From f2c05ae4ad6b03e43df01bded886f13e8a5dbe61 Mon Sep 17 00:00:00 2001
From: Yury Martynov <email@linxon.ru>
Date: Fri, 8 Nov 2019 23:25:39 +0300
Subject: [PATCH] hashkill: EAPI bump, update for testing, add openssl 1.1.0
 API support

---
 app-crypt/hashkill/Manifest                   |   2 +-
 .../files/0001-fix-json-c-detect.patch        |  39 ++
 .../0002-add-openssl-1.1.0-api-support.patch  | 650 ++++++++++++++++++
 ...place-tempnam-to-mkdtemp-in-lzma.patch.bak |  50 ++
 .../files/0004-other-minor-fixes.patch        | 112 +++
 app-crypt/hashkill/hashkill-0.3.1-r1.ebuild   |  53 --
 .../hashkill/hashkill-0.3.1_p20131031.ebuild  |  92 ---
 .../hashkill/hashkill-0.3.1_p20140204.ebuild  | 122 ++--
 app-crypt/hashkill/hashkill-9999.ebuild       | 114 +--
 app-crypt/hashkill/metadata.xml               |  13 +
 10 files changed, 1007 insertions(+), 240 deletions(-)
 create mode 100644 app-crypt/hashkill/files/0001-fix-json-c-detect.patch
 create mode 100644 app-crypt/hashkill/files/0002-add-openssl-1.1.0-api-support.patch
 create mode 100644 app-crypt/hashkill/files/0003-replace-tempnam-to-mkdtemp-in-lzma.patch.bak
 create mode 100644 app-crypt/hashkill/files/0004-other-minor-fixes.patch
 delete mode 100644 app-crypt/hashkill/hashkill-0.3.1-r1.ebuild
 delete mode 100644 app-crypt/hashkill/hashkill-0.3.1_p20131031.ebuild
 create mode 100644 app-crypt/hashkill/metadata.xml

diff --git a/app-crypt/hashkill/Manifest b/app-crypt/hashkill/Manifest
index 5679d80ad..ed1a7117a 100644
--- a/app-crypt/hashkill/Manifest
+++ b/app-crypt/hashkill/Manifest
@@ -1 +1 @@
-DIST hashkill-0.3.1.tar.gz 16872469 SHA256 1f72d60e45eb97f6408f9ae3d708f7f4ecb50fc8be43ab2fc4e199800b1c2bdd SHA512 696a6621d3b6c03f08021dd3a4e2716038e9e49ecf5347068d9e1b25d607decaf4d28b7aeb617aebcd26ea24e726f87229b5d02fbd54c7f4aa189c194e629c83 WHIRLPOOL 678cbada15e1b5ddb2335958c1860e1c6339140c53aad04c23373fc6242f5a99f4b0557e4b2a8c3bef35984000bf0149fc80def4e365eae1aeab2d33ba54f743
+DIST hashkill-0.3.1_p20140204.tar.gz 17241447 BLAKE2B 3b9240092432eb1b7d5953ac0146ed92ed5882325d8636203409c78841f4bd1d00bfefb3d8ed82f36f91f9d4d5204f3cc052e9697b934379047399ba82b1d046 SHA512 60285b8b6d426e52cdf9ea12a9b457ac7ac217e511fb1df79c27f14d1712db2f785b73fc72b576e89b0ecfa0c5dc5973a89920742b4e42fd33f72237ca0e14fa
diff --git a/app-crypt/hashkill/files/0001-fix-json-c-detect.patch b/app-crypt/hashkill/files/0001-fix-json-c-detect.patch
new file mode 100644
index 000000000..bf0406b23
--- /dev/null
+++ b/app-crypt/hashkill/files/0001-fix-json-c-detect.patch
@@ -0,0 +1,39 @@
+From b075cd4bebe26754b2b5e6996c1f40c48e27cbdb Mon Sep 17 00:00:00 2001
+From: Yury Martynov <email@linxon.ru>
+Date: Fri, 8 Nov 2019 13:47:53 +0300
+Subject: [PATCH] fix json-c detect
+
+---
+ json.m4        | 2 +-
+ src/sessions.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/json.m4 b/json.m4
+index c6d57ad..aca2c0f 100644
+--- a/json.m4
++++ b/json.m4
+@@ -64,7 +64,7 @@ fi
+         AC_LANG_SAVE
+         AC_LANG_C
+         AC_CHECK_LIB(json-c, json_tokener_parse, [jsonlib_cv_libjson=yes], [jsonlib_cv_libjson=no])
+-            AC_CHECK_HEADER(json/json.h, [jsonlib_cv_jsonlib_h=yes], [jsonlib_cv_jsonlib_h=no])
++            AC_CHECK_HEADER(json-c/json.h, [jsonlib_cv_jsonlib_h=yes], [jsonlib_cv_jsonlib_h=no])
+         AC_LANG_RESTORE
+         if test "$jsonlib_cv_libjson" = "yes" -a "$jsonlib_cv_jsonlib_h" = "yes" -a "$withval" != "no"
+         then
+diff --git a/src/sessions.c b/src/sessions.c
+index 63dafe9..e4784de 100644
+--- a/src/sessions.c
++++ b/src/sessions.c
+@@ -44,7 +44,7 @@
+ #include "sessions.h"
+ 
+ #ifdef HAVE_JSON_JSON_H
+-#include <json/json.h>
++#include <json-c/json.h>
+ #endif
+ 
+ 
+-- 
+2.23.0
+
diff --git a/app-crypt/hashkill/files/0002-add-openssl-1.1.0-api-support.patch b/app-crypt/hashkill/files/0002-add-openssl-1.1.0-api-support.patch
new file mode 100644
index 000000000..ad23c15d3
--- /dev/null
+++ b/app-crypt/hashkill/files/0002-add-openssl-1.1.0-api-support.patch
@@ -0,0 +1,650 @@
+From 91895483af2ea7dd7c2bc03dd9b806f2ebae7627 Mon Sep 17 00:00:00 2001
+From: Yury Martynov <email@linxon.ru>
+Date: Fri, 8 Nov 2019 13:45:15 +0300
+Subject: [PATCH] add openssl-1.1.0 api support
+
+---
+ src/hashinterface.c   | 136 +++++++++++++++++++++++++++++++++++++++++-
+ src/ocl_dmg.c         |  66 +++++++++++++++++++-
+ src/plugins/dmg.c     |  67 ++++++++++++++++++++-
+ src/plugins/mozilla.c |  10 ++++
+ 4 files changed, 275 insertions(+), 4 deletions(-)
+
+diff --git a/src/hashinterface.c b/src/hashinterface.c
+index 42daaee..ccbb422 100644
+--- a/src/hashinterface.c
++++ b/src/hashinterface.c
+@@ -943,10 +943,16 @@ void hash_proto_pbkdf512(const char *pass,int len, unsigned char *salt, int salt
+     unsigned char digtmp[SHA512_DIGEST_LENGTH], *p, itmp[4];
+     int cplen, j, k, tkeylen;
+     unsigned long i = 1;
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX hctx;
++#else
++    HMAC_CTX *hctx = HMAC_CTX_new();
++#endif
+     int passlen = len;
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_init(&hctx);
++#endif
+     p = out;
+     tkeylen = keylen;
+     if(!pass) passlen = 0;
+@@ -958,10 +964,17 @@ void hash_proto_pbkdf512(const char *pass,int len, unsigned char *salt, int salt
+         itmp[1] = (unsigned char)((i >> 16) & 0xff);
+         itmp[2] = (unsigned char)((i >> 8) & 0xff);
+         itmp[3] = (unsigned char)(i & 0xff);
++#if OPENSSL_API_COMPAT > 0x10100000L
+         HMAC_Init_ex(&hctx, pass, passlen, EVP_sha512(), NULL);
+         HMAC_Update(&hctx, salt, saltlen);
+         HMAC_Update(&hctx, itmp, 4);
+         HMAC_Final(&hctx, digtmp, NULL);
++#else
++        HMAC_Init_ex(hctx, pass, passlen, EVP_sha512(), NULL);
++        HMAC_Update(hctx, salt, saltlen);
++        HMAC_Update(hctx, itmp, 4);
++        HMAC_Final(hctx, digtmp, NULL);     
++#endif
+         memcpy(p, digtmp, cplen);
+         for(j = 1; j < iter; j++) 
+         {
+@@ -972,7 +985,11 @@ void hash_proto_pbkdf512(const char *pass,int len, unsigned char *salt, int salt
+ 	i++;
+ 	p+= cplen;
+     }
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_cleanup(&hctx);
++#else
++    HMAC_CTX_free(hctx);
++#endif
+ }
+ 
+ 
+@@ -982,10 +999,18 @@ void hash_proto_pbkdfrmd160(const char *pass,int len, unsigned char *salt, int s
+     unsigned char digtmp[RIPEMD160_DIGEST_LENGTH], *p, itmp[4];
+     int cplen, j, k, tkeylen;
+     unsigned long i = 1;
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX hctx;
++#else
++    HMAC_CTX *hctx = HMAC_CTX_new();
++#endif
++    
+     int passlen = len;
+ 
++
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_init(&hctx);
++#endif
+     p = out;
+     tkeylen = keylen;
+     if(!pass) passlen = 0;
+@@ -997,10 +1022,17 @@ void hash_proto_pbkdfrmd160(const char *pass,int len, unsigned char *salt, int s
+         itmp[1] = (unsigned char)((i >> 16) & 0xff);
+         itmp[2] = (unsigned char)((i >> 8) & 0xff);
+         itmp[3] = (unsigned char)(i & 0xff);
++#if OPENSSL_API_COMPAT > 0x10100000L
+         HMAC_Init_ex(&hctx, pass, passlen, EVP_ripemd160(), NULL);
+         HMAC_Update(&hctx, salt, saltlen);
+         HMAC_Update(&hctx, itmp, 4);
+         HMAC_Final(&hctx, digtmp, NULL);
++#else
++        HMAC_Init_ex(hctx, pass, passlen, EVP_ripemd160(), NULL);
++        HMAC_Update(hctx, salt, saltlen);
++        HMAC_Update(hctx, itmp, 4);
++        HMAC_Final(hctx, digtmp, NULL);
++#endif     
+         memcpy(p, digtmp, cplen);
+         for(j = 1; j < iter; j++) 
+         {
+@@ -1011,7 +1043,11 @@ void hash_proto_pbkdfrmd160(const char *pass,int len, unsigned char *salt, int s
+ 	i++;
+ 	p+= cplen;
+     }
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_cleanup(&hctx);
++#else
++    HMAC_CTX_free(hctx);
++#endif
+ }
+ 
+ 
+@@ -1021,10 +1057,17 @@ void hash_proto_pbkdfwhirlpool(const char *pass,int len, unsigned char *salt, in
+     unsigned char digtmp[WHIRLPOOL_DIGEST_LENGTH], *p, itmp[4];
+     int cplen, j, k, tkeylen;
+     unsigned long i = 1;
++
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX hctx;
++#else
++    HMAC_CTX *hctx = HMAC_CTX_new();
++#endif
+     int passlen = len;
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_init(&hctx);
++#endif
+     p = out;
+     tkeylen = keylen;
+     if(!pass) passlen = 0;
+@@ -1036,10 +1079,17 @@ void hash_proto_pbkdfwhirlpool(const char *pass,int len, unsigned char *salt, in
+         itmp[1] = (unsigned char)((i >> 16) & 0xff);
+         itmp[2] = (unsigned char)((i >> 8) & 0xff);
+         itmp[3] = (unsigned char)(i & 0xff);
++#if OPENSSL_API_COMPAT > 0x10100000L
+         HMAC_Init_ex(&hctx, pass, passlen, EVP_whirlpool(), NULL);
+         HMAC_Update(&hctx, salt, saltlen);
+         HMAC_Update(&hctx, itmp, 4);
+         HMAC_Final(&hctx, digtmp, NULL);
++#else
++        HMAC_Init_ex(hctx, pass, passlen, EVP_whirlpool(), NULL);
++        HMAC_Update(hctx, salt, saltlen);
++        HMAC_Update(hctx, itmp, 4);
++        HMAC_Final(hctx, digtmp, NULL);
++#endif
+         memcpy(p, digtmp, cplen);
+         for(j = 1; j < iter; j++) 
+         {
+@@ -1050,7 +1100,11 @@ void hash_proto_pbkdfwhirlpool(const char *pass,int len, unsigned char *salt, in
+ 	i++;
+ 	p+= cplen;
+     }
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_cleanup(&hctx);
++#else
++    HMAC_CTX_free(hctx);
++#endif
+ }
+ 
+ 
+@@ -1060,26 +1114,48 @@ void hash_proto_pbkdfwhirlpool(const char *pass,int len, unsigned char *salt, in
+ /* HMAC_SHA1 from OpenSSL  */
+ void hash_proto_hmac_sha1(void *key, int keylen, unsigned char *data, int datalen, unsigned char *output, int outputlen)
+ {
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX ctx;
++#else
++    HMAC_CTX *ctx = HMAC_CTX_new();
++#endif
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_init(&ctx);
+     HMAC_Init_ex(&ctx, key, keylen, EVP_sha1(),NULL);
+     HMAC_Update(&ctx, data, datalen);
+     HMAC_Final(&ctx, output, (unsigned int *)&outputlen);
+     HMAC_CTX_cleanup(&ctx);
++#else
++    HMAC_Init_ex(ctx, key, keylen, EVP_sha1(),NULL);
++    HMAC_Update(ctx, data, datalen);
++    HMAC_Final(ctx, output, (unsigned int *)&outputlen);
++    HMAC_CTX_free(ctx);
++#endif
+ }
+ 
+ 
+ /* HMAC_MD5 from OpenSSL  */
+ void hash_proto_hmac_md5(void *key, int keylen, unsigned char *data, int datalen, unsigned char *output, int outputlen)
+ {
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX ctx;
++#else
++    HMAC_CTX *ctx = HMAC_CTX_new();
++#endif
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_init(&ctx);
+     HMAC_Init_ex(&ctx, key, keylen, EVP_md5(),NULL);
+     HMAC_Update(&ctx, data, datalen);
+     HMAC_Final(&ctx, output, (unsigned int *)&outputlen);
+     HMAC_CTX_cleanup(&ctx);
++#else
++    HMAC_Init_ex(ctx, key, keylen, EVP_md5(),NULL);
++    HMAC_Update(ctx, data, datalen);
++    HMAC_Final(ctx, output, (unsigned int *)&outputlen);
++    HMAC_CTX_free(ctx);
++#endif
+ }
+ 
+ 
+@@ -1092,10 +1168,18 @@ void hash_proto_hmac_sha1_file(void *key, int keylen, char *filename, long offse
+     unsigned char buf[4096];
+     long localoff;
+     int bufread;
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX ctx;
++#else
++    HMAC_CTX *ctx = HMAC_CTX_new();
++#endif
+     
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_init(&ctx);
+     HMAC_Init(&ctx, key, keylen, EVP_sha1());
++#else
++    HMAC_Init_ex(ctx, key, keylen, EVP_sha1(), NULL);
++#endif
+     fd = open(filename, O_RDONLY);
+     if (fd<1)
+     {
+@@ -1122,12 +1206,24 @@ void hash_proto_hmac_sha1_file(void *key, int keylen, char *filename, long offse
+ 	    localoff += 4096;
+ 	}
+ 	read(fd, buf, bufread);
++#if OPENSSL_API_COMPAT > 0x10100000L
+ 	HMAC_Update(&ctx, buf, bufread);
++#else
++    HMAC_Update(ctx, buf, bufread);
++#endif
+     }
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_Final(&ctx, output, (unsigned int *)&outputlen);
++#else
++    HMAC_Final(ctx, output, (unsigned int *)&outputlen);
++#endif
+     close(fd);
++#if OPENSSL_API_COMPAT > 0x10100000L
+     HMAC_CTX_cleanup(&ctx);
++#else
++    HMAC_CTX_free(ctx);
++#endif
+ }
+ 
+ 
+@@ -1306,16 +1402,29 @@ void hash_proto_des_ecb_encrypt(const unsigned char *key, int keysize, const uns
+ 
+ #ifndef HAVE_SSE2
+     int a;
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX ctx;
++#else
++    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++#endif
++    
+     int outl;
+     for (a=0;a<vectorsize;a++)
+     {
++#if OPENSSL_API_COMPAT > 0x10100000L
+ 	EVP_CIPHER_CTX_init(&ctx); 
+ 	EVP_EncryptInit_ex(&ctx, EVP_des_ecb(), NULL, key, NULL); 
+ 	EVP_CIPHER_CTX_set_padding(&ctx, mode); 
+ 	EVP_EncryptUpdate(&ctx, out[a], &outl, in[a], len);
+ 	EVP_EncryptFinal_ex(&ctx, out[a], &outl);
+ 	EVP_CIPHER_CTX_cleanup(&ctx); 
++#else
++    EVP_EncryptInit_ex(ctx, EVP_des_ecb(), NULL, key, NULL); 
++    EVP_CIPHER_CTX_set_padding(ctx, mode); 
++    EVP_EncryptUpdate(ctx, out[a], &outl, in[a], len);
++    EVP_EncryptFinal_ex(ctx, out[a], &outl);
++    EVP_CIPHER_CTX_free(ctx);
++#endif
+     }
+ #else
+     ODES_ONEBLOCK((char *)key, (char **)in, (char **)out);
+@@ -1327,15 +1436,28 @@ void hash_proto_des_ecb_encrypt(const unsigned char *key, int keysize, const uns
+ /* mode: use 0 for ECB and 1 for CBC */
+ void hash_proto_des_ecb_decrypt(const unsigned char *key, int keysize, const unsigned char *in, int len, unsigned char *out, int mode)
+ {
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX ctx;
++#else
++    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++#endif
++    
+     int outl;
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX_init(&ctx); 
+     EVP_DecryptInit_ex(&ctx, EVP_des_ecb(), NULL, key, NULL); 
+     EVP_CIPHER_CTX_set_padding(&ctx, mode); 
+     EVP_DecryptUpdate(&ctx, out, &outl, in, len);
+     EVP_DecryptFinal_ex(&ctx, out, &outl);
+-    EVP_CIPHER_CTX_cleanup(&ctx); 
++    EVP_CIPHER_CTX_cleanup(&ctx);
++#else
++    EVP_DecryptInit_ex(ctx, EVP_des_ecb(), NULL, key, NULL); 
++    EVP_CIPHER_CTX_set_padding(ctx, mode); 
++    EVP_DecryptUpdate(ctx, out, &outl, in, len);
++    EVP_DecryptFinal_ex(ctx, out, &outl);
++    EVP_CIPHER_CTX_free(ctx);
++#endif
+ }
+ 
+ 
+@@ -1390,14 +1512,26 @@ void hash_proto_lm(const unsigned char *in[VECTORSIZE], unsigned char *out[VECTO
+ /* mode: use 0 for no padding and 1 for padding */
+ void openssl_des_ecb_encrypt(const unsigned char *key, int keysize, const unsigned char *in, int len, unsigned char *out, int mode)
+ {
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX ctx;
++#else
++    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++#endif
+     int outl;
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX_init(&ctx); 
+     EVP_EncryptInit_ex(&ctx, EVP_des_ecb(), NULL, key, NULL); 
+     EVP_CIPHER_CTX_set_padding(&ctx, mode); 
+     EVP_EncryptUpdate(&ctx, out, &outl, in, len);
+     EVP_EncryptFinal_ex(&ctx, out, &outl);
+     EVP_CIPHER_CTX_cleanup(&ctx); 
++#else
++    EVP_EncryptInit_ex(ctx, EVP_des_ecb(), NULL, key, NULL); 
++    EVP_CIPHER_CTX_set_padding(ctx, mode); 
++    EVP_EncryptUpdate(ctx, out, &outl, in, len);
++    EVP_EncryptFinal_ex(ctx, out, &outl);
++    EVP_CIPHER_CTX_free(ctx); 
++#endif
+ }
+ 
+ 
+diff --git a/src/ocl_dmg.c b/src/ocl_dmg.c
+index 043ed38..f43c9d5 100644
+--- a/src/ocl_dmg.c
++++ b/src/ocl_dmg.c
+@@ -137,7 +137,12 @@ static void header2_byteorder_fix(cencrypted_v2_pwheader *pwhdr)
+ 
+ static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_key_len, unsigned char *decryptKey) 
+ {
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX ctx;
++#else
++    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++#endif
++
+     unsigned char *TEMP1, *TEMP2, *CEKICV;
+     unsigned char IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
+     int outlen, tmplen, i;
+@@ -147,6 +152,7 @@ static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_ke
+     TEMP2 = alloca(wrapped_key_len);
+     CEKICV = alloca(wrapped_key_len);
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX_init(&ctx);
+     EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
+ 
+@@ -177,6 +183,37 @@ static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_ke
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_cleanup(&ctx);
++#else
++    EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
++
++    if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) 
++    {
++        return(-1);
++    }
++    if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) 
++    {
++        return(-1);
++    }
++    outlen += tmplen;
++    EVP_CIPHER_CTX_free(ctx);
++
++    for(i = 0; i < outlen; i++) 
++    {
++        TEMP2[i] = TEMP1[outlen - i - 1];
++    }
++    EVP_CIPHER_CTX_init(ctx);
++    EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
++    if(!EVP_DecryptUpdate(ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) 
++    {
++        return(-1);
++    }
++    if(!EVP_DecryptFinal_ex(ctx, CEKICV + outlen, &tmplen)) 
++    {
++        return(-1);
++    }
++    outlen += tmplen;
++    EVP_CIPHER_CTX_free(ctx);
++#endif
+     return 0;
+ }
+ 
+@@ -295,8 +332,13 @@ static hash_stat check_dmg(unsigned char *derived_key, char *pwd)
+     }
+     else
+     {
++#if OPENSSL_API_COMPAT > 0x10100000L
+         EVP_CIPHER_CTX ctx;
+-	HMAC_CTX hmacsha1_ctx;
++        HMAC_CTX hmacsha1_ctx;
++#else
++        EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++        HMAC_CTX *hmacsha1_ctx = HMAC_CTX_new();
++#endif
+         unsigned char *TEMP1;
+         int outlen, tmplen;
+         AES_KEY aes_decrypt_key;
+@@ -304,12 +346,20 @@ static hash_stat check_dmg(unsigned char *derived_key, char *pwd)
+         unsigned char iv[20];
+ 
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+         EVP_CIPHER_CTX_init(&ctx);
+         TEMP1 = alloca(header2.encrypted_keyblob_size);
+         EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header2.blob_enc_iv);
+         EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header2.encrypted_keyblob, header2.encrypted_keyblob_size);
+         EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen);
+         EVP_CIPHER_CTX_cleanup(&ctx);
++#else
++        TEMP1 = alloca(header2.encrypted_keyblob_size);
++        EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header2.blob_enc_iv);
++        EVP_DecryptUpdate(ctx, TEMP1, &outlen, header2.encrypted_keyblob, header2.encrypted_keyblob_size);
++        EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen);
++        EVP_CIPHER_CTX_free(ctx);
++#endif
+         outlen += tmplen;
+         memcpy(aes_key_, TEMP1, 32);
+         memcpy(hmacsha1_key_, TEMP1, 20);
+@@ -320,11 +370,18 @@ static hash_stat check_dmg(unsigned char *derived_key, char *pwd)
+         if (header2.encrypted_keyblob_size==48)
+         {
+             cno=chunk_no;
++#if OPENSSL_API_COMPAT > 0x10100000L
+             HMAC_CTX_init(&hmacsha1_ctx);
+     	    HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
+     	    HMAC_Update(&hmacsha1_ctx, (void *) &cno, 4);
+     	    HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *)&mdlen);
+     	    HMAC_CTX_cleanup(&hmacsha1_ctx);
++#else
++            HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
++            HMAC_Update(hmacsha1_ctx, (void *) &cno, 4);
++            HMAC_Final(hmacsha1_ctx, iv, (unsigned int *)&mdlen);
++            HMAC_CTX_free(hmacsha1_ctx);
++#endif
+             OAES_SET_DECRYPT_KEY(aes_key_, 128, &aes_decrypt_key);
+             OAES_CBC_ENCRYPT(chunk2, outbuf2, 4096, &aes_decrypt_key, iv, AES_DECRYPT);
+ 
+@@ -350,11 +407,18 @@ static hash_stat check_dmg(unsigned char *derived_key, char *pwd)
+         else
+         {
+             cno=chunk_no;
++#if OPENSSL_API_COMPAT > 0x10100000L
+             HMAC_CTX_init(&hmacsha1_ctx);
+     	    HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
+     	    HMAC_Update(&hmacsha1_ctx, (void *) &cno, 4);
+     	    HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *)&mdlen);
+     	    HMAC_CTX_cleanup(&hmacsha1_ctx);
++#else
++            HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
++            HMAC_Update(hmacsha1_ctx, (void *) &cno, 4);
++            HMAC_Final(hmacsha1_ctx, iv, (unsigned int *)&mdlen);
++            HMAC_CTX_free(hmacsha1_ctx);
++#endif
+             OAES_SET_DECRYPT_KEY(aes_key_, 128*2, &aes_decrypt_key);
+             OAES_CBC_ENCRYPT(chunk2, outbuf2, 4096, &aes_decrypt_key, iv, AES_DECRYPT);
+ 
+diff --git a/src/plugins/dmg.c b/src/plugins/dmg.c
+index 6baef0a..3ecb215 100644
+--- a/src/plugins/dmg.c
++++ b/src/plugins/dmg.c
+@@ -125,7 +125,11 @@ static void header2_byteorder_fix(cencrypted_v2_pwheader *pwhdr)
+ 
+ static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_key_len, unsigned char *decryptKey) 
+ {
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX ctx;
++#else
++    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++#endif
+     unsigned char *TEMP1, *TEMP2, *CEKICV;
+     unsigned char IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
+     int outlen, tmplen, i;
+@@ -135,6 +139,7 @@ static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_ke
+     TEMP2 = alloca(wrapped_key_len);
+     CEKICV = alloca(wrapped_key_len);
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX_init(&ctx);
+     EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
+ 
+@@ -165,6 +170,37 @@ static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_ke
+     }
+     outlen += tmplen;
+     EVP_CIPHER_CTX_cleanup(&ctx);
++#else
++    EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
++
++    if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) 
++    {
++    return(-1);
++    }
++    if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) 
++    {
++    /*if (header.len_wrapped_aes_key==48)*/ return(-1);
++    }
++    outlen += tmplen;
++    EVP_CIPHER_CTX_free(ctx);
++
++    for(i = 0; i < outlen; i++) 
++    {
++    TEMP2[i] = TEMP1[outlen - i - 1];
++    }
++    EVP_CIPHER_CTX_init(ctx);
++    EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
++    if(!EVP_DecryptUpdate(ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) 
++    {
++    return(-1);
++    }
++    if(!EVP_DecryptFinal_ex(ctx, CEKICV + outlen, &tmplen)) 
++    {
++    return(-1);
++    }
++    outlen += tmplen;
++    EVP_CIPHER_CTX_free(ctx);
++#endif
+     return 0;
+ }
+ 
+@@ -317,8 +353,13 @@ hash_stat hash_plugin_check_hash(const char *hash, const char *password[VECTORSI
+     {
+ 	for (a=0;a<vectorsize;a++)
+ 	{
+-	    EVP_CIPHER_CTX ctx;
+-	    HMAC_CTX hmacsha1_ctx;
++#if OPENSSL_API_COMPAT > 0x10100000L
++        EVP_CIPHER_CTX ctx;
++        HMAC_CTX hmacsha1_ctx;
++#else
++	    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++	    HMAC_CTX *hmacsha1_ctx = HMAC_CTX_new();
++#endif
+ 	    unsigned char *TEMP1;
+ 	    int outlen, tmplen;
+ 	    AES_KEY aes_decrypt_key;
+@@ -328,12 +369,20 @@ hash_stat hash_plugin_check_hash(const char *hash, const char *password[VECTORSI
+ 
+ 	    hash_pbkdf2_len(password[a], strlen(password[a]), (unsigned char *)header2.kdf_salt, 20, header2.kdf_iteration_count, sizeof(derived_key), derived_key);
+ 
++#if OPENSSL_API_COMPAT > 0x10100000L
+ 	    EVP_CIPHER_CTX_init(&ctx);
+ 	    TEMP1 = alloca(header2.encrypted_keyblob_size);
+ 	    EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header2.blob_enc_iv);
+             EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header2.encrypted_keyblob, header2.encrypted_keyblob_size);
+             EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen);
+             EVP_CIPHER_CTX_cleanup(&ctx);
++#else
++        TEMP1 = alloca(header2.encrypted_keyblob_size);
++        EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header2.blob_enc_iv);
++            EVP_DecryptUpdate(ctx, TEMP1, &outlen, header2.encrypted_keyblob, header2.encrypted_keyblob_size);
++            EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen);
++            EVP_CIPHER_CTX_free(ctx);
++#endif
+ 	    outlen += tmplen;
+             memcpy(aes_key_, TEMP1, 32);
+             memcpy(hmacsha1_key_, TEMP1, 20);
+@@ -342,11 +391,18 @@ hash_stat hash_plugin_check_hash(const char *hash, const char *password[VECTORSI
+     	    if (header2.encrypted_keyblob_size==48)
+     	    {
+         	cno=chunk_no;
++#if OPENSSL_API_COMPAT > 0x10100000L
+         	HMAC_CTX_init(&hmacsha1_ctx);
+         	HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
+         	HMAC_Update(&hmacsha1_ctx, (void *) &cno, 4);
+         	HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *)&mdlen);
+         	HMAC_CTX_cleanup(&hmacsha1_ctx);
++#else
++            HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
++            HMAC_Update(hmacsha1_ctx, (void *) &cno, 4);
++            HMAC_Final(hmacsha1_ctx, iv, (unsigned int *)&mdlen);
++            HMAC_CTX_free(hmacsha1_ctx);
++#endif
+         	hash_aes_set_decrypt_key(aes_key_, 128, &aes_decrypt_key);
+         	hash_aes_cbc_encrypt(chunk2, outbuf2, 4096, &aes_decrypt_key, iv, AES_DECRYPT);
+         	// Valid koly block
+@@ -373,11 +429,18 @@ hash_stat hash_plugin_check_hash(const char *hash, const char *password[VECTORSI
+     	    else
+     	    {
+         	cno=chunk_no;
++#if OPENSSL_API_COMPAT > 0x10100000L
+         	HMAC_CTX_init(&hmacsha1_ctx);
+         	HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
+         	HMAC_Update(&hmacsha1_ctx, (void *) &cno, 4);
+         	HMAC_Final(&hmacsha1_ctx, iv, (unsigned int *)&mdlen);
+         	HMAC_CTX_cleanup(&hmacsha1_ctx);
++#else
++            HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key_, 20, EVP_sha1(), NULL);
++            HMAC_Update(hmacsha1_ctx, (void *) &cno, 4);
++            HMAC_Final(hmacsha1_ctx, iv, (unsigned int *)&mdlen);
++            HMAC_CTX_free(hmacsha1_ctx);
++#endif
+         	hash_aes_set_decrypt_key(aes_key_, 128, &aes_decrypt_key);
+         	hash_aes_cbc_encrypt(chunk2, outbuf2, 4096, &aes_decrypt_key, iv, AES_DECRYPT);
+ 
+diff --git a/src/plugins/mozilla.c b/src/plugins/mozilla.c
+index cb87a2d..871c2a2 100644
+--- a/src/plugins/mozilla.c
++++ b/src/plugins/mozilla.c
+@@ -134,7 +134,11 @@ hash_stat hash_plugin_check_hash(const char *hash, const char *password[VECTORSI
+     char *buf4[VECTORSIZE];
+     int a,b,c;
+     char *encver="password-check\x00\x00";
++#if OPENSSL_API_COMPAT > 0x10100000L
+     EVP_CIPHER_CTX ctx;
++#else
++    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
++#endif
+ 
+     for (a=0;a<vectorsize;a++)
+     {
+@@ -172,10 +176,16 @@ hash_stat hash_plugin_check_hash(const char *hash, const char *password[VECTORSI
+ 	memcpy(buf[a],buf4[a],20);
+ 	memcpy(buf[a]+20,entrysalt,20);
+         hash_hmac_sha1(buf2[a],20,(unsigned char *)buf[a],40,(unsigned char *)buf3[a]+20,20);
++#if OPENSSL_API_COMPAT > 0x10100000L
+ 	EVP_CIPHER_CTX_init(&ctx);
+ 	EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, (const unsigned char *)buf3[a], (unsigned char *)buf3[a]+32);
+ 	EVP_DecryptUpdate(&ctx, (unsigned char *)buf[a], &b, verifier, 16);
+ 	EVP_DecryptFinal_ex(&ctx, (unsigned char *)buf[a] + b, &c);
++#else
++    EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, (const unsigned char *)buf3[a], (unsigned char *)buf3[a]+32);
++    EVP_DecryptUpdate(ctx, (unsigned char *)buf[a], &b, verifier, 16);
++    EVP_DecryptFinal_ex(ctx, (unsigned char *)buf[a] + b, &c);
++#endif
+ 	if (memcmp(buf[a],encver,14)==0)
+ 	{
+ 	    *num = a;
+-- 
+2.23.0
+
diff --git a/app-crypt/hashkill/files/0003-replace-tempnam-to-mkdtemp-in-lzma.patch.bak b/app-crypt/hashkill/files/0003-replace-tempnam-to-mkdtemp-in-lzma.patch.bak
new file mode 100644
index 000000000..66c0100b8
--- /dev/null
+++ b/app-crypt/hashkill/files/0003-replace-tempnam-to-mkdtemp-in-lzma.patch.bak
@@ -0,0 +1,50 @@
+From 9b66145f601ea3a5b70641b0ce48789a1fb9cb12 Mon Sep 17 00:00:00 2001
+From: Yury Martynov <email@linxon.ru>
+Date: Fri, 8 Nov 2019 14:08:28 +0300
+Subject: [PATCH] replace tempnam to mkdtemp in lzma
+
+---
+ src/lzma/lzma.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/lzma/lzma.c b/src/lzma/lzma.c
+index 0f5e89d..d59137d 100644
+--- a/src/lzma/lzma.c
++++ b/src/lzma/lzma.c
+@@ -174,6 +174,7 @@ char* kernel_compress(char *filename)
+   CFileSeqInStream inStream;
+   CFileOutStream outStream;
+   int res;
++  char templatebuf[] = "/tmp/hashkill_kernel";
+   char *ofname;
+   char rs[800];
+ 
+@@ -190,7 +191,7 @@ char* kernel_compress(char *filename)
+     return NULL;
+   }
+ 
+-  ofname = tempnam("./", "hashkill_kernel");
++  ofname = mkdtemp(templatebuf);
+ 
+   if (OutFile_Open(&outStream.file, ofname) != 0)
+   {
+@@ -241,6 +242,7 @@ char* kernel_decompress(char *filename)
+   CFileSeqInStream inStream;
+   CFileOutStream outStream;
+   int res;
++  char templatebuf[] = "/tmp/hashkill_kernel";
+   char *ofname;
+ 
+   FileSeqInStream_CreateVTable(&inStream);
+@@ -256,7 +258,7 @@ char* kernel_decompress(char *filename)
+     return NULL;
+   }
+ 
+-  ofname = tempnam("/tmp", "hashkill_kernel");
++  ofname = mkdtemp(templatebuf);
+ 
+   if (OutFile_Open(&outStream.file, ofname) != 0)
+   {
+-- 
+2.23.0
+
diff --git a/app-crypt/hashkill/files/0004-other-minor-fixes.patch b/app-crypt/hashkill/files/0004-other-minor-fixes.patch
new file mode 100644
index 000000000..bfe709ae4
--- /dev/null
+++ b/app-crypt/hashkill/files/0004-other-minor-fixes.patch
@@ -0,0 +1,112 @@
+diff -ur a/src/kernels/compiler/amd-compiler.c b/src/kernels/compiler/amd-compiler.c
+--- a/src/kernels/compiler/amd-compiler.c	2014-02-04 14:36:40.000000000 +0400
++++ b/src/kernels/compiler/amd-compiler.c	2019-11-08 16:06:56.030308820 +0300
+@@ -294,7 +294,7 @@
+ 	    if( binary_sizes[j] != 0 )
+ 	    {
+     		binaries[j] = (char *)malloc( sizeof(char)*binary_sizes[j] );
+-		printf("%s: compilation for %s successful (size = %d KB)\n",filename,pbuf,binary_sizes[j]/1024);
++		printf("%s: compilation for %s successful (size = %d KB)\n",filename,pbuf,(int)binary_sizes[j]/1024);
+ 	    }
+ 	    else
+ 	    {
+@@ -359,7 +359,7 @@
+         	int fd=open(outfilename,O_RDONLY);
+         	size_t fsize = lseek(fd,0,SEEK_END);
+         	close(fd);
+-        	printf("%s: compressed %s kernel (compressed size = %d KB)\n",filename,pbuf,fsize/1024);
++        	printf("%s: compressed %s kernel (compressed size = %d KB)\n",filename,pbuf,(int)fsize/1024);
+         	free(ofname);
+     	    }
+ 	}
+diff -ur a/src/kernels/compiler/compiler.h b/src/kernels/compiler/compiler.h
+--- a/src/kernels/compiler/compiler.h	2014-02-04 14:36:40.000000000 +0400
++++ b/src/kernels/compiler/compiler.h	2019-11-08 16:07:08.557195893 +0300
+@@ -5,6 +5,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <stdint.h>
++#include <unistd.h>
+ #include "lzma/lzma.h"
+ #include "err.h"
+ #include "ocl-base.h"
+diff -ur a/src/kernels/compiler/nvidia-compiler.c b/src/kernels/compiler/nvidia-compiler.c
+--- a/src/kernels/compiler/nvidia-compiler.c	2014-02-04 14:36:40.000000000 +0400
++++ b/src/kernels/compiler/nvidia-compiler.c	2019-11-08 16:07:31.381169750 +0300
+@@ -183,25 +183,25 @@
+     		switch (smiter)
+     		{
+     		    case 0: 
+-    			printf("%s: compilation for sm_10 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_10 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		    case 1: 
+-    			printf("%s: compilation for sm_11 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_11 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		    case 2: 
+-    			printf("%s: compilation for sm_12 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_12 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		    case 3: 
+-    			printf("%s: compilation for sm_13 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_13 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		    case 4: 
+-    			printf("%s: compilation for sm_20 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_20 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		    case 5: 
+-    			printf("%s: compilation for sm_21 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_21 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		    case 6: 
+-    			printf("%s: compilation for sm_30 successful (size = %d KB)\n",filename,binary_sizes[i]/1024);
++    			printf("%s: compilation for sm_30 successful (size = %d KB)\n",filename,(int)binary_sizes[i]/1024);
+     			break;
+     		}
+ 	    }
+@@ -288,25 +288,25 @@
+                 switch (smiter)
+                 {
+             	    case 0:
+-            		printf("%s: compressed sm_10 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_10 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	    case 1:
+-            		printf("%s: compressed sm_11 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_11 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	    case 2:
+-            		printf("%s: compressed sm_12 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_12 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	    case 3:
+-            		printf("%s: compressed sm_13 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_13 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	    case 4:
+-            		printf("%s: compressed sm_20 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_20 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	    case 5:
+-            		printf("%s: compressed sm_21 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_21 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	    case 6:
+-            		printf("%s: compressed sm_30 kernel (compressed size = %d KB)\n",filename,fsize/1024);
++            		printf("%s: compressed sm_30 kernel (compressed size = %d KB)\n",filename,(int)fsize/1024);
+             		break;
+             	}
+                 free(ofname);
+diff -ur a/src/plugins/a51.c b/src/plugins/a51.c
+--- a/src/plugins/a51.c	2014-02-04 14:36:40.000000000 +0400
++++ b/src/plugins/a51.c	2019-11-08 14:23:59.503194553 +0300
+@@ -21,6 +21,7 @@
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <string.h>
++#include <stdlib.h>
+ #include "plugin.h"
+ #include "err.h"
+ #include "hashinterface.h"
diff --git a/app-crypt/hashkill/hashkill-0.3.1-r1.ebuild b/app-crypt/hashkill/hashkill-0.3.1-r1.ebuild
deleted file mode 100644
index dccb5b951..000000000
--- a/app-crypt/hashkill/hashkill-0.3.1-r1.ebuild
+++ /dev/null
@@ -1,53 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=4
-
-inherit toolchain-funcs autotools pax-utils
-
-DESCRIPTION="Multi-threaded password recovery tool with multi-GPU support"
-HOMEPAGE="http://www.gat3way.eu/hashkill"
-SRC_URI="https://github.com/gat3way/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 x86"
-
-IUSE_VIDEO_CARDS="video_cards_fglrx video_cards_nvidia"
-IUSE="${IUSE_VIDEO_CARDS} opencl pax_kernel"
-
-DEPEND="opencl? ( virtual/opencl )
-	video_cards_nvidia? ( x11-drivers/nvidia-drivers )
-	video_cards_fglrx?  ( x11-drivers/ati-drivers )
-	<dev-libs/json-c-0.11"
-
-RDEPEND="${DEPEND}"
-
-src_prepare() {
-	if use pax_kernel; then
-		sed -e "s|amd-compiler$|amd-compiler \
-		\n\t\t paxctl -m amd-compiler |g" -i src/kernels/compiler/Makefile
-		sed -e "s|nvidia-compiler$|nvidia-compiler \
-		\n\t\t paxctl -m nvidia-compiler |g" -i src/kernels/compiler/Makefile
-	fi
-	eautoreconf
-}
-
-src_configure() {
-	econf
-	#the following might fail if gcc is built with USE="multislot"
-	if has_version sys-devel/gcc[-lto]; then
-	    einfo "Warning: compiling without LTO optimisaiton"
-	    sed -i 's| -flto -fwhole-program||g' src/Makefile
-	fi
-}
-
-src_install() {
-	if use pax_kernel; then
-		pax-mark m src/hashkill
-	fi
-
-	emake DESTDIR="${D}" install || die
-	dodoc README
-}
diff --git a/app-crypt/hashkill/hashkill-0.3.1_p20131031.ebuild b/app-crypt/hashkill/hashkill-0.3.1_p20131031.ebuild
deleted file mode 100644
index ffb770efc..000000000
--- a/app-crypt/hashkill/hashkill-0.3.1_p20131031.ebuild
+++ /dev/null
@@ -1,92 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=4
-
-inherit git-2 autotools pax-utils toolchain-funcs
-
-DESCRIPTION="Multi-threaded password recovery tool with multi-GPU support"
-HOMEPAGE="http://www.gat3way.eu/hashkill"
-EGIT_REPO_URI="git://github.com/gat3way/hashkill.git"
-EGIT_COMMIT="e2a11efc3a580b0c509f1809e969b2f8d240f8ef"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-
-IUSE_VIDEO_CARDS="video_cards_fglrx video_cards_nvidia"
-IUSE="${IUSE_VIDEO_CARDS} opencl pax_kernel json"
-
-DEPEND="opencl? ( virtual/opencl )
-	video_cards_nvidia? ( x11-drivers/nvidia-drivers )
-	video_cards_fglrx?  ( x11-drivers/ati-drivers )
-	json? ( <dev-libs/json-c-0.11 )"
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
-	if use video_cards_nvidia; then
-		if [ ! -w /dev/nvidia0 ]; then
-			einfo "To compile this package  portage likely must be in the video group."
-			einfo "Please run \"gpasswd -a portage video\" if build fails."
-		fi
-	fi
-	if use video_cards_fglrx; then
-		if [ ! -w /dev/ati ]; then
-			einfo "To compile this package portage likely must be in the video group."
-			einfo "Please run \"gpasswd -a portage video\" if build fails."
-		fi
-	fi
-}
-
-src_prepare() {
-	if use pax_kernel; then
-		sed -e "s|amd-compiler$|amd-compiler \
-		\n\t\t paxctl -m amd-compiler |g" -i src/kernels/compiler/Makefile
-		sed -e "s|nvidia-compiler$|nvidia-compiler \
-		\n\t\t paxctl -m nvidia-compiler |g" -i src/kernels/compiler/Makefile
-	fi
-
-	#bug https://github.com/gat3way/hashkill/issues/52
-	use json || sed -e 's|JS_LIBS="-ljson"|JS_LIBS=""|g' -i json.m4
-
-	eautoreconf
-}
-
-src_configure() {
-	econf \
-	$(use_enable video_cards_nvidia nv-ocl) \
-	$(use_enable video_cards_fglrx amd-ocl) \
-	$(use_with json)
-	#the following might fail if gcc is built with USE="multislot"
-	if has_version sys-devel/gcc[-lto]; then
-	    einfo "Warning: compiling without LTO optimisaiton"
-	    sed -i 's| -flto -fwhole-program||g' src/Makefile
-	fi
-}
-
-src_compile() {
-	#the way opencl is doing compilation it requires this no matter what for both devices for enumeration
-	# Upstream bug https://github.com/gat3way/hashkill/issues/35
-	# we need write access to nvidia devices
-	addwrite /dev/nvidia0
-	addwrite /dev/nvidiactl
-	# we need write access to ati devices
-	addwrite /dev/ati
-
-	emake
-}
-
-src_test() {
-	cd tests
-	./test.sh
-}
-
-src_install() {
-	if use pax_kernel; then
-		pax-mark m src/hashkill
-	fi
-
-	emake DESTDIR="${D}" install
-	dodoc README
-}
diff --git a/app-crypt/hashkill/hashkill-0.3.1_p20140204.ebuild b/app-crypt/hashkill/hashkill-0.3.1_p20140204.ebuild
index 449510577..25cbcba6b 100644
--- a/app-crypt/hashkill/hashkill-0.3.1_p20140204.ebuild
+++ b/app-crypt/hashkill/hashkill-0.3.1_p20140204.ebuild
@@ -1,81 +1,102 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
-# $Id$
 
-EAPI=4
+EAPI=7
 
-inherit git-2 autotools pax-utils toolchain-funcs
+inherit autotools toolchain-funcs pax-utils
 
 DESCRIPTION="Multi-threaded password recovery tool with multi-GPU support"
-HOMEPAGE="http://www.gat3way.eu/hashkill"
-EGIT_REPO_URI="git://github.com/gat3way/hashkill.git"
-EGIT_COMMIT="50ba2b5971e1b7228df9d1c9e1e775881b18f96c"
+HOMEPAGE="https://github.com/gat3way/hashkill"
 
-LICENSE="GPL-2"
+HASH_COMMIT="50ba2b5971e1b7228df9d1c9e1e775881b18f96c" # 20140204
+SRC_URI="https://github.com/gat3way/hashkill/archive/${HASH_COMMIT}.tar.gz -> ${P}.tar.gz"
+
+# GPL-2 — *
+# public-domain — src/lzma/*
+LICENSE="GPL-2 public-domain"
+
+#KEYWORDS="~amd64 ~x86"
 SLOT="0"
-KEYWORDS="~amd64 ~x86"
 
-IUSE_VIDEO_CARDS="video_cards_fglrx video_cards_nvidia"
-IUSE="${IUSE_VIDEO_CARDS} opencl pax_kernel +json"
+IUSE="video_cards_amdgpu video_cards_nvidia opencl +json pax_kernel"
+REQUIRED_USE="
+	video_cards_amdgpu? ( opencl )
+	video_cards_nvidia? ( opencl )
+	opencl? (
+		|| ( video_cards_amdgpu video_cards_nvidia )
+	)"
+
+DEPEND="
+	opencl? ( virtual/opencl[video_cards_amdgpu=,video_cards_nvidia=] )
+	json? ( dev-libs/json-c:0= )
+	>=dev-libs/openssl-1.0.0:="
 
-DEPEND="opencl? ( virtual/opencl )
-	video_cards_nvidia? ( x11-drivers/nvidia-drivers )
-	video_cards_fglrx?  ( x11-drivers/ati-drivers )
-	json? ( >=dev-libs/json-c-0.11 )"
 RDEPEND="${DEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+S="${WORKDIR}/${PN}-${HASH_COMMIT}"
 
 pkg_setup() {
-	if use video_cards_nvidia; then
-		if [ ! -w /dev/nvidia0 ]; then
-			einfo "To compile this package  portage likely must be in the video group."
-			einfo "Please run \"gpasswd -a portage video\" if build fails."
-		fi
-	fi
-	if use video_cards_fglrx; then
-		if [ ! -w /dev/ati ]; then
-			einfo "To compile this package portage likely must be in the video group."
-			einfo "Please run \"gpasswd -a portage video\" if build fails."
-		fi
+	if use opencl; then
+		ewarn "\nWARNING!!!\nTo compile this package 'portage' user likely must be in the 'video' group temporary."
+		ewarn "Please run:"
+		ewarn "    ~$ sudo gpasswd -a portage video"
+		ewarn "    ~$ sudo emerge -av app-crypt/hashkill"
+		ewarn "    ... # after installing:"
+		ewarn "    ~$ sudo gpasswd -d portage video\n"
+		ewarn "More info:"
+		ewarn "    https://github.com/gat3way/hashkill/issues/32"
+		ewarn "    https://wiki.gentoo.org/wiki/OpenCL\n"
 	fi
 }
 
 src_prepare() {
-	if use pax_kernel; then
-		sed -e "s|amd-compiler$|amd-compiler \
-		\n\t\t paxctl -m amd-compiler |g" -i src/kernels/compiler/Makefile
-		sed -e "s|nvidia-compiler$|nvidia-compiler \
-		\n\t\t paxctl -m nvidia-compiler |g" -i src/kernels/compiler/Makefile
+	eapply "${FILESDIR}"
+
+	rm -f src/kernels/nvidia_bfunix.cl || die
+
+	sed -i \
+		-e "s/AC_INIT(hashkill, \(.*\),/AC_INIT(hashkill, ${PV},/" \
+		configure.ac || die
+
+	if use pax_kernel && use opencl; then
+		sed -i \
+			-e "s|amd-compiler$|amd-compiler \n\t\t paxctl -m amd-compiler |g" \
+			-e "s|nvidia-compiler$|nvidia-compiler \n\t\t paxctl -m nvidia-compiler |g" \
+			src/kernels/compiler/Makefile || die
 	fi
+
 	eautoreconf
+	default
 }
 
 src_configure() {
 	econf \
-	$(use_enable video_cards_nvidia nv-ocl) \
-	$(use_enable video_cards_fglrx amd-ocl) \
-	$(use_with json)
+		$(use_with json) \
+		$(usex video_cards_amdgpu '' '--disable-amd-ocl') \
+		$(usex video_cards_nvidia '' '--disable-nv-ocl')
+
 	#the following might fail if gcc is built with USE="multislot"
 	if has_version sys-devel/gcc[-lto]; then
 	    einfo "Warning: compiling without LTO optimisaiton"
-	    sed -i 's| -flto -fwhole-program||g' src/Makefile
+	    sed -i 's/ -flto -fwhole-program//g' src/Makefile || die
 	fi
 }
 
 src_compile() {
-	#the way opencl is doing compilation it requires this no matter what for both devices for enumeration
-	# Upstream bug https://github.com/gat3way/hashkill/issues/35
-	# we need write access to nvidia devices
-	addwrite /dev/nvidia0
-	addwrite /dev/nvidiactl
-	# we need write access to ati devices
-	addwrite /dev/ati
+	if use opencl; then
+		# The way opencl is doing compilation it requires this no matter what for both devices for enumeration
+		# Upstream bug https://github.com/gat3way/hashkill/issues/35
+		# we need write access to nvidia/ati devices
+		addwrite /dev/nvidia0
+		addwrite /dev/nvidiactl
+		addwrite /dev/ati
+	fi
 
-	emake
-}
-
-src_test() {
-	cd tests
-	./test.sh
+	# Without -j1 param you can get random errors while building.
+	# [hashkill] (../../ocl-base.c:312) clCreateContextFromType: CL_DEVICE_NOT_AVAILABLE
+	# Don't remove it
+	emake -j1 CC="$(tc-getCC)"
 }
 
 src_install() {
@@ -86,3 +107,8 @@ src_install() {
 	emake DESTDIR="${D}" install
 	dodoc README
 }
+
+src_test() {
+	cd tests
+	./test.sh || die
+}
diff --git a/app-crypt/hashkill/hashkill-9999.ebuild b/app-crypt/hashkill/hashkill-9999.ebuild
index 756658839..f9d175697 100644
--- a/app-crypt/hashkill/hashkill-9999.ebuild
+++ b/app-crypt/hashkill/hashkill-9999.ebuild
@@ -1,79 +1,96 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
-# $Id$
 
-EAPI=4
+EAPI=7
 
-inherit git-2 autotools pax-utils toolchain-funcs
+inherit autotools toolchain-funcs pax-utils
 
 DESCRIPTION="Multi-threaded password recovery tool with multi-GPU support"
-HOMEPAGE="http://www.gat3way.eu/hashkill"
-EGIT_REPO_URI="git://github.com/gat3way/hashkill.git"
+HOMEPAGE="https://github.com/gat3way/hashkill"
+EGIT_REPO_URI="https://github.com/gat3way/hashkill"
 
-LICENSE="GPL-2"
+# GPL-2 — *
+# public-domain — src/lzma/*
+LICENSE="GPL-2 public-domain"
 SLOT="0"
-KEYWORDS=""
 
-IUSE_VIDEO_CARDS="video_cards_fglrx video_cards_nvidia"
-IUSE="${IUSE_VIDEO_CARDS} opencl pax_kernel"
+IUSE="video_cards_amdgpu video_cards_nvidia opencl +json pax_kernel"
+REQUIRED_USE="
+	video_cards_amdgpu? ( opencl )
+	video_cards_nvidia? ( opencl )
+	opencl? (
+		|| ( video_cards_amdgpu video_cards_nvidia )
+	)"
+
+DEPEND="
+	opencl? ( virtual/opencl[video_cards_amdgpu=,video_cards_nvidia=] )
+	json? ( dev-libs/json-c:0= )
+	>=dev-libs/openssl-1.0.0:="
 
-DEPEND="opencl? ( virtual/opencl )
-	video_cards_nvidia? ( x11-drivers/nvidia-drivers )
-	video_cards_fglrx?  ( x11-drivers/ati-drivers )
-	dev-libs/json-c"
 RDEPEND="${DEPEND}"
+BDEPEND="virtual/pkgconfig"
 
 pkg_setup() {
-	if use video_cards_nvidia; then
-		if [ ! -w /dev/nvidia0 ]; then
-			einfo "To compile this package  portage likely must be in the video group."
-			einfo "Please run \"gpasswd -a portage video\" if build fails."
-		fi
-	fi
-	if use video_cards_fglrx; then
-		if [ ! -w /dev/ati ]; then
-			einfo "To compile this package portage likely must be in the video group."
-			einfo "Please run \"gpasswd -a portage video\" if build fails."
-		fi
+	if use opencl; then
+		ewarn "\nWARNING!!!\nTo compile this package 'portage' user likely must be in the 'video' group temporary."
+		ewarn "Please run:"
+		ewarn "    ~$ sudo gpasswd -a portage video"
+		ewarn "    ~$ sudo emerge -av app-crypt/hashkill"
+		ewarn "    ... # after installing:"
+		ewarn "    ~$ sudo gpasswd -d portage video\n"
+		ewarn "More info:"
+		ewarn "    https://github.com/gat3way/hashkill/issues/32"
+		ewarn "    https://wiki.gentoo.org/wiki/OpenCL\n"
 	fi
 }
 
 src_prepare() {
-	if use pax_kernel; then
-		sed -e "s|amd-compiler$|amd-compiler \
-		\n\t\t paxctl -m amd-compiler |g" -i src/kernels/compiler/Makefile
-		sed -e "s|nvidia-compiler$|nvidia-compiler \
-		\n\t\t paxctl -m nvidia-compiler |g" -i src/kernels/compiler/Makefile
+	eapply "${FILESDIR}"
+
+	rm -f src/kernels/nvidia_bfunix.cl || die
+
+	sed -i \
+		-e "s/AC_INIT(hashkill, \(.*\),/AC_INIT(hashkill, ${PV},/" \
+		configure.ac || die
+
+	if use pax_kernel && use opencl; then
+		sed -i \
+			-e "s|amd-compiler$|amd-compiler \n\t\t paxctl -m amd-compiler |g" \
+			-e "s|nvidia-compiler$|nvidia-compiler \n\t\t paxctl -m nvidia-compiler |g" \
+			src/kernels/compiler/Makefile || die
 	fi
+
 	eautoreconf
+	default
 }
 
 src_configure() {
 	econf \
-	$(use_enable video_cards_nvidia nv-ocl) \
-	$(use_enable video_cards_fglrx amd-ocl)
+		$(use_with json) \
+		$(usex video_cards_amdgpu '' '--disable-amd-ocl') \
+		$(usex video_cards_nvidia '' '--disable-nv-ocl')
+
 	#the following might fail if gcc is built with USE="multislot"
 	if has_version sys-devel/gcc[-lto]; then
 	    einfo "Warning: compiling without LTO optimisaiton"
-	    sed -i 's| -flto -fwhole-program||g' src/Makefile
+	    sed -i 's/ -flto -fwhole-program//g' src/Makefile || die
 	fi
 }
 
 src_compile() {
-	#the way opencl is doing compilation it requires this no matter what for both devices for enumeration
-	# Upstream bug https://github.com/gat3way/hashkill/issues/35
-	# we need write access to nvidia devices
-	addwrite /dev/nvidia0
-	addwrite /dev/nvidiactl
-	# we need write access to ati devices
-	addwrite /dev/ati
+	if use opencl; then
+		# The way opencl is doing compilation it requires this no matter what for both devices for enumeration
+		# Upstream bug https://github.com/gat3way/hashkill/issues/35
+		# we need write access to nvidia/ati devices
+		addwrite /dev/nvidia0
+		addwrite /dev/nvidiactl
+		addwrite /dev/ati
+	fi
 
-	emake
-}
-
-src_test() {
-	cd tests
-	./test.sh
+	# Without -j1 param you can get random errors while building.
+	# [hashkill] (../../ocl-base.c:312) clCreateContextFromType: CL_DEVICE_NOT_AVAILABLE
+	# Don't remove it
+	emake -j1 CC="$(tc-getCC)"
 }
 
 src_install() {
@@ -84,3 +101,8 @@ src_install() {
 	emake DESTDIR="${D}" install
 	dodoc README
 }
+
+src_test() {
+	cd tests
+	./test.sh || die
+}
diff --git a/app-crypt/hashkill/metadata.xml b/app-crypt/hashkill/metadata.xml
new file mode 100644
index 000000000..8f146e700
--- /dev/null
+++ b/app-crypt/hashkill/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<use>
+		<flag name="opencl">Add OpenCL support</flag>
+		<flag name="json">add <pkg>dev-libs/json-c</pkg> support</flag>
+		<flag name="pax_kernel">Apply patch needed for pax enabled kernels</flag>
+	</use>
+</pkgmetadata>