Convert openssl(1) to using BN_GENCB on the heap

This is three times the same thing while genrsa needs some extra steps to deal with opaque BIGNUMs. We can also garbage collect some Win 3.1 contortions and use the conversion routines directly instead of doing them manually. ok jsing
author: tb <> 2021-11-20 18:10:48 +0000
committer: tb <> 2021-11-20 18:10:48 +0000
commit: ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8 (patch)
tree: 3b802e89fdcb5de312935cb76899b338d6c0999d /src
parent: 105c69b5d010aec960fdbf571dd0598e0436e293 (diff)
download: openbsd-ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8.tar.gz
openbsd-ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8.tar.bz2
openbsd-ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8.zip
4 files changed, 74 insertions, 51 deletions
diff --git a/src/usr.bin/openssl/dhparam.c b/src/usr.bin/openssl/dhparam.c
index b0dd510949..55263274b6 100644
--- a/src/usr.bin/openssl/dhparam.c
+++ b/src/usr.bin/openssl/dhparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dhparam.c,v 1.12 2019/07/14 03:30:45 guenther Exp $ */
+/* $OpenBSD: dhparam.c,v 1.13 2021/11/20 18:10:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -231,12 +231,13 @@ dhparam_usage()
        options_usage(dhparam_options);
 }
-static int dh_cb(int p, int n, BN_GENCB * cb);
+static int dh_cb(int p, int n, BN_GENCB *cb);
 int
 dhparam_main(int argc, char **argv)
 {
        BIO *in = NULL, *out = NULL;
+        BN_GENCB *cb = NULL;
        char *num_bits = NULL;
        DH *dh = NULL;
        int num = 0;
@@ -283,15 +284,19 @@ dhparam_main(int argc, char **argv)
        }
        if (num) {
+                if ((cb = BN_GENCB_new()) == NULL) {
+                        BIO_printf(bio_err,
+                            "Error allocating BN_GENCB object\n");
+                        goto end;
+                }
-                BN_GENCB cb;
+                BN_GENCB_set(cb, dh_cb, bio_err);
-                BN_GENCB_set(&cb, dh_cb, bio_err);
                if (dhparam_config.dsaparam) {
                        DSA *dsa = DSA_new();
                        BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", num);
                        if (!dsa || !DSA_generate_parameters_ex(dsa, num,
-                                NULL, 0, NULL, NULL, &cb)) {
+                                NULL, 0, NULL, NULL, cb)) {
                                DSA_free(dsa);
                                ERR_print_errors(bio_err);
                                goto end;
@@ -306,7 +311,7 @@ dhparam_main(int argc, char **argv)
                        dh = DH_new();
                        BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, dhparam_config.g);
                        BIO_printf(bio_err, "This is going to take a long time\n");
-                        if (!dh || !DH_generate_parameters_ex(dh, num, dhparam_config.g, &cb)) {
+                        if (!dh || !DH_generate_parameters_ex(dh, num, dhparam_config.g, cb)) {
                                ERR_print_errors(bio_err);
                                goto end;
                        }
@@ -469,6 +474,7 @@ dhparam_main(int argc, char **argv)
 end:
        BIO_free(in);
        BIO_free_all(out);
+        BN_GENCB_free(cb);
        DH_free(dh);
        return (ret);
@@ -476,7 +482,7 @@ dhparam_main(int argc, char **argv)
 /* dh_cb is identical to dsa_cb in apps/dsaparam.c */
 static int
-dh_cb(int p, int n, BN_GENCB * cb)
+dh_cb(int p, int n, BN_GENCB *cb)
 {
        char c = '*';
@@ -488,8 +494,8 @@ dh_cb(int p, int n, BN_GENCB * cb)
                c = '*';
        if (p == 3)
                c = '\n';
-        BIO_write(cb->arg, &c, 1);
+        BIO_write(BN_GENCB_get_arg(cb), &c, 1);
-        (void) BIO_flush(cb->arg);
+        (void) BIO_flush(BN_GENCB_get_arg(cb));
        return 1;
 }
diff --git a/src/usr.bin/openssl/dsaparam.c b/src/usr.bin/openssl/dsaparam.c
index 3c2ac89800..3a907fe620 100644
--- a/src/usr.bin/openssl/dsaparam.c
+++ b/src/usr.bin/openssl/dsaparam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsaparam.c,v 1.11 2019/07/14 03:30:45 guenther Exp $ */
+/* $OpenBSD: dsaparam.c,v 1.12 2021/11/20 18:10:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -156,7 +156,7 @@ dsaparam_usage(void)
        options_usage(dsaparam_options);
 }
-static int dsa_cb(int p, int n, BN_GENCB * cb);
+static int dsa_cb(int p, int n, BN_GENCB *cb);
 int
 dsaparam_main(int argc, char **argv)
@@ -164,6 +164,7 @@ dsaparam_main(int argc, char **argv)
        DSA *dsa = NULL;
        int i;
        BIO *in = NULL, *out = NULL;
+        BN_GENCB *cb = NULL;
        int ret = 1;
        int numbits = -1;
        char *strbits = NULL;
@@ -218,8 +219,14 @@ dsaparam_main(int argc, char **argv)
        }
        if (numbits > 0) {
-                BN_GENCB cb;
+                if ((cb = BN_GENCB_new()) == NULL) {
-                BN_GENCB_set(&cb, dsa_cb, bio_err);
+                        BIO_printf(bio_err,
+                            "Error allocating BN_GENCB object\n");
+                        goto end;
+                }
+                BN_GENCB_set(cb, dsa_cb, bio_err);
                dsa = DSA_new();
                if (!dsa) {
                        BIO_printf(bio_err, "Error allocating DSA object\n");
@@ -227,7 +234,7 @@ dsaparam_main(int argc, char **argv)
                }
                BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", numbits);
                BIO_printf(bio_err, "This could take some time\n");
-                if (!DSA_generate_parameters_ex(dsa, numbits, NULL, 0, NULL, NULL, &cb)) {
+                if (!DSA_generate_parameters_ex(dsa, numbits, NULL, 0, NULL, NULL, cb)) {
                        ERR_print_errors(bio_err);
                        BIO_printf(bio_err, "Error, DSA key generation failed\n");
                        goto end;
@@ -341,13 +348,14 @@ dsaparam_main(int argc, char **argv)
 end:
        BIO_free(in);
        BIO_free_all(out);
+        BN_GENCB_free(cb);
        DSA_free(dsa);
        return (ret);
 }
 static int
-dsa_cb(int p, int n, BN_GENCB * cb)
+dsa_cb(int p, int n, BN_GENCB *cb)
 {
        char c = '*';
@@ -359,8 +367,8 @@ dsa_cb(int p, int n, BN_GENCB * cb)
                c = '*';
        if (p == 3)
                c = '\n';
-        BIO_write(cb->arg, &c, 1);
+        BIO_write(BN_GENCB_get_arg(cb), &c, 1);
-        (void) BIO_flush(cb->arg);
+        (void) BIO_flush(BN_GENCB_get_arg(cb));
 #ifdef GENCB_TEST
        if (stop_keygen_flag)
                return 0;
diff --git a/src/usr.bin/openssl/gendh.c b/src/usr.bin/openssl/gendh.c
index facc9248f3..c6564e047b 100644
--- a/src/usr.bin/openssl/gendh.c
+++ b/src/usr.bin/openssl/gendh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gendh.c,v 1.11 2019/07/14 03:30:45 guenther Exp $ */
+/* $OpenBSD: gendh.c,v 1.12 2021/11/20 18:10:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -84,7 +84,7 @@
 #define DEFBITS 512
-static int dh_cb(int p, int n, BN_GENCB * cb);
+static int dh_cb(int p, int n, BN_GENCB *cb);
 static struct {
        int g;
@@ -128,7 +128,7 @@ gendh_usage(void)
 int
 gendh_main(int argc, char **argv)
 {
-        BN_GENCB cb;
+        BN_GENCB *cb = NULL;
        DH *dh = NULL;
        int ret = 1, numbits = DEFBITS;
        BIO *out = NULL;
@@ -141,7 +141,12 @@ gendh_main(int argc, char **argv)
                }
        }
-        BN_GENCB_set(&cb, dh_cb, bio_err);
+        if ((cb = BN_GENCB_new()) == NULL) {
+                BIO_printf(bio_err, "Error allocating BN_GENCB object\n");
+                goto end;
+        }
+        BN_GENCB_set(cb, dh_cb, bio_err);
        memset(&gendh_config, 0, sizeof(gendh_config));
@@ -180,7 +185,7 @@ gendh_main(int argc, char **argv)
        BIO_printf(bio_err, "This is going to take a long time\n");
        if (((dh = DH_new()) == NULL) ||
-            !DH_generate_parameters_ex(dh, numbits, gendh_config.g, &cb))
+            !DH_generate_parameters_ex(dh, numbits, gendh_config.g, cb))
                goto end;
        if (!PEM_write_bio_DHparams(out, dh))
@@ -190,13 +195,14 @@ gendh_main(int argc, char **argv)
        if (ret != 0)
                ERR_print_errors(bio_err);
        BIO_free_all(out);
+        BN_GENCB_free(cb);
        DH_free(dh);
        return (ret);
 }
 static int
-dh_cb(int p, int n, BN_GENCB * cb)
+dh_cb(int p, int n, BN_GENCB *cb)
 {
        char c = '*';
@@ -208,8 +214,8 @@ dh_cb(int p, int n, BN_GENCB * cb)
                c = '*';
        if (p == 3)
                c = '\n';
-        BIO_write(cb->arg, &c, 1);
+        BIO_write(BN_GENCB_get_arg(cb), &c, 1);
-        (void) BIO_flush(cb->arg);
+        (void) BIO_flush(BN_GENCB_get_arg(cb));
        return 1;
 }
 #endif
diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c
index f0cea1f9b1..024fa88d26 100644
--- a/src/usr.bin/openssl/genrsa.c
+++ b/src/usr.bin/openssl/genrsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: genrsa.c,v 1.17 2019/07/24 14:23:25 inoguchi Exp $ */
+/* $OpenBSD: genrsa.c,v 1.18 2021/11/20 18:10:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -83,7 +83,7 @@
 #define DEFBITS 2048
-static int genrsa_cb(int p, int n, BN_GENCB * cb);
+static int genrsa_cb(int p, int n, BN_GENCB *cb);
 static struct {
        const EVP_CIPHER *enc;
@@ -270,15 +270,16 @@ genrsa_usage(void)
 int
 genrsa_main(int argc, char **argv)
 {
-        BN_GENCB cb;
+        BN_GENCB *cb = NULL;
        int ret = 1;
-        int i, num = DEFBITS;
+        int num = DEFBITS;
-        char *numbits= NULL;
+        char *numbits = NULL;
-        long l;
        char *passout = NULL;
        BIO *out = NULL;
-        BIGNUM *bn = BN_new();
+        BIGNUM *bn = NULL;
        RSA *rsa = NULL;
+        const BIGNUM *rsa_e = NULL;
+        char *rsa_e_hex = NULL, *rsa_e_dec = NULL;
        if (single_execution) {
                if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
@@ -287,10 +288,15 @@ genrsa_main(int argc, char **argv)
                }
        }
-        if (!bn)
+        if ((bn = BN_new()) == NULL)
                goto err;
-        BN_GENCB_set(&cb, genrsa_cb, bio_err);
+        if ((cb = BN_GENCB_new()) == NULL) {
+                BIO_printf(bio_err, "Error allocating BN_GENCB object\n");
+                goto err;
+        }
+        BN_GENCB_set(cb, genrsa_cb, bio_err);
        if ((out = BIO_new(BIO_s_file())) == NULL) {
                BIO_printf(bio_err, "unable to create BIO for output\n");
@@ -333,22 +339,16 @@ genrsa_main(int argc, char **argv)
                goto err;
        if (!BN_set_word(bn, genrsa_config.f4) ||
-            !RSA_generate_key_ex(rsa, num, bn, &cb))
+            !RSA_generate_key_ex(rsa, num, bn, cb))
                goto err;
-        /*
+        RSA_get0_key(rsa, NULL, &rsa_e, NULL);
-         * We need to do the following for when the base number size is <
+        if ((rsa_e_hex = BN_bn2hex(rsa_e)) == NULL)
-         * long, esp windows 3.1 :-(.
+                goto err;
-         */
+        if ((rsa_e_dec = BN_bn2dec(rsa_e)) == NULL)
-        l = 0L;
+                goto err;
-        for (i = 0; i < rsa->e->top; i++) {
-#ifndef _LP64
+        BIO_printf(bio_err, "e is %s (0x%s)\n", rsa_e_hex, rsa_e_dec);
-                l <<= BN_BITS4;
-                l <<= BN_BITS4;
-#endif
-                l += rsa->e->d[i];
-        }
-        BIO_printf(bio_err, "e is %ld (0x%lX)\n", l, l);
        {
                PW_CB_DATA cb_data;
                cb_data.password = passout;
@@ -361,8 +361,11 @@ genrsa_main(int argc, char **argv)
        ret = 0;
 err:
        BN_free(bn);
+        BN_GENCB_free(cb);
        RSA_free(rsa);
        BIO_free_all(out);
+        free(rsa_e_dec);
+        free(rsa_e_hex);
        free(passout);
        if (ret != 0)
@@ -372,7 +375,7 @@ genrsa_main(int argc, char **argv)
 }
 static int
-genrsa_cb(int p, int n, BN_GENCB * cb)
+genrsa_cb(int p, int n, BN_GENCB *cb)
 {
        char c = '*';
@@ -384,7 +387,7 @@ genrsa_cb(int p, int n, BN_GENCB * cb)
                c = '*';
        if (p == 3)
                c = '\n';
-        BIO_write(cb->arg, &c, 1);
+        BIO_write(BN_GENCB_get_arg(cb), &c, 1);
-        (void) BIO_flush(cb->arg);
+        (void) BIO_flush(BN_GENCB_get_arg(cb));
        return 1;
 }
author	tb <>	2021-11-20 18:10:48 +0000
committer	tb <>	2021-11-20 18:10:48 +0000
commit	ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8 (patch)
tree	3b802e89fdcb5de312935cb76899b338d6c0999d /src
parent	105c69b5d010aec960fdbf571dd0598e0436e293 (diff)
download	openbsd-ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8.tar.gz openbsd-ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8.tar.bz2 openbsd-ddffb653bb836ef8741e0b2e002c1ea1c0a17dc8.zip

diff --git a/src/usr.bin/openssl/dhparam.c b/src/usr.bin/openssl/dhparam.c index b0dd510949..55263274b6 100644 --- a/src/usr.bin/openssl/dhparam.c +++ b/src/usr.bin/openssl/dhparam.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dhparam.c,v 1.12 2019/07/14 03:30:45 guenther Exp $ */	1	/* $OpenBSD: dhparam.c,v 1.13 2021/11/20 18:10:48 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -231,12 +231,13 @@ dhparam_usage()
231	options_usage(dhparam_options);	231	options_usage(dhparam_options);
232	}	232	}
233		233
234	static int dh_cb(int p, int n, BN_GENCB * cb);	234	static int dh_cb(int p, int n, BN_GENCB *cb);
235		235
236	int	236	int
237	dhparam_main(int argc, char **argv)	237	dhparam_main(int argc, char **argv)
238	{	238	{
239	BIO in = NULL, out = NULL;	239	BIO in = NULL, out = NULL;
		240	BN_GENCB *cb = NULL;
240	char *num_bits = NULL;	241	char *num_bits = NULL;
241	DH *dh = NULL;	242	DH *dh = NULL;
242	int num = 0;	243	int num = 0;
@@ -283,15 +284,19 @@ dhparam_main(int argc, char **argv)
283	}	284	}
284		285
285	if (num) {	286	if (num) {
		287	if ((cb = BN_GENCB_new()) == NULL) {
		288	BIO_printf(bio_err,
		289	"Error allocating BN_GENCB object\n");
		290	goto end;
		291	}
286		292
287	BN_GENCB cb;	293	BN_GENCB_set(cb, dh_cb, bio_err);
288	BN_GENCB_set(&cb, dh_cb, bio_err);
289	if (dhparam_config.dsaparam) {	294	if (dhparam_config.dsaparam) {
290	DSA *dsa = DSA_new();	295	DSA *dsa = DSA_new();
291		296
292	BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", num);	297	BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", num);
293	if (!dsa \|\| !DSA_generate_parameters_ex(dsa, num,	298	if (!dsa \|\| !DSA_generate_parameters_ex(dsa, num,
294	NULL, 0, NULL, NULL, &cb)) {	299	NULL, 0, NULL, NULL, cb)) {
295	DSA_free(dsa);	300	DSA_free(dsa);
296	ERR_print_errors(bio_err);	301	ERR_print_errors(bio_err);
297	goto end;	302	goto end;
@@ -306,7 +311,7 @@ dhparam_main(int argc, char **argv)
306	dh = DH_new();	311	dh = DH_new();
307	BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, dhparam_config.g);	312	BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, dhparam_config.g);
308	BIO_printf(bio_err, "This is going to take a long time\n");	313	BIO_printf(bio_err, "This is going to take a long time\n");
309	if (!dh \|\| !DH_generate_parameters_ex(dh, num, dhparam_config.g, &cb)) {	314	if (!dh \|\| !DH_generate_parameters_ex(dh, num, dhparam_config.g, cb)) {
310	ERR_print_errors(bio_err);	315	ERR_print_errors(bio_err);
311	goto end;	316	goto end;
312	}	317	}
@@ -469,6 +474,7 @@ dhparam_main(int argc, char **argv)
469	end:	474	end:
470	BIO_free(in);	475	BIO_free(in);
471	BIO_free_all(out);	476	BIO_free_all(out);
		477	BN_GENCB_free(cb);
472	DH_free(dh);	478	DH_free(dh);
473		479
474	return (ret);	480	return (ret);
@@ -476,7 +482,7 @@ dhparam_main(int argc, char **argv)
476		482
477	/* dh_cb is identical to dsa_cb in apps/dsaparam.c */	483	/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
478	static int	484	static int
479	dh_cb(int p, int n, BN_GENCB * cb)	485	dh_cb(int p, int n, BN_GENCB *cb)
480	{	486	{
481	char c = '*';	487	char c = '*';
482		488
@@ -488,8 +494,8 @@ dh_cb(int p, int n, BN_GENCB * cb)
488	c = '*';	494	c = '*';
489	if (p == 3)	495	if (p == 3)
490	c = '\n';	496	c = '\n';
491	BIO_write(cb->arg, &c, 1);	497	BIO_write(BN_GENCB_get_arg(cb), &c, 1);
492	(void) BIO_flush(cb->arg);	498	(void) BIO_flush(BN_GENCB_get_arg(cb));
493	return 1;	499	return 1;
494	}	500	}
495		501


diff --git a/src/usr.bin/openssl/dsaparam.c b/src/usr.bin/openssl/dsaparam.c index 3c2ac89800..3a907fe620 100644 --- a/src/usr.bin/openssl/dsaparam.c +++ b/src/usr.bin/openssl/dsaparam.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dsaparam.c,v 1.11 2019/07/14 03:30:45 guenther Exp $ */	1	/* $OpenBSD: dsaparam.c,v 1.12 2021/11/20 18:10:48 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -156,7 +156,7 @@ dsaparam_usage(void)
156	options_usage(dsaparam_options);	156	options_usage(dsaparam_options);
157	}	157	}
158		158
159	static int dsa_cb(int p, int n, BN_GENCB * cb);	159	static int dsa_cb(int p, int n, BN_GENCB *cb);
160		160
161	int	161	int
162	dsaparam_main(int argc, char **argv)	162	dsaparam_main(int argc, char **argv)
@@ -164,6 +164,7 @@ dsaparam_main(int argc, char **argv)
164	DSA *dsa = NULL;	164	DSA *dsa = NULL;
165	int i;	165	int i;
166	BIO in = NULL, out = NULL;	166	BIO in = NULL, out = NULL;
		167	BN_GENCB *cb = NULL;
167	int ret = 1;	168	int ret = 1;
168	int numbits = -1;	169	int numbits = -1;
169	char *strbits = NULL;	170	char *strbits = NULL;
@@ -218,8 +219,14 @@ dsaparam_main(int argc, char **argv)
218	}	219	}
219		220
220	if (numbits > 0) {	221	if (numbits > 0) {
221	BN_GENCB cb;	222	if ((cb = BN_GENCB_new()) == NULL) {
222	BN_GENCB_set(&cb, dsa_cb, bio_err);	223	BIO_printf(bio_err,
		224	"Error allocating BN_GENCB object\n");
		225	goto end;
		226	}
		227
		228	BN_GENCB_set(cb, dsa_cb, bio_err);
		229
223	dsa = DSA_new();	230	dsa = DSA_new();
224	if (!dsa) {	231	if (!dsa) {
225	BIO_printf(bio_err, "Error allocating DSA object\n");	232	BIO_printf(bio_err, "Error allocating DSA object\n");
@@ -227,7 +234,7 @@ dsaparam_main(int argc, char **argv)
227	}	234	}
228	BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", numbits);	235	BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", numbits);
229	BIO_printf(bio_err, "This could take some time\n");	236	BIO_printf(bio_err, "This could take some time\n");
230	if (!DSA_generate_parameters_ex(dsa, numbits, NULL, 0, NULL, NULL, &cb)) {	237	if (!DSA_generate_parameters_ex(dsa, numbits, NULL, 0, NULL, NULL, cb)) {
231	ERR_print_errors(bio_err);	238	ERR_print_errors(bio_err);
232	BIO_printf(bio_err, "Error, DSA key generation failed\n");	239	BIO_printf(bio_err, "Error, DSA key generation failed\n");
233	goto end;	240	goto end;
@@ -341,13 +348,14 @@ dsaparam_main(int argc, char **argv)
341	end:	348	end:
342	BIO_free(in);	349	BIO_free(in);
343	BIO_free_all(out);	350	BIO_free_all(out);
		351	BN_GENCB_free(cb);
344	DSA_free(dsa);	352	DSA_free(dsa);
345		353
346	return (ret);	354	return (ret);
347	}	355	}
348		356
349	static int	357	static int
350	dsa_cb(int p, int n, BN_GENCB * cb)	358	dsa_cb(int p, int n, BN_GENCB *cb)
351	{	359	{
352	char c = '*';	360	char c = '*';
353		361
@@ -359,8 +367,8 @@ dsa_cb(int p, int n, BN_GENCB * cb)
359	c = '*';	367	c = '*';
360	if (p == 3)	368	if (p == 3)
361	c = '\n';	369	c = '\n';
362	BIO_write(cb->arg, &c, 1);	370	BIO_write(BN_GENCB_get_arg(cb), &c, 1);
363	(void) BIO_flush(cb->arg);	371	(void) BIO_flush(BN_GENCB_get_arg(cb));
364	#ifdef GENCB_TEST	372	#ifdef GENCB_TEST
365	if (stop_keygen_flag)	373	if (stop_keygen_flag)
366	return 0;	374	return 0;


diff --git a/src/usr.bin/openssl/gendh.c b/src/usr.bin/openssl/gendh.c index facc9248f3..c6564e047b 100644 --- a/src/usr.bin/openssl/gendh.c +++ b/src/usr.bin/openssl/gendh.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gendh.c,v 1.11 2019/07/14 03:30:45 guenther Exp $ */	1	/* $OpenBSD: gendh.c,v 1.12 2021/11/20 18:10:48 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -84,7 +84,7 @@
84		84
85	#define DEFBITS 512	85	#define DEFBITS 512
86		86
87	static int dh_cb(int p, int n, BN_GENCB * cb);	87	static int dh_cb(int p, int n, BN_GENCB *cb);
88		88
89	static struct {	89	static struct {
90	int g;	90	int g;
@@ -128,7 +128,7 @@ gendh_usage(void)
128	int	128	int
129	gendh_main(int argc, char **argv)	129	gendh_main(int argc, char **argv)
130	{	130	{
131	BN_GENCB cb;	131	BN_GENCB *cb = NULL;
132	DH *dh = NULL;	132	DH *dh = NULL;
133	int ret = 1, numbits = DEFBITS;	133	int ret = 1, numbits = DEFBITS;
134	BIO *out = NULL;	134	BIO *out = NULL;
@@ -141,7 +141,12 @@ gendh_main(int argc, char **argv)
141	}	141	}
142	}	142	}
143		143
144	BN_GENCB_set(&cb, dh_cb, bio_err);	144	if ((cb = BN_GENCB_new()) == NULL) {
		145	BIO_printf(bio_err, "Error allocating BN_GENCB object\n");
		146	goto end;
		147	}
		148
		149	BN_GENCB_set(cb, dh_cb, bio_err);
145		150
146	memset(&gendh_config, 0, sizeof(gendh_config));	151	memset(&gendh_config, 0, sizeof(gendh_config));
147		152
@@ -180,7 +185,7 @@ gendh_main(int argc, char **argv)
180	BIO_printf(bio_err, "This is going to take a long time\n");	185	BIO_printf(bio_err, "This is going to take a long time\n");
181		186
182	if (((dh = DH_new()) == NULL) \|\|	187	if (((dh = DH_new()) == NULL) \|\|
183	!DH_generate_parameters_ex(dh, numbits, gendh_config.g, &cb))	188	!DH_generate_parameters_ex(dh, numbits, gendh_config.g, cb))
184	goto end;	189	goto end;
185		190
186	if (!PEM_write_bio_DHparams(out, dh))	191	if (!PEM_write_bio_DHparams(out, dh))
@@ -190,13 +195,14 @@ gendh_main(int argc, char **argv)
190	if (ret != 0)	195	if (ret != 0)
191	ERR_print_errors(bio_err);	196	ERR_print_errors(bio_err);
192	BIO_free_all(out);	197	BIO_free_all(out);
		198	BN_GENCB_free(cb);
193	DH_free(dh);	199	DH_free(dh);
194		200
195	return (ret);	201	return (ret);
196	}	202	}
197		203
198	static int	204	static int
199	dh_cb(int p, int n, BN_GENCB * cb)	205	dh_cb(int p, int n, BN_GENCB *cb)
200	{	206	{
201	char c = '*';	207	char c = '*';
202		208
@@ -208,8 +214,8 @@ dh_cb(int p, int n, BN_GENCB * cb)
208	c = '*';	214	c = '*';
209	if (p == 3)	215	if (p == 3)
210	c = '\n';	216	c = '\n';
211	BIO_write(cb->arg, &c, 1);	217	BIO_write(BN_GENCB_get_arg(cb), &c, 1);
212	(void) BIO_flush(cb->arg);	218	(void) BIO_flush(BN_GENCB_get_arg(cb));
213	return 1;	219	return 1;
214	}	220	}
215	#endif	221	#endif


diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c index f0cea1f9b1..024fa88d26 100644 --- a/src/usr.bin/openssl/genrsa.c +++ b/src/usr.bin/openssl/genrsa.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: genrsa.c,v 1.17 2019/07/24 14:23:25 inoguchi Exp $ */	1	/* $OpenBSD: genrsa.c,v 1.18 2021/11/20 18:10:48 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -83,7 +83,7 @@
83		83
84	#define DEFBITS 2048	84	#define DEFBITS 2048
85		85
86	static int genrsa_cb(int p, int n, BN_GENCB * cb);	86	static int genrsa_cb(int p, int n, BN_GENCB *cb);
87		87
88	static struct {	88	static struct {
89	const EVP_CIPHER *enc;	89	const EVP_CIPHER *enc;
@@ -270,15 +270,16 @@ genrsa_usage(void)
270	int	270	int
271	genrsa_main(int argc, char **argv)	271	genrsa_main(int argc, char **argv)
272	{	272	{
273	BN_GENCB cb;	273	BN_GENCB *cb = NULL;
274	int ret = 1;	274	int ret = 1;
275	int i, num = DEFBITS;	275	int num = DEFBITS;
276	char *numbits= NULL;	276	char *numbits = NULL;
277	long l;
278	char *passout = NULL;	277	char *passout = NULL;
279	BIO *out = NULL;	278	BIO *out = NULL;
280	BIGNUM *bn = BN_new();	279	BIGNUM *bn = NULL;
281	RSA *rsa = NULL;	280	RSA *rsa = NULL;
		281	const BIGNUM *rsa_e = NULL;
		282	char rsa_e_hex = NULL, rsa_e_dec = NULL;
282		283
283	if (single_execution) {	284	if (single_execution) {
284	if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {	285	if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
@@ -287,10 +288,15 @@ genrsa_main(int argc, char **argv)
287	}	288	}
288	}	289	}
289		290
290	if (!bn)	291	if ((bn = BN_new()) == NULL)
291	goto err;	292	goto err;
292		293
293	BN_GENCB_set(&cb, genrsa_cb, bio_err);	294	if ((cb = BN_GENCB_new()) == NULL) {
		295	BIO_printf(bio_err, "Error allocating BN_GENCB object\n");
		296	goto err;
		297	}
		298
		299	BN_GENCB_set(cb, genrsa_cb, bio_err);
294		300
295	if ((out = BIO_new(BIO_s_file())) == NULL) {	301	if ((out = BIO_new(BIO_s_file())) == NULL) {
296	BIO_printf(bio_err, "unable to create BIO for output\n");	302	BIO_printf(bio_err, "unable to create BIO for output\n");
@@ -333,22 +339,16 @@ genrsa_main(int argc, char **argv)
333	goto err;	339	goto err;
334		340
335	if (!BN_set_word(bn, genrsa_config.f4) \|\|	341	if (!BN_set_word(bn, genrsa_config.f4) \|\|
336	!RSA_generate_key_ex(rsa, num, bn, &cb))	342	!RSA_generate_key_ex(rsa, num, bn, cb))
337	goto err;	343	goto err;
338		344
339	/*	345	RSA_get0_key(rsa, NULL, &rsa_e, NULL);
340	* We need to do the following for when the base number size is <	346	if ((rsa_e_hex = BN_bn2hex(rsa_e)) == NULL)
341	* long, esp windows 3.1 :-(.	347	goto err;
342	*/	348	if ((rsa_e_dec = BN_bn2dec(rsa_e)) == NULL)
343	l = 0L;	349	goto err;
344	for (i = 0; i < rsa->e->top; i++) {	350
345	#ifndef _LP64	351	BIO_printf(bio_err, "e is %s (0x%s)\n", rsa_e_hex, rsa_e_dec);
346	l <<= BN_BITS4;
347	l <<= BN_BITS4;
348	#endif
349	l += rsa->e->d[i];
350	}
351	BIO_printf(bio_err, "e is %ld (0x%lX)\n", l, l);
352	{	352	{
353	PW_CB_DATA cb_data;	353	PW_CB_DATA cb_data;
354	cb_data.password = passout;	354	cb_data.password = passout;
@@ -361,8 +361,11 @@ genrsa_main(int argc, char **argv)
361	ret = 0;	361	ret = 0;
362	err:	362	err:
363	BN_free(bn);	363	BN_free(bn);
		364	BN_GENCB_free(cb);
364	RSA_free(rsa);	365	RSA_free(rsa);
365	BIO_free_all(out);	366	BIO_free_all(out);
		367	free(rsa_e_dec);
		368	free(rsa_e_hex);
366	free(passout);	369	free(passout);
367		370
368	if (ret != 0)	371	if (ret != 0)
@@ -372,7 +375,7 @@ genrsa_main(int argc, char **argv)
372	}	375	}
373		376
374	static int	377	static int
375	genrsa_cb(int p, int n, BN_GENCB * cb)	378	genrsa_cb(int p, int n, BN_GENCB *cb)
376	{	379	{
377	char c = '*';	380	char c = '*';
378		381
@@ -384,7 +387,7 @@ genrsa_cb(int p, int n, BN_GENCB * cb)
384	c = '*';	387	c = '*';
385	if (p == 3)	388	if (p == 3)
386	c = '\n';	389	c = '\n';
387	BIO_write(cb->arg, &c, 1);	390	BIO_write(BN_GENCB_get_arg(cb), &c, 1);
388	(void) BIO_flush(cb->arg);	391	(void) BIO_flush(BN_GENCB_get_arg(cb));
389	return 1;	392	return 1;
390	}	393	}