wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adjust all accesses to EVP_MD_CTX to use accessor functions.

Browse source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Richard Levitte 2015-11-27 14:02:12 +01:00
parent 9b6c00707e
commit 6e59a892db
55 changed files with 749 additions and 577 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
apps/passwd.c
View file

@ -307,7 +307,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
char *salt_out;
int n;
unsigned int i;
EVP_MD_CTX md, md2;
EVP_MD_CTX *md, *md2;
size_t passwd_len, salt_len;
passwd_len = strlen(passwd);
@ -322,45 +322,50 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
salt_len = strlen(salt_out);
assert(salt_len <= 8);
EVP_MD_CTX_init(&md);
EVP_DigestInit_ex(&md, EVP_md5(), NULL);
EVP_DigestUpdate(&md, passwd, passwd_len);
EVP_DigestUpdate(&md, "$", 1);
EVP_DigestUpdate(&md, magic, strlen(magic));
EVP_DigestUpdate(&md, "$", 1);
EVP_DigestUpdate(&md, salt_out, salt_len);
md = EVP_MD_CTX_create();
if (md == NULL)
return NULL;
EVP_DigestInit_ex(md, EVP_md5(), NULL);
EVP_DigestUpdate(md, passwd, passwd_len);
EVP_DigestUpdate(md, "$", 1);
EVP_DigestUpdate(md, magic, strlen(magic));
EVP_DigestUpdate(md, "$", 1);
EVP_DigestUpdate(md, salt_out, salt_len);
EVP_MD_CTX_init(&md2);
EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestUpdate(&md2, salt_out, salt_len);
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestFinal_ex(&md2, buf, NULL);
md2 = EVP_MD_CTX_create();
if (md2 == NULL)
return NULL;
EVP_DigestInit_ex(md2, EVP_md5(), NULL);
EVP_DigestUpdate(md2, passwd, passwd_len);
EVP_DigestUpdate(md2, salt_out, salt_len);
EVP_DigestUpdate(md2, passwd, passwd_len);
EVP_DigestFinal_ex(md2, buf, NULL);
for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
EVP_DigestUpdate(&md, buf, sizeof buf);
EVP_DigestUpdate(&md, buf, i);
EVP_DigestUpdate(md, buf, sizeof buf);
EVP_DigestUpdate(md, buf, i);
n = passwd_len;
while (n) {
EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1);
n >>= 1;
}
EVP_DigestFinal_ex(&md, buf, NULL);
EVP_DigestFinal_ex(md, buf, NULL);
for (i = 0; i < 1000; i++) {
EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
EVP_DigestInit_ex(md2, EVP_md5(), NULL);
EVP_DigestUpdate(md2, (i & 1) ? (unsigned const char *)passwd : buf,
(i & 1) ? passwd_len : sizeof buf);
if (i % 3)
EVP_DigestUpdate(&md2, salt_out, salt_len);
EVP_DigestUpdate(md2, salt_out, salt_len);
if (i % 7)
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
EVP_DigestUpdate(md2, passwd, passwd_len);
EVP_DigestUpdate(md2, (i & 1) ? buf : (unsigned const char *)passwd,
(i & 1) ? sizeof buf : passwd_len);
EVP_DigestFinal_ex(&md2, buf, NULL);
EVP_DigestFinal_ex(md2, buf, NULL);
}
EVP_MD_CTX_cleanup(&md2);
EVP_MD_CTX_destroy(md2);
EVP_MD_CTX_destroy(md);
{
/* transform buf into output string */
@ -399,7 +404,6 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
*output = 0;
assert(strlen(out_buf) < sizeof(out_buf));
}
EVP_MD_CTX_cleanup(&md);
return out_buf;
}

44
apps/req.c
View file

@ -1492,7 +1492,8 @@ static int do_sign_init(EVP_MD_CTX *ctx, EVP_PKEY *pkey,
EVP_PKEY_CTX *pkctx = NULL;
int i;
EVP_MD_CTX_init(ctx);
if (ctx == NULL)
return 0;
if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey))
return 0;
for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
@ -1510,13 +1511,16 @@ int do_X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
EVP_MD_CTX_init(&mctx);
rv = do_sign_init(&mctx, pkey, md, sigopts);
rv = do_sign_init(mctx, pkey, md, sigopts);
/* Note: X509_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
* the EVP_MD_CTX we send it, so only destroy it here if the former
* isn't called */
if (rv > 0)
rv = X509_sign_ctx(x, &mctx);
EVP_MD_CTX_cleanup(&mctx);
rv = X509_sign_ctx(x, mctx);
else
EVP_MD_CTX_destroy(mctx);
return rv > 0 ? 1 : 0;
}
@ -1524,13 +1528,15 @@ int do_X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
EVP_MD_CTX mctx;
EVP_MD_CTX_init(&mctx);
rv = do_sign_init(&mctx, pkey, md, sigopts);
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
rv = do_sign_init(mctx, pkey, md, sigopts);
/* Note: X509_REQ_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
* the EVP_MD_CTX we send it, so only destroy it here if the former
* isn't called */
if (rv > 0)
rv = X509_REQ_sign_ctx(x, &mctx);
EVP_MD_CTX_cleanup(&mctx);
rv = X509_REQ_sign_ctx(x, mctx);
else
EVP_MD_CTX_destroy(mctx);
return rv > 0 ? 1 : 0;
}
@ -1538,12 +1544,14 @@ int do_X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
EVP_MD_CTX mctx;
EVP_MD_CTX_init(&mctx);
rv = do_sign_init(&mctx, pkey, md, sigopts);
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
rv = do_sign_init(mctx, pkey, md, sigopts);
/* Note: X509_CRL_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
* the EVP_MD_CTX we send it, so only destroy it here if the former
* isn't called */
if (rv > 0)
rv = X509_CRL_sign_ctx(x, &mctx);
EVP_MD_CTX_cleanup(&mctx);
rv = X509_CRL_sign_ctx(x, mctx);
else
EVP_MD_CTX_destroy(mctx);
return rv > 0 ? 1 : 0;
}

19
apps/ts.c
View file

@ -523,17 +523,22 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
return 0;
if (input) {
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
unsigned char buffer[4096];
int length;
*md_value = app_malloc(md_value_len, "digest buffer");
EVP_DigestInit(&md_ctx, md);
while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
EVP_DigestUpdate(&md_ctx, buffer, length);
}
if (!EVP_DigestFinal(&md_ctx, *md_value, NULL))
if (md_ctx == NULL)
return 0;
*md_value = app_malloc(md_value_len, "digest buffer");
EVP_DigestInit(md_ctx, md);
while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
EVP_DigestUpdate(md_ctx, buffer, length);
}
if (!EVP_DigestFinal(md_ctx, *md_value, NULL)) {
EVP_MD_CTX_destroy(md_ctx);
return 0;
}
EVP_MD_CTX_destroy(md_ctx);
} else {
long digest_len;
*md_value = string_to_hex(digest, &digest_len);

33
crypto/asn1/a_sign.c
View file

@ -131,12 +131,15 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
const EVP_MD *type)
{
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
unsigned char *p, *buf_in = NULL, *buf_out = NULL;
int i, inl = 0, outl = 0, outll = 0;
X509_ALGOR *a;
EVP_MD_CTX_init(&ctx);
if (ctx == NULL) {
ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
for (i = 0; i < 2; i++) {
if (i == 0)
a = algor1;
@ -182,9 +185,9 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
p = buf_in;
i2d(data, &p);
if (!EVP_SignInit_ex(&ctx, type, NULL)
|| !EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl)
|| !EVP_SignFinal(&ctx, (unsigned char *)buf_out,
if (!EVP_SignInit_ex(ctx, type, NULL)
|| !EVP_SignUpdate(ctx, (unsigned char *)buf_in, inl)
|| !EVP_SignFinal(ctx, (unsigned char *)buf_out,
(unsigned int *)&outl, pkey)) {
outl = 0;
ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB);
@ -201,7 +204,7 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
err:
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
OPENSSL_clear_free((char *)buf_in, (unsigned int)inl);
OPENSSL_clear_free((char *)buf_out, outll);
return (outl);
@ -213,13 +216,17 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn,
EVP_PKEY *pkey, const EVP_MD *type)
{
EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE);
return 0;
}
return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
if (!EVP_DigestSignInit(ctx, NULL, type, NULL, pkey)) {
EVP_MD_CTX_destroy(ctx);
return 0;
}
return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx);
}
int ASN1_item_sign_ctx(const ASN1_ITEM *it,
@ -234,7 +241,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
int rv;
type = EVP_MD_CTX_md(ctx);
pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx));
if (!type || !pkey) {
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
@ -307,7 +314,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
err:
EVP_MD_CTX_cleanup(ctx);
EVP_MD_CTX_destroy(ctx);
OPENSSL_clear_free((char *)buf_in, (unsigned int)inl);
OPENSSL_clear_free((char *)buf_out, outll);
return (outl);

33
crypto/asn1/a_verify.c
View file

@ -77,12 +77,15 @@
int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
char *data, EVP_PKEY *pkey)
{
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
const EVP_MD *type;
unsigned char *p, *buf_in = NULL;
int ret = -1, i, inl;
EVP_MD_CTX_init(&ctx);
if (ctx == NULL) {
ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
i = OBJ_obj2nid(a->algorithm);
type = EVP_get_digestbyname(OBJ_nid2sn(i));
if (type == NULL) {
@ -104,8 +107,8 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
p = buf_in;
i2d(data, &p);
ret = EVP_VerifyInit_ex(&ctx, type, NULL)
&& EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl);
ret = EVP_VerifyInit_ex(ctx, type, NULL)
&& EVP_VerifyUpdate(ctx, (unsigned char *)buf_in, inl);
OPENSSL_clear_free(buf_in, (unsigned int)inl);
@ -115,7 +118,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
}
ret = -1;
if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data,
if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data,
(unsigned int)signature->length, pkey) <= 0) {
ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
ret = 0;
@ -123,7 +126,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
}
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return (ret);
}
@ -132,7 +135,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
{
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = NULL;
unsigned char *buf_in = NULL;
int ret = -1, inl;
@ -148,7 +151,11 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
return -1;
}
EVP_MD_CTX_init(&ctx);
ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
/* Convert signature OID into digest and public key OIDs */
if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
@ -161,7 +168,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
goto err;
}
ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey);
ret = pkey->ameth->item_verify(ctx, it, asn, a, signature, pkey);
/*
* Return value of 2 means carry on, anything else means we exit
* straight away: either a fatal error of the underlying verification
@ -185,7 +192,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
goto err;
}
if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
ret = 0;
goto err;
@ -200,7 +207,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
goto err;
}
ret = EVP_DigestVerifyUpdate(&ctx, buf_in, inl);
ret = EVP_DigestVerifyUpdate(ctx, buf_in, inl);
OPENSSL_clear_free(buf_in, (unsigned int)inl);
@ -210,7 +217,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
}
ret = -1;
if (EVP_DigestVerifyFinal(&ctx, signature->data,
if (EVP_DigestVerifyFinal(ctx, signature->data,
(size_t)signature->length) <= 0) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
ret = 0;
@ -218,6 +225,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
}
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return (ret);
}

4
crypto/cmac/cm_pmeth.c
View file

@ -101,7 +101,7 @@ static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
if (!CMAC_Update(ctx->pctx->data, data, count))
if (!CMAC_Update(EVP_MD_CTX_pkey_ctx(ctx)->data, data, count))
return 0;
return 1;
}
@ -109,7 +109,7 @@ static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
{
EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
mctx->update = int_update;
EVP_MD_CTX_set_update_fn(mctx, int_update);
return 1;
}

3
crypto/cms/cms_asn1.c
View file

@ -95,8 +95,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
EVP_PKEY_free(si->pkey);
X509_free(si->signer);
if (si->pctx)
EVP_MD_CTX_cleanup(&si->mctx);
EVP_MD_CTX_destroy(si->mctx);
}
return 1;
}

14
crypto/cms/cms_dd.c
View file

@ -99,19 +99,23 @@ BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms)
int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
{
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
int r = 0;
CMS_DigestedData *dd;
EVP_MD_CTX_init(&mctx);
if (mctx == NULL) {
CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL, ERR_R_MALLOC_FAILURE);
goto err;
}
dd = cms->d.digestedData;
if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
if (EVP_DigestFinal_ex(mctx, md, &mdlen) <= 0)
goto err;
if (verify) {
@ -133,7 +137,7 @@ int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
}
err:
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return r;

2
crypto/cms/cms_lcl.h
View file

@ -137,7 +137,7 @@ struct CMS_SignerInfo_st {
X509 *signer;
EVP_PKEY *pkey;
/* Digest and public key context for alternative parameters */
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx;
EVP_PKEY_CTX *pctx;
};

53
crypto/cms/cms_sd.c
View file

@ -287,9 +287,14 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
si->pkey = pk;
si->signer = signer;
EVP_MD_CTX_init(&si->mctx);
si->mctx = EVP_MD_CTX_create();
si->pctx = NULL;
if (si->mctx == NULL) {
CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
goto err;
}
if (flags & CMS_USE_KEYID) {
si->version = 3;
if (sd->version < 3)
@ -387,7 +392,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
goto err;
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
} else if (EVP_DigestSignInit(&si->mctx, &si->pctx, md, NULL, pk) <=
} else if (EVP_DigestSignInit(si->mctx, &si->pctx, md, NULL, pk) <=
0)
goto err;
}
@ -444,7 +449,7 @@ EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si)
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si)
{
return &si->mctx;
return si->mctx;
}
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
@ -571,17 +576,21 @@ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si)
static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
CMS_SignerInfo *si, BIO *chain)
{
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
int r = 0;
EVP_PKEY_CTX *pctx = NULL;
EVP_MD_CTX_init(&mctx);
if (mctx == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!si->pkey) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
return 0;
}
if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
/* Set SignerInfo algortihm details if we used custom parametsr */
if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
@ -596,7 +605,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
cms->d.signedData->encapContentInfo->eContentType;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
goto err;
if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING, md, mdlen))
@ -613,7 +622,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
pctx = si->pctx;
if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
goto err;
siglen = EVP_PKEY_size(si->pkey);
sig = OPENSSL_malloc(siglen);
@ -634,7 +643,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
@ -645,7 +654,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
r = 1;
err:
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
EVP_PKEY_CTX_free(pctx);
return r;
@ -668,7 +677,7 @@ int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
int CMS_SignerInfo_sign(CMS_SignerInfo *si)
{
EVP_MD_CTX *mctx = &si->mctx;
EVP_MD_CTX *mctx = si->mctx;
EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen;
@ -734,7 +743,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
int CMS_SignerInfo_verify(CMS_SignerInfo *si)
{
EVP_MD_CTX *mctx = &si->mctx;
EVP_MD_CTX *mctx = NULL;
unsigned char *abuf = NULL;
int alen, r = -1;
const EVP_MD *md = NULL;
@ -747,7 +756,9 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
if (md == NULL)
return -1;
EVP_MD_CTX_init(mctx);
if (si->mctx == NULL)
si->mctx = EVP_MD_CTX_create();
mctx = si->mctx;
if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
goto err;
@ -806,12 +817,16 @@ BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
{
ASN1_OCTET_STRING *os = NULL;
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
EVP_PKEY_CTX *pkctx = NULL;
int r = -1;
unsigned char mval[EVP_MAX_MD_SIZE];
unsigned int mlen;
EVP_MD_CTX_init(&mctx);
if (mctx == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, ERR_R_MALLOC_FAILURE);
goto err;
}
/* If we have any signed attributes look for messageDigest value */
if (CMS_signed_get_attr_count(si) >= 0) {
os = CMS_signed_get0_data_by_OBJ(si,
@ -824,10 +839,10 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
}
}
if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0) {
if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
goto err;
@ -849,7 +864,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
} else
r = 1;
} else {
const EVP_MD *md = EVP_MD_CTX_md(&mctx);
const EVP_MD *md = EVP_MD_CTX_md(mctx);
pkctx = EVP_PKEY_CTX_new(si->pkey, NULL);
if (pkctx == NULL)
goto err;
@ -871,7 +886,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
err:
EVP_PKEY_CTX_free(pkctx);
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return r;
}

18
crypto/dh/dh_kdf.c
View file

@ -144,7 +144,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
ASN1_OBJECT *key_oid,
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
{
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = NULL;
int rv = 0;
unsigned int i;
size_t mdlen;
@ -152,31 +152,33 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
int derlen;
if (Zlen > DH_KDF_MAX)
return 0;
mctx = EVP_MD_CTX_create();
if (mctx == NULL)
return 0;
mdlen = EVP_MD_size(md);
EVP_MD_CTX_init(&mctx);
derlen = dh_sharedinfo_encode(&der, &ctr, key_oid, outlen, ukm, ukmlen);
if (derlen == 0)
goto err;
for (i = 1;; i++) {
unsigned char mtmp[EVP_MAX_MD_SIZE];
EVP_DigestInit_ex(&mctx, md, NULL);
if (!EVP_DigestUpdate(&mctx, Z, Zlen))
EVP_DigestInit_ex(mctx, md, NULL);
if (!EVP_DigestUpdate(mctx, Z, Zlen))
goto err;
ctr[3] = i & 0xFF;
ctr[2] = (i >> 8) & 0xFF;
ctr[1] = (i >> 16) & 0xFF;
ctr[0] = (i >> 24) & 0xFF;
if (!EVP_DigestUpdate(&mctx, der, derlen))
if (!EVP_DigestUpdate(mctx, der, derlen))
goto err;
if (outlen >= mdlen) {
if (!EVP_DigestFinal(&mctx, out, NULL))
if (!EVP_DigestFinal(mctx, out, NULL))
goto err;
outlen -= mdlen;
if (outlen == 0)
break;
out += mdlen;
} else {
if (!EVP_DigestFinal(&mctx, mtmp, NULL))
if (!EVP_DigestFinal(mctx, mtmp, NULL))
goto err;
memcpy(out, mtmp, outlen);
OPENSSL_cleanse(mtmp, mdlen);
@ -186,7 +188,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
rv = 1;
err:
OPENSSL_free(der);
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return rv;
}
#endif

19
crypto/dsa/dsa_gen.c
View file

@ -360,10 +360,11 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
int counter = 0;
int r = 0;
BN_CTX *ctx = NULL;
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
unsigned int h = 2;
EVP_MD_CTX_init(&mctx);
if (mctx == NULL)
goto err;
if (evpmd == NULL) {
if (N == 160)
@ -374,7 +375,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
evpmd = EVP_sha256();
}
mdsize = M_EVP_MD_size(evpmd);
mdsize = EVP_MD_size(evpmd);
/* If unverificable g generation only don't need seed */
if (!ret->p || !ret->q || idx >= 0) {
if (seed_len == 0)
@ -582,15 +583,15 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
md[0] = idx & 0xff;
md[1] = (h >> 8) & 0xff;
md[2] = h & 0xff;
if (!EVP_DigestInit_ex(&mctx, evpmd, NULL))
if (!EVP_DigestInit_ex(mctx, evpmd, NULL))
goto err;
if (!EVP_DigestUpdate(&mctx, seed_tmp, seed_len))
if (!EVP_DigestUpdate(mctx, seed_tmp, seed_len))
goto err;
if (!EVP_DigestUpdate(&mctx, ggen, sizeof(ggen)))
if (!EVP_DigestUpdate(mctx, ggen, sizeof(ggen)))
goto err;
if (!EVP_DigestUpdate(&mctx, md, 3))
if (!EVP_DigestUpdate(mctx, md, 3))
goto err;
if (!EVP_DigestFinal_ex(&mctx, md, NULL))
if (!EVP_DigestFinal_ex(mctx, md, NULL))
goto err;
if (!BN_bin2bn(md, mdsize, test))
goto err;
@ -639,7 +640,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
BN_CTX_end(ctx);
BN_CTX_free(ctx);
BN_MONT_CTX_free(mont);
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return ok;
}

20
crypto/ecdh/ech_kdf.c
View file

@ -64,7 +64,7 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
const unsigned char *sinfo, size_t sinfolen,
const EVP_MD *md)
{
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = NULL;
int rv = 0;
unsigned int i;
size_t mdlen;
@ -72,30 +72,32 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX
|| Zlen > ECDH_KDF_MAX)
return 0;
mctx = EVP_MD_CTX_create();
if (mctx == NULL)
return 0;
mdlen = EVP_MD_size(md);
EVP_MD_CTX_init(&mctx);
for (i = 1;; i++) {
unsigned char mtmp[EVP_MAX_MD_SIZE];
EVP_DigestInit_ex(&mctx, md, NULL);
EVP_DigestInit_ex(mctx, md, NULL);
ctr[3] = i & 0xFF;
ctr[2] = (i >> 8) & 0xFF;
ctr[1] = (i >> 16) & 0xFF;
ctr[0] = (i >> 24) & 0xFF;
if (!EVP_DigestUpdate(&mctx, Z, Zlen))
if (!EVP_DigestUpdate(mctx, Z, Zlen))
goto err;
if (!EVP_DigestUpdate(&mctx, ctr, sizeof(ctr)))
if (!EVP_DigestUpdate(mctx, ctr, sizeof(ctr)))
goto err;
if (!EVP_DigestUpdate(&mctx, sinfo, sinfolen))
if (!EVP_DigestUpdate(mctx, sinfo, sinfolen))
goto err;
if (outlen >= mdlen) {
if (!EVP_DigestFinal(&mctx, out, NULL))
if (!EVP_DigestFinal(mctx, out, NULL))
goto err;
outlen -= mdlen;
if (outlen == 0)
break;
out += mdlen;
} else {
if (!EVP_DigestFinal(&mctx, mtmp, NULL))
if (!EVP_DigestFinal(mctx, mtmp, NULL))
goto err;
memcpy(out, mtmp, outlen);
OPENSSL_cleanse(mtmp, mdlen);
@ -104,6 +106,6 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
}
rv = 1;
err:
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return rv;
}

6
crypto/engine/eng_openssl.c
View file

@ -334,7 +334,7 @@ static int test_sha1_init(EVP_MD_CTX *ctx)
# ifdef TEST_ENG_OPENSSL_SHA_P_INIT
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
# endif
return SHA1_Init(ctx->md_data);
return SHA1_Init(EVP_MD_CTX_md_data(ctx));
}
static int test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
@ -342,7 +342,7 @@ static int test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
# ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
# endif
return SHA1_Update(ctx->md_data, data, count);
return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
@ -350,7 +350,7 @@ static int test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
# ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
# endif
return SHA1_Final(md, ctx->md_data);
return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD test_sha_md = {

6
crypto/evp/m_md4.c
View file

@ -71,17 +71,17 @@
static int init(EVP_MD_CTX *ctx)
{
return MD4_Init(ctx->md_data);
return MD4_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return MD4_Update(ctx->md_data, data, count);
return MD4_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return MD4_Final(md, ctx->md_data);
return MD4_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD md4_md = {

6
crypto/evp/m_md5.c
View file

@ -71,17 +71,17 @@
static int init(EVP_MD_CTX *ctx)
{
return MD5_Init(ctx->md_data);
return MD5_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return MD5_Update(ctx->md_data, data, count);
return MD5_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return MD5_Final(md, ctx->md_data);
return MD5_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD md5_md = {

8
crypto/evp/m_md5_sha1.c
View file

@ -71,7 +71,7 @@ struct md5_sha1_ctx {
static int init(EVP_MD_CTX *ctx)
{
struct md5_sha1_ctx *mctx = ctx->md_data;
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Init(&mctx->md5))
return 0;
return SHA1_Init(&mctx->sha1);
@ -79,7 +79,7 @@ static int init(EVP_MD_CTX *ctx)
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
struct md5_sha1_ctx *mctx = ctx->md_data;
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Update(&mctx->md5, data, count))
return 0;
return SHA1_Update(&mctx->sha1, data, count);
@ -87,7 +87,7 @@ static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
struct md5_sha1_ctx *mctx = ctx->md_data;
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Final(md, &mctx->md5))
return 0;
return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1);
@ -98,7 +98,7 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
unsigned char padtmp[48];
unsigned char md5tmp[MD5_DIGEST_LENGTH];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
struct md5_sha1_ctx *mctx = ctx->md_data;
struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return 0;

6
crypto/evp/m_mdc2.c
View file

@ -71,17 +71,17 @@
static int init(EVP_MD_CTX *ctx)
{
return MDC2_Init(ctx->md_data);
return MDC2_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return MDC2_Update(ctx->md_data, data, count);
return MDC2_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return MDC2_Final(md, ctx->md_data);
return MDC2_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD mdc2_md = {

6
crypto/evp/m_ripemd.c
View file

@ -71,17 +71,17 @@
static int init(EVP_MD_CTX *ctx)
{
return RIPEMD160_Init(ctx->md_data);
return RIPEMD160_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return RIPEMD160_Update(ctx->md_data, data, count);
return RIPEMD160_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return RIPEMD160_Final(md, ctx->md_data);
return RIPEMD160_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD ripemd160_md = {

24
crypto/evp/m_sha1.c
View file

@ -68,17 +68,17 @@
static int init(EVP_MD_CTX *ctx)
{
return SHA1_Init(ctx->md_data);
return SHA1_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return SHA1_Update(ctx->md_data, data, count);
return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return SHA1_Final(md, ctx->md_data);
return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
}
static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
@ -86,7 +86,7 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
unsigned char padtmp[40];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
SHA_CTX *sha1 = ctx->md_data;
SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx);
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return 0;
@ -157,12 +157,12 @@ const EVP_MD *EVP_sha1(void)
static int init224(EVP_MD_CTX *ctx)
{
return SHA224_Init(ctx->md_data);
return SHA224_Init(EVP_MD_CTX_md_data(ctx));
}
static int init256(EVP_MD_CTX *ctx)
{
return SHA256_Init(ctx->md_data);
return SHA256_Init(EVP_MD_CTX_md_data(ctx));
}
/*
@ -172,12 +172,12 @@ static int init256(EVP_MD_CTX *ctx)
*/
static int update256(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return SHA256_Update(ctx->md_data, data, count);
return SHA256_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final256(EVP_MD_CTX *ctx, unsigned char *md)
{
return SHA256_Final(md, ctx->md_data);
return SHA256_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD sha224_md = {
@ -220,23 +220,23 @@ const EVP_MD *EVP_sha256(void)
static int init384(EVP_MD_CTX *ctx)
{
return SHA384_Init(ctx->md_data);
return SHA384_Init(EVP_MD_CTX_md_data(ctx));
}
static int init512(EVP_MD_CTX *ctx)
{
return SHA512_Init(ctx->md_data);
return SHA512_Init(EVP_MD_CTX_md_data(ctx));
}
/* See comment in SHA224/256 section */
static int update512(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return SHA512_Update(ctx->md_data, data, count);
return SHA512_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final512(EVP_MD_CTX *ctx, unsigned char *md)
{
return SHA512_Final(md, ctx->md_data);
return SHA512_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD sha384_md = {

6
crypto/evp/m_wp.c
View file

@ -12,17 +12,17 @@
static int init(EVP_MD_CTX *ctx)
{
return WHIRLPOOL_Init(ctx->md_data);
return WHIRLPOOL_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return WHIRLPOOL_Update(ctx->md_data, data, count);
return WHIRLPOOL_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return WHIRLPOOL_Final(md, ctx->md_data);
return WHIRLPOOL_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD whirlpool_md = {

10
crypto/pem/pem_seal.c
View file

@ -93,8 +93,8 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
EVP_EncodeInit(&ctx->encode);
EVP_MD_CTX_init(&ctx->md);
if (!EVP_SignInit(&ctx->md, md_type))
ctx->md = EVP_MD_CTX_create();
if (!EVP_SignInit(ctx->md, md_type))
goto err;
EVP_CIPHER_CTX_init(&ctx->cipher);
@ -124,7 +124,7 @@ int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
int i, j;
*outl = 0;
if (!EVP_SignUpdate(&ctx->md, in, inl))
if (!EVP_SignUpdate(ctx->md, in, inl))
return 0;
for (;;) {
if (inl <= 0)
@ -172,13 +172,13 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
EVP_EncodeFinal(&ctx->encode, out, &j);
*outl += j;
if (!EVP_SignFinal(&ctx->md, s, &i, priv))
if (!EVP_SignFinal(ctx->md, s, &i, priv))
goto err;
*sigl = EVP_EncodeBlock(sig, s, i);
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx->md);
EVP_MD_CTX_destroy(ctx->md);
EVP_CIPHER_CTX_cleanup(&ctx->cipher);
OPENSSL_free(s);
return (ret);

14
crypto/pem/pvkfmt.c
View file

@ -650,16 +650,16 @@ static int derive_pvk_key(unsigned char *key,
const unsigned char *salt, unsigned int saltlen,
const unsigned char *pass, int passlen)
{
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx = EVP_MD_CTX_create();;
int rv = 1;
EVP_MD_CTX_init(&mctx);
if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
|| !EVP_DigestUpdate(&mctx, salt, saltlen)
|| !EVP_DigestUpdate(&mctx, pass, passlen)
|| !EVP_DigestFinal_ex(&mctx, key, NULL))
if (mctx == NULL
|| !EVP_DigestInit_ex(mctx, EVP_sha1(), NULL)
|| !EVP_DigestUpdate(mctx, salt, saltlen)
|| !EVP_DigestUpdate(mctx, pass, passlen)
|| !EVP_DigestFinal_ex(mctx, key, NULL))
rv = 0;
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return rv;
}

23
crypto/pkcs12/p12_key.c
View file

@ -109,13 +109,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
int i, j, u, v;
int ret = 0;
BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx;
#ifdef DEBUG_KEYGEN
unsigned char *tmpout = out;
int tmpn = n;
#endif
EVP_MD_CTX_init(&ctx);
ctx = EVP_MD_CTX_create();
if (ctx == NULL)
goto err;
#ifdef DEBUG_KEYGEN
fprintf(stderr, "KEYGEN DEBUG\n");
fprintf(stderr, "ID %d, ITER %d\n", id, iter);
@ -151,15 +154,15 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
for (i = 0; i < Plen; i++)
*p++ = pass[i % passlen];
for (;;) {
if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
|| !EVP_DigestUpdate(&ctx, D, v)
|| !EVP_DigestUpdate(&ctx, I, Ilen)
|| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
if (!EVP_DigestInit_ex(ctx, md_type, NULL)
|| !EVP_DigestUpdate(ctx, D, v)
|| !EVP_DigestUpdate(ctx, I, Ilen)
|| !EVP_DigestFinal_ex(ctx, Ai, NULL))
goto err;
for (j = 1; j < iter; j++) {
if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
|| !EVP_DigestUpdate(&ctx, Ai, u)
|| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
if (!EVP_DigestInit_ex(ctx, md_type, NULL)
|| !EVP_DigestUpdate(ctx, Ai, u)
|| !EVP_DigestFinal_ex(ctx, Ai, NULL))
goto err;
}
memcpy(out, Ai, min(n, u));
@ -215,7 +218,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
OPENSSL_free(I);
BN_free(Ij);
BN_free(Bpl1);
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return ret;
}

58
crypto/pkcs7/pk7_doit.c
View file

@ -692,7 +692,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
int i, j;
BIO *btmp;
PKCS7_SIGNER_INFO *si;
EVP_MD_CTX *mdc, ctx_tmp;
EVP_MD_CTX *mdc, *ctx_tmp;
STACK_OF(X509_ATTRIBUTE) *sk;
STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
ASN1_OCTET_STRING *os = NULL;
@ -707,7 +707,12 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
return 0;
}
EVP_MD_CTX_init(&ctx_tmp);
ctx_tmp = EVP_MD_CTX_create();
if (ctx_tmp == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
return 0;
}
i = OBJ_obj2nid(p7->type);
p7->state = PKCS7_S_HEADER;
@ -784,7 +789,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/*
* We now have the EVP_MD_CTX, lets do the signing.
*/
if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
if (!EVP_MD_CTX_copy_ex(ctx_tmp, mdc))
goto err;
sk = si->auth_attr;
@ -794,7 +799,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
* sign the attributes
*/
if (sk_X509_ATTRIBUTE_num(sk) > 0) {
if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
if (!do_pkcs7_signed_attrib(si, ctx_tmp))
goto err;
} else {
unsigned char *abuf = NULL;
@ -804,7 +809,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if (abuf == NULL)
goto err;
if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) {
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
goto err;
}
@ -849,13 +854,13 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
}
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx_tmp);
EVP_MD_CTX_destroy(ctx_tmp);
return (ret);
}
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
{
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx;
EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen;
@ -866,8 +871,13 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
if (md == NULL)
return 0;
EVP_MD_CTX_init(&mctx);
if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
mctx = EVP_MD_CTX_create();
if (mctx == NULL) {
PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
@ -880,16 +890,16 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
if (!abuf)
goto err;
if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
goto err;
OPENSSL_free(abuf);
abuf = NULL;
if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
goto err;
abuf = OPENSSL_malloc(siglen);
if (abuf == NULL)
goto err;
if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
@ -898,7 +908,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
goto err;
}
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
ASN1_STRING_set0(si->enc_digest, abuf, siglen);
@ -906,7 +916,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
err:
OPENSSL_free(abuf);
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return 0;
}
@ -972,14 +982,18 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
X509 *x509)
{
ASN1_OCTET_STRING *os;
EVP_MD_CTX mdc_tmp, *mdc;
EVP_MD_CTX *mdc_tmp, *mdc;
int ret = 0, i;
int md_type;
STACK_OF(X509_ATTRIBUTE) *sk;
BIO *btmp;
EVP_PKEY *pkey;
EVP_MD_CTX_init(&mdc_tmp);
mdc_tmp = EVP_MD_CTX_create();
if (mdc_tmp == NULL) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
@ -1016,7 +1030,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
* mdc is the digest ctx that we want, unless there are attributes, in
* which case the digest is the signed attributes
*/
if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
if (!EVP_MD_CTX_copy_ex(mdc_tmp, mdc))
goto err;
sk = si->auth_attr;
@ -1026,7 +1040,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
int alen;
ASN1_OCTET_STRING *message_digest;
if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
if (!EVP_DigestFinal_ex(mdc_tmp, md_dat, &md_len))
goto err;
message_digest = PKCS7_digest_from_attributes(sk);
if (!message_digest) {
@ -1041,7 +1055,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
goto err;
}
if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
if (!EVP_VerifyInit_ex(mdc_tmp, EVP_get_digestbynid(md_type), NULL))
goto err;
alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
@ -1051,7 +1065,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
ret = -1;
goto err;
}
if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen))
goto err;
OPENSSL_free(abuf);
@ -1064,7 +1078,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
goto err;
}
i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
i = EVP_VerifyFinal(mdc_tmp, os->data, os->length, pkey);
EVP_PKEY_free(pkey);
if (i <= 0) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
@ -1073,7 +1087,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
}
ret = 1;
err:
EVP_MD_CTX_cleanup(&mdc_tmp);
EVP_MD_CTX_destroy(mdc_tmp);
return (ret);
}

72
crypto/rand/md_rand.c
View file

@ -212,7 +212,7 @@ static int rand_add(const void *buf, int num, double add)
int i, j, k, st_idx;
long md_c[2];
unsigned char local_md[MD_DIGEST_LENGTH];
EVP_MD_CTX m;
EVP_MD_CTX *m;
int do_not_lock;
int rv = 0;
@ -234,7 +234,10 @@ static int rand_add(const void *buf, int num, double add)
* hash function.
*/
EVP_MD_CTX_init(&m);
m = EVP_MD_CTX_create();
if (m == NULL)
goto err;
/* check if we already have the lock */
if (crypto_lock_rand) {
CRYPTO_THREADID cur;
@ -284,21 +287,21 @@ static int rand_add(const void *buf, int num, double add)
j = (num - i);
j = (j > MD_DIGEST_LENGTH) ? MD_DIGEST_LENGTH : j;
if (!MD_Init(&m))
if (!MD_Init(m))
goto err;
if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH))
if (!MD_Update(m, local_md, MD_DIGEST_LENGTH))
goto err;
k = (st_idx + j) - STATE_SIZE;
if (k > 0) {
if (!MD_Update(&m, &(state[st_idx]), j - k))
if (!MD_Update(m, &(state[st_idx]), j - k))
goto err;
if (!MD_Update(&m, &(state[0]), k))
if (!MD_Update(m, &(state[0]), k))
goto err;
} else if (!MD_Update(&m, &(state[st_idx]), j))
} else if (!MD_Update(m, &(state[st_idx]), j))
goto err;
/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
if (!MD_Update(&m, buf, j))
if (!MD_Update(m, buf, j))
goto err;
/*
* We know that line may cause programs such as purify and valgrind
@ -308,9 +311,9 @@ static int rand_add(const void *buf, int num, double add)
* insecure keys.
*/
if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
if (!MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
goto err;
if (!MD_Final(&m, local_md))
if (!MD_Final(m, local_md))
goto err;
md_c[1]++;
@ -352,7 +355,7 @@ static int rand_add(const void *buf, int num, double add)
#endif
rv = 1;
err:
EVP_MD_CTX_cleanup(&m);
EVP_MD_CTX_destroy(m);
return rv;
}
@ -369,7 +372,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
int ok;
long md_c[2];
unsigned char local_md[MD_DIGEST_LENGTH];
EVP_MD_CTX m;
EVP_MD_CTX *m;
#ifndef GETPID_IS_MEANINGLESS
pid_t curr_pid = getpid();
#endif
@ -409,7 +412,10 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
if (num <= 0)
return 1;
EVP_MD_CTX_init(&m);
m = EVP_MD_CTX_create();
if (m == NULL)
goto err_mem;
/* round upwards to multiple of MD_DIGEST_LENGTH/2 */
num_ceil =
(1 + (num - 1) / (MD_DIGEST_LENGTH / 2)) * (MD_DIGEST_LENGTH / 2);
@ -523,26 +529,26 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
/* num_ceil -= MD_DIGEST_LENGTH/2 */
j = (num >= MD_DIGEST_LENGTH / 2) ? MD_DIGEST_LENGTH / 2 : num;
num -= j;
if (!MD_Init(&m))
if (!MD_Init(m))
goto err;
#ifndef GETPID_IS_MEANINGLESS
if (curr_pid) { /* just in the first iteration to save time */
if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid))
if (!MD_Update(m, (unsigned char *)&curr_pid, sizeof curr_pid))
goto err;
curr_pid = 0;
}
#endif
if (curr_time) { /* just in the first iteration to save time */
if (!MD_Update(&m, (unsigned char *)&curr_time, sizeof curr_time))
if (!MD_Update(m, (unsigned char *)&curr_time, sizeof curr_time))
goto err;
if (!MD_Update(&m, (unsigned char *)&tv, sizeof tv))
if (!MD_Update(m, (unsigned char *)&tv, sizeof tv))
goto err;
curr_time = 0;
rand_hw_seed(&m);
rand_hw_seed(m);
}
if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH))
if (!MD_Update(m, local_md, MD_DIGEST_LENGTH))
goto err;
if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
if (!MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
goto err;
#ifndef PURIFY /* purify complains */
@ -553,19 +559,19 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
* builds it is not used: the removal of such a small source of
* entropy has negligible impact on security.
*/
if (!MD_Update(&m, buf, j))
if (!MD_Update(m, buf, j))
goto err;
#endif
k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
if (k > 0) {
if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k))
if (!MD_Update(m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k))
goto err;
if (!MD_Update(&m, &(state[0]), k))
if (!MD_Update(m, &(state[0]), k))
goto err;
} else if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2))
} else if (!MD_Update(m, &(state[st_idx]), MD_DIGEST_LENGTH / 2))
goto err;
if (!MD_Final(&m, local_md))
if (!MD_Final(m, local_md))
goto err;
for (i = 0; i < MD_DIGEST_LENGTH / 2; i++) {
@ -578,23 +584,23 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
}
}
if (!MD_Init(&m)
|| !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c))
|| !MD_Update(&m, local_md, MD_DIGEST_LENGTH))
if (!MD_Init(m)
|| !MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c))
|| !MD_Update(m, local_md, MD_DIGEST_LENGTH))
goto err;
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
/*
* Prevent deadlocks if we end up in an async engine
*/
ASYNC_block_pause();
if (!MD_Update(&m, md, MD_DIGEST_LENGTH) || !MD_Final(&m, md)) {
if (!MD_Update(m, md, MD_DIGEST_LENGTH) || !MD_Final(m, md)) {
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
goto err;
}
ASYNC_unblock_pause();
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
EVP_MD_CTX_cleanup(&m);
EVP_MD_CTX_destroy(m);
if (ok)
return (1);
else if (pseudo)
@ -606,8 +612,12 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo)
return (0);
}
err:
EVP_MD_CTX_cleanup(&m);
RANDerr(RAND_F_RAND_BYTES, ERR_R_EVP_LIB);
EVP_MD_CTX_destroy(m);
return 0;
err_mem:
RANDerr(RAND_F_RAND_BYTES, ERR_R_MALLOC_FAILURE);
EVP_MD_CTX_destroy(m);
return 0;
}

2
crypto/rsa/rsa_ameth.c
View file

@ -729,7 +729,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
ASN1_BIT_STRING *sig)
{
int pad_mode;
EVP_PKEY_CTX *pkctx = ctx->pctx;
EVP_PKEY_CTX *pkctx = EVP_MD_CTX_pkey_ctx(ctx);
if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
return 0;
if (pad_mode == RSA_PKCS1_PADDING)

19
crypto/rsa/rsa_oaep.c
View file

@ -242,13 +242,14 @@ int PKCS1_MGF1(unsigned char *mask, long len,
{
long i, outlen = 0;
unsigned char cnt[4];
EVP_MD_CTX c;
EVP_MD_CTX *c = EVP_MD_CTX_create();
unsigned char md[EVP_MAX_MD_SIZE];
int mdlen;
int rv = -1;
EVP_MD_CTX_init(&c);
mdlen = M_EVP_MD_size(dgst);
if (c == NULL)
goto err;
mdlen = EVP_MD_size(dgst);
if (mdlen < 0)
goto err;
for (i = 0; outlen < len; i++) {
@ -256,16 +257,16 @@ int PKCS1_MGF1(unsigned char *mask, long len,
cnt[1] = (unsigned char)((i >> 16) & 255);
cnt[2] = (unsigned char)((i >> 8)) & 255;
cnt[3] = (unsigned char)(i & 255);
if (!EVP_DigestInit_ex(&c, dgst, NULL)
|| !EVP_DigestUpdate(&c, seed, seedlen)
|| !EVP_DigestUpdate(&c, cnt, 4))
if (!EVP_DigestInit_ex(c, dgst, NULL)
|| !EVP_DigestUpdate(c, seed, seedlen)
|| !EVP_DigestUpdate(c, cnt, 4))
goto err;
if (outlen + mdlen <= len) {
if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
if (!EVP_DigestFinal_ex(c, mask + outlen, NULL))
goto err;
outlen += mdlen;
} else {
if (!EVP_DigestFinal_ex(&c, md, NULL))
if (!EVP_DigestFinal_ex(c, md, NULL))
goto err;
memcpy(mask + outlen, md, len - outlen);
outlen = len;
@ -273,6 +274,6 @@ int PKCS1_MGF1(unsigned char *mask, long len,
}
rv = 0;
err:
EVP_MD_CTX_cleanup(&c);
EVP_MD_CTX_destroy(c);
return rv;
}

41
crypto/rsa/rsa_pss.c
View file

@ -88,14 +88,17 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
int hLen, maskedDBLen, MSBits, emLen;
const unsigned char *H;
unsigned char *DB = NULL;
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
unsigned char H_[EVP_MAX_MD_SIZE];
EVP_MD_CTX_init(&ctx);
if (ctx == NULL)
goto err;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
hLen = M_EVP_MD_size(Hash);
hLen = EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*-
@ -153,15 +156,15 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
|| !EVP_DigestUpdate(&ctx, mHash, hLen))
if (!EVP_DigestInit_ex(ctx, Hash, NULL)
|| !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes)
|| !EVP_DigestUpdate(ctx, mHash, hLen))
goto err;
if (maskedDBLen - i) {
if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
if (!EVP_DigestUpdate(ctx, DB + i, maskedDBLen - i))
goto err;
}
if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
if (!EVP_DigestFinal_ex(ctx, H_, NULL))
goto err;
if (memcmp(H_, H, hLen)) {
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
@ -171,7 +174,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
err:
OPENSSL_free(DB);
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return ret;
@ -193,12 +196,12 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
unsigned char *H, *salt = NULL, *p;
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = NULL;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
hLen = M_EVP_MD_size(Hash);
hLen = EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*-
@ -241,16 +244,17 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
}
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx);
if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
|| !EVP_DigestUpdate(&ctx, mHash, hLen))
ctx = EVP_MD_CTX_create();
if (ctx == NULL)
goto err;
if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
if (!EVP_DigestInit_ex(ctx, Hash, NULL)
|| !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes)
|| !EVP_DigestUpdate(ctx, mHash, hLen))
goto err;
if (!EVP_DigestFinal_ex(&ctx, H, NULL))
if (sLen && !EVP_DigestUpdate(ctx, salt, sLen))
goto err;
if (!EVP_DigestFinal_ex(ctx, H, NULL))
goto err;
EVP_MD_CTX_cleanup(&ctx);
/* Generate dbMask in place then perform XOR on it */
if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
@ -278,6 +282,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
ret = 1;
err:
EVP_MD_CTX_destroy(ctx);
OPENSSL_free(salt);
return ret;

89
crypto/srp/srp_lib.c
View file

@ -70,31 +70,36 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
unsigned char digest[SHA_DIGEST_LENGTH];
unsigned char *tmp;
EVP_MD_CTX ctxt;
EVP_MD_CTX *ctxt = NULL;
int longg;
int longN = BN_num_bytes(N);
BIGNUM *res = NULL;
if (BN_ucmp(g, N) >= 0)
return NULL;
if ((tmp = OPENSSL_malloc(longN)) == NULL)
ctxt = EVP_MD_CTX_create();
if (ctxt == NULL)
return NULL;
if ((tmp = OPENSSL_malloc(longN)) == NULL)
goto err;
BN_bn2bin(N, tmp);
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, tmp, longN);
EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(ctxt, tmp, longN);
memset(tmp, 0, longN);
longg = BN_bn2bin(g, tmp);
/* use the zeros behind to pad on left */
EVP_DigestUpdate(&ctxt, tmp + longg, longN - longg);
EVP_DigestUpdate(&ctxt, tmp, longg);
EVP_DigestUpdate(ctxt, tmp + longg, longN - longg);
EVP_DigestUpdate(ctxt, tmp, longg);
OPENSSL_free(tmp);
EVP_DigestFinal_ex(&ctxt, digest, NULL);
EVP_MD_CTX_cleanup(&ctxt);
return BN_bin2bn(digest, sizeof(digest), NULL);
EVP_DigestFinal_ex(ctxt, digest, NULL);
res = BN_bin2bn(digest, sizeof(digest), NULL);
err:
EVP_MD_CTX_destroy(ctxt);
return res;
}
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
@ -104,7 +109,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
BIGNUM *u;
unsigned char cu[SHA_DIGEST_LENGTH];
unsigned char *cAB;
EVP_MD_CTX ctxt;
EVP_MD_CTX *ctxt = NULL;
int longN;
if ((A == NULL) || (B == NULL) || (N == NULL))
return NULL;
@ -114,25 +119,30 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
longN = BN_num_bytes(N);
if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
ctxt = EVP_MD_CTX_create();
if (ctxt == NULL)
return NULL;
if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
goto err;
memset(cAB, 0, longN);
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
EVP_DigestUpdate(ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
OPENSSL_free(cAB);
EVP_DigestFinal_ex(&ctxt, cu, NULL);
EVP_MD_CTX_cleanup(&ctxt);
EVP_DigestFinal_ex(ctxt, cu, NULL);
if ((u = BN_bin2bn(cu, sizeof(cu), NULL)) == NULL)
return NULL;
if (!BN_is_zero(u))
return u;
BN_free(u);
return NULL;
goto err;
if (BN_is_zero(u)) {
BN_free(u);
u = NULL;
}
err:
EVP_MD_CTX_destroy(ctxt);
return u;
}
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
@ -196,31 +206,36 @@ BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
{
unsigned char dig[SHA_DIGEST_LENGTH];
EVP_MD_CTX ctxt;
EVP_MD_CTX *ctxt;
unsigned char *cs;
BIGNUM *res = NULL;
if ((s == NULL) || (user == NULL) || (pass == NULL))
return NULL;
if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
ctxt = EVP_MD_CTX_create();
if (ctxt == NULL)
return NULL;
if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
goto err;
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, user, strlen(user));
EVP_DigestUpdate(&ctxt, ":", 1);
EVP_DigestUpdate(&ctxt, pass, strlen(pass));
EVP_DigestFinal_ex(&ctxt, dig, NULL);
EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(ctxt, user, strlen(user));
EVP_DigestUpdate(ctxt, ":", 1);
EVP_DigestUpdate(ctxt, pass, strlen(pass));
EVP_DigestFinal_ex(ctxt, dig, NULL);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
BN_bn2bin(s, cs);
EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s));
OPENSSL_free(cs);
EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
EVP_DigestFinal_ex(&ctxt, dig, NULL);
EVP_MD_CTX_cleanup(&ctxt);
EVP_DigestUpdate(ctxt, dig, sizeof(dig));
EVP_DigestFinal_ex(ctxt, dig, NULL);
return BN_bin2bn(dig, sizeof(dig), NULL);
res = BN_bin2bn(dig, sizeof(dig), NULL);
err:
EVP_MD_CTX_destroy(ctxt);
return res;
}
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)

22
crypto/srp/srp_vfy.c
View file

@ -474,7 +474,7 @@ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
SRP_user_pwd *user;
unsigned char digv[SHA_DIGEST_LENGTH];
unsigned char digs[SHA_DIGEST_LENGTH];
EVP_MD_CTX ctxt;
EVP_MD_CTX *ctxt = NULL;
if (vb == NULL)
return NULL;
@ -499,18 +499,20 @@ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
if (RAND_bytes(digv, SHA_DIGEST_LENGTH) <= 0)
goto err;
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
EVP_DigestUpdate(&ctxt, username, strlen(username));
EVP_DigestFinal_ex(&ctxt, digs, NULL);
EVP_MD_CTX_cleanup(&ctxt);
if (SRP_user_pwd_set_sv_BN
(user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
ctxt = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(ctxt, vb->seed_key, strlen(vb->seed_key));
EVP_DigestUpdate(ctxt, username, strlen(username));
EVP_DigestFinal_ex(ctxt, digs, NULL);
EVP_MD_CTX_destroy(ctxt);
ctxt = NULL;
if (SRP_user_pwd_set_sv_BN(user,
BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
return user;
err:
EVP_MD_CTX_destroy(ctxt);
SRP_user_pwd_free(user);
return NULL;
}

15
crypto/ts/ts_rsp_verify.c
View file

@ -529,7 +529,7 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
TS_MSG_IMPRINT *msg_imprint = tst_info->msg_imprint;
X509_ALGOR *md_alg_resp = msg_imprint->hash_algo;
const EVP_MD *md;
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx = NULL;
unsigned char buffer[4096];
int length;
@ -551,17 +551,24 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
goto err;
}
if (!EVP_DigestInit(&md_ctx, md))
md_ctx = EVP_MD_CTX_create();
if (md_ctx == NULL) {
TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_DigestInit(md_ctx, md))
goto err;
while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
if (!EVP_DigestUpdate(&md_ctx, buffer, length))
if (!EVP_DigestUpdate(md_ctx, buffer, length))
goto err;
}
if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
if (!EVP_DigestFinal(md_ctx, *imprint, NULL))
goto err;
EVP_MD_CTX_destroy(md_ctx);
return 1;
err:
EVP_MD_CTX_destroy(md_ctx);
X509_ALGOR_free(*md_alg);
OPENSSL_free(*imprint);
*imprint_len = 0;

33
crypto/x509/x509_cmp.c
View file

@ -82,28 +82,29 @@ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
unsigned long X509_issuer_and_serial_hash(X509 *a)
{
unsigned long ret = 0;
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
unsigned char md[16];
char *f;
EVP_MD_CTX_init(&ctx);
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
if (ctx == NULL)
goto err;
if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))
goto err;
if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f)))
goto err;
OPENSSL_free(f);
if (!EVP_DigestUpdate
(&ctx, (unsigned char *)a->cert_info.serialNumber.data,
(ctx, (unsigned char *)a->cert_info.serialNumber.data,
(unsigned long)a->cert_info.serialNumber.length))
goto err;
if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
if (!EVP_DigestFinal_ex(ctx, &(md[0]), NULL))
goto err;
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
err:
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return (ret);
}
#endif
@ -248,21 +249,23 @@ unsigned long X509_NAME_hash(X509_NAME *x)
unsigned long X509_NAME_hash_old(X509_NAME *x)
{
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
unsigned long ret = 0;
unsigned char md[16];
if (md_ctx == NULL)
return ret;
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x, NULL);
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
&& EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
&& EVP_DigestFinal_ex(&md_ctx, md, NULL))
EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
if (EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL)
&& EVP_DigestUpdate(md_ctx, x->bytes->data, x->bytes->length)
&& EVP_DigestFinal_ex(md_ctx, md, NULL))
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
return (ret);
}

15
engines/ccgost/gost_crypt.c
View file

@ -500,7 +500,7 @@ int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
int gost_imit_init_cpa(EVP_MD_CTX *ctx)
{
struct ossl_gost_imit_ctx *c = ctx->md_data;
struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
memset(c->buffer, 0, sizeof(c->buffer));
memset(c->partial_block, 0, sizeof(c->partial_block));
c->count = 0;
@ -529,7 +529,7 @@ static void mac_block_mesh(struct ossl_gost_imit_ctx *c,
int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
struct ossl_gost_imit_ctx *c = ctx->md_data;
struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
const unsigned char *p = data;
size_t bytes = count, i;
if (!(c->key_set)) {
@ -561,7 +561,7 @@ int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
{
struct ossl_gost_imit_ctx *c = ctx->md_data;
struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
if (!c->key_set) {
GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
return 0;
@ -595,9 +595,9 @@ int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
return 0;
}
gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
gost_key(&(((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->cctx),
ptr);
((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->key_set = 1;
return 1;
}
@ -608,13 +608,14 @@ int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx));
memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from),
sizeof(struct ossl_gost_imit_ctx));
return 1;
}
/* Clean up imit ctx */
int gost_imit_cleanup(EVP_MD_CTX *ctx)
{
memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx));
memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_imit_ctx));
return 1;
}

16
engines/ccgost/gost_md.c
View file

@ -36,7 +36,7 @@ EVP_MD digest_gost = {
int gost_digest_init(EVP_MD_CTX *ctx)
{
struct ossl_gost_digest_ctx *c = ctx->md_data;
struct ossl_gost_digest_ctx *c = EVP_MD_CTX_md_data(ctx);
memset(&(c->dctx), 0, sizeof(gost_hash_ctx));
gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet);
c->dctx.cipher_ctx = &(c->cctx);
@ -45,20 +45,20 @@ int gost_digest_init(EVP_MD_CTX *ctx)
int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return hash_block((gost_hash_ctx *) ctx->md_data, data, count);
return hash_block((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), data, count);
}
int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
{
return finish_hash((gost_hash_ctx *) ctx->md_data, md);
return finish_hash((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), md);
}
int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
struct ossl_gost_digest_ctx *md_ctx = to->md_data;
if (to->md_data && from->md_data) {
memcpy(to->md_data, from->md_data,
struct ossl_gost_digest_ctx *md_ctx = EVP_MD_CTX_md_data(to);
if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) {
memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from),
sizeof(struct ossl_gost_digest_ctx));
md_ctx->dctx.cipher_ctx = &(md_ctx->cctx);
}
@ -67,7 +67,7 @@ int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
int gost_digest_cleanup(EVP_MD_CTX *ctx)
{
if (ctx->md_data)
memset(ctx->md_data, 0, sizeof(struct ossl_gost_digest_ctx));
if (EVP_MD_CTX_md_data(ctx))
memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_digest_ctx));
return 1;
}

3
engines/ccgost/gost_pmeth.c
View file

@ -388,7 +388,8 @@ static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
} else {
key = &(data->key);
}
return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
return EVP_MD_CTX_md(mctx)->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY,
32, key);
}
}
return -2;

2
engines/e_dasync.c
View file

@ -259,7 +259,7 @@ static void dummy_pause_job(void) {
* implementation
*/
#undef data
#define data(ctx) ((SHA_CTX *)(ctx)->md_data)
#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
static int dasync_sha1_init(EVP_MD_CTX *ctx)
{
dummy_pause_job();

8
engines/e_ossltest.c
View file

@ -365,7 +365,7 @@ static void fill_known_data(unsigned char *md, unsigned int len)
* the same value.
*/
#undef data
#define data(ctx) ((MD5_CTX *)(ctx)->md_data)
#define data(ctx) ((MD5_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_md5_init(EVP_MD_CTX *ctx)
{
return MD5_Init(data(ctx));
@ -392,7 +392,7 @@ static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
* SHA1 implementation.
*/
#undef data
#define data(ctx) ((SHA_CTX *)(ctx)->md_data)
#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha1_init(EVP_MD_CTX *ctx)
{
return SHA1_Init(data(ctx));
@ -419,7 +419,7 @@ static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
* SHA256 implementation.
*/
#undef data
#define data(ctx) ((SHA256_CTX *)(ctx)->md_data)
#define data(ctx) ((SHA256_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha256_init(EVP_MD_CTX *ctx)
{
return SHA256_Init(data(ctx));
@ -446,7 +446,7 @@ static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
* SHA384/512 implementation.
*/
#undef data
#define data(ctx) ((SHA512_CTX *)(ctx)->md_data)
#define data(ctx) ((SHA512_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha384_init(EVP_MD_CTX *ctx)
{
return SHA384_Init(data(ctx));

6
include/openssl/hmac.h
View file

@ -70,9 +70,9 @@ extern "C" {
typedef struct hmac_ctx_st {
const EVP_MD *md;
EVP_MD_CTX md_ctx;
EVP_MD_CTX i_ctx;
EVP_MD_CTX o_ctx;
EVP_MD_CTX *md_ctx;
EVP_MD_CTX *i_ctx;
EVP_MD_CTX *o_ctx;
unsigned int key_length;
unsigned char key[HMAC_MAX_MD_CBLOCK];
} HMAC_CTX;

2
include/openssl/pem.h
View file

@ -104,7 +104,7 @@ extern "C" {
*/
typedef struct PEM_Encode_Seal_st {
EVP_ENCODE_CTX encode;
EVP_MD_CTX md;
EVP_MD_CTX *md;
EVP_CIPHER_CTX cipher;
} PEM_ENCODE_SEAL_CTX;

53
ssl/record/ssl3_record.c
View file

@ -791,7 +791,6 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
{
SSL3_RECORD *rec;
unsigned char *mac_sec, *seq;
EVP_MD_CTX md_ctx;
const EVP_MD_CTX *hash;
unsigned char *p, rec_char;
size_t md_size;
@ -855,30 +854,33 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
} else {
unsigned int md_size_u;
/* Chop the digest off the end :-) */
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
if (md_ctx == NULL)
return -1;
rec_char = rec->type;
p = md;
s2n(rec->length, p);
if (EVP_MD_CTX_copy_ex(&md_ctx, hash) <= 0
|| EVP_DigestUpdate(&md_ctx, mac_sec, md_size) <= 0
|| EVP_DigestUpdate(&md_ctx, ssl3_pad_1, npad) <= 0
|| EVP_DigestUpdate(&md_ctx, seq, 8) <= 0
|| EVP_DigestUpdate(&md_ctx, &rec_char, 1) <= 0
|| EVP_DigestUpdate(&md_ctx, md, 2) <= 0
|| EVP_DigestUpdate(&md_ctx, rec->input, rec->length) <= 0
|| EVP_DigestFinal_ex(&md_ctx, md, NULL) <= 0
|| EVP_MD_CTX_copy_ex(&md_ctx, hash) <= 0
|| EVP_DigestUpdate(&md_ctx, mac_sec, md_size) <= 0
|| EVP_DigestUpdate(&md_ctx, ssl3_pad_2, npad) <= 0
|| EVP_DigestUpdate(&md_ctx, md, md_size) <= 0
|| EVP_DigestFinal_ex(&md_ctx, md, &md_size_u) <= 0) {
EVP_MD_CTX_cleanup(&md_ctx);
if (EVP_MD_CTX_copy_ex(md_ctx, hash) <= 0
|| EVP_DigestUpdate(md_ctx, mac_sec, md_size) <= 0
|| EVP_DigestUpdate(md_ctx, ssl3_pad_1, npad) <= 0
|| EVP_DigestUpdate(md_ctx, seq, 8) <= 0
|| EVP_DigestUpdate(md_ctx, &rec_char, 1) <= 0
|| EVP_DigestUpdate(md_ctx, md, 2) <= 0
|| EVP_DigestUpdate(md_ctx, rec->input, rec->length) <= 0
|| EVP_DigestFinal_ex(md_ctx, md, NULL) <= 0
|| EVP_MD_CTX_copy_ex(md_ctx, hash) <= 0
|| EVP_DigestUpdate(md_ctx, mac_sec, md_size) <= 0
|| EVP_DigestUpdate(md_ctx, ssl3_pad_2, npad) <= 0
|| EVP_DigestUpdate(md_ctx, md, md_size) <= 0
|| EVP_DigestFinal_ex(md_ctx, md, &md_size_u) <= 0) {
EVP_MD_CTX_cleanup(md_ctx);
return -1;
}
md_size = md_size_u;
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
}
ssl3_record_sequence_update(seq);
@ -892,7 +894,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
EVP_MD_CTX *hash;
size_t md_size;
int i;
EVP_MD_CTX hmac, *mac_ctx;
EVP_MD_CTX *hmac = NULL, *mac_ctx;
unsigned char header[13];
int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
: (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
@ -916,9 +918,11 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
if (stream_mac) {
mac_ctx = hash;
} else {
if (!EVP_MD_CTX_copy(&hmac, hash))
hmac = EVP_MD_CTX_create();
if (hmac == NULL
|| !EVP_MD_CTX_copy(hmac, hash))
return -1;
mac_ctx = &hmac;
mac_ctx = hmac;
}
if (SSL_IS_DTLS(ssl)) {
@ -953,16 +957,14 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
rec->length + md_size, rec->orig_len,
ssl->s3->read_mac_secret,
ssl->s3->read_mac_secret_size, 0) <= 0) {
if (!stream_mac)
EVP_MD_CTX_cleanup(&hmac);
EVP_MD_CTX_destroy(hmac);
return -1;
}
} else {
if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
|| EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
|| EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
if (!stream_mac)
EVP_MD_CTX_cleanup(&hmac);
EVP_MD_CTX_destroy(hmac);
return -1;
}
if (!send && !SSL_USE_ETM(ssl) && FIPS_mode())
@ -971,8 +973,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
rec->length, rec->orig_len);
}
if (!stream_mac)
EVP_MD_CTX_cleanup(&hmac);
EVP_MD_CTX_destroy(hmac);
#ifdef TLS_DEBUG
fprintf(stderr, "seq=");

24
ssl/s3_cbc.c
View file

@ -201,7 +201,7 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
unsigned char first_block[MAX_HASH_BLOCK_SIZE];
unsigned char mac_out[EVP_MAX_MD_SIZE];
unsigned i, j, md_out_size_u;
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx = NULL;
/*
* mdLengthSize is the number of bytes in the length field that
* terminates * the hash.
@ -497,34 +497,36 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
mac_out[j] |= block[j] & is_block_b;
}
EVP_MD_CTX_init(&md_ctx);
if (EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */ ) <= 0)
md_ctx = EVP_MD_CTX_create();
if (md_ctx == NULL)
goto err;
if (EVP_DigestInit_ex(md_ctx, EVP_MD_CTX_md(ctx), NULL /* engine */ ) <= 0)
goto err;
if (is_sslv3) {
/* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
memset(hmac_pad, 0x5c, sslv3_pad_length);
if (EVP_DigestUpdate(&md_ctx, mac_secret, mac_secret_length) <= 0
|| EVP_DigestUpdate(&md_ctx, hmac_pad, sslv3_pad_length) <= 0
|| EVP_DigestUpdate(&md_ctx, mac_out, md_size) <= 0)
if (EVP_DigestUpdate(md_ctx, mac_secret, mac_secret_length) <= 0
|| EVP_DigestUpdate(md_ctx, hmac_pad, sslv3_pad_length) <= 0
|| EVP_DigestUpdate(md_ctx, mac_out, md_size) <= 0)
goto err;
} else {
/* Complete the HMAC in the standard manner. */
for (i = 0; i < md_block_size; i++)
hmac_pad[i] ^= 0x6a;
if (EVP_DigestUpdate(&md_ctx, hmac_pad, md_block_size) <= 0
|| EVP_DigestUpdate(&md_ctx, mac_out, md_size) <= 0)
if (EVP_DigestUpdate(md_ctx, hmac_pad, md_block_size) <= 0
|| EVP_DigestUpdate(md_ctx, mac_out, md_size) <= 0)
goto err;
}
ret = EVP_DigestFinal(&md_ctx, md_out, &md_out_size_u);
ret = EVP_DigestFinal(md_ctx, md_out, &md_out_size_u);
if (ret && md_out_size)
*md_out_size = md_out_size_u;
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
return 1;
err:
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
return 0;
}

96
ssl/s3_enc.c
View file

@ -142,19 +142,24 @@
static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
{
EVP_MD_CTX m5;
EVP_MD_CTX s1;
EVP_MD_CTX *m5;
EVP_MD_CTX *s1;
unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
unsigned char c = 'A';
unsigned int i, j, k;
int ret = 0;
#ifdef CHARSET_EBCDIC
c = os_toascii[c]; /* 'A' in ASCII */
#endif
k = 0;
EVP_MD_CTX_init(&m5);
EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_MD_CTX_init(&s1);
m5 = EVP_MD_CTX_create();
s1 = EVP_MD_CTX_create();
if (m5 == NULL || s1 == NULL) {
SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
goto err;
}
EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
k++;
if (k > sizeof buf) {
@ -166,30 +171,32 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
for (j = 0; j < k; j++)
buf[j] = c;
c++;
EVP_DigestInit_ex(&s1, EVP_sha1(), NULL);
EVP_DigestUpdate(&s1, buf, k);
EVP_DigestUpdate(&s1, s->session->master_key,
EVP_DigestInit_ex(s1, EVP_sha1(), NULL);
EVP_DigestUpdate(s1, buf, k);
EVP_DigestUpdate(s1, s->session->master_key,
s->session->master_key_length);
EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE);
EVP_DigestFinal_ex(&s1, smd, NULL);
EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE);
EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE);
EVP_DigestFinal_ex(s1, smd, NULL);
EVP_DigestInit_ex(&m5, EVP_md5(), NULL);
EVP_DigestUpdate(&m5, s->session->master_key,
EVP_DigestInit_ex(m5, EVP_md5(), NULL);
EVP_DigestUpdate(m5, s->session->master_key,
s->session->master_key_length);
EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH);
EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH);
if ((int)(i + MD5_DIGEST_LENGTH) > num) {
EVP_DigestFinal_ex(&m5, smd, NULL);
EVP_DigestFinal_ex(m5, smd, NULL);
memcpy(km, smd, (num - i));
} else
EVP_DigestFinal_ex(&m5, km, NULL);
EVP_DigestFinal_ex(m5, km, NULL);
km += MD5_DIGEST_LENGTH;
}
OPENSSL_cleanse(smd, sizeof(smd));
EVP_MD_CTX_cleanup(&m5);
EVP_MD_CTX_cleanup(&s1);
return 1;
ret = 1;
err:
EVP_MD_CTX_destroy(m5);
EVP_MD_CTX_destroy(s1);
return ret;
}
int ssl3_change_cipher_state(SSL *s, int which)
@ -492,7 +499,7 @@ int ssl3_digest_cached_records(SSL *s, int keep)
int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p)
{
int ret;
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = NULL;
if (!ssl3_digest_cached_records(s, 0))
return 0;
@ -502,25 +509,29 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p)
return 0;
}
EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst);
ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE);
return 0;
}
EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst);
ret = EVP_MD_CTX_size(&ctx);
ret = EVP_MD_CTX_size(ctx);
if (ret < 0) {
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_cleanup(ctx);
return 0;
}
if ((sender != NULL && EVP_DigestUpdate(&ctx, sender, len) <= 0)
|| EVP_MD_CTX_ctrl(&ctx, EVP_CTRL_SSL3_MASTER_SECRET,
if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
|| EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key) <= 0
|| EVP_DigestFinal_ex(&ctx, p, NULL) <= 0) {
|| EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);
ret = 0;
}
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return ret;
}
@ -540,29 +551,32 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
#endif
};
unsigned char buf[EVP_MAX_MD_SIZE];
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
int i, ret = 0;
unsigned int n;
#ifdef OPENSSL_SSL_TRACE_CRYPTO
unsigned char *tmpout = out;
#endif
EVP_MD_CTX_init(&ctx);
if (ctx == NULL) {
SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_MALLOC_FAILURE);
return 0;
}
for (i = 0; i < 3; i++) {
if (EVP_DigestInit_ex(&ctx, s->ctx->sha1, NULL) <= 0
|| EVP_DigestUpdate(&ctx, salt[i],
if (EVP_DigestInit_ex(ctx, s->ctx->sha1, NULL) <= 0
|| EVP_DigestUpdate(ctx, salt[i],
strlen((const char *)salt[i])) <= 0
|| EVP_DigestUpdate(&ctx, p, len) <= 0
|| EVP_DigestUpdate(&ctx, &(s->s3->client_random[0]),
|| EVP_DigestUpdate(ctx, p, len) <= 0
|| EVP_DigestUpdate(ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_DigestUpdate(&ctx, &(s->s3->server_random[0]),
|| EVP_DigestUpdate(ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_DigestFinal_ex(&ctx, buf, &n) <= 0
|| EVP_DigestFinal_ex(ctx, buf, &n) <= 0
|| EVP_DigestInit_ex(&ctx, s->ctx->md5, NULL) <= 0
|| EVP_DigestUpdate(&ctx, p, len) <= 0
|| EVP_DigestUpdate(&ctx, buf, n) <= 0
|| EVP_DigestFinal_ex(&ctx, out, &n) <= 0) {
|| EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0
|| EVP_DigestUpdate(ctx, p, len) <= 0
|| EVP_DigestUpdate(ctx, buf, n) <= 0
|| EVP_DigestFinal_ex(ctx, out, &n) <= 0) {
SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
ret = 0;
break;
@ -570,7 +584,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
out += n;
ret += n;
}
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (ret > 0 && s->msg_callback) {

14
ssl/ssl_lib.c
View file

@ -3197,19 +3197,23 @@ void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
/* Retrieve handshake hashes */
int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen)
{
EVP_MD_CTX ctx;
EVP_MD_CTX *ctx = NULL;
EVP_MD_CTX *hdgst = s->s3->handshake_dgst;
int ret = EVP_MD_CTX_size(hdgst);
EVP_MD_CTX_init(&ctx);
if (ret < 0 || ret > outlen) {
ret = 0;
goto err;
}
if (!EVP_MD_CTX_copy_ex(&ctx, hdgst)
|| EVP_DigestFinal_ex(&ctx, out, NULL) <= 0)
ctx = EVP_MD_CTX_create();
if (ctx == NULL) {
ret = 0;
goto err;
}
if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
|| EVP_DigestFinal_ex(ctx, out, NULL) <= 0)
ret = 0;
err:
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_destroy(ctx);
return ret;
}

43
ssl/statem/statem_clnt.c
View file

@ -1573,7 +1573,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)
MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
{
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx;
int al, j;
long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
@ -1592,7 +1592,12 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
#endif
PACKET save_param_start, signature;
EVP_MD_CTX_init(&md_ctx);
md_ctx = EVP_MD_CTX_create();
if (md_ctx == NULL) {
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto f_err;
}
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
@ -1882,18 +1887,18 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
goto f_err;
}
if (EVP_VerifyInit_ex(&md_ctx, md, NULL) <= 0
|| EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
if (EVP_VerifyInit_ex(md_ctx, md, NULL) <= 0
|| EVP_VerifyUpdate(md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
|| EVP_VerifyUpdate(md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_VerifyUpdate(&md_ctx, PACKET_data(&params),
|| EVP_VerifyUpdate(md_ctx, PACKET_data(&params),
PACKET_remaining(&params)) <= 0) {
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB);
goto f_err;
}
if (EVP_VerifyFinal(&md_ctx, PACKET_data(&signature),
if (EVP_VerifyFinal(md_ctx, PACKET_data(&signature),
PACKET_remaining(&signature), pkey) <= 0) {
/* bad signature */
al = SSL_AD_DECRYPT_ERROR;
@ -1916,7 +1921,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
}
}
EVP_PKEY_free(pkey);
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
return MSG_PROCESS_CONTINUE_READING;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
@ -1933,7 +1938,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
EC_POINT_free(srvr_ecpoint);
EC_KEY_free(ecdh);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
ossl_statem_set_error(s);
return MSG_PROCESS_ERROR;
}
@ -2894,13 +2899,17 @@ int tls_construct_client_verify(SSL *s)
unsigned char *p;
EVP_PKEY *pkey;
const EVP_MD *md = s->s3->tmp.md[s->cert->key - s->cert->pkeys];
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx;
unsigned u = 0;
unsigned long n = 0;
long hdatalen = 0;
void *hdata;
EVP_MD_CTX_init(&mctx);
mctx = EVP_MD_CTX_create();
if (mctx == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
p = ssl_handshake_start(s);
pkey = s->cert->key->privatekey;
@ -2921,13 +2930,13 @@ int tls_construct_client_verify(SSL *s)
#ifdef SSL_DEBUG
fprintf(stderr, "Using client alg %s\n", EVP_MD_name(md));
#endif
if (!EVP_SignInit_ex(&mctx, md, NULL)
|| !EVP_SignUpdate(&mctx, hdata, hdatalen)
if (!EVP_SignInit_ex(mctx, md, NULL)
|| !EVP_SignUpdate(mctx, hdata, hdatalen)
|| (s->version == SSL3_VERSION
&& !EVP_MD_CTX_ctrl(&mctx, EVP_CTRL_SSL3_MASTER_SECRET,
&& !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key))
|| !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
|| !EVP_SignFinal(mctx, p + 2, &u, pkey)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_EVP_LIB);
goto err;
}
@ -2949,10 +2958,10 @@ int tls_construct_client_verify(SSL *s)
goto err;
}
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return 1;
err:
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
return 0;
}

41
ssl/statem/statem_srvr.c
View file

@ -1733,9 +1733,13 @@ int tls_construct_server_key_exchange(SSL *s)
BIGNUM *r[4];
int nr[4], kn;
BUF_MEM *buf;
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
EVP_MD_CTX_init(&md_ctx);
if (md_ctx == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
type = s->s3->tmp.new_cipher->algorithm_mkey;
cert = s->cert;
@ -2040,13 +2044,13 @@ int tls_construct_server_key_exchange(SSL *s)
#ifdef SSL_DEBUG
fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
#endif
if (EVP_SignInit_ex(&md_ctx, md, NULL) <= 0
|| EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
if (EVP_SignInit_ex(md_ctx, md, NULL) <= 0
|| EVP_SignUpdate(md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
|| EVP_SignUpdate(md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
|| EVP_SignUpdate(&md_ctx, d, n) <= 0
|| EVP_SignFinal(&md_ctx, &(p[2]),
|| EVP_SignUpdate(md_ctx, d, n) <= 0
|| EVP_SignFinal(md_ctx, &(p[2]),
(unsigned int *)&i, pkey) <= 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
al = SSL_AD_INTERNAL_ERROR;
@ -2071,7 +2075,7 @@ int tls_construct_server_key_exchange(SSL *s)
goto f_err;
}
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
return 1;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
@ -2080,7 +2084,7 @@ int tls_construct_server_key_exchange(SSL *s)
OPENSSL_free(encodedPoint);
BN_CTX_free(bn_ctx);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
ossl_statem_set_error(s);
return 0;
}
@ -2884,8 +2888,13 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
long hdatalen = 0;
void *hdata;
EVP_MD_CTX mctx;
EVP_MD_CTX_init(&mctx);
EVP_MD_CTX *mctx = EVP_MD_CTX_create();
if (mctx == NULL) {
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
peer = s->session->peer;
pkey = X509_get_pubkey(peer);
@ -2966,8 +2975,8 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
#ifdef SSL_DEBUG
fprintf(stderr, "Using client verify alg %s\n", EVP_MD_name(md));
#endif
if (!EVP_VerifyInit_ex(&mctx, md, NULL)
|| !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
if (!EVP_VerifyInit_ex(mctx, md, NULL)
|| !EVP_VerifyUpdate(mctx, hdata, hdatalen)) {
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
@ -2982,7 +2991,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
#endif
if (s->version == SSL3_VERSION
&& !EVP_MD_CTX_ctrl(&mctx, EVP_CTRL_SSL3_MASTER_SECRET,
&& !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key)) {
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
@ -2990,7 +2999,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
goto f_err;
}
if (EVP_VerifyFinal(&mctx, data, len, pkey) <= 0) {
if (EVP_VerifyFinal(mctx, data, len, pkey) <= 0) {
al = SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
goto f_err;
@ -3004,7 +3013,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
}
BIO_free(s->s3->handshake_buffer);
s->s3->handshake_buffer = NULL;
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
EVP_PKEY_free(pkey);
return ret;
}

56
ssl/t1_enc.c
View file

@ -157,7 +157,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
{
int chunk;
size_t j;
EVP_MD_CTX ctx, ctx_tmp, ctx_init;
EVP_MD_CTX *ctx, *ctx_tmp, *ctx_init;
EVP_PKEY *mac_key;
unsigned char A1[EVP_MAX_MD_SIZE];
size_t A1_len;
@ -166,60 +166,62 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
chunk = EVP_MD_size(md);
OPENSSL_assert(chunk >= 0);
EVP_MD_CTX_init(&ctx);
EVP_MD_CTX_init(&ctx_tmp);
EVP_MD_CTX_init(&ctx_init);
EVP_MD_CTX_set_flags(&ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
ctx = EVP_MD_CTX_create();
ctx_tmp = EVP_MD_CTX_create();
ctx_init = EVP_MD_CTX_create();
if (ctx == NULL || ctx_tmp == NULL || ctx_init == NULL)
goto err;
EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
if (!mac_key)
goto err;
if (!EVP_DigestSignInit(&ctx_init, NULL, md, NULL, mac_key))
if (!EVP_DigestSignInit(ctx_init, NULL, md, NULL, mac_key))
goto err;
if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
if (!EVP_MD_CTX_copy_ex(ctx, ctx_init))
goto err;
if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
if (seed1 && !EVP_DigestSignUpdate(ctx, seed1, seed1_len))
goto err;
if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
if (seed2 && !EVP_DigestSignUpdate(ctx, seed2, seed2_len))
goto err;
if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
if (seed3 && !EVP_DigestSignUpdate(ctx, seed3, seed3_len))
goto err;
if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
if (seed4 && !EVP_DigestSignUpdate(ctx, seed4, seed4_len))
goto err;
if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
if (seed5 && !EVP_DigestSignUpdate(ctx, seed5, seed5_len))
goto err;
if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
if (!EVP_DigestSignFinal(ctx, A1, &A1_len))
goto err;
for (;;) {
/* Reinit mac contexts */
if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
if (!EVP_MD_CTX_copy_ex(ctx, ctx_init))
goto err;
if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
if (!EVP_DigestSignUpdate(ctx, A1, A1_len))
goto err;
if (olen > chunk && !EVP_MD_CTX_copy_ex(&ctx_tmp, &ctx))
if (olen > chunk && !EVP_MD_CTX_copy_ex(ctx_tmp, ctx))
goto err;
if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
if (seed1 && !EVP_DigestSignUpdate(ctx, seed1, seed1_len))
goto err;
if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
if (seed2 && !EVP_DigestSignUpdate(ctx, seed2, seed2_len))
goto err;
if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
if (seed3 && !EVP_DigestSignUpdate(ctx, seed3, seed3_len))
goto err;
if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
if (seed4 && !EVP_DigestSignUpdate(ctx, seed4, seed4_len))
goto err;
if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
if (seed5 && !EVP_DigestSignUpdate(ctx, seed5, seed5_len))
goto err;
if (olen > chunk) {
if (!EVP_DigestSignFinal(&ctx, out, &j))
if (!EVP_DigestSignFinal(ctx, out, &j))
goto err;
out += j;
olen -= j;
/* calc the next A1 value */
if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
if (!EVP_DigestSignFinal(ctx_tmp, A1, &A1_len))
goto err;
} else { /* last one */
if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
if (!EVP_DigestSignFinal(ctx, A1, &A1_len))
goto err;
memcpy(out, A1, olen);
break;
@ -228,9 +230,9 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
ret = 1;
err:
EVP_PKEY_free(mac_key);
EVP_MD_CTX_cleanup(&ctx);
EVP_MD_CTX_cleanup(&ctx_tmp);
EVP_MD_CTX_cleanup(&ctx_init);
EVP_MD_CTX_destroy(ctx);
EVP_MD_CTX_destroy(ctx_tmp);
EVP_MD_CTX_destroy(ctx_init);
OPENSSL_cleanse(A1, sizeof(A1));
return ret;
}

14
test/ecdsatest.c
View file

@ -188,17 +188,19 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
const char message[] = "abc";
unsigned char digest[20];
unsigned int dgst_len = 0;
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
EC_KEY *key = NULL;
ECDSA_SIG *signature = NULL;
BIGNUM *r = NULL, *s = NULL;
BIGNUM *kinv = NULL, *rp = NULL;
EVP_MD_CTX_init(&md_ctx);
if (md_ctx == NULL)
goto x962_int_err;
/* get the message digest */
if (!EVP_DigestInit(&md_ctx, EVP_sha1())
|| !EVP_DigestUpdate(&md_ctx, (const void *)message, 3)
|| !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
if (!EVP_DigestInit(md_ctx, EVP_sha1())
|| !EVP_DigestUpdate(md_ctx, (const void *)message, 3)
|| !EVP_DigestFinal(md_ctx, digest, &dgst_len))
goto x962_int_err;
BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
@ -244,7 +246,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
ECDSA_SIG_free(signature);
BN_free(r);
BN_free(s);
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
BN_clear_free(kinv);
BN_clear_free(rp);
return ret;

38
test/evp_extra_test.c
View file

@ -277,19 +277,21 @@ static int test_EVP_DigestSignInit(void)
EVP_PKEY *pkey = NULL;
unsigned char *sig = NULL;
size_t sig_len = 0;
EVP_MD_CTX md_ctx, md_ctx_verify;
EVP_MD_CTX *md_ctx, *md_ctx_verify;
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX_init(&md_ctx_verify);
md_ctx = EVP_MD_CTX_create();
md_ctx_verify = EVP_MD_CTX_create();
if (md_ctx == NULL || md_ctx_verify == NULL)
goto out;
pkey = load_example_rsa_key();
if (pkey == NULL ||
!EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
!EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) {
!EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
!EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))) {
goto out;
}
/* Determine the size of the signature. */
if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
if (!EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) {
goto out;
}
/* Sanity check for testing. */
@ -299,14 +301,14 @@ static int test_EVP_DigestSignInit(void)
}
sig = OPENSSL_malloc(sig_len);
if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) {
if (sig == NULL || !EVP_DigestSignFinal(md_ctx, sig, &sig_len)) {
goto out;
}
/* Ensure that the signature round-trips. */
if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
|| !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg))
|| !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) {
if (!EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
|| !EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))
|| !EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)) {
goto out;
}
@ -317,8 +319,8 @@ static int test_EVP_DigestSignInit(void)
ERR_print_errors_fp(stderr);
}
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_cleanup(&md_ctx_verify);
EVP_MD_CTX_destroy(md_ctx);
EVP_MD_CTX_destroy(md_ctx_verify);
EVP_PKEY_free(pkey);
OPENSSL_free(sig);
@ -329,15 +331,15 @@ static int test_EVP_DigestVerifyInit(void)
{
int ret = 0;
EVP_PKEY *pkey = NULL;
EVP_MD_CTX md_ctx;
EVP_MD_CTX *md_ctx;
EVP_MD_CTX_init(&md_ctx);
md_ctx = EVP_MD_CTX_create();
pkey = load_example_rsa_key();
if (pkey == NULL ||
!EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
!EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) ||
!EVP_DigestVerifyFinal(&md_ctx, kSignature, sizeof(kSignature))) {
!EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
!EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)) ||
!EVP_DigestVerifyFinal(md_ctx, kSignature, sizeof(kSignature))) {
goto out;
}
ret = 1;
@ -347,7 +349,7 @@ static int test_EVP_DigestVerifyInit(void)
ERR_print_errors_fp(stderr);
}
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_destroy(md_ctx);
EVP_PKEY_free(pkey);
return ret;

6
test/evp_test.c
View file

@ -713,8 +713,7 @@ static int digest_test_run(struct evp_test *t)
goto err;
err = NULL;
err:
if (mctx)
EVP_MD_CTX_destroy(mctx);
EVP_MD_CTX_destroy(mctx);
t->err = err;
return 1;
}
@ -1129,8 +1128,7 @@ static int mac_test_run(struct evp_test *t)
goto err;
err = NULL;
err:
if (mctx)
EVP_MD_CTX_destroy(mctx);
EVP_MD_CTX_destroy(mctx);
OPENSSL_free(mac);
EVP_PKEY_CTX_free(genctx);
EVP_PKEY_free(key);

21
test/gost2814789test.c
View file

@ -1207,7 +1207,7 @@ int main(int argc, char *argv[])
u64 ullMaxLen = 6 * 1000 * 1000;
int ignore = 0;
ENGINE *impl = NULL;
EVP_MD_CTX mctx;
EVP_MD_CTX *mctx;
EVP_CIPHER_CTX ectx;
EVP_PKEY *mac_key;
byte bDerive[EVP_MAX_KEY_LENGTH];
@ -1391,28 +1391,33 @@ int main(int argc, char *argv[])
*/
continue;
}
EVP_MD_CTX_init(&mctx);
mctx = EVP_MD_CTX_create();
if (mctx == NULL) {
fflush(NULL);
fprintf(stderr, "ENGINE_ctrl_cmd_string: malloc failure\n");
return 14;
}
mac_key = EVP_PKEY_new_mac_key(NID_id_Gost28147_89_MAC, NULL,
bDerive, mdl);
EVP_DigestSignInit(&mctx, NULL, md_g89imit, impl, mac_key);
EVP_DigestSignInit(mctx, NULL, md_g89imit, impl, mac_key);
if (G89_MAX_TC_LEN >= tcs[t].ullLen) {
EVP_DigestSignUpdate(&mctx, tcs[t].bIn,
EVP_DigestSignUpdate(mctx, tcs[t].bIn,
(unsigned int)tcs[t].ullLen);
} else {
for (ullLeft = tcs[t].ullLen;
ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) {
printf("B");
fflush(NULL);
EVP_DigestSignUpdate(&mctx, bZB, sizeof(bZB));
EVP_DigestSignUpdate(mctx, bZB, sizeof(bZB));
}
printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen);
fflush(NULL);
EVP_DigestSignUpdate(&mctx, bZB, (unsigned int)ullLeft);
EVP_DigestSignUpdate(mctx, bZB, (unsigned int)ullLeft);
}
siglen = 4;
OPENSSL_assert(EVP_DigestSignFinal(&mctx, bTest, &siglen));
OPENSSL_assert(EVP_DigestSignFinal(mctx, bTest, &siglen));
EVP_PKEY_free(mac_key);
EVP_MD_CTX_cleanup(&mctx);
EVP_MD_CTX_destroy(mctx);
enlu = (int)tcs[t].ullLen;
enlf = 0;
l = siglen;

20
test/mdc2test.c
View file

@ -95,17 +95,17 @@ int main(int argc, char *argv[])
int ret = 0;
unsigned char md[MDC2_DIGEST_LENGTH];
int i;
EVP_MD_CTX c;
EVP_MD_CTX *c;
static char *text = "Now is the time for all ";
# ifdef CHARSET_EBCDIC
ebcdic2ascii(text, text, strlen(text));
# endif
EVP_MD_CTX_init(&c);
EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
EVP_DigestFinal_ex(&c, &(md[0]), NULL);
c = EVP_MD_CTX_create();
EVP_DigestInit_ex(c, EVP_mdc2(), NULL);
EVP_DigestUpdate(c, (unsigned char *)text, strlen(text));
EVP_DigestFinal_ex(c, &(md[0]), NULL);
if (memcmp(md, pad1, MDC2_DIGEST_LENGTH) != 0) {
for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
@ -118,11 +118,11 @@ int main(int argc, char *argv[])
} else
printf("pad1 - ok\n");
EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
EVP_DigestInit_ex(c, EVP_mdc2(), NULL);
/* FIXME: use a ctl function? */
((MDC2_CTX *)c.md_data)->pad_type = 2;
EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
EVP_DigestFinal_ex(&c, &(md[0]), NULL);
((MDC2_CTX *)EVP_MD_CTX_md_data(c))->pad_type = 2;
EVP_DigestUpdate(c, (unsigned char *)text, strlen(text));
EVP_DigestFinal_ex(c, &(md[0]), NULL);
if (memcmp(md, pad2, MDC2_DIGEST_LENGTH) != 0) {
for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
@ -135,7 +135,7 @@ int main(int argc, char *argv[])
} else
printf("pad2 - ok\n");
EVP_MD_CTX_cleanup(&c);
EVP_MD_CTX_destroy(c);
# ifdef OPENSSL_SYS_NETWARE
if (ret)
printf("ERROR: %d\n", ret);

12
test/sha1test.c
View file

@ -88,7 +88,7 @@ int main(int argc, char *argv[])
char **P, **R;
static unsigned char buf[1000];
char *p, *r;
EVP_MD_CTX c;
EVP_MD_CTX *c;
unsigned char md[SHA_DIGEST_LENGTH];
#ifdef CHARSET_EBCDIC
@ -96,7 +96,7 @@ int main(int argc, char *argv[])
ebcdic2ascii(test[1], test[1], strlen(test[1]));
#endif
EVP_MD_CTX_init(&c);
c = EVP_MD_CTX_create();
P = test;
R = ret;
i = 1;
@ -118,10 +118,10 @@ int main(int argc, char *argv[])
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, 1000);
#endif /* CHARSET_EBCDIC */
EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
EVP_DigestInit_ex(c, EVP_sha1(), NULL);
for (i = 0; i < 1000; i++)
EVP_DigestUpdate(&c, buf, 1000);
EVP_DigestFinal_ex(&c, md, NULL);
EVP_DigestUpdate(c, buf, 1000);
EVP_DigestFinal_ex(c, md, NULL);
p = pt(md);
r = bigret;
@ -137,7 +137,7 @@ int main(int argc, char *argv[])
printf("ERROR: %d\n", err);
#endif
EXIT(err);
EVP_MD_CTX_cleanup(&c);
EVP_MD_CTX_destroy(c);
return (0);
}

26
test/sha256t.c
View file

@ -56,7 +56,7 @@ int main(int argc, char **argv)
{
unsigned char md[SHA256_DIGEST_LENGTH];
int i;
EVP_MD_CTX evp;
EVP_MD_CTX *evp;
fprintf(stdout, "Testing SHA-256 ");
@ -80,10 +80,15 @@ int main(int argc, char **argv)
fprintf(stdout, ".");
fflush(stdout);
EVP_MD_CTX_init(&evp);
EVP_DigestInit_ex(&evp, EVP_sha256(), NULL);
evp = EVP_MD_CTX_create();
if (evp == NULL) {
fflush(stdout);
fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n");
return 1;
}
EVP_DigestInit_ex(evp, EVP_sha256(), NULL);
for (i = 0; i < 1000000; i += 288)
EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
@ -93,8 +98,7 @@ int main(int argc, char **argv)
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 288 ? 1000000 - i : 288);
EVP_DigestFinal_ex(&evp, md, NULL);
EVP_MD_CTX_cleanup(&evp);
EVP_DigestFinal_ex(evp, md, NULL);
if (memcmp(md, app_b3, sizeof(app_b3))) {
fflush(stdout);
@ -129,14 +133,14 @@ int main(int argc, char **argv)
fprintf(stdout, ".");
fflush(stdout);
EVP_MD_CTX_init(&evp);
EVP_DigestInit_ex(&evp, EVP_sha224(), NULL);
EVP_MD_CTX_init(evp);
EVP_DigestInit_ex(evp, EVP_sha224(), NULL);
for (i = 0; i < 1000000; i += 64)
EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 64 ? 1000000 - i : 64);
EVP_DigestFinal_ex(&evp, md, NULL);
EVP_MD_CTX_cleanup(&evp);
EVP_DigestFinal_ex(evp, md, NULL);
EVP_MD_CTX_destroy(evp);
if (memcmp(md, addenum_3, sizeof(addenum_3))) {
fflush(stdout);

26
test/sha512t.c
View file

@ -75,7 +75,7 @@ int main(int argc, char **argv)
{
unsigned char md[SHA512_DIGEST_LENGTH];
int i;
EVP_MD_CTX evp;
EVP_MD_CTX *evp;
# ifdef OPENSSL_IA32_SSE2
/*
@ -113,10 +113,15 @@ int main(int argc, char **argv)
fprintf(stdout, ".");
fflush(stdout);
EVP_MD_CTX_init(&evp);
EVP_DigestInit_ex(&evp, EVP_sha512(), NULL);
evp = EVP_MD_CTX_create();
if (evp == NULL) {
fflush(stdout);
fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n");
return 1;
}
EVP_DigestInit_ex(evp, EVP_sha512(), NULL);
for (i = 0; i < 1000000; i += 288)
EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
@ -126,8 +131,8 @@ int main(int argc, char **argv)
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 288 ? 1000000 - i : 288);
EVP_DigestFinal_ex(&evp, md, NULL);
EVP_MD_CTX_cleanup(&evp);
EVP_DigestFinal_ex(evp, md, NULL);
EVP_MD_CTX_cleanup(evp);
if (memcmp(md, app_c3, sizeof(app_c3))) {
fflush(stdout);
@ -163,14 +168,13 @@ int main(int argc, char **argv)
fprintf(stdout, ".");
fflush(stdout);
EVP_MD_CTX_init(&evp);
EVP_DigestInit_ex(&evp, EVP_sha384(), NULL);
EVP_DigestInit_ex(evp, EVP_sha384(), NULL);
for (i = 0; i < 1000000; i += 64)
EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 64 ? 1000000 - i : 64);
EVP_DigestFinal_ex(&evp, md, NULL);
EVP_MD_CTX_cleanup(&evp);
EVP_DigestFinal_ex(evp, md, NULL);
EVP_MD_CTX_destroy(evp);
if (memcmp(md, app_d3, sizeof(app_d3))) {
fflush(stdout);