handshake_srp.c 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. /*
  2. * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * SRP is deprecated and there is no replacent. When SRP is removed, the code in
  11. * this file can be removed too. Until then we have to use the deprecated APIs.
  12. */
  13. #define OPENSSL_SUPPRESS_DEPRECATED
  14. #include <openssl/srp.h>
  15. #include <openssl/ssl.h>
  16. #include "handshake.h"
  17. #include "../testutil.h"
  18. static char *client_srp_cb(SSL *s, void *arg)
  19. {
  20. CTX_DATA *ctx_data = (CTX_DATA*)(arg);
  21. return OPENSSL_strdup(ctx_data->srp_password);
  22. }
  23. static int server_srp_cb(SSL *s, int *ad, void *arg)
  24. {
  25. CTX_DATA *ctx_data = (CTX_DATA*)(arg);
  26. if (strcmp(ctx_data->srp_user, SSL_get_srp_username(s)) != 0)
  27. return SSL3_AL_FATAL;
  28. if (SSL_set_srp_server_param_pw(s, ctx_data->srp_user,
  29. ctx_data->srp_password,
  30. "2048" /* known group */) < 0) {
  31. *ad = SSL_AD_INTERNAL_ERROR;
  32. return SSL3_AL_FATAL;
  33. }
  34. return SSL_ERROR_NONE;
  35. }
  36. int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
  37. SSL_CTX *client_ctx,
  38. const SSL_TEST_EXTRA_CONF *extra,
  39. CTX_DATA *server_ctx_data,
  40. CTX_DATA *server2_ctx_data,
  41. CTX_DATA *client_ctx_data)
  42. {
  43. if (extra->server.srp_user != NULL) {
  44. SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
  45. server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
  46. server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password);
  47. if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password == NULL) {
  48. OPENSSL_free(server_ctx_data->srp_user);
  49. OPENSSL_free(server_ctx_data->srp_password);
  50. server_ctx_data->srp_user = NULL;
  51. server_ctx_data->srp_password = NULL;
  52. return 0;
  53. }
  54. SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
  55. }
  56. if (extra->server2.srp_user != NULL) {
  57. if (!TEST_ptr(server2_ctx))
  58. return 0;
  59. SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
  60. server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
  61. server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password);
  62. if (server2_ctx_data->srp_user == NULL || server2_ctx_data->srp_password == NULL) {
  63. OPENSSL_free(server2_ctx_data->srp_user);
  64. OPENSSL_free(server2_ctx_data->srp_password);
  65. server2_ctx_data->srp_user = NULL;
  66. server2_ctx_data->srp_password = NULL;
  67. return 0;
  68. }
  69. SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
  70. }
  71. if (extra->client.srp_user != NULL) {
  72. if (!TEST_true(SSL_CTX_set_srp_username(client_ctx,
  73. extra->client.srp_user)))
  74. return 0;
  75. SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
  76. client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password);
  77. if (client_ctx_data->srp_password == NULL)
  78. return 0;
  79. SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
  80. }
  81. return 1;
  82. }