Home | History | Annotate | Download | only in srp
      1 /* crypto/srp/srp_vfy.c */
      2 /* Written by Christophe Renou (christophe.renou (at) edelweb.fr) with
      3  * the precious help of Peter Sylvester (peter.sylvester (at) edelweb.fr)
      4  * for the EdelKey project and contributed to the OpenSSL project 2004.
      5  */
      6 /* ====================================================================
      7  * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
      8  *
      9  * Redistribution and use in source and binary forms, with or without
     10  * modification, are permitted provided that the following conditions
     11  * are met:
     12  *
     13  * 1. Redistributions of source code must retain the above copyright
     14  *    notice, this list of conditions and the following disclaimer.
     15  *
     16  * 2. Redistributions in binary form must reproduce the above copyright
     17  *    notice, this list of conditions and the following disclaimer in
     18  *    the documentation and/or other materials provided with the
     19  *    distribution.
     20  *
     21  * 3. All advertising materials mentioning features or use of this
     22  *    software must display the following acknowledgment:
     23  *    "This product includes software developed by the OpenSSL Project
     24  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
     25  *
     26  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
     27  *    endorse or promote products derived from this software without
     28  *    prior written permission. For written permission, please contact
     29  *    licensing (at) OpenSSL.org.
     30  *
     31  * 5. Products derived from this software may not be called "OpenSSL"
     32  *    nor may "OpenSSL" appear in their names without prior written
     33  *    permission of the OpenSSL Project.
     34  *
     35  * 6. Redistributions of any form whatsoever must retain the following
     36  *    acknowledgment:
     37  *    "This product includes software developed by the OpenSSL Project
     38  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
     39  *
     40  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
     41  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     43  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
     44  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     45  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     46  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     47  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     49  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     50  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     51  * OF THE POSSIBILITY OF SUCH DAMAGE.
     52  * ====================================================================
     53  *
     54  * This product includes cryptographic software written by Eric Young
     55  * (eay (at) cryptsoft.com).  This product includes software written by Tim
     56  * Hudson (tjh (at) cryptsoft.com).
     57  *
     58  */
     59 #ifndef OPENSSL_NO_SRP
     60 #include "cryptlib.h"
     61 #include "srp_lcl.h"
     62 #include <openssl/srp.h>
     63 #include <openssl/evp.h>
     64 #include <openssl/buffer.h>
     65 #include <openssl/rand.h>
     66 #include <openssl/txt_db.h>
     67 
     68 #define SRP_RANDOM_SALT_LEN 20
     69 #define MAX_LEN 2500
     70 
     71 static char b64table[] =
     72   "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
     73 
     74 /* the following two conversion routines have been inspired by code from Stanford */
     75 
     76 /*
     77  * Convert a base64 string into raw byte array representation.
     78  */
     79 static int t_fromb64(unsigned char *a, const char *src)
     80 	{
     81 	char *loc;
     82 	int i, j;
     83 	int size;
     84 
     85 	while(*src && (*src == ' ' || *src == '\t' || *src == '\n'))
     86 		++src;
     87 	size = strlen(src);
     88 	i = 0;
     89 	while(i < size)
     90 		{
     91 		loc = strchr(b64table, src[i]);
     92 		if(loc == (char *) 0) break;
     93 		else a[i] = loc - b64table;
     94 		++i;
     95 		}
     96 	size = i;
     97 	i = size - 1;
     98 	j = size;
     99 	while(1)
    100 		{
    101 		a[j] = a[i];
    102 		if(--i < 0) break;
    103 		a[j] |= (a[i] & 3) << 6;
    104 		--j;
    105 		a[j] = (unsigned char) ((a[i] & 0x3c) >> 2);
    106 		if(--i < 0) break;
    107 		a[j] |= (a[i] & 0xf) << 4;
    108 		--j;
    109 		a[j] = (unsigned char) ((a[i] & 0x30) >> 4);
    110 		if(--i < 0) break;
    111 		a[j] |= (a[i] << 2);
    112 
    113 		a[--j] = 0;
    114 		if(--i < 0) break;
    115 		}
    116 	while(a[j] == 0 && j <= size) ++j;
    117 	i = 0;
    118 	while (j <= size) a[i++] = a[j++];
    119 	return i;
    120 	}
    121 
    122 
    123 /*
    124  * Convert a raw byte string into a null-terminated base64 ASCII string.
    125  */
    126 static char *t_tob64(char *dst, const unsigned char *src, int size)
    127 	{
    128 	int c, pos = size % 3;
    129 	unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
    130 	char *olddst = dst;
    131 
    132 	switch(pos)
    133 		{
    134 	case 1:
    135 		b2 = src[0];
    136 		break;
    137 	case 2:
    138 		b1 = src[0];
    139 		b2 = src[1];
    140 		break;
    141 		}
    142 
    143 	while(1)
    144 		{
    145 		c = (b0 & 0xfc) >> 2;
    146 		if(notleading || c != 0)
    147 			{
    148 			*dst++ = b64table[c];
    149 			notleading = 1;
    150 			}
    151 		c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
    152 		if(notleading || c != 0)
    153 			{
    154 			*dst++ = b64table[c];
    155 			notleading = 1;
    156 			}
    157 		c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
    158 		if(notleading || c != 0)
    159 			{
    160 			*dst++ = b64table[c];
    161 			notleading = 1;
    162 			}
    163 		c = b2 & 0x3f;
    164 		if(notleading || c != 0)
    165 			{
    166 			*dst++ = b64table[c];
    167 			notleading = 1;
    168 			}
    169 		if(pos >= size) break;
    170 		else
    171 			{
    172 			b0 = src[pos++];
    173 			b1 = src[pos++];
    174 			b2 = src[pos++];
    175 			}
    176 		}
    177 
    178 	*dst++ = '\0';
    179 	return olddst;
    180 	}
    181 
    182 static void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
    183 	{
    184 	if (user_pwd == NULL)
    185 		return;
    186 	BN_free(user_pwd->s);
    187 	BN_clear_free(user_pwd->v);
    188 	OPENSSL_free(user_pwd->id);
    189 	OPENSSL_free(user_pwd->info);
    190 	OPENSSL_free(user_pwd);
    191 	}
    192 
    193 static SRP_user_pwd *SRP_user_pwd_new()
    194 	{
    195 	SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
    196 	if (ret == NULL)
    197 		return NULL;
    198 	ret->N = NULL;
    199 	ret->g = NULL;
    200 	ret->s = NULL;
    201 	ret->v = NULL;
    202 	ret->id = NULL ;
    203 	ret->info = NULL;
    204 	return ret;
    205 	}
    206 
    207 static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
    208 				const BIGNUM *N)
    209 	{
    210 	vinfo->N = N;
    211 	vinfo->g = g;
    212 	}
    213 
    214 static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
    215 				const char *info)
    216 	{
    217 	if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
    218 		return 0;
    219 	return (info == NULL || NULL != (vinfo->info = BUF_strdup(info))) ;
    220 	}
    221 
    222 static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
    223 			       const char *v)
    224 	{
    225 	unsigned char tmp[MAX_LEN];
    226 	int len;
    227 
    228 	if (strlen(s) > MAX_LEN || strlen(v) > MAX_LEN)
    229 		return 0;
    230 	len = t_fromb64(tmp, v);
    231 	if (NULL == (vinfo->v = BN_bin2bn(tmp, len, NULL)) )
    232 		return 0;
    233 	len = t_fromb64(tmp, s);
    234 	return ((vinfo->s = BN_bin2bn(tmp, len, NULL)) != NULL) ;
    235 	}
    236 
    237 static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v)
    238 	{
    239 	vinfo->v = v;
    240 	vinfo->s = s;
    241 	return (vinfo->s != NULL && vinfo->v != NULL) ;
    242 	}
    243 
    244 SRP_VBASE *SRP_VBASE_new(char *seed_key)
    245 	{
    246 	SRP_VBASE *vb = (SRP_VBASE *) OPENSSL_malloc(sizeof(SRP_VBASE));
    247 
    248 	if (vb == NULL)
    249 		return NULL;
    250 	if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
    251 		!(vb->gN_cache = sk_SRP_gN_cache_new_null()))
    252 		{
    253 		OPENSSL_free(vb);
    254 		return NULL;
    255 		}
    256 	vb->default_g = NULL;
    257 	vb->default_N = NULL;
    258 	vb->seed_key = NULL;
    259 	if ((seed_key != NULL) &&
    260 		(vb->seed_key = BUF_strdup(seed_key)) == NULL)
    261 		{
    262 		sk_SRP_user_pwd_free(vb->users_pwd);
    263 		sk_SRP_gN_cache_free(vb->gN_cache);
    264 		OPENSSL_free(vb);
    265 		return NULL;
    266 		}
    267 	return vb;
    268 	}
    269 
    270 
    271 int SRP_VBASE_free(SRP_VBASE *vb)
    272 	{
    273 	sk_SRP_user_pwd_pop_free(vb->users_pwd,SRP_user_pwd_free);
    274 	sk_SRP_gN_cache_free(vb->gN_cache);
    275 	OPENSSL_free(vb->seed_key);
    276 	OPENSSL_free(vb);
    277 	return 0;
    278 	}
    279 
    280 
    281 static SRP_gN_cache *SRP_gN_new_init(const char *ch)
    282 	{
    283 	unsigned char tmp[MAX_LEN];
    284 	int len;
    285 
    286 	SRP_gN_cache *newgN = (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
    287 	if (newgN == NULL)
    288 		return NULL;
    289 
    290 	if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
    291 		goto err;
    292 
    293 	len = t_fromb64(tmp, ch);
    294 	if ((newgN->bn = BN_bin2bn(tmp, len, NULL)))
    295 		return newgN;
    296 
    297 	OPENSSL_free(newgN->b64_bn);
    298 err:
    299 	OPENSSL_free(newgN);
    300 	return NULL;
    301 	}
    302 
    303 
    304 static void SRP_gN_free(SRP_gN_cache *gN_cache)
    305 	{
    306 	if (gN_cache == NULL)
    307 		return;
    308 	OPENSSL_free(gN_cache->b64_bn);
    309 	BN_free(gN_cache->bn);
    310 	OPENSSL_free(gN_cache);
    311 	}
    312 
    313 static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab)
    314 	{
    315 	int i;
    316 
    317 	SRP_gN *gN;
    318 	if (gN_tab != NULL)
    319 	for(i = 0; i < sk_SRP_gN_num(gN_tab); i++)
    320 		{
    321 		gN = sk_SRP_gN_value(gN_tab, i);
    322 		if (gN && (id == NULL || strcmp(gN->id,id)==0))
    323 			return gN;
    324 		}
    325 
    326 	return SRP_get_default_gN(id);
    327 	}
    328 
    329 static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
    330 	{
    331 	int i;
    332 	if (gN_cache == NULL)
    333 		return NULL;
    334 
    335 	/* search if we have already one... */
    336 	for(i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++)
    337 		{
    338 		SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
    339 		if (strcmp(cache->b64_bn,ch)==0)
    340 			return cache->bn;
    341 		}
    342 		{		/* it is the first time that we find it */
    343 		SRP_gN_cache *newgN = SRP_gN_new_init(ch);
    344 		if (newgN)
    345 			{
    346 			if (sk_SRP_gN_cache_insert(gN_cache,newgN,0)>0)
    347 				return newgN->bn;
    348 			SRP_gN_free(newgN);
    349 			}
    350 		}
    351 	return NULL;
    352 	}
    353 
    354 /* this function parses verifier file. Format is:
    355  * string(index):base64(N):base64(g):0
    356  * string(username):base64(v):base64(salt):int(index)
    357  */
    358 
    359 
    360 int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
    361 	{
    362 	int error_code ;
    363 	STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
    364 	char *last_index = NULL;
    365 	int i;
    366 	char **pp;
    367 
    368 	SRP_gN *gN = NULL;
    369 	SRP_user_pwd *user_pwd = NULL ;
    370 
    371 	TXT_DB *tmpdb = NULL;
    372 	BIO *in = BIO_new(BIO_s_file());
    373 
    374 	error_code = SRP_ERR_OPEN_FILE;
    375 
    376 	if (in == NULL || BIO_read_filename(in,verifier_file) <= 0)
    377 		goto err;
    378 
    379 	error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
    380 
    381 	if ((tmpdb =TXT_DB_read(in,DB_NUMBER)) == NULL)
    382 		goto err;
    383 
    384 	error_code = SRP_ERR_MEMORY;
    385 
    386 
    387 	if (vb->seed_key)
    388 		{
    389 		last_index = SRP_get_default_gN(NULL)->id;
    390 		}
    391 	for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++)
    392 		{
    393 		pp = (char **)sk_OPENSSL_PSTRING_value(tmpdb->data,i);
    394 		if (pp[DB_srptype][0] == DB_SRP_INDEX)
    395 			{
    396 			/*we add this couple in the internal Stack */
    397 
    398 			if ((gN = (SRP_gN *)OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
    399  				goto err;
    400 
    401 			if  (!(gN->id = BUF_strdup(pp[DB_srpid]))
    402 	                ||  !(gN->N = SRP_gN_place_bn(vb->gN_cache,pp[DB_srpverifier]))
    403 			||  !(gN->g = SRP_gN_place_bn(vb->gN_cache,pp[DB_srpsalt]))
    404 			||  sk_SRP_gN_insert(SRP_gN_tab,gN,0) == 0)
    405 				goto err;
    406 
    407 			gN = NULL;
    408 
    409 			if (vb->seed_key != NULL)
    410 				{
    411 				last_index = pp[DB_srpid];
    412 				}
    413 			}
    414 		else if (pp[DB_srptype][0] == DB_SRP_VALID)
    415 			{
    416 			/* it is a user .... */
    417 			SRP_gN *lgN;
    418 			if ((lgN = SRP_get_gN_by_id(pp[DB_srpgN],SRP_gN_tab))!=NULL)
    419 				{
    420 				error_code = SRP_ERR_MEMORY;
    421 				if ((user_pwd = SRP_user_pwd_new()) == NULL)
    422 					goto err;
    423 
    424 				SRP_user_pwd_set_gN(user_pwd,lgN->g,lgN->N);
    425 				if (!SRP_user_pwd_set_ids(user_pwd, pp[DB_srpid],pp[DB_srpinfo]))
    426 					goto err;
    427 
    428 				error_code = SRP_ERR_VBASE_BN_LIB;
    429 				if (!SRP_user_pwd_set_sv(user_pwd, pp[DB_srpsalt],pp[DB_srpverifier]))
    430 					goto err;
    431 
    432 				if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0)
    433 					goto err;
    434 				user_pwd = NULL; /* abandon responsability */
    435 				}
    436 			}
    437 		}
    438 
    439 	if (last_index != NULL)
    440 		{
    441 		/* this means that we want to simulate a default user */
    442 
    443 		if (((gN = SRP_get_gN_by_id(last_index,SRP_gN_tab))==NULL))
    444 			{
    445 			error_code = SRP_ERR_VBASE_BN_LIB;
    446 			goto err;
    447 			}
    448 		vb->default_g = gN->g ;
    449 		vb->default_N = gN->N ;
    450 		gN = NULL ;
    451 		}
    452 	error_code = SRP_NO_ERROR;
    453 
    454  err:
    455 	/* there may be still some leaks to fix, if this fails, the application terminates most likely */
    456 
    457 	if (gN != NULL)
    458 		{
    459 		OPENSSL_free(gN->id);
    460 		OPENSSL_free(gN);
    461 		}
    462 
    463 	SRP_user_pwd_free(user_pwd);
    464 
    465 	if (tmpdb) TXT_DB_free(tmpdb);
    466 	if (in) BIO_free_all(in);
    467 
    468 	sk_SRP_gN_free(SRP_gN_tab);
    469 
    470 	return error_code;
    471 
    472 	}
    473 
    474 
    475 SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
    476 	{
    477 	int i;
    478 	SRP_user_pwd *user;
    479 	unsigned char digv[SHA_DIGEST_LENGTH];
    480 	unsigned char digs[SHA_DIGEST_LENGTH];
    481 	EVP_MD_CTX ctxt;
    482 
    483 	if (vb == NULL)
    484 		return NULL;
    485 	for(i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++)
    486 		{
    487 		user = sk_SRP_user_pwd_value(vb->users_pwd, i);
    488 		if (strcmp(user->id,username)==0)
    489 			return user;
    490 		}
    491 	if ((vb->seed_key == NULL) ||
    492 		(vb->default_g == NULL) ||
    493 		(vb->default_N == NULL))
    494 		return NULL;
    495 
    496 /* if the user is unknown we set parameters as well if we have a seed_key */
    497 
    498 	if ((user = SRP_user_pwd_new()) == NULL)
    499 		return NULL;
    500 
    501 	SRP_user_pwd_set_gN(user,vb->default_g,vb->default_N);
    502 
    503 	if (!SRP_user_pwd_set_ids(user,username,NULL))
    504 		goto err;
    505 
    506 	RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH);
    507 	EVP_MD_CTX_init(&ctxt);
    508 	EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
    509 	EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
    510 	EVP_DigestUpdate(&ctxt, username, strlen(username));
    511 	EVP_DigestFinal_ex(&ctxt, digs, NULL);
    512 	EVP_MD_CTX_cleanup(&ctxt);
    513 	if (SRP_user_pwd_set_sv_BN(user, BN_bin2bn(digs,SHA_DIGEST_LENGTH,NULL), BN_bin2bn(digv,SHA_DIGEST_LENGTH, NULL)))
    514 		return user;
    515 
    516 err:    SRP_user_pwd_free(user);
    517 	return NULL;
    518 	}
    519 
    520 
    521 /*
    522    create a verifier (*salt,*verifier,g and N are in base64)
    523 */
    524 char *SRP_create_verifier(const char *user, const char *pass, char **salt,
    525 			  char **verifier, const char *N, const char *g)
    526 	{
    527 	int len;
    528 	char * result=NULL;
    529 	char *vf;
    530 	BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
    531 	unsigned char tmp[MAX_LEN];
    532 	unsigned char tmp2[MAX_LEN];
    533 	char * defgNid = NULL;
    534 
    535 	if ((user == NULL)||
    536 		(pass == NULL)||
    537 		(salt == NULL)||
    538 		(verifier == NULL))
    539 		goto err;
    540 
    541 	if (N)
    542 		{
    543 		if (!(len = t_fromb64(tmp, N))) goto err;
    544 		N_bn = BN_bin2bn(tmp, len, NULL);
    545 		if (!(len = t_fromb64(tmp, g))) goto err;
    546 		g_bn = BN_bin2bn(tmp, len, NULL);
    547 		defgNid = "*";
    548 		}
    549 	else
    550 		{
    551 		SRP_gN * gN = SRP_get_gN_by_id(g, NULL) ;
    552 		if (gN == NULL)
    553 			goto err;
    554 		N_bn = gN->N;
    555 		g_bn = gN->g;
    556 		defgNid = gN->id;
    557 		}
    558 
    559 	if (*salt == NULL)
    560 		{
    561 		RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
    562 
    563 		s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
    564 		}
    565 	else
    566 		{
    567 		if (!(len = t_fromb64(tmp2, *salt)))
    568 			goto err;
    569 		s = BN_bin2bn(tmp2, len, NULL);
    570 		}
    571 
    572 
    573 	if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err;
    574 
    575 	BN_bn2bin(v,tmp);
    576 	if (((vf = OPENSSL_malloc(BN_num_bytes(v)*2)) == NULL))
    577 		goto err;
    578 	t_tob64(vf, tmp, BN_num_bytes(v));
    579 
    580 	*verifier = vf;
    581 	if (*salt == NULL)
    582 		{
    583 		char *tmp_salt;
    584 		if ((tmp_salt = (char *)OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL)
    585 			{
    586 			OPENSSL_free(vf);
    587 			goto err;
    588 			}
    589 		t_tob64(tmp_salt, tmp2, SRP_RANDOM_SALT_LEN);
    590 		*salt = tmp_salt;
    591 		}
    592 
    593 	result=defgNid;
    594 
    595 err:
    596 	if(N)
    597 		{
    598 		BN_free(N_bn);
    599 		BN_free(g_bn);
    600 		}
    601 	return result;
    602 	}
    603 
    604 /*
    605    create a verifier (*salt,*verifier,g and N are BIGNUMs)
    606 */
    607 int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
    608 	{
    609 	int result=0;
    610 	BIGNUM *x = NULL;
    611 	BN_CTX *bn_ctx = BN_CTX_new();
    612 	unsigned char tmp2[MAX_LEN];
    613 
    614 	if ((user == NULL)||
    615 		(pass == NULL)||
    616 		(salt == NULL)||
    617 		(verifier == NULL)||
    618 		(N == NULL)||
    619 		(g == NULL)||
    620 		(bn_ctx == NULL))
    621 		goto err;
    622 
    623 	srp_bn_print(N);
    624 	srp_bn_print(g);
    625 
    626 	if (*salt == NULL)
    627 		{
    628 		RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
    629 
    630 		*salt = BN_bin2bn(tmp2,SRP_RANDOM_SALT_LEN,NULL);
    631 		}
    632 
    633 	x = SRP_Calc_x(*salt,user,pass);
    634 
    635 	*verifier = BN_new();
    636 	if(*verifier == NULL) goto err;
    637 
    638 	if (!BN_mod_exp(*verifier,g,x,N,bn_ctx))
    639 		{
    640 		BN_clear_free(*verifier);
    641 		goto err;
    642 		}
    643 
    644 	srp_bn_print(*verifier);
    645 
    646 	result=1;
    647 
    648 err:
    649 
    650 	BN_clear_free(x);
    651 	BN_CTX_free(bn_ctx);
    652 	return result;
    653 	}
    654 
    655 
    656 
    657 #endif
    658