if (C) {
unsigned char *data;
int len, bits;
+ BIGNUM *pbn, *gbn;
- len = BN_num_bytes(dh->p);
- bits = BN_num_bits(dh->p);
+ len = DH_size(dh);
+ bits = DH_bits(dh);
+ DH_get0_pqg(dh, &pbn, NULL, &gbn);
data = app_malloc(len, "print a BN");
BIO_printf(out, "#ifndef HEADER_DH_H\n"
"# include <openssl/dh.h>\n"
"#endif\n"
"\n");
BIO_printf(out, "DH *get_dh%d()\n{\n", bits);
- print_bignum_var(out, dh->p, "dhp", bits, data);
- print_bignum_var(out, dh->g, "dhg", bits, data);
- BIO_printf(out, " DH *dh = DN_new();\n"
+ print_bignum_var(out, pbn, "dhp", bits, data);
+ print_bignum_var(out, gbn, "dhg", bits, data);
+ BIO_printf(out, " DH *dh = DH_new();\n"
+ " BIGNUM *dhp_bn, *dhg_bn;\n"
"\n"
" if (dh == NULL)\n"
" return NULL;\n");
- BIO_printf(out, " dh->p = BN_bin2bn(dhp_%d, sizeof (dhp_%d), NULL);\n",
- bits, bits);
- BIO_printf(out, " dh->g = BN_bin2bn(dhg_%d, sizeof (dhg_%d), NULL);\n",
- bits, bits);
- BIO_printf(out, " if (!dh->p || !dh->g) {\n"
+ BIO_printf(out, " dhp_bn = BN_bin2bn(dhp_%d, sizeof (dhp_%d), NULL);\n",
+ bits, bits);
+ BIO_printf(out, " dhg_bn = BN_bin2bn(dhg_%d, sizeof (dhg_%d), NULL);\n",
+ bits, bits);
+ BIO_printf(out, " if (dhp_bn == NULL || dhg_bn == NULL\n"
+ " || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {\n"
" DH_free(dh);\n"
+ " BN_free(dhp_bn);\n"
+ " BN_free(dhg_bn);\n"
" return NULL;\n"
" }\n");
- if (dh->length)
+ if (DH_get_length(dh) > 0)
BIO_printf(out,
- " dh->length = %ld;\n", dh->length);
+ " if (!DH_set_length(dh, %ld)) {\n"
+ " DH_free(dh);\n"
+ " }\n", DH_get_length(dh));
BIO_printf(out, " return dh;\n}\n");
OPENSSL_free(data);
}
if (!noout) {
+ BIGNUM *q;
+ DH_get0_pqg(dh, NULL, &q, NULL);
if (outformat == FORMAT_ASN1)
i = i2d_DHparams_bio(out, dh);
- else if (dh->q)
+ else if (q != NULL)
i = PEM_write_bio_DHxparams(out, dh);
else
i = PEM_write_bio_DHparams(out, dh);
case SSL_SECOP_OTHER_DH:
{
DH *dh = other;
- BIO_printf(sdb->out, "%d", BN_num_bits(dh->p));
+ BIO_printf(sdb->out, "%d", DH_bits(dh));
break;
}
#endif
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/asn1.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
#include <openssl/bn.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
#include <openssl/objects.h>
#include <openssl/asn1t.h>
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
/*-
* Check that p is a safe prime and
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
BN_GENCB *cb);
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/rand.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
#include "internal/bn_int.h"
static int generate_key(DH *dh);
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
#include <openssl/engine.h>
static const DH_METHOD *default_DH_method = NULL;
N = -1;
return BN_security_bits(BN_num_bits(dh->p), N);
}
+
+
+void DH_get0_pqg(const DH *dh, BIGNUM **p, BIGNUM **q, BIGNUM **g)
+{
+ if (p != NULL)
+ *p = dh->p;
+ if (q != NULL)
+ *q = dh->q;
+ if (g != NULL)
+ *g = dh->g;
+}
+
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+{
+ /* q is optional */
+ if (p == NULL || g == NULL)
+ return 0;
+ BN_free(dh->p);
+ BN_free(dh->q);
+ BN_free(dh->g);
+ dh->p = p;
+ dh->q = q;
+ dh->g = g;
+
+ if (q != NULL) {
+ dh->length = BN_num_bits(q);
+ }
+
+ return 1;
+}
+
+long DH_get_length(const DH *dh)
+{
+ return dh->length;
+}
+
+int DH_set_length(DH *dh, long length)
+{
+ dh->length = length;
+ return 1;
+}
+
+void DH_get0_key(const DH *dh, BIGNUM **pub_key, BIGNUM **priv_key)
+{
+ if (pub_key != NULL)
+ *pub_key = dh->pub_key;
+ if (priv_key != NULL)
+ *priv_key = dh->priv_key;
+}
+
+int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
+{
+ /* Note that it is valid for priv_key to be NULL */
+ if (pub_key == NULL)
+ return 0;
+
+ BN_free(dh->pub_key);
+ BN_free(dh->priv_key);
+ dh->pub_key = pub_key;
+ dh->priv_key = priv_key;
+
+ return 1;
+}
+
+void DH_clear_flags(DH *dh, int flags)
+{
+ dh->flags &= ~flags;
+}
+
+int DH_test_flags(const DH *dh, int flags)
+{
+ return dh->flags & flags;
+}
+
+void DH_set_flags(DH *dh, int flags)
+{
+ dh->flags |= flags;
+}
+
+ENGINE *DH_get0_engine(DH *dh)
+{
+ return dh->engine;
+}
--- /dev/null
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/dh.h>
+
+struct dh_st {
+ /*
+ * This first argument is used to pick up errors when a DH is passed
+ * instead of a EVP_PKEY
+ */
+ int pad;
+ int version;
+ BIGNUM *p;
+ BIGNUM *g;
+ long length; /* optional */
+ BIGNUM *pub_key; /* g^x % p */
+ BIGNUM *priv_key; /* x */
+ int flags;
+ BN_MONT_CTX *method_mont_p;
+ /* Place holders if we want to do X9.42 DH */
+ BIGNUM *q;
+ BIGNUM *j;
+ unsigned char *seed;
+ int seedlen;
+ BIGNUM *counter;
+ int references;
+ CRYPTO_EX_DATA ex_data;
+ const DH_METHOD *meth;
+ ENGINE *engine;
+ CRYPTO_RWLOCK *lock;
+};
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
-#include <openssl/dh.h>
+#include "dh_locl.h"
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/objects.h>
#include <stdio.h>
#include "internal/cryptlib.h"
-#include <openssl/dh.h>
+#include "dh_locl.h"
#include <openssl/bn.h>
#include "internal/bn_dh.h"
*/
DH *ret = NULL;
+ BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL;
if (r == NULL)
goto err;
ret = DH_new();
if (ret == NULL)
goto err;
- if (r->p != NULL)
- if ((ret->p = BN_dup(r->p)) == NULL)
+ if (r->p != NULL || r->g != NULL || r->q != NULL) {
+ if (r->p == NULL || r->g == NULL || r->q == NULL) {
+ /* Shouldn't happen */
goto err;
- if (r->q != NULL) {
- ret->length = BN_num_bits(r->q);
- if ((ret->q = BN_dup(r->q)) == NULL)
+ }
+ p = BN_dup(r->p);
+ g = BN_dup(r->g);
+ q = BN_dup(r->q);
+ if (p == NULL || g == NULL || q == NULL || !DH_set0_pqg(ret, p, q, g))
goto err;
}
- if (r->g != NULL)
- if ((ret->g = BN_dup(r->g)) == NULL)
- goto err;
- if (r->pub_key != NULL)
- if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
+
+ if (r->pub_key != NULL) {
+ pub_key = BN_dup(r->pub_key);
+ if (pub_key == NULL)
goto err;
- if (r->priv_key != NULL)
- if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
+ if (r->priv_key != NULL) {
+ priv_key = BN_dup(r->priv_key);
+ if (priv_key == NULL)
+ goto err;
+ }
+ if (!DH_set0_key(ret, pub_key, priv_key))
goto err;
+ } else if (r->priv_key != NULL) {
+ /* Shouldn't happen */
+ goto err;
+ }
return ret;
err:
+ BN_free(p);
+ BN_free(g);
+ BN_free(q);
+ BN_free(pub_key);
+ BN_free(priv_key);
DH_free(ret);
return NULL;
}
BN_GENCB *cb);
};
-struct dh_st {
- /*
- * This first argument is used to pick up errors when a DH is passed
- * instead of a EVP_PKEY
- */
- int pad;
- int version;
- BIGNUM *p;
- BIGNUM *g;
- long length; /* optional */
- BIGNUM *pub_key; /* g^x % p */
- BIGNUM *priv_key; /* x */
- int flags;
- BN_MONT_CTX *method_mont_p;
- /* Place holders if we want to do X9.42 DH */
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
- int references;
- CRYPTO_EX_DATA ex_data;
- const DH_METHOD *meth;
- ENGINE *engine;
- CRYPTO_RWLOCK *lock;
-};
-
DECLARE_ASN1_ITEM(DHparams)
# define DH_GENERATOR_2 2
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
# endif
+void DH_get0_pqg(const DH *dh, BIGNUM **p, BIGNUM **q, BIGNUM **g);
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+void DH_get0_key(const DH *dh, BIGNUM **pub_key, BIGNUM **priv_key);
+int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+void DH_clear_flags(DH *dh, int flags);
+int DH_test_flags(const DH *dh, int flags);
+void DH_set_flags(DH *dh, int flags);
+ENGINE *DH_get0_engine(DH *d);
+long DH_get_length(const DH *dh);
+int DH_set_length(DH *dh, long length);
+
+
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
PACKET prime, generator, pub_key;
DH *dh;
+ BIGNUM *p, *g, *bnpub_key;
if (!PACKET_get_length_prefixed_2(pkt, &prime)
|| !PACKET_get_length_prefixed_2(pkt, &generator)
goto err;
}
- if ((dh->p = BN_bin2bn(PACKET_data(&prime),
- PACKET_remaining(&prime), NULL)) == NULL
- || (dh->g = BN_bin2bn(PACKET_data(&generator),
- PACKET_remaining(&generator), NULL)) == NULL
- || (dh->pub_key =
- BN_bin2bn(PACKET_data(&pub_key),
- PACKET_remaining(&pub_key), NULL)) == NULL) {
+ p = BN_bin2bn(PACKET_data(&prime), PACKET_remaining(&prime), NULL);
+ g = BN_bin2bn(PACKET_data(&generator), PACKET_remaining(&generator),
+ NULL);
+ bnpub_key = BN_bin2bn(PACKET_data(&pub_key), PACKET_remaining(&pub_key),
+ NULL);
+ if (p == NULL || g == NULL || bnpub_key == NULL) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_BN_LIB);
+ BN_free(p);
+ BN_free(g);
+ BN_free(bnpub_key);
goto err;
}
- if (BN_is_zero(dh->p) || BN_is_zero(dh->g) || BN_is_zero(dh->pub_key)) {
+ if (BN_is_zero(p) || BN_is_zero(g) || BN_is_zero(bnpub_key)) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_BAD_DH_VALUE);
+ BN_free(p);
+ BN_free(g);
+ BN_free(bnpub_key);
goto f_err;
}
+ if (!DH_set0_pqg(dh, p, NULL, g)) {
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_BN_LIB);
+ BN_free(p);
+ BN_free(g);
+ BN_free(bnpub_key);
+ goto err;
+ }
+
+ if (!DH_set0_key(dh, bnpub_key, NULL)) {
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_BN_LIB);
+ BN_free(bnpub_key);
+ goto err;
+ }
+
if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_DH_KEY_TOO_SMALL);
#ifndef OPENSSL_NO_DH
else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {
DH *dh_clnt = NULL;
+ BIGNUM *pub_key;
skey = s->s3->peer_tmp;
if (skey == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
/* send off the data */
- n = BN_num_bytes(dh_clnt->pub_key);
+ DH_get0_key(dh_clnt, &pub_key, NULL);
+ n = BN_num_bytes(pub_key);
s2n(n, p);
- BN_bn2bin(dh_clnt->pub_key, p);
+ BN_bn2bin(pub_key, p);
n += 2;
EVP_PKEY_free(ckey);
ckey = NULL;
EVP_PKEY_free(pkdh);
pkdh = NULL;
- r[0] = dh->p;
- r[1] = dh->g;
- r[2] = dh->pub_key;
+ DH_get0_pqg(dh, &r[0], NULL, &r[1]);
+ DH_get0_key(dh, &r[2], NULL);
} else
#endif
#ifndef OPENSSL_NO_EC
EVP_PKEY *skey = NULL;
DH *cdh;
unsigned int i;
+ BIGNUM *pub_key;
if (!PACKET_get_net_2(pkt, &i)) {
if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {
goto err;
}
cdh = EVP_PKEY_get0_DH(ckey);
- cdh->pub_key = BN_bin2bn(data, i, NULL);
- if (cdh->pub_key == NULL) {
- SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB);
+ pub_key = BN_bin2bn(data, i, NULL);
+
+ if (pub_key == NULL || !DH_set0_key(cdh, pub_key, NULL)) {
+ SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ if (pub_key != NULL)
+ BN_free(pub_key);
goto err;
}
if (dh_secbits >= 128) {
DH *dhp = DH_new();
+ BIGNUM *p, *g;
if (dhp == NULL)
return NULL;
- dhp->g = BN_new();
- if (dhp->g != NULL)
- BN_set_word(dhp->g, 2);
+ g = BN_new();
+ if (g != NULL)
+ BN_set_word(g, 2);
if (dh_secbits >= 192)
- dhp->p = get_rfc3526_prime_8192(NULL);
+ p = get_rfc3526_prime_8192(NULL);
else
- dhp->p = get_rfc3526_prime_3072(NULL);
- if (dhp->p == NULL || dhp->g == NULL) {
+ p = get_rfc3526_prime_3072(NULL);
+ if (p == NULL || g == NULL || !DH_set0_pqg(dhp, p, NULL, g)) {
DH_free(dhp);
+ BN_free(p);
+ BN_free(g);
return NULL;
}
return dhp;
BN_GENCB *_cb = NULL;
DH *a = NULL;
DH *b = NULL;
+ BIGNUM *ap = NULL, *ag = NULL, *bp = NULL, *bg = NULL, *apub_key = NULL;
+ BIGNUM *bpub_key = NULL, *priv_key = NULL;
char buf[12] = {0};
unsigned char *abuf = NULL;
unsigned char *bbuf = NULL;
if (i & DH_NOT_SUITABLE_GENERATOR)
BIO_puts(out, "the g value is not a generator\n");
+ DH_get0_pqg(a, &ap, NULL, &ag);
BIO_puts(out, "\np =");
- BN_print(out, a->p);
+ BN_print(out, ap);
BIO_puts(out, "\ng =");
- BN_print(out, a->g);
+ BN_print(out, ag);
BIO_puts(out, "\n");
b = DH_new();
if (b == NULL)
goto err;
- b->p = BN_dup(a->p);
- b->g = BN_dup(a->g);
- if ((b->p == NULL) || (b->g == NULL))
+ bp = BN_dup(ap);
+ bg = BN_dup(ag);
+ if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))
goto err;
+ bp = bg = NULL;
/* Set a to run with normal modexp and b to use constant time */
- a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
- b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
+ DH_clear_flags(a, DH_FLAG_NO_EXP_CONSTTIME);
+ DH_set_flags(b, DH_FLAG_NO_EXP_CONSTTIME);
if (!DH_generate_key(a))
goto err;
+ DH_get0_key(a, &apub_key, &priv_key);
BIO_puts(out, "pri 1=");
- BN_print(out, a->priv_key);
+ BN_print(out, priv_key);
BIO_puts(out, "\npub 1=");
- BN_print(out, a->pub_key);
+ BN_print(out, apub_key);
BIO_puts(out, "\n");
if (!DH_generate_key(b))
goto err;
+ DH_get0_key(b, &bpub_key, &priv_key);
BIO_puts(out, "pri 2=");
- BN_print(out, b->priv_key);
+ BN_print(out, priv_key);
BIO_puts(out, "\npub 2=");
- BN_print(out, b->pub_key);
+ BN_print(out, bpub_key);
BIO_puts(out, "\n");
alen = DH_size(a);
if (abuf == NULL)
goto err;
- aout = DH_compute_key(abuf, b->pub_key, a);
+ aout = DH_compute_key(abuf, bpub_key, a);
BIO_puts(out, "key1 =");
for (i = 0; i < aout; i++) {
if (bbuf == NULL)
goto err;
- bout = DH_compute_key(bbuf, a->pub_key, b);
+ bout = DH_compute_key(bbuf, apub_key, b);
BIO_puts(out, "key2 =");
for (i = 0; i < bout; i++) {
OPENSSL_free(bbuf);
DH_free(b);
DH_free(a);
+ BN_free(bp);
+ BN_free(bg);
BN_GENCB_free(_cb);
BIO_free(out);
unsigned char *Z1 = NULL;
unsigned char *Z2 = NULL;
const rfc5114_td *td = NULL;
- BIGNUM *bady = NULL;
+ BIGNUM *bady = NULL, *priv_key = NULL, *pub_key = NULL;
for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
td = rfctd + i;
if ((dhA == NULL) || (dhB == NULL))
goto bad_err;
- dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
- dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
+ priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
+ pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
+ if (priv_key == NULL || pub_key == NULL
+ || !DH_set0_key(dhA, pub_key, priv_key))
+ goto bad_err;
- dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
- dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
+ priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
+ pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
- if ((dhA->priv_key == NULL) || (dhA->pub_key == NULL)
- || (dhB->priv_key == NULL) || (dhB->pub_key == NULL))
+ if (priv_key == NULL || pub_key == NULL
+ || !DH_set0_key(dhB, pub_key, priv_key))
goto bad_err;
+ priv_key = pub_key = NULL;
if ((td->Z_len != (size_t)DH_size(dhA))
|| (td->Z_len != (size_t)DH_size(dhB)))
* Work out shared secrets using both sides and compare with expected
* values.
*/
- if (DH_compute_key(Z1, dhB->pub_key, dhA) == -1)
+ DH_get0_key(dhB, &pub_key, NULL);
+ if (DH_compute_key(Z1, pub_key, dhA) == -1) {
+ pub_key = NULL;
goto bad_err;
- if (DH_compute_key(Z2, dhA->pub_key, dhB) == -1)
+ }
+ DH_get0_key(dhA, &pub_key, NULL);
+ if (DH_compute_key(Z2, pub_key, dhB) == -1) {
+ pub_key = NULL;
goto bad_err;
+ }
+ pub_key = NULL;
if (memcmp(Z1, td->Z, td->Z_len))
goto err;
BN_free(bady);
DH_free(dhA);
DH_free(dhB);
+ BN_free(pub_key);
+ BN_free(priv_key);
OPENSSL_free(Z1);
OPENSSL_free(Z2);
0x02,
};
DH *dh;
+ BIGNUM *p, *g;
if ((dh = DH_new()) == NULL)
return (NULL);
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
+ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+ if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
DH_free(dh);
+ BN_free(p);
+ BN_free(g);
return (NULL);
}
return (dh);
0x02,
};
DH *dh;
+ BIGNUM *p, *g;
if ((dh = DH_new()) == NULL)
return (NULL);
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
+ p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+ g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+ if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
DH_free(dh);
+ BN_free(p);
+ BN_free(g);
return (NULL);
}
return (dh);
0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
};
DH *dh;
+ BIGNUM *p, *g;
if ((dh = DH_new()) == NULL)
return (NULL);
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
+ p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+ g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+ if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
DH_free(dh);
+ BN_free(p);
+ BN_free(g);
return (NULL);
}
- dh->length = 160;
+ DH_set_length(dh, 160);
return (dh);
}
#endif
projects / thirdparty / openssl.git / commitdiff
