Support mbedtls 3.x

1 files changed, 9 insertions, 7 deletions

diff --git a/src/ssl_mbedtls.cc b/src/ssl_mbedtls.cc
index a34067b..50c7975 100644
--- a/src/ssl_mbedtls.cc
+++ b/src/ssl_mbedtls.cc
@@ -4,7 +4,6 @@
 
 #include <cstring>
 #include <mbedtls/asn1write.h>
-#include <mbedtls/certs.h>
 #include <mbedtls/ctr_drbg.h>
 #include <mbedtls/entropy.h>
 #include <mbedtls/error.h>
@@ -108,11 +107,13 @@ public:
     mbedtls_pk_free(&key_);
   }
 
-  bool load(Logger* logger, std::string const& data) {
+  bool load(Logger* logger, std::string const& data, SSLEntropy* entropy) {
     auto ret = mbedtls_pk_parse_key(
         &key_,
         reinterpret_cast<const unsigned char*>(data.c_str()), data.size() + 1,
-        nullptr, 0);
+        nullptr, 0,
+        mbedtls_ctr_drbg_random,
+        static_cast<SSLEntropyImpl*>(entropy)->random());
     if (ret) {
       logerr(logger, ret, "Error parsing key");
       return false;
@@ -394,8 +395,8 @@ private:
 
     mbedtls_ssl_conf_min_version(&conf_,
                                  MBEDTLS_SSL_MAJOR_VERSION_3,
-                                 unsecure() ? MBEDTLS_SSL_MINOR_VERSION_0 :
-                                 MBEDTLS_SSL_MINOR_VERSION_1);
+                                 unsecure() ? MBEDTLS_SSL_MINOR_VERSION_3 :
+                                 MBEDTLS_SSL_MINOR_VERSION_4);
     return true;
   }
 };
@@ -482,9 +483,10 @@ SSLCertStore* SSLCertStore::create(Logger* logger, std::string const& path) {
 }
 
 // static
-SSLKey* SSLKey::load(Logger* logger, std::string const& data) {
+SSLKey* SSLKey::load(Logger* logger, std::string const& data,
+                     SSLEntropy* entropy) {
   std::unique_ptr<SSLKeyImpl> key(new SSLKeyImpl());
-  if (!key->load(logger, data)) return nullptr;
+  if (!key->load(logger, data, entropy)) return nullptr;
   return key.release();
 }