From ec471af9c5ad079582507a5c22f822977b5c5770 Mon Sep 17 00:00:00 2001 From: TakayukiMatsuo Date: Fri, 26 Feb 2021 11:26:10 +0900 Subject: [PATCH 1/4] Add following stub funcs: - wolfSSL_THREADID_current - wolfSSL_THREADID_hash - wolfSSL_CTX_set_ecdh_auto --- src/ssl.c | 19 +++++++++++++++++++ tests/api.c | 34 ++++++++++++++++++++++++++++++++++ wolfssl/openssl/crypto.h | 10 +++++++++- wolfssl/openssl/ssl.h | 1 + wolfssl/ssl.h | 6 ++++++ 5 files changed, 69 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 9e45c4a55..9a4e5c9d1 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -53643,4 +53643,23 @@ int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, #endif /* WOLFSSL_STATIC_EPHEMERAL */ +#if defined(OPENSSL_EXTRA) +void wolfSSL_THREADID_current(WOLFSSL_CRYPTO_THREADID* id) +{ + (void)id; + return; +} +unsigned long wolfSSL_THREADID_hash(const WOLFSSL_CRYPTO_THREADID* id) +{ + (void)id; + return 0UL; +} +int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff) +{ + (void)ctx; + (void)onoff; + return WOLFSSL_SUCCESS; +} +#endif /* OPENSSL_EXTRA */ + #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index f20a926f3..a4c510919 100644 --- a/tests/api.c +++ b/tests/api.c @@ -40334,6 +40334,38 @@ static void test_export_keying_material(void) } #endif /* HAVE_KEYING_MATERIAL */ +static int test_wolfSSL_THREADID_hash(void) +{ + int ret = 0; + WOLFSSL_CRYPTO_THREADID id; + unsigned long res; +#if defined(OPENSSL_EXTRA) + printf(testingFmt, "wolfSSL_THREADID_hash"); + res = wolfSSL_THREADID_hash(NULL); + AssertTrue( res == 0UL); + res = wolfSSL_THREADID_hash(&id); + AssertTrue( res == 0UL); + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA */ + (void)id; + (void)ret; + return ret; +} +static int test_wolfSSL_CTX_set_ecdh_auto(void) +{ + int ret = 0; + WOLFSSL_CTX* ctx = NULL; +#if defined(OPENSSL_EXTRA) + printf(testingFmt, "wolfSSL_CTX_set_ecdh_auto"); + AssertIntEQ( wolfSSL_CTX_set_ecdh_auto(NULL,0),1); + AssertIntEQ( wolfSSL_CTX_set_ecdh_auto(NULL,1),1); + AssertIntEQ( wolfSSL_CTX_set_ecdh_auto(ctx,0),1); + AssertIntEQ( wolfSSL_CTX_set_ecdh_auto(ctx,1),1); + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA */ + return ret; +} + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -40517,6 +40549,8 @@ void ApiTest(void) test_wolfSSL_CTX_add_client_CA(); test_wolfSSL_CTX_set_srp_username(); test_wolfSSL_CTX_set_srp_password(); + test_wolfSSL_CTX_set_ecdh_auto(); + test_wolfSSL_THREADID_hash(); test_wolfSSL_RAND_bytes(); test_wolfSSL_pseudo_rand(); test_wolfSSL_PKCS8_Compat(); diff --git a/wolfssl/openssl/crypto.h b/wolfssl/openssl/crypto.h index f4da403b8..338af64e1 100644 --- a/wolfssl/openssl/crypto.h +++ b/wolfssl/openssl/crypto.h @@ -50,7 +50,13 @@ WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a); WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETTINGS *settings); #endif -#define CRYPTO_THREADID void +typedef struct WOLFSSL_CRYPTO_THREADID { + int dummy; +}WOLFSSL_CRYPTO_THREADID; +typedef struct crypto_threadid_st CRYPTO_THREADID; + +#define crypto_threadid_st WOLFSSL_CRYPTO_THREADID +#define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID #define SSLeay_version wolfSSLeay_version #define SSLeay wolfSSLeay @@ -88,6 +94,8 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i long argl, void* argp); #define CRYPTO_THREADID_set_callback wolfSSL_THREADID_set_callback #define CRYPTO_THREADID_set_numeric wolfSSL_THREADID_set_numeric +#define CRYPTO_THREADID_current wolfSSL_THREADID_current +#define CRYPTO_THREADID_hash wolfSSL_THREADID_hash #define CRYPTO_r_lock wc_LockMutex_ex #define CRYPTO_unlock wc_LockMutex_ex diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index fde23266c..023778edf 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -191,6 +191,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define i2d_PKCS8PrivateKey_bio wolfSSL_PEM_write_bio_PKCS8PrivateKey #define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free #define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp +#define SSL_CTX_set_ecdh_auto wolfSSL_CTX_set_ecdh_auto #define i2d_PUBKEY wolfSSL_i2d_PUBKEY #define d2i_PUBKEY wolfSSL_d2i_PUBKEY diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 9cd1cd693..e8c31fc84 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -874,6 +874,7 @@ WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_ABI WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); #ifdef OPENSSL_EXTRA WOLFSSL_API int wolfSSL_CTX_up_ref(WOLFSSL_CTX*); +WOLFSSL_API int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff); #endif WOLFSSL_ABI WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); @@ -3863,6 +3864,9 @@ WOLFSSL_API void wolfSSL_print_all_errors_fp(XFILE fp); WOLFSSL_API void wolfSSL_THREADID_set_callback(void (*threadid_func)(void*)); WOLFSSL_API void wolfSSL_THREADID_set_numeric(void* id, unsigned long val); +WOLFSSL_API void wolfSSL_THREADID_current(WOLFSSL_CRYPTO_THREADID* id); +WOLFSSL_API unsigned long wolfSSL_THREADID_hash( + const WOLFSSL_CRYPTO_THREADID* id); WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs( WOLFSSL_X509_STORE_CTX*, WOLFSSL_X509_NAME*); @@ -4152,6 +4156,8 @@ WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format); #endif + + #ifdef __cplusplus } /* extern "C" */ #endif From a54e3aadeab451b1ce123a3ab6493467c0299687 Mon Sep 17 00:00:00 2001 From: TakayukiMatsuo Date: Fri, 26 Feb 2021 12:42:42 +0900 Subject: [PATCH 2/4] Fix for PR tests --- tests/api.c | 3 ++- wolfssl/openssl/ssl.h | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/api.c b/tests/api.c index a4c510919..48b40a0df 100644 --- a/tests/api.c +++ b/tests/api.c @@ -40348,7 +40348,7 @@ static int test_wolfSSL_THREADID_hash(void) printf(resultFmt, passed); #endif /* OPENSSL_EXTRA */ (void)id; - (void)ret; + (void)res; return ret; } static int test_wolfSSL_CTX_set_ecdh_auto(void) @@ -40363,6 +40363,7 @@ static int test_wolfSSL_CTX_set_ecdh_auto(void) AssertIntEQ( wolfSSL_CTX_set_ecdh_auto(ctx,1),1); printf(resultFmt, passed); #endif /* OPENSSL_EXTRA */ + (void)ctx; return ret; } diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 023778edf..52cbabbb1 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -1267,7 +1267,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse #define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout #define SSL_CTX_set_tmp_ecdh wolfSSL_SSL_CTX_set_tmp_ecdh -#define SSL_CTX_set_ecdh_auto(...) +//#define SSL_CTX_set_ecdh_auto(...) #define SSL_CTX_remove_session wolfSSL_SSL_CTX_remove_session #define SSL_get_rbio wolfSSL_SSL_get_rbio #define SSL_get_wbio wolfSSL_SSL_get_wbio From e9719595fa8191c1fb093121ef8f5fe2b17f5358 Mon Sep 17 00:00:00 2001 From: TakayukiMatsuo Date: Fri, 26 Feb 2021 12:49:32 +0900 Subject: [PATCH 3/4] Removed commented-out line --- wolfssl/openssl/ssl.h | 1 - 1 file changed, 1 deletion(-) diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 52cbabbb1..471398c0f 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -1267,7 +1267,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define OPENSSL_cleanse wolfSSL_OPENSSL_cleanse #define SSL_CTX_get_timeout wolfSSL_SSL_CTX_get_timeout #define SSL_CTX_set_tmp_ecdh wolfSSL_SSL_CTX_set_tmp_ecdh -//#define SSL_CTX_set_ecdh_auto(...) #define SSL_CTX_remove_session wolfSSL_SSL_CTX_remove_session #define SSL_get_rbio wolfSSL_SSL_get_rbio #define SSL_get_wbio wolfSSL_SSL_get_wbio From b141c2f4f270ff4a140adf2e4eb32c81c2522026 Mon Sep 17 00:00:00 2001 From: TakayukiMatsuo Date: Thu, 4 Mar 2021 15:02:53 +0900 Subject: [PATCH 4/4] Add comment for each added function --- src/ssl.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index 9a4e5c9d1..41cf5e01e 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -53644,16 +53644,34 @@ int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, #endif /* WOLFSSL_STATIC_EPHEMERAL */ #if defined(OPENSSL_EXTRA) +/* wolfSSL_THREADID_current is provided as a compat API with + * CRYPTO_THREADID_current to register current thread id into given id object. + * However, CRYPTO_THREADID_current API has been deprecated and no longer + * exists in the OpenSSL 1.0.0 or later.This API only works as a stub + * like as existing wolfSSL_THREADID_set_numeric. + */ void wolfSSL_THREADID_current(WOLFSSL_CRYPTO_THREADID* id) { (void)id; return; } +/* wolfSSL_THREADID_hash is provided as a compatible API with + * CRYPTO_THREADID_hash which returns a hash value calcurated from the + * specified thread id. However, CRYPTO_THREADID_hash API has been + * deprecated and no longer exists in the OpenSSL 1.0.0 or later. + * This API only works as a stub to returns 0. This behavior is + * equivalent to the latest OpenSSL CRYPTO_THREADID_hash. + */ unsigned long wolfSSL_THREADID_hash(const WOLFSSL_CRYPTO_THREADID* id) { (void)id; return 0UL; } +/* wolfSSL_CTX_set_ecdh_auto is provided as compatible API with + * SSL_CTX_set_ecdh_auto to enable auto ecdh curve selection functionality. + * Since this functionality is enabled by default in wolfSSL, + * this API exists as a stub. + */ int wolfSSL_CTX_set_ecdh_auto(WOLFSSL_CTX* ctx, int onoff) { (void)ctx;