From 33da20c3ec8a4adf7d24f89302895c041d760e0a Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Tue, 22 Apr 2025 09:22:40 -0600
Subject: [PATCH 1/3] revert BN_CTX_init stub for older applications

---
 src/ssl_bn.c         | 21 +++++++++++++++++++++
 tests/api.c          |  3 +++
 wolfssl/openssl/bn.h |  1 +
 3 files changed, 25 insertions(+)

diff --git a/src/ssl_bn.c b/src/ssl_bn.c
index e88ca03c2..0d947a8b5 100644
--- a/src/ssl_bn.c
+++ b/src/ssl_bn.c
@@ -2382,6 +2382,27 @@ WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void)
     return ctx;
 }
 
+
+#ifndef NO_WOLFSSL_STUB
+/* deprecated
+ *
+ * Initialize a BN context object.
+ * This function was removed in OpenSSL 1.1.0 and later.
+ * Keeping a stub function here for older applications that have BN_CTX_init()
+ * calls.
+ *
+ * @param [in] ctx  Dummy BN context.
+ */
+void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX* ctx)
+{
+    (void)ctx;
+    WOLFSSL_ENTER("wolfSSL_BN_CTX_init");
+    WOLFSSL_STUB("wolfSSL_BN_CTX_init");
+    WOLFSSL_MSG("wolfSSL_BN_CTX_init is deprecated");
+}
+#endif
+
+
 /* Free a BN context object.
  *
  * @param [in] ctx  BN context object.
diff --git a/tests/api.c b/tests/api.c
index 88a6dfd6a..f49a5c52f 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -28725,6 +28725,9 @@ static int test_wolfSSL_BN_CTX(void)
 
     ExpectNotNull(bn_ctx = BN_CTX_new());
 
+    /* No implementation. */
+    BN_CTX_init(NULL);
+
     ExpectNull(BN_CTX_get(NULL));
     ExpectNotNull(BN_CTX_get(bn_ctx));
     ExpectNotNull(BN_CTX_get(bn_ctx));
diff --git a/wolfssl/openssl/bn.h b/wolfssl/openssl/bn.h
index c4768b286..8ffdb279d 100644
--- a/wolfssl/openssl/bn.h
+++ b/wolfssl/openssl/bn.h
@@ -88,6 +88,7 @@ typedef struct WOLFSSL_BN_MONT_CTX WOLFSSL_BN_MONT_CTX;
 typedef struct WOLFSSL_BN_GENCB    WOLFSSL_BN_GENCB;
 
 WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
+WOLFSSL_API void           wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX* ctx);
 WOLFSSL_API void           wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX* ctx);
 
 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_new(void);

From b22cc12c8d6e7af6ad8dc87f5a666bb1181e079a Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Tue, 22 Apr 2025 09:29:28 -0600
Subject: [PATCH 2/3] add missing BN_CTX_init define

---
 wolfssl/openssl/bn.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/wolfssl/openssl/bn.h b/wolfssl/openssl/bn.h
index 8ffdb279d..45411f5c1 100644
--- a/wolfssl/openssl/bn.h
+++ b/wolfssl/openssl/bn.h
@@ -216,6 +216,7 @@ typedef WOLFSSL_BN_GENCB    BN_GENCB;
 
 #ifndef NO_WOLFSSL_BN_CTX
 #define BN_CTX_new        wolfSSL_BN_CTX_new
+#define BN_CTX_init       wolfSSL_BN_CTX_init
 #define BN_CTX_free       wolfSSL_BN_CTX_free
 #else
 #define BN_CTX_new()      ((BN_CTX*)-1)

From 9da9817f890115fe64b64fa903511815bf1c96be Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Tue, 22 Apr 2025 10:09:01 -0600
Subject: [PATCH 3/3] move test case to the correct location for stub macro
 guard

---
 tests/api.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/tests/api.c b/tests/api.c
index f49a5c52f..a8449cc71 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -28725,9 +28725,6 @@ static int test_wolfSSL_BN_CTX(void)
 
     ExpectNotNull(bn_ctx = BN_CTX_new());
 
-    /* No implementation. */
-    BN_CTX_init(NULL);
-
     ExpectNull(BN_CTX_get(NULL));
     ExpectNotNull(BN_CTX_get(bn_ctx));
     ExpectNotNull(BN_CTX_get(bn_ctx));
@@ -28740,6 +28737,7 @@ static int test_wolfSSL_BN_CTX(void)
     /* No implementation. */
     BN_CTX_start(NULL);
     BN_CTX_start(bn_ctx);
+    BN_CTX_init(NULL);
 #endif
 
     BN_CTX_free(NULL);