Merge pull request #3969 from TakayukiMatsuo/koyo

Add wolfSSL_DH_get0_pqg
2025-07-30 18:57:27 +02:00 · 2021-04-27 17:52:17 -06:00
parent 6fad8c4a57 c442841e4a
commit edb0beb9b6
4 changed files with 82 additions and 19 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -33824,6 +33824,7 @@ int wolfSSL_DH_set0_pqg(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *p,

    return WOLFSSL_SUCCESS;
 }
+
 #endif /* v1.1.0 or later */
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */

@ -56048,7 +56049,7 @@ int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
    return WOLFSSL_FAILURE;
 }
 #endif
-
+#endif /* NO_WOLFSSL_STUB */
 /**
 * Return DH p, q and g parameters
 * @param dh a pointer to WOLFSSL_DH
@ -56059,13 +56060,18 @@ int wolfSSL_CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
 void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, const WOLFSSL_BIGNUM **p, 
                    const WOLFSSL_BIGNUM **q, const WOLFSSL_BIGNUM **g)
 {
-    WOLFSSL_STUB("wolfSSL_DH_get0_pqg");
-    (void)dh;
-    (void)p;
-    (void)q;
-    (void)g;
+    WOLFSSL_ENTER("wolfSSL_DH_get0_pqg");
+    if (dh == NULL)
+        return;
+
+    if (p != NULL)
+        *p = dh->p;
+    if (q != NULL)
+        *q = dh->q;
+    if (g != NULL)
+        *g = dh->g;
 }
-#endif /* NO_WOLFSSL_STUB */
+
 #endif /* OPENSSL_EXTRA */

 #endif /* !WOLFCRYPT_ONLY */
--- a/tests/api.c
+++ b/tests/api.c
@ -42728,20 +42728,77 @@ static void test_wolfSSL_set_psk_use_session_callback(void)

 static void test_wolfSSL_DH_get0_pqg(void)
 {
-#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB)
-    printf(testingFmt, "test_wolfSSL_DH_get0_pqg");
-    
+#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
    DH *dh = NULL;
    BIGNUM* p;
    BIGNUM* q;
    BIGNUM* g;
+    (void)dh;
+    (void)p;
+    (void)q;
+    (void)g;
+
+#if defined(OPENSSL_ALL)
+#if !defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+    FILE* f = NULL;
+    unsigned char buf[268];
+    const unsigned char* pt = buf;
+    long len = 0;
+
+    dh = NULL;
+    XMEMSET(buf, 0, sizeof(buf));
+    /* Test 2048 bit parameters */
+    f = XFOPEN("./certs/dh2048.der", "rb");
+    AssertTrue(f != XBADFILE);
+    len = (long)XFREAD(buf, 1, sizeof(buf), f);
+    XFCLOSE(f);
+
+    AssertNotNull(dh = d2i_DHparams(NULL, &pt, len));
+    AssertNotNull(dh->p);
+    AssertNotNull(dh->p);
+    AssertTrue(pt != buf);
+    AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
+
+    DH_get0_pqg(dh, (const BIGNUM**)&p,
+                    (const BIGNUM**)&q,
+                    (const BIGNUM**) &g);
+
+    AssertPtrEq(p, dh->p);
+    AssertPtrEq(q, dh->q);
+    AssertPtrEq(g, dh->g);
+    DH_free(dh);
+#endif
+#endif
+    printf(testingFmt, "test_wolfSSL_DH_get0_pqg");
+
+    dh =  wolfSSL_DH_new();
+    AssertNotNull(dh);
+
+    /* invalid parameters test */
+    DH_get0_pqg(NULL, (const BIGNUM**)&p,
+                      (const BIGNUM**)&q,
+                      (const BIGNUM**)&g);
+
+    DH_get0_pqg(dh, NULL,
+                    (const BIGNUM**)&q,
+                    (const BIGNUM**)&g);
+
+    DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g);
+
+    DH_get0_pqg(dh, NULL, NULL, NULL);
+    AssertTrue(1);

    DH_get0_pqg(dh, (const BIGNUM**)&p,
                    (const BIGNUM**)&q,
                    (const BIGNUM**)&g);
-    AssertTrue(1);
+
+    AssertPtrEq(p, NULL);
+    AssertPtrEq(q, NULL);
+    AssertPtrEq(g, NULL);
+    DH_free(dh);
    printf(resultFmt, passed);
-#endif
+#endif /* OPENSSL_EXTRA && !NO_DH */
 }

 /*----------------------------------------------------------------------------*
@ -42792,6 +42849,7 @@ void ApiTest(void)
    test_wolfSSL_SetMinMaxDhKey_Sz();
    test_SetTmpEC_DHE_Sz();
    test_wolfSSL_dtls_set_mtu();
+    test_wolfSSL_DH_get0_pqg();
 #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
    defined(HAVE_IO_TESTS_DEPENDENCIES)
    test_wolfSSL_read_write();
--- a/wolfssl/openssl/dh.h
+++ b/wolfssl/openssl/dh.h
@ -69,9 +69,6 @@ WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub,
 WOLFSSL_API int wolfSSL_DH_LoadDer(WOLFSSL_DH*, const unsigned char*, int sz);
 WOLFSSL_API int wolfSSL_DH_set0_pqg(WOLFSSL_DH*, WOLFSSL_BIGNUM*,
    WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*);
-WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh,
-                  const WOLFSSL_BIGNUM **p, const WOLFSSL_BIGNUM **q, 
-                  const WOLFSSL_BIGNUM **g);
                  
 #define DH_new  wolfSSL_DH_new
 #define DH_free wolfSSL_DH_free
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -4117,6 +4117,8 @@ WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data,
    size_t siz, const char* file, int line);
 WOLFSSL_API void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len);
 WOLFSSL_API void wolfSSL_ERR_load_BIO_strings(void);
+WOLFSSL_API void wolfSSL_DH_get0_pqg(const WOLFSSL_DH* dh,
+const WOLFSSL_BIGNUM** p, const WOLFSSL_BIGNUM** q, const WOLFSSL_BIGNUM** g);
 #endif

 #if defined(HAVE_OCSP) && !defined(NO_ASN_TIME)