summaryrefslogtreecommitdiff
path: root/src/ssl_mbedtls.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl_mbedtls.cc')
-rw-r--r--src/ssl_mbedtls.cc16
1 files changed, 9 insertions, 7 deletions
diff --git a/src/ssl_mbedtls.cc b/src/ssl_mbedtls.cc
index a34067b..50c7975 100644
--- a/src/ssl_mbedtls.cc
+++ b/src/ssl_mbedtls.cc
@@ -4,7 +4,6 @@
#include <cstring>
#include <mbedtls/asn1write.h>
-#include <mbedtls/certs.h>
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/entropy.h>
#include <mbedtls/error.h>
@@ -108,11 +107,13 @@ public:
mbedtls_pk_free(&key_);
}
- bool load(Logger* logger, std::string const& data) {
+ bool load(Logger* logger, std::string const& data, SSLEntropy* entropy) {
auto ret = mbedtls_pk_parse_key(
&key_,
reinterpret_cast<const unsigned char*>(data.c_str()), data.size() + 1,
- nullptr, 0);
+ nullptr, 0,
+ mbedtls_ctr_drbg_random,
+ static_cast<SSLEntropyImpl*>(entropy)->random());
if (ret) {
logerr(logger, ret, "Error parsing key");
return false;
@@ -394,8 +395,8 @@ private:
mbedtls_ssl_conf_min_version(&conf_,
MBEDTLS_SSL_MAJOR_VERSION_3,
- unsecure() ? MBEDTLS_SSL_MINOR_VERSION_0 :
- MBEDTLS_SSL_MINOR_VERSION_1);
+ unsecure() ? MBEDTLS_SSL_MINOR_VERSION_3 :
+ MBEDTLS_SSL_MINOR_VERSION_4);
return true;
}
};
@@ -482,9 +483,10 @@ SSLCertStore* SSLCertStore::create(Logger* logger, std::string const& path) {
}
// static
-SSLKey* SSLKey::load(Logger* logger, std::string const& data) {
+SSLKey* SSLKey::load(Logger* logger, std::string const& data,
+ SSLEntropy* entropy) {
std::unique_ptr<SSLKeyImpl> key(new SSLKeyImpl());
- if (!key->load(logger, data)) return nullptr;
+ if (!key->load(logger, data, entropy)) return nullptr;
return key.release();
}
generated by cgit v1.2.3-70-g09d2 (git 2.52.0) at 2025-12-06 23:51:36 +0000