X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fserver.c;h=363028f0c0ae7f76b926b328c288513e7fb10c35;hp=fbc778686eda58fb886138b5b9b1ea04b37c1a16;hb=5f045c759957fdff8c85716e6af99e10901fdac0;hpb=3f00688b9d9f483a6ca97e659eea104995ea15b7 diff --git a/tools/server.c b/tools/server.c index fbc7786..363028f 100644 --- a/tools/server.c +++ b/tools/server.c @@ -475,14 +475,17 @@ sp_do_keyx(const br_ssl_server_policy_class **pctx, pc = (policy_context *)pctx; switch (pc->sk->key_type) { + const br_ec_impl *iec; + case BR_KEYTYPE_RSA: return br_rsa_ssl_decrypt( - &br_rsa_i31_private, &pc->sk->key.rsa, - data, *len); + br_rsa_private_get_default(), + &pc->sk->key.rsa, data, *len); case BR_KEYTYPE_EC: - r = br_ec_all_m15.mul(data, *len, pc->sk->key.ec.x, + iec = br_ec_get_default(); + r = iec->mul(data, *len, pc->sk->key.ec.x, pc->sk->key.ec.xlen, pc->sk->key.ec.curve); - xoff = br_ec_all_m15.xoff(pc->sk->key.ec.curve, &xlen); + xoff = iec->xoff(pc->sk->key.ec.curve, &xlen); memmove(data, data + xoff, xlen); *len = xlen; return r; @@ -556,8 +559,8 @@ sp_do_sign(const br_ssl_server_policy_class **pctx, } return 0; } - x = br_rsa_i31_pkcs1_sign(hash_oid, hv, hv_len, - &pc->sk->key.rsa, data); + x = br_rsa_pkcs1_sign_get_default()( + hash_oid, hv, hv_len, &pc->sk->key.rsa, data); if (!x) { if (pc->verbose) { fprintf(stderr, "ERROR: RSA-sign failure\n"); @@ -584,8 +587,8 @@ sp_do_sign(const br_ssl_server_policy_class **pctx, } return 0; } - sig_len = br_ecdsa_i31_sign_asn1(&br_ec_all_m15, - hc, hv, &pc->sk->key.ec, data); + sig_len = br_ecdsa_sign_asn1_get_default()( + br_ec_get_default(), hc, hv, &pc->sk->key.ec, data); if (sig_len == 0) { if (pc->verbose) { fprintf(stderr, "ERROR: ECDSA-sign failure\n"); @@ -956,7 +959,7 @@ do_server(int argc, char *argv[]) break; case BR_KEYTYPE_EC: curve = sk->key.ec.curve; - supp = br_ec_all_m15.supported_curves; + supp = br_ec_get_default()->supported_curves; if (curve > 31 || !((supp >> curve) & 1)) { fprintf(stderr, "ERROR: private key curve (%d)" " is not supported\n", curve); @@ -1046,41 +1049,19 @@ do_server(int argc, char *argv[]) } /* TODO: algorithm implementation selection */ if ((req & REQ_AESCBC) != 0) { - br_ssl_engine_set_aes_cbc(&cc.eng, - &br_aes_ct_cbcenc_vtable, - &br_aes_ct_cbcdec_vtable); - br_ssl_engine_set_cbc(&cc.eng, - &br_sslrec_in_cbc_vtable, - &br_sslrec_out_cbc_vtable); + br_ssl_engine_set_default_aes_cbc(&cc.eng); } if ((req & REQ_AESGCM) != 0) { - br_ssl_engine_set_aes_ctr(&cc.eng, - &br_aes_ct_ctr_vtable); - br_ssl_engine_set_ghash(&cc.eng, - &br_ghash_ctmul); - br_ssl_engine_set_gcm(&cc.eng, - &br_sslrec_in_gcm_vtable, - &br_sslrec_out_gcm_vtable); + br_ssl_engine_set_default_aes_gcm(&cc.eng); } if ((req & REQ_CHAPOL) != 0) { - br_ssl_engine_set_chacha20(&cc.eng, - &br_chacha20_ct_run); - br_ssl_engine_set_poly1305(&cc.eng, - &br_poly1305_ctmul_run); - br_ssl_engine_set_chapol(&cc.eng, - &br_sslrec_in_chapol_vtable, - &br_sslrec_out_chapol_vtable); + br_ssl_engine_set_default_chapol(&cc.eng); } if ((req & REQ_3DESCBC) != 0) { - br_ssl_engine_set_des_cbc(&cc.eng, - &br_des_ct_cbcenc_vtable, - &br_des_ct_cbcdec_vtable); - br_ssl_engine_set_cbc(&cc.eng, - &br_sslrec_in_cbc_vtable, - &br_sslrec_out_cbc_vtable); + br_ssl_engine_set_default_des_cbc(&cc.eng); } if ((req & (REQ_ECDHE_RSA | REQ_ECDHE_ECDSA)) != 0) { - br_ssl_engine_set_ec(&cc.eng, &br_ec_all_m15); + br_ssl_engine_set_default_ec(&cc.eng); } } br_ssl_engine_set_suites(&cc.eng, suite_ids, num_suites); @@ -1153,12 +1134,11 @@ do_server(int argc, char *argv[]) br_x509_minimal_set_hash(&xc, id, hc); } } - br_ssl_engine_set_rsavrfy(&cc.eng, &br_rsa_i31_pkcs1_vrfy); - br_ssl_engine_set_ec(&cc.eng, &br_ec_all_m15); - br_ssl_engine_set_ecdsa(&cc.eng, &br_ecdsa_i31_vrfy_asn1); - br_x509_minimal_set_rsa(&xc, &br_rsa_i31_pkcs1_vrfy); + br_ssl_engine_set_default_rsavrfy(&cc.eng); + br_ssl_engine_set_default_ecdsa(&cc.eng); + br_x509_minimal_set_rsa(&xc, br_rsa_pkcs1_vrfy_get_default()); br_x509_minimal_set_ecdsa(&xc, - &br_ec_all_m15, &br_ecdsa_i31_vrfy_asn1); + br_ec_get_default(), br_ecdsa_vrfy_asn1_get_default()); br_ssl_engine_set_x509(&cc.eng, &xc.vtable); br_ssl_server_set_trust_anchor_names_alt(&cc, &VEC_ELT(anchors, 0), VEC_LEN(anchors));