1 files changed, 0 insertions, 376 deletions
diff --git a/src/lib/libcrypto/srp/srp_lib.c b/src/lib/libcrypto/srp/srp_lib.c
deleted file mode 100644
index 1e96adc6a3..0000000000
--- a/src/lib/libcrypto/srp/srp_lib.c
+++ /dev/null
@@ -1,376 +0,0 @@
-/* $OpenBSD: srp_lib.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Christophe Renou (christophe.renou@edelweb.fr) with 
- * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) 
- * for the EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_SRP
-#include <openssl/evp.h>
-#include <openssl/srp.h>
-#include "srp_lcl.h"
-#if (BN_BYTES == 8)
-# if defined(_LP64)
-#  define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
-# else
-#  define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
-# endif
-#elif (BN_BYTES == 4)
-# define bn_pack4(a1,a2,a3,a4)  ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
-#else
-# error "unsupported BN_BYTES"
-#endif
-#include "srp_grps.h"
-static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
-        {
-        /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
-        unsigned char digest[SHA_DIGEST_LENGTH];
-        unsigned char *tmp;
-        EVP_MD_CTX ctxt;
-        BIGNUM *ret = NULL;
-        int longg;
-        int longN = BN_num_bytes(N);
-        if ((tmp = malloc(longN)) == NULL)
-                return NULL;
-        BN_bn2bin(N,tmp);
-        EVP_MD_CTX_init(&ctxt);
-        if (!EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL))
-                goto err;
-        if (!EVP_DigestUpdate(&ctxt, tmp, longN))
-                goto err;
-        memset(tmp, 0, longN);
-        longg = BN_bn2bin(g,tmp);
-        /* use the zeros behind to pad on left */
-        if (!EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg))
-                goto err;
-        if (!EVP_DigestUpdate(&ctxt, tmp, longg))
-                goto err;
-        if (!EVP_DigestFinal_ex(&ctxt, digest, NULL))
-                goto err;
-        ret = BN_bin2bn(digest, sizeof(digest), NULL);  
-err:
-        EVP_MD_CTX_cleanup(&ctxt);
-        free(tmp);
-        return ret;
-        }
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
-        {
-        /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
-        BIGNUM *u;      
-        unsigned char cu[SHA_DIGEST_LENGTH];
-        unsigned char *cAB;
-        EVP_MD_CTX ctxt;
-        int longN;  
-        if ((A == NULL) ||(B == NULL) || (N == NULL))
-                return NULL;
-        longN= BN_num_bytes(N);
-        if ((cAB = reallocarray(NULL, 2, longN)) == NULL) 
-                return NULL;
-        memset(cAB, 0, longN);
-        EVP_MD_CTX_init(&ctxt);
-        EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-        EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A,cAB+longN), longN);
-        EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B,cAB+longN), longN);
-        free(cAB);
-        EVP_DigestFinal_ex(&ctxt, cu, NULL);
-        EVP_MD_CTX_cleanup(&ctxt);
-        if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
-                return NULL;
-        if (!BN_is_zero(u))
-                return u;
-        BN_free(u);
-        return NULL;
-}
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N)
-        {
-        BIGNUM *tmp = NULL, *S = NULL;
-        BN_CTX *bn_ctx; 
-        
-        if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
-                return NULL; 
-        if ((bn_ctx = BN_CTX_new()) == NULL ||
-                (tmp = BN_new()) == NULL ||
-                (S = BN_new()) == NULL )
-                goto err;
-        /* S = (A*v**u) ** b */ 
-        if (!BN_mod_exp(tmp,v,u,N,bn_ctx))
-                goto err;
-        if (!BN_mod_mul(tmp,A,tmp,N,bn_ctx))
-                goto err;
-        if (!BN_mod_exp(S,tmp,b,N,bn_ctx))
-                goto err;
-err:
-        BN_CTX_free(bn_ctx);
-        BN_clear_free(tmp);
-        return S;
-        }
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
-        {
-        BIGNUM  *kv = NULL, *gb = NULL;
-        BIGNUM *B = NULL, *k = NULL;
-        BN_CTX *bn_ctx;
-        if (b == NULL || N == NULL || g == NULL || v == NULL ||
-                (bn_ctx = BN_CTX_new()) == NULL)
-                return NULL; 
-        if ( (kv = BN_new()) == NULL ||
-                (gb = BN_new()) == NULL ||
-                (B = BN_new())== NULL)
-                goto err;
-        /* B = g**b + k*v */
-        if (!BN_mod_exp(gb,g,b,N,bn_ctx) ||
-           !(k = srp_Calc_k(N,g)) ||
-           !BN_mod_mul(kv,v,k,N,bn_ctx) || 
-           !BN_mod_add(B,gb,kv,N,bn_ctx))
-                {
-                BN_free(B);
-                B = NULL;
-                }
-err:
-        BN_CTX_free(bn_ctx);
-        BN_clear_free(kv);
-        BN_clear_free(gb);
-        BN_free(k); 
-        return B;
-        }
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
-        {
-        unsigned char dig[SHA_DIGEST_LENGTH];
-        EVP_MD_CTX ctxt;
-        unsigned char *cs;
-        if ((s == NULL) ||
-                (user == NULL) ||
-                (pass == NULL))
-                return NULL;
-        if ((cs = malloc(BN_num_bytes(s))) == NULL)
-                return NULL;
-        EVP_MD_CTX_init(&ctxt);
-        EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-        EVP_DigestUpdate(&ctxt, user, strlen(user));
-        EVP_DigestUpdate(&ctxt, ":", 1);
-        EVP_DigestUpdate(&ctxt, pass, strlen(pass));
-        EVP_DigestFinal_ex(&ctxt, dig, NULL);
-        EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-        BN_bn2bin(s,cs);
-        EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
-        free(cs);
-        EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
-        EVP_DigestFinal_ex(&ctxt, dig, NULL);
-        EVP_MD_CTX_cleanup(&ctxt);
-        return BN_bin2bn(dig, sizeof(dig), NULL);
-        }
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
-        {
-        BN_CTX *bn_ctx; 
-        BIGNUM * A = NULL;
-        if (a == NULL || N == NULL || g == NULL ||
-                (bn_ctx = BN_CTX_new()) == NULL) 
-                return NULL;
-        if ((A = BN_new()) != NULL &&
-           !BN_mod_exp(A,g,a,N,bn_ctx))
-                {
-                BN_free(A);
-                A = NULL;
-                }
-        BN_CTX_free(bn_ctx);
-        return A;
-        }
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u)
-        {
-        BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL , *k = NULL, *K = NULL;
-        BIGNUM *ret = NULL;
-        BN_CTX *bn_ctx;
-        if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL || a == NULL ||
-                (bn_ctx = BN_CTX_new()) == NULL)
-                return NULL; 
-        if ((tmp = BN_new()) == NULL ||
-                (tmp2 = BN_new())== NULL ||
-                (tmp3 = BN_new())== NULL ||
-                (K = BN_new()) == NULL)
-                goto err;
-        
-        if (!BN_mod_exp(tmp,g,x,N,bn_ctx))
-                goto err;
-        if (!(k = srp_Calc_k(N,g)))
-                goto err;
-        if (!BN_mod_mul(tmp2,tmp,k,N,bn_ctx))
-                goto err;
-        if (!BN_mod_sub(tmp,B,tmp2,N,bn_ctx))
-                goto err;
-        if (!BN_mod_mul(tmp3,u,x,N,bn_ctx))
-                goto err;
-        if (!BN_mod_add(tmp2,a,tmp3,N,bn_ctx))
-                goto err;
-        if (!BN_mod_exp(K,tmp,tmp2,N,bn_ctx))
-                goto err;
-        ret = K;
-        K = NULL;
-err :
-        BN_CTX_free(bn_ctx);
-        BN_clear_free(tmp);
-        BN_clear_free(tmp2);
-        BN_clear_free(tmp3);
-        BN_free(k);
-        BN_clear_free(K);
-        return ret;     
-        }
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
-        {
-        BIGNUM *r;
-        BN_CTX *bn_ctx; 
-        int ret = 0;
-        if (B == NULL || N == NULL ||
-                (bn_ctx = BN_CTX_new()) == NULL)
-                return 0;
-        if ((r = BN_new()) == NULL)
-                goto err;
-        /* Checks if B % N == 0 */
-        if (!BN_nnmod(r,B,N,bn_ctx))
-                goto err;
-        ret = !BN_is_zero(r);
-err:
-        BN_CTX_free(bn_ctx);
-        BN_free(r);
-        return ret;
-        }
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
-        {
-        /* Checks if A % N == 0 */
-        return SRP_Verify_B_mod_N(A,N) ;
-        }
-/* Check if G and N are kwown parameters. 
-   The values have been generated from the ietf-tls-srp draft version 8
-*/
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
-        {
-        size_t i;
-        if ((g == NULL) || (N == NULL))
-                return 0;
-        srp_bn_print(g);
-        srp_bn_print(N);
-        for(i = 0; i < KNOWN_GN_NUMBER; i++)
-                {
-                if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0) 
-                        return knowngN[i].id;
-                }
-        return NULL;
-        }
-SRP_gN *SRP_get_default_gN(const char *id)
-        {
-        size_t i;
-        if (id == NULL) 
-                return knowngN;
-        for(i = 0; i < KNOWN_GN_NUMBER; i++)
-                {
-                if (strcmp(knowngN[i].id, id)==0)
-                        return knowngN + i;
-                }
-        return NULL;
-        }
-#endif

diff --git a/src/lib/libcrypto/srp/srp_lib.c b/src/lib/libcrypto/srp/srp_lib.c deleted file mode 100644 index 1e96adc6a3..0000000000 --- a/src/lib/libcrypto/srp/srp_lib.c +++ /dev/null
@@ -1,376 +0,0 @@
1	/* $OpenBSD: srp_lib.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */
2	/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
3	* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
4	* for the EdelKey project and contributed to the OpenSSL project 2004.
5	*/
6	/* ====================================================================
7	* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	*
13	* 1. Redistributions of source code must retain the above copyright
14	* notice, this list of conditions and the following disclaimer.
15	*
16	* 2. Redistributions in binary form must reproduce the above copyright
17	* notice, this list of conditions and the following disclaimer in
18	* the documentation and/or other materials provided with the
19	* distribution.
20	*
21	* 3. All advertising materials mentioning features or use of this
22	* software must display the following acknowledgment:
23	* "This product includes software developed by the OpenSSL Project
24	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25	*
26	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27	* endorse or promote products derived from this software without
28	* prior written permission. For written permission, please contact
29	* licensing@OpenSSL.org.
30	*
31	* 5. Products derived from this software may not be called "OpenSSL"
32	* nor may "OpenSSL" appear in their names without prior written
33	* permission of the OpenSSL Project.
34	*
35	* 6. Redistributions of any form whatsoever must retain the following
36	* acknowledgment:
37	* "This product includes software developed by the OpenSSL Project
38	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39	*
40	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51	* OF THE POSSIBILITY OF SUCH DAMAGE.
52	* ====================================================================
53	*
54	* This product includes cryptographic software written by Eric Young
55	* (eay@cryptsoft.com). This product includes software written by Tim
56	* Hudson (tjh@cryptsoft.com).
57	*
58	*/
59
60	#include <openssl/opensslconf.h>
61
62	#ifndef OPENSSL_NO_SRP
63
64	#include <openssl/evp.h>
65	#include <openssl/srp.h>
66
67	#include "srp_lcl.h"
68
69	#if (BN_BYTES == 8)
70	# if defined(_LP64)
71	# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)\|(a2##UL<<32)\|(a3##UL<<16)\|a4##UL)
72	# else
73	# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)\|(a2##ULL<<32)\|(a3##ULL<<16)\|a4##ULL)
74	# endif
75	#elif (BN_BYTES == 4)
76	# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)\|a4##UL), ((a1##UL<<16)\|a2##UL)
77	#else
78	# error "unsupported BN_BYTES"
79	#endif
80
81
82	#include "srp_grps.h"
83
84	static BIGNUM srp_Calc_k(BIGNUM N, BIGNUM *g)
85	{
86	/* k = SHA1(N \| PAD(g)) -- tls-srp draft 8 */
87
88	unsigned char digest[SHA_DIGEST_LENGTH];
89	unsigned char *tmp;
90	EVP_MD_CTX ctxt;
91	BIGNUM *ret = NULL;
92	int longg;
93	int longN = BN_num_bytes(N);
94
95	if ((tmp = malloc(longN)) == NULL)
96	return NULL;
97	BN_bn2bin(N,tmp);
98
99	EVP_MD_CTX_init(&ctxt);
100	if (!EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL))
101	goto err;
102	if (!EVP_DigestUpdate(&ctxt, tmp, longN))
103	goto err;
104
105	memset(tmp, 0, longN);
106	longg = BN_bn2bin(g,tmp);
107	/* use the zeros behind to pad on left */
108	if (!EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg))
109	goto err;
110	if (!EVP_DigestUpdate(&ctxt, tmp, longg))
111	goto err;
112
113	if (!EVP_DigestFinal_ex(&ctxt, digest, NULL))
114	goto err;
115	ret = BN_bin2bn(digest, sizeof(digest), NULL);
116	err:
117	EVP_MD_CTX_cleanup(&ctxt);
118	free(tmp);
119	return ret;
120	}
121
122	BIGNUM SRP_Calc_u(BIGNUM A, BIGNUM B, BIGNUM N)
123	{
124	/* k = SHA1(PAD(A) \|\| PAD(B) ) -- tls-srp draft 8 */
125
126	BIGNUM *u;
127	unsigned char cu[SHA_DIGEST_LENGTH];
128	unsigned char *cAB;
129	EVP_MD_CTX ctxt;
130	int longN;
131	if ((A == NULL) \|\|(B == NULL) \|\| (N == NULL))
132	return NULL;
133
134	longN= BN_num_bytes(N);
135
136	if ((cAB = reallocarray(NULL, 2, longN)) == NULL)
137	return NULL;
138
139	memset(cAB, 0, longN);
140
141	EVP_MD_CTX_init(&ctxt);
142	EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
143	EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A,cAB+longN), longN);
144	EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B,cAB+longN), longN);
145	free(cAB);
146	EVP_DigestFinal_ex(&ctxt, cu, NULL);
147	EVP_MD_CTX_cleanup(&ctxt);
148
149	if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
150	return NULL;
151	if (!BN_is_zero(u))
152	return u;
153	BN_free(u);
154	return NULL;
155	}
156
157	BIGNUM SRP_Calc_server_key(BIGNUM A, BIGNUM v, BIGNUM u, BIGNUM b, BIGNUM N)
158	{
159	BIGNUM tmp = NULL, S = NULL;
160	BN_CTX *bn_ctx;
161
162	if (u == NULL \|\| A == NULL \|\| v == NULL \|\| b == NULL \|\| N == NULL)
163	return NULL;
164
165	if ((bn_ctx = BN_CTX_new()) == NULL \|\|
166	(tmp = BN_new()) == NULL \|\|
167	(S = BN_new()) == NULL )
168	goto err;
169
170	/* S = (Avu) * b */
171
172	if (!BN_mod_exp(tmp,v,u,N,bn_ctx))
173	goto err;
174	if (!BN_mod_mul(tmp,A,tmp,N,bn_ctx))
175	goto err;
176	if (!BN_mod_exp(S,tmp,b,N,bn_ctx))
177	goto err;
178	err:
179	BN_CTX_free(bn_ctx);
180	BN_clear_free(tmp);
181	return S;
182	}
183
184	BIGNUM SRP_Calc_B(BIGNUM b, BIGNUM N, BIGNUM g, BIGNUM *v)
185	{
186	BIGNUM kv = NULL, gb = NULL;
187	BIGNUM B = NULL, k = NULL;
188	BN_CTX *bn_ctx;
189
190	if (b == NULL \|\| N == NULL \|\| g == NULL \|\| v == NULL \|\|
191	(bn_ctx = BN_CTX_new()) == NULL)
192	return NULL;
193
194	if ( (kv = BN_new()) == NULL \|\|
195	(gb = BN_new()) == NULL \|\|
196	(B = BN_new())== NULL)
197	goto err;
198
199	/* B = g*b + kv */
200
201	if (!BN_mod_exp(gb,g,b,N,bn_ctx) \|\|
202	!(k = srp_Calc_k(N,g)) \|\|
203	!BN_mod_mul(kv,v,k,N,bn_ctx) \|\|
204	!BN_mod_add(B,gb,kv,N,bn_ctx))
205	{
206	BN_free(B);
207	B = NULL;
208	}
209	err:
210	BN_CTX_free(bn_ctx);
211	BN_clear_free(kv);
212	BN_clear_free(gb);
213	BN_free(k);
214	return B;
215	}
216
217	BIGNUM SRP_Calc_x(BIGNUM s, const char user, const char pass)
218	{
219	unsigned char dig[SHA_DIGEST_LENGTH];
220	EVP_MD_CTX ctxt;
221	unsigned char *cs;
222
223	if ((s == NULL) \|\|
224	(user == NULL) \|\|
225	(pass == NULL))
226	return NULL;
227
228	if ((cs = malloc(BN_num_bytes(s))) == NULL)
229	return NULL;
230
231	EVP_MD_CTX_init(&ctxt);
232	EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
233	EVP_DigestUpdate(&ctxt, user, strlen(user));
234	EVP_DigestUpdate(&ctxt, ":", 1);
235	EVP_DigestUpdate(&ctxt, pass, strlen(pass));
236	EVP_DigestFinal_ex(&ctxt, dig, NULL);
237
238	EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
239	BN_bn2bin(s,cs);
240	EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
241	free(cs);
242	EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
243	EVP_DigestFinal_ex(&ctxt, dig, NULL);
244	EVP_MD_CTX_cleanup(&ctxt);
245
246	return BN_bin2bn(dig, sizeof(dig), NULL);
247	}
248
249	BIGNUM SRP_Calc_A(BIGNUM a, BIGNUM N, BIGNUM g)
250	{
251	BN_CTX *bn_ctx;
252	BIGNUM * A = NULL;
253
254	if (a == NULL \|\| N == NULL \|\| g == NULL \|\|
255	(bn_ctx = BN_CTX_new()) == NULL)
256	return NULL;
257
258	if ((A = BN_new()) != NULL &&
259	!BN_mod_exp(A,g,a,N,bn_ctx))
260	{
261	BN_free(A);
262	A = NULL;
263	}
264	BN_CTX_free(bn_ctx);
265	return A;
266	}
267
268
269	BIGNUM SRP_Calc_client_key(BIGNUM N, BIGNUM B, BIGNUM g, BIGNUM x, BIGNUM a, BIGNUM *u)
270	{
271	BIGNUM tmp = NULL, tmp2 = NULL, tmp3 = NULL , k = NULL, *K = NULL;
272	BIGNUM *ret = NULL;
273	BN_CTX *bn_ctx;
274
275	if (u == NULL \|\| B == NULL \|\| N == NULL \|\| g == NULL \|\| x == NULL \|\| a == NULL \|\|
276	(bn_ctx = BN_CTX_new()) == NULL)
277	return NULL;
278
279	if ((tmp = BN_new()) == NULL \|\|
280	(tmp2 = BN_new())== NULL \|\|
281	(tmp3 = BN_new())== NULL \|\|
282	(K = BN_new()) == NULL)
283	goto err;
284
285	if (!BN_mod_exp(tmp,g,x,N,bn_ctx))
286	goto err;
287	if (!(k = srp_Calc_k(N,g)))
288	goto err;
289	if (!BN_mod_mul(tmp2,tmp,k,N,bn_ctx))
290	goto err;
291	if (!BN_mod_sub(tmp,B,tmp2,N,bn_ctx))
292	goto err;
293
294	if (!BN_mod_mul(tmp3,u,x,N,bn_ctx))
295	goto err;
296	if (!BN_mod_add(tmp2,a,tmp3,N,bn_ctx))
297	goto err;
298	if (!BN_mod_exp(K,tmp,tmp2,N,bn_ctx))
299	goto err;
300
301	ret = K;
302	K = NULL;
303
304	err :
305	BN_CTX_free(bn_ctx);
306	BN_clear_free(tmp);
307	BN_clear_free(tmp2);
308	BN_clear_free(tmp3);
309	BN_free(k);
310	BN_clear_free(K);
311	return ret;
312	}
313
314	int SRP_Verify_B_mod_N(BIGNUM B, BIGNUM N)
315	{
316	BIGNUM *r;
317	BN_CTX *bn_ctx;
318	int ret = 0;
319
320	if (B == NULL \|\| N == NULL \|\|
321	(bn_ctx = BN_CTX_new()) == NULL)
322	return 0;
323
324	if ((r = BN_new()) == NULL)
325	goto err;
326	/* Checks if B % N == 0 */
327	if (!BN_nnmod(r,B,N,bn_ctx))
328	goto err;
329	ret = !BN_is_zero(r);
330	err:
331	BN_CTX_free(bn_ctx);
332	BN_free(r);
333	return ret;
334	}
335
336	int SRP_Verify_A_mod_N(BIGNUM A, BIGNUM N)
337	{
338	/* Checks if A % N == 0 */
339	return SRP_Verify_B_mod_N(A,N) ;
340	}
341
342
343	/* Check if G and N are kwown parameters.
344	The values have been generated from the ietf-tls-srp draft version 8
345	*/
346	char SRP_check_known_gN_param(BIGNUM g, BIGNUM *N)
347	{
348	size_t i;
349	if ((g == NULL) \|\| (N == NULL))
350	return 0;
351
352	srp_bn_print(g);
353	srp_bn_print(N);
354
355	for(i = 0; i < KNOWN_GN_NUMBER; i++)
356	{
357	if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0)
358	return knowngN[i].id;
359	}
360	return NULL;
361	}
362
363	SRP_gN SRP_get_default_gN(const char id)
364	{
365	size_t i;
366
367	if (id == NULL)
368	return knowngN;
369	for(i = 0; i < KNOWN_GN_NUMBER; i++)
370	{
371	if (strcmp(knowngN[i].id, id)==0)
372	return knowngN + i;
373	}
374	return NULL;
375	}
376	#endif