From 71f5756fdbf2edbc398c050b1d9f21d76481ff7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Sat, 6 Feb 2016 09:37:07 +0100
Subject: [PATCH] Update for nettle-3.

---
 ChangeLog                 |  17 ++++++
 src/crypto.c              |  32 +++++-----
 src/dsa.c                 | 119 +++++++++++++++++++-------------------
 src/dummy.c               |   4 +-
 src/lsh-keygen.c          |  58 +++++++++++--------
 src/lsh_string.c          |  10 ++--
 src/lsh_string.h          |   6 +-
 src/randomness.h          |   2 +-
 src/sexp.c                |   2 +-
 src/testsuite/testutils.c |   2 +-
 src/unix_random.c         |   2 +-
 11 files changed, 142 insertions(+), 112 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 2657a7ac6..052e824a6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,20 @@
+2016-02-06  Niels Möller  <nisse@lysator.liu.se>
+
+	Nettle-3 update.
+	* lsh_string.h: nettle_crypt_func --> nettle_cipher_func.
+	* src/crypto.c: nettle_crypt_func --> nettle_cipher_func.
+	(make_cast128_cbc_instance): No key_size argument to
+	cast128_set_key.
+	* src/dsa.c: Update to new DSA interface.
+	* src/lsh-keygen.c (dsa_sha1_generate_key)
+	(dsa_sha256_generate_key): Update to new DSA interface.
+	* src/dummy.c: unsigned --> size_t.
+	* src/randomness.h: unsigned --> size_t.
+	* src/unix_random.c: unsigned --> size_t.
+	* src/testsuite/testutils.c: unsigned --> size_t.
+	* src/lsh_string.c: unsigned --> size_t, nettle_crypt_func -->
+	nettle_cipher_func,
+
 2014-10-06  Niels Möller  <nisse@lysator.liu.se>
 
 	* src/testsuite/tcpconnect.c (main): Ignore ECONNRESET failure of
diff --git a/src/crypto.c b/src/crypto.c
index c9aef660a..1195974fa 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -119,7 +119,7 @@ do_aes_cbc_encrypt(struct crypto_instance *s,
 
   lsh_string_cbc_encrypt(dst, di, src, si, length,
 			 AES_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) aes_encrypt,
+			 (nettle_cipher_func *) aes_encrypt,
 			 &self->ctx.ctx);
 }
 
@@ -133,7 +133,7 @@ do_aes_cbc_decrypt(struct crypto_instance *s,
 
   lsh_string_cbc_decrypt(dst, di, src, si, length,
 			 AES_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) aes_decrypt,
+			 (nettle_cipher_func *) aes_decrypt,
 			 &self->ctx.ctx);
 }
 
@@ -185,7 +185,7 @@ do_aes_ctr_crypt(struct crypto_instance *s,
 
   lsh_string_ctr_crypt(dst, di, src, si, length,
 		       AES_BLOCK_SIZE, self->ctx.ctr,
-		       (nettle_crypt_func *) aes_encrypt,
+		       (nettle_cipher_func *) aes_encrypt,
 		       &self->ctx.ctx);
 }
 
@@ -230,7 +230,7 @@ do_des3_encrypt(struct crypto_instance *s,
 
   lsh_string_cbc_encrypt(dst, di, src, si, length,
 			 DES3_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) des3_encrypt,
+			 (nettle_cipher_func *) des3_encrypt,
 			 &self->ctx.ctx);
 }
 
@@ -244,7 +244,7 @@ do_des3_decrypt(struct crypto_instance *s,
 
   lsh_string_cbc_decrypt(dst, di, src, si, length,
 			 DES3_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) des3_decrypt,
+			 (nettle_cipher_func *) des3_decrypt,
 			 &self->ctx.ctx);
 }
 
@@ -294,7 +294,7 @@ do_des3_ctr_crypt(struct crypto_instance *s,
 
   lsh_string_ctr_crypt(dst, di, src, si, length,
 		       DES3_BLOCK_SIZE, self->ctx.ctr,
-		       (nettle_crypt_func *) des3_encrypt,
+		       (nettle_cipher_func *) des3_encrypt,
 		       &self->ctx.ctx);
 }
 
@@ -337,7 +337,7 @@ do_cast128_encrypt(struct crypto_instance *s,
 
   lsh_string_cbc_encrypt(dst, di, src, si, length,
 			 CAST128_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) cast128_encrypt,
+			 (nettle_cipher_func *) cast128_encrypt,
 			 &self->ctx.ctx);
 }
 
@@ -351,12 +351,12 @@ do_cast128_decrypt(struct crypto_instance *s,
 
   lsh_string_cbc_decrypt(dst, di, src, si, length,
 			 CAST128_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) cast128_decrypt,
+			 (nettle_cipher_func *) cast128_decrypt,
 			 &self->ctx.ctx);
 }
 
 static struct crypto_instance *
-make_cast128_cbc_instance(struct crypto_algorithm *algorithm, int mode,
+make_cast128_cbc_instance(struct crypto_algorithm *algorithm UNUSED, int mode,
                           const uint8_t *key, const uint8_t *iv)
 {
   NEW(cast128_instance, self);
@@ -366,7 +366,7 @@ make_cast128_cbc_instance(struct crypto_algorithm *algorithm, int mode,
 			? do_cast128_encrypt
 			: do_cast128_decrypt);
 
-  cast128_set_key(&self->ctx.ctx, algorithm->key_size, key);
+  cast128_set_key(&self->ctx.ctx, key);
   CBC_SET_IV(&self->ctx, iv);
 
   return(&self->super);
@@ -397,7 +397,7 @@ do_twofish_encrypt(struct crypto_instance *s,
 
   lsh_string_cbc_encrypt(dst, di, src, si, length,
 			 TWOFISH_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) twofish_encrypt,
+			 (nettle_cipher_func *) twofish_encrypt,
 			 &self->ctx.ctx);
 }
 
@@ -411,7 +411,7 @@ do_twofish_decrypt(struct crypto_instance *s,
 
   lsh_string_cbc_decrypt(dst, di, src, si, length,
 			 TWOFISH_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) twofish_decrypt,
+			 (nettle_cipher_func *) twofish_decrypt,
 			 &self->ctx.ctx);
 }
 
@@ -456,7 +456,7 @@ do_blowfish_encrypt(struct crypto_instance *s,
 
   lsh_string_cbc_encrypt(dst, di, src, si, length,
 			 BLOWFISH_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) blowfish_encrypt,
+			 (nettle_cipher_func *) blowfish_encrypt,
 			 &self->ctx.ctx);
 }
 
@@ -470,7 +470,7 @@ do_blowfish_decrypt(struct crypto_instance *s,
 
   lsh_string_cbc_decrypt(dst, di, src, si, length,
 			 BLOWFISH_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) blowfish_decrypt,
+			 (nettle_cipher_func *) blowfish_decrypt,
 			 &self->ctx.ctx);
 }
 
@@ -522,7 +522,7 @@ do_serpent_encrypt(struct crypto_instance *s,
 
   lsh_string_cbc_encrypt(dst, di, src, si, length,
 			 SERPENT_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) serpent_encrypt,
+			 (nettle_cipher_func *) serpent_encrypt,
 			 &self->ctx.ctx);
 }
 
@@ -536,7 +536,7 @@ do_serpent_decrypt(struct crypto_instance *s,
 
   lsh_string_cbc_decrypt(dst, di, src, si, length,
 			 SERPENT_BLOCK_SIZE, self->ctx.iv,
-			 (nettle_crypt_func *) serpent_decrypt,
+			 (nettle_cipher_func *) serpent_decrypt,
 			 &self->ctx.ctx);
 }
 
diff --git a/src/dsa.c b/src/dsa.c
index 230698d21..a185d0f2f 100644
--- a/src/dsa.c
+++ b/src/dsa.c
@@ -64,8 +64,9 @@
      (name dsa_verifier)
      (super verifier)
      (vars
-       (key indirect-special "struct dsa_public_key"
-            #f dsa_public_key_clear)))
+       (params indirect-special "struct dsa_params"
+            #f dsa_params_clear)
+       (key bignum)))
 */
 
 /* GABA:
@@ -74,8 +75,7 @@
      (super signer)
      (vars
        (verifier object dsa_verifier)
-       (key indirect-special "struct dsa_private_key"
-            #f dsa_private_key_clear)))
+       (key bignum)))
 */
 
 static int
@@ -87,6 +87,7 @@ do_dsa_verify(struct verifier *c, int algorithm,
 {
   CAST(dsa_verifier, self, c);
   struct sha1_ctx hash;
+  uint8_t digest[SHA1_DIGEST_SIZE];
 
   struct simple_buffer buffer;
 
@@ -148,8 +149,8 @@ do_dsa_verify(struct verifier *c, int algorithm,
 
   sha1_init(&hash);
   sha1_update(&hash, length, msg);
-  
-  res = dsa_sha1_verify(&self->key, &hash, &sv);
+  sha1_digest(&hash, sizeof(digest), digest);
+  res = dsa_verify(&self->params, self->key, sizeof(digest), digest, &sv);
  fail:
 
   dsa_signature_clear(&sv);
@@ -164,8 +165,8 @@ do_dsa_public_key(struct verifier *s)
   CAST(dsa_verifier, self, s);
   return ssh_format("%a%n%n%n%n",
 		    ATOM_SSH_DSS,
-		    self->key.p, self->key.q,
-		    self->key.g, self->key.y);
+		    self->params.p, self->params.q,
+		    self->params.g, self->key);
 }
 
 /* FIXME: Should maybe switch to the name "dsa-sha1". Not sure what we
@@ -179,16 +180,16 @@ do_dsa_public_spki_key(struct verifier *s, int transport)
   return lsh_string_format_sexp(transport,
 				"(%0s(%0s(%0s%b)(%0s%b)(%0s%b)(%0s%b)))",
 				"public-key",  "dsa",
-				"p", self->key.p,
-				"q", self->key.q,
-				"g", self->key.g,
-				"y", self->key.y);
+				"p", self->params.p,
+				"q", self->params.q,
+				"g", self->params.g,
+				"y", self->key);
 }
 
 static void
 init_dsa_verifier(struct dsa_verifier *self)
 {
-  dsa_public_key_init(&self->key);
+  dsa_params_init(&self->params);
 
   self->super.verify = do_dsa_verify;
   self->super.public_spki_key = do_dsa_public_spki_key;
@@ -204,18 +205,18 @@ parse_ssh_dss_public(struct simple_buffer *buffer)
   NEW(dsa_verifier, res);
   init_dsa_verifier(res);
 
-  if (parse_bignum(buffer, res->key.p, DSA_SHA1_MAX_OCTETS)
-      && (mpz_sgn(res->key.p) == 1)
-      && parse_bignum(buffer, res->key.q, DSA_SHA1_Q_OCTETS)
-      && (mpz_sgn(res->key.q) == 1)
-      && mpz_sizeinbase(res->key.q, 2) == DSA_SHA1_Q_BITS
-      && (mpz_cmp(res->key.q, res->key.p) < 0) /* q < p */ 
-      && parse_bignum(buffer, res->key.g, DSA_SHA1_MAX_OCTETS)
-      && (mpz_sgn(res->key.g) == 1)
-      && (mpz_cmp(res->key.g, res->key.p) < 0) /* g < p */ 
-      && parse_bignum(buffer, res->key.y, DSA_SHA1_MAX_OCTETS) 
-      && (mpz_sgn(res->key.y) == 1)
-      && (mpz_cmp(res->key.y, res->key.p) < 0) /* y < p */
+  if (parse_bignum(buffer, res->params.p, DSA_SHA1_MAX_OCTETS)
+      && (mpz_sgn(res->params.p) == 1)
+      && parse_bignum(buffer, res->params.q, DSA_SHA1_Q_OCTETS)
+      && (mpz_sgn(res->params.q) == 1)
+      && mpz_sizeinbase(res->params.q, 2) == DSA_SHA1_Q_BITS
+      && (mpz_cmp(res->params.q, res->params.p) < 0) /* q < p */ 
+      && parse_bignum(buffer, res->params.g, DSA_SHA1_MAX_OCTETS)
+      && (mpz_sgn(res->params.g) == 1)
+      && (mpz_cmp(res->params.g, res->params.p) < 0) /* g < p */ 
+      && parse_bignum(buffer, res->key, DSA_SHA1_MAX_OCTETS) 
+      && (mpz_sgn(res->key) == 1)
+      && (mpz_cmp(res->key, res->params.p) < 0) /* y < p */
       && parse_eod(buffer))
     
     return &res->super;
@@ -249,6 +250,7 @@ do_dsa_sign(struct signer *c,
   CAST(dsa_signer, self, c);
   struct dsa_signature sv;
   struct sha1_ctx hash;
+  uint8_t digest[SHA1_DIGEST_SIZE];
   struct lsh_string *signature;
 
   trace("do_dsa_sign: Signing according to %a\n", algorithm);
@@ -256,9 +258,10 @@ do_dsa_sign(struct signer *c,
   dsa_signature_init(&sv);
   sha1_init(&hash);
   sha1_update(&hash, msg_length, msg);
+  sha1_digest(&hash, sizeof(digest), digest);
 
-  if (dsa_sha1_sign(&self->verifier->key, &self->key,
-		NULL, lsh_random, &hash, &sv))
+  if (dsa_sign(&self->verifier->params, self->key,
+	       NULL, lsh_random, sizeof(digest), digest, &sv))
     /* Build signature */
     switch (algorithm)
       {
@@ -310,7 +313,7 @@ make_dsa_verifier(struct signature_algorithm *self UNUSED,
   NEW(dsa_verifier, res);
   init_dsa_verifier(res);
 
-  if (dsa_keypair_from_sexp_alist(&res->key, NULL,
+  if (dsa_keypair_from_sexp_alist(&res->params, res->key, NULL,
 				  DSA_SHA1_MAX_BITS, DSA_SHA1_Q_BITS,
 				  i))
     return &res->super;
@@ -328,9 +331,7 @@ make_dsa_signer(struct signature_algorithm *self UNUSED,
 
   init_dsa_verifier(verifier);
   
-  dsa_private_key_init(&res->key);
-
-  if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key,
+  if (dsa_keypair_from_sexp_alist(&verifier->params, verifier->key, res->key,
 				  DSA_SHA1_MAX_BITS, DSA_SHA1_Q_BITS,
 				  i))
     {
@@ -375,6 +376,7 @@ do_dsa_sha256_verify(struct verifier *c, int algorithm,
 {
   CAST(dsa_verifier, self, c);
   struct sha256_ctx hash;
+  uint8_t digest[SHA256_DIGEST_SIZE];
 
   struct simple_buffer buffer;
 
@@ -411,8 +413,9 @@ do_dsa_sha256_verify(struct verifier *c, int algorithm,
 
   sha256_init(&hash);
   sha256_update(&hash, length, msg);
+  sha256_digest(&hash, sizeof(digest), digest);
   
-  res = dsa_sha256_verify(&self->key, &hash, &sv);
+  res = dsa_verify(&self->params, self->key, sizeof(digest), digest, &sv);
  fail:
 
   dsa_signature_clear(&sv);
@@ -427,8 +430,8 @@ do_dsa_sha256_public_key(struct verifier *s)
   CAST(dsa_verifier, self, s);
   return ssh_format("%a%n%n%n%n",
 		    ATOM_SSH_DSA,
-		    self->key.p, self->key.q,
-		    self->key.g, self->key.y);
+		    self->params.p, self->params.q,
+		    self->params.g, self->key);
 }
 
 static struct lsh_string *
@@ -439,23 +442,23 @@ do_dsa_sha256_public_spki_key(struct verifier *s, int transport)
   return lsh_string_format_sexp(transport,
 				"(%0s(%0s(%0s%b)(%0s%b)(%0s%b)(%0s%b)))",
 				"public-key",  "dsa-sha256",
-				"p", self->key.p,
-				"q", self->key.q,
-				"g", self->key.g,
-				"y", self->key.y);
+				"p", self->params.p,
+				"q", self->params.q,
+				"g", self->params.g,
+				"y", self->key);
 }
 
 static void
 init_dsa_sha256_verifier(struct dsa_verifier *self)
 {
-  dsa_public_key_init(&self->key);
+  dsa_params_init(&self->params);
 
   self->super.verify = do_dsa_sha256_verify;
   self->super.public_spki_key = do_dsa_sha256_public_spki_key;
   self->super.public_key = do_dsa_sha256_public_key;
 }
 
-
+/* FIXME: Duplicated code with plain ssh_dss. */
 /* Alternative constructor using a key of type ssh-dsa-sha256, when
  * the atom "ssh-dss" is already read from the buffer. */
 struct verifier *
@@ -464,18 +467,18 @@ parse_ssh_dsa_sha256_public(struct simple_buffer *buffer)
   NEW(dsa_verifier, res);
   init_dsa_verifier(res);
 
-  if (parse_bignum(buffer, res->key.p, DSA_SHA256_MAX_OCTETS)
-      && (mpz_sgn(res->key.p) == 1)
-      && parse_bignum(buffer, res->key.q, DSA_SHA256_Q_OCTETS)
-      && (mpz_sgn(res->key.q) == 1)
-      && mpz_sizeinbase(res->key.q, 2) == DSA_SHA256_Q_BITS
-      && (mpz_cmp(res->key.q, res->key.p) < 0) /* q < p */ 
-      && parse_bignum(buffer, res->key.g, DSA_SHA256_MAX_OCTETS)
-      && (mpz_sgn(res->key.g) == 1)
-      && (mpz_cmp(res->key.g, res->key.p) < 0) /* g < p */ 
-      && parse_bignum(buffer, res->key.y, DSA_SHA256_MAX_OCTETS) 
-      && (mpz_sgn(res->key.y) == 1)
-      && (mpz_cmp(res->key.y, res->key.p) < 0) /* y < p */
+  if (parse_bignum(buffer, res->params.p, DSA_SHA256_MAX_OCTETS)
+      && (mpz_sgn(res->params.p) == 1)
+      && parse_bignum(buffer, res->params.q, DSA_SHA256_Q_OCTETS)
+      && (mpz_sgn(res->params.q) == 1)
+      && mpz_sizeinbase(res->params.q, 2) == DSA_SHA256_Q_BITS
+      && (mpz_cmp(res->params.q, res->params.p) < 0) /* q < p */ 
+      && parse_bignum(buffer, res->params.g, DSA_SHA256_MAX_OCTETS)
+      && (mpz_sgn(res->params.g) == 1)
+      && (mpz_cmp(res->params.g, res->params.p) < 0) /* g < p */ 
+      && parse_bignum(buffer, res->key, DSA_SHA256_MAX_OCTETS) 
+      && (mpz_sgn(res->key) == 1)
+      && (mpz_cmp(res->key, res->params.p) < 0) /* y < p */
       && parse_eod(buffer))
     
     return &res->super;
@@ -499,6 +502,7 @@ do_dsa_sha256_sign(struct signer *c,
   CAST(dsa_signer, self, c);
   struct dsa_signature sv;
   struct sha256_ctx hash;
+  uint8_t digest[SHA256_DIGEST_SIZE];
   struct lsh_string *signature;
 
   trace("do_dsa_sign: Signing according to %a\n", algorithm);
@@ -506,9 +510,10 @@ do_dsa_sha256_sign(struct signer *c,
   dsa_signature_init(&sv);
   sha256_init(&hash);
   sha256_update(&hash, msg_length, msg);
+  sha256_digest(&hash, sizeof(digest), digest);
 
-  if (dsa_sha256_sign(&self->verifier->key, &self->key,
-		      NULL, lsh_random, &hash, &sv))
+  if (dsa_sign(&self->verifier->params, self->key,
+	       NULL, lsh_random, sizeof(digest), digest, &sv))
     /* Build signature */
     switch (algorithm)
       {
@@ -554,7 +559,7 @@ make_dsa_sha256_verifier(struct signature_algorithm *self UNUSED,
   NEW(dsa_verifier, res);
   init_dsa_sha256_verifier(res);
 
-  if (dsa_keypair_from_sexp_alist(&res->key, NULL,
+  if (dsa_keypair_from_sexp_alist(&res->params, res->key, NULL,
 				  DSA_SHA256_MAX_BITS, DSA_SHA256_Q_BITS,
 				  i))
     return &res->super;
@@ -572,9 +577,7 @@ make_dsa_sha256_signer(struct signature_algorithm *self UNUSED,
 
   init_dsa_verifier(verifier);
   
-  dsa_private_key_init(&res->key);
-
-  if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key,
+  if (dsa_keypair_from_sexp_alist(&verifier->params, verifier->key, res->key,
 				  DSA_SHA256_MAX_BITS, DSA_SHA256_Q_BITS,
 				  i))
     {
diff --git a/src/dummy.c b/src/dummy.c
index 95ff4fc98..809332e21 100644
--- a/src/dummy.c
+++ b/src/dummy.c
@@ -76,12 +76,12 @@ hmac_digest(const void *outer UNUSED, const void *inner UNUSED, void *state UNUS
 	    unsigned length UNUSED, uint8_t *digest UNUSED)
 { abort(); }
 
-unsigned
+size_t
 sexp_vformat(struct nettle_buffer *buffer UNUSED,
 	     const char *format UNUSED, va_list args UNUSED)
 { abort(); }
 
-unsigned
+size_t
 sexp_transport_vformat(struct nettle_buffer *buffer UNUSED,
 		       const char *format UNUSED, va_list args UNUSED)
 { abort(); }
diff --git a/src/lsh-keygen.c b/src/lsh-keygen.c
index a82663c33..ffd87decc 100644
--- a/src/lsh-keygen.c
+++ b/src/lsh-keygen.c
@@ -476,54 +476,64 @@ progress(void *ctx UNUSED, int c)
 static struct lsh_string *
 dsa_sha1_generate_key(unsigned bits)
 {
-  struct dsa_public_key public;
-  struct dsa_private_key private;
+  struct dsa_params params;
   struct lsh_string *key = NULL;
 
-  dsa_public_key_init(&public);
-  dsa_private_key_init(&private);
+  dsa_params_init(&params);
 
-  if (dsa_generate_keypair(&public, &private,
-			   NULL, lsh_random,
-			   NULL, progress,
-			   bits, 160))
+  if (dsa_generate_params(&params,
+			  NULL, lsh_random,
+			  NULL, progress,
+			  bits, 160))
     {
+      mpz_t public;
+      mpz_t private;
+      mpz_init(public);
+      mpz_init(private);
+
+      dsa_generate_keypair(&params, public, private,
+			   NULL, lsh_random);
       key =
 	lsh_string_format_sexp(0,
 			       "(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))",
-			       public.p, public.q, public.g, public.y,
-			       private.x);
+			       params.p, params.q, params.g, public, private);
+      mpz_clear(public);
+      mpz_clear(private);
     }
 
-  dsa_public_key_clear(&public);
-  dsa_private_key_clear(&private);
+  dsa_params_clear(&params);
   return key;
 }
 
 static struct lsh_string *
 dsa_sha256_generate_key(unsigned bits)
 {
-  struct dsa_public_key public;
-  struct dsa_private_key private;
+  struct dsa_params params;
   struct lsh_string *key = NULL;
 
-  dsa_public_key_init(&public);
-  dsa_private_key_init(&private);
+  dsa_params_init(&params);
 
-  if (dsa_generate_keypair(&public, &private,
-			   NULL, lsh_random,
-			   NULL, progress,
-			   bits, 256))
+  if (dsa_generate_params(&params,
+			  NULL, lsh_random,
+			  NULL, progress,
+			  bits, 256))
     {
+      mpz_t public;
+      mpz_t private;
+      mpz_init(public);
+      mpz_init(private);
+
+      dsa_generate_keypair(&params, public, private,
+			   NULL, lsh_random);
       key =
 	lsh_string_format_sexp(0,
 			       "(private-key(dsa-sha256(p%b)(q%b)(g%b)(y%b)(x%b)))",
-			       public.p, public.q, public.g, public.y,
-			       private.x);
+			       params.p, params.q, params.g, public, private);
+      mpz_clear(public);
+      mpz_clear(private);
     }
 
-  dsa_public_key_clear(&public);
-  dsa_private_key_clear(&private);
+  dsa_params_clear(&params);
   return key;
 }
 
diff --git a/src/lsh_string.c b/src/lsh_string.c
index 6aade2c0a..661004330 100644
--- a/src/lsh_string.c
+++ b/src/lsh_string.c
@@ -458,7 +458,7 @@ lsh_string_cbc_encrypt(struct lsh_string *dst, uint32_t di,
 		       const struct lsh_string *src, uint32_t si,
 		       uint32_t length,
 		       uint32_t block_size, uint8_t *iv,
-		       nettle_crypt_func f, void *ctx)
+		       nettle_cipher_func f, void *ctx)
 {
   ASSERT_ROOM(dst, di, length);
   ASSERT_ROOM(src, si, length);
@@ -476,7 +476,7 @@ lsh_string_cbc_decrypt(struct lsh_string *dst, uint32_t di,
 		       const struct lsh_string *src, uint32_t si,
 		       uint32_t length,
 		       uint32_t block_size, uint8_t *iv,
-		       nettle_crypt_func f, void *ctx)
+		       nettle_cipher_func f, void *ctx)
 {
   ASSERT_ROOM(dst, di, length);
   ASSERT_ROOM(src, si, length);
@@ -494,7 +494,7 @@ lsh_string_ctr_crypt(struct lsh_string *dst, uint32_t di,
 		     const struct lsh_string *src, uint32_t si,
 		     uint32_t length,
 		     uint32_t block_size, uint8_t *iv,
-		     nettle_crypt_func f, void *ctx)
+		     nettle_cipher_func f, void *ctx)
 {
   ASSERT_ROOM(dst, di, length);
   ASSERT_ROOM(src, si, length);
@@ -545,7 +545,7 @@ lsh_string_format_sexp(int transport, const char *format, ...)
   unsigned length;
   struct nettle_buffer buffer;
 
-  unsigned (*vformat)(struct nettle_buffer *, const char *, va_list)
+  size_t (*vformat)(struct nettle_buffer *, const char *, va_list)
     = transport ? sexp_transport_vformat : sexp_vformat;
   
   va_start(args, format);
@@ -570,7 +570,7 @@ int
 lsh_string_base64_decode(struct lsh_string *s)
 {
   struct base64_decode_ctx ctx;
-  uint32_t done = s->length;
+  size_t done = s->length;
 
   base64_decode_init(&ctx);
 
diff --git a/src/lsh_string.h b/src/lsh_string.h
index 3adf7ef98..6b35ef03f 100644
--- a/src/lsh_string.h
+++ b/src/lsh_string.h
@@ -141,21 +141,21 @@ lsh_string_cbc_encrypt(struct lsh_string *dst, uint32_t di,
 		       const struct lsh_string *src, uint32_t si,
 		       uint32_t length,
 		       uint32_t block_size, uint8_t *iv,
-		       nettle_crypt_func f, void *ctx);
+		       nettle_cipher_func f, void *ctx);
 
 void
 lsh_string_cbc_decrypt(struct lsh_string *dst, uint32_t di,
 		       const struct lsh_string *src, uint32_t si,
 		       uint32_t length,
 		       uint32_t block_size, uint8_t *iv,
-		       nettle_crypt_func f, void *ctx);
+		       nettle_cipher_func f, void *ctx);
 
 void
 lsh_string_ctr_crypt(struct lsh_string *dst, uint32_t di,
 		     const struct lsh_string *src, uint32_t si,
 		     uint32_t length,
 		     uint32_t block_size, uint8_t *iv,
-		     nettle_crypt_func f, void *ctx);
+		     nettle_cipher_func f, void *ctx);
 
 void
 lsh_string_write_hash(struct lsh_string *s, uint32_t start,
diff --git a/src/randomness.h b/src/randomness.h
index 68d64a95d..87c381bc5 100644
--- a/src/randomness.h
+++ b/src/randomness.h
@@ -62,6 +62,6 @@ random_init_system(void);
 
 /* Randomness function matching nettle's expectations. */
 void
-lsh_random(void *ctx, unsigned length, uint8_t *data);
+lsh_random(void *ctx, size_t length, uint8_t *data);
 
 #endif /* LSH_RANDOMNESS_H_INCLUDED */
diff --git a/src/sexp.c b/src/sexp.c
index dce93d9a5..aebb92ea1 100644
--- a/src/sexp.c
+++ b/src/sexp.c
@@ -97,7 +97,7 @@ lsh_sexp_to_string(struct sexp_iterator *i, struct lsh_string **display)
 struct lsh_string *
 lsh_sexp_copy(struct sexp_iterator *i)
 {
-  unsigned length;
+  size_t length;
   const uint8_t *subexpr = sexp_iterator_subexpr(i, &length);
 
   return subexpr ? ssh_format("%ls", length, subexpr) : NULL;
diff --git a/src/testsuite/testutils.c b/src/testsuite/testutils.c
index 3138a1b5b..ea1b5316f 100644
--- a/src/testsuite/testutils.c
+++ b/src/testsuite/testutils.c
@@ -176,7 +176,7 @@ random_generate(uint32_t length, uint8_t *dst)
 }
 
 void
-lsh_random(void *ctx UNUSED, unsigned length, uint8_t *dst)
+lsh_random(void *ctx UNUSED, size_t length, uint8_t *dst)
 {
   knuth_lfib_random(&bad_random, length, dst);
 }
diff --git a/src/unix_random.c b/src/unix_random.c
index f741eb62e..2359bc3e7 100644
--- a/src/unix_random.c
+++ b/src/unix_random.c
@@ -377,7 +377,7 @@ random_init_system(void)
 /* Wrapper for using lsh's randomness generator with nettle
  * functions. */
 void
-lsh_random(void *x UNUSED, unsigned length, uint8_t *data)
+lsh_random(void *x UNUSED, size_t length, uint8_t *data)
 {
   random_generate(length, data);
 }
-- 
GitLab