Group forward declarations by guard context

Forward declarations in asn.c and asn_orig.c now use guard transitions
(same mechanism as the function bodies) so consecutive declarations with
the same feature guard are grouped in a single #ifdef/#endif block rather
than each having its own open/close pair.

Also removed the now-redundant _find_func_outer_guards calls from
_emit_split_body_orig; outer feature guard context is emitted at the
generate_asn_orig loop level, not inside the per-block emitters.

Both modes still build and pass tests (5 PASS, 0 FAIL each).

Author: dgarske

wolfcrypt/src/asn.c

@@ -4344,180 +4344,83 @@ static word32 SetBitString16Bit(word16 val, byte* output)
 #ifndef WOLFSSL_ASN_TEMPLATE
 static int GetAlgoIdImpl(const byte* input, word32* inOutIdx, word32* oid, word32 oidType, word32 maxIdx, byte *absentParams);
 #ifndef NO_RSA
-#ifndef NO_RSA
 static int _RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, int* keySz, word32 inSz);
 #endif
-#endif
-#ifndef NO_DSA
 #ifndef NO_DSA
 static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen, int ints, int includeVersion);
 #endif
-#endif
-#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
 static int SetEccPublicKey(byte* output, ecc_key* key, int outLen, int with_header, int comp);
 #endif
-#endif
-#if !defined(NO_RSA) && !defined(NO_CERTS)
 #if !defined(NO_RSA) && !defined(NO_CERTS)
 static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx, word32 maxIdx);
 #endif
-#endif
-#if defined(HAVE_ECC) && !defined(NO_CERTS)
 #if defined(HAVE_ECC) && !defined(NO_CERTS)
 static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx, word32 maxIdx, const byte* pubKey, word32 pubKeyLen);
 #endif
-#endif
 #ifndef NO_CERTS
 #if !defined(NO_DSA)
-#if !defined(NO_DSA)
 static int ParseDsaKey(const byte* source, word32* srcIdx, word32 maxIdx, void* heap);
 #endif
 #endif
-#endif
 static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, const byte* input, word32* inOutIdx, word32 maxIdx);
 static int GetDateInfo(const byte* source, word32* idx, const byte** pDate, byte* pFormat, int* pLength, word32 maxIdx);
 #ifndef NO_CERTS
 static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx);
-#endif
-#ifndef NO_CERTS
 static int GetSignature(DecodedCert* cert);
 #endif
 static word32 SetAlgoIDImpl(int algoOID, byte* output, int type, int curveSz, byte absentParams);
 #ifndef NO_CERTS
 static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert);
-#endif
-#ifndef NO_CERTS
 static int DecodeCrlDist(const byte* input, word32 sz, DecodedCert* cert);
-#endif
-#ifndef NO_CERTS
 static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert);
-#endif
-#ifndef NO_CERTS
-#ifndef IGNORE_NAME_CONSTRAINTS
 #ifndef IGNORE_NAME_CONSTRAINTS
 static int DecodeSubtree(const byte* input, word32 sz, Base_entry** head, word32 limit, void* heap);
-#endif
-#endif
-#endif
-#ifndef NO_CERTS
-#ifndef IGNORE_NAME_CONSTRAINTS
-#ifndef IGNORE_NAME_CONSTRAINTS
 static int DecodeNameConstraints(const byte* input, word32 sz, DecodedCert* cert);
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
-#if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
 #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
 static int DecodeCertPolicy(const byte* input, word32 sz, DecodedCert* cert);
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
-#ifdef WOLFSSL_SUBJ_DIR_ATTR
 #ifdef WOLFSSL_SUBJ_DIR_ATTR
 static int DecodeSubjDirAttr(const byte* input, word32 sz, DecodedCert* cert);
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
 static int DecodeCertExtensions(DecodedCert* cert);
-#endif
-#ifndef NO_CERTS
-#if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
 #if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
 static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, void* cm, const byte* pubKey, word32 pubKeySz, int pubKeyOID, int req);
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
-#if !defined(NO_RSA) && \
-(defined(WOLFSSL_KEY_TO_DER) || defined(WOLFSSL_CERT_GEN))
 #if !defined(NO_RSA) && \
 (defined(WOLFSSL_KEY_TO_DER) || defined(WOLFSSL_CERT_GEN))
 static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen, int with_header);
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
 #ifdef WOLFSSL_CERT_GEN
 #ifdef WOLFSSL_CERT_EXT
-#ifdef WOLFSSL_CERT_EXT
 static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input);
-#endif
-#endif
-#endif
-#endif
-#ifndef NO_CERTS
-#ifdef WOLFSSL_CERT_GEN
-#ifdef WOLFSSL_CERT_EXT
-#ifdef WOLFSSL_CERT_EXT
 static int SetCertificatePolicies(byte *output, word32 outputSz, char input[MAX_CERTPOL_NB][MAX_CERTPOL_SZ], word16 nb_certpol, void* heap);
 #endif
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
-#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 #if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 static int EncodeName(EncodedName* name, const char* nameStr, byte nameTag, byte type, byte emailTag, CertName* cname);
 #endif
-#endif
-#endif
-#ifndef NO_CERTS
 #ifdef WOLFSSL_CERT_GEN
 static int SetValidity(byte* output, int daysValid);
-#endif
-#endif
-#ifndef NO_CERTS
-#ifdef WOLFSSL_CERT_GEN
 static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng, DsaKey* dsaKey, ed25519_key* ed25519Key, ed448_key* ed448Key, falcon_key* falconKey, dilithium_key* dilithiumKey, sphincs_key* sphincsKey);
-#endif
-#endif
-#ifndef NO_CERTS
-#ifdef WOLFSSL_CERT_GEN
-#ifdef WOLFSSL_CERT_REQ
 #ifdef WOLFSSL_CERT_REQ
 static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, DsaKey* dsaKey, ecc_key* eccKey, ed25519_key* ed25519Key, ed448_key* ed448Key, falcon_key* falconKey, dilithium_key* dilithiumKey, sphincs_key* sphincsKey);
 #endif
 #endif
 #endif
-#endif
 #if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
 static int OcspDecodeCertIDInt(const byte* input, word32* inOutIdx, word32 inSz, OcspEntry* entry);
-#endif
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
 static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, int wrapperSz, OcspEntry* single);
-#endif
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
 static int DecodeOcspRespExtensions(byte* source, word32* ioIndex, OcspResponse* resp, word32 sz);
-#endif
-#endif
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
 static int DecodeResponseData(byte* source, word32* ioIndex, OcspResponse* resp, word32 size);
-#endif
-#endif
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
-#if defined(HAVE_OCSP) && !defined(WOLFCRYPT_ONLY)
 static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, OcspResponse* resp, word32 size, void* cm, void* heap, int noVerify, int noVerifySignature);
 #endif
-#endif
-#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
 #if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
 static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx, DecodedCRL* dcrl, word32 maxIdx);
-#endif
-#endif
-#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
-#ifndef NO_SKID
 #ifndef NO_SKID
 static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl);
 #endif
-#endif
-#endif
-#if defined(HAVE_CRL) && !defined(WOLFCRYPT_ONLY)
 static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32* inOutIdx, word32 sz);
 #endif
 #endif /* !WOLFSSL_ASN_TEMPLATE */