Hello,
I'm trying to get SRP working on some older openssl (2014) release. SRP has been officially supported in OpenSSL since 2012. The example below works fine on newer OpenSSL versions (such as 1.1.1g). I'm curious why this aint working on 1.0.1f:
SRP is supported:
$ openssl version
OpenSSL 1.0.1f 6 Jan 2014$ openssl ciphers 'SRP' | sed 's/\:/\n/g'
SRP-DSS-AES-256-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-3DES-EDE-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-AES-256-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-3DES-EDE-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
SRP-AES-128-CBC-SHA
# Create a srpvfile (myself / password)
$ openssl srp -srpvfile passwd.txt -add myself
# Server
$ openssl s_server -nocert -cipher SRP -srpvfile passwd.txt -accept 4444
# Client (same host)
$ openssl s_client -srpuser myself -cipher SRP -connect 127.1:4444
Server fails with:
140700035712672:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1389:
Client fails with:
139663869671072:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1278:SSL alert number 40
139663869671072:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:599:
139663869671072:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:599:
tcpdump shows that the 'Client Hello' does contain the correct ciphers (all 9 from above) but the server rejected the Client-Hello (even that server's 'openssl ciphers' command shows that all 9 are available and supported).
Why? Is srp broken in 1.0.1f?
Ralf
