Check-in [bc2460fc22]
Overview
Comment:Updated fallback DH params for OpenSSL, supporting OpenSSL 1.1 and older versions
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | openssl-1.1
Files: files | file ages | folders
SHA1: bc2460fc22a3e2d934ed3d32014700c2c2f73d78
User & Date: rkeene on 2016-12-08 07:08:31
Other Links: branch diff | manifest | tags
Context
2016-12-08
07:25
Whitspace formatting changes check-in: 2ed4afb942 user: rkeene tags: openssl-1.1
07:08
Updated fallback DH params for OpenSSL, supporting OpenSSL 1.1 and older versions check-in: bc2460fc22 user: rkeene tags: openssl-1.1
07:07
Fixed backwards compatibility macro for BIOs check-in: 517bea2716 user: rkeene tags: openssl-1.1
Changes
33
34
35
36
37
38
39
40

41
42

43
44
45
46
47
48
49
33
34
35
36
37
38
39

40


41
42
43
44
45
46
47
48







-
+
-
-
+







	fi

	return 1
}

gen_dh_params_fallback() {
	cat << \_EOF_
DH *get_dh2048()
DH *get_dh2048(void) {
	{
	static unsigned char dhp_2048[]={
	static unsigned char dhp_2048[] = {
		0xC1,0x51,0x58,0x69,0xFB,0xE8,0x6C,0x47,0x2B,0x86,0x61,0x4F,
		0x20,0x2E,0xD3,0xFC,0x19,0xEE,0xB8,0xF3,0x35,0x7D,0xBA,0x86,
		0x2A,0xC3,0xC8,0x6E,0xF4,0x99,0x75,0x65,0xD3,0x7A,0x9E,0xDF,
		0xD4,0x1F,0x88,0xE3,0x17,0xFC,0xA1,0xED,0xA2,0xB6,0x77,0x84,
		0xAA,0x08,0xF2,0x97,0x59,0x7A,0xA0,0x03,0x0D,0x3E,0x7E,0x6D,
		0x65,0x6A,0xA4,0xEA,0x54,0xA9,0x52,0x5F,0x63,0xB4,0xBC,0x98,
		0x4E,0xF6,0xE1,0xA4,0xEE,0x16,0x0A,0xB0,0x01,0xBD,0x9F,0xA1,
58
59
60
61
62
63
64
65
66


67
68


69
70

71
72
73
74
75
76
77
78
79
80
81
82
83






















84
85
86
87
88
89
90
57
58
59
60
61
62
63


64
65
66

67
68
69

70
71












72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100







-
-
+
+

-
+
+

-
+

-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+







		0xA9,0x4D,0xD5,0xFD,0xED,0xF2,0x6D,0x32,0x17,0x97,0x5B,0x06,
		0x60,0x9C,0x5F,0xA3,0x5D,0x34,0x14,0x7E,0x63,0x54,0xE4,0x7E,
		0x09,0x8F,0xBB,0x8E,0xA0,0xD0,0x96,0xAC,0x30,0x20,0x39,0x3B,
		0x8C,0x92,0x65,0x37,0x0A,0x8F,0xEC,0x72,0x8B,0x61,0x7D,0x62,
		0x24,0x54,0xE9,0x1D,0x01,0x68,0x89,0xC4,0x7B,0x3C,0x48,0x62,
		0x9B,0x83,0x11,0x3A,0x0B,0x0D,0xEF,0x5A,0xE4,0x7A,0xA0,0x69,
		0xF4,0x54,0xB5,0x5B,
		};
	static unsigned char dhg_2048[]={
	};
	static unsigned char dhg_2048[] = {
		0x02,
		};
	};

	DH *dh = DH_new();;
    BIGNUM *dhp_bn, *dhg_bn;
	BIGNUM *dhp_bn, *dhg_bn;

    if (dh == NULL)
        return NULL;
    dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
    dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);
    if (dhp_bn == NULL || dhg_bn == NULL
            || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
        DH_free(dh);
        BN_free(dhp_bn);
        BN_free(dhg_bn);
        return NULL;
    }
    return dh;
	if (dh == NULL) {
		return NULL;
	}

	dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
	dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);

#if OPENSSL_VERSION_NUMBER < 0x10100000L
	dh->p = dhp_bn;
	dh->g = dhg_bn;

	if (dhp_bn == NULL || dhg_bn == NULL) {
#else
	if (dhp_bn == NULL || dhg_bn == NULL || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
#endif
		DH_free(dh);
		BN_free(dhp_bn);
		BN_free(dhg_bn);
		return(NULL);
	}

	return(dh);
}
_EOF_
}

# Enable support for giving the same DH params each time
if [ "$1" = 'fallback' ]; then
	gen_dh_params_fallback && exit 0