[thirdparty/openssl.git] / ssl / tls_srp.c

/*
 * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright (c) 2004, EdelKey Project. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 *
 * Originally written by Christophe Renou and Peter Sylvester,
 * for the EdelKey project.
 */

/*
 * We need to use the SRP deprecated APIs in order to implement the SSL SRP
 * APIs - which are themselves deprecated.
 */
#define OPENSSL_SUPPRESS_DEPRECATED

#include <openssl/crypto.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include "ssl_local.h"

#ifndef OPENSSL_NO_SRP
# include <openssl/srp.h>

/*
 * The public API SSL_CTX_SRP_CTX_free() is deprecated so we use
 * ssl_ctx_srp_ctx_free_intern() internally.
 */
int ssl_ctx_srp_ctx_free_intern(SSL_CTX *ctx)
{
    if (ctx == NULL)
        return 0;
    OPENSSL_free(ctx->srp_ctx.login);
    OPENSSL_free(ctx->srp_ctx.info);
    BN_free(ctx->srp_ctx.N);
    BN_free(ctx->srp_ctx.g);
    BN_free(ctx->srp_ctx.s);
    BN_free(ctx->srp_ctx.B);
    BN_free(ctx->srp_ctx.A);
    BN_free(ctx->srp_ctx.a);
    BN_free(ctx->srp_ctx.b);
    BN_free(ctx->srp_ctx.v);
    memset(&ctx->srp_ctx, 0, sizeof(ctx->srp_ctx));
    ctx->srp_ctx.strength = SRP_MINIMAL_N;
    return 1;
}

int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx)
{
    return ssl_ctx_srp_ctx_free_intern(ctx);
}

/*
 * The public API SSL_SRP_CTX_free() is deprecated so we use
 * ssl_srp_ctx_free_intern() internally.
 */
int ssl_srp_ctx_free_intern(SSL_CONNECTION *s)
{
    if (s == NULL)
        return 0;
    OPENSSL_free(s->srp_ctx.login);
    OPENSSL_free(s->srp_ctx.info);
    BN_free(s->srp_ctx.N);
    BN_free(s->srp_ctx.g);
    BN_free(s->srp_ctx.s);
    BN_free(s->srp_ctx.B);
    BN_free(s->srp_ctx.A);
    BN_free(s->srp_ctx.a);
    BN_free(s->srp_ctx.b);
    BN_free(s->srp_ctx.v);
    memset(&s->srp_ctx, 0, sizeof(s->srp_ctx));
    s->srp_ctx.strength = SRP_MINIMAL_N;
    return 1;
}

int SSL_SRP_CTX_free(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    /* the call works with NULL sc */
    return ssl_srp_ctx_free_intern(sc);
}

/*
 * The public API SSL_SRP_CTX_init() is deprecated so we use
 * ssl_srp_ctx_init_intern() internally.
 */
int ssl_srp_ctx_init_intern(SSL_CONNECTION *s)
{
    SSL_CTX *ctx;

    if (s == NULL || (ctx = SSL_CONNECTION_GET_CTX(s)) == NULL)
        return 0;

    memset(&s->srp_ctx, 0, sizeof(s->srp_ctx));

    s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
    /* set client Hello login callback */
    s->srp_ctx.TLS_ext_srp_username_callback =
        ctx->srp_ctx.TLS_ext_srp_username_callback;
    /* set SRP N/g param callback for verification */
    s->srp_ctx.SRP_verify_param_callback =
        ctx->srp_ctx.SRP_verify_param_callback;
    /* set SRP client passwd callback */
    s->srp_ctx.SRP_give_srp_client_pwd_callback =
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback;

    s->srp_ctx.strength = ctx->srp_ctx.strength;

    if (((ctx->srp_ctx.N != NULL) &&
         ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
        ((ctx->srp_ctx.g != NULL) &&
         ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
        ((ctx->srp_ctx.s != NULL) &&
         ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
        ((ctx->srp_ctx.B != NULL) &&
         ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
        ((ctx->srp_ctx.A != NULL) &&
         ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
        ((ctx->srp_ctx.a != NULL) &&
         ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
        ((ctx->srp_ctx.v != NULL) &&
         ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
        ((ctx->srp_ctx.b != NULL) &&
         ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) {
        ERR_raise(ERR_LIB_SSL, ERR_R_BN_LIB);
        goto err;
    }
    if ((ctx->srp_ctx.login != NULL) &&
        ((s->srp_ctx.login = OPENSSL_strdup(ctx->srp_ctx.login)) == NULL)) {
        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
        goto err;
    }
    if ((ctx->srp_ctx.info != NULL) &&
        ((s->srp_ctx.info = OPENSSL_strdup(ctx->srp_ctx.info)) == NULL)) {
        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
        goto err;
    }
    s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;

    return 1;
 err:
    OPENSSL_free(s->srp_ctx.login);
    OPENSSL_free(s->srp_ctx.info);
    BN_free(s->srp_ctx.N);
    BN_free(s->srp_ctx.g);
    BN_free(s->srp_ctx.s);
    BN_free(s->srp_ctx.B);
    BN_free(s->srp_ctx.A);
    BN_free(s->srp_ctx.a);
    BN_free(s->srp_ctx.b);
    BN_free(s->srp_ctx.v);
    memset(&s->srp_ctx, 0, sizeof(s->srp_ctx));
    return 0;
}

int SSL_SRP_CTX_init(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    /* the call works with NULL sc */
    return ssl_srp_ctx_init_intern(sc);
}

/*
 * The public API SSL_CTX_SRP_CTX_init() is deprecated so we use
 * ssl_ctx_srp_ctx_init_intern() internally.
 */
int ssl_ctx_srp_ctx_init_intern(SSL_CTX *ctx)
{
    if (ctx == NULL)
        return 0;

    memset(&ctx->srp_ctx, 0, sizeof(ctx->srp_ctx));
    ctx->srp_ctx.strength = SRP_MINIMAL_N;

    return 1;
}

int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx)
{
    return ssl_ctx_srp_ctx_init_intern(ctx);
}

/* server side */
/*
 * The public API SSL_srp_server_param_with_username() is deprecated so we use
 * ssl_srp_server_param_with_username_intern() internally.
 */
int ssl_srp_server_param_with_username_intern(SSL_CONNECTION *s, int *ad)
{
    unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
    int al;
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);

    *ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
    if ((s->srp_ctx.TLS_ext_srp_username_callback != NULL) &&
        ((al =
          s->srp_ctx.TLS_ext_srp_username_callback(SSL_CONNECTION_GET_SSL(s),
                                                   ad,
                                                   s->srp_ctx.SRP_cb_arg)) !=
         SSL_ERROR_NONE))
        return al;

    *ad = SSL_AD_INTERNAL_ERROR;
    if ((s->srp_ctx.N == NULL) ||
        (s->srp_ctx.g == NULL) ||
        (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
        return SSL3_AL_FATAL;

    if (RAND_priv_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx, b, sizeof(b),
                           0) <= 0)
        return SSL3_AL_FATAL;
    s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
    OPENSSL_cleanse(b, sizeof(b));

    /* Calculate:  B = (kv + g^b) % N  */

    return ((s->srp_ctx.B =
             SRP_Calc_B_ex(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
                           s->srp_ctx.v, sctx->libctx, sctx->propq)) !=
            NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
}

int SSL_srp_server_param_with_username(SSL *s, int *ad)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return SSL3_AL_FATAL;

    return ssl_srp_server_param_with_username_intern(sc, ad);
}

/*
 * If the server just has the raw password, make up a verifier entry on the
 * fly
 */
int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
                                const char *grp)
{
    SRP_gN *GN;
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return -1;

    GN = SRP_get_default_gN(grp);
    if (GN == NULL)
        return -1;
    sc->srp_ctx.N = BN_dup(GN->N);
    sc->srp_ctx.g = BN_dup(GN->g);
    BN_clear_free(sc->srp_ctx.v);
    sc->srp_ctx.v = NULL;
    BN_clear_free(sc->srp_ctx.s);
    sc->srp_ctx.s = NULL;
    if (!SRP_create_verifier_BN_ex(user, pass, &sc->srp_ctx.s, &sc->srp_ctx.v,
                                   sc->srp_ctx.N, sc->srp_ctx.g, s->ctx->libctx,
                                   s->ctx->propq))
        return -1;

    return 1;
}

int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
                             BIGNUM *sa, BIGNUM *v, char *info)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return -1;

    if (N != NULL) {
        if (sc->srp_ctx.N != NULL) {
            if (!BN_copy(sc->srp_ctx.N, N)) {
                BN_free(sc->srp_ctx.N);
                sc->srp_ctx.N = NULL;
            }
        } else
            sc->srp_ctx.N = BN_dup(N);
    }
    if (g != NULL) {
        if (sc->srp_ctx.g != NULL) {
            if (!BN_copy(sc->srp_ctx.g, g)) {
                BN_free(sc->srp_ctx.g);
                sc->srp_ctx.g = NULL;
            }
        } else
            sc->srp_ctx.g = BN_dup(g);
    }
    if (sa != NULL) {
        if (sc->srp_ctx.s != NULL) {
            if (!BN_copy(sc->srp_ctx.s, sa)) {
                BN_free(sc->srp_ctx.s);
                sc->srp_ctx.s = NULL;
            }
        } else
            sc->srp_ctx.s = BN_dup(sa);
    }
    if (v != NULL) {
        if (sc->srp_ctx.v != NULL) {
            if (!BN_copy(sc->srp_ctx.v, v)) {
                BN_free(sc->srp_ctx.v);
                sc->srp_ctx.v = NULL;
            }
        } else
            sc->srp_ctx.v = BN_dup(v);
    }
    if (info != NULL) {
        if (sc->srp_ctx.info)
            OPENSSL_free(sc->srp_ctx.info);
        if ((sc->srp_ctx.info = OPENSSL_strdup(info)) == NULL)
            return -1;
    }

    if (!(sc->srp_ctx.N) ||
        !(sc->srp_ctx.g) || !(sc->srp_ctx.s) || !(sc->srp_ctx.v))
        return -1;

    return 1;
}

int srp_generate_server_master_secret(SSL_CONNECTION *s)
{
    BIGNUM *K = NULL, *u = NULL;
    int ret = 0, tmp_len = 0;
    unsigned char *tmp = NULL;
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);

    if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
        goto err;
    if ((u = SRP_Calc_u_ex(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N,
                           sctx->libctx, sctx->propq)) == NULL)
        goto err;
    if ((K = SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b,
                                 s->srp_ctx.N)) == NULL)
        goto err;

    tmp_len = BN_num_bytes(K);
    if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
        goto err;
    }
    BN_bn2bin(K, tmp);
    /* Calls SSLfatal() as required */
    ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
 err:
    BN_clear_free(K);
    BN_clear_free(u);
    return ret;
}

/* client side */
int srp_generate_client_master_secret(SSL_CONNECTION *s)
{
    BIGNUM *x = NULL, *u = NULL, *K = NULL;
    int ret = 0, tmp_len = 0;
    char *passwd = NULL;
    unsigned char *tmp = NULL;
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);

    /*
     * Checks if b % n == 0
     */
    if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0
            || (u = SRP_Calc_u_ex(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N,
                                  sctx->libctx, sctx->propq))
               == NULL
            || s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
        goto err;
    }
    if ((passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(SSL_CONNECTION_GET_SSL(s),
                                                              s->srp_ctx.SRP_cb_arg))
            == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_CALLBACK_FAILED);
        goto err;
    }
    if ((x = SRP_Calc_x_ex(s->srp_ctx.s, s->srp_ctx.login, passwd,
                           sctx->libctx, sctx->propq)) == NULL
            || (K = SRP_Calc_client_key_ex(s->srp_ctx.N, s->srp_ctx.B,
                                           s->srp_ctx.g, x,
                                           s->srp_ctx.a, u,
                                           sctx->libctx,
                                           sctx->propq)) == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
        goto err;
    }

    tmp_len = BN_num_bytes(K);
    if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
        goto err;
    }
    BN_bn2bin(K, tmp);
    /* Calls SSLfatal() as required */
    ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
 err:
    BN_clear_free(K);
    BN_clear_free(x);
    if (passwd != NULL)
        OPENSSL_clear_free(passwd, strlen(passwd));
    BN_clear_free(u);
    return ret;
}

int srp_verify_server_param(SSL_CONNECTION *s)
{
    SRP_CTX *srp = &s->srp_ctx;
    /*
     * Sanity check parameters: we can quickly check B % N == 0 by checking B
     * != 0 since B < N
     */
    if (BN_ucmp(srp->g, srp->N) >= 0 || BN_ucmp(srp->B, srp->N) >= 0
        || BN_is_zero(srp->B)) {
        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_DATA);
        return 0;
    }

    if (BN_num_bits(srp->N) < srp->strength) {
        SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_INSUFFICIENT_SECURITY);
        return 0;
    }

    if (srp->SRP_verify_param_callback) {
        if (srp->SRP_verify_param_callback(SSL_CONNECTION_GET_SSL(s),
                                           srp->SRP_cb_arg) <= 0) {
            SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_CALLBACK_FAILED);
            return 0;
        }
    } else if (!SRP_check_known_gN_param(srp->g, srp->N)) {
        SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY,
                 SSL_R_INSUFFICIENT_SECURITY);
        return 0;
    }

    return 1;
}

/*
 * The public API SRP_Calc_A_param() is deprecated so we use
 * ssl_srp_calc_a_param_intern() internally.
 */
int ssl_srp_calc_a_param_intern(SSL_CONNECTION *s)
{
    unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];

    if (RAND_priv_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx,
                           rnd, sizeof(rnd), 0) <= 0)
        return 0;
    s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
    OPENSSL_cleanse(rnd, sizeof(rnd));

    if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a, s->srp_ctx.N, s->srp_ctx.g)))
        return 0;

    return 1;
}

int SRP_Calc_A_param(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return 0;

    return ssl_srp_calc_a_param_intern(sc);
}

BIGNUM *SSL_get_srp_g(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return NULL;

    if (sc->srp_ctx.g != NULL)
        return sc->srp_ctx.g;
    return s->ctx->srp_ctx.g;
}

BIGNUM *SSL_get_srp_N(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return NULL;

    if (sc->srp_ctx.N != NULL)
        return sc->srp_ctx.N;
    return s->ctx->srp_ctx.N;
}

char *SSL_get_srp_username(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return NULL;

    if (sc->srp_ctx.login != NULL)
        return sc->srp_ctx.login;
    return s->ctx->srp_ctx.login;
}

char *SSL_get_srp_userinfo(SSL *s)
{
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);

    if (sc == NULL)
        return NULL;

    if (sc->srp_ctx.info != NULL)
        return sc->srp_ctx.info;
    return s->ctx->srp_ctx.info;
}

# define tls1_ctx_ctrl ssl3_ctx_ctrl
# define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl

int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name)
{
    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME, 0, name);
}

int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password)
{
    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD, 0, password);
}

int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
{
    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
                         NULL);
}

int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
                                          int (*cb) (SSL *, void *))
{
    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
                                  (void (*)(void))cb);
}

int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
{
    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_SRP_ARG, 0, arg);
}

int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
                                      int (*cb) (SSL *, int *, void *))
{
    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
                                  (void (*)(void))cb);
}

int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
                                        char *(*cb) (SSL *, void *))
{
    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
                                  (void (*)(void))cb);
}

#endif
Commit	Line	Data
0f113f3e	1	/*
a28d06f3	2	* Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
3b855b1f	3	* Copyright (c) 2004, EdelKey Project. All Rights Reserved.
edc032b5	4	*
2c18d164	5	* Licensed under the Apache License 2.0 (the "License"). You may not use
846e33c7 RS	6	* this file except in compliance with the License. You can obtain a copy
	7	* in the file LICENSE in the source distribution or at
	8	* https://www.openssl.org/source/license.html
3b855b1f TH	9	*
	10	* Originally written by Christophe Renou and Peter Sylvester,
	11	* for the EdelKey project.
edc032b5	12	*/
edc032b5	13
76cb077f MC	14	/*
	15	* We need to use the SRP deprecated APIs in order to implement the SSL SRP
	16	* APIs - which are themselves deprecated.
	17	*/
6d2a1eff MC	18	#define OPENSSL_SUPPRESS_DEPRECATED
6d2a1eff MC	19
b93e331b	20	#include <openssl/crypto.h>
edc032b5	21	#include <openssl/rand.h>
edc032b5	22	#include <openssl/err.h>
706457b7	23	#include "ssl_local.h"
b93e331b DSH	24
b93e331b DSH	25	#ifndef OPENSSL_NO_SRP
a230b26e	26	# include <openssl/srp.h>
edc032b5	27
76cb077f MC	28	/*
	29	* The public API SSL_CTX_SRP_CTX_free() is deprecated so we use
	30	* ssl_ctx_srp_ctx_free_intern() internally.
	31	*/
	32	int ssl_ctx_srp_ctx_free_intern(SSL_CTX *ctx)
0f113f3e MC	33	{
	34	if (ctx == NULL)
	35	return 0;
	36	OPENSSL_free(ctx->srp_ctx.login);
e655f549	37	OPENSSL_free(ctx->srp_ctx.info);
0f113f3e MC	38	BN_free(ctx->srp_ctx.N);
	39	BN_free(ctx->srp_ctx.g);
	40	BN_free(ctx->srp_ctx.s);
	41	BN_free(ctx->srp_ctx.B);
	42	BN_free(ctx->srp_ctx.A);
	43	BN_free(ctx->srp_ctx.a);
	44	BN_free(ctx->srp_ctx.b);
	45	BN_free(ctx->srp_ctx.v);
135976b3	46	memset(&ctx->srp_ctx, 0, sizeof(ctx->srp_ctx));
0f113f3e	47	ctx->srp_ctx.strength = SRP_MINIMAL_N;
208fb891	48	return 1;
0f113f3e	49	}
edc032b5	50
76cb077f MC	51	int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx)
	52	{
	53	return ssl_ctx_srp_ctx_free_intern(ctx);
	54	}
	55
	56	/*
	57	* The public API SSL_SRP_CTX_free() is deprecated so we use
	58	* ssl_srp_ctx_free_intern() internally.
	59	*/
38b051a1	60	int ssl_srp_ctx_free_intern(SSL_CONNECTION *s)
0f113f3e MC	61	{
	62	if (s == NULL)
	63	return 0;
	64	OPENSSL_free(s->srp_ctx.login);
e655f549	65	OPENSSL_free(s->srp_ctx.info);
0f113f3e MC	66	BN_free(s->srp_ctx.N);
	67	BN_free(s->srp_ctx.g);
	68	BN_free(s->srp_ctx.s);
	69	BN_free(s->srp_ctx.B);
	70	BN_free(s->srp_ctx.A);
	71	BN_free(s->srp_ctx.a);
	72	BN_free(s->srp_ctx.b);
	73	BN_free(s->srp_ctx.v);
135976b3	74	memset(&s->srp_ctx, 0, sizeof(s->srp_ctx));
0f113f3e	75	s->srp_ctx.strength = SRP_MINIMAL_N;
208fb891	76	return 1;
0f113f3e	77	}
edc032b5	78
76cb077f MC	79	int SSL_SRP_CTX_free(SSL *s)
76cb077f MC	80	{
38b051a1 TM	81	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	82
	83	/* the call works with NULL sc */
	84	return ssl_srp_ctx_free_intern(sc);
76cb077f MC	85	}
	86
	87	/*
	88	* The public API SSL_SRP_CTX_init() is deprecated so we use
	89	* ssl_srp_ctx_init_intern() internally.
	90	*/
38b051a1	91	int ssl_srp_ctx_init_intern(SSL_CONNECTION *s)
0f113f3e	92	{
76ad9ae6	93	SSL_CTX *ctx;
0f113f3e	94
76ad9ae6	95	if (s == NULL \|\| (ctx = SSL_CONNECTION_GET_CTX(s)) == NULL)
0f113f3e	96	return 0;
135976b3 DSC	97
	98	memset(&s->srp_ctx, 0, sizeof(s->srp_ctx));
	99
0f113f3e MC	100	s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
	101	/* set client Hello login callback */
	102	s->srp_ctx.TLS_ext_srp_username_callback =
	103	ctx->srp_ctx.TLS_ext_srp_username_callback;
	104	/* set SRP N/g param callback for verification */
	105	s->srp_ctx.SRP_verify_param_callback =
	106	ctx->srp_ctx.SRP_verify_param_callback;
	107	/* set SRP client passwd callback */
	108	s->srp_ctx.SRP_give_srp_client_pwd_callback =
	109	ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
	110
0f113f3e MC	111	s->srp_ctx.strength = ctx->srp_ctx.strength;
	112
	113	if (((ctx->srp_ctx.N != NULL) &&
	114	((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) \|\|
	115	((ctx->srp_ctx.g != NULL) &&
	116	((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) \|\|
	117	((ctx->srp_ctx.s != NULL) &&
	118	((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) \|\|
	119	((ctx->srp_ctx.B != NULL) &&
	120	((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) \|\|
	121	((ctx->srp_ctx.A != NULL) &&
	122	((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) \|\|
	123	((ctx->srp_ctx.a != NULL) &&
	124	((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) \|\|
	125	((ctx->srp_ctx.v != NULL) &&
	126	((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) \|\|
	127	((ctx->srp_ctx.b != NULL) &&
	128	((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) {
6849b73c	129	ERR_raise(ERR_LIB_SSL, ERR_R_BN_LIB);
0f113f3e MC	130	goto err;
	131	}
	132	if ((ctx->srp_ctx.login != NULL) &&
7644a9ae	133	((s->srp_ctx.login = OPENSSL_strdup(ctx->srp_ctx.login)) == NULL)) {
6849b73c	134	ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
0f113f3e MC	135	goto err;
0f113f3e MC	136	}
e655f549	137	if ((ctx->srp_ctx.info != NULL) &&
3d484574	138	((s->srp_ctx.info = OPENSSL_strdup(ctx->srp_ctx.info)) == NULL)) {
6849b73c	139	ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
e655f549 DSC	140	goto err;
e655f549 DSC	141	}
0f113f3e MC	142	s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
0f113f3e MC	143
208fb891	144	return 1;
0f113f3e MC	145	err:
0f113f3e MC	146	OPENSSL_free(s->srp_ctx.login);
e655f549	147	OPENSSL_free(s->srp_ctx.info);
0f113f3e MC	148	BN_free(s->srp_ctx.N);
	149	BN_free(s->srp_ctx.g);
	150	BN_free(s->srp_ctx.s);
	151	BN_free(s->srp_ctx.B);
	152	BN_free(s->srp_ctx.A);
	153	BN_free(s->srp_ctx.a);
	154	BN_free(s->srp_ctx.b);
	155	BN_free(s->srp_ctx.v);
135976b3	156	memset(&s->srp_ctx, 0, sizeof(s->srp_ctx));
26a7d938	157	return 0;
0f113f3e	158	}
edc032b5	159
76cb077f MC	160	int SSL_SRP_CTX_init(SSL *s)
76cb077f MC	161	{
38b051a1 TM	162	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	163
	164	/* the call works with NULL sc */
	165	return ssl_srp_ctx_init_intern(sc);
76cb077f MC	166	}
	167
	168	/*
	169	* The public API SSL_CTX_SRP_CTX_init() is deprecated so we use
	170	* ssl_ctx_srp_ctx_init_intern() internally.
	171	*/
	172	int ssl_ctx_srp_ctx_init_intern(SSL_CTX *ctx)
0f113f3e MC	173	{
	174	if (ctx == NULL)
	175	return 0;
	176
135976b3	177	memset(&ctx->srp_ctx, 0, sizeof(ctx->srp_ctx));
0f113f3e MC	178	ctx->srp_ctx.strength = SRP_MINIMAL_N;
0f113f3e MC	179
208fb891	180	return 1;
0f113f3e	181	}
edc032b5	182
76cb077f MC	183	int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx)
	184	{
	185	return ssl_ctx_srp_ctx_init_intern(ctx);
	186	}
	187
edc032b5	188	/* server side */
76cb077f MC	189	/*
	190	* The public API SSL_srp_server_param_with_username() is deprecated so we use
	191	* ssl_srp_server_param_with_username_intern() internally.
	192	*/
38b051a1	193	int ssl_srp_server_param_with_username_intern(SSL_CONNECTION s, int ad)
0f113f3e MC	194	{
	195	unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
	196	int al;
38b051a1	197	SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
0f113f3e MC	198
	199	*ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
	200	if ((s->srp_ctx.TLS_ext_srp_username_callback != NULL) &&
	201	((al =
38b051a1 TM	202	s->srp_ctx.TLS_ext_srp_username_callback(SSL_CONNECTION_GET_SSL(s),
38b051a1 TM	203	ad,
0f113f3e MC	204	s->srp_ctx.SRP_cb_arg)) !=
	205	SSL_ERROR_NONE))
	206	return al;
	207
	208	*ad = SSL_AD_INTERNAL_ERROR;
	209	if ((s->srp_ctx.N == NULL) \|\|
	210	(s->srp_ctx.g == NULL) \|\|
	211	(s->srp_ctx.s == NULL) \|\| (s->srp_ctx.v == NULL))
	212	return SSL3_AL_FATAL;
	213
38b051a1 TM	214	if (RAND_priv_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx, b, sizeof(b),
38b051a1 TM	215	0) <= 0)
0f113f3e MC	216	return SSL3_AL_FATAL;
	217	s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
	218	OPENSSL_cleanse(b, sizeof(b));
	219
	220	/* Calculate: B = (kv + g^b) % N */
	221
	222	return ((s->srp_ctx.B =
1744b6d3	223	SRP_Calc_B_ex(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
38b051a1	224	s->srp_ctx.v, sctx->libctx, sctx->propq)) !=
0f113f3e MC	225	NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
	226	}
	227
76cb077f MC	228	int SSL_srp_server_param_with_username(SSL s, int ad)
76cb077f MC	229	{
38b051a1 TM	230	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	231
	232	if (sc == NULL)
	233	return SSL3_AL_FATAL;
	234
	235	return ssl_srp_server_param_with_username_intern(sc, ad);
76cb077f MC	236	}
76cb077f MC	237
0f113f3e MC	238	/*
	239	* If the server just has the raw password, make up a verifier entry on the
	240	* fly
	241	*/
	242	int SSL_set_srp_server_param_pw(SSL s, const char user, const char *pass,
	243	const char *grp)
	244	{
38b051a1 TM	245	SRP_gN *GN;
	246	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	247
	248	if (sc == NULL)
	249	return -1;
	250
	251	GN = SRP_get_default_gN(grp);
0f113f3e MC	252	if (GN == NULL)
0f113f3e MC	253	return -1;
38b051a1 TM	254	sc->srp_ctx.N = BN_dup(GN->N);
	255	sc->srp_ctx.g = BN_dup(GN->g);
	256	BN_clear_free(sc->srp_ctx.v);
	257	sc->srp_ctx.v = NULL;
	258	BN_clear_free(sc->srp_ctx.s);
	259	sc->srp_ctx.s = NULL;
	260	if (!SRP_create_verifier_BN_ex(user, pass, &sc->srp_ctx.s, &sc->srp_ctx.v,
	261	sc->srp_ctx.N, sc->srp_ctx.g, s->ctx->libctx,
1744b6d3	262	s->ctx->propq))
0f113f3e MC	263	return -1;
	264
	265	return 1;
	266	}
edc032b5 BL	267
edc032b5 BL	268	int SSL_set_srp_server_param(SSL s, const BIGNUM N, const BIGNUM *g,
0f113f3e MC	269	BIGNUM sa, BIGNUM v, char *info)
0f113f3e MC	270	{
38b051a1 TM	271	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	272
	273	if (sc == NULL)
	274	return -1;
	275
0f113f3e	276	if (N != NULL) {
38b051a1 TM	277	if (sc->srp_ctx.N != NULL) {
	278	if (!BN_copy(sc->srp_ctx.N, N)) {
	279	BN_free(sc->srp_ctx.N);
	280	sc->srp_ctx.N = NULL;
0f113f3e MC	281	}
0f113f3e MC	282	} else
38b051a1	283	sc->srp_ctx.N = BN_dup(N);
0f113f3e MC	284	}
0f113f3e MC	285	if (g != NULL) {
38b051a1 TM	286	if (sc->srp_ctx.g != NULL) {
	287	if (!BN_copy(sc->srp_ctx.g, g)) {
	288	BN_free(sc->srp_ctx.g);
	289	sc->srp_ctx.g = NULL;
0f113f3e MC	290	}
0f113f3e MC	291	} else
38b051a1	292	sc->srp_ctx.g = BN_dup(g);
0f113f3e MC	293	}
0f113f3e MC	294	if (sa != NULL) {
38b051a1 TM	295	if (sc->srp_ctx.s != NULL) {
	296	if (!BN_copy(sc->srp_ctx.s, sa)) {
	297	BN_free(sc->srp_ctx.s);
	298	sc->srp_ctx.s = NULL;
0f113f3e MC	299	}
0f113f3e MC	300	} else
38b051a1	301	sc->srp_ctx.s = BN_dup(sa);
0f113f3e MC	302	}
0f113f3e MC	303	if (v != NULL) {
38b051a1 TM	304	if (sc->srp_ctx.v != NULL) {
	305	if (!BN_copy(sc->srp_ctx.v, v)) {
	306	BN_free(sc->srp_ctx.v);
	307	sc->srp_ctx.v = NULL;
0f113f3e MC	308	}
0f113f3e MC	309	} else
38b051a1	310	sc->srp_ctx.v = BN_dup(v);
0f113f3e	311	}
e655f549	312	if (info != NULL) {
38b051a1 TM	313	if (sc->srp_ctx.info)
	314	OPENSSL_free(sc->srp_ctx.info);
	315	if ((sc->srp_ctx.info = OPENSSL_strdup(info)) == NULL)
e655f549 DSC	316	return -1;
e655f549 DSC	317	}
0f113f3e	318
38b051a1 TM	319	if (!(sc->srp_ctx.N) \|\|
38b051a1 TM	320	!(sc->srp_ctx.g) \|\| !(sc->srp_ctx.s) \|\| !(sc->srp_ctx.v))
0f113f3e MC	321	return -1;
	322
	323	return 1;
	324	}
	325
38b051a1	326	int srp_generate_server_master_secret(SSL_CONNECTION *s)
0f113f3e MC	327	{
0f113f3e MC	328	BIGNUM K = NULL, u = NULL;
639e5760	329	int ret = 0, tmp_len = 0;
0f113f3e	330	unsigned char *tmp = NULL;
38b051a1	331	SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
0f113f3e MC	332
	333	if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
	334	goto err;
1744b6d3	335	if ((u = SRP_Calc_u_ex(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N,
38b051a1	336	sctx->libctx, sctx->propq)) == NULL)
0f113f3e	337	goto err;
75ebbd9a RS	338	if ((K = SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b,
75ebbd9a RS	339	s->srp_ctx.N)) == NULL)
0f113f3e MC	340	goto err;
	341
	342	tmp_len = BN_num_bytes(K);
f63a17d6	343	if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) {
e077455e	344	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
0f113f3e	345	goto err;
f63a17d6	346	}
0f113f3e	347	BN_bn2bin(K, tmp);
f63a17d6	348	/* Calls SSLfatal() as required */
57b272b0	349	ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
0f113f3e	350	err:
0f113f3e MC	351	BN_clear_free(K);
	352	BN_clear_free(u);
	353	return ret;
	354	}
edc032b5 BL	355
edc032b5 BL	356	/* client side */
38b051a1	357	int srp_generate_client_master_secret(SSL_CONNECTION *s)
0f113f3e MC	358	{
0f113f3e MC	359	BIGNUM x = NULL, u = NULL, *K = NULL;
639e5760	360	int ret = 0, tmp_len = 0;
0f113f3e MC	361	char *passwd = NULL;
0f113f3e MC	362	unsigned char *tmp = NULL;
38b051a1	363	SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
0f113f3e MC	364
	365	/*
	366	* Checks if b % n == 0
	367	*/
a2c2e000	368	if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0
1744b6d3	369	\|\| (u = SRP_Calc_u_ex(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N,
38b051a1	370	sctx->libctx, sctx->propq))
a2c2e000 MC	371	== NULL
a2c2e000 MC	372	\|\| s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) {
c48ffbcc	373	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
0f113f3e	374	goto err;
a2c2e000	375	}
38b051a1 TM	376	if ((passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(SSL_CONNECTION_GET_SSL(s),
38b051a1 TM	377	s->srp_ctx.SRP_cb_arg))
a2c2e000	378	== NULL) {
c48ffbcc	379	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_CALLBACK_FAILED);
0f113f3e	380	goto err;
a2c2e000	381	}
1744b6d3	382	if ((x = SRP_Calc_x_ex(s->srp_ctx.s, s->srp_ctx.login, passwd,
38b051a1	383	sctx->libctx, sctx->propq)) == NULL
1744b6d3 MC	384	\|\| (K = SRP_Calc_client_key_ex(s->srp_ctx.N, s->srp_ctx.B,
	385	s->srp_ctx.g, x,
	386	s->srp_ctx.a, u,
38b051a1 TM	387	sctx->libctx,
38b051a1 TM	388	sctx->propq)) == NULL) {
c48ffbcc	389	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
0f113f3e	390	goto err;
a2c2e000	391	}
0f113f3e MC	392
0f113f3e MC	393	tmp_len = BN_num_bytes(K);
a2c2e000	394	if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) {
e077455e	395	SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
0f113f3e	396	goto err;
a2c2e000	397	}
0f113f3e	398	BN_bn2bin(K, tmp);
a2c2e000	399	/* Calls SSLfatal() as required */
57b272b0	400	ret = ssl_generate_master_secret(s, tmp, tmp_len, 1);
0f113f3e	401	err:
0f113f3e MC	402	BN_clear_free(K);
0f113f3e MC	403	BN_clear_free(x);
d73ca3ef MC	404	if (passwd != NULL)
d73ca3ef MC	405	OPENSSL_clear_free(passwd, strlen(passwd));
0f113f3e MC	406	BN_clear_free(u);
	407	return ret;
	408	}
edc032b5	409
38b051a1	410	int srp_verify_server_param(SSL_CONNECTION *s)
0f113f3e MC	411	{
	412	SRP_CTX *srp = &s->srp_ctx;
	413	/*
	414	* Sanity check parameters: we can quickly check B % N == 0 by checking B
	415	* != 0 since B < N
	416	*/
	417	if (BN_ucmp(srp->g, srp->N) >= 0 \|\| BN_ucmp(srp->B, srp->N) >= 0
	418	\|\| BN_is_zero(srp->B)) {
c48ffbcc	419	SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_DATA);
0f113f3e MC	420	return 0;
	421	}
	422
	423	if (BN_num_bits(srp->N) < srp->strength) {
c48ffbcc	424	SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_INSUFFICIENT_SECURITY);
0f113f3e MC	425	return 0;
	426	}
	427
	428	if (srp->SRP_verify_param_callback) {
38b051a1 TM	429	if (srp->SRP_verify_param_callback(SSL_CONNECTION_GET_SSL(s),
38b051a1 TM	430	srp->SRP_cb_arg) <= 0) {
c48ffbcc	431	SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY, SSL_R_CALLBACK_FAILED);
0f113f3e MC	432	return 0;
	433	}
	434	} else if (!SRP_check_known_gN_param(srp->g, srp->N)) {
c48ffbcc	435	SSLfatal(s, SSL_AD_INSUFFICIENT_SECURITY,
a2c2e000	436	SSL_R_INSUFFICIENT_SECURITY);
0f113f3e MC	437	return 0;
	438	}
	439
	440	return 1;
	441	}
0989790b	442
76cb077f MC	443	/*
	444	* The public API SRP_Calc_A_param() is deprecated so we use
	445	* ssl_srp_calc_a_param_intern() internally.
	446	*/
38b051a1	447	int ssl_srp_calc_a_param_intern(SSL_CONNECTION *s)
0f113f3e MC	448	{
0f113f3e MC	449	unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
edc032b5	450
38b051a1 TM	451	if (RAND_priv_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx,
38b051a1 TM	452	rnd, sizeof(rnd), 0) <= 0)
0f113f3e MC	453	return 0;
	454	s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
	455	OPENSSL_cleanse(rnd, sizeof(rnd));
edc032b5	456
a230b26e	457	if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a, s->srp_ctx.N, s->srp_ctx.g)))
0f113f3e	458	return 0;
edc032b5	459
0f113f3e MC	460	return 1;
0f113f3e MC	461	}
edc032b5	462
76cb077f MC	463	int SRP_Calc_A_param(SSL *s)
76cb077f MC	464	{
38b051a1 TM	465	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	466
	467	if (sc == NULL)
	468	return 0;
	469
	470	return ssl_srp_calc_a_param_intern(sc);
76cb077f MC	471	}
76cb077f MC	472
edc032b5	473	BIGNUM SSL_get_srp_g(SSL s)
0f113f3e	474	{
38b051a1 TM	475	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	476
	477	if (sc == NULL)
	478	return NULL;
	479
	480	if (sc->srp_ctx.g != NULL)
	481	return sc->srp_ctx.g;
0f113f3e MC	482	return s->ctx->srp_ctx.g;
0f113f3e MC	483	}
edc032b5 BL	484
edc032b5 BL	485	BIGNUM SSL_get_srp_N(SSL s)
0f113f3e	486	{
38b051a1 TM	487	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	488
	489	if (sc == NULL)
	490	return NULL;
	491
	492	if (sc->srp_ctx.N != NULL)
	493	return sc->srp_ctx.N;
0f113f3e MC	494	return s->ctx->srp_ctx.N;
0f113f3e MC	495	}
edc032b5 BL	496
edc032b5 BL	497	char SSL_get_srp_username(SSL s)
0f113f3e	498	{
38b051a1 TM	499	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	500
	501	if (sc == NULL)
	502	return NULL;
	503
	504	if (sc->srp_ctx.login != NULL)
	505	return sc->srp_ctx.login;
0f113f3e MC	506	return s->ctx->srp_ctx.login;
0f113f3e MC	507	}
edc032b5 BL	508
edc032b5 BL	509	char SSL_get_srp_userinfo(SSL s)
0f113f3e	510	{
38b051a1 TM	511	SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
	512
	513	if (sc == NULL)
	514	return NULL;
	515
	516	if (sc->srp_ctx.info != NULL)
	517	return sc->srp_ctx.info;
0f113f3e MC	518	return s->ctx->srp_ctx.info;
0f113f3e MC	519	}
edc032b5	520
0f113f3e MC	521	# define tls1_ctx_ctrl ssl3_ctx_ctrl
0f113f3e MC	522	# define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
edc032b5	523
0f113f3e MC	524	int SSL_CTX_set_srp_username(SSL_CTX ctx, char name)
	525	{
	526	return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME, 0, name);
	527	}
edc032b5	528
0f113f3e MC	529	int SSL_CTX_set_srp_password(SSL_CTX ctx, char password)
	530	{
	531	return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD, 0, password);
	532	}
edc032b5 BL	533
edc032b5 BL	534	int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
0f113f3e MC	535	{
	536	return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
	537	NULL);
	538	}
	539
	540	int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
	541	int (cb) (SSL , void *))
	542	{
	543	return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
	544	(void (*)(void))cb);
	545	}
edc032b5 BL	546
edc032b5 BL	547	int SSL_CTX_set_srp_cb_arg(SSL_CTX ctx, void arg)
0f113f3e MC	548	{
	549	return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_SRP_ARG, 0, arg);
	550	}
edc032b5 BL	551
edc032b5 BL	552	int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
0f113f3e MC	553	int (cb) (SSL , int , void ))
	554	{
	555	return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
	556	(void (*)(void))cb);
	557	}
	558
	559	int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
	560	char (cb) (SSL , void ))
	561	{
	562	return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
	563	(void (*)(void))cb);
	564	}
edc032b5	565
edc032b5	566	#endif