Skip to content

Commit 0f7d2fa

Browse files
committed
Add refactored tests for keywrap, coverage matches
1 parent 365c6ec commit 0f7d2fa

3 files changed

Lines changed: 415 additions & 1 deletion

File tree

test-refactor/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,7 @@ Translated tests:
9191
| `wh_test_posix_threadsafe_stress.c::whTest_ThreadSafeStress` | called directly from `posix/wh_test_posix_main.c` | POSIX port-specific (direct call) | |
9292
| `wh_test_check_struct_padding.c` | `misc/wh_test_check_struct_padding.c` | Build-time (compile-only) | Wire-format `-Wpadded` audit; the POSIX Makefile compiles it with `-Wpadded -DWH_PADDING_CHECK`. Not a runtime test, so not registered in `wh_test_list.c` |
9393
| `wh_test_auth.c` (`whTest_AuthMEM` / `whTest_AuthTest` sub-tests) | `client-server/wh_test_auth.c::{whTest_AuthBadArgs, whTest_AuthLogin, whTest_AuthLogout, whTest_AuthAddUser, whTest_AuthDeleteUser, whTest_AuthSetPermissions, whTest_AuthSetCredentials, whTest_AuthRequestAuthorization}` | Client | Under `WOLFHSM_CFG_ENABLE_AUTHENTICATION` the POSIX server installs an auth context + admin user and the client logs in as admin at connect, so the ordinary client tests run authorized; each auth test brackets its own session (logout to start clean, restore admin on exit). Uses the blocking client API; the legacy own-server setup and single-thread manual-pump are dropped. Build with `make AUTH=1`. The TCP/client-only variant (`whTest_AuthTCP`) is not ported |
94+
| `wh_test_keywrap.c::whTest_KeyWrapClientConfig` | `client-server/wh_test_keywrap.c::whTest_KeyWrap` | Client | Caches a test KEK (`WH_NVM_FLAGS_USAGE_WRAP`) then runs the AES-GCM wrap path: wrap a random key, unwrap-and-cache it, AES-GCM round trip with the cached key, unwrap-and-export and match key + metadata, plus the data-wrap round trip and the key/data unwrap underflow bad-args checks. Gated on `WOLFHSM_CFG_KEYWRAP`; the legacy own-server/auth setup is dropped since the harness supplies a connected, authorized client |
9495

9596
Not yet migrated (still live in `wolfHSM/test/`):
9697

@@ -101,7 +102,6 @@ Not yet migrated (still live in `wolfHSM/test/`):
101102
| `wh_test_crypto.c::whTest_Crypto` | Remaining crypto coverage not yet split out: the AES async family (comm-buffer `whTest_CryptoAesAsync`/`AesAsyncKat` + DMA `whTest_CryptoAesDmaAsync`/`AesDmaAsyncKat`, round-trip & KAT). ECC DMA export-public and the ML-DSA wolfCrypt-API path are now migrated. |
102103
| `wh_test_crypto.c::whTest_KeyCache`, `whTest_NonExportableKeystore` | Keystore tests (key-cache lifecycle and non-exportable-flag enforcement) dispatched from the legacy `whTest_Crypto`. The per-algorithm suites use `wh_Client_KeyCache`, but these dedicated keystore tests are not yet split out. |
103104
| `wh_test_crypto_affinity.c::whTest_CryptoAffinity` | |
104-
| `wh_test_keywrap.c::whTest_KeyWrapClientConfig` | |
105105
| `wh_test_multiclient.c::whTest_MultiClient` | |
106106
| `wh_test_lock.c::whTest_LockConfig`, `whTest_LockPosix` | `whTest_LockConfig` to be reworked to fit the Misc group, likely with a context param. |
107107
| `wh_test_log.c::whTest_Log`, `whTest_LogBackend_RunAll` | `whTest_LogBackend_RunAll` to be reworked to fit the Misc group, likely with a context param. |

0 commit comments

Comments
 (0)