Merge pull request #9416 from julek-wolfssl/priv-key-blinding

Fix errors when blinding private keys
2025-11-12 16:09:03 -08:00
parent e78752f3b2 32911dc6b8
commit f53191bae2
3 changed files with 53 additions and 35 deletions
--- a/.github/workflows/os-check.yml
+++ b/.github/workflows/os-check.yml
@@ -64,6 +64,7 @@ jobs:
          '--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2
           --enable-cert-setup-cb --enable-sessioncerts',
          '--disable-sni --disable-ecc --disable-tls13 --disable-secure-renegotiation-info',
+          'CPPFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY',
        ]
    name: make check
    if: github.repository_owner == 'wolfssl'
--- a/src/ssl_load.c
+++ b/src/ssl_load.c
@@ -1354,26 +1354,31 @@ static int ProcessBufferPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
 #endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */

 #ifdef WOLFSSL_BLIND_PRIVATE_KEY
+    {
+        int blindRet = 0;
 #ifdef WOLFSSL_DUAL_ALG_CERTS
-    if (type == ALT_PRIVATEKEY_TYPE) {
+        if (type == ALT_PRIVATEKEY_TYPE) {
+            if (ssl != NULL) {
+                blindRet = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.altKey,
+                    &ssl->buffers.altKeyMask);
+            }
+            else {
+                blindRet = wolfssl_priv_der_blind(NULL, ctx->altPrivateKey,
+                    &ctx->altPrivateKeyMask);
+            }
+        }
+        else
+#endif
        if (ssl != NULL) {
-            ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.altKey,
-                &ssl->buffers.altKeyMask);
+            blindRet = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.key,
+                &ssl->buffers.keyMask);
        }
        else {
-            ret = wolfssl_priv_der_blind(NULL, ctx->altPrivateKey,
-                &ctx->altPrivateKeyMask);
+            blindRet = wolfssl_priv_der_blind(NULL, ctx->privateKey,
+                &ctx->privateKeyMask);
        }
-    }
-    else
-#endif
-    if (ssl != NULL) {
-        ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.key,
-            &ssl->buffers.keyMask);
-    }
-    else {
-        ret = wolfssl_priv_der_blind(NULL, ctx->privateKey,
-            &ctx->privateKeyMask);
+        if (ret == 0 && blindRet != 0)
+            ret = blindRet;
    }
 #endif

--- a/tests/api.c
+++ b/tests/api.c
@@ -50626,6 +50626,8 @@ static int test_wolfSSL_inject(void)
        struct test_memio_ctx test_ctx;
        WOLFSSL_ALERT_HISTORY h;
        int rounds;
+        int hs_c = 0;
+        int hs_s = 0;

        printf("Testing %s\n", params[i].tls_version);

@@ -50635,31 +50637,41 @@ static int test_wolfSSL_inject(void)
                params[i].client_meth, params[i].server_meth), 0);

        for (rounds = 0; rounds < 10 && EXPECT_SUCCESS(); rounds++) {
-            wolfSSL_SetLoggingPrefix("client");
-            if (wolfSSL_negotiate(ssl_c) != 1) {
-                ExpectIntEQ(wolfSSL_get_error(ssl_c, -1),
-                        WOLFSSL_ERROR_WANT_READ);
+            if (!hs_c) {
+                wolfSSL_SetLoggingPrefix("client");
+                if (wolfSSL_negotiate(ssl_c) != 1) {
+                    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1),
+                            WOLFSSL_ERROR_WANT_READ);
+                }
+                else
+                    hs_c = 1;
            }
-            wolfSSL_SetLoggingPrefix("server");
-            if (test_ctx.s_len > 0) {
-                ExpectIntEQ(wolfSSL_inject(ssl_s, test_ctx.s_buff,
-                                           test_ctx.s_len), 1);
-                test_memio_clear_buffer(&test_ctx, 0);
+            if (!hs_s) {
+                wolfSSL_SetLoggingPrefix("server");
+                if (test_ctx.s_len > 0) {
+                    ExpectIntEQ(wolfSSL_inject(ssl_s, test_ctx.s_buff,
+                                            test_ctx.s_len), 1);
+                    test_memio_clear_buffer(&test_ctx, 0);
+                }
+                if (wolfSSL_negotiate(ssl_s) != 1) {
+                    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1),
+                            WOLFSSL_ERROR_WANT_READ);
+                }
+                else
+                    hs_s = 1;
            }
-            if (wolfSSL_negotiate(ssl_s) != 1) {
-                ExpectIntEQ(wolfSSL_get_error(ssl_s, -1),
-                        WOLFSSL_ERROR_WANT_READ);
-            }
-            wolfSSL_SetLoggingPrefix("client");
-            if (test_ctx.c_len > 0) {
-                ExpectIntEQ(wolfSSL_inject(ssl_c, test_ctx.c_buff,
-                                           test_ctx.c_len), 1);
-                test_memio_clear_buffer(&test_ctx, 1);
+            if (!hs_c) {
+                wolfSSL_SetLoggingPrefix("client");
+                if (test_ctx.c_len > 0) {
+                    ExpectIntEQ(wolfSSL_inject(ssl_c, test_ctx.c_buff,
+                                            test_ctx.c_len), 1);
+                    test_memio_clear_buffer(&test_ctx, 1);
+                }
            }
            wolfSSL_SetLoggingPrefix(NULL);
        }
-        ExpectIntEQ(wolfSSL_negotiate(ssl_c), 1);
-        ExpectIntEQ(wolfSSL_negotiate(ssl_s), 1);
+        ExpectIntEQ(hs_c, 1);
+        ExpectIntEQ(hs_s, 1);

        wolfSSL_free(ssl_c);
        wolfSSL_free(ssl_s);