summaryrefslogtreecommitdiffstats
path: root/contrib/ntp/util
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/ntp/util')
-rw-r--r--contrib/ntp/util/invoke-ntp-keygen.texi4
-rw-r--r--contrib/ntp/util/ntp-keygen-opts.c14
-rw-r--r--contrib/ntp/util/ntp-keygen-opts.h6
-rw-r--r--contrib/ntp/util/ntp-keygen.1ntp-keygenman6
-rw-r--r--contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc4
-rw-r--r--contrib/ntp/util/ntp-keygen.c367
-rw-r--r--contrib/ntp/util/ntp-keygen.html4
-rw-r--r--contrib/ntp/util/ntp-keygen.man.in6
-rw-r--r--contrib/ntp/util/ntp-keygen.mdoc.in4
9 files changed, 241 insertions, 174 deletions
diff --git a/contrib/ntp/util/invoke-ntp-keygen.texi b/contrib/ntp/util/invoke-ntp-keygen.texi
index cc8a005..8cec26e 100644
--- a/contrib/ntp/util/invoke-ntp-keygen.texi
+++ b/contrib/ntp/util/invoke-ntp-keygen.texi
@@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntp-keygen.texi)
#
-# It has been AutoGen-ed June 2, 2016 at 07:39:40 AM by AutoGen 5.18.5
+# It has been AutoGen-ed November 21, 2016 at 08:03:45 AM by AutoGen 5.18.5
# From the definitions ntp-keygen-opts.def
# and the template file agtexi-cmd.tpl
@end ignore
@@ -886,7 +886,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p8
+ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9
Usage: ntp-keygen [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
Flg Arg Option-Name Description
-b Num imbits identity modulus bits
diff --git a/contrib/ntp/util/ntp-keygen-opts.c b/contrib/ntp/util/ntp-keygen-opts.c
index 2fb198b..d41a687 100644
--- a/contrib/ntp/util/ntp-keygen-opts.c
+++ b/contrib/ntp/util/ntp-keygen-opts.c
@@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.c)
*
- * It has been AutoGen-ed June 2, 2016 at 07:39:24 AM by AutoGen 5.18.5
+ * It has been AutoGen-ed November 21, 2016 at 08:03:30 AM by AutoGen 5.18.5
* From the definitions ntp-keygen-opts.def
* and the template file options
*
@@ -72,7 +72,7 @@ extern FILE * option_usage_fp;
* static const strings for ntp-keygen options
*/
static char const ntp_keygen_opt_strs[2419] =
-/* 0 */ "ntp-keygen (ntp) 4.2.8p8\n"
+/* 0 */ "ntp-keygen (ntp) 4.2.8p9\n"
"Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
"This is free software. It is licensed for use, modification and\n"
"redistribution under the terms of the NTP License, copies of which\n"
@@ -164,14 +164,14 @@ static char const ntp_keygen_opt_strs[2419] =
/* 2202 */ "no-load-opts\0"
/* 2215 */ "no\0"
/* 2218 */ "NTP_KEYGEN\0"
-/* 2229 */ "ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p8\n"
+/* 2229 */ "ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9\n"
"Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
/* 2343 */ "$HOME\0"
/* 2349 */ ".\0"
/* 2351 */ ".ntprc\0"
/* 2358 */ "http://bugs.ntp.org, bugs@ntp.org\0"
/* 2392 */ "\n\0"
-/* 2394 */ "ntp-keygen (ntp) 4.2.8p8";
+/* 2394 */ "ntp-keygen (ntp) 4.2.8p9";
/**
* imbits option description:
@@ -1309,7 +1309,7 @@ static void bogus_function(void) {
translate option names.
*/
/* referenced via ntp_keygenOptions.pzCopyright */
- puts(_("ntp-keygen (ntp) 4.2.8p8\n\
+ puts(_("ntp-keygen (ntp) 4.2.8p9\n\
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the NTP License, copies of which\n\
@@ -1408,14 +1408,14 @@ implied warranty.\n"));
puts(_("load options from a config file"));
/* referenced via ntp_keygenOptions.pzUsageTitle */
- puts(_("ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p8\n\
+ puts(_("ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9\n\
Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n"));
/* referenced via ntp_keygenOptions.pzExplain */
puts(_("\n"));
/* referenced via ntp_keygenOptions.pzFullVersion */
- puts(_("ntp-keygen (ntp) 4.2.8p8"));
+ puts(_("ntp-keygen (ntp) 4.2.8p9"));
/* referenced via ntp_keygenOptions.pzFullUsage */
puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/util/ntp-keygen-opts.h b/contrib/ntp/util/ntp-keygen-opts.h
index 68d6272..40201db 100644
--- a/contrib/ntp/util/ntp-keygen-opts.h
+++ b/contrib/ntp/util/ntp-keygen-opts.h
@@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.h)
*
- * It has been AutoGen-ed June 2, 2016 at 07:39:23 AM by AutoGen 5.18.5
+ * It has been AutoGen-ed November 21, 2016 at 08:03:29 AM by AutoGen 5.18.5
* From the definitions ntp-keygen-opts.def
* and the template file options
*
@@ -94,9 +94,9 @@ typedef enum {
/** count of all options for ntp-keygen */
#define OPTION_CT 26
/** ntp-keygen version */
-#define NTP_KEYGEN_VERSION "4.2.8p8"
+#define NTP_KEYGEN_VERSION "4.2.8p9"
/** Full ntp-keygen version text */
-#define NTP_KEYGEN_FULL_VERSION "ntp-keygen (ntp) 4.2.8p8"
+#define NTP_KEYGEN_FULL_VERSION "ntp-keygen (ntp) 4.2.8p9"
/**
* Interface defines for all options. Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/util/ntp-keygen.1ntp-keygenman b/contrib/ntp/util/ntp-keygen.1ntp-keygenman
index b3c1f2f..9e30b46 100644
--- a/contrib/ntp/util/ntp-keygen.1ntp-keygenman
+++ b/contrib/ntp/util/ntp-keygen.1ntp-keygenman
@@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
-.TH ntp-keygen 1ntp-keygenman "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH ntp-keygen 1ntp-keygenman "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
.\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-.JaGB0/ag-lKayA0)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-psaWZm/ag-DsaOYm)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:36 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:41 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
diff --git a/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc b/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
index 0e5a5eb..4dd0746 100644
--- a/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
+++ b/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
@@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
.Dt NTP_KEYGEN 1ntp-keygenmdoc User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:43 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:48 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
diff --git a/contrib/ntp/util/ntp-keygen.c b/contrib/ntp/util/ntp-keygen.c
index ab34927..66a4755 100644
--- a/contrib/ntp/util/ntp-keygen.c
+++ b/contrib/ntp/util/ntp-keygen.c
@@ -105,6 +105,7 @@
#include "openssl/pem.h"
#include "openssl/x509v3.h"
#include <openssl/objects.h>
+#include "libssl_compat.h"
#endif /* OPENSSL */
#include <ssl_applink.c>
@@ -148,6 +149,10 @@ EVP_PKEY *genkey (const char *, const char *);
EVP_PKEY *readkey (char *, char *, u_int *, EVP_PKEY **);
void writekey (char *, char *, u_int *, EVP_PKEY **);
u_long asn2ntp (ASN1_TIME *);
+
+static DSA* genDsaParams(int, char*);
+static RSA* genRsaKeyPair(int, char*);
+
#endif /* AUTOKEY */
/*
@@ -294,7 +299,6 @@ main(
int optct; /* option count */
#ifdef AUTOKEY
X509 *cert = NULL; /* X509 certificate */
- X509_EXTENSION *ext; /* X509v3 extension */
EVP_PKEY *pkey_host = NULL; /* host key */
EVP_PKEY *pkey_sign = NULL; /* sign key */
EVP_PKEY *pkey_iffkey = NULL; /* IFF sever keys */
@@ -511,8 +515,7 @@ main(
* Extract digest/signature scheme.
*/
if (scheme == NULL) {
- nid = OBJ_obj2nid(cert->cert_info->
- signature->algorithm);
+ nid = X509_get_signature_nid(cert);
scheme = OBJ_nid2sn(nid);
}
@@ -524,8 +527,13 @@ main(
ptr = strstr(groupbuf, "CN=");
cnt = X509_get_ext_count(cert);
for (i = 0; i < cnt; i++) {
+ X509_EXTENSION *ext;
+ ASN1_OBJECT *obj;
+
ext = X509_get_ext(cert, i);
- if (OBJ_obj2nid(ext->object) ==
+ obj = X509_EXTENSION_get_object(ext);
+
+ if (OBJ_obj2nid(obj) ==
NID_ext_key_usage) {
bp = BIO_new(BIO_s_mem());
X509V3_EXT_print(bp, ext, 0, 0);
@@ -617,8 +625,14 @@ main(
filename);
}
}
- if (pkey_gqkey != NULL)
- grpkey = BN_bn2hex(pkey_gqkey->pkey.rsa->q);
+ if (pkey_gqkey != NULL) {
+ RSA *rsa;
+ const BIGNUM *q;
+
+ rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+ RSA_get0_factors(rsa, NULL, &q);
+ grpkey = BN_bn2hex(q);
+ }
/*
* Write the nonencrypted GQ client parameters to the stdout
@@ -634,9 +648,10 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- rsa = pkey_gqkey->pkey.rsa;
- BN_copy(rsa->p, BN_value_one());
- BN_copy(rsa->q, BN_value_one());
+ /* XXX: This modifies the private key and should probably use a
+ * copy of it instead. */
+ rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+ RSA_set0_factors(rsa, BN_dup(BN_value_one()), BN_dup(BN_value_one()));
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
@@ -658,7 +673,7 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- rsa = pkey_gqkey->pkey.rsa;
+ rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
@@ -699,8 +714,10 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- dsa = pkey_iffkey->pkey.dsa;
- BN_copy(dsa->priv_key, BN_value_one());
+ /* XXX: This modifies the private key and should probably use a
+ * copy of it instead. */
+ dsa = EVP_PKEY_get0_DSA(pkey_iffkey);
+ DSA_set0_key(dsa, NULL, BN_dup(BN_value_one()));
pkey = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey, dsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
@@ -722,7 +739,7 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- dsa = pkey_iffkey->pkey.dsa;
+ dsa = EVP_PKEY_get0_DSA(pkey_iffkey);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey, dsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
@@ -767,7 +784,7 @@ main(
NULL, NULL);
fflush(stdout);
if (debug)
- DSA_print_fp(stderr, pkey->pkey.dsa, 0);
+ DSA_print_fp(stderr, EVP_PKEY_get0_DSA(pkey), 0);
}
/*
@@ -785,7 +802,7 @@ main(
NULL, passwd2);
fflush(stdout);
if (debug)
- DSA_print_fp(stderr, pkey->pkey.dsa, 0);
+ DSA_print_fp(stderr, EVP_PKEY_get0_DSA(pkey), 0);
}
/*
@@ -934,11 +951,11 @@ readkey(
if (pkey == NULL)
pkey = parkey;
if (debug) {
- if (parkey->type == EVP_PKEY_DSA)
- DSA_print_fp(stderr, parkey->pkey.dsa,
+ if (EVP_PKEY_base_id(parkey) == EVP_PKEY_DSA)
+ DSA_print_fp(stderr, EVP_PKEY_get0_DSA(parkey),
0);
- else if (parkey->type == EVP_PKEY_RSA)
- RSA_print_fp(stderr, parkey->pkey.rsa,
+ else if (EVP_PKEY_base_id(parkey) == EVP_PKEY_RSA)
+ RSA_print_fp(stderr, EVP_PKEY_get0_RSA(parkey),
0);
}
}
@@ -967,7 +984,7 @@ gen_rsa(
FILE *str;
fprintf(stderr, "Generating RSA keys (%d bits)...\n", modulus);
- rsa = RSA_generate_key(modulus, 65537, cb, _UC("RSA"));
+ rsa = genRsaKeyPair(modulus, _UC("RSA"));
fprintf(stderr, "\n");
if (rsa == NULL) {
fprintf(stderr, "RSA generate keys fails\n%s\n",
@@ -1006,7 +1023,7 @@ gen_rsa(
return (pkey);
}
-
+
/*
* Generate DSA public/private key pair
*/
@@ -1017,7 +1034,6 @@ gen_dsa(
{
EVP_PKEY *pkey; /* private key */
DSA *dsa; /* DSA parameters */
- u_char seed[20]; /* seed for parameters */
FILE *str;
/*
@@ -1025,9 +1041,7 @@ gen_dsa(
*/
fprintf(stderr,
"Generating DSA parameters (%d bits)...\n", modulus);
- RAND_bytes(seed, sizeof(seed));
- dsa = DSA_generate_parameters(modulus, seed, sizeof(seed), NULL,
- NULL, cb, _UC("DSA"));
+ dsa = genDsaParams(modulus, _UC("DSA"));
fprintf(stderr, "\n");
if (dsa == NULL) {
fprintf(stderr, "DSA generate parameters fails\n%s\n",
@@ -1119,26 +1133,26 @@ gen_iffkey(
{
EVP_PKEY *pkey; /* private key */
DSA *dsa; /* DSA parameters */
- u_char seed[20]; /* seed for parameters */
BN_CTX *ctx; /* BN working space */
BIGNUM *b, *r, *k, *u, *v, *w; /* BN temp */
FILE *str;
u_int temp;
-
+ const BIGNUM *p, *q, *g;
+ BIGNUM *pub_key, *priv_key;
+
/*
* Generate DSA parameters for use as IFF parameters.
*/
fprintf(stderr, "Generating IFF keys (%d bits)...\n",
modulus2);
- RAND_bytes(seed, sizeof(seed));
- dsa = DSA_generate_parameters(modulus2, seed, sizeof(seed), NULL,
- NULL, cb, _UC("IFF"));
+ dsa = genDsaParams(modulus2, _UC("IFF"));
fprintf(stderr, "\n");
if (dsa == NULL) {
fprintf(stderr, "DSA generate parameters fails\n%s\n",
ERR_error_string(ERR_get_error(), NULL));
- return (NULL);;
+ return (NULL);
}
+ DSA_get0_pqg(dsa, &p, &q, &g);
/*
* Generate the private and public keys. The DSA parameters and
@@ -1147,12 +1161,12 @@ gen_iffkey(
*/
b = BN_new(); r = BN_new(); k = BN_new();
u = BN_new(); v = BN_new(); w = BN_new(); ctx = BN_CTX_new();
- BN_rand(b, BN_num_bits(dsa->q), -1, 0); /* a */
- BN_mod(b, b, dsa->q, ctx);
- BN_sub(v, dsa->q, b);
- BN_mod_exp(v, dsa->g, v, dsa->p, ctx); /* g^(q - b) mod p */
- BN_mod_exp(u, dsa->g, b, dsa->p, ctx); /* g^b mod p */
- BN_mod_mul(u, u, v, dsa->p, ctx);
+ BN_rand(b, BN_num_bits(q), -1, 0); /* a */
+ BN_mod(b, b, q, ctx);
+ BN_sub(v, q, b);
+ BN_mod_exp(v, g, v, p, ctx); /* g^(q - b) mod p */
+ BN_mod_exp(u, g, b, p, ctx); /* g^b mod p */
+ BN_mod_mul(u, u, v, p, ctx);
temp = BN_is_one(u);
fprintf(stderr,
"Confirm g^(q - b) g^b = 1 mod p: %s\n", temp == 1 ?
@@ -1162,28 +1176,29 @@ gen_iffkey(
BN_free(u); BN_free(v); BN_free(w); BN_CTX_free(ctx);
return (NULL);
}
- dsa->priv_key = BN_dup(b); /* private key */
- dsa->pub_key = BN_dup(v); /* public key */
+ pub_key = BN_dup(v);
+ priv_key = BN_dup(b);
+ DSA_set0_key(dsa, pub_key, priv_key);
/*
* Here is a trial round of the protocol. First, Alice rolls
* random nonce r mod q and sends it to Bob. She needs only
* q from parameters.
*/
- BN_rand(r, BN_num_bits(dsa->q), -1, 0); /* r */
- BN_mod(r, r, dsa->q, ctx);
+ BN_rand(r, BN_num_bits(q), -1, 0); /* r */
+ BN_mod(r, r, q, ctx);
/*
* Bob rolls random nonce k mod q, computes y = k + b r mod q
* and x = g^k mod p, then sends (y, x) to Alice. He needs
* p, q and b from parameters and r from Alice.
*/
- BN_rand(k, BN_num_bits(dsa->q), -1, 0); /* k, 0 < k < q */
- BN_mod(k, k, dsa->q, ctx);
- BN_mod_mul(v, dsa->priv_key, r, dsa->q, ctx); /* b r mod q */
+ BN_rand(k, BN_num_bits(q), -1, 0); /* k, 0 < k < q */
+ BN_mod(k, k, q, ctx);
+ BN_mod_mul(v, priv_key, r, q, ctx); /* b r mod q */
BN_add(v, v, k);
- BN_mod(v, v, dsa->q, ctx); /* y = k + b r mod q */
- BN_mod_exp(u, dsa->g, k, dsa->p, ctx); /* x = g^k mod p */
+ BN_mod(v, v, q, ctx); /* y = k + b r mod q */
+ BN_mod_exp(u, g, k, p, ctx); /* x = g^k mod p */
/*
* Alice verifies x = g^y v^r to confirm that Bob has group key
@@ -1191,9 +1206,9 @@ gen_iffkey(
* original r. We omit the detail here thatt only the hash of y
* is sent.
*/
- BN_mod_exp(v, dsa->g, v, dsa->p, ctx); /* g^y mod p */
- BN_mod_exp(w, dsa->pub_key, r, dsa->p, ctx); /* v^r */
- BN_mod_mul(v, w, v, dsa->p, ctx); /* product mod p */
+ BN_mod_exp(v, g, v, p, ctx); /* g^y mod p */
+ BN_mod_exp(w, pub_key, r, p, ctx); /* v^r */
+ BN_mod_mul(v, w, v, p, ctx); /* product mod p */
temp = BN_cmp(u, v);
fprintf(stderr,
"Confirm g^k = g^(k + b r) g^(q - b) r: %s\n", temp ==
@@ -1301,22 +1316,26 @@ gen_gqkey(
BIGNUM *u, *v, *g, *k, *r, *y; /* BN temps */
FILE *str;
u_int temp;
-
+ BIGNUM *b;
+ const BIGNUM *n;
+
/*
* Generate RSA parameters for use as GQ parameters.
*/
fprintf(stderr,
"Generating GQ parameters (%d bits)...\n",
modulus2);
- rsa = RSA_generate_key(modulus2, 65537, cb, _UC("GQ"));
+ rsa = genRsaKeyPair(modulus2, _UC("GQ"));
fprintf(stderr, "\n");
if (rsa == NULL) {
fprintf(stderr, "RSA generate keys fails\n%s\n",
ERR_error_string(ERR_get_error(), NULL));
return (NULL);
}
+ RSA_get0_key(rsa, &n, NULL, NULL);
u = BN_new(); v = BN_new(); g = BN_new();
k = BN_new(); r = BN_new(); y = BN_new();
+ b = BN_new();
/*
* Generate the group key b, which is saved in the e member of
@@ -1324,26 +1343,26 @@ gen_gqkey(
* member encrypted by the member private key.
*/
ctx = BN_CTX_new();
- BN_rand(rsa->e, BN_num_bits(rsa->n), -1, 0); /* b */
- BN_mod(rsa->e, rsa->e, rsa->n, ctx);
+ BN_rand(b, BN_num_bits(n), -1, 0); /* b */
+ BN_mod(b, b, n, ctx);
/*
* When generating his certificate, Bob rolls random private key
* u, then computes inverse v = u^-1.
*/
- BN_rand(u, BN_num_bits(rsa->n), -1, 0); /* u */
- BN_mod(u, u, rsa->n, ctx);
- BN_mod_inverse(v, u, rsa->n, ctx); /* u^-1 mod n */
- BN_mod_mul(k, v, u, rsa->n, ctx);
+ BN_rand(u, BN_num_bits(n), -1, 0); /* u */
+ BN_mod(u, u, n, ctx);
+ BN_mod_inverse(v, u, n, ctx); /* u^-1 mod n */
+ BN_mod_mul(k, v, u, n, ctx);
/*
* Bob computes public key v = (u^-1)^b, which is saved in an
* extension field on his certificate. We check that u^b v =
* 1 mod n.
*/
- BN_mod_exp(v, v, rsa->e, rsa->n, ctx);
- BN_mod_exp(g, u, rsa->e, rsa->n, ctx); /* u^b */
- BN_mod_mul(g, g, v, rsa->n, ctx); /* u^b (u^-1)^b */
+ BN_mod_exp(v, v, b, n, ctx);
+ BN_mod_exp(g, u, b, n, ctx); /* u^b */
+ BN_mod_mul(g, g, v, n, ctx); /* u^b (u^-1)^b */
temp = BN_is_one(g);
fprintf(stderr,
"Confirm u^b (u^-1)^b = 1 mod n: %s\n", temp ? "yes" :
@@ -1355,27 +1374,30 @@ gen_gqkey(
RSA_free(rsa);
return (NULL);
}
- BN_copy(rsa->p, u); /* private key */
- BN_copy(rsa->q, v); /* public key */
+ /* setting 'u' and 'v' into a RSA object takes over ownership.
+ * Since we use these values again, we have to pass in dupes,
+ * or we'll corrupt the program!
+ */
+ RSA_set0_factors(rsa, BN_dup(u), BN_dup(v));
/*
* Here is a trial run of the protocol. First, Alice rolls
* random nonce r mod n and sends it to Bob. She needs only n
* from parameters.
*/
- BN_rand(r, BN_num_bits(rsa->n), -1, 0); /* r */
- BN_mod(r, r, rsa->n, ctx);
+ BN_rand(r, BN_num_bits(n), -1, 0); /* r */
+ BN_mod(r, r, n, ctx);
/*
* Bob rolls random nonce k mod n, computes y = k u^r mod n and
* g = k^b mod n, then sends (y, g) to Alice. He needs n, u, b
* from parameters and r from Alice.
*/
- BN_rand(k, BN_num_bits(rsa->n), -1, 0); /* k */
- BN_mod(k, k, rsa->n, ctx);
- BN_mod_exp(y, rsa->p, r, rsa->n, ctx); /* u^r mod n */
- BN_mod_mul(y, k, y, rsa->n, ctx); /* y = k u^r mod n */
- BN_mod_exp(g, k, rsa->e, rsa->n, ctx); /* g = k^b mod n */
+ BN_rand(k, BN_num_bits(n), -1, 0); /* k */
+ BN_mod(k, k, n, ctx);
+ BN_mod_exp(y, u, r, n, ctx); /* u^r mod n */
+ BN_mod_mul(y, k, y, n, ctx); /* y = k u^r mod n */
+ BN_mod_exp(g, k, b, n, ctx); /* g = k^b mod n */
/*
* Alice verifies g = v^r y^b mod n to confirm that Bob has
@@ -1384,9 +1406,9 @@ gen_gqkey(
* original r. We omit the detaul here that only the hash of g
* is sent.
*/
- BN_mod_exp(v, rsa->q, r, rsa->n, ctx); /* v^r mod n */
- BN_mod_exp(y, y, rsa->e, rsa->n, ctx); /* y^b mod n */
- BN_mod_mul(y, v, y, rsa->n, ctx); /* v^r y^b mod n */
+ BN_mod_exp(v, v, r, n, ctx); /* v^r mod n */
+ BN_mod_exp(y, y, b, n, ctx); /* y^b mod n */
+ BN_mod_mul(y, v, y, n, ctx); /* v^r y^b mod n */
temp = BN_cmp(y, g);
fprintf(stderr, "Confirm g^k = v^r y^b mod n: %s\n", temp == 0 ?
"yes" : "no");
@@ -1410,10 +1432,9 @@ gen_gqkey(
* dmq1 not used
* iqmp not used
*/
- BN_copy(rsa->d, BN_value_one());
- BN_copy(rsa->dmp1, BN_value_one());
- BN_copy(rsa->dmq1, BN_value_one());
- BN_copy(rsa->iqmp, BN_value_one());
+ RSA_set0_key(rsa, NULL, b, BN_dup(BN_value_one()));
+ RSA_set0_crt_params(rsa, BN_dup(BN_value_one()), BN_dup(BN_value_one()),
+ BN_dup(BN_value_one()));
str = fheader("GQkey", id, groupname);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
@@ -1509,7 +1530,7 @@ gen_mvkey(
DSA *dsa, *dsa2, *sdsa; /* DSA parameters */
BN_CTX *ctx; /* BN working space */
BIGNUM *a[MVMAX]; /* polynomial coefficient vector */
- BIGNUM *g[MVMAX]; /* public key vector */
+ BIGNUM *gs[MVMAX]; /* public key vector */
BIGNUM *s1[MVMAX]; /* private enabling keys */
BIGNUM *x[MVMAX]; /* polynomial zeros vector */
BIGNUM *xbar[MVMAX], *xhat[MVMAX]; /* private keys vector */
@@ -1520,6 +1541,7 @@ gen_mvkey(
BIGNUM *bige; /* session encryption key */
BIGNUM *gbar, *ghat; /* public key */
BIGNUM *u, *v, *w; /* BN scratch */
+ BIGNUM *p, *q, *g, *priv_key, *pub_key;
int i, j, n;
FILE *str;
u_int temp;
@@ -1544,14 +1566,14 @@ gen_mvkey(
ctx = BN_CTX_new(); u = BN_new(); v = BN_new(); w = BN_new();
b = BN_new(); b1 = BN_new();
dsa = DSA_new();
- dsa->p = BN_new(); dsa->q = BN_new(); dsa->g = BN_new();
- dsa->priv_key = BN_new(); dsa->pub_key = BN_new();
+ p = BN_new(); q = BN_new(); g = BN_new();
+ priv_key = BN_new(); pub_key = BN_new();
temp = 0;
for (j = 1; j <= n; j++) {
s1[j] = BN_new();
while (1) {
- BN_generate_prime(s1[j], modulus2 / n, 0, NULL,
- NULL, NULL, NULL);
+ BN_generate_prime_ex(s1[j], modulus2 / n, 0,
+ NULL, NULL, NULL);
for (i = 1; i < j; i++) {
if (BN_cmp(s1[i], s1[j]) == 0)
break;
@@ -1577,21 +1599,20 @@ gen_mvkey(
*/
temp = 0;
while (1) {
- BN_one(dsa->q);
+ BN_one(q);
for (j = 1; j <= n; j++)
- BN_mul(dsa->q, dsa->q, s1[j], ctx);
- BN_copy(dsa->p, dsa->q);
- BN_add(dsa->p, dsa->p, dsa->p);
- BN_add_word(dsa->p, 1);
- if (BN_is_prime(dsa->p, BN_prime_checks, NULL, ctx,
- NULL))
+ BN_mul(q, q, s1[j], ctx);
+ BN_copy(p, q);
+ BN_add(p, p, p);
+ BN_add_word(p, 1);
+ if (BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
break;
temp++;
j = temp % n + 1;
while (1) {
- BN_generate_prime(u, modulus2 / n, 0, 0, NULL,
- NULL, NULL);
+ BN_generate_prime_ex(u, modulus2 / n, 0,
+ NULL, NULL, NULL);
for (i = 1; i <= n; i++) {
if (BN_cmp(u, s1[i]) == 0)
break;
@@ -1608,20 +1629,22 @@ gen_mvkey(
* gcd(g, p - 1) = 1 and g^q = 1. This is a generator of p, not
* q. This may take several iterations.
*/
- BN_copy(v, dsa->p);
+ BN_copy(v, p);
BN_sub_word(v, 1);
while (1) {
- BN_rand(dsa->g, BN_num_bits(dsa->p) - 1, 0, 0);
- BN_mod(dsa->g, dsa->g, dsa->p, ctx);
- BN_gcd(u, dsa->g, v, ctx);
+ BN_rand(g, BN_num_bits(p) - 1, 0, 0);
+ BN_mod(g, g, p, ctx);
+ BN_gcd(u, g, v, ctx);
if (!BN_is_one(u))
continue;
- BN_mod_exp(u, dsa->g, dsa->q, dsa->p, ctx);
+ BN_mod_exp(u, g, q, p, ctx);
if (BN_is_one(u))
break;
}
+ DSA_set0_pqg(dsa, p, q, g);
+
/*
* Setup is now complete. Roll random polynomial roots x[j]
* (j = 1...n) for all j. While it may not be strictly
@@ -1630,14 +1653,14 @@ gen_mvkey(
*/
fprintf(stderr,
"Generating polynomial coefficients for %d roots (%d bits)\n",
- n, BN_num_bits(dsa->q));
+ n, BN_num_bits(q));
for (j = 1; j <= n; j++) {
x[j] = BN_new();
while (1) {
- BN_rand(x[j], BN_num_bits(dsa->q), 0, 0);
- BN_mod(x[j], x[j], dsa->q, ctx);
- BN_gcd(u, x[j], dsa->q, ctx);
+ BN_rand(x[j], BN_num_bits(q), 0, 0);
+ BN_mod(x[j], x[j], q, ctx);
+ BN_gcd(u, x[j], q, ctx);
if (BN_is_one(u))
break;
}
@@ -1655,26 +1678,26 @@ gen_mvkey(
for (j = 1; j <= n; j++) {
BN_zero(w);
for (i = 0; i < j; i++) {
- BN_copy(u, dsa->q);
- BN_mod_mul(v, a[i], x[j], dsa->q, ctx);
+ BN_copy(u, q);
+ BN_mod_mul(v, a[i], x[j], q, ctx);
BN_sub(u, u, v);
BN_add(u, u, w);
BN_copy(w, a[i]);
- BN_mod(a[i], u, dsa->q, ctx);
+ BN_mod(a[i], u, q, ctx);
}
}
/*
- * Generate g[i] = g^a[i] mod p for all i and the generator g.
+ * Generate gs[i] = g^a[i] mod p for all i and the generator g.
*/
for (i = 0; i <= n; i++) {
- g[i] = BN_new();
- BN_mod_exp(g[i], dsa->g, a[i], dsa->p, ctx);
+ gs[i] = BN_new();
+ BN_mod_exp(gs[i], g, a[i], p, ctx);
}
/*
- * Verify prod(g[i]^(a[i] x[j]^i)) = 1 for all i, j. Note the
- * a[i] x[j]^i exponent is computed mod q, but the g[i] is
+ * Verify prod(gs[i]^(a[i] x[j]^i)) = 1 for all i, j. Note the
+ * a[i] x[j]^i exponent is computed mod q, but the gs[i] is
* computed mod p. also note the expression given in the paper
* is incorrect.
*/
@@ -1683,16 +1706,16 @@ gen_mvkey(
BN_one(u);
for (i = 0; i <= n; i++) {
BN_set_word(v, i);
- BN_mod_exp(v, x[j], v, dsa->q, ctx);
- BN_mod_mul(v, v, a[i], dsa->q, ctx);
- BN_mod_exp(v, dsa->g, v, dsa->p, ctx);
- BN_mod_mul(u, u, v, dsa->p, ctx);
+ BN_mod_exp(v, x[j], v, q, ctx);
+ BN_mod_mul(v, v, a[i], q, ctx);
+ BN_mod_exp(v, g, v, p, ctx);
+ BN_mod_mul(u, u, v, p, ctx);
}
if (!BN_is_one(u))
temp = 0;
}
fprintf(stderr,
- "Confirm prod(g[i]^(x[j]^i)) = 1 for all i, j: %s\n", temp ?
+ "Confirm prod(gs[i]^(x[j]^i)) = 1 for all i, j: %s\n", temp ?
"yes" : "no");
if (!temp) {
return (NULL);
@@ -1708,9 +1731,9 @@ gen_mvkey(
for (j = 1; j <= n; j++) {
for (i = 0; i < n; i++) {
BN_set_word(v, i);
- BN_mod_exp(v, x[j], v, dsa->q, ctx);
- BN_mod_exp(v, g[i], v, dsa->p, ctx);
- BN_mod_mul(biga, biga, v, dsa->p, ctx);
+ BN_mod_exp(v, x[j], v, q, ctx);
+ BN_mod_exp(v, gs[i], v, p, ctx);
+ BN_mod_mul(biga, biga, v, p, ctx);
}
}
@@ -1720,13 +1743,13 @@ gen_mvkey(
* mod q. If b is changed, the client keys must be recomputed.
*/
while (1) {
- BN_rand(b, BN_num_bits(dsa->q), 0, 0);
- BN_mod(b, b, dsa->q, ctx);
- BN_gcd(u, b, dsa->q, ctx);
+ BN_rand(b, BN_num_bits(q), 0, 0);
+ BN_mod(b, b, q, ctx);
+ BN_gcd(u, b, q, ctx);
if (BN_is_one(u))
break;
}
- BN_mod_inverse(b1, b, dsa->q, ctx);
+ BN_mod_inverse(b1, b, q, ctx);
/*
* Make private client keys (xbar[j], xhat[j]) for all j. Note
@@ -1740,7 +1763,7 @@ gen_mvkey(
for (j = 1; j <= n; j++) {
xbar[j] = BN_new(); xhat[j] = BN_new();
- BN_add(w, dsa->q, s1[j]);
+ BN_add(w, q, s1[j]);
BN_div(w, u, w, s1[j], ctx);
BN_zero(xbar[j]);
BN_set_word(v, n);
@@ -1748,12 +1771,12 @@ gen_mvkey(
if (i == j)
continue;
- BN_mod_exp(u, x[i], v, dsa->q, ctx);
+ BN_mod_exp(u, x[i], v, q, ctx);
BN_add(xbar[j], xbar[j], u);
}
- BN_mod_mul(xbar[j], xbar[j], b1, dsa->q, ctx);
- BN_mod_exp(xhat[j], x[j], v, dsa->q, ctx);
- BN_mod_mul(xhat[j], xhat[j], w, dsa->q, ctx);
+ BN_mod_mul(xbar[j], xbar[j], b1, q, ctx);
+ BN_mod_exp(xhat[j], x[j], v, q, ctx);
+ BN_mod_mul(xhat[j], xhat[j], w, q, ctx);
}
/*
@@ -1764,7 +1787,7 @@ gen_mvkey(
* additional keys, so we sail on with only token revocations.
*/
s = BN_new();
- BN_copy(s, dsa->q);
+ BN_copy(s, q);
BN_div(s, u, s, s1[n], ctx);
/*
@@ -1776,10 +1799,10 @@ gen_mvkey(
* changed.
*/
bige = BN_new(); gbar = BN_new(); ghat = BN_new();
- BN_mod_exp(bige, biga, s, dsa->p, ctx);
- BN_mod_exp(gbar, dsa->g, s, dsa->p, ctx);
- BN_mod_mul(v, s, b, dsa->q, ctx);
- BN_mod_exp(ghat, dsa->g, v, dsa->p, ctx);
+ BN_mod_exp(bige, biga, s, p, ctx);
+ BN_mod_exp(gbar, g, s, p, ctx);
+ BN_mod_mul(v, s, b, q, ctx);
+ BN_mod_exp(ghat, g, v, p, ctx);
/*
* Notes: We produce the key media in three steps. The first
@@ -1815,8 +1838,9 @@ gen_mvkey(
i = 0;
str = fheader("MVta", "mvta", groupname);
fprintf(stderr, "Generating MV trusted-authority keys\n");
- BN_copy(dsa->priv_key, biga);
- BN_copy(dsa->pub_key, b);
+ BN_copy(priv_key, biga);
+ BN_copy(pub_key, b);
+ DSA_set0_key(dsa, pub_key, priv_key);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey, dsa);
PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
@@ -1838,11 +1862,8 @@ gen_mvkey(
*/
fprintf(stderr, "Generating MV server keys\n");
dsa2 = DSA_new();
- dsa2->p = BN_dup(dsa->p);
- dsa2->q = BN_dup(dsa->q);
- dsa2->g = BN_dup(bige);
- dsa2->priv_key = BN_dup(gbar);
- dsa2->pub_key = BN_dup(ghat);
+ DSA_set0_pqg(dsa2, BN_dup(p), BN_dup(q), BN_dup(bige));
+ DSA_set0_key(dsa2, BN_dup(ghat), BN_dup(gbar));
pkey1 = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey1, dsa2);
PEM_write_PKCS8PrivateKey(str, pkey1, cipher, NULL, 0, NULL,
@@ -1863,11 +1884,9 @@ gen_mvkey(
fprintf(stderr, "Generating %d MV client keys\n", n);
for (j = 1; j <= n; j++) {
sdsa = DSA_new();
- sdsa->p = BN_dup(dsa->p);
- sdsa->q = BN_dup(BN_value_one());
- sdsa->g = BN_dup(BN_value_one());
- sdsa->priv_key = BN_dup(xbar[j]);
- sdsa->pub_key = BN_dup(xhat[j]);
+ DSA_set0_pqg(sdsa, BN_dup(p), BN_dup(BN_value_one()),
+ BN_dup(BN_value_one()));
+ DSA_set0_key(sdsa, BN_dup(xhat[j]), BN_dup(xbar[j]));
pkey1 = EVP_PKEY_new();
EVP_PKEY_set1_DSA(pkey1, sdsa);
PEM_write_PKCS8PrivateKey(str, pkey1, cipher, NULL, 0,
@@ -1877,17 +1896,15 @@ gen_mvkey(
DSA_print_fp(stderr, sdsa, 0);
/*
- * The product gbar^k)^xbar[j] (ghat^k)^xhat[j] and E
+ * The product (gbar^k)^xbar[j] (ghat^k)^xhat[j] and E
* are inverses of each other. We check that the product
* is one for each client except the ones that have been
* revoked.
*/
- BN_mod_exp(v, dsa2->priv_key, sdsa->pub_key, dsa->p,
- ctx);
- BN_mod_exp(u, dsa2->pub_key, sdsa->priv_key, dsa->p,
- ctx);
- BN_mod_mul(u, u, v, dsa->p, ctx);
- BN_mod_mul(u, u, bige, dsa->p, ctx);
+ BN_mod_exp(v, gbar, xhat[j], p, ctx);
+ BN_mod_exp(u, ghat, xbar[j], p, ctx);
+ BN_mod_mul(u, u, v, p, ctx);
+ BN_mod_mul(u, u, bige, p, ctx);
if (!BN_is_one(u)) {
fprintf(stderr, "Revoke key %d\n", j);
continue;
@@ -1900,7 +1917,7 @@ gen_mvkey(
* Free the countries.
*/
for (i = 0; i <= n; i++) {
- BN_free(a[i]); BN_free(g[i]);
+ BN_free(a[i]); BN_free(gs[i]);
}
for (j = 1; j <= n; j++) {
BN_free(x[j]); BN_free(xbar[j]); BN_free(xhat[j]);
@@ -1945,7 +1962,7 @@ x509 (
* the version to 3. Set the initial validity to the current
* time and the finalvalidity one year hence.
*/
- id = OBJ_nid2sn(md->pkey_type);
+ id = OBJ_nid2sn(EVP_MD_pkey_type(md));
fprintf(stderr, "Generating new certificate %s %s\n", name, id);
cert = X509_new();
X509_set_version(cert, 2L);
@@ -2154,6 +2171,56 @@ genkey(
fprintf(stderr, "Invalid %s key type %s\n", id, type);
return (NULL);
}
+
+static RSA*
+genRsaKeyPair(
+ int bits,
+ char * what
+ )
+{
+ RSA * rsa = RSA_new();
+ BN_GENCB * gcb = BN_GENCB_new();
+ BIGNUM * bne = BN_new();
+
+ if (gcb)
+ BN_GENCB_set_old(gcb, cb, what);
+ if (bne)
+ BN_set_word(bne, 65537);
+ if (!(rsa && gcb && bne && RSA_generate_key_ex(
+ rsa, bits, bne, gcb)))
+ {
+ RSA_free(rsa);
+ rsa = NULL;
+ }
+ BN_GENCB_free(gcb);
+ BN_free(bne);
+ return rsa;
+}
+
+static DSA*
+genDsaParams(
+ int bits,
+ char * what
+ )
+{
+
+ DSA * dsa = DSA_new();
+ BN_GENCB * gcb = BN_GENCB_new();
+ u_char seed[20];
+
+ if (gcb)
+ BN_GENCB_set_old(gcb, cb, what);
+ RAND_bytes(seed, sizeof(seed));
+ if (!(dsa && gcb && DSA_generate_parameters_ex(
+ dsa, bits, seed, sizeof(seed), NULL, NULL, gcb)))
+ {
+ DSA_free(dsa);
+ dsa = NULL;
+ }
+ BN_GENCB_free(gcb);
+ return dsa;
+}
+
#endif /* AUTOKEY */
diff --git a/contrib/ntp/util/ntp-keygen.html b/contrib/ntp/util/ntp-keygen.html
index b7ca2c8..ecf3249 100644
--- a/contrib/ntp/util/ntp-keygen.html
+++ b/contrib/ntp/util/ntp-keygen.html
@@ -70,7 +70,7 @@ All other files are in PEM-encoded
printable ASCII format so they can be embedded as MIME attachments in
mail to other sites.
- <p>This document applies to version 4.2.8p8 of <code>ntp-keygen</code>.
+ <p>This document applies to version 4.2.8p9 of <code>ntp-keygen</code>.
<div class="node">
<p><hr>
@@ -1085,7 +1085,7 @@ the usage text by passing it through a pager program.
used to select the program, defaulting to <span class="file">more</span>. Both will exit
with a status code of 0.
-<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p7
+<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9-RC
Usage: ntp-keygen [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
Flg Arg Option-Name Description
-b Num imbits identity modulus bits
diff --git a/contrib/ntp/util/ntp-keygen.man.in b/contrib/ntp/util/ntp-keygen.man.in
index 6c8b5db..1aeee80 100644
--- a/contrib/ntp/util/ntp-keygen.man.in
+++ b/contrib/ntp/util/ntp-keygen.man.in
@@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
-.TH ntp-keygen @NTP_KEYGEN_MS@ "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH ntp-keygen @NTP_KEYGEN_MS@ "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
.\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-.JaGB0/ag-lKayA0)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-psaWZm/ag-DsaOYm)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:36 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:41 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
diff --git a/contrib/ntp/util/ntp-keygen.mdoc.in b/contrib/ntp/util/ntp-keygen.mdoc.in
index d108b60..7e6d2cf 100644
--- a/contrib/ntp/util/ntp-keygen.mdoc.in
+++ b/contrib/ntp/util/ntp-keygen.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
.Dt NTP_KEYGEN @NTP_KEYGEN_MS@ User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:43 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:48 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
OpenPOWER on IntegriCloud