X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/0fa27fb315db6cb9a2523e630c58f6fac277dd6f..8fb3bdd70f72c67472d3ec32cb825ba00605f630:/dh.c

diff --git a/dh.c b/dh.c
index 68318ce..11f1d35 100644
--- a/dh.c
+++ b/dh.c
@@ -92,7 +92,9 @@ static list_t *dh_apply(closure_t *self, struct cloc loc, dict_t *context,
 {
     struct dh *st;
     string_t p,g;
+    dict_t *dict = 0;
     item_t *i;
+    bool_t check = True;
 
     NEW(st);
     st->cl.description="dh";
@@ -103,40 +105,47 @@ static list_t *dh_apply(closure_t *self, struct cloc loc, dict_t *context,
     st->ops.makepublic=dh_makepublic;
     st->ops.makeshared=dh_makeshared;
     st->loc=loc;
-    /* We have two string arguments: the first is the modulus, and the
-       second is the generator. Both are in hex. */
+
+    /* We either have two string arguments and maybe a boolean, or a
+     * dictionary
+     */
     i=list_elem(args,0);
-    if (i) {
-	if (i->type!=t_string) {
-	    cfgfatal(i->loc,"diffie-hellman","first argument must be a "
-		     "string\n");
-	}
-	p=i->data.string;
-	if (mpz_init_set_str(&st->p,p,16)!=0) {
-	    cfgfatal(i->loc,"diffie-hellman","\"%s\" is not a hex number "
-		     "string\n",p);
-	}
+    if (i && i->type==t_dict) {
+	dict=i->data.dict;
+	p=dict_read_string(dict,"p",True,"diffie-hellman",loc);
+	g=dict_read_string(dict,"g",True,"diffie-hellman",loc);
+	check=dict_read_bool(dict,"check",False,"diffie-hellman",loc,True);
     } else {
-	cfgfatal(loc,"diffie-hellman","you must provide a prime modulus\n");
-    }
-    
-    i=list_elem(args,1);
-    if (i) {
-	if (i->type!=t_string) {
+	if (!i)
+	    cfgfatal(loc,"diffie-hellman","you must provide a prime modulus\n");
+	else if (i->type!=t_string)
+	    cfgfatal(i->loc,"diffie-hellman",
+		     "first argument must be a string or a dictionary\n");
+	p=i->data.string;
+	i=list_elem(args,1);
+	if (!i)
+	    cfgfatal(loc,"diffie-hellman","you must provide a generator\n");
+	else if (i->type!=t_string)
 	    cfgfatal(i->loc,"diffie-hellman","second argument must be a "
 		     "string\n");
-	}
 	g=i->data.string;
-	if (mpz_init_set_str(&st->g,g,16)!=0) {
-	    cfgfatal(i->loc,"diffie-hellman","\"%s\" is not a hex number "
-		     "string\n",g);
+	i=list_elem(args,2);
+	if (i) {
+	    if (i->type!=t_bool)
+		cfgfatal(i->loc,"diffie-hellman",
+			 "third argument must be boolean or omitted\n");
+	    check=i->data.bool;
 	}
-    } else {
-	cfgfatal(loc,"diffie-hellman","you must provide a generator\n");
     }
 
-    i=list_elem(args,2);
-    if (i && i->type==t_bool && i->data.bool==False) {
+    if (mpz_init_set_str(&st->p,p,16)!=0)
+	cfgfatal(loc,"diffie-hellman","\"%s\" is not a hex number "
+		 "string\n",p);
+    if (mpz_init_set_str(&st->g,g,16)!=0)
+	cfgfatal(i->loc,"diffie-hellman","\"%s\" is not a hex number "
+		 "string\n",g);
+
+    if (!check) {
 	Message(M_INFO,"diffie-hellman (%s:%d): skipping modulus "
 		"primality check\n",loc.file,loc.line);
     } else {