Secure Remote Password (SRP)

Norm Green norm.green at gemtalksystems.com
Tue Oct 18 04:13:29 UTC 2022


I'm also interested in the answer to these questions regarding SRP in 
OpenSSL v3.

Our project still uses OpenSSL v1.1.1 with plans to move to v3 next year.

However we use SRP extensively and will not be able to move to v3 if SRP 
support is soon to be no longer available.

Norm Green
GemTalk Systems LLC

On 10/17/2022 2:49 PM, Rohit Khera [C] wrote:
>
> I am trying to get information on versions and usage of the Secure 
> Remote Password Protocol (SRP) APIs in OpenSSLv3.
>
>  1. Are SRPv3, v6, and/or v6a supported?
>
>  2. I found the following information in the OpenSSL documents on the
>     following C API for SRP: SRP_create_verifier(),
>     SRP_user_pwd_new(), SSL_CTX_set_srp_password()
>
> While the following documents the API :
>
> https://www.openssl.org/docs/man3.0/man3/SRP_VBASE_new.html
>
> Are there any examples of client and server programs that use these 
> interfaces in order to register and authenticate a user?
>
>  3. The docs state that the APIs are deprecated -  are new versions of
>     the APIs planned or can we expect SRP functionality to be
>     unavailable in future versions of OpenSSL?
>
> /R
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20221017/2f944a3c/attachment.htm>


More information about the openssl-users mailing list