Merge pull request #8549 from douzzer/20250311-aesxts-stream-armasm-and-unit-test-wolfcrypt-test

20250311-aesxts-stream-armasm-and-unit-test-wolfcrypt-test

CMakeLists.txt

@@ -2538,7 +2538,6 @@ if(WOLFSSL_EXAMPLES)
         tests/api/test_dtls.c
         tests/api/test_ocsp.c
         tests/api/test_evp.c
-        tests/hash.c
         tests/srp.c
         tests/suites.c
         tests/w64wrapper.c
@@ -2547,7 +2546,8 @@ if(WOLFSSL_EXAMPLES)
         tests/utils.c
         testsuite/utils.c
         examples/server/server.c
-        examples/client/client.c)
+        examples/client/client.c
+        wolfcrypt/test/test.c)
     target_include_directories(unit_test PRIVATE
         ${CMAKE_CURRENT_BINARY_DIR})
     target_compile_options(unit_test PUBLIC "-DNO_MAIN_DRIVER")

configure.ac

@@ -1312,7 +1312,7 @@ then
     then
         test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
         test "$enable_aesxts" = "" && enable_aesxts=yes
-        test "$enable_aesxts_stream" = "" && test "$enable_aesxts" = "yes" && (test "$enable_armasm" = "" || test "$enable_armasm" = "no") && enable_aesxts_stream=yes
+        test "$enable_aesxts_stream" = "" && test "$enable_aesxts" = "yes" && enable_aesxts_stream=yes
         test "$enable_aessiv" = "" && enable_aessiv=yes
         test "$enable_shake128" = "" && enable_shake128=yes
         test "$enable_shake256" = "" && enable_shake256=yes
@@ -3221,7 +3221,6 @@ then
             # Include options.h
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=no
-            ENABLED_AESGCM_STREAM=no # not yet implemented
             ENABLED_ARMASM_NEON=yes
             ENABLED_ARM_32=yes
             AC_MSG_NOTICE([32bit ARMv7-a found, setting mfpu to neon])
@@ -3241,7 +3240,6 @@ then
             # Include options.h
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=no
-            ENABLED_AESGCM_STREAM=no # not yet implemented
             ENABLED_ARMASM_NEON=no
             ENABLED_ARM_THUMB=yes
             ENABLED_ARM_32=yes
@@ -3259,7 +3257,6 @@ then
             AM_CPPFLAGS="$AM_CPPFLAGS -march=armv6 -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=6"
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=no
-            ENABLED_AESGCM_STREAM=no # not yet implemented
             ENABLED_ARMASM_NEON=no
             ENABLED_ARM_32=yes
             AC_MSG_NOTICE([32bit ARMv6 found])
@@ -3268,7 +3265,6 @@ then
             AM_CPPFLAGS="$AM_CPPFLAGS -march=armv4 -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=4"
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=no
-            ENABLED_AESGCM_STREAM=no # not yet implemented
             ENABLED_ARMASM_NEON=no
             ENABLED_ARM_32=yes
             AC_MSG_NOTICE([32bit ARMv4 found])
@@ -3323,7 +3319,6 @@ AC_ARG_ENABLE([riscv-asm],
 if test "$ENABLED_RISCV_ASM" != "no" && test "$ENABLED_ASM" = "yes"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_ASM"
-    ENABLED_AESGCM_STREAM=no # not yet implemented
     AC_MSG_NOTICE([64bit RISC-V assembly for AES])
 fi
 
@@ -5584,11 +5579,8 @@ AS_CASE([$FIPS_VERSION],
                (test "$FIPS_VERSION" != "dev" || test "$enable_aesgcm" != "no")],
             [ENABLED_AESGCM="yes"; AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"; AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESGCM"])
 
-        # AES-GCM streaming is part of the v6 FIPS suite, but isn't implemented
-        # for armasm on arm-v7 or earlier (see armasm setup above).
         AS_IF([test "$ENABLED_AESGCM_STREAM" != "yes" &&
-               (test "$FIPS_VERSION" != "dev" || test "$enable_aesgcm_stream" != "no") &&
-               ! (test "$ENABLED_ARMASM" = "yes" && test "$ENABLED_ARMASM_CRYPTO" = "no")],
+               (test "$FIPS_VERSION" != "dev" || test "$enable_aesgcm_stream" != "no")],
             [ENABLED_AESGCM_STREAM="yes"])
 
         AS_IF([test "x$ENABLED_AESOFB" = "xno" &&
@@ -5606,8 +5598,7 @@ AS_CASE([$FIPS_VERSION],
             [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
 
         AS_IF([test "x$ENABLED_AESXTS_STREAM" = "xno" &&
-               (test "$FIPS_VERSION" != "dev" || test "$enable_aesxts_stream" != "no") &&
-               ! (test "$ENABLED_ARMASM" = "yes" && test "$ENABLED_ARMASM_CRYPTO" = "no")],
+               (test "$FIPS_VERSION" != "dev" || test "$enable_aesxts_stream" != "no")],
             [ENABLED_AESXTS_STREAM="yes"])
 
         AS_IF([(test "$ENABLED_AESCCM" = "yes" && test "$HAVE_AESCCM_PORT" != "yes") ||
@@ -7961,6 +7952,11 @@ AC_ARG_ENABLE([crypttests],
     )
 AC_SUBST([ENABLED_CRYPT_TESTS])
 
+if test "$ENABLED_CRYPT_TESTS" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_CRYPT_TEST"
+fi
+
 # Build wolfCrypt test and benchmark as libraries. This will compile test.c and
 # benchmark.c and make their functions available via libraries, libwolfcrypttest
 # and libwolfcryptbench, respectively. Note that this feature is not enabled by
@@ -9050,7 +9046,7 @@ if test "$ENABLED_LINUXKM_LKCAPI_REGISTER" != "none"
 then
     AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER"
 
-    if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_RISCV_ASM" = "no" && test "$ENABLED_FIPS" = "no"; then
+    if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_FIPS" = "no"; then
         ENABLED_AESGCM_STREAM=yes
     fi
 

tests/include.am

@@ -11,12 +11,16 @@ tests_unit_test_SOURCES = \
                   tests/utils.c \
                   testsuite/utils.c \
                   tests/suites.c \
-                  tests/hash.c \
                   tests/w64wrapper.c \
                   tests/srp.c \
                   tests/quic.c \
                   examples/client/client.c \
                   examples/server/server.c
+
+if BUILD_WOLFCRYPT_TESTS
+tests_unit_test_SOURCES += wolfcrypt/test/test.c
+endif
+
 tests_unit_test_CFLAGS       = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(WOLFSENTRY_INCLUDE)
 tests_unit_test_LDADD        = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD) $(WOLFSENTRY_LIB)
 tests_unit_test_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la

tests/unit.c

@@ -29,6 +29,10 @@
 #include <stdio.h>
 #include <wolfssl/wolfcrypt/fips_test.h>
 
+#ifndef NO_CRYPT_TEST
+#include <wolfssl/test.h>
+#include "wolfcrypt/test/test.h"
+#endif
 
 int allTesting = 1;
 int apiTesting = 1;
@@ -218,6 +222,34 @@ int unit_test(int argc, char** argv)
         argv++;
     }
 
+#ifndef NO_CRYPT_TEST
+    /* wc_ test */
+    if (allTesting) {
+        func_args wc_args;
+
+        printf("\nwolfCrypt unit test:\n");
+
+        if ((ret = wolfCrypt_Init()) != 0) {
+            fprintf(stderr, "wolfCrypt_Init failed: %d\n", (int)ret);
+            goto exit;
+        }
+
+        XMEMSET(&wc_args, 0, sizeof(wc_args));
+        wolfcrypt_test(&wc_args);
+        if (wc_args.return_code != 0) {
+            ret = 1;
+            goto exit;
+        }
+
+        if ((ret = wolfCrypt_Cleanup()) != 0) {
+            fprintf(stderr, "wolfCrypt_Cleanup failed: %d\n", (int)ret);
+            goto exit;
+        }
+
+        printf("wolfCrypt unit test completed successfully.\n\n");
+    }
+#endif
+
 #ifdef WOLFSSL_ALLOW_SKIP_UNIT_TESTS
     if (argc == 1)
 #endif
@@ -232,11 +264,6 @@ int unit_test(int argc, char** argv)
             goto exit;
         }
 
-        if ((ret = HashTest()) != 0) {
-            fprintf(stderr, "hash test failed with %d\n", ret);
-            goto exit;
-        }
-
     #ifdef WOLFSSL_W64_WRAPPER
         if ((ret = w64wrapper_test()) != 0) {
             fprintf(stderr, "w64wrapper test failed with %d\n", ret);
@@ -246,7 +273,7 @@ int unit_test(int argc, char** argv)
 
     #ifdef WOLFSSL_QUIC
         if ((ret = QuicTest()) != 0) {
-            printf("quic test failed with %d\n", ret);
+            fprintf(stderr, "quic test failed with %d\n", ret);
             goto exit;
         }
     #endif

tests/unit.h

@@ -419,7 +419,6 @@ int ApiTest_RunName(char* name);
 int ApiTest(void);
 
 int  SuiteTest(int argc, char** argv);
-int  HashTest(void);
 void SrpTest(void);
 int w64wrapper_test(void);
 int QuicTest(void);

wolfcrypt/test/test.c

@@ -2396,16 +2396,20 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
     else
         TEST_PASS("PKCS7signed     test passed!\n");
 
+    PRIVATE_KEY_UNLOCK();
     if ( (ret = pkcs7enveloped_test()) != 0)
         TEST_FAIL("PKCS7enveloped  test failed!\n", ret);
     else
         TEST_PASS("PKCS7enveloped  test passed!\n");
+    PRIVATE_KEY_LOCK();
 
     #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+        PRIVATE_KEY_UNLOCK();
         if ( (ret = pkcs7authenveloped_test()) != 0)
             TEST_FAIL("PKCS7authenveloped  test failed!\n", ret);
         else
             TEST_PASS("PKCS7authenveloped  test passed!\n");
+        PRIVATE_KEY_LOCK();
     #endif
 #endif
 
@@ -60077,6 +60081,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
     /* set devId to something other than INVALID_DEVID */
     devId = 1;
     ret = wc_CryptoCb_RegisterDevice(devId, myCryptoDevCb, &myCtx);
+    if (ret != 0)
+        ret = WC_TEST_RET_ENC_EC(ret);
 #ifdef WOLF_CRYPTO_CB_FIND
     wc_CryptoCb_SetDeviceFindCb(myCryptoCbFind);
 #endif /* WOLF_CRYPTO_CB_FIND */
@@ -60187,6 +60193,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
         ret = cmac_test();
 #endif
 
+    wc_CryptoCb_UnRegisterDevice(devId);
+
     /* restore devId */
     devId = origDevId;