Add ssl_conf_dh_param_bin superseding ssl_conf_dh_param

2017-10-04 15:29:08 +01:00 · 2017-10-04 15:29:08 +01:00 · a90658f248
commit a90658f248
parent 470a8c4d87
2 changed files with 38 additions and 4 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1726,6 +1726,24 @@ MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf,
                                                  const char *dhm_G );

 #endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Set the Diffie-Hellman public P and G values
+ *                 from big-endian binary presentations.
+ *                 (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN)
+ *
+ * \param conf     SSL configuration
+ * \param dhm_P    Diffie-Hellman-Merkle modulus in big-endian binary form
+ * \param P_len    Length of DHM modulus
+ * \param dhm_G    Diffie-Hellman-Merkle generator in big-endian binary form
+ * \param G_len    Length of DHM generator
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
+                                   const unsigned char *dhm_P, size_t P_len,
+                                   const unsigned char *dhm_G,  size_t G_len );
+
 /**
 * \brief          Set the Diffie-Hellman public P and G values,
 *                 read from existing context (server-side only)
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -6133,6 +6133,23 @@ int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, cons
 }
 #endif /* MBEDTLS_DEPRECATED_REMOVED */

+int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
+                                   const unsigned char *dhm_P, size_t P_len,
+                                   const unsigned char *dhm_G, size_t G_len )
+{
+    int ret;
+
+    if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 ||
+        ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 )
+    {
+        mbedtls_mpi_free( &conf->dhm_P );
+        mbedtls_mpi_free( &conf->dhm_G );
+        return( ret );
+    }
+
+    return( 0 );
+}
+
 int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
 {
    int ret;
@ -7545,10 +7562,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
                const unsigned char dhm_g[] =
                    MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;

-                if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_p,
-                                                     sizeof( dhm_p ) ) ) != 0 ||
-                    ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_g,
-                                                     sizeof( dhm_g ) ) ) != 0 )
+                if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf,
+                                               dhm_p, sizeof( dhm_p ),
+                                               dhm_g, sizeof( dhm_g ) ) ) != 0 )
                {
                    return( ret );
                }