Home | History | Annotate | Line # | Download | only in helpers 
      1      1.1  christos /*
      2      1.1  christos  * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
      3      1.1  christos  *
      4      1.1  christos  * Licensed under the Apache License 2.0 (the "License").  You may not use
      5      1.1  christos  * this file except in compliance with the License.  You can obtain a copy
      6      1.1  christos  * in the file LICENSE in the source distribution or at
      7      1.1  christos  * https://www.openssl.org/source/license.html
      8      1.1  christos  */
      9      1.1  christos 
     10      1.1  christos /*
     11      1.1  christos  * SRP is deprecated and there is no replacement. When SRP is removed,
     12      1.1  christos  * the code in this file can be removed too. Until then we have to use
     13      1.1  christos  * the deprecated APIs.
     14      1.1  christos  */
     15      1.1  christos #define OPENSSL_SUPPRESS_DEPRECATED
     16      1.1  christos 
     17      1.1  christos #include <openssl/srp.h>
     18      1.1  christos #include <openssl/ssl.h>
     19      1.1  christos #include "handshake.h"
     20      1.1  christos #include "../testutil.h"
     21      1.1  christos 
     22      1.1  christos static char *client_srp_cb(SSL *s, void *arg)
     23      1.1  christos {
     24  1.1.1.2  christos     CTX_DATA *ctx_data = (CTX_DATA *)(arg);
     25      1.1  christos     return OPENSSL_strdup(ctx_data->srp_password);
     26      1.1  christos }
     27      1.1  christos 
     28      1.1  christos static int server_srp_cb(SSL *s, int *ad, void *arg)
     29      1.1  christos {
     30  1.1.1.2  christos     CTX_DATA *ctx_data = (CTX_DATA *)(arg);
     31      1.1  christos     if (strcmp(ctx_data->srp_user, SSL_get_srp_username(s)) != 0)
     32      1.1  christos         return SSL3_AL_FATAL;
     33      1.1  christos     if (SSL_set_srp_server_param_pw(s, ctx_data->srp_user,
     34  1.1.1.2  christos             ctx_data->srp_password,
     35  1.1.1.2  christos             "2048" /* known group */)
     36  1.1.1.2  christos         < 0) {
     37      1.1  christos         *ad = SSL_AD_INTERNAL_ERROR;
     38      1.1  christos         return SSL3_AL_FATAL;
     39      1.1  christos     }
     40      1.1  christos     return SSL_ERROR_NONE;
     41      1.1  christos }
     42      1.1  christos 
     43      1.1  christos int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
     44  1.1.1.2  christos     SSL_CTX *client_ctx,
     45  1.1.1.2  christos     const SSL_TEST_EXTRA_CONF *extra,
     46  1.1.1.2  christos     CTX_DATA *server_ctx_data,
     47  1.1.1.2  christos     CTX_DATA *server2_ctx_data,
     48  1.1.1.2  christos     CTX_DATA *client_ctx_data)
     49      1.1  christos {
     50      1.1  christos     if (extra->server.srp_user != NULL) {
     51      1.1  christos         SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
     52      1.1  christos         server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
     53      1.1  christos         server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password);
     54      1.1  christos         if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password == NULL) {
     55      1.1  christos             OPENSSL_free(server_ctx_data->srp_user);
     56      1.1  christos             OPENSSL_free(server_ctx_data->srp_password);
     57      1.1  christos             server_ctx_data->srp_user = NULL;
     58      1.1  christos             server_ctx_data->srp_password = NULL;
     59      1.1  christos             return 0;
     60      1.1  christos         }
     61      1.1  christos         SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
     62      1.1  christos     }
     63      1.1  christos     if (extra->server2.srp_user != NULL) {
     64      1.1  christos         if (!TEST_ptr(server2_ctx))
     65      1.1  christos             return 0;
     66      1.1  christos         SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
     67      1.1  christos         server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
     68      1.1  christos         server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password);
     69      1.1  christos         if (server2_ctx_data->srp_user == NULL || server2_ctx_data->srp_password == NULL) {
     70      1.1  christos             OPENSSL_free(server2_ctx_data->srp_user);
     71      1.1  christos             OPENSSL_free(server2_ctx_data->srp_password);
     72      1.1  christos             server2_ctx_data->srp_user = NULL;
     73      1.1  christos             server2_ctx_data->srp_password = NULL;
     74      1.1  christos             return 0;
     75      1.1  christos         }
     76      1.1  christos         SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
     77      1.1  christos     }
     78      1.1  christos     if (extra->client.srp_user != NULL) {
     79      1.1  christos         if (!TEST_true(SSL_CTX_set_srp_username(client_ctx,
     80  1.1.1.2  christos                 extra->client.srp_user)))
     81      1.1  christos             return 0;
     82      1.1  christos         SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
     83      1.1  christos         client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password);
     84      1.1  christos         if (client_ctx_data->srp_password == NULL)
     85      1.1  christos             return 0;
     86      1.1  christos         SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
     87      1.1  christos     }
     88      1.1  christos     return 1;
     89      1.1  christos }
     90