正在显示
1 个修改的文件
包含
14 行增加
和
7 行删除
| @@ -145,6 +145,9 @@ namespace _srs_internal | @@ -145,6 +145,9 @@ namespace _srs_internal | ||
| 145 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ | 145 | "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ |
| 146 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ | 146 | "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ |
| 147 | "FFFFFFFFFFFFFFFF" | 147 | "FFFFFFFFFFFFFFFF" |
| 148 | + /** | ||
| 149 | + * initialize DH, create the public/private key. | ||
| 150 | + */ | ||
| 148 | int __openssl_initialize_dh(DH* pdh, int32_t bits_count) | 151 | int __openssl_initialize_dh(DH* pdh, int32_t bits_count) |
| 149 | { | 152 | { |
| 150 | int ret = ERROR_SUCCESS; | 153 | int ret = ERROR_SUCCESS; |
| @@ -180,6 +183,9 @@ namespace _srs_internal | @@ -180,6 +183,9 @@ namespace _srs_internal | ||
| 180 | 183 | ||
| 181 | return ret; | 184 | return ret; |
| 182 | } | 185 | } |
| 186 | + /** | ||
| 187 | + * create DH and copy the 128bytes public key. | ||
| 188 | + */ | ||
| 183 | int __openssl_copy_key(DH* pdh, char* public_key, int32_t size) | 189 | int __openssl_copy_key(DH* pdh, char* public_key, int32_t size) |
| 184 | { | 190 | { |
| 185 | int ret = ERROR_SUCCESS; | 191 | int ret = ERROR_SUCCESS; |
| @@ -202,20 +208,21 @@ namespace _srs_internal | @@ -202,20 +208,21 @@ namespace _srs_internal | ||
| 202 | 208 | ||
| 203 | return ret; | 209 | return ret; |
| 204 | } | 210 | } |
| 205 | - int __openssl_compute_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* secret) | 211 | + /** |
| 212 | + * create DH and copy the 128bytes public key, | ||
| 213 | + * generate and copy the shared key. | ||
| 214 | + */ | ||
| 215 | + int __openssl_compute_key(DH* pdh, const char* peer_pub_key, int ppk_size, char* public_key, char* shared_key) | ||
| 206 | { | 216 | { |
| 207 | int ret = ERROR_SUCCESS; | 217 | int ret = ERROR_SUCCESS; |
| 208 | 218 | ||
| 209 | int32_t bits_count = 1024; | 219 | int32_t bits_count = 1024; |
| 210 | 220 | ||
| 211 | - // 2. generate the g, p, private/public key. | ||
| 212 | - if ((ret = __openssl_initialize_dh(pdh, bits_count)) != ERROR_SUCCESS) { | 221 | + // create DH and copy the 128bytes public key |
| 222 | + if ((ret = __openssl_copy_key(pdh, public_key, ppk_size)) != ERROR_SUCCESS) { | ||
| 213 | return ret; | 223 | return ret; |
| 214 | } | 224 | } |
| 215 | 225 | ||
| 216 | - // copy public key to bytes. | ||
| 217 | - srs_assert(BN_num_bytes(pdh->pub_key) == ppk_size); | ||
| 218 | - | ||
| 219 | BIGNUM* ppk = NULL; | 226 | BIGNUM* ppk = NULL; |
| 220 | if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) { | 227 | if ((ppk = BN_bin2bn((const unsigned char*)peer_pub_key, ppk_size, 0)) == NULL) { |
| 221 | ret = ERROR_OpenSslGetPeerPublicKey; | 228 | ret = ERROR_OpenSslGetPeerPublicKey; |
| @@ -223,7 +230,7 @@ namespace _srs_internal | @@ -223,7 +230,7 @@ namespace _srs_internal | ||
| 223 | } | 230 | } |
| 224 | 231 | ||
| 225 | // if failed, donot return, do cleanup. | 232 | // if failed, donot return, do cleanup. |
| 226 | - if (DH_compute_key((unsigned char*)secret, ppk, pdh) < 0) { | 233 | + if (DH_compute_key((unsigned char*)shared_key, ppk, pdh) < 0) { |
| 227 | ret = ERROR_OpenSslComputeSharedKey; | 234 | ret = ERROR_OpenSslComputeSharedKey; |
| 228 | } | 235 | } |
| 229 | 236 |
-
请 注册 或 登录 后发表评论