Merge pull request #3752 from JacobBarthelmeh/Jenkins

changes from nightly Jenkins test review

src/ssl.c

@@ -11957,11 +11957,8 @@ int wolfSSL_export_keying_material(WOLFSSL *ssl,
         const unsigned char *context, size_t contextLen,
         int use_context)
 {
-    byte* seed = NULL;
-    /* clientRandom + serverRandom
-     * OR
-     * clientRandom + serverRandom + ctx len encoding + ctx */
-    word32 seedLen = !use_context ? SEED_LEN : SEED_LEN + 2 + (word32)contextLen;
+    byte*  seed = NULL;
+    word32 seedLen;
     const struct ForbiddenLabels* fl;
 
     WOLFSSL_ENTER("wolfSSL_export_keying_material");
@@ -11972,6 +11969,12 @@ int wolfSSL_export_keying_material(WOLFSSL *ssl,
         return WOLFSSL_FAILURE;
     }
 
+    /* clientRandom + serverRandom
+     * OR
+     * clientRandom + serverRandom + ctx len encoding + ctx */
+    seedLen = !use_context ? (word32)SEED_LEN :
+                             (word32)SEED_LEN + 2 + (word32)contextLen;
+
     if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
         WOLFSSL_MSG("To export keying material wolfSSL needs to keep handshake "
                     "data. Call wolfSSL_KeepArrays before attempting to "

src/tls13.c

@@ -777,24 +777,24 @@ int Tls13_Exporter(WOLFSSL* ssl, unsigned char *out, size_t outLen,
     switch (ssl->specs.mac_algorithm) {
         #ifndef NO_SHA256
         case sha256_mac:
-            hashType = WC_SHA256;
-            hashLen = WC_SHA256_DIGEST_SIZE;
+            hashType  = WC_HASH_TYPE_SHA256;
+            hashLen   = WC_SHA256_DIGEST_SIZE;
             emptyHash = emptySHA256Hash;
             break;
         #endif
 
         #ifdef WOLFSSL_SHA384
         case sha384_mac:
-            hashType = WC_SHA384;
-            hashLen = WC_SHA384_DIGEST_SIZE;
+            hashType  = WC_HASH_TYPE_SHA384;
+            hashLen   = WC_SHA384_DIGEST_SIZE;
             emptyHash = emptySHA384Hash;
             break;
         #endif
 
         #ifdef WOLFSSL_TLS13_SHA512
         case sha512_mac:
-            hashType = WC_SHA512;
-            hashLen = WC_SHA512_DIGEST_SIZE;
+            hashType  = WC_HASH_TYPE_SHA512;
+            hashLen   = WC_SHA512_DIGEST_SIZE;
             emptyHash = emptySHA512Hash;
             break;
         #endif

tests/api.c

@@ -24759,7 +24759,7 @@ static void test_wc_PKCS7_DecodeCompressedData(void)
     && !defined(NO_AES) && defined(HAVE_LIBZ)
     PKCS7* pkcs7;
     void*  heap = NULL;
-    byte   out[3072];
+    byte   out[4096];
     byte   *decompressed;
     int    outSz, decompressedSz;
 
@@ -40234,7 +40234,7 @@ static void test_export_keying_material(void)
 
     start_thread(test_server_nofail, &server_args, &serverThread);
     wait_tcp_ready(&server_args);
-    test_client_nofail(&client_args, test_export_keying_material_cb);
+    test_client_nofail(&client_args, (void*)test_export_keying_material_cb);
     join_thread(serverThread);
 
     AssertTrue(client_args.return_code);

testsuite/testsuite.c

@@ -37,6 +37,7 @@
 #include <wolfssl/openssl/ssl.h>
 #endif
 #include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/ecc.h>
 
 #include <examples/echoclient/echoclient.h>
 #include <examples/echoserver/echoserver.h>

wolfssl/wolfcrypt/tfm.h

@@ -70,11 +70,6 @@
       #define TFM_X86_64
    #endif
 #endif
-#if defined(__aarch64__)
-    #if !defined(TFM_AARCH_64) && !defined(TFM_NO_ASM)
-        #define TFM_AARCH_64
-    #endif
-#endif
 #if defined(TFM_X86_64) || defined(TFM_AARCH_64)
     #if !defined(FP_64BIT)
        #define FP_64BIT