diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c
index 1fbd58a0c..04c1a143a 100644
--- a/examples/echoserver/echoserver.c
+++ b/examples/echoserver/echoserver.c
@@ -1704,18 +1704,18 @@ static int load_key(byte isEcc, byte* buf, word32 bufSz)
#else
/* using buffers instead */
if (isEcc) {
- if ((word32)sizeof_ecc_key_der_256 > bufSz) {
+ if ((word32)sizeof_ecc_key_der_256_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
- sz = sizeof_ecc_key_der_256;
+ WMEMCPY(buf, ecc_key_der_256_ssh, sizeof_ecc_key_der_256_ssh);
+ sz = sizeof_ecc_key_der_256_ssh;
}
else {
- if ((word32)sizeof_rsa_key_der_2048 > bufSz) {
+ if ((word32)sizeof_rsa_key_der_2048_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, (byte*)rsa_key_der_2048, sizeof_rsa_key_der_2048);
- sz = sizeof_rsa_key_der_2048;
+ WMEMCPY(buf, (byte*)rsa_key_der_2048_ssh, sizeof_rsa_key_der_2048_ssh);
+ sz = sizeof_rsa_key_der_2048_ssh;
}
#endif
diff --git a/gencertbuf.pl b/gencertbuf.pl
index 6edd56811..cb9855992 100755
--- a/gencertbuf.pl
+++ b/gencertbuf.pl
@@ -15,6 +15,9 @@
# output C header file to write key buffers to
my $outputFile = "./wolfssh/certs_test.h";
+# Add a suffix to distinguish between wolfssl/certs_test.h
+my $SSH_SUFFIX = "_ssh";
+
# ecc keys to be converted
my @fileList_ecc = (
@@ -39,40 +42,57 @@
open OUT_FILE, "+>", $outputFile or die $!;
print OUT_FILE "/* certs_test.h\n";
-print OUT_FILE "*\n";
-print OUT_FILE "* Copyright (C) 2014-2020 wolfSSL Inc.\n";
-print OUT_FILE "*\n";
-print OUT_FILE "* This file is part of wolfSSH.\n";
-print OUT_FILE "*\n";
-print OUT_FILE "* wolfSSH is free software; you can redistribute it and/or modify\n";
-print OUT_FILE "* it under the terms of the GNU General Public License as published by\n";
-print OUT_FILE "* the Free Software Foundation; either version 3 of the License, or\n";
-print OUT_FILE "* (at your option) any later version.\n";
-print OUT_FILE "*\n";
-print OUT_FILE "* wolfSSH is distributed in the hope that it will be useful,\n";
-print OUT_FILE "* but WITHOUT ANY WARRANTY; without even the implied warranty of\n";
-print OUT_FILE "* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n";
-print OUT_FILE "* GNU General Public License for more details.\n";
-print OUT_FILE "*\n";
-print OUT_FILE "* You should have received a copy of the GNU General Public License\n";
-print OUT_FILE "* along with wolfSSH. If not, see .\n";
-print OUT_FILE "*/\n\n";
-print OUT_FILE "#ifndef WOLFSSL_CERTS_TEST_H\n";
-print OUT_FILE "#define WOLFSSL_CERTS_TEST_H\n\n";
+print OUT_FILE " *\n";
+print OUT_FILE " * Copyright (C) 2014-2025 wolfSSL Inc.\n";
+print OUT_FILE " *\n";
+print OUT_FILE " * This file is part of wolfSSH.\n";
+print OUT_FILE " *\n";
+print OUT_FILE " * wolfSSH is free software; you can redistribute it and/or modify\n";
+print OUT_FILE " * it under the terms of the GNU General Public License as published by\n";
+print OUT_FILE " * the Free Software Foundation; either version 3 of the License, or\n";
+print OUT_FILE " * (at your option) any later version.\n";
+print OUT_FILE " *\n";
+print OUT_FILE " * wolfSSH is distributed in the hope that it will be useful,\n";
+print OUT_FILE " * but WITHOUT ANY WARRANTY; without even the implied warranty of\n";
+print OUT_FILE " * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n";
+print OUT_FILE " * GNU General Public License for more details.\n";
+print OUT_FILE " *\n";
+print OUT_FILE " * You should have received a copy of the GNU General Public License\n";
+print OUT_FILE " * along with wolfSSH. If not, see .\n";
+print OUT_FILE " */\n\n";
+print OUT_FILE "#ifndef _WOLFSSH_CERTS_TEST_H_\n";
+print OUT_FILE "#define _WOLFSSH_CERTS_TEST_H_\n";
+print OUT_FILE "\n";
+print OUT_FILE "/* To distinguish these certs from those in wolfssl add suffix: _ssh\n";
+print OUT_FILE " * See: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h\n";
+print OUT_FILE " * Generate: https://github.com/wolfSSL/wolfssl/blob/master/gencertbuf.pl\n";
+print OUT_FILE " *\n";
+print OUT_FILE " * In C89/C90 (which Watcom generally defaults to), sizeof must be a\n";
+print OUT_FILE " * compile-time constant expression when used in a static initializer.\n";
+print OUT_FILE " * So don't use `static const int sizeof_`\n";
+print OUT_FILE " */\n";
+print OUT_FILE "\n";
# convert and print 2048-bit certs/keys
-print OUT_FILE "#ifdef NO_FILESYSTEM\n\n";
+print OUT_FILE "#if defined(NO_FILESYSTEM)\n\n";
for (my $i = 0; $i < $num_2048; $i++) {
my $fname = $fileList_2048[$i][0];
my $sname = $fileList_2048[$i][1];
+ # Add a suffix to distinguish between wolfssl/certs_test.h
+ $sname .= $SSH_SUFFIX;
+
print OUT_FILE "/* $fname, 2048-bit */\n";
print OUT_FILE "static const unsigned char $sname\[] =\n";
print OUT_FILE "{\n";
file_to_hex($fname);
print OUT_FILE "};\n";
- print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
+
+ # In C89/C90 (which Watcom generally defaults to), sizeof must be a
+ # compile-time constant expression when used in a static initializer.
+ # So don't use `static const int sizeof_` here:
+ print OUT_FILE "#define sizeof_$sname (sizeof($sname))\n\n"
}
# convert and print ECC cert/keys
@@ -81,16 +101,23 @@
my $fname = $fileList_ecc[$i][0];
my $sname = $fileList_ecc[$i][1];
+ # Add a suffix to distinguish between wolfssl/certs_test.h
+ $sname .= $SSH_SUFFIX;
+
print OUT_FILE "/* $fname, ECC */\n";
print OUT_FILE "static const unsigned char $sname\[] =\n";
print OUT_FILE "{\n";
file_to_hex($fname);
print OUT_FILE "};\n";
- print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
+
+ # In C89/C90 (which Watcom generally defaults to), sizeof must be a
+ # compile-time constant expression when used in a static initializer.
+ # So don't use `static const int sizeof_` here:
+ print OUT_FILE "#define sizeof_$sname (sizeof($sname))\n\n"
}
print OUT_FILE "#endif /* NO_FILESYSTEM */\n\n";
-print OUT_FILE "#endif /* WOLFSSL_CERTS_TEST_H */\n\n";
+print OUT_FILE "#endif /* _WOLFSSL_CERTS_TEST_H_ */\n\n";
# close certs_test.h file
close OUT_FILE or die $!;
@@ -107,21 +134,30 @@ sub file_to_hex {
for (my $i = 0, my $j = 1; $i < $fileLen; $i++, $j++)
{
+ # Indent 4 spaces
if ($j == 1) {
- print OUT_FILE "\t";
+ print OUT_FILE " ";
}
+
read($fp, $byte, 1) or die "Error reading $fileName";
my $output = sprintf("0x%02X", ord($byte));
print OUT_FILE $output;
+ # comma at the end of the array declaration
if ($i != ($fileLen - 1)) {
- print OUT_FILE ", ";
+ print OUT_FILE ",";
}
if ($j == 10) {
$j = 0;
print OUT_FILE "\n";
}
+ else {
+ # Space between each byte, except last one
+ if ($i < $fileLen - 1) {
+ print OUT_FILE " ";
+ }
+ }
}
print OUT_FILE "\n";
diff --git a/ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/echoserver.c b/ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/echoserver.c
index 1b7b2daf0..494809424 100644
--- a/ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/echoserver.c
+++ b/ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/echoserver.c
@@ -1677,18 +1677,18 @@ static int load_key(byte isEcc, byte* buf, word32 bufSz)
#else
/* using buffers instead */
if (isEcc) {
- if ((word32)sizeof_ecc_key_der_256 > bufSz) {
+ if ((word32)sizeof_ecc_key_der_256_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
- sz = sizeof_ecc_key_der_256;
+ WMEMCPY(buf, ecc_key_der_256_ssh, sizeof_ecc_key_der_256_ssh);
+ sz = sizeof_ecc_key_der_256_ssh;
}
else {
- if ((word32)sizeof_rsa_key_der_2048 > bufSz) {
+ if ((word32)sizeof_rsa_key_der_2048_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, (byte*)rsa_key_der_2048, sizeof_rsa_key_der_2048);
- sz = sizeof_rsa_key_der_2048;
+ WMEMCPY(buf, (byte*)rsa_key_der_2048_ssh, sizeof_rsa_key_der_2048_ssh);
+ sz = sizeof_rsa_key_der_2048_ssh;
}
#endif
diff --git a/ide/Renesas/cs+/demo_server/wolfssh_demo.c b/ide/Renesas/cs+/demo_server/wolfssh_demo.c
index f9457e847..42fd21fac 100644
--- a/ide/Renesas/cs+/demo_server/wolfssh_demo.c
+++ b/ide/Renesas/cs+/demo_server/wolfssh_demo.c
@@ -239,18 +239,18 @@ static int load_key(byte isEcc, byte* buf, word32 bufSz)
#else
/* using buffers instead */
if (isEcc) {
- if (sizeof_ecc_key_der_256 > bufSz) {
+ if (sizeof_ecc_key_der_256_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
- sz = sizeof_ecc_key_der_256;
+ WMEMCPY(buf, ecc_key_der_256_ssh, sizeof_ecc_key_der_256_ssh);
+ sz = sizeof_ecc_key_der_256_ssh;
}
else {
- if (sizeof_rsa_key_der_2048 > bufSz) {
+ if (sizeof_rsa_key_der_2048_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, rsa_key_der_2048, sizeof_rsa_key_der_2048);
- sz = sizeof_rsa_key_der_2048;
+ WMEMCPY(buf, rsa_key_der_2048_ssh, sizeof_rsa_key_der_2048_ssh);
+ sz = sizeof_rsa_key_der_2048_ssh;
}
#endif
diff --git a/ide/mplabx/wolfssh.c b/ide/mplabx/wolfssh.c
index cb8fb5e13..9b636a1df 100644
--- a/ide/mplabx/wolfssh.c
+++ b/ide/mplabx/wolfssh.c
@@ -354,18 +354,18 @@ static int load_key(byte isEcc, byte* buf, word32 bufSz)
word32 sz = 0;
if (isEcc) {
- if (sizeof_ecc_key_der_256 > bufSz) {
+ if (sizeof_ecc_key_der_256_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
- sz = sizeof_ecc_key_der_256;
+ WMEMCPY(buf, ecc_key_der_256_ssh, sizeof_ecc_key_der_256_ssh);
+ sz = sizeof_ecc_key_der_256_ssh;
}
else {
- if (sizeof_rsa_key_der_2048 > bufSz) {
+ if (sizeof_rsa_key_der_2048_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, (byte*)rsa_key_der_2048, sizeof_rsa_key_der_2048);
- sz = sizeof_rsa_key_der_2048;
+ WMEMCPY(buf, (byte*)rsa_key_der_2048_ssh, sizeof_rsa_key_der_2048_ssh);
+ sz = sizeof_rsa_key_der_2048_ssh;
}
return sz;
diff --git a/tests/auth.c b/tests/auth.c
index aa52c3ad1..da98f8eca 100644
--- a/tests/auth.c
+++ b/tests/auth.c
@@ -201,18 +201,18 @@ static int load_key(byte isEcc, byte* buf, word32 bufSz)
#else
/* using buffers instead */
if (isEcc) {
- if ((word32)sizeof_ecc_key_der_256 > bufSz) {
+ if ((word32)sizeof_ecc_key_der_256_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
- sz = sizeof_ecc_key_der_256;
+ WMEMCPY(buf, ecc_key_der_256_ssh, sizeof_ecc_key_der_256_ssh);
+ sz = sizeof_ecc_key_der_256_ssh;
}
else {
- if ((word32)sizeof_rsa_key_der_2048 > bufSz) {
+ if ((word32)sizeof_rsa_key_der_2048_ssh > bufSz) {
return 0;
}
- WMEMCPY(buf, (byte*)rsa_key_der_2048, sizeof_rsa_key_der_2048);
- sz = sizeof_rsa_key_der_2048;
+ WMEMCPY(buf, (byte*)rsa_key_der_2048_ssh, sizeof_rsa_key_der_2048_ssh);
+ sz = sizeof_rsa_key_der_2048_ssh;
}
#endif
diff --git a/wolfssh/certs_test.h b/wolfssh/certs_test.h
index 1d60530ff..5e0a327e3 100644
--- a/wolfssh/certs_test.h
+++ b/wolfssh/certs_test.h
@@ -1,6 +1,6 @@
/* certs_test.h
*
- * Copyright (C) 2014-2024 wolfSSL Inc.
+ * Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
@@ -21,10 +21,19 @@
#ifndef _WOLFSSH_CERTS_TEST_H_
#define _WOLFSSH_CERTS_TEST_H_
+/* To distinguish these certs from those in wolfssl add suffix: _ssh
+ * See: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
+ * Generate: https://github.com/wolfSSL/wolfssl/blob/master/gencertbuf.pl
+ *
+ * In C89/C90 (which Watcom generally defaults to), sizeof must be a
+ * compile-time constant expression when used in a static initializer.
+ * So don't use `static const int sizeof_`
+ */
+
#if defined(NO_FILESYSTEM)
/* ./keys/server-key-rsa.der, 2048-bit */
-static const unsigned char rsa_key_der_2048[] =
+static const unsigned char rsa_key_der_2048_ssh[] =
{
0x30, 0x82, 0x04, 0xA3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
0x01, 0x00, 0xDA, 0x5D, 0xAD, 0x25, 0x14, 0x76, 0x15, 0x59,
@@ -147,10 +156,10 @@ static const unsigned char rsa_key_der_2048[] =
0x56, 0xC3, 0xCE, 0x77, 0x5F, 0x5B, 0xBA, 0x6C, 0x42, 0xF1,
0x21
};
-static const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048);
+#define sizeof_rsa_key_der_2048_ssh (sizeof(rsa_key_der_2048_ssh))
/* ./keys/server-key-ecc.der, ECC */
-static const unsigned char ecc_key_der_256[] =
+static const unsigned char ecc_key_der_256_ssh[] =
{
0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x61, 0x09, 0x99,
0x0B, 0x79, 0xD2, 0x5F, 0x28, 0x5A, 0x0F, 0x5D, 0x15, 0xCC,
@@ -166,10 +175,10 @@ static const unsigned char ecc_key_der_256[] =
0x05, 0x58, 0x6B, 0x5F, 0x63, 0xC8, 0xDA, 0x1B, 0xC4, 0xF5,
0x69
};
-static const int sizeof_ecc_key_der_256 = sizeof(ecc_key_der_256);
+#define sizeof_ecc_key_der_256_ssh (sizeof(ecc_key_der_256_ssh))
/* ./keys/server-key-ecc-384.der, ECC */
-static const unsigned char ecc_key_der_384[] =
+static const unsigned char ecc_key_der_384_ssh[] =
{
0x30, 0x81, 0xA4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x3E, 0xAD,
0xD2, 0xBB, 0xBF, 0x05, 0xA7, 0xBE, 0x3A, 0x3F, 0x7C, 0x28,
@@ -189,10 +198,10 @@ static const unsigned char ecc_key_der_384[] =
0x3D, 0x3E, 0xB8, 0x8D, 0x46, 0x7B, 0x5F, 0x27, 0xEB, 0xAB,
0x21, 0x61, 0xC0, 0x00, 0x66, 0xFE, 0xBD
};
-static const int sizeof_ecc_key_der_384 = sizeof(ecc_key_der_384);
+#define sizeof_ecc_key_der_384_ssh (sizeof(ecc_key_der_384_ssh))
/* ./keys/server-key-ecc-521.der, ECC */
-static const unsigned char ecc_key_der_521[] =
+static const unsigned char ecc_key_der_521_ssh[] =
{
0x30, 0x81, 0xDC, 0x02, 0x01, 0x01, 0x04, 0x42, 0x00, 0x4C,
0xA4, 0xD8, 0x64, 0x28, 0xD9, 0x40, 0x0E, 0x7B, 0x2D, 0xF3,
@@ -218,7 +227,7 @@ static const unsigned char ecc_key_der_521[] =
0x23, 0x7C, 0xA5, 0xA3, 0x45, 0xB1, 0x9E, 0x3F, 0x1A, 0x22,
0x90, 0xB1, 0x54
};
-static const int sizeof_ecc_key_der_521 = sizeof(ecc_key_der_521);
+#define sizeof_ecc_key_der_521_ssh (sizeof(ecc_key_der_521_ssh))
#endif /* NO_FILESYSTEM */