From b7c1e1cf35b4ed8898496538ad5049f616d213ba Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Fri, 20 Dec 2024 09:25:03 +1000
Subject: [PATCH] Regression testing: fixes

src/x509.c: wolfssl_x509_name_entry_set() ne->object is freed if call to
wolfSSL_OBJ_nid2obj_ex() fails. Always assign directly back to
ne->object.

wolfcrypt/test/test.c: aes_ctr_test() doesn't need AES decrypt
./configure '--disable-shared' '--enable-cryptonly'
'CFLAGS=-DNO_AES_DECRYPT' '--disable-aescbc' '--disable-aesofb'
'--disable-aescfb' '--disable-aesgcm' '--disable-aesccm'
'--enable-aesctr' '--disable-aesxts' '--disable-aeseax'

tests/api.c: test_X509_STORE_InvalidCa() only defined when !NO_RSA
./configure '--disable-shared' '--enable-opensslall' '--disable-rsa'

tests/api.c: test_wolfSSL_GENERAL_NAME_print() free ridObj if not
assigned into gn.
---
 src/x509.c            | 8 +-------
 tests/api.c           | 5 ++++-
 wolfcrypt/test/test.c | 2 +-
 3 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/x509.c b/src/x509.c
index 437cc04e32..23c18a80a6 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -12667,15 +12667,9 @@ WOLFSSL_API WOLFSSL_X509_CRL* wolfSSL_PEM_read_X509_CRL(XFILE fp,
     static void wolfssl_x509_name_entry_set(WOLFSSL_X509_NAME_ENTRY* ne,
         int nid, int type, const unsigned char *data, int dataSz)
     {
-        WOLFSSL_ASN1_OBJECT* object;
-
         ne->nid = nid;
         /* Reuse the object if already available. */
-        object = wolfSSL_OBJ_nid2obj_ex(nid, ne->object);
-        if (object != NULL) {
-            /* Set the object when no error. */
-            ne->object = object;
-        }
+        ne->object = wolfSSL_OBJ_nid2obj_ex(nid, ne->object);
         if (ne->value == NULL) {
             ne->value = wolfSSL_ASN1_STRING_type_new(type);
         }
diff --git a/tests/api.c b/tests/api.c
index d427ca6215..fc2a7a3f76 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -72825,6 +72825,9 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
         wolfSSL_ASN1_STRING_free(gn->d.ia5);
         gn->d.registeredID = ridObj;
     }
+    else {
+        wolfSSL_ASN1_OBJECT_free(ridObj);
+    }
     ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
     ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
@@ -100778,7 +100781,7 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_X509_STORE_CTX),
     TEST_DECL(test_wolfSSL_X509_STORE_CTX_ex),
     TEST_DECL(test_X509_STORE_untrusted),
-#if defined(OPENSSL_ALL)
+#if defined(OPENSSL_ALL) && !defined(NO_RSA)
     TEST_DECL(test_X509_STORE_InvalidCa),
 #endif
     TEST_DECL(test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup),
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index 9044897169..cf5fda8b94 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -12861,7 +12861,7 @@ static wc_test_ret_t aes_cbc_oneshot_test(void)
 }
 #endif
 
-#if defined(WOLFSSL_AES_COUNTER) && defined(HAVE_AES_DECRYPT)
+#if defined(WOLFSSL_AES_COUNTER)
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)