From e487685d7d694f628060870d5aeaf9b7c4a60e40 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 2 May 2025 13:51:46 -0700
Subject: [PATCH 1/5] Fix for STM32 Hashing status bit checking logic. ZD
 19783. The digest calculation was indicating "not busy" before digest result
 (DCIS) was finished. This did not show up on most systems because the
 computation is usually done by the time it reads.

---
 wolfcrypt/src/port/st/stm32.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/wolfcrypt/src/port/st/stm32.c b/wolfcrypt/src/port/st/stm32.c
index a732ac73a..98f46f4ce 100644
--- a/wolfcrypt/src/port/st/stm32.c
+++ b/wolfcrypt/src/port/st/stm32.c
@@ -258,14 +258,14 @@ static int wc_Stm32_Hash_WaitDone(STM32_HASH_Context* stmCtx)
     (void)stmCtx;
 
     /* wait until not busy and hash digest / input block are complete */
-    while ((HASH->SR & HASH_SR_BUSY) &&
+    while (((HASH->SR & HASH_SR_BUSY)
         #ifdef HASH_IMR_DCIE
-            (HASH->SR & HASH_SR_DCIS) == 0 &&
+            || (HASH->SR & HASH_SR_DCIS) == 0
         #endif
         #ifdef HASH_IMR_DINIE
-            (HASH->SR & HASH_SR_DINIS) == 0 &&
+            || (HASH->SR & HASH_SR_DINIS) == 0
         #endif
-        ++timeout < STM32_HASH_TIMEOUT) {
+        ) && ++timeout < STM32_HASH_TIMEOUT) {
     };
 
 #ifdef DEBUG_STM32_HASH

From 0f4ce03c28ba7984ce09009fefb376bbe6aa4e33 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 2 May 2025 14:18:29 -0700
Subject: [PATCH 2/5] Fixes for `NO_AES_192` and `NO_AES_256`. Added CI test.
 Fixed bad BUILD_ logic for `ADH-AES256-GCM-SHA384`.

---
 .github/workflows/os-check.yml |   1 +
 src/quic.c                     |   4 +
 src/ssl_crypto.c               |  13 +++-
 tests/api.c                    | 137 ++++++++++++++++++++-------------
 tests/api/test_aes.c           |   5 +-
 tests/api/test_aes.h           |   4 +-
 tests/api/test_dtls.c          |   2 +
 tests/suites.c                 |   2 +-
 wolfcrypt/src/pkcs7.c          |   4 -
 wolfcrypt/test/test.c          |  39 +++++++---
 wolfssl/internal.h             |   9 ++-
 11 files changed, 139 insertions(+), 81 deletions(-)

diff --git a/.github/workflows/os-check.yml b/.github/workflows/os-check.yml
index 190a26b62..71f8093fc 100644
--- a/.github/workflows/os-check.yml
+++ b/.github/workflows/os-check.yml
@@ -42,6 +42,7 @@ jobs:
             --enable-psk --enable-aesccm --enable-nullcipher CPPFLAGS=-DWOLFSSL_STATIC_RSA',
           '--enable-ascon --enable-experimental',
           '--enable-ascon CPPFLAGS=-DWOLFSSL_ASCON_UNROLL --enable-experimental',
+          '--enable-all CPPFLAGS=''-DNO_AES_192 -DNO_AES_256'' ',
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
diff --git a/src/quic.c b/src/quic.c
index 5791a7d7c..4c90a8393 100644
--- a/src/quic.c
+++ b/src/quic.c
@@ -989,12 +989,16 @@ const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
 
     switch (cipher->cipherSuite) {
 #if !defined(NO_AES) && defined(HAVE_AESGCM)
+    #ifdef WOLFSSL_AES_128
         case TLS_AES_128_GCM_SHA256:
             evp_cipher = wolfSSL_EVP_aes_128_gcm();
             break;
+    #endif
+    #ifdef WOLFSSL_AES_256
         case TLS_AES_256_GCM_SHA384:
             evp_cipher = wolfSSL_EVP_aes_256_gcm();
             break;
+    #endif
 #endif
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
         case TLS_CHACHA20_POLY1305_SHA256:
diff --git a/src/ssl_crypto.c b/src/ssl_crypto.c
index 474430449..de34cee1e 100644
--- a/src/ssl_crypto.c
+++ b/src/ssl_crypto.c
@@ -2149,8 +2149,17 @@ int wolfSSL_CMAC_Init(WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keySz,
         ret = 0;
     }
     /* Only AES-CBC ciphers are supported. */
-    if ((ret == 1) && (cipher != EVP_AES_128_CBC) &&
-            (cipher != EVP_AES_192_CBC) && (cipher != EVP_AES_256_CBC)) {
+    if ((ret == 1)
+    #ifdef WOLFSSL_AES_128
+        && (cipher != EVP_AES_128_CBC)
+    #endif
+    #ifdef WOLFSSL_AES_192
+        && (cipher != EVP_AES_192_CBC)
+    #endif
+    #ifdef WOLFSSL_AES_256
+        && (cipher != EVP_AES_256_CBC)
+    #endif
+    ) {
         WOLFSSL_MSG("wolfSSL_CMAC_Init: requested cipher is unsupported");
         ret = 0;
     }
diff --git a/tests/api.c b/tests/api.c
index 17f5c68d7..4215d62c5 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -7400,7 +7400,7 @@ static int test_wolfSSL_EVP_CIPHER_CTX(void)
 
 /* TODO: Expand and enable this when EVP_chacha20_poly1305 is supported */
 #if defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \
-    defined(HAVE_AES_CBC)
+    defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
 
     typedef struct openssl_key_ctx {
         byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */
@@ -7644,7 +7644,7 @@ int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
     if (!ctx->s_cb.ticNoInit && (ctx->s_ctx != NULL)) {
 #if defined(HAVE_SESSION_TICKET) && \
     ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
-#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
+#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
         OpenSSLTicketInit();
         wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx->s_ctx, myTicketEncCbOpenSSL);
 #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
@@ -7898,7 +7898,7 @@ void test_ssl_memio_cleanup(test_ssl_memio_ctx* ctx)
     if (!ctx->s_cb.ticNoInit) {
 #if defined(HAVE_SESSION_TICKET) && \
     ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
-#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
+#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
         OpenSSLTicketCleanup();
 #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
         TicketCleanup();
@@ -8141,7 +8141,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
     if (cbf == NULL || !cbf->ticNoInit) {
 #if defined(HAVE_SESSION_TICKET) && \
     ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
-#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
+#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
         OpenSSLTicketInit();
         wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbOpenSSL);
 #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
@@ -8388,7 +8388,7 @@ done:
     if (cbf == NULL || !cbf->ticNoInit) {
 #if defined(HAVE_SESSION_TICKET) && \
     ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
-#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
+#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
         OpenSSLTicketCleanup();
 #elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
         TicketCleanup();
@@ -13134,7 +13134,8 @@ static int test_wolfSSL_PKCS12(void)
 #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
     !defined(NO_STDIO_FILESYSTEM) && !defined(NO_TLS) && \
     !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \
-    !defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO)
+    !defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO) && \
+    defined(WOLFSSL_AES_256)
     byte buf[6000];
     char file[] = "./certs/test-servercert.p12";
     char order[] = "./certs/ecc-rsa-server.p12";
@@ -13838,6 +13839,7 @@ static int test_wolfSSL_PKCS8_ED25519(void)
 {
     EXPECT_DECLS;
 #if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
+    defined(WOLFSSL_AES_256) && \
     defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED25519) && \
     defined(HAVE_ED25519_KEY_IMPORT)
     const byte encPrivKey[] = \
@@ -13878,6 +13880,7 @@ static int test_wolfSSL_PKCS8_ED448(void)
 {
     EXPECT_DECLS;
 #if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
+    defined(WOLFSSL_AES_256) && \
     defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED448) && \
     defined(HAVE_ED448_KEY_IMPORT)
     const byte encPrivKey[] = \
@@ -17109,7 +17112,7 @@ static int test_wc_PKCS7_VerifySignedData_ECC(void)
 
 
 #if defined(HAVE_PKCS7) && !defined(NO_AES) && defined(HAVE_AES_CBC) && \
-    !defined(NO_AES_256)
+    defined(WOLFSSL_AES_256)
 static const byte defKey[] = {
     0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
     0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
@@ -17207,7 +17210,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
             return BAD_KEYWRAP_ALG_E;
     };
 }
-#endif /* HAVE_PKCS7 && !NO_AES && HAVE_AES_CBC && !NO_AES_256 */
+#endif /* HAVE_PKCS7 && !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_256 */
 
 
 #if defined(HAVE_PKCS7) && defined(ASN_BER_TO_DER)
@@ -17465,15 +17468,15 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
             rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
     #endif /* NO_DES3 */
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-        #ifndef NO_AES_128
+        #ifdef WOLFSSL_AES_128
         {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb,
             0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
         #endif
-        #ifndef NO_AES_192
+        #ifdef WOLFSSL_AES_192
         {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES192CBCb,
             0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
         #endif
-        #ifndef NO_AES_256
+        #ifdef WOLFSSL_AES_256
         {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
             0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
         #endif
@@ -17482,17 +17485,17 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
 #endif /* NO_RSA */
 #if defined(HAVE_ECC)
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-        #if !defined(NO_SHA) && !defined(NO_AES_128)
+        #if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
             {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
                 AES128CBCb, AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme,
                 eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
         #endif
-        #if !defined(NO_SHA256) && !defined(NO_AES_256)
+        #if !defined(NO_SHA256) && defined(WOLFSSL_AES_256)
             {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
                 AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme,
                 eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
         #endif
-        #if defined(WOLFSSL_SHA512) && !defined(NO_AES_256)
+        #if defined(WOLFSSL_SHA512) && defined(WOLFSSL_AES_256)
             {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
                 AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme,
                 eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
@@ -17715,7 +17718,7 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
     wc_PKCS7_Free(pkcs7);
     pkcs7 = NULL;
 
-#if !defined(NO_AES) && defined(HAVE_AES_CBC) && !defined(NO_AES_256)
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
     /* test of decrypt callback with KEKRI enveloped data */
     {
         int envelopedSz = 0;
@@ -17746,7 +17749,7 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
         wc_PKCS7_Free(pkcs7);
         pkcs7 = NULL;
     }
-#endif /* !NO_AES && !NO_AES_256 */
+#endif /* !NO_AES && WOLFSSL_AES_256 */
 
 #ifndef NO_RSA
     XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -17833,20 +17836,20 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
         };
     #endif
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-        #ifndef NO_AES_128
+        #ifdef WOLFSSL_AES_128
         byte aes128Key[] = {
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
         };
         #endif
-        #ifndef NO_AES_192
+        #ifdef WOLFSSL_AES_192
         byte aes192Key[] = {
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
         };
         #endif
-        #ifndef NO_AES_256
+        #ifdef WOLFSSL_AES_256
         byte aes256Key[] = {
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
             0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
@@ -17863,17 +17866,17 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
         {data, (word32)sizeof(data), DATA, DESb, desKey, sizeof(desKey)},
     #endif /* !NO_DES3 */
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-        #ifndef NO_AES_128
+        #ifdef WOLFSSL_AES_128
         {data, (word32)sizeof(data), DATA, AES128CBCb, aes128Key,
          sizeof(aes128Key)},
         #endif
 
-        #ifndef NO_AES_192
+        #ifdef WOLFSSL_AES_192
         {data, (word32)sizeof(data), DATA, AES192CBCb, aes192Key,
          sizeof(aes192Key)},
         #endif
 
-        #ifndef NO_AES_256
+        #ifdef WOLFSSL_AES_256
         {data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key,
          sizeof(aes256Key)},
         #endif
@@ -18375,7 +18378,7 @@ static int test_wc_PKCS7_signed_enveloped(void)
 {
     EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_RSA) && !defined(NO_AES) && \
-    !defined(NO_FILESYSTEM)
+    defined(WOLFSSL_AES_256) && !defined(NO_FILESYSTEM)
     XFILE  f = XBADFILE;
     PKCS7* pkcs7 = NULL;
 #ifdef HAVE_AES_CBC
@@ -18437,7 +18440,7 @@ static int test_wc_PKCS7_signed_enveloped(void)
     pkcs7 = NULL;
     DoExpectIntEQ(wc_FreeRng(&rng), 0);
 
-#ifdef HAVE_AES_CBC
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
     /* create envelope */
     ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
     ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz), 0);
@@ -33026,7 +33029,7 @@ static int test_wolfSSL_PKCS8_d2i(void)
     }
 #if defined(OPENSSL_ALL) && \
     !defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) && \
-    defined(HAVE_AES_CBC)
+    defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
     ExpectNotNull(bio = BIO_new(BIO_s_mem()));
     /* Write PKCS#8 PEM to BIO. */
     ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
@@ -33039,18 +33042,26 @@ static int test_wolfSSL_PKCS8_d2i(void)
     BIO_free(bio);
     bio = NULL;
     ExpectNotNull(bio = BIO_new(BIO_s_mem()));
-    /* Write Encrypted PKCS#8 PEM to BIO. */
+    /* Write Encrypted PKCS#8 PEM to BIO (test write 0 then 379) */
     bytes = 379;
     ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_aes_256_cbc(),
         NULL, 0, NoPasswordCallBack, (void*)"yassl123"), 0);
     ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_aes_256_cbc(),
         NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
+
+    /* invalid cases to stderr */
+    #ifdef WOLFSSL_AES_128
     ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_128_cbc(),
         NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
     ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_128_cbc(),
         (char*)"yassl123", 8, PasswordCallBack, NULL), bytes);
+    #endif
     ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_256_cbc(),
         NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
+    ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_256_cbc(),
+        (char*)"yassl123", 8, PasswordCallBack, NULL), bytes);
+
+    /* read/decode private key with password */
     ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, PasswordCallBack,
         (void*)"yassl123"));
     EVP_PKEY_free(evpPkey);
@@ -34570,6 +34581,7 @@ static int test_wolfSSL_CMAC(void)
     ExpectNotNull(cmacCtx = CMAC_CTX_new());
     ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
     ExpectIntEQ(CMAC_Init(NULL, NULL, 0, NULL, NULL), 0);
+    #ifdef WOLFSSL_AES_192
     ExpectIntEQ(CMAC_Init(NULL, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
         NULL), 0);
     ExpectIntEQ(CMAC_Init(cmacCtx, NULL, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
@@ -34578,6 +34590,7 @@ static int test_wolfSSL_CMAC(void)
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_192_cbc(),
         NULL), 0);
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, NULL, NULL), 0);
+    #endif
     #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
     /* Only AES-CBC supported. */
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_gcm(),
@@ -34593,6 +34606,7 @@ static int test_wolfSSL_CMAC(void)
     CMAC_CTX_free(cmacCtx);
 
     /* Test AES-256-CBC */
+#ifdef WOLFSSL_AES_256
     cmacCtx = NULL;
     ExpectNotNull(cmacCtx = CMAC_CTX_new());
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_256_KEY_SIZE, EVP_aes_256_cbc(),
@@ -34600,8 +34614,10 @@ static int test_wolfSSL_CMAC(void)
     ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
     ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
     CMAC_CTX_free(cmacCtx);
+#endif
 
     /* Test AES-192-CBC */
+#ifdef WOLFSSL_AES_192
     cmacCtx = NULL;
     ExpectNotNull(cmacCtx = CMAC_CTX_new());
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
@@ -34609,6 +34625,7 @@ static int test_wolfSSL_CMAC(void)
     ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
     ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
     CMAC_CTX_free(cmacCtx);
+#endif
 
     cmacCtx = NULL;
     ExpectNotNull(cmacCtx = CMAC_CTX_new());
@@ -34897,8 +34914,8 @@ static int test_wolfSSL_DES_ede3_cbc_encrypt(void)
 static int test_wolfSSL_AES_encrypt(void)
 {
     EXPECT_DECLS;
-#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
-        && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) && \
+    defined(WOLFSSL_AES_256) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
     AES_KEY enc;
     AES_KEY dec;
     const byte msg[] = {
@@ -34948,8 +34965,8 @@ static int test_wolfSSL_AES_encrypt(void)
 static int test_wolfSSL_AES_ecb_encrypt(void)
 {
     EXPECT_DECLS;
-#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
-        && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) && \
+    defined(WOLFSSL_AES_256) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
     AES_KEY aes;
     const byte msg[] =
     {
@@ -35262,14 +35279,12 @@ static int test_wolfSSL_AES_cfb128_encrypt(void)
         0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
     };
     const byte exp[] = {
-        0x16, 0xc9, 0x90, 0x6c, 0x04, 0x0c, 0xd1, 0x2f,
-        0x84, 0x7b, 0x18, 0xed, 0xed, 0x6a, 0xb5, 0xfd
+        0x2c, 0x4e, 0xc4, 0x58, 0x4b, 0xf3, 0xb3, 0xad,
+        0xd0, 0xe6, 0xf1, 0x80, 0x43, 0x59, 0x54, 0x6b
     };
     const byte key[] = {
         0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
-        0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
-        0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
-        0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+        0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81
     };
     const byte ivData[] = {
         0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
@@ -35653,7 +35668,7 @@ static int test_wolfSSL_OBJ(void)
         int boolRet;
         EVP_PKEY *pkey = NULL;
         const char *p12_f[] = {
-            #if !defined(NO_DES3) && !defined(NO_RSA)
+            #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && !defined(NO_RSA)
             "./certs/test-servercert.p12",
             #endif
             NULL};
@@ -41454,19 +41469,25 @@ static int test_wolfSSL_EVP_CIPHER_CTX_key_length(void)
     int i;
     int nids[] = {
     #ifdef HAVE_AES_CBC
-         NID_aes_128_cbc,
-         NID_aes_256_cbc,
+        NID_aes_128_cbc,
+        #ifdef WOLFSSL_AES_256
+        NID_aes_256_cbc,
+        #endif
     #endif
     #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
         (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
     #ifdef HAVE_AESGCM
-         NID_aes_128_gcm,
-         NID_aes_256_gcm,
+        NID_aes_128_gcm,
+        #ifdef WOLFSSL_AES_256
+        NID_aes_256_gcm,
+        #endif
     #endif
     #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
     #ifdef WOLFSSL_AES_COUNTER
-         NID_aes_128_ctr,
-         NID_aes_256_ctr,
+        NID_aes_128_ctr,
+        #ifdef WOLFSSL_AES_256
+        NID_aes_256_ctr,
+        #endif
     #endif
     #ifndef NO_DES3
          NID_des_cbc,
@@ -41476,18 +41497,24 @@ static int test_wolfSSL_EVP_CIPHER_CTX_key_length(void)
     int key_lengths[] = {
     #ifdef HAVE_AES_CBC
         AES_128_KEY_SIZE,
+        #ifdef WOLFSSL_AES_256
         AES_256_KEY_SIZE,
+        #endif
     #endif
     #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
         (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
     #ifdef HAVE_AESGCM
         AES_128_KEY_SIZE,
+        #ifdef WOLFSSL_AES_256
         AES_256_KEY_SIZE,
+        #endif
     #endif
     #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
     #ifdef WOLFSSL_AES_COUNTER
         AES_128_KEY_SIZE,
+        #ifdef WOLFSSL_AES_256
         AES_256_KEY_SIZE,
+        #endif
     #endif
     #ifndef NO_DES3
          DES_KEY_SIZE,
@@ -41613,7 +41640,7 @@ static int test_wolfSSL_EVP_md4(void)
 static int test_wolfSSL_EVP_aes_256_gcm(void)
 {
     EXPECT_DECLS;
-#ifdef HAVE_AESGCM
+#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
     ExpectNotNull(wolfSSL_EVP_aes_256_gcm());
 #endif
     return EXPECT_RESULT();
@@ -41622,7 +41649,7 @@ static int test_wolfSSL_EVP_aes_256_gcm(void)
 static int test_wolfSSL_EVP_aes_192_gcm(void)
 {
     EXPECT_DECLS;
-#ifdef HAVE_AESGCM
+#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_192)
     ExpectNotNull(wolfSSL_EVP_aes_192_gcm());
 #endif
     return EXPECT_RESULT();
@@ -41631,7 +41658,7 @@ static int test_wolfSSL_EVP_aes_192_gcm(void)
 static int test_wolfSSL_EVP_aes_256_ccm(void)
 {
     EXPECT_DECLS;
-#ifdef HAVE_AESCCM
+#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_256)
     ExpectNotNull(wolfSSL_EVP_aes_256_ccm());
 #endif
     return EXPECT_RESULT();
@@ -41640,7 +41667,7 @@ static int test_wolfSSL_EVP_aes_256_ccm(void)
 static int test_wolfSSL_EVP_aes_192_ccm(void)
 {
     EXPECT_DECLS;
-#ifdef HAVE_AESCCM
+#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_192)
     ExpectNotNull(wolfSSL_EVP_aes_192_ccm());
 #endif
     return EXPECT_RESULT();
@@ -41649,7 +41676,7 @@ static int test_wolfSSL_EVP_aes_192_ccm(void)
 static int test_wolfSSL_EVP_aes_128_ccm(void)
 {
     EXPECT_DECLS;
-#ifdef HAVE_AESCCM
+#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
     ExpectNotNull(wolfSSL_EVP_aes_128_ccm());
 #endif
     return EXPECT_RESULT();
@@ -42198,7 +42225,7 @@ static int test_evp_cipher_aes_gcm(void)
     EXPECT_DECLS;
 #if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && \
     !defined(HAVE_SELFTEST)) || (defined(HAVE_FIPS_VERSION) && \
-    (HAVE_FIPS_VERSION >= 2)))
+    (HAVE_FIPS_VERSION >= 2))) && defined(WOLFSSL_AES_256)
     /*
      * This test checks data at various points in the encrypt/decrypt process
      * against known values produced using the same test with OpenSSL. This
@@ -49682,7 +49709,7 @@ static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
 {
     EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
-    !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
+    !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) && defined(WOLFSSL_AES_256)
     /* Zero length plain text */
     byte key[] = {
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -50035,7 +50062,7 @@ static int test_wolfssl_EVP_aes_ccm_zeroLen(void)
 {
     EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
-    !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
+    !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) && defined(WOLFSSL_AES_256)
     /* Zero length plain text */
     byte key[] = {
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -61694,7 +61721,7 @@ static int test_extra_alerts_wrong_cs(void)
 #endif
 
 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) &&   \
-    defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
+    defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_AES_256)
 
 #define TEST_CS_DOWNGRADE_CLIENT "ECDHE-RSA-AES256-GCM-SHA384"
 
@@ -64988,7 +65015,8 @@ static int test_dtls13_frag_ch_pq(void)
 }
 
 #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
-    && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
+    && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG) && \
+    defined(WOLFSSL_AES_256)
 static int test_dtls_frag_ch_count_records(byte* b, int len)
 {
     DtlsRecordLayerHeader* dtlsRH;
@@ -65011,7 +65039,8 @@ static int test_dtls_frag_ch(void)
 {
     EXPECT_DECLS;
 #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
-    && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
+    && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG) && \
+    defined(WOLFSSL_AES_256)
     WOLFSSL_CTX *ctx_c = NULL;
     WOLFSSL_CTX *ctx_s = NULL;
     WOLFSSL *ssl_c = NULL;
@@ -66758,7 +66787,7 @@ TEST_CASE testCases[] = {
 
     /* AES cipher and GMAC. */
     TEST_AES_DECLS,
-#if defined(WOLFSSL_AES_EAX) && \
+#if defined(WOLFSSL_AES_EAX) && defined(WOLFSSL_AES_256) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
     TEST_AES_EAX_DECLS,
 #endif /* WOLFSSL_AES_EAX */
diff --git a/tests/api/test_aes.c b/tests/api/test_aes.c
index 173b59167..4af2ed9a7 100644
--- a/tests/api/test_aes.c
+++ b/tests/api/test_aes.c
@@ -756,7 +756,8 @@ int test_wc_AesGcmMixedEncDecLongIV(void)
     EXPECT_DECLS;
 #if  (!defined(HAVE_FIPS) || \
       (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
-     !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)
+     !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) && \
+     defined(WOLFSSL_AESGCM_STREAM)
     const byte key[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
@@ -1419,7 +1420,7 @@ int test_wc_AesCcmEncryptDecrypt(void)
     return EXPECT_RESULT();
 } /* END test_wc_AesCcmEncryptDecrypt */
 
-#if defined(WOLFSSL_AES_EAX) && \
+#if defined(WOLFSSL_AES_EAX) && defined(WOLFSSL_AES_256) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
 
 /*******************************************************************************
diff --git a/tests/api/test_aes.h b/tests/api/test_aes.h
index 22b24732a..185617ae5 100644
--- a/tests/api/test_aes.h
+++ b/tests/api/test_aes.h
@@ -35,7 +35,7 @@ int test_wc_AesGcmMixedEncDecLongIV(void);
 int test_wc_AesGcmStream(void);
 int test_wc_AesCcmSetKey(void);
 int test_wc_AesCcmEncryptDecrypt(void);
-#if defined(WOLFSSL_AES_EAX) && \
+#if defined(WOLFSSL_AES_EAX) && defined(WOLFSSL_AES_256) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
 int test_wc_AesEaxVectors(void);
 int test_wc_AesEaxEncryptAuth(void);
@@ -58,7 +58,7 @@ int test_wc_GmacUpdate(void);
     TEST_DECL_GROUP("aes", test_wc_AesCcmSetKey),               \
     TEST_DECL_GROUP("aes", test_wc_AesCcmEncryptDecrypt)
 
-#if defined(WOLFSSL_AES_EAX) && \
+#if defined(WOLFSSL_AES_EAX) && defined(WOLFSSL_AES_256) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
 #define TEST_AES_EAX_DECLS                                  \
     TEST_DECL_GROUP("aes-eax", test_wc_AesEaxVectors),      \
diff --git a/tests/api/test_dtls.c b/tests/api/test_dtls.c
index 85d30da22..b4fd570da 100644
--- a/tests/api/test_dtls.c
+++ b/tests/api/test_dtls.c
@@ -67,7 +67,9 @@ int test_dtls12_basic_connection_id(void)
 #endif
 #ifndef NO_PSK
         "DHE-PSK-AES128-CBC-SHA256",
+    #ifdef WOQLFSSL_AES_256
         "DHE-PSK-AES256-GCM-SHA384",
+    #endif
 #ifdef HAVE_NULL_CIPHER
         "DHE-PSK-NULL-SHA256",
 #endif
diff --git a/tests/suites.c b/tests/suites.c
index 60b89e335..25be0995e 100644
--- a/tests/suites.c
+++ b/tests/suites.c
@@ -1208,7 +1208,7 @@ int SuiteTest(int argc, char** argv)
     }
     XSTRLCPY(argv0[2], "", sizeof(argv0[2]));
 #endif
-#ifdef WOLFSSL_EXTRA_ALERTS
+#if defined(WOLFSSL_EXTRA_ALERTS) && defined(WOLFSSL_AES_256)
     /* failure tests */
     args.argc = 3;
     XSTRLCPY(argv0[1], "tests/test-dtls-fails-cipher.conf", sizeof(argv0[1]));
diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
index a8545ba0a..b7394e320 100644
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -13106,11 +13106,9 @@ int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output,
 #ifdef HAVE_AESGCM
     #ifdef WOLFSSL_AES_128
         case AES128GCMb:
-            FALL_THROUGH;
     #endif
     #ifdef WOLFSSL_AES_192
         case AES192GCMb:
-            FALL_THROUGH;
     #endif
     #ifdef WOLFSSL_AES_256
         case AES256GCMb:
@@ -13125,11 +13123,9 @@ int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output,
 #ifdef HAVE_AESCCM
     #ifdef WOLFSSL_AES_128
         case AES128CCMb:
-            FALL_THROUGH;
     #endif
     #ifdef WOLFSSL_AES_192
         case AES192CCMb:
-            FALL_THROUGH;
     #endif
     #ifdef WOLFSSL_AES_256
         case AES256CCMb:
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index 452dd4509..e046c83fd 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -620,7 +620,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sshkdf_test(void);
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  tls13_kdf_test(void);
 #endif
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  x963kdf_test(void);
-#if defined(HAVE_HPKE) && defined(HAVE_ECC) && defined(HAVE_AESGCM)
+#if defined(HAVE_HPKE) && defined(HAVE_ECC) && defined(HAVE_AESGCM) && \
+    defined(WOLFSSL_AES_256)
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hpke_test(void);
 #endif
 #ifdef WC_SRTP_KDF
@@ -1934,7 +1935,8 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         TEST_PASS("X963-KDF    test passed!\n");
 #endif
 
-#if defined(HAVE_HPKE) && defined(HAVE_ECC) && defined(HAVE_AESGCM)
+#if defined(HAVE_HPKE) && defined(HAVE_ECC) && defined(HAVE_AESGCM) && \
+    defined(WOLFSSL_AES_256)
     PRIVATE_KEY_UNLOCK();
     if ( (ret = hpke_test()) != 0)
         TEST_FAIL("HPKE     test failed!\n", ret);
@@ -10135,6 +10137,7 @@ EVP_TEST_END:
         if (XMEMCMP(plain + 6, plain1 + 6, WC_AES_BLOCK_SIZE))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     #endif /* HAVE_AES_DECRYPT */
+#endif /* WOLFSSL_AES_256 */
 
     out:
 
@@ -10151,7 +10154,6 @@ EVP_TEST_END:
         wc_AesFree(dec);
     #endif
     #endif
-#endif /* WOLFSSL_AES_256 */
 
         return ret;
     }
@@ -14158,10 +14160,14 @@ static wc_test_ret_t aes_ecb_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
     /* keys padded to block size (16 bytes) */
     WOLFSSL_SMALL_STACK_STATIC const byte key_128[] =
         "0123456789abcdef   ";
+#ifdef WOLFSSL_AES_192
     WOLFSSL_SMALL_STACK_STATIC const byte key_192[] =
         "0123456789abcdef01234567   ";
+#endif
+#ifdef WOLFSSL_AES_256
     WOLFSSL_SMALL_STACK_STATIC const byte key_256[] =
         "0123456789abcdef0123456789abcdef   ";
+#endif
     WOLFSSL_SMALL_STACK_STATIC const byte iv[]  = "1234567890abcdef   ";
     WOLFSSL_SMALL_STACK_STATIC const byte msg[] = {
         0x6e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
@@ -14171,15 +14177,17 @@ static wc_test_ret_t aes_ecb_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
         0xd0, 0xc9, 0xd9, 0xc9, 0x40, 0xe8, 0x97, 0xb6,
         0xc8, 0x8c, 0x33, 0x3b, 0xb5, 0x8f, 0x85, 0xd1
     };
+#ifdef WOLFSSL_AES_192
     WOLFSSL_SMALL_STACK_STATIC const byte verify_ecb_192[WC_AES_BLOCK_SIZE] = {
         0x06, 0x57, 0xee, 0x78, 0x3f, 0x96, 0x00, 0xb1,
         0xec, 0x76, 0x94, 0x30, 0x29, 0xbe, 0x15, 0xab
     };
+#endif
+#ifdef WOLFSSL_AES_256
     WOLFSSL_SMALL_STACK_STATIC const byte verify_ecb_256[WC_AES_BLOCK_SIZE] = {
         0xcd, 0xf2, 0x81, 0x3e, 0x73, 0x3e, 0xf7, 0x33,
         0x3d, 0x18, 0xfd, 0x41, 0x85, 0x37, 0x04, 0x82
     };
-
     WOLFSSL_SMALL_STACK_STATIC const byte niKey[] = {
         0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
         0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
@@ -14194,6 +14202,7 @@ static wc_test_ret_t aes_ecb_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
         0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
         0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
     };
+#endif
 
     int i;
     struct {
@@ -14204,9 +14213,13 @@ static wc_test_ret_t aes_ecb_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
         const byte* verify;
     } testVec[] = {
         { key_128, 16, iv,   msg,     verify_ecb_128 },
+#ifdef WOLFSSL_AES_192
         { key_192, 24, iv,   msg,     verify_ecb_192 },
+#endif
+#ifdef WOLFSSL_AES_256
         { key_256, 32, iv,   msg,     verify_ecb_256 },
         { niKey,   32, NULL, niPlain, niCipher }
+#endif
     };
     #define AES_ECB_TEST_LEN (int)(sizeof(testVec) / sizeof(*testVec))
 
@@ -14440,7 +14453,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void)
     }
 #endif /* WOLFSSL_AES_128 */
 
-#if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT)
+#if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT) && \
+    defined(WOLFSSL_AES_256)
     {
         WOLFSSL_SMALL_STACK_STATIC const byte bigMsg[] = {
             /* "All work and no play makes Jack a dull boy. " */
@@ -14621,7 +14635,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void)
         if (ret != 0)
             goto out;
     }
-#endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */
+#endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT && WOLFSSL_AES_256 */
 
     /* Test of AES IV state with encrypt/decrypt */
 #if defined(WOLFSSL_AES_128) && !defined(HAVE_RENESAS_SYNC)
@@ -28776,7 +28790,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t x963kdf_test(void)
 
 #if defined(HAVE_HPKE) && \
     (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) && \
-    defined(HAVE_AESGCM)
+    defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
 
 static wc_test_ret_t hpke_test_single(Hpke* hpke)
 {
@@ -29091,7 +29105,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void)
 
     return ret;
 }
-#endif /* HAVE_HPKE && HAVE_ECC && HAVE_AESGCM */
+#endif /* HAVE_HPKE && HAVE_ECC && HAVE_AESGCM && WOLFSSL_AES_256 */
 
 #if defined(WC_SRTP_KDF)
 typedef struct Srtp_Kdf_Tv {
@@ -52174,7 +52188,7 @@ static wc_test_ret_t pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
         #endif
 #endif
 
-#if !defined(NO_AES) && defined(HAVE_AES_CBC) && !defined(NO_AES_128)
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
         /* ori (OtherRecipientInfo) recipient types */
         ADD_PKCS7ENVELOPEDVECTOR(
          data, (word32)sizeof(data), DATA, AES128CBCb, 0, 0, NULL, 0, NULL, 0,
@@ -53249,7 +53263,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void)
 
 #endif /* HAVE_AESGCM || HAVE_AESCCM */
 
-#if !defined(NO_AES) && defined(HAVE_AES_CBC)
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
 static const byte p7DefKey[] = {
     0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
     0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
@@ -53681,7 +53695,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 cert
 
     return ret;
 }
-#endif /* !NO_AES && HAVE_AES_CBC */
+#endif /* !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_256 */
 
 #ifndef NO_PKCS7_ENCRYPTED_DATA
 
@@ -55284,7 +55298,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void)
                             eccClientCertBuf, (word32)eccClientCertBufSz,
                             eccClientPrivKeyBuf, (word32)eccClientPrivKeyBufSz);
 
-#if !defined(NO_RSA) && !defined(NO_AES) && defined(HAVE_AES_CBC)
+#if !defined(NO_RSA) && !defined(NO_AES) && defined(HAVE_AES_CBC) && \
+    defined(WOLFSSL_AES_256)
     if (ret >= 0)
         ret = pkcs7callback_test(
                             rsaClientCertBuf, (word32)rsaClientCertBufSz,
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index 9cdbdb697..a87fab2ec 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -532,12 +532,13 @@
     #endif
 
     #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
-        !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
-        #ifdef HAVE_AES_CBC
+        !defined(NO_AES)
+        #if !defined(NO_SHA) && defined(HAVE_AES_CBC) && \
+                defined(WOLFSSL_AES_128)
             #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
         #endif
-
-        #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
+        #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) && \
+                defined(WOLFSSL_AES_256)
             #define BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
         #endif
     #endif

From 751dcdf3df8aa3affd75edcf3ce270dbf6654946 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 5 May 2025 13:22:06 -0700
Subject: [PATCH 3/5] Improve the hash wait logic by separating the data input
 ready from the digest calculation complete.

---
 wolfcrypt/src/port/st/stm32.c | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/wolfcrypt/src/port/st/stm32.c b/wolfcrypt/src/port/st/stm32.c
index 98f46f4ce..84d2143f3 100644
--- a/wolfcrypt/src/port/st/stm32.c
+++ b/wolfcrypt/src/port/st/stm32.c
@@ -252,16 +252,37 @@ static void wc_Stm32_Hash_GetDigest(byte* hash, int digestSize)
 #endif
 }
 
-static int wc_Stm32_Hash_WaitDone(STM32_HASH_Context* stmCtx)
+static int wc_Stm32_Hash_WaitDataReady(STM32_HASH_Context* stmCtx)
 {
     int timeout = 0;
     (void)stmCtx;
 
-    /* wait until not busy and hash digest / input block are complete */
-    while (((HASH->SR & HASH_SR_BUSY)
+    /* wait until not busy and data input buffer ready */
+    while ((HASH->SR & HASH_SR_BUSY)
         #ifdef HASH_IMR_DCIE
-            || (HASH->SR & HASH_SR_DCIS) == 0
+            && (HASH->SR & HASH_SR_DCIS) == 0
         #endif
+        && ++timeout < STM32_HASH_TIMEOUT) {
+    };
+
+#ifdef DEBUG_STM32_HASH
+    printf("STM Wait Data %d, HASH->SR %lx\n", timeout, HASH->SR);
+#endif
+
+    /* verify timeout did not occur */
+    if (timeout >= STM32_HASH_TIMEOUT) {
+        return WC_TIMEOUT_E;
+    }
+    return 0;
+}
+
+static int wc_Stm32_Hash_WaitCalcComp(STM32_HASH_Context* stmCtx)
+{
+    int timeout = 0;
+    (void)stmCtx;
+
+    /* wait until not busy and hash digest calculation complete */
+    while (((HASH->SR & HASH_SR_BUSY)
         #ifdef HASH_IMR_DINIE
             || (HASH->SR & HASH_SR_DINIS) == 0
         #endif
@@ -269,7 +290,7 @@ static int wc_Stm32_Hash_WaitDone(STM32_HASH_Context* stmCtx)
     };
 
 #ifdef DEBUG_STM32_HASH
-    printf("STM Wait done %d, HASH->SR %lx\n", timeout, HASH->SR);
+    printf("STM Wait Calc %d, HASH->SR %lx\n", timeout, HASH->SR);
 #endif
 
     /* verify timeout did not occur */
@@ -364,7 +385,7 @@ int wc_Stm32_Hash_Update(STM32_HASH_Context* stmCtx, word32 algo,
 
     if (wroteToFifo) {
         /* make sure hash operation is done */
-        ret = wc_Stm32_Hash_WaitDone(stmCtx);
+        ret = wc_Stm32_Hash_WaitDataReady(stmCtx);
 
         /* save hash state for next operation */
         wc_Stm32_Hash_SaveContext(stmCtx);
@@ -405,7 +426,7 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
     HASH->STR |= HASH_STR_DCAL;
 
     /* wait for hash done */
-    ret = wc_Stm32_Hash_WaitDone(stmCtx);
+    ret = wc_Stm32_Hash_WaitCalcComp(stmCtx);
     if (ret == 0) {
         /* read message digest */
         wc_Stm32_Hash_GetDigest(hash, digestSize);

From 219902149e133d7d382c82b68e7687a60364dc36 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 5 May 2025 14:50:09 -0700
Subject: [PATCH 4/5] Fix issue with api.c `test_wolfSSL_OBJ` and
 `./certs/test-servercert.p12` that uses DES3 and AES-CBC-256.

---
 tests/api.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/tests/api.c b/tests/api.c
index 4215d62c5..c74987802 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -35668,10 +35668,12 @@ static int test_wolfSSL_OBJ(void)
         int boolRet;
         EVP_PKEY *pkey = NULL;
         const char *p12_f[] = {
-            #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && !defined(NO_RSA)
+            /* bundle uses AES-CBC 256 and PKCS7 key uses DES3 */
+        #if !defined(NO_DES3) && defined(WOLFSSL_AES_256) && !defined(NO_RSA)
             "./certs/test-servercert.p12",
-            #endif
-            NULL};
+        #endif
+            NULL
+        };
 
         for (i = 0; p12_f[i] != NULL; i++)
         {

From 25db14f50c474e068948d508428542112f7982c9 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Tue, 6 May 2025 10:42:09 -0700
Subject: [PATCH 5/5] Fix macro typo.

---
 tests/api/test_dtls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/api/test_dtls.c b/tests/api/test_dtls.c
index b4fd570da..69269eb3d 100644
--- a/tests/api/test_dtls.c
+++ b/tests/api/test_dtls.c
@@ -67,7 +67,7 @@ int test_dtls12_basic_connection_id(void)
 #endif
 #ifndef NO_PSK
         "DHE-PSK-AES128-CBC-SHA256",
-    #ifdef WOQLFSSL_AES_256
+    #ifdef WOLFSSL_AES_256
         "DHE-PSK-AES256-GCM-SHA384",
     #endif
 #ifdef HAVE_NULL_CIPHER