[openssl] master update
Matt Caswell
matt at openssl.org
Fri Mar 27 11:43:09 UTC 2020
The branch master has been updated
via 4c106e20ef49b789e4dc53c97e0f9a701162be85 (commit)
via 20c00d0a0a1ba63f41890db67b32df6f3f69cd0d (commit)
via 1744b6d3aaabcbf2420b9c59f296559c834e609a (commit)
via e85982c7a9483f05b738f7df55726705a57da05f (commit)
from c9f51264d86b580ec3b3ab8a5317298c04bb1f3d (commit)
- Log -----------------------------------------------------------------
commit 4c106e20ef49b789e4dc53c97e0f9a701162be85
Author: Matt Caswell <matt at openssl.org>
Date: Wed Mar 25 17:43:50 2020 +0000
Document various SRP related APIs
This includes the newly added *_ex() variants that take a libctx/property
query string.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11410)
commit 20c00d0a0a1ba63f41890db67b32df6f3f69cd0d
Author: Matt Caswell <matt at openssl.org>
Date: Fri Mar 20 17:24:51 2020 +0000
Use the new library context aware SRP functions in sslapitest
For the moment this still just uses the default library context, but a
future version of sslapitest will specify a non-default library context.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11410)
commit 1744b6d3aaabcbf2420b9c59f296559c834e609a
Author: Matt Caswell <matt at openssl.org>
Date: Fri Mar 20 17:24:24 2020 +0000
Update libssl to use the new library context aware SRP functions
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11410)
commit e85982c7a9483f05b738f7df55726705a57da05f
Author: Matt Caswell <matt at openssl.org>
Date: Fri Mar 20 17:23:25 2020 +0000
Make SRP library context aware
In order for the TLS SRP tests to pass when using a non-default library
context the underlying SRP calls need to be library context aware.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11410)
-----------------------------------------------------------------------
Summary of changes:
crypto/srp/srp_lib.c | 75 ++++++++++++++++++++++++++--------
crypto/srp/srp_vfy.c | 36 +++++++++++-----
doc/man3/SRP_Calc_B.pod | 88 ++++++++++++++++++++++++++++++++++++++++
doc/man3/SRP_create_verifier.pod | 53 ++++++++++++++++--------
include/openssl/srp.h | 16 ++++++++
ssl/tls_srp.c | 30 ++++++++------
test/sslapitest.c | 8 ++--
util/libcrypto.num | 6 +++
util/missingcrypto.txt | 6 ---
9 files changed, 251 insertions(+), 67 deletions(-)
create mode 100644 doc/man3/SRP_Calc_B.pod
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index 99511954d7..063f966f96 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -20,39 +20,53 @@
/* calculate = SHA1(PAD(x) || PAD(y)) */
-static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N)
+static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N,
+ OPENSSL_CTX *libctx, const char *propq)
{
unsigned char digest[SHA_DIGEST_LENGTH];
unsigned char *tmp = NULL;
int numN = BN_num_bytes(N);
BIGNUM *res = NULL;
+ EVP_MD *sha1 = EVP_MD_fetch(libctx, "SHA1", propq);
- if (x != N && BN_ucmp(x, N) >= 0)
+ if (sha1 == NULL)
return NULL;
+
+ if (x != N && BN_ucmp(x, N) >= 0)
+ goto err;
if (y != N && BN_ucmp(y, N) >= 0)
- return NULL;
+ goto err;
if ((tmp = OPENSSL_malloc(numN * 2)) == NULL)
goto err;
if (BN_bn2binpad(x, tmp, numN) < 0
|| BN_bn2binpad(y, tmp + numN, numN) < 0
- || !EVP_Digest(tmp, numN * 2, digest, NULL, EVP_sha1(), NULL))
+ || !EVP_Digest(tmp, numN * 2, digest, NULL, sha1, NULL))
goto err;
res = BN_bin2bn(digest, sizeof(digest), NULL);
err:
+ EVP_MD_free(sha1);
OPENSSL_free(tmp);
return res;
}
-static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g)
+static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g, OPENSSL_CTX *libctx,
+ const char *propq)
{
/* k = SHA1(N | PAD(g)) -- tls-srp RFC 5054 */
- return srp_Calc_xy(N, g, N);
+ return srp_Calc_xy(N, g, N, libctx, propq);
+}
+
+BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N,
+ OPENSSL_CTX *libctx, const char *propq)
+{
+ /* u = SHA1(PAD(A) || PAD(B) ) -- tls-srp RFC 5054 */
+ return srp_Calc_xy(A, B, N, libctx, propq);
}
BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N)
{
/* u = SHA1(PAD(A) || PAD(B) ) -- tls-srp RFC 5054 */
- return srp_Calc_xy(A, B, N);
+ return srp_Calc_xy(A, B, N, NULL, NULL);
}
BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
@@ -85,15 +99,15 @@ BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
return S;
}
-BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
- const BIGNUM *v)
+BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq)
{
BIGNUM *kv = NULL, *gb = NULL;
BIGNUM *B = NULL, *k = NULL;
BN_CTX *bn_ctx;
if (b == NULL || N == NULL || g == NULL || v == NULL ||
- (bn_ctx = BN_CTX_new()) == NULL)
+ (bn_ctx = BN_CTX_new_ex(libctx)) == NULL)
return NULL;
if ((kv = BN_new()) == NULL ||
@@ -103,7 +117,7 @@ BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
/* B = g**b + k*v */
if (!BN_mod_exp(gb, g, b, N, bn_ctx)
- || (k = srp_Calc_k(N, g)) == NULL
+ || (k = srp_Calc_k(N, g, libctx, propq)) == NULL
|| !BN_mod_mul(kv, v, k, N, bn_ctx)
|| !BN_mod_add(B, gb, kv, N, bn_ctx)) {
BN_free(B);
@@ -117,12 +131,20 @@ BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
return B;
}
-BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
+BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v)
+{
+ return SRP_Calc_B_ex(b, N, g, v, NULL, NULL);
+}
+
+BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass,
+ OPENSSL_CTX *libctx, const char *propq)
{
unsigned char dig[SHA_DIGEST_LENGTH];
EVP_MD_CTX *ctxt;
unsigned char *cs = NULL;
BIGNUM *res = NULL;
+ EVP_MD *sha1 = NULL;
if ((s == NULL) || (user == NULL) || (pass == NULL))
return NULL;
@@ -133,12 +155,16 @@ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
goto err;
- if (!EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL)
+ sha1 = EVP_MD_fetch(libctx, "SHA1", propq);
+ if (sha1 == NULL)
+ goto err;
+
+ if (!EVP_DigestInit_ex(ctxt, sha1, NULL)
|| !EVP_DigestUpdate(ctxt, user, strlen(user))
|| !EVP_DigestUpdate(ctxt, ":", 1)
|| !EVP_DigestUpdate(ctxt, pass, strlen(pass))
|| !EVP_DigestFinal_ex(ctxt, dig, NULL)
- || !EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL))
+ || !EVP_DigestInit_ex(ctxt, sha1, NULL))
goto err;
if (BN_bn2bin(s, cs) < 0)
goto err;
@@ -152,11 +178,17 @@ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
res = BN_bin2bn(dig, sizeof(dig), NULL);
err:
+ EVP_MD_free(sha1);
OPENSSL_free(cs);
EVP_MD_CTX_free(ctxt);
return res;
}
+BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
+{
+ return SRP_Calc_x_ex(s, user, pass, NULL, NULL);
+}
+
BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g)
{
BN_CTX *bn_ctx;
@@ -173,14 +205,15 @@ BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g)
return A;
}
-BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
- const BIGNUM *x, const BIGNUM *a, const BIGNUM *u)
+BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u,
+ OPENSSL_CTX *libctx, const char *propq)
{
BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
BN_CTX *bn_ctx;
if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
- || a == NULL || (bn_ctx = BN_CTX_new()) == NULL)
+ || a == NULL || (bn_ctx = BN_CTX_new_ex(libctx)) == NULL)
return NULL;
if ((tmp = BN_new()) == NULL ||
@@ -190,7 +223,7 @@ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
goto err;
- if ((k = srp_Calc_k(N, g)) == NULL)
+ if ((k = srp_Calc_k(N, g, libctx, propq)) == NULL)
goto err;
if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
goto err;
@@ -215,6 +248,12 @@ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
return K;
}
+BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u)
+{
+ return SRP_Calc_client_key_ex(N, B, g, x, a, u, NULL, NULL);
+}
+
int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N)
{
BIGNUM *r;
diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index 9505d4265e..4260898458 100644
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -594,8 +594,9 @@ SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username)
/*
* create a verifier (*salt,*verifier,g and N are in base64)
*/
-char *SRP_create_verifier(const char *user, const char *pass, char **salt,
- char **verifier, const char *N, const char *g)
+char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g,
+ OPENSSL_CTX *libctx, const char *propq)
{
int len;
char *result = NULL, *vf = NULL;
@@ -634,7 +635,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
}
if (*salt == NULL) {
- if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
+ if (RAND_bytes_ex(libctx, tmp2, SRP_RANDOM_SALT_LEN) <= 0)
goto err;
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
@@ -646,7 +647,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
if (s == NULL)
goto err;
- if (!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn))
+ if (!SRP_create_verifier_BN_ex(user, pass, &s, &v, N_bn, g_bn, libctx,
+ propq))
goto err;
if (BN_bn2bin(v, tmp) < 0)
@@ -683,6 +685,12 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
return result;
}
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g)
+{
+ return SRP_create_verifier_ex(user, pass, salt, verifier, N, g, NULL, NULL);
+}
+
/*
* create a verifier (*salt,*verifier,g and N are BIGNUMs). If *salt != NULL
* then the provided salt will be used. On successful exit *verifier will point
@@ -692,13 +700,14 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
* The caller is responsible for freeing the allocated *salt and *verifier
* BIGNUMS.
*/
-int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
- BIGNUM **verifier, const BIGNUM *N,
- const BIGNUM *g)
+int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g, OPENSSL_CTX *libctx,
+ const char *propq)
{
int result = 0;
BIGNUM *x = NULL;
- BN_CTX *bn_ctx = BN_CTX_new();
+ BN_CTX *bn_ctx = BN_CTX_new_ex(libctx);
unsigned char tmp2[MAX_LEN];
BIGNUM *salttmp = NULL;
@@ -709,7 +718,7 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
goto err;
if (*salt == NULL) {
- if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
+ if (RAND_bytes_ex(libctx, tmp2, SRP_RANDOM_SALT_LEN) <= 0)
goto err;
salttmp = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
@@ -719,7 +728,7 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
salttmp = *salt;
}
- x = SRP_Calc_x(salttmp, user, pass);
+ x = SRP_Calc_x_ex(salttmp, user, pass, libctx, propq);
if (x == NULL)
goto err;
@@ -743,4 +752,11 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
return result;
}
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g)
+{
+ return SRP_create_verifier_BN_ex(user, pass, salt, verifier, N, g, NULL,
+ NULL);
+}
#endif
diff --git a/doc/man3/SRP_Calc_B.pod b/doc/man3/SRP_Calc_B.pod
new file mode 100644
index 0000000000..1353311f50
--- /dev/null
+++ b/doc/man3/SRP_Calc_B.pod
@@ -0,0 +1,88 @@
+=pod
+
+=head1 NAME
+
+SRP_Calc_server_key,
+SRP_Calc_A,
+SRP_Calc_B_ex,
+SRP_Calc_B,
+SRP_Calc_u_ex,
+SRP_Calc_u,
+SRP_Calc_x_ex,
+SRP_Calc_x,
+SRP_Calc_client_key_ex,
+SRP_Calc_client_key
+- SRP authentication primitives
+
+=head1 SYNOPSIS
+
+ #include <openssl/srp.h>
+
+ /* server side .... */
+ BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
+ const BIGNUM *b, const BIGNUM *N);
+ BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq);
+ BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v);
+
+ BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N,
+ OPENSSL_CTX *libctx, const char *propq);
+ BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N);
+
+ /* client side .... */
+ BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u,
+ OPENSSL_CTX *libctx, const char *propq);
+ BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u);
+ BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass,
+ OPENSSL_CTX *libctx, const char *propq);
+ BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass);
+ BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g);
+
+=head1 DESCRIPTION
+
+The SRP functions described on this page are used to calculate various
+parameters and keys used by SRP as defined in RFC2945. The server key and I<B>
+and I<u> parameters are used on the server side and are calculated via
+SRP_Calc_server_key(), SRP_Calc_B_ex(), SRP_Calc_B(), SRP_Calc_u_ex() and
+SRP_Calc_u(). The client key and B<x> and B<A> parameters are used on the
+client side and are calculated via the functions SRP_Calc_client_key_ex(),
+SRP_Calc_client_key(), SRP_Calc_x_ex(), SRP_Calc_x() and SRP_Calc_A(). See
+RFC2945 for a detailed description of their usage and the meaning of the various
+BIGNUM parameters to these functions.
+
+Most of these functions come in two forms. Those that take a I<libctx> and
+I<propq> parameter, and those that don't. Any cryptogrpahic functions that
+are fetched and used during the calculation use the provided I<libctx> and
+I<propq>. See L<provider(7)/Fetching algorithms> for more details. The variants
+that do not take a I<libctx> and I<propq> parameter use the default library
+context and property query string. The SRP_Calc_server_key() and SRP_Calc_A()
+functions do not have a form that takes I<libctx> or I<propq> parameters because
+they do not need to fetch any cryptographic algorithms.
+
+=head1 RETURN VALUES
+
+All these functions return the calculated key or parameter, or NULL on error.
+
+=head1 SEE ALSO
+
+L<openssl-srp(1)>,
+L<SRP_VBASE_new(3)>,
+L<SRP_user_pwd_new(3)>
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 1.0.1.
+
+=head1 COPYRIGHT
+
+Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/SRP_create_verifier.pod b/doc/man3/SRP_create_verifier.pod
index fb77bba794..98f31d1430 100644
--- a/doc/man3/SRP_create_verifier.pod
+++ b/doc/man3/SRP_create_verifier.pod
@@ -2,7 +2,9 @@
=head1 NAME
+SRP_create_verifier_ex,
SRP_create_verifier,
+SRP_create_verifier_BN_ex,
SRP_create_verifier_BN,
SRP_check_known_gN_param,
SRP_get_default_gN
@@ -12,8 +14,15 @@ SRP_get_default_gN
#include <openssl/srp.h>
+ int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g, OPENSSL_CTX *libctx,
+ const char *propq);
char *SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
BIGNUM **verifier, const BIGNUM *N, const BIGNUM *g);
+ char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g,
+ OPENSSL_CTX *libctx, const char *propq);
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g);
@@ -22,46 +31,55 @@ SRP_get_default_gN
=head1 DESCRIPTION
-The SRP_create_verifier_BN() function creates an SRP password verifier from
-the supplied parameters as defined in section 2.4 of RFC 5054.
-On successful exit B<*verifier> will point to a newly allocated BIGNUM containing
-the verifier and (if a salt was not provided) B<*salt> will be populated with a
-newly allocated BIGNUM containing a random salt. If B<*salt> is not NULL then
+The SRP_create_verifier_BN_ex() function creates an SRP password verifier from
+the supplied parameters as defined in section 2.4 of RFC 5054 using the library
+context I<libctx> and property query string I<propq>. Any cryptographic
+algorithms that need to be fetched will use the I<libctx> and I<propq>. See
+L<provider(7)/Fetching algorithms>.
+
+SRP_create_verifier_BN() is the same as SRP_create_verifier_BN_ex() except the
+default library context and property query string is used.
+
+On successful exit I<*verifier> will point to a newly allocated BIGNUM containing
+the verifier and (if a salt was not provided) I<*salt> will be populated with a
+newly allocated BIGNUM containing a random salt. If I<*salt> is not NULL then
the provided salt is used instead.
-The caller is responsible for freeing the allocated B<*salt> and B<*verifier>
+The caller is responsible for freeing the allocated I<*salt> and I<*verifier>
BIGNUMS (use L<BN_free(3)>).
The SRP_create_verifier() function is similar to SRP_create_verifier_BN() but
all numeric parameters are in a non-standard base64 encoding originally designed
for compatibility with libsrp. This is mainly present for historical compatibility
and its use is discouraged.
-It is possible to pass NULL as B<N> and an SRP group id as B<g> instead to
+It is possible to pass NULL as I<N> and an SRP group id as I<g> instead to
load the appropriate gN values (see SRP_get_default_gN()).
-If both B<N> and B<g> are NULL the 8192-bit SRP group parameters are used.
-The caller is responsible for freeing the allocated B<*salt> and B<*verifier>
+If both I<N> and I<g> are NULL the 8192-bit SRP group parameters are used.
+The caller is responsible for freeing the allocated I<*salt> and I<*verifier>
(use L<OPENSSL_free(3)>).
-The SRP_check_known_gN_param() function checks that B<g> and B<N> are valid
+The SRP_check_known_gN_param() function checks that I<g> and I<N> are valid
SRP group parameters from RFC 5054 appendix A.
-The SRP_get_default_gN() function returns the gN parameters for the RFC 5054 B<id>
+The SRP_get_default_gN() function returns the gN parameters for the RFC 5054 I<id>
SRP group size.
The known ids are "1024", "1536", "2048", "3072", "4096", "6144" and "8192".
=head1 RETURN VALUES
-SRP_create_verifier_BN() returns 1 on success and 0 on failure.
+SRP_create_verifier_BN_ex() and SRP_create_verifier_BN() return 1 on success and
+0 on failure.
-SRP_create_verifier() returns NULL on failure and a non-NULL value on success:
-"*" if B<N> is not NULL, the selected group id otherwise. This value should
+SRP_create_verifier_ex() and SRP_create_verifier() return NULL on failure and a
+non-NULL value on success:
+"*" if I<N> is not NULL, the selected group id otherwise. This value should
not be freed.
SRP_check_known_gN_param() returns the text representation of the group id
(ie. the prime bit size) or NULL if the arguments are not valid SRP group parameters.
This value should not be freed.
-SRP_get_default_gN() returns NULL if B<id> is not a valid group size,
-or the 8192-bit group parameters if B<id> is NULL.
+SRP_get_default_gN() returns NULL if I<id> is not a valid group size,
+or the 8192-bit group parameters if I<id> is NULL.
=head1 EXAMPLES
@@ -79,7 +97,8 @@ omitted for clarity):
SRP_gN *gN = SRP_get_default_gN("8192");
BIGNUM *salt = NULL, *verifier = NULL;
- SRP_create_verifier_BN(username, password, &salt, &verifier, gN->N, gN->g);
+ SRP_create_verifier_BN_ex(username, password, &salt, &verifier, gN->N, gN->g,
+ NULL, NULL);
SRP_user_pwd *pwd = SRP_user_pwd_new();
SRP_user_pwd_set1_ids(pwd, username, NULL);
diff --git a/include/openssl/srp.h b/include/openssl/srp.h
index 9f6f1b8644..bf3bf1bdfa 100644
--- a/include/openssl/srp.h
+++ b/include/openssl/srp.h
@@ -92,8 +92,15 @@ DEPRECATEDIN_1_1_0(SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *user
/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
+char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g,
+ OPENSSL_CTX *libctx, const char *propq);
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g);
+int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g, OPENSSL_CTX *libctx,
+ const char *propq);
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
BIGNUM **verifier, const BIGNUM *N,
const BIGNUM *g);
@@ -125,14 +132,23 @@ SRP_gN *SRP_get_default_gN(const char *id);
/* server side .... */
BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
const BIGNUM *b, const BIGNUM *N);
+BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq);
BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
const BIGNUM *v);
int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N);
+BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N,
+ OPENSSL_CTX *libctx, const char *propq);
BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N);
/* client side .... */
+BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass,
+ OPENSSL_CTX *libctx, const char *propq);
BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass);
BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g);
+BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u,
+ OPENSSL_CTX *libctx, const char *propq);
BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
const BIGNUM *x, const BIGNUM *a, const BIGNUM *u);
int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N);
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c
index 6888bcd4d4..311f507728 100644
--- a/ssl/tls_srp.c
+++ b/ssl/tls_srp.c
@@ -157,7 +157,7 @@ int SSL_srp_server_param_with_username(SSL *s, int *ad)
(s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
return SSL3_AL_FATAL;
- if (RAND_priv_bytes(b, sizeof(b)) <= 0)
+ if (RAND_priv_bytes_ex(s->ctx->libctx, b, sizeof(b)) <= 0)
return SSL3_AL_FATAL;
s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
OPENSSL_cleanse(b, sizeof(b));
@@ -165,8 +165,8 @@ int SSL_srp_server_param_with_username(SSL *s, int *ad)
/* Calculate: B = (kv + g^b) % N */
return ((s->srp_ctx.B =
- SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
- s->srp_ctx.v)) !=
+ SRP_Calc_B_ex(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
+ s->srp_ctx.v, s->ctx->libctx, s->ctx->propq)) !=
NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
}
@@ -186,8 +186,9 @@ int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
s->srp_ctx.v = NULL;
BN_clear_free(s->srp_ctx.s);
s->srp_ctx.s = NULL;
- if (!SRP_create_verifier_BN
- (user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g))
+ if (!SRP_create_verifier_BN_ex(user, pass, &s->srp_ctx.s, &s->srp_ctx.v,
+ GN->N, GN->g, s->ctx->libctx,
+ s->ctx->propq))
return -1;
return 1;
@@ -254,7 +255,8 @@ int srp_generate_server_master_secret(SSL *s)
if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
goto err;
- if ((u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)) == NULL)
+ if ((u = SRP_Calc_u_ex(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N,
+ s->ctx->libctx, s->ctx->propq)) == NULL)
goto err;
if ((K = SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b,
s->srp_ctx.N)) == NULL)
@@ -287,7 +289,8 @@ int srp_generate_client_master_secret(SSL *s)
* Checks if b % n == 0
*/
if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0
- || (u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N))
+ || (u = SRP_Calc_u_ex(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N,
+ s->ctx->libctx, s->ctx->propq))
== NULL
|| s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
@@ -302,10 +305,13 @@ int srp_generate_client_master_secret(SSL *s)
SSL_R_CALLBACK_FAILED);
goto err;
}
- if ((x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)) == NULL
- || (K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B,
- s->srp_ctx.g, x,
- s->srp_ctx.a, u)) == NULL) {
+ if ((x = SRP_Calc_x_ex(s->srp_ctx.s, s->srp_ctx.login, passwd,
+ s->ctx->libctx, s->ctx->propq)) == NULL
+ || (K = SRP_Calc_client_key_ex(s->srp_ctx.N, s->srp_ctx.B,
+ s->srp_ctx.g, x,
+ s->srp_ctx.a, u,
+ s->ctx->libctx,
+ s->ctx->propq)) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
goto err;
@@ -369,7 +375,7 @@ int SRP_Calc_A_param(SSL *s)
{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
- if (RAND_priv_bytes(rnd, sizeof(rnd)) <= 0)
+ if (RAND_priv_bytes_ex(s->ctx->libctx, rnd, sizeof(rnd)) <= 0)
return 0;
s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
OPENSSL_cleanse(rnd, sizeof(rnd));
diff --git a/test/sslapitest.c b/test/sslapitest.c
index a9b7d20b3c..7956353f49 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -5533,8 +5533,8 @@ static int create_new_vfile(char *userid, char *password, const char *filename)
if (!TEST_ptr(dummy) || !TEST_ptr(row))
goto end;
- gNid = SRP_create_verifier(userid, password, &row[DB_srpsalt],
- &row[DB_srpverifier], NULL, NULL);
+ gNid = SRP_create_verifier_ex(userid, password, &row[DB_srpsalt],
+ &row[DB_srpverifier], NULL, NULL, NULL, NULL);
if (!TEST_ptr(gNid))
goto end;
@@ -5590,8 +5590,8 @@ static int create_new_vbase(char *userid, char *password)
if (!TEST_ptr(lgN))
goto end;
- if (!TEST_true(SRP_create_verifier_BN(userid, password, &salt, &verifier,
- lgN->N, lgN->g)))
+ if (!TEST_true(SRP_create_verifier_BN_ex(userid, password, &salt, &verifier,
+ lgN->N, lgN->g, NULL, NULL)))
goto end;
user_pwd = OPENSSL_zalloc(sizeof(*user_pwd));
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 6ff7179fc6..1650884ffe 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5003,3 +5003,9 @@ OPENSSL_CTX_load_config ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_set_type_by_keymgmt ? 3_0_0 EXIST::FUNCTION:
OCSP_RESPID_set_by_key_ex ? 3_0_0 EXIST::FUNCTION:OCSP
OCSP_RESPID_match_ex ? 3_0_0 EXIST::FUNCTION:OCSP
+SRP_create_verifier_ex ? 3_0_0 EXIST::FUNCTION:SRP
+SRP_create_verifier_BN_ex ? 3_0_0 EXIST::FUNCTION:SRP
+SRP_Calc_B_ex ? 3_0_0 EXIST::FUNCTION:SRP
+SRP_Calc_u_ex ? 3_0_0 EXIST::FUNCTION:SRP
+SRP_Calc_x_ex ? 3_0_0 EXIST::FUNCTION:SRP
+SRP_Calc_client_key_ex ? 3_0_0 EXIST::FUNCTION:SRP
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 229b33b4da..e27adb6da1 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -1117,12 +1117,6 @@ SMIME_crlf_copy(3)
SMIME_read_ASN1(3)
SMIME_text(3)
SMIME_write_ASN1(3)
-SRP_Calc_A(3)
-SRP_Calc_B(3)
-SRP_Calc_client_key(3)
-SRP_Calc_server_key(3)
-SRP_Calc_u(3)
-SRP_Calc_x(3)
SRP_Verify_A_mod_N(3)
SRP_Verify_B_mod_N(3)
SSL_CTX_set0_ctlog_store(3)
More information about the openssl-commits
mailing list