regress/rsakeygen/Makefile: Merge with EOM 1.4

regress/rsakeygen/rsakeygen.c: Merge with EOM 1.8
regress/x509/Makefile: Merge with EOM 1.6
regress/x509/x509test.c: Merge with EOM 1.6
regress/Makefile: Merge with EOM 1.8
samples/VPN-east.conf: Merge with EOM 1.6
samples/VPN-west.conf: Merge with EOM 1.6
samples/singlehost-east.conf: Merge with EOM 1.3
samples/singlehost-west.conf: Merge with EOM 1.3
sysdep/openbsd/Makefile.sysdep: Merge with EOM 1.5
x509.h: Merge with EOM 1.6
x509.c: Merge with EOM 1.17
DESIGN-NOTES: Merge with EOM 1.46
Makefile: Merge with EOM 1.55
cert.c: Merge with EOM 1.11
cert.h: Merge with EOM 1.6
exchange.c: Merge with EOM 1.109
exchange.h: Merge with EOM 1.26
ike_auth.c: Merge with EOM 1.32
ike_phase_1.c: Merge with EOM 1.7
init.c: Merge with EOM 1.16
isakmpd.conf.5: Merge with EOM 1.27
README.PKI: Merge with EOM 1.1

author: niklas
From Niels Provos, edited by me: certificate support using SSLeay

2 files changed, 75 insertions, 34 deletions

diff --git a/sbin/isakmpd/regress/rsakeygen/Makefile b/sbin/isakmpd/regress/rsakeygen/Makefile
index 92f7a4a10f6..b9868e57767 100644
--- a/sbin/isakmpd/regress/rsakeygen/Makefile
+++ b/sbin/isakmpd/regress/rsakeygen/Makefile
@@ -1,16 +1,49 @@
-#	$OpenBSD: Makefile,v 1.5 1999/03/02 15:27:36 niklas Exp $
-#	$EOM: Makefile,v 1.3 1999/02/25 15:12:01 niklas Exp $
+#	$OpenBSD: Makefile,v 1.6 1999/07/17 21:54:38 niklas Exp $
+#	$EOM: Makefile,v 1.4 1999/07/17 20:44:13 niklas Exp $
+
+#
+# Copyright (c) 1999 Niels Provos.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+#    must display the following acknowledgement:
+#	This product includes software developed by Ericsson Radio Systems.
+# 4. The name of the author may not be used to endorse or promote products
+#    derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+#
+# This code was written under funding by Ericsson Radio Systems.
+#
 
 # RSA Key Generation
 
 PROG=		rsakeygen
-SRCS=		log.c asn.c gmp_util.c pkcs.c rsakeygen.c sysdep.c
+SRCS=		log.c rsakeygen.c sysdep.c
 TOPSRC=		${.CURDIR}/../..
 TOPOBJ!=	cd ${TOPSRC}; printf "all:\n\t@pwd\n" |${MAKE} -f-
 OS!=		awk '/^OS=/ { print $$2 }' ${.CURDIR}/../../Makefile
 .PATH:		${TOPSRC} ${TOPSRC}/sysdep/${OS} ${TOPOBJ}
 CFLAGS+=	-I${TOPSRC} -I${TOPSRC}/sysdep/${OS} -I${TOPOBJ} -Wall
-LDADD+=		-lgmp
+LDADD+=		-lgmp -lcrypto
 DPADD+=		${LIBDES}
 NOMAN=
 DEBUG=		-g
diff --git a/sbin/isakmpd/regress/rsakeygen/rsakeygen.c b/sbin/isakmpd/regress/rsakeygen/rsakeygen.c
index fbc4be408c1..684896c3297 100644
--- a/sbin/isakmpd/regress/rsakeygen/rsakeygen.c
+++ b/sbin/isakmpd/regress/rsakeygen/rsakeygen.c
@@ -1,8 +1,8 @@
-/*	$OpenBSD: rsakeygen.c,v 1.7 1999/04/27 21:02:56 niklas Exp $	*/
-/*	$EOM: rsakeygen.c,v 1.7 1999/04/05 18:27:38 niklas Exp $	*/
+/*	$OpenBSD: rsakeygen.c,v 1.8 1999/07/17 21:54:38 niklas Exp $	*/
+/*	$EOM: rsakeygen.c,v 1.8 1999/07/17 20:44:13 niklas Exp $	*/
 
 /*
- * Copyright (c) 1998 Niels Provos.  All rights reserved.
+ * Copyright (c) 1998, 1999 Niels Provos.  All rights reserved.
  * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -42,15 +42,16 @@
 #include <string.h>
 #include <gmp.h>
 
+#include <ssl/rsa.h>
+
 #include "log.h"
-#include "gmp_util.h"
-#include "asn.h"
-#include "pkcs.h"
 
 #define nibble2bin(y) (tolower((y)) < 'a' ? (y) - '0': tolower((y)) - 'a' + 10)
 #define hexchar2bin(x) ((nibble2bin((x)[0]) << 4) + nibble2bin((x)[1]))
 #define nibble2c(x) ((x) >= 10 ? ('a'-10+(x)) : ('0' + (x)))
 
+#define TEST_STRING "!Dies ist ein Test"
+
 void asc2bin (u_int8_t *bin, u_int8_t *asc, u_int16_t len)
 {
   int i;
@@ -64,60 +65,67 @@ void asc2bin (u_int8_t *bin, u_int8_t *asc, u_int16_t len)
 int
 main (void)
 {
-  char *data = "Niels ist ein Luser!";
-  u_int8_t *enc, *dec, *asn;
-  u_int32_t enclen;
-  u_int16_t len;
+  u_int8_t enc[256], dec[256], *asn, *foo;
+  int len;
   FILE *fd;
   int erg = 0;
 
-  struct rsa_public_key key;
-  struct rsa_private_key priv;
+  RSA *key;
 
   log_debug_cmd ((enum log_classes)LOG_CRYPTO, 99);
-  pkcs_generate_rsa_keypair (&key, &priv, 1024);
+  strcpy(dec, TEST_STRING);
+
+  key = RSA_generate_key(1024, RSA_F4, NULL, NULL);
+  if (key == NULL) 
+    {
+      printf("Failed to generate key\n");
+      return 0;
+    }
 
-  printf ("n: 0x"); mpz_out_str (stdout, 16, key.n);
-  printf ("\ne: 0x"); mpz_out_str (stdout, 16, key.e);
+  printf ("n: 0x"); BN_print_fp(stdout, key->n);
+  printf ("\ne: 0x"); BN_print_fp (stdout, key->e);
   printf ("\n");
 
-  printf ("n: 0x"); mpz_out_str (stdout, 16, priv.n);
-  printf ("\ne: 0x"); mpz_out_str (stdout, 16, priv.e);
-  printf ("\nd: 0x"); mpz_out_str (stdout, 16, priv.d);
-  printf ("\np: 0x"); mpz_out_str (stdout, 16, priv.p);
-  printf ("\nq: 0x"); mpz_out_str (stdout, 16, priv.q);
+  printf ("n: 0x"); BN_print_fp (stdout, key->n);
+  printf ("\ne: 0x"); BN_print_fp (stdout, key->e);
+  printf ("\nd: 0x"); BN_print_fp (stdout, key->d);
+  printf ("\np: 0x"); BN_print_fp (stdout, key->p);
+  printf ("\nq: 0x"); BN_print_fp (stdout, key->q);
   printf ("\n");
 
   printf ("Testing Signing/Verifying: ");
   /* Sign with Private Key */
-  if (!pkcs_rsa_encrypt (PKCS_PRIVATE, NULL, &priv, data, strlen(data)+1,
-			 &enc, &enclen))
+  if ((len = RSA_private_encrypt (strlen(dec)+1, dec, enc, key,
+				  RSA_PKCS1_PADDING)) == -1)
     printf ("FAILED ");
   else
     /* Decrypt/Verify with Public Key */
-    erg = pkcs_rsa_decrypt (PKCS_PRIVATE, &key, NULL, enc, &dec, &len);
+    erg = RSA_public_decrypt (len, enc, dec, key, RSA_PKCS1_PADDING);
 
-  if (!erg || strcmp(data,dec))
+  if (erg == -1 || strcmp(dec, TEST_STRING))
     printf ("FAILED ");
   else
     printf ("OKAY ");
 
   printf ("\n");
 
-  asn = pkcs_public_key_to_asn (&key);
+  len = i2d_RSAPublicKey(key, NULL);
+  foo = asn = malloc(len);
+  len = i2d_RSAPublicKey(key, &foo);
   fd = fopen ("isakmpd_key.pub", "w");
-  fwrite (asn, asn_get_len (asn), 1, fd);
+  fwrite (asn, len, 1, fd);
   fclose (fd);
   free (asn);
 
-  asn = pkcs_private_key_to_asn (&priv);
+  len = i2d_RSAPrivateKey(key, NULL);
+  foo = asn = malloc(len);
+  len = i2d_RSAPrivateKey(key, &foo);
   fd = fopen ("isakmpd_key", "w");
-  fwrite (asn, asn_get_len (asn), 1, fd);
+  fwrite (asn, len, 1, fd);
   fclose (fd);
   free (asn);
 
-  pkcs_free_public_key (&key);
-  pkcs_free_private_key (&priv);
+  RSA_free(key);
 
   return 1;
 }