diff --git a/src/internal.c b/src/internal.c index 787d10b7f..c42f00f0b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -19108,12 +19108,20 @@ int SendClientKeyExchange(WOLFSSL* ssl) goto exit_scke; } +#if !defined(HAVE_FIPS) && !defined(WOLFSSL_OLD_PRIME_CHECK) ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, ssl->buffers.serverDH_P.buffer, ssl->buffers.serverDH_P.length, ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length, NULL, 0, 0, ssl->rng); +#else + ret = wc_DhSetKey(ssl->buffers.serverDH_Key, + ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); +#endif if (ret != 0) { goto exit_scke; } @@ -19204,12 +19212,20 @@ int SendClientKeyExchange(WOLFSSL* ssl) goto exit_scke; } +#if !defined(HAVE_FIPS) && !defined(WOLFSSL_OLD_PRIME_CHECK) ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, ssl->buffers.serverDH_P.buffer, ssl->buffers.serverDH_P.length, ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length, NULL, 0, 0, ssl->rng); +#else + ret = wc_DhSetKey(ssl->buffers.serverDH_Key, + ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); +#endif if (ret != 0) { goto exit_scke; } @@ -20919,12 +20935,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, goto exit_sske; } +#if !defined(HAVE_FIPS) && !defined(WOLFSSL_OLD_PRIME_CHECK) ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, ssl->buffers.serverDH_P.buffer, ssl->buffers.serverDH_P.length, ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length, - NULL, 0, 1, ssl->rng); + NULL, 0, 0, ssl->rng); +#else + ret = wc_DhSetKey(ssl->buffers.serverDH_Key, + ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); +#endif if (ret != 0) { goto exit_sske; } @@ -24450,12 +24474,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, goto exit_dcke; } +#if !defined(HAVE_FIPS) && !defined(WOLFSSL_OLD_PRIME_CHECK) ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, ssl->buffers.serverDH_P.buffer, ssl->buffers.serverDH_P.length, ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length, - NULL, 0, 1, ssl->rng); + NULL, 0, 0, ssl->rng); +#else + ret = wc_DhSetKey(ssl->buffers.serverDH_Key, + ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); +#endif /* set the max agree result size */ ssl->arrays->preMasterSz = ENCRYPT_LEN; @@ -24507,12 +24539,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, goto exit_dcke; } +#if !defined(HAVE_FIPS) && !defined(WOLFSSL_OLD_PRIME_CHECK) ret = wc_DhSetCheckKey(ssl->buffers.serverDH_Key, ssl->buffers.serverDH_P.buffer, ssl->buffers.serverDH_P.length, ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length, - NULL, 0, 1, ssl->rng); + NULL, 0, 0, ssl->rng); +#else + ret = wc_DhSetKey(ssl->buffers.serverDH_Key, + ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); +#endif break; }