Merge pull request #251 from cconlon/1.15release

Prep for 1.15 Release
wolfSSL · Jan 24, 2025 · 5e56b00 · 5e56b00
2 parents d56fa67 + cc6d150
commit 5e56b00
Show file tree

Hide file tree

Showing 13 changed files with 310 additions and 165 deletions.
diff --git a/ChangeLog.md b/ChangeLog.md
@@ -1,3 +1,38 @@
+### wolfSSL JNI Release 1.15.0 (01/24/2025)
+
+Release 1.15.0 has bug fixes and new features including:
+
+**JSSE System/Security Property Support:**
+* Addition of JNI-level debug system property (`wolfssljni.debug=true`) (PR 235)
+
+**JSSE Changes:**
+* Fix to close Socket when SSLSocket startHandshake() fails (PR 234)
+* Fixes for potential NullPointerException in SSLSocket Input/OutputStream (PR 233)
+* Add ability for `SSLSession.getRequestedServerNames()` to return SNI request on server side (PR 240)
+* Add check for legacy DHE keys, for cipher suites using keys less than 1024 bits (PR 243)
+* Optimize `byte[]` creation in `SSLEngine` when receiving app data (PR 244, 250)
+* Add ability for `SSLSocket.close()` to interrupt `read()/write()` operations waiting in `select()/poll()` (PR 246)
+
+**JNI Changes:**
+* Always call `wolfSSL_get1_session()` inside `WolfSSLSession.getSession()` (PR 236)
+* Call `wc_RunAllCast_fips()` with wolfCrypt FIPS builds if available (PR 247)
+* Add ability to pass `CFLAGS` to `java.sh` (ie: `CFLAGS="-DTEST_DEFINE" ./java.sh`) (PR 248)
+* Remove incorrect `ATOMIC_USER` preprocessor gate around native `wolfSSL_GetSide()` (PR 246)
+
+**Example Changes:**
+* Updated Android Studio example project, define `WOLFSSL_CERT_REQ` (PR 234)
+* Update Android Studio CMakeLists.txt with `WOLFSSL_CUSTOM_CONFIG` definition (PR 239)
+
+**Testing Changes:**
+* Add GitHub Actions PRB test for Maven (Linux, macOS) builds (PR 232)
+* Add tests of `SSLSession` state at various points throughout the handshake (PR 233)
+* Add GitHub Actions PRB test for `--enable-jni CFLAGS="-DNO_SESSION_CACHE_REF"` build (PR 236)
+* Add GitHub Actions PRB test for `-DWOLFJNI_USE_IO_SELECT` (PR 246)
+
+The wolfSSL JNI Manual is available at:
+https://www.wolfssl.com/documentation/manuals/wolfssljni. For build
+instructions and more detailed comments, please check the manual.
+
 ### wolfSSL JNI Release 1.14.0 (11/7/2024)
 
 Release 1.14.0 has bug fixes and new features including:

diff --git a/IDE/Android/.idea/misc.xml b/IDE/Android/.idea/misc.xml
diff --git a/IDE/Android/README.md b/IDE/Android/README.md
@@ -40,6 +40,8 @@ $ mv wolfssl-X.X.X wolfssljni/IDE/Android/app/src/main/cpp/wolfssl
 ```
 $ cd /IDE/Android/app/src/main/cpp/
 $ git clone https://github.com/wolfssl/wolfssl
+$ cd wolfssl
+$ ./autogen.sh
 $ cp wolfssl/options.h.in wolfssl/options.h
 ```
 

diff --git a/IDE/Android/app/src/main/cpp/CMakeLists.txt b/IDE/Android/app/src/main/cpp/CMakeLists.txt
@@ -125,44 +125,64 @@ elseif("${WOLFSSL_PKG_TYPE}" MATCHES "fipsready")
         endif()
 
         # Add preprocessor defines to CFLAGS, these match those placed into
-        # wolfssl/options.h by configure if using: "./configure" on a Unix/Linux
-        # platform. The options below have been chosen to match a FIPS Ready build,
-        # and are based on the example user_settings.h file located here:
-        # https://github.com/wolfSSL/wolfssl/blob/master/examples/configs/user_settings_fipsv5.h
+        # wolfssl/options.h by configure if using the following configure on a Unix/Linux
+        # platform with a wolfSSL FIPS Ready GPLv3 bundle:
+        #
+        # ./configure --enable-fips=ready --enable-jni
+        #
         # This list may be configurable depending on use case and desired
         # optimizations, being careful not to break FIPS compatibility if targeting
-        # FIPS proper in the future.
-        add_definitions(-DHAVE_FIPS -DHAVE_FIPS_VERSION=5 -DHAVE_FIPS_VERSION_MINOR=3
-                -DHAVE_HASHDRBG -DHAVE_THREAD_LS -DHAVE_REPRODUCIBLE_BUILD
-                -DFP_MAX_BITS=16384 -DSP_INT_BITS=8192 -DWOLFSSL_PUBLIC_MP
-                -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING
-                -DWC_RNG_SEED_CB -DWOLFSSL_VALIDATE_ECC_IMPORT -DWOLFSSL_VALIDATE_ECC_KEYGEN
-                -DWOLFSSL_VALIDATE_FFC_IMPORT
-                -DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS -DHAVE_ENCRYPT_THEN_MAC
-                -DHAVE_SUPPORTED_CURVES -DHAVE_EXTENDED_MASTER -DHAVE_ONE_TIME_AUTH
-                -DHAVE_SECURE_RENEGOTIATION -DHAVE_SERVER_RENEGOTIATION_INFO -DHAVE_SESSION_TICKET
-                -DWOLFSSL_USE_ALIGN -DWOLFSSL_BASE64_ENCODE -DHAVE_CRL
-                -DHAVE_EXT_CACHE -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_ALWAYS_VERIFY_CB
-                -DWOLFSSL_DH_EXTRA -DWOLFSSL_WOLFSSH -DOPENSSL_EXTRA -DOPENSSL_ALL
-                -DHAVE_FFDHE_Q -DHAVE_FFDHE_2048 -DHAVE_FFDHE_3072 -DHAVE_FFDHE_4096
-                -DHAVE_FFDHE_6144 -DHAVE_FFDHE_8192 -DHAVE_DH_DEFAULT_PARAMS  -DHAVE_PUBLIC_FFDHE
-                -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR -DHAVE_ECC_CDH -DECC_USER_CURVES
-                -DHAVE_ECC256 -DHAVE_ECC384 -DHAVE_ECC521 -DWOLFSSL_ECDSA_SET_K
-                -DWC_RSA_PSS -DWOLFSSL_KEY_GEN -DWC_RSA_NO_PADDING
-                -DWOLFSSL_AES_COUNTER -DHAVE_AESCCM -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT
-                -DWOLFSSL_AES_OFB -DHAVE_AESGCM -DGCM_TABLE_4BIT -DWOLFSSL_CMAC
-                -DWOLFSSL_SHA224 -DWOLFSSL_SHA512 -DWOLFSSL_SHA384 -DWOLFSSL_NO_SHAKE256
-                -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256 -DWOLFSSL_SHA3 -DHAVE_HKDF
-                -DNO_OLD_TLS -DNO_PSK -DNO_DO178
-                -DNO_RC4 -DNO_MD4 -DNO_MD5 -DNO_DES3 -DNO_DSA -DNO_RABBIT
-
-                -DWOLFSSL_JNI -DHAVE_EX_DATA -DHAVE_OCSP -DHAVE_CRL_MONITOR
-                -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN -DWOLFSSL_CERT_REQ
-                -DHAVE_SNI -DHAVE_ALPN -DWOLFSSL_ENCRYPTED_KEYS -DNO_ERROR_QUEUE
-                -DWOLFSSL_EITHER_SIDE -DWOLFSSL_PSS_LONG_SALT
-                -DWOLFSSL_TICKET_HAVE_ID -DWOLFSSL_ERROR_CODE_OPENSSL
-                -DWOLFSSL_EXTRA_ALERTS -DWOLFSSL_FORCE_CACHE_ON_TICKET
-                -DWOLFSSL_AKID_NAME -DHAVE_CTS -DKEEP_PEER_CERT -DSESSION_CERTS
+        # FIPS proper in the future. Please contact [email protected] for assistance
+        # properly compiling for use with wolfCrypt FIPS variants.
+        add_definitions(
+                -DWOLFSSL_FIPS_READY -DHAVE_FIPS -DHAVE_FIPS_VERSION=7
+                -DHAVE_FIPS_VERSION_MAJOR=7 -DHAVE_FIPS_VERSION_MINOR=0
+                -DHAVE_FIPS_VERSION_PATCH=0 -DWC_RNG_SEED_CB -DHAVE_THREAD_LS
+
+                -DWOLFSSL_WOLFSSH -DNO_DO178 -DHAVE_REPRODUCIBLE_BUILD -DWC_NO_ASYNC_THREADING
+                -DNO_OLD_TLS -DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS -DHAVE_SNI
+                -DHAVE_KEYING_MATERIAL -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES
+                -DHAVE_EXTENDED_MASTER -DHAVE_ENCRYPT_THEN_MAC -DWOLFSSL_JNI -DHAVE_EX_DATA
+                -DKEEP_PEER_CERT -DWOLFSSL_ALWAYS_VERIFY_CB -DWOLFSSL_DTLS -DOPENSSL_EXTRA
+                -DOPENSSL_ALL -DWOLFSSL_ERROR_CODE_OPENSSL -DHAVE_CRL -DHAVE_CRL_MONITOR
+                -DHAVE_OCSP -DPERSIST_SESSION_CACHE -DPERSIST_CERT_CACHE -DATOMIC_USER
+                -DWOLFSSL_CERT_EXT -DWOLFSSL_CERT_GEN -DWOLFSSL_CERT_REQ -DWOLFSSL_KEY_GEN
+                -DHAVE_ALPN -DWOLFSSL_ALT_CERT_CHAINS -DSESSION_CERTS -DWOLFSSL_ENCRYPTED_KEYS
+                -DWOLFSSL_SYS_CA_CERTS -DWOLFSSL_ALT_NAMES -DWOLFSSL_EITHER_SIDE
+                -DWOLFSSL_TICKET_HAVE_ID -DWOLFSSL_CERT_NAME_ALL
+                -DHAVE_SERVER_RENEGOTIATION_INFO -DWOLFSSL_ASN_TEMPLATE -DWOLFSSL_ASN_PRINT
+                -DWOLFSSL_BASE64_ENCODE -DERROR_QUEUE_PER_THREAD -DNO_ERROR_QUEUE
+                -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWOLFSSL_USE_ALIGN
+                -DWOLFSSL_PUBLIC_MP
+
+                -DWC_RSA_BLINDING -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT -DWC_RSA_NO_PADDING
+
+                -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR -DECC_MIN_KEY_SZ=192 -DHAVE_ECC_CDH
+                -DECC_USER_CURVES -DHAVE_ECC192 -DHAVE_ECC224 -DHAVE_ECC256 -DHAVE_ECC384
+                -DHAVE_ECC521 -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_VALIDATE_ECC_IMPORT
+                -DWOLFSSL_VALIDATE_ECC_KEYGEN
+
+                -DWOLFSSL_VALIDATE_FFC_IMPORT -DHAVE_FFDHE_Q -DHAVE_FFDHE_2048
+                -DHAVE_FFDHE_3072 -DHAVE_FFDHE_4096 -DHAVE_FFDHE_6144 -DHAVE_FFDHE_8192
+                -DHAVE_DH_DEFAULT_PARAMS
+
+                -DHAVE_HKDF -DHAVE_PBKDF2 -DHAVE_HASHDRBG -DWC_SRTP_KDF -DWOLFSSL_SRTP
+
+                -DHAVE_AESGCM -DGCM_TABLE_4BIT -DWOLFSSL_AESGCM_STREAM -DHAVE_AESCCM
+                -DWOLFSSL_AES_COUNTER -DWOLFSSL_CMAC -DWOLFSSL_AES_OFB -DWOLFSSL_AES_CFB
+                -DWOLFSSL_AES_XTS -DWOLFSSL_AESXTS_STREAM -DWOLFSSL_AES_DIRECT
+                -DHAVE_AES_ECB -DHAVE_AES_KEYWRAP -DWOLFSSL_AES_XTS -DHAVE_AES_KEYWRAP
+
+                -DHAVE_ED25519 -DHAVE_ED25519_KEY_IMPORT -DHAVE_ED448 -DHAVE_ED448_KEY_IMPORT
+                -DWOLFSSL_ED448_STREAMING_VERIFY
+
+                -DHAVE_CURVE25519 -DHAVE_CURVE448
+
+                -DWOLFSSL_SHA224 -DWOLFSSL_SHA384 -DWOLFSSL_SHA512 -DWOLFSSL_NOSHA512_224
+                -DWOLFSSL_NOSHA512_256 -DWOLFSSL_SHA3 -DWOLFSSL_SHAKE128 -DWOLFSSL_SHAKE256
+
+                -DNO_DSA -DNO_RC4 -DNO_MD4 -DNO_DES3 -DNO_DES3_TLS_SUITES
+
                 -DSIZEOF_LONG=4 -DSIZEOF_LONG_LONG=8 -DWOLFSSL_CUSTOM_CONFIG
 
                 # For gethostbyname()
@@ -191,7 +211,8 @@ elseif("${WOLFSSL_MATH_LIB}" MATCHES "spmath")
                 -DWOLFSSL_HAVE_SP_RSA -DWOLFSSL_SP_4096
                 -DWOLFSSL_HAVE_SP_DH
                 -DWOLFSSL_HAVE_SP_ECC -DWOLFSSL_SP_384 -DWOLFSSL_SP_521
-                -DWOLFSSL_SP_LARGE_CODE)
+                -DWOLFSSL_SP_LARGE_CODE
+                -DFP_MAX_BITS=16384 -DSP_INT_BITS=8192)
 
         # SP Math architecture-specific settings (ex: assembly optimizations)
         if("${ANDROID_ABI}" MATCHES "arm64-v8a")
@@ -203,8 +224,7 @@ elseif("${WOLFSSL_MATH_LIB}" MATCHES "spmath")
                 # Not using ASM, need to use WOLFSSL_SP_MATH_ALL for SW-only implementation
                 add_definitions(-DWOLFSSL_SP_MATH_ALL)
         elseif("${ANDROID_ABI}" MATCHES "x86_64")
-                # Using ASM for SP, need to use WOLFSSL_SP_MATH instead of WOLFSSL_SP_MATH_ALL
-                add_definitions(-DWOLFSSL_SP_MATH)
+                add_definitions(-DWOLFSSL_SP_MATH_ALL)
                 add_definitions(-DWOLFSSL_SP_ASM -DWOLFSSL_SP_X86_64 -DWOLFSSL_SP_X86_64_ASM -DHAVE___UINT128_T)
                 list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sp_x86_64_asm.S)
         elseif("${ANDROID_ABI}" MATCHES "x86")
@@ -245,16 +265,21 @@ elseif("${WOLFSSL_PKG_TYPE}" MATCHES "fipsready")
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wolfcrypt_first.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/hmac.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/random.c)
-        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha256.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/kdf.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/rsa.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/ecc.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/aes.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha256.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha512.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/sha3.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/dh.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/cmac.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/curve448.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/ed448.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/curve25519.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/ed25519.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/pwdbased.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/fips.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/fips_test.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wolfcrypt_last.c)
@@ -278,9 +303,18 @@ elseif("${WOLFSSL_PKG_TYPE}" MATCHES "fipsready")
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/memory.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/asn.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/coding.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/md5.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/pwdbased.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/pkcs12.c)
         list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/tfm.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wc_lms.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wc_lms_impl.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wc_xmss.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/wc_xmss_impl.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/fe_operations.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/ge_operations.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/fe_448.c)
+        list(APPEND CRYPTO_SOURCES ${wolfssl_DIR}/wolfcrypt/src/ge_448.c)
 endif()
 
 # wolfSSL will be compiled as a SHARED library

diff --git a/IDE/Android/app/src/main/java/com/example/wolfssl/MainActivity.java b/IDE/Android/app/src/main/java/com/example/wolfssl/MainActivity.java
@@ -52,6 +52,22 @@ public void onClick(View v) {
         }
     };
 
+    private void setDisplayText(String s)
+    {
+        runOnUiThread(() -> {
+            TextView tv = (TextView) findViewById(R.id.sample_text);
+            tv.setText(s);
+        });
+    }
+
+    private void appendDisplayText(String s)
+    {
+        runOnUiThread(() -> {
+            TextView tv = (TextView) findViewById(R.id.sample_text);
+            tv.append(s);
+        });
+    }
+
     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
@@ -60,8 +76,7 @@ protected void onCreate(Bundle savedInstanceState) {
         Button button = (Button) findViewById(R.id.button);
         button.setOnClickListener(buttonListener);
 
-        TextView tv = (TextView) findViewById(R.id.sample_text);
-        tv.setText("wolfSSL JNI Android Studio Example App");
+        setDisplayText("wolfSSL JNI Android Studio Example App\n");
     }
 
     public void testFindProvider(TextView tv)
@@ -71,15 +86,18 @@ public void testFindProvider(TextView tv)
         WolfSSL.loadLibrary();
 
         /* create new SSLEngine */
-        Security.addProvider(new WolfSSLProvider());
+        Security.insertProviderAt(new WolfSSLProvider(), 1);
 
         Provider p = Security.getProvider("wolfJSSE");
         if (p == null) {
-            System.out.println("Unable to find wolfJSSE provider");
-            return;
+            appendDisplayText("Unable to find wolfJSSE provider\n");
         }
         else {
-
+            appendDisplayText("Successfully found wolfJSSE provider\n");
         }
+
+        appendDisplayText("\n");
+        appendDisplayText("For more detailed example, see:\n");
+        appendDisplayText("github.com/wolfssl/wolfssl-examples\n");
     }
 }
diff --git a/README.md b/README.md
@@ -224,7 +224,7 @@ an application can include this as a dependency in the application's
         <dependency>
             <groupId>com.wolfssl</groupId>
             <artifactId>wolfssl-jsse</artifactId>
-            <version>1.14.0-SNAPSHOT</version>
+            <version>1.15.0-SNAPSHOT</version>
         </dependency>
     </dependencies>
     ...

diff --git a/build.xml b/build.xml
@@ -14,7 +14,7 @@
     <!-- versioning/manifest properties -->
     <property name="implementation.vendor"  value="wolfSSL Inc." />
     <property name="implementation.title"   value="wolfSSL JNI/JSSE" />
-    <property name="implementation.version" value="1.14" />
+    <property name="implementation.version" value="1.15" />
 
     <!-- set properties for this build -->
     <property name="src.dir" value="src/java/"/>

diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.wolfssl</groupId>
 	<artifactId>wolfssl-jsse</artifactId>
-	<version>1.14.0-SNAPSHOT</version>
+	<version>1.15.0-SNAPSHOT</version>
 	<packaging>jar</packaging>
 	<name>wolfssl-jsse</name>
     <url>https://www.wolfssl.com</url>

diff --git a/scripts/infer.sh b/scripts/infer.sh
@@ -39,6 +39,7 @@ infer --fail-on-issue run -- javac \
     src/java/com/wolfssl/WolfSSLCertRequest.java \
     src/java/com/wolfssl/WolfSSLCertificate.java \
     src/java/com/wolfssl/WolfSSLContext.java \
+    src/java/com/wolfssl/WolfSSLDebug.java \
     src/java/com/wolfssl/WolfSSLDecryptVerifyCallback.java \
     src/java/com/wolfssl/WolfSSLEccSharedSecretCallback.java \
     src/java/com/wolfssl/WolfSSLEccSignCallback.java \
@@ -52,6 +53,7 @@ infer --fail-on-issue run -- javac \
     src/java/com/wolfssl/WolfSSLLoggingCallback.java \
     src/java/com/wolfssl/WolfSSLMacEncryptCallback.java \
     src/java/com/wolfssl/WolfSSLMissingCRLCallback.java \
+    src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java \
     src/java/com/wolfssl/WolfSSLPskClientCallback.java \
     src/java/com/wolfssl/WolfSSLPskServerCallback.java \
     src/java/com/wolfssl/WolfSSLRsaDecCallback.java \
@@ -69,15 +71,13 @@ infer --fail-on-issue run -- javac \
     src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLContext.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLCustomUser.java \
-    src/java/com/wolfssl/provider/jsse/WolfSSLDebug.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLGenericHostName.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLKeyManager.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java \
-    src/java/com/wolfssl/provider/jsse/WolfSSLNativeLoggingCallback.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLParameters.java \
     src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java \
@@ -104,8 +104,10 @@ if [ "$RETVAL" == '0' ] && [ "$KEEP" == 'no' ]; then
     rm -r ./infer-out
 fi
 
-if [ "$RETVAL" == '2' ]; then
+if [ "$RETVAL" == '1' ] || [ "$RETVAL" == '2' ]; then
     # GitHub Actions expects return of 1 to mark step as failure
     exit 1
 fi
 
+exit 0
+