10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
+
+
+
+
+
-
+
+
+
+
+
+
-
+
+
+
+
+
+
|
bits=*)
bits="`echo "${arg}" | cut -f 2 -d =`"
;;
esac
done
openssl_dhparam1() {
dir=''
if [ -n "${OPENSSL}" ]; then
dir="${OPENSSL}/"
fi
if openssl dhparam -C "$@" | sed \
if ${dir}openssl dhparam -C "$@" | sed \
-e 's/^\(static \)*DH \*get_dh[0-9]*/static DH *get_dhParams/' \
-e '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'
then
return 0
fi
return 1
}
# OpenSSL 3.0 openssl-dhparam has no "-C" option, so we emulate it here
openssl_dhparam3() {
dir=''
if [ -n "${OPENSSL}" ]; then
dir="${OPENSSL}/"
fi
cat << \_EOF_
#include <openssl/dh.h>
#include <openssl/bn.h>
static DH *get_dhParams(void) {
static unsigned char dhp[] = {
_EOF_
openssl dhparam -text "$@" | \
if ${dir}openssl dhparam -text "$@" | \
sed -E -e '/^---/,/^---/d' \
-e '/(DH|prime|generator|P|G|recommended)/d' \
-e 's/([0-9a-h]{2})(:|$$)/0x\1, /g'
then
break
else
return 1
fi
cat << \_EOF_
};
static unsigned char dhg[] = {
0x02,
};
|
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
|
-
-
-
-
-
-
-
|
if (dh == NULL) {
return NULL;
}
dhp_bn = BN_bin2bn(dhp, sizeof (dhp), NULL);
dhg_bn = BN_bin2bn(dhg, sizeof (dhg), NULL);
#ifdef TCLTLS_OPENSSL_PRE_1_1_API
dh->p = dhp_bn;
dh->g = dhg_bn;
if (dhp_bn == NULL || dhg_bn == NULL) {
#else
#endif
|