Fix namespace collision on CRL reasons

Author: julek-wolfssl

examples/ocsp_responder/ocsp_responder.c

@@ -434,7 +434,7 @@ static int PopulateResponderFromIndex(OcspResponder* responder,
         word32 serialLen = 0;
         enum Ocsp_Cert_Status status;
         time_t revTime = 0;
-        enum WC_CRL_Reason revReason = CRL_REASON_UNSPECIFIED;
+        enum WC_CRL_Reason revReason = WC_CRL_REASON_UNSPECIFIED;
         word32 validity = 86400;
         char* p = entry->serial;
         word32 i;
@@ -487,7 +487,7 @@ static int PopulateResponderFromIndex(OcspResponder* responder,
         else if (entry->status == 'R') {
             status = CERT_REVOKED;
             revTime = entry->revocationTime;
-            revReason = CRL_REASON_UNSPECIFIED;
+            revReason = WC_CRL_REASON_UNSPECIFIED;
             validity = 0;
         }
         else {

src/ocsp.c

@@ -2520,8 +2520,8 @@ int wc_OcspResponder_SetCertStatus(OcspResponder* responder,
     if (status == CERT_REVOKED) {
         if (revocationTime <= 0)
             goto out;
-        if (revocationReason < CRL_REASON_UNSPECIFIED ||
-            revocationReason > CRL_REASON_AA_COMPROMISE)
+        if (revocationReason < WC_CRL_REASON_UNSPECIFIED ||
+            revocationReason > WC_CRL_REASON_AA_COMPROMISE)
             goto out;
         /* Skip value 7 which is not used */
         if (revocationReason == 7)

tests/api/test_ocsp.c

@@ -1510,7 +1510,7 @@ int test_ocsp_responder(void)
             "./certs/ca-key.der",
             "./certs/server-cert.der",
             CERT_GOOD,
-            0, CRL_REASON_UNSPECIFIED,
+            0, WC_CRL_REASON_UNSPECIFIED,
             86400, /* validityPeriod - 24 hours */
             0,
             "RSA server cert - GOOD status"
@@ -1521,7 +1521,7 @@ int test_ocsp_responder(void)
             "./certs/ca-key.der",
             "./certs/server-cert.der",
             CERT_REVOKED,
-            now, CRL_REASON_KEY_COMPROMISE,  /* Revoked due to key compromise */
+            now, WC_CRL_REASON_KEY_COMPROMISE,  /* Revoked due to key compromise */
             0,     /* validityPeriod (not used for REVOKED) */
             OCSP_CERT_REVOKED,
             "RSA server cert - REVOKED status"
@@ -1532,7 +1532,7 @@ int test_ocsp_responder(void)
             "./certs/ca-key.der",
             "./certs/server-cert.der",
             CERT_UNKNOWN,
-            0, CRL_REASON_UNSPECIFIED,
+            0, WC_CRL_REASON_UNSPECIFIED,
             0,     /* validityPeriod (not used for UNKNOWN) */
             OCSP_CERT_UNKNOWN,
             "RSA server cert - UNKNOWN status"
@@ -1543,7 +1543,7 @@ int test_ocsp_responder(void)
             "./certs/ocsp/ocsp-responder-key.der",
             "./certs/ocsp/intermediate1-ca-cert.der",
             CERT_GOOD,
-            0, CRL_REASON_UNSPECIFIED,
+            0, WC_CRL_REASON_UNSPECIFIED,
             86400, /* validityPeriod - 24 hours */
             0,
             "RSA int1 cert with responder - GOOD status"
@@ -1554,7 +1554,7 @@ int test_ocsp_responder(void)
             "./certs/ocsp/ocsp-responder-key.der",
             "./certs/ocsp/intermediate1-ca-cert.der",
             CERT_REVOKED,
-            now, CRL_REASON_KEY_COMPROMISE,  /* Revoked due to key compromise */
+            now, WC_CRL_REASON_KEY_COMPROMISE,  /* Revoked due to key compromise */
             0,     /* validityPeriod (not used for REVOKED) */
             OCSP_CERT_REVOKED,
             "RSA int1 cert with responder - REVOKED status"
@@ -1565,7 +1565,7 @@ int test_ocsp_responder(void)
             "./certs/ocsp/ocsp-responder-key.der",
             "./certs/ocsp/intermediate1-ca-cert.der",
             CERT_UNKNOWN,
-            0, CRL_REASON_UNSPECIFIED,
+            0, WC_CRL_REASON_UNSPECIFIED,
             0,     /* validityPeriod (not used for UNKNOWN) */
             OCSP_CERT_UNKNOWN,
             "RSA int1 cert with responder - UNKNOWN status"
@@ -1577,7 +1577,7 @@ int test_ocsp_responder(void)
             "./certs/ca-ecc-key.der",
             "./certs/server-ecc.der",
             CERT_GOOD,
-            0, CRL_REASON_UNSPECIFIED,
+            0, WC_CRL_REASON_UNSPECIFIED,
             86400, /* validityPeriod - 24 hours */
             0,
             "ECC server cert - GOOD status"
@@ -1588,7 +1588,7 @@ int test_ocsp_responder(void)
             "./certs/ca-ecc-key.der",
             "./certs/server-ecc.der",
             CERT_REVOKED,
-            now, CRL_REASON_AFFILIATION_CHANGED,
+            now, WC_CRL_REASON_AFFILIATION_CHANGED,
             0,     /* validityPeriod (not used for REVOKED) */
             OCSP_CERT_REVOKED,
             "ECC server cert - REVOKED status"
@@ -1599,7 +1599,7 @@ int test_ocsp_responder(void)
             "./certs/ca-ecc-key.der",
             "./certs/server-ecc.der",
             CERT_UNKNOWN,
-            0, CRL_REASON_UNSPECIFIED,
+            0, WC_CRL_REASON_UNSPECIFIED,
             0,     /* validityPeriod (not used for UNKNOWN) */
             OCSP_CERT_UNKNOWN,
             "ECC server cert - UNKNOWN status"

wolfssl/wolfcrypt/asn.h

@@ -2899,17 +2899,17 @@ WOLFSSL_LOCAL int OcspDecodeCertID(const byte* input, word32* inOutIdx, word32 i
 #ifdef HAVE_OCSP_RESPONDER
 /* Revocation reason codes from RFC 5280 */
 enum WC_CRL_Reason {
-    CRL_REASON_UNSPECIFIED             = 0,
-    CRL_REASON_KEY_COMPROMISE          = 1,
-    CRL_REASON_CA_COMPROMISE           = 2,
-    CRL_REASON_AFFILIATION_CHANGED     = 3,
-    CRL_REASON_SUPERSEDED              = 4,
-    CRL_REASON_CESSATION_OF_OPERATION  = 5,
-    CRL_REASON_CERTIFICATE_HOLD        = 6,
+    WC_CRL_REASON_UNSPECIFIED             = 0,
+    WC_CRL_REASON_KEY_COMPROMISE          = 1,
+    WC_CRL_REASON_CA_COMPROMISE           = 2,
+    WC_CRL_REASON_AFFILIATION_CHANGED     = 3,
+    WC_CRL_REASON_SUPERSEDED              = 4,
+    WC_CRL_REASON_CESSATION_OF_OPERATION  = 5,
+    WC_CRL_REASON_CERTIFICATE_HOLD        = 6,
     /* value 7 is not used */
-    CRL_REASON_REMOVE_FROM_CRL         = 8,
-    CRL_REASON_PRIVILEGE_WITHDRAWN     = 9,
-    CRL_REASON_AA_COMPROMISE           = 10
+    WC_CRL_REASON_REMOVE_FROM_CRL         = 8,
+    WC_CRL_REASON_PRIVILEGE_WITHDRAWN     = 9,
+    WC_CRL_REASON_AA_COMPROMISE           = 10
 };
 
 /* Certificate status entry for a single certificate */