diff options
author | Tobias Markmann <tm@ayena.de> | 2018-03-09 15:40:22 (GMT) |
---|---|---|
committer | Tobias Markmann <tm@ayena.de> | 2018-03-12 09:43:10 (GMT) |
commit | 863c72980c9c25c81ef8864b310e1fd9cb9a57df (patch) | |
tree | caf4a4cdd801f4a8d39062757f6985292884a376 /Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp | |
parent | ff600776577ce4e3bbf9aa66f5980bc9cf1042a0 (diff) | |
download | swift-863c72980c9c25c81ef8864b310e1fd9cb9a57df.zip swift-863c72980c9c25c81ef8864b310e1fd9cb9a57df.tar.bz2 |
Ability to set Diffie-Hellman parameters for OpenSSLContext
Test-Information:
Unit tests pass on macOS 10.13.3 with ASAN and Clang 7.0.
Change-Id: Ifc2bf2c1b63fca7f3ee43ef61c79a96b8e5ced5f
Diffstat (limited to 'Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp')
-rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp index af0966e..9d0ad72 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContextFactory.cpp @@ -6,9 +6,15 @@ #include <Swiften/TLS/OpenSSL/OpenSSLContextFactory.h> +#include <openssl/bio.h> +#include <openssl/dh.h> +#include <openssl/pem.h> + #include <Swiften/Base/Log.h> #include <Swiften/TLS/OpenSSL/OpenSSLContext.h> +#pragma clang diagnostic ignored "-Wshorten-64-to-32" + namespace Swift { bool OpenSSLContextFactory::canCreate() const { @@ -19,6 +25,26 @@ TLSContext* OpenSSLContextFactory::createTLSContext(const TLSOptions&, TLSContex return new OpenSSLContext(mode); } +ByteArray OpenSSLContextFactory::convertDHParametersFromPEMToDER(const std::string& dhParametersInPEM) { + ByteArray dhParametersInDER; + + auto bio = std::unique_ptr<BIO, decltype(&BIO_free)>(BIO_new(BIO_s_mem()), BIO_free); + if (bio) { + BIO_write(bio.get(), dhParametersInPEM.data(), dhParametersInPEM.size()); + if (auto params = PEM_read_bio_DHparams(bio.get(), nullptr, nullptr, nullptr)) { + unsigned char* buffer = nullptr; + auto len = i2d_DHparams(params, &buffer); + if (len > 0) { + dhParametersInDER = createByteArray(buffer, static_cast<size_t>(len)); + free(buffer); + } + DH_free(params); + + } + } + return dhParametersInDER; +} + void OpenSSLContextFactory::setCheckCertificateRevocation(bool check) { if (check) { SWIFT_LOG(warning) << "CRL Checking not supported for OpenSSL" << std::endl; |