Description: Support Nettle
3.x
Author: Magnus Holmgren <holmgren@debian.org>
Forwarded: yes
--- a/src/spki/verify.c
+++ b/src/spki/verify.c
@@ -25,7 +25,7 @@
#endif
#include <nettle/bignum.h>
-#include <nettle/dsa.h>
+#include <nettle/dsa-compat.h>
#include <nettle/rsa.h>
#include "certificate.h"
@@ -74,7 +74,7 @@ spki_verify_dsa(const uint8_t *digest,
dsa_public_key_init
(&dsa
);
dsa_signature_init
(&rs
);
- res = (dsa_keypair_from_sexp_alist(&dsa, NULL,
+ res = (dsa_keypair_from_sexp_alist((struct dsa_params *)&dsa, dsa.y, NULL,
RSA_KEYSIZE_LIMIT, DSA_SHA1_Q_BITS, &key->sexp
)
&& spki_parse_type
(key
)
&& dsa_signature_from_sexp
(&rs, &signature->sexp, DSA_SHA1_Q_BITS
)
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -322,7 +322,7 @@ make_cast128_cbc_instance(struct crypto_
? do_cast128_encrypt
: do_cast128_decrypt
);
- cast128_set_key(&self->ctx.ctx, algorithm->key_size, key);
+ cast5_set_key(&self->ctx.ctx, algorithm->key_size, key);
CBC_SET_IV
(&self->ctx, iv
);
return
(&self->super
);
--- a/src/dsa.c
+++ b/src/dsa.c
@@ -28,7 +28,7 @@
#include <assert.h>
#include <nettle/bignum.h>
-#include <nettle/dsa.h>
+#include <nettle/dsa-compat.h>
#include <nettle/sexp.h>
#include <nettle/sha.h>
@@ -322,7 +322,7 @@ make_dsa_verifier(struct signature_algor
NEW
(dsa_verifier, res
);
init_dsa_verifier
(res
);
- if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
+ if (dsa_keypair_from_sexp_alist((struct dsa_params *)&res->key, res->key.y, NULL, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
return &res->super;
KILL
(res
);
@@ -341,7 +341,7 @@ make_dsa_signer(struct signature_algorit
dsa_private_key_init
(&res->key
);
- if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
+ if (dsa_keypair_from_sexp_alist((struct dsa_params *)&verifier->key, verifier->key.y, res->key.x, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
{
res->random = self->random;
res->verifier = verifier;
--- a/src/dummy.c
+++ b/src/dummy.c
@@ -41,84 +41,84 @@
#include "lsh.h"
/* Referenced by ssh_format.c */
-unsigned
+size_t
nettle_mpz_sizeinbase_256_s
(const mpz_t x UNUSED
)
{ abort
();
}
-unsigned
+size_t
nettle_mpz_sizeinbase_256_u
(const mpz_t x UNUSED
)
{ abort
();
}
void
-cbc_encrypt(void *ctx UNUSED, nettle_crypt_func f UNUSED,
- unsigned block_size UNUSED, uint8_t *iv UNUSED,
- unsigned length UNUSED, uint8_t *dst UNUSED,
+cbc_encrypt(const void *ctx UNUSED, nettle_cipher_func *f UNUSED,
+ size_t block_size UNUSED, uint8_t *iv UNUSED,
+ size_t length UNUSED, uint8_t *dst UNUSED,
const uint8_t *src UNUSED
)
{ abort
();
}
void
-cbc_decrypt(void *ctx UNUSED, nettle_crypt_func f UNUSED,
- unsigned block_size UNUSED, uint8_t *iv UNUSED,
- unsigned length UNUSED, uint8_t *dst UNUSED,
+cbc_decrypt(const void *ctx UNUSED, nettle_cipher_func *f UNUSED,
+ size_t block_size UNUSED, uint8_t *iv UNUSED,
+ size_t length UNUSED, uint8_t *dst UNUSED,
const uint8_t *src UNUSED
)
{ abort
();
}
void
-ctr_crypt(void *ctx UNUSED, nettle_crypt_func f UNUSED,
- unsigned block_size UNUSED, uint8_t *iv UNUSED,
- unsigned length UNUSED, uint8_t *dst UNUSED,
+ctr_crypt(const void *ctx UNUSED, nettle_cipher_func *f UNUSED,
+ size_t block_size UNUSED, uint8_t *iv UNUSED,
+ size_t length UNUSED, uint8_t *dst UNUSED,
const uint8_t *src UNUSED
)
{ abort
();
}
void
hmac_digest
(const void *outer UNUSED, const void *inner UNUSED, void *state UNUSED,
const struct nettle_hash *hash UNUSED,
- unsigned length UNUSED, uint8_t *digest UNUSED)
+ size_t length UNUSED, uint8_t *digest UNUSED)
{ abort
();
}
-unsigned
+size_t
sexp_vformat
(struct nettle_buffer *buffer UNUSED,
const char *format UNUSED, va_list args UNUSED
)
{ abort
();
}
-unsigned
+size_t
sexp_transport_vformat
(struct nettle_buffer *buffer UNUSED,
const char *format UNUSED, va_list args UNUSED
)
{ abort
();
}
int
sexp_transport_iterator_first
(struct sexp_iterator *iterator UNUSED,
- unsigned length UNUSED, uint8_t *input UNUSED)
+ size_t length UNUSED, uint8_t *input UNUSED)
{ abort
();
}
void
nettle_buffer_init_size
(struct nettle_buffer *buffer UNUSED,
- unsigned length UNUSED, uint8_t *space UNUSED)
+ size_t length UNUSED, uint8_t *space UNUSED)
{ abort
();
}
/* Referenced by lsh_string.c */
-uint8_t *
-memxor(uint8_t *dst UNUSED, const uint8_t *src UNUSED, size_t n UNUSED)
+void *
+memxor(void *dst UNUSED, const void *src UNUSED, size_t n UNUSED)
{ abort
();
}
void
-nettle_mpz_get_str_256(unsigned length UNUSED, uint8_t *s UNUSED, const mpz_t x UNUSED)
+nettle_mpz_get_str_256(size_t length UNUSED, uint8_t *s UNUSED, const mpz_t x UNUSED)
{ abort
();
}
void
base64_encode_init
(struct base64_encode_ctx *ctx UNUSED
)
{ abort
();
}
-unsigned
+size_t
base64_encode_update
(struct base64_encode_ctx *ctx UNUSED,
uint8_t *dst UNUSED,
- unsigned length UNUSED,
+ size_t length UNUSED,
const uint8_t *src UNUSED
)
{ abort
();
}
-unsigned
+size_t
base64_encode_final
(struct base64_encode_ctx *ctx UNUSED,
uint8_t *dst UNUSED
)
{ abort
();
}
@@ -129,9 +129,9 @@ base64_decode_init(struct base64_decode_
int
base64_decode_update
(struct base64_decode_ctx *ctx UNUSED,
- unsigned *dst_length UNUSED,
+ size_t *dst_length UNUSED,
uint8_t *dst UNUSED,
- unsigned src_length UNUSED,
+ size_t src_length UNUSED,
const uint8_t *src UNUSED
)
{ abort
();
}
@@ -142,7 +142,7 @@ base64_decode_final(struct base64_decode
/* Referenced by parse.c */
void
nettle_mpz_set_str_256_s
(mpz_t x UNUSED,
- unsigned length UNUSED, const uint8_t *s UNUSED)
+ size_t length UNUSED, const uint8_t *s UNUSED)
{ abort
();
}
/* Referenced by werror.c */
--- a/src/lsh-keygen.c
+++ b/src/lsh-keygen.c
@@ -39,7 +39,7 @@
#include <unistd.h>
#endif
-#include <nettle/dsa.h>
+#include <nettle/dsa-compat.h>
#include <nettle/rsa.h>
#include "crypto.h"
@@ -214,7 +214,7 @@ dsa_generate_key(struct randomness *r, u
assert
(r->quality == RANDOM_GOOD
);
- if (dsa_generate_keypair(&public, &private,
+ if (dsa_compat_generate_keypair(&public, &private,
r, lsh_random,
NULL, progress,
512 +
64 * level, DSA_SHA1_Q_BITS
))
--- a/src/lsh_string.c
+++ b/src/lsh_string.c
@@ -367,10 +367,10 @@ lsh_string_format_sexp(int transport, co
{
struct lsh_string *s;
va_list args;
- unsigned length;
+ size_t length;
struct nettle_buffer buffer;
- unsigned (*vformat)(struct nettle_buffer *, const char *, va_list)
+ size_t (*vformat)(struct nettle_buffer *, const char *, va_list)
= transport ? sexp_transport_vformat : sexp_vformat;
va_start
(args, format
);
@@ -415,7 +415,7 @@ int
lsh_string_base64_decode
(struct lsh_string *s
)
{
struct base64_decode_ctx ctx;
- uint32_t done = s->length;
+ size_t done = s->length;
base64_decode_init
(&ctx
);
--- a/src/randomness.c
+++ b/src/randomness.c
@@ -35,7 +35,7 @@
/* Wrapper for using lsh's randomness generator with nettle
* functions. */
void
-lsh_random(void *x, unsigned length, uint8_t *data)
+lsh_random(void *x, size_t length, uint8_t *data)
{
CAST_SUBTYPE
(randomness, r, x
);
RANDOM
(r, length, data
);
--- a/src/randomness.h
+++ b/src/randomness.h
@@ -84,6 +84,6 @@ make_system_random(void);
/* Randomness function matching nettle's expectations. */
void
-lsh_random(void *x, unsigned length, uint8_t *data);
+lsh_random(void *x, size_t length, uint8_t *data);
#endif /* LSH_RANDOMNESS_H_INCLUDED */
--- a/src/sexp.c
+++ b/src/sexp.c
@@ -97,7 +97,7 @@ lsh_sexp_to_string(struct sexp_iterator
struct lsh_string *
lsh_sexp_copy
(struct sexp_iterator *i
)
{
- unsigned length;
+ size_t length;
const uint8_t *subexpr = sexp_iterator_subexpr
(i, &length
);
return subexpr ? ssh_format
("%ls", length, subexpr
) : NULL;
--- a/src/lsh.c
+++ b/src/lsh.c
@@ -524,8 +524,8 @@ do_lsh_lookup(struct lookup_verifier *c,
}
acl = lsh_string_format_sexp
(0, "
(acl
(entry
(subject%l
)%l
))",
- subject->key_length, subject->key,
- STRING_LD(self->access));
+ (size_t)subject->key_length, subject->key,
+ (size_t)STRING_LD(self->access));
/* FIXME: Seems awkward to pick the acl apart again. */
if
(!spki_iterator_first
(&i, STRING_LD
(acl
)))
@@ -540,7 +540,7 @@ do_lsh_lookup(struct lookup_verifier *c,
A_WRITE
(self->file,
ssh_format
("\n; ACL for host %lz\n"
"%lfS\n",
- self->host, lsh_string_format_sexp(1, "%l", STRING_LD(acl))));
+ self->host, lsh_string_format_sexp(1, "%l", (size_t)STRING_LD(acl))));
lsh_string_free
(acl
);
}
--- a/src/spki.c
+++ b/src/spki.c
@@ -98,7 +98,7 @@ make_ssh_hostkey_tag(const char *host)
}
tag = lsh_string_format_sexp
(0, "
(tag
(ssh-hostkey%s
))",
- STRING_LD(reversed));
+ (size_t)STRING_LD(reversed));
lsh_string_free
(reversed
);
return tag;
@@ -207,7 +207,7 @@ spki_hash_data(const struct hash_algorit
out = lsh_string_format_sexp
(0, "
(hash%0s%s
)",
"hash", get_atom_name
(algorithm_name
),
- STRING_LD(digest));
+ (size_t)STRING_LD(digest));
KILL
(hash
);
lsh_string_free
(digest
);
@@ -376,13 +376,13 @@ spki_pkcs5_encrypt(struct randomness *r,
value = lsh_string_format_sexp
(0, "
(password-encrypted%s
(Xpkcs5v2%0s"
"
(iterations%i
)(salt%s
))"
"
(%0s
(iv%s
)(data%s
)))",
- STRING_LD(label),
+ (size_t)STRING_LD(label),
get_atom_name
(prf_name
),
iterations,
- STRING_LD(salt),
+ (size_t)STRING_LD(salt),
get_atom_name
(crypto_name
),
- STRING_LD(iv),
- STRING_LD(encrypted));
+ (size_t)STRING_LD(iv),
+ (size_t)STRING_LD(encrypted));
lsh_string_free
(key
);
lsh_string_free
(salt
);
--- a/src/srp_exchange.c
+++ b/src/srp_exchange.c
@@ -112,7 +112,7 @@ srp_make_verifier(const struct zn_group
zn_exp
(G, x, G->generator, x
);
expr = lsh_string_format_sexp
(0, "
(srp-verifier ssh-ring1%s%b
)",
- STRING_LD(salt),
+ (size_t)STRING_LD(salt),
x
);
mpz_clear
(x
);