Merge pull request #192 from tim-weller-wolfssl/support-14679

Author: haydenroche5

src/we_internal.c

@@ -1463,3 +1463,23 @@ int wolfengine_bind(ENGINE *e, const char *id)
 
     return ret;
 }
+
+#if !defined(WE_SINGLE_THREADED) && defined(_WIN32) && defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 5
+/**
+ * Windows DLL entry point when wolfEngine built as a DLL.
+ *
+ * Called for DLL process or thread events, such as creation (attach).
+ *
+ * @param hinstDLL    [IN]  A handle to the DLL module.
+ * @param fdwReason   [IN]  Reason why function being called.
+ * @param lpvReserved [IN]  Reason-dependent extra data.
+ * @returns TRUE always
+ */
+BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
+{
+    if (fdwReason == DLL_THREAD_ATTACH) {
+        wolfCrypt_SetPrivateKeyReadEnable_fips(1, WC_KEYTYPE_ALL);
+    }
+    return TRUE;
+}
+#endif /* !WE_SINGLE_THREADED && _WIN32 && HAVE_FIPS_VERSION && HAVE_FIPS_VERSION 5 */

test/test_dh.c

@@ -340,7 +340,45 @@ int test_dh_pgen_pkey(ENGINE *e, void *data)
     return err;
 }
 
-int test_dh_pkey(ENGINE *e, void *data)
+#if !defined(WE_SINGLE_THREADED) && defined(_WIN32)
+
+#define TEST_MT_TIMEOUT 5000 /* Multi-threaded test timeout (ms) */
+
+typedef struct {
+    ENGINE* e;
+    EVP_PKEY* params;
+} DH_KEYGEN_THREAD_VARS;
+
+/* Windows thread entry function which will test private key read access. */
+static DWORD WINAPI DhKeyGenThreadFunc(LPVOID arg)
+{
+    DH_KEYGEN_THREAD_VARS* vars = (DH_KEYGEN_THREAD_VARS*)arg;
+
+    return test_dh_pgen_pkey(vars->e, vars->params);
+}
+
+/* Regression test for problem in multi-threaded Windows environment where only
+   initial thread has private key read access while additionally created
+   threads do not */
+int test_dh_key_gen_multithreaded(ENGINE* e, EVP_PKEY* params)
+{
+    DH_KEYGEN_THREAD_VARS vars = {.e = e, .params = params};
+    HANDLE thread;
+    DWORD threadErr = 0;
+    int err = 1;
+
+    thread = CreateThread(NULL, 0, DhKeyGenThreadFunc, &vars, 0, NULL);
+    if (thread && (WaitForSingleObject(thread, TEST_MT_TIMEOUT) == WAIT_OBJECT_0)) {
+        err = (GetExitCodeThread(thread, &threadErr) == 0 ? 1 : threadErr);
+        CloseHandle(thread);
+    }
+
+    return err;
+}
+
+#endif /* !WE_SINGLE_THREADED && _WIN32 */
+
+int test_dh_pkey(ENGINE* e, void* data)
 {
     int err;
     DH *dh;

test/unit.c

@@ -152,6 +152,9 @@ TEST_CASE test_case[] = {
 #ifdef WE_HAVE_EVP_PKEY
     TEST_DECL(test_dh_pgen_pkey, NULL),
     TEST_DECL(test_dh_pkey, NULL),
+#if !defined(WE_SINGLE_THREADED) && defined(_WIN32)
+    TEST_DECL(test_dh_key_gen_multithreaded, NULL),
+#endif /* !WE_SINGLE_THREADED && _WIN32 */
 #endif /* WE_HAVE_EVP_PKEY */
 #endif /* WE_HAVE_DH */
 #if OPENSSL_VERSION_NUMBER < 0x10100000L

test/unit.h

@@ -248,6 +248,9 @@ int test_dh(ENGINE *e, void *data);
 #ifdef WE_HAVE_EVP_PKEY
 int test_dh_pgen_pkey(ENGINE *e, void *data);
 int test_dh_pkey(ENGINE *e, void *data);
+#if !defined(WE_SINGLE_THREADED) && defined(_WIN32)
+int test_dh_key_gen_multithreaded(ENGINE *e, void *data);
+#endif /* !WE_SINGLE_THREADED && _WIN32 */
 #endif /* WE_HAVE_EVP_PKEY */
 #endif /* WE_HAVE_DH */