diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index a56621e980..c7462182c8 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -36,7 +36,6 @@ BLAKE2B_SELFTEST BLAKE2S_SELFTEST BLOCKING BSDKM_EXPORT_SYMS -ENABLED_BSDKM_REGISTER BSP_DEFAULT_IO_CHANNEL_DEFINED BSP_LED_0 BSP_LED_1 @@ -215,6 +214,7 @@ DTLS_RECEIVEFROM_NO_TIMEOUT_ON_INVALID_PEER ECCSI_ORDER_MORE_BITS_THAN_PRIME ECC_DUMP_OID ECDHE_SIZE +ENABLED_BSDKM_REGISTER ENABLE_SECURE_SOCKETS_LOGS ESP32 ESP8266 @@ -281,10 +281,10 @@ HAVE_INTEL_QAT_SYNC HAVE_INTEL_SPEEDUP HAVE_MDK_RTX HAVE_NETX_BSD -HAVE_PKCS7_ECC_RAW_SIGN_CALLBACK -HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK HAVE_PKCS11_STATIC HAVE_PKCS11_V3_STATIC +HAVE_PKCS7_ECC_RAW_SIGN_CALLBACK +HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK HAVE_POCO_LIB HAVE_RTP_SYS HAVE_SECURE_GETENV @@ -636,7 +636,6 @@ WC_NO_VERBOSE_RNG WC_PKCS11_FIND_WITH_ID_ONLY WC_PROTECT_ENCRYPTED_MEM WC_RNG_BLOCKING -WC_RSA_DIRECT WC_RSA_NONBLOCK WC_RSA_NONBLOCK_TIME WC_RSA_NO_FERMAT_CHECK diff --git a/src/ssl_api_pk.c b/src/ssl_api_pk.c index 92bdd522c1..36beecad9f 100644 --- a/src/ssl_api_pk.c +++ b/src/ssl_api_pk.c @@ -51,7 +51,7 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, const byte* pubKey, word32 pubSz, int label, int id, void* heap, int devId) { int ret = 0; - int type; + int type = 0; void *pkey = NULL; if (privKey == NULL) { @@ -84,14 +84,12 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, type = DYNAMIC_TYPE_DILITHIUM; break; #endif - #if defined(HAVE_FALCON) + #if defined(HAVE_FALCON) case FALCON_LEVEL1k: case FALCON_LEVEL5k: type = DYNAMIC_TYPE_FALCON; break; - #endif - default: - type = 0; + #endif } ret = CreateDevPrivateKey(&pkey, privKey, privSz, type, label, id, heap, @@ -108,12 +106,12 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, ret = wc_CryptoCb_RsaCheckPrivKey((RsaKey*)pkey, pubKey, pubSz); break; #endif - #ifdef HAVE_ECC + #ifdef HAVE_ECC case ECDSAk: ret = wc_CryptoCb_EccCheckPrivKey((ecc_key*)pkey, pubKey, pubSz); break; - #endif + #endif #if defined(HAVE_DILITHIUM) case ML_DSA_LEVEL2k: case ML_DSA_LEVEL3k: @@ -127,13 +125,13 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, WC_PQC_SIG_TYPE_DILITHIUM, pubKey, pubSz); break; #endif - #if defined(HAVE_FALCON) + #if defined(HAVE_FALCON) case FALCON_LEVEL1k: case FALCON_LEVEL5k: ret = wc_CryptoCb_PqcSignatureCheckPrivKey(pkey, WC_PQC_SIG_TYPE_FALCON, pubKey, pubSz); break; - #endif + #endif default: ret = 0; } @@ -146,31 +144,31 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz, #endif switch (keyOID) { -#ifndef NO_RSA + #ifndef NO_RSA case RSAk: - #ifdef WC_RSA_PSS + #ifdef WC_RSA_PSS case RSAPSSk: - #endif + #endif wc_FreeRsaKey((RsaKey*)pkey); break; -#endif + #endif #ifdef HAVE_ECC case ECDSAk: wc_ecc_free((ecc_key*)pkey); break; #endif -#if defined(HAVE_DILITHIUM) + #if defined(HAVE_DILITHIUM) case ML_DSA_LEVEL2k: case ML_DSA_LEVEL3k: case ML_DSA_LEVEL5k: - #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT + #ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL5k: - #endif + #endif wc_dilithium_free((dilithium_key*)pkey); break; -#endif + #endif #if defined(HAVE_FALCON) case FALCON_LEVEL1k: case FALCON_LEVEL5k: diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b9a28d4b18..6c1dbbeba5 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -31783,7 +31783,10 @@ typedef struct Srtp_Kdf_Tv { word32 ksSz; } Srtp_Kdf_Tv; -#define SRTP_KDF_LONG_KEY 5000 +#if !defined(BENCH_EMBEDDED) && !defined(HAVE_SELFTEST) && \ + (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0)) + #define SRTP_KDF_LONG_KEY 5000 +#endif WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) { @@ -32036,13 +32039,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) unsigned char keyE[32]; unsigned char keyA[20]; unsigned char keyS[14]; -#ifndef BENCH_EMBEDDED +#ifdef SRTP_KDF_LONG_KEY WC_DECLARE_VAR(keyELong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT); WC_DECLARE_VAR(keyALong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT); WC_DECLARE_VAR(keySLong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT); #endif -#ifndef BENCH_EMBEDDED +#ifdef SRTP_KDF_LONG_KEY WC_ALLOC_VAR(keyELong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT); WC_ALLOC_VAR(keyALong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT); WC_ALLOC_VAR(keySLong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT); @@ -32071,73 +32074,73 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_ENCRYPTION, keyE, tv[i].keSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_MSG_AUTH, keyA, tv[i].kaSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_SALT, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_ENCRYPTION, keyE, tv[i].keSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_MSG_AUTH, keyA, tv[i].kaSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_SALT, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); } #ifdef WOLFSSL_AES_128 @@ -32151,115 +32154,115 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, 33, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15, tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, 25, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, 25, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, -2, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, -2, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, NULL, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, NULL, tv[i].keSz, keyA, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, NULL, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, NULL, tv[i].kaSz, keyS, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz, NULL, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz, NULL, tv[i].ksSz); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); idx = wc_SRTP_KDF_kdr_to_idx(0); if (idx != -1) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); for (i = 0; i < 32; i++) { word32 kdr = 1U << i; @@ -32271,13 +32274,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) keyA, tv[i].kaSz, keyS, tv[i].ksSz, WC_SRTCP_48BIT_IDX); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyE, srtcpKe_48_1, tv[i].keSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyA, srtcpKa_48_1, tv[i].kaSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyS, srtcpKs_48_1, tv[i].ksSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); ret = wc_SRTCP_KDF_ex(mk48_2, (word32)sizeof(mk48_2), ms48_2, (word32)sizeof(ms48_2), @@ -32285,44 +32288,48 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) keyA, tv[i].kaSz, keyS, tv[i].ksSz, WC_SRTCP_48BIT_IDX); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(keyE, srtcpKe_48_2, tv[i].keSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyA, srtcpKa_48_2, tv[i].kaSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); if (XMEMCMP(keyS, srtcpKs_48_2, tv[i].ksSz) != 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); } idx = wc_SRTP_KDF_kdr_to_idx(kdr); if (idx != i) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); } -#ifndef BENCH_EMBEDDED +#ifdef SRTP_KDF_LONG_KEY /* Check that long messages can be created. */ ret = wc_SRTP_KDF(tv[0].key, tv[0].keySz, tv[0].salt, tv[0].saltSz, tv[0].kdfIdx, tv[0].index_c, keyELong, SRTP_KDF_LONG_KEY, keyALong, SRTP_KDF_LONG_KEY, keySLong, SRTP_KDF_LONG_KEY); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); /* Check that two bytes of counter are being used. */ if (XMEMCMP(keyELong, keyELong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) { - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); } if (XMEMCMP(keyELong, keyALong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) { - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); } if (XMEMCMP(keyELong, keySLong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) { - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, out); } +#endif /* SRTP_KDF_LONG_KEY */ +out: + +#ifdef SRTP_KDF_LONG_KEY WC_FREE_VAR(keyELong, HEAP_HINT); WC_FREE_VAR(keyALong, HEAP_HINT); WC_FREE_VAR(keySLong, HEAP_HINT); #endif - return 0; + return ret; } #endif