From c2032c64d2fe897e174444238b672fb530ced5cf Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 14 Jun 2019 09:43:02 -0700 Subject: [PATCH] CAVP self test build fixes for AES-CCM and PKCS7 --- wolfcrypt/src/pkcs7.c | 6 ------ wolfcrypt/test/test.c | 5 +++++ wolfssl/wolfcrypt/pkcs7.h | 8 +++++--- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index ef259b187..fb6051011 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -51,12 +51,6 @@ #include #endif -#ifdef HAVE_SELFTEST -enum { - GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */ -}; -#endif - /* direction for processing, encoding or decoding */ typedef enum { WC_PKCS7_ENCODE, diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 86182bca4..6c6c1ea7c 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -7939,8 +7939,12 @@ int aesccm_test(void) XMEMSET(p2, 0, sizeof(p2)); XMEMSET(iv2, 0, sizeof(iv2)); +#ifndef HAVE_SELFTEST + /* selftest build does not have wc_AesCcmSetNonce() or + * wc_AesCcmEncrypt_ex() */ if (wc_AesCcmSetKey(&enc, k, sizeof(k)) != 0) return -8220; + if (wc_AesCcmSetNonce(&enc, iv, sizeof(iv)) != 0) return -8221; if (wc_AesCcmEncrypt_ex(&enc, c2, p, sizeof(c2), iv2, sizeof(iv2), @@ -7952,6 +7956,7 @@ int aesccm_test(void) return -8224; if (XMEMCMP(t, t2, sizeof(t2))) return -8225; +#endif return 0; } diff --git a/wolfssl/wolfcrypt/pkcs7.h b/wolfssl/wolfcrypt/pkcs7.h index c49f378ff..18a75579e 100644 --- a/wolfssl/wolfcrypt/pkcs7.h +++ b/wolfssl/wolfcrypt/pkcs7.h @@ -153,9 +153,11 @@ enum Pkcs7_Misc { MAX_RECIP_SZ = MAX_VERSION_SZ + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ, -#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) - /* In the event of fips cert 3389 these enums are not in aes.h for use - * with pkcs7 so enumerate it here outside the fips boundary */ +#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ + (HAVE_FIPS_VERSION >= 2)) || defined(HAVE_SELFTEST) + /* In the event of fips cert 3389 or CAVP selftest build, these enums are + * not in aes.h for use with pkcs7 so enumerate it here outside the fips + * boundary */ GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */ CCM_NONCE_MIN_SZ = 7, #endif