srp.c (325335) | srp.c (325337) |
---|---|
1/* apps/srp.c */ 2/* 3 * Written by Peter Sylvester (peter.sylvester@edelweb.fr) for the EdelKey 4 * project and contributed to the OpenSSL project 2004. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2004 The OpenSSL Project. All rights reserved. 8 * --- 109 unchanged lines hidden (view full) --- 118int MAIN(int, char **); 119 120static int get_index(CA_DB *db, char *id, char type) 121{ 122 char **pp; 123 int i; 124 if (id == NULL) 125 return -1; | 1/* apps/srp.c */ 2/* 3 * Written by Peter Sylvester (peter.sylvester@edelweb.fr) for the EdelKey 4 * project and contributed to the OpenSSL project 2004. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2004 The OpenSSL Project. All rights reserved. 8 * --- 109 unchanged lines hidden (view full) --- 118int MAIN(int, char **); 119 120static int get_index(CA_DB *db, char *id, char type) 121{ 122 char **pp; 123 int i; 124 if (id == NULL) 125 return -1; |
126 if (type == DB_SRP_INDEX) | 126 if (type == DB_SRP_INDEX) { |
127 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { 128 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); 129 if (pp[DB_srptype][0] == DB_SRP_INDEX 130 && !strcmp(id, pp[DB_srpid])) 131 return i; | 127 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { 128 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); 129 if (pp[DB_srptype][0] == DB_SRP_INDEX 130 && !strcmp(id, pp[DB_srpid])) 131 return i; |
132 } else | 132 } 133 } else { |
133 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { 134 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); 135 136 if (pp[DB_srptype][0] != DB_SRP_INDEX 137 && !strcmp(id, pp[DB_srpid])) 138 return i; 139 } | 134 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { 135 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); 136 137 if (pp[DB_srptype][0] != DB_SRP_INDEX 138 && !strcmp(id, pp[DB_srpid])) 139 return i; 140 } |
141 } |
|
140 141 return -1; 142} 143 144static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s) 145{ 146 if (indx >= 0 && verbose) { 147 int j; --- 24 unchanged lines hidden (view full) --- 172 } 173} 174 175static int update_index(CA_DB *db, BIO *bio, char **row) 176{ 177 char **irow; 178 int i; 179 | 142 143 return -1; 144} 145 146static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s) 147{ 148 if (indx >= 0 && verbose) { 149 int j; --- 24 unchanged lines hidden (view full) --- 174 } 175} 176 177static int update_index(CA_DB *db, BIO *bio, char **row) 178{ 179 char **irow; 180 int i; 181 |
180 if ((irow = 181 (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) { | 182 irow = (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1)); 183 if (irow == NULL) { |
182 BIO_printf(bio_err, "Memory allocation failure\n"); 183 return 0; 184 } 185 186 for (i = 0; i < DB_NUMBER; i++) 187 irow[i] = row[i]; 188 irow[DB_NUMBER] = NULL; 189 --- 10 unchanged lines hidden (view full) --- 200{ 201 BIO_printf(bio_err, "variable lookup failed for %s::%s\n", name, tag); 202} 203 204static char *srp_verify_user(const char *user, const char *srp_verifier, 205 char *srp_usersalt, const char *g, const char *N, 206 const char *passin, BIO *bio, int verbose) 207{ | 184 BIO_printf(bio_err, "Memory allocation failure\n"); 185 return 0; 186 } 187 188 for (i = 0; i < DB_NUMBER; i++) 189 irow[i] = row[i]; 190 irow[DB_NUMBER] = NULL; 191 --- 10 unchanged lines hidden (view full) --- 202{ 203 BIO_printf(bio_err, "variable lookup failed for %s::%s\n", name, tag); 204} 205 206static char *srp_verify_user(const char *user, const char *srp_verifier, 207 char *srp_usersalt, const char *g, const char *N, 208 const char *passin, BIO *bio, int verbose) 209{ |
208 char password[1024]; | 210 char password[1025]; |
209 PW_CB_DATA cb_tmp; 210 char *verifier = NULL; 211 char *gNid = NULL; | 211 PW_CB_DATA cb_tmp; 212 char *verifier = NULL; 213 char *gNid = NULL; |
214 int len; |
|
212 213 cb_tmp.prompt_info = user; 214 cb_tmp.password = passin; 215 | 215 216 cb_tmp.prompt_info = user; 217 cb_tmp.password = passin; 218 |
216 if (password_callback(password, 1024, 0, &cb_tmp) > 0) { | 219 len = password_callback(password, sizeof(password)-1, 0, &cb_tmp); 220 if (len > 0) { 221 password[len] = 0; |
217 VERBOSE BIO_printf(bio, 218 "Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n", 219 user, srp_verifier, srp_usersalt, g, N); | 222 VERBOSE BIO_printf(bio, 223 "Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n", 224 user, srp_verifier, srp_usersalt, g, N); |
220 BIO_printf(bio, "Pass %s\n", password); | 225 VVERBOSE BIO_printf(bio, "Pass %s\n", password); |
221 | 226 |
222 if (! 223 (gNid = 224 SRP_create_verifier(user, password, &srp_usersalt, &verifier, N, 225 g))) { | 227 if (!(gNid = SRP_create_verifier(user, password, &srp_usersalt, 228 &verifier, N, g))) { |
226 BIO_printf(bio, "Internal error validating SRP verifier\n"); 227 } else { 228 if (strcmp(verifier, srp_verifier)) 229 gNid = NULL; 230 OPENSSL_free(verifier); 231 } | 229 BIO_printf(bio, "Internal error validating SRP verifier\n"); 230 } else { 231 if (strcmp(verifier, srp_verifier)) 232 gNid = NULL; 233 OPENSSL_free(verifier); 234 } |
235 OPENSSL_cleanse(password, len); |
|
232 } 233 return gNid; 234} 235 236static char *srp_create_user(char *user, char **srp_verifier, 237 char **srp_usersalt, char *g, char *N, 238 char *passout, BIO *bio, int verbose) 239{ | 236 } 237 return gNid; 238} 239 240static char *srp_create_user(char *user, char **srp_verifier, 241 char **srp_usersalt, char *g, char *N, 242 char *passout, BIO *bio, int verbose) 243{ |
240 char password[1024]; | 244 char password[1025]; |
241 PW_CB_DATA cb_tmp; 242 char *gNid = NULL; 243 char *salt = NULL; | 245 PW_CB_DATA cb_tmp; 246 char *gNid = NULL; 247 char *salt = NULL; |
248 int len; |
|
244 cb_tmp.prompt_info = user; 245 cb_tmp.password = passout; 246 | 249 cb_tmp.prompt_info = user; 250 cb_tmp.password = passout; 251 |
247 if (password_callback(password, 1024, 1, &cb_tmp) > 0) { | 252 len = password_callback(password, sizeof(password)-1, 1, &cb_tmp); 253 if (len > 0) { 254 password[len] = 0; |
248 VERBOSE BIO_printf(bio, 249 "Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n", 250 user, g, N); | 255 VERBOSE BIO_printf(bio, 256 "Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n", 257 user, g, N); |
251 if (! 252 (gNid = 253 SRP_create_verifier(user, password, &salt, srp_verifier, N, 254 g))) { | 258 if (!(gNid = SRP_create_verifier(user, password, &salt, 259 srp_verifier, N, g))) { |
255 BIO_printf(bio, "Internal error creating SRP verifier\n"); | 260 BIO_printf(bio, "Internal error creating SRP verifier\n"); |
256 } else | 261 } else { |
257 *srp_usersalt = salt; | 262 *srp_usersalt = salt; |
263 } 264 OPENSSL_cleanse(password, len); |
|
258 VVERBOSE BIO_printf(bio, "gNid=%s salt =\"%s\"\n verifier =\"%s\"\n", 259 gNid, salt, *srp_verifier); 260 261 } 262 return gNid; 263} 264 265int MAIN(int argc, char **argv) --- 43 unchanged lines hidden (view full) --- 309 310 if (bio_err == NULL) 311 if ((bio_err = BIO_new(BIO_s_file())) != NULL) 312 BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT); 313 314 argc--; 315 argv++; 316 while (argc >= 1 && badops == 0) { | 265 VVERBOSE BIO_printf(bio, "gNid=%s salt =\"%s\"\n verifier =\"%s\"\n", 266 gNid, salt, *srp_verifier); 267 268 } 269 return gNid; 270} 271 272int MAIN(int argc, char **argv) --- 43 unchanged lines hidden (view full) --- 316 317 if (bio_err == NULL) 318 if ((bio_err = BIO_new(BIO_s_file())) != NULL) 319 BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT); 320 321 argc--; 322 argv++; 323 while (argc >= 1 && badops == 0) { |
317 if (strcmp(*argv, "-verbose") == 0) | 324 if (strcmp(*argv, "-verbose") == 0) { |
318 verbose++; | 325 verbose++; |
319 else if (strcmp(*argv, "-config") == 0) { | 326 } else if (strcmp(*argv, "-config") == 0) { |
320 if (--argc < 1) 321 goto bad; 322 configfile = *(++argv); 323 } else if (strcmp(*argv, "-name") == 0) { 324 if (--argc < 1) 325 goto bad; 326 section = *(++argv); 327 } else if (strcmp(*argv, "-srpvfile") == 0) { 328 if (--argc < 1) 329 goto bad; 330 dbfile = *(++argv); | 327 if (--argc < 1) 328 goto bad; 329 configfile = *(++argv); 330 } else if (strcmp(*argv, "-name") == 0) { 331 if (--argc < 1) 332 goto bad; 333 section = *(++argv); 334 } else if (strcmp(*argv, "-srpvfile") == 0) { 335 if (--argc < 1) 336 goto bad; 337 dbfile = *(++argv); |
331 } else if (strcmp(*argv, "-add") == 0) | 338 } else if (strcmp(*argv, "-add") == 0) { |
332 add_user = 1; | 339 add_user = 1; |
333 else if (strcmp(*argv, "-delete") == 0) | 340 } else if (strcmp(*argv, "-delete") == 0) { |
334 delete_user = 1; | 341 delete_user = 1; |
335 else if (strcmp(*argv, "-modify") == 0) | 342 } else if (strcmp(*argv, "-modify") == 0) { |
336 modify_user = 1; | 343 modify_user = 1; |
337 else if (strcmp(*argv, "-list") == 0) | 344 } else if (strcmp(*argv, "-list") == 0) { |
338 list_user = 1; | 345 list_user = 1; |
339 else if (strcmp(*argv, "-gn") == 0) { | 346 } else if (strcmp(*argv, "-gn") == 0) { |
340 if (--argc < 1) 341 goto bad; 342 gN = *(++argv); 343 } else if (strcmp(*argv, "-userinfo") == 0) { 344 if (--argc < 1) 345 goto bad; 346 userinfo = *(++argv); 347 } else if (strcmp(*argv, "-passin") == 0) { --- 13 unchanged lines hidden (view full) --- 361 } 362# endif 363 364 else if (**argv == '-') { 365 bad: 366 BIO_printf(bio_err, "unknown option %s\n", *argv); 367 badops = 1; 368 break; | 347 if (--argc < 1) 348 goto bad; 349 gN = *(++argv); 350 } else if (strcmp(*argv, "-userinfo") == 0) { 351 if (--argc < 1) 352 goto bad; 353 userinfo = *(++argv); 354 } else if (strcmp(*argv, "-passin") == 0) { --- 13 unchanged lines hidden (view full) --- 368 } 369# endif 370 371 else if (**argv == '-') { 372 bad: 373 BIO_printf(bio_err, "unknown option %s\n", *argv); 374 badops = 1; 375 break; |
369 } else | 376 } else { |
370 break; | 377 break; |
378 } |
|
371 372 argc--; 373 argv++; 374 } 375 376 if (dbfile && configfile) { 377 BIO_printf(bio_err, 378 "-dbfile and -configfile cannot be specified together.\n"); --- 4 unchanged lines hidden (view full) --- 383 "Exactly one of the options -add, -delete, -modify -list must be specified.\n"); 384 badops = 1; 385 } 386 if (delete_user + modify_user + delete_user == 1 && argc <= 0) { 387 BIO_printf(bio_err, 388 "Need at least one user for options -add, -delete, -modify. \n"); 389 badops = 1; 390 } | 379 380 argc--; 381 argv++; 382 } 383 384 if (dbfile && configfile) { 385 BIO_printf(bio_err, 386 "-dbfile and -configfile cannot be specified together.\n"); --- 4 unchanged lines hidden (view full) --- 391 "Exactly one of the options -add, -delete, -modify -list must be specified.\n"); 392 badops = 1; 393 } 394 if (delete_user + modify_user + delete_user == 1 && argc <= 0) { 395 BIO_printf(bio_err, 396 "Need at least one user for options -add, -delete, -modify. \n"); 397 badops = 1; 398 } |
391 if ((passin || passout) && argc != 1) { | 399 if ((passargin || passargout) && argc != 1) { |
392 BIO_printf(bio_err, 393 "-passin, -passout arguments only valid with one user.\n"); 394 badops = 1; 395 } 396 397 if (badops) { 398 for (pp = srp_usage; (*pp != NULL); pp++) 399 BIO_printf(bio_err, "%s", *pp); --- 301 unchanged lines hidden (view full) --- 701 sk_OPENSSL_PSTRING_value(db->db->data, userindex); 702 BIO_printf(bio_err, "user \"%s\" revoked. t\n", user); 703 704 xpp[DB_srptype][0] = 'R'; 705 706 doupdatedb = 1; 707 } 708 } | 400 BIO_printf(bio_err, 401 "-passin, -passout arguments only valid with one user.\n"); 402 badops = 1; 403 } 404 405 if (badops) { 406 for (pp = srp_usage; (*pp != NULL); pp++) 407 BIO_printf(bio_err, "%s", *pp); --- 301 unchanged lines hidden (view full) --- 709 sk_OPENSSL_PSTRING_value(db->db->data, userindex); 710 BIO_printf(bio_err, "user \"%s\" revoked. t\n", user); 711 712 xpp[DB_srptype][0] = 'R'; 713 714 doupdatedb = 1; 715 } 716 } |
709 if (--argc > 0) | 717 if (--argc > 0) { |
710 user = *(argv++); | 718 user = *(argv++); |
711 else { | 719 } else { |
712 user = NULL; 713 list_user = 0; 714 } 715 } 716 717 VERBOSE BIO_printf(bio_err, "User procession done.\n"); 718 719 if (doupdatedb) { --- 47 unchanged lines hidden --- | 720 user = NULL; 721 list_user = 0; 722 } 723 } 724 725 VERBOSE BIO_printf(bio_err, "User procession done.\n"); 726 727 if (doupdatedb) { --- 47 unchanged lines hidden --- |