From cd1702d70f5e5a38cfb215d0952dbfb45eb7b2a1 Mon Sep 17 00:00:00 2001
From: David Phillips <david@sighup.nz>
Date: Sun, 28 May 2017 21:13:54 +1200
Subject: Openssl-1.0 compat

---
 Makefile     |   2 +-
 key_update.c | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 key_update.h |   4 +++
 sand-leek.c  |  64 +--------------------------------
 4 files changed, 121 insertions(+), 64 deletions(-)
 create mode 100644 key_update.c
 create mode 100644 key_update.h

diff --git a/Makefile b/Makefile
index 2998c81..b94150a 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@ LDFLAGS += -lssl -lcrypto -lpthread
 
 all: sand-leek
 
-sand-leek: sand-leek.o onion_base32.o
+sand-leek: sand-leek.o onion_base32.o key_update.o
 
 clean:
 	rm -vf sand-leek *.o
diff --git a/key_update.c b/key_update.c
new file mode 100644
index 0000000..c9b90cc
--- /dev/null
+++ b/key_update.c
@@ -0,0 +1,115 @@
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+/* re-calculate the decryption key `d` for the given key
+ * the product of e and d must be congruent to 1, and since we are messing
+ * with e to generate our keys, we must re-calculate d */
+int
+key_update_d(RSA *rsa_key) {
+	const BIGNUM *p = NULL;
+	const BIGNUM *q = NULL;
+	const BIGNUM *d = NULL;
+	const BIGNUM *e = NULL;
+	BIGNUM *gcd = BN_secure_new();
+	BIGNUM *p1 = BN_secure_new();
+	BIGNUM *q1 = BN_secure_new();
+	BIGNUM *p1q1 = BN_secure_new();
+	BIGNUM *lambda_n = BN_secure_new();
+	BIGNUM *true_d = BN_secure_new();
+	BIGNUM *true_dmp1 = BN_secure_new();
+	BIGNUM *true_dmq1 = BN_secure_new();
+	BIGNUM *true_iqmp = BN_secure_new();
+	BN_CTX *bn_ctx = BN_CTX_secure_new();
+
+	if (!(bn_ctx && gcd && p1 && q1 && p1q1 && lambda_n && true_d &&
+	    true_dmp1 && true_dmq1 && true_iqmp)) {
+		perror("bignum or bignum context allocation");
+		return 1;
+	}
+
+	RSA_get0_key(rsa_key, NULL, &e, &d);
+	RSA_get0_factors(rsa_key, &p, &q);
+
+	/* calculate p-1 and q-1 and their product */
+	BN_sub(p1, p, BN_value_one());
+	BN_sub(q1, q, BN_value_one());
+	BN_mul(p1q1, p1, q1, bn_ctx);
+
+	/* calculate LCM of p1,q1 with p1*q1/gcd(p1,q1) */
+	BN_gcd(gcd, p1, q1, bn_ctx);
+	BN_div(lambda_n, NULL, p1q1, gcd, bn_ctx);
+
+	BN_mod_inverse(true_d, e, lambda_n, bn_ctx);
+	BN_mod_inverse(true_iqmp, q, p, bn_ctx);
+	BN_mod(rsa_key->dmp, true_d, p1, bn_ctx);
+	BN_mod(rsa_key->dmq, true_d, q1, bn_ctx);
+
+	/* cleanup BN structs not managed by RSA internal functions */
+	BN_clear_free(gcd);
+	BN_clear_free(p1);
+	BN_clear_free(q1);
+	BN_clear_free(p1q1);
+	BN_clear_free(lambda_n);
+	BN_CTX_free(bn_ctx);
+
+	if (!RSA_set0_key(rsa_key, NULL, NULL, true_d)) {
+		fprintf(stderr, "setting d failed\n");
+		return 1;
+	}
+	if (!RSA_set0_crt_params(rsa_key, true_dmp1, true_dmq1, true_iqmp)) {
+		fprintf(stderr, "setting crt params failed\n");
+		return 1;
+	}
+	return 0;
+}
+
+#else
+
+/* re-calculate the decryption key `d` for the given key
+ * the product of e and d must be congruent to 1, and since we are messing
+ * with e to generate our keys, we must re-calculate d */
+int
+key_update_d(RSA *rsa_key) {
+	BIGNUM *gcd = BN_new();
+	BIGNUM *p1 = BN_new();
+	BIGNUM *q1 = BN_new();
+	BIGNUM *p1q1 = BN_new();
+	BIGNUM *lambda_n = BN_new();
+	BIGNUM *true_d = BN_new();
+	BIGNUM *true_dmp1 = BN_new();
+	BIGNUM *true_dmq1 = BN_new();
+	BIGNUM *true_iqmp = BN_new();
+	BN_CTX *bn_ctx = BN_CTX_new();
+
+	if (!(bn_ctx && gcd && p1 && q1 && p1q1 && lambda_n && true_d &&
+	    true_dmp1 && true_dmq1 && true_iqmp)) {
+		perror("bignum or bignum context allocation");
+		return 1;
+	}
+
+	/* calculate p-1 and q-1 and their product */
+	BN_sub(p1, rsa_key->p, BN_value_one());
+	BN_sub(q1, rsa_key->q, BN_value_one());
+	BN_mul(p1q1, p1, q1, bn_ctx);
+
+	/* calculate LCM of p1,q1 with p1*q1/gcd(p1,q1) */
+	BN_gcd(gcd, p1, q1, bn_ctx);
+	BN_div(lambda_n, NULL, p1q1, gcd, bn_ctx);
+
+	BN_mod_inverse(rsa_key->d, rsa_key->e, lambda_n, bn_ctx);
+	BN_mod_inverse(true_iqmp, rsa_key->q, rsa_key->p, bn_ctx);
+	BN_mod(rsa_key->dmp1, rsa_key->d, p1, bn_ctx);
+	BN_mod(rsa_key->dmq1, rsa_key->d, q1, bn_ctx);
+
+	/* cleanup BN structs not managed by RSA internal functions */
+	BN_clear_free(gcd);
+	BN_clear_free(p1);
+	BN_clear_free(q1);
+	BN_clear_free(p1q1);
+	BN_clear_free(lambda_n);
+	BN_CTX_free(bn_ctx);
+
+	return 0;
+}
+#endif
diff --git a/key_update.h b/key_update.h
new file mode 100644
index 0000000..a886760
--- /dev/null
+++ b/key_update.h
@@ -0,0 +1,4 @@
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+int key_update_d(RSA *rsa_key);
diff --git a/sand-leek.c b/sand-leek.c
index 94018a1..8de21fc 100644
--- a/sand-leek.c
+++ b/sand-leek.c
@@ -7,13 +7,13 @@
 #include <errno.h>
 #include <string.h>
 #include <endian.h>
-#include <openssl/bn.h>
 #include <openssl/rsa.h>
 #include <openssl/sha.h>
 #include <openssl/pem.h>
 #include <openssl/err.h>
 
 #include "onion_base32.h"
+#include "key_update.h"
 
 #define VERSION "0.5"
 
@@ -40,68 +40,6 @@ static unsigned char search_raw[10];
 static size_t search_len;
 sem_t working;
 
-/* re-calculate the decryption key `d` for the given key
- * the product of e and d must be congruent to 1, and since we are messing
- * with e to generate our keys, we must re-calculate d */
-int
-key_update_d(RSA *rsa_key) {
-	const BIGNUM *p = NULL;
-	const BIGNUM *q = NULL;
-	const BIGNUM *d = NULL;
-	const BIGNUM *e = NULL;
-	BIGNUM *gcd = BN_secure_new();
-	BIGNUM *p1 = BN_secure_new();
-	BIGNUM *q1 = BN_secure_new();
-	BIGNUM *p1q1 = BN_secure_new();
-	BIGNUM *lambda_n = BN_secure_new();
-	BIGNUM *true_d = BN_secure_new();
-	BIGNUM *true_dmp1 = BN_secure_new();
-	BIGNUM *true_dmq1 = BN_secure_new();
-	BIGNUM *true_iqmp = BN_secure_new();
-	BN_CTX *bn_ctx = BN_CTX_secure_new();
-
-	if (!(bn_ctx && gcd && p1 && q1 && p1q1 && lambda_n && true_d &&
-	    true_dmp1 && true_dmq1 && true_iqmp)) {
-		perror("bignum or bignum context allocation");
-		return 1;
-	}
-
-	RSA_get0_key(rsa_key, NULL, &e, &d);
-	RSA_get0_factors(rsa_key, &p, &q);
-
-	/* calculate p-1 and q-1 and their product */
-	BN_sub(p1, p, BN_value_one());
-	BN_sub(q1, q, BN_value_one());
-	BN_mul(p1q1, p1, q1, bn_ctx);
-
-	/* calculate LCM of p1,q1 with p1*q1/gcd(p1,q1) */
-	BN_gcd(gcd, p1, q1, bn_ctx);
-	BN_div(lambda_n, NULL, p1q1, gcd, bn_ctx);
-
-	BN_mod_inverse(true_d, e, lambda_n, bn_ctx);
-	BN_mod_inverse(true_iqmp, q, p, bn_ctx);
-	BN_mod(true_dmp1, true_d, p1, bn_ctx);
-	BN_mod(true_dmq1, true_d, q1, bn_ctx);
-
-	/* cleanup BN structs not managed by RSA internal functions */
-	BN_clear_free(gcd);
-	BN_clear_free(p1);
-	BN_clear_free(q1);
-	BN_clear_free(p1q1);
-	BN_clear_free(lambda_n);
-	BN_CTX_free(bn_ctx);
-
-	if (!RSA_set0_key(rsa_key, NULL, NULL, true_d)) {
-		fprintf(stderr, "setting d failed\n");
-		return 1;
-	}
-	if (!RSA_set0_crt_params(rsa_key, true_dmp1, true_dmq1, true_iqmp)) {
-		fprintf(stderr, "setting crt params failed\n");
-		return 1;
-	}
-	return 0;
-}
-
 void*
 work(void *arg) {
 	char onion[17];
-- 
cgit v1.1