Changes for openvpn tests to run successfully

ColtonWilley · ColtonWilley · commit ee96d10ff3cf · 2025-02-13T14:56:07.000-08:00
diff --git a/scripts/utils-openssl.sh b/scripts/utils-openssl.sh
@@ -70,7 +70,7 @@ install_openssl() {
     if [ ! -d ${OPENSSL_INSTALL_DIR} ]; then
         printf "\tConfigure OpenSSL ${OPENSSL_TAG} ... "
         if [ "$WOLFPROV_DEBUG" = "1" ]; then
-            ./config shared --prefix=${OPENSSL_INSTALL_DIR} --debug >>$LOG_FILE 2>&1
+            ./config shared enable-trace --prefix=${OPENSSL_INSTALL_DIR} --debug >>$LOG_FILE 2>&1
             RET=$?
         else
             ./config shared --prefix=${OPENSSL_INSTALL_DIR} >>$LOG_FILE 2>&1
diff --git a/src/wp_dh_kmgmt.c b/src/wp_dh_kmgmt.c
@@ -2119,7 +2119,7 @@ static int wp_dh_decode(wp_DhEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
         ok = 0;
     }
     if (ok && (ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC)) {
-        if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
+        if (selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
             if (!wp_dh_decode_params(dh, data, len)) {
                 ok = 0;
                 decoded = 0;
diff --git a/src/wp_ecc_kmgmt.c b/src/wp_ecc_kmgmt.c
@@ -1644,6 +1644,12 @@ static wp_Ecc* wp_ecc_gen(wp_EccGenCtx *ctx, OSSL_CALLBACK *cb, void *cbArg)
                 }
             }
         }
+        if (ok && ((ctx->selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)) {
+            rc = wc_ecc_set_curve(&ecc->key, 0, ecc->curveId);
+            if (rc != 0) {
+                ok = 0;
+            }
+        }
         if (!ok) {
             wp_ecc_free(ecc);
             ecc = NULL;
@@ -2131,11 +2137,19 @@ static int wp_ecc_decode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
  */
 static int wp_ecc_encode_params_size(const wp_Ecc *ecc, size_t* keyLen)
 {
-    /* ASN.1 type, len and data. */
-    *keyLen = ecc->key.dp->oidSz + 2;
+    int ok = 1;
+    word32 len = 0;
 
-    WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), 1);
-    return 1;
+    if (wc_ecc_get_oid(ecc->key.dp->oidSum, NULL, &len) <= 0) {
+        ok = 0;
+    }
+    if (ok) {
+        /* ASN.1 type, len and data. */
+        *keyLen = len + 2;
+    }
+
+    WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok);
+    return ok;
 }
 
 /**
@@ -2151,14 +2165,22 @@ static int wp_ecc_encode_params_size(const wp_Ecc *ecc, size_t* keyLen)
 static int wp_ecc_encode_params(const wp_Ecc *ecc, unsigned char* keyData,
     size_t* keyLen)
 {
-    keyData[0] = 0x06;
-    keyData[1] = ecc->key.dp->oidSz;
-    XMEMCPY(keyData + 2, ecc->key.dp->oid, ecc->key.dp->oidSz);
+    int ok = 1;
+    word32 len;
+    const byte *oid;
 
-    *keyLen = ecc->key.dp->oidSz + 2;
+    if (wc_ecc_get_oid(ecc->key.dp->oidSum, &oid, &len) <= 0) {
+        ok = 0;
+    }
+    if (ok) {
+        keyData[0] = 0x06;
+        keyData[1] = len;
+        XMEMCPY(keyData + 2, oid, len);
+        *keyLen = len + 2;
+    }
 
-    WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), 1);
-    return 1;
+    WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok);
+    return ok;
 }
 
 /**
@@ -2442,14 +2464,14 @@ static int wp_ecc_encode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
 
     if (ok && ((ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC) ||
                (ctx->format == WP_ENC_FORMAT_X9_62))) {
-        if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
-            if (!wp_ecc_encode_params_size(key, &derLen)) {
+        if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) {
+            private = 1;
+            if (!wp_ecc_encode_priv_size(key, &derLen)) {
                 ok = 0;
             }
         }
-        else {
-            private = 1;
-            if (!wp_ecc_encode_priv_size(key, &derLen)) {
+        else if(selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
+            if (!wp_ecc_encode_params_size(key, &derLen)) {
                 ok = 0;
             }
         }
@@ -2484,13 +2506,7 @@ static int wp_ecc_encode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
 
     if (ok && ((ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC) ||
                (ctx->format == WP_ENC_FORMAT_X9_62))) {
-        if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
-            pemType = DH_PARAM_TYPE;
-            if (!wp_ecc_encode_params(key, derData, &derLen)) {
-                ok = 0;
-            }
-        }
-        else {
+        if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) {
             if (ctx->format == WP_ENC_FORMAT_X9_62) {
                 pemType = ECC_PRIVATEKEY_TYPE;
             }
@@ -2499,6 +2515,12 @@ static int wp_ecc_encode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
                 ok = 0;
             }
         }
+        else if(selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
+            pemType = DH_PARAM_TYPE;
+            if (!wp_ecc_encode_params(key, derData, &derLen)) {
+                ok = 0;
+            }
+        }
     }
     else if (ok && (ctx->format == WP_ENC_FORMAT_SPKI)) {
         pemType = PUBLICKEY_TYPE;
@@ -2551,7 +2573,8 @@ static int wp_ecc_encode(wp_EccEncDecCtx* ctx, OSSL_CORE_BIO *cBio,
         }
         if (ok && ((ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC) ||
                (ctx->format == WP_ENC_FORMAT_X9_62)) &&
-               (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)) {
+               ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) &&
+               (selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)) {
             pemData[11] = 'E';
             pemData[12] = 'C';
             pemData[pemLen - 19] = 'E';
diff --git a/src/wp_file_store.c b/src/wp_file_store.c
@@ -109,7 +109,10 @@ static wp_FileCtx* wp_file_open(WOLFPROV_CTX* provCtx, const char* uri)
     if (ctx != NULL) {
         int ok = 1;
 
-        /* TODO: support URI form 'file:'. */
+        if (OPENSSL_strncasecmp(uri, "file:", 5) == 0) {
+            /* TODO: may need more uri processing for extended/windows cases */
+            uri += 5;
+        }
         ctx->uri = OPENSSL_strdup(uri);
         if (ctx->uri == NULL) {
             ok = 0;
diff --git a/src/wp_wolfprov.c b/src/wp_wolfprov.c
@@ -718,7 +718,6 @@ static const OSSL_ALGORITHM wolfprov_encoder[] = {
       wp_rsa_kp_pem_encoder_functions,
       "" },
 #ifdef WOLFSSL_RSA_PSS_ENCODING
-    /* TODO: RSA-PSS encoding isn't supported in wolfSSL */
     { WP_NAMES_RSA_PSS, WP_ENCODER_PROPERTIES(SubjectPublicKeyInfo, der),
       wp_rsapss_spki_der_encoder_functions,
       "" },

Original file line number	Diff line number	Diff line change
`@@ -2119,7 +2119,7 @@ static int wp_dh_decode(wp_DhEncDecCtx* ctx, OSSL_CORE_BIO *cBio,`
`2119`	`2119`	`ok = 0;`
`2120`	`2120`	`}`
`2121`	`2121`	`if (ok && (ctx->format == WP_ENC_FORMAT_TYPE_SPECIFIC)) {`
`2122`		`- if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {`
	`2122`	`+ if (selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {`
`2123`	`2123`	`if (!wp_dh_decode_params(dh, data, len)) {`
`2124`	`2124`	`ok = 0;`
`2125`	`2125`	`decoded = 0;`