From fd7544ca19b5540c8de1c131723b37598ee344c8 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Thu, 27 Oct 2022 17:47:48 +1000 Subject: [PATCH] Regresssion testing fixes Ed25519 and Ed448 need to enable certs. If no system CA certs can't be parsed, wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and ECC are not enabled. Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined. MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length and 3 bytes of length. (new gcc compiler fix) --- configure.ac | 19 ++++++++++++------- tests/api.c | 3 ++- wolfcrypt/benchmark/benchmark.c | 3 ++- wolfcrypt/src/asn.c | 4 +++- 4 files changed, 19 insertions(+), 10 deletions(-) diff --git a/configure.ac b/configure.ac index 35506a40e..f4d5bf32b 100644 --- a/configure.ac +++ b/configure.ac @@ -7423,13 +7423,6 @@ esac # Update ENABLE_* variables # ################################################################################ -if test "x$ENABLED_LEANPSK" = "xyes" || test "x$ENABLED_CERTS" = "xno" || \ - test "x$ENABLED_ASN" = "xno" -then - ENABLED_CERTS=no - ENABLED_ASN=no -fi - if test "x$ENABLED_SYS_CA_CERTS" = "xyes" then if test "x$ENABLED_FILESYSTEM" = "xno" @@ -7544,6 +7537,11 @@ then ENABLED_CERTS=yes fi +if test "$ENABLED_ED25519" != "no" || test "$ENABLED_ED448" != "no" +then + ENABLED_CERTS=yes +fi + if test "$ENABLED_MD5" = "yes" then # turn off MD5 if leanpsk or leantls on @@ -7553,6 +7551,13 @@ then fi fi +if test "x$ENABLED_LEANPSK" = "xyes" || test "x$ENABLED_CERTS" = "xno" || \ + test "x$ENABLED_ASN" = "xno" +then + ENABLED_CERTS=no + ENABLED_ASN=no +fi + ################################################################################ # Check for build-type conflicts # ################################################################################ diff --git a/tests/api.c b/tests/api.c index 8f23065d2..4a77fb7b1 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1350,7 +1350,8 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void) { int ret = 0; -#if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) +#if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) && \ + (!defined(NO_RSA) || defined(HAVE_ECC)) WOLFSSL_CTX* ctx; byte dirValid = 0; diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 43184b48a..4034826ba 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -8326,8 +8326,9 @@ static void print_alg(const char* str, int* line) /* Display the usage options of the benchmark program. */ static void Usage(void) { + int e = 0; #ifndef WOLFSSL_BENCHMARK_ALL - int i, e = 0; + int i; int line; #endif diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5ad446442..786e5cfb3 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -214,6 +214,8 @@ extern int wc_InitRsaHw(RsaKey* key); /* Calculates the minimum number of bytes required to encode the value. + * + * Only support up to 2^24-1. * * @param [in] value Value to be encoded. * @return Number of bytes to encode value. @@ -221,7 +223,7 @@ extern int wc_InitRsaHw(RsaKey* key); static word32 BytePrecision(word32 value) { word32 i; - for (i = (word32)sizeof(value); i; --i) + for (i = (word32)sizeof(value) - 1; i; --i) if (value >> ((i - 1) * WOLFSSL_BIT_SIZE)) break;