Loading apps/apps.c +11 −3 Original line number Diff line number Diff line Loading @@ -2381,7 +2381,7 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx) BIO_free(out); } #ifdef OPENSSL_EXPERIMENTAL_JPAKE #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) static JPAKE_CTX *jpake_init(const char *us, const char *them, const char *secret) Loading Loading @@ -2564,10 +2564,14 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret) jpake_send_step3a(bconn, ctx); jpake_receive_step3b(ctx, bconn); BIO_puts(out, "JPAKE authentication succeeded\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_free(bconn); JPAKE_CTX_free(ctx); } void jpake_server_auth(BIO *out, BIO *conn, const char *secret) Loading @@ -2589,10 +2593,14 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret) jpake_receive_step3a(ctx, bconn); jpake_send_step3b(bconn, ctx); BIO_puts(out, "JPAKE authentication succeeded\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_free(bconn); JPAKE_CTX_free(ctx); } #endif Loading apps/apps.h +1 −0 Original line number Diff line number Diff line Loading @@ -309,6 +309,7 @@ int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value); int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e, int do_param); #ifdef OPENSSL_EXPERIMENTAL_JPAKE extern char *psk_key; void jpake_client_auth(BIO *out, BIO *conn, const char *secret); void jpake_server_auth(BIO *out, BIO *conn, const char *secret); #endif Loading apps/s_client.c +26 −3 Original line number Diff line number Diff line Loading @@ -215,7 +215,7 @@ static int c_ign_eof=0; #ifndef OPENSSL_NO_PSK /* Default PSK identity and key */ static char *psk_identity="Client_identity"; static char *psk_key=NULL; /* by default PSK is not used */ /*char *psk_key=NULL; by default PSK is not used */ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, Loading Loading @@ -312,6 +312,9 @@ static void sc_usage(void) #ifndef OPENSSL_NO_PSK BIO_printf(bio_err," -psk_identity arg - PSK identity\n"); BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); # ifdef OPENSSL_EXPERIMENTAL_JPAKE BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); # endif #endif BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); Loading Loading @@ -724,6 +727,26 @@ bad: goto end; } #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) { if (psk_key) { BIO_printf(bio_err, "Can't use JPAKE and PSK together\n"); goto end; } psk_identity = "JPAKE"; } if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; #endif OpenSSL_add_ssl_algorithms(); SSL_load_error_strings(); Loading Loading @@ -822,10 +845,10 @@ bad: #endif #ifndef OPENSSL_NO_PSK if (psk_key != NULL) if (psk_key != NULL || jpake_secret) { if (c_debug) BIO_printf(bio_c_out, "PSK key given, setting client callback\n"); BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); } #endif Loading apps/s_server.c +30 −5 Original line number Diff line number Diff line Loading @@ -302,7 +302,7 @@ static int cert_chain = 0; #ifndef OPENSSL_NO_PSK static char *psk_identity="Client_identity"; static char *psk_key=NULL; /* by default PSK is not used */ char *psk_key=NULL; /* by default PSK is not used */ static unsigned int psk_server_cb(SSL *ssl, const char *identity, unsigned char *psk, unsigned int max_psk_len) Loading @@ -325,7 +325,9 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, /* here we could lookup the given identity e.g. from a database */ if (strcmp(identity, psk_identity) != 0) { BIO_printf(bio_s_out, "PSK error: client identity not found\n"); BIO_printf(bio_s_out, "PSK error: client identity not found" " (got '%s' expected '%s')\n", identity, psk_identity); goto out_err; } if (s_debug) Loading Loading @@ -448,6 +450,9 @@ static void sv_usage(void) #ifndef OPENSSL_NO_PSK BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); # ifdef OPENSSL_EXPERIMENTAL_JPAKE BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); # endif #endif BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); Loading Loading @@ -1184,7 +1189,7 @@ int MAIN(int argc, char *argv[]) } #endif #ifdef OPENSSL_EXPERIMENTAL_JPAKE #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) else if (strcmp(*argv,"-jpake") == 0) { if (--argc < 1) goto bad; Loading @@ -1207,6 +1212,26 @@ bad: goto end; } #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) { if (psk_key) { BIO_printf(bio_err, "Can't use JPAKE and PSK together\n"); goto end; } psk_identity = "JPAKE"; } if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; #endif SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); Loading Loading @@ -1591,10 +1616,10 @@ bad: #endif #ifndef OPENSSL_NO_PSK if (psk_key != NULL) if (psk_key != NULL || jpake_secret) { if (s_debug) BIO_printf(bio_s_out, "PSK key given, setting server callback\n"); BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); } Loading crypto/jpake/jpaketest.c +14 −0 Original line number Diff line number Diff line #ifndef OPENSSL_EXPERIMENTAL_JPAKE #include <stdio.h> int main(int argc, char *argv[]) { printf("No J-PAKE support\n"); return(0); } #else #include <openssl/jpake.h> #include <openssl/err.h> Loading Loading @@ -174,3 +186,5 @@ int main(int argc, char **argv) return 0; } #endif Loading
apps/apps.c +11 −3 Original line number Diff line number Diff line Loading @@ -2381,7 +2381,7 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx) BIO_free(out); } #ifdef OPENSSL_EXPERIMENTAL_JPAKE #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) static JPAKE_CTX *jpake_init(const char *us, const char *them, const char *secret) Loading Loading @@ -2564,10 +2564,14 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret) jpake_send_step3a(bconn, ctx); jpake_receive_step3b(ctx, bconn); BIO_puts(out, "JPAKE authentication succeeded\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_free(bconn); JPAKE_CTX_free(ctx); } void jpake_server_auth(BIO *out, BIO *conn, const char *secret) Loading @@ -2589,10 +2593,14 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret) jpake_receive_step3a(ctx, bconn); jpake_send_step3b(bconn, ctx); BIO_puts(out, "JPAKE authentication succeeded\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_free(bconn); JPAKE_CTX_free(ctx); } #endif Loading
apps/apps.h +1 −0 Original line number Diff line number Diff line Loading @@ -309,6 +309,7 @@ int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value); int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e, int do_param); #ifdef OPENSSL_EXPERIMENTAL_JPAKE extern char *psk_key; void jpake_client_auth(BIO *out, BIO *conn, const char *secret); void jpake_server_auth(BIO *out, BIO *conn, const char *secret); #endif Loading
apps/s_client.c +26 −3 Original line number Diff line number Diff line Loading @@ -215,7 +215,7 @@ static int c_ign_eof=0; #ifndef OPENSSL_NO_PSK /* Default PSK identity and key */ static char *psk_identity="Client_identity"; static char *psk_key=NULL; /* by default PSK is not used */ /*char *psk_key=NULL; by default PSK is not used */ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, Loading Loading @@ -312,6 +312,9 @@ static void sc_usage(void) #ifndef OPENSSL_NO_PSK BIO_printf(bio_err," -psk_identity arg - PSK identity\n"); BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); # ifdef OPENSSL_EXPERIMENTAL_JPAKE BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); # endif #endif BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); Loading Loading @@ -724,6 +727,26 @@ bad: goto end; } #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) { if (psk_key) { BIO_printf(bio_err, "Can't use JPAKE and PSK together\n"); goto end; } psk_identity = "JPAKE"; } if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; #endif OpenSSL_add_ssl_algorithms(); SSL_load_error_strings(); Loading Loading @@ -822,10 +845,10 @@ bad: #endif #ifndef OPENSSL_NO_PSK if (psk_key != NULL) if (psk_key != NULL || jpake_secret) { if (c_debug) BIO_printf(bio_c_out, "PSK key given, setting client callback\n"); BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); } #endif Loading
apps/s_server.c +30 −5 Original line number Diff line number Diff line Loading @@ -302,7 +302,7 @@ static int cert_chain = 0; #ifndef OPENSSL_NO_PSK static char *psk_identity="Client_identity"; static char *psk_key=NULL; /* by default PSK is not used */ char *psk_key=NULL; /* by default PSK is not used */ static unsigned int psk_server_cb(SSL *ssl, const char *identity, unsigned char *psk, unsigned int max_psk_len) Loading @@ -325,7 +325,9 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, /* here we could lookup the given identity e.g. from a database */ if (strcmp(identity, psk_identity) != 0) { BIO_printf(bio_s_out, "PSK error: client identity not found\n"); BIO_printf(bio_s_out, "PSK error: client identity not found" " (got '%s' expected '%s')\n", identity, psk_identity); goto out_err; } if (s_debug) Loading Loading @@ -448,6 +450,9 @@ static void sv_usage(void) #ifndef OPENSSL_NO_PSK BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); # ifdef OPENSSL_EXPERIMENTAL_JPAKE BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); # endif #endif BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); Loading Loading @@ -1184,7 +1189,7 @@ int MAIN(int argc, char *argv[]) } #endif #ifdef OPENSSL_EXPERIMENTAL_JPAKE #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) else if (strcmp(*argv,"-jpake") == 0) { if (--argc < 1) goto bad; Loading @@ -1207,6 +1212,26 @@ bad: goto end; } #if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) { if (psk_key) { BIO_printf(bio_err, "Can't use JPAKE and PSK together\n"); goto end; } psk_identity = "JPAKE"; } if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; #endif SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); Loading Loading @@ -1591,10 +1616,10 @@ bad: #endif #ifndef OPENSSL_NO_PSK if (psk_key != NULL) if (psk_key != NULL || jpake_secret) { if (s_debug) BIO_printf(bio_s_out, "PSK key given, setting server callback\n"); BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); } Loading
crypto/jpake/jpaketest.c +14 −0 Original line number Diff line number Diff line #ifndef OPENSSL_EXPERIMENTAL_JPAKE #include <stdio.h> int main(int argc, char *argv[]) { printf("No J-PAKE support\n"); return(0); } #else #include <openssl/jpake.h> #include <openssl/err.h> Loading Loading @@ -174,3 +186,5 @@ int main(int argc, char **argv) return 0; } #endif
