FIPS mode EVP changes:

[openssl.git] / demos / tunala / cb.c

diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c
index ac7122da4f9803ecebd328bf0be95f2b6a7a21c4..f6e452ae93579767944e8aba728c1a0efe0c4362 100644 (file)
--- a/demos/tunala/cb.c
+++ b/demos/tunala/cb.c
@@ -17,9 +17,9 @@ static int int_verify_depth = 10;
 
 /* This function is largely borrowed from the one used in OpenSSL's "s_client"
  * and "s_server" utilities. */
-void cb_ssl_info(SSL *s, int where, int ret)
+void cb_ssl_info(const SSL *s, int where, int ret)
 {
-       char *str1, *str2;
+       const char *str1, *str2;
        int w;
 
        if(!fp_cb_ssl_info)
@@ -129,5 +129,34 @@ void cb_ssl_verify_set_level(unsigned int level)
                cb_ssl_verify_level = level;
 }
 
+RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength)
+{
+       /* TODO: Perhaps make it so our global key can be generated on-the-fly
+        * after certain intervals? */
+       static RSA *rsa_tmp = NULL;
+       BIGNUM *bn = NULL;
+       int ok = 1;
+       if(!rsa_tmp) {
+               ok = 0;
+               if(!(bn = BN_new()))
+                       goto end;
+               if(!BN_set_word(bn, RSA_F4))
+                       goto end;
+               if(!(rsa_tmp = RSA_new()))
+                       goto end;
+               if(!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
+                       goto end;
+               ok = 1;
+       }
+end:
+       if(bn)
+               BN_free(bn);
+       if(!ok) {
+               RSA_free(rsa_tmp);
+               rsa_tmp = NULL;
+       }
+       return rsa_tmp;
+}
+
 #endif /* !defined(NO_OPENSSL) */