Fixes enum class by owent · Pull Request #90 · owent/atframe_utils

owent · 2026-04-23T15:26:56Z

No description provided.

 }

-int cipher::init_with_cipher(const cipher_interface_info_t *interface, int mode) {
+int cipher::init_with_cipher(const cipher_interface_info_t *interface, int32_t mode) {


@@ -1814,114 +1858,114 @@
       */
      size_t curve_grp_len = 4;
      if (ilen < curve_grp_len) {
-        ret = details::setup_errorno(*this, 0, error_code_t::INIT_DH_READ_PARAM);
+        ret = details::setup_errorno(*this, 0, error_code_t::kInitDhReadParam);
        break;
      }

      size_t encoded_pt_len = input[3];
      if (encoded_pt_len > ilen - curve_grp_len) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_READ_PARAM);
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhReadParam);
        break;
      }

      int group_id = static_cast<int>(input[1] << 8) | static_cast<int>(input[2]);
      ret = check_or_setup_ecp_id(group_id);
-      if (error_code_t::OK != ret) {
-        ret = details::setup_errorno(*this, 0, static_cast<error_code_t::type>(ret));
+      if (error_code_t::kOk != ret) {
+        ret = details::setup_errorno(*this, 0, ret);
        break;
      }

      if (nullptr == shared_context_->get_dh_parameter().keygen_ctx) {
-        ret = details::setup_errorno(*this, 0, error_code_t::NOT_CLIENT_MODE);
+        ret = details::setup_errorno(*this, 0, error_code_t::kNotClientMode);
        break;
      }

-      details::reset(dh_context_.openssl_ecdh_pkey_);
-      if (EVP_PKEY_keygen(shared_context_->get_dh_parameter().keygen_ctx, &dh_context_.openssl_ecdh_pkey_) <= 0) {
-        details::reset(dh_context_.openssl_ecdh_pkey_);
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_KEY);
+      details::reset(dh_context_->openssl_ecdh_pkey_);
+      if (EVP_PKEY_keygen(shared_context_->get_dh_parameter().keygen_ctx, &dh_context_->openssl_ecdh_pkey_) <= 0) {
+        details::reset(dh_context_->openssl_ecdh_pkey_);
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateKey);
        break;
      }
-      if (nullptr == dh_context_.openssl_ecdh_pkey_) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_KEY);
+      if (nullptr == dh_context_->openssl_ecdh_pkey_) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateKey);
        break;
      }

-      if (nullptr == dh_context_.openssl_ecdh_peer_key_) {
-        EVP_PKEY_keygen(shared_context_->get_dh_parameter().keygen_ctx, &dh_context_.openssl_ecdh_peer_key_);
+      if (nullptr == dh_context_->openssl_ecdh_peer_key_) {
+        EVP_PKEY_keygen(shared_context_->get_dh_parameter().keygen_ctx, &dh_context_->openssl_ecdh_peer_key_);
      }
-      if (nullptr == dh_context_.openssl_ecdh_peer_key_) {
-        ret = details::setup_errorno(*this, 0, error_code_t::MALLOC);
+      if (nullptr == dh_context_->openssl_ecdh_peer_key_) {
+        ret = details::setup_errorno(*this, 0, error_code_t::kMalloc);
        break;
      }

-      // int type_id = EVP_PKEY_id(dh_context_.openssl_ecdh_pkey_);
+      // int type_id = EVP_PKEY_id(dh_context_->openssl_ecdh_pkey_);
      //     Still missing nid information if type_id == EVP_PKEY_EC
-      // if (EVP_PKEY_set_type(dh_context_.openssl_ecdh_peer_key_, type_id) <= 0) {
-      //     ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::NOT_SUPPORT);
-      //     details::reset(dh_context_.openssl_ecdh_peer_key_);
+      // if (EVP_PKEY_set_type(dh_context_->openssl_ecdh_peer_key_, type_id) <= 0) {
+      //     ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kNotSupport);
+      //     details::reset(dh_context_->openssl_ecdh_peer_key_);
      //     break;
      // }

-      if (crypto_dh_EVP_PKEY_set1_tls_encodedpoint(dh_context_.openssl_ecdh_peer_key_, &input[curve_grp_len],
+      if (crypto_dh_EVP_PKEY_set1_tls_encodedpoint(dh_context_->openssl_ecdh_peer_key_, &input[curve_grp_len],
                                                   encoded_pt_len) <= 0) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::NOT_SUPPORT);
-        details::reset(dh_context_.openssl_ecdh_peer_key_);
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kNotSupport);
+        details::reset(dh_context_->openssl_ecdh_peer_key_);
        break;
      }

 #  elif defined(ATFRAMEWORK_UTILS_CRYPTO_USE_MBEDTLS)
      const unsigned char *dh_params_beg = input;
-      int res = mbedtls_ecdh_read_params(&dh_context_.mbedtls_ecdh_ctx_, &dh_params_beg, dh_params_beg + ilen);
+      int res = mbedtls_ecdh_read_params(&dh_context_->mbedtls_ecdh_ctx_, &dh_params_beg, dh_params_beg + ilen);
      if (0 != res) {
-        ret = details::setup_errorno(*this, res, error_code_t::INIT_DH_READ_PARAM);
+        ret = details::setup_errorno(*this, res, error_code_t::kInitDhReadParam);
        break;
      }
 #  endif
      break;
    }
    default: {
-      details::setup_errorno(*this, 0, error_code_t::NOT_SUPPORT);
+      details::setup_errorno(*this, 0, error_code_t::kNotSupport);
    }
  }

  return ret;
 }  // namespace crypto

-ATFRAMEWORK_UTILS_API int dh::make_public(std::vector<unsigned char> &param) {
+ATFRAMEWORK_UTILS_API dh::error_code_t dh::make_public(std::vector<unsigned char> &param) {
  if (!shared_context_) {
-    return details::setup_errorno(*this, 0, error_code_t::NOT_INITED);
+    return details::setup_errorno(*this, 0, error_code_t::kNotInited);
  }

-  int ret = details::setup_errorno(*this, 0, error_code_t::OK);
+  error_code_t ret = details::setup_errorno(*this, 0, error_code_t::kOk);
  switch (shared_context_->get_method()) {
 #  if !defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
-    case method_t::EN_CDT_DH: {
+    case method_t::kDh: {
 #    if defined(ATFRAMEWORK_UTILS_CRYPTO_USE_OPENSSL) || defined(ATFRAMEWORK_UTILS_CRYPTO_USE_LIBRESSL)
-      if (nullptr == dh_context_.openssl_dh_pkey_) {
-        ret = details::setup_errorno(*this, 0, error_code_t::INIT_DH_READ_PARAM);
+      if (nullptr == dh_context_->openssl_dh_pkey_) {
+        ret = details::setup_errorno(*this, 0, error_code_t::kInitDhReadParam);



-      if (nullptr == dh_context_.openssl_pkey_ctx_) {
-        dh_context_.openssl_pkey_ctx_ = EVP_PKEY_CTX_new(dh_context_.openssl_dh_pkey_, nullptr);
-        if (nullptr != dh_context_.openssl_pkey_ctx_) {
-          if (EVP_PKEY_derive_init(dh_context_.openssl_pkey_ctx_) <= 0) {
-            ret =
-                details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::INIT_DH_GENERATE_SECRET);
-            details::reset(dh_context_.openssl_pkey_ctx_);
+      if (nullptr == dh_context_->openssl_pkey_ctx_) {
+        dh_context_->openssl_pkey_ctx_ = EVP_PKEY_CTX_new(dh_context_->openssl_dh_pkey_, nullptr);
+        if (nullptr != dh_context_->openssl_pkey_ctx_) {
+          if (EVP_PKEY_derive_init(dh_context_->openssl_pkey_ctx_) <= 0) {
+            ret = details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::kInitDhGenerateSecret);
+            details::reset(dh_context_->openssl_pkey_ctx_);
          }
        }
      }
-      if (nullptr == dh_context_.openssl_pkey_ctx_) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+      if (nullptr == dh_context_->openssl_pkey_ctx_) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::kInitDhGenerateSecret);
        break;
      }

 #      if !defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
-      if (dh_context_.openssl_dh_peer_key_ != EVP_PKEY_CTX_get0_peerkey(dh_context_.openssl_pkey_ctx_)) {
+      if (dh_context_->openssl_dh_peer_key_ != EVP_PKEY_CTX_get0_peerkey(dh_context_->openssl_pkey_ctx_)) {
 #      endif
-        if (EVP_PKEY_derive_set_peer(dh_context_.openssl_pkey_ctx_, dh_context_.openssl_dh_peer_key_) <= 0) {
-          ret =
-              details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+        if (EVP_PKEY_derive_set_peer(dh_context_->openssl_pkey_ctx_, dh_context_->openssl_dh_peer_key_) <= 0) {
+          ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateSecret);
          break;
        }
 #      if !defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
      }
 #      endif

      // puts("pkey: params");
-      // EVP_PKEY_print_params_fp(stdout, dh_context_.openssl_dh_pkey_, 2, nullptr);
+      // EVP_PKEY_print_params_fp(stdout, dh_context_->openssl_dh_pkey_, 2, nullptr);
      // puts("pkey: public");
-      // EVP_PKEY_print_public_fp(stdout, dh_context_.openssl_dh_pkey_, 2, nullptr);
+      // EVP_PKEY_print_public_fp(stdout, dh_context_->openssl_dh_pkey_, 2, nullptr);
      // puts("pkey: private");
-      // EVP_PKEY_print_private_fp(stdout, dh_context_.openssl_dh_pkey_, 2, nullptr);
+      // EVP_PKEY_print_private_fp(stdout, dh_context_->openssl_dh_pkey_, 2, nullptr);
      // puts("peer_key: params");
-      // EVP_PKEY_print_params_fp(stdout, dh_context_.openssl_dh_peer_key_, 2, nullptr);
+      // EVP_PKEY_print_params_fp(stdout, dh_context_->openssl_dh_peer_key_, 2, nullptr);
      // puts("peer_key: public");
-      // EVP_PKEY_print_public_fp(stdout, dh_context_.openssl_dh_peer_key_, 2, nullptr);
+      // EVP_PKEY_print_public_fp(stdout, dh_context_->openssl_dh_peer_key_, 2, nullptr);
      // puts("peer_key: private");
-      // EVP_PKEY_print_private_fp(stdout, dh_context_.openssl_dh_peer_key_, 2, nullptr);
+      // EVP_PKEY_print_private_fp(stdout, dh_context_->openssl_dh_peer_key_, 2, nullptr);

      size_t secret_len = 0;
-      if (EVP_PKEY_derive(dh_context_.openssl_pkey_ctx_, nullptr, &secret_len) <= 0) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+      if (EVP_PKEY_derive(dh_context_->openssl_pkey_ctx_, nullptr, &secret_len) <= 0) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateSecret);
        break;
      }

      output.resize(static_cast<size_t>((secret_len + 7) / 8) * 8, 0);
-      if ((EVP_PKEY_derive(dh_context_.openssl_pkey_ctx_, &output[0], &secret_len)) <= 0) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+      if ((EVP_PKEY_derive(dh_context_->openssl_pkey_ctx_, &output[0], &secret_len)) <= 0) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateSecret);
        break;
      }
      output.resize(static_cast<size_t>(secret_len));

 #    elif defined(ATFRAMEWORK_UTILS_CRYPTO_USE_MBEDTLS)
      size_t psz = MBEDTLS_PREMASTER_SIZE;
      // generate next_secret
      output.resize(psz, 0);
      int res;
-      res = mbedtls_dhm_calc_secret(&dh_context_.mbedtls_dh_ctx_, &output[0], psz, &psz, mbedtls_ctr_drbg_random,
+      res = mbedtls_dhm_calc_secret(&dh_context_->mbedtls_dh_ctx_, &output[0], psz, &psz, mbedtls_ctr_drbg_random,
                                    &shared_context_->get_random_engine().ctr_drbg);
      if (0 != res) {
-        ret = details::setup_errorno(*this, res, error_code_t::INIT_DH_GENERATE_SECRET);
+        ret = details::setup_errorno(*this, res, error_code_t::kInitDhGenerateSecret);
        break;
      }
      output.resize(psz);

 #    endif
      break;
    }
 #  endif
-    case method_t::EN_CDT_ECDH: {
+    case method_t::kEcdh: {
 #  if defined(ATFRAMEWORK_UTILS_CRYPTO_USE_OPENSSL) || defined(ATFRAMEWORK_UTILS_CRYPTO_USE_LIBRESSL) || \
      defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
-      if (nullptr == dh_context_.openssl_ecdh_pkey_) {
-        ret = details::setup_errorno(*this, 0, error_code_t::NOT_INITED);
+      if (nullptr == dh_context_->openssl_ecdh_pkey_) {
+        ret = details::setup_errorno(*this, 0, error_code_t::kNotInited);
        break;
      }

-      if (nullptr == dh_context_.openssl_ecdh_peer_key_) {
-        ret = details::setup_errorno(*this, 0, error_code_t::NOT_INITED);
+      if (nullptr == dh_context_->openssl_ecdh_peer_key_) {
+        ret = details::setup_errorno(*this, 0, error_code_t::kNotInited);
        break;
      }

-      if (nullptr != dh_context_.openssl_pkey_ctx_) {
-        if (dh_context_.openssl_ecdh_pkey_ != EVP_PKEY_CTX_get0_pkey(dh_context_.openssl_pkey_ctx_)) {
-          details::reset(dh_context_.openssl_pkey_ctx_);
+      if (nullptr != dh_context_->openssl_pkey_ctx_) {
+        if (dh_context_->openssl_ecdh_pkey_ != EVP_PKEY_CTX_get0_pkey(dh_context_->openssl_pkey_ctx_)) {
+          details::reset(dh_context_->openssl_pkey_ctx_);
        }
      }

-      if (nullptr == dh_context_.openssl_pkey_ctx_) {
-        dh_context_.openssl_pkey_ctx_ = EVP_PKEY_CTX_new(dh_context_.openssl_ecdh_pkey_, nullptr);
-        if (nullptr != dh_context_.openssl_pkey_ctx_) {
-          if (EVP_PKEY_derive_init(dh_context_.openssl_pkey_ctx_) <= 0) {
-            ret =
-                details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::INIT_DH_GENERATE_SECRET);
-            details::reset(dh_context_.openssl_pkey_ctx_);
+      if (nullptr == dh_context_->openssl_pkey_ctx_) {
+        dh_context_->openssl_pkey_ctx_ = EVP_PKEY_CTX_new(dh_context_->openssl_ecdh_pkey_, nullptr);
+        if (nullptr != dh_context_->openssl_pkey_ctx_) {
+          if (EVP_PKEY_derive_init(dh_context_->openssl_pkey_ctx_) <= 0) {
+            ret = details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::kInitDhGenerateSecret);
+            details::reset(dh_context_->openssl_pkey_ctx_);
          }
        }
      }

-      if (nullptr == dh_context_.openssl_pkey_ctx_) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+      if (nullptr == dh_context_->openssl_pkey_ctx_) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_get_error()), error_code_t::kInitDhGenerateSecret);
        break;
      }

 #    if !defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
-      if (dh_context_.openssl_ecdh_peer_key_ != EVP_PKEY_CTX_get0_peerkey(dh_context_.openssl_pkey_ctx_)) {
+      if (dh_context_->openssl_ecdh_peer_key_ != EVP_PKEY_CTX_get0_peerkey(dh_context_->openssl_pkey_ctx_)) {
 #    endif
-        if (EVP_PKEY_derive_set_peer(dh_context_.openssl_pkey_ctx_, dh_context_.openssl_ecdh_peer_key_) <= 0) {
-          ret =
-              details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+        if (EVP_PKEY_derive_set_peer(dh_context_->openssl_pkey_ctx_, dh_context_->openssl_ecdh_peer_key_) <= 0) {
+          ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateSecret);
          break;
        }
 #    if !defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
      }
 #    endif

      size_t secret_len = 0;
-      if (EVP_PKEY_derive(dh_context_.openssl_pkey_ctx_, nullptr, &secret_len) <= 0) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+      if (EVP_PKEY_derive(dh_context_->openssl_pkey_ctx_, nullptr, &secret_len) <= 0) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateSecret);
        break;
      }

      output.resize(static_cast<size_t>((secret_len + 7) / 8) * 8, 0);
-      if ((EVP_PKEY_derive(dh_context_.openssl_pkey_ctx_, &output[0], &secret_len)) <= 0) {
-        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_SECRET);
+      if ((EVP_PKEY_derive(dh_context_->openssl_pkey_ctx_, &output[0], &secret_len)) <= 0) {
+        ret = details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateSecret);
        break;
      }
      output.resize(static_cast<size_t>(secret_len));

 #  elif defined(ATFRAMEWORK_UTILS_CRYPTO_USE_MBEDTLS)
      unsigned char buf[CRYPTO_DH_MAX_KEY_LEN];
      // usually is group size
      size_t olen = 0;
      int res;
-      res = mbedtls_ecdh_calc_secret(&dh_context_.mbedtls_ecdh_ctx_, &olen, buf, sizeof(buf), mbedtls_ctr_drbg_random,
+      res = mbedtls_ecdh_calc_secret(&dh_context_->mbedtls_ecdh_ctx_, &olen, buf, sizeof(buf), mbedtls_ctr_drbg_random,
                                     &shared_context_->get_random_engine().ctr_drbg);
      if (0 != res) {
-        ret = details::setup_errorno(*this, res, error_code_t::INIT_DH_GENERATE_SECRET);
+        ret = details::setup_errorno(*this, res, error_code_t::kInitDhGenerateSecret);
        break;
      }

      output.assign(buf, buf + olen);
 #  endif
      break;
    }
    default: {
-      details::setup_errorno(*this, 0, error_code_t::NOT_SUPPORT);
+      details::setup_errorno(*this, 0, error_code_t::kNotSupport);
    }
  }

  return ret;
 }

 ATFRAMEWORK_UTILS_API const std::vector<std::string> &dh::get_all_curve_names() {
  static std::vector<std::string> ret;
  if (ret.empty()) {
    for (int i = 1; details::supported_dh_curves[i][0] != nullptr; ++i) {
      if (nullptr == details::supported_dh_curves[i][0] || 0 == strlen(details::supported_dh_curves[i][0])) {
        continue;
      }
 #  if defined(ATFRAMEWORK_UTILS_CRYPTO_USE_OPENSSL) || defined(ATFRAMEWORK_UTILS_CRYPTO_USE_LIBRESSL) || \
      defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
      if (0 != details::supported_dh_curves_openssl[i]) {
        unsigned int gtype = 0;
        int group_id = tls1_nid2group_id(details::supported_dh_curves_openssl[i]);
        if (0 == group_id) {
          continue;
        }
        int nid = tls1_ec_group_id2nid(group_id, &gtype);

        if (gtype == TLS_CURVE_CUSTOM) {
          details::openssl_raii<EVP_PKEY_CTX> pctx_keygen(EVP_PKEY_CTX_new_id(nid, nullptr));
          if (!pctx_keygen) {
            continue;
          }

          if (EVP_PKEY_keygen_init(pctx_keygen.get()) <= 0) {
            continue;
          }

          details::openssl_raii<EVP_PKEY_CTX> pctx_paramgen(EVP_PKEY_CTX_new_id(nid, nullptr));
          if (!pctx_paramgen) {
            continue;
          }

          if (EVP_PKEY_paramgen_init(pctx_paramgen.get()) <= 0) {
            continue;
          }
        } else {
          details::openssl_raii<EVP_PKEY_CTX> pctx_keygen(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr));
          if (!pctx_keygen) {
            continue;
          }
          if (EVP_PKEY_keygen_init(pctx_keygen.get()) <= 0) {
            continue;
          }

          if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx_keygen.get(), nid) <= 0) {
            continue;
          }

          details::openssl_raii<EVP_PKEY_CTX> pctx_paramgen(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr));
          if (!pctx_paramgen) {
            continue;
          }

          if (EVP_PKEY_paramgen_init(pctx_paramgen.get()) <= 0) {
            continue;
          }

          if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx_paramgen.get(), nid) <= 0) {
            continue;
          }
        }

        for (const auto &curve_name : details::supported_dh_curves[i]) {
          if (nullptr != curve_name && 0 != curve_name[0]) {
            ret.push_back(std::string("ecdh:") + curve_name);
            break;
          }
        }
      }
 #  else
      if (nullptr != mbedtls_ecp_curve_info_from_name(details::supported_dh_curves[i][0])) {
        for (const auto &curve_name : details::supported_dh_curves[i]) {
          if (nullptr != curve_name && 0 != curve_name[0]) {
            ret.push_back(std::string("ecdh:") + curve_name);
            break;
          }
        }
      }
 #  endif
    }
  }

  return ret;
 }

 #  if defined(ATFRAMEWORK_UTILS_CRYPTO_USE_OPENSSL) || defined(ATFRAMEWORK_UTILS_CRYPTO_USE_LIBRESSL) || \
      defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
-int dh::check_or_setup_ecp_id(int group_id) {
+dh::error_code_t dh::check_or_setup_ecp_id(int group_id) {
  if (!shared_context_) {
-    return details::setup_errorno(*this, 0, error_code_t::NOT_INITED);
+    return details::setup_errorno(*this, 0, error_code_t::kNotInited);
  }

-  int ret = shared_context_->try_reset_ecp_id(group_id);
-  if (error_code_t::OK != ret) {
-    return details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), static_cast<error_code_t::type>(ret));
+  error_code_t ret = shared_context_->try_reset_ecp_id(group_id);
+  if (error_code_t::kOk != ret) {
+    return details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), ret);
  }

  if (nullptr == shared_context_->get_dh_parameter().keygen_ctx) {
-    return details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::INIT_DH_GENERATE_KEY);
+    return details::setup_errorno(*this, static_cast<int>(ERR_peek_error()), error_code_t::kInitDhGenerateKey);
  }

  return ret;
 }

 #    if !defined(ATFRAMEWORK_UTILS_CRYPTO_USE_BORINGSSL)
-int dh::check_or_setup_dh_pg_gy(BIGNUM *&DH_p, BIGNUM *&DH_g, BIGNUM *&DH_gy) {
+dh::error_code_t dh::check_or_setup_dh_pg_gy(BIGNUM *&DH_p, BIGNUM *&DH_g, BIGNUM *&DH_gy) {
  if (!shared_context_) {
-    return details::setup_errorno(*this, 0, error_code_t::NOT_INITED);
+    return details::setup_errorno(*this, 0, error_code_t::kNotInited);
  }

-  if (nullptr != dh_context_.openssl_pkey_ctx_) {
-    return error_code_t::ALREADY_INITED;
+  if (nullptr != dh_context_->openssl_pkey_ctx_) {
+    return error_code_t::kAlreadyInited;
  }

  // import P,G,GY
  // @see int ssl3_get_key_exchange(SSL *s) in s3_clnt.c                                          -- openssl 1.0.x
  // @see int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) in statem_clnt.c --
  // openssl 1.1.x/3.x.x

  // puts("check_or_setup_dh_pg_gy");
  // BN_print_fp(stdout, DH_p);
  // BN_print_fp(stdout, DH_g);
  // BN_print_fp(stdout, DH_gy);

-  int ret = error_code_t::OK;
+  error_code_t ret = error_code_t::kOk;
  do {
    ret = shared_context_->try_reset_dh_params(DH_p, DH_g);


Copilot

Pull request overview

This PR updates the crypto HMAC/HKDF, DH/ECDH, and cipher APIs/tests to use strongly-typed enum class values (and new naming like kOk, kEncrypt, kDh) instead of legacy unscoped enums/ints.

Changes:

Convert several public error-code and mode enums to enum class and update function signatures accordingly.
Move crypto-library-specific includes out of public headers into .cpp files and introduce forward declarations to reduce header dependencies.
Update unit tests to compare against the new enum-class constants and adjusted method names.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
`include/algorithm/crypto_hmac.h`	Switch HMAC/HKDF error codes to `enum class` and update public API signatures.
`src/algorithm/crypto_hmac.cpp`	Adjust implementations to return enum-class error codes; relocate crypto includes into `.cpp`.
`include/algorithm/crypto_dh.h`	Switch DH method/error codes to `enum class`, reduce header dependencies via forward declarations, and adjust API types.
`src/algorithm/crypto_dh.cpp`	Refactor DH implementation to match new enum-class APIs and internalize backend-specific structs.
`include/algorithm/crypto_cipher.h`	Switch cipher mode/error codes to `enum class`, add bitmask helpers, and update init signature to `int32_t`.
`src/algorithm/crypto_cipher.cpp`	Update implementation for new enum-class error codes/mode masks while keeping `int` return codes.
`test/case/crypto_hmac_test.cpp`	Update tests to use enum-class return values (`auto ret`, compare to `kOk`, etc.).
`test/case/crypto_dh_test.cpp`	Update tests to use new DH method/error enums (`kDh`, `kEcdh`, `kOk`).
`test/case/crypto_cipher_test.cpp`	Update tests to use new cipher mode enum-class and mask handling.

Copilot · 2026-04-23T15:33:50Z

+    ret = error_code_t::kOperation;
  }

 #  elif defined(LIBATFRAME_ATGATEWAY_ENABLE_MBEDTLS)


In shared_context::random, the mbedtls branch is guarded by LIBATFRAME_ATGATEWAY_ENABLE_MBEDTLS, but the rest of this file uses ATFRAMEWORK_UTILS_CRYPTO_USE_MBEDTLS. As written, mbedtls builds will skip the RNG call entirely and still return kOk, leaving the output buffer uninitialized. Use the same mbedtls feature macro here (and ensure the function returns kOperation on failure).

Suggested change

# elif defined(LIBATFRAME_ATGATEWAY_ENABLE_MBEDTLS)

# elif defined(ATFRAMEWORK_UTILS_CRYPTO_USE_MBEDTLS)

Fixes enum class

529b4f1

Copilot AI review requested due to automatic review settings April 23, 2026 15:26

Copilot started reviewing on behalf of owent April 23, 2026 15:29 View session

github-advanced-security AI found potential problems Apr 23, 2026

View reviewed changes

Copilot AI reviewed Apr 23, 2026

View reviewed changes

Fixes include

e40b56e

owent merged commit e40b56e into main Apr 23, 2026
20 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fixes enum class#90

Fixes enum class#90
owent merged 2 commits into
mainfrom
dev

owent commented Apr 23, 2026

Uh oh!

Copilot AI left a comment

Uh oh!

Copilot AI Apr 23, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

	# elif defined(LIBATFRAME_ATGATEWAY_ENABLE_MBEDTLS)
	# elif defined(ATFRAMEWORK_UTILS_CRYPTO_USE_MBEDTLS)

Conversation

owent commented Apr 23, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Copilot AI Apr 23, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants