Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Ignorance is bliss. -- Thomas Gray Fortune updates the great quotes, #42: BLISS is ignorance.

computers / alt.privacy.anon-server / Re: Orange remailer status

SubjectAuthor
* Orange remailer statusSEC3
`* Re: Orange remailer statusNomen Nescio
 +- Re: Orange remailer statuselvis-85792
 `* Re: Orange remailer statusSEC3
  +- Re: Orange remailer statusNomen Nescio
  `- Re: Orange remailer statusNomen Nescio

1
Orange remailer status

<mlE9J.1148856$Fd_a.1051239@fx08.ams1>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10011&group=alt.privacy.anon-server#10011

  copy link   Newsgroups: alt.privacy.anon-server
Path: rocksolid2!i2pn.org!weretis.net!feeder6.news.weretis.net!4.us.feeder.erje.net!2.eu.feeder.erje.net!feeder.erje.net!feeder1.feed.usenet.farm!feed.usenet.farm!peer01.ams4!peer.am4.highwinds-media.com!news.highwinds-media.com!peer03.ams1!peer.ams1.xlned.com!news.xlned.com!fx08.ams1.POSTED!not-for-mail
Newsgroups: alt.privacy.anon-server
X-Mozilla-News-Host: news://eunews.blocknews.net:119
From: adm...@sec3.net (SEC3)
Subject: Orange remailer status
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Lines: 25
Message-ID: <mlE9J.1148856$Fd_a.1051239@fx08.ams1>
X-Complaints-To: abuse@blocknews.net
NNTP-Posting-Date: Wed, 13 Oct 2021 17:05:22 UTC
Organization: blocknews - www.blocknews.net
Date: Wed, 13 Oct 2021 13:05:21 -0400
X-Received-Bytes: 1709
 by: SEC3 - Wed, 13 Oct 2021 17:05 UTC

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

My Orange mixmaster remailer is borked.

I am running it on Debian 10. I thought it would work but it's entirely
possible that the two are incompatible. Victor admin is also currently
struggling to get his Mixmaster 3.1 remailer working on Debian 10.

I am turning on the testing flag while I troubleshoot. I hope to find a
solution, but if I can't then my bruised orange will not be returning.

- --
SEC3
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEamNOV5zcTx6euiEV3bdNhCrAP2IFAmFnEa8ACgkQ3bdNhCrA
P2LAlAf8DIj2R01yQSvufEQl5BYcdpWyQytAuHerN9Lkf3eu0N4525y+Sv9T+R3T
w5j+d0zeP0CmiWWjoG1VggjeaCVRsn7OeWlzD0RTnhH4v3VDtIgqVlyb19NYE9TR
aIjOYKRTScWYeFMi0/SFoh8SuMKuajc6XBN2ZYQoCmifMF8pJ+uJ061PxP2nByj/
MMm7iNFC53dCgMctHiu4GQcGKbUFDAQcq26tkPSbx2BWD61CtBVSiIQ7vh9Adibk
b6vLQyObDtQEGFx1a6R+NsQz4kv5mcMlJhBkCF8kVquGgmC3rbS5ZYNjSv/9xeU7
sGxOpBpPJwWDGlaF6ezbZtjcs18sxA==
=oZR1
-----END PGP SIGNATURE-----

Re: Orange remailer status

<7ad3b0738d631a6f5bc3645c95fa07b3@dizum.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10014&group=alt.privacy.anon-server#10014

  copy link   Newsgroups: alt.privacy.anon-server
From: nob...@dizum.com (Nomen Nescio)
Subject: Re: Orange remailer status
References: <mlE9J.1148856$Fd_a.1051239@fx08.ams1>
Message-ID: <7ad3b0738d631a6f5bc3645c95fa07b3@dizum.com>
Date: Wed, 13 Oct 2021 20:14:25 +0200 (CEST)
Newsgroups: alt.privacy.anon-server
Path: rocksolid2!news.neodome.net!news.uzoreto.com!alphared!sewer!news.dizum.net!not-for-mail
Organization: dizum.com - The Internet Problem Provider
X-Abuse: abuse@dizum.com
Injection-Info: sewer.dizum.com - 2001::1/128
 by: Nomen Nescio - Wed, 13 Oct 2021 18:14 UTC

On 2021-10-13, SEC3 <admin@sec3.net> wrote:

> I am running it on Debian 10. I thought it would work but it's entirely
> possible that the two are incompatible.

I run mixmaster on Buster. What problem do you encounter? Debian includes a
patch to update the OpenSSL API. It almost cleanly applies to
mixmaster4096.

To be honest, mixmaster has been unmaintained for so long now, it's
probably best to let it die and either move to yamn or conclude that
trolling anonymously on Usenet is no longer worth the effort.

diff --git a/Src/crypto.c b/Src/crypto.c
index 26785b6..4ea9712 100644
--- a/Src/crypto.c
+++ b/Src/crypto.c
@@ -135,6 +135,7 @@ static int read_seckey(BUFFER *buf, SECKEY *key, const byte id[])
int len, plen;
byte *ptr;
int err = 0;
+ BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
md = buf_new();
bits = buf->data[0] + 256 * buf->data[1];
@@ -149,32 +150,36 @@ static int read_seckey(BUFFER *buf, SECKEY *key, const byte id[])
ptr = buf->data + 2;
- key->n = BN_bin2bn(ptr, len, NULL);
+ key_n = BN_bin2bn(ptr, len, NULL);
buf_append(md, ptr, len);
ptr += len;
- key->e = BN_bin2bn(ptr, len, NULL);
+ key_e = BN_bin2bn(ptr, len, NULL);
buf_append(md, ptr, len);
ptr += len;
- key->d = BN_bin2bn(ptr, len, NULL);
+ key_d = BN_bin2bn(ptr, len, NULL);
ptr += len;
- key->p = BN_bin2bn(ptr, plen, NULL);
+ key_p = BN_bin2bn(ptr, plen, NULL);
ptr += plen;
- key->q = BN_bin2bn(ptr, plen, NULL);
+ key_q = BN_bin2bn(ptr, plen, NULL);
ptr += plen;
- key->dmp1 = BN_bin2bn(ptr, plen, NULL);
+ key_dmp1 = BN_bin2bn(ptr, plen, NULL);
ptr += plen;
- key->dmq1 = BN_bin2bn(ptr, plen, NULL);
+ key_dmq1 = BN_bin2bn(ptr, plen, NULL);
ptr += plen;
- key->iqmp = BN_bin2bn(ptr, plen, NULL);
+ key_iqmp = BN_bin2bn(ptr, plen, NULL);
ptr += plen;
+ RSA_set0_key(key, key_n, key_e, key_d);
+ RSA_set0_factors(key, key_p, key_q);
+ RSA_set0_crt_params(key, key_dmp1, key_dmq1, key_iqmp);
+ digest_md5(md, md);
if (id)
err = (memcmp(id, md->data, 16) == 0) ? 0 : -1;
@@ -189,6 +194,7 @@ static int read_pubkey(BUFFER *buf, PUBKEY *key, const byte id[])
int len;
byte *ptr;
int err = 0;
+ BIGNUM *key_n, *key_e;
md = buf_new();
bits = buf->data[0] + 256 * buf->data[1];
@@ -199,13 +205,14 @@ static int read_pubkey(BUFFER *buf, PUBKEY *key, const byte id[])
ptr = buf->data + 2;
- key->n = BN_bin2bn(ptr, len, NULL);
+ key_n = BN_bin2bn(ptr, len, NULL);
buf_append(md, ptr, len);
ptr += len;
- key->e = BN_bin2bn(ptr, len, NULL);
+ key_e = BN_bin2bn(ptr, len, NULL);
buf_append(md, ptr, len);
ptr += len;
+ RSA_set0_key(key, key_n, key_e, NULL);
digest_md5(md, md);
if (id)
@@ -219,9 +226,14 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
byte l[512];
int n;
BUFFER *b, *temp;
+ const BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
int nn; /* modulus length in bytes */
- n = BN_bn2bin(key->n, l); /* writing modulus */
+ RSA_get0_key(key, &key_n, &key_e, &key_d);
+ RSA_get0_factors(key, &key_p, &key_q);
+ RSA_get0_crt_params(key, &key_dmp1, &key_dmq1, &key_iqmp);
+ + n = BN_bn2bin(key_n, l); /* writing modulus */
assert((n==128) || (n==256) || (n==384) || (n==512));
switch(n) {
case 128:
@@ -242,7 +254,7 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
buf_appendzero(b, nn - n);
buf_append(b, l, n);
- n = BN_bn2bin(key->e, l); /* writing e */
+ n = BN_bn2bin(key_e, l); /* writing e */
assert(n <= nn);
if (n < nn)
buf_appendzero(b, nn - n);
@@ -255,7 +267,7 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
buf_appendc(sk, nn/32); /* nn of 128 bytes = 1024-bits = (4*256)+0 so store 4 */
buf_cat(sk, b);
- n = BN_bn2bin(key->d, l); /* writing d */
+ n = BN_bn2bin(key_d, l); /* writing d */
assert(n <= nn);
if (n < nn)
buf_appendzero(sk, nn - n);
@@ -263,31 +275,31 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
nn /= 2; /* now store the smaller pieces */
- n = BN_bn2bin(key->p, l);
+ n = BN_bn2bin(key_p, l);
assert(n <= nn);
if (n < nn)
buf_appendzero(sk, nn - n);
buf_append(sk, l, n);
- n = BN_bn2bin(key->q, l);
+ n = BN_bn2bin(key_q, l);
assert(n <= nn);
if (n < nn)
buf_appendzero(sk, nn - n);
buf_append(sk, l, n);
- n = BN_bn2bin(key->dmp1, l);
+ n = BN_bn2bin(key_dmp1, l);
assert(n <= nn);
if (n < nn)
buf_appendzero(sk, nn - n);
buf_append(sk, l, n);
- n = BN_bn2bin(key->dmq1, l);
+ n = BN_bn2bin(key_dmq1, l);
assert(n <= nn);
if (n < nn)
buf_appendzero(sk, nn - n);
buf_append(sk, l, n);
- n = BN_bn2bin(key->iqmp, l);
+ n = BN_bn2bin(key_iqmp, l);
assert(n <= nn);
if (n < nn)
buf_appendzero(sk, nn - n);
@@ -305,8 +317,11 @@ static int write_pubkey(BUFFER *pk, PUBKEY *key, byte keyid[])
byte l[512];
int n;
int nn;
+ const BIGNUM *key_n, *key_e, *key_d;
+ + RSA_get0_key(key, &key_n, &key_e, &key_d);
- n = BN_bn2bin(key->n, l);
+ n = BN_bn2bin(key_n, l);
switch(n) {
case 128:
case 256:
@@ -324,7 +339,7 @@ static int write_pubkey(BUFFER *pk, PUBKEY *key, byte keyid[])
if (n < nn)
buf_appendzero(pk, nn - n);
buf_append(pk, l, n);
- n = BN_bn2bin(key->e, l);
+ n = BN_bn2bin(key_e, l);
assert(n <= nn);
if (n < nn)
buf_appendzero(pk, nn - n);
@@ -470,23 +485,23 @@ int pk_encrypt(BUFFER *in, BUFFER *keybuf)
}
int buf_crypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
{
- des_key_schedule ks1;
- des_key_schedule ks2;
- des_key_schedule ks3;
- des_cblock i;
+ DES_key_schedule ks1;
+ DES_key_schedule ks2;
+ DES_key_schedule ks3;
+ DES_cblock i;
assert(enc == ENCRYPT || enc == DECRYPT);
assert((key->length == 16 || key->length == 24) && iv->length == 8);
assert(buf->length % 8 == 0);
memcpy(i, iv->data, 8); /* leave iv buffer unchanged */
- des_set_key((const_des_cblock *) key->data, ks1);
- des_set_key((const_des_cblock *) (key->data + 8), ks2);
+ DES_set_key((const_DES_cblock *) key->data, &ks1);
+ DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
if (key->length == 16)
- des_set_key((const_des_cblock *) key->data, ks3);
+ DES_set_key((const_DES_cblock *) key->data, &ks3);
else
- des_set_key((const_des_cblock *) (key->data + 16), ks3);
- des_ede3_cbc_encrypt(buf->data, buf->data, buf->length, ks1, ks2, ks3,
+ DES_set_key((const_DES_cblock *) (key->data + 16), &ks3);
+ DES_ede3_cbc_encrypt(buf->data, buf->data, buf->length, &ks1, &ks2, &ks3,
&i, enc);
return (0);
}
@@ -494,18 +509,18 @@ int buf_crypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
int buf_3descrypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
{
int n = 0;
- des_key_schedule ks1;
- des_key_schedule ks2;
- des_key_schedule ks3;
+ DES_key_schedule ks1;
+ DES_key_schedule ks2;
+ DES_key_schedule ks3;
assert(enc == ENCRYPT || enc == DECRYPT);
assert(key->length == 24 && iv->length == 8);
- des_set_key((const_des_cblock *) key->data, ks1);
- des_set_key((const_des_cblock *) (key->data + 8), ks2);
- des_set_key((const_des_cblock *) (key->data + 16), ks3);
- des_ede3_cfb64_encrypt(buf->data, buf->data, buf->length, ks1, ks2, ks3,
- (des_cblock *) iv->data, &n, enc);
+ DES_set_key((const_DES_cblock *) key->data, &ks1);
+ DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
+ DES_set_key((const_DES_cblock *) (key->data + 16), &ks3);
+ DES_ede3_cfb64_encrypt(buf->data, buf->data, buf->length, &ks1, &ks2, &ks3,
+ (DES_cblock *) iv->data, &n, enc);
return (0);
}
@@ -576,7 +591,7 @@ return (-1);
assert((key->length == 16 || key->length == 24 || key->length == 32) && iv->length == 16);
AES_set_encrypt_key(key->data, key->length<<3, &ks);
-AES_ctr128_encrypt(buf->data, buf->data, buf->length, &ks, iv->data, ecount, &n);
+CRYPTO_ctr128_encrypt(buf->data, buf->data, buf->length, &ks, iv->data, ecount, &n, (block128_f)AES_encrypt);
return (n);
}
diff --git a/Src/crypto.h b/Src/crypto.h
index e969205..e6698b1 100644
--- a/Src/crypto.h
+++ b/Src/crypto.h
@@ -32,6 +32,7 @@
#endif /* USE_IDEA */
#ifdef USE_AES
#include <openssl/aes.h>
+#include <openssl/modes.h>
#endif /* USE_AES */
#include <openssl/cast.h>
#include <openssl/rand.h>
diff --git a/Src/pgpcreat.c b/Src/pgpcreat.c
index 3111272..fb6159b 100644
--- a/Src/pgpcreat.c
+++ b/Src/pgpcreat.c
@@ -158,11 +158,11 @@ static int pgp_ideaencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)

Click here to read the complete article

Re: Orange remailer status

<slrnsml2ul.ifr.elvis-85792@notatla.org.uk>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10046&group=alt.privacy.anon-server#10046

  copy link   Newsgroups: alt.privacy.anon-server
Path: rocksolid2!i2pn.org!aioe.org!feeder1.feed.usenet.farm!feed.usenet.farm!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!news-out.netnews.com!news.alt.net!fdc2.netnews.com!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx35.iad.POSTED!not-for-mail
Newsgroups: alt.privacy.anon-server
From: elvis-85...@notatla.org.uk
Subject: Re: Orange remailer status
References: <mlE9J.1148856$Fd_a.1051239@fx08.ams1>
<7ad3b0738d631a6f5bc3645c95fa07b3@dizum.com>
X-noarchive: yes
X-no-archive: yes
User-Agent: slrn/1.0.3 (Linux)
Message-ID: <slrnsml2ul.ifr.elvis-85792@notatla.org.uk>
Lines: 15
X-Complaints-To: abuse@blocknews.net
NNTP-Posting-Date: Sat, 16 Oct 2021 08:22:45 UTC
Organization: blocknews - www.blocknews.net
Date: Sat, 16 Oct 2021 08:22:45 GMT
X-Received-Bytes: 1372
 by: elvis-85...@notatla.org.uk - Sat, 16 Oct 2021 08:22 UTC

> I run mixmaster on Buster. What problem do you encounter? Debian includes a
> patch to update the OpenSSL API. It almost cleanly applies to
> mixmaster4096.
>
> To be honest, mixmaster has been unmaintained for so long now, it's
> probably best to let it die and either move to yamn or conclude that
> trolling anonymously on Usenet is no longer worth the effort.

There is example code in this man page:
https://reposcope.com/man/en/3ssl/EVP_EncryptInit
I have compiled and tested something simple based on it
where my version is libopenssl1_1-1.1.1d-lp152.7.24.1.x86_64

Using the EVP approach for AES, 3DES, SHA, RSA and key generation
and testing it is a bit of work if you're up for it.

Re: Orange remailer status

<U7pkJ.158547$eFGb.37805@fx14.ams1>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10450&group=alt.privacy.anon-server#10450

  copy link   Newsgroups: alt.privacy.anon-server
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!ecngs!feeder2.ecngs.de!178.20.174.213.MISMATCH!feeder1.feed.usenet.farm!feed.usenet.farm!peer02.ams4!peer.am4.highwinds-media.com!news.highwinds-media.com!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!fx14.ams1.POSTED!not-for-mail
Subject: Re: Orange remailer status
Newsgroups: alt.privacy.anon-server
References: <mlE9J.1148856$Fd_a.1051239@fx08.ams1>
<7ad3b0738d631a6f5bc3645c95fa07b3@dizum.com>
From: adm...@sec3.net (SEC3)
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <7ad3b0738d631a6f5bc3645c95fa07b3@dizum.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Lines: 684
Message-ID: <U7pkJ.158547$eFGb.37805@fx14.ams1>
X-Complaints-To: abuse@blocknews.net
NNTP-Posting-Date: Mon, 15 Nov 2021 08:46:44 UTC
Organization: blocknews - www.blocknews.net
Date: Mon, 15 Nov 2021 03:46:43 -0500
X-Received-Bytes: 25330
 by: SEC3 - Mon, 15 Nov 2021 08:46 UTC

On 2021-10-13 2:14 p.m., Nomen Nescio wrote:
> On 2021-10-13, SEC3 <admin@sec3.net> wrote:
>
>> I am running it on Debian 10. I thought it would work but it's entirely
>> possible that the two are incompatible.
>
> I run mixmaster on Buster. What problem do you encounter? Debian includes a
> patch to update the OpenSSL API. It almost cleanly applies to
> mixmaster4096.
>
> To be honest, mixmaster has been unmaintained for so long now, it's
> probably best to let it die and either move to yamn or conclude that
> trolling anonymously on Usenet is no longer worth the effort.
>
>
>
>
> diff --git a/Src/crypto.c b/Src/crypto.c
> index 26785b6..4ea9712 100644
> --- a/Src/crypto.c
> +++ b/Src/crypto.c
> @@ -135,6 +135,7 @@ static int read_seckey(BUFFER *buf, SECKEY *key, const byte id[])
> int len, plen;
> byte *ptr;
> int err = 0;
> + BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
>
> md = buf_new();
> bits = buf->data[0] + 256 * buf->data[1];
> @@ -149,32 +150,36 @@ static int read_seckey(BUFFER *buf, SECKEY *key, const byte id[])
>
> ptr = buf->data + 2;
>
> - key->n = BN_bin2bn(ptr, len, NULL);
> + key_n = BN_bin2bn(ptr, len, NULL);
> buf_append(md, ptr, len);
> ptr += len;
>
> - key->e = BN_bin2bn(ptr, len, NULL);
> + key_e = BN_bin2bn(ptr, len, NULL);
> buf_append(md, ptr, len);
> ptr += len;
>
> - key->d = BN_bin2bn(ptr, len, NULL);
> + key_d = BN_bin2bn(ptr, len, NULL);
> ptr += len;
>
> - key->p = BN_bin2bn(ptr, plen, NULL);
> + key_p = BN_bin2bn(ptr, plen, NULL);
> ptr += plen;
>
> - key->q = BN_bin2bn(ptr, plen, NULL);
> + key_q = BN_bin2bn(ptr, plen, NULL);
> ptr += plen;
>
> - key->dmp1 = BN_bin2bn(ptr, plen, NULL);
> + key_dmp1 = BN_bin2bn(ptr, plen, NULL);
> ptr += plen;
>
> - key->dmq1 = BN_bin2bn(ptr, plen, NULL);
> + key_dmq1 = BN_bin2bn(ptr, plen, NULL);
> ptr += plen;
>
> - key->iqmp = BN_bin2bn(ptr, plen, NULL);
> + key_iqmp = BN_bin2bn(ptr, plen, NULL);
> ptr += plen;
>
> + RSA_set0_key(key, key_n, key_e, key_d);
> + RSA_set0_factors(key, key_p, key_q);
> + RSA_set0_crt_params(key, key_dmp1, key_dmq1, key_iqmp);
> +
> digest_md5(md, md);
> if (id)
> err = (memcmp(id, md->data, 16) == 0) ? 0 : -1;
> @@ -189,6 +194,7 @@ static int read_pubkey(BUFFER *buf, PUBKEY *key, const byte id[])
> int len;
> byte *ptr;
> int err = 0;
> + BIGNUM *key_n, *key_e;
>
> md = buf_new();
> bits = buf->data[0] + 256 * buf->data[1];
> @@ -199,13 +205,14 @@ static int read_pubkey(BUFFER *buf, PUBKEY *key, const byte id[])
>
> ptr = buf->data + 2;
>
> - key->n = BN_bin2bn(ptr, len, NULL);
> + key_n = BN_bin2bn(ptr, len, NULL);
> buf_append(md, ptr, len);
> ptr += len;
>
> - key->e = BN_bin2bn(ptr, len, NULL);
> + key_e = BN_bin2bn(ptr, len, NULL);
> buf_append(md, ptr, len);
> ptr += len;
> + RSA_set0_key(key, key_n, key_e, NULL);
>
> digest_md5(md, md);
> if (id)
> @@ -219,9 +226,14 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> byte l[512];
> int n;
> BUFFER *b, *temp;
> + const BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
> int nn; /* modulus length in bytes */
>
> - n = BN_bn2bin(key->n, l); /* writing modulus */
> + RSA_get0_key(key, &key_n, &key_e, &key_d);
> + RSA_get0_factors(key, &key_p, &key_q);
> + RSA_get0_crt_params(key, &key_dmp1, &key_dmq1, &key_iqmp);
> +
> + n = BN_bn2bin(key_n, l); /* writing modulus */
> assert((n==128) || (n==256) || (n==384) || (n==512));
> switch(n) {
> case 128:
> @@ -242,7 +254,7 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> buf_appendzero(b, nn - n);
> buf_append(b, l, n);
>
> - n = BN_bn2bin(key->e, l); /* writing e */
> + n = BN_bn2bin(key_e, l); /* writing e */
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(b, nn - n);
> @@ -255,7 +267,7 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> buf_appendc(sk, nn/32); /* nn of 128 bytes = 1024-bits = (4*256)+0 so store 4 */
> buf_cat(sk, b);
>
> - n = BN_bn2bin(key->d, l); /* writing d */
> + n = BN_bn2bin(key_d, l); /* writing d */
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(sk, nn - n);
> @@ -263,31 +275,31 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
>
> nn /= 2; /* now store the smaller pieces */
>
> - n = BN_bn2bin(key->p, l);
> + n = BN_bn2bin(key_p, l);
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(sk, nn - n);
> buf_append(sk, l, n);
>
> - n = BN_bn2bin(key->q, l);
> + n = BN_bn2bin(key_q, l);
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(sk, nn - n);
> buf_append(sk, l, n);
>
> - n = BN_bn2bin(key->dmp1, l);
> + n = BN_bn2bin(key_dmp1, l);
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(sk, nn - n);
> buf_append(sk, l, n);
>
> - n = BN_bn2bin(key->dmq1, l);
> + n = BN_bn2bin(key_dmq1, l);
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(sk, nn - n);
> buf_append(sk, l, n);
>
> - n = BN_bn2bin(key->iqmp, l);
> + n = BN_bn2bin(key_iqmp, l);
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(sk, nn - n);
> @@ -305,8 +317,11 @@ static int write_pubkey(BUFFER *pk, PUBKEY *key, byte keyid[])
> byte l[512];
> int n;
> int nn;
> + const BIGNUM *key_n, *key_e, *key_d;
> +
> + RSA_get0_key(key, &key_n, &key_e, &key_d);
>
> - n = BN_bn2bin(key->n, l);
> + n = BN_bn2bin(key_n, l);
> switch(n) {
> case 128:
> case 256:
> @@ -324,7 +339,7 @@ static int write_pubkey(BUFFER *pk, PUBKEY *key, byte keyid[])
> if (n < nn)
> buf_appendzero(pk, nn - n);
> buf_append(pk, l, n);
> - n = BN_bn2bin(key->e, l);
> + n = BN_bn2bin(key_e, l);
> assert(n <= nn);
> if (n < nn)
> buf_appendzero(pk, nn - n);
> @@ -470,23 +485,23 @@ int pk_encrypt(BUFFER *in, BUFFER *keybuf)
> }
> int buf_crypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
> {
> - des_key_schedule ks1;
> - des_key_schedule ks2;
> - des_key_schedule ks3;
> - des_cblock i;
> + DES_key_schedule ks1;
> + DES_key_schedule ks2;
> + DES_key_schedule ks3;
> + DES_cblock i;
>
> assert(enc == ENCRYPT || enc == DECRYPT);
> assert((key->length == 16 || key->length == 24) && iv->length == 8);
> assert(buf->length % 8 == 0);
>
> memcpy(i, iv->data, 8); /* leave iv buffer unchanged */
> - des_set_key((const_des_cblock *) key->data, ks1);
> - des_set_key((const_des_cblock *) (key->data + 8), ks2);
> + DES_set_key((const_DES_cblock *) key->data, &ks1);
> + DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
> if (key->length == 16)
> - des_set_key((const_des_cblock *) key->data, ks3);
> + DES_set_key((const_DES_cblock *) key->data, &ks3);
> else
> - des_set_key((const_des_cblock *) (key->data + 16), ks3);
> - des_ede3_cbc_encrypt(buf->data, buf->data, buf->length, ks1, ks2, ks3,
> + DES_set_key((const_DES_cblock *) (key->data + 16), &ks3);
> + DES_ede3_cbc_encrypt(buf->data, buf->data, buf->length, &ks1, &ks2, &ks3,
> &i, enc);
> return (0);
> }
> @@ -494,18 +509,18 @@ int buf_crypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
> int buf_3descrypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
> {
> int n = 0;
> - des_key_schedule ks1;
> - des_key_schedule ks2;
> - des_key_schedule ks3;
> + DES_key_schedule ks1;
> + DES_key_schedule ks2;
> + DES_key_schedule ks3;
>
> assert(enc == ENCRYPT || enc == DECRYPT);
> assert(key->length == 24 && iv->length == 8);
>
> - des_set_key((const_des_cblock *) key->data, ks1);
> - des_set_key((const_des_cblock *) (key->data + 8), ks2);
> - des_set_key((const_des_cblock *) (key->data + 16), ks3);
> - des_ede3_cfb64_encrypt(buf->data, buf->data, buf->length, ks1, ks2, ks3,
> - (des_cblock *) iv->data, &n, enc);
> + DES_set_key((const_DES_cblock *) key->data, &ks1);
> + DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
> + DES_set_key((const_DES_cblock *) (key->data + 16), &ks3);
> + DES_ede3_cfb64_encrypt(buf->data, buf->data, buf->length, &ks1, &ks2, &ks3,
> + (DES_cblock *) iv->data, &n, enc);
> return (0);
> }
>
> @@ -576,7 +591,7 @@ return (-1);
>
> assert((key->length == 16 || key->length == 24 || key->length == 32) && iv->length == 16);
> AES_set_encrypt_key(key->data, key->length<<3, &ks);
> -AES_ctr128_encrypt(buf->data, buf->data, buf->length, &ks, iv->data, ecount, &n);
> +CRYPTO_ctr128_encrypt(buf->data, buf->data, buf->length, &ks, iv->data, ecount, &n, (block128_f)AES_encrypt);
> return (n);
> }
>
> diff --git a/Src/crypto.h b/Src/crypto.h
> index e969205..e6698b1 100644
> --- a/Src/crypto.h
> +++ b/Src/crypto.h
> @@ -32,6 +32,7 @@
> #endif /* USE_IDEA */
> #ifdef USE_AES
> #include <openssl/aes.h>
> +#include <openssl/modes.h>
> #endif /* USE_AES */
> #include <openssl/cast.h>
> #include <openssl/rand.h>
> diff --git a/Src/pgpcreat.c b/Src/pgpcreat.c
> index 3111272..fb6159b 100644
> --- a/Src/pgpcreat.c
> +++ b/Src/pgpcreat.c
> @@ -158,11 +158,11 @@ static int pgp_ideaencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
>
> static int pgp_3desencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> {
> - des_cblock iv;
> + DES_cblock iv;
> int i, n = 0;
> - des_key_schedule ks1;
> - des_key_schedule ks2;
> - des_key_schedule ks3;
> + DES_key_schedule ks1;
> + DES_key_schedule ks2;
> + DES_key_schedule ks3;
> SHA_CTX c;
>
> assert(key->length == 25);
> @@ -170,9 +170,9 @@ static int pgp_3desencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> for (i = 0; i < 8; i++)
> iv[i] = 0;
>
> - des_set_key((const_des_cblock *) (key->data + 1), ks1);
> - des_set_key((const_des_cblock *) (key->data + 9), ks2);
> - des_set_key((const_des_cblock *) (key->data+ 17), ks3);
> + DES_set_key((const_DES_cblock *) (key->data + 1), &ks1);
> + DES_set_key((const_DES_cblock *) (key->data + 9), &ks2);
> + DES_set_key((const_DES_cblock *) (key->data+ 17), &ks3);
>
> if (mdc) {
> mdc = 1;
> @@ -186,22 +186,23 @@ static int pgp_3desencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> SHA1_Update(&c, in->data, in->length);
> }
> n = 0;
> - des_ede3_cfb64_encrypt(out->data + mdc, out->data + mdc, 10, ks1, ks2, ks3, &iv, &n,
> - ENCRYPT);
> + DES_ede3_cfb64_encrypt(out->data + mdc, out->data + mdc, 10,
> + &ks1, &ks2, &ks3, &iv, &n, ENCRYPT);
> if (!mdc) {
> iv[6] = iv[0], iv[7] = iv[1];
> memcpy(iv, out->data + 2, 6);
> n = 0;
> }
> - des_ede3_cfb64_encrypt(in->data, out->data + 10 + mdc, in->length, ks1, ks2, ks3,
> - &iv, &n, ENCRYPT);
> + DES_ede3_cfb64_encrypt(in->data, out->data + 10 + mdc, in->length,
> + &ks1, &ks2, &ks3, &iv, &n, ENCRYPT);
> if (mdc) {
> SHA1_Update(&c, "\xD3\x14", 2); /* 0xD3 = 0xC0 | PGP_MDC */
> - des_ede3_cfb64_encrypt("\xD3\x14", out->data + 11 + in->length, 2, ks1, ks2, ks3,
> - &iv, &n, ENCRYPT);
> + DES_ede3_cfb64_encrypt("\xD3\x14", out->data + 11 + in->length, 2,
> + &ks1, &ks2, &ks3, &iv, &n, ENCRYPT);
> SHA1_Final(out->data + 13 + in->length, &c);
> - des_ede3_cfb64_encrypt(out->data + 13 + in->length, out->data + 13 + in->length, 20, ks1, ks2, ks3,
> - &iv, &n, ENCRYPT);
> + DES_ede3_cfb64_encrypt(out->data + 13 + in->length,
> + out->data + 13 + in->length, 20, &ks1, &ks2, &ks3,
> + &iv, &n, ENCRYPT);
> }
> return (0);
> }
> diff --git a/Src/pgpdata.c b/Src/pgpdata.c
> index 3106eaf..e247cdb 100644
> --- a/Src/pgpdata.c
> +++ b/Src/pgpdata.c
> @@ -131,6 +131,7 @@ int pgp_rsa(BUFFER *in, BUFFER *k, int mode)
> BUFFER *mpi, *out;
> int err = -1;
> RSA *key;
> + BIGNUM *key_n, *key_e, *key_d, *key_q, *key_p, *key_iqmp, *key_dmp1, *key_dmq1;
>
> assert(mode == PK_ENCRYPT || mode == PK_VERIFY || mode == PK_DECRYPT
> || mode == PK_SIGN);
> @@ -139,28 +140,31 @@ int pgp_rsa(BUFFER *in, BUFFER *k, int mode)
> mpi = buf_new();
>
> mpi_get(k, mpi);
> - key->n = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_n = BN_bin2bn(mpi->data, mpi->length, NULL);
>
> if (mpi_get(k, mpi) < 0)
> goto end;
> - key->e = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_e = BN_bin2bn(mpi->data, mpi->length, NULL);
>
> + RSA_set0_key(key, key_n, key_e, NULL);
> if (mode == PK_DECRYPT || mode == PK_SIGN) {
> if (mpi_get(k, mpi) < 0)
> goto end;
> - key->d = BN_bin2bn(mpi->data, mpi->length, NULL);
> -
> + key_d = BN_bin2bn(mpi->data, mpi->length, NULL);
> + RSA_set0_key(key, key_n, key_e, key_d);
> #if 1
> /* compute auxiluary parameters */
> mpi_get(k, mpi); /* PGP'p is SSLeay's q */
> - key->q = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_q = BN_bin2bn(mpi->data, mpi->length, NULL);
>
> mpi_get(k, mpi);
> - key->p = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_p = BN_bin2bn(mpi->data, mpi->length, NULL);
> +
> + RSA_set0_factors(key, key_p, key_q);
>
> if (mpi_get(k, mpi) < 0)
> goto end;
> - key->iqmp = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_iqmp = BN_bin2bn(mpi->data, mpi->length, NULL);
>
> {
> BIGNUM *i;
> @@ -168,14 +172,16 @@ int pgp_rsa(BUFFER *in, BUFFER *k, int mode)
>
> ctx = BN_CTX_new();
> i = BN_new();
> - key->dmp1 = BN_new();
> - key->dmq1 = BN_new();
> + key_dmp1 = BN_new();
> + key_dmq1 = BN_new();
> +
> + BN_sub(i, key_p, BN_value_one());
> + BN_mod(key_dmp1, key_d, i, ctx);
>
> - BN_sub(i, key->p, BN_value_one());
> - BN_mod(key->dmp1, key->d, i, ctx);
> + BN_sub(i, key_q, BN_value_one());
> + BN_mod(key_dmq1, key_d, i, ctx);
>
> - BN_sub(i, key->q, BN_value_one());
> - BN_mod(key->dmq1, key->d, i, ctx);
> + RSA_set0_crt_params(key, key_dmp1, key_dmq1, key_iqmp);
>
> BN_free(i);
> }
> @@ -1037,6 +1043,7 @@ int pgp_rsakeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> long now;
> int skalgo = 0;
> int err = 0;
> + const BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
>
> pkey = buf_new();
> skey = buf_new();
> @@ -1061,8 +1068,10 @@ int pgp_rsakeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> buf_appendi(skey, 0);
> /* buf_appendi(skey, KEYLIFETIME/(24*60*60)); */
> buf_appendc(skey, PGP_ES_RSA);
> - mpi_bnput(skey, k->n);
> - mpi_bnput(skey, k->e);
> +
> + RSA_get0_key(k, &key_n, &key_e, &key_d);
> + mpi_bnput(skey, key_n);
> + mpi_bnput(skey, key_e);
>
> #ifdef USE_IDEA
> if (pass != NULL && pass->length > 0 && remail != 2) {
> @@ -1076,16 +1085,18 @@ int pgp_rsakeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> #endif /* USE_IDEA */
> buf_appendc(skey, 0);
>
> - mpi_bnputenc(skey, k->d, skalgo, dk, iv);
> - mpi_bnputenc(skey, k->q, skalgo, dk, iv);
> - mpi_bnputenc(skey, k->p, skalgo, dk, iv);
> - mpi_bnputenc(skey, k->iqmp, skalgo, dk, iv);
> + RSA_get0_factors(k, &key_p, &key_q);
> + RSA_get0_crt_params(k, &key_dmp1, &key_dmq1, &key_iqmp);
> + mpi_bnputenc(skey, key_d, skalgo, dk, iv);
> + mpi_bnputenc(skey, key_q, skalgo, dk, iv);
> + mpi_bnputenc(skey, key_p, skalgo, dk, iv);
> + mpi_bnputenc(skey, key_iqmp, skalgo, dk, iv);
>
> buf_clear(p);
> - mpi_bnput(p, k->d);
> - mpi_bnput(p, k->q);
> - mpi_bnput(p, k->p);
> - mpi_bnput(p, k->iqmp);
> + mpi_bnput(p, key_d);
> + mpi_bnput(p, key_q);
> + mpi_bnput(p, key_p);
> + mpi_bnput(p, key_iqmp);
> buf_appendi(skey, pgp_csum(p, 0));
>
> pgp_packet(skey, PGP_SECKEY);
> @@ -1133,6 +1144,7 @@ end:
> static void *params(int dsa, int bits)
> {
> DSA *k = NULL;
> + BIGNUM *key_p, *key_q, *key_g;
> DH *d = NULL;
> FILE *f;
> BUFFER *p, *n;
> @@ -1166,22 +1178,24 @@ static void *params(int dsa, int bits)
> k = DSA_new();
> l = buf_geti(p);
> buf_get(p, n, l);
> - k->p = BN_bin2bn(n->data, n->length, NULL);
> + key_p = BN_bin2bn(n->data, n->length, NULL);
> l = buf_geti(p);
> buf_get(p, n, l);
> - k->q = BN_bin2bn(n->data, n->length, NULL);
> + key_q = BN_bin2bn(n->data, n->length, NULL);
> l = buf_geti(p);
> buf_get(p, n, l);
> - k->g = BN_bin2bn(n->data, n->length, NULL);
> + key_g = BN_bin2bn(n->data, n->length, NULL);
> } else {
> d = DH_new();
> l = buf_geti(p);
> buf_get(p, n, l);
> - d->p = BN_bin2bn(n->data, n->length, NULL);
> + key_p = BN_bin2bn(n->data, n->length, NULL);
> l = buf_geti(p);
> buf_get(p, n, l);
> - d->g = BN_bin2bn(n->data, n->length, NULL);
> + key_g = BN_bin2bn(n->data, n->length, NULL);
> + key_q = NULL;
> }
> + DSA_set0_pqg(k, key_p, key_q, key_g);
> break;
> }
> buf_appends(p, line);
> @@ -1200,13 +1214,14 @@ static void *params(int dsa, int bits)
> errlog(NOTICE, "Generating DSA parameters.\n");
> k = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
> p = buf_new();
> - l = BN_bn2bin(k->p, b);
> + DSA_get0_pqg(k, &key_p, &key_q, &key_g);
> + l = BN_bn2bin(key_p, b);
> buf_appendi(p, l);
> buf_append(p, b, l);
> - l = BN_bn2bin(k->q, b);
> + l = BN_bn2bin(key_q, b);
> buf_appendi(p, l);
> buf_append(p, b, l);
> - l = BN_bn2bin(k->g, b);
> + l = BN_bn2bin(key_g, b);
> buf_appendi(p, l);
> buf_append(p, b, l);
> encode(p, 64);
> @@ -1225,11 +1240,12 @@ static void *params(int dsa, int bits)
> if (d == NULL) {
> errlog(NOTICE, "Generating DH parameters. (This may take a long time!)\n");
> d = DH_generate_parameters(bits, DH_GENERATOR_5, NULL, NULL);
> + DSA_get0_pqg(d, &key_p, &key_q, &key_g);
> p = buf_new();
> - l = BN_bn2bin(d->p, b);
> + l = BN_bn2bin(key_p, b);
> buf_appendi(p, l);
> buf_append(p, b, l);
> - l = BN_bn2bin(d->g, b);
> + l = BN_bn2bin(key_g, b);
> buf_appendi(p, l);
> buf_append(p, b, l);
> encode(p, 64);
> @@ -1258,6 +1274,7 @@ int pgp_dhkeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> BUFFER *dk, *sig, *iv, *p;
> long now;
> int err = 0;
> + const BIGNUM *key_p, *key_q, *key_g, *pub_key, *priv_key;
>
> pkey = buf_new();
> skey = buf_new();
> @@ -1289,12 +1306,13 @@ int pgp_dhkeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> buf_setc(skey, 4);
> buf_appendl(skey, now);
> buf_appendc(skey, PGP_S_DSA);
> - mpi_bnput(skey, s->p);
> - mpi_bnput(skey, s->q);
> - mpi_bnput(skey, s->g);
> - mpi_bnput(skey, s->pub_key);
> -
> - mpi_bnput(secret, s->priv_key);
> + DSA_get0_pqg(s, &key_p, &key_q, &key_g);
> + mpi_bnput(skey, key_p);
> + mpi_bnput(skey, key_q);
> + mpi_bnput(skey, key_g);
> + DSA_get0_key(s, &pub_key, &priv_key);
> + mpi_bnput(skey, pub_key);
> + mpi_bnput(secret, priv_key);
> buf_appendi(secret, pgp_csum(secret, 0));
> makeski(secret, pass, remail);
> buf_cat(skey, secret);
> @@ -1304,12 +1322,16 @@ int pgp_dhkeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> buf_setc(subkey, 4);
> buf_appendl(subkey, now);
> buf_appendc(subkey, PGP_E_ELG);
> - mpi_bnput(subkey, e->p);
> - mpi_bnput(subkey, e->g);
> - mpi_bnput(subkey, e->pub_key);
> +
> + DH_get0_pqg(e, &key_p, &key_q, &key_g);
> + mpi_bnput(skey, key_p);
> + mpi_bnput(subkey, key_p);
> + mpi_bnput(subkey, key_g);
> + DH_get0_key(s, &pub_key, &priv_key);
> + mpi_bnput(subkey, pub_key);
>
> buf_clear(secret);
> - mpi_bnput(secret, e->priv_key);
> + mpi_bnput(secret, priv_key);
> buf_appendi(secret, pgp_csum(secret, 0));
> makeski(secret, pass, remail);
> buf_cat(subkey, secret);
> @@ -1360,29 +1382,33 @@ int pgp_dsasign(BUFFER *data, BUFFER *key, BUFFER *out)
> BUFFER *mpi, *b;
> DSA *d;
> DSA_SIG *sig = NULL;
> + BIGNUM *key_p, *key_q, *key_g, *pub_key, *priv_key, *sig_s, *sig_r;
>
> d = DSA_new();
> b = buf_new();
> mpi = buf_new();
> mpi_get(key, mpi);
> - d->p = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_p = BN_bin2bn(mpi->data, mpi->length, NULL);
> mpi_get(key, mpi);
> - d->q = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_q = BN_bin2bn(mpi->data, mpi->length, NULL);
> mpi_get(key, mpi);
> - d->g = BN_bin2bn(mpi->data, mpi->length, NULL);
> + key_g = BN_bin2bn(mpi->data, mpi->length, NULL);
> + DSA_set0_pqg(d, key_p, key_q, key_g);
> mpi_get(key, mpi);
> - d->pub_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> + pub_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> if (mpi_get(key, mpi) == -1) {
> goto end;
> }
> - d->priv_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> + priv_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> + DSA_set0_key(d, pub_key, priv_key);
>
> sig = DSA_do_sign(data->data, data->length, d);
> if (sig) {
> - buf_prepare(b, BN_num_bytes(sig->r));
> - b->length = BN_bn2bin(sig->r, b->data);
> + DSA_SIG_get0(sig, &sig_r, &sig_s);
> + buf_prepare(b, BN_num_bytes(sig_r));
> + b->length = BN_bn2bin(sig_r, b->data);
> mpi_put(out, b);
> - b->length = BN_bn2bin(sig->s, b->data);
> + b->length = BN_bn2bin(sig_s, b->data);
> mpi_put(out, b);
> }
> end:
> diff --git a/Src/pgpget.c b/Src/pgpget.c
> index 87103dd..ee24cbb 100644
> --- a/Src/pgpget.c
> +++ b/Src/pgpget.c
> @@ -400,12 +400,12 @@ end:
> static int pgp_3desdecrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> {
> int err = 0;
> - des_cblock iv;
> + DES_cblock iv;
> byte hdr[10];
> int i, n;
> - des_key_schedule ks1;
> - des_key_schedule ks2;
> - des_key_schedule ks3;
> + DES_key_schedule ks1;
> + DES_key_schedule ks2;
> + DES_key_schedule ks3;
> SHA_CTX c;
> char md[20]; /* we could make hdr 20 bytes long and reuse it for md */
>
> @@ -423,12 +423,13 @@ static int pgp_3desdecrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> for (i = 0; i < 8; i++)
> iv[i] = 0;
>
> - des_set_key((const_des_cblock *) key->data, ks1);
> - des_set_key((const_des_cblock *) (key->data + 8), ks2);
> - des_set_key((const_des_cblock *) (key->data+ 16), ks3);
> + DES_set_key((const_DES_cblock *) key->data, &ks1);
> + DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
> + DES_set_key((const_DES_cblock *) (key->data+ 16), &ks3);
>
> n = 0;
> - des_ede3_cfb64_encrypt(in->data + mdc, hdr, 10, ks1, ks2, ks3, &iv, &n, DECRYPT);
> + DES_ede3_cfb64_encrypt(in->data + mdc, hdr, 10, &ks1, &ks2, &ks3,
> + &iv, &n, DECRYPT);
> if (n != 2 || hdr[8] != hdr[6] || hdr[9] != hdr[7]) {
> err = -1;
> goto end;
> @@ -441,8 +442,8 @@ static int pgp_3desdecrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> memcpy(iv, in->data + 2, 6);
> n = 0;
> }
> - des_ede3_cfb64_encrypt(in->data + 10 + mdc, out->data, in->length - 10 + mdc, ks1,
> - ks2, ks3, &iv, &n, DECRYPT);
> + DES_ede3_cfb64_encrypt(in->data + 10 + mdc, out->data, in->length - 10 + mdc,
> + &ks1, &ks2, &ks3, &iv, &n, DECRYPT);
> if (mdc) {
> if (out->length > 22) {
> out->length -= 22;
>


Click here to read the complete article
Re: Orange remailer status

<0ca862326b506e547c7cb87f344aa394@dizum.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10451&group=alt.privacy.anon-server#10451

  copy link   Newsgroups: alt.privacy.anon-server
From: nob...@dizum.com (Nomen Nescio)
Subject: Re: Orange remailer status
References: <mlE9J.1148856$Fd_a.1051239@fx08.ams1>
<7ad3b0738d631a6f5bc3645c95fa <U7pkJ.158547$eFGb.37805@fx14.ams1>
Message-ID: <0ca862326b506e547c7cb87f344aa394@dizum.com>
Date: Mon, 15 Nov 2021 10:29:10 +0100 (CET)
Newsgroups: alt.privacy.anon-server
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!alphared!sewer!news.dizum.net!not-for-mail
Organization: dizum.com - The Internet Problem Provider
X-Abuse: abuse@dizum.com
Injection-Info: sewer.dizum.com - 2001::1/128
 by: Nomen Nescio - Mon, 15 Nov 2021 09:29 UTC

> Which version of Mixmaster is it intended for?
> Is it intended for use with OpenSSL v1.1.x ?
> What problem is it intended to solve?

It is intended to make mixmaster4096 compile under Debian Buster by
adapting the patch Debian includes for the original mixmaster package.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859227#46

Re: Orange remailer status

<f9f3e39054464a2a0d36dea3db1bd21d@dizum.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10452&group=alt.privacy.anon-server#10452

  copy link   Newsgroups: alt.privacy.anon-server
From: nob...@dizum.com (Nomen Nescio)
Comments: This message did not originate from the Sender address above.
It was remailed automatically by anonymizing remailer software.
Please report problems or inappropriate use to the
remailer administrator at <abuse@dizum.com>.
Subject: Re: Orange remailer status
References: <mlE9J.1148856$Fd_a.1051239@fx08.ams1>
<7ad3b0738d631a6f5bc3645c95fa07b3@dizum.com>
<U7pkJ.158547$eFGb.37805@fx14.ams1>
Message-ID: <f9f3e39054464a2a0d36dea3db1bd21d@dizum.com>
Date: Mon, 15 Nov 2021 10:49:20 +0100 (CET)
Newsgroups: alt.privacy.anon-server
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!news.mixmin.net!mail2news.mixmin.net!not-for-mail
Injection-Info: mail2news.mixmin.net; posting-host=mail2news.mixmin.net;
mail-complaints-to=abuse@mixmin.net
 by: Nomen Nescio - Mon, 15 Nov 2021 09:49 UTC

In article <U7pkJ.158547$eFGb.37805@fx14.ams1>
SEC3 <admin@sec3.net> wrote:
>
> On 2021-10-13 2:14 p.m., Nomen Nescio wrote:
> > On 2021-10-13, SEC3 <admin@sec3.net> wrote:
> >
> >> I am running it on Debian 10. I thought it would work but it's entirely
> >> possible that the two are incompatible.
> >
> > I run mixmaster on Buster. What problem do you encounter? Debian includes a
> > patch to update the OpenSSL API. It almost cleanly applies to
> > mixmaster4096.
> >
> > To be honest, mixmaster has been unmaintained for so long now, it's
> > probably best to let it die and either move to yamn or conclude that
> > trolling anonymously on Usenet is no longer worth the effort.
> >
> >
> >
> >
> > diff --git a/Src/crypto.c b/Src/crypto.c
> > index 26785b6..4ea9712 100644
> > --- a/Src/crypto.c
> > +++ b/Src/crypto.c
> > @@ -135,6 +135,7 @@ static int read_seckey(BUFFER *buf, SECKEY *key, const byte id[])
> > int len, plen;
> > byte *ptr;
> > int err = 0;
> > + BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
> >
> > md = buf_new();
> > bits = buf->data[0] + 256 * buf->data[1];
> > @@ -149,32 +150,36 @@ static int read_seckey(BUFFER *buf, SECKEY *key, const byte id[])
> >
> > ptr = buf->data + 2;
> >
> > - key->n = BN_bin2bn(ptr, len, NULL);
> > + key_n = BN_bin2bn(ptr, len, NULL);
> > buf_append(md, ptr, len);
> > ptr += len;
> >
> > - key->e = BN_bin2bn(ptr, len, NULL);
> > + key_e = BN_bin2bn(ptr, len, NULL);
> > buf_append(md, ptr, len);
> > ptr += len;
> >
> > - key->d = BN_bin2bn(ptr, len, NULL);
> > + key_d = BN_bin2bn(ptr, len, NULL);
> > ptr += len;
> >
> > - key->p = BN_bin2bn(ptr, plen, NULL);
> > + key_p = BN_bin2bn(ptr, plen, NULL);
> > ptr += plen;
> >
> > - key->q = BN_bin2bn(ptr, plen, NULL);
> > + key_q = BN_bin2bn(ptr, plen, NULL);
> > ptr += plen;
> >
> > - key->dmp1 = BN_bin2bn(ptr, plen, NULL);
> > + key_dmp1 = BN_bin2bn(ptr, plen, NULL);
> > ptr += plen;
> >
> > - key->dmq1 = BN_bin2bn(ptr, plen, NULL);
> > + key_dmq1 = BN_bin2bn(ptr, plen, NULL);
> > ptr += plen;
> >
> > - key->iqmp = BN_bin2bn(ptr, plen, NULL);
> > + key_iqmp = BN_bin2bn(ptr, plen, NULL);
> > ptr += plen;
> >
> > + RSA_set0_key(key, key_n, key_e, key_d);
> > + RSA_set0_factors(key, key_p, key_q);
> > + RSA_set0_crt_params(key, key_dmp1, key_dmq1, key_iqmp);
> > +
> > digest_md5(md, md);
> > if (id)
> > err = (memcmp(id, md->data, 16) == 0) ? 0 : -1;
> > @@ -189,6 +194,7 @@ static int read_pubkey(BUFFER *buf, PUBKEY *key, const byte id[])
> > int len;
> > byte *ptr;
> > int err = 0;
> > + BIGNUM *key_n, *key_e;
> >
> > md = buf_new();
> > bits = buf->data[0] + 256 * buf->data[1];
> > @@ -199,13 +205,14 @@ static int read_pubkey(BUFFER *buf, PUBKEY *key, const byte id[])
> >
> > ptr = buf->data + 2;
> >
> > - key->n = BN_bin2bn(ptr, len, NULL);
> > + key_n = BN_bin2bn(ptr, len, NULL);
> > buf_append(md, ptr, len);
> > ptr += len;
> >
> > - key->e = BN_bin2bn(ptr, len, NULL);
> > + key_e = BN_bin2bn(ptr, len, NULL);
> > buf_append(md, ptr, len);
> > ptr += len;
> > + RSA_set0_key(key, key_n, key_e, NULL);
> >
> > digest_md5(md, md);
> > if (id)
> > @@ -219,9 +226,14 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> > byte l[512];
> > int n;
> > BUFFER *b, *temp;
> > + const BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
> > int nn; /* modulus length in bytes */
> >
> > - n = BN_bn2bin(key->n, l); /* writing modulus */
> > + RSA_get0_key(key, &key_n, &key_e, &key_d);
> > + RSA_get0_factors(key, &key_p, &key_q);
> > + RSA_get0_crt_params(key, &key_dmp1, &key_dmq1, &key_iqmp);
> > +
> > + n = BN_bn2bin(key_n, l); /* writing modulus */
> > assert((n==128) || (n==256) || (n==384) || (n==512));
> > switch(n) {
> > case 128:
> > @@ -242,7 +254,7 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> > buf_appendzero(b, nn - n);
> > buf_append(b, l, n);
> >
> > - n = BN_bn2bin(key->e, l); /* writing e */
> > + n = BN_bn2bin(key_e, l); /* writing e */
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(b, nn - n);
> > @@ -255,7 +267,7 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> > buf_appendc(sk, nn/32); /* nn of 128 bytes = 1024-bits = (4*256)+0 so store 4 */
> > buf_cat(sk, b);
> >
> > - n = BN_bn2bin(key->d, l); /* writing d */
> > + n = BN_bn2bin(key_d, l); /* writing d */
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(sk, nn - n);
> > @@ -263,31 +275,31 @@ static int write_seckey(BUFFER *sk, SECKEY *key, byte keyid[])
> >
> > nn /= 2; /* now store the smaller pieces */
> >
> > - n = BN_bn2bin(key->p, l);
> > + n = BN_bn2bin(key_p, l);
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(sk, nn - n);
> > buf_append(sk, l, n);
> >
> > - n = BN_bn2bin(key->q, l);
> > + n = BN_bn2bin(key_q, l);
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(sk, nn - n);
> > buf_append(sk, l, n);
> >
> > - n = BN_bn2bin(key->dmp1, l);
> > + n = BN_bn2bin(key_dmp1, l);
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(sk, nn - n);
> > buf_append(sk, l, n);
> >
> > - n = BN_bn2bin(key->dmq1, l);
> > + n = BN_bn2bin(key_dmq1, l);
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(sk, nn - n);
> > buf_append(sk, l, n);
> >
> > - n = BN_bn2bin(key->iqmp, l);
> > + n = BN_bn2bin(key_iqmp, l);
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(sk, nn - n);
> > @@ -305,8 +317,11 @@ static int write_pubkey(BUFFER *pk, PUBKEY *key, byte keyid[])
> > byte l[512];
> > int n;
> > int nn;
> > + const BIGNUM *key_n, *key_e, *key_d;
> > +
> > + RSA_get0_key(key, &key_n, &key_e, &key_d);
> >
> > - n = BN_bn2bin(key->n, l);
> > + n = BN_bn2bin(key_n, l);
> > switch(n) {
> > case 128:
> > case 256:
> > @@ -324,7 +339,7 @@ static int write_pubkey(BUFFER *pk, PUBKEY *key, byte keyid[])
> > if (n < nn)
> > buf_appendzero(pk, nn - n);
> > buf_append(pk, l, n);
> > - n = BN_bn2bin(key->e, l);
> > + n = BN_bn2bin(key_e, l);
> > assert(n <= nn);
> > if (n < nn)
> > buf_appendzero(pk, nn - n);
> > @@ -470,23 +485,23 @@ int pk_encrypt(BUFFER *in, BUFFER *keybuf)
> > }
> > int buf_crypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
> > {
> > - des_key_schedule ks1;
> > - des_key_schedule ks2;
> > - des_key_schedule ks3;
> > - des_cblock i;
> > + DES_key_schedule ks1;
> > + DES_key_schedule ks2;
> > + DES_key_schedule ks3;
> > + DES_cblock i;
> >
> > assert(enc == ENCRYPT || enc == DECRYPT);
> > assert((key->length == 16 || key->length == 24) && iv->length == 8);
> > assert(buf->length % 8 == 0);
> >
> > memcpy(i, iv->data, 8); /* leave iv buffer unchanged */
> > - des_set_key((const_des_cblock *) key->data, ks1);
> > - des_set_key((const_des_cblock *) (key->data + 8), ks2);
> > + DES_set_key((const_DES_cblock *) key->data, &ks1);
> > + DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
> > if (key->length == 16)
> > - des_set_key((const_des_cblock *) key->data, ks3);
> > + DES_set_key((const_DES_cblock *) key->data, &ks3);
> > else
> > - des_set_key((const_des_cblock *) (key->data + 16), ks3);
> > - des_ede3_cbc_encrypt(buf->data, buf->data, buf->length, ks1, ks2, ks3,
> > + DES_set_key((const_DES_cblock *) (key->data + 16), &ks3);
> > + DES_ede3_cbc_encrypt(buf->data, buf->data, buf->length, &ks1, &ks2, &ks3,
> > &i, enc);
> > return (0);
> > }
> > @@ -494,18 +509,18 @@ int buf_crypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
> > int buf_3descrypt(BUFFER *buf, BUFFER *key, BUFFER *iv, int enc)
> > {
> > int n = 0;
> > - des_key_schedule ks1;
> > - des_key_schedule ks2;
> > - des_key_schedule ks3;
> > + DES_key_schedule ks1;
> > + DES_key_schedule ks2;
> > + DES_key_schedule ks3;
> >
> > assert(enc == ENCRYPT || enc == DECRYPT);
> > assert(key->length == 24 && iv->length == 8);
> >
> > - des_set_key((const_des_cblock *) key->data, ks1);
> > - des_set_key((const_des_cblock *) (key->data + 8), ks2);
> > - des_set_key((const_des_cblock *) (key->data + 16), ks3);
> > - des_ede3_cfb64_encrypt(buf->data, buf->data, buf->length, ks1, ks2, ks3,
> > - (des_cblock *) iv->data, &n, enc);
> > + DES_set_key((const_DES_cblock *) key->data, &ks1);
> > + DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
> > + DES_set_key((const_DES_cblock *) (key->data + 16), &ks3);
> > + DES_ede3_cfb64_encrypt(buf->data, buf->data, buf->length, &ks1, &ks2, &ks3,
> > + (DES_cblock *) iv->data, &n, enc);
> > return (0);
> > }
> >
> > @@ -576,7 +591,7 @@ return (-1);
> >
> > assert((key->length == 16 || key->length == 24 || key->length == 32) && iv->length == 16);
> > AES_set_encrypt_key(key->data, key->length<<3, &ks);
> > -AES_ctr128_encrypt(buf->data, buf->data, buf->length, &ks, iv->data, ecount, &n);
> > +CRYPTO_ctr128_encrypt(buf->data, buf->data, buf->length, &ks, iv->data, ecount, &n, (block128_f)AES_encrypt);
> > return (n);
> > }
> >
> > diff --git a/Src/crypto.h b/Src/crypto.h
> > index e969205..e6698b1 100644
> > --- a/Src/crypto.h
> > +++ b/Src/crypto.h
> > @@ -32,6 +32,7 @@
> > #endif /* USE_IDEA */
> > #ifdef USE_AES
> > #include <openssl/aes.h>
> > +#include <openssl/modes.h>
> > #endif /* USE_AES */
> > #include <openssl/cast.h>
> > #include <openssl/rand.h>
> > diff --git a/Src/pgpcreat.c b/Src/pgpcreat.c
> > index 3111272..fb6159b 100644
> > --- a/Src/pgpcreat.c
> > +++ b/Src/pgpcreat.c
> > @@ -158,11 +158,11 @@ static int pgp_ideaencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> >
> > static int pgp_3desencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> > {
> > - des_cblock iv;
> > + DES_cblock iv;
> > int i, n = 0;
> > - des_key_schedule ks1;
> > - des_key_schedule ks2;
> > - des_key_schedule ks3;
> > + DES_key_schedule ks1;
> > + DES_key_schedule ks2;
> > + DES_key_schedule ks3;
> > SHA_CTX c;
> >
> > assert(key->length == 25);
> > @@ -170,9 +170,9 @@ static int pgp_3desencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> > for (i = 0; i < 8; i++)
> > iv[i] = 0;
> >
> > - des_set_key((const_des_cblock *) (key->data + 1), ks1);
> > - des_set_key((const_des_cblock *) (key->data + 9), ks2);
> > - des_set_key((const_des_cblock *) (key->data+ 17), ks3);
> > + DES_set_key((const_DES_cblock *) (key->data + 1), &ks1);
> > + DES_set_key((const_DES_cblock *) (key->data + 9), &ks2);
> > + DES_set_key((const_DES_cblock *) (key->data+ 17), &ks3);
> >
> > if (mdc) {
> > mdc = 1;
> > @@ -186,22 +186,23 @@ static int pgp_3desencrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> > SHA1_Update(&c, in->data, in->length);
> > }
> > n = 0;
> > - des_ede3_cfb64_encrypt(out->data + mdc, out->data + mdc, 10, ks1, ks2, ks3, &iv, &n,
> > - ENCRYPT);
> > + DES_ede3_cfb64_encrypt(out->data + mdc, out->data + mdc, 10,
> > + &ks1, &ks2, &ks3, &iv, &n, ENCRYPT);
> > if (!mdc) {
> > iv[6] = iv[0], iv[7] = iv[1];
> > memcpy(iv, out->data + 2, 6);
> > n = 0;
> > }
> > - des_ede3_cfb64_encrypt(in->data, out->data + 10 + mdc, in->length, ks1, ks2, ks3,
> > - &iv, &n, ENCRYPT);
> > + DES_ede3_cfb64_encrypt(in->data, out->data + 10 + mdc, in->length,
> > + &ks1, &ks2, &ks3, &iv, &n, ENCRYPT);
> > if (mdc) {
> > SHA1_Update(&c, "\xD3\x14", 2); /* 0xD3 = 0xC0 | PGP_MDC */
> > - des_ede3_cfb64_encrypt("\xD3\x14", out->data + 11 + in->length, 2, ks1, ks2, ks3,
> > - &iv, &n, ENCRYPT);
> > + DES_ede3_cfb64_encrypt("\xD3\x14", out->data + 11 + in->length, 2,
> > + &ks1, &ks2, &ks3, &iv, &n, ENCRYPT);
> > SHA1_Final(out->data + 13 + in->length, &c);
> > - des_ede3_cfb64_encrypt(out->data + 13 + in->length, out->data + 13 + in->length, 20, ks1, ks2, ks3,
> > - &iv, &n, ENCRYPT);
> > + DES_ede3_cfb64_encrypt(out->data + 13 + in->length,
> > + out->data + 13 + in->length, 20, &ks1, &ks2, &ks3,
> > + &iv, &n, ENCRYPT);
> > }
> > return (0);
> > }
> > diff --git a/Src/pgpdata.c b/Src/pgpdata.c
> > index 3106eaf..e247cdb 100644
> > --- a/Src/pgpdata.c
> > +++ b/Src/pgpdata.c
> > @@ -131,6 +131,7 @@ int pgp_rsa(BUFFER *in, BUFFER *k, int mode)
> > BUFFER *mpi, *out;
> > int err = -1;
> > RSA *key;
> > + BIGNUM *key_n, *key_e, *key_d, *key_q, *key_p, *key_iqmp, *key_dmp1, *key_dmq1;
> >
> > assert(mode == PK_ENCRYPT || mode == PK_VERIFY || mode == PK_DECRYPT
> > || mode == PK_SIGN);
> > @@ -139,28 +140,31 @@ int pgp_rsa(BUFFER *in, BUFFER *k, int mode)
> > mpi = buf_new();
> >
> > mpi_get(k, mpi);
> > - key->n = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_n = BN_bin2bn(mpi->data, mpi->length, NULL);
> >
> > if (mpi_get(k, mpi) < 0)
> > goto end;
> > - key->e = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_e = BN_bin2bn(mpi->data, mpi->length, NULL);
> >
> > + RSA_set0_key(key, key_n, key_e, NULL);
> > if (mode == PK_DECRYPT || mode == PK_SIGN) {
> > if (mpi_get(k, mpi) < 0)
> > goto end;
> > - key->d = BN_bin2bn(mpi->data, mpi->length, NULL);
> > -
> > + key_d = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + RSA_set0_key(key, key_n, key_e, key_d);
> > #if 1
> > /* compute auxiluary parameters */
> > mpi_get(k, mpi); /* PGP'p is SSLeay's q */
> > - key->q = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_q = BN_bin2bn(mpi->data, mpi->length, NULL);
> >
> > mpi_get(k, mpi);
> > - key->p = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_p = BN_bin2bn(mpi->data, mpi->length, NULL);
> > +
> > + RSA_set0_factors(key, key_p, key_q);
> >
> > if (mpi_get(k, mpi) < 0)
> > goto end;
> > - key->iqmp = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_iqmp = BN_bin2bn(mpi->data, mpi->length, NULL);
> >
> > {
> > BIGNUM *i;
> > @@ -168,14 +172,16 @@ int pgp_rsa(BUFFER *in, BUFFER *k, int mode)
> >
> > ctx = BN_CTX_new();
> > i = BN_new();
> > - key->dmp1 = BN_new();
> > - key->dmq1 = BN_new();
> > + key_dmp1 = BN_new();
> > + key_dmq1 = BN_new();
> > +
> > + BN_sub(i, key_p, BN_value_one());
> > + BN_mod(key_dmp1, key_d, i, ctx);
> >
> > - BN_sub(i, key->p, BN_value_one());
> > - BN_mod(key->dmp1, key->d, i, ctx);
> > + BN_sub(i, key_q, BN_value_one());
> > + BN_mod(key_dmq1, key_d, i, ctx);
> >
> > - BN_sub(i, key->q, BN_value_one());
> > - BN_mod(key->dmq1, key->d, i, ctx);
> > + RSA_set0_crt_params(key, key_dmp1, key_dmq1, key_iqmp);
> >
> > BN_free(i);
> > }
> > @@ -1037,6 +1043,7 @@ int pgp_rsakeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> > long now;
> > int skalgo = 0;
> > int err = 0;
> > + const BIGNUM *key_n, *key_e, *key_d, *key_p, *key_q, *key_dmp1, *key_dmq1, *key_iqmp;
> >
> > pkey = buf_new();
> > skey = buf_new();
> > @@ -1061,8 +1068,10 @@ int pgp_rsakeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> > buf_appendi(skey, 0);
> > /* buf_appendi(skey, KEYLIFETIME/(24*60*60)); */
> > buf_appendc(skey, PGP_ES_RSA);
> > - mpi_bnput(skey, k->n);
> > - mpi_bnput(skey, k->e);
> > +
> > + RSA_get0_key(k, &key_n, &key_e, &key_d);
> > + mpi_bnput(skey, key_n);
> > + mpi_bnput(skey, key_e);
> >
> > #ifdef USE_IDEA
> > if (pass != NULL && pass->length > 0 && remail != 2) {
> > @@ -1076,16 +1085,18 @@ int pgp_rsakeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> > #endif /* USE_IDEA */
> > buf_appendc(skey, 0);
> >
> > - mpi_bnputenc(skey, k->d, skalgo, dk, iv);
> > - mpi_bnputenc(skey, k->q, skalgo, dk, iv);
> > - mpi_bnputenc(skey, k->p, skalgo, dk, iv);
> > - mpi_bnputenc(skey, k->iqmp, skalgo, dk, iv);
> > + RSA_get0_factors(k, &key_p, &key_q);
> > + RSA_get0_crt_params(k, &key_dmp1, &key_dmq1, &key_iqmp);
> > + mpi_bnputenc(skey, key_d, skalgo, dk, iv);
> > + mpi_bnputenc(skey, key_q, skalgo, dk, iv);
> > + mpi_bnputenc(skey, key_p, skalgo, dk, iv);
> > + mpi_bnputenc(skey, key_iqmp, skalgo, dk, iv);
> >
> > buf_clear(p);
> > - mpi_bnput(p, k->d);
> > - mpi_bnput(p, k->q);
> > - mpi_bnput(p, k->p);
> > - mpi_bnput(p, k->iqmp);
> > + mpi_bnput(p, key_d);
> > + mpi_bnput(p, key_q);
> > + mpi_bnput(p, key_p);
> > + mpi_bnput(p, key_iqmp);
> > buf_appendi(skey, pgp_csum(p, 0));
> >
> > pgp_packet(skey, PGP_SECKEY);
> > @@ -1133,6 +1144,7 @@ end:
> > static void *params(int dsa, int bits)
> > {
> > DSA *k = NULL;
> > + BIGNUM *key_p, *key_q, *key_g;
> > DH *d = NULL;
> > FILE *f;
> > BUFFER *p, *n;
> > @@ -1166,22 +1178,24 @@ static void *params(int dsa, int bits)
> > k = DSA_new();
> > l = buf_geti(p);
> > buf_get(p, n, l);
> > - k->p = BN_bin2bn(n->data, n->length, NULL);
> > + key_p = BN_bin2bn(n->data, n->length, NULL);
> > l = buf_geti(p);
> > buf_get(p, n, l);
> > - k->q = BN_bin2bn(n->data, n->length, NULL);
> > + key_q = BN_bin2bn(n->data, n->length, NULL);
> > l = buf_geti(p);
> > buf_get(p, n, l);
> > - k->g = BN_bin2bn(n->data, n->length, NULL);
> > + key_g = BN_bin2bn(n->data, n->length, NULL);
> > } else {
> > d = DH_new();
> > l = buf_geti(p);
> > buf_get(p, n, l);
> > - d->p = BN_bin2bn(n->data, n->length, NULL);
> > + key_p = BN_bin2bn(n->data, n->length, NULL);
> > l = buf_geti(p);
> > buf_get(p, n, l);
> > - d->g = BN_bin2bn(n->data, n->length, NULL);
> > + key_g = BN_bin2bn(n->data, n->length, NULL);
> > + key_q = NULL;
> > }
> > + DSA_set0_pqg(k, key_p, key_q, key_g);
> > break;
> > }
> > buf_appends(p, line);
> > @@ -1200,13 +1214,14 @@ static void *params(int dsa, int bits)
> > errlog(NOTICE, "Generating DSA parameters.\n");
> > k = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
> > p = buf_new();
> > - l = BN_bn2bin(k->p, b);
> > + DSA_get0_pqg(k, &key_p, &key_q, &key_g);
> > + l = BN_bn2bin(key_p, b);
> > buf_appendi(p, l);
> > buf_append(p, b, l);
> > - l = BN_bn2bin(k->q, b);
> > + l = BN_bn2bin(key_q, b);
> > buf_appendi(p, l);
> > buf_append(p, b, l);
> > - l = BN_bn2bin(k->g, b);
> > + l = BN_bn2bin(key_g, b);
> > buf_appendi(p, l);
> > buf_append(p, b, l);
> > encode(p, 64);
> > @@ -1225,11 +1240,12 @@ static void *params(int dsa, int bits)
> > if (d == NULL) {
> > errlog(NOTICE, "Generating DH parameters. (This may take a long time!)\n");
> > d = DH_generate_parameters(bits, DH_GENERATOR_5, NULL, NULL);
> > + DSA_get0_pqg(d, &key_p, &key_q, &key_g);
> > p = buf_new();
> > - l = BN_bn2bin(d->p, b);
> > + l = BN_bn2bin(key_p, b);
> > buf_appendi(p, l);
> > buf_append(p, b, l);
> > - l = BN_bn2bin(d->g, b);
> > + l = BN_bn2bin(key_g, b);
> > buf_appendi(p, l);
> > buf_append(p, b, l);
> > encode(p, 64);
> > @@ -1258,6 +1274,7 @@ int pgp_dhkeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> > BUFFER *dk, *sig, *iv, *p;
> > long now;
> > int err = 0;
> > + const BIGNUM *key_p, *key_q, *key_g, *pub_key, *priv_key;
> >
> > pkey = buf_new();
> > skey = buf_new();
> > @@ -1289,12 +1306,13 @@ int pgp_dhkeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> > buf_setc(skey, 4);
> > buf_appendl(skey, now);
> > buf_appendc(skey, PGP_S_DSA);
> > - mpi_bnput(skey, s->p);
> > - mpi_bnput(skey, s->q);
> > - mpi_bnput(skey, s->g);
> > - mpi_bnput(skey, s->pub_key);
> > -
> > - mpi_bnput(secret, s->priv_key);
> > + DSA_get0_pqg(s, &key_p, &key_q, &key_g);
> > + mpi_bnput(skey, key_p);
> > + mpi_bnput(skey, key_q);
> > + mpi_bnput(skey, key_g);
> > + DSA_get0_key(s, &pub_key, &priv_key);
> > + mpi_bnput(skey, pub_key);
> > + mpi_bnput(secret, priv_key);
> > buf_appendi(secret, pgp_csum(secret, 0));
> > makeski(secret, pass, remail);
> > buf_cat(skey, secret);
> > @@ -1304,12 +1322,16 @@ int pgp_dhkeygen(int bits, BUFFER *userid, BUFFER *pass, char *pubring,
> > buf_setc(subkey, 4);
> > buf_appendl(subkey, now);
> > buf_appendc(subkey, PGP_E_ELG);
> > - mpi_bnput(subkey, e->p);
> > - mpi_bnput(subkey, e->g);
> > - mpi_bnput(subkey, e->pub_key);
> > +
> > + DH_get0_pqg(e, &key_p, &key_q, &key_g);
> > + mpi_bnput(skey, key_p);
> > + mpi_bnput(subkey, key_p);
> > + mpi_bnput(subkey, key_g);
> > + DH_get0_key(s, &pub_key, &priv_key);
> > + mpi_bnput(subkey, pub_key);
> >
> > buf_clear(secret);
> > - mpi_bnput(secret, e->priv_key);
> > + mpi_bnput(secret, priv_key);
> > buf_appendi(secret, pgp_csum(secret, 0));
> > makeski(secret, pass, remail);
> > buf_cat(subkey, secret);
> > @@ -1360,29 +1382,33 @@ int pgp_dsasign(BUFFER *data, BUFFER *key, BUFFER *out)
> > BUFFER *mpi, *b;
> > DSA *d;
> > DSA_SIG *sig = NULL;
> > + BIGNUM *key_p, *key_q, *key_g, *pub_key, *priv_key, *sig_s, *sig_r;
> >
> > d = DSA_new();
> > b = buf_new();
> > mpi = buf_new();
> > mpi_get(key, mpi);
> > - d->p = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_p = BN_bin2bn(mpi->data, mpi->length, NULL);
> > mpi_get(key, mpi);
> > - d->q = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_q = BN_bin2bn(mpi->data, mpi->length, NULL);
> > mpi_get(key, mpi);
> > - d->g = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + key_g = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + DSA_set0_pqg(d, key_p, key_q, key_g);
> > mpi_get(key, mpi);
> > - d->pub_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + pub_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> > if (mpi_get(key, mpi) == -1) {
> > goto end;
> > }
> > - d->priv_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + priv_key = BN_bin2bn(mpi->data, mpi->length, NULL);
> > + DSA_set0_key(d, pub_key, priv_key);
> >
> > sig = DSA_do_sign(data->data, data->length, d);
> > if (sig) {
> > - buf_prepare(b, BN_num_bytes(sig->r));
> > - b->length = BN_bn2bin(sig->r, b->data);
> > + DSA_SIG_get0(sig, &sig_r, &sig_s);
> > + buf_prepare(b, BN_num_bytes(sig_r));
> > + b->length = BN_bn2bin(sig_r, b->data);
> > mpi_put(out, b);
> > - b->length = BN_bn2bin(sig->s, b->data);
> > + b->length = BN_bn2bin(sig_s, b->data);
> > mpi_put(out, b);
> > }
> > end:
> > diff --git a/Src/pgpget.c b/Src/pgpget.c
> > index 87103dd..ee24cbb 100644
> > --- a/Src/pgpget.c
> > +++ b/Src/pgpget.c
> > @@ -400,12 +400,12 @@ end:
> > static int pgp_3desdecrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> > {
> > int err = 0;
> > - des_cblock iv;
> > + DES_cblock iv;
> > byte hdr[10];
> > int i, n;
> > - des_key_schedule ks1;
> > - des_key_schedule ks2;
> > - des_key_schedule ks3;
> > + DES_key_schedule ks1;
> > + DES_key_schedule ks2;
> > + DES_key_schedule ks3;
> > SHA_CTX c;
> > char md[20]; /* we could make hdr 20 bytes long and reuse it for md */
> >
> > @@ -423,12 +423,13 @@ static int pgp_3desdecrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> > for (i = 0; i < 8; i++)
> > iv[i] = 0;
> >
> > - des_set_key((const_des_cblock *) key->data, ks1);
> > - des_set_key((const_des_cblock *) (key->data + 8), ks2);
> > - des_set_key((const_des_cblock *) (key->data+ 16), ks3);
> > + DES_set_key((const_DES_cblock *) key->data, &ks1);
> > + DES_set_key((const_DES_cblock *) (key->data + 8), &ks2);
> > + DES_set_key((const_DES_cblock *) (key->data+ 16), &ks3);
> >
> > n = 0;
> > - des_ede3_cfb64_encrypt(in->data + mdc, hdr, 10, ks1, ks2, ks3, &iv, &n, DECRYPT);
> > + DES_ede3_cfb64_encrypt(in->data + mdc, hdr, 10, &ks1, &ks2, &ks3,
> > + &iv, &n, DECRYPT);
> > if (n != 2 || hdr[8] != hdr[6] || hdr[9] != hdr[7]) {
> > err = -1;
> > goto end;
> > @@ -441,8 +442,8 @@ static int pgp_3desdecrypt(BUFFER *in, BUFFER *out, BUFFER *key, int mdc)
> > memcpy(iv, in->data + 2, 6);
> > n = 0;
> > }
> > - des_ede3_cfb64_encrypt(in->data + 10 + mdc, out->data, in->length - 10 + mdc, ks1,
> > - ks2, ks3, &iv, &n, DECRYPT);
> > + DES_ede3_cfb64_encrypt(in->data + 10 + mdc, out->data, in->length - 10 + mdc,
> > + &ks1, &ks2, &ks3, &iv, &n, DECRYPT);
> > if (mdc) {
> > if (out->length > 22) {
> > out->length -= 22;
> >


Click here to read the complete article
1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor