TclTLS
Check-in [bc2460fc22]
Login
HomeTimelineDownloadBrowse SourceBranchesTagsTicketsWiki
Overview
Comment:Updated fallback DH params for OpenSSL, supporting OpenSSL 1.1 and older versions
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | openssl-1.1
Files: files | file ages | folders
SHA1: bc2460fc22a3e2d934ed3d32014700c2c2f73d78
User & Date: rkeene on 2016-12-08 07:08:31
Other Links: branch diff | manifest | tags
Context
2016-12-08
07:25
Whitspace formatting changes check-in: 2ed4afb942 user: rkeene tags: openssl-1.1
07:08
Updated fallback DH params for OpenSSL, supporting OpenSSL 1.1 and older versions check-in: bc2460fc22 user: rkeene tags: openssl-1.1
07:07
Fixed backwards compatibility macro for BIOs check-in: 517bea2716 user: rkeene tags: openssl-1.1
Changes
Hide Diffs Side-by-Side Diffs Show Whitespace Changes Patch

Modified gen_dh_params from [f5e01f9b02] to [c6f609976c]. 

33
34
35
36
37
38
39
40

41
42
43
44
45
46
47
48

33
34
35
36
37
38
39

40

41
42
43
44
45
46
47








-
+
-








	fi

	return 1
}

gen_dh_params_fallback() {
	cat << \_EOF_
DH *get_dh2048()
DH *get_dh2048(void) {
	{
	static unsigned char dhp_2048[]={
		0xC1,0x51,0x58,0x69,0xFB,0xE8,0x6C,0x47,0x2B,0x86,0x61,0x4F,
		0x20,0x2E,0xD3,0xFC,0x19,0xEE,0xB8,0xF3,0x35,0x7D,0xBA,0x86,
		0x2A,0xC3,0xC8,0x6E,0xF4,0x99,0x75,0x65,0xD3,0x7A,0x9E,0xDF,
		0xD4,0x1F,0x88,0xE3,0x17,0xFC,0xA1,0xED,0xA2,0xB6,0x77,0x84,
		0xAA,0x08,0xF2,0x97,0x59,0x7A,0xA0,0x03,0x0D,0x3E,0x7E,0x6D,
		0x65,0x6A,0xA4,0xEA,0x54,0xA9,0x52,0x5F,0x63,0xB4,0xBC,0x98,

62
63
64
65
66
67
68

69
70
71
72

73


74
75





76
77




78
79
80
81

82

83

84
85
86
87
88
89
90

61
62
63
64
65
66
67
68
69
70
71

72
73
74
75
76
77
78
79
80
81
82


83
84
85
86
87
88
89

90
91
92

93
94
95
96
97
98
99
100








+



-
+

+
+


+
+
+
+
+
-
-
+
+
+
+



-
+

+
-
+








		0x24,0x54,0xE9,0x1D,0x01,0x68,0x89,0xC4,0x7B,0x3C,0x48,0x62,
		0x9B,0x83,0x11,0x3A,0x0B,0x0D,0xEF,0x5A,0xE4,0x7A,0xA0,0x69,
		0xF4,0x54,0xB5,0x5B,
		};
	static unsigned char dhg_2048[]={
		0x02,
		};

	DH *dh = DH_new();;
    BIGNUM *dhp_bn, *dhg_bn;

    if (dh == NULL)
	if (dh == NULL) {
        return NULL;
	}

    dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
    dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);

#if OPENSSL_VERSION_NUMBER < 0x10100000L
	dh->p = dhp_bn;
	dh->g = dhg_bn;

    if (dhp_bn == NULL || dhg_bn == NULL
            || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
	if (dhp_bn == NULL || dhg_bn == NULL) {
#else
	if (dhp_bn == NULL || dhg_bn == NULL || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
#endif
        DH_free(dh);
        BN_free(dhp_bn);
        BN_free(dhg_bn);
        return NULL;
		return(NULL);
    }

    return dh;
	return(dh);
}
_EOF_
}

# Enable support for giving the same DH params each time
if [ "$1" = 'fallback' ]; then
	gen_dh_params_fallback && exit 0

Powered by Fossil · RSS