From 54fd3e632df82d7a2eeb3c33bccffd1ae34c1497 Mon Sep 17 00:00:00 2001 From: Brett Nicholas <7547222+bigbrett@users.noreply.github.com> Date: Wed, 11 Feb 2026 16:00:21 -0700 Subject: [PATCH 1/5] fix CMAC DMA message padding, fix types --- src/wh_server_crypto.c | 28 ++++++++++++++-------------- wolfhsm/wh_message_crypto.h | 2 +- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/src/wh_server_crypto.c b/src/wh_server_crypto.c index 282f0d0e..3e31092f 100644 --- a/src/wh_server_crypto.c +++ b/src/wh_server_crypto.c @@ -2974,7 +2974,7 @@ static int _HandleAesGcmDma(whServerContext* ctx, uint16_t magic, uint16_t seq, * outKey must be at least AES_MAX_KEY_SIZE bytes. */ static int _CmacResolveKey(whServerContext* ctx, const uint8_t* requestKey, uint32_t requestKeySz, whKeyId clientKeyId, - uint8_t* outKey, word32* outKeyLen) + uint8_t* outKey, uint32_t* outKeyLen) { int ret = WH_ERROR_OK; @@ -3052,7 +3052,6 @@ static int _HandleCmac(whServerContext* ctx, uint16_t magic, uint16_t seq, return WH_ERROR_BADARGS; } - word32 len; /* Setup fixed size fields */ uint8_t* in = @@ -3064,7 +3063,7 @@ static int _HandleCmac(whServerContext* ctx, uint16_t magic, uint16_t seq, memset(&res, 0, sizeof(res)); uint8_t tmpKey[AES_MAX_KEY_SIZE]; - word32 tmpKeyLen = sizeof(tmpKey); + uint32_t tmpKeyLen = sizeof(tmpKey); Cmac cmac[1]; /* Resolve the key to use */ @@ -3072,12 +3071,13 @@ static int _HandleCmac(whServerContext* ctx, uint16_t magic, uint16_t seq, /* Oneshot: input and output are both present */ if (ret == 0 && req.inSz != 0 && req.outSz != 0) { - len = req.outSz; + word32 len = (word32)req.outSz; WH_DEBUG_SERVER_VERBOSE("cmac generate oneshot\n"); - ret = wc_AesCmacGenerate_ex(cmac, out, &len, in, req.inSz, tmpKey, - tmpKeyLen, NULL, ctx->crypto->devId); + ret = + wc_AesCmacGenerate_ex(cmac, out, &len, in, req.inSz, tmpKey, + (word32)tmpKeyLen, NULL, ctx->crypto->devId); if (ret == 0) { res.outSz = len; @@ -3113,10 +3113,10 @@ static int _HandleCmac(whServerContext* ctx, uint16_t magic, uint16_t seq, if (ret == 0 && req.outSz != 0) { /* Finalize CMAC operation */ - len = req.outSz; + word32 len = (word32)req.outSz; WH_DEBUG_SERVER_VERBOSE("cmac final len:%d\n", len); ret = wc_CmacFinal(cmac, out, &len); - res.outSz = len; + res.outSz = (uint32_t)len; res.keyId = WH_KEYID_ERASED; } else if (ret == 0) { @@ -5111,7 +5111,7 @@ static int _HandleCmacDma(whServerContext* ctx, uint16_t magic, uint16_t seq, void* inAddr = NULL; uint8_t tmpKey[AES_MAX_KEY_SIZE]; - word32 tmpKeyLen = sizeof(tmpKey); + uint32_t tmpKeyLen = sizeof(tmpKey); Cmac cmac[1]; /* Attempt oneshot if input and output are both present */ @@ -5137,7 +5137,7 @@ static int _HandleCmacDma(whServerContext* ctx, uint16_t magic, uint16_t seq, WH_DEBUG_SERVER_VERBOSE("dma cmac generate oneshot\n"); ret = wc_AesCmacGenerate_ex(cmac, out, &len, inAddr, req.input.sz, - tmpKey, tmpKeyLen, NULL, + tmpKey, (word32)tmpKeyLen, NULL, ctx->crypto->devId); } else if (ret == WH_ERROR_OK) { @@ -5145,8 +5145,8 @@ static int _HandleCmacDma(whServerContext* ctx, uint16_t magic, uint16_t seq, WH_DEBUG_SERVER_VERBOSE("dma cmac generate oneshot with keyId:%x\n", req.keyId); - ret = wc_InitCmac_ex(cmac, tmpKey, tmpKeyLen, WC_CMAC_AES, NULL, - NULL, ctx->crypto->devId); + ret = wc_InitCmac_ex(cmac, tmpKey, (word32)tmpKeyLen, WC_CMAC_AES, + NULL, NULL, ctx->crypto->devId); if (ret == WH_ERROR_OK) { ret = @@ -5171,8 +5171,8 @@ static int _HandleCmacDma(whServerContext* ctx, uint16_t magic, uint16_t seq, /* Initialize CMAC context with key (re-derives k1/k2 subkeys) */ if (ret == 0) { - ret = wc_InitCmac_ex(cmac, tmpKey, tmpKeyLen, WC_CMAC_AES, NULL, - NULL, ctx->crypto->devId); + ret = wc_InitCmac_ex(cmac, tmpKey, (word32)tmpKeyLen, WC_CMAC_AES, + NULL, NULL, ctx->crypto->devId); WH_DEBUG_SERVER_VERBOSE("dma cmac init with keylen:%d ret:%d\n", tmpKeyLen, ret); } diff --git a/wolfhsm/wh_message_crypto.h b/wolfhsm/wh_message_crypto.h index d6992a63..67ffd647 100644 --- a/wolfhsm/wh_message_crypto.h +++ b/wolfhsm/wh_message_crypto.h @@ -987,7 +987,7 @@ typedef struct { uint32_t outSz; /* output MAC size (0 = not finalizing) */ uint32_t keySz; /* inline key size (0 = use keyId) */ uint16_t keyId; /* HSM key ID */ - uint8_t WH_PAD[2]; + uint8_t WH_PAD[6]; /* Trailing data: uint8_t key[keySz] */ } whMessageCrypto_CmacAesDmaRequest; From f5441e5c08b8a8624b8e740ebcc5df0d9e5f9106 Mon Sep 17 00:00:00 2001 From: Brett Nicholas <7547222+bigbrett@users.noreply.github.com> Date: Fri, 13 Feb 2026 11:04:37 -0700 Subject: [PATCH 2/5] Fix SHE alignment, fix crypto test key cache leakage --- src/wh_server_she.c | 25 +++++++++++++------------ src/wh_she_common.c | 22 +++++++++++----------- src/wh_she_crypto.c | 12 ++++++------ test/wh_test_crypto.c | 17 +++++++++++++++++ test/wh_test_she.c | 4 ---- 5 files changed, 47 insertions(+), 33 deletions(-) diff --git a/src/wh_server_she.c b/src/wh_server_she.c index 633dfc4b..cbb7ed68 100644 --- a/src/wh_server_she.c +++ b/src/wh_server_she.c @@ -459,7 +459,7 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size, whNvmMetadata meta[1] = {0}; uint32_t she_meta_count = 0; uint32_t she_meta_flags = 0; - uint32_t* msg_counter_BE; + uint32_t msg_counter_val; whMessageShe_LoadKeyRequest req = {0}; whMessageShe_LoadKeyResponse resp = {0}; @@ -561,10 +561,10 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size, sizeof(server->she->uid)) != 0) { ret = WH_SHE_ERC_KEY_UPDATE_ERROR; } - /* verify msg_counter_BE is greater than stored value */ - msg_counter_BE = (uint32_t*)req.messageTwo; + /* verify msg_counter_val is greater than stored value */ + memcpy(&msg_counter_val, req.messageTwo, sizeof(uint32_t)); if (ret == 0 && keyRet != WH_ERROR_NOTFOUND && - wh_Utils_ntohl(*msg_counter_BE) >> 4 <= she_meta_count) { + wh_Utils_ntohl(msg_counter_val) >> 4 <= she_meta_count) { ret = WH_SHE_ERC_KEY_UPDATE_ERROR; } /* write key with msg_counter_BE */ @@ -572,7 +572,7 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size, meta->id = WH_MAKE_KEYID(WH_KEYTYPE_SHE, server->comm->client_id, _PopId(req.messageOne)); she_meta_flags = _PopFlags(req.messageTwo); - she_meta_count = wh_Utils_ntohl(*msg_counter_BE) >> 4; + she_meta_count = wh_Utils_ntohl(msg_counter_val) >> 4; /* Update the meta label with new values */ wh_She_Meta2Label(she_meta_count, she_meta_flags, meta->label); meta->len = WH_SHE_KEY_SZ; @@ -619,8 +619,8 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size, } if (ret == 0) { /* Prepare counter in separate buffer */ - msg_counter_BE = (uint32_t*)counter_buffer; - *msg_counter_BE = wh_Utils_htonl(she_meta_count << 4); + msg_counter_val = wh_Utils_htonl(she_meta_count << 4); + memcpy(counter_buffer, &msg_counter_val, sizeof(uint32_t)); counter_buffer[3] |= 0x08; /* First copy UID into messageFour */ @@ -714,7 +714,7 @@ static int _ExportRamKey(whServerContext* server, uint16_t magic, uint8_t cmacOutput[AES_BLOCK_SIZE]; uint8_t tmpKey[WH_SHE_KEY_SZ]; whNvmMetadata meta[1]; - uint32_t* counter; + uint32_t counter_val; whMessageShe_ExportRamKeyResponse resp; /* check if ram key was loaded by CMD_LOAD_PLAIN_KEY */ @@ -750,8 +750,8 @@ static int _ExportRamKey(whServerContext* server, uint16_t magic, /* set the counter, flags and ram key */ memset(resp.messageTwo, 0, sizeof(resp.messageTwo)); /* set count to 1 */ - counter = (uint32_t*)resp.messageTwo; - *counter = (wh_Utils_htonl(1) << 4); + counter_val = (wh_Utils_htonl(1) << 4); + memcpy(resp.messageTwo, &counter_val, sizeof(uint32_t)); keySz = WH_SHE_KEY_SZ; ret = wh_Server_KeystoreReadKey( server, @@ -821,8 +821,9 @@ static int _ExportRamKey(whServerContext* server, uint16_t magic, if (ret == 0) { memset(resp.messageFour, 0, sizeof(resp.messageFour)); /* set counter to 1, pad with 1 bit */ - counter = (uint32_t*)(resp.messageFour + WH_SHE_KEY_SZ); - *counter = (wh_Utils_htonl(1) << 4); + counter_val = (wh_Utils_htonl(1) << 4); + memcpy(resp.messageFour + WH_SHE_KEY_SZ, &counter_val, + sizeof(uint32_t)); resp.messageFour[WH_SHE_KEY_SZ + 3] |= 0x08; /* encrypt the new counter */ ret = wc_AesEncryptDirect(server->she->sheAes, diff --git a/src/wh_she_common.c b/src/wh_she_common.c index 3b7c9a05..b3d83a7f 100644 --- a/src/wh_she_common.c +++ b/src/wh_she_common.c @@ -37,38 +37,38 @@ #include "wolfhsm/wh_she_common.h" -typedef struct { - uint32_t count; - uint32_t flags; -} whSheMetadata; - int wh_She_Label2Meta(const uint8_t* label, uint32_t *out_count, uint32_t *out_flags) { - whSheMetadata* meta = (whSheMetadata*)label; + uint32_t tmp; if (label == NULL) { return WH_ERROR_BADARGS; } if (out_count != NULL) { - *out_count = wh_Utils_ntohl(meta->count); + memcpy(&tmp, label, sizeof(uint32_t)); + *out_count = wh_Utils_ntohl(tmp); } if (out_flags != NULL) { - *out_flags = wh_Utils_ntohl(meta->flags); + memcpy(&tmp, label + sizeof(uint32_t), sizeof(uint32_t)); + *out_flags = wh_Utils_ntohl(tmp); } return 0; } int wh_She_Meta2Label(uint32_t count, uint32_t flags, uint8_t* label) { - whSheMetadata* meta = (whSheMetadata*)label; + uint32_t tmp; + if (label == NULL) { return WH_ERROR_BADARGS; } - meta->count = wh_Utils_htonl(count); - meta->flags = wh_Utils_htonl(flags); + tmp = wh_Utils_htonl(count); + memcpy(label, &tmp, sizeof(uint32_t)); + tmp = wh_Utils_htonl(flags); + memcpy(label + sizeof(uint32_t), &tmp, sizeof(uint32_t)); return 0; } diff --git a/src/wh_she_crypto.c b/src/wh_she_crypto.c index bbf13d6b..f4cee87f 100644 --- a/src/wh_she_crypto.c +++ b/src/wh_she_crypto.c @@ -145,9 +145,9 @@ int wh_She_GenerateLoadableKey(uint8_t keyId, /* Build cleartext M2: set the counter, flags and key */ memset(messageTwo, 0, WH_SHE_M2_SZ); - *((uint32_t*)messageTwo) = wh_Utils_htonl( - (count << WH_SHE_M2_COUNT_SHIFT) | - (flags << WH_SHE_M2_FLAGS_SHIFT) ); + field = wh_Utils_htonl((count << WH_SHE_M2_COUNT_SHIFT) | + (flags << WH_SHE_M2_FLAGS_SHIFT)); + memcpy(messageTwo, &field, sizeof(uint32_t)); memcpy(messageTwo + WH_SHE_M2_KEY_OFFSET, key, WH_SHE_KEY_SZ); /* encrypt M2 with K1 */ @@ -214,9 +214,9 @@ int wh_She_GenerateLoadableKey(uint8_t keyId, (keyId << WH_SHE_M4_KID_SHIFT) | (authKeyId << WH_SHE_M4_AID_SHIFT); /* set counter, pad with 1 bit */ - *((uint32_t*)(messageFour + WH_SHE_M4_COUNT_OFFSET)) = - wh_Utils_htonl( (count << WH_SHE_M4_COUNT_SHIFT) | - (WH_SHE_M4_COUNT_PAD) ); + field = wh_Utils_htonl((count << WH_SHE_M4_COUNT_SHIFT) | + (WH_SHE_M4_COUNT_PAD)); + memcpy(messageFour + WH_SHE_M4_COUNT_OFFSET, &field, sizeof(uint32_t)); ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret == 0) { diff --git a/test/wh_test_crypto.c b/test/wh_test_crypto.c index 1aaeb9dc..93851fc0 100644 --- a/test/wh_test_crypto.c +++ b/test/wh_test_crypto.c @@ -1458,6 +1458,12 @@ static int whTest_CryptoCurve25519(whClientContext* ctx, int devId, WC_RNG* rng) ret = -1; } } + if (!WH_KEYID_ISERASED(key_id_a)) { + (void)wh_Client_KeyEvict(ctx, key_id_a); + } + if (!WH_KEYID_ISERASED(key_id_b)) { + (void)wh_Client_KeyEvict(ctx, key_id_b); + } wc_curve25519_free(key_b); } wc_curve25519_free(key_a); @@ -2045,6 +2051,7 @@ static int whTest_CryptoHkdf(whClientContext* ctx, int devId, WC_RNG* rng) /* Verify key was cached */ if (key_id == WH_KEYID_ERASED) { WH_ERROR_PRINT("Key ID was not assigned\n"); + (void)wh_Client_KeyEvict(ctx, key_id); return -1; } @@ -2057,6 +2064,7 @@ static int whTest_CryptoHkdf(whClientContext* ctx, int devId, WC_RNG* rng) sizeof(export_label), okm2, &export_len); if (ret != 0) { WH_ERROR_PRINT("Failed to wh_Client_KeyExport: %d\n", ret); + (void)wh_Client_KeyEvict(ctx, key_id); return ret; } @@ -2064,6 +2072,7 @@ static int whTest_CryptoHkdf(whClientContext* ctx, int devId, WC_RNG* rng) if (export_len != WH_TEST_HKDF_OKM_SIZE) { WH_ERROR_PRINT("Exported key length mismatch: %u != %u\n", export_len, WH_TEST_HKDF_OKM_SIZE); + (void)wh_Client_KeyEvict(ctx, key_id); return -1; } @@ -2071,10 +2080,18 @@ static int whTest_CryptoHkdf(whClientContext* ctx, int devId, WC_RNG* rng) if (memcmp(okm2, expected, WH_TEST_HKDF_OKM_SIZE) != 0) { WH_ERROR_PRINT( "HKDF output does not match expected (MakeCacheKey)\n"); + (void)wh_Client_KeyEvict(ctx, key_id); return -1; } } + /* Evict the cached HKDF key */ + ret = wh_Client_KeyEvict(ctx, key_id); + if (ret != 0) { + WH_ERROR_PRINT("Failed to evict HKDF cached key: %d\n", ret); + return ret; + } + /* Test 6: HKDF with cached input key */ { whKeyId keyIdIn = WH_KEYID_ERASED; diff --git a/test/wh_test_she.c b/test/wh_test_she.c index 3e710e93..ea918fcd 100644 --- a/test/wh_test_she.c +++ b/test/wh_test_she.c @@ -164,7 +164,6 @@ int whTest_SheClientConfig(whClientConfig* config) WH_TEST_RETURN_ON_FAIL(wh_Client_Init(client, config)); WH_TEST_RETURN_ON_FAIL(wh_Client_CommInit(client, &outClientId, &outServerId)); -#ifdef WOLFHSM_CFG_DEBUG_VERBOSE { int32_t server_rc = 0; whNvmId avail_objects = 0; @@ -182,7 +181,6 @@ int whTest_SheClientConfig(whClientConfig* config) ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, (int)reclaim_objects); } -#endif /* WOLFHSM_CFG_DEBUG_VERBOSE */ /* generate a new cmac key */ if ((ret = wc_InitRng_ex(rng, NULL, WH_DEV_ID)) != 0) { @@ -391,7 +389,6 @@ int whTest_SheClientConfig(whClientConfig* config) } WH_TEST_PRINT("SHE CMAC SUCCESS\n"); -#ifdef WOLFHSM_CFG_DEBUG_VERBOSE { int32_t server_rc = 0; whNvmId avail_objects = 0; @@ -409,7 +406,6 @@ int whTest_SheClientConfig(whClientConfig* config) ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, (int)reclaim_objects); } -#endif /* WOLFHSM_CFG_DEBUG_VERBOSE */ exit: From d963a283fa8556d3de3d616b3c7ddf727b8f04a3 Mon Sep 17 00:00:00 2001 From: Brett Nicholas <7547222+bigbrett@users.noreply.github.com> Date: Fri, 13 Feb 2026 13:02:42 -0700 Subject: [PATCH 3/5] fix leakage of server-side keys when key usage enforcement fails --- src/wh_server_crypto.c | 38 +++++++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/src/wh_server_crypto.c b/src/wh_server_crypto.c index 3e31092f..cfbc7692 100644 --- a/src/wh_server_crypto.c +++ b/src/wh_server_crypto.c @@ -451,7 +451,7 @@ static int _HandleRsaFunction( whServerContext* ctx, uint16_t magic, } } if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } } @@ -472,6 +472,7 @@ static int _HandleRsaFunction( whServerContext* ctx, uint16_t magic, /* free the key */ wc_FreeRsaKey(rsa); } +cleanup: if (evict != 0) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, key_id); @@ -930,7 +931,7 @@ static int _HandleEccSharedSecret(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, prv_key_id, WH_NVM_FLAGS_USAGE_DERIVE); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -965,6 +966,7 @@ static int _HandleEccSharedSecret(whServerContext* ctx, uint16_t magic, } wc_ecc_free(pub_key); } +cleanup: if (evict_pub) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, pub_key_id); @@ -1026,7 +1028,7 @@ static int _HandleEccSign(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_SIGN); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -1053,6 +1055,7 @@ static int _HandleEccSign(whServerContext* ctx, uint16_t magic, } wc_ecc_free(key); } +cleanup: if (evict != 0) { /* typecasting to void so that not overwrite ret */ (void)wh_Server_KeystoreEvictKey(ctx, key_id); @@ -1120,7 +1123,7 @@ static int _HandleEccVerify(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_VERIFY); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -1162,6 +1165,8 @@ static int _HandleEccVerify(whServerContext* ctx, uint16_t magic, } wc_ecc_free(key); } + +cleanup: if (evict != 0) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, key_id); @@ -1759,7 +1764,7 @@ static int _HandleCurve25519SharedSecret(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, prv_key_id, WH_NVM_FLAGS_USAGE_DERIVE); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -1796,6 +1801,7 @@ static int _HandleCurve25519SharedSecret(whServerContext* ctx, uint16_t magic, } wc_curve25519_free(priv); } +cleanup: if (evict_pub) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, pub_key_id); @@ -1943,7 +1949,7 @@ static int _HandleEd25519Sign(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_SIGN); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -1970,6 +1976,7 @@ static int _HandleEd25519Sign(whServerContext* ctx, uint16_t magic, memcpy(res_sig, sig, sig_len); } +cleanup: if (evict) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, key_id); @@ -2043,7 +2050,7 @@ static int _HandleEd25519Verify(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_VERIFY); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -2060,6 +2067,7 @@ static int _HandleEd25519Verify(whServerContext* ctx, uint16_t magic, wc_ed25519_free(key); } +cleanup: if (evict != 0) { (void)wh_Server_KeystoreEvictKey(ctx, key_id); } @@ -2121,7 +2129,7 @@ static int _HandleEd25519SignDma(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_SIGN); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -2168,6 +2176,7 @@ static int _HandleEd25519SignDma(whServerContext* ctx, uint16_t magic, ctx, (uintptr_t)req.msg.addr, &msgAddr, req.msg.sz, WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0}); +cleanup: if (evict != 0) { (void)wh_Server_KeystoreEvictKey(ctx, key_id); } @@ -2227,7 +2236,7 @@ static int _HandleEd25519VerifyDma(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_VERIFY); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -2272,6 +2281,7 @@ static int _HandleEd25519VerifyDma(whServerContext* ctx, uint16_t magic, ctx, (uintptr_t)req.sig.addr, &sigAddr, req.sig.sz, WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0}); +cleanup: if (evict != 0) { (void)wh_Server_KeystoreEvictKey(ctx, key_id); } @@ -3642,7 +3652,7 @@ static int _HandleMlDsaSign(whServerContext* ctx, uint16_t magic, ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_SIGN); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -3675,6 +3685,7 @@ static int _HandleMlDsaSign(whServerContext* ctx, uint16_t magic, } wc_MlDsaKey_Free(key); } +cleanup: if (evict != 0) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, key_id); @@ -3726,13 +3737,14 @@ static int _HandleMlDsaVerify(whServerContext* ctx, uint16_t magic, uint32_t sig_len = req.sigSz; byte* req_sig = (uint8_t*)(cryptoDataIn) + sizeof(whMessageCrypto_MlDsaVerifyRequest); + int evict = !!(options & WH_MESSAGE_CRYPTO_MLDSA_VERIFY_OPTIONS_EVICT); /* Validate key usage policy for verification */ if (!WH_KEYID_ISERASED(key_id)) { ret = wh_Server_KeystoreFindEnforceKeyUsage(ctx, key_id, WH_NVM_FLAGS_USAGE_VERIFY); if (ret != WH_ERROR_OK) { - return ret; + goto cleanup; } } @@ -3746,8 +3758,7 @@ static int _HandleMlDsaVerify(whServerContext* ctx, uint16_t magic, return WH_ERROR_BADARGS; } - byte* req_hash = req_sig + sig_len; - int evict = !!(options & WH_MESSAGE_CRYPTO_MLDSA_VERIFY_OPTIONS_EVICT); + byte* req_hash = req_sig + sig_len; /* Response message */ int result = 0; @@ -3764,6 +3775,7 @@ static int _HandleMlDsaVerify(whServerContext* ctx, uint16_t magic, } wc_MlDsaKey_Free(key); } +cleanup: if (evict != 0) { /* User requested to evict from cache, even if the call failed */ (void)wh_Server_KeystoreEvictKey(ctx, key_id); From ca2d533f41f17cdf955802ad7a772d43a5a4f95b Mon Sep 17 00:00:00 2001 From: Brett Nicholas <7547222+bigbrett@users.noreply.github.com> Date: Fri, 13 Feb 2026 13:27:53 -0700 Subject: [PATCH 4/5] remove unused debug macro protection --- test/wh_test_clientserver.c | 325 ++++++++++++++++-------------------- 1 file changed, 141 insertions(+), 184 deletions(-) diff --git a/test/wh_test_clientserver.c b/test/wh_test_clientserver.c index 15f4ea67..a5897e6a 100644 --- a/test/wh_test_clientserver.c +++ b/test/wh_test_clientserver.c @@ -414,9 +414,7 @@ static int _testClientCounter(whClientContext* client) whNvmId avail_objects; whNvmId reclaim_objects; -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Testing NVM counters...\n"); -#endif + WH_TEST_PRINT("Testing NVM counters...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CounterReset(client, counterId, &counter)); WH_TEST_ASSERT_RETURN(counter == 0); @@ -476,12 +474,11 @@ static int _testClientCounter(whClientContext* client) WH_TEST_RETURN_ON_FAIL(rc = wh_Client_NvmGetAvailable( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - rc, (int)server_rc, (int)avail_size, (int)avail_objects, - (int)reclaim_size, (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + rc, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); @@ -758,10 +755,8 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL( wh_Client_EchoRequest(client, send_len, send_buffer)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client EchoRequest:%d, len:%d, %.*s\n", ret, send_len, send_len, - send_buffer); -#endif + WH_TEST_DEBUG_PRINT("Client EchoRequest:%d, len:%d, %.*s\n", ret, + send_len, send_len, send_buffer); if (counter == 0) { WH_TEST_ASSERT_RETURN( @@ -771,17 +766,14 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Server HandleRequestMessage:%d\n", ret); -#endif WH_TEST_RETURN_ON_FAIL( wh_Client_EchoResponse(client, &recv_len, recv_buffer)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client EchoResponse:%d, len:%d, %.*s, expected:%.*s\n", ret, - recv_len, recv_len, recv_buffer, send_len, send_buffer); -#endif + WH_TEST_DEBUG_PRINT( + "Client EchoResponse:%d, len:%d, %.*s, expected:%.*s\n", ret, + recv_len, recv_len, recv_buffer, send_len, send_buffer); WH_TEST_ASSERT_RETURN(recv_len == send_len); WH_TEST_ASSERT_RETURN(strncmp(recv_buffer, send_buffer, recv_len) == 0); } @@ -792,10 +784,9 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL( wh_Client_NvmInitResponse(client, &server_rc, &client_id, &server_id)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmInitResponse:%d, server_rc:%d, clientid:%d serverid:%d\n", - ret, (int)server_rc, (int)client_id, (int)server_id); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmInitResponse:%d, server_rc:%d, clientid:%d serverid:%d\n", + ret, (int)server_rc, (int)client_id, (int)server_id); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -804,12 +795,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableResponse( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailableResponse:%d, server_rc:%d avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailableResponse:%d, server_rc:%d avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); @@ -835,11 +825,10 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) len = snprintf(send_buffer, sizeof(send_buffer), "Data:%d Counter:%d", id, counter); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmAddObjectRequest:%d, id:%u, access:0x%x, flags:0x%x, " - "len:%u label:%s\nData:%s\n", - ret, id, access, flags, len, label, send_buffer); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmAddObjectRequest:%d, id:%u, access:0x%x, flags:0x%x, " + "len:%u label:%s\nData:%s\n", + ret, id, access, flags, len, label, send_buffer); lastAvailObjects = avail_objects; @@ -849,10 +838,8 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL( wh_Client_NvmAddObjectResponse(client, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmAddObjectResponse:%d, server_rc:%d\n", ret, - (int)server_rc); -#endif + WH_TEST_DEBUG_PRINT("Client NvmAddObjectResponse:%d, server_rc:%d\n", + ret, (int)server_rc); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableRequest(client)); @@ -860,12 +847,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableResponse( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailableResponse:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailableResponse:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); /* Check that available objects decreased by one */ WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -876,11 +862,10 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetMetadataResponse( client, &server_rc, &gid, &gaccess, &gflags, &glen, sizeof(glabel), (uint8_t*)glabel)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetMetadataResponse:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\n", - ret, gid, gaccess, gflags, glen, glabel); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetMetadataResponse:%d, id:%u, access:0x%x, " + "flags:0x%x, len:%u label:%s\n", + ret, gid, gaccess, gflags, glen, glabel); /* Ensure metadata matches that of the object we just wrote */ WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -891,11 +876,10 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmReadResponse( client, &server_rc, &rlen, (uint8_t*)recv_buffer)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT( "Client NvmReadResponse:%d, server_rc:%d id:%u, len:%u data:%s\n", - ret, (int)server_rc, (unsigned int)gid, (unsigned int)rlen, recv_buffer); -#endif + ret, (int)server_rc, (unsigned int)gid, (unsigned int)rlen, + recv_buffer); /* Ensure data and size of response object matches that of the written * object */ @@ -917,10 +901,9 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmListResponse( client, &server_rc, &list_count, &list_id)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmListResponse:%d, server_rc:%d count:%u id:%u\n", ret, - (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmListResponse:%d, server_rc:%d count:%u id:%u\n", ret, + (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); if (list_count > 0) { /* ensure list_id contains ID of object written, and list_count @@ -932,11 +915,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL( wh_Client_NvmDestroyObjectsResponse(client, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmDestroyObjectsResponse:%d, server_rc:%d for " - "id:%u with count:%u\n", - ret, (int)server_rc, (unsigned int)list_id, (unsigned int)list_count); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmDestroyObjectsResponse:%d, server_rc:%d for " + "id:%u with count:%u\n", + ret, (int)server_rc, (unsigned int)list_id, + (unsigned int)list_count); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); /* Ensure object was destroyed and no longer exists */ @@ -947,10 +930,10 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) client, &server_rc, NULL, NULL, NULL, NULL, 0, NULL)); WH_TEST_ASSERT_RETURN(WH_ERROR_NOTFOUND == server_rc); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmListResponse:%d, server_rc:%d count:%u id:%u\n", - ret, (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmListResponse:%d, server_rc:%d count:%u id:%u\n", ret, + (int)server_rc, (unsigned int)list_count, + (unsigned int)list_id); list_id = 0; } @@ -988,12 +971,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) len = snprintf(send_buffer, sizeof(send_buffer), "Data:%d Counter:%d", meta.id, counter); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmAddObjectDmaRequest:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\nData:%s\n", - ret, meta.id, meta.access, meta.flags, len, meta.label, - send_buffer); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmAddObjectDmaRequest:%d, id:%u, access:0x%x, " + "flags:0x%x, len:%u label:%s\nData:%s\n", + ret, meta.id, meta.access, meta.flags, len, meta.label, + send_buffer); lastAvailObjects = avail_objects; @@ -1002,10 +984,9 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL( wh_Client_NvmAddObjectDmaResponse(client, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmAddObjectDmaResponse:%d, server_rc:%d, meta.len:%u\n", - ret, (int)server_rc, (unsigned int)meta.len); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmAddObjectDmaResponse:%d, server_rc:%d, meta.len:%u\n", + ret, (int)server_rc, (unsigned int)meta.len); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableRequest(client)); @@ -1013,12 +994,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableResponse( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailableResponse:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailableResponse:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(lastAvailObjects - 1 == avail_objects); WH_TEST_RETURN_ON_FAIL( @@ -1027,11 +1007,10 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetMetadataResponse( client, &server_rc, &gid, &gaccess, &gflags, &glen, sizeof(glabel), (uint8_t*)glabel)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetMetadataResponse:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\n", - ret, gid, gaccess, gflags, glen, glabel); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetMetadataResponse:%d, id:%u, access:0x%x, " + "flags:0x%x, len:%u label:%s\n", + ret, gid, gaccess, gflags, glen, glabel); /* Ensure metadata matches that of the object we just wrote */ WH_TEST_ASSERT_RETURN(gid == meta.id); @@ -1043,11 +1022,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL( wh_Client_NvmReadDmaResponse(client, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmReadDmaResponse:%d, server_rc:%d id:%u, len:%u " - "data:%s\n", - ret, (int)server_rc, (unsigned int)gid, (unsigned int)glen, recv_buffer); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmReadDmaResponse:%d, server_rc:%d id:%u, len:%u " + "data:%s\n", + ret, (int)server_rc, (unsigned int)gid, (unsigned int)glen, + recv_buffer); /* Ensure data and size of response object matches that of the written * object */ @@ -1062,10 +1041,9 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmListResponse( client, &server_rc, &list_count, &list_id)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmListResponse:%d, server_rc:%d count:%u id:%u\n", ret, - (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmListResponse:%d, server_rc:%d count:%u id:%u\n", ret, + (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); if (list_count > 0) { @@ -1080,11 +1058,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) wh_Client_NvmDestroyObjectsResponse(client, &server_rc)); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmDestroyObjectsResponse:%d, server_rc:%d for " - "id:%u with count:%u\n", - ret, (int)server_rc, (unsigned int)list_id, (unsigned int)list_count); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmDestroyObjectsResponse:%d, server_rc:%d for " + "id:%u with count:%u\n", + ret, (int)server_rc, (unsigned int)list_id, + (unsigned int)list_count); /* Ensure object was destroyed and no longer exists */ WH_TEST_RETURN_ON_FAIL( @@ -1102,9 +1080,8 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmCleanupRequest(client)); WH_TEST_RETURN_ON_FAIL(wh_Server_HandleRequestMessage(server)); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmCleanupResponse(client, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmCleanupResponse:%d, server_rc:%d\n", ret, (int)server_rc); -#endif + WH_TEST_DEBUG_PRINT("Client NvmCleanupResponse:%d, server_rc:%d\n", ret, + (int)server_rc); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableRequest(client)); @@ -1112,12 +1089,11 @@ int whTest_ClientServerSequential(whTestNvmBackendType nvmType) WH_TEST_RETURN_ON_FAIL(wh_Client_NvmGetAvailableResponse( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailableResponse:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailableResponse:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); @@ -1195,10 +1171,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL(ret = wh_Client_Echo(client, send_len, send_buffer, &recv_len, recv_buffer)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client Echo:%d, len:%d, %.*s, expected:%.*s\n", ret, recv_len, recv_len, recv_buffer, send_len, send_buffer); -#endif + WH_TEST_ASSERT_RETURN( recv_len == send_len); WH_TEST_ASSERT_RETURN( strncmp(recv_buffer, send_buffer, recv_len) == 0); } @@ -1212,12 +1187,11 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailable:%d, server_rc:%d avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailable:%d, server_rc:%d avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); @@ -1261,22 +1235,19 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) client, id, access, flags, label_len, (uint8_t*)label, len, (uint8_t*)send_buffer, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client NvmAddObject:%d, server_rc:%d\n", ret, - (int)server_rc); -#endif + (int)server_rc); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetAvailable( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); /* Check that available objects decreased by one */ WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -1287,11 +1258,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) &gaccess, &gflags, &glen, sizeof(glabel), (uint8_t*)glabel)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client NvmGetMetadata:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\n", - ret, gid, gaccess, gflags, glen, glabel); -#endif + "flags:0x%x, len:%u label:%s\n", + ret, gid, gaccess, gflags, glen, glabel); /* Ensure metadata matches that of the object we just wrote */ WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -1302,11 +1271,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) &server_rc, &rlen, (uint8_t*)recv_buffer)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT( - "Client NvmRead:%d, server_rc:%d id:%u, len:%u data:%s\n", - ret, (int)server_rc, (unsigned int)gid, (unsigned int)rlen, recv_buffer); -#endif + "Client NvmRead:%d, server_rc:%d id:%u, len:%u data:%s\n", ret, + (int)server_rc, (unsigned int)gid, (unsigned int)rlen, recv_buffer); /* Ensure data and size of response object matches that of the written * object */ @@ -1322,11 +1289,10 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) do { WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmList(client, list_access, list_flags, list_id, - &server_rc, &list_count, &list_id)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", ret, - (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); -#endif + &server_rc, &list_count, &list_id)); + WH_TEST_DEBUG_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", + ret, (int)server_rc, (unsigned int)list_count, + (unsigned int)list_id); if (list_count > 0) { /* ensure list_id contains ID of object written, and list_count @@ -1336,21 +1302,20 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmDestroyObjects(client, 1, &list_id, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client NvmDestroyObjects:%d, server_rc:%d for " - "id:%u with count:%u\n", - ret, (int)server_rc, (unsigned int)list_id, (unsigned int)list_count); -#endif + "id:%u with count:%u\n", + ret, (int)server_rc, (unsigned int)list_id, + (unsigned int)list_count); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); /* Ensure object was destroyed and no longer exists */ WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetMetadata(client, list_id, &server_rc, NULL, NULL, NULL, NULL, 0, NULL)); WH_TEST_ASSERT_RETURN(WH_ERROR_NOTFOUND == server_rc); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetMetadata:%d, server_rc:%d count:%u id:%u\n", - ret, (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetMetadata:%d, server_rc:%d count:%u id:%u\n", ret, + (int)server_rc, (unsigned int)list_count, + (unsigned int)list_id); list_id = 0; } @@ -1390,29 +1355,26 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmAddObjectDma(client, &meta, len, (uint8_t*)send_buffer, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmAddObjectDma:%d, server_rc:%d, meta.len:%u\n", - ret, (int)server_rc, meta.len); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmAddObjectDma:%d, server_rc:%d, meta.len:%u\n", ret, + (int)server_rc, meta.len); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetAvailable(client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(lastAvailObjects - 1 == avail_objects); WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetMetadata(client, meta.id, &server_rc, &gid, &gaccess, &gflags, &glen, sizeof(glabel), (uint8_t*)glabel)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client NvmGetMetadata:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\n", - ret, (unsigned int)gid, (unsigned int)gaccess, (unsigned int)gflags, (unsigned int)glen, glabel); -#endif + "flags:0x%x, len:%u label:%s\n", + ret, (unsigned int)gid, (unsigned int)gaccess, + (unsigned int)gflags, (unsigned int)glen, glabel); /* Ensure metadata matches that of the object we just wrote */ WH_TEST_ASSERT_RETURN(gid == meta.id); @@ -1422,11 +1384,10 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmReadDma(client, meta.id, 0, glen, (uint8_t*)recv_buffer, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client NvmReadDma:%d, server_rc:%d id:%u, len:%u " - "data:%s\n", - ret, (int)server_rc, (unsigned int)gid, (unsigned int)glen, recv_buffer); -#endif + "data:%s\n", + ret, (int)server_rc, (unsigned int)gid, + (unsigned int)glen, recv_buffer); /* Ensure data and size of response object matches that of the written * object */ @@ -1439,10 +1400,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmList(client, list_access, list_flags, list_id, &server_rc, &list_count, &list_id)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", ret, - (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); -#endif + WH_TEST_DEBUG_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", + ret, (int)server_rc, (unsigned int)list_count, + (unsigned int)list_id); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); if (list_count > 0) { @@ -1455,11 +1415,10 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) WH_TEST_DEBUG_PRINT("Client NvmDestroyObjects:%d, server_rc:%d for " - "id:%u with count:%u\n", - ret, (int)server_rc, (unsigned int)list_id, (unsigned int)list_count); -#endif + "id:%u with count:%u\n", + ret, (int)server_rc, (unsigned int)list_id, + (unsigned int)list_count); /* Ensure object was destroyed and no longer exists */ WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetMetadata(client, list_id, &server_rc, NULL, NULL, NULL, NULL, 0, NULL)); @@ -1471,21 +1430,19 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmCleanup(client, &server_rc)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmCleanup:%d, server_rc:%d\n", ret, (int)server_rc); -#endif + WH_TEST_DEBUG_PRINT("Client NvmCleanup:%d, server_rc:%d\n", ret, + (int)server_rc); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); /* Ensure NVM tests didn't leak objects */ WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetAvailable( - client, &server_rc, &avail_size, &avail_objects, &reclaim_size, - &reclaim_objects)); -#if defined(WOLFHSM_CFG_DEBUG_VERBOSE) - WH_TEST_DEBUG_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, (int)reclaim_size, - (int)reclaim_objects); -#endif + client, &server_rc, &avail_size, &avail_objects, + &reclaim_size, &reclaim_objects)); + WH_TEST_DEBUG_PRINT( + "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); From faf47b3820fe6a09b0a4153e07bbacb1b15b673e Mon Sep 17 00:00:00 2001 From: Brett Nicholas <7547222+bigbrett@users.noreply.github.com> Date: Fri, 13 Feb 2026 13:33:21 -0700 Subject: [PATCH 5/5] restore old test printf behavior --- test/wh_test_cert.c | 116 ++++++++++++++++++------------------ test/wh_test_clientserver.c | 110 ++++++++++++++++------------------ test/wh_test_nvmflags.c | 8 +-- 3 files changed, 114 insertions(+), 120 deletions(-) diff --git a/test/wh_test_cert.c b/test/wh_test_cert.c index 0da3f385..04250c77 100644 --- a/test/wh_test_cert.c +++ b/test/wh_test_cert.c @@ -68,30 +68,30 @@ int whTest_CertServerCfg(whServerConfig* serverCfg) /* Initialize server */ WH_TEST_RETURN_ON_FAIL(wh_Server_Init(server, serverCfg)); - WH_TEST_DEBUG_PRINT("Server initialized successfully\n"); + WH_TEST_PRINT("Server initialized successfully\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertInit(server)); /* Add trusted root certificate for chain A */ - WH_TEST_DEBUG_PRINT("Adding trusted root certificate for chain A...\n"); + WH_TEST_PRINT("Adding trusted root certificate for chain A...\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertAddTrusted( server, rootCertA, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_A_CERT, ROOT_A_CERT_len)); /* Add trusted root certificate for chain B */ - WH_TEST_DEBUG_PRINT("Adding trusted root certificate for chain B...\n"); + WH_TEST_PRINT("Adding trusted root certificate for chain B...\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertAddTrusted( server, rootCertB, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_B_CERT, ROOT_B_CERT_len)); /* Verify valid single cert (intermediate) */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Verifying valid single certificate...using intermediate cert\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertVerify( server, INTERMEDIATE_A_CERT, INTERMEDIATE_A_CERT_len, rootCertA, WH_CERT_FLAGS_NONE, WH_NVM_FLAGS_USAGE_ANY, NULL)); /* attempt to verify invalid cert (leaf w/o intermediate), should fail */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attempting to verify invalid single certificate...using leaf cert " "without intermediate\n"); WH_TEST_ASSERT_RETURN( @@ -101,7 +101,7 @@ int whTest_CertServerCfg(whServerConfig* serverCfg) /* attempt to verify invalid cert (intermediate with different root), * should fail */ - WH_TEST_DEBUG_PRINT("Attempting to verify invalid single certificate...using " + WH_TEST_PRINT("Attempting to verify invalid single certificate...using " "intermediate cert with different root\n"); WH_TEST_ASSERT_RETURN(WH_ERROR_CERT_VERIFY == wh_Server_CertVerify(server, INTERMEDIATE_B_CERT, @@ -110,19 +110,19 @@ int whTest_CertServerCfg(whServerConfig* serverCfg) WH_NVM_FLAGS_USAGE_ANY, NULL)); /* Verify valid chain */ - WH_TEST_DEBUG_PRINT("Verifying valid certificate chain...\n"); + WH_TEST_PRINT("Verifying valid certificate chain...\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertVerify( server, RAW_CERT_CHAIN_A, RAW_CERT_CHAIN_A_len, rootCertA, WH_CERT_FLAGS_NONE, WH_NVM_FLAGS_USAGE_ANY, NULL)); /* Verify valid chain B */ - WH_TEST_DEBUG_PRINT("Verifying valid certificate chain B...\n"); + WH_TEST_PRINT("Verifying valid certificate chain B...\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertVerify( server, RAW_CERT_CHAIN_B, RAW_CERT_CHAIN_B_len, rootCertB, WH_CERT_FLAGS_NONE, WH_NVM_FLAGS_USAGE_ANY, NULL)); /* attempt to verify invalid chains, should fail */ - WH_TEST_DEBUG_PRINT("Attempting to verify invalid certificate chains...\n"); + WH_TEST_PRINT("Attempting to verify invalid certificate chains...\n"); WH_TEST_ASSERT_RETURN(WH_ERROR_CERT_VERIFY == wh_Server_CertVerify(server, RAW_CERT_CHAIN_A, RAW_CERT_CHAIN_A_len, rootCertB, @@ -135,11 +135,11 @@ int whTest_CertServerCfg(whServerConfig* serverCfg) WH_NVM_FLAGS_USAGE_ANY, NULL)); /* remove trusted root certificate for chain A */ - WH_TEST_DEBUG_PRINT("Removing trusted root certificates...\n"); + WH_TEST_PRINT("Removing trusted root certificates...\n"); WH_TEST_RETURN_ON_FAIL(wh_Server_CertEraseTrusted(server, rootCertA)); WH_TEST_RETURN_ON_FAIL(wh_Server_CertEraseTrusted(server, rootCertB)); - WH_TEST_DEBUG_PRINT("Test completed successfully\n"); + WH_TEST_PRINT("Test completed successfully\n"); return rc; } #endif /* WOLFHSM_CFG_ENABLE_SERVER */ @@ -155,28 +155,28 @@ int whTest_CertClient(whClientContext* client) uint8_t exportedPubKey[LEAF_A_PUBKEY_len]; uint16_t exportedPubKeyLen = sizeof(exportedPubKey); - WH_TEST_DEBUG_PRINT("Starting certificate client test...\n"); + WH_TEST_PRINT("Starting certificate client test...\n"); /* Initialize certificate manager */ - WH_TEST_DEBUG_PRINT("Initializing certificate manager...\n"); + WH_TEST_PRINT("Initializing certificate manager...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertInit(client, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Add root certificates to NVM */ - WH_TEST_DEBUG_PRINT("Adding root certificate A to NVM...\n"); + WH_TEST_PRINT("Adding root certificate A to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrusted( client, rootCertA_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_A_CERT, ROOT_A_CERT_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Adding root certificate B to NVM...\n"); + WH_TEST_PRINT("Adding root certificate B to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrusted( client, rootCertB_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_B_CERT, ROOT_B_CERT_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Verify valid single cert (intermediate) */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Verifying valid single certificate...using intermediate cert\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerify(client, INTERMEDIATE_A_CERT, INTERMEDIATE_A_CERT_len, @@ -184,7 +184,7 @@ int whTest_CertClient(whClientContext* client) WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* attempt to verify invalid cert (leaf w/o intermediate), should fail */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attempting to verify invalid single certificate...using leaf cert " "without intermediate\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerify( @@ -193,7 +193,7 @@ int whTest_CertClient(whClientContext* client) /* attempt to verify invalid cert (intermediate with different root), * should fail */ - WH_TEST_DEBUG_PRINT("Attempting to verify invalid single certificate...using " + WH_TEST_PRINT("Attempting to verify invalid single certificate...using " "intermediate cert with different root\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerify(client, INTERMEDIATE_B_CERT, INTERMEDIATE_B_CERT_len, @@ -201,19 +201,19 @@ int whTest_CertClient(whClientContext* client) WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_CERT_VERIFY); /* Verify valid chain */ - WH_TEST_DEBUG_PRINT("Verifying valid certificate chain...\n"); + WH_TEST_PRINT("Verifying valid certificate chain...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerify( client, RAW_CERT_CHAIN_A, RAW_CERT_CHAIN_A_len, rootCertA_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Verify valid chain B */ - WH_TEST_DEBUG_PRINT("Verifying valid certificate chain B...\n"); + WH_TEST_PRINT("Verifying valid certificate chain B...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerify( client, RAW_CERT_CHAIN_B, RAW_CERT_CHAIN_B_len, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* attempt to verify invalid chains, should fail */ - WH_TEST_DEBUG_PRINT("Attempting to verify invalid certificate chains...\n"); + WH_TEST_PRINT("Attempting to verify invalid certificate chains...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerify( client, RAW_CERT_CHAIN_A, RAW_CERT_CHAIN_A_len, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_CERT_VERIFY); @@ -247,7 +247,7 @@ int whTest_CertClient(whClientContext* client) 0 == memcmp(exportedPubKey, LEAF_A_PUBKEY, LEAF_A_PUBKEY_len)); /* Clean up - delete the root certificates */ - WH_TEST_DEBUG_PRINT("Deleting root certificates...\n"); + WH_TEST_PRINT("Deleting root certificates...\n"); WH_TEST_RETURN_ON_FAIL( wh_Client_CertEraseTrusted(client, rootCertA_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); @@ -259,7 +259,7 @@ int whTest_CertClient(whClientContext* client) /* Test non-exportable flag enforcement */ WH_TEST_RETURN_ON_FAIL(whTest_CertNonExportable(client)); - WH_TEST_DEBUG_PRINT("Certificate client test completed successfully\n"); + WH_TEST_PRINT("Certificate client test completed successfully\n"); return rc; } @@ -273,42 +273,42 @@ int whTest_CertClientAcert(whClientContext* client) whNvmId trustedCertId = 1; whNvmId rootCertB_id = 2; - WH_TEST_DEBUG_PRINT("Starting attribute certificate client test...\n"); + WH_TEST_PRINT("Starting attribute certificate client test...\n"); /* Initialize certificate manager */ - WH_TEST_DEBUG_PRINT("Initializing certificate manager...\n"); + WH_TEST_PRINT("Initializing certificate manager...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertInit(client, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Add trusted certificate to NVM */ - WH_TEST_DEBUG_PRINT("Adding trusted certificate to NVM...\n"); + WH_TEST_PRINT("Adding trusted certificate to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrusted( client, trustedCertId, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, caCert_der, caCert_der_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Adding root certificate B to NVM...\n"); + WH_TEST_PRINT("Adding root certificate B to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrusted( client, rootCertB_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_B_CERT, ROOT_B_CERT_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Verify attribute certificate */ - WH_TEST_DEBUG_PRINT("Verifying attribute certificate...\n"); + WH_TEST_PRINT("Verifying attribute certificate...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyAcert( client, attrCert_der, attrCert_der_len, trustedCertId, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Attempt to verify attribute certificate with different root, should fail */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attempting to verify attribute certificate with different root...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyAcert( client, attrCert_der, attrCert_der_len, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_CERT_VERIFY); /* Clean up - delete the trusted certificates */ - WH_TEST_DEBUG_PRINT("Deleting trusted certificates...\n"); + WH_TEST_PRINT("Deleting trusted certificates...\n"); WH_TEST_RETURN_ON_FAIL( wh_Client_CertEraseTrusted(client, trustedCertId, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); @@ -317,7 +317,7 @@ int whTest_CertClientAcert(whClientContext* client) wh_Client_CertEraseTrusted(client, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attribute certificate client test completed successfully\n"); return rc; @@ -340,28 +340,28 @@ int whTest_CertClientDma_ClientServerTestInternal(whClientContext* client) uint8_t exportedPubKey[LEAF_A_PUBKEY_len]; uint16_t exportedPubKeyLen = sizeof(exportedPubKey); - WH_TEST_DEBUG_PRINT("Starting certificate client DMA test...\n"); + WH_TEST_PRINT("Starting certificate client DMA test...\n"); /* Initialize certificate manager */ - WH_TEST_DEBUG_PRINT("Initializing certificate manager...\n"); + WH_TEST_PRINT("Initializing certificate manager...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertInit(client, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Add root certificates to NVM */ - WH_TEST_DEBUG_PRINT("Adding root certificate A to NVM...\n"); + WH_TEST_PRINT("Adding root certificate A to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrustedDma( client, rootCertA_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_A_CERT, ROOT_A_CERT_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Adding root certificate B to NVM...\n"); + WH_TEST_PRINT("Adding root certificate B to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrustedDma( client, rootCertB_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_B_CERT, ROOT_B_CERT_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Verify valid single cert (intermediate) */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Verifying valid single certificate...using intermediate cert\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyDma(client, INTERMEDIATE_A_CERT, INTERMEDIATE_A_CERT_len, @@ -369,7 +369,7 @@ int whTest_CertClientDma_ClientServerTestInternal(whClientContext* client) WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* attempt to verify invalid cert (leaf w/o intermediate), should fail */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attempting to verify invalid single certificate...using leaf cert " "without intermediate\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyDma( @@ -378,7 +378,7 @@ int whTest_CertClientDma_ClientServerTestInternal(whClientContext* client) /* attempt to verify invalid cert (intermediate with different root), * should fail */ - WH_TEST_DEBUG_PRINT("Attempting to verify invalid single certificate...using " + WH_TEST_PRINT("Attempting to verify invalid single certificate...using " "intermediate cert with different root\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyDma(client, INTERMEDIATE_B_CERT, INTERMEDIATE_B_CERT_len, @@ -386,19 +386,19 @@ int whTest_CertClientDma_ClientServerTestInternal(whClientContext* client) WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_CERT_VERIFY); /* Verify valid chain */ - WH_TEST_DEBUG_PRINT("Verifying valid certificate chain...\n"); + WH_TEST_PRINT("Verifying valid certificate chain...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyDma( client, RAW_CERT_CHAIN_A, RAW_CERT_CHAIN_A_len, rootCertA_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Verify valid chain B */ - WH_TEST_DEBUG_PRINT("Verifying valid certificate chain B...\n"); + WH_TEST_PRINT("Verifying valid certificate chain B...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyDma( client, RAW_CERT_CHAIN_B, RAW_CERT_CHAIN_B_len, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* attempt to verify invalid chains, should fail */ - WH_TEST_DEBUG_PRINT("Attempting to verify invalid certificate chains...\n"); + WH_TEST_PRINT("Attempting to verify invalid certificate chains...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyDma( client, RAW_CERT_CHAIN_A, RAW_CERT_CHAIN_A_len, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_CERT_VERIFY); @@ -433,7 +433,7 @@ int whTest_CertClientDma_ClientServerTestInternal(whClientContext* client) 0 == memcmp(exportedPubKey, LEAF_A_PUBKEY, LEAF_A_PUBKEY_len)); /* Clean up - delete the root certificates */ - WH_TEST_DEBUG_PRINT("Deleting root certificates...\n"); + WH_TEST_PRINT("Deleting root certificates...\n"); WH_TEST_RETURN_ON_FAIL( wh_Client_CertEraseTrusted(client, rootCertA_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); @@ -442,7 +442,7 @@ int whTest_CertClientDma_ClientServerTestInternal(whClientContext* client) wh_Client_CertEraseTrusted(client, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Certificate client DMA test completed successfully\n"); + WH_TEST_PRINT("Certificate client DMA test completed successfully\n"); return rc; } @@ -460,42 +460,42 @@ int whTest_CertClientAcertDma_ClientServerTestInternal(whClientContext* client) whNvmId trustedCertId = 1; whNvmId rootCertB_id = 2; - WH_TEST_DEBUG_PRINT("Starting attribute certificate client test...\n"); + WH_TEST_PRINT("Starting attribute certificate client test...\n"); /* Initialize certificate manager */ - WH_TEST_DEBUG_PRINT("Initializing certificate manager...\n"); + WH_TEST_PRINT("Initializing certificate manager...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertInit(client, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Add trusted certificate to NVM */ - WH_TEST_DEBUG_PRINT("Adding trusted certificate to NVM...\n"); + WH_TEST_PRINT("Adding trusted certificate to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrustedDma( client, trustedCertId, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, caCert_der, caCert_der_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Adding root certificate B to NVM...\n"); + WH_TEST_PRINT("Adding root certificate B to NVM...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrustedDma( client, rootCertB_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, ROOT_B_CERT, ROOT_B_CERT_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Verify attribute certificate */ - WH_TEST_DEBUG_PRINT("Verifying attribute certificate...\n"); + WH_TEST_PRINT("Verifying attribute certificate...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyAcertDma( client, attrCert_der, attrCert_der_len, trustedCertId, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Attempt to verify attribute certificate with different root, should fail */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attempting to verify attribute certificate with different root...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertVerifyAcertDma( client, attrCert_der, attrCert_der_len, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_CERT_VERIFY); /* Clean up - delete the trusted certificates */ - WH_TEST_DEBUG_PRINT("Deleting trusted certificates...\n"); + WH_TEST_PRINT("Deleting trusted certificates...\n"); WH_TEST_RETURN_ON_FAIL( wh_Client_CertEraseTrusted(client, trustedCertId, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); @@ -504,7 +504,7 @@ int whTest_CertClientAcertDma_ClientServerTestInternal(whClientContext* client) wh_Client_CertEraseTrusted(client, rootCertB_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Attribute certificate client test completed successfully\n"); return rc; @@ -525,7 +525,7 @@ static int whTest_CertNonExportable(whClientContext* client) WH_TEST_PRINT("Testing non-exportable certificate functionality...\n"); /* Add exportable certificate */ - WH_TEST_DEBUG_PRINT("Adding exportable certificate...\n"); + WH_TEST_PRINT("Adding exportable certificate...\n"); WH_TEST_RETURN_ON_FAIL( wh_Client_CertAddTrusted(client, exportable_cert_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE, NULL, 0, @@ -533,7 +533,7 @@ static int whTest_CertNonExportable(whClientContext* client) WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Add non-exportable certificate */ - WH_TEST_DEBUG_PRINT("Adding non-exportable certificate...\n"); + WH_TEST_PRINT("Adding non-exportable certificate...\n"); WH_TEST_RETURN_ON_FAIL(wh_Client_CertAddTrusted( client, nonexportable_cert_id, WH_NVM_ACCESS_ANY, WH_NVM_FLAGS_NONMODIFIABLE | WH_NVM_FLAGS_NONEXPORTABLE, NULL, 0, @@ -541,14 +541,14 @@ static int whTest_CertNonExportable(whClientContext* client) WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Test reading exportable certificate - should succeed */ - WH_TEST_DEBUG_PRINT("Reading exportable certificate (should succeed)...\n"); + WH_TEST_PRINT("Reading exportable certificate (should succeed)...\n"); cert_len = sizeof(cert_buffer); WH_TEST_RETURN_ON_FAIL(wh_Client_CertReadTrusted( client, exportable_cert_id, cert_buffer, &cert_len, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); /* Test reading non-exportable certificate - should fail */ - WH_TEST_DEBUG_PRINT("Reading non-exportable certificate (should fail)...\n"); + WH_TEST_PRINT("Reading non-exportable certificate (should fail)...\n"); cert_len = sizeof(cert_buffer); WH_TEST_RETURN_ON_FAIL(wh_Client_CertReadTrusted( client, nonexportable_cert_id, cert_buffer, &cert_len, &out_rc)); @@ -556,7 +556,7 @@ static int whTest_CertNonExportable(whClientContext* client) #ifdef WOLFHSM_CFG_DMA /* Test DMA variant with non-exportable certificate */ - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Reading non-exportable certificate via DMA (should fail)...\n"); cert_len = sizeof(cert_buffer); WH_TEST_RETURN_ON_FAIL(wh_Client_CertReadTrustedDma( @@ -565,7 +565,7 @@ static int whTest_CertNonExportable(whClientContext* client) #endif /* Clean up - delete the certificates */ - WH_TEST_DEBUG_PRINT("Cleaning up certificates...\n"); + WH_TEST_PRINT("Cleaning up certificates...\n"); WH_TEST_RETURN_ON_FAIL( wh_Client_CertEraseTrusted(client, exportable_cert_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); @@ -574,7 +574,7 @@ static int whTest_CertNonExportable(whClientContext* client) wh_Client_CertEraseTrusted(client, nonexportable_cert_id, &out_rc)); WH_TEST_ASSERT_RETURN(out_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Non-exportable certificate test completed successfully\n"); + WH_TEST_PRINT("Non-exportable certificate test completed successfully\n"); return rc; } diff --git a/test/wh_test_clientserver.c b/test/wh_test_clientserver.c index a5897e6a..56107adb 100644 --- a/test/wh_test_clientserver.c +++ b/test/wh_test_clientserver.c @@ -1171,8 +1171,8 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL(ret = wh_Client_Echo(client, send_len, send_buffer, &recv_len, recv_buffer)); - WH_TEST_DEBUG_PRINT("Client Echo:%d, len:%d, %.*s, expected:%.*s\n", - ret, recv_len, recv_len, recv_buffer, send_len, send_buffer); + WH_TEST_PRINT("Client Echo:%d, len:%d, %.*s, expected:%.*s\n", ret, + recv_len, recv_len, recv_buffer, send_len, send_buffer); WH_TEST_ASSERT_RETURN( recv_len == send_len); WH_TEST_ASSERT_RETURN( strncmp(recv_buffer, send_buffer, recv_len) == 0); @@ -1187,11 +1187,10 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); - WH_TEST_DEBUG_PRINT( - "Client NvmGetAvailable:%d, server_rc:%d avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, - (int)reclaim_size, (int)reclaim_objects); + WH_TEST_PRINT("Client NvmGetAvailable:%d, server_rc:%d avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); @@ -1235,19 +1234,18 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) client, id, access, flags, label_len, (uint8_t*)label, len, (uint8_t*)send_buffer, &server_rc)); - WH_TEST_DEBUG_PRINT("Client NvmAddObject:%d, server_rc:%d\n", ret, - (int)server_rc); + WH_TEST_PRINT("Client NvmAddObject:%d, server_rc:%d\n", ret, + (int)server_rc); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetAvailable( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); - WH_TEST_DEBUG_PRINT( - "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, - (int)reclaim_size, (int)reclaim_objects); + WH_TEST_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); /* Check that available objects decreased by one */ WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -1258,9 +1256,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) &gaccess, &gflags, &glen, sizeof(glabel), (uint8_t*)glabel)); - WH_TEST_DEBUG_PRINT("Client NvmGetMetadata:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\n", - ret, gid, gaccess, gflags, glen, glabel); + WH_TEST_PRINT("Client NvmGetMetadata:%d, id:%u, access:0x%x, " + "flags:0x%x, len:%u label:%s\n", + ret, gid, gaccess, gflags, glen, glabel); /* Ensure metadata matches that of the object we just wrote */ WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); @@ -1271,9 +1269,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) &server_rc, &rlen, (uint8_t*)recv_buffer)); - WH_TEST_DEBUG_PRINT( - "Client NvmRead:%d, server_rc:%d id:%u, len:%u data:%s\n", ret, - (int)server_rc, (unsigned int)gid, (unsigned int)rlen, recv_buffer); + WH_TEST_PRINT("Client NvmRead:%d, server_rc:%d id:%u, len:%u data:%s\n", + ret, (int)server_rc, (unsigned int)gid, + (unsigned int)rlen, recv_buffer); /* Ensure data and size of response object matches that of the written * object */ @@ -1290,9 +1288,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmList(client, list_access, list_flags, list_id, &server_rc, &list_count, &list_id)); - WH_TEST_DEBUG_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", - ret, (int)server_rc, (unsigned int)list_count, - (unsigned int)list_id); + WH_TEST_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", ret, + (int)server_rc, (unsigned int)list_count, + (unsigned int)list_id); if (list_count > 0) { /* ensure list_id contains ID of object written, and list_count @@ -1302,17 +1300,17 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmDestroyObjects(client, 1, &list_id, &server_rc)); - WH_TEST_DEBUG_PRINT("Client NvmDestroyObjects:%d, server_rc:%d for " - "id:%u with count:%u\n", - ret, (int)server_rc, (unsigned int)list_id, - (unsigned int)list_count); + WH_TEST_PRINT("Client NvmDestroyObjects:%d, server_rc:%d for " + "id:%u with count:%u\n", + ret, (int)server_rc, (unsigned int)list_id, + (unsigned int)list_count); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); /* Ensure object was destroyed and no longer exists */ WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetMetadata(client, list_id, &server_rc, NULL, NULL, NULL, NULL, 0, NULL)); WH_TEST_ASSERT_RETURN(WH_ERROR_NOTFOUND == server_rc); - WH_TEST_DEBUG_PRINT( + WH_TEST_PRINT( "Client NvmGetMetadata:%d, server_rc:%d count:%u id:%u\n", ret, (int)server_rc, (unsigned int)list_count, (unsigned int)list_id); @@ -1355,26 +1353,24 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmAddObjectDma(client, &meta, len, (uint8_t*)send_buffer, &server_rc)); - WH_TEST_DEBUG_PRINT( - "Client NvmAddObjectDma:%d, server_rc:%d, meta.len:%u\n", ret, - (int)server_rc, meta.len); + WH_TEST_PRINT("Client NvmAddObjectDma:%d, server_rc:%d, meta.len:%u\n", + ret, (int)server_rc, meta.len); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetAvailable(client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); - WH_TEST_DEBUG_PRINT( - "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, - (int)reclaim_size, (int)reclaim_objects); + WH_TEST_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(lastAvailObjects - 1 == avail_objects); WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetMetadata(client, meta.id, &server_rc, &gid, &gaccess, &gflags, &glen, sizeof(glabel), (uint8_t*)glabel)); - WH_TEST_DEBUG_PRINT("Client NvmGetMetadata:%d, id:%u, access:0x%x, " - "flags:0x%x, len:%u label:%s\n", - ret, (unsigned int)gid, (unsigned int)gaccess, - (unsigned int)gflags, (unsigned int)glen, glabel); + WH_TEST_PRINT("Client NvmGetMetadata:%d, id:%u, access:0x%x, " + "flags:0x%x, len:%u label:%s\n", + ret, (unsigned int)gid, (unsigned int)gaccess, + (unsigned int)gflags, (unsigned int)glen, glabel); /* Ensure metadata matches that of the object we just wrote */ WH_TEST_ASSERT_RETURN(gid == meta.id); @@ -1384,10 +1380,10 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmReadDma(client, meta.id, 0, glen, (uint8_t*)recv_buffer, &server_rc)); - WH_TEST_DEBUG_PRINT("Client NvmReadDma:%d, server_rc:%d id:%u, len:%u " - "data:%s\n", - ret, (int)server_rc, (unsigned int)gid, - (unsigned int)glen, recv_buffer); + WH_TEST_PRINT("Client NvmReadDma:%d, server_rc:%d id:%u, len:%u " + "data:%s\n", + ret, (int)server_rc, (unsigned int)gid, + (unsigned int)glen, recv_buffer); /* Ensure data and size of response object matches that of the written * object */ @@ -1400,9 +1396,9 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL( ret = wh_Client_NvmList(client, list_access, list_flags, list_id, &server_rc, &list_count, &list_id)); - WH_TEST_DEBUG_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", - ret, (int)server_rc, (unsigned int)list_count, - (unsigned int)list_id); + WH_TEST_PRINT("Client NvmList:%d, server_rc:%d count:%u id:%u\n", ret, + (int)server_rc, (unsigned int)list_count, + (unsigned int)list_id); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); if (list_count > 0) { @@ -1415,10 +1411,10 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); - WH_TEST_DEBUG_PRINT("Client NvmDestroyObjects:%d, server_rc:%d for " - "id:%u with count:%u\n", - ret, (int)server_rc, (unsigned int)list_id, - (unsigned int)list_count); + WH_TEST_PRINT("Client NvmDestroyObjects:%d, server_rc:%d for " + "id:%u with count:%u\n", + ret, (int)server_rc, (unsigned int)list_id, + (unsigned int)list_count); /* Ensure object was destroyed and no longer exists */ WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetMetadata(client, list_id, &server_rc, NULL, NULL, NULL, NULL, 0, NULL)); @@ -1430,19 +1426,17 @@ int whTest_ClientServerClientConfig(whClientConfig* clientCfg) WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmCleanup(client, &server_rc)); - WH_TEST_DEBUG_PRINT("Client NvmCleanup:%d, server_rc:%d\n", ret, - (int)server_rc); + WH_TEST_PRINT("Client NvmCleanup:%d, server_rc:%d\n", ret, (int)server_rc); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); /* Ensure NVM tests didn't leak objects */ WH_TEST_RETURN_ON_FAIL(ret = wh_Client_NvmGetAvailable( client, &server_rc, &avail_size, &avail_objects, &reclaim_size, &reclaim_objects)); - WH_TEST_DEBUG_PRINT( - "Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " - "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", - ret, (int)server_rc, (int)avail_size, (int)avail_objects, - (int)reclaim_size, (int)reclaim_objects); + WH_TEST_PRINT("Client NvmGetAvailable:%d, server_rc:%d, avail_size:%d " + "avail_objects:%d, reclaim_size:%d reclaim_objects:%d\n", + ret, (int)server_rc, (int)avail_size, (int)avail_objects, + (int)reclaim_size, (int)reclaim_objects); WH_TEST_ASSERT_RETURN(server_rc == WH_ERROR_OK); WH_TEST_ASSERT_RETURN(avail_objects == WOLFHSM_CFG_NVM_OBJECT_COUNT); diff --git a/test/wh_test_nvmflags.c b/test/wh_test_nvmflags.c index d1427944..00ec332c 100644 --- a/test/wh_test_nvmflags.c +++ b/test/wh_test_nvmflags.c @@ -74,7 +74,7 @@ static int _testNonExportableNvmAccess(whClientContext* client) return -1; } - WH_TEST_DEBUG_PRINT("Non-exportable NVM object read correctly denied\n"); + WH_TEST_PRINT("Non-exportable NVM object read correctly denied\n"); /* Clean up NVM object */ whNvmId destroyList[] = {nvmId}; @@ -114,7 +114,7 @@ static int _testNonExportableNvmAccess(whClientContext* client) return -1; } - WH_TEST_DEBUG_PRINT("Exportable NVM object read succeeded\n"); + WH_TEST_PRINT("Exportable NVM object read succeeded\n"); /* Clean up */ out_rc = 0; @@ -149,7 +149,7 @@ static int _testNonExportableNvmAccess(whClientContext* client) return -1; } - WH_TEST_DEBUG_PRINT("Non-exportable NVM object DMA read correctly denied\n"); + WH_TEST_PRINT("Non-exportable NVM object DMA read correctly denied\n"); /* Clean up */ out_rc = 0; @@ -186,7 +186,7 @@ static int _testNonExportableNvmAccess(whClientContext* client) return -1; } - WH_TEST_DEBUG_PRINT("Exportable NVM object DMA read succeeded\n"); + WH_TEST_PRINT("Exportable NVM object DMA read succeeded\n"); /* Clean up */ out_rc = 0;