diff --git a/src/ssl.c b/src/ssl.c index 609d368b8..fe8400b1c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -33621,27 +33621,6 @@ int wolfSSL_DH_set0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *p, #endif /* v1.1.0 or later */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ -/** - * retrive p, q and g parameter - * @param dh a pointer to WOLFSSL_DH - * @param p a pointer to WOLFSSL_BIGNUM to be obtained dh - * @param q a pointer to WOLFSSL_BIGNUM to be obtained dh - * @param q a pointer to WOLFSSL_BIGNUM to be obtained dh - */ -void wolfSSL_DH_get0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM **p, - WOLFSSL_BIGNUM **q, WOLFSSL_BIGNUM **g) -{ - WOLFSSL_ENTER("wolfSSL_DH_get0_pqg"); - if (dh == NULL) - return; - - if (p != NULL) - *p = dh->p; - if (q != NULL) - *q = dh->q; - if (g != NULL) - *g = dh->g; -} #endif /* NO_DH */ #endif /* OPENSSL_EXTRA */ @@ -55570,7 +55549,7 @@ int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, return WOLFSSL_FAILURE; } #endif - +#endif /* NO_WOLFSSL_STUB */ /** * Return DH p, q and g parameters * @param dh a pointer to WOLFSSL_DH @@ -55581,13 +55560,18 @@ int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, const WOLFSSL_BIGNUM **p, const WOLFSSL_BIGNUM **q, const WOLFSSL_BIGNUM **g) { - WOLFSSL_STUB("wolfSSL_DH_get0_pqg"); - (void)dh; - (void)p; - (void)q; - (void)g; + WOLFSSL_ENTER("wolfSSL_DH_get0_pqg"); + if (dh == NULL) + return; + + if (p != NULL) + *p = dh->p; + if (q != NULL) + *q = dh->q; + if (g != NULL) + *g = dh->g; } -#endif /* NO_WOLFSSL_STUB */ + #endif /* OPENSSL_EXTRA */ #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index 16d885012..0616edb96 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1617,63 +1617,7 @@ static void test_wolfSSL_CTX_SetTmpDH_buffer(void) wolfSSL_CTX_free(ctx); #endif } -static void test_wolfSSL_DH_get0_pqg(void) -{ -#if defined(OPENSSL_EXTRA) && !defined(NO_DH) - DH *dh = NULL; - BIGNUM* p; - BIGNUM* q; - BIGNUM* g; -#if defined(OPENSSL_ALL) -#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) - FILE* f = NULL; - unsigned char buf[4096]; - const unsigned char* pt = buf; - long len = 0; - - dh = NULL; - XMEMSET(buf, 0, sizeof(buf)); - /* Test 2048 bit parameters */ - f = XFOPEN("./certs/dh2048.der", "rb"); - AssertTrue(f != XBADFILE); - len = (long)XFREAD(buf, 1, sizeof(buf), f); - XFCLOSE(f); - - AssertNotNull(dh = d2i_DHparams(NULL, &pt, len)); - AssertNotNull(dh->p); - AssertNotNull(dh->p); - AssertTrue(pt != buf); - AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS); - - DH_get0_pqg(dh, &p, &q, &g); - - AssertPtrEq(p, dh->p); - AssertPtrEq(q, dh->q); - AssertPtrEq(g, dh->g); - DH_free(dh); -#endif -#endif - printf(testingFmt, "test_wolfSSL_DH_get0_pqg"); - - dh = wolfSSL_DH_new(); - AssertNotNull(dh); - - /* invalid parameters test */ - DH_get0_pqg(NULL, &p, &q, &g); - DH_get0_pqg(dh, NULL, &q, &g); - DH_get0_pqg(dh, NULL, NULL, &g); - DH_get0_pqg(dh, NULL, NULL, NULL); - AssertTrue(1); - - DH_get0_pqg(dh, &p, &q, &g); - AssertPtrEq(p, NULL); - AssertPtrEq(q, NULL); - AssertPtrEq(g, NULL); - DH_free(dh); - printf(resultFmt, passed); -#endif /* OPENSSL_EXTRA && !NO_DH */ -} static void test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void) { #if !defined(NO_CERTS) && !defined(NO_DH) @@ -42629,20 +42573,77 @@ static void test_wolfSSL_set_psk_use_session_callback() static void test_wolfSSL_DH_get0_pqg(void) { -#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) - printf(testingFmt, "test_wolfSSL_DH_get0_pqg"); - +#if defined(OPENSSL_EXTRA) && !defined(NO_DH) DH *dh = NULL; BIGNUM* p; BIGNUM* q; BIGNUM* g; - - DH_get0_pqg(dh, (const BIGNUM**)&p, - (const BIGNUM**)&q, - (const BIGNUM**)&g); - AssertTrue(1); - printf(resultFmt, passed); + (void)dh; + (void)p; + (void)q; + (void)g; + +#if defined(OPENSSL_ALL) +#if !defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) + FILE* f = NULL; + unsigned char buf[268]; + const unsigned char* pt = buf; + long len = 0; + + dh = NULL; + XMEMSET(buf, 0, sizeof(buf)); + /* Test 2048 bit parameters */ + f = XFOPEN("./certs/dh2048.der", "rb"); + AssertTrue(f != XBADFILE); + len = (long)XFREAD(buf, 1, sizeof(buf), f); + XFCLOSE(f); + + AssertNotNull(dh = d2i_DHparams(NULL, &pt, len)); + AssertNotNull(dh->p); + AssertNotNull(dh->p); + AssertTrue(pt != buf); + AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS); + + DH_get0_pqg(dh, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**) &g); + + AssertPtrEq(p, dh->p); + AssertPtrEq(q, dh->q); + AssertPtrEq(g, dh->g); + DH_free(dh); #endif +#endif + printf(testingFmt, "test_wolfSSL_DH_get0_pqg"); + + dh = wolfSSL_DH_new(); + AssertNotNull(dh); + + /* invalid parameters test */ + DH_get0_pqg(NULL, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + + DH_get0_pqg(dh, NULL, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + + DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g); + + DH_get0_pqg(dh, NULL, NULL, NULL); + AssertTrue(1); + + DH_get0_pqg(dh, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + + AssertPtrEq(p, NULL); + AssertPtrEq(q, NULL); + AssertPtrEq(g, NULL); + DH_free(dh); + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA && !NO_DH */ } /*----------------------------------------------------------------------------* diff --git a/wolfssl/openssl/dh.h b/wolfssl/openssl/dh.h index 42362d07f..0970f366f 100644 --- a/wolfssl/openssl/dh.h +++ b/wolfssl/openssl/dh.h @@ -69,9 +69,6 @@ WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub, WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); -WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, - const WOLFSSL_BIGNUM **p, const WOLFSSL_BIGNUM **q, - const WOLFSSL_BIGNUM **g); #define DH_new wolfSSL_DH_new #define DH_free wolfSSL_DH_free diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 4ed6d147c..0e8fa6e32 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -4028,8 +4028,8 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int line); WOLFSSL_API void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len); WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); -WOLFSSL_API void wolfSSL_DH_get0_pqg(WOLFSSL_DH* dh, WOLFSSL_BIGNUM** p, - WOLFSSL_BIGNUM** q, WOLFSSL_BIGNUM** g); +WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH* dh, +const WOLFSSL_BIGNUM** p, const WOLFSSL_BIGNUM** q, const WOLFSSL_BIGNUM** g); #endif #if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)