diff options
| author | Steven Fackler <[email protected]> | 2015-09-16 01:11:58 -0400 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2015-09-16 01:11:58 -0400 |
| commit | 618b68f9c08de6503945041a85cd8723a634a313 (patch) | |
| tree | 5a27457085f7740c6ea20342a6cf97c316dcf34f | |
| parent | Merge pull request #270 from mvdnes/crypto_segv (diff) | |
| parent | Add DH::from_pem() to load DH parameters from a file (diff) | |
| download | rust-openssl-618b68f9c08de6503945041a85cd8723a634a313.tar.xz rust-openssl-618b68f9c08de6503945041a85cd8723a634a313.zip | |
Merge pull request #262 from jedisct1/read_dhparams
Add DH::from_pem() to load DH parameters from a file
| -rw-r--r-- | openssl-sys/src/lib.rs | 3 | ||||
| -rw-r--r-- | openssl/src/dh/mod.rs | 28 | ||||
| -rw-r--r-- | openssl/test/dhparams.pem | 8 |
3 files changed, 37 insertions, 2 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 9b5fd744..c2c6157c 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -477,7 +477,8 @@ extern "C" { #[cfg_attr(target_os = "nacl", link_name = "HMAC_Update")] pub fn HMAC_Update_shim(ctx: *mut HMAC_CTX, input: *const u8, len: c_uint) -> c_int; - + pub fn PEM_read_bio_DHparams(bio: *mut BIO, out: *mut *mut DH, callback: Option<PasswordCallback>, + user_data: *mut c_void) -> *mut DH; pub fn PEM_read_bio_X509(bio: *mut BIO, out: *mut *mut X509, callback: Option<PasswordCallback>, user_data: *mut c_void) -> *mut X509; pub fn PEM_read_bio_X509_REQ(bio: *mut BIO, out: *mut *mut X509_REQ, callback: Option<PasswordCallback>, diff --git a/openssl/src/dh/mod.rs b/openssl/src/dh/mod.rs index cbf9d3ab..7be5dd04 100644 --- a/openssl/src/dh/mod.rs +++ b/openssl/src/dh/mod.rs @@ -1,5 +1,8 @@ use ffi; -use ssl::error::SslError; +use std::io; +use std::io::prelude::*; +use ssl::error::{SslError, StreamError}; +use bio::MemBio; use bn::BigNum; use std::mem; use std::ptr; @@ -18,6 +21,16 @@ impl DH { Ok(DH(dh)) } + pub fn from_pem<R>(reader: &mut R) -> Result<DH, SslError> where R: Read { + let mut mem_bio = try!(MemBio::new()); + try!(io::copy(reader, &mut mem_bio).map_err(StreamError)); + let dh = unsafe { + ffi::PEM_read_bio_DHparams(mem_bio.get_handle(), ptr::null_mut(), None, ptr::null_mut()) + }; + try_ssl_null!(dh); + Ok(DH(dh)) + } + #[cfg(feature = "rfc5114")] pub fn get_1024_160() -> Result<DH, SslError> { let dh = unsafe { ffi::DH_get_1024_160() }; @@ -68,6 +81,8 @@ impl Drop for DH { #[cfg(test)] mod tests { + use std::fs::File; + use std::path::Path; use super::DH; use bn::BigNum; use ssl::SslContext; @@ -94,4 +109,15 @@ mod tests { let dh = DH::from_params(p, g, q).unwrap(); ctx.set_tmp_dh(dh).unwrap(); } + + #[test] + fn test_dh_from_pem() { + let ctx = SslContext::new(Sslv23).unwrap(); + let pem_path = Path::new("test/dhparams.pem"); + let mut file = File::open(&pem_path) + .ok() + .expect("Failed to open `test/dhparams.pem`"); + let dh = DH::from_pem(&mut file).ok().expect("Failed to load PEM"); + ctx.set_tmp_dh(dh).unwrap(); + } } diff --git a/openssl/test/dhparams.pem b/openssl/test/dhparams.pem new file mode 100644 index 00000000..6e4d4c68 --- /dev/null +++ b/openssl/test/dhparams.pem @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEAh3Betv+hf5jNsOmGXU8oxuABD2B8r0yU8FVgjnCZBSVo61qJ0A2d +J6r8rYKbjtolnrZN/V4IPSzYvxurHbu8nbiFVyhOySPchI2Fu+YT/HsSe/0MH9bW +gJTNzmutWoy9VxtWLCmXnOSZHep3MZ1ZNimno6Kh2qQ7VJr0+KF8GbxUKOPv4SqK +NBwouIQXFc0pE9kGhcGKbr7TnHhyJFCRLNP1OVDQZbcoKjk1Vh+5sy7vM2VUTQmM +yOToT2LEZVAUJXNumcYMki9MIwfYCwYZbNt0ZEolyHzUEesuyHfU1eJd6+sKEjUz +5GteQIR7AehxZIS+cytu7BXO7B0owLJ2awIBAg== +-----END DH PARAMETERS----- |