add support for CMS CompressedData content type

2025-07-31 19:24:42 +02:00 · 2018-08-17 10:52:18 -06:00
parent 32b70dd56c
commit c51cf4472e
6 changed files with 421 additions and 12 deletions
--- a/Makefile.am
+++ b/Makefile.am
@@ -39,10 +39,12 @@ CLEANFILES+= cert.der \
             othercert.der \
             othercert.pem \
             pkcs7cert.der \
+             pkcs7compressedData_zlib.der \
             pkcs7encryptedDataAES128CBC.der \
             pkcs7encryptedDataAES192CBC.der \
             pkcs7encryptedDataAES256CBC_attribs.der \
             pkcs7encryptedDataAES256CBC.der \
+             pkcs7encryptedDataAES256CBC_firmwarePkgData.der \
             pkcs7encryptedDataAES256CBC_multi_attribs.der \
             pkcs7encryptedDataDES3.der \
             pkcs7encryptedDataDES.der \
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -1319,6 +1319,11 @@ static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1};
 static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3};
 #endif

+#ifdef HAVE_LIBZ
+/* zlib compression */
+static const byte zlibCompress[] = {42, 134, 72, 134, 247, 13, 1, 9, 16, 3, 8};
+#endif
+

 /* returns a pointer to the OID string on success and NULL on fail */
 const byte* OidFromId(word32 id, word32 type, word32* oidSz)
@@ -1805,6 +1810,17 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
            break;
 #endif /* !NO_HMAC */

+#ifdef HAVE_LIBZ
+        case oidCompressType:
+            switch (id) {
+                case ZLIBc:
+                    oid = zlibCompress;
+                    *oidSz = sizeof(zlibCompress);
+                    break;
+            }
+            break;
+#endif /* HAVE_LIBZ */
+
        case oidIgnoreType:
        default:
            break;
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -38,6 +38,9 @@
 #ifdef HAVE_ECC
    #include <wolfssl/wolfcrypt/ecc.h>
 #endif
+#ifdef HAVE_LIBZ
+    #include <wolfssl/wolfcrypt/compress.h>
+#endif
 #ifdef NO_INLINE
    #include <wolfssl/wolfcrypt/misc.h>
 #else
@@ -77,9 +80,14 @@ static int wc_SetContentType(int pkcs7TypeOID, byte* output, word32 outputSz)
    const byte encryptedData[]      = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
                                               0x0D, 0x01, 0x07, 0x06 };
 #endif
-    /* FirmwarePkgData (1.2.840.113549.1.9.16.1.16), from RFC 4108 */
-    const byte firmwarePkgData[]    = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
-                                        0x0D, 0x01, 0x09, 0x10, 0x01, 0x10 };
+    /* FirmwarePkgData (1.2.840.113549.1.9.16.1.16), RFC 4108 */
+    const byte firmwarePkgData[]    = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+                                        0x01, 0x09, 0x10, 0x01, 0x10 };
+#ifdef HAVE_LIBZ
+    /* id-ct-compressedData (1.2.840.113549.1.9.16.1.9), RFC 3274 */
+    const byte compressedData[]     = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+                                        0x01, 0x09, 0x10, 0x01, 0x09 };
+#endif

    int idSz, idx = 0;
    word32 typeSz = 0;
@@ -122,6 +130,12 @@ static int wc_SetContentType(int pkcs7TypeOID, byte* output, word32 outputSz)
            typeSz = sizeof(encryptedData);
            typeName = encryptedData;
            break;
+#endif
+#ifdef HAVE_LIBZ
+        case COMPRESSED_DATA:
+            typeSz = sizeof(compressedData);
+            typeName = compressedData;
+            break;
 #endif
        case FIRMWARE_PKG_DATA:
            typeSz = sizeof(firmwarePkgData);
@@ -5080,7 +5094,7 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
    int encContentOctetSz, encContentSeqSz, contentTypeSz;
    int contentEncAlgoSz, ivOctetStringSz;
    byte encContentSeq[MAX_SEQ_SZ];
-    byte contentType[MAX_ALGO_SZ];
+    byte contentType[MAX_OID_SZ];
    byte contentEncAlgo[MAX_ALGO_SZ];
    byte tmpIv[MAX_CONTENT_IV_SIZE];
    byte ivOctetString[MAX_OCTET_STR_SZ];
@@ -5118,7 +5132,7 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
    }

    /* EncryptedContentInfo */
-    contentTypeSz = wc_SetContentType(pkcs7->contentOID, contentType,
+    ret = wc_SetContentType(pkcs7->contentOID, contentType,
                            sizeof(contentType));
    if (ret < 0)
        return ret;
@@ -5356,6 +5370,7 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz,
    if (pkiMsg == NULL || pkiMsgSz == 0 ||
        output == NULL || outputSz == 0)
        return BAD_FUNC_ARG;
+
    /* read past ContentInfo, verify type is encrypted-data */
    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
        return ASN_PARSE_E;
@@ -5473,6 +5488,259 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz,

 #endif /* NO_PKCS7_ENCRYPTED_DATA */

+#ifdef HAVE_LIBZ
+
+/* build PKCS#7 compressedData content type, return encrypted size */
+int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    byte contentInfoSeq[MAX_SEQ_SZ];
+    byte contentInfoTypeOid[MAX_OID_SZ];
+    byte contentInfoContentSeq[MAX_SEQ_SZ]; /* EXPLICIT [0] */
+    byte compressedDataSeq[MAX_SEQ_SZ];
+    byte cmsVersion[MAX_VERSION_SZ];
+    byte compressAlgId[MAX_ALGO_SZ];
+    byte encapContentInfoSeq[MAX_SEQ_SZ];
+    byte contentTypeOid[MAX_OID_SZ];
+    byte contentSeq[MAX_SEQ_SZ];            /* EXPLICIT [0] */
+    byte contentOctetStr[MAX_OCTET_STR_SZ];
+
+    int ret;
+    word32 totalSz, idx;
+    word32 contentInfoSeqSz, contentInfoContentSeqSz, contentInfoTypeOidSz;
+    word32 compressedDataSeqSz, cmsVersionSz, compressAlgIdSz;
+    word32 encapContentInfoSeqSz, contentTypeOidSz, contentSeqSz;
+    word32 contentOctetStrSz;
+
+    byte* compressed;
+    word32 compressedSz;
+
+    if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 ||
+        output == NULL || outputSz == 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* allocate space for compressed content. The libz code says the compressed
+     * buffer should be srcSz + 0.1% + 12. */
+    compressedSz = (pkcs7->contentSz + (word32)(pkcs7->contentSz * 0.001) + 12);
+    compressed = (byte*)XMALLOC(compressedSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+    if (compressed == NULL) {
+        WOLFSSL_MSG("Error allocating memory for CMS compressed content");
+        return MEMORY_E;
+    }
+
+    /* compress content */
+    ret = wc_Compress(compressed, compressedSz, pkcs7->content,
+                      pkcs7->contentSz, 0);
+    if (ret < 0) {
+        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        return ret;
+    }
+    compressedSz = (word32)ret;
+
+    /* eContent OCTET STRING, working backwards */
+    contentOctetStrSz = SetOctetString(compressedSz, contentOctetStr);
+    totalSz = contentOctetStrSz + compressedSz;
+
+    /* EXPLICIT [0] eContentType */
+    contentSeqSz = SetExplicit(0, totalSz, contentSeq);
+    totalSz += contentSeqSz;
+
+    /* eContentType OBJECT IDENTIFIER */
+    ret = wc_SetContentType(pkcs7->contentOID, contentTypeOid,
+                            sizeof(contentTypeOid));
+    if (ret < 0) {
+        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        return ret;
+    }
+
+    contentTypeOidSz = ret;
+    totalSz += contentTypeOidSz;
+
+    /* EncapsulatedContentInfo SEQUENCE */
+    encapContentInfoSeqSz = SetSequence(totalSz, encapContentInfoSeq);
+    totalSz += encapContentInfoSeqSz;
+
+    /* compressionAlgorithm AlgorithmIdentifier */
+    /* Only supports zlib for compression currently:
+     * id-alg-zlibCompress (1.2.840.113549.1.9.16.3.8) */
+    compressAlgIdSz = SetAlgoID(ZLIBc, compressAlgId, oidCompressType, 0);
+    totalSz += compressAlgIdSz;
+
+    /* version */
+    cmsVersionSz = SetMyVersion(0, cmsVersion, 0);
+    totalSz += cmsVersionSz;
+
+    /* CompressedData SEQUENCE */
+    compressedDataSeqSz = SetSequence(totalSz, compressedDataSeq);
+    totalSz += compressedDataSeqSz;
+
+    /* ContentInfo content EXPLICIT SEQUENCE */
+    contentInfoContentSeqSz = SetExplicit(0, totalSz, contentInfoContentSeq);
+    totalSz += contentInfoContentSeqSz;
+
+    /* ContentInfo ContentType (compressedData) */
+    ret = wc_SetContentType(COMPRESSED_DATA, contentInfoTypeOid,
+                            sizeof(contentInfoTypeOid));
+    if (ret < 0) {
+        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        return ret;
+    }
+
+    contentInfoTypeOidSz = ret;
+    totalSz += contentInfoTypeOidSz;
+
+    /* ContentInfo SEQUENCE */
+    contentInfoSeqSz = SetSequence(totalSz, contentInfoSeq);
+    totalSz += contentInfoSeqSz;
+
+    if (outputSz < totalSz) {
+        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        return BUFFER_E;
+    }
+
+    idx = 0;
+    XMEMCPY(output + idx, contentInfoSeq, contentInfoSeqSz);
+    idx += contentInfoSeqSz;
+    XMEMCPY(output + idx, contentInfoTypeOid, contentInfoTypeOidSz);
+    idx += contentInfoTypeOidSz;
+    XMEMCPY(output + idx, contentInfoContentSeq, contentInfoContentSeqSz);
+    idx += contentInfoContentSeqSz;
+    XMEMCPY(output + idx, compressedDataSeq, compressedDataSeqSz);
+    idx += compressedDataSeqSz;
+    XMEMCPY(output + idx, cmsVersion, cmsVersionSz);
+    idx += cmsVersionSz;
+    XMEMCPY(output + idx, compressAlgId, compressAlgIdSz);
+    idx += compressAlgIdSz;
+    XMEMCPY(output + idx, encapContentInfoSeq, encapContentInfoSeqSz);
+    idx += encapContentInfoSeqSz;
+    XMEMCPY(output + idx, contentTypeOid, contentTypeOidSz);
+    idx += contentTypeOidSz;
+    XMEMCPY(output + idx, contentSeq, contentSeqSz);
+    idx += contentSeqSz;
+    XMEMCPY(output + idx, contentOctetStr, contentOctetStrSz);
+    idx += contentOctetStrSz;
+    XMEMCPY(output + idx, compressed, compressedSz);
+    idx += compressedSz;
+
+    XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+
+    return idx;
+}
+
+/* unwrap and decompress PKCS#7/CMS compressedData object,
+ * returned decoded size */
+int wc_PKCS7_DecodeCompressedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz,
+                                  byte* output, word32 outputSz)
+{
+    int length, version, ret;
+    word32 idx = 0, algOID, contentType;
+
+    byte* decompressed;
+    word32 decompressedSz;
+
+    if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0 ||
+        output == NULL || outputSz == 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* get ContentInfo SEQUENCE */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* get ContentInfo contentType */
+    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (contentType != COMPRESSED_DATA) {
+        printf("ContentInfo not of type CompressedData");
+        return ASN_PARSE_E;
+    }
+
+    /* get ContentInfo content EXPLICIT SEQUENCE */
+    if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* get CompressedData SEQUENCE */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* get version */
+    if (GetMyVersion(pkiMsg, &idx, &version, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (version != 0) {
+        WOLFSSL_MSG("CMS CompressedData version MUST be 0, but is not");
+        return ASN_PARSE_E;
+    }
+
+    /* get CompressionAlgorithmIdentifier */
+    if (GetAlgoId(pkiMsg, &idx, &algOID, oidIgnoreType, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Only supports zlib for compression currently:
+     * id-alg-zlibCompress (1.2.840.113549.1.9.16.3.8) */
+    if (algOID != ZLIBc) {
+        WOLFSSL_MSG("CMS CompressedData only supports zlib algorithm");
+        return ASN_PARSE_E;
+    }
+
+    /* get EncapsulatedContentInfo SEQUENCE */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* get ContentType OID */
+    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    pkcs7->contentOID = contentType;
+
+    /* get eContent EXPLICIT SEQUENCE */
+    if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* get content OCTET STRING */
+    if (pkiMsg[idx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* allocate space for decompressed data */
+    decompressed = (byte*)XMALLOC(length, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+    if (decompressed == NULL) {
+        WOLFSSL_MSG("Error allocating memory for CMS decompression buffer");
+        return MEMORY_E;
+    }
+
+    /* decompress content */
+    ret = wc_DeCompress(decompressed, length, &pkiMsg[idx], length);
+    if (ret < 0) {
+        XFREE(decompressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        return ret;
+    }
+    decompressedSz = (word32)ret;
+
+    /* get content */
+    if (outputSz < decompressedSz) {
+        WOLFSSL_MSG("CMS output buffer too small to hold decompressed data");
+        XFREE(decompressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+        return BUFFER_E;
+    }
+
+    XMEMCPY(output, decompressed, decompressedSz);
+    XFREE(decompressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+
+    return decompressedSz;
+}
+
+#endif /* HAVE_LIBZ */
+
 #else  /* HAVE_PKCS7 */


--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -326,6 +326,9 @@ int scrypt_test(void);
    #ifndef NO_PKCS7_ENCRYPTED_DATA
        int pkcs7encrypted_test(void);
    #endif
+    #ifdef HAVE_LIBZ
+        int pkcs7compressed_test(void);
+    #endif
 #endif
 #if !defined(NO_ASN_TIME) && !defined(NO_RSA) && defined(WOLFSSL_TEST_CERT)
 int cert_test(void);
@@ -964,6 +967,12 @@ initDefaultName();
        else
            printf( "PKCS7encrypted  test passed!\n");
    #endif
+    #ifdef HAVE_LIBZ
+        if ( (ret = pkcs7compressed_test()) != 0)
+            return err_sys("PKCS7compressed test failed!\n", ret);
+        else
+            printf( "PKCS7compressed test passed!\n");
+    #endif
 #endif

 #ifdef HAVE_VALGRIND
@@ -19190,6 +19199,11 @@ int pkcs7encrypted_test(void)
         sizeof(aes256Key), multiAttribs,
         (sizeof(multiAttribs)/sizeof(PKCS7Attrib)),
         "pkcs7encryptedDataAES256CBC_multi_attribs.der"},
+
+        /* test with contentType set to FirmwarePkgData */
+        {data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256CBCb, aes256Key,
+         sizeof(aes256Key), NULL, 0,
+         "pkcs7encryptedDataAES256CBC_firmwarePkgData.der"},
    #endif
 #endif /* NO_AES */
    };
@@ -19286,6 +19300,97 @@ int pkcs7encrypted_test(void)
 #endif /* NO_PKCS7_ENCRYPTED_DATA */


+#ifdef HAVE_LIBZ
+
+typedef struct {
+    const byte*  content;
+    word32       contentSz;
+    int          contentOID;
+    const char*  outFileName;
+} pkcs7CompressedVector;
+
+
+int pkcs7compressed_test(void)
+{
+    int ret = 0;
+    int i, testSz;
+    int compressedSz, decodedSz;
+    PKCS7* pkcs7;
+    byte  compressed[2048];
+    byte  decoded[2048];
+#ifdef PKCS7_OUTPUT_TEST_BUNDLES
+    FILE* pkcs7File;
+#endif
+
+    const byte data[] = { /* Hello World */
+        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
+        0x72,0x6c,0x64
+    };
+
+    const pkcs7CompressedVector testVectors[] =
+    {
+        {data, (word32)sizeof(data), DATA, "pkcs7compressedData_zlib.der"},
+    };
+
+    testSz = sizeof(testVectors) / sizeof(pkcs7CompressedVector);
+
+    for (i = 0; i < testSz; i++) {
+        pkcs7 = wc_PKCS7_New(HEAP_HINT, devId);
+        if (pkcs7 == NULL)
+            return -9400;
+
+        pkcs7->content              = (byte*)testVectors[i].content;
+        pkcs7->contentSz            = testVectors[i].contentSz;
+        pkcs7->contentOID           = testVectors[i].contentOID;
+
+        /* encode compressedData */
+        compressedSz = wc_PKCS7_EncodeCompressedData(pkcs7, compressed,
+                                                   sizeof(compressed));
+        if (compressedSz <= 0) {
+            wc_PKCS7_Free(pkcs7);
+            return -9401;
+        }
+
+        /* decode compressedData */
+        decodedSz = wc_PKCS7_DecodeCompressedData(pkcs7, compressed,
+                                                  compressedSz, decoded,
+                                                  sizeof(decoded));
+        if (decodedSz <= 0){
+            wc_PKCS7_Free(pkcs7);
+            return -9402;
+        }
+
+        /* test decode result */
+        if (XMEMCMP(decoded, testVectors[i].content,
+                    testVectors[i].contentSz) != 0) {
+            wc_PKCS7_Free(pkcs7);
+            return -9403;
+        }
+
+#ifdef PKCS7_OUTPUT_TEST_BUNDLES
+        /* output pkcs7 compressedData for external testing */
+        pkcs7File = fopen(testVectors[i].outFileName, "wb");
+        if (!pkcs7File) {
+            wc_PKCS7_Free(pkcs7);
+            return -9406;
+        }
+
+        ret = (int)fwrite(compressed, compressedSz, 1, pkcs7File);
+        fclose(pkcs7File);
+
+        if (ret > 0)
+            ret = 0;
+#endif
+
+        wc_PKCS7_Free(pkcs7);
+    }
+
+    return ret;
+} /* pkcs7compressed_test() */
+
+#endif /* HAVE_LIBZ */
+
+
 typedef struct {
    const byte*  content;
    word32       contentSz;
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -332,6 +332,7 @@ enum Oid_Types {
    oidCmsKeyAgreeType  = 13,
    oidPBEType          = 14,
    oidHmacType         = 15,
+    oidCompressType     = 16,
    oidIgnoreType
 };

@@ -487,6 +488,12 @@ enum ExtKeyUsage_Sum { /* From RFC 5280 */
    EKU_OCSP_SIGN_OID   = 79   /* 1.3.6.1.5.5.7.3.9, id-kp-OCSPSigning     */
 };

+#ifdef HAVE_LIBZ
+enum CompressAlg_Sum {
+    ZLIBc = 679  /* 1.2.840.113549.1.9.16.3.8, id-alg-zlibCompress */
+};
+#endif
+

 enum VerifyType {
    NO_VERIFY   = 0,
--- a/wolfssl/wolfcrypt/pkcs7.h
+++ b/wolfssl/wolfcrypt/pkcs7.h
@@ -60,6 +60,9 @@ enum PKCS7_TYPES {
    SIGNED_AND_ENVELOPED_DATA = 654,  /* 1.2.840.113549.1.7.4 */
    DIGESTED_DATA             = 655,  /* 1.2.840.113549.1.7.5 */
    ENCRYPTED_DATA            = 656,  /* 1.2.840.113549.1.7.6 */
+#ifdef HAVE_LIBZ
+    COMPRESSED_DATA           = 678,  /* 1.2.840.113549.1.9.16.1.9,  RFC 3274 */
+#endif
    FIRMWARE_PKG_DATA         = 685   /* 1.2.840.113549.1.9.16.1.16, RFC 4108 */
 };

@@ -205,6 +208,14 @@ WOLFSSL_API int  wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg,
                                          word32 outputSz);
 #endif /* NO_PKCS7_ENCRYPTED_DATA */

+#ifdef HAVE_LIBZ
+WOLFSSL_API int wc_PKCS7_EncodeCompressedData(PKCS7* pkcs7, byte* output,
+                                              word32 outputSz);
+WOLFSSL_API int wc_PKCS7_DecodeCompressedData(PKCS7* pkcs7, byte* pkiMsg,
+                                              word32 pkiMsgSz, byte* output,
+                                              word32 outputSz);
+#endif /* HAVE_LIBZ */
+
 #ifdef __cplusplus
    } /* extern "C" */
 #endif