mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:00:49 +02:00
@@ -18,11 +18,11 @@ jobs:
|
||||
matrix:
|
||||
config: [
|
||||
# Add new configs here
|
||||
'--enable-asynccrypt --enable-all --enable-dtls13 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
|
||||
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-asynccrypt --enable-all --enable-dtls13 CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
|
||||
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-asynccrypt --enable-all --enable-dtls13 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
|
||||
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 --disable-mlkem CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-asynccrypt --enable-all --enable-dtls13 CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT"',
|
||||
'--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2 CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
]
|
||||
name: make check
|
||||
if: github.repository_owner == 'wolfssl'
|
||||
|
||||
@@ -14,7 +14,7 @@ concurrency:
|
||||
|
||||
jobs:
|
||||
my_matrix:
|
||||
name: Multi-arch test
|
||||
name: Multi-arch test (${{ matrix.ARCH }}, ${{ matrix.opts.name }})
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
@@ -37,7 +37,20 @@ jobs:
|
||||
CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
|
||||
ARCH: armel
|
||||
EXTRA_OPTS: --enable-sp-asm
|
||||
opts: [ '-O2', '-O3', '-O1 -UFP_ECC', '-O0', '-Os', '-Ofast' ]
|
||||
opts:
|
||||
- name: '-O2'
|
||||
OPT_CFLAGS: '-O2'
|
||||
- name: '-O2 sp-math'
|
||||
OPT_CFLAGS: '-O2'
|
||||
OPT_EXTRA_OPTS: '--enable-sp-math'
|
||||
- name: '-O1 -UFP_ECC'
|
||||
OPT_CFLAGS: '-O1 -UFP_ECC'
|
||||
- name: '-O0'
|
||||
OPT_CFLAGS: '-O0'
|
||||
- name: '-Os'
|
||||
OPT_CFLAGS: '-Os'
|
||||
- name: '-Ofast'
|
||||
OPT_CFLAGS: '-Ofast'
|
||||
if: github.repository_owner == 'wolfssl'
|
||||
runs-on: ubuntu-22.04
|
||||
# This should be a safe limit for the tests to run.
|
||||
@@ -48,12 +61,12 @@ jobs:
|
||||
sudo apt update
|
||||
sudo apt install -y crossbuild-essential-${{ matrix.ARCH }} qemu-user
|
||||
- uses: actions/checkout@v4
|
||||
- name: Build for ${{ matrix.ARCH }} with Opt Level ${{ matrix.opts }}
|
||||
- name: Build for ${{ matrix.ARCH }} with ${{ matrix.opts.name }}
|
||||
env:
|
||||
CC: ${{ matrix.CC }}
|
||||
CFLAGS: ${{ matrix.CFLAGS }} ${{ matrix.opts }}
|
||||
CFLAGS: ${{ matrix.CFLAGS }} ${{ matrix.opts.OPT_CFLAGS }}
|
||||
QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
|
||||
run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples CPPFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT" ${{ matrix.EXTRA_OPTS }} && make
|
||||
run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFCRYPT_TEST_LINT" ${{ matrix.EXTRA_OPTS }} ${{ matrix.opts.OPT_EXTRA_OPTS }} && make
|
||||
- name: Print errors
|
||||
if: ${{ failure() }}
|
||||
run: |
|
||||
|
||||
@@ -51,7 +51,7 @@ jobs:
|
||||
env:
|
||||
CC: ${{ matrix.CC }}
|
||||
CXX: ${{ matrix.CXX }}
|
||||
run: ./autogen.sh && ./configure CFLAGS="-pedantic -Wdeclaration-after-statement" && make && make dist
|
||||
run: ./autogen.sh && ./configure CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference" && make && make dist
|
||||
- name: Show log on errors
|
||||
if: ${{ failure() }}
|
||||
run: |
|
||||
|
||||
@@ -18,9 +18,9 @@ jobs:
|
||||
matrix:
|
||||
config: [
|
||||
# Add new configs here
|
||||
'--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC -DRSA_MIN_SIZE=1024 -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem --enable-staticmemory CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC -DRSA_MIN_SIZE=1024 -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-ecc --enable-rsa --enable-keygen --enable-ed25519 --enable-curve25519 --enable-ed448 --enable-curve448 --enable-mlkem --enable-staticmemory CFLAGS="-DWOLFSSL_NO_MALLOC -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
]
|
||||
name: make check
|
||||
if: github.repository_owner == 'wolfssl'
|
||||
|
||||
@@ -18,7 +18,7 @@ jobs:
|
||||
matrix:
|
||||
config: [
|
||||
# Add new configs here
|
||||
'--disable-tls --enable-all CFLAGS="-pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--disable-tls --enable-all CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
]
|
||||
name: make check
|
||||
if: github.repository_owner == 'wolfssl'
|
||||
|
||||
@@ -18,8 +18,8 @@ jobs:
|
||||
matrix:
|
||||
config: [
|
||||
# Add new configs here
|
||||
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -DTEST_OPENSSL_COEXIST -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"'
|
||||
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--verbose --enable-all --disable-all-osp --disable-opensslall --enable-opensslcoexist CPPFLAGS="-DNO_WOLFSSL_CIPHER_SUITE_TEST -pedantic -Wdeclaration-after-statement -Wnull-dereference -DTEST_OPENSSL_COEXIST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"'
|
||||
]
|
||||
name: make check
|
||||
if: github.repository_owner == 'wolfssl'
|
||||
|
||||
@@ -99,7 +99,7 @@ jobs:
|
||||
- name: Build and test wolfSSL
|
||||
uses: wolfSSL/actions-build-autotools-project@v1
|
||||
with:
|
||||
configure: CFLAGS="-pedantic -Wno-overlength-strings -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
|
||||
configure: CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -Wno-overlength-strings -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
|
||||
check: true
|
||||
|
||||
# Platform-agnostic configs: pure crypto algorithms, preprocessor guards,
|
||||
@@ -139,7 +139,7 @@ jobs:
|
||||
- name: Build and test wolfSSL
|
||||
uses: wolfSSL/actions-build-autotools-project@v1
|
||||
with:
|
||||
configure: CFLAGS="-pedantic -Wno-overlength-strings -Wdeclaration-after-statement -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
|
||||
configure: CFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -Wno-overlength-strings -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" ${{ matrix.config }}
|
||||
check: true
|
||||
|
||||
make_user_settings:
|
||||
|
||||
@@ -20,20 +20,21 @@ jobs:
|
||||
# Add new configs here
|
||||
'--disable-shared --enable-dilithium --enable-mlkem CFLAGS="-fsanitize=undefined -fno-sanitize-recover=undefined -fno-omit-frame-pointer" LDFLAGS="-fsanitize=undefined" CPPFLAGS="-DWOLFSSL_DILITHIUM_ALIGNMENT=4"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-mlkem=yes,kyber,ml-kem CPPFLAGS="-DWOLFSSL_ML_KEM_USE_OLD_IDS"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-tls-mlkem-standalone --enable-extra-pqc-hybrids --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
|
||||
'--enable-smallstack --enable-smallstackcache --enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-tls-mlkem-standalone --enable-extra-pqc-hybrids --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
|
||||
'--enable-intelasm --enable-sp-math --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --disable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-tls-mlkem-standalone --enable-extra-pqc-hybrids --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
|
||||
'--enable-smallstack --enable-smallstackcache --enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" CC=c++',
|
||||
'--disable-intelasm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
|
||||
'--disable-intelasm --enable-smallstack --enable-smallstackcache --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
|
||||
'--disable-intelasm --enable-all --disable-mlkem --enable-lms=yes,small,verify-only --enable-xmss=yes,small,verify-only --enable-slhdsa=yes,small,verify-only --enable-dilithium=yes,small,verify-only --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,512 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium=yes,no-ctx --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--disable-intelasm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
|
||||
'--disable-intelasm --enable-smallstack --enable-smallstackcache --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-slhdsa=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
|
||||
'--disable-intelasm --enable-all --disable-mlkem --enable-lms=yes,small,verify-only --enable-xmss=yes,small,verify-only --enable-slhdsa=yes,small,verify-only --enable-dilithium=yes,small,verify-only --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,512 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,768 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-mlkem=make,enc,dec,1024 --enable-tls-mlkem-standalone --disable-pqc-hybrids --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-slhdsa --enable-dilithium=yes,no-ctx --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -Wnull-dereference -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-mlkem=yes,kyber,ml-kem,cache-a CPPFLAGS="-DWOLFSSL_MLKEM_DYNAMIC_KEYS"',
|
||||
'--enable-intelasm --enable-sp-asm --enable-dilithium=yes CPPFLAGS="-DWOLFSSL_DILITHIUM_DYNAMIC_KEYS"',
|
||||
'--disable-intelasm --enable-dilithium=yes,small CPPFLAGS="-DWOLFSSL_DILITHIUM_DYNAMIC_KEYS"',
|
||||
|
||||
@@ -842,6 +842,7 @@ WOLFSSL_NO_KCAPI_HMAC_SHA384
|
||||
WOLFSSL_NO_KCAPI_HMAC_SHA512
|
||||
WOLFSSL_NO_KCAPI_SHA224
|
||||
WOLFSSL_NO_KTRI_ORACLE_WARNING
|
||||
WOLFSSL_NO_LMS_SHAKE256_256
|
||||
WOLFSSL_NO_OCSP_DATE_CHECK
|
||||
WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
|
||||
WOLFSSL_NO_OCSP_OPTIONAL_CERTS
|
||||
@@ -1145,4 +1146,3 @@ ssize_t
|
||||
sun
|
||||
versal
|
||||
wc_Tls13_HKDF_Expand_Label
|
||||
WOLFSSL_NO_LMS_SHAKE256_256
|
||||
|
||||
+19
-13
@@ -4509,7 +4509,6 @@ then
|
||||
then
|
||||
AC_MSG_NOTICE([MLKEM enabled (not explicitly disabled); overriding --disable-shake128 to enable SHAKE128])
|
||||
ENABLED_SHAKE128=yes
|
||||
enable_shake128=yes
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -4527,7 +4526,6 @@ then
|
||||
then
|
||||
AC_MSG_NOTICE([MLKEM enabled (not explicitly disabled); overriding --disable-shake256 to enable SHAKE256])
|
||||
ENABLED_SHAKE256=yes
|
||||
enable_shake256=yes
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -6350,14 +6348,14 @@ AS_CASE([$FIPS_VERSION],
|
||||
SLHDSA_PARAM_SHA2_256F="yes"])
|
||||
|
||||
# SHA-256 DRBG -- cannot be disabled at build time in FIPS mode
|
||||
AS_IF([test "$enable_sha256_drbg" = "no"],
|
||||
[AC_MSG_WARN([Can not disable SHA256-DRBG at build time in FIPS mode, disable at run-time with wc_Sha256Drbg_Disable() or wc_Sha256Drbg_Disable_fips()])])
|
||||
ENABLED_SHA256_DRBG="yes"
|
||||
AS_IF([test "$ENABLED_SHA256_DRBG" != "yes" &&
|
||||
test "$FIPS_VERSION" != "dev"],
|
||||
[AC_MSG_ERROR([Can not disable SHA256-DRBG at build time in FIPS mode. Disable at run-time with wc_Sha256Drbg_Disable() or wc_Sha256Drbg_Disable_fips()])])
|
||||
|
||||
# SHA-512 DRBG -- cannot be disabled at build time in FIPS mode
|
||||
AS_IF([test "$enable_sha512_drbg" = "no"],
|
||||
[AC_MSG_WARN([Can not disable SHA512-DRBG at build time in FIPS mode, disable it at run-time with wc_Sha512Drbg_Disable() or wc_Sha512Drbg_Disable_fips()])])
|
||||
ENABLED_SHA512_DRBG="yes"
|
||||
AS_IF([test "$ENABLED_SHA512_DRBG" != "yes" &&
|
||||
test "$FIPS_VERSION" != "dev"],
|
||||
[AC_MSG_ERROR([Can not disable SHA512-DRBG at build time in FIPS mode. Disable it at run-time with wc_Sha512Drbg_Disable() or wc_Sha512Drbg_Disable_fips()])])
|
||||
|
||||
# Old TLS requires MD5 + HMAC, which is not allowed under FIPS 140-3
|
||||
AS_IF([test "$ENABLED_OLD_TLS" != "no"],
|
||||
@@ -6480,7 +6478,8 @@ AS_CASE([$FIPS_VERSION],
|
||||
(test "$FIPS_VERSION" != "dev" || test "$enable_sha512" != "no")],
|
||||
[ENABLED_SHA512="yes"; AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"])
|
||||
|
||||
# SHA512-224 and SHA512-256 are needed for HashML-DSA (FIPS 204)
|
||||
# SHA512-224 and SHA512-256 are not in-boundary in FIPS v6.
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256"
|
||||
|
||||
# Shake128 because we're testing SHAKE256
|
||||
AS_IF([test "x$ENABLED_SHAKE128" = "xno" &&
|
||||
@@ -6673,6 +6672,14 @@ AS_CASE([$FIPS_VERSION],
|
||||
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_sha3" != "yes")],
|
||||
[enable_sha3="no"; ENABLED_SHA3="no"; AM_CFLAGS="$AM_CFLAGS -UWOLFSSL_SHA3"])
|
||||
|
||||
AS_IF([test "$ENABLED_SHAKE128" != "no" &&
|
||||
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_shake128" != "yes")],
|
||||
[enable_shake128="no"; ENABLED_SHAKE128="no"])
|
||||
|
||||
AS_IF([test "$ENABLED_SHAKE256" != "no" &&
|
||||
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_shake256" != "yes")],
|
||||
[enable_shake256="no"; ENABLED_SHAKE256="no"])
|
||||
|
||||
AS_IF([test "$ENABLED_SHA224" != "no" &&
|
||||
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_sha224" != "yes")],
|
||||
[enable_sha224="no"; ENABLED_SHA224="no"; AM_CFLAGS="$AM_CFLAGS -UWOLFSSL_SHA224"])
|
||||
@@ -6683,7 +6690,7 @@ AS_CASE([$FIPS_VERSION],
|
||||
|
||||
AS_IF([test "$ENABLED_SHA512" != "no" &&
|
||||
(test "$FIPS_VERSION" != "lean-aesgcm-dev" || test "$enable_sha512" != "yes")],
|
||||
[enable_sha512="no"; ENABLED_SHA512="no"; AM_CFLAGS="$AM_CFLAGS -UWOLFSSL_SHA512 -UWOLFSSL_SHA384"])
|
||||
[enable_sha512="no"; ENABLED_SHA512="no"; ENABLED_SHA512_DRBG="no"; AM_CFLAGS="$AM_CFLAGS -UWOLFSSL_SHA512 -UWOLFSSL_SHA384"])
|
||||
|
||||
# SHA512-224 and SHA512-256 are SHA-2 algorithms not in our FIPS algorithm list
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256"
|
||||
@@ -7045,14 +7052,12 @@ then
|
||||
then
|
||||
AC_MSG_WARN([MLKEM enabled (not explicitly disabled); overriding --disable-shake128 to enable SHAKE128])
|
||||
ENABLED_SHAKE128=yes
|
||||
enable_shake128=yes
|
||||
fi
|
||||
|
||||
if test "$ENABLED_SHAKE256" = "no"
|
||||
then
|
||||
AC_MSG_WARN([MLKEM enabled (not explicitly disabled); overriding --disable-shake256 to enable SHAKE256])
|
||||
ENABLED_SHAKE256=yes
|
||||
enable_shake256=yes
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -7813,7 +7818,8 @@ then
|
||||
fi
|
||||
|
||||
# FIPS override: Hash DRBG is mandatory
|
||||
if test "x$ENABLED_HASHDRBG" != "xyes" && test "x$ENABLED_FIPS" = "xyes" && test "x$ENABLED_KCAPI" = "xno"
|
||||
if test "$ENABLED_HASHDRBG" != "yes" && test "$ENABLED_FIPS" = "yes" &&
|
||||
test "$FIPS_VERSION" != "dev" && test "$ENABLED_KCAPI" = "no"
|
||||
then
|
||||
if test "$enable_hashdrbg" = "no"
|
||||
then
|
||||
|
||||
@@ -401,7 +401,9 @@ static int km_ecdsa_verify(struct akcipher_request *req)
|
||||
sig_len = req->src_len;
|
||||
hash_len = req->dst_len;
|
||||
|
||||
if (hash_len <= 0) {
|
||||
if ((hash_len > WC_MAX_DIGEST_SIZE) ||
|
||||
(hash_len < WC_MIN_DIGEST_SIZE))
|
||||
{
|
||||
err = -EINVAL;
|
||||
goto ecdsa_verify_end;
|
||||
}
|
||||
|
||||
@@ -1510,10 +1510,22 @@ static int wc_mix_pool_bytes(const void *buf, size_t len) {
|
||||
if (wc_rng_bank_checkout(ctx, &drbg, n, 0, WC_RNG_BANK_FLAG_NONE) != 0)
|
||||
continue;
|
||||
|
||||
for (i = 0, V_offset = 0; i < len; ++i) {
|
||||
((struct DRBG_internal *)WC_RNG_BANK_INST_TO_RNG(drbg)->drbg)->V[V_offset++] += ((byte *)buf)[i];
|
||||
if (V_offset == (int)sizeof ((struct DRBG_internal *)WC_RNG_BANK_INST_TO_RNG(drbg)->drbg)->V)
|
||||
V_offset = 0;
|
||||
#ifdef WOLFSSL_DRBG_SHA512
|
||||
if (WC_RNG_BANK_INST_TO_RNG(drbg)->drbgType == WC_DRBG_SHA512) {
|
||||
for (i = 0, V_offset = 0; i < len; ++i) {
|
||||
((struct DRBG_SHA512_internal *)WC_RNG_BANK_INST_TO_RNG(drbg)->drbg512)->V[V_offset++] += ((byte *)buf)[i];
|
||||
if (V_offset == (int)sizeof ((struct DRBG_SHA512_internal *)WC_RNG_BANK_INST_TO_RNG(drbg)->drbg512)->V)
|
||||
V_offset = 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* WOLFSSL_DRBG_SHA512 */
|
||||
{
|
||||
for (i = 0, V_offset = 0; i < len; ++i) {
|
||||
((struct DRBG_internal *)WC_RNG_BANK_INST_TO_RNG(drbg)->drbg)->V[V_offset++] += ((byte *)buf)[i];
|
||||
if (V_offset == (int)sizeof ((struct DRBG_internal *)WC_RNG_BANK_INST_TO_RNG(drbg)->drbg)->V)
|
||||
V_offset = 0;
|
||||
}
|
||||
}
|
||||
|
||||
wc_rng_bank_checkin(ctx, &drbg);
|
||||
|
||||
+7
-2
@@ -5685,9 +5685,14 @@ static int wolfssl_ctx_set_tmp_dh(WOLFSSL_CTX* ctx, unsigned char* p, int pSz,
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_SetTmpDH");
|
||||
|
||||
if ((ctx == NULL) || (p == NULL) || (g == NULL))
|
||||
ret = BAD_FUNC_ARG;
|
||||
|
||||
/* Check the size of the prime meets the requirements of the SSL context. */
|
||||
if (((word16)pSz < ctx->minDhKeySz) || ((word16)pSz > ctx->maxDhKeySz)) {
|
||||
ret = DH_KEY_SIZE_E;
|
||||
if (ret == 1) {
|
||||
if (((word16)pSz < ctx->minDhKeySz) || ((word16)pSz > ctx->maxDhKeySz)) {
|
||||
ret = DH_KEY_SIZE_E;
|
||||
}
|
||||
}
|
||||
|
||||
#if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \
|
||||
|
||||
+9
-5
@@ -10296,13 +10296,17 @@ static int test_wolfSSL_clear_secure_renegotiation(void)
|
||||
|
||||
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl));
|
||||
ExpectNotNull(ssl->secure_renegotiation);
|
||||
if (ssl->secure_renegotiation != NULL)
|
||||
ssl->secure_renegotiation->enabled = 1;
|
||||
if (EXPECT_SUCCESS()) {
|
||||
if (ssl->secure_renegotiation != NULL)
|
||||
ssl->secure_renegotiation->enabled = 1;
|
||||
}
|
||||
|
||||
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_clear(ssl));
|
||||
support = wolfSSL_SSL_get_secure_renegotiation_support(ssl);
|
||||
ExpectNull(ssl->secure_renegotiation);
|
||||
ExpectIntEQ(WOLFSSL_FAILURE, support);
|
||||
if (EXPECT_SUCCESS()) {
|
||||
support = wolfSSL_SSL_get_secure_renegotiation_support(ssl);
|
||||
ExpectNull(ssl->secure_renegotiation);
|
||||
ExpectIntEQ(WOLFSSL_FAILURE, support);
|
||||
}
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
|
||||
@@ -4577,8 +4577,12 @@ int test_wc_PKCS7_BER(void)
|
||||
}
|
||||
#ifndef NO_RSA
|
||||
#ifdef WOLFSSL_SP_MATH
|
||||
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
|
||||
sizeof(berContent), decoded, sizeof(decoded)), WC_NO_ERR_TRACE(WC_KEY_SIZE_E));
|
||||
if (EXPECT_SUCCESS()) {
|
||||
ret = wc_PKCS7_DecodeEnvelopedData(
|
||||
pkcs7, berContent, sizeof(berContent), decoded, sizeof(decoded));
|
||||
ExpectTrue((ret == WC_NO_ERR_TRACE(WC_KEY_SIZE_E)) ||
|
||||
(ret == WC_NO_ERR_TRACE(BUFFER_E)));
|
||||
}
|
||||
#else
|
||||
ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
|
||||
sizeof(berContent), decoded, sizeof(decoded)), 0);
|
||||
|
||||
+17
-4
@@ -900,8 +900,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void);
|
||||
#endif
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void);
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void);
|
||||
#ifndef NO_DSA
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void);
|
||||
#endif
|
||||
#ifdef WOLFCRYPT_HAVE_SRP
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void);
|
||||
#endif
|
||||
#ifndef WC_NO_RNG
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void);
|
||||
#ifdef WC_RNG_BANK_SUPPORT
|
||||
@@ -1268,7 +1272,7 @@ static void myFipsCb(int ok, int err, const char* hash)
|
||||
* fail, fire this callback, and produce millions of lines of
|
||||
* redundant output. Exit now -- the hash has been printed for
|
||||
* fips-hash.sh to extract, and no test can possibly pass. */
|
||||
exit(IN_CORE_FIPS_E);
|
||||
exit(IN_CORE_FIPS_E); /* NOLINT(concurrency-mt-unsafe) */
|
||||
#endif
|
||||
}
|
||||
#ifdef REALLY_LONG_DRBG_CONTINUOUS_TEST
|
||||
@@ -21987,8 +21991,17 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_bank_test(void)
|
||||
defined(WC_C_DYNAMIC_FALLBACK) && \
|
||||
defined(HAVE_HASHDRBG) && \
|
||||
defined(WC_NO_INTERNAL_FUNCTION_POINTERS)
|
||||
if (((struct DRBG_internal *)rng_inst->rng.drbg)->sha256.sha_method != 7 /* SHA256_C */)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(((struct DRBG_internal *)rng_inst->rng.drbg)->sha256.sha_method), out);
|
||||
#ifdef WOLFSSL_DRBG_SHA512
|
||||
if (rng_inst->rng.drbgType == WC_DRBG_SHA512) {
|
||||
if (((struct DRBG_SHA512_internal *)rng_inst->rng.drbg512)->sha512.sha_method != 5 /* SHA512_C */)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(((struct DRBG_SHA512_internal *)rng_inst->rng.drbg512)->sha512.sha_method), out);
|
||||
}
|
||||
else
|
||||
#endif /* WOLFSSL_DRBG_SHA512 */
|
||||
{
|
||||
if (((struct DRBG_internal *)rng_inst->rng.drbg)->sha256.sha_method != 7 /* SHA256_C */)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(((struct DRBG_internal *)rng_inst->rng.drbg)->sha256.sha_method), out);
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = wc_RNG_GenerateBlock(WC_RNG_BANK_INST_TO_RNG(rng_inst), outbuf1, sizeof(outbuf1));
|
||||
@@ -35408,7 +35421,7 @@ done:
|
||||
|
||||
#ifdef WOLFSSL_PUBLIC_MP
|
||||
|
||||
static wc_test_ret_t ecdsa_test_deterministic_k_rs(ecc_key *key,
|
||||
static WC_MAYBE_UNUSED wc_test_ret_t ecdsa_test_deterministic_k_rs(ecc_key *key,
|
||||
enum wc_HashType hashType, const char* msg, WC_RNG* rng,
|
||||
mp_int* r, mp_int* s,
|
||||
mp_int* expR, mp_int* expS)
|
||||
|
||||
@@ -237,8 +237,12 @@ extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void);
|
||||
#endif
|
||||
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void);
|
||||
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void);
|
||||
#ifndef NO_DSA
|
||||
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void);
|
||||
#endif
|
||||
#ifdef WOLFCRYPT_HAVE_SRP
|
||||
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void);
|
||||
#endif
|
||||
#ifndef WC_NO_RNG
|
||||
extern WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void);
|
||||
#ifdef WC_RNG_BANK_SUPPORT
|
||||
|
||||
@@ -310,14 +310,18 @@ WOLFSSL_API int wc_Sha384Hash_ex(const byte* data, word32 len, byte* hash,
|
||||
#ifdef WOLFSSL_SHA512
|
||||
#include <wolfssl/wolfcrypt/sha512.h>
|
||||
WOLFSSL_API int wc_Sha512Hash(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_API int wc_Sha512_224Hash(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_API int wc_Sha512_256Hash(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_API int wc_Sha512Hash_ex(const byte* data, word32 len, byte* hash,
|
||||
void* heap, int devId);
|
||||
WOLFSSL_API int wc_Sha512_224Hash_ex(const byte* data, word32 len, byte* hash,
|
||||
void* heap, int devId);
|
||||
WOLFSSL_API int wc_Sha512_256Hash_ex(const byte* data, word32 len, byte* hash,
|
||||
void* heap, int devId);
|
||||
#ifndef WOLFSSL_NOSHA512_224
|
||||
WOLFSSL_API int wc_Sha512_224Hash(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_API int wc_Sha512_224Hash_ex(const byte* data, word32 len,
|
||||
byte* hash, void* heap, int devId);
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA512_256
|
||||
WOLFSSL_API int wc_Sha512_256Hash(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_API int wc_Sha512_256Hash_ex(const byte* data, word32 len,
|
||||
byte* hash, void* heap, int devId);
|
||||
#endif
|
||||
#endif /* WOLFSSL_SHA512 */
|
||||
|
||||
#ifdef WOLFSSL_SHA3
|
||||
|
||||
@@ -338,7 +338,7 @@ struct DRBG_SHA512_internal {
|
||||
#ifdef HAVE_HASHDRBG
|
||||
enum wc_DrbgType {
|
||||
WC_DRBG_SHA256 = 0,
|
||||
WC_DRBG_SHA512 = 1,
|
||||
WC_DRBG_SHA512 = 1
|
||||
};
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user