mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-28 13:08:06 +00:00
Use the special shims file for DH shims
Since we now have a separate `openssl_shim.{c,h}` files in the `dns`
library, we can place the exisintg shims there.
This commit is contained in:
Aram Sargsyan
parent
32fd3e5420
commit
aa9411f62b
@ -162,6 +162,80 @@ ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) {
|
||||
}
|
||||
#endif /* !HAVE_ECDSA_SIG_GET0 */
|
||||
|
||||
#if !HAVE_DH_GET0_KEY && OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
/*
|
||||
* DH_get0_key, DH_set0_key, DH_get0_pqg and DH_set0_pqg
|
||||
* are from OpenSSL 1.1.0.
|
||||
*/
|
||||
void
|
||||
DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) {
|
||||
if (pub_key != NULL) {
|
||||
*pub_key = dh->pub_key;
|
||||
}
|
||||
if (priv_key != NULL) {
|
||||
*priv_key = dh->priv_key;
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) {
|
||||
if (pub_key != NULL) {
|
||||
BN_free(dh->pub_key);
|
||||
dh->pub_key = pub_key;
|
||||
}
|
||||
|
||||
if (priv_key != NULL) {
|
||||
BN_free(dh->priv_key);
|
||||
dh->priv_key = priv_key;
|
||||
}
|
||||
|
||||
return (1);
|
||||
}
|
||||
|
||||
void
|
||||
DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q,
|
||||
const BIGNUM **g) {
|
||||
if (p != NULL) {
|
||||
*p = dh->p;
|
||||
}
|
||||
if (q != NULL) {
|
||||
*q = dh->q;
|
||||
}
|
||||
if (g != NULL) {
|
||||
*g = dh->g;
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
|
||||
/* If the fields p and g in d are NULL, the corresponding input
|
||||
* parameters MUST be non-NULL. q may remain NULL.
|
||||
*/
|
||||
if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL)) {
|
||||
return (0);
|
||||
}
|
||||
|
||||
if (p != NULL) {
|
||||
BN_free(dh->p);
|
||||
dh->p = p;
|
||||
}
|
||||
if (q != NULL) {
|
||||
BN_free(dh->q);
|
||||
dh->q = q;
|
||||
}
|
||||
if (g != NULL) {
|
||||
BN_free(dh->g);
|
||||
dh->g = g;
|
||||
}
|
||||
|
||||
if (q != NULL) {
|
||||
dh->length = BN_num_bits(q);
|
||||
}
|
||||
|
||||
return (1);
|
||||
}
|
||||
#endif /* !HAVE_DH_GET0_KEY && OPENSSL_VERSION_NUMBER < 0x30000000L */
|
||||
|
||||
#if !HAVE_ERR_GET_ERROR_ALL
|
||||
static const char err_empty_string = '\0';
|
||||
|
||||
|
||||
@ -12,6 +12,7 @@
|
||||
#pragma once
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/ecdsa.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/opensslv.h>
|
||||
@ -57,6 +58,22 @@ int
|
||||
ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
|
||||
#endif /* !HAVE_ECDSA_SIG_GET0 */
|
||||
|
||||
#if !HAVE_DH_GET0_KEY
|
||||
void
|
||||
DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
|
||||
|
||||
int
|
||||
DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
|
||||
|
||||
void
|
||||
DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
|
||||
|
||||
int
|
||||
DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
|
||||
|
||||
#define DH_clear_flags(d, f) ((d)->flags &= ~(f))
|
||||
#endif /* !HAVE_DH_GET0_KEY */
|
||||
|
||||
#if !HAVE_ERR_GET_ERROR_ALL
|
||||
unsigned long
|
||||
ERR_get_error_all(const char **file, int *line, const char **func,
|
||||
|
||||
@ -40,6 +40,7 @@
|
||||
#include "dst_internal.h"
|
||||
#include "dst_openssl.h"
|
||||
#include "dst_parse.h"
|
||||
#include "openssl_shim.h"
|
||||
|
||||
#define PRIME2 "02"
|
||||
|
||||
@ -67,83 +68,6 @@
|
||||
|
||||
static BIGNUM *bn2 = NULL, *bn768 = NULL, *bn1024 = NULL, *bn1536 = NULL;
|
||||
|
||||
#if !HAVE_DH_GET0_KEY
|
||||
/*
|
||||
* DH_get0_key, DH_set0_key, DH_get0_pqg and DH_set0_pqg
|
||||
* are from OpenSSL 1.1.0.
|
||||
*/
|
||||
static void
|
||||
DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) {
|
||||
if (pub_key != NULL) {
|
||||
*pub_key = dh->pub_key;
|
||||
}
|
||||
if (priv_key != NULL) {
|
||||
*priv_key = dh->priv_key;
|
||||
}
|
||||
}
|
||||
|
||||
static int
|
||||
DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) {
|
||||
if (pub_key != NULL) {
|
||||
BN_free(dh->pub_key);
|
||||
dh->pub_key = pub_key;
|
||||
}
|
||||
|
||||
if (priv_key != NULL) {
|
||||
BN_free(dh->priv_key);
|
||||
dh->priv_key = priv_key;
|
||||
}
|
||||
|
||||
return (1);
|
||||
}
|
||||
|
||||
static void
|
||||
DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q,
|
||||
const BIGNUM **g) {
|
||||
if (p != NULL) {
|
||||
*p = dh->p;
|
||||
}
|
||||
if (q != NULL) {
|
||||
*q = dh->q;
|
||||
}
|
||||
if (g != NULL) {
|
||||
*g = dh->g;
|
||||
}
|
||||
}
|
||||
|
||||
static int
|
||||
DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
|
||||
/* If the fields p and g in d are NULL, the corresponding input
|
||||
* parameters MUST be non-NULL. q may remain NULL.
|
||||
*/
|
||||
if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL)) {
|
||||
return (0);
|
||||
}
|
||||
|
||||
if (p != NULL) {
|
||||
BN_free(dh->p);
|
||||
dh->p = p;
|
||||
}
|
||||
if (q != NULL) {
|
||||
BN_free(dh->q);
|
||||
dh->q = q;
|
||||
}
|
||||
if (g != NULL) {
|
||||
BN_free(dh->g);
|
||||
dh->g = g;
|
||||
}
|
||||
|
||||
if (q != NULL) {
|
||||
dh->length = BN_num_bits(q);
|
||||
}
|
||||
|
||||
return (1);
|
||||
}
|
||||
|
||||
#define DH_clear_flags(d, f) (d)->flags &= ~(f)
|
||||
|
||||
#endif /* !HAVE_DH_GET0_KEY */
|
||||
|
||||
static isc_result_t
|
||||
openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
|
||||
isc_buffer_t *secret) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user