc.der", CERT_UNKNOWN, - 0, CRL_REASON_UNSPECIFIED, + 0, WC_CRL_REASON_UNSPECIFIED, 0, /* validityPeriod (not used for UNKNOWN) */ OCSP_CERT_UNKNOWN, "ECC server cert - UNKNOWN status" diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 08dab649ae..d244602cf2 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -2899,17 +2899,17 @@ WOLFSSL_LOCAL int OcspDecodeCertID(const byte* input, word32* inOutIdx, word32 i #ifdef HAVE_OCSP_RESPONDER /* Revocation reason codes from RFC 5280 */ enum WC_CRL_Reason { - CRL_REASON_UNSPECIFIED = 0, - CRL_REASON_KEY_COMPROMISE = 1, - CRL_REASON_CA_COMPROMISE = 2, - CRL_REASON_AFFILIATION_CHANGED = 3, - CRL_REASON_SUPERSEDED = 4, - CRL_REASON_CESSATION_OF_OPERATION = 5, - CRL_REASON_CERTIFICATE_HOLD = 6, + WC_CRL_REASON_UNSPECIFIED = 0, + WC_CRL_REASON_KEY_COMPROMISE = 1, + WC_CRL_REASON_CA_COMPROMISE = 2, + WC_CRL_REASON_AFFILIATION_CHANGED = 3, + WC_CRL_REASON_SUPERSEDED = 4, + WC_CRL_REASON_CESSATION_OF_OPERATION = 5, + WC_CRL_REASON_CERTIFICATE_HOLD = 6, /* value 7 is not used */ - CRL_REASON_REMOVE_FROM_CRL = 8, - CRL_REASON_PRIVILEGE_WITHDRAWN = 9, - CRL_REASON_AA_COMPROMISE = 10 + WC_CRL_REASON_REMOVE_FROM_CRL = 8, + WC_CRL_REASON_PRIVILEGE_WITHDRAWN = 9, + WC_CRL_REASON_AA_COMPROMISE = 10 }; /* Certificate status entry for a single certificate */