From bf3103c33698128a8674c408478803f375af2649 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Tue, 7 Jul 2026 14:06:41 -0400 Subject: [PATCH 1/7] C89 compliance items - Flexible array members ("type name[];") fixup - avoid empty asn_orig.c when building standalone - avoid trailing comma on the last enumerator - drop some consts to match function prototypes --- src/internal.c | 6 +++--- wolfcrypt/src/asn.c | 10 ++++++++++ wolfcrypt/src/asn_orig.c | 3 +++ wolfssl/internal.h | 29 ++++++++++++++++++----------- wolfssl/wolfcrypt/types.h | 9 +++++++++ 5 files changed, 43 insertions(+), 14 deletions(-) diff --git a/src/internal.c b/src/internal.c index 3e0e55bbe5..5455581abd 100644 --- a/src/internal.c +++ b/src/internal.c @@ -658,7 +658,7 @@ int IsAtLeastTLSv1_2(const WOLFSSL* ssl) return 0; } -int IsAtLeastTLSv1_3(const ProtocolVersion pv) +int IsAtLeastTLSv1_3(ProtocolVersion pv) { int ret; ret = (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR); @@ -29107,7 +29107,7 @@ int GetCipherNamesSize(void) } -const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite) +const char* GetCipherNameInternal(byte cipherSuite0, byte cipherSuite) { int i; const char* nameInternal = "None"; @@ -29434,7 +29434,7 @@ int SetCipherBits(const char* enc) { } #endif /* WOLFSSL_QT || OPENSSL_ALL */ -const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite) +const char* GetCipherNameIana(byte cipherSuite0, byte cipherSuite) { #ifndef NO_ERROR_STRINGS int i; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5d961fc9aa..4357373484 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -34005,6 +34005,7 @@ enum { SINGLERESPONSEASN_IDX_NEXTUPDATE, SINGLERESPONSEASN_IDX_NEXTUPDATE_GT, SINGLERESPONSEASN_IDX_EXT, + WOLF_ENUM_DUMMY_LAST_ELEMENT(SINGLERESPONSEASN_IDX) }; /* Number of items in ASN.1 template for OCSP single response. */ @@ -34030,6 +34031,7 @@ enum { CERTIDASN_IDX_CID_ISSUERHASH, CERTIDASN_IDX_CID_ISSUERKEYHASH, CERTIDASN_IDX_CID_SERIAL, + WOLF_ENUM_DUMMY_LAST_ELEMENT(CERTIDASN_IDX) }; #define certidasn_Length (sizeof(certIDASNItems) / sizeof(ASNItem)) @@ -34405,6 +34407,7 @@ static const ASNItem respExtHdrASN[] = { enum { RESPEXTHDRASN_IDX_EXT = 0, RESPEXTHDRASN_IDX_EXT_SEQ, + WOLF_ENUM_DUMMY_LAST_ELEMENT(RESPEXTHDRASN_IDX) }; /* Number of items in ASN.1 template for OCSP response extension header. */ @@ -34499,6 +34502,7 @@ enum { OCSPNONCEEXTASN_IDX_EXT_OID, OCSPNONCEEXTASN_IDX_EXT_VAL, OCSPNONCEEXTASN_IDX_EXT_NONCE, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPNONCEEXTASN_IDX) }; /* Number of items in ASN.1 template for OCSP nonce extension. */ @@ -34576,6 +34580,7 @@ enum { OCSPRESPDATAASN_IDX_PA, OCSPRESPDATAASN_IDX_RESP, OCSPRESPDATAASN_IDX_RESPEXT, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPRESPDATAASN_IDX) }; /* Number of items in ASN.1 template for OCSP ResponseData. */ @@ -34859,6 +34864,7 @@ enum { OCSPBASICRESPASN_IDX_SIGNATURE, OCSPBASICRESPASN_IDX_CERTS, OCSPBASICRESPASN_IDX_CERTS_SEQ, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPBASICRESPASN_IDX) }; /* Number of items in ASN.1 template for BasicOCSPResponse. */ @@ -35312,6 +35318,7 @@ enum { OCSPRESPONSEASN_IDX_BYTES_TYPE, OCSPRESPONSEASN_IDX_BYTES_VAL, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPRESPONSEASN_IDX) }; /* Number of items in ASN.1 template for OCSPResponse. */ @@ -35589,6 +35596,7 @@ enum { OCSPREQUESTASN_IDX_TBS_REQ_SERIAL, OCSPREQUESTASN_IDX_TBS_REQEXT, OCSPREQUESTASN_IDX_OPT_SIG, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPREQUESTASN_IDX) }; /* Number of items in ASN.1 template for OCSPRequest. */ @@ -36146,6 +36154,7 @@ enum { REVOKEDASN_IDX_TIME_UTC, REVOKEDASN_IDX_TIME_GT, REVOKEDASN_IDX_TIME_EXT, + WOLF_ENUM_DUMMY_LAST_ELEMENT(REVOKEDASN_IDX) }; /* Number of items in ASN.1 template for revoked certificates. */ @@ -36743,6 +36752,7 @@ enum { CRLASN_IDX_SIGALGO_PARAMS, #endif CRLASN_IDX_SIGNATURE, + WOLF_ENUM_DUMMY_LAST_ELEMENT(CRLASN_IDX) }; /* Number of items in ASN.1 template for a CRL- CertificateList. */ diff --git a/wolfcrypt/src/asn_orig.c b/wolfcrypt/src/asn_orig.c index 747c699ac2..979bf53bc0 100644 --- a/wolfcrypt/src/asn_orig.c +++ b/wolfcrypt/src/asn_orig.c @@ -34,6 +34,9 @@ #ifndef WOLFSSL_IGNORE_FILE_WARN #warning asn_orig.c does not need to be compiled separately from asn.c #endif + /* An empty translation unit is a constraint violation in C89, so emit a + * harmless typedef to keep it well-formed. */ + typedef int wolfssl_asn_orig_dummy_decl; #else /* Forward declarations for static functions defined later in this file. */ diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 8be44884f7..06f839690e 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2090,7 +2090,7 @@ enum states { #ifdef WOLFSSL_DTLS13 SERVER_FINISHED_ACKED, #endif /* WOLFSSL_DTLS13 */ - + WOLF_ENUM_DUMMY_LAST_ELEMENT(states) }; /* SSL Version */ @@ -3082,10 +3082,10 @@ typedef enum { #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_DUAL_ALG_CERTS) TLSX_CKS = TLSXT_CKS, #endif - TLSX_RENEGOTIATION_INFO = TLSXT_RENEGOTIATION_INFO, #ifdef WOLFSSL_QUIC TLSX_KEY_QUIC_TP_PARAMS_DRAFT = TLSXT_KEY_QUIC_TP_PARAMS_DRAFT, #endif + TLSX_RENEGOTIATION_INFO = TLSXT_RENEGOTIATION_INFO } TLSX_Type; /* TLS Certificate type defined RFC7250 @@ -3446,7 +3446,8 @@ typedef struct SignatureAlgorithms { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte hashSigAlgo[]; /* sig/algo to offer */ + /* sig/algo to offer */ + byte hashSigAlgo[WC_FLEXIBLE_ARRAY_MEMBER]; } SignatureAlgorithms; WOLFSSL_LOCAL SignatureAlgorithms* TLSX_SignatureAlgorithms_New( @@ -3626,11 +3627,11 @@ typedef struct InternalTicket { /* RFC 5077 defines this for session tickets. All members need to be a byte or * array of byte to avoid alignment issues */ typedef struct ExternalTicket { - byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */ - byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */ - byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */ - byte enc_ticket[]; /* encrypted ticket - var length - * + total mac - 32 */ + byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */ + byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */ + byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */ + byte enc_ticket[WC_FLEXIBLE_ARRAY_MEMBER]; /* encrypted ticket - var length + * + total mac - 32 */ } ExternalTicket; /* Fixed portion of external ticket (key_name + iv + enc_len) */ @@ -3714,7 +3715,7 @@ typedef struct Cookie { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte data[]; + byte data[WC_FLEXIBLE_ARRAY_MEMBER]; } Cookie; WOLFSSL_LOCAL int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data, @@ -3778,6 +3779,7 @@ enum PskDecryptReturn { PSK_DECRYPT_OK, PSK_DECRYPT_CREATE, PSK_DECRYPT_FAIL, + WOLF_ENUM_DUMMY_LAST_ELEMENT(PskDecryptReturn) }; #ifdef HAVE_SESSION_TICKET @@ -4510,6 +4512,7 @@ enum SigAlgRsaPss { pss_sha256 = 0x09, pss_sha384 = 0x0a, pss_sha512 = 0x0b, + WOLF_ENUM_DUMMY_LAST_ELEMENT(SigAlgRsaPss) }; #ifdef WOLFSSL_SM2 @@ -4545,6 +4548,7 @@ enum ClientCertificateType { ecdsa_fixed_ecdh = 66, falcon_sign = 67, mldsa_sign = 68, + WOLF_ENUM_DUMMY_LAST_ELEMENT(ClientCertificateType) }; /* Maximum number of ClientCertificateType bytes the server emits in a @@ -5091,6 +5095,7 @@ enum buildMsgState { BUILD_MSG_VERIFY_MAC, BUILD_MSG_ENCRYPT, BUILD_MSG_ENCRYPTED_VERIFY_MAC, + WOLF_ENUM_DUMMY_LAST_ELEMENT(buildMsgState) }; /* sub-states for cipher operations */ @@ -5098,6 +5103,7 @@ enum cipherState { CIPHER_STATE_BEGIN = 0, CIPHER_STATE_DO, CIPHER_STATE_END, + WOLF_ENUM_DUMMY_LAST_ELEMENT(cipherState) }; struct Options { @@ -5454,7 +5460,7 @@ typedef enum { STACK_TYPE_X509_NAME_ENTRY = 17, STACK_TYPE_X509_REQ_ATTR = 18, STACK_TYPE_GENERAL_SUBTREE = 19, - STACK_TYPE_X509_REVOKED = 20, + STACK_TYPE_X509_REVOKED = 20 } WOLF_STACK_TYPE; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -5765,7 +5771,7 @@ typedef struct DtlsFragBucket { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte buf[]; + byte buf[WC_FLEXIBLE_ARRAY_MEMBER]; } DtlsFragBucket; typedef struct DtlsMsg { @@ -6786,6 +6792,7 @@ enum ContentType { #ifdef WOLFSSL_DTLS13 ack = 26, #endif /* WOLFSSL_DTLS13 */ + WOLF_ENUM_DUMMY_LAST_ELEMENT(ContentType) }; diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index cdbc989a36..3f3a7839fa 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -221,6 +221,15 @@ typedef const char wcchar[]; #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) /* null expansion */ #endif +#if defined(WOLF_C89) + /* C99 flexible array member, or the C89 "struct hack" fallback. + * See http://c-faq.com/struct/structhack.html */ + #define WC_FLEXIBLE_ARRAY_MEMBER 1 +#else + /* empty: C99 flexible array member */ + #define WC_FLEXIBLE_ARRAY_MEMBER +#endif + /* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */ #if defined(_WIN32) || defined(HAVE_LIMITS_H) #include From 661a6d0bf6983ea4462ce2c16d63b457285c10ce Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Tue, 7 Jul 2026 15:04:39 -0400 Subject: [PATCH 2/7] Change API const in .h instead of .c --- src/internal.c | 6 +++--- wolfssl/internal.h | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/internal.c b/src/internal.c index 5455581abd..3e0e55bbe5 100644 --- a/src/internal.c +++ b/src/internal.c @@ -658,7 +658,7 @@ int IsAtLeastTLSv1_2(const WOLFSSL* ssl) return 0; } -int IsAtLeastTLSv1_3(ProtocolVersion pv) +int IsAtLeastTLSv1_3(const ProtocolVersion pv) { int ret; ret = (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR); @@ -29107,7 +29107,7 @@ int GetCipherNamesSize(void) } -const char* GetCipherNameInternal(byte cipherSuite0, byte cipherSuite) +const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite) { int i; const char* nameInternal = "None"; @@ -29434,7 +29434,7 @@ int SetCipherBits(const char* enc) { } #endif /* WOLFSSL_QT || OPENSSL_ALL */ -const char* GetCipherNameIana(byte cipherSuite0, byte cipherSuite) +const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite) { #ifndef NO_ERROR_STRINGS int i; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 06f839690e..943e07d26f 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -6952,7 +6952,7 @@ WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side); WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl); WOLFSSL_LOCAL int IsTLS_ex(const ProtocolVersion pv); WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl); -WOLFSSL_LOCAL int IsAtLeastTLSv1_3(ProtocolVersion pv); +WOLFSSL_LOCAL int IsAtLeastTLSv1_3(const ProtocolVersion pv); WOLFSSL_LOCAL int IsEncryptionOn(const WOLFSSL* ssl, int isSend); WOLFSSL_LOCAL int TLSv1_3_Capable(WOLFSSL* ssl); @@ -7262,7 +7262,7 @@ typedef struct CipherSuiteInfo { #endif WOLFSSL_TEST_VIS const CipherSuiteInfo* GetCipherNames(void); WOLFSSL_TEST_VIS int GetCipherNamesSize(void); -WOLFSSL_LOCAL const char* GetCipherNameInternal(byte cipherSuite0, byte cipherSuite); +WOLFSSL_LOCAL const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite); #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) /* used in wolfSSL_sk_CIPHER_description */ #define MAX_SEGMENTS 5 @@ -7278,7 +7278,7 @@ WOLFSSL_LOCAL const char* GetCipherMacStr(char n[][MAX_SEGMENT_SZ]); WOLFSSL_LOCAL int SetCipherBits(const char* enc); WOLFSSL_LOCAL int IsCipherAEAD(char n[][MAX_SEGMENT_SZ]); #endif -WOLFSSL_LOCAL const char* GetCipherNameIana(byte cipherSuite0, byte cipherSuite); +WOLFSSL_LOCAL const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite); WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl); WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_iana(WOLFSSL* ssl); WOLFSSL_LOCAL int GetCipherSuiteFromName(const char* name, byte* cipherSuite0, From 80d4c28c3903ed39fae480c2054db78e5e22da97 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 8 Jul 2026 14:07:44 -0400 Subject: [PATCH 3/7] WC_FLEXIBLE_ARRAY_MEMBER to WC_FLEXIBLE_ARRAY_SIZE --- wolfssl/internal.h | 8 ++++---- wolfssl/wolfcrypt/types.h | 24 +++++++++++++++++++----- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 943e07d26f..e914a78132 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3447,7 +3447,7 @@ typedef struct SignatureAlgorithms { #pragma warning(disable: 4200) #endif /* sig/algo to offer */ - byte hashSigAlgo[WC_FLEXIBLE_ARRAY_MEMBER]; + byte hashSigAlgo[WC_FLEXIBLE_ARRAY_SIZE]; } SignatureAlgorithms; WOLFSSL_LOCAL SignatureAlgorithms* TLSX_SignatureAlgorithms_New( @@ -3630,7 +3630,7 @@ typedef struct ExternalTicket { byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */ byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */ byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */ - byte enc_ticket[WC_FLEXIBLE_ARRAY_MEMBER]; /* encrypted ticket - var length + byte enc_ticket[WC_FLEXIBLE_ARRAY_SIZE]; /* encrypted ticket - var length * + total mac - 32 */ } ExternalTicket; @@ -3715,7 +3715,7 @@ typedef struct Cookie { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte data[WC_FLEXIBLE_ARRAY_MEMBER]; + byte data[WC_FLEXIBLE_ARRAY_SIZE]; } Cookie; WOLFSSL_LOCAL int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data, @@ -5771,7 +5771,7 @@ typedef struct DtlsFragBucket { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte buf[WC_FLEXIBLE_ARRAY_MEMBER]; + byte buf[WC_FLEXIBLE_ARRAY_SIZE]; } DtlsFragBucket; typedef struct DtlsMsg { diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 3f3a7839fa..fc37b4a569 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -221,13 +221,27 @@ typedef const char wcchar[]; #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) /* null expansion */ #endif -#if defined(WOLF_C89) - /* C99 flexible array member, or the C89 "struct hack" fallback. +#if defined(WC_FLEXIBLE_ARRAY_SIZE) + /* keep override value. */ +#elif defined(__cplusplus) + /* No C++ standard has FAMs; [] and [0] are vendor extensions. + * Use the struct hack. */ + #define WC_FLEXIBLE_ARRAY_SIZE 1 +#elif defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) + /* Standard C99+ flexible array member -- valid even under + * __STRICT_ANSI__ / -pedantic. */ + #define WC_FLEXIBLE_ARRAY_SIZE +#elif defined(__STRICT_ANSI__) || defined(WOLF_C89) + /* C89 "struct hack" fallback. * See http://c-faq.com/struct/structhack.html */ - #define WC_FLEXIBLE_ARRAY_MEMBER 1 + #define WC_FLEXIBLE_ARRAY_SIZE 1 +#elif defined(__GNUC__) || defined(__clang__) || \ + (defined(_MSC_VER) && !defined(__cplusplus)) + /* gnu89 etc.: [] accepted as an extension without -pedantic; + * MSVC C mode accepts it too (C4200, off by default at /W3). */ + #define WC_FLEXIBLE_ARRAY_SIZE #else - /* empty: C99 flexible array member */ - #define WC_FLEXIBLE_ARRAY_MEMBER + #define WC_FLEXIBLE_ARRAY_SIZE 1 #endif /* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */ From 230278bcd8bcd3e303ef0864244b5759ded26ca9 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 8 Jul 2026 15:26:25 -0400 Subject: [PATCH 4/7] Add WOLF_ENUM_DUMMY_LAST_ELEMENT to WOLF_STACK_TYPE --- wolfssl/internal.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index e914a78132..8667e0fc20 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -5460,7 +5460,8 @@ typedef enum { STACK_TYPE_X509_NAME_ENTRY = 17, STACK_TYPE_X509_REQ_ATTR = 18, STACK_TYPE_GENERAL_SUBTREE = 19, - STACK_TYPE_X509_REVOKED = 20 + STACK_TYPE_X509_REVOKED = 20, + WOLF_ENUM_DUMMY_LAST_ELEMENT(WOLF_STACK_TYPE) } WOLF_STACK_TYPE; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) From 8ef5536caea18fae0a79e045e8f4a6e0a594fb2a Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 8 Jul 2026 15:48:52 -0400 Subject: [PATCH 5/7] Created the new macro W64LIT_FORCE_LONG_LONG --- .wolfssl_known_macro_extras | 1 + wolfssl/wolfcrypt/types.h | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index 79cf7f6eaf..b44dd29b97 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -634,6 +634,7 @@ USE_TLSV13 USE_WINDOWS_API USE_WOLF_STRNSTR USS_API +W64LIT_FORCE_LONG_LONG WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING WC_AES_BS_WORD_SIZE WC_AES_GCM_ALLOW_NONSTANDARD_TAG_LENGTH diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index fc37b4a569..77844a9008 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -322,7 +322,7 @@ typedef const char wcchar[]; typedef unsigned long long word64; #elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 #define WORD64_AVAILABLE - #ifdef WOLF_C89 + #if defined(WOLF_C89) && !defined(W64LIT_FORCE_LONG_LONG) #define W64LIT(x) x##UL #define SW64LIT(x) x##L #else @@ -333,7 +333,7 @@ typedef const char wcchar[]; typedef unsigned long word64; #elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 #define WORD64_AVAILABLE - #ifdef WOLF_C89 + #if defined(WOLF_C89) && !defined(W64LIT_FORCE_LONG_LONG) #define W64LIT(x) x##UL #define SW64LIT(x) x##L #else @@ -344,7 +344,7 @@ typedef const char wcchar[]; typedef unsigned long long word64; #elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 #define WORD64_AVAILABLE - #ifdef WOLF_C89 + #if defined(WOLF_C89) && !defined(W64LIT_FORCE_LONG_LONG) #define W64LIT(x) x##UL #define SW64LIT(x) x##L #else From 93722d0aabd5ed8ae945c3c4a90fd3cb4fb2d00f Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 8 Jul 2026 15:51:19 -0400 Subject: [PATCH 6/7] whitespace --- wolfssl/internal.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 8667e0fc20..2f0f4d0fda 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3630,8 +3630,8 @@ typedef struct ExternalTicket { byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */ byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */ byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */ - byte enc_ticket[WC_FLEXIBLE_ARRAY_SIZE]; /* encrypted ticket - var length - * + total mac - 32 */ + byte enc_ticket[WC_FLEXIBLE_ARRAY_SIZE]; /* encrypted ticket - var length + * + total mac - 32 */ } ExternalTicket; /* Fixed portion of external ticket (key_name + iv + enc_len) */ From d52ff68832609d14e8e8bb5a348cc58c705f10ff Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 8 Jul 2026 19:50:38 -0400 Subject: [PATCH 7/7] bit of back and forth --- wolfcrypt/src/asn.c | 30 ++++++++++-------------------- wolfssl/internal.h | 18 ++++++------------ 2 files changed, 16 insertions(+), 32 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 4357373484..8c0c8e2910 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -34004,8 +34004,7 @@ enum { SINGLERESPONSEASN_IDX_THISUPDATE_GT, SINGLERESPONSEASN_IDX_NEXTUPDATE, SINGLERESPONSEASN_IDX_NEXTUPDATE_GT, - SINGLERESPONSEASN_IDX_EXT, - WOLF_ENUM_DUMMY_LAST_ELEMENT(SINGLERESPONSEASN_IDX) + SINGLERESPONSEASN_IDX_EXT }; /* Number of items in ASN.1 template for OCSP single response. */ @@ -34030,8 +34029,7 @@ enum { CERTIDASN_IDX_CID_HASHALGO_NULL, CERTIDASN_IDX_CID_ISSUERHASH, CERTIDASN_IDX_CID_ISSUERKEYHASH, - CERTIDASN_IDX_CID_SERIAL, - WOLF_ENUM_DUMMY_LAST_ELEMENT(CERTIDASN_IDX) + CERTIDASN_IDX_CID_SERIAL }; #define certidasn_Length (sizeof(certIDASNItems) / sizeof(ASNItem)) @@ -34406,8 +34404,7 @@ static const ASNItem respExtHdrASN[] = { }; enum { RESPEXTHDRASN_IDX_EXT = 0, - RESPEXTHDRASN_IDX_EXT_SEQ, - WOLF_ENUM_DUMMY_LAST_ELEMENT(RESPEXTHDRASN_IDX) + RESPEXTHDRASN_IDX_EXT_SEQ }; /* Number of items in ASN.1 template for OCSP response extension header. */ @@ -34501,8 +34498,7 @@ enum { OCSPNONCEEXTASN_IDX_EXT, OCSPNONCEEXTASN_IDX_EXT_OID, OCSPNONCEEXTASN_IDX_EXT_VAL, - OCSPNONCEEXTASN_IDX_EXT_NONCE, - WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPNONCEEXTASN_IDX) + OCSPNONCEEXTASN_IDX_EXT_NONCE }; /* Number of items in ASN.1 template for OCSP nonce extension. */ @@ -34579,8 +34575,7 @@ enum { OCSPRESPDATAASN_IDX_BYKEY_OCT, OCSPRESPDATAASN_IDX_PA, OCSPRESPDATAASN_IDX_RESP, - OCSPRESPDATAASN_IDX_RESPEXT, - WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPRESPDATAASN_IDX) + OCSPRESPDATAASN_IDX_RESPEXT }; /* Number of items in ASN.1 template for OCSP ResponseData. */ @@ -34863,8 +34858,7 @@ enum { #endif OCSPBASICRESPASN_IDX_SIGNATURE, OCSPBASICRESPASN_IDX_CERTS, - OCSPBASICRESPASN_IDX_CERTS_SEQ, - WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPBASICRESPASN_IDX) + OCSPBASICRESPASN_IDX_CERTS_SEQ }; /* Number of items in ASN.1 template for BasicOCSPResponse. */ @@ -35317,8 +35311,7 @@ enum { OCSPRESPONSEASN_IDX_BYTES_TYPE, - OCSPRESPONSEASN_IDX_BYTES_VAL, - WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPRESPONSEASN_IDX) + OCSPRESPONSEASN_IDX_BYTES_VAL }; /* Number of items in ASN.1 template for OCSPResponse. */ @@ -35595,8 +35588,7 @@ enum { OCSPREQUESTASN_IDX_TBS_REQ_ISSUERKEY, OCSPREQUESTASN_IDX_TBS_REQ_SERIAL, OCSPREQUESTASN_IDX_TBS_REQEXT, - OCSPREQUESTASN_IDX_OPT_SIG, - WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPREQUESTASN_IDX) + OCSPREQUESTASN_IDX_OPT_SIG }; /* Number of items in ASN.1 template for OCSPRequest. */ @@ -36153,8 +36145,7 @@ enum { REVOKEDASN_IDX_CERT, REVOKEDASN_IDX_TIME_UTC, REVOKEDASN_IDX_TIME_GT, - REVOKEDASN_IDX_TIME_EXT, - WOLF_ENUM_DUMMY_LAST_ELEMENT(REVOKEDASN_IDX) + REVOKEDASN_IDX_TIME_EXT }; /* Number of items in ASN.1 template for revoked certificates. */ @@ -36751,8 +36742,7 @@ enum { #ifdef WC_RSA_PSS CRLASN_IDX_SIGALGO_PARAMS, #endif - CRLASN_IDX_SIGNATURE, - WOLF_ENUM_DUMMY_LAST_ELEMENT(CRLASN_IDX) + CRLASN_IDX_SIGNATURE }; /* Number of items in ASN.1 template for a CRL- CertificateList. */ diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 2f0f4d0fda..701a78e3c8 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3778,8 +3778,7 @@ enum PskDecryptReturn { PSK_DECRYPT_NONE = 0, PSK_DECRYPT_OK, PSK_DECRYPT_CREATE, - PSK_DECRYPT_FAIL, - WOLF_ENUM_DUMMY_LAST_ELEMENT(PskDecryptReturn) + PSK_DECRYPT_FAIL }; #ifdef HAVE_SESSION_TICKET @@ -4511,8 +4510,7 @@ enum SignatureAlgorithm { enum SigAlgRsaPss { pss_sha256 = 0x09, pss_sha384 = 0x0a, - pss_sha512 = 0x0b, - WOLF_ENUM_DUMMY_LAST_ELEMENT(SigAlgRsaPss) + pss_sha512 = 0x0b }; #ifdef WOLFSSL_SM2 @@ -4547,8 +4545,7 @@ enum ClientCertificateType { rsa_fixed_ecdh = 65, ecdsa_fixed_ecdh = 66, falcon_sign = 67, - mldsa_sign = 68, - WOLF_ENUM_DUMMY_LAST_ELEMENT(ClientCertificateType) + mldsa_sign = 68 }; /* Maximum number of ClientCertificateType bytes the server emits in a @@ -5094,16 +5091,14 @@ enum buildMsgState { BUILD_MSG_HASH, BUILD_MSG_VERIFY_MAC, BUILD_MSG_ENCRYPT, - BUILD_MSG_ENCRYPTED_VERIFY_MAC, - WOLF_ENUM_DUMMY_LAST_ELEMENT(buildMsgState) + BUILD_MSG_ENCRYPTED_VERIFY_MAC }; /* sub-states for cipher operations */ enum cipherState { CIPHER_STATE_BEGIN = 0, CIPHER_STATE_DO, - CIPHER_STATE_END, - WOLF_ENUM_DUMMY_LAST_ELEMENT(cipherState) + CIPHER_STATE_END }; struct Options { @@ -5460,8 +5455,7 @@ typedef enum { STACK_TYPE_X509_NAME_ENTRY = 17, STACK_TYPE_X509_REQ_ATTR = 18, STACK_TYPE_GENERAL_SUBTREE = 19, - STACK_TYPE_X509_REVOKED = 20, - WOLF_ENUM_DUMMY_LAST_ELEMENT(WOLF_STACK_TYPE) + STACK_TYPE_X509_REVOKED = 20 } WOLF_STACK_TYPE; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)