From 0e22752af45862f9c67aba30f6b3c61a2018f220 Mon Sep 17 00:00:00 2001
From: jrblixt <jrblixt@gmail.com>
Date: Fri, 19 May 2017 14:37:51 -0600
Subject: [PATCH] Jenkins fixes.

---
 tests/api.c          | 16 ++++++++++------
 wolfcrypt/src/hmac.c | 20 ++++++++++++++++----
 2 files changed, 26 insertions(+), 10 deletions(-)

diff --git a/tests/api.c b/tests/api.c
index 9476503fa..6fe82d56d 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -4473,13 +4473,14 @@ static int test_wc_Md5HmacFinal (void)
         }
     }
 
+#ifndef HAVE_FIPS
     if (!flag) {
         ret = wc_HmacFinal(&hmac, NULL);
         if (ret != BAD_FUNC_ARG) {
             flag = SSL_FATAL_ERROR;
         }
     }
-
+#endif
     printf(resultFmt, flag == 0 ? passed : failed);
 
 #endif
@@ -4544,13 +4545,14 @@ static int test_wc_ShaHmacFinal (void)
         }
     }
 
+#ifndef HAVE_FIPS
     if (!flag) {
         ret = wc_HmacFinal(&hmac, NULL);
         if (ret != BAD_FUNC_ARG) {
             flag = SSL_FATAL_ERROR;
         }
     }
-
+#endif
     printf(resultFmt, flag == 0 ? passed : failed);
 
 #endif
@@ -4616,13 +4618,14 @@ static int test_wc_Sha224HmacFinal (void)
         }
     }
 
+#ifndef HAVE_FIPS
     if (!flag) {
         ret = wc_HmacFinal(&hmac, NULL);
         if (ret != BAD_FUNC_ARG) {
             flag = SSL_FATAL_ERROR;
         }
     }
-
+#endif
     printf(resultFmt, flag == 0 ? passed : failed);
 
 #endif
@@ -4687,13 +4690,14 @@ static int test_wc_Sha256HmacFinal (void)
         }
     }
 
+#ifndef HAVE_FIPS
     if (!flag) {
         ret = wc_HmacFinal(&hmac, NULL);
         if (ret != BAD_FUNC_ARG) {
             flag = SSL_FATAL_ERROR;
         }
     }
-
+#endif
     printf(resultFmt, flag == 0 ? passed : failed);
 
 #endif
@@ -4758,14 +4762,14 @@ static int test_wc_Sha384HmacFinal (void)
             flag = SSL_FATAL_ERROR;
         }
     }
-
+#ifndef HAVE_FIPS
     if (!flag) {
         ret = wc_HmacFinal(&hmac, NULL);
         if (ret != BAD_FUNC_ARG) {
             flag = SSL_FATAL_ERROR;
         }
     }
-
+#endif
     printf(resultFmt, flag == 0 ? passed : failed);
 
 #endif
diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c
index 4ece69def..97fa2e2e0 100755
--- a/wolfcrypt/src/hmac.c
+++ b/wolfcrypt/src/hmac.c
@@ -25,6 +25,7 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifndef NO_HMAC
 
@@ -43,14 +44,28 @@
     /* does init */
     int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
     {
+        if (hmac == NULL || (key == NULL && keySz != 0) ||
+           !(type == MD5 || type == SHA    || type == SHA256 || type == SHA384
+                         || type == SHA512 || type == BLAKE2B_ID)) {
+            return BAD_FUNC_ARG;
+        }
+
         return HmacSetKey_fips(hmac, type, key, keySz);
     }
     int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
     {
+        if (hmac == NULL || in == NULL) {
+            return BAD_FUNC_ARG;
+        }
+
         return HmacUpdate_fips(hmac, in, sz);
     }
     int wc_HmacFinal(Hmac* hmac, byte* out)
     {
+        if (hmac == NULL) {
+            return BAD_FUNC_ARG;
+        }
+
         return HmacFinal_fips(hmac, out);
     }
     int wolfSSL_GetHmacMaxSize(void)
@@ -88,9 +103,6 @@
 #else /* else build without fips */
 
 
-#include <wolfssl/wolfcrypt/error-crypt.h>
-
-
 #ifdef WOLFSSL_PIC32MZ_HASH
     #define wc_InitMd5   wc_InitMd5_sw
     #define wc_Md5Update wc_Md5Update_sw
@@ -510,7 +522,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
 {
     int ret = 0;
 
-    if (hmac == NULL || msg == NULL) {
+    if (hmac == NULL) {
         return BAD_FUNC_ARG;
     }