Attachment #223949 for bug #254922




PORTNAME=	john
# NB: starting from the next version, community-enhanced (jumbo) patch
# should be offered as an option (suggested by Solar Designer himself).
DISTVERSION=	1.9.0-jumbo-1
PORTREVISION=	6
CATEGORIES=	security
MASTER_SITES=	http://www.openwall.com/john/j/ \


ALL_TARGET=	default

BINARIES=	calc_stat cprepair genmkvpwd john mkvcalcproba \
		raw2dyna SIPdump tgtsnarf uaf2john vncpcap2john wpapcap2john

BINLINKS=	base64conv dmg2john gpg2john hccap2john keepass2john \

OPENCL_CONFIGURE_ENABLE= opencl
OPENCL_DESC=    Build with OpenCL support

post-extract:
	@${RM} ${WRKSRC}/pfx_fmt_plug.c ${WRKSRC}/rawSHA0_fmt_plug.c \
		${WRKSRC}/ssh_fmt_plug.c \

post-patch:
	@${REINPLACE_CMD} -e 's|/usr|${PREFIX}|' ${WRKSRC}/params.h
# Replace methods and types that were marked deprecated by OpenSSL 0.9.7
# and removed in OpenSSL 1.1.0 and LibreSSL
	@${REINPLACE_CMD} -e 's|des_string_to_key|DES_string_to_key|' \
		${WRKSRC}/KRB4_fmt_plug.c
	@${REINPLACE_CMD} -e 's|des_set_odd_parity|DES_set_odd_parity|' \
		${WRKSRC}/KRB4_std_plug.c
	@${REINPLACE_CMD} -e 's|C_Block|DES_cblock|' \
		${WRKSRC}/efs_fmt_plug.c \
		${WRKSRC}/gpg_fmt_plug.c \
		${WRKSRC}/keychain_fmt_plug.c \
		${WRKSRC}/mozilla_ng_fmt_plug.c \
		${WRKSRC}/opencl_gpg_fmt_plug.c \
		${WRKSRC}/opencl_keychain_fmt_plug.c \
		${WRKSRC}/ssh_ng_fmt_plug.c

do-install:
.for b in ${BINARIES}
	${INSTALL_PROGRAM} ${WRKSRC}/../run/${b} ${STAGEDIR}${PREFIX}/bin

	${LN} -sf john ${STAGEDIR}${PREFIX}/bin/${l}
.endfor
	@${MKDIR} ${STAGEDIR}${DATADIR}/extra
	@${MKDIR} ${STAGEDIR}${DATADIR}/rules
	@${MKDIR} ${STAGEDIR}${DATADIR}/extra/lib
	@${MKDIR} ${STAGEDIR}${DATADIR}/extra/dns
	@${MKDIR} ${STAGEDIR}${DATADIR}/extra/ztex
	cd ${WRKSRC}/../run && ${INSTALL_DATA} *.chr *.conf *.lst \
		${STAGEDIR}${DATADIR}
	cd ${WRKSRC}/../run && ${INSTALL_DATA} *.?? *.lua benchmark-unify \
		dictionary.rfc2865 john.*sh_completion mailer makechr \
		bitlocker2john eapmd5tojohn relbench stats \
		${STAGEDIR}${DATADIR}/extra
	cd ${WRKSRC}/../run/rules && ${INSTALL_DATA} *.rule ${STAGEDIR}${DATADIR}/rules
	cd ${WRKSRC}/../run/lib && ${INSTALL_DATA} *.pm ${STAGEDIR}${DATADIR}/extra/lib
	cd ${WRKSRC}/../run/dns && ${INSTALL_DATA} README.txt __init__.py \
		_compat.py exception.py flags.py hash.py message.py name.py \
		opcode.py rdata.py rdataclass.py rdataset.py rdatatype.py \
		rrset.py set.py tokenizer.py tsig.py tsigkeyring.py wiredata.py \
		${STAGEDIR}${DATADIR}/extra/dns
	cd ${WRKSRC}/../run/ztex && ${INSTALL_DATA} *.??? ${STAGEDIR}${DATADIR}/extra/ztex

do-install-DOCS-on:
	@${MKDIR} ${STAGEDIR}${DOCSDIR}
	@${MKDIR} ${STAGEDIR}${DOCSDIR}/extras
	@${RM} ${WRKSRC}/../doc/COPYING
	${INSTALL_DATA} ${WRKSRC}/../doc/[A-Zdp]* ${STAGEDIR}${DOCSDIR}
	${INSTALL_DATA} ${WRKSRC}/../doc/extras/* ${STAGEDIR}${DOCSDIR}/extras

.include <bsd.port.mk>

Lines 1-3 Link Here

(-)john/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1418916028	1	TIMESTAMP = 1617813899
2	SHA256 (john-1.8.0-jumbo-1.tar.xz) = bac93d025995a051f055adbd7ce2f1975676cac6c74a6c7a3ee4cfdd9c160923	2	SHA256 (john-1.9.0-jumbo-1.tar.xz) = f5d123f82983c53d8cc598e174394b074be7a77756f5fb5ed8515918c81e7f3b
3	SIZE (john-1.8.0-jumbo-1.tar.xz) = 23232492	3	SIZE (john-1.9.0-jumbo-1.tar.xz) = 33638768




--- Makefile.in.orig	2014-12-18 13:53:53 UTC
+++ Makefile.in
@@ -84,8 +84,6 @@ JOHN_OBJS = \
 	base64.o base64_convert.o \
 	md4.o sha2.o \
 	dynamic_fmt.o dynamic_parser.o dynamic_preloads.o dynamic_utils.o dynamic_big_crypt.o \
-	ssh2john.o \
-	pfx2john.o \
 	unrarcmd.o unrarfilter.o unrarhlp.o unrar.o unrarppm.o unrarvm.o \
 	rar2john.o \
 	zip2john.o gladman_hmac.o gladman_pwd2key.o \
@@ -132,10 +130,10 @@ GENMKVPWD_OBJS = \
 	genmkvpwd.o mkvlib.o memory.o miscnl.o path.o memdbg.o
 
 PROJ = ../run/john@EXE_EXT@ ../run/unshadow@EXE_EXT@ ../run/unafs@EXE_EXT@ ../run/unique@EXE_EXT@ ../run/undrop@EXE_EXT@ \
-	../run/ssh2john@EXE_EXT@ ../run/rar2john@EXE_EXT@ ../run/zip2john@EXE_EXT@ \
+	../run/rar2john@EXE_EXT@ ../run/zip2john@EXE_EXT@ \
 	../run/genmkvpwd@EXE_EXT@ ../run/mkvcalcproba@EXE_EXT@ ../run/calc_stat@EXE_EXT@ \
 	../run/tgtsnarf@EXE_EXT@ ../run/racf2john@EXE_EXT@ ../run/hccap2john@EXE_EXT@ \
-	../run/pwsafe2john@EXE_EXT@ ../run/raw2dyna@EXE_EXT@ ../run/keepass2john@EXE_EXT@ ../run/pfx2john@EXE_EXT@ \
+	../run/pwsafe2john@EXE_EXT@ ../run/raw2dyna@EXE_EXT@ ../run/keepass2john@EXE_EXT@ \
 	../run/keychain2john@EXE_EXT@ ../run/keyring2john@EXE_EXT@ ../run/kwallet2john@EXE_EXT@ \
 	../run/dmg2john@EXE_EXT@ ../run/putty2john@EXE_EXT@ ../run/uaf2john@EXE_EXT@ \
 	../run/truecrypt_volume2john@EXE_EXT@ ../run/keystore2john@EXE_EXT@ ../run/wpapcap2john@EXE_EXT@ \
@@ -305,18 +303,10 @@ miscnl.o: misc.c
 	$(RM) ../run/undrop
 	$(LN) john ../run/undrop
 
-../run/ssh2john: ../run/john
-	$(RM) ../run/ssh2john
-	$(LN) john ../run/ssh2john
-
 ../run/putty2john: ../run/john
 	$(RM) ../run/putty2john
 	$(LN) john ../run/putty2john
 
-../run/pfx2john: ../run/john
-	$(RM) ../run/pfx2john
-	$(LN) john ../run/pfx2john
-
 ../run/keepass2john: ../run/john
 	$(RM) ../run/keepass2john
 	$(LN) john ../run/keepass2john
@@ -397,17 +387,9 @@ miscnl.o: misc.c
 	$(CC) symlink.c -o ../run/undrop.exe
 	$(STRIP) ../run/undrop.exe
 
-../run/ssh2john.exe: symlink.c
-	$(CC) symlink.c -o ../run/ssh2john.exe
-	$(STRIP) ../run/ssh2john.exe
-
 ../run/putty2john.exe: symlink.c
 	$(CC) symlink.c -o ../run/putty2john.exe
 	$(STRIP) ../run/putty2john.exe
-
-../run/pfx2john.exe: symlink.c
-	$(CC) symlink.c -o ../run/pfx2john.exe
-	$(STRIP) ../run/pfx2john.exe
 
 ../run/keepass2john.exe: symlink.c
 	$(CC) symlink.c -o ../run/keepass2john.exe




--- Makefile.legacy.orig	2014-12-18 07:59:02 UTC
+++ Makefile.legacy
@@ -127,8 +127,6 @@ JOHN_OBJS = \
 	base64.o base64_convert.o \
 	md4.o sha2.o \
 	dynamic_fmt.o dynamic_parser.o dynamic_preloads.o dynamic_utils.o dynamic_big_crypt.o \
-	ssh2john.o \
-	pfx2john.o \
 	unrarcmd.o unrarfilter.o unrarhlp.o unrar.o unrarppm.o unrarvm.o \
 	rar2john.o \
 	zip2john.o gladman_hmac.o gladman_pwd2key.o \
@@ -209,10 +207,10 @@ GENMKVPWD_OBJS = \
 	genmkvpwd.o mkvlib.o memory.o miscnl.o path.o memdbg.o
 
 PROJ = ../run/john ../run/unshadow ../run/unafs ../run/unique ../run/undrop \
-	../run/ssh2john ../run/rar2john ../run/zip2john \
+	../run/rar2john ../run/zip2john \
 	../run/genmkvpwd ../run/mkvcalcproba ../run/calc_stat \
 	../run/tgtsnarf ../run/racf2john ../run/hccap2john \
-	../run/pwsafe2john ../run/raw2dyna ../run/keepass2john ../run/pfx2john \
+	../run/pwsafe2john ../run/raw2dyna ../run/keepass2john \
 	../run/keychain2john ../run/keyring2john ../run/kwallet2john \
 	../run/dmg2john ../run/putty2john john.local.conf ../run/uaf2john \
 	../run/truecrypt_volume2john ../run/keystore2john ../run/wpapcap2john \
@@ -220,30 +218,30 @@ PROJ = ../run/john ../run/unshadow ../run/unafs ../run
 PROJ_DOS = ../run/john.bin ../run/john.com \
 	../run/unshadow.com ../run/unafs.com ../run/unique.com \
 	../run/undrop.com \
-	../run/ssh2john.com ../run/rar2john.com ../run/zip2john \
+	../run/rar2john.com ../run/zip2john \
 	../run/racf2john.com ../run/hccap2john.com \
-	../run/pwsafe2john.com ../run/keepass2john.com ../run/pfx2john.com \
+	../run/pwsafe2john.com ../run/keepass2john.com \
 	../run/keychain2john.com ../run/keyring2john.com ../run/kwallet2john.com \
 	../run/dmg2john.com ../run/putty2john.com john.local.conf \
 	../run/gpg2john.com
 PROJ_WIN32 = ../run/john.exe \
 	../run/unshadow.exe ../run/unafs.exe ../run/unique.exe \
 	../run/undrop.exe \
-	../run/ssh2john.exe ../run/rar2john.exe ../run/zip2john.exe \
+	../run/rar2john.exe ../run/zip2john.exe \
 	../run/genmkvpwd.exe ../run/mkvcalcproba.exe ../run/calc_stat.exe \
 	../run/racf2john.exe ../run/hccap2john.exe \
 	../run/pwsafe2john.exe ../run/raw2dyna.exe ../run/keepass2john.exe \
-	../run/pfx2john.exe ../run/keychain2john.exe ../run/keyring2john.exe \
+	../run/keychain2john.exe ../run/keyring2john.exe \
 	../run/kwallet2john.exe ../run/dmg2john.exe ../run/putty2john.exe \
 	john.local.conf ../run/gpg2john.exe ../run/base64conv.exe
 PROJ_WIN32_MINGW = ../run/john-mingw.exe \
 	../run/unshadow.exe ../run/unafs.exe ../run/unique.exe \
 	../run/undrop.exe \
-	../run/ssh2john.exe ../run/rar2john.exe ../run/zip2john.exe \
+	../run/rar2john.exe ../run/zip2john.exe \
 	../run/genmkvpwd.exe ../run/mkvcalcproba.exe ../run/calc_stat.exe \
 	../run/racf2john.exe ../run/hccap2john.exe \
 	../run/pwsafe2john.exe ../run/raw2dyna.exe ../run/keepass2john.exe \
-	../run/pfx2john.exe ../run/keychain2john.exe ../run/keyring2john.exe \
+	../run/keychain2john.exe ../run/keyring2john.exe \
 	../run/kwallet2john.exe ../run/putty2john.exe john.local.conf \
 	../run/gpg2john.exe ../run/base64conv.exe
 PROJ_PCAP = ../run/SIPdump ../run/vncpcap2john
@@ -2029,18 +2027,10 @@ $(SUBDIRS):
 	$(RM) ../run/undrop
 	ln -s john ../run/undrop
 
-../run/ssh2john: ../run/john
-	$(RM) ../run/ssh2john
-	ln -s john ../run/ssh2john
-
 ../run/putty2john: ../run/john
 	$(RM) ../run/putty2john
 	ln -s john ../run/putty2john
 
-../run/pfx2john: ../run/john
-	$(RM) ../run/pfx2john
-	ln -s john ../run/pfx2john
-
 ../run/keepass2john: ../run/john
 	$(RM) ../run/keepass2john
 	ln -s john ../run/keepass2john
@@ -2114,15 +2104,9 @@ $(SUBDIRS):
 ../run/undrop.com: john.com
 	copy john.com ..\run\undrop.com
 
-../run/ssh2john.com: john.com
-	copy john.com ..\run\ssh2john.com
-
 ../run/putty2john.com: john.com
 	copy john.com ..\run\putty2john.com
 
-../run/pfx2john.com: john.com
-	copy john.com ..\run\pfx2john.com
-
 ../run/keepass2john.com: john.com
 	copy john.com ..\run\keepass2john.com
 
@@ -2198,17 +2182,9 @@ john.com: john.asm
 	$(CC) symlink.c -o ../run/undrop.exe
 	$(STRIP) ../run/undrop.exe
 
-../run/ssh2john.exe: symlink.c
-	$(CC) symlink.c -o ../run/ssh2john.exe
-	$(STRIP) ../run/ssh2john.exe
-
 ../run/putty2john.exe: symlink.c
 	$(CC) symlink.c -o ../run/putty2john.exe
 	$(STRIP) ../run/putty2john.exe
-
-../run/pfx2john.exe: symlink.c
-	$(CC) symlink.c -o ../run/pfx2john.exe
-	$(STRIP) ../run/pfx2john.exe
 
 ../run/keepass2john.exe: symlink.c
 	$(CC) symlink.c -o ../run/keepass2john.exe




--- bitcoin_fmt_plug.c.orig	2014-12-18 07:59:02 UTC
+++ bitcoin_fmt_plug.c
@@ -15,33 +15,32 @@
  * Thanks to Solar for asking to add support for bitcoin wallet files.
  */
 
-#include "arch.h"
-#include <openssl/opensslv.h>
-#if (AC_BUILT && HAVE_EVP_SHA512) || \
-	(!AC_BUILT && OPENSSL_VERSION_NUMBER >= 0x0090708f)
-
 #if FMT_EXTERNS_H
 extern struct fmt_main fmt_bitcoin;
 #elif FMT_REGISTERS_H
 john_register_one(&fmt_bitcoin);
 #else
 
-#include <openssl/evp.h>
 #include <string.h>
+#ifdef _OPENMP
+#include <omp.h>
+#ifndef OMP_SCALE
+#define OMP_SCALE               1
+#endif
+static int omp_t = 1;
+#endif
+
+#include "arch.h"
 #include "misc.h"
 #include "common.h"
 #include "formats.h"
 #include "params.h"
 #include "options.h"
 #include "sha2.h"
+#include "aes/aes.h"
 #include "stdint.h"
 #include "johnswap.h"
 #include "sse-intrinsics.h"
-#ifdef _OPENMP
-#include <omp.h>
-#define OMP_SCALE               1
-static int omp_t = 1;
-#endif
 #include "memdbg.h"
 
 #define FORMAT_LABEL		"Bitcoin"
@@ -73,6 +72,7 @@ static int omp_t = 1;
 #endif
 
 #define SZ 			128
+#define PADDING		"\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10"
 
 static struct fmt_tests bitcoin_tests[] = {
 	/* bitcoin wallet hashes */
@@ -265,10 +265,7 @@ static int crypt_all(int *pcount, struct db_salt *salt
 #endif
 	{
 		unsigned char output[SZ];
-		int fOk;
 		SHA512_CTX sha_ctx;
-		EVP_CIPHER_CTX ctx;
-		int nPLen, nFLen;
 		int i;
 
 #ifdef MMX_COEF_SHA512
@@ -316,6 +313,7 @@ static int crypt_all(int *pcount, struct db_salt *salt
 		alter_endianity_to_BE64(key_iv, 6 * MAX_KEYS_PER_CRYPT);
 
 		for (index2 = 0; index2 < MAX_KEYS_PER_CRYPT; index2++) {
+			AES_KEY aes_key;
 			unsigned char key[32];
 			unsigned char iv[16];
 
@@ -325,26 +323,21 @@ static int crypt_all(int *pcount, struct db_salt *salt
 			for (i = 0; i < sizeof(iv)/sizeof(ARCH_WORD_64); i++)   // the derived iv
 				((ARCH_WORD_64 *)iv)[i]  = key_iv[MMX_COEF_SHA512*(sizeof(key)/sizeof(ARCH_WORD_64) + i) + index2];
 
-			/* NOTE: write our code instead of using following high-level OpenSSL functions */
-			EVP_CIPHER_CTX_init(&ctx);
-			fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv);
-			if (fOk)
-				fOk = EVP_DecryptUpdate(&ctx, output, &nPLen, cur_salt->cry_master, cur_salt->cry_master_length);
-			if (fOk)
-				fOk = EVP_DecryptFinal_ex(&ctx, output + nPLen, &nFLen);
-			EVP_CIPHER_CTX_cleanup(&ctx);
-			// a decrypted mkey is exactly 32 bytes in len; ossl has already checked the padding (16 0x0f's) for us
-			if (fOk && nPLen + nFLen == 32) {
+			AES_set_decrypt_key(key, 256, &aes_key);
+			AES_cbc_encrypt(cur_salt->cry_master, output, cur_salt->cry_master_length, &aes_key, iv, AES_DECRYPT);
+
+			if (!memcmp(output + 32, PADDING, 16)) {
 				cracked[index + index2] = 1;
 #ifdef _OPENMP
 #pragma omp atomic
 #endif
 				any_cracked |= 1;
 			}
-
 		}
 #else
+		AES_KEY aes_key;
 		unsigned char key_iv[SHA512_DIGEST_LENGTH];  // buffer for both the derived key and iv
+
 		SHA512_Init(&sha_ctx);
 		SHA512_Update(&sha_ctx, saved_key[index], strlen(saved_key[index]));
 		SHA512_Update(&sha_ctx, cur_salt->cry_salt, cur_salt->cry_salt_length);
@@ -354,16 +347,11 @@ static int crypt_all(int *pcount, struct db_salt *salt
 			SHA512_Update(&sha_ctx, key_iv, SHA512_DIGEST_LENGTH);
 			SHA512_Final(key_iv, &sha_ctx);
 		}
-		/* NOTE: write our code instead of using following high-level OpenSSL functions */
-		EVP_CIPHER_CTX_init(&ctx);
-		fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key_iv, key_iv+32);
-		if (fOk)
-			fOk = EVP_DecryptUpdate(&ctx, output, &nPLen, cur_salt->cry_master, cur_salt->cry_master_length);
-		if (fOk)
-			fOk = EVP_DecryptFinal_ex(&ctx, output + nPLen, &nFLen);
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		// a decrypted mkey is exactly 32 bytes in len; ossl has already checked the padding (16 0x0f's) for us
-		if (fOk && nPLen + nFLen == 32) {
+
+		AES_set_decrypt_key(key_iv, 256, &aes_key);
+		AES_cbc_encrypt(cur_salt->cry_master, output, cur_salt->cry_master_length, &aes_key, key_iv + 32, AES_DECRYPT);
+
+		if (!memcmp(output + 32, PADDING, 16)) {
 			cracked[index] = 1;
 #ifdef _OPENMP
 #pragma omp atomic
@@ -471,5 +459,3 @@ struct fmt_main fmt_bitcoin = {
 };
 
 #endif /* plugin stanza */
-
-#endif /* OpenSSL requirement */




--- dmg_fmt_plug.c.orig	2014-12-18 07:59:02 UTC
+++ dmg_fmt_plug.c
@@ -56,7 +56,7 @@ john_register_one(&fmt_dmg);
 #include <stdlib.h>
 #include "stdint.h"
 #include <sys/types.h>
-#include <openssl/evp.h>
+#include <openssl/des.h>
 #include <openssl/aes.h>
 #include <openssl/hmac.h>
 #include "filevault.h"
@@ -413,42 +413,36 @@ static void *get_salt(char *ciphertext)
 	return (void *)&cs;
 }
 
-static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_key_len, unsigned char *decryptKey)
+static int apple_des3_ede_unwrap_key1(const unsigned char *wrapped_key, const int wrapped_key_len, const unsigned char *decryptKey)
 {
-	EVP_CIPHER_CTX ctx;
+	DES_key_schedule ks1, ks2, ks3;
 	unsigned char TEMP1[sizeof(cur_salt->wrapped_hmac_sha1_key)];
 	unsigned char TEMP2[sizeof(cur_salt->wrapped_hmac_sha1_key)];
-	unsigned char CEKICV[sizeof(cur_salt->wrapped_hmac_sha1_key)];
 	unsigned char IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
-	int outlen, tmplen, i;
+	int outlen, i;
 
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
-	if (!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) {
-		goto err;
-	}
-	if (!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) {
-		goto err;
-	}
-	outlen += tmplen;
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	for (i = 0; i < outlen; i++) {
+	DES_set_key((DES_cblock*)(decryptKey +  0), &ks1);
+	DES_set_key((DES_cblock*)(decryptKey +  8), &ks2);
+	DES_set_key((DES_cblock*)(decryptKey + 16), &ks3);
+	DES_ede3_cbc_encrypt(wrapped_key, TEMP1, wrapped_key_len, &ks1, &ks2, &ks3,
+	                     (DES_cblock*)IV, DES_DECRYPT);
+
+	outlen = check_pkcs_pad(TEMP1, wrapped_key_len, 8);
+	if (outlen < 0)
+		return 0;
+
+	for (i = 0; i < outlen; i++)
 		TEMP2[i] = TEMP1[outlen - i - 1];
-	}
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
-	if (!EVP_DecryptUpdate(&ctx, CEKICV, &outlen, TEMP2 + 8, outlen - 8)) {
-		goto err;
-	}
-	if (!EVP_DecryptFinal_ex(&ctx, CEKICV + outlen, &tmplen)) {
-		goto err;
-	}
-	outlen += tmplen;
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	return 0;
-err:
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	return -1;
+
+	outlen -= 8;
+	DES_ede3_cbc_encrypt(TEMP2 + 8, TEMP1, outlen, &ks1, &ks2, &ks3,
+	                     (DES_cblock*)TEMP2, DES_DECRYPT);
+
+	outlen = check_pkcs_pad(TEMP1, outlen, 8);
+	if (outlen < 0)
+		return 0;
+
+	return 1;
 }
 
 static void hash_plugin_check_hash(int index)
@@ -492,22 +486,20 @@ static void hash_plugin_check_hash(int index)
 		for(j = 0; j < SSE_GROUP_SZ_SHA1; ++j) {
 		derived_key = Derived_key[j];
 #endif
-		if ((apple_des3_ede_unwrap_key1(cur_salt->wrapped_aes_key, cur_salt->len_wrapped_aes_key, derived_key) == 0) && (apple_des3_ede_unwrap_key1(cur_salt->wrapped_hmac_sha1_key, cur_salt->len_hmac_sha1_key, derived_key) == 0)) {
+		if (apple_des3_ede_unwrap_key1(cur_salt->wrapped_aes_key, cur_salt->len_wrapped_aes_key, derived_key) &&
+		    apple_des3_ede_unwrap_key1(cur_salt->wrapped_hmac_sha1_key, cur_salt->len_hmac_sha1_key, derived_key)) {
 			cracked[index+j] = 1;
 		}
 #ifdef MMX_COEF
 		}
 #endif
 	} else {
-		EVP_CIPHER_CTX ctx;
+		DES_key_schedule ks1, ks2, ks3;
 		unsigned char TEMP1[sizeof(cur_salt->wrapped_hmac_sha1_key)];
-		int outlen, tmplen;
 		AES_KEY aes_decrypt_key;
 		unsigned char outbuf[8192 + 1];
 		unsigned char outbuf2[4096 + 1];
 		unsigned char iv[20];
-		HMAC_CTX hmacsha1_ctx;
-		int mdlen;
 #ifdef DMG_DEBUG
 		unsigned char *r;
 #endif
@@ -547,27 +539,18 @@ static void hash_plugin_check_hash(int index)
 		for(j = 0; j < SSE_GROUP_SZ_SHA1; ++j) {
 		derived_key = Derived_key[j];
 #endif
-		EVP_CIPHER_CTX_init(&ctx);
-		EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, cur_salt->iv);
-		if (!EVP_DecryptUpdate(&ctx, TEMP1, &outlen,
-		    cur_salt->encrypted_keyblob, cur_salt->encrypted_keyblob_size)) {
-			EVP_CIPHER_CTX_cleanup(&ctx);
-#ifdef MMX_COEF
-			continue;
-#else
-			return;
-#endif
-		}
-		EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen);
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		outlen += tmplen;
+
+		DES_set_key((DES_cblock*)(derived_key +  0), &ks1);
+		DES_set_key((DES_cblock*)(derived_key +  8), &ks2);
+		DES_set_key((DES_cblock*)(derived_key + 16), &ks3);
+		memcpy(iv, cur_salt->iv, 8);
+		DES_ede3_cbc_encrypt(cur_salt->encrypted_keyblob, TEMP1,
+		                     cur_salt->encrypted_keyblob_size, &ks1, &ks2, &ks3,
+		                     (DES_cblock*)iv, DES_DECRYPT);
+
 		memcpy(aes_key_, TEMP1, 32);
 		memcpy(hmacsha1_key_, TEMP1, 20);
-		HMAC_CTX_init(&hmacsha1_ctx);
-		HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
-		HMAC_Update(&hmacsha1_ctx, (void *) &cur_salt->cno, 4);
-		HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *) &mdlen);
-		HMAC_CTX_cleanup(&hmacsha1_ctx);
+		hmac_sha1(hmacsha1_key_, 20, (unsigned char*)&cur_salt->cno, 4, iv, 20);
 		if (cur_salt->encrypted_keyblob_size == 48)
 			AES_set_decrypt_key(aes_key_, 128, &aes_decrypt_key);
 		else
@@ -631,12 +614,7 @@ static void hash_plugin_check_hash(int index)
 		/* Second buffer test. If present, *this* is the very first block of the DMG */
 		if (!cracked[index+j] && cur_salt->scp == 1) {
 			int cno = 0;
-
-			HMAC_CTX_init(&hmacsha1_ctx);
-			HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
-			HMAC_Update(&hmacsha1_ctx, (void *) &cno, 4);
-			HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *) &mdlen);
-			HMAC_CTX_cleanup(&hmacsha1_ctx);
+			hmac_sha1(hmacsha1_key_, 20, (unsigned char*)&cno, 4, iv, 20);
 			if (cur_salt->encrypted_keyblob_size == 48)
 				AES_set_decrypt_key(aes_key_, 128, &aes_decrypt_key);
 			else




--- encfs_fmt_plug.c.orig	2014-11-11 14:41:25 UTC
+++ encfs_fmt_plug.c
@@ -90,25 +90,16 @@ static struct fmt_tests encfs_tests[] = {
 static void setIVec( unsigned char *ivec, uint64_t seed,
         unsigned char *key)
 {
-	unsigned char md[EVP_MAX_MD_SIZE];
-	unsigned int mdLen = EVP_MAX_MD_SIZE;
+	unsigned char iv_and_seed[MAX_IVLENGTH+8];
 	int i;
-	HMAC_CTX mac_ctx;
 
-	memcpy( ivec, &key[cur_salt->keySize], cur_salt->ivLength );
+	// combine ivec and seed with HMAC
+	memcpy(iv_and_seed, &key[cur_salt->keySize], cur_salt->ivLength);
 	for(i=0; i<8; ++i) {
-		md[i] = (unsigned char)(seed & 0xff);
+		iv_and_seed[i+cur_salt->ivLength] = (unsigned char)(seed & 0xff);
 		seed >>= 8;
 	}
-	// combine ivec and seed with HMAC
-	HMAC_CTX_init(&mac_ctx);
-	HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
-	HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
-	HMAC_Update( &mac_ctx, ivec, cur_salt->ivLength );
-	HMAC_Update( &mac_ctx, md, 8 );
-	HMAC_Final( &mac_ctx, md, &mdLen );
-	HMAC_CTX_cleanup(&mac_ctx);
-	memcpy( ivec, md, cur_salt->ivLength );
+	hmac_sha1(key, cur_salt->keySize, iv_and_seed, cur_salt->ivLength+8, ivec, cur_salt->ivLength);
 }
 
 
@@ -144,33 +135,28 @@ static void flipBytes(unsigned char *buf, int size)
 static uint64_t _checksum_64(unsigned char *key,
 		const unsigned char *data, int dataLen, uint64_t *chainedIV)
 {
-	unsigned char md[EVP_MAX_MD_SIZE];
+	unsigned char DataIV[128+8];	// max data len is 128
+	unsigned char md[20];
 	unsigned int mdLen = EVP_MAX_MD_SIZE;
 	int i;
 	unsigned char h[8] = {0,0,0,0,0,0,0,0};
 	uint64_t value;
-	HMAC_CTX mac_ctx;
 
-	HMAC_CTX_init(&mac_ctx);
-	HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
-	HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
-	HMAC_Update( &mac_ctx, data, dataLen );
+	memcpy(DataIV, data, dataLen);
 	if(chainedIV)
 	{
 	  // toss in the chained IV as well
 		uint64_t tmp = *chainedIV;
 		unsigned char h[8];
 		for(i=0; i<8; ++i) {
-			h[i] = tmp & 0xff;
+			h[i] = DataIV[dataLen++] = (tmp & 0xff);
 			tmp >>= 8;
 		}
-		HMAC_Update( &mac_ctx, h, 8 );
 	}
-	HMAC_Final( &mac_ctx, md, &mdLen );
-	HMAC_CTX_cleanup(&mac_ctx);
+	hmac_sha1(key, cur_salt->keySize, DataIV, dataLen, md, 20);
 
 	// chop this down to a 64bit value..
-	for(i=0; i < (mdLen - 1); ++i)
+	for(i=0; i < 19; ++i)
 		h[i%8] ^= (unsigned char)(md[i]);
 
 	value = (uint64_t)h[0];
@@ -202,26 +188,26 @@ static int streamDecode(unsigned char *buf, int size,
 {
 	unsigned char ivec[ MAX_IVLENGTH ];
 	int dstLen=0, tmpLen=0;
-	EVP_CIPHER_CTX stream_dec;
+	EVP_CIPHER_CTX *stream_dec = EVP_CIPHER_CTX_new();
 
 	setIVec( ivec, iv64 + 1, key);
-	EVP_CIPHER_CTX_init(&stream_dec);
-	EVP_DecryptInit_ex( &stream_dec, cur_salt->streamCipher, NULL, NULL, NULL);
-	EVP_CIPHER_CTX_set_key_length( &stream_dec, cur_salt->keySize );
-	EVP_CIPHER_CTX_set_padding( &stream_dec, 0 );
-	EVP_DecryptInit_ex( &stream_dec, NULL, NULL, key, NULL);
+	EVP_CIPHER_CTX_init(stream_dec);
+	EVP_DecryptInit_ex( stream_dec, cur_salt->streamCipher, NULL, NULL, NULL);
+	EVP_CIPHER_CTX_set_key_length( stream_dec, cur_salt->keySize );
+	EVP_CIPHER_CTX_set_padding( stream_dec, 0 );
+	EVP_DecryptInit_ex( stream_dec, NULL, NULL, key, NULL);
 
-	EVP_DecryptInit_ex( &stream_dec, NULL, NULL, NULL, ivec);
-	EVP_DecryptUpdate( &stream_dec, buf, &dstLen, buf, size );
-	EVP_DecryptFinal_ex( &stream_dec, buf+dstLen, &tmpLen );
+	EVP_DecryptInit_ex( stream_dec, NULL, NULL, NULL, ivec);
+	EVP_DecryptUpdate( stream_dec, buf, &dstLen, buf, size );
+	EVP_DecryptFinal_ex( stream_dec, buf+dstLen, &tmpLen );
 	unshuffleBytes( buf, size );
 	flipBytes( buf, size );
 
 	setIVec( ivec, iv64, key );
-	EVP_DecryptInit_ex( &stream_dec, NULL, NULL, NULL, ivec);
-	EVP_DecryptUpdate( &stream_dec, buf, &dstLen, buf, size );
-	EVP_DecryptFinal_ex( &stream_dec, buf+dstLen, &tmpLen );
-	EVP_CIPHER_CTX_cleanup(&stream_dec);
+	EVP_DecryptInit_ex( stream_dec, NULL, NULL, NULL, ivec);
+	EVP_DecryptUpdate( stream_dec, buf, &dstLen, buf, size );
+	EVP_DecryptFinal_ex( stream_dec, buf+dstLen, &tmpLen );
+	EVP_CIPHER_CTX_cleanup(stream_dec);
 
 	unshuffleBytes( buf, size );
 	dstLen += tmpLen;




--- gpg_fmt_plug.c.orig	2014-12-18 07:59:02 UTC
+++ gpg_fmt_plug.c
@@ -930,8 +930,12 @@ static int check_dsa_secret_key(DSA *dsa)
 {
 	int error;
 	int rc = -1;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+	const BIGNUM *p, *q, *g, *pub_key, *priv_key;
+#endif
 	BIGNUM *res = BN_new();
 	BN_CTX *ctx = BN_CTX_new();
+
 	if (!res) {
 		fprintf(stderr, "failed to allocate result BN in check_dsa_secret_key()\n");
 		exit(-1);
@@ -941,23 +945,35 @@ static int check_dsa_secret_key(DSA *dsa)
 		exit(-1);
 	}
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+	DSA_get0_pqg(dsa, &p, &q, &g);
+	DSA_get0_key(dsa, &pub_key, &priv_key);
+	error = BN_mod_exp(res, g, priv_key, p, ctx);
+#else
 	error = BN_mod_exp(res, dsa->g, dsa->priv_key, dsa->p, ctx);
+#endif
+
 	if ( error == 0 ) {
 		goto freestuff;
 	}
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+	rc = BN_cmp(res, pub_key);
+#else
 	rc = BN_cmp(res, dsa->pub_key);
+#endif
 
 freestuff:
 
 	BN_CTX_free(ctx);
 	BN_free(res);
+#if OPENSSL_VERSION_NUMBER < 0x10100000
 	BN_free(dsa->g);
 	BN_free(dsa->q);
 	BN_free(dsa->p);
 	BN_free(dsa->pub_key);
 	BN_free(dsa->priv_key);
-
+#endif
 	return rc;
 }
 
@@ -1212,9 +1228,7 @@ static int check(unsigned char *keydata, int ks)
 			return 0;
 		if (blen < cur_salt->datalen && ((b = BN_bin2bn(out + 2, blen, NULL)) != NULL)) {
 			char *str = BN_bn2hex(b);
-			DSA dsa;
-			ElGamal_secret_key elg;
-			RSA_secret_key rsa;
+
 			if (strlen(str) != blen * 2) { /* verifier 2 */
 				OPENSSL_free(str);
 				return 0;
@@ -1222,6 +1236,28 @@ static int check(unsigned char *keydata, int ks)
 			OPENSSL_free(str);
 
 			if (cur_salt->pk_algorithm == 17) { /* DSA check */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+				DSA *dsa = DSA_new();
+				BIGNUM *p, *q, *g, *pub_key, *priv_key;
+
+				p = BN_bin2bn(cur_salt->p, cur_salt->pl, NULL);
+				// puts(BN_bn2hex(dsa.p));
+				q = BN_bin2bn(cur_salt->q, cur_salt->ql, NULL);
+				// puts(BN_bn2hex(dsa.q));
+				g = BN_bin2bn(cur_salt->g, cur_salt->gl, NULL);
+				// puts(BN_bn2hex(dsa.g));
+				priv_key = b;
+				pub_key = BN_bin2bn(cur_salt->y, cur_salt->yl, NULL);
+
+				DSA_set0_pqg(dsa, p, q, g);
+				DSA_set0_key(dsa, pub_key, priv_key);
+
+				// puts(BN_bn2hex(dsa.pub_key));
+				ret = check_dsa_secret_key(dsa); /* verifier 3 */
+				DSA_free(dsa);
+#else
+				DSA dsa;
+
 				dsa.p = BN_bin2bn(cur_salt->p, cur_salt->pl, NULL);
 				// puts(BN_bn2hex(dsa.p));
 				dsa.q = BN_bin2bn(cur_salt->q, cur_salt->ql, NULL);
@@ -1232,10 +1268,13 @@ static int check(unsigned char *keydata, int ks)
 				dsa.pub_key = BN_bin2bn(cur_salt->y, cur_salt->yl, NULL);
 				// puts(BN_bn2hex(dsa.pub_key));
 				ret = check_dsa_secret_key(&dsa); /* verifier 3 */
+#endif
 				if (ret != 0)
 					return 0;
 			}
 			if (cur_salt->pk_algorithm == 16 || cur_salt->pk_algorithm == 20) { /* ElGamal check */
+				ElGamal_secret_key elg;
+
 				elg.p = BN_bin2bn(cur_salt->p, cur_salt->pl, NULL);
 				// puts(BN_bn2hex(elg.p));
 				elg.g = BN_bin2bn(cur_salt->g, cur_salt->gl, NULL);
@@ -1249,8 +1288,10 @@ static int check(unsigned char *keydata, int ks)
 					return 0;
 			}
 			if (cur_salt->pk_algorithm == 1) { /* RSA check */
+				RSA_secret_key rsa;
 				// http://www.ietf.org/rfc/rfc4880.txt
 				int length = 0;
+
 				length += give_multi_precision_integer(out, length, &cur_salt->dl, cur_salt->d);
 				length += give_multi_precision_integer(out, length, &cur_salt->pl, cur_salt->p);
 				length += give_multi_precision_integer(out, length, &cur_salt->ql, cur_salt->q);




--- john.c.orig	2014-12-18 07:59:02 UTC
+++ john.c
@@ -153,8 +153,6 @@ extern int base64conv(int argc, char **argv);
 extern int hccap2john(int argc, char **argv);
 extern int zip2john(int argc, char **argv);
 extern int gpg2john(int argc, char **argv);
-extern int ssh2john(int argc, char **argv);
-extern int pfx2john(int argc, char **argv);
 extern int keychain2john(int argc, char **argv);
 extern int kwallet2john(int argc, char **argv);
 extern int keepass2john(int argc, char **argv);
@@ -1542,19 +1540,9 @@ int main(int argc, char **argv)
 		return unique(argc, argv);
 	}
 
-	if (!strcmp(name, "ssh2john")) {
-		CPU_detect_or_fallback(argv, 0);
-		return ssh2john(argc, argv);
-	}
-
 	if (!strcmp(name, "putty2john")) {
 		CPU_detect_or_fallback(argv, 0);
 		return putty2john(argc, argv);
-	}
-
-	if (!strcmp(name, "pfx2john")) {
-		CPU_detect_or_fallback(argv, 0);
-		return pfx2john(argc, argv);
 	}
 
 	if (!strcmp(name, "keychain2john")) {




--- jumbo.c.orig	2014-12-18 07:59:02 UTC
+++ jumbo.c
@@ -334,3 +334,23 @@ int setenv(const char *name, const char *val, int over
 	return 0;
 }
 #endif
+
+int check_pkcs_pad(const unsigned char* data, size_t len, int blocksize)
+{
+	int pad_len = data[len - 1];
+	int padding = pad_len;
+	int real_len = len - pad_len;
+	const unsigned char *p = data + real_len;
+
+	if (pad_len > blocksize || pad_len < 1)
+		return -1;
+
+	if (len < blocksize)
+		return -1;
+
+	while (pad_len--)
+		if (*p++ != padding)
+			return -1;
+
+	return real_len;
+}




--- jumbo.h.orig	2014-12-18 07:59:02 UTC
+++ jumbo.h
@@ -388,4 +388,10 @@ extern int setenv(const char *name, const char *val, i
 //HAVE_STRTOL
 //HAVE_STRTOUL
 
+/*
+ * Standard PKCS padding check. On success, returns net length.
+ * On failure, returns -1.
+ */
+extern int check_pkcs_pad(const unsigned char* data, size_t len, int blocksize);
+
 #endif /* _JTR_JUMBO_H */




--- rar_fmt_plug.c.orig	2014-12-18 07:59:02 UTC
+++ rar_fmt_plug.c
@@ -48,15 +48,7 @@ john_register_one(&fmt_rar);
 #else
 
 #include <string.h>
-#include <assert.h>
 #include <errno.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-#include <openssl/ssl.h>
-
-#include "arch.h"
-#include "sha.h"
-
 #if AC_BUILT
 #include "autoconfig.h"
 #endif
@@ -71,6 +63,8 @@ john_register_one(&fmt_rar);
 #include <sys/mman.h>
 #endif
 
+#include "arch.h"
+#include "sha.h"
 #include "crc32.h"
 #include "misc.h"
 #include "common.h"
@@ -119,9 +113,7 @@ john_register_one(&fmt_rar);
 
 #ifdef _OPENMP
 #include <omp.h>
-#include <pthread.h>
 #define OMP_SCALE		4
-static pthread_mutex_t *lockarray;
 #endif
 
 #include "memdbg.h"
@@ -198,71 +190,6 @@ static struct fmt_tests cpu_tests[] = {
 	{NULL}
 };
 
-#if defined (_OPENMP)
-static void lock_callback(int mode, int type, const char *file, int line)
-{
-	(void)file;
-	(void)line;
-	if (mode & CRYPTO_LOCK)
-		pthread_mutex_lock(&(lockarray[type]));
-	else
-		pthread_mutex_unlock(&(lockarray[type]));
-}
-
-static unsigned long thread_id(void)
-{
-	return omp_get_thread_num();
-}
-
-static void init_locks(void)
-{
-	int i;
-	lockarray = (pthread_mutex_t*) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
-	for (i = 0; i < CRYPTO_num_locks(); i++)
-		pthread_mutex_init(&(lockarray[i]), NULL);
-	CRYPTO_set_id_callback(thread_id);
-	CRYPTO_set_locking_callback(lock_callback);
-}
-#endif	/* _OPENMP */
-
-/* Use AES-NI if available. This is not supported with low-level calls,
-   we have to use EVP) */
-static void init_aesni(void)
-{
-	ENGINE *e;
-	const char *engine_id = "aesni";
-
-	ENGINE_load_builtin_engines();
-	e = ENGINE_by_id(engine_id);
-	if (!e) {
-		//fprintf(stderr, "AES-NI engine not available\n");
-		return;
-	}
-	if (!ENGINE_init(e)) {
-		fprintf(stderr, "AES-NI engine could not init\n");
-		ENGINE_free(e);
-		return;
-	}
-	if (!ENGINE_set_default(e, ENGINE_METHOD_ALL & ~ENGINE_METHOD_RAND)) {
-		/* This should only happen when 'e' can't initialise, but the
-		 * previous statement suggests it did. */
-		fprintf(stderr, "AES-NI engine initialized but then failed\n");
-		abort();
-	}
-	ENGINE_finish(e);
-	ENGINE_free(e);
-}
-
-#ifndef __APPLE__ /* Apple segfaults on this :) */
-static void openssl_cleanup(void)
-{
-	ENGINE_cleanup();
-	ERR_free_strings();
-	CRYPTO_cleanup_all_ex_data();
-	EVP_cleanup();
-}
-#endif
-
 #undef set_key
 static void set_key(char *key, int index)
 {
@@ -418,7 +345,6 @@ static void init(struct fmt_main *self)
 	omp_t = omp_get_max_threads();
 	self->params.min_keys_per_crypt *= omp_t;
 	self->params.max_keys_per_crypt = omp_t * OMP_SCALE * MAX_KEYS_PER_CRYPT;
-	init_locks();
 #endif /* _OPENMP */
 
 	if (pers_opts.target_enc == UTF_8)
@@ -436,14 +362,6 @@ static void init(struct fmt_main *self)
 	self->params.benchmark_comment = " (1-16 characters)";
 #endif
 
-	/* OpenSSL init */
-	init_aesni();
-	SSL_load_error_strings();
-	SSL_library_init();
-	OpenSSL_add_all_algorithms();
-#ifndef __APPLE__
-	atexit(openssl_cleanup);
-#endif
 	/* CRC-32 table init, do it before we start multithreading */
 	{
 		CRC32_t crc;
@@ -716,53 +634,43 @@ static int crypt_all(int *pcount, struct db_salt *salt
 #pragma omp parallel for
 #endif
 	for (index = 0; index < count; index++) {
-		int i16 = index*16;
-		unsigned int inlen = 16;
-		int outlen;
-		EVP_CIPHER_CTX aes_ctx;
+		AES_KEY aes_ctx;
+		unsigned char *key = &aes_key[index * 16];
+		unsigned char *iv = &aes_iv[index * 16];
 
-		EVP_CIPHER_CTX_init(&aes_ctx);
-		EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_cbc(), NULL, &aes_key[i16], &aes_iv[i16]);
-		EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
+		AES_set_decrypt_key(key, 128, &aes_ctx);
 
 		//fprintf(stderr, "key %s\n", utf16_to_enc((UTF16*)&saved_key[index * UNICODE_LENGTH]));
 		/* AES decrypt, uses aes_iv, aes_key and blob */
 		if (cur_file->type == 0) {	/* rar-hp mode */
 			unsigned char plain[16];
 
-			outlen = 0;
+			AES_cbc_encrypt(cur_file->blob, plain, 16,
+			                &aes_ctx, iv, AES_DECRYPT);
 
-			EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cur_file->blob, inlen);
-			EVP_DecryptFinal_ex(&aes_ctx, &plain[outlen], &outlen);
-
 			cracked[index] = !memcmp(plain, "\xc4\x3d\x7b\x00\x40\x07\x00", 7);
-
 		} else {
-
 			if (cur_file->method == 0x30) {	/* stored, not deflated */
 				CRC32_t crc;
 				unsigned char crc_out[4];
-				unsigned char plain[0x8010];
+				unsigned char plain[0x8000];
 				unsigned long long size = cur_file->unp_size;
 				unsigned char *cipher = cur_file->blob;
 
 				/* Use full decryption with CRC check.
 				   Compute CRC of the decompressed plaintext */
 				CRC32_Init(&crc);
-				outlen = 0;
 
-				while (size > 0x8000) {
-					inlen = 0x8000;
+				while (size) {
+					unsigned int inlen = (size > 0x8000) ? 0x8000 : size;
 
-					EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cipher, inlen);
-					CRC32_Update(&crc, plain, outlen > size ? size : outlen);
-					size -= outlen;
+					AES_cbc_encrypt(cipher, plain, inlen,
+					                &aes_ctx, iv, AES_DECRYPT);
+
+					CRC32_Update(&crc, plain, inlen);
+					size -= inlen;
 					cipher += inlen;
 				}
-				EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cipher, (size + 15) & ~0xf);
-				EVP_DecryptFinal_ex(&aes_ctx, &plain[outlen], &outlen);
-				size += outlen;
-				CRC32_Update(&crc, plain, size);
 				CRC32_Final(crc_out, crc);
 
 				/* Compare computed CRC with stored CRC */
@@ -771,15 +679,16 @@ static int crypt_all(int *pcount, struct db_salt *salt
 				const int solid = 0;
 				unpack_data_t *unpack_t;
 				unsigned char plain[20];
+				unsigned char pre_iv[16];
 
 				cracked[index] = 0;
 
+				memcpy(pre_iv, iv, 16);
+
 				/* Decrypt just one block for early rejection */
-				outlen = 0;
-				EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cur_file->blob, 16);
-				EVP_DecryptFinal_ex(&aes_ctx, &plain[outlen], &outlen);
+				AES_cbc_encrypt(cur_file->blob, plain, 16,
+				                &aes_ctx, pre_iv, AES_DECRYPT);
 
-#if 1
 				/* Early rejection */
 				if (plain[0] & 0x80) {
 					// PPM checks here.
@@ -792,10 +701,10 @@ static int crypt_all(int *pcount, struct db_salt *salt
 					    !check_huffman(plain)) // Huffman table check
 						goto bailOut;
 				}
-#endif
+
 				/* Reset stuff for full check */
-				EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_cbc(), NULL, &aes_key[i16], &aes_iv[i16]);
-				EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
+				AES_set_decrypt_key(key, 128, &aes_ctx);
+
 #ifdef _OPENMP
 				unpack_t = &unpack_data[omp_get_thread_num()];
 #else
@@ -804,16 +713,15 @@ static int crypt_all(int *pcount, struct db_salt *salt
 				unpack_t->max_size = cur_file->unp_size;
 				unpack_t->dest_unp_size = cur_file->unp_size;
 				unpack_t->pack_size = cur_file->pack_size;
-				unpack_t->iv = &aes_iv[i16];
+				unpack_t->iv = iv;
 				unpack_t->ctx = &aes_ctx;
-				unpack_t->key = &aes_key[i16];
+				unpack_t->key = key;
 
 				if (rar_unpack29(cur_file->blob, solid, unpack_t))
 					cracked[index] = !memcmp(&unpack_t->unp_crc, &cur_file->crc.c, 4);
 bailOut:;
 			}
 		}
-		EVP_CIPHER_CTX_cleanup(&aes_ctx);
 	}
 	return count;
 }




--- truecrypt_fmt_plug.c.orig	2014-12-18 07:59:02 UTC
+++ truecrypt_fmt_plug.c
@@ -310,8 +310,8 @@ static int crypt_all(int *pcount, struct
 			pbkdf2_sha512_sse((const unsigned char **)pin, lens, psalt->salt, 64, psalt->num_iterations, &(x.poutc), sizeof(key), 0);
 		}
 #else
-		if (is_sha512)
-			pbkdf2_sha512((const unsigned char*)key_buffer[i], strlen(key_buffer[i]), psalt->salt, 64, num_iterations, key, sizeof(key), 0);
+		if (psalt->hash_type == IS_SHA512)
+			pbkdf2_sha512((const unsigned char*)key_buffer[i], strlen((char*)key_buffer[i]), psalt->salt, 64, psalt->num_iterations, key, sizeof(key), 0);
 #endif
 		else if (psalt->hash_type == IS_RIPEMD160)
 			pbkdf2_ripemd160(key_buffer[i], strlen((char*)(key_buffer[i])), psalt->salt, 64, psalt->num_iterations, key, sizeof(key), 0);




--- unrar.c.orig	2014-09-19 16:40:51 UTC
+++ unrar.c
@@ -31,7 +31,6 @@
 #include <errno.h>
 #include <stdlib.h>
 #include <string.h>
-#include <openssl/evp.h>
 
 #include "unrar.h"
 #include "unrarppm.h"
@@ -136,13 +135,7 @@ int rar_unp_read_buf(const unsigned char **fd, unpack_
 	}
 
 	if (read_size) {
-		int outlen;
-
-		EVP_DecryptUpdate(unpack_data->ctx, unpack_data->in_buf + data_size, &outlen, *fd, read_size);
-		if (outlen > read_size - 16) {
-			EVP_DecryptFinal_ex(unpack_data->ctx, unpack_data->in_buf + data_size + outlen, &outlen);
-		} else
-			read_size = outlen;
+		AES_cbc_encrypt(*fd, unpack_data->in_buf + data_size, read_size, unpack_data->ctx, unpack_data->iv, AES_DECRYPT);
 		*fd += read_size;
 		unpack_data->read_top += read_size;
 		unpack_data->pack_size -= read_size;




--- unrar.h.orig	2014-05-16 13:40:40 UTC
+++ unrar.h
@@ -24,12 +24,12 @@
 #define UNRAR_H 1
 
 #include "arch.h"
-#include <openssl/evp.h>
 
 #include <sys/types.h>
 
 struct unpack_data_tag;
 
+#include "aes/aes.h"
 #include "unrarhlp.h"
 #include "unrarppm.h"
 #include "unrarvm.h"
@@ -198,7 +198,7 @@ typedef struct unpack_data_tag
 	rarvm_data_t rarvm_data;
 	unsigned int unp_crc;
 	unsigned int pack_size;
-	EVP_CIPHER_CTX *ctx;
+	AES_KEY *ctx;
 	unsigned char *key;
 	unsigned char *iv;
 } unpack_data_t;




--- wordlist.c.orig	2014-11-11 14:41:25 UTC
+++ wordlist.c
@@ -10,11 +10,6 @@
  * There's ABSOLUTELY NO WARRANTY, express or implied.
  */
 
-/* NOTE, _POSIX_SOURCE fuk's up solaris 32 bit 64 bit processing!!! */
-#ifndef sparc
-#define _POSIX_SOURCE /* for fileno(3) */
-#endif
-
 #include <stdio.h>
 #include <sys/stat.h>
 




--- wpapsk.h.orig	2014-10-03 01:08:17 UTC
+++ wpapsk.h
@@ -13,6 +13,9 @@
 #include "arch.h"
 #include "common.h"
 #include "johnswap.h"
+#include "md5.h"
+#include "hmacmd5.h"
+#include "pbkdf2_hmac_sha1.h"
 #include "stdint.h"
 
 #include <assert.h>
@@ -200,7 +203,6 @@ static int valid(char *ciphertext, struct fmt_main *se
 #ifndef JOHN_OCL_WPAPSK
 static MAYBE_INLINE void prf_512(uint32_t * key, uint8_t * data, uint32_t * ret)
 {
-	HMAC_CTX ctx;
 	char *text = (char*)"Pairwise key expansion";
 	unsigned char buff[100];
 
@@ -208,10 +210,7 @@ static MAYBE_INLINE void prf_512(uint32_t * key, uint8
 	memcpy(buff + 23, data, 76);
 	buff[22] = 0;
 	buff[76 + 23] = 0;
-	HMAC_Init(&ctx, key, 32, EVP_sha1());
-	HMAC_Update(&ctx, buff, 100);
-	HMAC_Final(&ctx, (unsigned char *) ret, NULL);
-	HMAC_CTX_cleanup(&ctx);
+	hmac_sha1((unsigned char*)key, 32, buff, 100, (unsigned char*)ret, 20);
 }
 #endif
 
@@ -346,9 +345,12 @@ static void wpapsk_postprocess(int keys)
 #endif
 		for (i = 0; i < keys; i++) {
 			uint32_t prf[20/4];
+			HMACMD5Context ctx;
+
 			prf_512(outbuffer[i].v, data, prf);
-			HMAC(EVP_md5(), prf, 16, hccap.eapol, hccap.eapol_size,
-			    mic[i].keymic, NULL);
+			hmac_md5_init_K16((unsigned char*)prf, &ctx);
+			hmac_md5_update(hccap.eapol, hccap.eapol_size, &ctx);
+			hmac_md5_final(mic[i].keymic, &ctx);
 		}
 	} else {
 #ifdef _OPENMP
@@ -356,11 +358,10 @@ static void wpapsk_postprocess(int keys)
 #endif
 		for (i = 0; i < keys; i++) {
 			uint32_t prf[20/4];
-			unsigned char keymic[20];
+
 			prf_512(outbuffer[i].v, data, prf);
-			HMAC(EVP_sha1(), prf, 16, hccap.eapol,
-			    hccap.eapol_size, keymic, NULL);
-			memcpy(mic[i].keymic, keymic, 16);
+			hmac_sha1((unsigned char*)prf, 16, hccap.eapol,
+			          hccap.eapol_size, mic[i].keymic, 16);
 		}
 	}
 }




bin/keyring2john
bin/keystore2john
bin/kwallet2john
bin/luks2john
bin/mkvcalcproba
bin/putty2john
bin/pwsafe2john

bin/wpapcap2john
bin/zip2john
%%DATADIR%%/extra/1password2john.py
%%DATADIR%%/extra/7z2john.py
%%DATADIR%%/extra/aix2john.pl
%%DATADIR%%/extra/aix2john.py
%%DATADIR%%/extra/androidfde2john.py

%%DATADIR%%/extra/dictionary.rfc2865
%%DATADIR%%/extra/dmg2john.py
%%DATADIR%%/extra/ecryptfs2john.py
%%DATADIR%%/extra/efs2john.py
%%DATADIR%%/extra/encfs2john.py
%%DATADIR%%/extra/genincstats.rb
%%DATADIR%%/extra/hextoraw.pl

%%DATADIR%%/extra/mailer
%%DATADIR%%/extra/makechr
%%DATADIR%%/extra/mcafee_epo2john.py
%%DATADIR%%/extra/ml2john.py
%%DATADIR%%/extra/mozilla2john.py
%%DATADIR%%/extra/netntlm.pl
%%DATADIR%%/extra/netscreen.py
%%DATADIR%%/extra/odf2john.py
%%DATADIR%%/extra/office2john.py
%%DATADIR%%/extra/openbsd_softraid2john.py
%%DATADIR%%/extra/openssl2john.py
%%DATADIR%%/extra/pass_gen.pl
%%DATADIR%%/extra/pcap2john.py
%%DATADIR%%/extra/pdf2john.pl
%%DATADIR%%/extra/radius2john.pl
%%DATADIR%%/extra/relbench
%%DATADIR%%/extra/rexgen2rules.pl

%%DATADIR%%/extra/sha-dump.pl
%%DATADIR%%/extra/sha-test.pl
%%DATADIR%%/extra/sipdump2john.py
%%DATADIR%%/extra/ssh2sshng.py
%%DATADIR%%/extra/sshng2john.py
%%DATADIR%%/extra/stats
%%DATADIR%%/extra/strip2john.py
%%DATADIR%%/extra/7z2john.pl
%%DATADIR%%/extra/DPAPImk2john.py
%%DATADIR%%/extra/adxcsouf2john.py
%%DATADIR%%/extra/aem2john.py
%%DATADIR%%/extra/andotp2john.py
%%DATADIR%%/extra/androidbackup2john.py
%%DATADIR%%/extra/ansible2john.py
%%DATADIR%%/extra/applenotes2john.py
%%DATADIR%%/extra/aruba2john.py
%%DATADIR%%/extra/axcrypt2john.py
%%DATADIR%%/extra/bestcrypt2john.py
%%DATADIR%%/extra/bitlocker2john
%%DATADIR%%/extra/bitshares2john.py
%%DATADIR%%/extra/bitwarden2john.py
%%DATADIR%%/extra/bks2john.py
%%DATADIR%%/extra/ccache2john.py
%%DATADIR%%/extra/codepage.pl
%%DATADIR%%/extra/dashlane2john.py
%%DATADIR%%/extra/deepsound2john.py
%%DATADIR%%/extra/dns/README.txt
%%DATADIR%%/extra/dns/__init__.py
%%DATADIR%%/extra/dns/_compat.py
%%DATADIR%%/extra/dns/exception.py
%%DATADIR%%/extra/dns/flags.py
%%DATADIR%%/extra/dns/hash.py
%%DATADIR%%/extra/dns/message.py
%%DATADIR%%/extra/dns/name.py
%%DATADIR%%/extra/dns/opcode.py
%%DATADIR%%/extra/dns/rdata.py
%%DATADIR%%/extra/dns/rdataclass.py
%%DATADIR%%/extra/dns/rdataset.py
%%DATADIR%%/extra/dns/rdatatype.py
%%DATADIR%%/extra/dns/rrset.py
%%DATADIR%%/extra/dns/set.py
%%DATADIR%%/extra/dns/tokenizer.py
%%DATADIR%%/extra/dns/tsig.py
%%DATADIR%%/extra/dns/tsigkeyring.py
%%DATADIR%%/extra/dns/wiredata.py
%%DATADIR%%/extra/eapmd5tojohn
%%DATADIR%%/extra/ejabberd2john.py
%%DATADIR%%/extra/electrum2john.py
%%DATADIR%%/extra/enpass2john.py
%%DATADIR%%/extra/ethereum2john.py
%%DATADIR%%/extra/filezilla2john.py
%%DATADIR%%/extra/fuzz_option.pl
%%DATADIR%%/extra/geli2john.py
%%DATADIR%%/extra/hccapx2john.py
%%DATADIR%%/extra/ibmiscanner2john.py
%%DATADIR%%/extra/itunes_backup2john.pl
%%DATADIR%%/extra/iwork2john.py
%%DATADIR%%/extra/keyring2john.py
%%DATADIR%%/extra/kirbi2john.py
%%DATADIR%%/extra/krb2john.py
%%DATADIR%%/extra/lastpass2john.py
%%DATADIR%%/extra/lib/ExifTool.pm
%%DATADIR%%/extra/lib/PDF.pm
%%DATADIR%%/extra/lib/RandomAccess.pm
%%DATADIR%%/extra/libreoffice2john.py
%%DATADIR%%/extra/luks2john.py
%%DATADIR%%/extra/mac2john-alt.py
%%DATADIR%%/extra/mac2john.py
%%DATADIR%%/extra/monero2john.py
%%DATADIR%%/extra/money2john.py
%%DATADIR%%/extra/multibit2john.py
%%DATADIR%%/extra/neo2john.py
%%DATADIR%%/extra/network2john.lua
%%DATADIR%%/extra/padlock2john.py
%%DATADIR%%/extra/pem2john.py
%%DATADIR%%/extra/pfx2john.py
%%DATADIR%%/extra/pgpdisk2john.py
%%DATADIR%%/extra/pgpsda2john.py
%%DATADIR%%/extra/pgpwde2john.py
%%DATADIR%%/extra/potcheck.pl
%%DATADIR%%/extra/prosody2john.py
%%DATADIR%%/extra/ps_token2john.py
%%DATADIR%%/extra/pse2john.py
%%DATADIR%%/extra/pwsafe2john.py
%%DATADIR%%/extra/radius2john.py
%%DATADIR%%/extra/rulestack.pl
%%DATADIR%%/extra/signal2john.py
%%DATADIR%%/extra/ssh2john.py
%%DATADIR%%/extra/sspr2john.py
%%DATADIR%%/extra/staroffice2john.py
%%DATADIR%%/extra/telegram2john.py
%%DATADIR%%/extra/tezos2john.py
%%DATADIR%%/extra/truecrypt2john.py
%%DATADIR%%/extra/unrule.pl
%%DATADIR%%/extra/vdi2john.pl
%%DATADIR%%/extra/vmx2john.py
%%DATADIR%%/extra/ztex/inouttraffic.ihx
%%DATADIR%%/extra/ztex/ztex115y_bcrypt.bit
%%DATADIR%%/extra/ztex/ztex115y_descrypt.bit
%%DATADIR%%/extra/ztex/ztex115y_md5crypt.bit
%%DATADIR%%/extra/ztex/ztex115y_sha256crypt.bit
%%DATADIR%%/extra/ztex/ztex115y_sha512crypt.bit
%%DATADIR%%/rules/InsidePro-PasswordsPro.rule
%%DATADIR%%/rules/T0XlC-insert_top_100_passwords_1_G.rule
%%DATADIR%%/rules/T0XlC.rule
%%DATADIR%%/rules/T0XlCv1.rule
%%DATADIR%%/rules/best64.rule
%%DATADIR%%/rules/d3ad0ne.rule
%%DATADIR%%/rules/dive.rule
%%DATADIR%%/rules/passphrase-rule1.rule
%%DATADIR%%/rules/passphrase-rule2.rule
%%DATADIR%%/rules/rockyou-30000.rule
%%DATADIR%%/rules/specific.rule
%%DATADIR%%/alnum.chr
%%DATADIR%%/alnumspace.chr
%%DATADIR%%/alpha.chr

%%DATADIR%%/dumb32.conf
%%DATADIR%%/dynamic.conf
%%DATADIR%%/dynamic_flat_sse_formats.conf
%%DATADIR%%/hybrid.conf
%%DATADIR%%/john.conf
%%DATADIR%%/john.local.conf
%%DATADIR%%/korelogic.conf
%%DATADIR%%/lanman.chr
%%DATADIR%%/latin1.chr

Return to bug 254922

Lines 4-10 Link Here

(-)john/Makefile (-26 / +20 lines)
4	PORTNAME= john	4	PORTNAME= john
5	# NB: starting from the next version, community-enhanced (jumbo) patch	5	# NB: starting from the next version, community-enhanced (jumbo) patch
6	# should be offered as an option (suggested by Solar Designer himself).	6	# should be offered as an option (suggested by Solar Designer himself).
7	DISTVERSION= 1.8.0-jumbo-1	7	DISTVERSION= 1.9.0-jumbo-1
8	PORTREVISION= 6	8	PORTREVISION= 6
9	CATEGORIES= security	9	CATEGORIES= security
10	MASTER_SITES= http://www.openwall.com/john/j/ \	10	MASTER_SITES= http://www.openwall.com/john/j/ \
Lines 30-36 Link Here
30		30
31	ALL_TARGET= default	31	ALL_TARGET= default
32		32
33	BINARIES= calc_stat cprepair genmkvpwd john luks2john mkvcalcproba \	33	BINARIES= calc_stat cprepair genmkvpwd john mkvcalcproba \
34	raw2dyna SIPdump tgtsnarf uaf2john vncpcap2john wpapcap2john	34	raw2dyna SIPdump tgtsnarf uaf2john vncpcap2john wpapcap2john
35		35
36	BINLINKS= base64conv dmg2john gpg2john hccap2john keepass2john \	36	BINLINKS= base64conv dmg2john gpg2john hccap2john keepass2john \
Lines 50-76 Link Here
50	OPENCL_CONFIGURE_ENABLE= opencl	50	OPENCL_CONFIGURE_ENABLE= opencl
51	OPENCL_DESC= Build with OpenCL support	51	OPENCL_DESC= Build with OpenCL support
52		52
53	post-extract:
54	@${RM} ${WRKSRC}/pfx_fmt_plug.c ${WRKSRC}/rawSHA0_fmt_plug.c \
55	${WRKSRC}/ssh_fmt_plug.c \
56
57	post-patch:
58	@${REINPLACE_CMD} -e 's\|/usr\|${PREFIX}\|' ${WRKSRC}/params.h
59	# Replace methods and types that were marked deprecated by OpenSSL 0.9.7
60	# and removed in OpenSSL 1.1.0 and LibreSSL
61	@${REINPLACE_CMD} -e 's\|des_string_to_key\|DES_string_to_key\|' \
62	${WRKSRC}/KRB4_fmt_plug.c
63	@${REINPLACE_CMD} -e 's\|des_set_odd_parity\|DES_set_odd_parity\|' \
64	${WRKSRC}/KRB4_std_plug.c
65	@${REINPLACE_CMD} -e 's\|C_Block\|DES_cblock\|' \
66	${WRKSRC}/efs_fmt_plug.c \
67	${WRKSRC}/gpg_fmt_plug.c \
68	${WRKSRC}/keychain_fmt_plug.c \
69	${WRKSRC}/mozilla_ng_fmt_plug.c \
70	${WRKSRC}/opencl_gpg_fmt_plug.c \
71	${WRKSRC}/opencl_keychain_fmt_plug.c \
72	${WRKSRC}/ssh_ng_fmt_plug.c
73
74	do-install:	53	do-install:
75	.for b in ${BINARIES}	54	.for b in ${BINARIES}
76	${INSTALL_PROGRAM} ${WRKSRC}/../run/${b} ${STAGEDIR}${PREFIX}/bin	55	${INSTALL_PROGRAM} ${WRKSRC}/../run/${b} ${STAGEDIR}${PREFIX}/bin
Lines 79-93 Link Here
79	${LN} -sf john ${STAGEDIR}${PREFIX}/bin/${l}	58	${LN} -sf john ${STAGEDIR}${PREFIX}/bin/${l}
80	.endfor	59	.endfor
81	@${MKDIR} ${STAGEDIR}${DATADIR}/extra	60	@${MKDIR} ${STAGEDIR}${DATADIR}/extra
		61	@${MKDIR} ${STAGEDIR}${DATADIR}/rules
		62	@${MKDIR} ${STAGEDIR}${DATADIR}/extra/lib
		63	@${MKDIR} ${STAGEDIR}${DATADIR}/extra/dns
		64	@${MKDIR} ${STAGEDIR}${DATADIR}/extra/ztex
82	cd ${WRKSRC}/../run && ${INSTALL_DATA} .chr .conf *.lst \	65	cd ${WRKSRC}/../run && ${INSTALL_DATA} .chr .conf *.lst \
83	${STAGEDIR}${DATADIR}	66	${STAGEDIR}${DATADIR}
84	cd ${WRKSRC}/../run && ${INSTALL_DATA} *.?? benchmark-unify \	67	cd ${WRKSRC}/../run && ${INSTALL_DATA} .?? .lua benchmark-unify \
85	dictionary.rfc2865 john.*sh_completion mailer makechr \	68	dictionary.rfc2865 john.*sh_completion mailer makechr \
86	relbench stats ${STAGEDIR}${DATADIR}/extra	69	bitlocker2john eapmd5tojohn relbench stats \
		70	${STAGEDIR}${DATADIR}/extra
		71	cd ${WRKSRC}/../run/rules && ${INSTALL_DATA} *.rule ${STAGEDIR}${DATADIR}/rules
		72	cd ${WRKSRC}/../run/lib && ${INSTALL_DATA} *.pm ${STAGEDIR}${DATADIR}/extra/lib
		73	cd ${WRKSRC}/../run/dns && ${INSTALL_DATA} README.txt __init__.py \
		74	_compat.py exception.py flags.py hash.py message.py name.py \
		75	opcode.py rdata.py rdataclass.py rdataset.py rdatatype.py \
		76	rrset.py set.py tokenizer.py tsig.py tsigkeyring.py wiredata.py \
		77	${STAGEDIR}${DATADIR}/extra/dns
		78	cd ${WRKSRC}/../run/ztex && ${INSTALL_DATA} *.??? ${STAGEDIR}${DATADIR}/extra/ztex
87		79
88	do-install-DOCS-on:	80	do-install-DOCS-on:
89	@${MKDIR} ${STAGEDIR}${DOCSDIR}	81	@${MKDIR} ${STAGEDIR}${DOCSDIR}
		82	@${MKDIR} ${STAGEDIR}${DOCSDIR}/extras
90	@${RM} ${WRKSRC}/../doc/COPYING	83	@${RM} ${WRKSRC}/../doc/COPYING
91	${INSTALL_DATA} ${WRKSRC}/../doc/* ${STAGEDIR}${DOCSDIR}	84	${INSTALL_DATA} ${WRKSRC}/../doc/[A-Zdp]* ${STAGEDIR}${DOCSDIR}
		85	${INSTALL_DATA} ${WRKSRC}/../doc/extras/* ${STAGEDIR}${DOCSDIR}/extras
92		86
93	.include <bsd.port.mk>	87	.include <bsd.port.mk>

Lines 1-61 Link Here

(-)john/files/patch-Makefile.in (-61 lines)
1	--- Makefile.in.orig 2014-12-18 13:53:53 UTC
2	+++ Makefile.in
3	@@ -84,8 +84,6 @@ JOHN_OBJS = \
4	base64.o base64_convert.o \
5	md4.o sha2.o \
6	dynamic_fmt.o dynamic_parser.o dynamic_preloads.o dynamic_utils.o dynamic_big_crypt.o \
7	- ssh2john.o \
8	- pfx2john.o \
9	unrarcmd.o unrarfilter.o unrarhlp.o unrar.o unrarppm.o unrarvm.o \
10	rar2john.o \
11	zip2john.o gladman_hmac.o gladman_pwd2key.o \
12	@@ -132,10 +130,10 @@ GENMKVPWD_OBJS = \
13	genmkvpwd.o mkvlib.o memory.o miscnl.o path.o memdbg.o
14
15	PROJ = ../run/john@EXE_EXT@ ../run/unshadow@EXE_EXT@ ../run/unafs@EXE_EXT@ ../run/unique@EXE_EXT@ ../run/undrop@EXE_EXT@ \
16	- ../run/ssh2john@EXE_EXT@ ../run/rar2john@EXE_EXT@ ../run/zip2john@EXE_EXT@ \
17	+ ../run/rar2john@EXE_EXT@ ../run/zip2john@EXE_EXT@ \
18	../run/genmkvpwd@EXE_EXT@ ../run/mkvcalcproba@EXE_EXT@ ../run/calc_stat@EXE_EXT@ \
19	../run/tgtsnarf@EXE_EXT@ ../run/racf2john@EXE_EXT@ ../run/hccap2john@EXE_EXT@ \
20	- ../run/pwsafe2john@EXE_EXT@ ../run/raw2dyna@EXE_EXT@ ../run/keepass2john@EXE_EXT@ ../run/pfx2john@EXE_EXT@ \
21	+ ../run/pwsafe2john@EXE_EXT@ ../run/raw2dyna@EXE_EXT@ ../run/keepass2john@EXE_EXT@ \
22	../run/keychain2john@EXE_EXT@ ../run/keyring2john@EXE_EXT@ ../run/kwallet2john@EXE_EXT@ \
23	../run/dmg2john@EXE_EXT@ ../run/putty2john@EXE_EXT@ ../run/uaf2john@EXE_EXT@ \
24	../run/truecrypt_volume2john@EXE_EXT@ ../run/keystore2john@EXE_EXT@ ../run/wpapcap2john@EXE_EXT@ \
25	@@ -305,18 +303,10 @@ miscnl.o: misc.c
26	$(RM) ../run/undrop
27	$(LN) john ../run/undrop
28
29	-../run/ssh2john: ../run/john
30	- $(RM) ../run/ssh2john
31	- $(LN) john ../run/ssh2john
32	-
33	../run/putty2john: ../run/john
34	$(RM) ../run/putty2john
35	$(LN) john ../run/putty2john
36
37	-../run/pfx2john: ../run/john
38	- $(RM) ../run/pfx2john
39	- $(LN) john ../run/pfx2john
40	-
41	../run/keepass2john: ../run/john
42	$(RM) ../run/keepass2john
43	$(LN) john ../run/keepass2john
44	@@ -397,17 +387,9 @@ miscnl.o: misc.c
45	$(CC) symlink.c -o ../run/undrop.exe
46	$(STRIP) ../run/undrop.exe
47
48	-../run/ssh2john.exe: symlink.c
49	- $(CC) symlink.c -o ../run/ssh2john.exe
50	- $(STRIP) ../run/ssh2john.exe
51	-
52	../run/putty2john.exe: symlink.c
53	$(CC) symlink.c -o ../run/putty2john.exe
54	$(STRIP) ../run/putty2john.exe
55	-
56	-../run/pfx2john.exe: symlink.c
57	- $(CC) symlink.c -o ../run/pfx2john.exe
58	- $(STRIP) ../run/pfx2john.exe
59
60	../run/keepass2john.exe: symlink.c
61	$(CC) symlink.c -o ../run/keepass2john.exe

Lines 1-114 Link Here

(-)john/files/patch-Makefile.legacy (-114 lines)
1	--- Makefile.legacy.orig 2014-12-18 07:59:02 UTC
2	+++ Makefile.legacy
3	@@ -127,8 +127,6 @@ JOHN_OBJS = \
4	base64.o base64_convert.o \
5	md4.o sha2.o \
6	dynamic_fmt.o dynamic_parser.o dynamic_preloads.o dynamic_utils.o dynamic_big_crypt.o \
7	- ssh2john.o \
8	- pfx2john.o \
9	unrarcmd.o unrarfilter.o unrarhlp.o unrar.o unrarppm.o unrarvm.o \
10	rar2john.o \
11	zip2john.o gladman_hmac.o gladman_pwd2key.o \
12	@@ -209,10 +207,10 @@ GENMKVPWD_OBJS = \
13	genmkvpwd.o mkvlib.o memory.o miscnl.o path.o memdbg.o
14
15	PROJ = ../run/john ../run/unshadow ../run/unafs ../run/unique ../run/undrop \
16	- ../run/ssh2john ../run/rar2john ../run/zip2john \
17	+ ../run/rar2john ../run/zip2john \
18	../run/genmkvpwd ../run/mkvcalcproba ../run/calc_stat \
19	../run/tgtsnarf ../run/racf2john ../run/hccap2john \
20	- ../run/pwsafe2john ../run/raw2dyna ../run/keepass2john ../run/pfx2john \
21	+ ../run/pwsafe2john ../run/raw2dyna ../run/keepass2john \
22	../run/keychain2john ../run/keyring2john ../run/kwallet2john \
23	../run/dmg2john ../run/putty2john john.local.conf ../run/uaf2john \
24	../run/truecrypt_volume2john ../run/keystore2john ../run/wpapcap2john \
25	@@ -220,30 +218,30 @@ PROJ = ../run/john ../run/unshadow ../run/unafs ../run
26	PROJ_DOS = ../run/john.bin ../run/john.com \
27	../run/unshadow.com ../run/unafs.com ../run/unique.com \
28	../run/undrop.com \
29	- ../run/ssh2john.com ../run/rar2john.com ../run/zip2john \
30	+ ../run/rar2john.com ../run/zip2john \
31	../run/racf2john.com ../run/hccap2john.com \
32	- ../run/pwsafe2john.com ../run/keepass2john.com ../run/pfx2john.com \
33	+ ../run/pwsafe2john.com ../run/keepass2john.com \
34	../run/keychain2john.com ../run/keyring2john.com ../run/kwallet2john.com \
35	../run/dmg2john.com ../run/putty2john.com john.local.conf \
36	../run/gpg2john.com
37	PROJ_WIN32 = ../run/john.exe \
38	../run/unshadow.exe ../run/unafs.exe ../run/unique.exe \
39	../run/undrop.exe \
40	- ../run/ssh2john.exe ../run/rar2john.exe ../run/zip2john.exe \
41	+ ../run/rar2john.exe ../run/zip2john.exe \
42	../run/genmkvpwd.exe ../run/mkvcalcproba.exe ../run/calc_stat.exe \
43	../run/racf2john.exe ../run/hccap2john.exe \
44	../run/pwsafe2john.exe ../run/raw2dyna.exe ../run/keepass2john.exe \
45	- ../run/pfx2john.exe ../run/keychain2john.exe ../run/keyring2john.exe \
46	+ ../run/keychain2john.exe ../run/keyring2john.exe \
47	../run/kwallet2john.exe ../run/dmg2john.exe ../run/putty2john.exe \
48	john.local.conf ../run/gpg2john.exe ../run/base64conv.exe
49	PROJ_WIN32_MINGW = ../run/john-mingw.exe \
50	../run/unshadow.exe ../run/unafs.exe ../run/unique.exe \
51	../run/undrop.exe \
52	- ../run/ssh2john.exe ../run/rar2john.exe ../run/zip2john.exe \
53	+ ../run/rar2john.exe ../run/zip2john.exe \
54	../run/genmkvpwd.exe ../run/mkvcalcproba.exe ../run/calc_stat.exe \
55	../run/racf2john.exe ../run/hccap2john.exe \
56	../run/pwsafe2john.exe ../run/raw2dyna.exe ../run/keepass2john.exe \
57	- ../run/pfx2john.exe ../run/keychain2john.exe ../run/keyring2john.exe \
58	+ ../run/keychain2john.exe ../run/keyring2john.exe \
59	../run/kwallet2john.exe ../run/putty2john.exe john.local.conf \
60	../run/gpg2john.exe ../run/base64conv.exe
61	PROJ_PCAP = ../run/SIPdump ../run/vncpcap2john
62	@@ -2029,18 +2027,10 @@ $(SUBDIRS):
63	$(RM) ../run/undrop
64	ln -s john ../run/undrop
65
66	-../run/ssh2john: ../run/john
67	- $(RM) ../run/ssh2john
68	- ln -s john ../run/ssh2john
69	-
70	../run/putty2john: ../run/john
71	$(RM) ../run/putty2john
72	ln -s john ../run/putty2john
73
74	-../run/pfx2john: ../run/john
75	- $(RM) ../run/pfx2john
76	- ln -s john ../run/pfx2john
77	-
78	../run/keepass2john: ../run/john
79	$(RM) ../run/keepass2john
80	ln -s john ../run/keepass2john
81	@@ -2114,15 +2104,9 @@ $(SUBDIRS):
82	../run/undrop.com: john.com
83	copy john.com ..\run\undrop.com
84
85	-../run/ssh2john.com: john.com
86	- copy john.com ..\run\ssh2john.com
87	-
88	../run/putty2john.com: john.com
89	copy john.com ..\run\putty2john.com
90
91	-../run/pfx2john.com: john.com
92	- copy john.com ..\run\pfx2john.com
93	-
94	../run/keepass2john.com: john.com
95	copy john.com ..\run\keepass2john.com
96
97	@@ -2198,17 +2182,9 @@ john.com: john.asm
98	$(CC) symlink.c -o ../run/undrop.exe
99	$(STRIP) ../run/undrop.exe
100
101	-../run/ssh2john.exe: symlink.c
102	- $(CC) symlink.c -o ../run/ssh2john.exe
103	- $(STRIP) ../run/ssh2john.exe
104	-
105	../run/putty2john.exe: symlink.c
106	$(CC) symlink.c -o ../run/putty2john.exe
107	$(STRIP) ../run/putty2john.exe
108	-
109	-../run/pfx2john.exe: symlink.c
110	- $(CC) symlink.c -o ../run/pfx2john.exe
111	- $(STRIP) ../run/pfx2john.exe
112
113	../run/keepass2john.exe: symlink.c
114	$(CC) symlink.c -o ../run/keepass2john.exe

Lines 1-134 Link Here

(-)john/files/patch-bitcoin__fmt__plug.c (-134 lines)
1	--- bitcoin_fmt_plug.c.orig 2014-12-18 07:59:02 UTC
2	+++ bitcoin_fmt_plug.c
3	@@ -15,33 +15,32 @@
4	* Thanks to Solar for asking to add support for bitcoin wallet files.
5	*/
6
7	-#include "arch.h"
8	-#include <openssl/opensslv.h>
9	-#if (AC_BUILT && HAVE_EVP_SHA512) \|\| \
10	- (!AC_BUILT && OPENSSL_VERSION_NUMBER >= 0x0090708f)
11	-
12	#if FMT_EXTERNS_H
13	extern struct fmt_main fmt_bitcoin;
14	#elif FMT_REGISTERS_H
15	john_register_one(&fmt_bitcoin);
16	#else
17
18	-#include <openssl/evp.h>
19	#include <string.h>
20	+#ifdef _OPENMP
21	+#include <omp.h>
22	+#ifndef OMP_SCALE
23	+#define OMP_SCALE 1
24	+#endif
25	+static int omp_t = 1;
26	+#endif
27	+
28	+#include "arch.h"
29	#include "misc.h"
30	#include "common.h"
31	#include "formats.h"
32	#include "params.h"
33	#include "options.h"
34	#include "sha2.h"
35	+#include "aes/aes.h"
36	#include "stdint.h"
37	#include "johnswap.h"
38	#include "sse-intrinsics.h"
39	-#ifdef _OPENMP
40	-#include <omp.h>
41	-#define OMP_SCALE 1
42	-static int omp_t = 1;
43	-#endif
44	#include "memdbg.h"
45
46	#define FORMAT_LABEL "Bitcoin"
47	@@ -73,6 +72,7 @@ static int omp_t = 1;
48	#endif
49
50	#define SZ 128
51	+#define PADDING "\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10"
52
53	static struct fmt_tests bitcoin_tests[] = {
54	/* bitcoin wallet hashes */
55	@@ -265,10 +265,7 @@ static int crypt_all(int pcount, struct db_salt salt
56	#endif
57	{
58	unsigned char output[SZ];
59	- int fOk;
60	SHA512_CTX sha_ctx;
61	- EVP_CIPHER_CTX ctx;
62	- int nPLen, nFLen;
63	int i;
64
65	#ifdef MMX_COEF_SHA512
66	@@ -316,6 +313,7 @@ static int crypt_all(int pcount, struct db_salt salt
67	alter_endianity_to_BE64(key_iv, 6 * MAX_KEYS_PER_CRYPT);
68
69	for (index2 = 0; index2 < MAX_KEYS_PER_CRYPT; index2++) {
70	+ AES_KEY aes_key;
71	unsigned char key[32];
72	unsigned char iv[16];
73
74	@@ -325,26 +323,21 @@ static int crypt_all(int pcount, struct db_salt salt
75	for (i = 0; i < sizeof(iv)/sizeof(ARCH_WORD_64); i++) // the derived iv
76	((ARCH_WORD_64 )iv)[i] = key_iv[MMX_COEF_SHA512(sizeof(key)/sizeof(ARCH_WORD_64) + i) + index2];
77
78	- /* NOTE: write our code instead of using following high-level OpenSSL functions */
79	- EVP_CIPHER_CTX_init(&ctx);
80	- fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv);
81	- if (fOk)
82	- fOk = EVP_DecryptUpdate(&ctx, output, &nPLen, cur_salt->cry_master, cur_salt->cry_master_length);
83	- if (fOk)
84	- fOk = EVP_DecryptFinal_ex(&ctx, output + nPLen, &nFLen);
85	- EVP_CIPHER_CTX_cleanup(&ctx);
86	- // a decrypted mkey is exactly 32 bytes in len; ossl has already checked the padding (16 0x0f's) for us
87	- if (fOk && nPLen + nFLen == 32) {
88	+ AES_set_decrypt_key(key, 256, &aes_key);
89	+ AES_cbc_encrypt(cur_salt->cry_master, output, cur_salt->cry_master_length, &aes_key, iv, AES_DECRYPT);
90	+
91	+ if (!memcmp(output + 32, PADDING, 16)) {
92	cracked[index + index2] = 1;
93	#ifdef _OPENMP
94	#pragma omp atomic
95	#endif
96	any_cracked \|= 1;
97	}
98	-
99	}
100	#else
101	+ AES_KEY aes_key;
102	unsigned char key_iv[SHA512_DIGEST_LENGTH]; // buffer for both the derived key and iv
103	+
104	SHA512_Init(&sha_ctx);
105	SHA512_Update(&sha_ctx, saved_key[index], strlen(saved_key[index]));
106	SHA512_Update(&sha_ctx, cur_salt->cry_salt, cur_salt->cry_salt_length);
107	@@ -354,16 +347,11 @@ static int crypt_all(int pcount, struct db_salt salt
108	SHA512_Update(&sha_ctx, key_iv, SHA512_DIGEST_LENGTH);
109	SHA512_Final(key_iv, &sha_ctx);
110	}
111	- /* NOTE: write our code instead of using following high-level OpenSSL functions */
112	- EVP_CIPHER_CTX_init(&ctx);
113	- fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key_iv, key_iv+32);
114	- if (fOk)
115	- fOk = EVP_DecryptUpdate(&ctx, output, &nPLen, cur_salt->cry_master, cur_salt->cry_master_length);
116	- if (fOk)
117	- fOk = EVP_DecryptFinal_ex(&ctx, output + nPLen, &nFLen);
118	- EVP_CIPHER_CTX_cleanup(&ctx);
119	- // a decrypted mkey is exactly 32 bytes in len; ossl has already checked the padding (16 0x0f's) for us
120	- if (fOk && nPLen + nFLen == 32) {
121	+
122	+ AES_set_decrypt_key(key_iv, 256, &aes_key);
123	+ AES_cbc_encrypt(cur_salt->cry_master, output, cur_salt->cry_master_length, &aes_key, key_iv + 32, AES_DECRYPT);
124	+
125	+ if (!memcmp(output + 32, PADDING, 16)) {
126	cracked[index] = 1;
127	#ifdef _OPENMP
128	#pragma omp atomic
129	@@ -471,5 +459,3 @@ struct fmt_main fmt_bitcoin = {
130	};
131
132	#endif /* plugin stanza */
133	-
134	-#endif /* OpenSSL requirement */

Lines 1-156 Link Here

(-)john/files/patch-dmg__fmt__plug.c (-156 lines)
1	--- dmg_fmt_plug.c.orig 2014-12-18 07:59:02 UTC
2	+++ dmg_fmt_plug.c
3	@@ -56,7 +56,7 @@ john_register_one(&fmt_dmg);
4	#include <stdlib.h>
5	#include "stdint.h"
6	#include <sys/types.h>
7	-#include <openssl/evp.h>
8	+#include <openssl/des.h>
9	#include <openssl/aes.h>
10	#include <openssl/hmac.h>
11	#include "filevault.h"
12	@@ -413,42 +413,36 @@ static void get_salt(char ciphertext)
13	return (void *)&cs;
14	}
15
16	-static int apple_des3_ede_unwrap_key1(unsigned char wrapped_key, int wrapped_key_len, unsigned char decryptKey)
17	+static int apple_des3_ede_unwrap_key1(const unsigned char wrapped_key, const int wrapped_key_len, const unsigned char decryptKey)
18	{
19	- EVP_CIPHER_CTX ctx;
20	+ DES_key_schedule ks1, ks2, ks3;
21	unsigned char TEMP1[sizeof(cur_salt->wrapped_hmac_sha1_key)];
22	unsigned char TEMP2[sizeof(cur_salt->wrapped_hmac_sha1_key)];
23	- unsigned char CEKICV[sizeof(cur_salt->wrapped_hmac_sha1_key)];
24	unsigned char IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
25	- int outlen, tmplen, i;
26	+ int outlen, i;
27
28	- EVP_CIPHER_CTX_init(&ctx);
29	- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
30	- if (!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) {
31	- goto err;
32	- }
33	- if (!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) {
34	- goto err;
35	- }
36	- outlen += tmplen;
37	- EVP_CIPHER_CTX_cleanup(&ctx);
38	- for (i = 0; i < outlen; i++) {
39	+ DES_set_key((DES_cblock*)(decryptKey + 0), &ks1);
40	+ DES_set_key((DES_cblock*)(decryptKey + 8), &ks2);
41	+ DES_set_key((DES_cblock*)(decryptKey + 16), &ks3);
42	+ DES_ede3_cbc_encrypt(wrapped_key, TEMP1, wrapped_key_len, &ks1, &ks2, &ks3,
43	+ (DES_cblock*)IV, DES_DECRYPT);
44	+
45	+ outlen = check_pkcs_pad(TEMP1, wrapped_key_len, 8);
46	+ if (outlen < 0)
47	+ return 0;
48	+
49	+ for (i = 0; i < outlen; i++)
50	TEMP2[i] = TEMP1[outlen - i - 1];
51	- }
52	- EVP_CIPHER_CTX_init(&ctx);
53	- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
54	- if (!EVP_DecryptUpdate(&ctx, CEKICV, &outlen, TEMP2 + 8, outlen - 8)) {
55	- goto err;
56	- }
57	- if (!EVP_DecryptFinal_ex(&ctx, CEKICV + outlen, &tmplen)) {
58	- goto err;
59	- }
60	- outlen += tmplen;
61	- EVP_CIPHER_CTX_cleanup(&ctx);
62	- return 0;
63	-err:
64	- EVP_CIPHER_CTX_cleanup(&ctx);
65	- return -1;
66	+
67	+ outlen -= 8;
68	+ DES_ede3_cbc_encrypt(TEMP2 + 8, TEMP1, outlen, &ks1, &ks2, &ks3,
69	+ (DES_cblock*)TEMP2, DES_DECRYPT);
70	+
71	+ outlen = check_pkcs_pad(TEMP1, outlen, 8);
72	+ if (outlen < 0)
73	+ return 0;
74	+
75	+ return 1;
76	}
77
78	static void hash_plugin_check_hash(int index)
79	@@ -492,22 +486,20 @@ static void hash_plugin_check_hash(int index)
80	for(j = 0; j < SSE_GROUP_SZ_SHA1; ++j) {
81	derived_key = Derived_key[j];
82	#endif
83	- if ((apple_des3_ede_unwrap_key1(cur_salt->wrapped_aes_key, cur_salt->len_wrapped_aes_key, derived_key) == 0) && (apple_des3_ede_unwrap_key1(cur_salt->wrapped_hmac_sha1_key, cur_salt->len_hmac_sha1_key, derived_key) == 0)) {
84	+ if (apple_des3_ede_unwrap_key1(cur_salt->wrapped_aes_key, cur_salt->len_wrapped_aes_key, derived_key) &&
85	+ apple_des3_ede_unwrap_key1(cur_salt->wrapped_hmac_sha1_key, cur_salt->len_hmac_sha1_key, derived_key)) {
86	cracked[index+j] = 1;
87	}
88	#ifdef MMX_COEF
89	}
90	#endif
91	} else {
92	- EVP_CIPHER_CTX ctx;
93	+ DES_key_schedule ks1, ks2, ks3;
94	unsigned char TEMP1[sizeof(cur_salt->wrapped_hmac_sha1_key)];
95	- int outlen, tmplen;
96	AES_KEY aes_decrypt_key;
97	unsigned char outbuf[8192 + 1];
98	unsigned char outbuf2[4096 + 1];
99	unsigned char iv[20];
100	- HMAC_CTX hmacsha1_ctx;
101	- int mdlen;
102	#ifdef DMG_DEBUG
103	unsigned char *r;
104	#endif
105	@@ -547,27 +539,18 @@ static void hash_plugin_check_hash(int index)
106	for(j = 0; j < SSE_GROUP_SZ_SHA1; ++j) {
107	derived_key = Derived_key[j];
108	#endif
109	- EVP_CIPHER_CTX_init(&ctx);
110	- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, cur_salt->iv);
111	- if (!EVP_DecryptUpdate(&ctx, TEMP1, &outlen,
112	- cur_salt->encrypted_keyblob, cur_salt->encrypted_keyblob_size)) {
113	- EVP_CIPHER_CTX_cleanup(&ctx);
114	-#ifdef MMX_COEF
115	- continue;
116	-#else
117	- return;
118	-#endif
119	- }
120	- EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen);
121	- EVP_CIPHER_CTX_cleanup(&ctx);
122	- outlen += tmplen;
123	+
124	+ DES_set_key((DES_cblock*)(derived_key + 0), &ks1);
125	+ DES_set_key((DES_cblock*)(derived_key + 8), &ks2);
126	+ DES_set_key((DES_cblock*)(derived_key + 16), &ks3);
127	+ memcpy(iv, cur_salt->iv, 8);
128	+ DES_ede3_cbc_encrypt(cur_salt->encrypted_keyblob, TEMP1,
129	+ cur_salt->encrypted_keyblob_size, &ks1, &ks2, &ks3,
130	+ (DES_cblock*)iv, DES_DECRYPT);
131	+
132	memcpy(aes_key_, TEMP1, 32);
133	memcpy(hmacsha1_key_, TEMP1, 20);
134	- HMAC_CTX_init(&hmacsha1_ctx);
135	- HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
136	- HMAC_Update(&hmacsha1_ctx, (void *) &cur_salt->cno, 4);
137	- HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *) &mdlen);
138	- HMAC_CTX_cleanup(&hmacsha1_ctx);
139	+ hmac_sha1(hmacsha1_key_, 20, (unsigned char*)&cur_salt->cno, 4, iv, 20);
140	if (cur_salt->encrypted_keyblob_size == 48)
141	AES_set_decrypt_key(aes_key_, 128, &aes_decrypt_key);
142	else
143	@@ -631,12 +614,7 @@ static void hash_plugin_check_hash(int index)
144	/* Second buffer test. If present, this is the very first block of the DMG */
145	if (!cracked[index+j] && cur_salt->scp == 1) {
146	int cno = 0;
147	-
148	- HMAC_CTX_init(&hmacsha1_ctx);
149	- HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
150	- HMAC_Update(&hmacsha1_ctx, (void *) &cno, 4);
151	- HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *) &mdlen);
152	- HMAC_CTX_cleanup(&hmacsha1_ctx);
153	+ hmac_sha1(hmacsha1_key_, 20, (unsigned char*)&cno, 4, iv, 20);
154	if (cur_salt->encrypted_keyblob_size == 48)
155	AES_set_decrypt_key(aes_key_, 128, &aes_decrypt_key);
156	else

Lines 1-113 Link Here

(-)john/files/patch-encfs__fmt__plug.c (-113 lines)
1	--- encfs_fmt_plug.c.orig 2014-11-11 14:41:25 UTC
2	+++ encfs_fmt_plug.c
3	@@ -90,25 +90,16 @@ static struct fmt_tests encfs_tests[] = {
4	static void setIVec( unsigned char *ivec, uint64_t seed,
5	unsigned char *key)
6	{
7	- unsigned char md[EVP_MAX_MD_SIZE];
8	- unsigned int mdLen = EVP_MAX_MD_SIZE;
9	+ unsigned char iv_and_seed[MAX_IVLENGTH+8];
10	int i;
11	- HMAC_CTX mac_ctx;
12
13	- memcpy( ivec, &key[cur_salt->keySize], cur_salt->ivLength );
14	+ // combine ivec and seed with HMAC
15	+ memcpy(iv_and_seed, &key[cur_salt->keySize], cur_salt->ivLength);
16	for(i=0; i<8; ++i) {
17	- md[i] = (unsigned char)(seed & 0xff);
18	+ iv_and_seed[i+cur_salt->ivLength] = (unsigned char)(seed & 0xff);
19	seed >>= 8;
20	}
21	- // combine ivec and seed with HMAC
22	- HMAC_CTX_init(&mac_ctx);
23	- HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
24	- HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
25	- HMAC_Update( &mac_ctx, ivec, cur_salt->ivLength );
26	- HMAC_Update( &mac_ctx, md, 8 );
27	- HMAC_Final( &mac_ctx, md, &mdLen );
28	- HMAC_CTX_cleanup(&mac_ctx);
29	- memcpy( ivec, md, cur_salt->ivLength );
30	+ hmac_sha1(key, cur_salt->keySize, iv_and_seed, cur_salt->ivLength+8, ivec, cur_salt->ivLength);
31	}
32
33
34	@@ -144,33 +135,28 @@ static void flipBytes(unsigned char *buf, int size)
35	static uint64_t _checksum_64(unsigned char *key,
36	const unsigned char data, int dataLen, uint64_t chainedIV)
37	{
38	- unsigned char md[EVP_MAX_MD_SIZE];
39	+ unsigned char DataIV[128+8]; // max data len is 128
40	+ unsigned char md[20];
41	unsigned int mdLen = EVP_MAX_MD_SIZE;
42	int i;
43	unsigned char h[8] = {0,0,0,0,0,0,0,0};
44	uint64_t value;
45	- HMAC_CTX mac_ctx;
46
47	- HMAC_CTX_init(&mac_ctx);
48	- HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
49	- HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
50	- HMAC_Update( &mac_ctx, data, dataLen );
51	+ memcpy(DataIV, data, dataLen);
52	if(chainedIV)
53	{
54	// toss in the chained IV as well
55	uint64_t tmp = *chainedIV;
56	unsigned char h[8];
57	for(i=0; i<8; ++i) {
58	- h[i] = tmp & 0xff;
59	+ h[i] = DataIV[dataLen++] = (tmp & 0xff);
60	tmp >>= 8;
61	}
62	- HMAC_Update( &mac_ctx, h, 8 );
63	}
64	- HMAC_Final( &mac_ctx, md, &mdLen );
65	- HMAC_CTX_cleanup(&mac_ctx);
66	+ hmac_sha1(key, cur_salt->keySize, DataIV, dataLen, md, 20);
67
68	// chop this down to a 64bit value..
69	- for(i=0; i < (mdLen - 1); ++i)
70	+ for(i=0; i < 19; ++i)
71	h[i%8] ^= (unsigned char)(md[i]);
72
73	value = (uint64_t)h[0];
74	@@ -202,26 +188,26 @@ static int streamDecode(unsigned char *buf, int size,
75	{
76	unsigned char ivec[ MAX_IVLENGTH ];
77	int dstLen=0, tmpLen=0;
78	- EVP_CIPHER_CTX stream_dec;
79	+ EVP_CIPHER_CTX *stream_dec = EVP_CIPHER_CTX_new();
80
81	setIVec( ivec, iv64 + 1, key);
82	- EVP_CIPHER_CTX_init(&stream_dec);
83	- EVP_DecryptInit_ex( &stream_dec, cur_salt->streamCipher, NULL, NULL, NULL);
84	- EVP_CIPHER_CTX_set_key_length( &stream_dec, cur_salt->keySize );
85	- EVP_CIPHER_CTX_set_padding( &stream_dec, 0 );
86	- EVP_DecryptInit_ex( &stream_dec, NULL, NULL, key, NULL);
87	+ EVP_CIPHER_CTX_init(stream_dec);
88	+ EVP_DecryptInit_ex( stream_dec, cur_salt->streamCipher, NULL, NULL, NULL);
89	+ EVP_CIPHER_CTX_set_key_length( stream_dec, cur_salt->keySize );
90	+ EVP_CIPHER_CTX_set_padding( stream_dec, 0 );
91	+ EVP_DecryptInit_ex( stream_dec, NULL, NULL, key, NULL);
92
93	- EVP_DecryptInit_ex( &stream_dec, NULL, NULL, NULL, ivec);
94	- EVP_DecryptUpdate( &stream_dec, buf, &dstLen, buf, size );
95	- EVP_DecryptFinal_ex( &stream_dec, buf+dstLen, &tmpLen );
96	+ EVP_DecryptInit_ex( stream_dec, NULL, NULL, NULL, ivec);
97	+ EVP_DecryptUpdate( stream_dec, buf, &dstLen, buf, size );
98	+ EVP_DecryptFinal_ex( stream_dec, buf+dstLen, &tmpLen );
99	unshuffleBytes( buf, size );
100	flipBytes( buf, size );
101
102	setIVec( ivec, iv64, key );
103	- EVP_DecryptInit_ex( &stream_dec, NULL, NULL, NULL, ivec);
104	- EVP_DecryptUpdate( &stream_dec, buf, &dstLen, buf, size );
105	- EVP_DecryptFinal_ex( &stream_dec, buf+dstLen, &tmpLen );
106	- EVP_CIPHER_CTX_cleanup(&stream_dec);
107	+ EVP_DecryptInit_ex( stream_dec, NULL, NULL, NULL, ivec);
108	+ EVP_DecryptUpdate( stream_dec, buf, &dstLen, buf, size );
109	+ EVP_DecryptFinal_ex( stream_dec, buf+dstLen, &tmpLen );
110	+ EVP_CIPHER_CTX_cleanup(stream_dec);
111
112	unshuffleBytes( buf, size );
113	dstLen += tmpLen;

Lines 1-117 Link Here

(-)john/files/patch-gpg__fmt__plug.c (-117 lines)
1	--- gpg_fmt_plug.c.orig 2014-12-18 07:59:02 UTC
2	+++ gpg_fmt_plug.c
3	@@ -930,8 +930,12 @@ static int check_dsa_secret_key(DSA *dsa)
4	{
5	int error;
6	int rc = -1;
7	+#if OPENSSL_VERSION_NUMBER >= 0x10100000
8	+ const BIGNUM p, q, g, pub_key, *priv_key;
9	+#endif
10	BIGNUM *res = BN_new();
11	BN_CTX *ctx = BN_CTX_new();
12	+
13	if (!res) {
14	fprintf(stderr, "failed to allocate result BN in check_dsa_secret_key()\n");
15	exit(-1);
16	@@ -941,23 +945,35 @@ static int check_dsa_secret_key(DSA *dsa)
17	exit(-1);
18	}
19
20	+#if OPENSSL_VERSION_NUMBER >= 0x10100000
21	+ DSA_get0_pqg(dsa, &p, &q, &g);
22	+ DSA_get0_key(dsa, &pub_key, &priv_key);
23	+ error = BN_mod_exp(res, g, priv_key, p, ctx);
24	+#else
25	error = BN_mod_exp(res, dsa->g, dsa->priv_key, dsa->p, ctx);
26	+#endif
27	+
28	if ( error == 0 ) {
29	goto freestuff;
30	}
31
32	+#if OPENSSL_VERSION_NUMBER >= 0x10100000
33	+ rc = BN_cmp(res, pub_key);
34	+#else
35	rc = BN_cmp(res, dsa->pub_key);
36	+#endif
37
38	freestuff:
39
40	BN_CTX_free(ctx);
41	BN_free(res);
42	+#if OPENSSL_VERSION_NUMBER < 0x10100000
43	BN_free(dsa->g);
44	BN_free(dsa->q);
45	BN_free(dsa->p);
46	BN_free(dsa->pub_key);
47	BN_free(dsa->priv_key);
48	-
49	+#endif
50	return rc;
51	}
52
53	@@ -1212,9 +1228,7 @@ static int check(unsigned char *keydata, int ks)
54	return 0;
55	if (blen < cur_salt->datalen && ((b = BN_bin2bn(out + 2, blen, NULL)) != NULL)) {
56	char *str = BN_bn2hex(b);
57	- DSA dsa;
58	- ElGamal_secret_key elg;
59	- RSA_secret_key rsa;
60	+
61	if (strlen(str) != blen * 2) { /* verifier 2 */
62	OPENSSL_free(str);
63	return 0;
64	@@ -1222,6 +1236,28 @@ static int check(unsigned char *keydata, int ks)
65	OPENSSL_free(str);
66
67	if (cur_salt->pk_algorithm == 17) { /* DSA check */
68	+#if OPENSSL_VERSION_NUMBER >= 0x10100000
69	+ DSA *dsa = DSA_new();
70	+ BIGNUM p, q, g, pub_key, *priv_key;
71	+
72	+ p = BN_bin2bn(cur_salt->p, cur_salt->pl, NULL);
73	+ // puts(BN_bn2hex(dsa.p));
74	+ q = BN_bin2bn(cur_salt->q, cur_salt->ql, NULL);
75	+ // puts(BN_bn2hex(dsa.q));
76	+ g = BN_bin2bn(cur_salt->g, cur_salt->gl, NULL);
77	+ // puts(BN_bn2hex(dsa.g));
78	+ priv_key = b;
79	+ pub_key = BN_bin2bn(cur_salt->y, cur_salt->yl, NULL);
80	+
81	+ DSA_set0_pqg(dsa, p, q, g);
82	+ DSA_set0_key(dsa, pub_key, priv_key);
83	+
84	+ // puts(BN_bn2hex(dsa.pub_key));
85	+ ret = check_dsa_secret_key(dsa); /* verifier 3 */
86	+ DSA_free(dsa);
87	+#else
88	+ DSA dsa;
89	+
90	dsa.p = BN_bin2bn(cur_salt->p, cur_salt->pl, NULL);
91	// puts(BN_bn2hex(dsa.p));
92	dsa.q = BN_bin2bn(cur_salt->q, cur_salt->ql, NULL);
93	@@ -1232,10 +1268,13 @@ static int check(unsigned char *keydata, int ks)
94	dsa.pub_key = BN_bin2bn(cur_salt->y, cur_salt->yl, NULL);
95	// puts(BN_bn2hex(dsa.pub_key));
96	ret = check_dsa_secret_key(&dsa); /* verifier 3 */
97	+#endif
98	if (ret != 0)
99	return 0;
100	}
101	if (cur_salt->pk_algorithm == 16 \|\| cur_salt->pk_algorithm == 20) { /* ElGamal check */
102	+ ElGamal_secret_key elg;
103	+
104	elg.p = BN_bin2bn(cur_salt->p, cur_salt->pl, NULL);
105	// puts(BN_bn2hex(elg.p));
106	elg.g = BN_bin2bn(cur_salt->g, cur_salt->gl, NULL);
107	@@ -1249,8 +1288,10 @@ static int check(unsigned char *keydata, int ks)
108	return 0;
109	}
110	if (cur_salt->pk_algorithm == 1) { /* RSA check */
111	+ RSA_secret_key rsa;
112	// http://www.ietf.org/rfc/rfc4880.txt
113	int length = 0;
114	+
115	length += give_multi_precision_integer(out, length, &cur_salt->dl, cur_salt->d);
116	length += give_multi_precision_integer(out, length, &cur_salt->pl, cur_salt->p);
117	length += give_multi_precision_integer(out, length, &cur_salt->ql, cur_salt->q);

Lines 1-31 Link Here

(-)john/files/patch-john.c (-31 lines)
1	--- john.c.orig 2014-12-18 07:59:02 UTC
2	+++ john.c
3	@@ -153,8 +153,6 @@ extern int base64conv(int argc, char **argv);
4	extern int hccap2john(int argc, char **argv);
5	extern int zip2john(int argc, char **argv);
6	extern int gpg2john(int argc, char **argv);
7	-extern int ssh2john(int argc, char **argv);
8	-extern int pfx2john(int argc, char **argv);
9	extern int keychain2john(int argc, char **argv);
10	extern int kwallet2john(int argc, char **argv);
11	extern int keepass2john(int argc, char **argv);
12	@@ -1542,19 +1540,9 @@ int main(int argc, char **argv)
13	return unique(argc, argv);
14	}
15
16	- if (!strcmp(name, "ssh2john")) {
17	- CPU_detect_or_fallback(argv, 0);
18	- return ssh2john(argc, argv);
19	- }
20	-
21	if (!strcmp(name, "putty2john")) {
22	CPU_detect_or_fallback(argv, 0);
23	return putty2john(argc, argv);
24	- }
25	-
26	- if (!strcmp(name, "pfx2john")) {
27	- CPU_detect_or_fallback(argv, 0);
28	- return pfx2john(argc, argv);
29	}
30
31	if (!strcmp(name, "keychain2john")) {

Lines 1-26 Link Here

(-)john/files/patch-jumbo.c (-26 lines)
1	--- jumbo.c.orig 2014-12-18 07:59:02 UTC
2	+++ jumbo.c
3	@@ -334,3 +334,23 @@ int setenv(const char name, const char val, int over
4	return 0;
5	}
6	#endif
7	+
8	+int check_pkcs_pad(const unsigned char* data, size_t len, int blocksize)
9	+{
10	+ int pad_len = data[len - 1];
11	+ int padding = pad_len;
12	+ int real_len = len - pad_len;
13	+ const unsigned char *p = data + real_len;
14	+
15	+ if (pad_len > blocksize \|\| pad_len < 1)
16	+ return -1;
17	+
18	+ if (len < blocksize)
19	+ return -1;
20	+
21	+ while (pad_len--)
22	+ if (*p++ != padding)
23	+ return -1;
24	+
25	+ return real_len;
26	+}

Lines 1-13 Link Here

(-)john/files/patch-jumbo.h (-13 lines)
1	--- jumbo.h.orig 2014-12-18 07:59:02 UTC
2	+++ jumbo.h
3	@@ -388,4 +388,10 @@ extern int setenv(const char name, const char val, i
4	//HAVE_STRTOL
5	//HAVE_STRTOUL
6
7	+/*
8	+ * Standard PKCS padding check. On success, returns net length.
9	+ * On failure, returns -1.
10	+ */
11	+extern int check_pkcs_pad(const unsigned char* data, size_t len, int blocksize);
12	+
13	#endif /* _JTR_JUMBO_H */

Lines 1-254 Link Here

(-)john/files/patch-rar__fmt__plug.c (-254 lines)
1	--- rar_fmt_plug.c.orig 2014-12-18 07:59:02 UTC
2	+++ rar_fmt_plug.c
3	@@ -48,15 +48,7 @@ john_register_one(&fmt_rar);
4	#else
5
6	#include <string.h>
7	-#include <assert.h>
8	#include <errno.h>
9	-#include <openssl/engine.h>
10	-#include <openssl/evp.h>
11	-#include <openssl/ssl.h>
12	-
13	-#include "arch.h"
14	-#include "sha.h"
15	-
16	#if AC_BUILT
17	#include "autoconfig.h"
18	#endif
19	@@ -71,6 +63,8 @@ john_register_one(&fmt_rar);
20	#include <sys/mman.h>
21	#endif
22
23	+#include "arch.h"
24	+#include "sha.h"
25	#include "crc32.h"
26	#include "misc.h"
27	#include "common.h"
28	@@ -119,9 +113,7 @@ john_register_one(&fmt_rar);
29
30	#ifdef _OPENMP
31	#include <omp.h>
32	-#include <pthread.h>
33	#define OMP_SCALE 4
34	-static pthread_mutex_t *lockarray;
35	#endif
36
37	#include "memdbg.h"
38	@@ -198,71 +190,6 @@ static struct fmt_tests cpu_tests[] = {
39	{NULL}
40	};
41
42	-#if defined (_OPENMP)
43	-static void lock_callback(int mode, int type, const char *file, int line)
44	-{
45	- (void)file;
46	- (void)line;
47	- if (mode & CRYPTO_LOCK)
48	- pthread_mutex_lock(&(lockarray[type]));
49	- else
50	- pthread_mutex_unlock(&(lockarray[type]));
51	-}
52	-
53	-static unsigned long thread_id(void)
54	-{
55	- return omp_get_thread_num();
56	-}
57	-
58	-static void init_locks(void)
59	-{
60	- int i;
61	- lockarray = (pthread_mutex_t) OPENSSL_malloc(CRYPTO_num_locks() sizeof(pthread_mutex_t));
62	- for (i = 0; i < CRYPTO_num_locks(); i++)
63	- pthread_mutex_init(&(lockarray[i]), NULL);
64	- CRYPTO_set_id_callback(thread_id);
65	- CRYPTO_set_locking_callback(lock_callback);
66	-}
67	-#endif /* _OPENMP */
68	-
69	-/* Use AES-NI if available. This is not supported with low-level calls,
70	- we have to use EVP) */
71	-static void init_aesni(void)
72	-{
73	- ENGINE *e;
74	- const char *engine_id = "aesni";
75	-
76	- ENGINE_load_builtin_engines();
77	- e = ENGINE_by_id(engine_id);
78	- if (!e) {
79	- //fprintf(stderr, "AES-NI engine not available\n");
80	- return;
81	- }
82	- if (!ENGINE_init(e)) {
83	- fprintf(stderr, "AES-NI engine could not init\n");
84	- ENGINE_free(e);
85	- return;
86	- }
87	- if (!ENGINE_set_default(e, ENGINE_METHOD_ALL & ~ENGINE_METHOD_RAND)) {
88	- /* This should only happen when 'e' can't initialise, but the
89	- * previous statement suggests it did. */
90	- fprintf(stderr, "AES-NI engine initialized but then failed\n");
91	- abort();
92	- }
93	- ENGINE_finish(e);
94	- ENGINE_free(e);
95	-}
96	-
97	-#ifndef __APPLE__ /* Apple segfaults on this :) */
98	-static void openssl_cleanup(void)
99	-{
100	- ENGINE_cleanup();
101	- ERR_free_strings();
102	- CRYPTO_cleanup_all_ex_data();
103	- EVP_cleanup();
104	-}
105	-#endif
106	-
107	#undef set_key
108	static void set_key(char *key, int index)
109	{
110	@@ -418,7 +345,6 @@ static void init(struct fmt_main *self)
111	omp_t = omp_get_max_threads();
112	self->params.min_keys_per_crypt *= omp_t;
113	self->params.max_keys_per_crypt = omp_t * OMP_SCALE * MAX_KEYS_PER_CRYPT;
114	- init_locks();
115	#endif /* _OPENMP */
116
117	if (pers_opts.target_enc == UTF_8)
118	@@ -436,14 +362,6 @@ static void init(struct fmt_main *self)
119	self->params.benchmark_comment = " (1-16 characters)";
120	#endif
121
122	- /* OpenSSL init */
123	- init_aesni();
124	- SSL_load_error_strings();
125	- SSL_library_init();
126	- OpenSSL_add_all_algorithms();
127	-#ifndef __APPLE__
128	- atexit(openssl_cleanup);
129	-#endif
130	/* CRC-32 table init, do it before we start multithreading */
131	{
132	CRC32_t crc;
133	@@ -716,53 +634,43 @@ static int crypt_all(int pcount, struct db_salt salt
134	#pragma omp parallel for
135	#endif
136	for (index = 0; index < count; index++) {
137	- int i16 = index*16;
138	- unsigned int inlen = 16;
139	- int outlen;
140	- EVP_CIPHER_CTX aes_ctx;
141	+ AES_KEY aes_ctx;
142	+ unsigned char key = &aes_key[index 16];
143	+ unsigned char iv = &aes_iv[index 16];
144
145	- EVP_CIPHER_CTX_init(&aes_ctx);
146	- EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_cbc(), NULL, &aes_key[i16], &aes_iv[i16]);
147	- EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
148	+ AES_set_decrypt_key(key, 128, &aes_ctx);
149
150	//fprintf(stderr, "key %s\n", utf16_to_enc((UTF16)&saved_key[index UNICODE_LENGTH]));
151	/* AES decrypt, uses aes_iv, aes_key and blob */
152	if (cur_file->type == 0) { /* rar-hp mode */
153	unsigned char plain[16];
154
155	- outlen = 0;
156	+ AES_cbc_encrypt(cur_file->blob, plain, 16,
157	+ &aes_ctx, iv, AES_DECRYPT);
158
159	- EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cur_file->blob, inlen);
160	- EVP_DecryptFinal_ex(&aes_ctx, &plain[outlen], &outlen);
161	-
162	cracked[index] = !memcmp(plain, "\xc4\x3d\x7b\x00\x40\x07\x00", 7);
163	-
164	} else {
165	-
166	if (cur_file->method == 0x30) { /* stored, not deflated */
167	CRC32_t crc;
168	unsigned char crc_out[4];
169	- unsigned char plain[0x8010];
170	+ unsigned char plain[0x8000];
171	unsigned long long size = cur_file->unp_size;
172	unsigned char *cipher = cur_file->blob;
173
174	/* Use full decryption with CRC check.
175	Compute CRC of the decompressed plaintext */
176	CRC32_Init(&crc);
177	- outlen = 0;
178
179	- while (size > 0x8000) {
180	- inlen = 0x8000;
181	+ while (size) {
182	+ unsigned int inlen = (size > 0x8000) ? 0x8000 : size;
183
184	- EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cipher, inlen);
185	- CRC32_Update(&crc, plain, outlen > size ? size : outlen);
186	- size -= outlen;
187	+ AES_cbc_encrypt(cipher, plain, inlen,
188	+ &aes_ctx, iv, AES_DECRYPT);
189	+
190	+ CRC32_Update(&crc, plain, inlen);
191	+ size -= inlen;
192	cipher += inlen;
193	}
194	- EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cipher, (size + 15) & ~0xf);
195	- EVP_DecryptFinal_ex(&aes_ctx, &plain[outlen], &outlen);
196	- size += outlen;
197	- CRC32_Update(&crc, plain, size);
198	CRC32_Final(crc_out, crc);
199
200	/* Compare computed CRC with stored CRC */
201	@@ -771,15 +679,16 @@ static int crypt_all(int pcount, struct db_salt salt
202	const int solid = 0;
203	unpack_data_t *unpack_t;
204	unsigned char plain[20];
205	+ unsigned char pre_iv[16];
206
207	cracked[index] = 0;
208
209	+ memcpy(pre_iv, iv, 16);
210	+
211	/* Decrypt just one block for early rejection */
212	- outlen = 0;
213	- EVP_DecryptUpdate(&aes_ctx, plain, &outlen, cur_file->blob, 16);
214	- EVP_DecryptFinal_ex(&aes_ctx, &plain[outlen], &outlen);
215	+ AES_cbc_encrypt(cur_file->blob, plain, 16,
216	+ &aes_ctx, pre_iv, AES_DECRYPT);
217
218	-#if 1
219	/* Early rejection */
220	if (plain[0] & 0x80) {
221	// PPM checks here.
222	@@ -792,10 +701,10 @@ static int crypt_all(int pcount, struct db_salt salt
223	!check_huffman(plain)) // Huffman table check
224	goto bailOut;
225	}
226	-#endif
227	+
228	/* Reset stuff for full check */
229	- EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_cbc(), NULL, &aes_key[i16], &aes_iv[i16]);
230	- EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
231	+ AES_set_decrypt_key(key, 128, &aes_ctx);
232	+
233	#ifdef _OPENMP
234	unpack_t = &unpack_data[omp_get_thread_num()];
235	#else
236	@@ -804,16 +713,15 @@ static int crypt_all(int pcount, struct db_salt salt
237	unpack_t->max_size = cur_file->unp_size;
238	unpack_t->dest_unp_size = cur_file->unp_size;
239	unpack_t->pack_size = cur_file->pack_size;
240	- unpack_t->iv = &aes_iv[i16];
241	+ unpack_t->iv = iv;
242	unpack_t->ctx = &aes_ctx;
243	- unpack_t->key = &aes_key[i16];
244	+ unpack_t->key = key;
245
246	if (rar_unpack29(cur_file->blob, solid, unpack_t))
247	cracked[index] = !memcmp(&unpack_t->unp_crc, &cur_file->crc.c, 4);
248	bailOut:;
249	}
250	}
251	- EVP_CIPHER_CTX_cleanup(&aes_ctx);
252	}
253	return count;
254	}

Lines 1-13 Link Here

(-)john/files/patch-truecrypt__fmt__plug.c (-13 lines)
1	--- truecrypt_fmt_plug.c.orig 2014-12-18 07:59:02 UTC
2	+++ truecrypt_fmt_plug.c
3	@@ -310,8 +310,8 @@ static int crypt_all(int *pcount, struct
4	pbkdf2_sha512_sse((const unsigned char **)pin, lens, psalt->salt, 64, psalt->num_iterations, &(x.poutc), sizeof(key), 0);
5	}
6	#else
7	- if (is_sha512)
8	- pbkdf2_sha512((const unsigned char*)key_buffer[i], strlen(key_buffer[i]), psalt->salt, 64, num_iterations, key, sizeof(key), 0);
9	+ if (psalt->hash_type == IS_SHA512)
10	+ pbkdf2_sha512((const unsigned char)key_buffer[i], strlen((char)key_buffer[i]), psalt->salt, 64, psalt->num_iterations, key, sizeof(key), 0);
11	#endif
12	else if (psalt->hash_type == IS_RIPEMD160)
13	pbkdf2_ripemd160(key_buffer[i], strlen((char*)(key_buffer[i])), psalt->salt, 64, psalt->num_iterations, key, sizeof(key), 0);

Lines 1-25 Link Here

(-)john/files/patch-unrar.c (-25 lines)
1	--- unrar.c.orig 2014-09-19 16:40:51 UTC
2	+++ unrar.c
3	@@ -31,7 +31,6 @@
4	#include <errno.h>
5	#include <stdlib.h>
6	#include <string.h>
7	-#include <openssl/evp.h>
8
9	#include "unrar.h"
10	#include "unrarppm.h"
11	@@ -136,13 +135,7 @@ int rar_unp_read_buf(const unsigned char **fd, unpack_
12	}
13
14	if (read_size) {
15	- int outlen;
16	-
17	- EVP_DecryptUpdate(unpack_data->ctx, unpack_data->in_buf + data_size, &outlen, *fd, read_size);
18	- if (outlen > read_size - 16) {
19	- EVP_DecryptFinal_ex(unpack_data->ctx, unpack_data->in_buf + data_size + outlen, &outlen);
20	- } else
21	- read_size = outlen;
22	+ AES_cbc_encrypt(*fd, unpack_data->in_buf + data_size, read_size, unpack_data->ctx, unpack_data->iv, AES_DECRYPT);
23	*fd += read_size;
24	unpack_data->read_top += read_size;
25	unpack_data->pack_size -= read_size;

Lines 1-25 Link Here

(-)john/files/patch-unrar.h (-25 lines)
1	--- unrar.h.orig 2014-05-16 13:40:40 UTC
2	+++ unrar.h
3	@@ -24,12 +24,12 @@
4	#define UNRAR_H 1
5
6	#include "arch.h"
7	-#include <openssl/evp.h>
8
9	#include <sys/types.h>
10
11	struct unpack_data_tag;
12
13	+#include "aes/aes.h"
14	#include "unrarhlp.h"
15	#include "unrarppm.h"
16	#include "unrarvm.h"
17	@@ -198,7 +198,7 @@ typedef struct unpack_data_tag
18	rarvm_data_t rarvm_data;
19	unsigned int unp_crc;
20	unsigned int pack_size;
21	- EVP_CIPHER_CTX *ctx;
22	+ AES_KEY *ctx;
23	unsigned char *key;
24	unsigned char *iv;
25	} unpack_data_t;

Lines 1-14 Link Here

(-)john/files/patch-wordlist.c (-14 lines)
1	--- wordlist.c.orig 2014-11-11 14:41:25 UTC
2	+++ wordlist.c
3	@@ -10,11 +10,6 @@
4	* There's ABSOLUTELY NO WARRANTY, express or implied.
5	*/
6
7	-/* NOTE, _POSIX_SOURCE fuk's up solaris 32 bit 64 bit processing!!! */
8	-#ifndef sparc
9	-#define _POSIX_SOURCE /* for fileno(3) */
10	-#endif
11	-
12	#include <stdio.h>
13	#include <sys/stat.h>
14

Lines 1-62 Link Here

(-)john/files/patch-wpapsk.h (-62 lines)
1	--- wpapsk.h.orig 2014-10-03 01:08:17 UTC
2	+++ wpapsk.h
3	@@ -13,6 +13,9 @@
4	#include "arch.h"
5	#include "common.h"
6	#include "johnswap.h"
7	+#include "md5.h"
8	+#include "hmacmd5.h"
9	+#include "pbkdf2_hmac_sha1.h"
10	#include "stdint.h"
11
12	#include <assert.h>
13	@@ -200,7 +203,6 @@ static int valid(char ciphertext, struct fmt_main se
14	#ifndef JOHN_OCL_WPAPSK
15	static MAYBE_INLINE void prf_512(uint32_t * key, uint8_t * data, uint32_t * ret)
16	{
17	- HMAC_CTX ctx;
18	char text = (char)"Pairwise key expansion";
19	unsigned char buff[100];
20
21	@@ -208,10 +210,7 @@ static MAYBE_INLINE void prf_512(uint32_t * key, uint8
22	memcpy(buff + 23, data, 76);
23	buff[22] = 0;
24	buff[76 + 23] = 0;
25	- HMAC_Init(&ctx, key, 32, EVP_sha1());
26	- HMAC_Update(&ctx, buff, 100);
27	- HMAC_Final(&ctx, (unsigned char *) ret, NULL);
28	- HMAC_CTX_cleanup(&ctx);
29	+ hmac_sha1((unsigned char)key, 32, buff, 100, (unsigned char)ret, 20);
30	}
31	#endif
32
33	@@ -346,9 +345,12 @@ static void wpapsk_postprocess(int keys)
34	#endif
35	for (i = 0; i < keys; i++) {
36	uint32_t prf[20/4];
37	+ HMACMD5Context ctx;
38	+
39	prf_512(outbuffer[i].v, data, prf);
40	- HMAC(EVP_md5(), prf, 16, hccap.eapol, hccap.eapol_size,
41	- mic[i].keymic, NULL);
42	+ hmac_md5_init_K16((unsigned char*)prf, &ctx);
43	+ hmac_md5_update(hccap.eapol, hccap.eapol_size, &ctx);
44	+ hmac_md5_final(mic[i].keymic, &ctx);
45	}
46	} else {
47	#ifdef _OPENMP
48	@@ -356,11 +358,10 @@ static void wpapsk_postprocess(int keys)
49	#endif
50	for (i = 0; i < keys; i++) {
51	uint32_t prf[20/4];
52	- unsigned char keymic[20];
53	+
54	prf_512(outbuffer[i].v, data, prf);
55	- HMAC(EVP_sha1(), prf, 16, hccap.eapol,
56	- hccap.eapol_size, keymic, NULL);
57	- memcpy(mic[i].keymic, keymic, 16);
58	+ hmac_sha1((unsigned char*)prf, 16, hccap.eapol,
59	+ hccap.eapol_size, mic[i].keymic, 16);
60	}
61	}
62	}

Lines 12-18 Link Here

(-)john/pkg-plist (-10 / +108 lines)
12	bin/keyring2john	12	bin/keyring2john
13	bin/keystore2john	13	bin/keystore2john
14	bin/kwallet2john	14	bin/kwallet2john
15	bin/luks2john
16	bin/mkvcalcproba	15	bin/mkvcalcproba
17	bin/putty2john	16	bin/putty2john
18	bin/pwsafe2john	17	bin/pwsafe2john
Lines 30-36 Link Here
30	bin/wpapcap2john	29	bin/wpapcap2john
31	bin/zip2john	30	bin/zip2john
32	%%DATADIR%%/extra/1password2john.py	31	%%DATADIR%%/extra/1password2john.py
33	%%DATADIR%%/extra/7z2john.py
34	%%DATADIR%%/extra/aix2john.pl	32	%%DATADIR%%/extra/aix2john.pl
35	%%DATADIR%%/extra/aix2john.py	33	%%DATADIR%%/extra/aix2john.py
36	%%DATADIR%%/extra/androidfde2john.py	34	%%DATADIR%%/extra/androidfde2john.py
Lines 43-49 Link Here
43	%%DATADIR%%/extra/dictionary.rfc2865	41	%%DATADIR%%/extra/dictionary.rfc2865
44	%%DATADIR%%/extra/dmg2john.py	42	%%DATADIR%%/extra/dmg2john.py
45	%%DATADIR%%/extra/ecryptfs2john.py	43	%%DATADIR%%/extra/ecryptfs2john.py
46	%%DATADIR%%/extra/efs2john.py
47	%%DATADIR%%/extra/encfs2john.py	44	%%DATADIR%%/extra/encfs2john.py
48	%%DATADIR%%/extra/genincstats.rb	45	%%DATADIR%%/extra/genincstats.rb
49	%%DATADIR%%/extra/hextoraw.pl	46	%%DATADIR%%/extra/hextoraw.pl
Lines 65-81 Link Here
65	%%DATADIR%%/extra/mailer	62	%%DATADIR%%/extra/mailer
66	%%DATADIR%%/extra/makechr	63	%%DATADIR%%/extra/makechr
67	%%DATADIR%%/extra/mcafee_epo2john.py	64	%%DATADIR%%/extra/mcafee_epo2john.py
68	%%DATADIR%%/extra/ml2john.py
69	%%DATADIR%%/extra/mozilla2john.py	65	%%DATADIR%%/extra/mozilla2john.py
70	%%DATADIR%%/extra/netntlm.pl	66	%%DATADIR%%/extra/netntlm.pl
71	%%DATADIR%%/extra/netscreen.py	67	%%DATADIR%%/extra/netscreen.py
72	%%DATADIR%%/extra/odf2john.py
73	%%DATADIR%%/extra/office2john.py	68	%%DATADIR%%/extra/office2john.py
74	%%DATADIR%%/extra/openbsd_softraid2john.py	69	%%DATADIR%%/extra/openbsd_softraid2john.py
75	%%DATADIR%%/extra/openssl2john.py	70	%%DATADIR%%/extra/openssl2john.py
76	%%DATADIR%%/extra/pass_gen.pl	71	%%DATADIR%%/extra/pass_gen.pl
77	%%DATADIR%%/extra/pcap2john.py	72	%%DATADIR%%/extra/pcap2john.py
78	%%DATADIR%%/extra/pdf2john.py	73	%%DATADIR%%/extra/pdf2john.pl
79	%%DATADIR%%/extra/radius2john.pl	74	%%DATADIR%%/extra/radius2john.pl
80	%%DATADIR%%/extra/relbench	75	%%DATADIR%%/extra/relbench
81	%%DATADIR%%/extra/rexgen2rules.pl	76	%%DATADIR%%/extra/rexgen2rules.pl
Lines 83-93 Link Here
83	%%DATADIR%%/extra/sha-dump.pl	78	%%DATADIR%%/extra/sha-dump.pl
84	%%DATADIR%%/extra/sha-test.pl	79	%%DATADIR%%/extra/sha-test.pl
85	%%DATADIR%%/extra/sipdump2john.py	80	%%DATADIR%%/extra/sipdump2john.py
86	%%DATADIR%%/extra/ssh2sshng.py
87	%%DATADIR%%/extra/sshng2john.py
88	%%DATADIR%%/extra/stats	81	%%DATADIR%%/extra/stats
89	%%DATADIR%%/extra/strip2john.py	82	%%DATADIR%%/extra/strip2john.py
90	%%DATADIR%%/extra/sxc2john.py	83	%%DATADIR%%/extra/7z2john.pl
		84	%%DATADIR%%/extra/DPAPImk2john.py
		85	%%DATADIR%%/extra/adxcsouf2john.py
		86	%%DATADIR%%/extra/aem2john.py
		87	%%DATADIR%%/extra/andotp2john.py
		88	%%DATADIR%%/extra/androidbackup2john.py
		89	%%DATADIR%%/extra/ansible2john.py
		90	%%DATADIR%%/extra/applenotes2john.py
		91	%%DATADIR%%/extra/aruba2john.py
		92	%%DATADIR%%/extra/axcrypt2john.py
		93	%%DATADIR%%/extra/bestcrypt2john.py
		94	%%DATADIR%%/extra/bitlocker2john
		95	%%DATADIR%%/extra/bitshares2john.py
		96	%%DATADIR%%/extra/bitwarden2john.py
		97	%%DATADIR%%/extra/bks2john.py
		98	%%DATADIR%%/extra/ccache2john.py
		99	%%DATADIR%%/extra/codepage.pl
		100	%%DATADIR%%/extra/dashlane2john.py
		101	%%DATADIR%%/extra/deepsound2john.py
		102	%%DATADIR%%/extra/dns/README.txt
		103	%%DATADIR%%/extra/dns/__init__.py
		104	%%DATADIR%%/extra/dns/_compat.py
		105	%%DATADIR%%/extra/dns/exception.py
		106	%%DATADIR%%/extra/dns/flags.py
		107	%%DATADIR%%/extra/dns/hash.py
		108	%%DATADIR%%/extra/dns/message.py
		109	%%DATADIR%%/extra/dns/name.py
		110	%%DATADIR%%/extra/dns/opcode.py
		111	%%DATADIR%%/extra/dns/rdata.py
		112	%%DATADIR%%/extra/dns/rdataclass.py
		113	%%DATADIR%%/extra/dns/rdataset.py
		114	%%DATADIR%%/extra/dns/rdatatype.py
		115	%%DATADIR%%/extra/dns/rrset.py
		116	%%DATADIR%%/extra/dns/set.py
		117	%%DATADIR%%/extra/dns/tokenizer.py
		118	%%DATADIR%%/extra/dns/tsig.py
		119	%%DATADIR%%/extra/dns/tsigkeyring.py
		120	%%DATADIR%%/extra/dns/wiredata.py
		121	%%DATADIR%%/extra/eapmd5tojohn
		122	%%DATADIR%%/extra/ejabberd2john.py
		123	%%DATADIR%%/extra/electrum2john.py
		124	%%DATADIR%%/extra/enpass2john.py
		125	%%DATADIR%%/extra/ethereum2john.py
		126	%%DATADIR%%/extra/filezilla2john.py
		127	%%DATADIR%%/extra/fuzz_option.pl
		128	%%DATADIR%%/extra/geli2john.py
		129	%%DATADIR%%/extra/hccapx2john.py
		130	%%DATADIR%%/extra/ibmiscanner2john.py
		131	%%DATADIR%%/extra/itunes_backup2john.pl
		132	%%DATADIR%%/extra/iwork2john.py
		133	%%DATADIR%%/extra/keyring2john.py
		134	%%DATADIR%%/extra/kirbi2john.py
		135	%%DATADIR%%/extra/krb2john.py
		136	%%DATADIR%%/extra/lastpass2john.py
		137	%%DATADIR%%/extra/lib/ExifTool.pm
		138	%%DATADIR%%/extra/lib/PDF.pm
		139	%%DATADIR%%/extra/lib/RandomAccess.pm
		140	%%DATADIR%%/extra/libreoffice2john.py
		141	%%DATADIR%%/extra/luks2john.py
		142	%%DATADIR%%/extra/mac2john-alt.py
		143	%%DATADIR%%/extra/mac2john.py
		144	%%DATADIR%%/extra/monero2john.py
		145	%%DATADIR%%/extra/money2john.py
		146	%%DATADIR%%/extra/multibit2john.py
		147	%%DATADIR%%/extra/neo2john.py
148	%%DATADIR%%/extra/network2john.lua
149	%%DATADIR%%/extra/padlock2john.py
150	%%DATADIR%%/extra/pem2john.py
151	%%DATADIR%%/extra/pfx2john.py
152	%%DATADIR%%/extra/pgpdisk2john.py
153	%%DATADIR%%/extra/pgpsda2john.py
154	%%DATADIR%%/extra/pgpwde2john.py
155	%%DATADIR%%/extra/potcheck.pl
156	%%DATADIR%%/extra/prosody2john.py
157	%%DATADIR%%/extra/ps_token2john.py
158	%%DATADIR%%/extra/pse2john.py
159	%%DATADIR%%/extra/pwsafe2john.py
160	%%DATADIR%%/extra/radius2john.py
161	%%DATADIR%%/extra/rulestack.pl
162	%%DATADIR%%/extra/signal2john.py
163	%%DATADIR%%/extra/ssh2john.py
164	%%DATADIR%%/extra/sspr2john.py
165	%%DATADIR%%/extra/staroffice2john.py
166	%%DATADIR%%/extra/telegram2john.py
167	%%DATADIR%%/extra/tezos2john.py
168	%%DATADIR%%/extra/truecrypt2john.py
169	%%DATADIR%%/extra/unrule.pl
170	%%DATADIR%%/extra/vdi2john.pl
171	%%DATADIR%%/extra/vmx2john.py
172	%%DATADIR%%/extra/ztex/inouttraffic.ihx
173	%%DATADIR%%/extra/ztex/ztex115y_bcrypt.bit
174	%%DATADIR%%/extra/ztex/ztex115y_descrypt.bit
175	%%DATADIR%%/extra/ztex/ztex115y_md5crypt.bit
176	%%DATADIR%%/extra/ztex/ztex115y_sha256crypt.bit
177	%%DATADIR%%/extra/ztex/ztex115y_sha512crypt.bit
178	%%DATADIR%%/rules/InsidePro-PasswordsPro.rule
179	%%DATADIR%%/rules/T0XlC-insert_top_100_passwords_1_G.rule
180	%%DATADIR%%/rules/T0XlC.rule
181	%%DATADIR%%/rules/T0XlCv1.rule
182	%%DATADIR%%/rules/best64.rule
183	%%DATADIR%%/rules/d3ad0ne.rule
184	%%DATADIR%%/rules/dive.rule
185	%%DATADIR%%/rules/passphrase-rule1.rule
186	%%DATADIR%%/rules/passphrase-rule2.rule
187	%%DATADIR%%/rules/rockyou-30000.rule
188	%%DATADIR%%/rules/specific.rule
91	%%DATADIR%%/alnum.chr	189	%%DATADIR%%/alnum.chr
92	%%DATADIR%%/alnumspace.chr	190	%%DATADIR%%/alnumspace.chr
93	%%DATADIR%%/alpha.chr	191	%%DATADIR%%/alpha.chr
Lines 97-104 Link Here
97	%%DATADIR%%/dumb32.conf	195	%%DATADIR%%/dumb32.conf
98	%%DATADIR%%/dynamic.conf	196	%%DATADIR%%/dynamic.conf
99	%%DATADIR%%/dynamic_flat_sse_formats.conf	197	%%DATADIR%%/dynamic_flat_sse_formats.conf
		198	%%DATADIR%%/hybrid.conf
100	%%DATADIR%%/john.conf	199	%%DATADIR%%/john.conf
101	%%DATADIR%%/john.local.conf
102	%%DATADIR%%/korelogic.conf	200	%%DATADIR%%/korelogic.conf
103	%%DATADIR%%/lanman.chr	201	%%DATADIR%%/lanman.chr
104	%%DATADIR%%/latin1.chr	202	%%DATADIR%%/latin1.chr