Rev 33 | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 79 | magnus | 1 | Author: Magnus Holmgren <holmgren@debian.org> |
| 2 | Description: Adapt to Nettle 2.0 |
||
| 33 | magnus | 3 | |
| 79 | magnus | 4 | --- a/src/crypto.c |
| 5 | +++ b/src/crypto.c |
||
| 6 | @@ -71,7 +71,7 @@ do_crypt_arcfour(struct crypto_instance |
||
| 33 | magnus | 7 | assert(!(length % 8)); |
| 8 | |||
| 9 | lsh_string_crypt(dst, di, src, si, length, |
||
| 10 | - (nettle_crypt_func) arcfour_crypt, &self->ctx); |
||
| 11 | + (nettle_crypt_func*) arcfour_crypt, &self->ctx); |
||
| 12 | } |
||
| 13 | |||
| 14 | static struct crypto_instance * |
||
| 79 | magnus | 15 | @@ -114,7 +114,7 @@ do_aes_cbc_encrypt(struct crypto_instanc |
| 33 | magnus | 16 | |
| 17 | lsh_string_cbc_encrypt(dst, di, src, si, length, |
||
| 18 | AES_BLOCK_SIZE, self->ctx.iv, |
||
| 19 | - (nettle_crypt_func) aes_encrypt, |
||
| 20 | + (nettle_crypt_func*) aes_encrypt, |
||
| 21 | &self->ctx.ctx); |
||
| 22 | } |
||
| 23 | |||
| 79 | magnus | 24 | @@ -128,7 +128,7 @@ do_aes_cbc_decrypt(struct crypto_instanc |
| 33 | magnus | 25 | |
| 26 | lsh_string_cbc_decrypt(dst, di, src, si, length, |
||
| 27 | AES_BLOCK_SIZE, self->ctx.iv, |
||
| 28 | - (nettle_crypt_func) aes_decrypt, |
||
| 29 | + (nettle_crypt_func*) aes_decrypt, |
||
| 30 | &self->ctx.ctx); |
||
| 31 | } |
||
| 32 | |||
| 79 | magnus | 33 | @@ -185,7 +185,7 @@ do_aes_ctr_crypt(struct crypto_instance |
| 33 | magnus | 34 | |
| 35 | lsh_string_ctr_crypt(dst, di, src, si, length, |
||
| 36 | AES_BLOCK_SIZE, self->ctx.ctr, |
||
| 37 | - (nettle_crypt_func) aes_encrypt, |
||
| 38 | + (nettle_crypt_func*) aes_encrypt, |
||
| 39 | &self->ctx.ctx); |
||
| 40 | } |
||
| 41 | |||
| 79 | magnus | 42 | @@ -227,7 +227,7 @@ do_des3_encrypt(struct crypto_instance * |
| 33 | magnus | 43 | |
| 44 | lsh_string_cbc_encrypt(dst, di, src, si, length, |
||
| 45 | DES3_BLOCK_SIZE, self->ctx.iv, |
||
| 46 | - (nettle_crypt_func) des3_encrypt, |
||
| 47 | + (nettle_crypt_func*) des3_encrypt, |
||
| 48 | &self->ctx.ctx); |
||
| 49 | } |
||
| 50 | |||
| 79 | magnus | 51 | @@ -241,7 +241,7 @@ do_des3_decrypt(struct crypto_instance * |
| 33 | magnus | 52 | |
| 53 | lsh_string_cbc_decrypt(dst, di, src, si, length, |
||
| 54 | DES3_BLOCK_SIZE, self->ctx.iv, |
||
| 55 | - (nettle_crypt_func) des3_decrypt, |
||
| 56 | + (nettle_crypt_func*) des3_decrypt, |
||
| 57 | &self->ctx.ctx); |
||
| 58 | } |
||
| 59 | |||
| 79 | magnus | 60 | @@ -303,7 +303,7 @@ do_cast128_encrypt(struct crypto_instanc |
| 33 | magnus | 61 | |
| 62 | lsh_string_cbc_encrypt(dst, di, src, si, length, |
||
| 63 | CAST128_BLOCK_SIZE, self->ctx.iv, |
||
| 64 | - (nettle_crypt_func) cast128_encrypt, |
||
| 65 | + (nettle_crypt_func*) cast128_encrypt, |
||
| 66 | &self->ctx.ctx); |
||
| 67 | } |
||
| 68 | |||
| 79 | magnus | 69 | @@ -317,7 +317,7 @@ do_cast128_decrypt(struct crypto_instanc |
| 33 | magnus | 70 | |
| 71 | lsh_string_cbc_decrypt(dst, di, src, si, length, |
||
| 72 | CAST128_BLOCK_SIZE, self->ctx.iv, |
||
| 73 | - (nettle_crypt_func) cast128_decrypt, |
||
| 74 | + (nettle_crypt_func*) cast128_decrypt, |
||
| 75 | &self->ctx.ctx); |
||
| 76 | } |
||
| 77 | |||
| 79 | magnus | 78 | @@ -363,7 +363,7 @@ do_twofish_encrypt(struct crypto_instanc |
| 33 | magnus | 79 | |
| 80 | lsh_string_cbc_encrypt(dst, di, src, si, length, |
||
| 81 | TWOFISH_BLOCK_SIZE, self->ctx.iv, |
||
| 82 | - (nettle_crypt_func) twofish_encrypt, |
||
| 83 | + (nettle_crypt_func*) twofish_encrypt, |
||
| 84 | &self->ctx.ctx); |
||
| 85 | } |
||
| 86 | |||
| 79 | magnus | 87 | @@ -377,7 +377,7 @@ do_twofish_decrypt(struct crypto_instanc |
| 33 | magnus | 88 | |
| 89 | lsh_string_cbc_decrypt(dst, di, src, si, length, |
||
| 90 | TWOFISH_BLOCK_SIZE, self->ctx.iv, |
||
| 91 | - (nettle_crypt_func) twofish_decrypt, |
||
| 92 | + (nettle_crypt_func*) twofish_decrypt, |
||
| 93 | &self->ctx.ctx); |
||
| 94 | } |
||
| 95 | |||
| 79 | magnus | 96 | @@ -422,7 +422,7 @@ do_blowfish_encrypt(struct crypto_instan |
| 33 | magnus | 97 | |
| 98 | lsh_string_cbc_encrypt(dst, di, src, si, length, |
||
| 99 | BLOWFISH_BLOCK_SIZE, self->ctx.iv, |
||
| 100 | - (nettle_crypt_func) blowfish_encrypt, |
||
| 101 | + (nettle_crypt_func*) blowfish_encrypt, |
||
| 102 | &self->ctx.ctx); |
||
| 103 | } |
||
| 104 | |||
| 79 | magnus | 105 | @@ -436,7 +436,7 @@ do_blowfish_decrypt(struct crypto_instan |
| 33 | magnus | 106 | |
| 107 | lsh_string_cbc_decrypt(dst, di, src, si, length, |
||
| 108 | BLOWFISH_BLOCK_SIZE, self->ctx.iv, |
||
| 109 | - (nettle_crypt_func) blowfish_decrypt, |
||
| 110 | + (nettle_crypt_func*) blowfish_decrypt, |
||
| 111 | &self->ctx.ctx); |
||
| 112 | } |
||
| 113 | |||
| 79 | magnus | 114 | @@ -488,7 +488,7 @@ do_serpent_encrypt(struct crypto_instanc |
| 33 | magnus | 115 | |
| 116 | lsh_string_cbc_encrypt(dst, di, src, si, length, |
||
| 117 | SERPENT_BLOCK_SIZE, self->ctx.iv, |
||
| 118 | - (nettle_crypt_func) serpent_encrypt, |
||
| 119 | + (nettle_crypt_func*) serpent_encrypt, |
||
| 120 | &self->ctx.ctx); |
||
| 121 | } |
||
| 122 | |||
| 79 | magnus | 123 | @@ -502,7 +502,7 @@ do_serpent_decrypt(struct crypto_instanc |
| 33 | magnus | 124 | |
| 125 | lsh_string_cbc_decrypt(dst, di, src, si, length, |
||
| 126 | SERPENT_BLOCK_SIZE, self->ctx.iv, |
||
| 127 | - (nettle_crypt_func) serpent_decrypt, |
||
| 128 | + (nettle_crypt_func*) serpent_decrypt, |
||
| 129 | &self->ctx.ctx); |
||
| 130 | } |
||
| 131 | |||
| 79 | magnus | 132 | --- a/src/lsh-make-seed.c |
| 133 | +++ b/src/lsh-make-seed.c |
||
| 134 | @@ -1219,6 +1219,7 @@ main(int argc, char **argv) |
||
| 33 | magnus | 135 | |
| 136 | struct yarrow256_ctx yarrow; |
||
| 137 | struct yarrow_source sources[NSOURCES]; |
||
| 138 | + uint8_t seed[YARROW256_SEED_FILE_SIZE]; |
||
| 139 | |||
| 140 | argp_parse(&main_argp, argc, argv, 0, NULL, options); |
||
| 141 | |||
| 79 | magnus | 142 | @@ -1371,7 +1372,8 @@ main(int argc, char **argv) |
| 33 | magnus | 143 | } |
| 144 | } |
||
| 145 | |||
| 146 | - e = write_raw(fd, sizeof(yarrow.seed_file), yarrow.seed_file); |
||
| 147 | + yarrow256_random(&yarrow, sizeof(seed), seed); |
||
| 148 | + e = write_raw(fd, sizeof(seed), seed); |
||
| 149 | |||
| 150 | if (e) |
||
| 151 | { |
||
| 79 | magnus | 152 | --- a/src/unix_random.c |
| 153 | +++ b/src/unix_random.c |
||
| 154 | @@ -81,6 +81,7 @@ write_seed_file(struct yarrow256_ctx *ct |
||
| 33 | magnus | 155 | int fd) |
| 156 | { |
||
| 157 | const struct exception *e; |
||
| 158 | + uint8_t seed[YARROW256_SEED_FILE_SIZE]; |
||
| 159 | |||
| 160 | if (lseek(fd, 0, SEEK_SET) < 0) |
||
| 161 | { |
||
| 79 | magnus | 162 | @@ -88,7 +89,8 @@ write_seed_file(struct yarrow256_ctx *ct |
| 33 | magnus | 163 | return 0; |
| 164 | } |
||
| 165 | |||
| 166 | - e = write_raw(fd, YARROW256_SEED_FILE_SIZE, ctx->seed_file); |
||
| 167 | + yarrow256_random(ctx, sizeof(seed), seed); |
||
| 168 | + e = write_raw(fd, sizeof(seed), seed); |
||
| 169 | |||
| 170 | if (e) |
||
| 171 | { |
||
| 79 | magnus | 172 | @@ -183,17 +185,19 @@ update_seed_file(struct unix_random *sel |
| 33 | magnus | 173 | { |
| 174 | struct lsh_string *s = read_seed_file(self->seed_file_fd); |
||
| 175 | |||
| 176 | - write_seed_file(&self->yarrow, self->seed_file_fd); |
||
| 177 | - KILL_RESOURCE(lock); |
||
| 178 | - |
||
| 179 | /* Mix in the old seed file, it might have picked up |
||
| 180 | * some randomness. */ |
||
| 181 | if (s) |
||
| 182 | { |
||
| 183 | + self->yarrow.sources[RANDOM_SOURCE_NEW_SEED].next = YARROW_FAST; |
||
| 184 | yarrow256_update(&self->yarrow, RANDOM_SOURCE_NEW_SEED, |
||
| 185 | 0, STRING_LD(s)); |
||
| 186 | lsh_string_free(s); |
||
| 187 | + yarrow256_fast_reseed(&self->yarrow); |
||
| 188 | } |
||
| 189 | + |
||
| 190 | + write_seed_file(&self->yarrow, self->seed_file_fd); |
||
| 191 | + KILL_RESOURCE(lock); |
||
| 192 | } |
||
| 193 | } |
||
| 194 | |||
| 79 | magnus | 195 | --- a/src/Makefile.am |
| 196 | +++ b/src/Makefile.am |
||
| 197 | @@ -113,7 +113,7 @@ lsh_krb_checkpw_LDADD=@KRB_LIBS@ |
||
| 198 | |||
| 199 | lsh_execuv_LDADD= |
||
| 200 | |||
| 201 | -LDADD = liblsh.a spki/libspki.a -lnettle @LIBARGP@ |
||
| 202 | +LDADD = liblsh.a spki/libspki.a -lnettle -lhogweed @LIBARGP@ |
||
| 203 | |||
| 204 | # To avoid having to link lshg with nettle, link with dummy.o. |
||
| 205 | |||
| 206 | --- a/src/spki/testsuite/Makefile.am |
||
| 207 | +++ b/src/spki/testsuite/Makefile.am |
||
| 208 | @@ -9,7 +9,7 @@ TS_ALL = $(TS_PROGS) $(TS_SH) |
||
| 209 | |||
| 210 | noinst_PROGRAMS = $(TS_PROGS) |
||
| 211 | |||
| 212 | -LDADD = testutils.o ../libspki.a -lnettle |
||
| 213 | +LDADD = testutils.o ../libspki.a -lnettle -lhogweed |
||
| 214 | |||
| 215 | include .dist_cdsa |
||
| 216 | |||
| 217 | --- a/src/spki/tools/Makefile.am |
||
| 218 | +++ b/src/spki/tools/Makefile.am |
||
| 219 | @@ -6,7 +6,7 @@ noinst_PROGRAMS = spki-check-signature s |
||
| 220 | # that affects all programs. |
||
| 221 | |||
| 222 | LDADD = misc.o getopt.o getopt1.o \ |
||
| 223 | - ../libspki.a -lnettle |
||
| 224 | + ../libspki.a -lnettle -lhogweed |
||
| 225 | |||
| 226 | spki_make_signature_SOURCES = spki-make-signature.c sign.c |
||
| 227 | spki_delegate_SOURCES = spki-delegate.c sign.c |
||
| 228 | --- a/src/testsuite/Makefile.am |
||
| 229 | +++ b/src/testsuite/Makefile.am |
||
| 230 | @@ -34,7 +34,7 @@ noinst_PROGRAMS = $(TS_PROGS) |
||
| 231 | # Workaround to get automake to keep dependencies for testutils.o |
||
| 232 | EXTRA_PROGRAMS = testutils |
||
| 233 | |||
| 234 | -LDADD = testutils.o ../liblsh.a ../spki/libspki.a -lnettle \ |
||
| 235 | +LDADD = testutils.o ../liblsh.a ../spki/libspki.a -lnettle -lhogweed \ |
||
| 236 | $(DOTDOT_LIBARGP) |
||
| 237 | |||
| 238 | include .dist_rapid7 |