aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/ntp/util
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/ntp/util')
-rw-r--r--contrib/ntp/util/invoke-ntp-keygen.texi4
-rw-r--r--contrib/ntp/util/ntp-keygen-opts.c14
-rw-r--r--contrib/ntp/util/ntp-keygen-opts.h6
-rw-r--r--contrib/ntp/util/ntp-keygen.1ntp-keygenman6
-rw-r--r--contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc4
-rw-r--r--contrib/ntp/util/ntp-keygen.c367
-rw-r--r--contrib/ntp/util/ntp-keygen.html4
-rw-r--r--contrib/ntp/util/ntp-keygen.man.in6
-rw-r--r--contrib/ntp/util/ntp-keygen.mdoc.in4
9 files changed, 241 insertions, 174 deletions
diff --git a/contrib/ntp/util/invoke-ntp-keygen.texi b/contrib/ntp/util/invoke-ntp-keygen.texi
index cc8a00544544..8cec26e9f150 100644
--- a/contrib/ntp/util/invoke-ntp-keygen.texi
+++ b/contrib/ntp/util/invoke-ntp-keygen.texi
@@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntp-keygen.texi)
#
-# It has been AutoGen-ed June 2, 2016 at 07:39:40 AM by AutoGen 5.18.5
+# It has been AutoGen-ed November 21, 2016 at 08:03:45 AM by AutoGen 5.18.5
# From the definitions ntp-keygen-opts.def
# and the template file agtexi-cmd.tpl
@end ignore
@@ -886,7 +886,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p8
+ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9
Usage: ntp-keygen [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
Flg Arg Option-Name Description
-b Num imbits identity modulus bits
diff --git a/contrib/ntp/util/ntp-keygen-opts.c b/contrib/ntp/util/ntp-keygen-opts.c
index 2fb198bc5044..d41a687d5dce 100644
--- a/contrib/ntp/util/ntp-keygen-opts.c
+++ b/contrib/ntp/util/ntp-keygen-opts.c
@@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.c)
*
- * It has been AutoGen-ed June 2, 2016 at 07:39:24 AM by AutoGen 5.18.5
+ * It has been AutoGen-ed November 21, 2016 at 08:03:30 AM by AutoGen 5.18.5
* From the definitions ntp-keygen-opts.def
* and the template file options
*
@@ -72,7 +72,7 @@ extern FILE * option_usage_fp;
* static const strings for ntp-keygen options
*/
static char const ntp_keygen_opt_strs[2419] =
-/* 0 */ "ntp-keygen (ntp) 4.2.8p8\n"
+/* 0 */ "ntp-keygen (ntp) 4.2.8p9\n"
"Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
"This is free software. It is licensed for use, modification and\n"
"redistribution under the terms of the NTP License, copies of which\n"
@@ -164,14 +164,14 @@ static char const ntp_keygen_opt_strs[2419] =
/* 2202 */ "no-load-opts\0"
/* 2215 */ "no\0"
/* 2218 */ "NTP_KEYGEN\0"
-/* 2229 */ "ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p8\n"
+/* 2229 */ "ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9\n"
"Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
/* 2343 */ "$HOME\0"
/* 2349 */ ".\0"
/* 2351 */ ".ntprc\0"
/* 2358 */ "http://bugs.ntp.org, bugs@ntp.org\0"
/* 2392 */ "\n\0"
-/* 2394 */ "ntp-keygen (ntp) 4.2.8p8";
+/* 2394 */ "ntp-keygen (ntp) 4.2.8p9";
/**
* imbits option description:
@@ -1309,7 +1309,7 @@ static void bogus_function(void) {
translate option names.
*/
/* referenced via ntp_keygenOptions.pzCopyright */
- puts(_("ntp-keygen (ntp) 4.2.8p8\n\
+ puts(_("ntp-keygen (ntp) 4.2.8p9\n\
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the NTP License, copies of which\n\
@@ -1408,14 +1408,14 @@ implied warranty.\n"));
puts(_("load options from a config file"));
/* referenced via ntp_keygenOptions.pzUsageTitle */
- puts(_("ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p8\n\
+ puts(_("ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9\n\
Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n"));
/* referenced via ntp_keygenOptions.pzExplain */
puts(_("\n"));
/* referenced via ntp_keygenOptions.pzFullVersion */
- puts(_("ntp-keygen (ntp) 4.2.8p8"));
+ puts(_("ntp-keygen (ntp) 4.2.8p9"));
/* referenced via ntp_keygenOptions.pzFullUsage */
puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/util/ntp-keygen-opts.h b/contrib/ntp/util/ntp-keygen-opts.h
index 68d62724b7d1..40201dbd52e1 100644
--- a/contrib/ntp/util/ntp-keygen-opts.h
+++ b/contrib/ntp/util/ntp-keygen-opts.h
@@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.h)
*
- * It has been AutoGen-ed June 2, 2016 at 07:39:23 AM by AutoGen 5.18.5
+ * It has been AutoGen-ed November 21, 2016 at 08:03:29 AM by AutoGen 5.18.5
* From the definitions ntp-keygen-opts.def
* and the template file options
*
@@ -94,9 +94,9 @@ typedef enum {
/** count of all options for ntp-keygen */
#define OPTION_CT 26
/** ntp-keygen version */
-#define NTP_KEYGEN_VERSION "4.2.8p8"
+#define NTP_KEYGEN_VERSION "4.2.8p9"
/** Full ntp-keygen version text */
-#define NTP_KEYGEN_FULL_VERSION "ntp-keygen (ntp) 4.2.8p8"
+#define NTP_KEYGEN_FULL_VERSION "ntp-keygen (ntp) 4.2.8p9"
/**
* Interface defines for all options. Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/util/ntp-keygen.1ntp-keygenman b/contrib/ntp/util/ntp-keygen.1ntp-keygenman
index b3c1f2fa4adb..9e30b46ab8e0 100644
--- a/contrib/ntp/util/ntp-keygen.1ntp-keygenman
+++ b/contrib/ntp/util/ntp-keygen.1ntp-keygenman
@@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
-.TH ntp-keygen 1ntp-keygenman "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH ntp-keygen 1ntp-keygenman "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
.\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-.JaGB0/ag-lKayA0)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-psaWZm/ag-DsaOYm)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:36 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:41 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
diff --git a/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc b/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
index 0e5a5ebe2aab..4dd07464e5d2 100644
--- a/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
+++ b/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
@@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
.Dt NTP_KEYGEN 1ntp-keygenmdoc User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:43 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:48 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
diff --git a/contrib/ntp/util/ntp-keygen.c b/contrib/ntp/util/ntp-keygen.c
index ab34927cd8bd..66a4755df712 100644
--- a/contrib/ntp/util/ntp-keygen.c
+++ b/contrib/ntp/util/ntp-keygen.c
@@ -105,6 +105,7 @@
#include "openssl/pem.h"
#include "openssl/x509v3.h"
#include <openssl/objects.h>
+#include "libssl_compat.h"
#endif /* OPENSSL */
#include <ssl_applink.c>
@@ -148,6 +149,10 @@ EVP_PKEY *genkey (const char *, const char *);
EVP_PKEY *readkey (char *, char *, u_int *, EVP_PKEY **);
void writekey (char *, char *, u_int *, EVP_PKEY **);
u_long asn2ntp (ASN1_TIME *);
+
+static DSA* genDsaParams(int, char*);
+static RSA* genRsaKeyPair(int, char*);
+
#endif /* AUTOKEY */
/*
@@ -294,7 +299,6 @@ main(
int optct; /* option count */
#ifdef AUTOKEY
X509 *cert = NULL; /* X509 certificate */
- X509_EXTENSION *ext; /* X509v3 extension */
EVP_PKEY *pkey_host = NULL; /* host key */
EVP_PKEY *pkey_sign = NULL; /* sign key */
EVP_PKEY *pkey_iffkey = NULL; /* IFF sever keys */
@@ -511,8 +515,7 @@ main(
* Extract digest/signature scheme.
*/
if (scheme == NULL) {
- nid = OBJ_obj2nid(cert->cert_info->
- signature->algorithm);
+ nid = X509_get_signature_nid(cert);
scheme = OBJ_nid2sn(nid);
}
@@ -524,8 +527,13 @@ main(
ptr = strstr(groupbuf, "CN=");
cnt = X509_get_ext_count(cert);
for (i = 0; i < cnt; i++) {
+ X509_EXTENSION *ext;
+ ASN1_OBJECT *obj;
+
ext = X509_get_ext(cert, i);
- if (OBJ_obj2nid(ext->object) ==
+ obj = X509_EXTENSION_get_object(ext);
+
+ if (OBJ_obj2nid(obj) ==
NID_ext_key_usage) {
bp = BIO_new(BIO_s_mem());
X509V3_EXT_print(bp, ext, 0, 0);
@@ -617,8 +625,14 @@ main(
filename);
}
}
- if (pkey_gqkey != NULL)
- grpkey = BN_bn2hex(pkey_gqkey->pkey.rsa->q);
+ if (pkey_gqkey != NULL) {
+ RSA *rsa;
+ const BIGNUM *q;
+
+ rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+ RSA_get0_factors(rsa, NULL, &q);
+ grpkey = BN_bn2hex(q);
+ }
/*
* Write the nonencrypted GQ client parameters to the stdout
@@ -634,9 +648,10 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- rsa = pkey_gqkey->pkey.rsa;
- BN_copy(rsa->p, BN_value_one());
- BN_copy(rsa->q, BN_value_one());
+ /* XXX: This modifies the private key and should probably use a
+ * copy of it instead. */
+ rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
+ RSA_set0_factors(rsa, BN_dup(BN_value_one()), BN_dup(BN_value_one()));
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
@@ -658,7 +673,7 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- rsa = pkey_gqkey->pkey.rsa;
+ rsa = EVP_PKEY_get0_RSA(pkey_gqkey);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
@@ -699,8 +714,10 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- dsa = pkey_iffkey->pkey.dsa;
- BN_copy(dsa->priv_key, BN_value_one());
+ /* XXX: This modifies the private key and should probably use a
+ * copy of it instead. */
+ dsa = EVP_PKEY_get0_DSA(pkey_iffkey);
+ DSA_set0_key(dsa, NULL, BN_dup(BN_value_one()));
pkey = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey, dsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
@@ -722,7 +739,7 @@ main(
filename);
fprintf(stdout, "# %s\n# %s\n", filename,
ctime(&epoch));
- dsa = pkey_iffkey->pkey.dsa;
+ dsa = EVP_PKEY_get0_DSA(pkey_iffkey);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey, dsa);
PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
@@ -767,7 +784,7 @@ main(
NULL, NULL);
fflush(stdout);
if (debug)
- DSA_print_fp(stderr, pkey->pkey.dsa, 0);
+ DSA_print_fp(stderr, EVP_PKEY_get0_DSA(pkey), 0);
}
/*
@@ -785,7 +802,7 @@ main(
NULL, passwd2);
fflush(stdout);
if (debug)
- DSA_print_fp(stderr, pkey->pkey.dsa, 0);
+ DSA_print_fp(stderr, EVP_PKEY_get0_DSA(pkey), 0);
}
/*
@@ -934,11 +951,11 @@ readkey(
if (pkey == NULL)
pkey = parkey;
if (debug) {
- if (parkey->type == EVP_PKEY_DSA)
- DSA_print_fp(stderr, parkey->pkey.dsa,
+ if (EVP_PKEY_base_id(parkey) == EVP_PKEY_DSA)
+ DSA_print_fp(stderr, EVP_PKEY_get0_DSA(parkey),
0);
- else if (parkey->type == EVP_PKEY_RSA)
- RSA_print_fp(stderr, parkey->pkey.rsa,
+ else if (EVP_PKEY_base_id(parkey) == EVP_PKEY_RSA)
+ RSA_print_fp(stderr, EVP_PKEY_get0_RSA(parkey),
0);
}
}
@@ -967,7 +984,7 @@ gen_rsa(
FILE *str;
fprintf(stderr, "Generating RSA keys (%d bits)...\n", modulus);
- rsa = RSA_generate_key(modulus, 65537, cb, _UC("RSA"));
+ rsa = genRsaKeyPair(modulus, _UC("RSA"));
fprintf(stderr, "\n");
if (rsa == NULL) {
fprintf(stderr, "RSA generate keys fails\n%s\n",
@@ -1006,7 +1023,7 @@ gen_rsa(
return (pkey);
}
-
+
/*
* Generate DSA public/private key pair
*/
@@ -1017,7 +1034,6 @@ gen_dsa(
{
EVP_PKEY *pkey; /* private key */
DSA *dsa; /* DSA parameters */
- u_char seed[20]; /* seed for parameters */
FILE *str;
/*
@@ -1025,9 +1041,7 @@ gen_dsa(
*/
fprintf(stderr,
"Generating DSA parameters (%d bits)...\n", modulus);
- RAND_bytes(seed, sizeof(seed));
- dsa = DSA_generate_parameters(modulus, seed, sizeof(seed), NULL,
- NULL, cb, _UC("DSA"));
+ dsa = genDsaParams(modulus, _UC("DSA"));
fprintf(stderr, "\n");
if (dsa == NULL) {
fprintf(stderr, "DSA generate parameters fails\n%s\n",
@@ -1119,26 +1133,26 @@ gen_iffkey(
{
EVP_PKEY *pkey; /* private key */
DSA *dsa; /* DSA parameters */
- u_char seed[20]; /* seed for parameters */
BN_CTX *ctx; /* BN working space */
BIGNUM *b, *r, *k, *u, *v, *w; /* BN temp */
FILE *str;
u_int temp;
-
+ const BIGNUM *p, *q, *g;
+ BIGNUM *pub_key, *priv_key;
+
/*
* Generate DSA parameters for use as IFF parameters.
*/
fprintf(stderr, "Generating IFF keys (%d bits)...\n",
modulus2);
- RAND_bytes(seed, sizeof(seed));
- dsa = DSA_generate_parameters(modulus2, seed, sizeof(seed), NULL,
- NULL, cb, _UC("IFF"));
+ dsa = genDsaParams(modulus2, _UC("IFF"));
fprintf(stderr, "\n");
if (dsa == NULL) {
fprintf(stderr, "DSA generate parameters fails\n%s\n",
ERR_error_string(ERR_get_error(), NULL));
- return (NULL);;
+ return (NULL);
}
+ DSA_get0_pqg(dsa, &p, &q, &g);
/*
* Generate the private and public keys. The DSA parameters and
@@ -1147,12 +1161,12 @@ gen_iffkey(
*/
b = BN_new(); r = BN_new(); k = BN_new();
u = BN_new(); v = BN_new(); w = BN_new(); ctx = BN_CTX_new();
- BN_rand(b, BN_num_bits(dsa->q), -1, 0); /* a */
- BN_mod(b, b, dsa->q, ctx);
- BN_sub(v, dsa->q, b);
- BN_mod_exp(v, dsa->g, v, dsa->p, ctx); /* g^(q - b) mod p */
- BN_mod_exp(u, dsa->g, b, dsa->p, ctx); /* g^b mod p */
- BN_mod_mul(u, u, v, dsa->p, ctx);
+ BN_rand(b, BN_num_bits(q), -1, 0); /* a */
+ BN_mod(b, b, q, ctx);
+ BN_sub(v, q, b);
+ BN_mod_exp(v, g, v, p, ctx); /* g^(q - b) mod p */
+ BN_mod_exp(u, g, b, p, ctx); /* g^b mod p */
+ BN_mod_mul(u, u, v, p, ctx);
temp = BN_is_one(u);
fprintf(stderr,
"Confirm g^(q - b) g^b = 1 mod p: %s\n", temp == 1 ?
@@ -1162,28 +1176,29 @@ gen_iffkey(
BN_free(u); BN_free(v); BN_free(w); BN_CTX_free(ctx);
return (NULL);
}
- dsa->priv_key = BN_dup(b); /* private key */
- dsa->pub_key = BN_dup(v); /* public key */
+ pub_key = BN_dup(v);
+ priv_key = BN_dup(b);
+ DSA_set0_key(dsa, pub_key, priv_key);
/*
* Here is a trial round of the protocol. First, Alice rolls
* random nonce r mod q and sends it to Bob. She needs only
* q from parameters.
*/
- BN_rand(r, BN_num_bits(dsa->q), -1, 0); /* r */
- BN_mod(r, r, dsa->q, ctx);
+ BN_rand(r, BN_num_bits(q), -1, 0); /* r */
+ BN_mod(r, r, q, ctx);
/*
* Bob rolls random nonce k mod q, computes y = k + b r mod q
* and x = g^k mod p, then sends (y, x) to Alice. He needs
* p, q and b from parameters and r from Alice.
*/
- BN_rand(k, BN_num_bits(dsa->q), -1, 0); /* k, 0 < k < q */
- BN_mod(k, k, dsa->q, ctx);
- BN_mod_mul(v, dsa->priv_key, r, dsa->q, ctx); /* b r mod q */
+ BN_rand(k, BN_num_bits(q), -1, 0); /* k, 0 < k < q */
+ BN_mod(k, k, q, ctx);
+ BN_mod_mul(v, priv_key, r, q, ctx); /* b r mod q */
BN_add(v, v, k);
- BN_mod(v, v, dsa->q, ctx); /* y = k + b r mod q */
- BN_mod_exp(u, dsa->g, k, dsa->p, ctx); /* x = g^k mod p */
+ BN_mod(v, v, q, ctx); /* y = k + b r mod q */
+ BN_mod_exp(u, g, k, p, ctx); /* x = g^k mod p */
/*
* Alice verifies x = g^y v^r to confirm that Bob has group key
@@ -1191,9 +1206,9 @@ gen_iffkey(
* original r. We omit the detail here thatt only the hash of y
* is sent.
*/
- BN_mod_exp(v, dsa->g, v, dsa->p, ctx); /* g^y mod p */
- BN_mod_exp(w, dsa->pub_key, r, dsa->p, ctx); /* v^r */
- BN_mod_mul(v, w, v, dsa->p, ctx); /* product mod p */
+ BN_mod_exp(v, g, v, p, ctx); /* g^y mod p */
+ BN_mod_exp(w, pub_key, r, p, ctx); /* v^r */
+ BN_mod_mul(v, w, v, p, ctx); /* product mod p */
temp = BN_cmp(u, v);
fprintf(stderr,
"Confirm g^k = g^(k + b r) g^(q - b) r: %s\n", temp ==
@@ -1301,22 +1316,26 @@ gen_gqkey(
BIGNUM *u, *v, *g, *k, *r, *y; /* BN temps */
FILE *str;
u_int temp;
-
+ BIGNUM *b;
+ const BIGNUM *n;
+
/*
* Generate RSA parameters for use as GQ parameters.
*/
fprintf(stderr,
"Generating GQ parameters (%d bits)...\n",
modulus2);
- rsa = RSA_generate_key(modulus2, 65537, cb, _UC("GQ"));
+ rsa = genRsaKeyPair(modulus2, _UC("GQ"));
fprintf(stderr, "\n");
if (rsa == NULL) {
fprintf(stderr, "RSA generate keys fails\n%s\n",
ERR_error_string(ERR_get_error(), NULL));
return (NULL);
}
+ RSA_get0_key(rsa, &n, NULL, NULL);
u = BN_new(); v = BN_new(); g = BN_new();
k = BN_new(); r = BN_new(); y = BN_new();
+ b = BN_new();
/*
* Generate the group key b, which is saved in the e member of
@@ -1324,26 +1343,26 @@ gen_gqkey(
* member encrypted by the member private key.
*/
ctx = BN_CTX_new();
- BN_rand(rsa->e, BN_num_bits(rsa->n), -1, 0); /* b */
- BN_mod(rsa->e, rsa->e, rsa->n, ctx);
+ BN_rand(b, BN_num_bits(n), -1, 0); /* b */
+ BN_mod(b, b, n, ctx);
/*
* When generating his certificate, Bob rolls random private key
* u, then computes inverse v = u^-1.
*/
- BN_rand(u, BN_num_bits(rsa->n), -1, 0); /* u */
- BN_mod(u, u, rsa->n, ctx);
- BN_mod_inverse(v, u, rsa->n, ctx); /* u^-1 mod n */
- BN_mod_mul(k, v, u, rsa->n, ctx);
+ BN_rand(u, BN_num_bits(n), -1, 0); /* u */
+ BN_mod(u, u, n, ctx);
+ BN_mod_inverse(v, u, n, ctx); /* u^-1 mod n */
+ BN_mod_mul(k, v, u, n, ctx);
/*
* Bob computes public key v = (u^-1)^b, which is saved in an
* extension field on his certificate. We check that u^b v =
* 1 mod n.
*/
- BN_mod_exp(v, v, rsa->e, rsa->n, ctx);
- BN_mod_exp(g, u, rsa->e, rsa->n, ctx); /* u^b */
- BN_mod_mul(g, g, v, rsa->n, ctx); /* u^b (u^-1)^b */
+ BN_mod_exp(v, v, b, n, ctx);
+ BN_mod_exp(g, u, b, n, ctx); /* u^b */
+ BN_mod_mul(g, g, v, n, ctx); /* u^b (u^-1)^b */
temp = BN_is_one(g);
fprintf(stderr,
"Confirm u^b (u^-1)^b = 1 mod n: %s\n", temp ? "yes" :
@@ -1355,27 +1374,30 @@ gen_gqkey(
RSA_free(rsa);
return (NULL);
}
- BN_copy(rsa->p, u); /* private key */
- BN_copy(rsa->q, v); /* public key */
+ /* setting 'u' and 'v' into a RSA object takes over ownership.
+ * Since we use these values again, we have to pass in dupes,
+ * or we'll corrupt the program!
+ */
+ RSA_set0_factors(rsa, BN_dup(u), BN_dup(v));
/*
* Here is a trial run of the protocol. First, Alice rolls
* random nonce r mod n and sends it to Bob. She needs only n
* from parameters.
*/
- BN_rand(r, BN_num_bits(rsa->n), -1, 0); /* r */
- BN_mod(r, r, rsa->n, ctx);
+ BN_rand(r, BN_num_bits(n), -1, 0); /* r */
+ BN_mod(r, r, n, ctx);
/*
* Bob rolls random nonce k mod n, computes y = k u^r mod n and
* g = k^b mod n, then sends (y, g) to Alice. He needs n, u, b
* from parameters and r from Alice.
*/
- BN_rand(k, BN_num_bits(rsa->n), -1, 0); /* k */
- BN_mod(k, k, rsa->n, ctx);
- BN_mod_exp(y, rsa->p, r, rsa->n, ctx); /* u^r mod n */
- BN_mod_mul(y, k, y, rsa->n, ctx); /* y = k u^r mod n */
- BN_mod_exp(g, k, rsa->e, rsa->n, ctx); /* g = k^b mod n */
+ BN_rand(k, BN_num_bits(n), -1, 0); /* k */
+ BN_mod(k, k, n, ctx);
+ BN_mod_exp(y, u, r, n, ctx); /* u^r mod n */
+ BN_mod_mul(y, k, y, n, ctx); /* y = k u^r mod n */
+ BN_mod_exp(g, k, b, n, ctx); /* g = k^b mod n */
/*
* Alice verifies g = v^r y^b mod n to confirm that Bob has
@@ -1384,9 +1406,9 @@ gen_gqkey(
* original r. We omit the detaul here that only the hash of g
* is sent.
*/
- BN_mod_exp(v, rsa->q, r, rsa->n, ctx); /* v^r mod n */
- BN_mod_exp(y, y, rsa->e, rsa->n, ctx); /* y^b mod n */
- BN_mod_mul(y, v, y, rsa->n, ctx); /* v^r y^b mod n */
+ BN_mod_exp(v, v, r, n, ctx); /* v^r mod n */
+ BN_mod_exp(y, y, b, n, ctx); /* y^b mod n */
+ BN_mod_mul(y, v, y, n, ctx); /* v^r y^b mod n */
temp = BN_cmp(y, g);
fprintf(stderr, "Confirm g^k = v^r y^b mod n: %s\n", temp == 0 ?
"yes" : "no");
@@ -1410,10 +1432,9 @@ gen_gqkey(
* dmq1 not used
* iqmp not used
*/
- BN_copy(rsa->d, BN_value_one());
- BN_copy(rsa->dmp1, BN_value_one());
- BN_copy(rsa->dmq1, BN_value_one());
- BN_copy(rsa->iqmp, BN_value_one());
+ RSA_set0_key(rsa, NULL, b, BN_dup(BN_value_one()));
+ RSA_set0_crt_params(rsa, BN_dup(BN_value_one()), BN_dup(BN_value_one()),
+ BN_dup(BN_value_one()));
str = fheader("GQkey", id, groupname);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
@@ -1509,7 +1530,7 @@ gen_mvkey(
DSA *dsa, *dsa2, *sdsa; /* DSA parameters */
BN_CTX *ctx; /* BN working space */
BIGNUM *a[MVMAX]; /* polynomial coefficient vector */
- BIGNUM *g[MVMAX]; /* public key vector */
+ BIGNUM *gs[MVMAX]; /* public key vector */
BIGNUM *s1[MVMAX]; /* private enabling keys */
BIGNUM *x[MVMAX]; /* polynomial zeros vector */
BIGNUM *xbar[MVMAX], *xhat[MVMAX]; /* private keys vector */
@@ -1520,6 +1541,7 @@ gen_mvkey(
BIGNUM *bige; /* session encryption key */
BIGNUM *gbar, *ghat; /* public key */
BIGNUM *u, *v, *w; /* BN scratch */
+ BIGNUM *p, *q, *g, *priv_key, *pub_key;
int i, j, n;
FILE *str;
u_int temp;
@@ -1544,14 +1566,14 @@ gen_mvkey(
ctx = BN_CTX_new(); u = BN_new(); v = BN_new(); w = BN_new();
b = BN_new(); b1 = BN_new();
dsa = DSA_new();
- dsa->p = BN_new(); dsa->q = BN_new(); dsa->g = BN_new();
- dsa->priv_key = BN_new(); dsa->pub_key = BN_new();
+ p = BN_new(); q = BN_new(); g = BN_new();
+ priv_key = BN_new(); pub_key = BN_new();
temp = 0;
for (j = 1; j <= n; j++) {
s1[j] = BN_new();
while (1) {
- BN_generate_prime(s1[j], modulus2 / n, 0, NULL,
- NULL, NULL, NULL);
+ BN_generate_prime_ex(s1[j], modulus2 / n, 0,
+ NULL, NULL, NULL);
for (i = 1; i < j; i++) {
if (BN_cmp(s1[i], s1[j]) == 0)
break;
@@ -1577,21 +1599,20 @@ gen_mvkey(
*/
temp = 0;
while (1) {
- BN_one(dsa->q);
+ BN_one(q);
for (j = 1; j <= n; j++)
- BN_mul(dsa->q, dsa->q, s1[j], ctx);
- BN_copy(dsa->p, dsa->q);
- BN_add(dsa->p, dsa->p, dsa->p);
- BN_add_word(dsa->p, 1);
- if (BN_is_prime(dsa->p, BN_prime_checks, NULL, ctx,
- NULL))
+ BN_mul(q, q, s1[j], ctx);
+ BN_copy(p, q);
+ BN_add(p, p, p);
+ BN_add_word(p, 1);
+ if (BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
break;
temp++;
j = temp % n + 1;
while (1) {
- BN_generate_prime(u, modulus2 / n, 0, 0, NULL,
- NULL, NULL);
+ BN_generate_prime_ex(u, modulus2 / n, 0,
+ NULL, NULL, NULL);
for (i = 1; i <= n; i++) {
if (BN_cmp(u, s1[i]) == 0)
break;
@@ -1608,20 +1629,22 @@ gen_mvkey(
* gcd(g, p - 1) = 1 and g^q = 1. This is a generator of p, not
* q. This may take several iterations.
*/
- BN_copy(v, dsa->p);
+ BN_copy(v, p);
BN_sub_word(v, 1);
while (1) {
- BN_rand(dsa->g, BN_num_bits(dsa->p) - 1, 0, 0);
- BN_mod(dsa->g, dsa->g, dsa->p, ctx);
- BN_gcd(u, dsa->g, v, ctx);
+ BN_rand(g, BN_num_bits(p) - 1, 0, 0);
+ BN_mod(g, g, p, ctx);
+ BN_gcd(u, g, v, ctx);
if (!BN_is_one(u))
continue;
- BN_mod_exp(u, dsa->g, dsa->q, dsa->p, ctx);
+ BN_mod_exp(u, g, q, p, ctx);
if (BN_is_one(u))
break;
}
+ DSA_set0_pqg(dsa, p, q, g);
+
/*
* Setup is now complete. Roll random polynomial roots x[j]
* (j = 1...n) for all j. While it may not be strictly
@@ -1630,14 +1653,14 @@ gen_mvkey(
*/
fprintf(stderr,
"Generating polynomial coefficients for %d roots (%d bits)\n",
- n, BN_num_bits(dsa->q));
+ n, BN_num_bits(q));
for (j = 1; j <= n; j++) {
x[j] = BN_new();
while (1) {
- BN_rand(x[j], BN_num_bits(dsa->q), 0, 0);
- BN_mod(x[j], x[j], dsa->q, ctx);
- BN_gcd(u, x[j], dsa->q, ctx);
+ BN_rand(x[j], BN_num_bits(q), 0, 0);
+ BN_mod(x[j], x[j], q, ctx);
+ BN_gcd(u, x[j], q, ctx);
if (BN_is_one(u))
break;
}
@@ -1655,26 +1678,26 @@ gen_mvkey(
for (j = 1; j <= n; j++) {
BN_zero(w);
for (i = 0; i < j; i++) {
- BN_copy(u, dsa->q);
- BN_mod_mul(v, a[i], x[j], dsa->q, ctx);
+ BN_copy(u, q);
+ BN_mod_mul(v, a[i], x[j], q, ctx);
BN_sub(u, u, v);
BN_add(u, u, w);
BN_copy(w, a[i]);
- BN_mod(a[i], u, dsa->q, ctx);
+ BN_mod(a[i], u, q, ctx);
}
}
/*
- * Generate g[i] = g^a[i] mod p for all i and the generator g.
+ * Generate gs[i] = g^a[i] mod p for all i and the generator g.
*/
for (i = 0; i <= n; i++) {
- g[i] = BN_new();
- BN_mod_exp(g[i], dsa->g, a[i], dsa->p, ctx);
+ gs[i] = BN_new();
+ BN_mod_exp(gs[i], g, a[i], p, ctx);
}
/*
- * Verify prod(g[i]^(a[i] x[j]^i)) = 1 for all i, j. Note the
- * a[i] x[j]^i exponent is computed mod q, but the g[i] is
+ * Verify prod(gs[i]^(a[i] x[j]^i)) = 1 for all i, j. Note the
+ * a[i] x[j]^i exponent is computed mod q, but the gs[i] is
* computed mod p. also note the expression given in the paper
* is incorrect.
*/
@@ -1683,16 +1706,16 @@ gen_mvkey(
BN_one(u);
for (i = 0; i <= n; i++) {
BN_set_word(v, i);
- BN_mod_exp(v, x[j], v, dsa->q, ctx);
- BN_mod_mul(v, v, a[i], dsa->q, ctx);
- BN_mod_exp(v, dsa->g, v, dsa->p, ctx);
- BN_mod_mul(u, u, v, dsa->p, ctx);
+ BN_mod_exp(v, x[j], v, q, ctx);
+ BN_mod_mul(v, v, a[i], q, ctx);
+ BN_mod_exp(v, g, v, p, ctx);
+ BN_mod_mul(u, u, v, p, ctx);
}
if (!BN_is_one(u))
temp = 0;
}
fprintf(stderr,
- "Confirm prod(g[i]^(x[j]^i)) = 1 for all i, j: %s\n", temp ?
+ "Confirm prod(gs[i]^(x[j]^i)) = 1 for all i, j: %s\n", temp ?
"yes" : "no");
if (!temp) {
return (NULL);
@@ -1708,9 +1731,9 @@ gen_mvkey(
for (j = 1; j <= n; j++) {
for (i = 0; i < n; i++) {
BN_set_word(v, i);
- BN_mod_exp(v, x[j], v, dsa->q, ctx);
- BN_mod_exp(v, g[i], v, dsa->p, ctx);
- BN_mod_mul(biga, biga, v, dsa->p, ctx);
+ BN_mod_exp(v, x[j], v, q, ctx);
+ BN_mod_exp(v, gs[i], v, p, ctx);
+ BN_mod_mul(biga, biga, v, p, ctx);
}
}
@@ -1720,13 +1743,13 @@ gen_mvkey(
* mod q. If b is changed, the client keys must be recomputed.
*/
while (1) {
- BN_rand(b, BN_num_bits(dsa->q), 0, 0);
- BN_mod(b, b, dsa->q, ctx);
- BN_gcd(u, b, dsa->q, ctx);
+ BN_rand(b, BN_num_bits(q), 0, 0);
+ BN_mod(b, b, q, ctx);
+ BN_gcd(u, b, q, ctx);
if (BN_is_one(u))
break;
}
- BN_mod_inverse(b1, b, dsa->q, ctx);
+ BN_mod_inverse(b1, b, q, ctx);
/*
* Make private client keys (xbar[j], xhat[j]) for all j. Note
@@ -1740,7 +1763,7 @@ gen_mvkey(
for (j = 1; j <= n; j++) {
xbar[j] = BN_new(); xhat[j] = BN_new();
- BN_add(w, dsa->q, s1[j]);
+ BN_add(w, q, s1[j]);
BN_div(w, u, w, s1[j], ctx);
BN_zero(xbar[j]);
BN_set_word(v, n);
@@ -1748,12 +1771,12 @@ gen_mvkey(
if (i == j)
continue;
- BN_mod_exp(u, x[i], v, dsa->q, ctx);
+ BN_mod_exp(u, x[i], v, q, ctx);
BN_add(xbar[j], xbar[j], u);
}
- BN_mod_mul(xbar[j], xbar[j], b1, dsa->q, ctx);
- BN_mod_exp(xhat[j], x[j], v, dsa->q, ctx);
- BN_mod_mul(xhat[j], xhat[j], w, dsa->q, ctx);
+ BN_mod_mul(xbar[j], xbar[j], b1, q, ctx);
+ BN_mod_exp(xhat[j], x[j], v, q, ctx);
+ BN_mod_mul(xhat[j], xhat[j], w, q, ctx);
}
/*
@@ -1764,7 +1787,7 @@ gen_mvkey(
* additional keys, so we sail on with only token revocations.
*/
s = BN_new();
- BN_copy(s, dsa->q);
+ BN_copy(s, q);
BN_div(s, u, s, s1[n], ctx);
/*
@@ -1776,10 +1799,10 @@ gen_mvkey(
* changed.
*/
bige = BN_new(); gbar = BN_new(); ghat = BN_new();
- BN_mod_exp(bige, biga, s, dsa->p, ctx);
- BN_mod_exp(gbar, dsa->g, s, dsa->p, ctx);
- BN_mod_mul(v, s, b, dsa->q, ctx);
- BN_mod_exp(ghat, dsa->g, v, dsa->p, ctx);
+ BN_mod_exp(bige, biga, s, p, ctx);
+ BN_mod_exp(gbar, g, s, p, ctx);
+ BN_mod_mul(v, s, b, q, ctx);
+ BN_mod_exp(ghat, g, v, p, ctx);
/*
* Notes: We produce the key media in three steps. The first
@@ -1815,8 +1838,9 @@ gen_mvkey(
i = 0;
str = fheader("MVta", "mvta", groupname);
fprintf(stderr, "Generating MV trusted-authority keys\n");
- BN_copy(dsa->priv_key, biga);
- BN_copy(dsa->pub_key, b);
+ BN_copy(priv_key, biga);
+ BN_copy(pub_key, b);
+ DSA_set0_key(dsa, pub_key, priv_key);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey, dsa);
PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
@@ -1838,11 +1862,8 @@ gen_mvkey(
*/
fprintf(stderr, "Generating MV server keys\n");
dsa2 = DSA_new();
- dsa2->p = BN_dup(dsa->p);
- dsa2->q = BN_dup(dsa->q);
- dsa2->g = BN_dup(bige);
- dsa2->priv_key = BN_dup(gbar);
- dsa2->pub_key = BN_dup(ghat);
+ DSA_set0_pqg(dsa2, BN_dup(p), BN_dup(q), BN_dup(bige));
+ DSA_set0_key(dsa2, BN_dup(ghat), BN_dup(gbar));
pkey1 = EVP_PKEY_new();
EVP_PKEY_assign_DSA(pkey1, dsa2);
PEM_write_PKCS8PrivateKey(str, pkey1, cipher, NULL, 0, NULL,
@@ -1863,11 +1884,9 @@ gen_mvkey(
fprintf(stderr, "Generating %d MV client keys\n", n);
for (j = 1; j <= n; j++) {
sdsa = DSA_new();
- sdsa->p = BN_dup(dsa->p);
- sdsa->q = BN_dup(BN_value_one());
- sdsa->g = BN_dup(BN_value_one());
- sdsa->priv_key = BN_dup(xbar[j]);
- sdsa->pub_key = BN_dup(xhat[j]);
+ DSA_set0_pqg(sdsa, BN_dup(p), BN_dup(BN_value_one()),
+ BN_dup(BN_value_one()));
+ DSA_set0_key(sdsa, BN_dup(xhat[j]), BN_dup(xbar[j]));
pkey1 = EVP_PKEY_new();
EVP_PKEY_set1_DSA(pkey1, sdsa);
PEM_write_PKCS8PrivateKey(str, pkey1, cipher, NULL, 0,
@@ -1877,17 +1896,15 @@ gen_mvkey(
DSA_print_fp(stderr, sdsa, 0);
/*
- * The product gbar^k)^xbar[j] (ghat^k)^xhat[j] and E
+ * The product (gbar^k)^xbar[j] (ghat^k)^xhat[j] and E
* are inverses of each other. We check that the product
* is one for each client except the ones that have been
* revoked.
*/
- BN_mod_exp(v, dsa2->priv_key, sdsa->pub_key, dsa->p,
- ctx);
- BN_mod_exp(u, dsa2->pub_key, sdsa->priv_key, dsa->p,
- ctx);
- BN_mod_mul(u, u, v, dsa->p, ctx);
- BN_mod_mul(u, u, bige, dsa->p, ctx);
+ BN_mod_exp(v, gbar, xhat[j], p, ctx);
+ BN_mod_exp(u, ghat, xbar[j], p, ctx);
+ BN_mod_mul(u, u, v, p, ctx);
+ BN_mod_mul(u, u, bige, p, ctx);
if (!BN_is_one(u)) {
fprintf(stderr, "Revoke key %d\n", j);
continue;
@@ -1900,7 +1917,7 @@ gen_mvkey(
* Free the countries.
*/
for (i = 0; i <= n; i++) {
- BN_free(a[i]); BN_free(g[i]);
+ BN_free(a[i]); BN_free(gs[i]);
}
for (j = 1; j <= n; j++) {
BN_free(x[j]); BN_free(xbar[j]); BN_free(xhat[j]);
@@ -1945,7 +1962,7 @@ x509 (
* the version to 3. Set the initial validity to the current
* time and the finalvalidity one year hence.
*/
- id = OBJ_nid2sn(md->pkey_type);
+ id = OBJ_nid2sn(EVP_MD_pkey_type(md));
fprintf(stderr, "Generating new certificate %s %s\n", name, id);
cert = X509_new();
X509_set_version(cert, 2L);
@@ -2154,6 +2171,56 @@ genkey(
fprintf(stderr, "Invalid %s key type %s\n", id, type);
return (NULL);
}
+
+static RSA*
+genRsaKeyPair(
+ int bits,
+ char * what
+ )
+{
+ RSA * rsa = RSA_new();
+ BN_GENCB * gcb = BN_GENCB_new();
+ BIGNUM * bne = BN_new();
+
+ if (gcb)
+ BN_GENCB_set_old(gcb, cb, what);
+ if (bne)
+ BN_set_word(bne, 65537);
+ if (!(rsa && gcb && bne && RSA_generate_key_ex(
+ rsa, bits, bne, gcb)))
+ {
+ RSA_free(rsa);
+ rsa = NULL;
+ }
+ BN_GENCB_free(gcb);
+ BN_free(bne);
+ return rsa;
+}
+
+static DSA*
+genDsaParams(
+ int bits,
+ char * what
+ )
+{
+
+ DSA * dsa = DSA_new();
+ BN_GENCB * gcb = BN_GENCB_new();
+ u_char seed[20];
+
+ if (gcb)
+ BN_GENCB_set_old(gcb, cb, what);
+ RAND_bytes(seed, sizeof(seed));
+ if (!(dsa && gcb && DSA_generate_parameters_ex(
+ dsa, bits, seed, sizeof(seed), NULL, NULL, gcb)))
+ {
+ DSA_free(dsa);
+ dsa = NULL;
+ }
+ BN_GENCB_free(gcb);
+ return dsa;
+}
+
#endif /* AUTOKEY */
diff --git a/contrib/ntp/util/ntp-keygen.html b/contrib/ntp/util/ntp-keygen.html
index b7ca2c83d386..ecf3249a2b40 100644
--- a/contrib/ntp/util/ntp-keygen.html
+++ b/contrib/ntp/util/ntp-keygen.html
@@ -70,7 +70,7 @@ All other files are in PEM-encoded
printable ASCII format so they can be embedded as MIME attachments in
mail to other sites.
- <p>This document applies to version 4.2.8p8 of <code>ntp-keygen</code>.
+ <p>This document applies to version 4.2.8p9 of <code>ntp-keygen</code>.
<div class="node">
<p><hr>
@@ -1085,7 +1085,7 @@ the usage text by passing it through a pager program.
used to select the program, defaulting to <span class="file">more</span>. Both will exit
with a status code of 0.
-<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p7
+<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p9-RC
Usage: ntp-keygen [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
Flg Arg Option-Name Description
-b Num imbits identity modulus bits
diff --git a/contrib/ntp/util/ntp-keygen.man.in b/contrib/ntp/util/ntp-keygen.man.in
index 6c8b5db8cfe8..1aeee80cdd6f 100644
--- a/contrib/ntp/util/ntp-keygen.man.in
+++ b/contrib/ntp/util/ntp-keygen.man.in
@@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
-.TH ntp-keygen @NTP_KEYGEN_MS@ "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH ntp-keygen @NTP_KEYGEN_MS@ "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
.\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-.JaGB0/ag-lKayA0)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-psaWZm/ag-DsaOYm)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:36 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:41 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
diff --git a/contrib/ntp/util/ntp-keygen.mdoc.in b/contrib/ntp/util/ntp-keygen.mdoc.in
index d108b60b31a4..7e6d2cf5a201 100644
--- a/contrib/ntp/util/ntp-keygen.mdoc.in
+++ b/contrib/ntp/util/ntp-keygen.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
.Dt NTP_KEYGEN @NTP_KEYGEN_MS@ User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc)
.\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:43 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:48 AM by AutoGen 5.18.5
.\" From the definitions ntp-keygen-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME