tests: skip AesFeatureCoverage GCM/CCM under the self-test module

The PRB-CAVP-selftest-v2 leg (--enable-selftest=v2, frozen wolfCrypt 4.1.0
crypto) failed in test_wc_AesFeatureCoverage.

Reproduced against that exact build; the failing assertion is:

    tests/api/test_aes.c:8324
      ExpectIntEQ(wc_AesCcmEncrypt(&aes, NULL, NULL, 0, ccmNonce13,
        sizeof(ccmNonce13), ccmTag, 16, ccmAad, sizeof(ccmAad)), 0)   /* got -173 */

That is the AAD-only (empty-plaintext) CCM case. Current wolfCrypt accepts
NULL in/out when inSz==0; the frozen v4.1.0 wc_AesCcmEncrypt rejects in/out==NULL
unconditionally and returns BAD_FUNC_ARG. Same class as the RsaDecisionCoverage
self-test fix: the frozen module's argument-validation contract predates the
modern behaviour this test asserts.

This function's value is MC/DC of the open wolfcrypt/src/aes.c feature paths,
which is not the aes.c compiled under --enable-selftest, so under self-test it
measures nothing and only risks such divergences. The key-wrap block in this
same function already excludes HAVE_SELFTEST (and the AES *ArgMcdc tests do
too); extend that to the GCM/GMAC and CCM blocks. HAVE_FIPS is intentionally
left running -- that (newer) module honours these paths and never flagged this
test; the open MC/DC campaign builds are unaffected.

Verified: skipped cleanly under --enable-selftest=v2 (test index 278, matching
CI); open build still runs and passes it.
This commit is contained in:
Daniele Lacamera
2026-07-07 13:27:11 +02:00
parent b9925e72f7
commit e14a3aafc9
+13 -4
View File
@@ -8393,7 +8393,16 @@ int test_wc_AesGcmDecisionCoverage(void)
int test_wc_AesFeatureCoverage(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
/* This function's value is MC/DC of the *open* wolfcrypt/src/aes.c feature
* paths. Under the frozen self-test module that aes.c is not the code being
* exercised, and some of these modern behaviours are not part of its contract:
* e.g. the AAD-only wc_AesCcmEncrypt(NULL,NULL,0,...) case below returns 0 in
* current wolfCrypt but BAD_FUNC_ARG in the frozen v4.1.0 aes.c (which rejects
* in/out==NULL unconditionally). The key-wrap block already excludes
* HAVE_SELFTEST for the same reason; exclude the GCM/GMAC and CCM blocks too.
* HAVE_FIPS is intentionally left running (that newer module honours these
* paths); the open MC/DC campaign builds are unaffected. */
#if !defined(NO_AES) && defined(HAVE_AESGCM) && !defined(HAVE_SELFTEST)
/* ---- AES-GCM streaming API: multi-chunk AAD and data ---- */
/* Uses a hardcoded 256-bit key, so requires AES-256. */
#if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_AES_256)
@@ -8498,9 +8507,9 @@ int test_wc_AesFeatureCoverage(void)
sizeof(gmacAad), gmacTag, sizeof(gmacTag)), 0);
wc_AesFree(&gmac.aes);
}
#endif /* !NO_AES && HAVE_AESGCM */
#endif /* !NO_AES && HAVE_AESGCM && !HAVE_SELFTEST */
#if !defined(NO_AES) && defined(HAVE_AESCCM)
#if !defined(NO_AES) && defined(HAVE_AESCCM) && !defined(HAVE_SELFTEST)
/* ---- AES-CCM round trips with varied AAD / nonce / tag sizes ---- */
{
static const byte ccmKey[16] = {
@@ -8567,7 +8576,7 @@ int test_wc_AesFeatureCoverage(void)
if (initDone) wc_AesFree(&aes);
}
#endif /* !NO_AES && HAVE_AESCCM */
#endif /* !NO_AES && HAVE_AESCCM && !HAVE_SELFTEST */
/* kwKey below is a 192-bit key, so this block requires AES-192. */
#if !defined(NO_AES) && defined(HAVE_AES_KEYWRAP) && defined(WOLFSSL_AES_192) && \