Add ssl_conf_dh_param_bin superseding ssl_conf_dh_param

This commit is contained in:
Hanno Becker 2017-10-04 15:29:08 +01:00
parent 470a8c4d87
commit a90658f248
2 changed files with 38 additions and 4 deletions

View file

@ -1726,6 +1726,24 @@ MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf,
const char *dhm_G ); const char *dhm_G );
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
* \brief Set the Diffie-Hellman public P and G values
* from big-endian binary presentations.
* (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN)
*
* \param conf SSL configuration
* \param dhm_P Diffie-Hellman-Merkle modulus in big-endian binary form
* \param P_len Length of DHM modulus
* \param dhm_G Diffie-Hellman-Merkle generator in big-endian binary form
* \param G_len Length of DHM generator
*
* \return 0 if successful
*/
int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
const unsigned char *dhm_P, size_t P_len,
const unsigned char *dhm_G, size_t G_len );
/** /**
* \brief Set the Diffie-Hellman public P and G values, * \brief Set the Diffie-Hellman public P and G values,
* read from existing context (server-side only) * read from existing context (server-side only)

View file

@ -6133,6 +6133,23 @@ int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, cons
} }
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
const unsigned char *dhm_P, size_t P_len,
const unsigned char *dhm_G, size_t G_len )
{
int ret;
if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 ||
( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 )
{
mbedtls_mpi_free( &conf->dhm_P );
mbedtls_mpi_free( &conf->dhm_G );
return( ret );
}
return( 0 );
}
int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
{ {
int ret; int ret;
@ -7545,10 +7562,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
const unsigned char dhm_g[] = const unsigned char dhm_g[] =
MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_p, if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf,
sizeof( dhm_p ) ) ) != 0 || dhm_p, sizeof( dhm_p ),
( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_g, dhm_g, sizeof( dhm_g ) ) ) != 0 )
sizeof( dhm_g ) ) ) != 0 )
{ {
return( ret ); return( ret );
} }