diff options
author | Antoine Salon <asalon@vmware.com> | 2018-10-25 15:43:35 -0700 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-11-15 10:53:47 +0000 |
commit | 495a1e5c3aec4d44558cd86161b8385f1b1b6822 (patch) | |
tree | 074bb72fe3c5db76a3fcae2bb3f079b53a89311b /crypto/srp | |
parent | d9720a5992315a6936ffba55d2fbbac460fb96a2 (diff) | |
download | openssl-495a1e5c3aec4d44558cd86161b8385f1b1b6822.zip openssl-495a1e5c3aec4d44558cd86161b8385f1b1b6822.tar.gz openssl-495a1e5c3aec4d44558cd86161b8385f1b1b6822.tar.bz2 |
SRP module documentation
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7522)
Diffstat (limited to 'crypto/srp')
-rw-r--r-- | crypto/srp/srp_lib.c | 8 | ||||
-rw-r--r-- | crypto/srp/srp_vfy.c | 15 |
2 files changed, 14 insertions, 9 deletions
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index b97d630..a9e244e 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -44,13 +44,13 @@ static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N) static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g) { - /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */ + /* k = SHA1(N | PAD(g)) -- tls-srp RFC 5054 */ return srp_Calc_xy(N, g, N); } BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N) { - /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */ + /* u = SHA1(PAD(A) || PAD(B) ) -- tls-srp RFC 5054 */ return srp_Calc_xy(A, B, N); } @@ -254,13 +254,13 @@ static SRP_gN knowngN[] = { /* * Check if G and N are known parameters. The values have been generated - * from the ietf-tls-srp draft version 8 + * from the IETF RFC 5054 */ char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N) { size_t i; if ((g == NULL) || (N == NULL)) - return 0; + return NULL; for (i = 0; i < KNOWN_GN_NUMBER; i++) { if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0) diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index 17b35c0..622fffb 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -340,12 +340,13 @@ static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab) int i; SRP_gN *gN; - if (gN_tab != NULL) + if (gN_tab != NULL) { for (i = 0; i < sk_SRP_gN_num(gN_tab); i++) { gN = sk_SRP_gN_value(gN_tab, i); if (gN && (id == NULL || strcmp(gN->id, id) == 0)) return gN; } + } return SRP_get_default_gN(id); } @@ -374,9 +375,13 @@ static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch) } /* - * this function parses verifier file. Format is: - * string(index):base64(N):base64(g):0 - * string(username):base64(v):base64(salt):int(index) + * This function parses the verifier file generated by the srp app. + * The format for each entry is: + * V base64(verifier) base64(salt) username gNid userinfo(optional) + * or + * I base64(N) base64(g) + * Note that base64 is the SRP variant of base64 encoding described + * in t_fromb64(). */ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file) @@ -605,7 +610,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt, g_bn = g_bn_alloc; defgNid = "*"; } else { - SRP_gN *gN = SRP_get_gN_by_id(g, NULL); + SRP_gN *gN = SRP_get_default_gN(g); if (gN == NULL) goto err; N_bn = gN->N; |