# include <openssl/evp.h>
# include "internal/bn_srp.h"
-static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
+static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g)
{
/* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
return res;
}
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
+BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N)
{
/* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
return u;
}
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N)
+BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
+ const BIGNUM *b, const BIGNUM *N)
{
BIGNUM *tmp = NULL, *S = NULL;
BN_CTX *bn_ctx;
return S;
}
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
+BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v)
{
BIGNUM *kv = NULL, *gb = NULL;
BIGNUM *B = NULL, *k = NULL;
return B;
}
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
+BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
{
unsigned char dig[SHA_DIGEST_LENGTH];
EVP_MD_CTX *ctxt;
return res;
}
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
+BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g)
{
BN_CTX *bn_ctx;
BIGNUM *A = NULL;
return A;
}
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u)
+BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u)
{
BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
BN_CTX *bn_ctx;
return K;
}
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
+int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N)
{
BIGNUM *r;
BN_CTX *bn_ctx;
return ret;
}
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
+int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N)
{
/* Checks if A % N == 0 */
return SRP_Verify_B_mod_N(A, N);
}
static SRP_gN knowngN[] = {
- {"8192", (BIGNUM *)&bn_generator_19, (BIGNUM *)&bn_group_8192},
- {"6144", (BIGNUM *)&bn_generator_5, (BIGNUM *)&bn_group_6144},
- {"4096", (BIGNUM *)&bn_generator_5, (BIGNUM *)&bn_group_4096},
- {"3072", (BIGNUM *)&bn_generator_5, (BIGNUM *)&bn_group_3072},
- {"2048", (BIGNUM *)&bn_generator_2, (BIGNUM *)&bn_group_2048},
- {"1536", (BIGNUM *)&bn_generator_2, (BIGNUM *)&bn_group_1536},
- {"1024", (BIGNUM *)&bn_generator_2, (BIGNUM *)&bn_group_1024},
+ {"8192", &bn_generator_19, &bn_group_8192},
+ {"6144", &bn_generator_5, &bn_group_6144},
+ {"4096", &bn_generator_5, &bn_group_4096},
+ {"3072", &bn_generator_5, &bn_group_3072},
+ {"2048", &bn_generator_2, &bn_group_2048},
+ {"1536", &bn_generator_2, &bn_group_1536},
+ {"1024", &bn_generator_2, &bn_group_1024},
};
# define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
* Check if G and N are known parameters. The values have been generated
* from the ietf-tls-srp draft version 8
*/
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
+char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N)
{
size_t i;
if ((g == NULL) || (N == NULL))
{
int len;
char *result = NULL, *vf = NULL;
- BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
+ const BIGNUM *N_bn = NULL, *g_bn = NULL;
+ BIGNUM *N_bn_alloc = NULL, *g_bn_alloc = NULL, *s = NULL, *v = NULL;
unsigned char tmp[MAX_LEN];
unsigned char tmp2[MAX_LEN];
char *defgNid = NULL;
if (N) {
if ((len = t_fromb64(tmp, N)) == 0)
goto err;
- N_bn = BN_bin2bn(tmp, len, NULL);
+ N_bn_alloc = BN_bin2bn(tmp, len, NULL);
+ N_bn = N_bn_alloc;
if ((len = t_fromb64(tmp, g)) == 0)
goto err;
- g_bn = BN_bin2bn(tmp, len, NULL);
+ g_bn_alloc = BN_bin2bn(tmp, len, NULL);
+ g_bn = g_bn_alloc;
defgNid = "*";
} else {
SRP_gN *gN = SRP_get_gN_by_id(g, NULL);
result = defgNid;
err:
- if (N) {
- BN_free(N_bn);
- BN_free(g_bn);
- }
+ BN_free(N_bn_alloc);
+ BN_free(g_bn_alloc);
OPENSSL_clear_free(vf, vfsize);
BN_clear_free(s);
BN_clear_free(v);
STACK_OF(SRP_gN_cache) *gN_cache;
/* to simulate a user */
char *seed_key;
- BIGNUM *default_g;
- BIGNUM *default_N;
+ const BIGNUM *default_g;
+ const BIGNUM *default_N;
} SRP_VBASE;
/*
*/
typedef struct SRP_gN_st {
char *id;
- BIGNUM *g;
- BIGNUM *N;
+ const BIGNUM *g;
+ const BIGNUM *N;
} SRP_gN;
DEFINE_STACK_OF(SRP_gN)
# define DB_SRP_MODIF 'v'
/* see srp.c */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
+char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N);
SRP_gN *SRP_get_default_gN(const char *id);
/* server side .... */
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N);
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
+BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
+ const BIGNUM *b, const BIGNUM *N);
+BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v);
+int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N);
+BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N);
/* client side .... */
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u);
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
+BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g);
+BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u);
+int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N);
# define SRP_MINIMAL_N 1024
projects / openssl.git / commitdiff