summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libkeynote/Makefile.in4
-rw-r--r--lib/libkeynote/README4
-rw-r--r--lib/libkeynote/config.hin5
-rw-r--r--lib/libkeynote/configure66
-rw-r--r--lib/libkeynote/configure.in3
-rw-r--r--lib/libkeynote/environment.c15
-rw-r--r--lib/libkeynote/header.h11
-rw-r--r--lib/libkeynote/keynote-keygen.c48
8 files changed, 34 insertions, 122 deletions
diff --git a/lib/libkeynote/Makefile.in b/lib/libkeynote/Makefile.in
index 9b7a73abdb1..b6234c086b2 100644
--- a/lib/libkeynote/Makefile.in
+++ b/lib/libkeynote/Makefile.in
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.in,v 1.10 2000/02/12 01:02:02 angelos Exp $
+# $OpenBSD: Makefile.in,v 1.11 2000/09/26 23:28:45 angelos Exp $
#
# The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
#
@@ -18,7 +18,7 @@
# MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
# PURPOSE.
-VERSION = 2.2
+VERSION = 2.3
DISTFILE = keynote-${VERSION}.tar.gz
KNSUBDIR = keynote-${VERSION}
diff --git a/lib/libkeynote/README b/lib/libkeynote/README
index 29ed366b63e..3cc17a008db 100644
--- a/lib/libkeynote/README
+++ b/lib/libkeynote/README
@@ -1,6 +1,6 @@
-# $OpenBSD: README,v 1.9 2000/05/17 05:38:18 angelos Exp $
+# $OpenBSD: README,v 1.10 2000/09/26 23:28:45 angelos Exp $
-This is release 2.2 of the KeyNote trust management library reference
+This is release 2.3 of the KeyNote trust management library reference
implementation (in case you are wondering, there was never an official 1.0
release).
diff --git a/lib/libkeynote/config.hin b/lib/libkeynote/config.hin
index e36925bc493..9caa3e47ac3 100644
--- a/lib/libkeynote/config.hin
+++ b/lib/libkeynote/config.hin
@@ -1,4 +1,4 @@
-/* $OpenBSD: config.hin,v 1.2 1999/10/26 22:31:37 angelos Exp $ */
+/* $OpenBSD: config.hin,v 1.3 2000/09/26 23:28:45 angelos Exp $ */
/* config.hin. Generated automatically from configure.in by autoheader. */
@@ -91,6 +91,3 @@
/* Define if you have the crypto library (-lcrypto). */
#undef HAVE_LIBCRYPTO
-
-/* Define if you have /dev/urandom file. */
-#undef HAVE__DEV_URANDOM
diff --git a/lib/libkeynote/configure b/lib/libkeynote/configure
index 81b2b00b93e..170e50b33ca 100644
--- a/lib/libkeynote/configure
+++ b/lib/libkeynote/configure
@@ -1,5 +1,5 @@
#! /bin/sh
-# $OpenBSD: configure,v 1.2 1999/10/26 22:31:38 angelos Exp $
+# $OpenBSD: configure,v 1.3 2000/09/26 23:28:45 angelos Exp $
# Guess values for system-dependent variables and create Makefiles.
# Generated automatically using autoconf version 2.13
@@ -1725,46 +1725,14 @@ fi
done
-for ac_file in /dev/urandom
-do
-
-ac_safe=`echo "$ac_file" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_file""... $ac_c" 1>&6
-echo "configure:1733: checking for $ac_file" >&5
-if eval "test \"`echo '$''{'ac_cv_file_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test "$cross_compiling" = yes; then
- { echo "configure: error: Cannot check for file existence when cross compiling" 1>&2; exit 1; }
-else
- if test -r $ac_file; then
- eval "ac_cv_file_$ac_safe=yes"
- else
- eval "ac_cv_file_$ac_safe=no"
- fi
-fi
-fi
-if eval "test \"`echo '$ac_cv_file_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_file=HAVE_`echo $ac_file | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_file 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-
-fi
-done
-
echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:1762: checking for working const" >&5
+echo "configure:1730: checking for working const" >&5
if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1767 "configure"
+#line 1735 "configure"
#include "confdefs.h"
int main() {
@@ -1813,7 +1781,7 @@ ccp = (char const *const *) p;
; return 0; }
EOF
-if { (eval echo configure:1816: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1784: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_c_const=yes
else
@@ -1834,12 +1802,12 @@ EOF
fi
echo $ac_n "checking for u_int""... $ac_c" 1>&6
-echo "configure:1837: checking for u_int" >&5
+echo "configure:1805: checking for u_int" >&5
if eval "test \"`echo '$''{'ac_cv_type_u_int'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1842 "configure"
+#line 1810 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1867,12 +1835,12 @@ EOF
fi
echo $ac_n "checking for u_char""... $ac_c" 1>&6
-echo "configure:1870: checking for u_char" >&5
+echo "configure:1838: checking for u_char" >&5
if eval "test \"`echo '$''{'ac_cv_type_u_char'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1875 "configure"
+#line 1843 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1903,12 +1871,12 @@ fi
for ac_func in regcomp open close read _open _close _read strchr memcpy
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:1906: checking for $ac_func" >&5
+echo "configure:1874: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1911 "configure"
+#line 1879 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -1931,7 +1899,7 @@ $ac_func();
; return 0; }
EOF
-if { (eval echo configure:1934: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1902: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -1958,12 +1926,12 @@ done
for ac_func in strcasecmp strncasecmp stricmp strnicmp snprintf __b64_ntop
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:1961: checking for $ac_func" >&5
+echo "configure:1929: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1966 "configure"
+#line 1934 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -1986,7 +1954,7 @@ $ac_func();
; return 0; }
EOF
-if { (eval echo configure:1989: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1957: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -2013,12 +1981,12 @@ done
for ac_func in getopt
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:2016: checking for $ac_func" >&5
+echo "configure:1984: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 2021 "configure"
+#line 1989 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -2041,7 +2009,7 @@ $ac_func();
; return 0; }
EOF
-if { (eval echo configure:2044: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2012: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
diff --git a/lib/libkeynote/configure.in b/lib/libkeynote/configure.in
index 39c536ad264..9ad14b5a68d 100644
--- a/lib/libkeynote/configure.in
+++ b/lib/libkeynote/configure.in
@@ -1,4 +1,4 @@
-dnl $OpenBSD: configure.in,v 1.2 1999/10/26 22:31:38 angelos Exp $
+dnl $OpenBSD: configure.in,v 1.3 2000/09/26 23:28:45 angelos Exp $
dnl Process this file with autoconf to produce a configure script.
AC_INIT(assertion.h)
@@ -42,7 +42,6 @@ AC_CHECK_HEADERS(fcntl.h limits.h unistd.h regex.h sys/time.h io.h)
AC_CHECK_HEADERS(ssl/crypto.h openssl/crypto.h crypto.h memory.h)
dnl Checks for other files
-AC_CHECK_FILES(/dev/urandom)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
diff --git a/lib/libkeynote/environment.c b/lib/libkeynote/environment.c
index a048354b314..6cfeef2f616 100644
--- a/lib/libkeynote/environment.c
+++ b/lib/libkeynote/environment.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: environment.c,v 1.12 2000/06/13 19:16:15 angelos Exp $ */
+/* $OpenBSD: environment.c,v 1.13 2000/09/26 23:28:46 angelos Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
*
@@ -371,18 +371,7 @@ static int
keynote_init_environment(void)
{
#ifdef CRYPTO
- int cnt = KEYNOTE_RAND_INIT_LEN, i;
-
- do
- {
- if ((i = RAND_load_file(KEYNOTERNDFILENAME, cnt)) <= 0)
- {
- keynote_errno = ERROR_MEMORY;
- return -1;
- }
-
- cnt -= i;
- } while (cnt > 0);
+ RAND_set_rand_method(RAND_SSLeay());
#endif /* CRYPTO */
memset(keynote_current_session->ks_env_table, 0,
diff --git a/lib/libkeynote/header.h b/lib/libkeynote/header.h
index 816ff4e5b30..7f73e988036 100644
--- a/lib/libkeynote/header.h
+++ b/lib/libkeynote/header.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: header.h,v 1.5 1999/10/26 22:31:38 angelos Exp $ */
+/* $OpenBSD: header.h,v 1.6 2000/09/26 23:28:46 angelos Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
*
@@ -37,7 +37,6 @@ int sessid;
/* Defines */
#define SEED_LEN 40
-#define RND_BYTES 1024
#define DEFAULT_PUBLIC 0x10001
#define KEY_PRINT_OFFSET 12
@@ -66,14 +65,6 @@ int sessid;
#define close _close
#endif /* !HAVE_CLOSE && HAVE__CLOSE */
-#if defined(CRYPTO)
-#if HAVE__DEV_URANDOM
-#define KEYNOTERNDFILENAME "/dev/urandom"
-#else /* HAVE__DEV_URANDOM */
-#error "You need a random device!"
-#endif /* HAVE__DEV_URANDOM */
-#endif /* CRYPTO */
-
/* Includes */
#if HAVE_REGEX_H
#include <sys/types.h>
diff --git a/lib/libkeynote/keynote-keygen.c b/lib/libkeynote/keynote-keygen.c
index 4bb5c99d68f..581639cf10d 100644
--- a/lib/libkeynote/keynote-keygen.c
+++ b/lib/libkeynote/keynote-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: keynote-keygen.c,v 1.9 1999/11/03 03:17:58 angelos Exp $ */
+/* $OpenBSD: keynote-keygen.c,v 1.10 2000/09/26 23:28:46 angelos Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
*
@@ -112,7 +112,6 @@ keynote_keygen(int argc, char *argv[])
DSA *dsa;
RSA *rsa;
FILE *fp;
- int fd, cnt = RND_BYTES;
#endif /* CRYPTO || PGPLIB */
char *algname;
@@ -177,49 +176,18 @@ keynote_keygen(int argc, char *argv[])
exit(-1);
}
- fd = open(KEYNOTERNDFILENAME, O_RDONLY, 0);
- if (fd < 0)
- {
- perror(KEYNOTERNDFILENAME);
- exit(-1);
- }
-
- for (h = 0; h < 5; h++)
- {
- if (read(fd, seed, SEED_LEN) <= 0)
- {
- perror("read()");
- exit(-1);
- }
-
- RAND_seed(seed, SEED_LEN);
- }
-
- if (read(fd, seed, SEED_LEN) < SEED_LEN)
- {
- perror("read()");
- exit(-1);
- }
-
- close(fd);
-
- /* Make sure we read RND_BYTES bytes */
- do
- {
- if ((fd = RAND_load_file(KEYNOTERNDFILENAME, cnt)) <= 0)
- {
- perror(KEYNOTERNDFILENAME);
- exit(-1);
- }
-
- cnt -= fd;
- } while (cnt > 0);
-
+ RAND_set_rand_method(RAND_SSLeay());
if ((alg == KEYNOTE_ALGORITHM_DSA) &&
(ienc == INTERNAL_ENC_ASN1) &&
((enc == ENCODING_HEX) || (enc == ENCODING_BASE64)))
{
+ if (RAND_bytes(seed, SEED_LEN) == 0)
+ {
+ fprintf(stderr, "Failed to acquire %d random bytes\n", SEED_LEN);
+ exit(-1);
+ }
+
dsa = DSA_generate_parameters(len, seed, SEED_LEN, &counter, &h, NULL
#if SSLEAY_VERSION_NUMBER >= 0x0900
, NULL