feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add 1536bit DH prime from RFC 3526

Browse Source
This commit is contained in:
Jacob Barthelmeh
2017-04-17 10:07:50 -06:00
parent bbff8f00ae
commit d0d762c1a2
4 changed files with 67 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
src/ssl.c
View File

@ -11396,6 +11396,19 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
wolfSSL_set_rfd(ssl, rd->fd);
wolfSSL_set_wfd(ssl, wr->fd);
/* free any existing WOLFSSL_BIOs in use */
if (ssl->biord != NULL) {
if (ssl->biord != ssl->biowr) {
if (ssl->biowr != NULL) {
wolfSSL_BIO_free(ssl->biowr);
ssl->biowr = NULL;
}
}
wolfSSL_BIO_free(ssl->biord);
ssl->biord = NULL;
}
ssl->biord = rd;
ssl->biowr = wr;
}
@ -12263,13 +12276,16 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_ERR_get_error");
#if defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA)
#if defined(WOLFSSL_NGINX)
{
unsigned long ret = wolfSSL_ERR_peek_error_line_data(NULL, NULL,
NULL, NULL);
wc_RemoveErrorNode(-1);
return ret;
}
#elif defined(DEBUG_WOLFSSL) && \
(defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE))
return wc_PullErrorNode(NULL, NULL, NULL);
#else
return (unsigned long)(0 - NOT_COMPILED_IN);
#endif
@ -22134,6 +22150,53 @@ int wolfSSL_DH_size(WOLFSSL_DH* dh)
}
/* This sets a big number with the 1536-bit prime from RFC 3526.
*
* bn if not NULL then the big number structure is used. If NULL then a new
* big number structure is created.
*
* Returns a WOLFSSL_BIGNUM structure on success and NULL with failure.
*/
WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
WOLFSSL_ENTER("wolfSSL_DH_1536_prime");
if (wolfSSL_BN_hex2bn(&bn, prm) != SSL_SUCCESS) {
WOLFSSL_MSG("Error converting DH 1536 prime to big number");
return NULL;
}
return bn;
}
/* return code compliant with OpenSSL :
* 1 if success, 0 if error
*/

1
wolfssl/openssl/dh.h
View File

@ -64,6 +64,7 @@ typedef WOLFSSL_DH DH;
#define DH_size wolfSSL_DH_size
#define DH_generate_key wolfSSL_DH_generate_key
#define DH_compute_key wolfSSL_DH_compute_key
#define get_rfc3526_prime_1536 wolfSSL_DH_1536_prime
#ifdef __cplusplus

1
wolfssl/openssl/ssl.h
View File

@ -536,6 +536,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_need_tmp_RSA(ssl) 0
#define SSL_set_tmp_rsa(ssl,rsa) 1
/*#endif*/
#define CONF_modules_unload(a)
#define SSL_get_hit wolfSSL_session_reused

1
wolfssl/ssl.h
View File

@ -2585,6 +2585,7 @@ WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const ch
WOLFSSL_API void wolfSSL_CRYPTO_cleanup_all_ex_data(void);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn);
WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator,
void (*callback) (int, int, void *), void *cb_arg);