[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] [PATCH] Load DH Params from File
From: |
Mr Allwyn Fernandes |
Subject: |
[gnutls-dev] [PATCH] Load DH Params from File |
Date: |
Fri, 12 Oct 2007 17:16:59 +1000 |
User-agent: |
KMail/1.9.7 |
Hi,
(Apologies if anyone gets this multiple times: I've tried sending it several
times, and keep getting bounce messages... I don't see it in any of the
archives so I _suspect_ it hasn't gotten through to anyone, but I'm not
sure.)
I recently added GnuTLS support to an app, and noticed a slight inconsistancy
in the api; one can load certificates, keys and CRLs directly from a file,
but there is no corresponding function which takes a filename and loads the
DH params from the file. I'm using Debian Testing, which has gnutls13-1.7.19,
but I noted that the current online documentation doesn't list a new method
to do this either.
I have created a trivial patch which implements an api
function "gnutls_dh_params_import_pkcs3_file" from a combination
of "gnutls_dh_params_import_pkcs3" and "gnutls_certificate_set_x509_crl_file"
I have generated the patch against Debian's gnutls13-1.7.19 source, but
appears to apply reasonably to the 2.0.1 source... Otherwise, for easy
cut-n-paste, the new method is listed below, along with the corresponding
header entry.
If there are any comments or questions, please feel free to let me know.
Cheers,
Allwyn.
In lib/gnutls_dh_primes.c, under gnutls_dh_params_import_pkcs3:
/**
* gnutls_dh_params_import_pkcs3_file - This function will import DH params
* from a file containing a pkcs3 structure
* @params: A structure where the parameters will be copied to
* @pkcs3_file: should contain a PKCS3 DHParams structure PEM or DER encoded
* @format: the format of params. PEM or DER.
*
* This function will extract the DHParams found in a file containing a PKCS3
* formatted structure. This is the format generated by "openssl dhparam"
tool.
*
* If the structure is PEM encoded, it should have a header
* of "BEGIN DH PARAMETERS".
*
* In case of failure a negative value will be returned, and
* 0 on success.
*
**/
int
gnutls_dh_params_import_pkcs3_file (gnutls_dh_params_t params,
const char * pkcs3_file,
gnutls_x509_crt_fmt_t format)
{
int ret;
size_t size;
char *data = read_binary_file (pkcs3_file, &size);
if (data == NULL)
{
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
ret = gnutls_dh_params_import_pkcs3 (params, data, format);
free (data);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
return ret;
}
In includes/gnutls/gnutls.h.in, under gnutls_dh_params_import_pkcs3:
int gnutls_dh_params_import_pkcs3_file (gnutls_dh_params_t params,
const char * pkcs3_file,
gnutls_x509_crt_fmt_t format);
And something like this for the NEWS file.
** API and ABI modifications:
New API to load Diffie-Hellman parameters from file:
gnutls_dh_params_import_pkcs3_file
gnutls13-1.7.19-dhfile.diff.gz
Description: GNU Zip compressed data
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gnutls-dev] [PATCH] Load DH Params from File,
Mr Allwyn Fernandes <=