Fix errors when blinding private keys

.github/workflows/os-check.yml

@@ -64,6 +64,7 @@ jobs:
           '--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2
            --enable-cert-setup-cb --enable-sessioncerts',
           '--disable-sni --disable-ecc --disable-tls13 --disable-secure-renegotiation-info',
+          'CPPFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY',
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'

src/ssl_load.c

@@ -1354,26 +1354,31 @@ static int ProcessBufferPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
 #endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
 
 #ifdef WOLFSSL_BLIND_PRIVATE_KEY
+    {
+        int blindRet = 0;
 #ifdef WOLFSSL_DUAL_ALG_CERTS
-    if (type == ALT_PRIVATEKEY_TYPE) {
+        if (type == ALT_PRIVATEKEY_TYPE) {
+            if (ssl != NULL) {
+                blindRet = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.altKey,
+                    &ssl->buffers.altKeyMask);
+            }
+            else {
+                blindRet = wolfssl_priv_der_blind(NULL, ctx->altPrivateKey,
+                    &ctx->altPrivateKeyMask);
+            }
+        }
+        else
+#endif
         if (ssl != NULL) {
-            ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.altKey,
-                &ssl->buffers.altKeyMask);
+            blindRet = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.key,
+                &ssl->buffers.keyMask);
         }
         else {
-            ret = wolfssl_priv_der_blind(NULL, ctx->altPrivateKey,
-                &ctx->altPrivateKeyMask);
+            blindRet = wolfssl_priv_der_blind(NULL, ctx->privateKey,
+                &ctx->privateKeyMask);
         }
-    }
-    else
-#endif
-    if (ssl != NULL) {
-        ret = wolfssl_priv_der_blind(ssl->rng, ssl->buffers.key,
-            &ssl->buffers.keyMask);
-    }
-    else {
-        ret = wolfssl_priv_der_blind(NULL, ctx->privateKey,
-            &ctx->privateKeyMask);
+        if (ret == 0 && blindRet != 0)
+            ret = blindRet;
     }
 #endif
 

tests/api.c

@@ -50626,6 +50626,8 @@ static int test_wolfSSL_inject(void)
         struct test_memio_ctx test_ctx;
         WOLFSSL_ALERT_HISTORY h;
         int rounds;
+        int hs_c = 0;
+        int hs_s = 0;
 
         printf("Testing %s\n", params[i].tls_version);
 
@@ -50635,31 +50637,41 @@ static int test_wolfSSL_inject(void)
                 params[i].client_meth, params[i].server_meth), 0);
 
         for (rounds = 0; rounds < 10 && EXPECT_SUCCESS(); rounds++) {
-            wolfSSL_SetLoggingPrefix("client");
-            if (wolfSSL_negotiate(ssl_c) != 1) {
-                ExpectIntEQ(wolfSSL_get_error(ssl_c, -1),
-                        WOLFSSL_ERROR_WANT_READ);
-            }
-            wolfSSL_SetLoggingPrefix("server");
-            if (test_ctx.s_len > 0) {
-                ExpectIntEQ(wolfSSL_inject(ssl_s, test_ctx.s_buff,
-                                           test_ctx.s_len), 1);
-                test_memio_clear_buffer(&test_ctx, 0);
+            if (!hs_c) {
+                wolfSSL_SetLoggingPrefix("client");
+                if (wolfSSL_negotiate(ssl_c) != 1) {
+                    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1),
+                            WOLFSSL_ERROR_WANT_READ);
+                }
+                else
+                    hs_c = 1;
             }
-            if (wolfSSL_negotiate(ssl_s) != 1) {
-                ExpectIntEQ(wolfSSL_get_error(ssl_s, -1),
-                        WOLFSSL_ERROR_WANT_READ);
+            if (!hs_s) {
+                wolfSSL_SetLoggingPrefix("server");
+                if (test_ctx.s_len > 0) {
+                    ExpectIntEQ(wolfSSL_inject(ssl_s, test_ctx.s_buff,
+                                            test_ctx.s_len), 1);
+                    test_memio_clear_buffer(&test_ctx, 0);
+                }
+                if (wolfSSL_negotiate(ssl_s) != 1) {
+                    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1),
+                            WOLFSSL_ERROR_WANT_READ);
+                }
+                else
+                    hs_s = 1;
             }
-            wolfSSL_SetLoggingPrefix("client");
-            if (test_ctx.c_len > 0) {
-                ExpectIntEQ(wolfSSL_inject(ssl_c, test_ctx.c_buff,
-                                           test_ctx.c_len), 1);
-                test_memio_clear_buffer(&test_ctx, 1);
+            if (!hs_c) {
+                wolfSSL_SetLoggingPrefix("client");
+                if (test_ctx.c_len > 0) {
+                    ExpectIntEQ(wolfSSL_inject(ssl_c, test_ctx.c_buff,
+                                            test_ctx.c_len), 1);
+                    test_memio_clear_buffer(&test_ctx, 1);
+                }
             }
             wolfSSL_SetLoggingPrefix(NULL);
         }
-        ExpectIntEQ(wolfSSL_negotiate(ssl_c), 1);
-        ExpectIntEQ(wolfSSL_negotiate(ssl_s), 1);
+        ExpectIntEQ(hs_c, 1);
+        ExpectIntEQ(hs_s, 1);
 
         wolfSSL_free(ssl_c);
         wolfSSL_free(ssl_s);