char *salt_out;
int n;
unsigned int i;
- EVP_MD_CTX md, md2;
+ EVP_MD_CTX *md, *md2;
size_t passwd_len, salt_len;
passwd_len = strlen(passwd);
salt_len = strlen(salt_out);
assert(salt_len <= 8);
- EVP_MD_CTX_init(&md);
- EVP_DigestInit_ex(&md, EVP_md5(), NULL);
- EVP_DigestUpdate(&md, passwd, passwd_len);
- EVP_DigestUpdate(&md, "$", 1);
- EVP_DigestUpdate(&md, magic, strlen(magic));
- EVP_DigestUpdate(&md, "$", 1);
- EVP_DigestUpdate(&md, salt_out, salt_len);
-
- EVP_MD_CTX_init(&md2);
- EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
- EVP_DigestUpdate(&md2, passwd, passwd_len);
- EVP_DigestUpdate(&md2, salt_out, salt_len);
- EVP_DigestUpdate(&md2, passwd, passwd_len);
- EVP_DigestFinal_ex(&md2, buf, NULL);
+ md = EVP_MD_CTX_create();
+ if (md == NULL)
+ return NULL;
+ EVP_DigestInit_ex(md, EVP_md5(), NULL);
+ EVP_DigestUpdate(md, passwd, passwd_len);
+ EVP_DigestUpdate(md, "$", 1);
+ EVP_DigestUpdate(md, magic, strlen(magic));
+ EVP_DigestUpdate(md, "$", 1);
+ EVP_DigestUpdate(md, salt_out, salt_len);
+
+ md2 = EVP_MD_CTX_create();
+ if (md2 == NULL)
+ return NULL;
+ EVP_DigestInit_ex(md2, EVP_md5(), NULL);
+ EVP_DigestUpdate(md2, passwd, passwd_len);
+ EVP_DigestUpdate(md2, salt_out, salt_len);
+ EVP_DigestUpdate(md2, passwd, passwd_len);
+ EVP_DigestFinal_ex(md2, buf, NULL);
for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
- EVP_DigestUpdate(&md, buf, sizeof buf);
- EVP_DigestUpdate(&md, buf, i);
+ EVP_DigestUpdate(md, buf, sizeof buf);
+ EVP_DigestUpdate(md, buf, i);
n = passwd_len;
while (n) {
- EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
+ EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1);
n >>= 1;
}
- EVP_DigestFinal_ex(&md, buf, NULL);
+ EVP_DigestFinal_ex(md, buf, NULL);
for (i = 0; i < 1000; i++) {
- EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
- EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
+ EVP_DigestInit_ex(md2, EVP_md5(), NULL);
+ EVP_DigestUpdate(md2, (i & 1) ? (unsigned const char *)passwd : buf,
(i & 1) ? passwd_len : sizeof buf);
if (i % 3)
- EVP_DigestUpdate(&md2, salt_out, salt_len);
+ EVP_DigestUpdate(md2, salt_out, salt_len);
if (i % 7)
- EVP_DigestUpdate(&md2, passwd, passwd_len);
- EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
+ EVP_DigestUpdate(md2, passwd, passwd_len);
+ EVP_DigestUpdate(md2, (i & 1) ? buf : (unsigned const char *)passwd,
(i & 1) ? sizeof buf : passwd_len);
- EVP_DigestFinal_ex(&md2, buf, NULL);
+ EVP_DigestFinal_ex(md2, buf, NULL);
}
- EVP_MD_CTX_cleanup(&md2);
+ EVP_MD_CTX_destroy(md2);
+ EVP_MD_CTX_destroy(md);
{
/* transform buf into output string */
*output = 0;
assert(strlen(out_buf) < sizeof(out_buf));
}
- EVP_MD_CTX_cleanup(&md);
return out_buf;
}
EVP_PKEY_CTX *pkctx = NULL;
int i;
- EVP_MD_CTX_init(ctx);
+ if (ctx == NULL)
+ return 0;
if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey))
return 0;
for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
- EVP_MD_CTX_init(&mctx);
- rv = do_sign_init(&mctx, pkey, md, sigopts);
+ rv = do_sign_init(mctx, pkey, md, sigopts);
+ /* Note: X509_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
+ * the EVP_MD_CTX we send it, so only destroy it here if the former
+ * isn't called */
if (rv > 0)
- rv = X509_sign_ctx(x, &mctx);
- EVP_MD_CTX_cleanup(&mctx);
+ rv = X509_sign_ctx(x, mctx);
+ else
+ EVP_MD_CTX_destroy(mctx);
return rv > 0 ? 1 : 0;
}
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
- EVP_MD_CTX mctx;
-
- EVP_MD_CTX_init(&mctx);
- rv = do_sign_init(&mctx, pkey, md, sigopts);
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
+ rv = do_sign_init(mctx, pkey, md, sigopts);
+ /* Note: X509_REQ_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
+ * the EVP_MD_CTX we send it, so only destroy it here if the former
+ * isn't called */
if (rv > 0)
- rv = X509_REQ_sign_ctx(x, &mctx);
- EVP_MD_CTX_cleanup(&mctx);
+ rv = X509_REQ_sign_ctx(x, mctx);
+ else
+ EVP_MD_CTX_destroy(mctx);
return rv > 0 ? 1 : 0;
}
STACK_OF(OPENSSL_STRING) *sigopts)
{
int rv;
- EVP_MD_CTX mctx;
-
- EVP_MD_CTX_init(&mctx);
- rv = do_sign_init(&mctx, pkey, md, sigopts);
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
+ rv = do_sign_init(mctx, pkey, md, sigopts);
+ /* Note: X509_CRL_sign_ctx() calls ASN1_item_sign_ctx(), which destroys
+ * the EVP_MD_CTX we send it, so only destroy it here if the former
+ * isn't called */
if (rv > 0)
- rv = X509_CRL_sign_ctx(x, &mctx);
- EVP_MD_CTX_cleanup(&mctx);
+ rv = X509_CRL_sign_ctx(x, mctx);
+ else
+ EVP_MD_CTX_destroy(mctx);
return rv > 0 ? 1 : 0;
}
return 0;
if (input) {
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
unsigned char buffer[4096];
int length;
+ if (md_ctx == NULL)
+ return 0;
*md_value = app_malloc(md_value_len, "digest buffer");
- EVP_DigestInit(&md_ctx, md);
+ EVP_DigestInit(md_ctx, md);
while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
- EVP_DigestUpdate(&md_ctx, buffer, length);
+ EVP_DigestUpdate(md_ctx, buffer, length);
}
- if (!EVP_DigestFinal(&md_ctx, *md_value, NULL))
+ if (!EVP_DigestFinal(md_ctx, *md_value, NULL)) {
+ EVP_MD_CTX_destroy(md_ctx);
return 0;
+ }
+ EVP_MD_CTX_destroy(md_ctx);
} else {
long digest_len;
*md_value = string_to_hex(digest, &digest_len);
ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
const EVP_MD *type)
{
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_create();
unsigned char *p, *buf_in = NULL, *buf_out = NULL;
int i, inl = 0, outl = 0, outll = 0;
X509_ALGOR *a;
- EVP_MD_CTX_init(&ctx);
+ if (ctx == NULL) {
+ ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
for (i = 0; i < 2; i++) {
if (i == 0)
a = algor1;
p = buf_in;
i2d(data, &p);
- if (!EVP_SignInit_ex(&ctx, type, NULL)
- || !EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl)
- || !EVP_SignFinal(&ctx, (unsigned char *)buf_out,
+ if (!EVP_SignInit_ex(ctx, type, NULL)
+ || !EVP_SignUpdate(ctx, (unsigned char *)buf_in, inl)
+ || !EVP_SignFinal(ctx, (unsigned char *)buf_out,
(unsigned int *)&outl, pkey)) {
outl = 0;
ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB);
signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
OPENSSL_clear_free((char *)buf_in, (unsigned int)inl);
OPENSSL_clear_free((char *)buf_out, outll);
return (outl);
X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn,
EVP_PKEY *pkey, const EVP_MD *type)
{
- EVP_MD_CTX ctx;
- EVP_MD_CTX_init(&ctx);
- if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX *ctx = EVP_MD_CTX_create();
+
+ if (ctx == NULL) {
+ ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ if (!EVP_DigestSignInit(ctx, NULL, type, NULL, pkey)) {
+ EVP_MD_CTX_destroy(ctx);
return 0;
}
- return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
+ return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx);
}
int ASN1_item_sign_ctx(const ASN1_ITEM *it,
int rv;
type = EVP_MD_CTX_md(ctx);
- pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
+ pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx));
if (!type || !pkey) {
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
err:
- EVP_MD_CTX_cleanup(ctx);
+ EVP_MD_CTX_destroy(ctx);
OPENSSL_clear_free((char *)buf_in, (unsigned int)inl);
OPENSSL_clear_free((char *)buf_out, outll);
return (outl);
int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
char *data, EVP_PKEY *pkey)
{
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_create();
const EVP_MD *type;
unsigned char *p, *buf_in = NULL;
int ret = -1, i, inl;
- EVP_MD_CTX_init(&ctx);
+ if (ctx == NULL) {
+ ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
i = OBJ_obj2nid(a->algorithm);
type = EVP_get_digestbyname(OBJ_nid2sn(i));
if (type == NULL) {
p = buf_in;
i2d(data, &p);
- ret = EVP_VerifyInit_ex(&ctx, type, NULL)
- && EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl);
+ ret = EVP_VerifyInit_ex(ctx, type, NULL)
+ && EVP_VerifyUpdate(ctx, (unsigned char *)buf_in, inl);
OPENSSL_clear_free(buf_in, (unsigned int)inl);
}
ret = -1;
- if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data,
+ if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data,
(unsigned int)signature->length, pkey) <= 0) {
ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
ret = 0;
}
ret = 1;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return (ret);
}
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
{
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = NULL;
unsigned char *buf_in = NULL;
int ret = -1, inl;
return -1;
}
- EVP_MD_CTX_init(&ctx);
+ ctx = EVP_MD_CTX_create();
+ if (ctx == NULL) {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
/* Convert signature OID into digest and public key OIDs */
if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
goto err;
}
- ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey);
+ ret = pkey->ameth->item_verify(ctx, it, asn, a, signature, pkey);
/*
* Return value of 2 means carry on, anything else means we exit
* straight away: either a fatal error of the underlying verification
goto err;
}
- if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
+ if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
ret = 0;
goto err;
goto err;
}
- ret = EVP_DigestVerifyUpdate(&ctx, buf_in, inl);
+ ret = EVP_DigestVerifyUpdate(ctx, buf_in, inl);
OPENSSL_clear_free(buf_in, (unsigned int)inl);
}
ret = -1;
- if (EVP_DigestVerifyFinal(&ctx, signature->data,
+ if (EVP_DigestVerifyFinal(ctx, signature->data,
(size_t)signature->length) <= 0) {
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
ret = 0;
}
ret = 1;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return (ret);
}
static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- if (!CMAC_Update(ctx->pctx->data, data, count))
+ if (!CMAC_Update(EVP_MD_CTX_pkey_ctx(ctx)->data, data, count))
return 0;
return 1;
}
static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
{
EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
- mctx->update = int_update;
+ EVP_MD_CTX_set_update_fn(mctx, int_update);
return 1;
}
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
EVP_PKEY_free(si->pkey);
X509_free(si->signer);
- if (si->pctx)
- EVP_MD_CTX_cleanup(&si->mctx);
+ EVP_MD_CTX_destroy(si->mctx);
}
return 1;
}
int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
int r = 0;
CMS_DigestedData *dd;
- EVP_MD_CTX_init(&mctx);
+
+ if (mctx == NULL) {
+ CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
dd = cms->d.digestedData;
- if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm))
goto err;
- if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
+ if (EVP_DigestFinal_ex(mctx, md, &mdlen) <= 0)
goto err;
if (verify) {
}
err:
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return r;
X509 *signer;
EVP_PKEY *pkey;
/* Digest and public key context for alternative parameters */
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx;
EVP_PKEY_CTX *pctx;
};
si->pkey = pk;
si->signer = signer;
- EVP_MD_CTX_init(&si->mctx);
+ si->mctx = EVP_MD_CTX_create();
si->pctx = NULL;
+ if (si->mctx == NULL) {
+ CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
if (flags & CMS_USE_KEYID) {
si->version = 3;
if (sd->version < 3)
goto err;
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
- } else if (EVP_DigestSignInit(&si->mctx, &si->pctx, md, NULL, pk) <=
+ } else if (EVP_DigestSignInit(si->mctx, &si->pctx, md, NULL, pk) <=
0)
goto err;
}
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si)
{
- return &si->mctx;
+ return si->mctx;
}
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
CMS_SignerInfo *si, BIO *chain)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
int r = 0;
EVP_PKEY_CTX *pctx = NULL;
- EVP_MD_CTX_init(&mctx);
+
+ if (mctx == NULL) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
if (!si->pkey) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
return 0;
}
- if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
/* Set SignerInfo algortihm details if we used custom parametsr */
if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
cms->d.signedData->encapContentInfo->eContentType;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
- if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
goto err;
if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING, md, mdlen))
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
pctx = si->pctx;
- if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
goto err;
siglen = EVP_PKEY_size(si->pkey);
sig = OPENSSL_malloc(siglen);
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
+ if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
r = 1;
err:
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
EVP_PKEY_CTX_free(pctx);
return r;
int CMS_SignerInfo_sign(CMS_SignerInfo *si)
{
- EVP_MD_CTX *mctx = &si->mctx;
+ EVP_MD_CTX *mctx = si->mctx;
EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen;
int CMS_SignerInfo_verify(CMS_SignerInfo *si)
{
- EVP_MD_CTX *mctx = &si->mctx;
+ EVP_MD_CTX *mctx = NULL;
unsigned char *abuf = NULL;
int alen, r = -1;
const EVP_MD *md = NULL;
md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
if (md == NULL)
return -1;
- EVP_MD_CTX_init(mctx);
+ if (si->mctx == NULL)
+ si->mctx = EVP_MD_CTX_create();
+ mctx = si->mctx;
if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
goto err;
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
{
ASN1_OCTET_STRING *os = NULL;
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
EVP_PKEY_CTX *pkctx = NULL;
int r = -1;
unsigned char mval[EVP_MAX_MD_SIZE];
unsigned int mlen;
- EVP_MD_CTX_init(&mctx);
+
+ if (mctx == NULL) {
+ CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
/* If we have any signed attributes look for messageDigest value */
if (CMS_signed_get_attr_count(si) >= 0) {
os = CMS_signed_get0_data_by_OBJ(si,
}
}
- if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+ if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm))
goto err;
- if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0) {
+ if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
goto err;
} else
r = 1;
} else {
- const EVP_MD *md = EVP_MD_CTX_md(&mctx);
+ const EVP_MD *md = EVP_MD_CTX_md(mctx);
pkctx = EVP_PKEY_CTX_new(si->pkey, NULL);
if (pkctx == NULL)
goto err;
err:
EVP_PKEY_CTX_free(pkctx);
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return r;
}
ASN1_OBJECT *key_oid,
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = NULL;
int rv = 0;
unsigned int i;
size_t mdlen;
int derlen;
if (Zlen > DH_KDF_MAX)
return 0;
+ mctx = EVP_MD_CTX_create();
+ if (mctx == NULL)
+ return 0;
mdlen = EVP_MD_size(md);
- EVP_MD_CTX_init(&mctx);
derlen = dh_sharedinfo_encode(&der, &ctr, key_oid, outlen, ukm, ukmlen);
if (derlen == 0)
goto err;
for (i = 1;; i++) {
unsigned char mtmp[EVP_MAX_MD_SIZE];
- EVP_DigestInit_ex(&mctx, md, NULL);
- if (!EVP_DigestUpdate(&mctx, Z, Zlen))
+ EVP_DigestInit_ex(mctx, md, NULL);
+ if (!EVP_DigestUpdate(mctx, Z, Zlen))
goto err;
ctr[3] = i & 0xFF;
ctr[2] = (i >> 8) & 0xFF;
ctr[1] = (i >> 16) & 0xFF;
ctr[0] = (i >> 24) & 0xFF;
- if (!EVP_DigestUpdate(&mctx, der, derlen))
+ if (!EVP_DigestUpdate(mctx, der, derlen))
goto err;
if (outlen >= mdlen) {
- if (!EVP_DigestFinal(&mctx, out, NULL))
+ if (!EVP_DigestFinal(mctx, out, NULL))
goto err;
outlen -= mdlen;
if (outlen == 0)
break;
out += mdlen;
} else {
- if (!EVP_DigestFinal(&mctx, mtmp, NULL))
+ if (!EVP_DigestFinal(mctx, mtmp, NULL))
goto err;
memcpy(out, mtmp, outlen);
OPENSSL_cleanse(mtmp, mdlen);
rv = 1;
err:
OPENSSL_free(der);
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return rv;
}
#endif
int counter = 0;
int r = 0;
BN_CTX *ctx = NULL;
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
unsigned int h = 2;
- EVP_MD_CTX_init(&mctx);
+ if (mctx == NULL)
+ goto err;
if (evpmd == NULL) {
if (N == 160)
evpmd = EVP_sha256();
}
- mdsize = M_EVP_MD_size(evpmd);
+ mdsize = EVP_MD_size(evpmd);
/* If unverificable g generation only don't need seed */
if (!ret->p || !ret->q || idx >= 0) {
if (seed_len == 0)
md[0] = idx & 0xff;
md[1] = (h >> 8) & 0xff;
md[2] = h & 0xff;
- if (!EVP_DigestInit_ex(&mctx, evpmd, NULL))
+ if (!EVP_DigestInit_ex(mctx, evpmd, NULL))
goto err;
- if (!EVP_DigestUpdate(&mctx, seed_tmp, seed_len))
+ if (!EVP_DigestUpdate(mctx, seed_tmp, seed_len))
goto err;
- if (!EVP_DigestUpdate(&mctx, ggen, sizeof(ggen)))
+ if (!EVP_DigestUpdate(mctx, ggen, sizeof(ggen)))
goto err;
- if (!EVP_DigestUpdate(&mctx, md, 3))
+ if (!EVP_DigestUpdate(mctx, md, 3))
goto err;
- if (!EVP_DigestFinal_ex(&mctx, md, NULL))
+ if (!EVP_DigestFinal_ex(mctx, md, NULL))
goto err;
if (!BN_bin2bn(md, mdsize, test))
goto err;
BN_CTX_end(ctx);
BN_CTX_free(ctx);
BN_MONT_CTX_free(mont);
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return ok;
}
const unsigned char *sinfo, size_t sinfolen,
const EVP_MD *md)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = NULL;
int rv = 0;
unsigned int i;
size_t mdlen;
if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX
|| Zlen > ECDH_KDF_MAX)
return 0;
+ mctx = EVP_MD_CTX_create();
+ if (mctx == NULL)
+ return 0;
mdlen = EVP_MD_size(md);
- EVP_MD_CTX_init(&mctx);
for (i = 1;; i++) {
unsigned char mtmp[EVP_MAX_MD_SIZE];
- EVP_DigestInit_ex(&mctx, md, NULL);
+ EVP_DigestInit_ex(mctx, md, NULL);
ctr[3] = i & 0xFF;
ctr[2] = (i >> 8) & 0xFF;
ctr[1] = (i >> 16) & 0xFF;
ctr[0] = (i >> 24) & 0xFF;
- if (!EVP_DigestUpdate(&mctx, Z, Zlen))
+ if (!EVP_DigestUpdate(mctx, Z, Zlen))
goto err;
- if (!EVP_DigestUpdate(&mctx, ctr, sizeof(ctr)))
+ if (!EVP_DigestUpdate(mctx, ctr, sizeof(ctr)))
goto err;
- if (!EVP_DigestUpdate(&mctx, sinfo, sinfolen))
+ if (!EVP_DigestUpdate(mctx, sinfo, sinfolen))
goto err;
if (outlen >= mdlen) {
- if (!EVP_DigestFinal(&mctx, out, NULL))
+ if (!EVP_DigestFinal(mctx, out, NULL))
goto err;
outlen -= mdlen;
if (outlen == 0)
break;
out += mdlen;
} else {
- if (!EVP_DigestFinal(&mctx, mtmp, NULL))
+ if (!EVP_DigestFinal(mctx, mtmp, NULL))
goto err;
memcpy(out, mtmp, outlen);
OPENSSL_cleanse(mtmp, mdlen);
}
rv = 1;
err:
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return rv;
}
# ifdef TEST_ENG_OPENSSL_SHA_P_INIT
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
# endif
- return SHA1_Init(ctx->md_data);
+ return SHA1_Init(EVP_MD_CTX_md_data(ctx));
}
static int test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
# ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
# endif
- return SHA1_Update(ctx->md_data, data, count);
+ return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
# ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
# endif
- return SHA1_Final(md, ctx->md_data);
+ return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD test_sha_md = {
static int init(EVP_MD_CTX *ctx)
{
- return MD4_Init(ctx->md_data);
+ return MD4_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return MD4_Update(ctx->md_data, data, count);
+ return MD4_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return MD4_Final(md, ctx->md_data);
+ return MD4_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD md4_md = {
static int init(EVP_MD_CTX *ctx)
{
- return MD5_Init(ctx->md_data);
+ return MD5_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return MD5_Update(ctx->md_data, data, count);
+ return MD5_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return MD5_Final(md, ctx->md_data);
+ return MD5_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD md5_md = {
static int init(EVP_MD_CTX *ctx)
{
- struct md5_sha1_ctx *mctx = ctx->md_data;
+ struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Init(&mctx->md5))
return 0;
return SHA1_Init(&mctx->sha1);
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- struct md5_sha1_ctx *mctx = ctx->md_data;
+ struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Update(&mctx->md5, data, count))
return 0;
return SHA1_Update(&mctx->sha1, data, count);
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- struct md5_sha1_ctx *mctx = ctx->md_data;
+ struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (!MD5_Final(md, &mctx->md5))
return 0;
return SHA1_Final(md + MD5_DIGEST_LENGTH, &mctx->sha1);
unsigned char padtmp[48];
unsigned char md5tmp[MD5_DIGEST_LENGTH];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
- struct md5_sha1_ctx *mctx = ctx->md_data;
+ struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return 0;
static int init(EVP_MD_CTX *ctx)
{
- return MDC2_Init(ctx->md_data);
+ return MDC2_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return MDC2_Update(ctx->md_data, data, count);
+ return MDC2_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return MDC2_Final(md, ctx->md_data);
+ return MDC2_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD mdc2_md = {
static int init(EVP_MD_CTX *ctx)
{
- return RIPEMD160_Init(ctx->md_data);
+ return RIPEMD160_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return RIPEMD160_Update(ctx->md_data, data, count);
+ return RIPEMD160_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return RIPEMD160_Final(md, ctx->md_data);
+ return RIPEMD160_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD ripemd160_md = {
static int init(EVP_MD_CTX *ctx)
{
- return SHA1_Init(ctx->md_data);
+ return SHA1_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return SHA1_Update(ctx->md_data, data, count);
+ return SHA1_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return SHA1_Final(md, ctx->md_data);
+ return SHA1_Final(md, EVP_MD_CTX_md_data(ctx));
}
static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
unsigned char padtmp[40];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
- SHA_CTX *sha1 = ctx->md_data;
+ SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx);
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
return 0;
static int init224(EVP_MD_CTX *ctx)
{
- return SHA224_Init(ctx->md_data);
+ return SHA224_Init(EVP_MD_CTX_md_data(ctx));
}
static int init256(EVP_MD_CTX *ctx)
{
- return SHA256_Init(ctx->md_data);
+ return SHA256_Init(EVP_MD_CTX_md_data(ctx));
}
/*
*/
static int update256(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return SHA256_Update(ctx->md_data, data, count);
+ return SHA256_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final256(EVP_MD_CTX *ctx, unsigned char *md)
{
- return SHA256_Final(md, ctx->md_data);
+ return SHA256_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD sha224_md = {
static int init384(EVP_MD_CTX *ctx)
{
- return SHA384_Init(ctx->md_data);
+ return SHA384_Init(EVP_MD_CTX_md_data(ctx));
}
static int init512(EVP_MD_CTX *ctx)
{
- return SHA512_Init(ctx->md_data);
+ return SHA512_Init(EVP_MD_CTX_md_data(ctx));
}
/* See comment in SHA224/256 section */
static int update512(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return SHA512_Update(ctx->md_data, data, count);
+ return SHA512_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final512(EVP_MD_CTX *ctx, unsigned char *md)
{
- return SHA512_Final(md, ctx->md_data);
+ return SHA512_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD sha384_md = {
static int init(EVP_MD_CTX *ctx)
{
- return WHIRLPOOL_Init(ctx->md_data);
+ return WHIRLPOOL_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return WHIRLPOOL_Update(ctx->md_data, data, count);
+ return WHIRLPOOL_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return WHIRLPOOL_Final(md, ctx->md_data);
+ return WHIRLPOOL_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD whirlpool_md = {
EVP_EncodeInit(&ctx->encode);
- EVP_MD_CTX_init(&ctx->md);
- if (!EVP_SignInit(&ctx->md, md_type))
+ ctx->md = EVP_MD_CTX_create();
+ if (!EVP_SignInit(ctx->md, md_type))
goto err;
EVP_CIPHER_CTX_init(&ctx->cipher);
int i, j;
*outl = 0;
- if (!EVP_SignUpdate(&ctx->md, in, inl))
+ if (!EVP_SignUpdate(ctx->md, in, inl))
return 0;
for (;;) {
if (inl <= 0)
EVP_EncodeFinal(&ctx->encode, out, &j);
*outl += j;
- if (!EVP_SignFinal(&ctx->md, s, &i, priv))
+ if (!EVP_SignFinal(ctx->md, s, &i, priv))
goto err;
*sigl = EVP_EncodeBlock(sig, s, i);
ret = 1;
err:
- EVP_MD_CTX_cleanup(&ctx->md);
+ EVP_MD_CTX_destroy(ctx->md);
EVP_CIPHER_CTX_cleanup(&ctx->cipher);
OPENSSL_free(s);
return (ret);
const unsigned char *salt, unsigned int saltlen,
const unsigned char *pass, int passlen)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();;
int rv = 1;
- EVP_MD_CTX_init(&mctx);
- if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
- || !EVP_DigestUpdate(&mctx, salt, saltlen)
- || !EVP_DigestUpdate(&mctx, pass, passlen)
- || !EVP_DigestFinal_ex(&mctx, key, NULL))
+ if (mctx == NULL
+ || !EVP_DigestInit_ex(mctx, EVP_sha1(), NULL)
+ || !EVP_DigestUpdate(mctx, salt, saltlen)
+ || !EVP_DigestUpdate(mctx, pass, passlen)
+ || !EVP_DigestFinal_ex(mctx, key, NULL))
rv = 0;
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return rv;
}
int i, j, u, v;
int ret = 0;
BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx;
#ifdef DEBUG_KEYGEN
unsigned char *tmpout = out;
int tmpn = n;
#endif
- EVP_MD_CTX_init(&ctx);
+ ctx = EVP_MD_CTX_create();
+ if (ctx == NULL)
+ goto err;
+
#ifdef DEBUG_KEYGEN
fprintf(stderr, "KEYGEN DEBUG\n");
fprintf(stderr, "ID %d, ITER %d\n", id, iter);
for (i = 0; i < Plen; i++)
*p++ = pass[i % passlen];
for (;;) {
- if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
- || !EVP_DigestUpdate(&ctx, D, v)
- || !EVP_DigestUpdate(&ctx, I, Ilen)
- || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ if (!EVP_DigestInit_ex(ctx, md_type, NULL)
+ || !EVP_DigestUpdate(ctx, D, v)
+ || !EVP_DigestUpdate(ctx, I, Ilen)
+ || !EVP_DigestFinal_ex(ctx, Ai, NULL))
goto err;
for (j = 1; j < iter; j++) {
- if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
- || !EVP_DigestUpdate(&ctx, Ai, u)
- || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ if (!EVP_DigestInit_ex(ctx, md_type, NULL)
+ || !EVP_DigestUpdate(ctx, Ai, u)
+ || !EVP_DigestFinal_ex(ctx, Ai, NULL))
goto err;
}
memcpy(out, Ai, min(n, u));
OPENSSL_free(I);
BN_free(Ij);
BN_free(Bpl1);
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return ret;
}
int i, j;
BIO *btmp;
PKCS7_SIGNER_INFO *si;
- EVP_MD_CTX *mdc, ctx_tmp;
+ EVP_MD_CTX *mdc, *ctx_tmp;
STACK_OF(X509_ATTRIBUTE) *sk;
STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
ASN1_OCTET_STRING *os = NULL;
return 0;
}
- EVP_MD_CTX_init(&ctx_tmp);
+ ctx_tmp = EVP_MD_CTX_create();
+ if (ctx_tmp == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
i = OBJ_obj2nid(p7->type);
p7->state = PKCS7_S_HEADER;
/*
* We now have the EVP_MD_CTX, lets do the signing.
*/
- if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
+ if (!EVP_MD_CTX_copy_ex(ctx_tmp, mdc))
goto err;
sk = si->auth_attr;
* sign the attributes
*/
if (sk_X509_ATTRIBUTE_num(sk) > 0) {
- if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
+ if (!do_pkcs7_signed_attrib(si, ctx_tmp))
goto err;
} else {
unsigned char *abuf = NULL;
if (abuf == NULL)
goto err;
- if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
+ if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) {
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
goto err;
}
}
ret = 1;
err:
- EVP_MD_CTX_cleanup(&ctx_tmp);
+ EVP_MD_CTX_destroy(ctx_tmp);
return (ret);
}
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
{
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx;
EVP_PKEY_CTX *pctx;
unsigned char *abuf = NULL;
int alen;
if (md == NULL)
return 0;
- EVP_MD_CTX_init(&mctx);
- if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
+ mctx = EVP_MD_CTX_create();
+ if (mctx == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
if (!abuf)
goto err;
- if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
+ if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
goto err;
OPENSSL_free(abuf);
abuf = NULL;
- if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+ if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
goto err;
abuf = OPENSSL_malloc(siglen);
if (abuf == NULL)
goto err;
- if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
+ if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
goto err;
}
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
ASN1_STRING_set0(si->enc_digest, abuf, siglen);
err:
OPENSSL_free(abuf);
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return 0;
}
X509 *x509)
{
ASN1_OCTET_STRING *os;
- EVP_MD_CTX mdc_tmp, *mdc;
+ EVP_MD_CTX *mdc_tmp, *mdc;
int ret = 0, i;
int md_type;
STACK_OF(X509_ATTRIBUTE) *sk;
BIO *btmp;
EVP_PKEY *pkey;
- EVP_MD_CTX_init(&mdc_tmp);
+ mdc_tmp = EVP_MD_CTX_create();
+ if (mdc_tmp == NULL) {
+ PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
* mdc is the digest ctx that we want, unless there are attributes, in
* which case the digest is the signed attributes
*/
- if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
+ if (!EVP_MD_CTX_copy_ex(mdc_tmp, mdc))
goto err;
sk = si->auth_attr;
int alen;
ASN1_OCTET_STRING *message_digest;
- if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
+ if (!EVP_DigestFinal_ex(mdc_tmp, md_dat, &md_len))
goto err;
message_digest = PKCS7_digest_from_attributes(sk);
if (!message_digest) {
goto err;
}
- if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
+ if (!EVP_VerifyInit_ex(mdc_tmp, EVP_get_digestbynid(md_type), NULL))
goto err;
alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
ret = -1;
goto err;
}
- if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+ if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen))
goto err;
OPENSSL_free(abuf);
goto err;
}
- i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
+ i = EVP_VerifyFinal(mdc_tmp, os->data, os->length, pkey);
EVP_PKEY_free(pkey);
if (i <= 0) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
}
ret = 1;
err:
- EVP_MD_CTX_cleanup(&mdc_tmp);
+ EVP_MD_CTX_destroy(mdc_tmp);
return (ret);
}
int i, j, k, st_idx;
long md_c[2];
unsigned char local_md[MD_DIGEST_LENGTH];
- EVP_MD_CTX m;
+ EVP_MD_CTX *m;
int do_not_lock;
int rv = 0;
* hash function.
*/
- EVP_MD_CTX_init(&m);
+ m = EVP_MD_CTX_create();
+ if (m == NULL)
+ goto err;
+
/* check if we already have the lock */
if (crypto_lock_rand) {
CRYPTO_THREADID cur;
j = (num - i);
j = (j > MD_DIGEST_LENGTH) ? MD_DIGEST_LENGTH : j;
- if (!MD_Init(&m))
+ if (!MD_Init(m))
goto err;
- if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH))
+ if (!MD_Update(m, local_md, MD_DIGEST_LENGTH))
goto err;
k = (st_idx + j) - STATE_SIZE;
if (k > 0) {
- if (!MD_Update(&m, &(state[st_idx]), j - k))
+ if (!MD_Update(m, &(state[st_idx]), j - k))
goto err;
- if (!MD_Update(&m, &(state[0]), k))
+ if (!MD_Update(m, &(state[0]), k))
goto err;
- } else if (!MD_Update(&m, &(state[st_idx]), j))
+ } else if (!MD_Update(m, &(state[st_idx]), j))
goto err;
/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
- if (!MD_Update(&m, buf, j))
+ if (!MD_Update(m, buf, j))
goto err;
/*
* We know that line may cause programs such as purify and valgrind
* insecure keys.
*/
- if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
+ if (!MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
goto err;
- if (!MD_Final(&m, local_md))
+ if (!MD_Final(m, local_md))
goto err;
md_c[1]++;
#endif
rv = 1;
err:
- EVP_MD_CTX_cleanup(&m);
+ EVP_MD_CTX_destroy(m);
return rv;
}
int ok;
long md_c[2];
unsigned char local_md[MD_DIGEST_LENGTH];
- EVP_MD_CTX m;
+ EVP_MD_CTX *m;
#ifndef GETPID_IS_MEANINGLESS
pid_t curr_pid = getpid();
#endif
if (num <= 0)
return 1;
- EVP_MD_CTX_init(&m);
+ m = EVP_MD_CTX_create();
+ if (m == NULL)
+ goto err_mem;
+
/* round upwards to multiple of MD_DIGEST_LENGTH/2 */
num_ceil =
(1 + (num - 1) / (MD_DIGEST_LENGTH / 2)) * (MD_DIGEST_LENGTH / 2);
/* num_ceil -= MD_DIGEST_LENGTH/2 */
j = (num >= MD_DIGEST_LENGTH / 2) ? MD_DIGEST_LENGTH / 2 : num;
num -= j;
- if (!MD_Init(&m))
+ if (!MD_Init(m))
goto err;
#ifndef GETPID_IS_MEANINGLESS
if (curr_pid) { /* just in the first iteration to save time */
- if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid))
+ if (!MD_Update(m, (unsigned char *)&curr_pid, sizeof curr_pid))
goto err;
curr_pid = 0;
}
#endif
if (curr_time) { /* just in the first iteration to save time */
- if (!MD_Update(&m, (unsigned char *)&curr_time, sizeof curr_time))
+ if (!MD_Update(m, (unsigned char *)&curr_time, sizeof curr_time))
goto err;
- if (!MD_Update(&m, (unsigned char *)&tv, sizeof tv))
+ if (!MD_Update(m, (unsigned char *)&tv, sizeof tv))
goto err;
curr_time = 0;
- rand_hw_seed(&m);
+ rand_hw_seed(m);
}
- if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH))
+ if (!MD_Update(m, local_md, MD_DIGEST_LENGTH))
goto err;
- if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
+ if (!MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
goto err;
#ifndef PURIFY /* purify complains */
* builds it is not used: the removal of such a small source of
* entropy has negligible impact on security.
*/
- if (!MD_Update(&m, buf, j))
+ if (!MD_Update(m, buf, j))
goto err;
#endif
k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
if (k > 0) {
- if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k))
+ if (!MD_Update(m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k))
goto err;
- if (!MD_Update(&m, &(state[0]), k))
+ if (!MD_Update(m, &(state[0]), k))
goto err;
- } else if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2))
+ } else if (!MD_Update(m, &(state[st_idx]), MD_DIGEST_LENGTH / 2))
goto err;
- if (!MD_Final(&m, local_md))
+ if (!MD_Final(m, local_md))
goto err;
for (i = 0; i < MD_DIGEST_LENGTH / 2; i++) {
}
}
- if (!MD_Init(&m)
- || !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c))
- || !MD_Update(&m, local_md, MD_DIGEST_LENGTH))
+ if (!MD_Init(m)
+ || !MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c))
+ || !MD_Update(m, local_md, MD_DIGEST_LENGTH))
goto err;
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
/*
* Prevent deadlocks if we end up in an async engine
*/
ASYNC_block_pause();
- if (!MD_Update(&m, md, MD_DIGEST_LENGTH) || !MD_Final(&m, md)) {
+ if (!MD_Update(m, md, MD_DIGEST_LENGTH) || !MD_Final(m, md)) {
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
goto err;
}
ASYNC_unblock_pause();
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- EVP_MD_CTX_cleanup(&m);
+ EVP_MD_CTX_destroy(m);
if (ok)
return (1);
else if (pseudo)
return (0);
}
err:
- EVP_MD_CTX_cleanup(&m);
RANDerr(RAND_F_RAND_BYTES, ERR_R_EVP_LIB);
+ EVP_MD_CTX_destroy(m);
+ return 0;
+ err_mem:
+ RANDerr(RAND_F_RAND_BYTES, ERR_R_MALLOC_FAILURE);
+ EVP_MD_CTX_destroy(m);
return 0;
}
ASN1_BIT_STRING *sig)
{
int pad_mode;
- EVP_PKEY_CTX *pkctx = ctx->pctx;
+ EVP_PKEY_CTX *pkctx = EVP_MD_CTX_pkey_ctx(ctx);
if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
return 0;
if (pad_mode == RSA_PKCS1_PADDING)
{
long i, outlen = 0;
unsigned char cnt[4];
- EVP_MD_CTX c;
+ EVP_MD_CTX *c = EVP_MD_CTX_create();
unsigned char md[EVP_MAX_MD_SIZE];
int mdlen;
int rv = -1;
- EVP_MD_CTX_init(&c);
- mdlen = M_EVP_MD_size(dgst);
+ if (c == NULL)
+ goto err;
+ mdlen = EVP_MD_size(dgst);
if (mdlen < 0)
goto err;
for (i = 0; outlen < len; i++) {
cnt[1] = (unsigned char)((i >> 16) & 255);
cnt[2] = (unsigned char)((i >> 8)) & 255;
cnt[3] = (unsigned char)(i & 255);
- if (!EVP_DigestInit_ex(&c, dgst, NULL)
- || !EVP_DigestUpdate(&c, seed, seedlen)
- || !EVP_DigestUpdate(&c, cnt, 4))
+ if (!EVP_DigestInit_ex(c, dgst, NULL)
+ || !EVP_DigestUpdate(c, seed, seedlen)
+ || !EVP_DigestUpdate(c, cnt, 4))
goto err;
if (outlen + mdlen <= len) {
- if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
+ if (!EVP_DigestFinal_ex(c, mask + outlen, NULL))
goto err;
outlen += mdlen;
} else {
- if (!EVP_DigestFinal_ex(&c, md, NULL))
+ if (!EVP_DigestFinal_ex(c, md, NULL))
goto err;
memcpy(mask + outlen, md, len - outlen);
outlen = len;
}
rv = 0;
err:
- EVP_MD_CTX_cleanup(&c);
+ EVP_MD_CTX_destroy(c);
return rv;
}
int hLen, maskedDBLen, MSBits, emLen;
const unsigned char *H;
unsigned char *DB = NULL;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_create();
unsigned char H_[EVP_MAX_MD_SIZE];
- EVP_MD_CTX_init(&ctx);
+
+
+ if (ctx == NULL)
+ goto err;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
- hLen = M_EVP_MD_size(Hash);
+ hLen = EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*-
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
- if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
- || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
- || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ if (!EVP_DigestInit_ex(ctx, Hash, NULL)
+ || !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(ctx, mHash, hLen))
goto err;
if (maskedDBLen - i) {
- if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
+ if (!EVP_DigestUpdate(ctx, DB + i, maskedDBLen - i))
goto err;
}
- if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
+ if (!EVP_DigestFinal_ex(ctx, H_, NULL))
goto err;
if (memcmp(H_, H, hLen)) {
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
err:
OPENSSL_free(DB);
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return ret;
int ret = 0;
int hLen, maskedDBLen, MSBits, emLen;
unsigned char *H, *salt = NULL, *p;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = NULL;
if (mgf1Hash == NULL)
mgf1Hash = Hash;
- hLen = M_EVP_MD_size(Hash);
+ hLen = EVP_MD_size(Hash);
if (hLen < 0)
goto err;
/*-
}
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
- EVP_MD_CTX_init(&ctx);
- if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
- || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
- || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ ctx = EVP_MD_CTX_create();
+ if (ctx == NULL)
+ goto err;
+ if (!EVP_DigestInit_ex(ctx, Hash, NULL)
+ || !EVP_DigestUpdate(ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(ctx, mHash, hLen))
goto err;
- if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
+ if (sLen && !EVP_DigestUpdate(ctx, salt, sLen))
goto err;
- if (!EVP_DigestFinal_ex(&ctx, H, NULL))
+ if (!EVP_DigestFinal_ex(ctx, H, NULL))
goto err;
- EVP_MD_CTX_cleanup(&ctx);
/* Generate dbMask in place then perform XOR on it */
if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
ret = 1;
err:
+ EVP_MD_CTX_destroy(ctx);
OPENSSL_free(salt);
return ret;
unsigned char digest[SHA_DIGEST_LENGTH];
unsigned char *tmp;
- EVP_MD_CTX ctxt;
+ EVP_MD_CTX *ctxt = NULL;
int longg;
int longN = BN_num_bytes(N);
+ BIGNUM *res = NULL;
if (BN_ucmp(g, N) >= 0)
return NULL;
- if ((tmp = OPENSSL_malloc(longN)) == NULL)
+ ctxt = EVP_MD_CTX_create();
+ if (ctxt == NULL)
return NULL;
+ if ((tmp = OPENSSL_malloc(longN)) == NULL)
+ goto err;
BN_bn2bin(N, tmp);
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, tmp, longN);
+ EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(ctxt, tmp, longN);
memset(tmp, 0, longN);
longg = BN_bn2bin(g, tmp);
/* use the zeros behind to pad on left */
- EVP_DigestUpdate(&ctxt, tmp + longg, longN - longg);
- EVP_DigestUpdate(&ctxt, tmp, longg);
+ EVP_DigestUpdate(ctxt, tmp + longg, longN - longg);
+ EVP_DigestUpdate(ctxt, tmp, longg);
OPENSSL_free(tmp);
- EVP_DigestFinal_ex(&ctxt, digest, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
- return BN_bin2bn(digest, sizeof(digest), NULL);
+ EVP_DigestFinal_ex(ctxt, digest, NULL);
+ res = BN_bin2bn(digest, sizeof(digest), NULL);
+ err:
+ EVP_MD_CTX_destroy(ctxt);
+ return res;
}
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
BIGNUM *u;
unsigned char cu[SHA_DIGEST_LENGTH];
unsigned char *cAB;
- EVP_MD_CTX ctxt;
+ EVP_MD_CTX *ctxt = NULL;
int longN;
if ((A == NULL) || (B == NULL) || (N == NULL))
return NULL;
longN = BN_num_bytes(N);
- if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
+ ctxt = EVP_MD_CTX_create();
+ if (ctxt == NULL)
return NULL;
+ if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
+ goto err;
memset(cAB, 0, longN);
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
- EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
+ EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
+ EVP_DigestUpdate(ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
OPENSSL_free(cAB);
- EVP_DigestFinal_ex(&ctxt, cu, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
+ EVP_DigestFinal_ex(ctxt, cu, NULL);
if ((u = BN_bin2bn(cu, sizeof(cu), NULL)) == NULL)
- return NULL;
- if (!BN_is_zero(u))
- return u;
- BN_free(u);
- return NULL;
+ goto err;
+ if (BN_is_zero(u)) {
+ BN_free(u);
+ u = NULL;
+ }
+ err:
+ EVP_MD_CTX_destroy(ctxt);
+
+ return u;
}
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
{
unsigned char dig[SHA_DIGEST_LENGTH];
- EVP_MD_CTX ctxt;
+ EVP_MD_CTX *ctxt;
unsigned char *cs;
+ BIGNUM *res = NULL;
if ((s == NULL) || (user == NULL) || (pass == NULL))
return NULL;
- if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
+ ctxt = EVP_MD_CTX_create();
+ if (ctxt == NULL)
return NULL;
+ if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
+ goto err;
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, user, strlen(user));
- EVP_DigestUpdate(&ctxt, ":", 1);
- EVP_DigestUpdate(&ctxt, pass, strlen(pass));
- EVP_DigestFinal_ex(&ctxt, dig, NULL);
+ EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(ctxt, user, strlen(user));
+ EVP_DigestUpdate(ctxt, ":", 1);
+ EVP_DigestUpdate(ctxt, pass, strlen(pass));
+ EVP_DigestFinal_ex(ctxt, dig, NULL);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+ EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
BN_bn2bin(s, cs);
- EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
+ EVP_DigestUpdate(ctxt, cs, BN_num_bytes(s));
OPENSSL_free(cs);
- EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
- EVP_DigestFinal_ex(&ctxt, dig, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
+ EVP_DigestUpdate(ctxt, dig, sizeof(dig));
+ EVP_DigestFinal_ex(ctxt, dig, NULL);
- return BN_bin2bn(dig, sizeof(dig), NULL);
+ res = BN_bin2bn(dig, sizeof(dig), NULL);
+ err:
+ EVP_MD_CTX_destroy(ctxt);
+ return res;
}
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
SRP_user_pwd *user;
unsigned char digv[SHA_DIGEST_LENGTH];
unsigned char digs[SHA_DIGEST_LENGTH];
- EVP_MD_CTX ctxt;
+ EVP_MD_CTX *ctxt = NULL;
if (vb == NULL)
return NULL;
if (RAND_bytes(digv, SHA_DIGEST_LENGTH) <= 0)
goto err;
- EVP_MD_CTX_init(&ctxt);
- EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
- EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
- EVP_DigestUpdate(&ctxt, username, strlen(username));
- EVP_DigestFinal_ex(&ctxt, digs, NULL);
- EVP_MD_CTX_cleanup(&ctxt);
- if (SRP_user_pwd_set_sv_BN
- (user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
- BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
+ ctxt = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL);
+ EVP_DigestUpdate(ctxt, vb->seed_key, strlen(vb->seed_key));
+ EVP_DigestUpdate(ctxt, username, strlen(username));
+ EVP_DigestFinal_ex(ctxt, digs, NULL);
+ EVP_MD_CTX_destroy(ctxt);
+ ctxt = NULL;
+ if (SRP_user_pwd_set_sv_BN(user,
+ BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
+ BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
return user;
err:
+ EVP_MD_CTX_destroy(ctxt);
SRP_user_pwd_free(user);
return NULL;
}
TS_MSG_IMPRINT *msg_imprint = tst_info->msg_imprint;
X509_ALGOR *md_alg_resp = msg_imprint->hash_algo;
const EVP_MD *md;
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx = NULL;
unsigned char buffer[4096];
int length;
goto err;
}
- if (!EVP_DigestInit(&md_ctx, md))
+ md_ctx = EVP_MD_CTX_create();
+ if (md_ctx == NULL) {
+ TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!EVP_DigestInit(md_ctx, md))
goto err;
while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
- if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+ if (!EVP_DigestUpdate(md_ctx, buffer, length))
goto err;
}
- if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+ if (!EVP_DigestFinal(md_ctx, *imprint, NULL))
goto err;
+ EVP_MD_CTX_destroy(md_ctx);
return 1;
err:
+ EVP_MD_CTX_destroy(md_ctx);
X509_ALGOR_free(*md_alg);
OPENSSL_free(*imprint);
*imprint_len = 0;
unsigned long X509_issuer_and_serial_hash(X509 *a)
{
unsigned long ret = 0;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_create();
unsigned char md[16];
char *f;
- EVP_MD_CTX_init(&ctx);
+ if (ctx == NULL)
+ goto err;
f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0);
- if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+ if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL))
goto err;
- if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
+ if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f)))
goto err;
OPENSSL_free(f);
if (!EVP_DigestUpdate
- (&ctx, (unsigned char *)a->cert_info.serialNumber.data,
+ (ctx, (unsigned char *)a->cert_info.serialNumber.data,
(unsigned long)a->cert_info.serialNumber.length))
goto err;
- if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
+ if (!EVP_DigestFinal_ex(ctx, &(md[0]), NULL))
goto err;
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return (ret);
}
#endif
unsigned long X509_NAME_hash_old(X509_NAME *x)
{
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
unsigned long ret = 0;
unsigned char md[16];
+ if (md_ctx == NULL)
+ return ret;
+
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x, NULL);
- EVP_MD_CTX_init(&md_ctx);
- EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
- && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
- && EVP_DigestFinal_ex(&md_ctx, md, NULL))
+ EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ if (EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL)
+ && EVP_DigestUpdate(md_ctx, x->bytes->data, x->bytes->length)
+ && EVP_DigestFinal_ex(md_ctx, md, NULL))
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
) & 0xffffffffL;
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
return (ret);
}
int gost_imit_init_cpa(EVP_MD_CTX *ctx)
{
- struct ossl_gost_imit_ctx *c = ctx->md_data;
+ struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
memset(c->buffer, 0, sizeof(c->buffer));
memset(c->partial_block, 0, sizeof(c->partial_block));
c->count = 0;
int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- struct ossl_gost_imit_ctx *c = ctx->md_data;
+ struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
const unsigned char *p = data;
size_t bytes = count, i;
if (!(c->key_set)) {
int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- struct ossl_gost_imit_ctx *c = ctx->md_data;
+ struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
if (!c->key_set) {
GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
return 0;
return 0;
}
- gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
+ gost_key(&(((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->cctx),
ptr);
- ((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
+ ((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->key_set = 1;
return 1;
}
int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
- memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx));
+ memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from),
+ sizeof(struct ossl_gost_imit_ctx));
return 1;
}
/* Clean up imit ctx */
int gost_imit_cleanup(EVP_MD_CTX *ctx)
{
- memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx));
+ memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_imit_ctx));
return 1;
}
int gost_digest_init(EVP_MD_CTX *ctx)
{
- struct ossl_gost_digest_ctx *c = ctx->md_data;
+ struct ossl_gost_digest_ctx *c = EVP_MD_CTX_md_data(ctx);
memset(&(c->dctx), 0, sizeof(gost_hash_ctx));
gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet);
c->dctx.cipher_ctx = &(c->cctx);
int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
- return hash_block((gost_hash_ctx *) ctx->md_data, data, count);
+ return hash_block((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), data, count);
}
int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
{
- return finish_hash((gost_hash_ctx *) ctx->md_data, md);
+ return finish_hash((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), md);
}
int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
- struct ossl_gost_digest_ctx *md_ctx = to->md_data;
- if (to->md_data && from->md_data) {
- memcpy(to->md_data, from->md_data,
+ struct ossl_gost_digest_ctx *md_ctx = EVP_MD_CTX_md_data(to);
+ if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) {
+ memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from),
sizeof(struct ossl_gost_digest_ctx));
md_ctx->dctx.cipher_ctx = &(md_ctx->cctx);
}
int gost_digest_cleanup(EVP_MD_CTX *ctx)
{
- if (ctx->md_data)
- memset(ctx->md_data, 0, sizeof(struct ossl_gost_digest_ctx));
+ if (EVP_MD_CTX_md_data(ctx))
+ memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_digest_ctx));
return 1;
}
} else {
key = &(data->key);
}
- return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
+ return EVP_MD_CTX_md(mctx)->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY,
+ 32, key);
}
}
return -2;
* implementation
*/
#undef data
-#define data(ctx) ((SHA_CTX *)(ctx)->md_data)
+#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
static int dasync_sha1_init(EVP_MD_CTX *ctx)
{
dummy_pause_job();
* the same value.
*/
#undef data
-#define data(ctx) ((MD5_CTX *)(ctx)->md_data)
+#define data(ctx) ((MD5_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_md5_init(EVP_MD_CTX *ctx)
{
return MD5_Init(data(ctx));
* SHA1 implementation.
*/
#undef data
-#define data(ctx) ((SHA_CTX *)(ctx)->md_data)
+#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha1_init(EVP_MD_CTX *ctx)
{
return SHA1_Init(data(ctx));
* SHA256 implementation.
*/
#undef data
-#define data(ctx) ((SHA256_CTX *)(ctx)->md_data)
+#define data(ctx) ((SHA256_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha256_init(EVP_MD_CTX *ctx)
{
return SHA256_Init(data(ctx));
* SHA384/512 implementation.
*/
#undef data
-#define data(ctx) ((SHA512_CTX *)(ctx)->md_data)
+#define data(ctx) ((SHA512_CTX *)EVP_MD_CTX_md_data(ctx))
static int digest_sha384_init(EVP_MD_CTX *ctx)
{
return SHA384_Init(data(ctx));
typedef struct hmac_ctx_st {
const EVP_MD *md;
- EVP_MD_CTX md_ctx;
- EVP_MD_CTX i_ctx;
- EVP_MD_CTX o_ctx;
+ EVP_MD_CTX *md_ctx;
+ EVP_MD_CTX *i_ctx;
+ EVP_MD_CTX *o_ctx;
unsigned int key_length;
unsigned char key[HMAC_MAX_MD_CBLOCK];
} HMAC_CTX;
*/
typedef struct PEM_Encode_Seal_st {
EVP_ENCODE_CTX encode;
- EVP_MD_CTX md;
+ EVP_MD_CTX *md;
EVP_CIPHER_CTX cipher;
} PEM_ENCODE_SEAL_CTX;
{
SSL3_RECORD *rec;
unsigned char *mac_sec, *seq;
- EVP_MD_CTX md_ctx;
const EVP_MD_CTX *hash;
unsigned char *p, rec_char;
size_t md_size;
} else {
unsigned int md_size_u;
/* Chop the digest off the end :-) */
- EVP_MD_CTX_init(&md_ctx);
+ EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
+
+ if (md_ctx == NULL)
+ return -1;
rec_char = rec->type;
p = md;
s2n(rec->length, p);
- if (EVP_MD_CTX_copy_ex(&md_ctx, hash) <= 0
- || EVP_DigestUpdate(&md_ctx, mac_sec, md_size) <= 0
- || EVP_DigestUpdate(&md_ctx, ssl3_pad_1, npad) <= 0
- || EVP_DigestUpdate(&md_ctx, seq, 8) <= 0
- || EVP_DigestUpdate(&md_ctx, &rec_char, 1) <= 0
- || EVP_DigestUpdate(&md_ctx, md, 2) <= 0
- || EVP_DigestUpdate(&md_ctx, rec->input, rec->length) <= 0
- || EVP_DigestFinal_ex(&md_ctx, md, NULL) <= 0
- || EVP_MD_CTX_copy_ex(&md_ctx, hash) <= 0
- || EVP_DigestUpdate(&md_ctx, mac_sec, md_size) <= 0
- || EVP_DigestUpdate(&md_ctx, ssl3_pad_2, npad) <= 0
- || EVP_DigestUpdate(&md_ctx, md, md_size) <= 0
- || EVP_DigestFinal_ex(&md_ctx, md, &md_size_u) <= 0) {
- EVP_MD_CTX_cleanup(&md_ctx);
+ if (EVP_MD_CTX_copy_ex(md_ctx, hash) <= 0
+ || EVP_DigestUpdate(md_ctx, mac_sec, md_size) <= 0
+ || EVP_DigestUpdate(md_ctx, ssl3_pad_1, npad) <= 0
+ || EVP_DigestUpdate(md_ctx, seq, 8) <= 0
+ || EVP_DigestUpdate(md_ctx, &rec_char, 1) <= 0
+ || EVP_DigestUpdate(md_ctx, md, 2) <= 0
+ || EVP_DigestUpdate(md_ctx, rec->input, rec->length) <= 0
+ || EVP_DigestFinal_ex(md_ctx, md, NULL) <= 0
+ || EVP_MD_CTX_copy_ex(md_ctx, hash) <= 0
+ || EVP_DigestUpdate(md_ctx, mac_sec, md_size) <= 0
+ || EVP_DigestUpdate(md_ctx, ssl3_pad_2, npad) <= 0
+ || EVP_DigestUpdate(md_ctx, md, md_size) <= 0
+ || EVP_DigestFinal_ex(md_ctx, md, &md_size_u) <= 0) {
+ EVP_MD_CTX_cleanup(md_ctx);
return -1;
}
md_size = md_size_u;
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
}
ssl3_record_sequence_update(seq);
EVP_MD_CTX *hash;
size_t md_size;
int i;
- EVP_MD_CTX hmac, *mac_ctx;
+ EVP_MD_CTX *hmac = NULL, *mac_ctx;
unsigned char header[13];
int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
: (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
if (stream_mac) {
mac_ctx = hash;
} else {
- if (!EVP_MD_CTX_copy(&hmac, hash))
+ hmac = EVP_MD_CTX_create();
+ if (hmac == NULL
+ || !EVP_MD_CTX_copy(hmac, hash))
return -1;
- mac_ctx = &hmac;
+ mac_ctx = hmac;
}
if (SSL_IS_DTLS(ssl)) {
rec->length + md_size, rec->orig_len,
ssl->s3->read_mac_secret,
ssl->s3->read_mac_secret_size, 0) <= 0) {
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
+ EVP_MD_CTX_destroy(hmac);
return -1;
}
} else {
if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
|| EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
|| EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
+ EVP_MD_CTX_destroy(hmac);
return -1;
}
if (!send && !SSL_USE_ETM(ssl) && FIPS_mode())
rec->length, rec->orig_len);
}
- if (!stream_mac)
- EVP_MD_CTX_cleanup(&hmac);
+ EVP_MD_CTX_destroy(hmac);
#ifdef TLS_DEBUG
fprintf(stderr, "seq=");
unsigned char first_block[MAX_HASH_BLOCK_SIZE];
unsigned char mac_out[EVP_MAX_MD_SIZE];
unsigned i, j, md_out_size_u;
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx = NULL;
/*
* mdLengthSize is the number of bytes in the length field that
* terminates * the hash.
mac_out[j] |= block[j] & is_block_b;
}
- EVP_MD_CTX_init(&md_ctx);
- if (EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */ ) <= 0)
+ md_ctx = EVP_MD_CTX_create();
+ if (md_ctx == NULL)
+ goto err;
+ if (EVP_DigestInit_ex(md_ctx, EVP_MD_CTX_md(ctx), NULL /* engine */ ) <= 0)
goto err;
if (is_sslv3) {
/* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
memset(hmac_pad, 0x5c, sslv3_pad_length);
- if (EVP_DigestUpdate(&md_ctx, mac_secret, mac_secret_length) <= 0
- || EVP_DigestUpdate(&md_ctx, hmac_pad, sslv3_pad_length) <= 0
- || EVP_DigestUpdate(&md_ctx, mac_out, md_size) <= 0)
+ if (EVP_DigestUpdate(md_ctx, mac_secret, mac_secret_length) <= 0
+ || EVP_DigestUpdate(md_ctx, hmac_pad, sslv3_pad_length) <= 0
+ || EVP_DigestUpdate(md_ctx, mac_out, md_size) <= 0)
goto err;
} else {
/* Complete the HMAC in the standard manner. */
for (i = 0; i < md_block_size; i++)
hmac_pad[i] ^= 0x6a;
- if (EVP_DigestUpdate(&md_ctx, hmac_pad, md_block_size) <= 0
- || EVP_DigestUpdate(&md_ctx, mac_out, md_size) <= 0)
+ if (EVP_DigestUpdate(md_ctx, hmac_pad, md_block_size) <= 0
+ || EVP_DigestUpdate(md_ctx, mac_out, md_size) <= 0)
goto err;
}
- ret = EVP_DigestFinal(&md_ctx, md_out, &md_out_size_u);
+ ret = EVP_DigestFinal(md_ctx, md_out, &md_out_size_u);
if (ret && md_out_size)
*md_out_size = md_out_size_u;
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
return 1;
err:
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
return 0;
}
static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
{
- EVP_MD_CTX m5;
- EVP_MD_CTX s1;
+ EVP_MD_CTX *m5;
+ EVP_MD_CTX *s1;
unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
unsigned char c = 'A';
unsigned int i, j, k;
+ int ret = 0;
#ifdef CHARSET_EBCDIC
c = os_toascii[c]; /* 'A' in ASCII */
#endif
k = 0;
- EVP_MD_CTX_init(&m5);
- EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- EVP_MD_CTX_init(&s1);
+ m5 = EVP_MD_CTX_create();
+ s1 = EVP_MD_CTX_create();
+ if (m5 == NULL || s1 == NULL) {
+ SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ EVP_MD_CTX_set_flags(m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
k++;
if (k > sizeof buf) {
for (j = 0; j < k; j++)
buf[j] = c;
c++;
- EVP_DigestInit_ex(&s1, EVP_sha1(), NULL);
- EVP_DigestUpdate(&s1, buf, k);
- EVP_DigestUpdate(&s1, s->session->master_key,
+ EVP_DigestInit_ex(s1, EVP_sha1(), NULL);
+ EVP_DigestUpdate(s1, buf, k);
+ EVP_DigestUpdate(s1, s->session->master_key,
s->session->master_key_length);
- EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE);
- EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE);
- EVP_DigestFinal_ex(&s1, smd, NULL);
+ EVP_DigestUpdate(s1, s->s3->server_random, SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(s1, s->s3->client_random, SSL3_RANDOM_SIZE);
+ EVP_DigestFinal_ex(s1, smd, NULL);
- EVP_DigestInit_ex(&m5, EVP_md5(), NULL);
- EVP_DigestUpdate(&m5, s->session->master_key,
+ EVP_DigestInit_ex(m5, EVP_md5(), NULL);
+ EVP_DigestUpdate(m5, s->session->master_key,
s->session->master_key_length);
- EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH);
+ EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH);
if ((int)(i + MD5_DIGEST_LENGTH) > num) {
- EVP_DigestFinal_ex(&m5, smd, NULL);
+ EVP_DigestFinal_ex(m5, smd, NULL);
memcpy(km, smd, (num - i));
} else
- EVP_DigestFinal_ex(&m5, km, NULL);
+ EVP_DigestFinal_ex(m5, km, NULL);
km += MD5_DIGEST_LENGTH;
}
OPENSSL_cleanse(smd, sizeof(smd));
- EVP_MD_CTX_cleanup(&m5);
- EVP_MD_CTX_cleanup(&s1);
- return 1;
+ ret = 1;
+ err:
+ EVP_MD_CTX_destroy(m5);
+ EVP_MD_CTX_destroy(s1);
+ return ret;
}
int ssl3_change_cipher_state(SSL *s, int which)
int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p)
{
int ret;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = NULL;
if (!ssl3_digest_cached_records(s, 0))
return 0;
return 0;
}
- EVP_MD_CTX_init(&ctx);
- EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst);
+ ctx = EVP_MD_CTX_create();
+ if (ctx == NULL) {
+ SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ EVP_MD_CTX_copy_ex(ctx, s->s3->handshake_dgst);
- ret = EVP_MD_CTX_size(&ctx);
+ ret = EVP_MD_CTX_size(ctx);
if (ret < 0) {
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_cleanup(ctx);
return 0;
}
- if ((sender != NULL && EVP_DigestUpdate(&ctx, sender, len) <= 0)
- || EVP_MD_CTX_ctrl(&ctx, EVP_CTRL_SSL3_MASTER_SECRET,
+ if ((sender != NULL && EVP_DigestUpdate(ctx, sender, len) <= 0)
+ || EVP_MD_CTX_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key) <= 0
- || EVP_DigestFinal_ex(&ctx, p, NULL) <= 0) {
+ || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) {
SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_INTERNAL_ERROR);
ret = 0;
}
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return ret;
}
#endif
};
unsigned char buf[EVP_MAX_MD_SIZE];
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_create();
int i, ret = 0;
unsigned int n;
#ifdef OPENSSL_SSL_TRACE_CRYPTO
unsigned char *tmpout = out;
#endif
- EVP_MD_CTX_init(&ctx);
+ if (ctx == NULL) {
+ SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
for (i = 0; i < 3; i++) {
- if (EVP_DigestInit_ex(&ctx, s->ctx->sha1, NULL) <= 0
- || EVP_DigestUpdate(&ctx, salt[i],
+ if (EVP_DigestInit_ex(ctx, s->ctx->sha1, NULL) <= 0
+ || EVP_DigestUpdate(ctx, salt[i],
strlen((const char *)salt[i])) <= 0
- || EVP_DigestUpdate(&ctx, p, len) <= 0
- || EVP_DigestUpdate(&ctx, &(s->s3->client_random[0]),
+ || EVP_DigestUpdate(ctx, p, len) <= 0
+ || EVP_DigestUpdate(ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestUpdate(&ctx, &(s->s3->server_random[0]),
+ || EVP_DigestUpdate(ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
- || EVP_DigestFinal_ex(&ctx, buf, &n) <= 0
+ || EVP_DigestFinal_ex(ctx, buf, &n) <= 0
- || EVP_DigestInit_ex(&ctx, s->ctx->md5, NULL) <= 0
- || EVP_DigestUpdate(&ctx, p, len) <= 0
- || EVP_DigestUpdate(&ctx, buf, n) <= 0
- || EVP_DigestFinal_ex(&ctx, out, &n) <= 0) {
+ || EVP_DigestInit_ex(ctx, s->ctx->md5, NULL) <= 0
+ || EVP_DigestUpdate(ctx, p, len) <= 0
+ || EVP_DigestUpdate(ctx, buf, n) <= 0
+ || EVP_DigestFinal_ex(ctx, out, &n) <= 0) {
SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
ret = 0;
break;
out += n;
ret += n;
}
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
#ifdef OPENSSL_SSL_TRACE_CRYPTO
if (ret > 0 && s->msg_callback) {
/* Retrieve handshake hashes */
int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen)
{
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = NULL;
EVP_MD_CTX *hdgst = s->s3->handshake_dgst;
int ret = EVP_MD_CTX_size(hdgst);
- EVP_MD_CTX_init(&ctx);
if (ret < 0 || ret > outlen) {
ret = 0;
goto err;
}
- if (!EVP_MD_CTX_copy_ex(&ctx, hdgst)
- || EVP_DigestFinal_ex(&ctx, out, NULL) <= 0)
+ ctx = EVP_MD_CTX_create();
+ if (ctx == NULL) {
+ ret = 0;
+ goto err;
+ }
+ if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
+ || EVP_DigestFinal_ex(ctx, out, NULL) <= 0)
ret = 0;
err:
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_MD_CTX_destroy(ctx);
return ret;
}
MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
{
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx;
int al, j;
long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
#endif
PACKET save_param_start, signature;
- EVP_MD_CTX_init(&md_ctx);
+ md_ctx = EVP_MD_CTX_create();
+ if (md_ctx == NULL) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ goto f_err;
+ }
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
goto f_err;
}
- if (EVP_VerifyInit_ex(&md_ctx, md, NULL) <= 0
- || EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
+ if (EVP_VerifyInit_ex(md_ctx, md, NULL) <= 0
+ || EVP_VerifyUpdate(md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
- || EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
+ || EVP_VerifyUpdate(md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
- || EVP_VerifyUpdate(&md_ctx, PACKET_data(¶ms),
+ || EVP_VerifyUpdate(md_ctx, PACKET_data(¶ms),
PACKET_remaining(¶ms)) <= 0) {
al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB);
goto f_err;
}
- if (EVP_VerifyFinal(&md_ctx, PACKET_data(&signature),
+ if (EVP_VerifyFinal(md_ctx, PACKET_data(&signature),
PACKET_remaining(&signature), pkey) <= 0) {
/* bad signature */
al = SSL_AD_DECRYPT_ERROR;
}
}
EVP_PKEY_free(pkey);
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
return MSG_PROCESS_CONTINUE_READING;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
EC_POINT_free(srvr_ecpoint);
EC_KEY_free(ecdh);
#endif
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
ossl_statem_set_error(s);
return MSG_PROCESS_ERROR;
}
unsigned char *p;
EVP_PKEY *pkey;
const EVP_MD *md = s->s3->tmp.md[s->cert->key - s->cert->pkeys];
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx;
unsigned u = 0;
unsigned long n = 0;
long hdatalen = 0;
void *hdata;
- EVP_MD_CTX_init(&mctx);
+ mctx = EVP_MD_CTX_create();
+ if (mctx == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
p = ssl_handshake_start(s);
pkey = s->cert->key->privatekey;
#ifdef SSL_DEBUG
fprintf(stderr, "Using client alg %s\n", EVP_MD_name(md));
#endif
- if (!EVP_SignInit_ex(&mctx, md, NULL)
- || !EVP_SignUpdate(&mctx, hdata, hdatalen)
+ if (!EVP_SignInit_ex(mctx, md, NULL)
+ || !EVP_SignUpdate(mctx, hdata, hdatalen)
|| (s->version == SSL3_VERSION
- && !EVP_MD_CTX_ctrl(&mctx, EVP_CTRL_SSL3_MASTER_SECRET,
+ && !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key))
- || !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
+ || !EVP_SignFinal(mctx, p + 2, &u, pkey)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_EVP_LIB);
goto err;
}
goto err;
}
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return 1;
err:
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
return 0;
}
BIGNUM *r[4];
int nr[4], kn;
BUF_MEM *buf;
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
- EVP_MD_CTX_init(&md_ctx);
+ if (md_ctx == NULL) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
type = s->s3->tmp.new_cipher->algorithm_mkey;
cert = s->cert;
#ifdef SSL_DEBUG
fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
#endif
- if (EVP_SignInit_ex(&md_ctx, md, NULL) <= 0
- || EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
+ if (EVP_SignInit_ex(md_ctx, md, NULL) <= 0
+ || EVP_SignUpdate(md_ctx, &(s->s3->client_random[0]),
SSL3_RANDOM_SIZE) <= 0
- || EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
+ || EVP_SignUpdate(md_ctx, &(s->s3->server_random[0]),
SSL3_RANDOM_SIZE) <= 0
- || EVP_SignUpdate(&md_ctx, d, n) <= 0
- || EVP_SignFinal(&md_ctx, &(p[2]),
+ || EVP_SignUpdate(md_ctx, d, n) <= 0
+ || EVP_SignFinal(md_ctx, &(p[2]),
(unsigned int *)&i, pkey) <= 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
}
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
return 1;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
OPENSSL_free(encodedPoint);
BN_CTX_free(bn_ctx);
#endif
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
ossl_statem_set_error(s);
return 0;
}
long hdatalen = 0;
void *hdata;
- EVP_MD_CTX mctx;
- EVP_MD_CTX_init(&mctx);
+ EVP_MD_CTX *mctx = EVP_MD_CTX_create();
+
+ if (mctx == NULL) {
+ SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
+ al = SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
peer = s->session->peer;
pkey = X509_get_pubkey(peer);
#ifdef SSL_DEBUG
fprintf(stderr, "Using client verify alg %s\n", EVP_MD_name(md));
#endif
- if (!EVP_VerifyInit_ex(&mctx, md, NULL)
- || !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
+ if (!EVP_VerifyInit_ex(mctx, md, NULL)
+ || !EVP_VerifyUpdate(mctx, hdata, hdatalen)) {
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
al = SSL_AD_INTERNAL_ERROR;
goto f_err;
#endif
if (s->version == SSL3_VERSION
- && !EVP_MD_CTX_ctrl(&mctx, EVP_CTRL_SSL3_MASTER_SECRET,
+ && !EVP_MD_CTX_ctrl(mctx, EVP_CTRL_SSL3_MASTER_SECRET,
s->session->master_key_length,
s->session->master_key)) {
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB);
goto f_err;
}
- if (EVP_VerifyFinal(&mctx, data, len, pkey) <= 0) {
+ if (EVP_VerifyFinal(mctx, data, len, pkey) <= 0) {
al = SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
goto f_err;
}
BIO_free(s->s3->handshake_buffer);
s->s3->handshake_buffer = NULL;
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
EVP_PKEY_free(pkey);
return ret;
}
{
int chunk;
size_t j;
- EVP_MD_CTX ctx, ctx_tmp, ctx_init;
+ EVP_MD_CTX *ctx, *ctx_tmp, *ctx_init;
EVP_PKEY *mac_key;
unsigned char A1[EVP_MAX_MD_SIZE];
size_t A1_len;
chunk = EVP_MD_size(md);
OPENSSL_assert(chunk >= 0);
- EVP_MD_CTX_init(&ctx);
- EVP_MD_CTX_init(&ctx_tmp);
- EVP_MD_CTX_init(&ctx_init);
- EVP_MD_CTX_set_flags(&ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ ctx = EVP_MD_CTX_create();
+ ctx_tmp = EVP_MD_CTX_create();
+ ctx_init = EVP_MD_CTX_create();
+ if (ctx == NULL || ctx_tmp == NULL || ctx_init == NULL)
+ goto err;
+ EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
if (!mac_key)
goto err;
- if (!EVP_DigestSignInit(&ctx_init, NULL, md, NULL, mac_key))
+ if (!EVP_DigestSignInit(ctx_init, NULL, md, NULL, mac_key))
goto err;
- if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
+ if (!EVP_MD_CTX_copy_ex(ctx, ctx_init))
goto err;
- if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+ if (seed1 && !EVP_DigestSignUpdate(ctx, seed1, seed1_len))
goto err;
- if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+ if (seed2 && !EVP_DigestSignUpdate(ctx, seed2, seed2_len))
goto err;
- if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+ if (seed3 && !EVP_DigestSignUpdate(ctx, seed3, seed3_len))
goto err;
- if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+ if (seed4 && !EVP_DigestSignUpdate(ctx, seed4, seed4_len))
goto err;
- if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+ if (seed5 && !EVP_DigestSignUpdate(ctx, seed5, seed5_len))
goto err;
- if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+ if (!EVP_DigestSignFinal(ctx, A1, &A1_len))
goto err;
for (;;) {
/* Reinit mac contexts */
- if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
+ if (!EVP_MD_CTX_copy_ex(ctx, ctx_init))
goto err;
- if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
+ if (!EVP_DigestSignUpdate(ctx, A1, A1_len))
goto err;
- if (olen > chunk && !EVP_MD_CTX_copy_ex(&ctx_tmp, &ctx))
+ if (olen > chunk && !EVP_MD_CTX_copy_ex(ctx_tmp, ctx))
goto err;
- if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+ if (seed1 && !EVP_DigestSignUpdate(ctx, seed1, seed1_len))
goto err;
- if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+ if (seed2 && !EVP_DigestSignUpdate(ctx, seed2, seed2_len))
goto err;
- if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+ if (seed3 && !EVP_DigestSignUpdate(ctx, seed3, seed3_len))
goto err;
- if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+ if (seed4 && !EVP_DigestSignUpdate(ctx, seed4, seed4_len))
goto err;
- if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+ if (seed5 && !EVP_DigestSignUpdate(ctx, seed5, seed5_len))
goto err;
if (olen > chunk) {
- if (!EVP_DigestSignFinal(&ctx, out, &j))
+ if (!EVP_DigestSignFinal(ctx, out, &j))
goto err;
out += j;
olen -= j;
/* calc the next A1 value */
- if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
+ if (!EVP_DigestSignFinal(ctx_tmp, A1, &A1_len))
goto err;
} else { /* last one */
- if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+ if (!EVP_DigestSignFinal(ctx, A1, &A1_len))
goto err;
memcpy(out, A1, olen);
break;
ret = 1;
err:
EVP_PKEY_free(mac_key);
- EVP_MD_CTX_cleanup(&ctx);
- EVP_MD_CTX_cleanup(&ctx_tmp);
- EVP_MD_CTX_cleanup(&ctx_init);
+ EVP_MD_CTX_destroy(ctx);
+ EVP_MD_CTX_destroy(ctx_tmp);
+ EVP_MD_CTX_destroy(ctx_init);
OPENSSL_cleanse(A1, sizeof(A1));
return ret;
}
const char message[] = "abc";
unsigned char digest[20];
unsigned int dgst_len = 0;
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx = EVP_MD_CTX_create();
EC_KEY *key = NULL;
ECDSA_SIG *signature = NULL;
BIGNUM *r = NULL, *s = NULL;
BIGNUM *kinv = NULL, *rp = NULL;
- EVP_MD_CTX_init(&md_ctx);
+ if (md_ctx == NULL)
+ goto x962_int_err;
+
/* get the message digest */
- if (!EVP_DigestInit(&md_ctx, EVP_sha1())
- || !EVP_DigestUpdate(&md_ctx, (const void *)message, 3)
- || !EVP_DigestFinal(&md_ctx, digest, &dgst_len))
+ if (!EVP_DigestInit(md_ctx, EVP_sha1())
+ || !EVP_DigestUpdate(md_ctx, (const void *)message, 3)
+ || !EVP_DigestFinal(md_ctx, digest, &dgst_len))
goto x962_int_err;
BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
ECDSA_SIG_free(signature);
BN_free(r);
BN_free(s);
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
BN_clear_free(kinv);
BN_clear_free(rp);
return ret;
EVP_PKEY *pkey = NULL;
unsigned char *sig = NULL;
size_t sig_len = 0;
- EVP_MD_CTX md_ctx, md_ctx_verify;
+ EVP_MD_CTX *md_ctx, *md_ctx_verify;
- EVP_MD_CTX_init(&md_ctx);
- EVP_MD_CTX_init(&md_ctx_verify);
+ md_ctx = EVP_MD_CTX_create();
+ md_ctx_verify = EVP_MD_CTX_create();
+ if (md_ctx == NULL || md_ctx_verify == NULL)
+ goto out;
pkey = load_example_rsa_key();
if (pkey == NULL ||
- !EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
- !EVP_DigestSignUpdate(&md_ctx, kMsg, sizeof(kMsg))) {
+ !EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))) {
goto out;
}
/* Determine the size of the signature. */
- if (!EVP_DigestSignFinal(&md_ctx, NULL, &sig_len)) {
+ if (!EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) {
goto out;
}
/* Sanity check for testing. */
}
sig = OPENSSL_malloc(sig_len);
- if (sig == NULL || !EVP_DigestSignFinal(&md_ctx, sig, &sig_len)) {
+ if (sig == NULL || !EVP_DigestSignFinal(md_ctx, sig, &sig_len)) {
goto out;
}
/* Ensure that the signature round-trips. */
- if (!EVP_DigestVerifyInit(&md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
- || !EVP_DigestVerifyUpdate(&md_ctx_verify, kMsg, sizeof(kMsg))
- || !EVP_DigestVerifyFinal(&md_ctx_verify, sig, sig_len)) {
+ if (!EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(), NULL, pkey)
+ || !EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))
+ || !EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)) {
goto out;
}
ERR_print_errors_fp(stderr);
}
- EVP_MD_CTX_cleanup(&md_ctx);
- EVP_MD_CTX_cleanup(&md_ctx_verify);
+ EVP_MD_CTX_destroy(md_ctx);
+ EVP_MD_CTX_destroy(md_ctx_verify);
EVP_PKEY_free(pkey);
OPENSSL_free(sig);
{
int ret = 0;
EVP_PKEY *pkey = NULL;
- EVP_MD_CTX md_ctx;
+ EVP_MD_CTX *md_ctx;
- EVP_MD_CTX_init(&md_ctx);
+ md_ctx = EVP_MD_CTX_create();
pkey = load_example_rsa_key();
if (pkey == NULL ||
- !EVP_DigestVerifyInit(&md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
- !EVP_DigestVerifyUpdate(&md_ctx, kMsg, sizeof(kMsg)) ||
- !EVP_DigestVerifyFinal(&md_ctx, kSignature, sizeof(kSignature))) {
+ !EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) ||
+ !EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)) ||
+ !EVP_DigestVerifyFinal(md_ctx, kSignature, sizeof(kSignature))) {
goto out;
}
ret = 1;
ERR_print_errors_fp(stderr);
}
- EVP_MD_CTX_cleanup(&md_ctx);
+ EVP_MD_CTX_destroy(md_ctx);
EVP_PKEY_free(pkey);
return ret;
goto err;
err = NULL;
err:
- if (mctx)
- EVP_MD_CTX_destroy(mctx);
+ EVP_MD_CTX_destroy(mctx);
t->err = err;
return 1;
}
goto err;
err = NULL;
err:
- if (mctx)
- EVP_MD_CTX_destroy(mctx);
+ EVP_MD_CTX_destroy(mctx);
OPENSSL_free(mac);
EVP_PKEY_CTX_free(genctx);
EVP_PKEY_free(key);
u64 ullMaxLen = 6 * 1000 * 1000;
int ignore = 0;
ENGINE *impl = NULL;
- EVP_MD_CTX mctx;
+ EVP_MD_CTX *mctx;
EVP_CIPHER_CTX ectx;
EVP_PKEY *mac_key;
byte bDerive[EVP_MAX_KEY_LENGTH];
*/
continue;
}
- EVP_MD_CTX_init(&mctx);
+ mctx = EVP_MD_CTX_create();
+ if (mctx == NULL) {
+ fflush(NULL);
+ fprintf(stderr, "ENGINE_ctrl_cmd_string: malloc failure\n");
+ return 14;
+ }
mac_key = EVP_PKEY_new_mac_key(NID_id_Gost28147_89_MAC, NULL,
bDerive, mdl);
- EVP_DigestSignInit(&mctx, NULL, md_g89imit, impl, mac_key);
+ EVP_DigestSignInit(mctx, NULL, md_g89imit, impl, mac_key);
if (G89_MAX_TC_LEN >= tcs[t].ullLen) {
- EVP_DigestSignUpdate(&mctx, tcs[t].bIn,
+ EVP_DigestSignUpdate(mctx, tcs[t].bIn,
(unsigned int)tcs[t].ullLen);
} else {
for (ullLeft = tcs[t].ullLen;
ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) {
printf("B");
fflush(NULL);
- EVP_DigestSignUpdate(&mctx, bZB, sizeof(bZB));
+ EVP_DigestSignUpdate(mctx, bZB, sizeof(bZB));
}
printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen);
fflush(NULL);
- EVP_DigestSignUpdate(&mctx, bZB, (unsigned int)ullLeft);
+ EVP_DigestSignUpdate(mctx, bZB, (unsigned int)ullLeft);
}
siglen = 4;
- OPENSSL_assert(EVP_DigestSignFinal(&mctx, bTest, &siglen));
+ OPENSSL_assert(EVP_DigestSignFinal(mctx, bTest, &siglen));
EVP_PKEY_free(mac_key);
- EVP_MD_CTX_cleanup(&mctx);
+ EVP_MD_CTX_destroy(mctx);
enlu = (int)tcs[t].ullLen;
enlf = 0;
l = siglen;
int ret = 0;
unsigned char md[MDC2_DIGEST_LENGTH];
int i;
- EVP_MD_CTX c;
+ EVP_MD_CTX *c;
static char *text = "Now is the time for all ";
# ifdef CHARSET_EBCDIC
ebcdic2ascii(text, text, strlen(text));
# endif
- EVP_MD_CTX_init(&c);
- EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
- EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
- EVP_DigestFinal_ex(&c, &(md[0]), NULL);
+ c = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(c, EVP_mdc2(), NULL);
+ EVP_DigestUpdate(c, (unsigned char *)text, strlen(text));
+ EVP_DigestFinal_ex(c, &(md[0]), NULL);
if (memcmp(md, pad1, MDC2_DIGEST_LENGTH) != 0) {
for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
} else
printf("pad1 - ok\n");
- EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
+ EVP_DigestInit_ex(c, EVP_mdc2(), NULL);
/* FIXME: use a ctl function? */
- ((MDC2_CTX *)c.md_data)->pad_type = 2;
- EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
- EVP_DigestFinal_ex(&c, &(md[0]), NULL);
+ ((MDC2_CTX *)EVP_MD_CTX_md_data(c))->pad_type = 2;
+ EVP_DigestUpdate(c, (unsigned char *)text, strlen(text));
+ EVP_DigestFinal_ex(c, &(md[0]), NULL);
if (memcmp(md, pad2, MDC2_DIGEST_LENGTH) != 0) {
for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
} else
printf("pad2 - ok\n");
- EVP_MD_CTX_cleanup(&c);
+ EVP_MD_CTX_destroy(c);
# ifdef OPENSSL_SYS_NETWARE
if (ret)
printf("ERROR: %d\n", ret);
char **P, **R;
static unsigned char buf[1000];
char *p, *r;
- EVP_MD_CTX c;
+ EVP_MD_CTX *c;
unsigned char md[SHA_DIGEST_LENGTH];
#ifdef CHARSET_EBCDIC
ebcdic2ascii(test[1], test[1], strlen(test[1]));
#endif
- EVP_MD_CTX_init(&c);
+ c = EVP_MD_CTX_create();
P = test;
R = ret;
i = 1;
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, 1000);
#endif /* CHARSET_EBCDIC */
- EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
+ EVP_DigestInit_ex(c, EVP_sha1(), NULL);
for (i = 0; i < 1000; i++)
- EVP_DigestUpdate(&c, buf, 1000);
- EVP_DigestFinal_ex(&c, md, NULL);
+ EVP_DigestUpdate(c, buf, 1000);
+ EVP_DigestFinal_ex(c, md, NULL);
p = pt(md);
r = bigret;
printf("ERROR: %d\n", err);
#endif
EXIT(err);
- EVP_MD_CTX_cleanup(&c);
+ EVP_MD_CTX_destroy(c);
return (0);
}
{
unsigned char md[SHA256_DIGEST_LENGTH];
int i;
- EVP_MD_CTX evp;
+ EVP_MD_CTX *evp;
fprintf(stdout, "Testing SHA-256 ");
fprintf(stdout, ".");
fflush(stdout);
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha256(), NULL);
+ evp = EVP_MD_CTX_create();
+ if (evp == NULL) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n");
+ return 1;
+ }
+ EVP_DigestInit_ex(evp, EVP_sha256(), NULL);
for (i = 0; i < 1000000; i += 288)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 288 ? 1000000 - i : 288);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
+ EVP_DigestFinal_ex(evp, md, NULL);
if (memcmp(md, app_b3, sizeof(app_b3))) {
fflush(stdout);
fprintf(stdout, ".");
fflush(stdout);
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha224(), NULL);
+ EVP_MD_CTX_init(evp);
+ EVP_DigestInit_ex(evp, EVP_sha224(), NULL);
for (i = 0; i < 1000000; i += 64)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 64 ? 1000000 - i : 64);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
+ EVP_DigestFinal_ex(evp, md, NULL);
+ EVP_MD_CTX_destroy(evp);
if (memcmp(md, addenum_3, sizeof(addenum_3))) {
fflush(stdout);
{
unsigned char md[SHA512_DIGEST_LENGTH];
int i;
- EVP_MD_CTX evp;
+ EVP_MD_CTX *evp;
# ifdef OPENSSL_IA32_SSE2
/*
fprintf(stdout, ".");
fflush(stdout);
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha512(), NULL);
+ evp = EVP_MD_CTX_create();
+ if (evp == NULL) {
+ fflush(stdout);
+ fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n");
+ return 1;
+ }
+ EVP_DigestInit_ex(evp, EVP_sha512(), NULL);
for (i = 0; i < 1000000; i += 288)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 288 ? 1000000 - i : 288);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
+ EVP_DigestFinal_ex(evp, md, NULL);
+ EVP_MD_CTX_cleanup(evp);
if (memcmp(md, app_c3, sizeof(app_c3))) {
fflush(stdout);
fprintf(stdout, ".");
fflush(stdout);
- EVP_MD_CTX_init(&evp);
- EVP_DigestInit_ex(&evp, EVP_sha384(), NULL);
+ EVP_DigestInit_ex(evp, EVP_sha384(), NULL);
for (i = 0; i < 1000000; i += 64)
- EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+ EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
"aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
(1000000 - i) < 64 ? 1000000 - i : 64);
- EVP_DigestFinal_ex(&evp, md, NULL);
- EVP_MD_CTX_cleanup(&evp);
+ EVP_DigestFinal_ex(evp, md, NULL);
+ EVP_MD_CTX_destroy(evp);
if (memcmp(md, app_d3, sizeof(app_d3))) {
fflush(stdout);
projects / openssl / commitdiff