diff --git a/src/ssl.c b/src/ssl.c index 0307b4e7c..ca246513f 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -33824,6 +33824,7 @@ int wolfSSL_DH_set0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *p, return WOLFSSL_SUCCESS; } + #endif /* v1.1.0 or later */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ @@ -56048,7 +56049,7 @@ int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, return WOLFSSL_FAILURE; } #endif - +#endif /* NO_WOLFSSL_STUB */ /** * Return DH p, q and g parameters * @param dh a pointer to WOLFSSL_DH @@ -56059,13 +56060,18 @@ int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, const WOLFSSL_BIGNUM **p, const WOLFSSL_BIGNUM **q, const WOLFSSL_BIGNUM **g) { - WOLFSSL_STUB("wolfSSL_DH_get0_pqg"); - (void)dh; - (void)p; - (void)q; - (void)g; + WOLFSSL_ENTER("wolfSSL_DH_get0_pqg"); + if (dh == NULL) + return; + + if (p != NULL) + *p = dh->p; + if (q != NULL) + *q = dh->q; + if (g != NULL) + *g = dh->g; } -#endif /* NO_WOLFSSL_STUB */ + #endif /* OPENSSL_EXTRA */ #endif /* !WOLFCRYPT_ONLY */ diff --git a/tests/api.c b/tests/api.c index cc74b242e..008c3cbdf 100644 --- a/tests/api.c +++ b/tests/api.c @@ -42728,20 +42728,77 @@ static void test_wolfSSL_set_psk_use_session_callback(void) static void test_wolfSSL_DH_get0_pqg(void) { -#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) - printf(testingFmt, "test_wolfSSL_DH_get0_pqg"); - +#if defined(OPENSSL_EXTRA) && !defined(NO_DH) DH *dh = NULL; BIGNUM* p; BIGNUM* q; BIGNUM* g; - - DH_get0_pqg(dh, (const BIGNUM**)&p, - (const BIGNUM**)&q, - (const BIGNUM**)&g); - AssertTrue(1); - printf(resultFmt, passed); + (void)dh; + (void)p; + (void)q; + (void)g; + +#if defined(OPENSSL_ALL) +#if !defined(HAVE_FIPS) || \ + (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) + FILE* f = NULL; + unsigned char buf[268]; + const unsigned char* pt = buf; + long len = 0; + + dh = NULL; + XMEMSET(buf, 0, sizeof(buf)); + /* Test 2048 bit parameters */ + f = XFOPEN("./certs/dh2048.der", "rb"); + AssertTrue(f != XBADFILE); + len = (long)XFREAD(buf, 1, sizeof(buf), f); + XFCLOSE(f); + + AssertNotNull(dh = d2i_DHparams(NULL, &pt, len)); + AssertNotNull(dh->p); + AssertNotNull(dh->p); + AssertTrue(pt != buf); + AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS); + + DH_get0_pqg(dh, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**) &g); + + AssertPtrEq(p, dh->p); + AssertPtrEq(q, dh->q); + AssertPtrEq(g, dh->g); + DH_free(dh); #endif +#endif + printf(testingFmt, "test_wolfSSL_DH_get0_pqg"); + + dh = wolfSSL_DH_new(); + AssertNotNull(dh); + + /* invalid parameters test */ + DH_get0_pqg(NULL, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + + DH_get0_pqg(dh, NULL, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + + DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g); + + DH_get0_pqg(dh, NULL, NULL, NULL); + AssertTrue(1); + + DH_get0_pqg(dh, (const BIGNUM**)&p, + (const BIGNUM**)&q, + (const BIGNUM**)&g); + + AssertPtrEq(p, NULL); + AssertPtrEq(q, NULL); + AssertPtrEq(g, NULL); + DH_free(dh); + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA && !NO_DH */ } /*----------------------------------------------------------------------------* @@ -42792,6 +42849,7 @@ void ApiTest(void) test_wolfSSL_SetMinMaxDhKey_Sz(); test_SetTmpEC_DHE_Sz(); test_wolfSSL_dtls_set_mtu(); + test_wolfSSL_DH_get0_pqg(); #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_IO_TESTS_DEPENDENCIES) test_wolfSSL_read_write(); diff --git a/wolfssl/openssl/dh.h b/wolfssl/openssl/dh.h index 42362d07f..0970f366f 100644 --- a/wolfssl/openssl/dh.h +++ b/wolfssl/openssl/dh.h @@ -69,9 +69,6 @@ WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub, WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz); WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*); -WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, - const WOLFSSL_BIGNUM **p, const WOLFSSL_BIGNUM **q, - const WOLFSSL_BIGNUM **g); #define DH_new wolfSSL_DH_new #define DH_free wolfSSL_DH_free diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 69d37b23c..7435e6b53 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -4117,6 +4117,8 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int line); WOLFSSL_API void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len); WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void); +WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH* dh, +const WOLFSSL_BIGNUM** p, const WOLFSSL_BIGNUM** q, const WOLFSSL_BIGNUM** g); #endif #if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)