1 /*
2 * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * SRP is deprecated and there is no replacent. When SRP is removed, the code in
12 * this file can be removed too. Until then we have to use the deprecated APIs.
13 */
14 #define OPENSSL_SUPPRESS_DEPRECATED
15
16 #include <openssl/srp.h>
17 #include <openssl/ssl.h>
18 #include "handshake.h"
19 #include "../testutil.h"
20
client_srp_cb(SSL * s,void * arg)21 static char *client_srp_cb(SSL *s, void *arg)
22 {
23 CTX_DATA *ctx_data = (CTX_DATA*)(arg);
24 return OPENSSL_strdup(ctx_data->srp_password);
25 }
26
server_srp_cb(SSL * s,int * ad,void * arg)27 static int server_srp_cb(SSL *s, int *ad, void *arg)
28 {
29 CTX_DATA *ctx_data = (CTX_DATA*)(arg);
30 if (strcmp(ctx_data->srp_user, SSL_get_srp_username(s)) != 0)
31 return SSL3_AL_FATAL;
32 if (SSL_set_srp_server_param_pw(s, ctx_data->srp_user,
33 ctx_data->srp_password,
34 "2048" /* known group */) < 0) {
35 *ad = SSL_AD_INTERNAL_ERROR;
36 return SSL3_AL_FATAL;
37 }
38 return SSL_ERROR_NONE;
39 }
40
configure_handshake_ctx_for_srp(SSL_CTX * server_ctx,SSL_CTX * server2_ctx,SSL_CTX * client_ctx,const SSL_TEST_EXTRA_CONF * extra,CTX_DATA * server_ctx_data,CTX_DATA * server2_ctx_data,CTX_DATA * client_ctx_data)41 int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
42 SSL_CTX *client_ctx,
43 const SSL_TEST_EXTRA_CONF *extra,
44 CTX_DATA *server_ctx_data,
45 CTX_DATA *server2_ctx_data,
46 CTX_DATA *client_ctx_data)
47 {
48 if (extra->server.srp_user != NULL) {
49 SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb);
50 server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user);
51 server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password);
52 if (server_ctx_data->srp_user == NULL || server_ctx_data->srp_password == NULL) {
53 OPENSSL_free(server_ctx_data->srp_user);
54 OPENSSL_free(server_ctx_data->srp_password);
55 server_ctx_data->srp_user = NULL;
56 server_ctx_data->srp_password = NULL;
57 return 0;
58 }
59 SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data);
60 }
61 if (extra->server2.srp_user != NULL) {
62 if (!TEST_ptr(server2_ctx))
63 return 0;
64 SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb);
65 server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user);
66 server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password);
67 if (server2_ctx_data->srp_user == NULL || server2_ctx_data->srp_password == NULL) {
68 OPENSSL_free(server2_ctx_data->srp_user);
69 OPENSSL_free(server2_ctx_data->srp_password);
70 server2_ctx_data->srp_user = NULL;
71 server2_ctx_data->srp_password = NULL;
72 return 0;
73 }
74 SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data);
75 }
76 if (extra->client.srp_user != NULL) {
77 if (!TEST_true(SSL_CTX_set_srp_username(client_ctx,
78 extra->client.srp_user)))
79 return 0;
80 SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb);
81 client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password);
82 if (client_ctx_data->srp_password == NULL)
83 return 0;
84 SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data);
85 }
86 return 1;
87 }
88