Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
f3b7bdad
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
f3b7bdad
编写于
11月 16, 2008
作者:
B
Ben Laurie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
上级
ad7159ea
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
83 addition
and
12 deletion
+83
-12
apps/apps.c
apps/apps.c
+11
-3
apps/apps.h
apps/apps.h
+1
-0
apps/s_client.c
apps/s_client.c
+26
-3
apps/s_server.c
apps/s_server.c
+30
-5
crypto/jpake/jpaketest.c
crypto/jpake/jpaketest.c
+14
-0
ssl/ssl.h
ssl/ssl.h
+1
-1
未找到文件。
apps/apps.c
浏览文件 @
f3b7bdad
...
...
@@ -2381,7 +2381,7 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx)
BIO_free
(
out
);
}
#if
def OPENSSL_EXPERIMENTAL_JPAKE
#if
defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
static
JPAKE_CTX
*
jpake_init
(
const
char
*
us
,
const
char
*
them
,
const
char
*
secret
)
...
...
@@ -2564,10 +2564,14 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
jpake_send_step3a
(
bconn
,
ctx
);
jpake_receive_step3b
(
ctx
,
bconn
);
BIO_puts
(
out
,
"JPAKE authentication succeeded
\n
"
);
BIO_puts
(
out
,
"JPAKE authentication succeeded, setting PSK
\n
"
);
psk_key
=
BN_bn2hex
(
JPAKE_get_shared_key
(
ctx
));
BIO_pop
(
bconn
);
BIO_free
(
bconn
);
JPAKE_CTX_free
(
ctx
);
}
void
jpake_server_auth
(
BIO
*
out
,
BIO
*
conn
,
const
char
*
secret
)
...
...
@@ -2589,10 +2593,14 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
jpake_receive_step3a
(
ctx
,
bconn
);
jpake_send_step3b
(
bconn
,
ctx
);
BIO_puts
(
out
,
"JPAKE authentication succeeded
\n
"
);
BIO_puts
(
out
,
"JPAKE authentication succeeded, setting PSK
\n
"
);
psk_key
=
BN_bn2hex
(
JPAKE_get_shared_key
(
ctx
));
BIO_pop
(
bconn
);
BIO_free
(
bconn
);
JPAKE_CTX_free
(
ctx
);
}
#endif
...
...
apps/apps.h
浏览文件 @
f3b7bdad
...
...
@@ -309,6 +309,7 @@ int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
int
init_gen_str
(
BIO
*
err
,
EVP_PKEY_CTX
**
pctx
,
const
char
*
algname
,
ENGINE
*
e
,
int
do_param
);
#ifdef OPENSSL_EXPERIMENTAL_JPAKE
extern
char
*
psk_key
;
void
jpake_client_auth
(
BIO
*
out
,
BIO
*
conn
,
const
char
*
secret
);
void
jpake_server_auth
(
BIO
*
out
,
BIO
*
conn
,
const
char
*
secret
);
#endif
...
...
apps/s_client.c
浏览文件 @
f3b7bdad
...
...
@@ -215,7 +215,7 @@ static int c_ign_eof=0;
#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
static
char
*
psk_identity
=
"Client_identity"
;
static
char
*
psk_key
=
NULL
;
/*
by default PSK is not used */
/*char *psk_key=NULL;
by default PSK is not used */
static
unsigned
int
psk_client_cb
(
SSL
*
ssl
,
const
char
*
hint
,
char
*
identity
,
unsigned
int
max_identity_len
,
unsigned
char
*
psk
,
...
...
@@ -312,6 +312,9 @@ static void sc_usage(void)
#ifndef OPENSSL_NO_PSK
BIO_printf
(
bio_err
,
" -psk_identity arg - PSK identity
\n
"
);
BIO_printf
(
bio_err
,
" -psk arg - PSK in hex (without 0x)
\n
"
);
# ifdef OPENSSL_EXPERIMENTAL_JPAKE
BIO_printf
(
bio_err
,
" -jpake arg - JPAKE secret to use
\n
"
);
# endif
#endif
BIO_printf
(
bio_err
,
" -ssl2 - just use SSLv2
\n
"
);
BIO_printf
(
bio_err
,
" -ssl3 - just use SSLv3
\n
"
);
...
...
@@ -724,6 +727,26 @@ bad:
goto
end
;
}
#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
if
(
jpake_secret
)
{
if
(
psk_key
)
{
BIO_printf
(
bio_err
,
"Can't use JPAKE and PSK together
\n
"
);
goto
end
;
}
psk_identity
=
"JPAKE"
;
}
if
(
cipher
)
{
BIO_printf
(
bio_err
,
"JPAKE sets cipher to PSK
\n
"
);
goto
end
;
}
cipher
=
"PSK"
;
#endif
OpenSSL_add_ssl_algorithms
();
SSL_load_error_strings
();
...
...
@@ -822,10 +845,10 @@ bad:
#endif
#ifndef OPENSSL_NO_PSK
if
(
psk_key
!=
NULL
)
if
(
psk_key
!=
NULL
||
jpake_secret
)
{
if
(
c_debug
)
BIO_printf
(
bio_c_out
,
"PSK key given, setting client callback
\n
"
);
BIO_printf
(
bio_c_out
,
"PSK key given
or JPAKE in use
, setting client callback
\n
"
);
SSL_CTX_set_psk_client_callback
(
ctx
,
psk_client_cb
);
}
#endif
...
...
apps/s_server.c
浏览文件 @
f3b7bdad
...
...
@@ -302,7 +302,7 @@ static int cert_chain = 0;
#ifndef OPENSSL_NO_PSK
static
char
*
psk_identity
=
"Client_identity"
;
static
char
*
psk_key
=
NULL
;
/* by default PSK is not used */
char
*
psk_key
=
NULL
;
/* by default PSK is not used */
static
unsigned
int
psk_server_cb
(
SSL
*
ssl
,
const
char
*
identity
,
unsigned
char
*
psk
,
unsigned
int
max_psk_len
)
...
...
@@ -325,7 +325,9 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
/* here we could lookup the given identity e.g. from a database */
if
(
strcmp
(
identity
,
psk_identity
)
!=
0
)
{
BIO_printf
(
bio_s_out
,
"PSK error: client identity not found
\n
"
);
BIO_printf
(
bio_s_out
,
"PSK error: client identity not found"
" (got '%s' expected '%s')
\n
"
,
identity
,
psk_identity
);
goto
out_err
;
}
if
(
s_debug
)
...
...
@@ -448,6 +450,9 @@ static void sv_usage(void)
#ifndef OPENSSL_NO_PSK
BIO_printf
(
bio_err
,
" -psk_hint arg - PSK identity hint to use
\n
"
);
BIO_printf
(
bio_err
,
" -psk arg - PSK in hex (without 0x)
\n
"
);
# ifdef OPENSSL_EXPERIMENTAL_JPAKE
BIO_printf
(
bio_err
,
" -jpake arg - JPAKE secret to use
\n
"
);
# endif
#endif
BIO_printf
(
bio_err
,
" -ssl2 - Just talk SSLv2
\n
"
);
BIO_printf
(
bio_err
,
" -ssl3 - Just talk SSLv3
\n
"
);
...
...
@@ -1184,7 +1189,7 @@ int MAIN(int argc, char *argv[])
}
#endif
#if
def OPENSSL_EXPERIMENTAL_JPAKE
#if
defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
else
if
(
strcmp
(
*
argv
,
"-jpake"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
...
...
@@ -1207,6 +1212,26 @@ bad:
goto
end
;
}
#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
if
(
jpake_secret
)
{
if
(
psk_key
)
{
BIO_printf
(
bio_err
,
"Can't use JPAKE and PSK together
\n
"
);
goto
end
;
}
psk_identity
=
"JPAKE"
;
}
if
(
cipher
)
{
BIO_printf
(
bio_err
,
"JPAKE sets cipher to PSK
\n
"
);
goto
end
;
}
cipher
=
"PSK"
;
#endif
SSL_load_error_strings
();
OpenSSL_add_ssl_algorithms
();
...
...
@@ -1591,10 +1616,10 @@ bad:
#endif
#ifndef OPENSSL_NO_PSK
if
(
psk_key
!=
NULL
)
if
(
psk_key
!=
NULL
||
jpake_secret
)
{
if
(
s_debug
)
BIO_printf
(
bio_s_out
,
"PSK key given, setting server callback
\n
"
);
BIO_printf
(
bio_s_out
,
"PSK key given
or JPAKE in use
, setting server callback
\n
"
);
SSL_CTX_set_psk_server_callback
(
ctx
,
psk_server_cb
);
}
...
...
crypto/jpake/jpaketest.c
浏览文件 @
f3b7bdad
#ifndef OPENSSL_EXPERIMENTAL_JPAKE
#include <stdio.h>
int
main
(
int
argc
,
char
*
argv
[])
{
printf
(
"No J-PAKE support
\n
"
);
return
(
0
);
}
#else
#include <openssl/jpake.h>
#include <openssl/err.h>
...
...
@@ -174,3 +186,5 @@ int main(int argc, char **argv)
return
0
;
}
#endif
ssl/ssl.h
浏览文件 @
f3b7bdad
...
...
@@ -910,7 +910,7 @@ void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL
/* the maximum length of the buffer given to callbacks containing the
* resulting identity/psk */
#define PSK_MAX_IDENTITY_LEN 128
#define PSK_MAX_PSK_LEN
64
#define PSK_MAX_PSK_LEN
256
void
SSL_CTX_set_psk_client_callback
(
SSL_CTX
*
ctx
,
unsigned
int
(
*
psk_client_callback
)(
SSL
*
ssl
,
const
char
*
hint
,
char
*
identity
,
unsigned
int
max_identity_len
,
unsigned
char
*
psk
,
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录