diff options
author | Bodo Möller <bodo@openssl.org> | 2006-03-30 02:44:56 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2006-03-30 02:44:56 +0000 |
commit | 332737217a9b8eb07d53634ae72b0e2e9ec9b8c6 (patch) | |
tree | 2715bf871acf3b2947c4c71d5f8c337b82b1ec68 /ssl/ssl_asn1.c | |
parent | bcbe37b716780763ee66c839618bd76eda2b507c (diff) |
Implement Supported Elliptic Curves Extension.
Submitted by: Douglas Stebila
Diffstat (limited to 'ssl/ssl_asn1.c')
-rw-r--r-- | ssl/ssl_asn1.c | 38 |
1 files changed, 31 insertions, 7 deletions
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index b9148b23de..dbe8ea8eba 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -108,6 +108,7 @@ typedef struct ssl_session_asn1_st ASN1_OCTET_STRING tlsext_hostname; #ifndef OPENSSL_NO_EC ASN1_OCTET_STRING tlsext_ecpointformatlist; + ASN1_OCTET_STRING tlsext_ellipticcurvelist; #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ #ifndef OPENSSL_NO_PSK @@ -119,7 +120,7 @@ typedef struct ssl_session_asn1_st int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) { #define LSIZE2 (sizeof(long)*2) - int v1=0,v2=0,v3=0,v4=0,v5=0,v6=0,v7=0,v8=0,v9=0; + int v1=0,v2=0,v3=0,v4=0,v5=0,v6=0,v7=0,v8=0,v9=0,v10=0; unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2]; unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2]; long l; @@ -228,6 +229,12 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) a.tlsext_ecpointformatlist.type=V_ASN1_OCTET_STRING; a.tlsext_ecpointformatlist.data=(unsigned char *)in->tlsext_ecpointformatlist; } + if (in->tlsext_ellipticcurvelist) + { + a.tlsext_ellipticcurvelist.length=in->tlsext_ellipticcurvelist_length; + a.tlsext_ellipticcurvelist.type=V_ASN1_OCTET_STRING; + a.tlsext_ellipticcurvelist.data=(unsigned char *)in->tlsext_ellipticcurvelist; + } #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ #ifndef OPENSSL_NO_PSK @@ -272,13 +279,15 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) #ifndef OPENSSL_NO_EC if (in->tlsext_ecpointformatlist) M_ASN1_I2D_len_EXP_opt(&(a.tlsext_ecpointformatlist), i2d_ASN1_OCTET_STRING,7,v7); + if (in->tlsext_ellipticcurvelist) + M_ASN1_I2D_len_EXP_opt(&(a.tlsext_ellipticcurvelist), i2d_ASN1_OCTET_STRING,8,v8); #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ #ifndef OPENSSL_NO_PSK if (in->psk_identity_hint) - M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,8,v8); + M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,9,v9); if (in->psk_identity) - M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,9,v9); + M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,10,v10); #endif /* OPENSSL_NO_PSK */ M_ASN1_I2D_seq_total(); @@ -310,13 +319,15 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) #ifndef OPENSSL_NO_EC if (in->tlsext_ecpointformatlist) M_ASN1_I2D_put_EXP_opt(&(a.tlsext_ecpointformatlist), i2d_ASN1_OCTET_STRING,7,v7); + if (in->tlsext_ellipticcurvelist) + M_ASN1_I2D_put_EXP_opt(&(a.tlsext_ellipticcurvelist), i2d_ASN1_OCTET_STRING,8,v8); #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ #ifndef OPENSSL_NO_PSK if (in->psk_identity_hint) - M_ASN1_I2D_put_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,8,v8); + M_ASN1_I2D_put_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,9,v9); if (in->psk_identity) - M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,9,v9); + M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,10,v10); #endif /* OPENSSL_NO_PSK */ M_ASN1_I2D_finish(); } @@ -517,13 +528,26 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, else ret->tlsext_ecpointformatlist_length=0; ret->tlsext_ecpointformatlist=NULL; + os.length=0; + M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,8); + if (os.data) + { + ret->tlsext_ellipticcurvelist_length=os.length; + memcpy(ret->tlsext_ellipticcurvelist,os.data,ret->tlsext_ellipticcurvelist_length); + OPENSSL_free(os.data); + os.data = NULL; + os.length = 0; + } + else + ret->tlsext_ellipticcurvelist_length=0; + ret->tlsext_ellipticcurvelist=NULL; #endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_TLSEXT */ #ifndef OPENSSL_NO_PSK os.length=0; os.data=NULL; - M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,8); + M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,9); if (os.data) { ret->psk_identity_hint = BUF_strndup((char *)os.data, os.length); @@ -536,7 +560,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, os.length=0; os.data=NULL; - M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,9); + M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,10); if (os.data) { ret->psk_identity = BUF_strndup((char *)os.data, os.length); |