From 43975f33ef37a8d6dce7bd79f1921293a898bae5 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 13 Jun 2023 10:13:10 +0200
Subject: [PATCH] Use wolfSSL 5.6.2 for tests

ECC keys can now be smaller so we can't access the private key directly
anymore.
---
 scripts/test.sh                                        |  2 +-
 .../plugins/wolfssl/wolfssl_ec_diffie_hellman.c        | 10 ++++++++--
 testing/scripts/recipes/012_wolfssl.mk                 |  2 +-
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/scripts/test.sh b/scripts/test.sh
index 89a878236b..ecf63ad574 100755
--- a/scripts/test.sh
+++ b/scripts/test.sh
@@ -37,7 +37,7 @@ build_botan()
 
 build_wolfssl()
 {
-	WOLFSSL_REV=v5.6.0-stable
+	WOLFSSL_REV=v5.6.2-stable
 	WOLFSSL_DIR=$DEPS_BUILD_DIR/wolfssl
 
 	if test -d "$WOLFSSL_DIR"; then
diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_diffie_hellman.c
index 6d7ed570dd..739f348afe 100644
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_diffie_hellman.c
@@ -37,6 +37,10 @@
     #define USE_RNG_FOR_TIMING_RESISTANCE
 #endif
 
+#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
+    #define wc_ecc_key_get_priv(key) (&((key)->k))
+#endif
+
 typedef struct private_wolfssl_ec_diffie_hellman_t private_wolfssl_ec_diffie_hellman_t;
 
 /**
@@ -177,7 +181,8 @@ METHOD(key_exchange_t, set_private_key, bool,
 		return FALSE;
 	}
 
-	ret = mp_read_unsigned_bin(&this->key.k, value.ptr, value.len);
+	ret = mp_read_unsigned_bin(wc_ecc_key_get_priv(&this->key), value.ptr,
+							   value.len);
 	/* get base point */
 	if (ret == 0)
 	{
@@ -194,7 +199,8 @@ METHOD(key_exchange_t, set_private_key, bool,
 	if (ret == 0)
 	{
 		/* calculate public key */
-		success = wolfssl_ecc_multiply(this->key.dp, &this->key.k, base,
+		success = wolfssl_ecc_multiply(this->key.dp,
+									   wc_ecc_key_get_priv(&this->key), base,
 									   &this->key.pubkey);
 	}
 
diff --git a/testing/scripts/recipes/012_wolfssl.mk b/testing/scripts/recipes/012_wolfssl.mk
index ddb7ee2c66..cc2a282301 100644
--- a/testing/scripts/recipes/012_wolfssl.mk
+++ b/testing/scripts/recipes/012_wolfssl.mk
@@ -2,7 +2,7 @@
 
 PKG = wolfssl
 SRC = https://github.com/wolfSSL/$(PKG).git
-REV = v5.6.0-stable
+REV = v5.6.2-stable
 
 NUM_CPUS := $(shell getconf _NPROCESSORS_ONLN)
 
-- 
2.47.2