openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Add SRP support.

This commit is contained in:
Ben Laurie 2011-03-12 17:01:19 +00:00
parent 0c4e67102e
commit edc032b5e3
57 changed files with 5105 additions and 602 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Configure
View File

@ -1015,6 +1015,12 @@ if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
$disabled{"gost"} = "forced";
}
# SRP requires TLSEXT
if (defined($disabled{"tlsext"}))
{
$disabled{"srp"} = "forced";
}
if ($target eq "TABLE") {
foreach $target (sort keys %table) {
print_table_entry($target);

2
Makefile.org
View File

@ -148,7 +148,7 @@ SDIRS= \
bn ec rsa dsa ecdsa dh ecdh dso engine \
buffer bio stack lhash rand err \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
cms pqueue ts jpake store cmac
cms pqueue ts jpake srp store cmac
# keep in mind that the above list is adjusted by ./Configure
# according to no-xxx arguments...

270
apps/Makefile
View File

@ -39,7 +39,7 @@ E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
ca crl rsa rsautl dsa dsaparam ec ecparam \
x509 genrsa gendsa genpkey s_server s_client speed \
s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts
pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
PROGS= $(PROGRAM).c
@ -56,7 +56,7 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er
x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o
spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o
E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
pkcs7.c crl2p7.c crl.c \
@ -64,7 +64,7 @@ E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.
x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c
spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c
SRC=$(E_SRC)
@ -334,19 +334,20 @@ dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c
dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
dsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
dsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
dsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
dsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dsa.c
dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
dsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
dsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
dsa.o: ../include/openssl/engine.h ../include/openssl/err.h
dsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
dsa.o: ../include/openssl/x509v3.h apps.h dsa.c
dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@ -359,13 +360,11 @@ dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h
dsaparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
dsaparam.o: dsaparam.c
dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c
ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h
ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@ -458,39 +457,37 @@ errstr.o: errstr.c
gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h
gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
gendh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
gendh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
gendh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
gendh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
gendh.o: ../include/openssl/rand.h ../include/openssl/safestack.h
gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h
gendh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
gendh.o: gendh.c
gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
gendh.o: ../include/openssl/x509v3.h apps.h gendh.c
gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
gendsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
gendsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
gendsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
gendsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
gendsa.o: gendsa.c
gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
gendsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
gendsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
gendsa.o: ../include/openssl/engine.h ../include/openssl/err.h
gendsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c
genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@ -510,7 +507,6 @@ genpkey.o: genpkey.c
genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
@ -523,9 +519,8 @@ genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
genrsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
genrsa.o: genrsa.c
genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c
nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h
nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@ -738,11 +733,10 @@ req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
req.o: ../include/openssl/sha.h ../include/openssl/stack.h
req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
req.o: ../include/openssl/ui.h ../include/openssl/x509.h
req.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
req.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
@ -761,21 +755,22 @@ rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c
rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
rsautl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
rsautl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h
rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
rsautl.o: ../include/openssl/x509v3.h apps.h rsautl.c
rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
rsautl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
rsautl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h
rsautl.o: ../include/openssl/evp.h ../include/openssl/lhash.h
rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
rsautl.o: rsautl.c
s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s_cb.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@ -812,37 +807,36 @@ s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s_client.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_client.o: ../include/openssl/rand.h ../include/openssl/safestack.h
s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
s_client.o: s_apps.h s_client.c timeouts.h
s_client.o: ../include/openssl/sha.h ../include/openssl/srp.h
s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s_client.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_client.o: ../include/openssl/x509v3.h apps.h s_apps.h s_client.c timeouts.h
s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
s_server.o: ../include/openssl/crypto.h ../include/openssl/dh.h
s_server.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
s_server.o: ../include/openssl/engine.h ../include/openssl/err.h
s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
s_server.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
s_server.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
s_server.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
s_server.o: ../include/openssl/err.h ../include/openssl/evp.h
s_server.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
s_server.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s_server.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s_server.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
s_server.o: ../include/openssl/sha.h ../include/openssl/srp.h
s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h
s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
s_server.o: s_apps.h s_server.c timeouts.h
s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
s_server.o: ../include/openssl/x509v3.h apps.h s_apps.h s_server.c timeouts.h
s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h
s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@ -927,26 +921,27 @@ speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
speed.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
speed.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
speed.o: ../include/openssl/err.h ../include/openssl/evp.h
speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h
speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h
speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
speed.o: ../include/openssl/seed.h ../include/openssl/sha.h
speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h
speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h
speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h
speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
speed.o: ../include/openssl/engine.h ../include/openssl/err.h
speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
speed.o: ../include/openssl/md4.h ../include/openssl/md5.h
speed.o: ../include/openssl/mdc2.h ../include/openssl/modes.h
speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
speed.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
speed.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
speed.o: ../include/openssl/safestack.h ../include/openssl/seed.h
speed.o: ../include/openssl/sha.h ../include/openssl/stack.h
speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
speed.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
speed.o: ../include/openssl/whrlpool.h ../include/openssl/x509.h
speed.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
speed.o: speed.c testdsa.h testrsa.h
spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@ -963,6 +958,21 @@ spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
spkac.o: spkac.c
srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
srp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
srp.o: ../include/openssl/engine.h ../include/openssl/err.h
srp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
srp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
srp.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
srp.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
srp.o: ../include/openssl/sha.h ../include/openssl/srp.h
srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
srp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
srp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h srp.c
ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h
@ -1018,17 +1028,17 @@ version.o: ../include/openssl/x509v3.h apps.h version.c
x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
x509.o: ../include/openssl/err.h ../include/openssl/evp.h
x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
x509.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
x509.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
x509.o: ../include/openssl/x509v3.h apps.h x509.c
x509.o: ../include/openssl/dh.h ../include/openssl/dsa.h
x509.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
x509.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
x509.o: ../include/openssl/engine.h ../include/openssl/err.h
x509.o: ../include/openssl/evp.h ../include/openssl/lhash.h
x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c

4
apps/progs.h
View File

@ -44,6 +44,7 @@ extern int smime_main(int argc,char *argv[]);
extern int rand_main(int argc,char *argv[]);
extern int engine_main(int argc,char *argv[]);
extern int ocsp_main(int argc,char *argv[]);
extern int srp_main(int argc,char *argv[]);
extern int prime_main(int argc,char *argv[]);
extern int ts_main(int argc,char *argv[]);
@ -144,6 +145,9 @@ FUNCTION functions[] = {
#endif
#ifndef OPENSSL_NO_OCSP
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
#endif
#ifndef OPENSSL_NO_SRP
{FUNC_TYPE_GENERAL,"srp",srp_main},
#endif
{FUNC_TYPE_GENERAL,"prime",prime_main},
{FUNC_TYPE_GENERAL,"ts",ts_main},

180
apps/s_client.c
View File

@ -163,6 +163,9 @@ typedef unsigned int u_int;
#include <openssl/rand.h>
#include <openssl/ocsp.h>
#include <openssl/bn.h>
#ifndef OPENSSL_NO_SRP
#include <openssl/srp.h>
#endif
#include "s_apps.h"
#include "timeouts.h"
@ -315,6 +318,13 @@ static void sc_usage(void)
# ifndef OPENSSL_NO_JPAKE
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
#ifndef OPENSSL_NO_SRP
BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n");
BIO_printf(bio_err," -srppass arg - password for 'user'\n");
BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n");
BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n");
BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
#endif
BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
@ -371,6 +381,112 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
return SSL_TLSEXT_ERR_OK;
}
#ifndef OPENSSL_NO_SRP
/* This is a context that we pass to all callbacks */
typedef struct srp_arg_st
{
char *srppassin;
char *srplogin;
int msg; /* copy from c_msg */
int debug; /* copy from c_debug */
int amp; /* allow more groups */
int strength /* minimal size for N */ ;
} SRP_ARG;
#define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
static int SRP_Verify_N_and_g(const BIGNUM *N, const BIGNUM *g)
{
BN_CTX *bn_ctx = BN_CTX_new();
BIGNUM *p = BN_new();
BIGNUM *r = BN_new();
int ret =
g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
BN_is_prime(N,SRP_NUMBER_ITERATIONS_FOR_PRIME,NULL,bn_ctx,NULL) &&
p != NULL && BN_rshift1(p, N) &&
/* p = (N-1)/2 */
BN_is_prime(p,SRP_NUMBER_ITERATIONS_FOR_PRIME,NULL,bn_ctx,NULL) &&
r != NULL &&
/* verify g^((N-1)/2) == -1 (mod N) */
BN_mod_exp(r, g, p, N, bn_ctx) &&
BN_add_word(r, 1) &&
BN_cmp(r, N) == 0;
if(r)
BN_free(r);
if(p)
BN_free(p);
if(bn_ctx)
BN_CTX_free(bn_ctx);
return ret;
}
static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
{
SRP_ARG *srp_arg = (SRP_ARG *)arg;
BIGNUM *N = NULL, *g = NULL;
if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
return 0;
if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1)
{
BIO_printf(bio_err, "SRP parameters:\n");
BIO_printf(bio_err,"\tN="); BN_print(bio_err,N);
BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g);
BIO_printf(bio_err,"\n");
}
if (SRP_check_known_gN_param(g,N))
return 1;
if (srp_arg->amp == 1)
{
if (srp_arg->debug)
BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n");
/* The srp_moregroups must be used with caution, testing primes costs time.
Implementors should rather add the value to the known ones.
The minimal size has already been tested.
*/
if (BN_num_bits(g) <= BN_BITS && SRP_Verify_N_and_g(N,g))
return 1;
}
BIO_printf(bio_err, "SRP param N and g rejected.\n");
return 0;
}
#define PWD_STRLEN 1024
static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
{
SRP_ARG *srp_arg = (SRP_ARG *)arg;
char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1);
PW_CB_DATA cb_tmp;
int l;
cb_tmp.password = (char *)srp_arg->srppassin;
cb_tmp.prompt_info = "SRP user";
if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0)
{
BIO_printf (bio_err, "Can't read Password\n");
OPENSSL_free(pass);
return NULL;
}
*(pass+l)= '\0';
return pass;
}
static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg)
{
SRP_ARG *srp_arg = (SRP_ARG *)arg;
return BUF_strdup(srp_arg->srplogin);
}
#endif
# ifndef OPENSSL_NO_NEXTPROTONEG
/* This the context that we pass to next_proto_cb */
typedef struct tlsextnextprotoctx_st {
@ -480,6 +596,11 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif
#ifndef OPENSSL_NO_SRP
char * srppass = NULL;
int srp_lateuser = 0;
SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
@ -629,6 +750,37 @@ int MAIN(int argc, char **argv)
}
}
#endif
#ifndef OPENSSL_NO_SRP
else if (strcmp(*argv,"-srpuser") == 0)
{
if (--argc < 1) goto bad;
srp_arg.srplogin= *(++argv);
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srppass") == 0)
{
if (--argc < 1) goto bad;
srppass= *(++argv);
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srp_strength") == 0)
{
if (--argc < 1) goto bad;
srp_arg.strength=atoi(*(++argv));
BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength);
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srp_lateuser") == 0)
{
srp_lateuser= 1;
meth=TLSv1_client_method();
}
else if (strcmp(*argv,"-srp_moregroups") == 0)
{
srp_arg.amp=1;
meth=TLSv1_client_method();
}
#endif
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv,"-ssl2") == 0)
meth=SSLv2_client_method();
@ -902,6 +1054,14 @@ bad:
}
}
#ifndef OPENSSL_NO_SRP
if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL))
{
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
#endif
ctx=SSL_CTX_new(meth);
if (ctx == NULL)
{
@ -986,6 +1146,26 @@ bad:
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
#ifndef OPENSSL_NO_SRP
if (srp_arg.srplogin)
{
if (srp_lateuser)
SSL_CTX_set_srp_missing_srp_username_callback(ctx,missing_srp_username_callback);
else if (!SSL_CTX_set_srp_username(ctx, srp_arg.srplogin))
{
BIO_printf(bio_err,"Unable to set SRP username\n");
goto end;
}
srp_arg.msg = c_msg;
srp_arg.debug = c_debug ;
SSL_CTX_set_srp_cb_arg(ctx,&srp_arg);
SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
if (c_msg || c_debug || srp_arg.amp == 0)
SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb);
}
#endif
#endif
con=SSL_new(ctx);

81
apps/s_server.c
View File

@ -186,6 +186,9 @@ typedef unsigned int u_int;
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_SRP
#include <openssl/srp.h>
#endif
#include "s_apps.h"
#include "timeouts.h"
@ -373,6 +376,40 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
}
#endif
#ifndef OPENSSL_NO_SRP
/* This is a context that we pass to callbacks */
typedef struct srpsrvparm_st
{
int verbose;
char *login;
SRP_VBASE *vb;
} srpsrvparm;
static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
{
srpsrvparm *p = arg;
SRP_user_pwd *user;
p->login = BUF_strdup(SSL_get_srp_username(s));
BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
user = SRP_VBASE_get_by_user(p->vb, p->login);
if (user == NULL)
{
BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
return SSL3_AL_FATAL;
}
if (SSL_set_srp_server_param(s, user->N, user->g, user->s, user->v,
user->info) < 0)
{
*ad = SSL_AD_INTERNAL_ERROR;
return SSL3_AL_FATAL;
}
return SSL_ERROR_NONE;
}
#endif
#ifdef MONOLITH
static void s_server_init(void)
{
@ -459,6 +496,10 @@ static void sv_usage(void)
# ifndef OPENSSL_NO_JPAKE
BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
# endif
#endif
#ifndef OPENSSL_NO_SRP
BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n");
BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
#endif
BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
@ -910,12 +951,21 @@ int MAIN(int argc, char *argv[])
/* by default do not send a PSK identity hint */
static char *psk_identity_hint=NULL;
#endif
#ifndef OPENSSL_NO_SRP
char *srpuserseed = NULL;
char *srp_verifier_file = NULL;
srpsrvparm p;
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_server_method();
#elif !defined(OPENSSL_NO_SSL3)
meth=SSLv3_server_method();
#elif !defined(OPENSSL_NO_SSL2)
meth=SSLv2_server_method();
#elif !defined(OPENSSL_NO_TLS1)
meth=TLSv1_server_method();
#else
/* #error no SSL version enabled */
#endif
local_argc=argc;
@ -1151,6 +1201,20 @@ int MAIN(int argc, char *argv[])
goto bad;
}
}
#endif
#ifndef OPENSSL_NO_SRP
else if (strcmp(*argv, "-srpvfile") == 0)
{
if (--argc < 1) goto bad;
srp_verifier_file = *(++argv);
meth = TLSv1_server_method();
}
else if (strcmp(*argv, "-srpuserseed") == 0)
{
if (--argc < 1) goto bad;
srpuserseed = *(++argv);
meth = TLSv1_server_method();
}
#endif
else if (strcmp(*argv,"-www") == 0)
{ www=1; }
@ -1771,6 +1835,23 @@ bad:
}
#endif
#ifndef OPENSSL_NO_SRP
if (srp_verifier_file != NULL)
{
p.vb = SRP_VBASE_new(srpuserseed);
if ((ret = SRP_VBASE_init(p.vb, srp_verifier_file)) != SRP_NO_ERROR)
{
BIO_printf(bio_err,
"Cannot initialize SRP verifier file \"%s\":ret=%d\n",
srp_verifier_file,ret);
goto end;
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback);
SSL_CTX_set_srp_cb_arg(ctx, &p);
SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
}
else
#endif
if (CAfile != NULL)
{
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));

763
apps/srp.c Normal file
View File

@ -0,0 +1,763 @@
/* apps/srp.c */
/* Written by Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_SRP
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/conf.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/txt_db.h>
#include <openssl/buffer.h>
#include <openssl/srp.h>
#include "apps.h"
#undef PROG
#define PROG srp_main
#define BASE_SECTION "srp"
#define CONFIG_FILE "openssl.cnf"
#define ENV_RANDFILE "RANDFILE"
#define ENV_DATABASE "srpvfile"
#define ENV_DEFAULT_SRP "default_srp"
static char *srp_usage[]={
"usage: srp [args] [user] \n",
"\n",
" -verbose Talk alot while doing things\n",
" -config file A config file\n",
" -name arg The particular srp definition to use\n",
" -srpvfile arg The srp verifier file name\n",
" -add add an user and srp verifier\n",
" -modify modify the srp verifier of an existing user\n",
" -delete delete user from verifier file\n",
" -list list user\n",
" -gn arg g and N values to be used for new verifier\n",
" -userinfo arg additional info to be set for user\n",
" -passin arg input file pass phrase source\n",
" -passout arg output file pass phrase source\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
#endif
NULL
};
#ifdef EFENCE
extern int EF_PROTECT_FREE;
extern int EF_PROTECT_BELOW;
extern int EF_ALIGNMENT;
#endif
static CONF *conf=NULL;
static char *section=NULL;
#define VERBOSE if (verbose)
#define VVERBOSE if (verbose>1)
int MAIN(int, char **);
static int get_index(CA_DB *db, char* id, char type)
{
char ** pp;
int i;
if (id == NULL) return -1;
if (type == DB_SRP_INDEX)
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i;
}
else for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i;
}
return -1 ;
}
static void print_entry(CA_DB *db, BIO * bio, int index, int verbose, char * s)
{
if (index >= 0 && verbose)
{
int j;
char **pp=sk_OPENSSL_PSTRING_value(db->db->data,index);
BIO_printf(bio,"%s \"%s\"\n",s,pp[DB_srpid]);
for (j = 0; j < DB_NUMBER; j++)
{
BIO_printf(bio_err," %d = \"%s\"\n",j,pp[j]);
}
}
}
static void print_index(CA_DB *db, BIO * bio, int indexindex, int verbose)
{
print_entry(db,bio,indexindex, verbose, "g N entry") ;
}
static void print_user(CA_DB *db, BIO * bio, int userindex, int verbose)
{
if (verbose > 0)
{
char **pp= sk_OPENSSL_PSTRING_value(db->db->data,userindex);
if (pp[DB_srptype][0] != 'I')
{
print_entry(db,bio,userindex, verbose, "User entry");
print_entry(db,bio,get_index(db, pp[DB_srpgN],'I'),verbose,"g N entry") ;
}
}
}
static int update_index(CA_DB *db, BIO * bio, char ** row)
{
char ** irow;
int i;
if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
return 0;
}
for (i=0; i<DB_NUMBER; i++)
{
irow[i]=row[i];
row[i]=NULL;
}
irow[DB_NUMBER]=NULL;
if (!TXT_DB_insert(db->db,irow))
{
BIO_printf(bio,"failed to update srpvfile\n");
BIO_printf(bio,"TXT_DB error number %ld\n",db->db->error);
OPENSSL_free(irow);
return 0;
}
return 1;
}
static void lookup_fail(const char *name, const char *tag)
{
BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
}
static char *srp_verify_user(const char *user, const char *srp_verifier,
char *srp_usersalt, const char *g,
const char * N, const char *passin, BIO *bio,
int verbose)
{
char password[1024];
PW_CB_DATA cb_tmp;
char *verifier = NULL;
char *gNid = NULL;
cb_tmp.prompt_info = user;
cb_tmp.password = passin;
if (password_callback(password, 1024, 0, &cb_tmp) >0)
{
VERBOSE BIO_printf(bio,"Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,srp_verifier,srp_usersalt,g,N);
BIO_printf(bio,"Pass %s\n",password);
OPENSSL_assert(srp_usersalt != NULL);
if (!(gNid=SRP_create_verifier(user, password, &srp_usersalt, &verifier,
N, g)))
{
BIO_printf(bio,"Internal error validating SRP verifier\n");
}
else
{
if (strcmp(verifier, srp_verifier))
gNid = NULL;
OPENSSL_free(verifier);
}
}
return gNid;
}
static char *srp_create_user(char * user, char **srp_verifier,
char **srp_usersalt,char *g, char *N,
char *passout, BIO *bio, int verbose)
{
char password[1024];
PW_CB_DATA cb_tmp;
char *gNid = NULL;
char *salt = NULL;
cb_tmp.prompt_info = user;
cb_tmp.password = passout;
if (password_callback(password,1024,1,&cb_tmp) >0)
{
VERBOSE BIO_printf(bio,"Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,g,N);
if (!(gNid =SRP_create_verifier(user, password, &salt, srp_verifier, N, g)))
{
BIO_printf(bio,"Internal error creating SRP verifier\n");
}
else
*srp_usersalt = salt;
VVERBOSE BIO_printf(bio,"gNid=%s salt =\"%s\"\n verifier =\"%s\"\n", gNid,salt, *srp_verifier);
}
return gNid;
}
int MAIN(int argc, char **argv)
{
int add_user = 0;
int list_user= 0;
int delete_user= 0;
int modify_user= 0;
char * user = NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
char * gN = NULL;
int gNindex = -1;
char ** gNrow = NULL;
int maxgN = -1;
char * userinfo = NULL;
int badops=0;
int ret=1;
int errors=0;
int verbose=0;
int doupdatedb=0;
char *configfile=NULL;
char *dbfile=NULL;
CA_DB *db=NULL;
char **pp ;
int i;
long errorline = -1;
char *randfile=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *tofree=NULL;
DB_ATTR db_attr;
#ifdef EFENCE
EF_PROTECT_FREE=1;
EF_PROTECT_BELOW=1;
EF_ALIGNMENT=0;
#endif
apps_startup();
conf = NULL;
section = NULL;
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
argc--;
argv++;
while (argc >= 1 && badops == 0)
{
if (strcmp(*argv,"-verbose") == 0)
verbose++;
else if (strcmp(*argv,"-config") == 0)
{
if (--argc < 1) goto bad;
configfile= *(++argv);
}
else if (strcmp(*argv,"-name") == 0)
{
if (--argc < 1) goto bad;
section= *(++argv);
}
else if (strcmp(*argv,"-srpvfile") == 0)
{
if (--argc < 1) goto bad;
dbfile= *(++argv);
}
else if (strcmp(*argv,"-add") == 0)
add_user=1;
else if (strcmp(*argv,"-delete") == 0)
delete_user=1;
else if (strcmp(*argv,"-modify") == 0)
modify_user=1;
else if (strcmp(*argv,"-list") == 0)
list_user=1;
else if (strcmp(*argv,"-gn") == 0)
{
if (--argc < 1) goto bad;
gN= *(++argv);
}
else if (strcmp(*argv,"-userinfo") == 0)
{
if (--argc < 1) goto bad;
userinfo= *(++argv);
}
else if (strcmp(*argv,"-passin") == 0)
{
if (--argc < 1) goto bad;
passargin= *(++argv);
}
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (**argv == '-')
{
bad:
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
break;
}
else
break;
argc--;
argv++;
}
if (dbfile && configfile)
{
BIO_printf(bio_err,"-dbfile and -configfile cannot be specified together.\n");
badops = 1;
}
if (add_user+delete_user+modify_user+list_user != 1)
{
BIO_printf(bio_err,"Exactly one of the options -add, -delete, -modify -list must be specified.\n");
badops = 1;
}
if (delete_user+modify_user+delete_user== 1 && argc <= 0)
{
BIO_printf(bio_err,"Need at least one user for options -add, -delete, -modify. \n");
badops = 1;
}
if ((passin || passout) && argc != 1 )
{
BIO_printf(bio_err,"-passin, -passout arguments only valid with one user.\n");
badops = 1;
}
if (badops)
{
for (pp=srp_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
goto err;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
{
BIO_printf(bio_err, "Error getting passwords\n");
goto err;
}
if (!dbfile)
{
/*****************************************************************/
tofree=NULL;
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
if (configfile == NULL)
{
const char *s=X509_get_default_cert_area();
size_t len;
#ifdef OPENSSL_SYS_VMS
len = strlen(s)+sizeof(CONFIG_FILE);
tofree=OPENSSL_malloc(len);
strcpy(tofree,s);
#else
len = strlen(s)+sizeof(CONFIG_FILE)+1;
tofree=OPENSSL_malloc(len);
BUF_strlcpy(tofree,s,len);
BUF_strlcat(tofree,"/",len);
#endif
BUF_strlcat(tofree,CONFIG_FILE,len);
configfile=tofree;
}
VERBOSE BIO_printf(bio_err,"Using configuration from %s\n",configfile);
conf = NCONF_new(NULL);
if (NCONF_load(conf,configfile,&errorline) <= 0)
{
if (errorline <= 0)
BIO_printf(bio_err,"error loading the config file '%s'\n",
configfile);
else
BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
,errorline,configfile);
goto err;
}
if(tofree)
{
OPENSSL_free(tofree);
tofree = NULL;
}
if (!load_config(bio_err, conf))
goto err;
/* Lets get the config section we are using */
if (section == NULL)
{
VERBOSE BIO_printf(bio_err,"trying to read " ENV_DEFAULT_SRP " in \" BASE_SECTION \"\n");
section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_SRP);
if (section == NULL)
{
lookup_fail(BASE_SECTION,ENV_DEFAULT_SRP);
goto err;
}
}
if (randfile == NULL && conf)
randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
VERBOSE BIO_printf(bio_err,"trying to read " ENV_DATABASE " in section \"%s\"\n",section);
if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL)
{
lookup_fail(section,ENV_DATABASE);
goto err;
}
}
if (randfile == NULL)
ERR_clear_error();
else
app_RAND_load_file(randfile, bio_err, 0);
VERBOSE BIO_printf(bio_err,"Trying to read SRP verifier file \"%s\"\n",dbfile);
db = load_index(dbfile, &db_attr);
if (db == NULL) goto err;
/* Lets check some fields */
for (i=0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp=sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX)
{
maxgN = i;
if (gNindex < 0 && gN != NULL && !strcmp(gN, pp[DB_srpid]))
gNindex = i;
print_index(db, bio_err, i, verbose > 1) ;
}
}
VERBOSE BIO_printf(bio_err,"Database initialised\n");
if (gNindex >= 0)
{
gNrow=sk_OPENSSL_PSTRING_value(db->db->data,gNindex);
print_entry(db,bio_err,gNindex,verbose>1,"Default g and N") ;
}
else if (maxgN > 0 && !SRP_get_default_gN(gN))
{
BIO_printf(bio_err,"No g and N value for index \"%s\"\n",gN);
goto err;
}
else
{
VERBOSE BIO_printf(bio_err,"Database has no g N information.\n");
gNrow = NULL;
}
VVERBOSE BIO_printf(bio_err,"Starting user processing\n");
if (argc > 0)
user = *(argv++) ;
while (list_user || user)
{
int userindex = -1;
if (user)
VVERBOSE BIO_printf(bio_err, "Processing user \"%s\"\n",user);
if ((userindex = get_index(db, user, 'U')) >= 0)
{
print_user(db,bio_err,userindex,(verbose > 0) || list_user) ;
}
if (list_user)
{
if (user == NULL)
{
BIO_printf(bio_err,"List all users\n");
for (i=0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
print_user(db,bio_err,i,1) ;
}
list_user = 0;
}
else if (userindex < 0)
{
BIO_printf(bio_err, "user \"%s\" does not exist, ignored. t\n",
user);
errors++;
}
}
else if (add_user)
{
if (userindex >= 0)
{
/* reactivation of a new user */
char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
BIO_printf(bio_err,"user \"%s\" reactivated.\n", user);
row[DB_srptype][0] = 'V' ;
doupdatedb = 1;
}
else
{
char *row[DB_NUMBER] ; char * gNid;
row[DB_srpverifier] = NULL;
row[DB_srpsalt] = NULL;
row[DB_srpinfo] = NULL;
if (!(gNid = srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:gN,gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
{
BIO_printf(bio_err,"Cannot create srp verifier for user \"%s\", operation abandoned .\n",user);
errors++ ;
goto err;
}
row[DB_srpid] = BUF_strdup(user);
row[DB_srptype] = BUF_strdup("v");
row[DB_srpgN] = BUF_strdup(gNid);
if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] ||
(userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))) ||
!update_index(db, bio_err, row))
{
if (row[DB_srpid]) OPENSSL_free(row[DB_srpid]);
if (row[DB_srpgN]) OPENSSL_free(row[DB_srpgN]);
if (row[DB_srpinfo]) OPENSSL_free(row[DB_srpinfo]);
if (row[DB_srptype]) OPENSSL_free(row[DB_srptype]);
if (row[DB_srpverifier]) OPENSSL_free(row[DB_srpverifier]);
if (row[DB_srpsalt]) OPENSSL_free(row[DB_srpsalt]);
goto err;
}
doupdatedb = 1;
}
}
else if (modify_user)
{
if (userindex<0)
{
BIO_printf(bio_err,"user \"%s\" does not exist, operation ignored.\n",user);
errors++ ;
}
else
{
char **row=sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char type = row[DB_srptype][0] ;
if (type == 'v')
{
BIO_printf(bio_err,"user \"%s\" already updated, operation ignored.\n",user);
errors++ ;
}
else
{
char * gNid ;
if (row[DB_srptype][0] == 'V')
{
int user_gN ;
char ** irow = NULL;
VERBOSE BIO_printf(bio_err,"Verifying password for user \"%s\"\n",user);
if ( (user_gN = get_index(db, row[DB_srpgN],DB_SRP_INDEX)) >= 0)
irow = sk_OPENSSL_PSTRING_value(db->db->data,
userindex);
if (!srp_verify_user(user,row[DB_srpverifier], row[DB_srpsalt],irow?irow[DB_srpsalt]:row[DB_srpgN], irow?irow[DB_srpverifier]:NULL, passin, bio_err,verbose))
{
BIO_printf(bio_err,"Invalid password for user \"%s\", operation abandoned.\n",user);
errors++ ;
goto err;
}
}
VERBOSE BIO_printf(bio_err,"Password for user \"%s\" ok.\n",user);
if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
{
BIO_printf(bio_err,
"Cannot create srp verifier for user "
"\"%s\", operation abandonned .\n",
user);
errors++;
goto err;
}
row[DB_srptype][0] = 'v';
row[DB_srpgN] = BUF_strdup(gNid);
if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] ||
(userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))))
goto err;
doupdatedb = 1;
}
}
}
else if (delete_user)
{
if (userindex < 0)
{
BIO_printf(bio_err, "user \"%s\" does not exist, operation ignored. t\n", user);
errors++;
}
else
{
char ** pp = sk_OPENSSL_PSTRING_value(db->db->data,userindex);
BIO_printf(bio_err,"user \"%s\" revoked. t\n",user);
pp[DB_srptype][0] = 'R' ;
doupdatedb = 1;
}
}
if (--argc > 0)
user = *(argv++) ;
else
{
user = NULL;
list_user = 0;
}
}
VERBOSE BIO_printf(bio_err,"User procession done.\n");
if (doupdatedb)
{
/* Lets check some fields */
for (i=0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{
pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] == 'v')
{
pp[DB_srptype][0] = 'V';
print_user(db,bio_err,i,verbose) ;
}
}
VERBOSE BIO_printf(bio_err,"Trying to update srpvfile.\n");
if (!save_index(dbfile,"new",db)) goto err;
VERBOSE BIO_printf(bio_err,"Temporary srpvfile created.\n");
if (!rotate_index(dbfile,"new","old")) goto err;
VERBOSE BIO_printf(bio_err,"srpvfile updated.\n");
}
ret = (errors != 0);
err:
if (errors != 0)
VERBOSE BIO_printf(bio_err,"User errors %d.\n",errors);
VERBOSE BIO_printf(bio_err,"SRP terminating with code %d.\n",ret);
if(tofree)
OPENSSL_free(tofree);
if (ret) ERR_print_errors(bio_err);
if (randfile) app_RAND_write_file(randfile, bio_err);
if (conf) NCONF_free(conf);
if (db) free_index(db);
OBJ_cleanup();
apps_shutdown();
OPENSSL_EXIT(ret);
}
#endif

18
crypto/Makefile
View File

@ -177,20 +177,14 @@ ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
ex_data.o: ex_data.c
fips_ers.o: ../include/openssl/bio.h ../include/openssl/crypto.h
fips_ers.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_ers.o: ../include/openssl/fips.h ../include/openssl/lhash.h
fips_ers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
fips_ers.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
fips_ers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h fips_err.h
fips_ers.o: fips_ers.c
fips_ers.o: ../include/openssl/opensslconf.h fips_ers.c
lock.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
lock.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
lock.o: ../include/openssl/err.h ../include/openssl/fips.h
lock.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
lock.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
lock.o: ../include/openssl/safestack.h ../include/openssl/stack.h
lock.o: ../include/openssl/symhacks.h cryptlib.h lock.c
lock.o: ../include/openssl/err.h ../include/openssl/lhash.h
lock.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
lock.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
lock.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
lock.o: lock.c
mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
mem.o: ../include/openssl/err.h ../include/openssl/lhash.h

112
crypto/bn/Makefile
View File

@ -169,11 +169,10 @@ clean:
bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_add.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_add.o: ../cryptlib.h bn_add.c bn_lcl.h
bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@ -184,8 +183,7 @@ bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_blind.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_blind.o: ../../include/openssl/opensslconf.h
bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
@ -197,11 +195,10 @@ bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_ctx.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_ctx.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_ctx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_ctx.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_ctx.o: ../cryptlib.h bn_ctx.c bn_lcl.h
bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@ -213,11 +210,10 @@ bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_div.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_div.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_div.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_div.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_div.o: ../cryptlib.h bn_div.c bn_lcl.h
bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@ -228,35 +224,31 @@ bn_err.o: bn_err.c
bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_exp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_exp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_exp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_exp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h
bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_exp2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_exp2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_exp2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_exp2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_exp2.o: ../cryptlib.h bn_exp2.c bn_lcl.h
bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_gcd.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_gcd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_gcd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_gcd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_gcd.o: ../cryptlib.h bn_gcd.c bn_lcl.h
bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_gf2m.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_gf2m.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_gf2m.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_gf2m.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_gf2m.o: ../cryptlib.h bn_gf2m.c bn_lcl.h
bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@ -267,27 +259,24 @@ bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_lib.o: ../cryptlib.h bn_lcl.h bn_lib.c
bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_mod.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_mod.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_mod.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_mod.o: ../cryptlib.h bn_lcl.h bn_mod.c
bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_mont.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_mont.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_mont.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_mont.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_mont.o: ../cryptlib.h bn_lcl.h bn_mont.c
bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@ -327,19 +316,18 @@ bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_rand.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
bn_rand.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_rand.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_rand.c
bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_recp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
bn_recp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
bn_recp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
bn_recp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
bn_recp.o: ../cryptlib.h bn_lcl.h bn_recp.c
bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

9
crypto/buffer/Makefile
View File

@ -84,11 +84,10 @@ buf_err.o: buf_err.c
buf_str.o: ../../e_os.h ../../include/openssl/bio.h
buf_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
buf_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
buf_str.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
buf_str.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
buf_str.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
buf_str.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
buf_str.o: ../cryptlib.h buf_str.c
buf_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
buf_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
buf_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
buf_str.o: ../../include/openssl/symhacks.h ../cryptlib.h buf_str.c
buffer.o: ../../e_os.h ../../include/openssl/bio.h
buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

21
crypto/dh/Makefile
View File

@ -127,20 +127,19 @@ dh_err.o: dh_err.c
dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
dh_gen.o: ../../include/openssl/err.h ../../include/openssl/fips.h
dh_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
dh_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
dh_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_gen.c
dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dh_gen.o: ../cryptlib.h dh_gen.c
dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
dh_key.o: ../../include/openssl/err.h ../../include/openssl/fips.h
dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dh_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
dh_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dh_key.o: ../cryptlib.h dh_key.c
dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h

28
crypto/dsa/Makefile
View File

@ -125,20 +125,16 @@ dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
dsa_gen.o: ../cryptlib.h dsa_gen.c dsa_locl.h
dsa_key.o: ../../e_os.h ../../include/openssl/asn1.h
dsa_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h
dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
dsa_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
dsa_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@ -162,8 +158,8 @@ dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/fips.h
dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dsa_ossl.o: ../../include/openssl/opensslconf.h
dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@ -197,8 +193,8 @@ dsa_prn.o: ../cryptlib.h dsa_prn.c
dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h
dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dsa_sign.o: ../../include/openssl/opensslconf.h
dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h

76
crypto/ec/Makefile
View File

@ -84,9 +84,8 @@ clean:
ec2_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec2_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec2_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ec2_mult.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ec2_mult.o: ../../include/openssl/opensslconf.h
ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
@ -101,9 +100,8 @@ ec2_oct.o: ../../include/openssl/symhacks.h ec2_oct.c ec_lcl.h
ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ec2_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ec2_smpl.o: ../../include/openssl/opensslconf.h
ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec_lcl.h
@ -142,21 +140,19 @@ ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h
ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec_curve.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ec_curve.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ec_curve.o: ../../include/openssl/opensslconf.h
ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h
ec_cvt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_cvt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ec_cvt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ec_cvt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ec_cvt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ec_cvt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ec_cvt.o: ec_cvt.c ec_lcl.h
ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec_cvt.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_cvt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_cvt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
ec_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
@ -167,31 +163,27 @@ ec_err.o: ../../include/openssl/symhacks.h ec_err.c
ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
ec_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
ec_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ec_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ec_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ec_key.o: ec_key.c ec_lcl.h
ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h
ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec_lib.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ec_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ec_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ec_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ec_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ec_lib.o: ec_lcl.h ec_lib.c
ec_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_lib.o: ../../include/openssl/symhacks.h ec_lcl.h ec_lib.c
ec_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ec_mult.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ec_mult.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ec_mult.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ec_mult.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ec_mult.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ec_mult.o: ec_lcl.h ec_mult.c
ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
ec_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@ -234,22 +226,19 @@ eck_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h eck_prn.c
ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ecp_mont.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecp_mont.o: ../../include/openssl/opensslconf.h
ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ecp_mont.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecp_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecp_mont.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_mont.c
ecp_nist.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ecp_nist.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecp_nist.o: ../../include/openssl/opensslconf.h
ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
ecp_nistp224.o: ecp_nistp224.c
ecp_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@ -261,9 +250,8 @@ ecp_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_oct.c
ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/fips.h
ecp_smpl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecp_smpl.o: ../../include/openssl/opensslconf.h
ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ecp_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecp_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecp_smpl.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_smpl.c

4
crypto/ecdsa/Makefile
View File

@ -108,8 +108,8 @@ ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecs_ossl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
ecs_ossl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
ecs_ossl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ecs_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecs_ossl.o: ../../include/openssl/opensslconf.h
ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecs_ossl.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_ossl.c

2
crypto/engine/Makefile
View File

@ -126,6 +126,8 @@ eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
eng_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
eng_cnf.o: ../cryptlib.h eng_cnf.c eng_int.h
eng_cryptodev.o: ../../crypto/dh/dh.h ../../crypto/dsa/dsa.h
eng_cryptodev.o: ../../crypto/err/err.h ../../crypto/rsa/rsa.h
eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h

23
crypto/err/Makefile
View File

@ -90,18 +90,17 @@ err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
err_all.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
err_all.o: err_all.c
err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h
err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
err_all.o: ../../include/openssl/ts.h ../../include/openssl/ui.h
err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
err_all.o: ../../include/openssl/x509v3.h err_all.c
err_prn.o: ../../e_os.h ../../include/openssl/bio.h
err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

30
crypto/evp/Makefile
View File

@ -188,14 +188,13 @@ digest.o: ../cryptlib.h digest.c
e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
e_aes.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/modes.h
e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
e_aes.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h e_aes.c
e_aes.o: evp_locl.h
e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@ -263,7 +262,6 @@ e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_null.o: ../cryptlib.h e_null.c
e_old.o: e_old.c
e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@ -529,13 +527,13 @@ m_sha.o: ../cryptlib.h m_sha.c
m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_sha1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
m_sha1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
m_sha1.o: ../../include/openssl/symhacks.h ../cryptlib.h m_sha1.c
m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_sha1.o: ../cryptlib.h m_sha1.c
m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h

13
crypto/hmac/Makefile
View File

@ -102,10 +102,9 @@ hm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h hm_pmeth.c
hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
hmac.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
hmac.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
hmac.o: ../cryptlib.h hmac.c
hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c

9
crypto/modes/Makefile
View File

@ -117,11 +117,10 @@ cts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
cts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
cts128.o: ../../include/openssl/symhacks.h cts128.c modes_lcl.h
gcm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
gcm128.o: ../../include/openssl/fips.h ../../include/openssl/modes.h
gcm128.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
gcm128.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
gcm128.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
gcm128.o: gcm128.c modes_lcl.h
gcm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
gcm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
gcm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
gcm128.o: ../../include/openssl/symhacks.h gcm128.c modes_lcl.h
ofb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ofb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
ofb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h

36
crypto/rand/Makefile
View File

@ -79,13 +79,13 @@ clean:
md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
md_rand.o: ../../include/openssl/symhacks.h md_rand.c rand_lcl.h
md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
md_rand.o: md_rand.c rand_lcl.h
rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rand_egd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
rand_egd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@ -99,14 +99,19 @@ rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rand_err.o: rand_err.c
rand_lib.o: ../../e_os.h ../../include/openssl/bio.h
rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rand_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rand_lib.o: ../../include/openssl/opensslconf.h
rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h
rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
rand_lib.o: ../cryptlib.h rand_lib.c
rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
@ -145,9 +150,8 @@ rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
rand_win.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
rand_win.o: ../../include/openssl/opensslconf.h
rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h

72
crypto/rsa/Makefile
View File

@ -123,8 +123,7 @@ rsa_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_crpt.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_crpt.o: ../../include/openssl/opensslconf.h
rsa_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_crpt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@ -142,12 +141,11 @@ rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_eay.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_eay.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_eay.o: ../cryptlib.h rsa_eay.c
rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@ -159,9 +157,7 @@ rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_gen.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
@ -185,8 +181,7 @@ rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_none.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_none.o: ../../include/openssl/opensslconf.h
rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@ -204,9 +199,9 @@ rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
rsa_oaep.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rsa_oaep.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
rsa_oaep.o: ../../include/openssl/opensslconf.h
rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@ -216,12 +211,11 @@ rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_pk1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_pk1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
rsa_pk1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
rsa_pk1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_pk1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_pk1.o: ../cryptlib.h rsa_pk1.c
rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@ -251,14 +245,13 @@ rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
rsa_pss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rsa_pss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rsa_pss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_pss.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_pss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rsa_pss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_pss.o: ../cryptlib.h rsa_locl.h rsa_pss.c
rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_locl.h rsa_pss.c
rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@ -291,19 +284,17 @@ rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_ssl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_ssl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
rsa_ssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
rsa_ssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_ssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_ssl.o: ../cryptlib.h rsa_ssl.c
rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_x931.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_x931.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
rsa_x931.o: ../../include/openssl/opensslconf.h
rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@ -311,8 +302,7 @@ rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
rsa_x931g.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
rsa_x931g.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
rsa_x931g.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
rsa_x931g.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
rsa_x931g.o: ../../include/openssl/opensslconf.h
rsa_x931g.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_x931g.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_x931g.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
rsa_x931g.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h

2
crypto/srp/.cvsignore Normal file
View File

@ -0,0 +1,2 @@
Makefile.save
lib

96
crypto/srp/Makefile Normal file
View File

@ -0,0 +1,96 @@
DIR= srp
TOP= ../..
CC= cc
INCLUDES= -I.. -I$(TOP) -I../../include
CFLAG=-g
INSTALL_PREFIX=
OPENSSLDIR= /usr/local/ssl
INSTALLTOP=/usr/local/ssl
MAKEDEPPROG= makedepend
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
MAKEFILE= Makefile.ssl
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
TEST=srptest.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=srp_lib.c srp_vfy.c
LIBOBJ=srp_lib.o srp_vfy.o
SRC= $(LIBSRC)
EXHEADER= srp.h
HEADER= $(EXHEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@for i in $(EXHEADER) ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
tags:
ctags $(SRC)
tests:
srptest: top srptest.c $(LIB)
$(CC) $(CFLAGS) -Wall -Werror -g -o srptest srptest.c $(LIB)
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
srp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
srp_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
srp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
srp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
srp_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
srp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
srp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
srp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c
srp_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
srp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
srp_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
srp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
srp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
srp_vfy.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
srp_vfy.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
srp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
srp_vfy.o: ../../include/openssl/srp.h ../../include/openssl/stack.h
srp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
srp_vfy.o: ../cryptlib.h srp_lcl.h srp_vfy.c

172
crypto/srp/srp.h Normal file
View File

@ -0,0 +1,172 @@
/* crypto/srp/srp.h */
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef __SRP_H__
#define __SRP_H__
#ifndef OPENSSL_NO_SRP
#include <stdio.h>
#include <string.h>
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/safestack.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
typedef struct SRP_gN_cache_st
{
char *b64_bn;
BIGNUM *bn;
} SRP_gN_cache;
DECLARE_STACK_OF(SRP_gN_cache)
typedef struct SRP_user_pwd_st
{
char *id;
BIGNUM *s;
BIGNUM *v;
const BIGNUM *g;
const BIGNUM *N;
char *info;
} SRP_user_pwd;
DECLARE_STACK_OF(SRP_user_pwd)
typedef struct SRP_VBASE_st
{
STACK_OF(SRP_user_pwd) *users_pwd;
STACK_OF(SRP_gN_cache) *gN_cache;
/* to simulate a user */
char *seed_key;
BIGNUM *default_g;
BIGNUM *default_N;
} SRP_VBASE;
/*Structure interne pour retenir les couples N et g*/
typedef struct SRP_gN_st
{
char *id;
BIGNUM *g;
BIGNUM *N;
} SRP_gN;
DECLARE_STACK_OF(SRP_gN)
SRP_VBASE *SRP_VBASE_new(char *seed_key);
int SRP_VBASE_free(SRP_VBASE *vb);
int SRP_VBASE_init(SRP_VBASE *vb, char * verifier_file);
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g);
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
#define SRP_NO_ERROR 0
#define SRP_ERR_VBASE_INCOMPLETE_FILE 1
#define SRP_ERR_VBASE_BN_LIB 2
#define SRP_ERR_OPEN_FILE 3
#define SRP_ERR_MEMORY 4
#define DB_srptype 0
#define DB_srpverifier 1
#define DB_srpsalt 2
#define DB_srpid 3
#define DB_srpgN 4
#define DB_srpinfo 5
#undef DB_NUMBER
#define DB_NUMBER 6
#define DB_SRP_INDEX 'I'
#define DB_SRP_VALID 'V'
#define DB_SRP_REVOKED 'R'
#define DB_SRP_MODIF 'v'
/* see srp.c */
char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N);
SRP_gN *SRP_get_default_gN(const char * id) ;
/* server side .... */
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N);
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) ;
/* client side .... */
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u);
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
#define SRP_MINIMAL_N 1024
#ifdef __cplusplus
}
#endif
#endif
#endif

517
crypto/srp/srp_grps.h Normal file
View File

@ -0,0 +1,517 @@
/* start of generated data */
static BN_ULONG bn_group_1024_value[] = {
bn_pack4(9FC6,1D2F,C0EB,06E3),
bn_pack4(FD51,38FE,8376,435B),
bn_pack4(2FD4,CBF4,976E,AA9A),
bn_pack4(68ED,BC3C,0572,6CC0),
bn_pack4(C529,F566,660E,57EC),
bn_pack4(8255,9B29,7BCF,1885),
bn_pack4(CE8E,F4AD,69B1,5D49),
bn_pack4(5DC7,D7B4,6154,D6B6),
bn_pack4(8E49,5C1D,6089,DAD1),
bn_pack4(E0D5,D8E2,50B9,8BE4),
bn_pack4(383B,4813,D692,C6E0),
bn_pack4(D674,DF74,96EA,81D3),
bn_pack4(9EA2,314C,9C25,6576),
bn_pack4(6072,6187,75FF,3C0B),
bn_pack4(9C33,F80A,FA8F,C5E8),
bn_pack4(EEAF,0AB9,ADB3,8DD6)
};
static BIGNUM bn_group_1024 = {
bn_group_1024_value,
(sizeof bn_group_1024_value)/sizeof(BN_ULONG),
(sizeof bn_group_1024_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_group_1536_value[] = {
bn_pack4(CF76,E3FE,D135,F9BB),
bn_pack4(1518,0F93,499A,234D),
bn_pack4(8CE7,A28C,2442,C6F3),
bn_pack4(5A02,1FFF,5E91,479E),
bn_pack4(7F8A,2FE9,B8B5,292E),
bn_pack4(837C,264A,E3A9,BEB8),
bn_pack4(E442,734A,F7CC,B7AE),
bn_pack4(6577,2E43,7D6C,7F8C),
bn_pack4(DB2F,D53D,24B7,C486),
bn_pack4(6EDF,0195,3934,9627),
bn_pack4(158B,FD3E,2B9C,8CF5),
bn_pack4(764E,3F4B,53DD,9DA1),
bn_pack4(4754,8381,DBC5,B1FC),
bn_pack4(9B60,9E0B,E3BA,B63D),
bn_pack4(8134,B1C8,B979,8914),
bn_pack4(DF02,8A7C,EC67,F0D0),
bn_pack4(80B6,55BB,9A22,E8DC),
bn_pack4(1558,903B,A0D0,F843),
bn_pack4(51C6,A94B,E460,7A29),
bn_pack4(5F4F,5F55,6E27,CBDE),
bn_pack4(BEEE,A961,4B19,CC4D),
bn_pack4(DBA5,1DF4,99AC,4C80),
bn_pack4(B1F1,2A86,17A4,7BBB),
bn_pack4(9DEF,3CAF,B939,277A)
};
static BIGNUM bn_group_1536 = {
bn_group_1536_value,
(sizeof bn_group_1536_value)/sizeof(BN_ULONG),
(sizeof bn_group_1536_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_group_2048_value[] = {
bn_pack4(0FA7,111F,9E4A,FF73),
bn_pack4(9B65,E372,FCD6,8EF2),
bn_pack4(35DE,236D,525F,5475),
bn_pack4(94B5,C803,D89F,7AE4),
bn_pack4(71AE,35F8,E9DB,FBB6),
bn_pack4(2A56,98F3,A8D0,C382),
bn_pack4(9CCC,041C,7BC3,08D8),
bn_pack4(AF87,4E73,03CE,5329),
bn_pack4(6160,2790,04E5,7AE6),
bn_pack4(032C,FBDB,F52F,B378),
bn_pack4(5EA7,7A27,75D2,ECFA),
bn_pack4(5445,23B5,24B0,D57D),
bn_pack4(5B9D,32E6,88F8,7748),
bn_pack4(F1D2,B907,8717,461A),
bn_pack4(76BD,207A,436C,6481),
bn_pack4(CA97,B43A,23FB,8016),
bn_pack4(1D28,1E44,6B14,773B),
bn_pack4(7359,D041,D5C3,3EA7),
bn_pack4(A80D,740A,DBF4,FF74),
bn_pack4(55F9,7993,EC97,5EEA),
bn_pack4(2918,A996,2F0B,93B8),
bn_pack4(661A,05FB,D5FA,AAE8),
bn_pack4(CF60,9517,9A16,3AB3),
bn_pack4(E808,3969,EDB7,67B0),
bn_pack4(CD7F,48A9,DA04,FD50),
bn_pack4(D523,12AB,4B03,310D),
bn_pack4(8193,E075,7767,A13D),
bn_pack4(A373,29CB,B4A0,99ED),
bn_pack4(FC31,9294,3DB5,6050),
bn_pack4(AF72,B665,1987,EE07),
bn_pack4(F166,DE5E,1389,582F),
bn_pack4(AC6B,DB41,324A,9A9B)
};
static BIGNUM bn_group_2048 = {
bn_group_2048_value,
(sizeof bn_group_2048_value)/sizeof(BN_ULONG),
(sizeof bn_group_2048_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_group_3072_value[] = {
bn_pack4(FFFF,FFFF,FFFF,FFFF),
bn_pack4(4B82,D120,A93A,D2CA),
bn_pack4(43DB,5BFC,E0FD,108E),
bn_pack4(08E2,4FA0,74E5,AB31),
bn_pack4(7709,88C0,BAD9,46E2),
bn_pack4(BBE1,1757,7A61,5D6C),
bn_pack4(521F,2B18,177B,200C),
bn_pack4(D876,0273,3EC8,6A64),
bn_pack4(F12F,FA06,D98A,0864),
bn_pack4(CEE3,D226,1AD2,EE6B),
bn_pack4(1E8C,94E0,4A25,619D),
bn_pack4(ABF5,AE8C,DB09,33D7),
bn_pack4(B397,0F85,A6E1,E4C7),
bn_pack4(8AEA,7157,5D06,0C7D),
bn_pack4(ECFB,8504,58DB,EF0A),
bn_pack4(A855,21AB,DF1C,BA64),
bn_pack4(AD33,170D,0450,7A33),
bn_pack4(1572,8E5A,8AAA,C42D),
bn_pack4(15D2,2618,98FA,0510),
bn_pack4(3995,497C,EA95,6AE5),
bn_pack4(DE2B,CBF6,9558,1718),
bn_pack4(B5C5,5DF0,6F4C,52C9),
bn_pack4(9B27,83A2,EC07,A28F),
bn_pack4(E39E,772C,180E,8603),
bn_pack4(3290,5E46,2E36,CE3B),
bn_pack4(F174,6C08,CA18,217C),
bn_pack4(670C,354E,4ABC,9804),
bn_pack4(9ED5,2907,7096,966D),
bn_pack4(1C62,F356,2085,52BB),
bn_pack4(8365,5D23,DCA3,AD96),
bn_pack4(6916,3FA8,FD24,CF5F),
bn_pack4(98DA,4836,1C55,D39A),
bn_pack4(C200,7CB8,A163,BF05),
bn_pack4(4928,6651,ECE4,5B3D),
bn_pack4(AE9F,2411,7C4B,1FE6),
bn_pack4(EE38,6BFB,5A89,9FA5),
bn_pack4(0BFF,5CB6,F406,B7ED),
bn_pack4(F44C,42E9,A637,ED6B),
bn_pack4(E485,B576,625E,7EC6),
bn_pack4(4FE1,356D,6D51,C245),
bn_pack4(302B,0A6D,F25F,1437),
bn_pack4(EF95,19B3,CD3A,431B),
bn_pack4(514A,0879,8E34,04DD),
bn_pack4(020B,BEA6,3B13,9B22),
bn_pack4(2902,4E08,8A67,CC74),
bn_pack4(C4C6,628B,80DC,1CD1),
bn_pack4(C90F,DAA2,2168,C234),
bn_pack4(FFFF,FFFF,FFFF,FFFF)
};
static BIGNUM bn_group_3072 = {
bn_group_3072_value,
(sizeof bn_group_3072_value)/sizeof(BN_ULONG),
(sizeof bn_group_3072_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_group_4096_value[] = {
bn_pack4(FFFF,FFFF,FFFF,FFFF),
bn_pack4(4DF4,35C9,3406,3199),
bn_pack4(86FF,B7DC,90A6,C08F),
bn_pack4(93B4,EA98,8D8F,DDC1),
bn_pack4(D006,9127,D5B0,5AA9),
bn_pack4(B81B,DD76,2170,481C),
bn_pack4(1F61,2970,CEE2,D7AF),
bn_pack4(233B,A186,515B,E7ED),
bn_pack4(99B2,964F,A090,C3A2),
bn_pack4(287C,5947,4E6B,C05D),
bn_pack4(2E8E,FC14,1FBE,CAA6),
bn_pack4(DBBB,C2DB,04DE,8EF9),
bn_pack4(2583,E9CA,2AD4,4CE8),
bn_pack4(1A94,6834,B615,0BDA),
bn_pack4(99C3,2718,6AF4,E23C),
bn_pack4(8871,9A10,BDBA,5B26),
bn_pack4(1A72,3C12,A787,E6D7),
bn_pack4(4B82,D120,A921,0801),
bn_pack4(43DB,5BFC,E0FD,108E),
bn_pack4(08E2,4FA0,74E5,AB31),
bn_pack4(7709,88C0,BAD9,46E2),
bn_pack4(BBE1,1757,7A61,5D6C),
bn_pack4(521F,2B18,177B,200C),
bn_pack4(D876,0273,3EC8,6A64),
bn_pack4(F12F,FA06,D98A,0864),
bn_pack4(CEE3,D226,1AD2,EE6B),
bn_pack4(1E8C,94E0,4A25,619D),
bn_pack4(ABF5,AE8C,DB09,33D7),
bn_pack4(B397,0F85,A6E1,E4C7),
bn_pack4(8AEA,7157,5D06,0C7D),
bn_pack4(ECFB,8504,58DB,EF0A),
bn_pack4(A855,21AB,DF1C,BA64),
bn_pack4(AD33,170D,0450,7A33),
bn_pack4(1572,8E5A,8AAA,C42D),
bn_pack4(15D2,2618,98FA,0510),
bn_pack4(3995,497C,EA95,6AE5),
bn_pack4(DE2B,CBF6,9558,1718),
bn_pack4(B5C5,5DF0,6F4C,52C9),
bn_pack4(9B27,83A2,EC07,A28F),
bn_pack4(E39E,772C,180E,8603),
bn_pack4(3290,5E46,2E36,CE3B),
bn_pack4(F174,6C08,CA18,217C),
bn_pack4(670C,354E,4ABC,9804),
bn_pack4(9ED5,2907,7096,966D),
bn_pack4(1C62,F356,2085,52BB),
bn_pack4(8365,5D23,DCA3,AD96),
bn_pack4(6916,3FA8,FD24,CF5F),
bn_pack4(98DA,4836,1C55,D39A),
bn_pack4(C200,7CB8,A163,BF05),
bn_pack4(4928,6651,ECE4,5B3D),
bn_pack4(AE9F,2411,7C4B,1FE6),
bn_pack4(EE38,6BFB,5A89,9FA5),
bn_pack4(0BFF,5CB6,F406,B7ED),
bn_pack4(F44C,42E9,A637,ED6B),
bn_pack4(E485,B576,625E,7EC6),
bn_pack4(4FE1,356D,6D51,C245),
bn_pack4(302B,0A6D,F25F,1437),
bn_pack4(EF95,19B3,CD3A,431B),
bn_pack4(514A,0879,8E34,04DD),
bn_pack4(020B,BEA6,3B13,9B22),
bn_pack4(2902,4E08,8A67,CC74),
bn_pack4(C4C6,628B,80DC,1CD1),
bn_pack4(C90F,DAA2,2168,C234),
bn_pack4(FFFF,FFFF,FFFF,FFFF)
};
static BIGNUM bn_group_4096 = {
bn_group_4096_value,
(sizeof bn_group_4096_value)/sizeof(BN_ULONG),
(sizeof bn_group_4096_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_group_6144_value[] = {
bn_pack4(FFFF,FFFF,FFFF,FFFF),
bn_pack4(E694,F91E,6DCC,4024),
bn_pack4(12BF,2D5B,0B74,74D6),
bn_pack4(043E,8F66,3F48,60EE),
bn_pack4(387F,E8D7,6E3C,0468),
bn_pack4(DA56,C9EC,2EF2,9632),
bn_pack4(EB19,CCB1,A313,D55C),
bn_pack4(F550,AA3D,8A1F,BFF0),
bn_pack4(06A1,D58B,B7C5,DA76),
bn_pack4(A797,15EE,F29B,E328),
bn_pack4(14CC,5ED2,0F80,37E0),
bn_pack4(CC8F,6D7E,BF48,E1D8),
bn_pack4(4BD4,07B2,2B41,54AA),
bn_pack4(0F1D,45B7,FF58,5AC5),
bn_pack4(23A9,7A7E,36CC,88BE),
bn_pack4(59E7,C97F,BEC7,E8F3),
bn_pack4(B5A8,4031,900B,1C9E),
bn_pack4(D55E,702F,4698,0C82),
bn_pack4(F482,D7CE,6E74,FEF6),
bn_pack4(F032,EA15,D172,1D03),
bn_pack4(5983,CA01,C64B,92EC),
bn_pack4(6FB8,F401,378C,D2BF),
bn_pack4(3320,5151,2BD7,AF42),
bn_pack4(DB7F,1447,E6CC,254B),
bn_pack4(44CE,6CBA,CED4,BB1B),
bn_pack4(DA3E,DBEB,CF9B,14ED),
bn_pack4(1797,27B0,865A,8918),
bn_pack4(B06A,53ED,9027,D831),
bn_pack4(E5DB,382F,4130,01AE),
bn_pack4(F8FF,9406,AD9E,530E),
bn_pack4(C975,1E76,3DBA,37BD),
bn_pack4(C1D4,DCB2,6026,46DE),
bn_pack4(36C3,FAB4,D27C,7026),
bn_pack4(4DF4,35C9,3402,8492),
bn_pack4(86FF,B7DC,90A6,C08F),
bn_pack4(93B4,EA98,8D8F,DDC1),
bn_pack4(D006,9127,D5B0,5AA9),
bn_pack4(B81B,DD76,2170,481C),
bn_pack4(1F61,2970,CEE2,D7AF),
bn_pack4(233B,A186,515B,E7ED),
bn_pack4(99B2,964F,A090,C3A2),
bn_pack4(287C,5947,4E6B,C05D),
bn_pack4(2E8E,FC14,1FBE,CAA6),
bn_pack4(DBBB,C2DB,04DE,8EF9),
bn_pack4(2583,E9CA,2AD4,4CE8),
bn_pack4(1A94,6834,B615,0BDA),
bn_pack4(99C3,2718,6AF4,E23C),
bn_pack4(8871,9A10,BDBA,5B26),
bn_pack4(1A72,3C12,A787,E6D7),
bn_pack4(4B82,D120,A921,0801),
bn_pack4(43DB,5BFC,E0FD,108E),
bn_pack4(08E2,4FA0,74E5,AB31),
bn_pack4(7709,88C0,BAD9,46E2),
bn_pack4(BBE1,1757,7A61,5D6C),
bn_pack4(521F,2B18,177B,200C),
bn_pack4(D876,0273,3EC8,6A64),
bn_pack4(F12F,FA06,D98A,0864),
bn_pack4(CEE3,D226,1AD2,EE6B),
bn_pack4(1E8C,94E0,4A25,619D),
bn_pack4(ABF5,AE8C,DB09,33D7),
bn_pack4(B397,0F85,A6E1,E4C7),
bn_pack4(8AEA,7157,5D06,0C7D),
bn_pack4(ECFB,8504,58DB,EF0A),
bn_pack4(A855,21AB,DF1C,BA64),
bn_pack4(AD33,170D,0450,7A33),
bn_pack4(1572,8E5A,8AAA,C42D),
bn_pack4(15D2,2618,98FA,0510),
bn_pack4(3995,497C,EA95,6AE5),
bn_pack4(DE2B,CBF6,9558,1718),
bn_pack4(B5C5,5DF0,6F4C,52C9),
bn_pack4(9B27,83A2,EC07,A28F),
bn_pack4(E39E,772C,180E,8603),
bn_pack4(3290,5E46,2E36,CE3B),
bn_pack4(F174,6C08,CA18,217C),
bn_pack4(670C,354E,4ABC,9804),
bn_pack4(9ED5,2907,7096,966D),
bn_pack4(1C62,F356,2085,52BB),
bn_pack4(8365,5D23,DCA3,AD96),
bn_pack4(6916,3FA8,FD24,CF5F),
bn_pack4(98DA,4836,1C55,D39A),
bn_pack4(C200,7CB8,A163,BF05),
bn_pack4(4928,6651,ECE4,5B3D),
bn_pack4(AE9F,2411,7C4B,1FE6),
bn_pack4(EE38,6BFB,5A89,9FA5),
bn_pack4(0BFF,5CB6,F406,B7ED),
bn_pack4(F44C,42E9,A637,ED6B),
bn_pack4(E485,B576,625E,7EC6),
bn_pack4(4FE1,356D,6D51,C245),
bn_pack4(302B,0A6D,F25F,1437),
bn_pack4(EF95,19B3,CD3A,431B),
bn_pack4(514A,0879,8E34,04DD),
bn_pack4(020B,BEA6,3B13,9B22),
bn_pack4(2902,4E08,8A67,CC74),
bn_pack4(C4C6,628B,80DC,1CD1),
bn_pack4(C90F,DAA2,2168,C234),
bn_pack4(FFFF,FFFF,FFFF,FFFF)
};
static BIGNUM bn_group_6144 = {
bn_group_6144_value,
(sizeof bn_group_6144_value)/sizeof(BN_ULONG),
(sizeof bn_group_6144_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_group_8192_value[] = {
bn_pack4(FFFF,FFFF,FFFF,FFFF),
bn_pack4(60C9,80DD,98ED,D3DF),
bn_pack4(C81F,56E8,80B9,6E71),
bn_pack4(9E30,50E2,7656,94DF),
bn_pack4(9558,E447,5677,E9AA),
bn_pack4(C919,0DA6,FC02,6E47),
bn_pack4(889A,002E,D5EE,382B),
bn_pack4(4009,438B,481C,6CD7),
bn_pack4(3590,46F4,EB87,9F92),
bn_pack4(FAF3,6BC3,1ECF,A268),
bn_pack4(B1D5,10BD,7EE7,4D73),
bn_pack4(F9AB,4819,5DED,7EA1),
bn_pack4(64F3,1CC5,0846,851D),
bn_pack4(4597,E899,A025,5DC1),
bn_pack4(DF31,0EE0,74AB,6A36),
bn_pack4(6D2A,13F8,3F44,F82D),
bn_pack4(062B,3CF5,B3A2,78A6),
bn_pack4(7968,3303,ED5B,DD3A),
bn_pack4(FA9D,4B7F,A2C0,87E8),
bn_pack4(4BCB,C886,2F83,85DD),
bn_pack4(3473,FC64,6CEA,306B),
bn_pack4(13EB,57A8,1A23,F0C7),
bn_pack4(2222,2E04,A403,7C07),
bn_pack4(E3FD,B8BE,FC84,8AD9),
bn_pack4(238F,16CB,E39D,652D),
bn_pack4(3423,B474,2BF1,C978),
bn_pack4(3AAB,639C,5AE4,F568),
bn_pack4(2576,F693,6BA4,2466),
bn_pack4(741F,A7BF,8AFC,47ED),
bn_pack4(3BC8,32B6,8D9D,D300),
bn_pack4(D8BE,C4D0,73B9,31BA),
bn_pack4(3877,7CB6,A932,DF8C),
bn_pack4(74A3,926F,12FE,E5E4),
bn_pack4(E694,F91E,6DBE,1159),
bn_pack4(12BF,2D5B,0B74,74D6),
bn_pack4(043E,8F66,3F48,60EE),
bn_pack4(387F,E8D7,6E3C,0468),
bn_pack4(DA56,C9EC,2EF2,9632),
bn_pack4(EB19,CCB1,A313,D55C),
bn_pack4(F550,AA3D,8A1F,BFF0),
bn_pack4(06A1,D58B,B7C5,DA76),
bn_pack4(A797,15EE,F29B,E328),
bn_pack4(14CC,5ED2,0F80,37E0),
bn_pack4(CC8F,6D7E,BF48,E1D8),
bn_pack4(4BD4,07B2,2B41,54AA),
bn_pack4(0F1D,45B7,FF58,5AC5),
bn_pack4(23A9,7A7E,36CC,88BE),
bn_pack4(59E7,C97F,BEC7,E8F3),
bn_pack4(B5A8,4031,900B,1C9E),
bn_pack4(D55E,702F,4698,0C82),
bn_pack4(F482,D7CE,6E74,FEF6),
bn_pack4(F032,EA15,D172,1D03),
bn_pack4(5983,CA01,C64B,92EC),
bn_pack4(6FB8,F401,378C,D2BF),
bn_pack4(3320,5151,2BD7,AF42),
bn_pack4(DB7F,1447,E6CC,254B),
bn_pack4(44CE,6CBA,CED4,BB1B),
bn_pack4(DA3E,DBEB,CF9B,14ED),
bn_pack4(1797,27B0,865A,8918),
bn_pack4(B06A,53ED,9027,D831),
bn_pack4(E5DB,382F,4130,01AE),
bn_pack4(F8FF,9406,AD9E,530E),
bn_pack4(C975,1E76,3DBA,37BD),
bn_pack4(C1D4,DCB2,6026,46DE),
bn_pack4(36C3,FAB4,D27C,7026),
bn_pack4(4DF4,35C9,3402,8492),
bn_pack4(86FF,B7DC,90A6,C08F),
bn_pack4(93B4,EA98,8D8F,DDC1),
bn_pack4(D006,9127,D5B0,5AA9),
bn_pack4(B81B,DD76,2170,481C),
bn_pack4(1F61,2970,CEE2,D7AF),
bn_pack4(233B,A186,515B,E7ED),
bn_pack4(99B2,964F,A090,C3A2),
bn_pack4(287C,5947,4E6B,C05D),
bn_pack4(2E8E,FC14,1FBE,CAA6),
bn_pack4(DBBB,C2DB,04DE,8EF9),
bn_pack4(2583,E9CA,2AD4,4CE8),
bn_pack4(1A94,6834,B615,0BDA),
bn_pack4(99C3,2718,6AF4,E23C),
bn_pack4(8871,9A10,BDBA,5B26),
bn_pack4(1A72,3C12,A787,E6D7),
bn_pack4(4B82,D120,A921,0801),
bn_pack4(43DB,5BFC,E0FD,108E),
bn_pack4(08E2,4FA0,74E5,AB31),
bn_pack4(7709,88C0,BAD9,46E2),
bn_pack4(BBE1,1757,7A61,5D6C),
bn_pack4(521F,2B18,177B,200C),
bn_pack4(D876,0273,3EC8,6A64),
bn_pack4(F12F,FA06,D98A,0864),
bn_pack4(CEE3,D226,1AD2,EE6B),
bn_pack4(1E8C,94E0,4A25,619D),
bn_pack4(ABF5,AE8C,DB09,33D7),
bn_pack4(B397,0F85,A6E1,E4C7),
bn_pack4(8AEA,7157,5D06,0C7D),
bn_pack4(ECFB,8504,58DB,EF0A),
bn_pack4(A855,21AB,DF1C,BA64),
bn_pack4(AD33,170D,0450,7A33),
bn_pack4(1572,8E5A,8AAA,C42D),
bn_pack4(15D2,2618,98FA,0510),
bn_pack4(3995,497C,EA95,6AE5),
bn_pack4(DE2B,CBF6,9558,1718),
bn_pack4(B5C5,5DF0,6F4C,52C9),
bn_pack4(9B27,83A2,EC07,A28F),
bn_pack4(E39E,772C,180E,8603),
bn_pack4(3290,5E46,2E36,CE3B),
bn_pack4(F174,6C08,CA18,217C),
bn_pack4(670C,354E,4ABC,9804),
bn_pack4(9ED5,2907,7096,966D),
bn_pack4(1C62,F356,2085,52BB),
bn_pack4(8365,5D23,DCA3,AD96),
bn_pack4(6916,3FA8,FD24,CF5F),
bn_pack4(98DA,4836,1C55,D39A),
bn_pack4(C200,7CB8,A163,BF05),
bn_pack4(4928,6651,ECE4,5B3D),
bn_pack4(AE9F,2411,7C4B,1FE6),
bn_pack4(EE38,6BFB,5A89,9FA5),
bn_pack4(0BFF,5CB6,F406,B7ED),
bn_pack4(F44C,42E9,A637,ED6B),
bn_pack4(E485,B576,625E,7EC6),
bn_pack4(4FE1,356D,6D51,C245),
bn_pack4(302B,0A6D,F25F,1437),
bn_pack4(EF95,19B3,CD3A,431B),
bn_pack4(514A,0879,8E34,04DD),
bn_pack4(020B,BEA6,3B13,9B22),
bn_pack4(2902,4E08,8A67,CC74),
bn_pack4(C4C6,628B,80DC,1CD1),
bn_pack4(C90F,DAA2,2168,C234),
bn_pack4(FFFF,FFFF,FFFF,FFFF)
};
static BIGNUM bn_group_8192 = {
bn_group_8192_value,
(sizeof bn_group_8192_value)/sizeof(BN_ULONG),
(sizeof bn_group_8192_value)/sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_generator_19_value[] = {19} ;
static BIGNUM bn_generator_19 = {
bn_generator_19_value,
1,
1,
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_generator_5_value[] = {5} ;
static BIGNUM bn_generator_5 = {
bn_generator_5_value,
1,
1,
0,
BN_FLG_STATIC_DATA
};
static BN_ULONG bn_generator_2_value[] = {2} ;
static BIGNUM bn_generator_2 = {
bn_generator_2_value,
1,
1,
0,
BN_FLG_STATIC_DATA
};
static SRP_gN knowngN[] = {
{"8192",&bn_generator_19 , &bn_group_8192},
{"6144",&bn_generator_5 , &bn_group_6144},
{"4096",&bn_generator_5 , &bn_group_4096},
{"3072",&bn_generator_5 , &bn_group_3072},
{"2048",&bn_generator_2 , &bn_group_2048},
{"1536",&bn_generator_2 , &bn_group_1536},
{"1024",&bn_generator_2 , &bn_group_1024},
};
#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
/* end of generated data */

83
crypto/srp/srp_lcl.h Normal file
View File

@ -0,0 +1,83 @@
/* crypto/srp/srp_lcl.h */
/* Written by Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_SRP_LCL_H
#define HEADER_SRP_LCL_H
#include <openssl/srp.h>
#include <openssl/sha.h>
#if 0
#define srp_bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
fprintf(stderr,"\n");}
#else
#define srp_bn_print(a)
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
}
#endif
#endif

357
crypto/srp/srp_lib.c Normal file
View File

@ -0,0 +1,357 @@
/* crypto/srp/srp_lib.c */
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef OPENSSL_NO_SRP
#include "cryptlib.h"
#include "srp_lcl.h"
#include <openssl/srp.h>
#include <openssl/evp.h>
#if (BN_BYTES == 8)
#define bn_pack4(a1,a2,a3,a4) 0x##a1##a2##a3##a4##ul
#endif
#if (BN_BYTES == 4)
#define bn_pack4(a1,a2,a3,a4) 0x##a3##a4##ul, 0x##a1##a2##ul
#endif
#if (BN_BYTES == 2)
#define bn_pack4(a1,a2,a3,a4) 0x##a4##u,0x##a3##u,0x##a2##u,0x##a1##u
#endif
#include "srp_grps.h"
static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
{
/* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
unsigned char digest[SHA_DIGEST_LENGTH];
unsigned char *tmp;
EVP_MD_CTX ctxt;
int longg ;
int longN = BN_num_bytes(N);
if ((tmp = OPENSSL_malloc(longN)) == NULL)
return NULL;
BN_bn2bin(N,tmp) ;
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, tmp, longN);
memset(tmp, 0, longN);
longg = BN_bn2bin(g,tmp) ;
/* use the zeros behind to pad on left */
EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg);
EVP_DigestUpdate(&ctxt, tmp, longg);
OPENSSL_free(tmp);
EVP_DigestFinal_ex(&ctxt, digest, NULL);
EVP_MD_CTX_cleanup(&ctxt);
return BN_bin2bn(digest, sizeof(digest), NULL);
}
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
{
/* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
BIGNUM *u;
unsigned char cu[SHA_DIGEST_LENGTH];
unsigned char *cAB;
EVP_MD_CTX ctxt;
int longN;
if ((A == NULL) ||(B == NULL) || (N == NULL))
return NULL;
longN= BN_num_bytes(N);
if ((cAB = OPENSSL_malloc(2*longN)) == NULL)
return NULL;
memset(cAB, 0, longN);
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A,cAB+longN), longN);
EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B,cAB+longN), longN);
OPENSSL_free(cAB);
EVP_DigestFinal_ex(&ctxt, cu, NULL);
EVP_MD_CTX_cleanup(&ctxt);
if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
return NULL;
if (!BN_is_zero(u))
return u;
BN_free(u);
return NULL;
}
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N)
{
BIGNUM *tmp = NULL, *S = NULL;
BN_CTX *bn_ctx;
if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
return NULL;
if ((bn_ctx = BN_CTX_new()) == NULL ||
(tmp = BN_new()) == NULL ||
(S = BN_new()) == NULL )
goto err;
/* S = (A*v**u) ** b */
if (!BN_mod_exp(tmp,v,u,N,bn_ctx))
goto err;
if (!BN_mod_mul(tmp,A,tmp,N,bn_ctx))
goto err;
if (!BN_mod_exp(S,tmp,b,N,bn_ctx))
goto err;
err:
BN_CTX_free(bn_ctx);
BN_clear_free(tmp);
return S;
}
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
{
BIGNUM *kv = NULL, *gb = NULL;
BIGNUM *B = NULL, *k = NULL;
BN_CTX *bn_ctx;
if (b == NULL || N == NULL || g == NULL || v == NULL ||
(bn_ctx = BN_CTX_new()) == NULL)
return NULL;
if ( (kv = BN_new()) == NULL ||
(gb = BN_new()) == NULL ||
(B = BN_new())== NULL)
goto err;
/* B = g**b + k*v */
if (!BN_mod_exp(gb,g,b,N,bn_ctx) ||
!(k = srp_Calc_k(N,g)) ||
!BN_mod_mul(kv,v,k,N,bn_ctx) ||
!BN_mod_add(B,gb,kv,N,bn_ctx))
{
BN_free(B);
B = NULL;
}
err:
BN_CTX_free(bn_ctx);
BN_clear_free(kv);
BN_clear_free(gb);
BN_free(k);
return B;
}
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
{
unsigned char dig[SHA_DIGEST_LENGTH];
EVP_MD_CTX ctxt;
unsigned char *cs;
if ((s == NULL) ||
(user == NULL) ||
(pass == NULL))
return NULL;
if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
return NULL;
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, user, strlen(user));
EVP_DigestUpdate(&ctxt, ":", 1);
EVP_DigestUpdate(&ctxt, pass, strlen(pass));
EVP_DigestFinal_ex(&ctxt, dig, NULL);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
BN_bn2bin(s,cs);
EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
OPENSSL_free(cs);
EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
EVP_DigestFinal_ex(&ctxt, dig, NULL);
EVP_MD_CTX_cleanup(&ctxt);
return BN_bin2bn(dig, sizeof(dig), NULL);
}
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
{
BN_CTX *bn_ctx;
BIGNUM * A = NULL;
if (a == NULL || N == NULL || g == NULL ||
(bn_ctx = BN_CTX_new()) == NULL)
return NULL;
if ((A = BN_new()) != NULL &&
!BN_mod_exp(A,g,a,N,bn_ctx))
{
BN_free(A);
A = NULL;
}
BN_CTX_free(bn_ctx);
return A;
}
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u)
{
BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL , *k = NULL, *K = NULL;
BN_CTX *bn_ctx;
if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL || a == NULL ||
(bn_ctx = BN_CTX_new()) == NULL)
return NULL;
if ((tmp = BN_new()) == NULL ||
(tmp2 = BN_new())== NULL ||
(tmp3 = BN_new())== NULL ||
(K = BN_new()) == NULL)
goto err;
if (!BN_mod_exp(tmp,g,x,N,bn_ctx))
goto err;
if (!(k = srp_Calc_k(N,g)))
goto err;
if (!BN_mod_mul(tmp2,tmp,k,N,bn_ctx))
goto err;
if (!BN_mod_sub(tmp,B,tmp2,N,bn_ctx))
goto err;
if (!BN_mod_mul(tmp3,u,x,N,bn_ctx))
goto err;
if (!BN_mod_add(tmp2,a,tmp3,N,bn_ctx))
goto err;
if (!BN_mod_exp(K,tmp,tmp2,N,bn_ctx))
goto err;
err :
BN_CTX_free(bn_ctx);
BN_clear_free(tmp);
BN_clear_free(tmp2);
BN_clear_free(tmp3);
BN_free(k);
return K;
}
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
{
BIGNUM *r;
BN_CTX *bn_ctx;
int ret = 0;
if (B == NULL || N == NULL ||
(bn_ctx = BN_CTX_new()) == NULL)
return 0;
if ((r = BN_new()) == NULL)
goto err;
/* Checks if B % N == 0 */
if (!BN_nnmod(r,B,N,bn_ctx))
goto err;
ret = !BN_is_zero(r);
err:
BN_CTX_free(bn_ctx);
BN_free(r);
return ret;
}
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
{
/* Checks if A % N == 0 */
return SRP_Verify_B_mod_N(A,N) ;
}
/* Check if G and N are kwown parameters.
The values have been generated from the ietf-tls-srp draft version 8
*/
char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N)
{
int i;
if ((g == NULL) || (N == NULL))
return 0;
srp_bn_print(g);
srp_bn_print(N);
for(i = 0; i < KNOWN_GN_NUMBER; i++)
{
if (BN_cmp(knowngN[i].g,g) == 0 && BN_cmp(knowngN[i].N,N) == 0)
return knowngN[i].id;
}
return NULL;
}
SRP_gN *SRP_get_default_gN(const char * id)
{
int i;
if (id == NULL)
return knowngN;
for(i = 0; i < KNOWN_GN_NUMBER; i++)
{
if (strcmp(knowngN[i].id,id)==0)
return knowngN+i;
}
return NULL;
}
#endif

660
crypto/srp/srp_vfy.c Normal file
View File

@ -0,0 +1,660 @@
/* crypto/srp/srp_vfy.c */
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef OPENSSL_NO_SRP
#include "cryptlib.h"
#include "srp_lcl.h"
#include <openssl/srp.h>
#include <openssl/evp.h>
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/txt_db.h>
#define SRP_RANDOM_SALT_LEN 20
#define MAX_LEN 2500
static char b64table[] =
"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
/* the following two conversion routines have been inspired by code from Stanford */
/*
* Convert a base64 string into raw byte array representation.
*/
static int t_fromb64(unsigned char *a, const char *src)
{
char *loc;
int i, j;
int size;
while(*src && (*src == ' ' || *src == '\t' || *src == '\n'))
++src;
size = strlen((const char *)src);
i = 0;
while(i < size)
{
loc = strchr(b64table, src[i]);
if(loc == (char *) 0) break;
else a[i] = loc - b64table;
++i;
}
size = i;
i = size - 1;
j = size;
while(1)
{
a[j] = a[i];
if(--i < 0) break;
a[j] |= (a[i] & 3) << 6;
--j;
a[j] = (unsigned char) ((a[i] & 0x3c) >> 2);
if(--i < 0) break;
a[j] |= (a[i] & 0xf) << 4;
--j;
a[j] = (unsigned char) ((a[i] & 0x30) >> 4);
if(--i < 0) break;
a[j] |= (a[i] << 2);
a[--j] = 0;
if(--i < 0) break;
}
while(a[j] == 0 && j <= size) ++j;
i = 0;
while (j <= size) a[i++] = a[j++];
return i;
}
/*
* Convert a raw byte string into a null-terminated base64 ASCII string.
*/
static char *t_tob64(char *dst, const unsigned char *src, int size)
{
int c, pos = size % 3;
unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
char *olddst = dst;
switch(pos)
{
case 1:
b2 = src[0];
break;
case 2:
b1 = src[0];
b2 = src[1];
break;
}
while(1)
{
c = (b0 & 0xfc) >> 2;
if(notleading || c != 0)
{
*dst++ = b64table[c];
notleading = 1;
}
c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
if(notleading || c != 0)
{
*dst++ = b64table[c];
notleading = 1;
}
c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
if(notleading || c != 0)
{
*dst++ = b64table[c];
notleading = 1;
}
c = b2 & 0x3f;
if(notleading || c != 0)
{
*dst++ = b64table[c];
notleading = 1;
}
if(pos >= size) break;
else
{
b0 = src[pos++];
b1 = src[pos++];
b2 = src[pos++];
}
}
*dst++ = '\0';
return olddst;
}
static void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
{
if (user_pwd == NULL)
return;
BN_free(user_pwd->s);
BN_clear_free(user_pwd->v);
OPENSSL_free(user_pwd->id);
OPENSSL_free(user_pwd->info);
OPENSSL_free(user_pwd);
}
static SRP_user_pwd * SRP_user_pwd_new(void)
{
SRP_user_pwd * ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
if (ret == NULL)
return NULL;
ret->N = NULL;
ret->g = NULL;
ret->s = NULL;
ret->v = NULL;
ret->id = NULL ;
ret->info = NULL;
return ret;
}
static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
const BIGNUM *N)
{
vinfo->N = N;
vinfo->g = g;
}
static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
const char *info)
{
if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
return 0;
return (info == NULL || NULL != (vinfo->info = BUF_strdup(info))) ;
}
static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
const char *v)
{
unsigned char tmp[MAX_LEN];
int len;
if (strlen(s) > MAX_LEN || strlen(v) > MAX_LEN)
return 0;
len = t_fromb64(tmp, v);
if (NULL == (vinfo->v = BN_bin2bn(tmp, len, NULL)) )
return 0;
len = t_fromb64(tmp, s);
return ((vinfo->s = BN_bin2bn(tmp, len, NULL)) != NULL) ;
}
static int SRP_user_pwd_set_sv_BN(SRP_user_pwd * vinfo, BIGNUM * s, BIGNUM * v)
{
vinfo->v = v;
vinfo->s = s;
return (vinfo->s != NULL && vinfo->v != NULL) ;
}
SRP_VBASE *SRP_VBASE_new(char *seed_key)
{
SRP_VBASE *vb = (SRP_VBASE *) OPENSSL_malloc(sizeof(SRP_VBASE));
if (vb == NULL)
return NULL;
if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
!(vb->gN_cache = sk_SRP_gN_cache_new_null()))
{
OPENSSL_free(vb);
return NULL;
}
vb->default_g = NULL;
vb->default_N = NULL;
vb->seed_key = NULL;
if ((seed_key != NULL) &&
(vb->seed_key = BUF_strdup(seed_key)) == NULL)
{
sk_SRP_user_pwd_free(vb->users_pwd);
sk_SRP_gN_cache_free(vb->gN_cache);
OPENSSL_free(vb);
return NULL;
}
return vb;
}
int SRP_VBASE_free(SRP_VBASE *vb)
{
sk_SRP_user_pwd_pop_free(vb->users_pwd,SRP_user_pwd_free);
sk_SRP_gN_cache_free(vb->gN_cache);
OPENSSL_free(vb->seed_key);
OPENSSL_free(vb);
return 0;
}
static SRP_gN_cache *SRP_gN_new_init(const char *ch)
{
unsigned char tmp[MAX_LEN];
int len;
SRP_gN_cache *newgN = (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
if (newgN == NULL)
return NULL;
if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
goto err;
len = t_fromb64(tmp, ch);
if ((newgN->bn = BN_bin2bn(tmp, len, NULL)))
return newgN;
OPENSSL_free(newgN->b64_bn);
err:
OPENSSL_free(newgN);
return NULL;
}
static void SRP_gN_free(SRP_gN_cache *gN_cache)
{
if (gN_cache == NULL)
return;
OPENSSL_free(gN_cache->b64_bn);
BN_free(gN_cache->bn);
OPENSSL_free(gN_cache);
}
static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab)
{
int i;
SRP_gN *gN;
if (gN_tab != NULL)
for(i = 0; i < sk_SRP_gN_num(gN_tab); i++)
{
gN = sk_SRP_gN_value(gN_tab, i);
if (gN && (id == NULL || strcmp(gN->id,id)==0))
return gN;
}
return SRP_get_default_gN(id);
}
static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
{
int i;
if (gN_cache == NULL)
return NULL;
/* search if we have already one... */
for(i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++)
{
SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
if (strcmp(cache->b64_bn,ch)==0)
return cache->bn;
}
{ /* it is the first time that we find it */
SRP_gN_cache *newgN = SRP_gN_new_init(ch);
if (newgN)
{
if (sk_SRP_gN_cache_insert(gN_cache,newgN,0)>0)
return newgN->bn;
SRP_gN_free(newgN);
}
}
return NULL;
}
/* this function parses verifier file. Format is:
* string(index):base64(N):base64(g):0
* string(username):base64(v):base64(salt):int(index)
*/
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
{
int error_code ;
STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
char *last_index = NULL;
int i;
char **pp;
SRP_gN *gN = NULL;
SRP_user_pwd *user_pwd = NULL ;
TXT_DB *tmpdb = NULL;
BIO *in = BIO_new(BIO_s_file());
error_code = SRP_ERR_OPEN_FILE;
if (in == NULL || BIO_read_filename(in,verifier_file) <= 0)
goto err;
error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
if ((tmpdb =TXT_DB_read(in,DB_NUMBER)) == NULL)
goto err;
error_code = SRP_ERR_MEMORY;
if (vb->seed_key)
{
last_index = SRP_get_default_gN(NULL)->id;
}
for (i=0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++)
{
pp=sk_OPENSSL_PSTRING_value(tmpdb->data,i);
if (pp[DB_srptype][0] == DB_SRP_INDEX)
{
/*we add this couple in the internal Stack */
if ((gN = (SRP_gN *)OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
goto err;
if (!(gN->id = BUF_strdup(pp[DB_srpid]))
|| !(gN->N = SRP_gN_place_bn(vb->gN_cache,pp[DB_srpverifier]))
|| !(gN->g = SRP_gN_place_bn(vb->gN_cache,pp[DB_srpsalt]))
|| sk_SRP_gN_insert(SRP_gN_tab,gN,0) == 0)
goto err;
gN = NULL;
if (vb->seed_key != NULL)
{
last_index = pp[DB_srpid];
}
}
else if (pp[DB_srptype][0] == DB_SRP_VALID)
{
/* it is a user .... */
SRP_gN *gN;
if ((gN = SRP_get_gN_by_id(pp[DB_srpgN],SRP_gN_tab))!=NULL)
{
error_code = SRP_ERR_MEMORY;
if ((user_pwd = SRP_user_pwd_new()) == NULL)
goto err;
SRP_user_pwd_set_gN(user_pwd,gN->g,gN->N);
if (!SRP_user_pwd_set_ids(user_pwd, pp[DB_srpid],
pp[DB_srpinfo]))
goto err;
error_code = SRP_ERR_VBASE_BN_LIB;
if (!SRP_user_pwd_set_sv(user_pwd, pp[DB_srpsalt],
pp[DB_srpverifier]))
goto err;
if (sk_SRP_user_pwd_insert(vb->users_pwd,user_pwd,0) == 0)
goto err;
user_pwd = NULL; /* abandon responsability */
}
}
}
if (last_index != NULL)
{
/* this means that we want to simulate a default user */
if (((gN = SRP_get_gN_by_id(last_index,SRP_gN_tab))==NULL))
{
error_code = SRP_ERR_VBASE_BN_LIB;
goto err;
}
vb->default_g = gN->g ;
vb->default_N = gN->N ;
gN = NULL ;
}
error_code = SRP_NO_ERROR;
err:
/* there may be still some leaks to fix, if this fails, the application terminates most likely */
if (gN != NULL)
{
OPENSSL_free(gN->id);
OPENSSL_free(gN);
}
SRP_user_pwd_free(user_pwd);
if (tmpdb) TXT_DB_free(tmpdb);
if (in) BIO_free_all(in);
sk_SRP_gN_free(SRP_gN_tab);
return error_code;
}
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
{
int i;
SRP_user_pwd *user;
unsigned char digv[SHA_DIGEST_LENGTH];
unsigned char digs[SHA_DIGEST_LENGTH];
EVP_MD_CTX ctxt;
if (vb == NULL)
return NULL;
for(i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++)
{
user = sk_SRP_user_pwd_value(vb->users_pwd, i);
if (strcmp(user->id,username)==0)
return user;
}
if ((vb->seed_key == NULL) ||
(vb->default_g == NULL) ||
(vb->default_N == NULL))
return NULL;
/* if the user is unknown we set parameters as well if we have a seed_key */
if ((user = SRP_user_pwd_new()) == NULL)
return NULL;
SRP_user_pwd_set_gN(user,vb->default_g,vb->default_N);
if (!SRP_user_pwd_set_ids(user,username,NULL))
goto err;
RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH);
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
EVP_DigestUpdate(&ctxt, username, strlen(username));
EVP_DigestFinal_ex(&ctxt, digs, NULL);
EVP_MD_CTX_cleanup(&ctxt);
if (SRP_user_pwd_set_sv_BN(user, BN_bin2bn(digs,SHA_DIGEST_LENGTH,NULL), BN_bin2bn(digv,SHA_DIGEST_LENGTH, NULL)))
return user;
err: SRP_user_pwd_free(user);
return NULL;
}
/*
create a verifier (*salt,*verifier,g and N are in base64)
*/
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g)
{
int len;
char * result=NULL;
char *vf;
BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
unsigned char tmp[MAX_LEN];
unsigned char tmp2[MAX_LEN];
char * defgNid = NULL;
if ((user == NULL)||
(pass == NULL)||
(salt == NULL)||
(verifier == NULL))
goto err;
if (N)
{
if (!(len = t_fromb64(tmp, N))) goto err;
N_bn = BN_bin2bn(tmp,len,NULL);
if (!(len = t_fromb64(tmp, g))) goto err;
g_bn = BN_bin2bn(tmp, len, NULL);
defgNid = "*";
}
else
{
SRP_gN * gN = SRP_get_gN_by_id(g, NULL) ;
if (gN == NULL)
goto err;
N_bn = gN->N;
g_bn = gN->g;
defgNid = gN->id;
}
if (*salt == NULL)
{
RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
}
else
{
if (!(len = t_fromb64(tmp2, *salt)))
goto err;
s = BN_bin2bn(tmp2,len,NULL);
}
if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err;
BN_bn2bin(v,tmp);
if (((vf = OPENSSL_malloc(BN_num_bytes(v)*2)) == NULL))
goto err;
t_tob64(vf, tmp, BN_num_bytes(v));
*verifier = vf;
if (*salt == NULL)
{
char *tmp_salt;
if ((tmp_salt = OPENSSL_malloc(SRP_RANDOM_SALT_LEN*2)) == NULL)
{
OPENSSL_free(vf);
goto err;
}
t_tob64(tmp_salt,tmp2,SRP_RANDOM_SALT_LEN);
*salt = tmp_salt;
}
result=defgNid;
err:
if(N)
{
BN_free(N_bn);
BN_free(g_bn);
}
return result;
}
/*
create a verifier (*salt,*verifier,g and N are BIGNUMs)
*/
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
{
int result=0;
BIGNUM *x = NULL;
BN_CTX *bn_ctx = BN_CTX_new();
unsigned char tmp2[MAX_LEN];
if ((user == NULL)||
(pass == NULL)||
(salt == NULL)||
(verifier == NULL)||
(N == NULL)||
(g == NULL)||
(bn_ctx == NULL))
goto err;
srp_bn_print(N);
srp_bn_print(g);
if (*salt == NULL)
{
RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
*salt = BN_bin2bn(tmp2,SRP_RANDOM_SALT_LEN,NULL);
}
x = SRP_Calc_x(*salt,user,pass);
*verifier = BN_new();
if(*verifier == NULL) goto err;
if (!BN_mod_exp(*verifier,g,x,N,bn_ctx))
{
BN_clear_free(*verifier);
goto err;
}
srp_bn_print(*verifier);
result=1;
err:
BN_clear_free(x);
BN_CTX_free(bn_ctx);
return result;
}
#endif

162
crypto/srp/srptest.c Normal file
View File

@ -0,0 +1,162 @@
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_SRP
#include <stdio.h>
int main(int argc, char *argv[])
{
printf("No SRP support\n");
return(0);
}
#else
#include <openssl/srp.h>
#include <openssl/rand.h>
#include <openssl/err.h>
static void showbn(const char *name, const BIGNUM *bn)
{
fputs(name, stdout);
fputs(" = ", stdout);
BN_print_fp(stdout, bn);
putc('\n', stdout);
}
#define RANDOM_SIZE 32 /* use 256 bits on each side */
static int run_srp(const char *username, const char *client_pass, const char *server_pass)
{
int ret=-1;
BIGNUM *s = NULL;
BIGNUM *v = NULL;
BIGNUM *a = NULL;
BIGNUM *b = NULL;
BIGNUM *u = NULL;
BIGNUM *x = NULL;
BIGNUM *Apub = NULL;
BIGNUM *Bpub = NULL;
BIGNUM *Kclient = NULL;
BIGNUM *Kserver = NULL;
unsigned char rand_tmp[RANDOM_SIZE];
/* use builtin 1024-bit params */
SRP_gN *GN = SRP_get_default_gN("1024");
if(GN == NULL)
{
fprintf(stderr, "Failed to get SRP parameters\n");
return -1;
}
/* Set up server's password entry */
if(!SRP_create_verifier_BN(username, server_pass, &s, &v, GN->N, GN->g))
{
fprintf(stderr, "Failed to create SRP verifier\n");
return -1;
}
showbn("N", GN->N);
showbn("g", GN->g);
showbn("Salt", s);
showbn("Verifier", v);
/* Server random */
RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
/* TODO - check b != 0 */
showbn("b", b);
/* Server's first message */
Bpub = SRP_Calc_B(b, GN->N, GN->g, v);
showbn("B", Bpub);
if(!SRP_Verify_B_mod_N(Bpub, GN->N))
{
fprintf(stderr, "Invalid B\n");
return -1;
}
/* Client random */
RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
/* TODO - check a != 0 */
showbn("a", a);
/* Client's response */
Apub = SRP_Calc_A(a, GN->N, GN->g);
showbn("A", Apub);
if(!SRP_Verify_A_mod_N(Apub, GN->N))
{
fprintf(stderr, "Invalid A\n");
return -1;
}
/* Both sides calculate u */
u = SRP_Calc_u(Apub, Bpub, GN->N);
/* Client's key */
x = SRP_Calc_x(s, username, client_pass);
Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u);
showbn("Client's key", Kclient);
/* Server's key */
Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N);
showbn("Server's key", Kserver);
if(BN_cmp(Kclient, Kserver) == 0)
{
ret = 0;
}
else
{
fprintf(stderr, "Keys mismatch\n");
ret = 1;
}
BN_clear_free(Kclient);
BN_clear_free(Kserver);
BN_clear_free(x);
BN_free(u);
BN_free(Apub);
BN_clear_free(a);
BN_free(Bpub);
BN_clear_free(b);
BN_free(s);
BN_clear_free(v);
return ret;
}
int main(int argc, char **argv)
{
BIO *bio_err;
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
/* "Negative" test, expect a mismatch */
if(run_srp("alice", "password1", "password2") == 0)
{
fprintf(stderr, "Mismatched SRP run failed\n");
return 1;
}
/* "Positive" test, should pass */
if(run_srp("alice", "password", "password") != 0)
{
fprintf(stderr, "Plain SRP run failed\n");
return 1;
}
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
return 0;
}
#endif

60
crypto/stack/safestack.h
View File

@ -1459,6 +1459,66 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
#define sk_SRP_gN_new(st) SKM_sk_new(SRP_gN, (st))
#define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
#define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
#define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
#define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
#define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
#define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
#define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
#define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
#define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
#define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
#define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
#define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
#define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
#define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
#define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
#define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
#define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
#define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
#define sk_SRP_gN_cache_new(st) SKM_sk_new(SRP_gN_cache, (st))
#define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
#define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
#define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
#define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
#define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
#define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
#define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
#define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
#define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
#define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
#define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
#define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
#define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
#define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
#define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
#define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
#define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
#define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
#define sk_SRP_user_pwd_new(st) SKM_sk_new(SRP_user_pwd, (st))
#define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
#define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
#define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
#define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
#define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
#define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
#define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
#define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
#define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
#define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
#define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
#define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
#define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
#define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
#define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
#define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
#define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
#define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))

54
ssl/Makefile
View File

@ -30,7 +30,7 @@ LIBSRC= \
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c \
bio_ssl.c ssl_err.c kssl.c t1_reneg.c
bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c
LIBOBJ= \
s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \
@ -41,7 +41,7 @@ LIBOBJ= \
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o \
bio_ssl.o ssl_err.o kssl.o t1_reneg.o
bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o
SRC= $(LIBSRC)
@ -163,7 +163,7 @@ d1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
d1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
d1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
d1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
d1_clnt.o: ../include/openssl/x509_vfy.h d1_clnt.c kssl_lcl.h ssl_locl.h
d1_clnt.o: ../include/openssl/x509_vfy.h d1_clnt.c ssl_locl.h
d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@ -625,20 +625,19 @@ s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
s3_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
s3_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
s3_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
s3_srvr.o: s3_srvr.c ssl_locl.h
s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
@ -974,3 +973,24 @@ t1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
t1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
t1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
t1_srvr.o: t1_srvr.c
tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
tls_srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
tls_srp.o: ../include/openssl/comp.h ../include/openssl/crypto.h
tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
tls_srp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
tls_srp.o: ../include/openssl/err.h ../include/openssl/evp.h
tls_srp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
tls_srp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
tls_srp.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
tls_srp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
tls_srp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
tls_srp.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
tls_srp.o: ../include/openssl/rand.h ../include/openssl/rsa.h
tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
tls_srp.o: ../include/openssl/srp.h ../include/openssl/ssl.h
tls_srp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
tls_srp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
tls_srp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
tls_srp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
tls_srp.o: tls_srp.c

138
ssl/s3_clnt.c
View File

@ -278,6 +278,20 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CR_SRVR_HELLO_A:
case SSL3_ST_CR_SRVR_HELLO_B:
ret=ssl3_get_server_hello(s);
#ifndef OPENSSL_NO_SRP
if ((ret == 0) && (s->s3->warn_alert == SSL_AD_MISSING_SRP_USERNAME))
{
if (!SRP_have_to_put_srp_username(s))
{
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_MISSING_SRP_USERNAME);
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_USER_CANCELLED);
goto end;
}
s->state=SSL3_ST_CW_CLNT_HELLO_A;
if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
break;
}
#endif
if (ret <= 0) goto end;
if (s->hit)
@ -359,6 +373,17 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CR_SRVR_DONE_B:
ret=ssl3_get_server_done(s);
if (ret <= 0) goto end;
#ifndef OPENSSL_NO_SRP
if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP)
{
if ((ret = SRP_Calc_A_param(s))<=0)
{
SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_SRP_A_CALC);
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
goto end;
}
}
#endif
if (s->s3->tmp.cert_req)
s->state=SSL3_ST_CW_CERT_A;
else
@ -1301,6 +1326,86 @@ int ssl3_get_key_exchange(SSL *s)
}
else
#endif /* !OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (alg_k & SSL_kSRP)
{
n2s(p,i);
param_len=i+2;
if (param_len > n)
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_N_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.N=BN_bin2bn(p,i,NULL)))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
goto err;
}
p+=i;
n2s(p,i);
param_len+=i+2;
if (param_len > n)
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_G_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.g=BN_bin2bn(p,i,NULL)))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
goto err;
}
p+=i;
i = (unsigned int)(p[0]);
p++;
param_len+=i+1;
if (param_len > n)
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_S_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.s=BN_bin2bn(p,i,NULL)))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
goto err;
}
p+=i;
n2s(p,i);
param_len+=i+2;
if (param_len > n)
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_B_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.B=BN_bin2bn(p,i,NULL)))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
goto err;
}
p+=i;
n-=param_len;
/* We must check if there is a certificate */
#ifndef OPENSSL_NO_RSA
if (alg_a & SSL_aRSA)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
#else
if (0)
;
#endif
#ifndef OPENSSL_NO_DSA
else if (alg_a & SSL_aDSS)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
#endif
}
else
#endif /* !OPENSSL_NO_SRP */
#ifndef OPENSSL_NO_RSA
if (alg_k & SSL_kRSA)
{
@ -2570,6 +2675,39 @@ int ssl3_send_client_key_exchange(SSL *s)
EVP_PKEY_free(pub_key);
}
#ifndef OPENSSL_NO_SRP
else if (alg_k & SSL_kSRP)
{
if (s->srp_ctx.A != NULL)
{
/* send off the data */
n=BN_num_bytes(s->srp_ctx.A);
s2n(n,p);
BN_bn2bin(s->srp_ctx.A,p);
n+=2;
}
else
{
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
goto err;
}
if (s->session->srp_username != NULL)
OPENSSL_free(s->session->srp_username);
s->session->srp_username = BUF_strdup(s->srp_ctx.login);
if (s->session->srp_username == NULL)
{
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
ERR_R_MALLOC_FAILURE);
goto err;
}
if ((s->session->master_key_length = SRP_generate_client_master_secret(s,s->session->master_key))<0)
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
goto err;
}
}
#endif
#ifndef OPENSSL_NO_PSK
else if (alg_k & SSL_kPSK)
{

213
ssl/s3_lib.c
View File

@ -2012,6 +2012,152 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
#endif /* OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_SRP
/* Cipher C01A */
{
1,
TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
SSL_kSRP,
SSL_aNULL,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
},
/* Cipher C01B */
{
1,
TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_kSRP,
SSL_aRSA,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
},
/* Cipher C01C */
{
1,
TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_kSRP,
SSL_aDSS,
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
168,
168,
},
/* Cipher C01D */
{
1,
TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
SSL_kSRP,
SSL_aNULL,
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
},
/* Cipher C01E */
{
1,
TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
SSL_kSRP,
SSL_aRSA,
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
},
/* Cipher C01F */
{
1,
TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
SSL_kSRP,
SSL_aDSS,
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
128,
128,
},
/* Cipher C020 */
{
1,
TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
SSL_kSRP,
SSL_aNULL,
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
},
/* Cipher C021 */
{
1,
TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
SSL_kSRP,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
},
/* Cipher C022 */
{
1,
TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
SSL_kSRP,
SSL_aDSS,
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
},
#endif /* OPENSSL_NO_SRP */
#ifdef TEMP_GOST_TLS
/* Cipher FF00 */
{
@ -2128,6 +2274,9 @@ int ssl3_new(SSL *s)
s->s3=s3;
#ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_init(s);
#endif
s->method->ssl_clear(s);
return(1);
err:
@ -2168,6 +2317,9 @@ void ssl3_free(SSL *s)
BIO_free(s->s3->handshake_buffer);
}
if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
#ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_free(s);
#endif
OPENSSL_cleanse(s->s3,sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3=NULL;
@ -2241,6 +2393,13 @@ void ssl3_clear(SSL *s)
#endif
}
#ifndef OPENSSL_NO_SRP
static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
{
return BUF_strdup(s->srp_ctx.info) ;
}
#endif
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
{
int ret=0;
@ -2723,6 +2882,38 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 1;
break;
#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
ctx->srp_ctx.srp_Mask|=SSL_kSRP;
if (ctx->srp_ctx.login != NULL)
OPENSSL_free(ctx->srp_ctx.login);
ctx->srp_ctx.login = NULL;
if (parg == NULL)
break;
if (strlen((char *)parg) > 254)
{
SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
return 0;
}
if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
{
SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
return 0;
}
break;
case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
ctx->srp_ctx.info=parg;
break;
case SSL_CTRL_SET_SRP_ARG:
ctx->srp_ctx.srp_Mask|=SSL_kSRP;
ctx->srp_ctx.SRP_cb_arg=parg;
break;
case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
ctx->srp_ctx.strength=larg;
break;
#endif
#endif /* !OPENSSL_NO_TLSEXT */
/* A Thawte special :-) */
@ -2792,6 +2983,24 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
HMAC_CTX *, int))fp;
break;
#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
ctx->srp_ctx.srp_Mask|=SSL_kSRP;
ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
break;
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
ctx->srp_ctx.srp_Mask|=SSL_kSRP;
ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
break;
case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
ctx->srp_ctx.srp_Mask|=SSL_kSRP;
ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
break;
case SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB:
ctx->srp_ctx.srp_Mask|=SSL_kSRP;
ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback=(char *(*)(SSL *,void *))fp;
break;
#endif
#endif
case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
{
@ -2897,6 +3106,10 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
mask_a = cert->mask_a;
emask_k = cert->export_mask_k;
emask_a = cert->export_mask_a;
#ifndef OPENSSL_NO_SRP
mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
#endif
#ifdef KSSL_DEBUG
/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/

4
ssl/s3_pkt.c
View File

@ -1203,6 +1203,10 @@ start:
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_NO_RENEGOTIATION);
goto f_err;
}
#ifdef SSL_AD_MISSING_SRP_USERNAME
else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
return(0);
#endif
}
else if (alert_level == 2) /* fatal */
{

142
ssl/s3_srvr.c
View File

@ -180,6 +180,31 @@ static const SSL_METHOD *ssl3_get_server_method(int ver)
return(NULL);
}
#ifndef OPENSSL_NO_SRP
static int SSL_check_srp_ext_ClientHello(SSL *s,int *ad)
{
int ret = SSL_ERROR_NONE;
*ad = SSL_AD_UNRECOGNIZED_NAME;
if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
(s->srp_ctx.TLS_ext_srp_username_callback != NULL))
{
if(s->srp_ctx.login == NULL)
{
/* There isn't any srp login extension !!! */
ret = SSL3_AL_WARNING;
*ad = SSL_AD_MISSING_SRP_USERNAME;
}
else
{
ret = SSL_srp_server_param_with_username(s,ad);
}
}
return ret;
}
#endif
IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
ssl3_accept,
ssl_undefined_function,
@ -192,6 +217,9 @@ int ssl3_accept(SSL *s)
void (*cb)(const SSL *ssl,int type,int val)=NULL;
int ret= -1;
int new_state,state,skip=0;
#ifndef OPENSSL_NO_SRP
int srp_no_username =0;
#endif
RAND_add(&Time,sizeof(Time),0);
ERR_clear_error();
@ -312,10 +340,37 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SR_CLNT_HELLO_A:
case SSL3_ST_SR_CLNT_HELLO_B:
case SSL3_ST_SR_CLNT_HELLO_C:
#ifndef OPENSSL_NO_SRP
case SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME:
#endif
s->shutdown=0;
ret=ssl3_get_client_hello(s);
if (ret <= 0) goto end;
#ifndef OPENSSL_NO_SRP
{
int extension_error = 0,al;
if ((al = SSL_check_srp_ext_ClientHello(s,&extension_error)) != SSL_ERROR_NONE)
{
ssl3_send_alert(s,al,extension_error);
if (extension_error == SSL_AD_MISSING_SRP_USERNAME)
{
if (srp_no_username) goto end;
ERR_clear_error();
srp_no_username = 1;
s->state=SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME;
if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
if ((ret=BIO_flush(s->wbio)) <= 0) goto end;
s->init_num=0;
break;
}
ret = -1;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
goto end;
}
}
#endif
s->renegotiate = 2;
s->state=SSL3_ST_SW_SRVR_HELLO_A;
@ -346,7 +401,7 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
/* Check if it is anon DH or anon ECDH, */
/* normal PSK or KRB5 */
/* normal PSK or KRB5 or SRP */
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
&& !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
@ -410,6 +465,10 @@ int ssl3_accept(SSL *s)
* hint if provided */
#ifndef OPENSSL_NO_PSK
|| ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
#endif
#ifndef OPENSSL_NO_SRP
/* SRP: send ServerKeyExchange */
|| (alg_k & SSL_kSRP)
#endif
|| (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
|| (alg_k & SSL_kEECDH)
@ -837,7 +896,11 @@ int ssl3_get_client_hello(SSL *s)
* If we are SSLv3, we will respond with SSLv3, even if prompted with
* TLSv1.
*/
if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
if (s->state == SSL3_ST_SR_CLNT_HELLO_A
#ifndef OPENSSL_NO_SRP
|| (s->state == SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME)
#endif
)
{
s->state=SSL3_ST_SR_CLNT_HELLO_B;
}
@ -1710,14 +1773,37 @@ int ssl3_send_server_key_exchange(SSL *s)
}
else
#endif /* !OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (type & SSL_kSRP)
{
if ((s->srp_ctx.N == NULL) ||
(s->srp_ctx.g == NULL) ||
(s->srp_ctx.s == NULL) ||
(s->srp_ctx.B == NULL))
{
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_SRP_PARAM);
goto err;
}
r[0]=s->srp_ctx.N;
r[1]=s->srp_ctx.g;
r[2]=s->srp_ctx.s;
r[3]=s->srp_ctx.B;
}
else
#endif
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
goto f_err;
}
for (i=0; r[i] != NULL; i++)
for (i=0; r[i] != NULL && i<4; i++)
{
nr[i]=BN_num_bytes(r[i]);
#ifndef OPENSSL_NO_SRP
if ((i == 2) && (type & SSL_kSRP))
n+=1+nr[i];
else
#endif
n+=2+nr[i];
}
@ -1746,8 +1832,16 @@ int ssl3_send_server_key_exchange(SSL *s)
d=(unsigned char *)s->init_buf->data;
p= &(d[4]);
for (i=0; r[i] != NULL; i++)
for (i=0; r[i] != NULL && i<4; i++)
{
#ifndef OPENSSL_NO_SRP
if ((i == 2) && (type & SSL_kSRP))
{
*p = nr[i];
p++;
}
else
#endif
s2n(nr[i],p);
BN_bn2bin(r[i],p);
p+=nr[i];
@ -2623,6 +2717,44 @@ int ssl3_get_client_key_exchange(SSL *s)
}
else
#endif
#ifndef OPENSSL_NO_SRP
if (alg_k & SSL_kSRP)
{
int param_len;
n2s(p,i);
param_len=i+2;
if (param_len > n)
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_A_LENGTH);
goto f_err;
}
if (!(s->srp_ctx.A=BN_bin2bn(p,i,NULL)))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
goto err;
}
if (s->session->srp_username != NULL)
OPENSSL_free(s->session->srp_username);
s->session->srp_username = BUF_strdup(s->srp_ctx.login);
if (s->session->srp_username == NULL)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
ERR_R_MALLOC_FAILURE);
goto err;
}
if ((s->session->master_key_length = SRP_generate_server_master_secret(s,s->session->master_key))<0)
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
goto err;
}
p+=i;
}
else
#endif /* OPENSSL_NO_SRP */
if (alg_k & SSL_kGOST)
{
int ret = 0;
@ -2706,7 +2838,7 @@ int ssl3_get_client_key_exchange(SSL *s)
return(1);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH)
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
err:
#endif
#ifndef OPENSSL_NO_ECDH

95
ssl/ssl.h
View File

@ -252,6 +252,7 @@ extern "C" {
#define SSL_TXT_kEECDH "kEECDH"
#define SSL_TXT_kPSK "kPSK"
#define SSL_TXT_kGOST "kGOST"
#define SSL_TXT_kSRP "kSRP"
#define SSL_TXT_aRSA "aRSA"
#define SSL_TXT_aDSS "aDSS"
@ -275,6 +276,7 @@ extern "C" {
#define SSL_TXT_ECDSA "ECDSA"
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_PSK "PSK"
#define SSL_TXT_SRP "SRP"
#define SSL_TXT_DES "DES"
#define SSL_TXT_3DES "3DES"
@ -437,6 +439,7 @@ typedef struct ssl_method_st
* ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format list from TLS extension
* PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
* PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
* SRP_username [ 11 ] EXPLICIT OCTET STRING -- optional SRP username
* }
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
@ -515,6 +518,9 @@ typedef struct ssl_session_st
unsigned char *tlsext_tick; /* Session ticket */
size_t tlsext_ticklen; /* Session ticket length */
long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
#endif
#ifndef OPENSSL_NO_SRP
char *srp_username;
#endif
} SSL_SESSION;
@ -647,7 +653,42 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
#ifndef OPENSSL_NO_SRP
typedef struct srp_ctx_st
{
/* param for all the callbacks */
void *SRP_cb_arg;
/* set client Hello login callback */
int (*TLS_ext_srp_username_callback)(SSL *, int *, void *);
/* set SRP N/g param callback for verification */
int (*SRP_verify_param_callback)(SSL *, void *);
/* set SRP client passwd callback */
char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
/* set SRP client username callback */
char *(*SRP_TLS_ext_missing_srp_client_username_callback)(SSL *, void *);
char *login;
BIGNUM *N,*g,*s,*B,*A;
BIGNUM *a,*b,*v;
char *info;
int strength;
unsigned long srp_Mask;
} SRP_CTX;
/* see tls_srp.c */
int SSL_SRP_CTX_init(SSL *s);
int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
int SSL_SRP_CTX_free(SSL *ctx);
int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
int SSL_srp_server_param_with_username(SSL *s, int *ad);
int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key);
int SRP_Calc_A_param(SSL *s);
int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
int SRP_have_to_put_srp_username(SSL *s);
#endif
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
@ -894,6 +935,9 @@ struct ssl_ctx_st
unsigned int freelist_max_len;
struct ssl3_buf_freelist_st *wbuf_freelist;
struct ssl3_buf_freelist_st *rbuf_freelist;
#endif
#ifndef OPENSSL_NO_SRP
SRP_CTX srp_ctx; /* ctx for SRP authentication */
#endif
};
@ -1247,6 +1291,9 @@ struct ssl_st
unsigned char *next_proto_negotiated;
unsigned char next_proto_negotiated_len;
#endif
#ifndef OPENSSL_NO_SRP
SRP_CTX srp_ctx; /* ctx for SRP authentication */
#endif
#define session_ctx initial_ctx
#else
@ -1396,6 +1443,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
#define SSL_AD_UNKNOWN_SRP_USERNAME TLS1_AD_UNKNOWN_SRP_USERNAME
#define SSL_AD_MISSING_SRP_USERNAME TLS1_AD_MISSING_SRP_USERNAME
#define SSL_ERROR_NONE 0
#define SSL_ERROR_SSL 1
@ -1479,6 +1528,15 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
#define SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB 78
#define SSL_CTRL_SET_SRP_ARG 79
#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 80
#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 81
#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 82
#endif
#define DTLS_CTRL_GET_TIMEOUT 73
@ -1684,6 +1742,32 @@ int SSL_set_trust(SSL *s, int trust);
int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
#ifndef OPENSSL_NO_SRP
int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name);
int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password);
int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
char *(*cb)(SSL *,void *));
int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
int (*cb)(SSL *,void *));
int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
int (*cb)(SSL *,int *,void *));
int SSL_CTX_set_srp_missing_srp_username_callback(SSL_CTX *ctx,
char *(*cb)(SSL *,void *));
int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
BIGNUM *sa, BIGNUM *v, char *info);
int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
const char *grp);
BIGNUM *SSL_get_srp_g(SSL *s);
BIGNUM *SSL_get_srp_N(SSL *s);
char *SSL_get_srp_username(SSL *s);
char *SSL_get_srp_userinfo(SSL *s);
#endif
void SSL_free(SSL *ssl);
int SSL_accept(SSL *ssl);
int SSL_connect(SSL *ssl);
@ -2083,6 +2167,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL_SET_TRUST 228
#define SSL_F_SSL_SET_WFD 196
#define SSL_F_SSL_SHUTDOWN 224
#define SSL_F_SSL_SRP_CTX_INIT 293
#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
#define SSL_F_SSL_UNDEFINED_FUNCTION 197
#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
@ -2141,6 +2226,11 @@ void ERR_load_SSL_strings(void);
#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
#define SSL_R_BAD_RSA_SIGNATURE 122
#define SSL_R_BAD_SIGNATURE 123
#define SSL_R_BAD_SRP_A_LENGTH 2096
#define SSL_R_BAD_SRP_B_LENGTH 2097
#define SSL_R_BAD_SRP_G_LENGTH 2098
#define SSL_R_BAD_SRP_N_LENGTH 2099
#define SSL_R_BAD_SRP_S_LENGTH 2100
#define SSL_R_BAD_SSL_FILETYPE 124
#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
#define SSL_R_BAD_STATE 126
@ -2157,6 +2247,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
#define SSL_R_CLIENTHELLO_SRP_TLS_EXT 2101
#define SSL_R_CLIENTHELLO_TLSEXT 226
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
#define SSL_R_COMPRESSION_DISABLED 343
@ -2195,6 +2286,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_INVALID_COMMAND 280
#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
#define SSL_R_INVALID_PURPOSE 278
#define SSL_R_INVALID_SRP_USERNAME 2107
#define SSL_R_INVALID_STATUS_RESPONSE 328
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
#define SSL_R_INVALID_TRUST 279
@ -2224,6 +2316,8 @@ void ERR_load_SSL_strings(void);
#define SSL_R_MISSING_RSA_CERTIFICATE 168
#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
#define SSL_R_MISSING_RSA_SIGNING_CERT 170
#define SSL_R_MISSING_SRP_PARAM 2103
#define SSL_R_MISSING_SRP_USERNAME 2104
#define SSL_R_MISSING_TMP_DH_KEY 171
#define SSL_R_MISSING_TMP_ECDH_KEY 311
#define SSL_R_MISSING_TMP_RSA_KEY 172
@ -2296,6 +2390,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
#define SSL_R_SHORT_READ 219
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
#define SSL_R_SRP_A_CALC 2105
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321

2
ssl/ssl3.h
View File

@ -576,6 +576,8 @@ typedef struct ssl3_state_st
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
/* a new state to remember that we have already receive a ClientHello without srp username extension */
#define SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME (0x1E2|SSL_ST_ACCEPT)
/* write to client */
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)

37
ssl/ssl_asn1.c
View File

@ -115,6 +115,9 @@ typedef struct ssl_session_asn1_st
ASN1_OCTET_STRING psk_identity_hint;
ASN1_OCTET_STRING psk_identity;
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
ASN1_OCTET_STRING srp_username;
#endif /* OPENSSL_NO_SRP */
} SSL_SESSION_ASN1;
int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
@ -130,6 +133,9 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
#ifndef OPENSSL_NO_COMP
unsigned char cbuf;
int v11=0;
#endif
#ifndef OPENSSL_NO_SRP
int v12=0;
#endif
long l;
SSL_SESSION_ASN1 a;
@ -268,6 +274,14 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
a.psk_identity.data=(unsigned char *)(in->psk_identity);
}
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (in->srp_username)
{
a.srp_username.length=strlen(in->srp_username);
a.srp_username.type=V_ASN1_OCTET_STRING;
a.srp_username.data=(unsigned char *)(in->srp_username);
}
#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
@ -308,6 +322,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
if (in->psk_identity)
M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8);
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (in->srp_username)
M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING,12,v12);
#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_seq_total();
@ -352,6 +370,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
if (in->compress_meth)
M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING,11,v11);
#endif
#ifndef OPENSSL_NO_SRP
if (in->srp_username)
M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING,12,v12);
#endif /* OPENSSL_NO_SRP */
M_ASN1_I2D_finish();
}
@ -589,5 +611,20 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
}
#endif
#ifndef OPENSSL_NO_SRP
os.length=0;
os.data=NULL;
M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,11);
if (os.data)
{
ret->srp_username = BUF_strndup((char *)os.data, os.length);
OPENSSL_free(os.data);
os.data = NULL;
os.length = 0;
}
else
ret->srp_username=NULL;
#endif /* OPENSSL_NO_SRP */
M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
}

8
ssl/ssl_ciph.c
View File

@ -247,6 +247,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0},
/* server authentication aliases */
@ -273,6 +274,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
{0,SSL_TXT_SRP,0, SSL_kSRP,0,0,0,0,0,0,0,0},
/* symmetric encryption aliases */
@ -660,6 +662,9 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
#ifdef OPENSSL_NO_PSK
*mkey |= SSL_kPSK;
*auth |= SSL_aPSK;
#endif
#ifdef OPENSSL_NO_SRP
*mkey |= SSL_kSRP;
#endif
/* Check for presence of GOST 34.10 algorithms, and if they
* do not present, disable appropriate auth and key exchange */
@ -1511,6 +1516,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_kPSK:
kx="PSK";
break;
case SSL_kSRP:
kx="SRP";
break;
default:
kx="unknown";
}

11
ssl/ssl_err.c
View File

@ -251,6 +251,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
{ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
{ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
{ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_INIT"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION), "SSL_UNDEFINED_CONST_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "SSL_UNDEFINED_FUNCTION"},
{ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION), "SSL_UNDEFINED_VOID_FUNCTION"},
@ -312,6 +313,11 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH),"bad rsa modulus length"},
{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE) ,"bad rsa signature"},
{ERR_REASON(SSL_R_BAD_SIGNATURE) ,"bad signature"},
{ERR_REASON(SSL_R_BAD_SRP_A_LENGTH) ,"bad srp a length"},
{ERR_REASON(SSL_R_BAD_SRP_B_LENGTH) ,"bad srp b length"},
{ERR_REASON(SSL_R_BAD_SRP_G_LENGTH) ,"bad srp g length"},
{ERR_REASON(SSL_R_BAD_SRP_N_LENGTH) ,"bad srp n length"},
{ERR_REASON(SSL_R_BAD_SRP_S_LENGTH) ,"bad srp s length"},
{ERR_REASON(SSL_R_BAD_SSL_FILETYPE) ,"bad ssl filetype"},
{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"},
{ERR_REASON(SSL_R_BAD_STATE) ,"bad state"},
@ -328,6 +334,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH),"cipher code wrong length"},
{ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),"cipher or hash unavailable"},
{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
{ERR_REASON(SSL_R_CLIENTHELLO_SRP_TLS_EXT),"error with the SRP username"},
{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT) ,"clienthello tlsext"},
{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
{ERR_REASON(SSL_R_COMPRESSION_DISABLED) ,"compression disabled"},
@ -366,6 +373,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_INVALID_COMMAND) ,"invalid command"},
{ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),"invalid compression algorithm"},
{ERR_REASON(SSL_R_INVALID_PURPOSE) ,"invalid purpose"},
{ERR_REASON(SSL_R_INVALID_SRP_USERNAME) ,"invalid srp username"},
{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"},
{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"},
{ERR_REASON(SSL_R_INVALID_TRUST) ,"invalid trust"},
@ -395,6 +403,8 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE),"missing rsa certificate"},
{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),"missing rsa encrypting cert"},
{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT),"missing rsa signing cert"},
{ERR_REASON(SSL_R_MISSING_SRP_PARAM) ,"can't find SRP server param"},
{ERR_REASON(SSL_R_MISSING_SRP_USERNAME) ,"missing srp username"},
{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY) ,"missing tmp dh key"},
{ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY) ,"missing tmp ecdh key"},
{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY) ,"missing tmp rsa key"},
@ -467,6 +477,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
{ERR_REASON(SSL_R_SHORT_READ) ,"short read"},
{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
{ERR_REASON(SSL_R_SRP_A_CALC) ,"error with the srp params"},
{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"},
{ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),"ssl3 ext invalid ecpointformat"},

6
ssl/ssl_lib.c
View File

@ -1789,6 +1789,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->psk_client_callback=NULL;
ret->psk_server_callback=NULL;
#endif
#ifndef OPENSSL_NO_SRP
SSL_CTX_SRP_CTX_init(ret);
#endif
#ifndef OPENSSL_NO_BUF_FREELISTS
ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
@ -1921,6 +1924,9 @@ void SSL_CTX_free(SSL_CTX *a)
if (a->psk_identity_hint)
OPENSSL_free(a->psk_identity_hint);
#endif
#ifndef OPENSSL_NO_SRP
SSL_CTX_SRP_CTX_free(a);
#endif
#ifndef OPENSSL_NO_ENGINE
if (a->client_cert_engine)
ENGINE_finish(a->client_cert_engine);

1
ssl/ssl_locl.h
View File

@ -289,6 +289,7 @@
#define SSL_kEECDH 0x00000080L /* ephemeral ECDH */
#define SSL_kPSK 0x00000100L /* PSK */
#define SSL_kGOST 0x00000200L /* GOST key exchange */
#define SSL_kSRP 0x00000400L /* SRP */
/* Bits for algorithm_auth (server authentication) */
#define SSL_aRSA 0x00000001L /* RSA auth */

7
ssl/ssl_sess.c
View File

@ -217,6 +217,9 @@ SSL_SESSION *SSL_SESSION_new(void)
#ifndef OPENSSL_NO_PSK
ss->psk_identity_hint=NULL;
ss->psk_identity=NULL;
#endif
#ifndef OPENSSL_NO_SRP
ss->srp_username=NULL;
#endif
return(ss);
}
@ -733,6 +736,10 @@ void SSL_SESSION_free(SSL_SESSION *ss)
OPENSSL_free(ss->psk_identity_hint);
if (ss->psk_identity != NULL)
OPENSSL_free(ss->psk_identity);
#endif
#ifndef OPENSSL_NO_SRP
if (ss->srp_username != NULL)
OPENSSL_free(ss->srp_username);
#endif
OPENSSL_cleanse(ss,sizeof(*ss));
OPENSSL_free(ss);

8
ssl/ssl_stat.c
View File

@ -210,6 +210,9 @@ case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
#ifndef OPENSSL_NO_SRP
case SSL3_ST_SR_CLNT_HELLO_SRP_USERNAME: str="SSLv3 waiting for a SRP username"; break;
#endif
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
@ -547,6 +550,11 @@ const char *SSL_alert_desc_string_long(int value)
case TLS1_AD_UNKNOWN_PSK_IDENTITY:
str="unknown PSK identity";
break;
#ifndef OPENSSL_NO_SRP
case TLS1_AD_MISSING_SRP_USERNAME:
str="no srp username";
break;
#endif
default: str="unknown"; break;
}
return(str);

4
ssl/ssl_txt.c
View File

@ -189,6 +189,10 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
if (BIO_puts(bp,"\n PSK identity hint: ") <= 0) goto err;
if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) goto err;
#endif
#ifndef OPENSSL_NO_SRP
if (BIO_puts(bp,"\n SRP username: ") <= 0) goto err;
if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) goto err;
#endif
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint)
{

99
ssl/ssltest.c
View File

@ -181,6 +181,9 @@
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
#ifndef OPENSSL_NO_SRP
#include <openssl/srp.h>
#endif
#include <openssl/bn.h>
#define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
@ -246,6 +249,55 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned
unsigned int max_psk_len);
#endif
#ifndef OPENSSL_NO_SRP
/* SRP client */
/* This is a context that we pass to all callbacks */
typedef struct srp_client_arg_st
{
char *srppassin;
char *srplogin;
} SRP_CLIENT_ARG;
#define PWD_STRLEN 1024
static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
{
SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
return BUF_strdup((char *)srp_client_arg->srppassin);
}
static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg)
{
SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
return BUF_strdup(srp_client_arg->srplogin);
}
/* SRP server */
/* This is a context that we pass to SRP server callbacks */
typedef struct srp_server_arg_st
{
char *expected_user;
char *pass;
} SRP_SERVER_ARG;
static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
{
SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
{
fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
return SSL3_AL_FATAL;
}
if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
{
*ad = SSL_AD_INTERNAL_ERROR;
return SSL3_AL_FATAL;
}
return SSL_ERROR_NONE;
}
#endif
static BIO *bio_err=NULL;
static BIO *bio_stdout=NULL;
@ -364,6 +416,10 @@ static void sv_usage(void)
#ifndef OPENSSL_NO_PSK
fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
#endif
#ifndef OPENSSL_NO_SRP
fprintf(stderr," -srpuser user - SRP username to use\n");
fprintf(stderr," -srppass arg - password for 'user'\n");
#endif
#ifndef OPENSSL_NO_SSL2
fprintf(stderr," -ssl2 - use SSLv2\n");
#endif
@ -555,6 +611,13 @@ int main(int argc, char *argv[])
#endif
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh = NULL;
#endif
#ifndef OPENSSL_NO_SRP
/* client */
int srp_lateuser = 0;
SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
/* server */
SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
#endif
int no_dhe = 0;
int no_ecdhe = 0;
@ -652,6 +715,20 @@ int main(int argc, char *argv[])
no_psk=1;
#endif
}
#ifndef OPENSSL_NO_SRP
else if (strcmp(*argv,"-srpuser") == 0)
{
if (--argc < 1) goto bad;
srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
tls1=1;
}
else if (strcmp(*argv,"-srppass") == 0)
{
if (--argc < 1) goto bad;
srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
tls1=1;
}
#endif
else if (strcmp(*argv,"-ssl2") == 0)
ssl2=1;
else if (strcmp(*argv,"-tls1") == 0)
@ -1038,6 +1115,28 @@ bad:
}
#endif
}
#ifndef OPENSSL_NO_SRP
if (srp_client_arg.srplogin)
{
if (srp_lateuser)
SSL_CTX_set_srp_missing_srp_username_callback(c_ctx,missing_srp_username_callback);
else if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
{
BIO_printf(bio_err,"Unable to set SRP username\n");
goto end;
}
SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
/*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
}
if (srp_server_arg.expected_user != NULL)
{
SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
}
#endif
#ifndef OPENSSL_NO_NPN
if (npn_client)

3
ssl/t1_enc.c
View File

@ -1073,6 +1073,9 @@ int tls1_alert_code(int code)
case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
#ifndef OPENSSL_NO_SRP
case SSL_AD_MISSING_SRP_USERNAME:return(TLS1_AD_MISSING_SRP_USERNAME);
#endif
#if 0 /* not appropriate for TLS, not used for DTLS */
case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return
(DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);

37
ssl/t1_lib.c
View File

@ -341,6 +341,30 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
ret += el;
}
#ifndef OPENSSL_NO_SRP
#define MIN(x,y) (((x)<(y))?(x):(y))
/* we add SRP username the first time only if we have one! */
if (s->srp_ctx.login != NULL)
{/* Add TLS extension SRP username to the Client Hello message */
int login_len = MIN(strlen(s->srp_ctx.login) + 1, 255);
long lenmax;
if ((lenmax = limit - ret - 5) < 0) return NULL;
if (login_len > lenmax) return NULL;
if (login_len > 255)
{
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
}
s2n(TLSEXT_TYPE_srp,ret);
s2n(login_len+1,ret);
(*ret++) = (unsigned char) MIN(strlen(s->srp_ctx.login), 254);
memcpy(ret, s->srp_ctx.login, MIN(strlen(s->srp_ctx.login), 254));
ret+=login_len;
}
#endif
#ifndef OPENSSL_NO_EC
if (s->tlsext_ecpointformatlist != NULL &&
s->version != DTLS1_VERSION)
@ -799,6 +823,19 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
}
}
#ifndef OPENSSL_NO_SRP
else if (type == TLSEXT_TYPE_srp)
{
if (size > 0)
{
len = data[0];
if ((s->srp_ctx.login = OPENSSL_malloc(len+1)) == NULL)
return -1;
memcpy(s->srp_ctx.login, &data[1], len);
s->srp_ctx.login[len]='\0';
}
}
#endif
#ifndef OPENSSL_NO_EC
else if (type == TLSEXT_TYPE_ec_point_formats &&

26
ssl/tls1.h
View File

@ -186,6 +186,8 @@ extern "C" {
#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
#define TLS1_AD_UNKNOWN_SRP_USERNAME 120 /* fatal */
#define TLS1_AD_MISSING_SRP_USERNAME 121
/* ExtensionType values from RFC3546 / RFC4366 */
#define TLSEXT_TYPE_server_name 0
@ -197,6 +199,8 @@ extern "C" {
/* ExtensionType values from RFC4492 */
#define TLSEXT_TYPE_elliptic_curves 10
#define TLSEXT_TYPE_ec_point_formats 11
/* ExtensionType value from RFC5054 */
#define TLSEXT_TYPE_srp 12
#define TLSEXT_TYPE_session_ticket 35
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
#if 0 /* will have to be provided externally for now ,
@ -385,6 +389,17 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
/* SRP ciphersuites from RFC 5054 */
#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
/* XXX
* Inconsistency alert:
* The OpenSSL names of ciphers with ephemeral DH here include the string
@ -452,6 +467,17 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
/* SRP ciphersuite from RFC 5054 */
#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
/* Camellia ciphersuites from RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"

529
ssl/tls_srp.c Normal file
View File

@ -0,0 +1,529 @@
/* ssl/tls_srp.c */
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SRP
#include <openssl/rand.h>
#include <openssl/srp.h>
#include <openssl/err.h>
int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
{
if (ctx == NULL)
return 0;
OPENSSL_free(ctx->srp_ctx.login);
BN_free(ctx->srp_ctx.N);
BN_free(ctx->srp_ctx.g);
BN_free(ctx->srp_ctx.s);
BN_free(ctx->srp_ctx.B);
BN_free(ctx->srp_ctx.A);
BN_free(ctx->srp_ctx.a);
BN_free(ctx->srp_ctx.b);
BN_free(ctx->srp_ctx.v);
ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
ctx->srp_ctx.SRP_cb_arg = NULL;
ctx->srp_ctx.SRP_verify_param_callback = NULL;
ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
ctx->srp_ctx.N = NULL;
ctx->srp_ctx.g = NULL;
ctx->srp_ctx.s = NULL;
ctx->srp_ctx.B = NULL;
ctx->srp_ctx.A = NULL;
ctx->srp_ctx.a = NULL;
ctx->srp_ctx.b = NULL;
ctx->srp_ctx.v = NULL;
ctx->srp_ctx.login = NULL;
ctx->srp_ctx.info = NULL;
ctx->srp_ctx.strength = SRP_MINIMAL_N;
ctx->srp_ctx.srp_Mask = 0;
return (1);
}
int SSL_SRP_CTX_free(struct ssl_st *s)
{
if (s == NULL)
return 0;
OPENSSL_free(s->srp_ctx.login);
BN_free(s->srp_ctx.N);
BN_free(s->srp_ctx.g);
BN_free(s->srp_ctx.s);
BN_free(s->srp_ctx.B);
BN_free(s->srp_ctx.A);
BN_free(s->srp_ctx.a);
BN_free(s->srp_ctx.b);
BN_free(s->srp_ctx.v);
s->srp_ctx.TLS_ext_srp_username_callback = NULL;
s->srp_ctx.SRP_cb_arg = NULL;
s->srp_ctx.SRP_verify_param_callback = NULL;
s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
s->srp_ctx.N = NULL;
s->srp_ctx.g = NULL;
s->srp_ctx.s = NULL;
s->srp_ctx.B = NULL;
s->srp_ctx.A = NULL;
s->srp_ctx.a = NULL;
s->srp_ctx.b = NULL;
s->srp_ctx.v = NULL;
s->srp_ctx.login = NULL;
s->srp_ctx.info = NULL;
s->srp_ctx.strength = SRP_MINIMAL_N;
s->srp_ctx.srp_Mask = 0;
return (1);
}
int SSL_SRP_CTX_init(struct ssl_st *s)
{
SSL_CTX *ctx;
if ((s == NULL) || ((ctx = s->ctx) == NULL))
return 0;
s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
/* set client Hello login callback */
s->srp_ctx.TLS_ext_srp_username_callback = ctx->srp_ctx.TLS_ext_srp_username_callback;
/* set SRP N/g param callback for verification */
s->srp_ctx.SRP_verify_param_callback = ctx->srp_ctx.SRP_verify_param_callback;
/* set SRP client passwd callback */
s->srp_ctx.SRP_give_srp_client_pwd_callback = ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback;
s->srp_ctx.N = NULL;
s->srp_ctx.g = NULL;
s->srp_ctx.s = NULL;
s->srp_ctx.B = NULL;
s->srp_ctx.A = NULL;
s->srp_ctx.a = NULL;
s->srp_ctx.b = NULL;
s->srp_ctx.v = NULL;
s->srp_ctx.login = NULL;
s->srp_ctx.info = ctx->srp_ctx.info;
s->srp_ctx.strength = ctx->srp_ctx.strength;
if (((ctx->srp_ctx.N != NULL) &&
((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
((ctx->srp_ctx.g != NULL) &&
((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
((ctx->srp_ctx.s != NULL) &&
((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
((ctx->srp_ctx.B != NULL) &&
((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
((ctx->srp_ctx.A != NULL) &&
((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
((ctx->srp_ctx.a != NULL) &&
((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
((ctx->srp_ctx.v != NULL) &&
((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
((ctx->srp_ctx.b != NULL) &&
((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL)))
{
SSLerr(SSL_F_SSL_SRP_CTX_INIT,ERR_R_BN_LIB);
goto err;
}
if ((ctx->srp_ctx.login != NULL) &&
((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL))
{
SSLerr(SSL_F_SSL_SRP_CTX_INIT,ERR_R_INTERNAL_ERROR);
goto err;
}
s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
return (1);
err:
OPENSSL_free(s->srp_ctx.login);
BN_free(s->srp_ctx.N);
BN_free(s->srp_ctx.g);
BN_free(s->srp_ctx.s);
BN_free(s->srp_ctx.B);
BN_free(s->srp_ctx.A);
BN_free(s->srp_ctx.a);
BN_free(s->srp_ctx.b);
BN_free(s->srp_ctx.v);
return (0);
}
int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
{
if (ctx == NULL)
return 0;
ctx->srp_ctx.SRP_cb_arg = NULL;
/* set client Hello login callback */
ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
/* set SRP N/g param callback for verification */
ctx->srp_ctx.SRP_verify_param_callback = NULL;
/* set SRP client passwd callback */
ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback = NULL;
ctx->srp_ctx.N = NULL;
ctx->srp_ctx.g = NULL;
ctx->srp_ctx.s = NULL;
ctx->srp_ctx.B = NULL;
ctx->srp_ctx.A = NULL;
ctx->srp_ctx.a = NULL;
ctx->srp_ctx.b = NULL;
ctx->srp_ctx.v = NULL;
ctx->srp_ctx.login = NULL;
ctx->srp_ctx.srp_Mask = 0;
ctx->srp_ctx.info = NULL;
ctx->srp_ctx.strength = SRP_MINIMAL_N;
return (1);
}
/* server side */
int SSL_srp_server_param_with_username(SSL *s, int *ad)
{
unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
int al;
*ad = SSL_AD_UNKNOWN_SRP_USERNAME;
if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) &&
((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad, s->srp_ctx.SRP_cb_arg))!=SSL_ERROR_NONE))
return al;
*ad = SSL_AD_INTERNAL_ERROR;
if ((s->srp_ctx.N == NULL) ||
(s->srp_ctx.g == NULL) ||
(s->srp_ctx.s == NULL) ||
(s->srp_ctx.v == NULL))
return SSL3_AL_FATAL;
if (RAND_bytes(b, sizeof(b)) <= 0)
return SSL3_AL_FATAL;
s->srp_ctx.b = BN_bin2bn(b,sizeof(b),NULL);
OPENSSL_cleanse(b,sizeof(b));
/* Calculate: B = (kv + g^b) % N */
return ((s->srp_ctx.B = SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g, s->srp_ctx.v)) != NULL)?
SSL_ERROR_NONE:SSL3_AL_FATAL;
}
/* If the server just has the raw password, make up a verifier entry on the fly */
int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp)
{
SRP_gN *GN = SRP_get_default_gN(grp);
if(GN == NULL) return -1;
s->srp_ctx.N = BN_dup(GN->N);
s->srp_ctx.g = BN_dup(GN->g);
if(s->srp_ctx.v != NULL)
{
BN_clear_free(s->srp_ctx.v);
s->srp_ctx.v = NULL;
}
if(s->srp_ctx.s != NULL)
{
BN_clear_free(s->srp_ctx.s);
s->srp_ctx.s = NULL;
}
if(!SRP_create_verifier_BN(user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g)) return -1;
return 1;
}
int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
BIGNUM *sa, BIGNUM *v, char *info)
{
if (N!= NULL)
{
if (s->srp_ctx.N != NULL)
{
if (!BN_copy(s->srp_ctx.N,N))
{
BN_free(s->srp_ctx.N);
s->srp_ctx.N = NULL;
}
}
else
s->srp_ctx.N = BN_dup(N);
}
if (g!= NULL)
{
if (s->srp_ctx.g != NULL)
{
if (!BN_copy(s->srp_ctx.g,g))
{
BN_free(s->srp_ctx.g);
s->srp_ctx.g = NULL;
}
}
else
s->srp_ctx.g = BN_dup(g);
}
if (sa!= NULL)
{
if (s->srp_ctx.s != NULL)
{
if (!BN_copy(s->srp_ctx.s,sa))
{
BN_free(s->srp_ctx.s);
s->srp_ctx.s = NULL;
}
}
else
s->srp_ctx.s = BN_dup(sa);
}
if (v!= NULL)
{
if (s->srp_ctx.v != NULL)
{
if (!BN_copy(s->srp_ctx.v,v))
{
BN_free(s->srp_ctx.v);
s->srp_ctx.v = NULL;
}
}
else
s->srp_ctx.v = BN_dup(v);
}
s->srp_ctx.info = info;
if (!(s->srp_ctx.N) ||
!(s->srp_ctx.g) ||
!(s->srp_ctx.s) ||
!(s->srp_ctx.v))
return -1;
return 1;
}
int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key)
{
BIGNUM *K = NULL, *u = NULL;
int ret = -1, tmp_len;
unsigned char *tmp = NULL;
if (!SRP_Verify_A_mod_N(s->srp_ctx.A,s->srp_ctx.N))
goto err;
if (!(u = SRP_Calc_u(s->srp_ctx.A,s->srp_ctx.B,s->srp_ctx.N)))
goto err;
if (!(K = SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b, s->srp_ctx.N)))
goto err;
tmp_len = BN_num_bytes(K);
if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
goto err;
BN_bn2bin(K, tmp);
ret = s->method->ssl3_enc->generate_master_secret(s,master_key,tmp,tmp_len);
err:
if (tmp)
{
OPENSSL_cleanse(tmp,tmp_len) ;
OPENSSL_free(tmp);
}
BN_clear_free(K);
BN_clear_free(u);
return ret;
}
/* client side */
int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key)
{
BIGNUM *x = NULL, *u = NULL, *K = NULL;
int ret = -1, tmp_len;
char *passwd = NULL;
unsigned char *tmp = NULL;
/* Checks if b % n == 0
*/
if (SRP_Verify_B_mod_N(s->srp_ctx.B,s->srp_ctx.N)==0) goto err;
if (!(u = SRP_Calc_u(s->srp_ctx.A,s->srp_ctx.B,s->srp_ctx.N))) goto err;
if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) goto err;
if (!(passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(s, s->srp_ctx.SRP_cb_arg))) goto err;
if (!(x = SRP_Calc_x(s->srp_ctx.s,s->srp_ctx.login,passwd))) goto err;
if (!(K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x, s->srp_ctx.a, u))) goto err;
tmp_len = BN_num_bytes(K);
if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) goto err;
BN_bn2bin(K, tmp);
ret = s->method->ssl3_enc->generate_master_secret(s,master_key,tmp,tmp_len);
err:
if (tmp)
{
OPENSSL_cleanse(tmp,tmp_len) ;
OPENSSL_free(tmp);
}
BN_clear_free(K);
BN_clear_free(x);
if (passwd)
{
OPENSSL_cleanse(passwd,strlen(passwd)) ;
OPENSSL_free(passwd);
}
BN_clear_free(u);
return ret;
}
int SRP_Calc_A_param(SSL *s)
{
unsigned char rand[SSL_MAX_MASTER_KEY_LENGTH];
if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength)
return 0;
if (s->srp_ctx.SRP_verify_param_callback ==NULL &&
!SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N))
return 0;
if (RAND_bytes(rand, sizeof(rand)) <= 0)
return 0;
s->srp_ctx.a = BN_bin2bn(rand,sizeof(rand), s->srp_ctx.a);
OPENSSL_cleanse(rand,sizeof(rand));
if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g)))
return 0;
/* We can have a callback to verify SRP param!! */
if (s->srp_ctx.SRP_verify_param_callback !=NULL)
return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg);
return 1;
}
int SRP_have_to_put_srp_username(SSL *s)
{
if (s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback == NULL)
return 0;
if ((s->srp_ctx.login = s->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback(s,s->srp_ctx.SRP_cb_arg)) == NULL)
return 0;
s->srp_ctx.srp_Mask|=SSL_kSRP;
return 1;
}
BIGNUM *SSL_get_srp_g(SSL *s)
{
if (s->srp_ctx.g != NULL)
return s->srp_ctx.g;
return s->ctx->srp_ctx.g;
}
BIGNUM *SSL_get_srp_N(SSL *s)
{
if (s->srp_ctx.N != NULL)
return s->srp_ctx.N;
return s->ctx->srp_ctx.N;
}
char *SSL_get_srp_username(SSL *s)
{
if (s->srp_ctx.login != NULL)
return s->srp_ctx.login;
return s->ctx->srp_ctx.login;
}
char *SSL_get_srp_userinfo(SSL *s)
{
if (s->srp_ctx.info != NULL)
return s->srp_ctx.info;
return s->ctx->srp_ctx.info;
}
#define tls1_ctx_ctrl ssl3_ctx_ctrl
#define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name)
{
return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_USERNAME,0,name);
}
int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password)
{
return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD,0,password);
}
int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
{
return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
NULL);
}
int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *,void *))
{
return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
(void (*)(void))cb);
}
int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
{
return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_SRP_ARG,0,arg);
}
int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
int (*cb)(SSL *,int *,void *))
{
return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
(void (*)(void))cb);
}
int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *))
{
return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
(void (*)(void))cb);
}
int SSL_CTX_set_srp_missing_srp_username_callback(SSL_CTX *ctx,
char *(*cb)(SSL *,void *))
{
return tls1_ctx_callback_ctrl(ctx,
SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB,
(void (*)(void))cb);
}
#endif

361
test/Makefile
View File

@ -62,6 +62,7 @@ ENGINETEST= enginetest
EVPTEST= evp_test
IGETEST= igetest
JPAKETEST= jpaketest
SRPTEST= srptest
FIPS_SHATEST= fips_shatest
FIPS_DESTEST= fips_desmovs
FIPS_RANDTEST= fips_randtest
@ -90,7 +91,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)
$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) \
$(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT)
$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT)
FIPSEXE=$(FIPS_SHATEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) \
$(FIPS_RANDTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) \
@ -175,7 +176,7 @@ alltests: \
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
test_jpake test_cms
test_jpake test_srp test_cms
test_evp:
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
@ -349,6 +350,10 @@ test_cms:
@echo "CMS consistency test"
$(PERL) cms-test.pl
test_srp: $(SRPTEST)$(EXE_EXT)
@echo "Test SRP"
../util/shlib_wrap.sh ./srptest
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
@ -562,6 +567,9 @@ $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
@target=$(JPAKETEST); $(BUILD_CMD)
$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
@target=$(SRPTEST); $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@ -628,7 +636,8 @@ ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
ecdsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h
@ -636,13 +645,15 @@ ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
ecdsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
ecdsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
ecdsatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
ecdsatest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
ecdsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
ecdsatest.o: ecdsatest.c
ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ectest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ectest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
ectest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
ectest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
ectest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ectest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ectest.o: ../include/openssl/err.h ../include/openssl/evp.h
@ -650,34 +661,41 @@ ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ectest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
ectest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
ectest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
ectest.o: ../include/openssl/sha.h ../include/openssl/stack.h
ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
ectest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ectest.c
enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
enginetest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
enginetest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
enginetest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
enginetest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
enginetest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
enginetest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
enginetest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
enginetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
enginetest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
enginetest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
enginetest.o: ../include/openssl/err.h ../include/openssl/evp.h
enginetest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
enginetest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
enginetest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
enginetest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
enginetest.o: ../include/openssl/sha.h ../include/openssl/stack.h
enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
enginetest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
enginetest.o: enginetest.c
evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
evp_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h
evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
evp_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
evp_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
evp_test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
evp_test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
evp_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h
evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h
evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
evp_test.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
evp_test.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
evp_test.o: ../include/openssl/engine.h ../include/openssl/err.h
evp_test.o: ../include/openssl/evp.h ../include/openssl/lhash.h
evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
evp_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
evp_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
evp_test.o: ../include/openssl/ui.h ../include/openssl/x509.h
evp_test.o: ../include/openssl/x509_vfy.h evp_test.c
exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@ -686,169 +704,116 @@ exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
exptest.o: ../include/openssl/symhacks.h exptest.c
fips_aesavs.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/aes.h
fips_aesavs.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_aesavs.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_aesavs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_aesavs.o: ../include/openssl/evp.h ../include/openssl/fips.h
fips_aesavs.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
fips_aesavs.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_aesavs.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_aesavs.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_aesavs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_aesavs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_aesavs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_aesavs.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_aesavs.o: ../include/openssl/symhacks.h fips_aesavs.c
fips_desmovs.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/asn1.h
fips_desmovs.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_desmovs.o: ../include/openssl/crypto.h ../include/openssl/des.h
fips_desmovs.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
fips_desmovs.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_desmovs.o: ../include/openssl/fips.h ../include/openssl/lhash.h
fips_desmovs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
fips_desmovs.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_desmovs.o: ../include/openssl/des.h ../include/openssl/des_old.h
fips_desmovs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_desmovs.o: ../include/openssl/evp.h ../include/openssl/lhash.h
fips_desmovs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
fips_desmovs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
fips_desmovs.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
fips_desmovs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_desmovs.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
fips_desmovs.o: fips_desmovs.c
fips_dsatest.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/asn1.h
fips_dsatest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_dsatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
fips_dsatest.o: ../include/openssl/des_old.h ../include/openssl/dsa.h
fips_dhvs.o: ../include/openssl/opensslconf.h fips_dhvs.c
fips_drbgvs.o: ../include/openssl/opensslconf.h fips_drbgvs.c
fips_dsatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
fips_dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_dsatest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_dsatest.o: ../include/openssl/evp.h ../include/openssl/fips.h
fips_dsatest.o: ../include/openssl/fips_rand.h ../include/openssl/lhash.h
fips_dsatest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
fips_dsatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
fips_dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
fips_dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
fips_dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_dsatest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
fips_dsatest.o: ../include/openssl/ui_compat.h fips_dsatest.c
fips_dssvs.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_dssvs.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_dssvs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
fips_dssvs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_dssvs.o: ../include/openssl/evp.h ../include/openssl/fips.h
fips_dssvs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_dssvs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_dssvs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_dssvs.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_dssvs.o: ../include/openssl/symhacks.h fips_dssvs.c
fips_ecdsavs.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_ecdsavs.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_ecdsavs.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_ecdsavs.o: ../include/openssl/ec.h ../include/openssl/ecdsa.h
fips_ecdsavs.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_ecdsavs.o: ../include/openssl/fips.h ../include/openssl/lhash.h
fips_ecdsavs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
fips_ecdsavs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
fips_ecdsavs.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
fips_ecdsavs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_ecdsavs.o: fips_ecdsavs.c
fips_gcmtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_gcmtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_gcmtest.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
fips_gcmtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_gcmtest.o: ../include/openssl/evp.h ../include/openssl/fips.h
fips_gcmtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_gcmtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_gcmtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_gcmtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_gcmtest.o: ../include/openssl/symhacks.h fips_gcmtest.c
fips_hmactest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_hmactest.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_hmactest.o: ../include/openssl/fips.h ../include/openssl/hmac.h
fips_dsatest.o: ../include/openssl/symhacks.h fips_dsatest.c
fips_dssvs.o: ../include/openssl/opensslconf.h fips_dssvs.c
fips_ecdhvs.o: ../include/openssl/opensslconf.h fips_ecdhvs.c
fips_ecdsavs.o: ../include/openssl/opensslconf.h fips_ecdsavs.c
fips_gcmtest.o: ../include/openssl/opensslconf.h fips_gcmtest.c
fips_hmactest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_hmactest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
fips_hmactest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_hmactest.o: ../include/openssl/symhacks.h fips_hmactest.c
fips_randtest.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/bio.h
fips_randtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h
fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_randtest.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h
fips_randtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
fips_randtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
fips_randtest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
fips_randtest.o: ../include/openssl/err.h ../include/openssl/fips_rand.h
fips_randtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
fips_randtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_randtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
fips_randtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_randtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
fips_randtest.o: fips_randtest.c
fips_rngvs.o: ../fips/fips_utl.h ../include/openssl/bio.h
fips_rngvs.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_rngvs.o: ../include/openssl/des.h ../include/openssl/des_old.h
fips_rngvs.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
fips_rngvs.o: ../include/openssl/err.h ../include/openssl/fips.h
fips_rngvs.o: ../include/openssl/fips_rand.h ../include/openssl/lhash.h
fips_rngvs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
fips_rngvs.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
fips_rngvs.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_rngvs.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
fips_rngvs.o: ../include/openssl/ui_compat.h fips_rngvs.c
fips_rsagtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_rsagtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_rsagtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_rsagtest.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_rsagtest.o: ../include/openssl/fips.h ../include/openssl/hmac.h
fips_rngvs.o: ../include/openssl/opensslconf.h fips_rngvs.c
fips_rsagtest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_rsagtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_rsagtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_rsagtest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
fips_rsagtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_rsagtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_rsagtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_rsagtest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
fips_rsagtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_rsagtest.o: fips_rsagtest.c
fips_rsastest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_rsastest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_rsastest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_rsastest.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_rsastest.o: ../include/openssl/fips.h ../include/openssl/hmac.h
fips_rsagtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_rsagtest.o: ../include/openssl/symhacks.h fips_rsagtest.c
fips_rsastest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_rsastest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_rsastest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_rsastest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
fips_rsastest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_rsastest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_rsastest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_rsastest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
fips_rsastest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_rsastest.o: fips_rsastest.c
fips_rsavtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_rsavtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_rsavtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_rsavtest.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_rsavtest.o: ../include/openssl/fips.h ../include/openssl/hmac.h
fips_rsastest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_rsastest.o: ../include/openssl/symhacks.h fips_rsastest.c
fips_rsavtest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_rsavtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_rsavtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_rsavtest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
fips_rsavtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_rsavtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
fips_rsavtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_rsavtest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
fips_rsavtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_rsavtest.o: fips_rsavtest.c
fips_shatest.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_shatest.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
fips_shatest.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_shatest.o: ../include/openssl/fips.h ../include/openssl/lhash.h
fips_rsavtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
fips_rsavtest.o: ../include/openssl/symhacks.h fips_rsavtest.c
fips_shatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_shatest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_shatest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
fips_shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
fips_shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
fips_shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
fips_shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_shatest.o: fips_shatest.c
fips_test_suite.o: ../fips/fips_utl.h ../include/openssl/asn1.h
fips_test_suite.o: ../include/openssl/bio.h ../include/openssl/bn.h
fips_test_suite.o: ../include/openssl/crypto.h ../include/openssl/dh.h
fips_test_suite.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
fips_test_suite.o: ../include/openssl/err.h ../include/openssl/evp.h
fips_test_suite.o: ../include/openssl/fips.h ../include/openssl/hmac.h
fips_test_suite.o: ../include/openssl/asn1.h ../include/openssl/bio.h
fips_test_suite.o: ../include/openssl/bn.h ../include/openssl/crypto.h
fips_test_suite.o: ../include/openssl/e_os2.h ../include/openssl/err.h
fips_test_suite.o: ../include/openssl/evp.h ../include/openssl/hmac.h
fips_test_suite.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
fips_test_suite.o: ../include/openssl/objects.h
fips_test_suite.o: ../include/openssl/opensslconf.h
fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rsa.h
fips_test_suite.o: ../include/openssl/safestack.h ../include/openssl/sha.h
fips_test_suite.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
fips_test_suite.o: fips_test_suite.c
fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/safestack.h
fips_test_suite.o: ../include/openssl/sha.h ../include/openssl/stack.h
fips_test_suite.o: ../include/openssl/symhacks.h fips_test_suite.c
hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
hmactest.o: ../include/openssl/symhacks.h hmactest.c
hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
ideatest.o: ../include/openssl/opensslconf.h ideatest.c
igetest.o: ../include/openssl/aes.h ../include/openssl/crypto.h
@ -856,39 +821,35 @@ igetest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
igetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
igetest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
igetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h igetest.c
jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
md2test.o: ../include/openssl/symhacks.h md2test.c
jpaketest.o: ../include/openssl/opensslconf.h jpaketest.c
md2test.o: ../e_os.h ../include/openssl/e_os2.h
md2test.o: ../include/openssl/opensslconf.h md2test.c
md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h
md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c
md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
md4test.o: ../include/openssl/symhacks.h md4test.c
md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h
md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c
md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
md5test.o: ../include/openssl/symhacks.h md5test.c
mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
mdc2test.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
mdc2test.o: ../include/openssl/evp.h ../include/openssl/mdc2.h
mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h
mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c
randtest.o: ../e_os.h ../include/openssl/crypto.h ../include/openssl/e_os2.h
randtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
@ -907,12 +868,13 @@ rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
rc5test.o: ../include/openssl/symhacks.h rc5test.c
rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h
rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c
rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
@ -922,19 +884,21 @@ rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c
sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
sha1test.o: ../include/openssl/symhacks.h sha1test.c
shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
shatest.o: ../include/openssl/symhacks.h shatest.c
ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
@ -951,10 +915,11 @@ ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h
ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssltest.o: ../include/openssl/sha.h ../include/openssl/srp.h
ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
ssltest.o: ../include/openssl/x509v3.h ssltest.c
wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h

10
test/testssl
View File

@ -159,4 +159,14 @@ $ssltest -bio_pair -tls1 -npn_client -npn_server || exit 1
$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 || exit 1
$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse || exit 1
if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
echo skipping SRP tests
else
echo test tls1 with SRP
$ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
echo test tls1 with SRP via BIO pair
$ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
fi
exit 0

16
util/libeay.num
View File

@ -4260,3 +4260,19 @@ EVP_aes_128_gcm 4630 EXIST::FUNCTION:AES
CRYPTO_gcm128_tag 4631 EXIST::FUNCTION:
EVP_aes_192_gcm 4632 EXIST::FUNCTION:AES
EVP_aes_256_gcm 4633 EXIST::FUNCTION:AES
SRP_VBASE_get_by_user 4634 EXIST::FUNCTION:SRP
SRP_Calc_server_key 4635 EXIST::FUNCTION:SRP
SRP_create_verifier 4636 EXIST::FUNCTION:SRP
SRP_create_verifier_BN 4637 EXIST::FUNCTION:SRP
SRP_Calc_u 4638 EXIST::FUNCTION:SRP
SRP_VBASE_free 4639 EXIST::FUNCTION:SRP
SRP_Calc_client_key 4640 EXIST::FUNCTION:SRP
SRP_get_default_gN 4641 EXIST::FUNCTION:SRP
SRP_Calc_x 4642 EXIST::FUNCTION:SRP
SRP_Calc_B 4643 EXIST::FUNCTION:SRP
SRP_VBASE_new 4644 EXIST::FUNCTION:SRP
SRP_check_known_gN_param 4645 EXIST::FUNCTION:SRP
SRP_Calc_A 4646 EXIST::FUNCTION:SRP
SRP_Verify_A_mod_N 4647 EXIST::FUNCTION:SRP
SRP_VBASE_init 4648 EXIST::FUNCTION:SRP
SRP_Verify_B_mod_N 4649 EXIST::FUNCTION:SRP

7
util/mk1mf.pl
View File

@ -121,6 +121,7 @@ and [options] can be one of
just-ssl - remove all non-ssl keys/digest
no-asm - No x86 asm
no-krb5 - No KRB5
no-srp - No SRP
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
@ -278,6 +279,7 @@ $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
$cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
@ -1029,6 +1031,8 @@ sub var_add
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
@a=grep(!/(srp)/,@a) if $no_srp;
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/^hw$/,@a) if $no_hw;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@ -1308,6 +1312,7 @@ sub read_options
"no-ssl2" => \$no_ssl2,
"no-ssl3" => \$no_ssl3,
"no-tlsext" => \$no_tlsext,
"no-srp" => \$no_srp,
"no-cms" => \$no_cms,
"no-jpake" => \$no_jpake,
"no-ec2m" => \$no_ec2m,
@ -1324,7 +1329,7 @@ sub read_options
[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
\$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
\$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
\$no_aes, \$no_camellia, \$no_seed],
\$no_aes, \$no_camellia, \$no_seed, \$no_srp],
"rsaref" => 0,
"gcc" => \$gcc,
"debug" => \$debug,

6
util/mkdef.pl
View File

@ -98,7 +98,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# RFC3779
"RFC3779",
# TLS
"TLSEXT", "PSK",
"TLSEXT", "PSK", "SRP",
# CMS
"CMS",
# CryptoAPI Engine
@ -130,6 +130,7 @@ my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
my $no_jpake; my $no_ssl2; my $no_ec2m; my $no_nextprotoneg;
my $no_srp;
my $fips;
@ -225,6 +226,7 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-ssl2$/) { $no_ssl2=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
elsif (/^no-jpake$/) { $no_jpake=1; }
elsif (/^no-srp$/) { $no_srp=1; }
}
@ -323,6 +325,7 @@ $crypto.=" crypto/krb5/krb5_asn.h";
$crypto.=" crypto/pqueue/pqueue.h";
$crypto.=" crypto/cms/cms.h";
$crypto.=" crypto/jpake/jpake.h";
$crypto.=" crypto/srp/srp.h";
$crypto.=" crypto/modes/modes.h";
$crypto.=" fips/fips.h fips/rand/fips_rand.h";
@ -1180,6 +1183,7 @@ sub is_valid
if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
if ($keyword eq "SRP" && $no_srp) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
# Nothing recognise as true

1
util/mkfiles.pl
View File

@ -63,6 +63,7 @@ my @dirs = (
"crypto/pqueue",
"crypto/whrlpool",
"crypto/ts",
"crypto/srp",
"fips",
"fips/aes",
"fips/des",

14
util/ssleay.num
View File

@ -274,3 +274,17 @@ SSL_CTX_set_not_resumable_session_callback 320 EXIST:!VMS:FUNCTION:
SSL_CTX_set_not_resumbl_sess_cb 320 EXIST:VMS:FUNCTION:
SSL_set_not_resumable_session_callback 321 EXIST:!VMS:FUNCTION:
SSL_set_not_resumbl_sess_cb 321 EXIST:VMS:FUNCTION:
SSL_CTX_set_srp_client_pwd_callback 322 EXIST::FUNCTION:SRP,TLSEXT
SSL_get_srp_g 323 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_username_callback 324 EXIST::FUNCTION:SRP,TLSEXT
SSL_get_srp_userinfo 325 EXIST::FUNCTION:SRP,TLSEXT
SSL_set_srp_server_param 326 EXIST::FUNCTION:SRP,TLSEXT
SSL_set_srp_server_param_pw 327 EXIST::FUNCTION:SRP,TLSEXT
SSL_get_srp_N 328 EXIST::FUNCTION:SRP,TLSEXT
SSL_get_srp_username 329 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_password 330 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_strength 331 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_verify_param_callback 332 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_missing_srp_username_callback 333 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_cb_arg 334 EXIST::FUNCTION:SRP,TLSEXT
SSL_CTX_set_srp_username 335 EXIST::FUNCTION:SRP,TLSEXT