mirror of
https://github.com/matrix-construct/construct
synced 2024-06-11 06:28:55 +02:00
ircd::openssl: Add dhparam generator suite.
This commit is contained in:
Jason Volk
parent
0dcaedabff
commit
0787b5ff71
|
|
@ -25,6 +25,7 @@ struct evp_pkey_st;
|
|||
struct ec_group_st;
|
||||
struct ec_point_st;
|
||||
struct ec_key_st;
|
||||
struct dh_st;
|
||||
|
||||
/// OpenSSL library interface. Provides things we need to expose from OpenSSL
|
||||
/// to the rest of the project.
|
||||
|
|
@ -48,6 +49,7 @@ namespace ircd::openssl
|
|||
using EC_GROUP = ::ec_group_st;
|
||||
using EC_POINT = ::ec_point_st;
|
||||
using EC_KEY = ::ec_key_st;
|
||||
using DH = ::dh_st;
|
||||
|
||||
// Library general
|
||||
string_view version();
|
||||
|
|
@ -83,6 +85,13 @@ namespace ircd::openssl
|
|||
string_view print(const mutable_buffer &buf, const EC_KEY &, const off_t &offset = 0);
|
||||
void genec(const string_view &skfile, const string_view &pkfile, const EC_GROUP *const & = secp256k1);
|
||||
|
||||
// DH suite
|
||||
extern const size_t DH_DEFAULT_GEN;
|
||||
extern const size_t DH_DEFAULT_BITS;
|
||||
DH &gendh(DH &, const uint &bits = DH_DEFAULT_BITS, const uint &gen = DH_DEFAULT_GEN);
|
||||
string_view gendh(const mutable_buffer &, const uint &bits = DH_DEFAULT_BITS, const uint &gen = DH_DEFAULT_GEN);
|
||||
void gendh(const string_view &dhfile, const uint &bits = DH_DEFAULT_BITS, const uint &gen = DH_DEFAULT_GEN);
|
||||
|
||||
// X.509 suite
|
||||
const_buffer i2d(const mutable_buffer &out, const X509 &);
|
||||
const_buffer cert2d(const mutable_buffer &out, const string_view &pem);
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
#include <openssl/x509.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/ripemd.h>
|
||||
#include <openssl/dh.h>
|
||||
|
||||
namespace ircd::openssl
|
||||
{
|
||||
|
|
@ -618,6 +619,65 @@ ircd::openssl::get_time(const ASN1_TIME &t)
|
|||
return ircd::time() + sec;
|
||||
}
|
||||
|
||||
//
|
||||
// DH
|
||||
//
|
||||
|
||||
decltype(ircd::openssl::DH_DEFAULT_BITS)
|
||||
ircd::openssl::DH_DEFAULT_BITS
|
||||
{
|
||||
2048
|
||||
};
|
||||
|
||||
decltype(ircd::openssl::DH_DEFAULT_GEN)
|
||||
ircd::openssl::DH_DEFAULT_GEN
|
||||
{
|
||||
5
|
||||
};
|
||||
|
||||
void
|
||||
ircd::openssl::gendh(const string_view &dhfile,
|
||||
const uint &bits,
|
||||
const uint &gen)
|
||||
{
|
||||
bio::write_file(dhfile, [&bits, &gen]
|
||||
(const mutable_buffer &buf)
|
||||
{
|
||||
return gendh(buf, bits, gen);
|
||||
});
|
||||
}
|
||||
|
||||
ircd::string_view
|
||||
ircd::openssl::gendh(const mutable_buffer &buf,
|
||||
const uint &bits,
|
||||
const uint &gen)
|
||||
{
|
||||
const custom_ptr<DH> dh
|
||||
{
|
||||
DH_new(), DH_free
|
||||
};
|
||||
|
||||
gendh(*dh, bits, gen);
|
||||
return bio::write(buf, [&dh]
|
||||
(BIO *const &bio)
|
||||
{
|
||||
call(::DHparams_print, bio, dh.get());
|
||||
});
|
||||
}
|
||||
|
||||
DH &
|
||||
ircd::openssl::gendh(DH &dh,
|
||||
const uint &bits,
|
||||
const uint &gen)
|
||||
{
|
||||
BN_GENCB gencb{0};
|
||||
void *const arg{nullptr}; // privdata passed to cb
|
||||
BN_GENCB_set(&gencb, &ircd::openssl::genprime_cb, arg);
|
||||
|
||||
call<error, 0>(::DH_generate_parameters_ex, &dh, bits, gen, &gencb);
|
||||
return dh;
|
||||
}
|
||||
|
||||
//
|
||||
// EC
|
||||
//
|
||||
|
|
|
|||
Loading…
Reference in a new issue