Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | #ifndef OPENSSL_NO_SRP | - |
15 | # include "internal/cryptlib.h" | - |
16 | # include <openssl/sha.h> | - |
17 | # include <openssl/srp.h> | - |
18 | # include <openssl/evp.h> | - |
19 | # include "internal/bn_srp.h" | - |
20 | | - |
21 | | - |
22 | | - |
23 | static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N) | - |
24 | { | - |
25 | unsigned char digest[SHA_DIGEST_LENGTH]; | - |
26 | unsigned char *tmp = NULL; | - |
27 | int numN = BN_num_bytes(N); | - |
28 | BIGNUM *res = NULL; | - |
29 | if (x != N && BN_ucmp(x, N) >= 0)TRUE | evaluated 23 times by 1 test | FALSE | evaluated 26 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 23 times by 1 test |
| 0-26 |
30 | return NULL; never executed: return ((void *)0) ; | 0 |
31 | if (y != N && BN_ucmp(y, N) >= 0)TRUE | evaluated 49 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 49 times by 1 test |
| 0-49 |
32 | return NULL; never executed: return ((void *)0) ; | 0 |
33 | if ((tmp = OPENSSL_malloc(numN * 2)) == NULL)TRUE | never evaluated | FALSE | evaluated 49 times by 1 test |
| 0-49 |
34 | goto err; never executed: goto err; | 0 |
35 | if (BN_bn2binpad(x, tmp, numN) < 0TRUE | never evaluated | FALSE | evaluated 49 times by 1 test |
| 0-49 |
36 | || BN_bn2binpad(y, tmp + numN, numN) < 0TRUE | never evaluated | FALSE | evaluated 49 times by 1 test |
| 0-49 |
37 | || !EVP_Digest(tmp, numN * 2, digest, NULL, EVP_sha1(), NULL))TRUE | never evaluated | FALSE | evaluated 49 times by 1 test |
| 0-49 |
38 | goto err; never executed: goto err; | 0 |
39 | res = BN_bin2bn(digest, sizeof(digest), NULL); | - |
40 | err:code before this statement executed 49 times by 1 test: err: | 49 |
41 | OPENSSL_free(tmp); | - |
42 | return res;executed 49 times by 1 test: return res; | 49 |
43 | } | - |
44 | | - |
45 | static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g) | - |
46 | { | - |
47 | | - |
48 | return srp_Calc_xy(N, g, N);executed 26 times by 1 test: return srp_Calc_xy(N, g, N); | 26 |
49 | } | - |
50 | | - |
51 | BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N) | - |
52 | { | - |
53 | | - |
54 | return srp_Calc_xy(A, B, N);executed 23 times by 1 test: return srp_Calc_xy(A, B, N); | 23 |
55 | } | - |
56 | | - |
57 | BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u, | - |
58 | const BIGNUM *b, const BIGNUM *N) | - |
59 | { | - |
60 | BIGNUM *tmp = NULL, *S = NULL; | - |
61 | BN_CTX *bn_ctx; | - |
62 | | - |
63 | if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
64 | return NULL; never executed: return ((void *)0) ; | 0 |
65 | | - |
66 | if ((bn_ctx = BN_CTX_new()) == NULL || (tmp = BN_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
67 | goto err; never executed: goto err; | 0 |
68 | | - |
69 | | - |
70 | | - |
71 | if (!BN_mod_exp(tmp, v, u, N, bn_ctx))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
72 | goto err; never executed: goto err; | 0 |
73 | if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
74 | goto err; never executed: goto err; | 0 |
75 | | - |
76 | S = BN_new(); | - |
77 | if (S != NULL && !BN_mod_exp(S, tmp, b, N, bn_ctx)) {TRUE | evaluated 13 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
78 | BN_free(S); | - |
79 | S = NULL; | - |
80 | } never executed: end of block | 0 |
81 | err:code before this statement executed 13 times by 1 test: err: | 13 |
82 | BN_CTX_free(bn_ctx); | - |
83 | BN_clear_free(tmp); | - |
84 | return S;executed 13 times by 1 test: return S; | 13 |
85 | } | - |
86 | | - |
87 | BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, | - |
88 | const BIGNUM *v) | - |
89 | { | - |
90 | BIGNUM *kv = NULL, *gb = NULL; | - |
91 | BIGNUM *B = NULL, *k = NULL; | - |
92 | BN_CTX *bn_ctx; | - |
93 | | - |
94 | if (b == NULL || N == NULL || g == NULL || v == NULL ||TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
95 | (bn_ctx = BN_CTX_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
96 | return NULL; never executed: return ((void *)0) ; | 0 |
97 | | - |
98 | if ((kv = BN_new()) == NULL ||TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
99 | (gb = BN_new()) == NULL || (B = BN_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
100 | goto err; never executed: goto err; | 0 |
101 | | - |
102 | | - |
103 | | - |
104 | if (!BN_mod_exp(gb, g, b, N, bn_ctx)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
105 | || (k = srp_Calc_k(N, g)) == NULLTRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
106 | || !BN_mod_mul(kv, v, k, N, bn_ctx)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
107 | || !BN_mod_add(B, gb, kv, N, bn_ctx)) {TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
108 | BN_free(B); | - |
109 | B = NULL; | - |
110 | } never executed: end of block | 0 |
111 | err:code before this statement executed 13 times by 1 test: err: | 13 |
112 | BN_CTX_free(bn_ctx); | - |
113 | BN_clear_free(kv); | - |
114 | BN_clear_free(gb); | - |
115 | BN_free(k); | - |
116 | return B;executed 13 times by 1 test: return B; | 13 |
117 | } | - |
118 | | - |
119 | BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass) | - |
120 | { | - |
121 | unsigned char dig[SHA_DIGEST_LENGTH]; | - |
122 | EVP_MD_CTX *ctxt; | - |
123 | unsigned char *cs = NULL; | - |
124 | BIGNUM *res = NULL; | - |
125 | | - |
126 | if ((s == NULL) || (user == NULL) || (pass == NULL))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
127 | return NULL; never executed: return ((void *)0) ; | 0 |
128 | | - |
129 | ctxt = EVP_MD_CTX_new(); | - |
130 | if (ctxt == NULL)TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
131 | return NULL; never executed: return ((void *)0) ; | 0 |
132 | if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
133 | goto err; never executed: goto err; | 0 |
134 | | - |
135 | if (!EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL)TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
136 | || !EVP_DigestUpdate(ctxt, user, strlen(user))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
137 | || !EVP_DigestUpdate(ctxt, ":", 1)TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
138 | || !EVP_DigestUpdate(ctxt, pass, strlen(pass))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
139 | || !EVP_DigestFinal_ex(ctxt, dig, NULL)TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
140 | || !EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
141 | goto err; never executed: goto err; | 0 |
142 | BN_bn2bin(s, cs); | - |
143 | if (!EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s)))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
144 | goto err; never executed: goto err; | 0 |
145 | | - |
146 | if (!EVP_DigestUpdate(ctxt, dig, sizeof(dig))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
147 | || !EVP_DigestFinal_ex(ctxt, dig, NULL))TRUE | never evaluated | FALSE | evaluated 24 times by 1 test |
| 0-24 |
148 | goto err; never executed: goto err; | 0 |
149 | | - |
150 | res = BN_bin2bn(dig, sizeof(dig), NULL); | - |
151 | | - |
152 | err:code before this statement executed 24 times by 1 test: err: | 24 |
153 | OPENSSL_free(cs); | - |
154 | EVP_MD_CTX_free(ctxt); | - |
155 | return res;executed 24 times by 1 test: return res; | 24 |
156 | } | - |
157 | | - |
158 | BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g) | - |
159 | { | - |
160 | BN_CTX *bn_ctx; | - |
161 | BIGNUM *A = NULL; | - |
162 | | - |
163 | if (a == NULL || N == NULL || g == NULL || (bn_ctx = BN_CTX_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
164 | return NULL; never executed: return ((void *)0) ; | 0 |
165 | | - |
166 | if ((A = BN_new()) != NULL && !BN_mod_exp(A, g, a, N, bn_ctx)) {TRUE | evaluated 13 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
167 | BN_free(A); | - |
168 | A = NULL; | - |
169 | } never executed: end of block | 0 |
170 | BN_CTX_free(bn_ctx); | - |
171 | return A;executed 13 times by 1 test: return A; | 13 |
172 | } | - |
173 | | - |
174 | BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g, | - |
175 | const BIGNUM *x, const BIGNUM *a, const BIGNUM *u) | - |
176 | { | - |
177 | BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL; | - |
178 | BN_CTX *bn_ctx; | - |
179 | | - |
180 | if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULLTRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
181 | || a == NULL || (bn_ctx = BN_CTX_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
182 | return NULL; never executed: return ((void *)0) ; | 0 |
183 | | - |
184 | if ((tmp = BN_new()) == NULL ||TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
185 | (tmp2 = BN_new()) == NULL ||TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
186 | (tmp3 = BN_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
187 | goto err; never executed: goto err; | 0 |
188 | | - |
189 | if (!BN_mod_exp(tmp, g, x, N, bn_ctx))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
190 | goto err; never executed: goto err; | 0 |
191 | if ((k = srp_Calc_k(N, g)) == NULL)TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
192 | goto err; never executed: goto err; | 0 |
193 | if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
194 | goto err; never executed: goto err; | 0 |
195 | if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
196 | goto err; never executed: goto err; | 0 |
197 | if (!BN_mul(tmp3, u, x, bn_ctx))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
198 | goto err; never executed: goto err; | 0 |
199 | if (!BN_add(tmp2, a, tmp3))TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
200 | goto err; never executed: goto err; | 0 |
201 | K = BN_new(); | - |
202 | if (K != NULL && !BN_mod_exp(K, tmp, tmp2, N, bn_ctx)) {TRUE | evaluated 13 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
| 0-13 |
203 | BN_free(K); | - |
204 | K = NULL; | - |
205 | } never executed: end of block | 0 |
206 | | - |
207 | err:code before this statement executed 13 times by 1 test: err: | 13 |
208 | BN_CTX_free(bn_ctx); | - |
209 | BN_clear_free(tmp); | - |
210 | BN_clear_free(tmp2); | - |
211 | BN_clear_free(tmp3); | - |
212 | BN_free(k); | - |
213 | return K;executed 13 times by 1 test: return K; | 13 |
214 | } | - |
215 | | - |
216 | int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N) | - |
217 | { | - |
218 | BIGNUM *r; | - |
219 | BN_CTX *bn_ctx; | - |
220 | int ret = 0; | - |
221 | | - |
222 | if (B == NULL || N == NULL || (bn_ctx = BN_CTX_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 26 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 26 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 26 times by 1 test |
| 0-26 |
223 | return 0; never executed: return 0; | 0 |
224 | | - |
225 | if ((r = BN_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 26 times by 1 test |
| 0-26 |
226 | goto err; never executed: goto err; | 0 |
227 | | - |
228 | if (!BN_nnmod(r, B, N, bn_ctx))TRUE | never evaluated | FALSE | evaluated 26 times by 1 test |
| 0-26 |
229 | goto err; never executed: goto err; | 0 |
230 | ret = !BN_is_zero(r); | - |
231 | err:code before this statement executed 26 times by 1 test: err: | 26 |
232 | BN_CTX_free(bn_ctx); | - |
233 | BN_free(r); | - |
234 | return ret;executed 26 times by 1 test: return ret; | 26 |
235 | } | - |
236 | | - |
237 | int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N) | - |
238 | { | - |
239 | | - |
240 | return SRP_Verify_B_mod_N(A, N);executed 13 times by 1 test: return SRP_Verify_B_mod_N(A, N); | 13 |
241 | } | - |
242 | | - |
243 | static SRP_gN knowngN[] = { | - |
244 | {"8192", &bn_generator_19, &bn_group_8192}, | - |
245 | {"6144", &bn_generator_5, &bn_group_6144}, | - |
246 | {"4096", &bn_generator_5, &bn_group_4096}, | - |
247 | {"3072", &bn_generator_5, &bn_group_3072}, | - |
248 | {"2048", &bn_generator_2, &bn_group_2048}, | - |
249 | {"1536", &bn_generator_2, &bn_group_1536}, | - |
250 | {"1024", &bn_generator_2, &bn_group_1024}, | - |
251 | }; | - |
252 | | - |
253 | # define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN) | - |
254 | | - |
255 | | - |
256 | | - |
257 | | - |
258 | | - |
259 | char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N) | - |
260 | { | - |
261 | size_t i; | - |
262 | if ((g == NULL) || (N == NULL))TRUE | never evaluated | FALSE | evaluated 10 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 10 times by 1 test |
| 0-10 |
263 | return 0; never executed: return 0; | 0 |
264 | | - |
265 | for (i = 0; i < KNOWN_GN_NUMBER; i++) {TRUE | evaluated 26 times by 1 test | FALSE | never evaluated |
| 0-26 |
266 | if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0)TRUE | evaluated 10 times by 1 test | FALSE | evaluated 16 times by 1 test |
TRUE | evaluated 10 times by 1 test | FALSE | never evaluated |
| 0-16 |
267 | return knowngN[i].id;executed 10 times by 1 test: return knowngN[i].id; | 10 |
268 | }executed 16 times by 1 test: end of block | 16 |
269 | return NULL; never executed: return ((void *)0) ; | 0 |
270 | } | - |
271 | | - |
272 | SRP_gN *SRP_get_default_gN(const char *id) | - |
273 | { | - |
274 | size_t i; | - |
275 | | - |
276 | if (id == NULL)TRUE | evaluated 4 times by 1 test | FALSE | evaluated 11 times by 1 test |
| 4-11 |
277 | return knowngN;executed 4 times by 1 test: return knowngN; | 4 |
278 | for (i = 0; i < KNOWN_GN_NUMBER; i++) {TRUE | evaluated 45 times by 1 test | FALSE | never evaluated |
| 0-45 |
279 | if (strcmp(knowngN[i].id, id) == 0) never executed: __result = (((const unsigned char *) (const char *) ( knowngN[i].id ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( id ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 11 times by 1 test | FALSE | evaluated 34 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-34 |
280 | return knowngN + i;executed 11 times by 1 test: return knowngN + i; | 11 |
281 | }executed 34 times by 1 test: end of block | 34 |
282 | return NULL; never executed: return ((void *)0) ; | 0 |
283 | } | - |
284 | #endif | - |
| | |