2018-10-26 06:43:35 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
|
|
SSL_CTX_set_srp_username,
|
|
|
|
|
SSL_CTX_set_srp_password,
|
|
|
|
|
SSL_CTX_set_srp_strength,
|
|
|
|
|
SSL_CTX_set_srp_cb_arg,
|
|
|
|
|
SSL_CTX_set_srp_username_callback,
|
|
|
|
|
SSL_CTX_set_srp_client_pwd_callback,
|
|
|
|
|
SSL_CTX_set_srp_verify_param_callback,
|
|
|
|
|
SSL_set_srp_server_param,
|
|
|
|
|
SSL_set_srp_server_param_pw,
|
|
|
|
|
SSL_get_srp_g,
|
|
|
|
|
SSL_get_srp_N,
|
|
|
|
|
SSL_get_srp_username,
|
|
|
|
|
SSL_get_srp_userinfo
|
|
|
|
|
- SRP control operations
|
|
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
|
2021-12-02 19:33:49 +08:00
|
|
|
The following functions have been deprecated since OpenSSL 3.0, and can be
|
|
|
|
|
hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
|
|
|
|
|
see L<openssl_user_macros(7)>:
|
2021-02-08 23:52:07 +08:00
|
|
|
|
2018-10-26 06:43:35 +08:00
|
|
|
int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
|
|
|
|
|
int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
|
|
|
|
|
int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
|
|
|
|
|
int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
|
|
|
|
|
int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
|
|
|
|
|
int (*cb) (SSL *s, int *ad, void *arg));
|
|
|
|
|
int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
|
|
|
|
|
char *(*cb) (SSL *s, void *arg));
|
|
|
|
|
int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
|
|
|
|
|
int (*cb) (SSL *s, void *arg));
|
|
|
|
|
|
|
|
|
|
int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
|
|
|
|
|
BIGNUM *sa, BIGNUM *v, char *info);
|
|
|
|
|
int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
|
|
|
|
|
const char *grp);
|
|
|
|
|
|
|
|
|
|
BIGNUM *SSL_get_srp_g(SSL *s);
|
|
|
|
|
BIGNUM *SSL_get_srp_N(SSL *s);
|
|
|
|
|
|
|
|
|
|
char *SSL_get_srp_username(SSL *s);
|
|
|
|
|
char *SSL_get_srp_userinfo(SSL *s);
|
|
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
2021-02-08 23:52:07 +08:00
|
|
|
All of the functions described on this page are deprecated. There are no
|
|
|
|
|
available replacement functions at this time.
|
|
|
|
|
|
2018-10-26 06:43:35 +08:00
|
|
|
These functions provide access to SRP (Secure Remote Password) parameters,
|
2020-07-17 18:31:26 +08:00
|
|
|
an alternate authentication mechanism for TLS. SRP allows the use of usernames
|
2018-10-26 06:43:35 +08:00
|
|
|
and passwords over unencrypted channels without revealing the password to an
|
|
|
|
|
eavesdropper. SRP also supplies a shared secret at the end of the authentication
|
|
|
|
|
sequence that can be used to generate encryption keys.
|
|
|
|
|
|
|
|
|
|
The SRP protocol, version 3 is specified in RFC 2945. SRP version 6 is described
|
|
|
|
|
in RFC 5054 with applications to TLS authentication.
|
|
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_username() function sets the SRP username for B<ctx>. This
|
|
|
|
|
should be called on the client prior to creating a connection to the server.
|
|
|
|
|
The length of B<name> must be shorter or equal to 255 characters.
|
|
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_password() function sets the SRP password for B<ctx>. This
|
|
|
|
|
may be called on the client prior to creating a connection to the server.
|
|
|
|
|
This overrides the effect of SSL_CTX_set_srp_client_pwd_callback().
|
|
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_strength() function sets the SRP strength for B<ctx>. This
|
|
|
|
|
is the minimal length of the SRP prime in bits. If not specified 1024 is used.
|
|
|
|
|
If not satisfied by the server key exchange the connection will be rejected.
|
|
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_cb_arg() function sets an extra parameter that will
|
|
|
|
|
be passed to all following callbacks as B<arg>.
|
|
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_username_callback() function sets the server side callback
|
|
|
|
|
that is invoked when an SRP username is found in a ClientHello.
|
|
|
|
|
The callback parameters are the SSL connection B<s>, a writable error flag B<ad>
|
|
|
|
|
and the extra argument B<arg> set by SSL_CTX_set_srp_cb_arg().
|
|
|
|
|
This callback should setup the server for the key exchange by calling
|
|
|
|
|
SSL_set_srp_server_param() with the appropriate parameters for the received
|
|
|
|
|
username. The username can be obtained by calling SSL_get_srp_username().
|
2019-11-02 04:26:05 +08:00
|
|
|
See L<SRP_VBASE_init(3)> to parse the verifier file created by L<openssl-srp(1)> or
|
2018-10-26 06:43:35 +08:00
|
|
|
L<SRP_create_verifier(3)> to generate it.
|
|
|
|
|
The callback should return B<SSL_ERROR_NONE> to proceed with the server key exchange,
|
|
|
|
|
B<SSL3_AL_FATAL> for a fatal error or any value < 0 for a retryable error.
|
|
|
|
|
In the event of a B<SSL3_AL_FATAL> the alert flag given by B<*al> will be sent
|
2019-12-01 07:18:47 +08:00
|
|
|
back. By default this will be B<SSL_AD_UNKNOWN_PSK_IDENTITY>.
|
2018-10-26 06:43:35 +08:00
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_client_pwd_callback() function sets the client password
|
|
|
|
|
callback on the client.
|
|
|
|
|
The callback parameters are the SSL connection B<s> and the extra argument B<arg>
|
|
|
|
|
set by SSL_CTX_set_srp_cb_arg().
|
|
|
|
|
The callback will be called as part of the generation of the client secrets.
|
|
|
|
|
It should return the client password in text form or NULL to abort the connection.
|
|
|
|
|
The resulting memory will be freed by the library as part of the callback resolution.
|
|
|
|
|
This overrides the effect of SSL_CTX_set_srp_password().
|
|
|
|
|
|
|
|
|
|
The SSL_CTX_set_srp_verify_param_callback() sets the SRP gN parameter verification
|
|
|
|
|
callback on the client. This allows the client to perform custom verification when
|
|
|
|
|
receiving the server SRP proposed parameters.
|
|
|
|
|
The callback parameters are the SSL connection B<s> and the extra argument B<arg>
|
|
|
|
|
set by SSL_CTX_set_srp_cb_arg().
|
|
|
|
|
The callback should return a positive value to accept the server parameters.
|
|
|
|
|
Returning 0 or a negative value will abort the connection. The server parameters
|
|
|
|
|
can be obtained by calling SSL_get_srp_N() and SSL_get_srp_g().
|
|
|
|
|
Sanity checks are already performed by the library after the handshake
|
|
|
|
|
(B % N non zero, check against the strength parameter) and are not necessary.
|
|
|
|
|
If no callback is set the g and N parameters will be checked against
|
|
|
|
|
known RFC 5054 values.
|
|
|
|
|
|
|
|
|
|
The SSL_set_srp_server_param() function sets all SRP parameters for
|
|
|
|
|
the connection B<s>. B<N> and B<g> are the SRP group parameters, B<sa> is the
|
|
|
|
|
user salt, B<v> the password verifier and B<info> is the optional user info.
|
|
|
|
|
|
|
|
|
|
The SSL_set_srp_server_param_pw() function sets all SRP parameters for the
|
|
|
|
|
connection B<s> by generating a random salt and a password verifier.
|
2019-07-02 16:04:04 +08:00
|
|
|
B<user> is the username, B<pass> the password and B<grp> the SRP group parameters
|
2018-10-26 06:43:35 +08:00
|
|
|
identifier for L<SRP_get_default_gN(3)>.
|
|
|
|
|
|
|
|
|
|
The SSL_get_srp_g() function returns the SRP group generator for B<s>, or from
|
|
|
|
|
the underlying SSL_CTX if it is NULL.
|
|
|
|
|
|
|
|
|
|
The SSL_get_srp_N() function returns the SRP prime for B<s>, or from
|
|
|
|
|
the underlying SSL_CTX if it is NULL.
|
|
|
|
|
|
|
|
|
|
The SSL_get_srp_username() function returns the SRP username for B<s>, or from
|
|
|
|
|
the underlying SSL_CTX if it is NULL.
|
|
|
|
|
|
|
|
|
|
The SSL_get_srp_userinfo() function returns the SRP user info for B<s>, or from
|
|
|
|
|
the underlying SSL_CTX if it is NULL.
|
|
|
|
|
|
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
|
|
|
|
All SSL_CTX_set_* functions return 1 on success and 0 on failure.
|
|
|
|
|
|
|
|
|
|
SSL_set_srp_server_param() returns 1 on success and -1 on failure.
|
|
|
|
|
|
|
|
|
|
The SSL_get_SRP_* functions return a pointer to the requested data, the memory
|
|
|
|
|
is owned by the library and should not be freed by the caller.
|
|
|
|
|
|
|
|
|
|
=head1 EXAMPLES
|
|
|
|
|
|
|
|
|
|
Setup SRP parameters on the client:
|
|
|
|
|
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
|
|
|
|
|
const char *username = "username";
|
|
|
|
|
const char *password = "password";
|
|
|
|
|
|
|
|
|
|
SSL_CTX *ctx = SSL_CTX_new(TLS_client_method());
|
|
|
|
|
if (!ctx)
|
|
|
|
|
/* Error */
|
|
|
|
|
if (!SSL_CTX_set_srp_username(ctx, username))
|
|
|
|
|
/* Error */
|
|
|
|
|
if (!SSL_CTX_set_srp_password(ctx, password))
|
|
|
|
|
/* Error */
|
|
|
|
|
|
|
|
|
|
Setup SRP server with verifier file:
|
|
|
|
|
|
|
|
|
|
#include <openssl/srp.h>
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
|
|
|
|
|
const char *srpvfile = "password.srpv";
|
|
|
|
|
|
|
|
|
|
int srpServerCallback(SSL *s, int *ad, void *arg)
|
|
|
|
|
{
|
|
|
|
|
SRP_VBASE *srpData = (SRP_VBASE*) arg;
|
|
|
|
|
char *username = SSL_get_srp_username(s);
|
|
|
|
|
|
|
|
|
|
SRP_user_pwd *user_pwd = SRP_VBASE_get1_by_user(srpData, username);
|
|
|
|
|
if (!user_pwd)
|
|
|
|
|
/* Error */
|
|
|
|
|
return SSL3_AL_FATAL;
|
|
|
|
|
|
|
|
|
|
if (SSL_set_srp_server_param(s, user_pwd->N, user_pwd->g,
|
|
|
|
|
user_pwd->s, user_pwd->v, user_pwd->info) < 0)
|
|
|
|
|
/* Error */
|
|
|
|
|
|
|
|
|
|
SRP_user_pwd_free(user_pwd);
|
|
|
|
|
return SSL_ERROR_NONE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SSL_CTX *ctx = SSL_CTX_new(TLS_server_method());
|
|
|
|
|
if (!ctx)
|
|
|
|
|
/* Error */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* seedKey should contain a NUL terminated sequence
|
|
|
|
|
* of random non NUL bytes
|
|
|
|
|
*/
|
|
|
|
|
const char *seedKey;
|
|
|
|
|
|
|
|
|
|
SRP_VBASE *srpData = SRP_VBASE_new(seedKey);
|
|
|
|
|
if (SRP_VBASE_init(srpData, (char*) srpvfile) != SRP_NO_ERROR)
|
|
|
|
|
/* Error */
|
|
|
|
|
|
|
|
|
|
SSL_CTX_set_srp_cb_arg(ctx, srpData);
|
|
|
|
|
SSL_CTX_set_srp_username_callback(ctx, srpServerCallback);
|
|
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
2019-11-02 00:27:29 +08:00
|
|
|
L<ssl(7)>,
|
2019-11-02 04:26:05 +08:00
|
|
|
L<openssl-srp(1)>,
|
2018-10-26 06:43:35 +08:00
|
|
|
L<SRP_VBASE_new(3)>,
|
|
|
|
|
L<SRP_create_verifier(3)>
|
|
|
|
|
|
|
|
|
|
=head1 HISTORY
|
|
|
|
|
|
2021-02-08 23:52:07 +08:00
|
|
|
These functions were added in OpenSSL 1.0.1 and deprecated in OpenSSL 3.0.
|
2018-10-26 06:43:35 +08:00
|
|
|
|
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
|
|
2021-02-18 22:57:13 +08:00
|
|
|
Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
|
2018-10-26 06:43:35 +08:00
|
|
|
|
2018-12-06 21:04:44 +08:00
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
2018-10-26 06:43:35 +08:00
|
|
|
this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
in the file LICENSE in the source distribution or at
|
|
|
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
|
|
|
|
|
|
=cut
|
