Added changes Chris requested.

Moved error-crypt.h location and corrected FIPS return code.

Made requested changes to printf where 0 == 0.

src/internal.c

@@ -5649,13 +5649,14 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
 #endif
 #ifndef NO_OLD_TLS
     if (!ssl->options.tls) {
-        if (BuildMD5(ssl, hashes, sender) != 0) {
+        ret = BuildMD5(ssl, hashes, sender);
+        if (ret != 0) {
         #ifdef WOLFSSL_SMALL_STACK
         #ifdef WOLFSSL_SHA384
             XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         #endif
         #endif
-            return SSL_FATAL_ERROR;
+            return ret;
         }
         BuildSHA(ssl, hashes, sender);
     }
@@ -10339,8 +10340,9 @@ static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
     }
 #if ! defined( NO_OLD_TLS )
     else {
-        if (BuildMD5_CertVerify(ssl, hashes->md5) != 0) {
-            return SSL_FATAL_ERROR;
+        ret = BuildMD5_CertVerify(ssl, hashes->md5);
+        if (ret  != 0) {
+            return ret;
         }
         BuildSHA_CertVerify(ssl, hashes->sha);
     }

src/ssl.c

@@ -10377,8 +10377,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
         (void)type;
 
         WOLFSSL_ENTER("wolfSSL_EVP_BytesToKey");
-        if (wc_InitMd5(md5)) {
-            return SSL_FATAL_ERROR;
+        ret = wc_InitMd5(md5);
+        if (ret != 0) {
+            return ret;
         }
 
         /* only support MD5 for now */

tests/api.c

@@ -2426,7 +2426,7 @@ static int test_wc_InitSha384 (void)
 /*
  * Testing wc_UpdateMd5()
  */
-static int test_wc_UpdateMd5 (void)
+static int test_wc_Md5Update (void)
 {
 
 #ifndef NO_MD5
@@ -2471,7 +2471,7 @@ static int test_wc_UpdateMd5 (void)
         return ret;
     }
     if (ret != 0 && XMEMCMP(hash, a.output, MD5_DIGEST_SIZE) != 0) {
-               return SSL_FAILURE;
+        return SSL_FAILURE;
     }
 
     /*Pass in bad values. */
@@ -2497,14 +2497,13 @@ static int test_wc_UpdateMd5 (void)
         return SSL_FAILURE;
     }
 
-    /* If not returned then the unit test passed test vectors. */
-    printf(resultFmt, 0 == 0 ? passed : failed);
+    printf(resultFmt, ret == BAD_FUNC_ARG ? passed : failed);
 
-    return SSL_SUCCESS;
+        return SSL_SUCCESS;
 #else
     return SSL_SUCCESS;
 #endif
-} /* END test_wc_UpdateMd5  */
+} /* END test_wc_Md5Update()  */
 
 /*
  *  Tesing wc_ShaUpdate()
@@ -2579,14 +2578,14 @@ static int test_wc_ShaUpdate (void)
     }
 
     /* If not returned then the unit test passed test vectors. */
-    printf(resultFmt, 0 == 0 ? passed : failed);
+    printf(resultFmt, ret == BAD_FUNC_ARG ? passed : failed);
 
     return SSL_SUCCESS;
 #else
     return SSL_SUCCESS;
 #endif
 
-} /* END test_wc_ShaFinal */
+} /* END test_wc_ShaUpdate() */
 
 
 /*
@@ -2663,7 +2662,7 @@ static int test_wc_Sha256Update (void)
     }
 
     /* If not returned then the unit test passed. */
-    printf(resultFmt, 0 == 0 ? passed : failed);
+    printf(resultFmt, ret == BAD_FUNC_ARG ? passed : failed);
 
     return SSL_SUCCESS;
 #else 
@@ -2748,7 +2747,7 @@ static int test_wc_Sha384Update (void)
     }
 
     /* If not returned then the unit test passed test vectors. */
-    printf(resultFmt, 0 == 0 ? passed : failed);
+    printf(resultFmt, ret == BAD_FUNC_ARG ? passed : failed);
 
     return SSL_SUCCESS;
 #else
@@ -2833,7 +2832,7 @@ static int test_wc_Sha512Update (void)
     }
 
     /* If not returned then the unit test passed test vectors. */
-    printf(resultFmt, 0 == 0 ? passed : failed);
+    printf(resultFmt, ret == BAD_FUNC_ARG ? passed : failed);
 
     return SSL_SUCCESS;
 #else
@@ -3972,7 +3971,7 @@ void ApiTest(void)
     printf("\n-----------------wolfcrypt unit tests------------------\n");
     AssertFalse(test_wolfCrypt_Init());
     AssertTrue(test_wc_InitMd5());
-    AssertTrue(test_wc_UpdateMd5());
+    AssertTrue(test_wc_Md5Update());
     AssertTrue(test_wc_Md5Final());
     AssertTrue(test_wc_InitSha());
     AssertTrue(test_wc_ShaUpdate());

wolfcrypt/src/sha.c

@@ -30,14 +30,14 @@
 #if !defined(NO_SHA)
 
 #include <wolfssl/wolfcrypt/sha.h>
-
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 /* fips wrapper calls, user can call direct */
 #ifdef HAVE_FIPS
 	int wc_InitSha(Sha* sha)
 	{
         if (sha == NULL) {
-            return -173;
+            return BAD_FUNC_ARG;
         }
 	    return InitSha_fips(sha);
 	}
@@ -45,7 +45,7 @@
 	int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
 	{
         if (sha == NULL || (data == NULL && len > 0)) {
-            return -173;
+            return BAD_FUNC_ARG;
         }
 	    return ShaUpdate_fips(sha, data, len);
 	}
@@ -53,7 +53,7 @@
 	int wc_ShaFinal(Sha* sha, byte* out)
 	{
         if (sha == NULL || out == NULL) {
-            return -173;
+            return BAD_FUNC_ARG;
         }
 	    return ShaFinal_fips(sha,out);
     }
@@ -61,7 +61,6 @@
 #else /* else build without fips */
 
 #include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
 #else

wolfcrypt/src/sha256.c

@@ -28,6 +28,7 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #if !defined(NO_SHA256)
 #ifdef HAVE_FIPS
@@ -35,7 +36,7 @@
 int wc_InitSha256(Sha256* sha)
 {
     if (sha == NULL) {
-        return -173;
+        return BAD_FUNC_ARG;;
     }
     return InitSha256_fips(sha);
 }
@@ -44,7 +45,7 @@ int wc_InitSha256(Sha256* sha)
 int wc_Sha256Update(Sha256* sha, const byte* data, word32 len)
 {
     if (sha == NULL ||  (data == NULL && len > 0)) {
-        return -173;
+        return BAD_FUNC_ARG;;
     }
     return Sha256Update_fips(sha, data, len);
 }
@@ -53,7 +54,7 @@ int wc_Sha256Update(Sha256* sha, const byte* data, word32 len)
 int wc_Sha256Final(Sha256* sha, byte* out)
 {
     if (sha == NULL || out == NULL) {
-        return -173;
+        return BAD_FUNC_ARG;;
     }
     return Sha256Final_fips(sha, out);
 }
@@ -285,7 +286,6 @@ static void set_Transform(void) {
 #endif
 
 #include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>

wolfcrypt/src/sha512.c

@@ -28,12 +28,13 @@
 #include <wolfssl/wolfcrypt/sha512.h>
 
 #ifdef WOLFSSL_SHA512
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifdef HAVE_FIPS
 int wc_InitSha512(Sha512* sha)
 {
     if (sha == NULL) {
-        return -173;
+        return BAD_FUNC_ARG;
     }
     return InitSha512_fips(sha);
 }
@@ -42,7 +43,7 @@ int wc_InitSha512(Sha512* sha)
 int wc_Sha512Update(Sha512* sha, const byte* data, word32 len)
 {
     if (sha == NULL || (data == NULL && len > 0)) {
-        return -173;
+        return BAD_FUNC_ARG;
     }
     return Sha512Update_fips(sha, data, len);
 }
@@ -51,7 +52,7 @@ int wc_Sha512Update(Sha512* sha, const byte* data, word32 len)
 int wc_Sha512Final(Sha512* sha, byte* out)
 {
     if (sha == NULL || out == NULL) {
-        return -173;
+        return BAD_FUNC_ARG;
     }
     return Sha512Final_fips(sha, out);
 }
@@ -62,7 +63,7 @@ int wc_Sha512Final(Sha512* sha, byte* out)
 int wc_InitSha384(Sha384* sha)
 {
     if (sha == NULL) {
-        return -173;
+        return BAD_FUNC_ARG;
     }
     return InitSha384_fips(sha);
 }
@@ -71,7 +72,7 @@ int wc_InitSha384(Sha384* sha)
 int wc_Sha384Update(Sha384* sha, const byte* data, word32 len)
 {
     if (sha == NULL || (data == NULL && len > 0)) {
-        return -173;
+        return BAD_FUNC_ARG;
     }
     return Sha384Update_fips(sha, data, len);
 }
@@ -80,7 +81,7 @@ int wc_Sha384Update(Sha384* sha, const byte* data, word32 len)
 int wc_Sha384Final(Sha384* sha, byte* out)
 {
     if (sha == NULL || out == NULL) {
-        return -173;
+        return BAD_FUNC_ARG;
     }
     return Sha384Final_fips(sha, out);
 }
@@ -89,7 +90,6 @@ int wc_Sha384Final(Sha384* sha, byte* out)
 #endif /* WOLFSSL_SHA384 */
 #else /* else build without using fips */
 #include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>