Use proper bitfield macro WC_BITFIELD for new AIA fields

padelsbach · padelsbach · commit 8f5797fb3305 · 2026-02-05T09:18:05.000-08:00
diff --git a/src/ssl.c b/src/ssl.c
@@ -8591,42 +8591,6 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** out,
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_ASN) && \
     !defined(NO_PWDBASED)
 
-/* helper function to get raw pointer to DER buffer from WOLFSSL_EVP_PKEY */
-static int wolfSSL_EVP_PKEY_get_der(const WOLFSSL_EVP_PKEY* key,
-    unsigned char** der)
-{
-    int sz;
-    word16 pkcs8HeaderSz;
-
-    if (!key || !key->pkey_sz)
-        return WOLFSSL_FATAL_ERROR;
-
-    /* return the key without PKCS8 for compatibility */
-    /* if pkcs8HeaderSz is invalid, use 0 and return all of pkey */
-    pkcs8HeaderSz = 0;
-    if (key->pkey_sz > key->pkcs8HeaderSz)
-        pkcs8HeaderSz = key->pkcs8HeaderSz;
-    sz = key->pkey_sz - pkcs8HeaderSz;
-    if (der) {
-        unsigned char* pt = (unsigned char*)key->pkey.ptr;
-        if (*der) {
-            /* since this function signature has no size value passed in it is
-             * assumed that the user has allocated a large enough buffer */
-            XMEMCPY(*der, pt + pkcs8HeaderSz, (size_t)sz);
-            *der += sz;
-        }
-        else {
-            *der = (unsigned char*)XMALLOC((size_t)sz, NULL,
-                                                DYNAMIC_TYPE_OPENSSL);
-            if (*der == NULL) {
-                return WOLFSSL_FATAL_ERROR;
-            }
-            XMEMCPY(*der, pt + pkcs8HeaderSz, (size_t)sz);
-        }
-    }
-    return sz;
-}
-
 int wolfSSL_i2d_PUBKEY(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
 {
     return wolfSSL_i2d_PublicKey(key, der);
@@ -16305,6 +16269,43 @@ void wolfSSL_set_dynlock_destroy_callback(
 #ifndef NO_CERTS
 
 #if !defined(NO_ASN) && !defined(NO_PWDBASED)
+#if defined(OPENSSL_EXTRA)
+/* helper function to get raw pointer to DER buffer from WOLFSSL_EVP_PKEY */
+static int wolfSSL_EVP_PKEY_get_der(const WOLFSSL_EVP_PKEY* key,
+    unsigned char** der)
+{
+    int sz;
+    word16 pkcs8HeaderSz;
+
+    if (!key || !key->pkey_sz)
+        return WOLFSSL_FATAL_ERROR;
+
+    /* return the key without PKCS8 for compatibility */
+    /* if pkcs8HeaderSz is invalid, use 0 and return all of pkey */
+    pkcs8HeaderSz = 0;
+    if (key->pkey_sz > key->pkcs8HeaderSz)
+        pkcs8HeaderSz = key->pkcs8HeaderSz;
+    sz = key->pkey_sz - pkcs8HeaderSz;
+    if (der) {
+        unsigned char* pt = (unsigned char*)key->pkey.ptr;
+        if (*der) {
+            /* since this function signature has no size value passed in it is
+             * assumed that the user has allocated a large enough buffer */
+            XMEMCPY(*der, pt + pkcs8HeaderSz, (size_t)sz);
+            *der += sz;
+        }
+        else {
+            *der = (unsigned char*)XMALLOC((size_t)sz, NULL,
+                                                DYNAMIC_TYPE_OPENSSL);
+            if (*der == NULL) {
+                return WOLFSSL_FATAL_ERROR;
+            }
+            XMEMCPY(*der, pt + pkcs8HeaderSz, (size_t)sz);
+        }
+    }
+    return sz;
+}
+
 /* Copies unencrypted DER key buffer into "der". If "der" is null then the size
  * of buffer needed is returned. If *der == NULL then it allocates a buffer.
  * NOTE: This also advances the "der" pointer to be at the end of buffer.
@@ -16318,6 +16319,7 @@ int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key, unsigned char** der)
 
 int wolfSSL_i2d_PrivateKey_bio(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
 {
+#ifndef NO_BIO
     int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
     int derSz = 0;
     byte* der = NULL;
@@ -16353,6 +16355,11 @@ int wolfSSL_i2d_PrivateKey_bio(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
 cleanup:
     XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
+#else
+    (void)bio;
+    (void)key;
+    return WOLFSSL_FAILURE;
+#endif /* NO_BIO */
 }
 
 int wolfSSL_i2d_PublicKey(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
@@ -16487,6 +16494,28 @@ int wolfSSL_i2d_PublicKey(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
     return WOLFSSL_FATAL_ERROR;
 #endif /* !NO_RSA || HAVE_ECC */
 }
+#else /* OPENSSL_EXTRA_X509_SMALL only */
+int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key, unsigned char** der)
+{
+    (void)key;
+    (void)der;
+    return WOLFSSL_FATAL_ERROR;
+}
+
+int wolfSSL_i2d_PrivateKey_bio(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
+{
+    (void)bio;
+    (void)key;
+    return WOLFSSL_FAILURE;
+}
+
+int wolfSSL_i2d_PublicKey(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
+{
+    (void)key;
+    (void)der;
+    return WOLFSSL_FATAL_ERROR;
+}
+#endif /* OPENSSL_EXTRA */
 #endif /* !NO_ASN && !NO_PWDBASED */
 
 #endif /* !NO_CERTS */
@@ -22955,13 +22984,20 @@ int wolfSSL_set_alpn_protos(WOLFSSL* ssl,
 #endif /* HAVE_ALPN */
 #endif /* OPENSSL_EXTRA */
 
-#if defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 
 #ifndef NO_BIO
 #define WOLFSSL_BIO_INCLUDED
 #include "src/bio.c"
 #endif
 
+<<<<<<< Updated upstream
+=======
+#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+
+>>>>>>> Stashed changes
 word32 nid2oid(int nid, int grp)
 {
     /* get OID type */
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
@@ -2075,8 +2075,8 @@ struct DecodedCert {
 #endif /* WOLFSSL_DUAL_ALG_CERTS */
 
     WOLFSSL_AIA_ENTRY extAuthInfoList[WOLFSSL_MAX_AIA_ENTRIES];
-    byte    extAuthInfoListSz:7;
-    byte    extAuthInfoListOverflow:1;
+    WC_BITFIELD extAuthInfoListSz:7;
+    WC_BITFIELD extAuthInfoListOverflow:1;
 };
 
 #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
