wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 07:52:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix tests when building with PEM support disabled by using DER certs/keys.

Browse Source
This commit is contained in:
Kareem
2025-09-12 16:08:05 -07:00
parent a216ea170c
commit ec92f76dec
11 changed files with 414 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
examples/client/client.c
View File

@@ -2221,7 +2221,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef HAVE_RPK
int useRPK = 0;
#endif /* HAVE_RPK */
#ifdef WOLFSSL_PEM_TO_DER
int fileFormat = WOLFSSL_FILETYPE_PEM;
#else
int fileFormat = WOLFSSL_FILETYPE_ASN1;
#endif
#if defined(WOLFSSL_SYS_CRYPTO_POLICY)
const char * policy = NULL;
#endif /* WOLFSSL_SYS_CRYPTO_POLICY */

19
examples/echoserver/echoserver.c
View File

@@ -105,6 +105,11 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
char buffer[WOLFSSL_MAX_ERROR_SZ];
#ifdef WOLFSSL_PEM_TO_DER
int filetype = WOLFSSL_FILETYPE_PEM;
#else
int filetype = WOLFSSL_FILETYPE_ASN1;
#endif
#ifdef HAVE_TEST_SESSION_TICKET
MyTicketCtx myTicketCtx;
#endif
@@ -180,12 +185,12 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
if (doPSK == 0) {
#if defined(HAVE_ECC) && !defined(WOLFSSL_SNIFFER)
/* ecc */
if (wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)
if (wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, filetype)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
if (wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)
if (wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, filetype)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
@@ -196,7 +201,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
if (wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)
if (wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, filetype)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
@@ -208,19 +213,19 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
"Please run from wolfSSL home dir");
if (wolfSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
filetype) != WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
#elif defined(NO_CERTS)
/* do nothing, just don't load cert files */
#else
/* normal */
if (wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)
if (wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, filetype)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)
if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, filetype)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
@@ -309,7 +314,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
if (ssl == NULL) err_sys("SSL_new failed");
wolfSSL_set_fd(ssl, clientfd);
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
wolfSSL_SetTmpDH_file(ssl, dhParamFile, filetype);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher than PSK */
#endif

15
examples/server/server.c
View File

@@ -2771,7 +2771,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
wolfSSL_CTX_set_TicketEncCtx(ctx, &myTicketCtx);
#endif
#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_STATIC_EPHEMERAL)
#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_STATIC_EPHEMERAL) && \
defined(WOLFSSL_PEM_TO_DER)
/* used for testing only to set a static/fixed ephemeral key
for use with the sniffer */
#if defined(HAVE_ECC) && !defined(NO_ECC_SECP) && \
@@ -2804,7 +2805,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
err_sys_ex(runWithErrors, "error loading static X25519 key");
}
#endif
#endif /* WOLFSSL_SNIFFER && WOLFSSL_STATIC_EPHEMERAL */
#endif /* WOLFSSL_SNIFFER && WOLFSSL_STATIC_EPHEMERAL && WOLFSSL_PEM_TO_DER */
if (cipherList && !useDefCipherList) {
if (SSL_CTX_set_cipher_list(ctx, cipherList) != WOLFSSL_SUCCESS)
@@ -2849,8 +2850,13 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
err_sys_ex(catastrophic, "can't load server cert buffer");
#elif !defined(TEST_LOAD_BUFFER)
#if defined(WOLFSSL_PEM_TO_DER)
if (SSL_CTX_use_certificate_chain_file(ctx, ourCert)
!= WOLFSSL_SUCCESS)
#else
if (wolfSSL_CTX_use_certificate_chain_file_format(ctx, ourCert,
WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
#endif
err_sys_ex(catastrophic, "can't load server cert file, check file "
"and run from wolfSSL home dir");
#else
@@ -2892,8 +2898,13 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
sizeof_server_key_der_2048, SSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
err_sys_ex(catastrophic, "can't load server private key buffer");
#elif !defined(TEST_LOAD_BUFFER)
#if defined(WOLFSSL_PEM_TO_DER)
if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
#else
if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_ASN1)
!= WOLFSSL_SUCCESS)
#endif
err_sys_ex(catastrophic, "can't load server private key file, "
"check file and run from wolfSSL home dir");
#ifdef WOLFSSL_DUAL_ALG_CERTS

30
src/ssl_load.c
View File

@@ -3018,9 +3018,15 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
}
if (file != NULL) {
#ifdef WOLFSSL_PEM_TO_DER
/* Load the PEM formatted CA file */
ret = ProcessFile(ctx, file, WOLFSSL_FILETYPE_PEM, CA_TYPE, NULL, 0,
NULL, verify);
#else
/* Load the DER formatted CA file */
ret = ProcessFile(ctx, file, WOLFSSL_FILETYPE_ASN1, CA_TYPE, NULL, 0,
NULL, verify);
#endif
#ifndef NO_WOLFSSL_DIR
if (ret == 1) {
/* Include success in overall count. */
@@ -3029,7 +3035,11 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
#endif
#if defined(WOLFSSL_TRUST_PEER_CERT) && defined(OPENSSL_COMPATIBLE_DEFAULTS)
/* Load CA as a trusted peer certificate. */
#ifdef WOLFSSL_PEM_TO_DER
ret = wolfSSL_CTX_trust_peer_cert(ctx, file, WOLFSSL_FILETYPE_PEM);
#else
ret = wolfSSL_CTX_trust_peer_cert(ctx, file, WOLFSSL_FILETYPE_ASN1);
#endif
if (ret != 1) {
WOLFSSL_MSG("wolfSSL_CTX_trust_peer_cert error");
}
@@ -3592,8 +3602,13 @@ int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX* ctx, const char* file)
/* process up to MAX_CHAIN_DEPTH plus subject cert */
WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file");
#ifdef WOLFSSL_PEM_TO_DER
ret = ProcessFile(ctx, file, WOLFSSL_FILETYPE_PEM, CERT_TYPE, NULL, 1, NULL,
GET_VERIFY_SETTING_CTX(ctx));
#else
ret = ProcessFile(ctx, file, WOLFSSL_FILETYPE_ASN1, CERT_TYPE, NULL, 1, NULL,
GET_VERIFY_SETTING_CTX(ctx));
#endif
/* Return 1 on success or 0 on failure. */
return WS_RC(ret);
@@ -3895,8 +3910,13 @@ int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char* file)
ret = BAD_FUNC_ARG;
}
else {
#ifdef WOLFSSL_PEM_TO_DER
ret = ProcessFile(ssl->ctx, file, WOLFSSL_FILETYPE_PEM, CERT_TYPE, ssl,
1, NULL, GET_VERIFY_SETTING_SSL(ssl));
#else
ret = ProcessFile(ssl->ctx, file, WOLFSSL_FILETYPE_ASN1, CERT_TYPE, ssl,
1, NULL, GET_VERIFY_SETTING_SSL(ssl));
#endif
/* Return 1 on success or 0 on failure. */
ret = WS_RC(ret);
}
@@ -4483,8 +4503,13 @@ int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX* ctx,
int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX* ctx,
const unsigned char* in, long sz)
{
#ifdef WOLFSSL_PEM_TO_DER
return wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, in, sz,
WOLFSSL_FILETYPE_PEM);
#else
return wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, in, sz,
WOLFSSL_FILETYPE_ASN1);
#endif
}
/* Load a user certificate in a buffer into SSL.
@@ -4823,8 +4848,13 @@ int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL* ssl,
int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl, const unsigned char* in,
long sz)
{
#ifdef WOLFSSL_PEM_TO_DER
return wolfSSL_use_certificate_chain_buffer_format(ssl, in, sz,
WOLFSSL_FILETYPE_PEM);
#else
return wolfSSL_use_certificate_chain_buffer_format(ssl, in, sz,
WOLFSSL_FILETYPE_ASN1);
#endif
}
#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \

385
tests/api.c
View File

File diff suppressed because it is too large Load Diff

60
tests/api/test_tls13.c
View File

@@ -203,7 +203,7 @@ int test_tls13_apis(void)
#if !defined(NO_FILESYSTEM)
wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert);
wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey,
WOLFSSL_FILETYPE_PEM);
CERT_FILETYPE);
#elif defined(USE_CERT_BUFFERS_2048)
wolfSSL_CTX_use_certificate_chain_buffer_format(serverTls12Ctx,
server_cert_der_2048, sizeof_server_cert_der_2048,
@@ -231,7 +231,7 @@ int test_tls13_apis(void)
/* ignore load failures, since we just need the server to have a cert set */
#if !defined(NO_FILESYSTEM)
wolfSSL_CTX_use_certificate_chain_file(serverCtx, ourCert);
wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM);
wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, CERT_FILETYPE);
#elif defined(USE_CERT_BUFFERS_2048)
wolfSSL_CTX_use_certificate_chain_buffer_format(serverCtx,
server_cert_der_2048, sizeof_server_cert_der_2048,
@@ -946,9 +946,9 @@ int test_tls13_cipher_suites(void)
/* Set up wolfSSL context. */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
WOLFSSL_FILETYPE_PEM));
CERT_FILETYPE));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
WOLFSSL_FILETYPE_PEM));
CERT_FILETYPE));
/* Read from 'msg'. */
wolfSSL_SetIORecv(ctx, CsRecv);
/* No where to send to - dummy sender. */
@@ -1264,10 +1264,10 @@ int test_tls13_rpk_handshake(void)
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM)
cliCertFile, CERT_FILETYPE,
svrCertFile, CERT_FILETYPE,
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE)
, 0);
@@ -1322,10 +1322,10 @@ int test_tls13_rpk_handshake(void)
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliCertFile, CERT_FILETYPE,
svrCertFile, CERT_FILETYPE,
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* set client certificate type in client end */
@@ -1382,8 +1382,8 @@ int test_tls13_rpk_handshake(void)
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* set client certificate type in client end */
@@ -1450,8 +1450,8 @@ int test_tls13_rpk_handshake(void)
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* set client certificate type in client end */
@@ -1518,10 +1518,10 @@ int test_tls13_rpk_handshake(void)
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliCertFile, CERT_FILETYPE,
svrCertFile, CERT_FILETYPE,
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* set client certificate type in client end
@@ -1600,9 +1600,9 @@ int test_tls13_rpk_handshake(void)
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
svrCertFile, CERT_FILETYPE,
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* have client tell to use RPK cert */
@@ -1674,8 +1674,8 @@ int test_tls13_rpk_handshake(void)
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, /* server sends RPK cert */
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* have client tell to use RPK cert */
@@ -1755,10 +1755,10 @@ int test_tls13_rpk_handshake(void)
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
cliCertFile, CERT_FILETYPE,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* have client tell to use RPK cert intentionally */
@@ -1841,8 +1841,8 @@ int test_tls13_rpk_handshake(void)
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
cliKeyFile, CERT_FILETYPE,
svrKeyFile, CERT_FILETYPE )
, 0);
/* set client certificate type in client end */

3
tests/unit.c
View File

@@ -310,7 +310,8 @@ int unit_test(int argc, char** argv)
#if !defined(NO_WOLFSSL_CIPHER_SUITE_TEST) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(NO_TLS) && \
!defined(SINGLE_THREADED)
!defined(SINGLE_THREADED) && \
defined(WOLFSSL_PEM_TO_DER)
if ((ret = SuiteTest(argc, argv)) != 0) {
fprintf(stderr, "suite test failed with %d\n", ret);
goto exit;

6
tests/unit.h
View File

@@ -352,6 +352,12 @@
#endif
#ifdef HAVE_SSL_MEMIO_TESTS_DEPENDENCIES
#ifdef WOLFSSL_PEM_TO_DER
#define CERT_FILETYPE WOLFSSL_FILETYPE_PEM
#else
#define CERT_FILETYPE WOLFSSL_FILETYPE_ASN1
#endif
typedef int (*ctx_cb)(WOLFSSL_CTX* ctx);
typedef int (*ssl_cb)(WOLFSSL* ssl);
typedef int (*test_cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);

4
tests/utils.c
View File

@@ -260,7 +260,7 @@ int test_memio_setup_ex(struct test_memio_ctx *ctx,
#ifndef NO_CERTS
if (serverKey == NULL) {
ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
WOLFSSL_FILETYPE_PEM);
CERT_FILETYPE);
}
else {
ret = wolfSSL_CTX_use_PrivateKey_buffer(*ctx_s, serverKey,
@@ -280,7 +280,7 @@ int test_memio_setup_ex(struct test_memio_ctx *ctx,
if (serverCert == NULL) {
ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
WOLFSSL_FILETYPE_PEM);
CERT_FILETYPE);
}
else {
ret = wolfSSL_CTX_use_certificate_chain_buffer_format(*ctx_s,

4
wolfcrypt/src/asn.c
View File

@@ -26635,11 +26635,11 @@ static wcchar END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
static wcchar BEGIN_PKCS7 = "-----BEGIN PKCS7-----";
static wcchar END_PKCS7 = "-----END PKCS7-----";
#endif
#if defined(HAVE_ECC) || !defined(NO_DSA)
#if defined(HAVE_ECC) || !defined(NO_DSA) && defined(WOLFSSL_PEM_TO_DER)
static wcchar BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
static wcchar END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
#endif
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_PEM_TO_DER)
static wcchar BEGIN_PRIV_KEY_PREFIX = "-----BEGIN";
static wcchar PRIV_KEY_SUFFIX = "PRIVATE KEY-----";
static wcchar END_PRIV_KEY_PREFIX = "-----END";

72
wolfssl/test.h
View File

@@ -495,6 +495,7 @@ err_sys_with_errno(const char* msg)
/* all certs relative to wolfSSL home directory now */
#if defined(WOLFSSL_NO_CURRDIR) || defined(WOLFSSL_MDK_SHELL)
#ifdef WOLFSSL_PEM_TO_DER
#define caCertFile "certs/ca-cert.pem"
#define eccCertFile "certs/server-ecc.pem"
#define eccKeyFile "certs/ecc-key.pem"
@@ -528,6 +529,41 @@ err_sys_with_errno(const char* msg)
#define cliEd448KeyFile "certs/ed448/client-ed448-priv.pem"
#define caEd448CertFile "certs/ed448/ca-ed448.pem"
#define noIssuerCertFile "certs/empty-issuer-cert.pem"
#else
#define caCertFile "certs/ca-cert.der"
#define eccCertFile "certs/server-ecc.der"
#define eccKeyFile "certs/ecc-key.der"
#define eccKeyPubFile "certs/ecc-keyPub.der"
#define eccRsaCertFile "certs/server-ecc-rsa.der"
#define svrCertFile "certs/server-cert.der"
#define svrKeyFile "certs/server-key.der"
#define svrKeyPubFile "certs/server-keyPub.der"
#define cliCertFile "certs/client-cert.der"
#define cliCertDerFile "certs/client-cert.der"
#define cliCertFileExt "certs/client-cert-ext.der"
#define cliCertDerFileExt "certs/client-cert-ext.der"
#define cliKeyFile "certs/client-key.der"
#define cliKeyPubFile "certs/client-keyPub.der"
#define dhParamFile "certs/dh2048.der"
#define cliEccKeyFile "certs/ecc-client-key.der"
#define cliEccKeyPubFile "certs/ecc-client-keyPub.der"
#define cliEccCertFile "certs/client-ecc-cert.der"
#define caEccCertFile "certs/ca-ecc-cert.der"
#define crlPemDir "certs/crl"
#define edCertFile "certs/ed25519/server-ed25519-cert.der"
#define edKeyFile "certs/ed25519/server-ed25519-priv.der"
#define edKeyPubFile "certs/ed25519/server-ed25519-key.der"
#define cliEdCertFile "certs/ed25519/client-ed25519.der"
#define cliEdKeyFile "certs/ed25519/client-ed25519-priv.der"
#define cliEdKeyPubFile "certs/ed25519/client-ed25519-key.der"
#define caEdCertFile "certs/ed25519/ca-ed25519.der"
#define ed448CertFile "certs/ed448/server-ed448-cert.der"
#define ed448KeyFile "certs/ed448/server-ed448-priv.der"
#define cliEd448CertFile "certs/ed448/client-ed448.der"
#define cliEd448KeyFile "certs/ed448/client-ed448-priv.der"
#define caEd448CertFile "certs/ed448/ca-ed448.der"
#define noIssuerCertFile "certs/empty-issuer-cert.der"
#endif
#define caCertFolder "certs/"
#ifdef HAVE_WNR
/* Whitewood netRandom default config file */
@@ -559,6 +595,7 @@ err_sys_with_errno(const char* msg)
#define wnrConfig "wnr-example.conf"
#endif
#else
#ifdef WOLFSSL_PEM_TO_DER
#define caCertFile "./certs/ca-cert.pem"
#define eccCertFile "./certs/server-ecc.pem"
#define eccKeyFile "./certs/ecc-key.pem"
@@ -592,6 +629,41 @@ err_sys_with_errno(const char* msg)
#define cliEd448KeyFile "./certs/ed448/client-ed448-priv.pem"
#define caEd448CertFile "./certs/ed448/ca-ed448.pem"
#define noIssuerCertFile "./certs/empty-issuer-cert.pem"
#else
#define caCertFile "./certs/ca-cert.der"
#define eccCertFile "./certs/server-ecc.der"
#define eccKeyFile "./certs/ecc-key.der"
#define eccKeyPubFile "./certs/ecc-keyPub.der"
#define eccRsaCertFile "./certs/server-ecc-rsa.der"
#define svrCertFile "./certs/server-cert.der"
#define svrKeyFile "./certs/server-key.der"
#define svrKeyPubFile "./certs/server-keyPub.der"
#define cliCertFile "./certs/client-cert.der"
#define cliCertDerFile "./certs/client-cert.der"
#define cliCertFileExt "./certs/client-cert-ext.der"
#define cliCertDerFileExt "./certs/client-cert-ext.der"
#define cliKeyFile "./certs/client-key.der"
#define cliKeyPubFile "./certs/client-keyPub.der"
#define dhParamFile "./certs/dh2048.der"
#define cliEccKeyFile "./certs/ecc-client-key.der"
#define cliEccKeyPubFile "./certs/ecc-client-keyPub.der"
#define cliEccCertFile "./certs/client-ecc-cert.der"
#define caEccCertFile "./certs/ca-ecc-cert.der"
#define crlPemDir "./certs/crl"
#define edCertFile "./certs/ed25519/server-ed25519-cert.der"
#define edKeyFile "./certs/ed25519/server-ed25519-priv.der"
#define edKeyPubFile "./certs/ed25519/server-ed25519-key.der"
#define cliEdCertFile "./certs/ed25519/client-ed25519.der"
#define cliEdKeyFile "./certs/ed25519/client-ed25519-priv.der"
#define cliEdKeyPubFile "./certs/ed25519/client-ed25519-key.der"
#define caEdCertFile "./certs/ed25519/ca-ed25519.der"
#define ed448CertFile "./certs/ed448/server-ed448-cert.der"
#define ed448KeyFile "./certs/ed448/server-ed448-priv.der"
#define cliEd448CertFile "./certs/ed448/client-ed448.der"
#define cliEd448KeyFile "./certs/ed448/client-ed448-priv.der"
#define caEd448CertFile "./certs/ed448/ca-ed448.der"
#define noIssuerCertFile "./certs/empty-issuer-cert.der"
#endif
#define caCertFolder "./certs/"
#ifdef HAVE_WNR
/* Whitewood netRandom default config file */