Merge pull request #1379 from JacobBarthelmeh/Compatibility-Layer

Compatibility layer
2018-02-23 14:59:22 -08:00 · 2018-02-23 14:59:22 -08:00 · be8cfcf587
parent 6500c40015 89390180a0
commit be8cfcf587
10 changed files with 216 additions and 29 deletions
--- a/configure.ac
+++ b/configure.ac
@ -220,6 +220,7 @@ then
    enable_indef=yes

    AM_CFLAGS="-DHAVE_AES_DECRYPT $AM_CFLAGS"
+    AM_CFLAGS="-DHAVE_AES_ECB $AM_CFLAGS"
 fi
 AM_CONDITIONAL([BUILD_ALL], [test "x$ENABLED_ALL" = "xyes"])

@ -3771,6 +3772,7 @@ AC_ARG_ENABLE([oldnames],
 if test "x$ENABLED_OLDNAMES" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"
 then
    AM_CFLAGS="$AM_CFLAGS -DNO_OLD_RNGNAME -DNO_OLD_WC_NAMES -DNO_OLD_SSL_NAMES"
+    AM_CFLAGS="$AM_CFLAGS -DNO_OLD_SHA256_NAMES"
 fi


--- a/mcapi/crypto.c
+++ b/mcapi/crypto.c
@ -105,7 +105,7 @@ int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha)
    if (sha == NULL)
        return BAD_FUNC_ARG;

-    return wc_InitSha((Sha*)sha);
+    return wc_InitSha((wc_Sha*)sha);
 }

 int CRYPT_SHA_DataSizeSet(CRYPT_SHA_CTX* sha, unsigned int sz)
@ -114,7 +114,7 @@ int CRYPT_SHA_DataSizeSet(CRYPT_SHA_CTX* sha, unsigned int sz)
        return BAD_FUNC_ARG;

 #ifdef WOLFSSL_PIC32MZ_HASH
-    wc_ShaSizeSet((Sha*)sha, sz);
+    wc_ShaSizeSet((wc_Sha*)sha, sz);
 #else
    (void)sz;
 #endif
@ -129,7 +129,7 @@ int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX* sha, const unsigned char* input,
    if (sha == NULL || input == NULL)
        return BAD_FUNC_ARG;

-    return wc_ShaUpdate((Sha*)sha, input, sz);
+    return wc_ShaUpdate((wc_Sha*)sha, input, sz);
 }


@ -139,7 +139,7 @@ int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest)
    if (sha == NULL || digest == NULL)
        return BAD_FUNC_ARG;

-    return wc_ShaFinal((Sha*)sha, digest);
+    return wc_ShaFinal((wc_Sha*)sha, digest);
 }
 #endif

@ -148,13 +148,13 @@ int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest)
 /* Initialize SHA-256 */
 int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX* sha256)
 {
-    typedef char sha_test[sizeof(CRYPT_SHA256_CTX) >= sizeof(Sha256) ? 1 : -1];
+    typedef char sha_test[sizeof(CRYPT_SHA256_CTX) >= sizeof(wc_Sha256) ? 1 : -1];
    (void)sizeof(sha_test);

    if (sha256 == NULL)
        return BAD_FUNC_ARG;

-    return wc_InitSha256((Sha256*)sha256);
+    return wc_InitSha256((wc_Sha256*)sha256);
 }

 int CRYPT_SHA256_DataSizeSet(CRYPT_SHA256_CTX* sha256, unsigned int sz)
@ -163,7 +163,7 @@ int CRYPT_SHA256_DataSizeSet(CRYPT_SHA256_CTX* sha256, unsigned int sz)
        return BAD_FUNC_ARG;

 #ifdef WOLFSSL_PIC32MZ_HASH
-    wc_Sha256SizeSet((Sha256*)sha256, sz);
+    wc_Sha256SizeSet((wc_Sha256*)sha256, sz);
 #else
    (void)sz;
 #endif
@ -178,7 +178,7 @@ int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX* sha256, const unsigned char* input,
    if (sha256 == NULL || input == NULL)
        return BAD_FUNC_ARG;

-    return wc_Sha256Update((Sha256*)sha256, input, sz);
+    return wc_Sha256Update((wc_Sha256*)sha256, input, sz);
 }


@ -188,7 +188,7 @@ int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest)
    if (sha256 == NULL || digest == NULL)
        return BAD_FUNC_ARG;

-    return wc_Sha256Final((Sha256*)sha256, digest);
+    return wc_Sha256Final((wc_Sha256*)sha256, digest);
 }
 #endif

@ -197,13 +197,13 @@ int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest)
 /* Initialize SHA-384 */
 int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384)
 {
-    typedef char sha_test[sizeof(CRYPT_SHA384_CTX) >= sizeof(Sha384) ? 1 : -1];
+    typedef char sha_test[sizeof(CRYPT_SHA384_CTX) >= sizeof(wc_Sha384) ? 1 : -1];
    (void)sizeof(sha_test);

    if (sha384 == NULL)
        return BAD_FUNC_ARG;

-    return wc_InitSha384((Sha384*)sha384);
+    return wc_InitSha384((wc_Sha384*)sha384);
 }


@ -214,7 +214,7 @@ int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input,
    if (sha384 == NULL || input == NULL)
        return BAD_FUNC_ARG;

-    return wc_Sha384Update((Sha384*)sha384, input, sz);
+    return wc_Sha384Update((wc_Sha384*)sha384, input, sz);
 }


@ -224,7 +224,7 @@ int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest)
    if (sha384 == NULL || digest == NULL)
        return BAD_FUNC_ARG;

-    return wc_Sha384Final((Sha384*)sha384, digest);
+    return wc_Sha384Final((wc_Sha384*)sha384, digest);
 }
 #endif

@ -232,13 +232,13 @@ int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest)
 /* Initialize SHA-512 */
 int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX* sha512)
 {
-    typedef char sha_test[sizeof(CRYPT_SHA512_CTX) >= sizeof(Sha512) ? 1 : -1];
+    typedef char sha_test[sizeof(CRYPT_SHA512_CTX) >= sizeof(wc_Sha512) ? 1 : -1];
    (void)sizeof(sha_test);

    if (sha512 == NULL)
        return BAD_FUNC_ARG;

-    return wc_InitSha512((Sha512*)sha512);
+    return wc_InitSha512((wc_Sha512*)sha512);
 }


@ -249,7 +249,7 @@ int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX* sha512, const unsigned char* input,
    if (sha512 == NULL || input == NULL)
        return BAD_FUNC_ARG;

-    return wc_Sha512Update((Sha512*)sha512, input, sz);
+    return wc_Sha512Update((wc_Sha512*)sha512, input, sz);
 }


@ -259,7 +259,7 @@ int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest)
    if (sha512 == NULL || digest == NULL)
        return BAD_FUNC_ARG;

-    return wc_Sha512Final((Sha512*)sha512, digest);
+    return wc_Sha512Final((wc_Sha512*)sha512, digest);
 }
 #endif

--- a/mcapi/mcapi_test.c
+++ b/mcapi/mcapi_test.c
@ -279,10 +279,10 @@ static int check_sha(void)
 static int check_sha256(void)
 {
    CRYPT_SHA256_CTX mcSha256;
-    Sha256           defSha256;
+    wc_Sha256        defSha256;
    int              ret;
    byte             mcDigest[CRYPT_SHA256_DIGEST_SIZE];
-    byte             defDigest[SHA256_DIGEST_SIZE];
+    byte             defDigest[WC_SHA256_DIGEST_SIZE];

    CRYPT_SHA256_Initialize(&mcSha256);
    ret = wc_InitSha256(&defSha256);
@ -319,10 +319,10 @@ static int check_sha256(void)
 static int check_sha384(void)
 {
    CRYPT_SHA384_CTX mcSha384;
-    Sha384           defSha384;
+    wc_Sha384        defSha384;
    int              ret;
    byte             mcDigest[CRYPT_SHA384_DIGEST_SIZE];
-    byte             defDigest[SHA384_DIGEST_SIZE];
+    byte             defDigest[WC_SHA384_DIGEST_SIZE];

    CRYPT_SHA384_Initialize(&mcSha384);
    ret = wc_InitSha384(&defSha384);
@ -359,10 +359,10 @@ static int check_sha384(void)
 static int check_sha512(void)
 {
    CRYPT_SHA512_CTX mcSha512;
-    Sha512           defSha512;
+    wc_Sha512        defSha512;
    int              ret;
    byte             mcDigest[CRYPT_SHA512_DIGEST_SIZE];
-    byte             defDigest[SHA512_DIGEST_SIZE];
+    byte             defDigest[WC_SHA512_DIGEST_SIZE];

    CRYPT_SHA512_Initialize(&mcSha512);
    ret = wc_InitSha512(&defSha512);
@ -402,13 +402,13 @@ static int check_hmac(void)
    Hmac           defHmac;
    int            ret;
    byte           mcDigest[CRYPT_SHA512_DIGEST_SIZE];
-    byte           defDigest[SHA512_DIGEST_SIZE];
+    byte           defDigest[WC_SHA512_DIGEST_SIZE];

    strncpy((char*)key, "Jefe", 4);

    /* SHA1 */
    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA, key, 4);
-    ret = wc_HmacSetKey(&defHmac, SHA, key, 4);
+    ret = wc_HmacSetKey(&defHmac, WC_SHA, key, 4);
    if (ret != 0) {
        printf("hmac sha setkey default failed\n");
        return -1;
@ -436,7 +436,7 @@ static int check_hmac(void)

    /* SHA-256 */
    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA256, key, 4);
-    ret = wc_HmacSetKey(&defHmac, SHA256, key, 4);
+    ret = wc_HmacSetKey(&defHmac, WC_SHA256, key, 4);
    if (ret != 0) {
        printf("hmac sha256 setkey default failed\n");
        return -1;
@ -464,7 +464,7 @@ static int check_hmac(void)

    /* SHA-384 */
    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA384, key, 4);
-    ret = wc_HmacSetKey(&defHmac, SHA384, key, 4);
+    ret = wc_HmacSetKey(&defHmac, WC_SHA384, key, 4);
    if (ret != 0) {
        printf("hmac sha384 setkey default failed\n");
        return -1;
@ -492,7 +492,7 @@ static int check_hmac(void)

    /* SHA-512 */
    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA512, key, 4);
-    ret = wc_HmacSetKey(&defHmac, SHA512, key, 4);
+    ret = wc_HmacSetKey(&defHmac, WC_SHA512, key, 4);
    if (ret != 0) {
        printf("hmac sha512 setkey default failed\n");
        return -1;
--- a/src/ssl.c
+++ b/src/ssl.c
@ -21108,6 +21108,45 @@ int wolfSSL_AES_set_decrypt_key(const unsigned char *key, const int bits,
 }


+#ifdef HAVE_AES_ECB
+/* Encrypt/decrypt a 16 byte block of data using the key passed in.
+ *
+ * in  buffer to encrypt/decyrpt
+ * out buffer to hold result of encryption/decryption
+ * key AES structure to use with encryption/decryption
+ * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption
+ */
+void wolfSSL_AES_ecb_encrypt(const unsigned char *in, unsigned char* out,
+                             AES_KEY *key, const int enc)
+{
+    Aes* aes;
+
+    WOLFSSL_ENTER("wolfSSL_AES_ecb_encrypt");
+
+    if (key == NULL || in == NULL || out == NULL) {
+        WOLFSSL_MSG("Error, Null argument passed in");
+        return;
+    }
+
+    aes = (Aes*)key;
+    if (enc == AES_ENCRYPT) {
+        if (wc_AesEcbEncrypt(aes, out, in, AES_BLOCK_SIZE) != 0) {
+            WOLFSSL_MSG("Error with AES CBC encrypt");
+        }
+    }
+    else {
+    #ifdef HAVE_AES_DECRYPT
+        if (wc_AesEcbDecrypt(aes, out, in, AES_BLOCK_SIZE) != 0) {
+            WOLFSSL_MSG("Error with AES CBC decrypt");
+        }
+    #else
+        WOLFSSL_MSG("AES decryption not compiled in");
+    #endif
+    }
+}
+#endif /* HAVE_AES_ECB */
+
+
 /* Encrypt data using key and iv passed in. iv gets updated to most recent iv
 * state after encryptiond/decryption.
 *
@ -29750,6 +29789,52 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
    }
 #endif /* ! NO_SHA */

+#ifndef NO_SHA256
+    /* One shot SHA256 hash of message.
+     *
+     * d  message to hash
+     * n  size of d buffer
+     * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
+     *
+     * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
+     *       When the static buffer is used this function is not thread safe.
+     *
+     * Returns a pointer to the message digest on success and NULL on failure.
+     */
+    unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n,
+            unsigned char *md)
+    {
+        static byte dig[WC_SHA256_DIGEST_SIZE];
+        wc_Sha256 sha;
+
+        WOLFSSL_ENTER("wolfSSL_SHA256");
+
+        if (wc_InitSha256_ex(&sha, NULL, 0) != 0) {
+            WOLFSSL_MSG("SHA256 Init failed");
+            return NULL;
+        }
+
+        if (wc_Sha256Update(&sha, (const byte*)d, (word32)n) != 0) {
+            WOLFSSL_MSG("SHA256 Update failed");
+            return NULL;
+        }
+
+        if (wc_Sha256Final(&sha, dig) != 0) {
+            WOLFSSL_MSG("SHA256 Final failed");
+            return NULL;
+        }
+
+        wc_Sha256Free(&sha);
+
+        if (md != NULL) {
+            XMEMCPY(md, dig, WC_SHA256_DIGEST_SIZE);
+            return md;
+        }
+        else {
+            return (unsigned char*)dig;
+        }
+    }
+#endif /* ! NO_SHA256 */
    char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x)
    {
        int ret;
--- a/tests/api.c
+++ b/tests/api.c
@ -268,6 +268,9 @@
    #include <wolfssl/openssl/crypto.h>
    #include <wolfssl/openssl/hmac.h>
    #include <wolfssl/openssl/objects.h>
+#ifndef NO_AES
+    #include <wolfssl/openssl/aes.h>
+#endif
 #ifndef NO_DES3
    #include <wolfssl/openssl/des.h>
 #endif
@ -16620,6 +16623,80 @@ static void test_wolfSSL_DH_1536_prime(void)
 #endif
 }

+static void test_wolfSSL_AES_ecb_encrypt(void)
+{
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB)
+    AES_KEY aes;
+    const byte msg[] =
+    {
+      0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+      0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+    };
+
+    const byte verify[] =
+    {
+        0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
+        0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
+    };
+
+    const byte key[] =
+    {
+      0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+      0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+      0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+      0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
+    };
+
+
+    byte out[AES_BLOCK_SIZE];
+
+    printf(testingFmt, "wolfSSL_AES_ecb_encrypt()");
+
+    AssertIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
+    AssertIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
+
+#ifdef HAVE_AES_DECRYPT
+    AssertIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
+    AssertIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
+#endif
+
+    /* test bad arguments */
+    AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
+    AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
+    AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
+
+    printf(resultFmt, passed);
+#endif
+}
+
+static void test_wolfSSL_SHA256(void)
+{
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
+    defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
+    unsigned char input[] =
+        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    unsigned char output[] =
+        "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+        "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+        "\x06\xC1";
+    size_t inLen;
+    byte hash[WC_SHA256_DIGEST_SIZE];
+
+    printf(testingFmt, "wolfSSL_SHA256()");
+    inLen  = XSTRLEN((char*)input);
+
+    XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
+    AssertNotNull(SHA256(input, inLen, hash));
+    AssertIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
+
+    printf(resultFmt, passed);
+#endif
+}
+
 static void test_no_op_functions(void)
 {
    #if defined(OPENSSL_EXTRA)
@ -17453,6 +17530,8 @@ void ApiTest(void)
    test_wolfSSL_msg_callback();
    test_wolfSSL_SHA();
    test_wolfSSL_DH_1536_prime();
+    test_wolfSSL_AES_ecb_encrypt();
+    test_wolfSSL_SHA256();

    /* test the no op functions for compatibility */
    test_no_op_functions();
--- a/wolfssl/openssl/aes.h
+++ b/wolfssl/openssl/aes.h
@ -58,11 +58,15 @@ WOLFSSL_API int wolfSSL_AES_set_decrypt_key
 WOLFSSL_API void wolfSSL_AES_cbc_encrypt
    (const unsigned char *in, unsigned char* out, size_t len,
     AES_KEY *key, unsigned char* iv, const int enc);
+WOLFSSL_API void wolfSSL_AES_ecb_encrypt
+    (const unsigned char *in, unsigned char* out,
+     AES_KEY *key, const int enc);
 WOLFSSL_API void wolfSSL_AES_cfb128_encrypt
    (const unsigned char *in, unsigned char* out, size_t len,
     AES_KEY *key, unsigned char* iv, int* num, const int enc);

 #define AES_cbc_encrypt     wolfSSL_AES_cbc_encrypt
+#define AES_ecb_encrypt     wolfSSL_AES_ecb_encrypt
 #define AES_cfb128_encrypt  wolfSSL_AES_cfb128_encrypt
 #define AES_set_encrypt_key wolfSSL_AES_set_encrypt_key
 #define AES_set_decrypt_key wolfSSL_AES_set_decrypt_key
--- a/wolfssl/openssl/sha.h
+++ b/wolfssl/openssl/sha.h
@ -119,6 +119,14 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX;
 #define SHA256_Init   wolfSSL_SHA256_Init
 #define SHA256_Update wolfSSL_SHA256_Update
 #define SHA256_Final  wolfSSL_SHA256_Final
+#if defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
+    /* SHA256 is only available in non-fips mode because of SHA256 enum in FIPS
+     * build. */
+    #define SHA256 wolfSSL_SHA256
+    #define SHA256_BLOCK_SIZE  WC_SHA256_BLOCK_SIZE
+    #define SHA256_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+    #define SHA256_PAD_SIZE    WC_SHA256_PAD_SIZE
+#endif


 #ifdef WOLFSSL_SHA384
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -2560,6 +2560,7 @@ WOLFSSL_API WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X50
 WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
 WOLFSSL_API void wolfSSL_sk_X509_NAME_pop_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, void f (WOLFSSL_X509_NAME*));
 WOLFSSL_API unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md);
+WOLFSSL_API unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n, unsigned char *md);
 WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*);
 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk );

--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@ -1633,6 +1633,13 @@ extern void uITRON4_free(void *p) ;
    #endif
 #endif

+#if defined(NO_OLD_WC_NAMES) || defined(OPENSSL_EXTRA)
+    /* added to have compatibility with SHA256() */
+    #if !defined(NO_OLD_SHA256_NAMES) && !defined(HAVE_FIPS)
+        #define NO_OLD_SHA256_NAMES
+    #endif
+#endif
+
 /* switch for compatibility layer functionality. Has subparts i.e. BIO/X509
 * When opensslextra is enabled all subparts should be turned on. */
 #ifdef OPENSSL_EXTRA
@ -1640,6 +1647,7 @@ extern void uITRON4_free(void *p) ;
    #define OPENSSL_EXTRA_X509_SMALL
 #endif /* OPENSSL_EXTRA */
    
+
 #ifdef __cplusplus
    }   /* extern "C" */
 #endif
--- a/wolfssl/wolfcrypt/sha256.h
+++ b/wolfssl/wolfcrypt/sha256.h
@ -77,7 +77,7 @@
    #define SHA256_NOINLINE
 #endif

-#ifndef NO_OLD_WC_NAMES
+#ifndef NO_OLD_SHA256_NAMES
    #define Sha256             wc_Sha256
    #define SHA256             WC_SHA256
    #define SHA256_BLOCK_SIZE  WC_SHA256_BLOCK_SIZE