From 7e5c41ca35e10c7e0c229877b9e995802614486c Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 11 Jun 2018 12:12:53 -0700
Subject: [PATCH] Fixes for some async issues in FIPSv2.

---
 wolfcrypt/src/aes.c   | 4 ++--
 wolfcrypt/test/test.c | 5 ++++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index 50894eaef..08955a6e3 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -8525,7 +8525,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     /* if async and byte count above threshold */
     /* only 12-byte IV is supported in HW */
     if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
-                            sz >= WC_ASYNC_THRESH_AES_GCM && ivSz == NONCE_SZ) {
+                    sz >= WC_ASYNC_THRESH_AES_GCM && ivSz == GCM_NONCE_MID_SZ) {
     #if defined(HAVE_CAVIUM)
         #ifdef HAVE_CAVIUM_V
         if (authInSz == 20) { /* Nitrox V GCM is only working with 20 byte AAD */
@@ -8878,7 +8878,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     /* if async and byte count above threshold */
     /* only 12-byte IV is supported in HW */
     if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
-                            sz >= WC_ASYNC_THRESH_AES_GCM && ivSz == NONCE_SZ) {
+                    sz >= WC_ASYNC_THRESH_AES_GCM && ivSz == GCM_NONCE_MID_SZ) {
     #if defined(HAVE_CAVIUM)
         #ifdef HAVE_CAVIUM_V
         if (authInSz == 20) { /* Nitrox V GCM is only working with 20 byte AAD */
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index 3b1cb8c98..61a0899a6 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -9759,7 +9759,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
     ret = 0;
     do {
 #if defined(WOLFSSL_ASYNC_CRYPT)
-        ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
+        ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
 #endif
         if (ret >= 0) {
             ret = wc_MakeSelfCert(myCert, der, FOURK_BUF, key, rng);
@@ -11322,6 +11322,9 @@ static int dh_fips_generate_test(WC_RNG *rng)
     pubSz = sizeof(pub);
 
     ret = wc_DhGenerateKeyPair(&key, rng, priv, &privSz, pub, &pubSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
     if (ret != 0) {
         ERROR_OUT(-8227, exit_gen_test);
     }