/deps/openssl/openssl/ssl/tls_srp.c - Diff - CSE2410 Fall 2014 Bounce - CS Projects

Revision aa3b4b4d deps/openssl/openssl/ssl/tls_srp.c

     	return ret;
+    	}
     int SRP_Calc_A_param(SSL *s)
     int srp_verify_server_param(SSL *s, int *al)
+    	{
     	unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
     	SRP_CTX *srp = &s->srp_ctx;
     	/* Sanity check parameters: we can quickly check B % N == 0
     	 * by checking B != 0 since B < N
     	 */
     	if (BN_ucmp(srp->g, srp->N) >=0 || BN_ucmp(srp->B, srp->N) >= 0
     		|| BN_is_zero(srp->B))
+    		{
     		*al = SSL3_AD_ILLEGAL_PARAMETER;
     		return 0;
+    		}
     	if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength)
     		return -1;
     	if (BN_num_bits(srp->N) < srp->strength)
+    		{
     		*al = TLS1_AD_INSUFFICIENT_SECURITY;
     		return 0;
+    		}
     	if (s->srp_ctx.SRP_verify_param_callback ==NULL &&
     		!SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N))
     		return -1 ;
     	if (srp->SRP_verify_param_callback)
+    		{
     		if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0)
+    			{
     			*al = TLS1_AD_INSUFFICIENT_SECURITY;
     			return 0;
+    			}
+    		}
     	else if(!SRP_check_known_gN_param(srp->g, srp->N))
+    		{
     		*al = TLS1_AD_INSUFFICIENT_SECURITY;
     		return 0;
+    		}
     	return 1;
+    	}
     int SRP_Calc_A_param(SSL *s)
+    	{
     	unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
     	RAND_bytes(rnd, sizeof(rnd));
     	s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
-...
     	if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g)))
     		return -1;
     	/* We can have a callback to verify SRP param!! */
     	if (s->srp_ctx.SRP_verify_param_callback !=NULL)
     		return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg);
     	return 1;
+    	}

Also available in: Unified diff