Add control commands for wolfSSL logging.

Currently, wolfEngine supports control commands for wolfEngine logging, but not
wolfSSL logging. This commit adds two new control commands. One allows the user
to turn on/off wolfSSL debug logging. The other allows the user to set the
wolfSSL debug log callback. This means applications using OpenSSL + wolfEngine
don't need to link against wolfSSL to fiddle with wolfSSL logging.

Author: haydenroche5

include/wolfengine/we_internal.h

@@ -81,6 +81,7 @@
 #include <wolfssl/wolfcrypt/ecc.h>
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/pwdbased.h>
+#include <wolfssl/wolfcrypt/logging.h>
 #ifdef HAVE_WOLFSSL_WOLFCRYPT_KDF_H
 #include <wolfssl/wolfcrypt/kdf.h>
 #endif

src/we_internal.c

@@ -1117,11 +1117,13 @@ static int wolfengine_destroy(ENGINE *e)
     return 1;
 }
 
-#define WOLFENGINE_CMD_ENABLE_DEBUG          ENGINE_CMD_BASE
-#define WOLFENGINE_CMD_SET_LOG_LEVEL         (ENGINE_CMD_BASE + 1)
-#define WOLFENGINE_CMD_SET_LOG_COMPONENTS    (ENGINE_CMD_BASE + 2)
-#define WOLFENGINE_CMD_SET_LOGGING_CB        (ENGINE_CMD_BASE + 3)
-#define WOLFENGINE_CMD_ENABLE_FIPS_CHECKS    (ENGINE_CMD_BASE + 4)
+#define WOLFENGINE_CMD_ENABLE_DEBUG           ENGINE_CMD_BASE
+#define WOLFENGINE_CMD_SET_LOG_LEVEL          (ENGINE_CMD_BASE + 1)
+#define WOLFENGINE_CMD_SET_LOG_COMPONENTS     (ENGINE_CMD_BASE + 2)
+#define WOLFENGINE_CMD_SET_LOGGING_CB         (ENGINE_CMD_BASE + 3)
+#define WOLFENGINE_CMD_ENABLE_FIPS_CHECKS     (ENGINE_CMD_BASE + 4)
+#define WOLFENGINE_CMD_ENABLE_DEBUG_WOLFSSL   (ENGINE_CMD_BASE + 5)
+#define WOLFENGINE_CMD_SET_LOGGING_CB_WOLFSSL (ENGINE_CMD_BASE + 6)
 
 /**
  * wolfEngine control command list.
@@ -1177,6 +1179,14 @@ static ENGINE_CMD_DEFN wolfengine_cmd_defns[] = {
       "enable_fips_checks",
       "Enable wolfEngine FIPS checks (1=enable, 0=disable)",
       ENGINE_CMD_FLAG_NUMERIC },
+    { WOLFENGINE_CMD_ENABLE_DEBUG_WOLFSSL,
+      "enable_debug_wolfssl",
+      "Enable wolfSSL debug logging (1=enable, 0=disable)",
+      ENGINE_CMD_FLAG_NUMERIC },
+    { WOLFENGINE_CMD_SET_LOGGING_CB_WOLFSSL,
+      "set_logging_cb_wolfssl",
+      "Set wolfSSL logging callback",
+      ENGINE_CMD_FLAG_INTERNAL },
 
     /* last element MUST be NULL/0 entry, do not remove */
     {0, NULL, NULL, 0}
@@ -1224,6 +1234,16 @@ static int wolfengine_ctrl(ENGINE* e, int cmd, long i, void* p,
                 wolfEngine_Debugging_OFF();
             }
             break;
+        case WOLFENGINE_CMD_ENABLE_DEBUG_WOLFSSL:
+            if (i > 0) {
+                if (wolfSSL_Debugging_ON() < 0) {
+                    ret = 0;
+                }
+            }
+            else {
+                wolfSSL_Debugging_OFF();
+            }
+            break;
         case WOLFENGINE_CMD_SET_LOG_LEVEL:
             if (wolfEngine_SetLogLevel((int)i) < 0) {
                 WOLFENGINE_ERROR_MSG(WE_LOG_ENGINE,
@@ -1250,6 +1270,18 @@ static int wolfengine_ctrl(ENGINE* e, int cmd, long i, void* p,
                                "wolfEngine user logging callback registered");
             }
             break;
+        case WOLFENGINE_CMD_SET_LOGGING_CB_WOLFSSL:
+            /* if f is NULL, resets logging back to default */
+            if (wolfSSL_SetLoggingCb((wolfSSL_Logging_cb)f) != 0) {
+                WOLFENGINE_ERROR_MSG(WE_LOG_ENGINE, 
+                        "Error registering wolfSSL logging callback");
+                ret = 0;
+            }
+            else {
+                WOLFENGINE_MSG(WE_LOG_ENGINE,
+                               "wolfSSL user logging callback registered");
+            }
+            break;
         case WOLFENGINE_CMD_ENABLE_FIPS_CHECKS:
         #if defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION)
             wolfEngine_SetFipsChecks(i);

test/test_logging.c

@@ -36,6 +36,13 @@ static void my_Logging_cb(const int logLevel, const int component,
     log_cnt++;
 }
 
+static void my_wolfSSL_log_cb(const int logLevel, const char* const logMessage)
+{
+    (void)logLevel;
+    (void)logMessage;
+    log_cnt++;
+}
+
 /******************************************************************************/
 
 int test_logging(ENGINE *e, void *data)
@@ -72,6 +79,21 @@ int test_logging(ENGINE *e, void *data)
     }
 #endif
 
+    /* test enabling wolfSSL debug logging */
+    PRINT_MSG("Enable wolfSSL debug logging");
+    ret = ENGINE_ctrl_cmd(e, "enable_debug_wolfssl", 1, NULL, NULL, 0);
+#ifdef DEBUG_WOLFSSL
+    if (ret != 1) {
+        PRINT_ERR_MSG("Failed to enable wolfSSL debug logging");
+        err = 1;
+    }
+#else
+    if (ret != 0) {
+        PRINT_ERR_MSG("Allowed to enable wolfSSL debug when not compiled in");
+        err = 1;
+    }
+#endif
+
     /* test setting logging level */
     PRINT_MSG("Set logging level");
     ret = ENGINE_ctrl_cmd(e, "log_level", defaultLogLevel, NULL, NULL, 0);
@@ -103,6 +125,23 @@ int test_logging(ENGINE *e, void *data)
     }
 #endif
 
+    /* test registering logging callback */
+    PRINT_MSG("Set wolfSSL logging callback");
+    ret = ENGINE_ctrl_cmd(e, "set_logging_cb_wolfssl", 0, NULL,
+                (void(*)(void))my_wolfSSL_log_cb, 0);
+#ifdef DEBUG_WOLFSSL
+    if (ret != 1) {
+        PRINT_ERR_MSG("Failed to set wolfSSL logging callback");
+        err = 1;
+    }
+#else
+    if (ret != 0) {
+        PRINT_ERR_MSG("Allowed to register wolfSSL debug cb when not compiled"
+                      " in");
+        err = 1;
+    }
+#endif
+
     /* force a few logs to print, if debug has been enabled */
     WOLFENGINE_MSG(WE_LOG_ENGINE, msg);
     WOLFENGINE_ERROR(WE_LOG_ENGINE, -1);