Skip to content

Commit 2ca9f66

Browse files
douzzerdouzzer
committed
wolfcrypt/test/test.c: add FIPS gate around wc_DhGeneratePublic() test in dh_ffdhe_test().
1 parent 477d7fa commit 2ca9f66

2 files changed

Lines changed: 11 additions & 0 deletions

File tree

.wolfssl_known_macro_extras

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -420,6 +420,7 @@ NO_STDIO_FGETS_REMAP
420420
NO_TKERNEL_MEM_POOL
421421
NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
422422
NO_VERIFY_OID
423+
NO_WC_DHGENERATEPUBLIC
423424
NO_WC_SSIZE_TYPE
424425
NO_WOLFSSL_ALLOC_ALIGN
425426
NO_WOLFSSL_AUTOSAR_CRYIF

wolfcrypt/test/test.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23614,6 +23614,15 @@ static wc_test_ret_t dh_ffdhe_test(WC_RNG *rng, int name)
2361423614
ERROR_OUT(WC_TEST_RET_ENC_NC, done);
2361523615
}
2361623616

23617+
/* wc_DhGeneratePublic_fips() was added in 5.2.3, but some customers are
23618+
* building with configure scripts that set version to 5.2.1, but with 5.2.3
23619+
* wolfCrypt sources.
23620+
*/
23621+
#if !(defined(HAVE_SELFTEST) || \
23622+
(defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,2,3)) || \
23623+
FIPS_VERSION3_EQ(6,0,0) || \
23624+
defined(NO_WC_DHGENERATEPUBLIC))
23625+
2361723626
/* additional test for wc_DhGeneratePublic:
2361823627
* 1. reset key2.
2361923628
* 2. using priv from dh key 1, generate pub2 with
@@ -23645,6 +23654,7 @@ static wc_test_ret_t dh_ffdhe_test(WC_RNG *rng, int name)
2364523654
if (pubSz != pubSz2 || XMEMCMP(pub, pub2, pubSz)) {
2364623655
ERROR_OUT(WC_TEST_RET_ENC_NC, done);
2364723656
}
23657+
#endif /* !(HAVE_SELFTEST || FIPS <5.2.3 || FIPS == 6.0.0 || NO_WC_DHGENERATEPUBLIC */
2364823658

2364923659
#if (defined(WOLFSSL_HAVE_SP_DH) || defined(USE_FAST_MATH)) && \
2365023660
!defined(HAVE_INTEL_QA)

0 commit comments

Comments
 (0)