commit a90658f248cc7842d1b644f62c12deb9d2b32408
author Hanno Becker <hanno.becker@arm.com> Wed Oct 04 15:29:08 2017 +0100
committer Hanno Becker <hanno.becker@arm.com> Wed Oct 04 15:29:08 2017 +0100
tree 62d4fc57b94b92099055628736a1b21429d84990
parent 470a8c4d8767565baa0f1c55f1b1487e2152cdbb

Add ssl_conf_dh_param_bin superseding ssl_conf_dh_param

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 13ee5bd..32cec54 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1726,6 +1726,24 @@
                                                   const char *dhm_G );
 
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Set the Diffie-Hellman public P and G values
+ *                 from big-endian binary presentations.
+ *                 (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN)
+ *
+ * \param conf     SSL configuration
+ * \param dhm_P    Diffie-Hellman-Merkle modulus in big-endian binary form
+ * \param P_len    Length of DHM modulus
+ * \param dhm_G    Diffie-Hellman-Merkle generator in big-endian binary form
+ * \param G_len    Length of DHM generator
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
+                                   const unsigned char *dhm_P, size_t P_len,
+                                   const unsigned char *dhm_G,  size_t G_len );
+
 /**
  * \brief          Set the Diffie-Hellman public P and G values,
  *                 read from existing context (server-side only)

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index fe945c3..89d223d 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6133,6 +6133,23 @@
 }
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
+int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
+                                   const unsigned char *dhm_P, size_t P_len,
+                                   const unsigned char *dhm_G, size_t G_len )
+{
+    int ret;
+
+    if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 ||
+        ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 )
+    {
+        mbedtls_mpi_free( &conf->dhm_P );
+        mbedtls_mpi_free( &conf->dhm_G );
+        return( ret );
+    }
+
+    return( 0 );
+}
+
 int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
 {
     int ret;
@@ -7545,10 +7562,9 @@
                 const unsigned char dhm_g[] =
                     MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
 
-                if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_p,
-                                                     sizeof( dhm_p ) ) ) != 0 ||
-                    ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_g,
-                                                     sizeof( dhm_g ) ) ) != 0 )
+                if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf,
+                                               dhm_p, sizeof( dhm_p ),
+                                               dhm_g, sizeof( dhm_g ) ) ) != 0 )
                 {
                     return( ret );
                 }