diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2001-10-16 01:24:29 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2001-10-16 01:24:29 +0000 |
commit | 20d2186c87dabec56c6da48961a779843724a019 (patch) | |
tree | 4c5c2ba2e12a851c48726b6e5cc83a006f8291f1 | |
parent | 9ba3ec91766e559f96248fe10c77551a4e017ec3 (diff) |
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal()
with existing code.
Modify library to use digest *_ex() functions.
43 files changed, 189 insertions, 157 deletions
@@ -12,6 +12,16 @@ *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 +) applies to 0.9.7 only + +) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain + compatibility with existing code. In particular the 'ctx' parameter is + not assumed to be valid before the call to EVP_DigestInit() and it is tidied + up after a call to EVP_DigestFinal(). A new function EVP_DigestFinal_ex() + but does not free up the ctx. Also change function EVP_MD_CTX_copy() to + assume the destination is uninitialized: EVP_MD_CTX_copy_ex() do assumes + the destiation is valid. Also modify all the OpenSSL digest calls to call + EVP_DigestInit_ex(), EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex(). + [Steve Henson] + +) Change ssl3_get_message (ssl/s3_both.c) and the functions using it so that complete 'Handshake' protocol structures are kept in memory instead of overwriting 'msg_type' and 'length' with 'body' data. diff --git a/apps/passwd.c b/apps/passwd.c index 0641602d04..bb395c35a1 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -327,7 +327,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) assert(salt_len <= 8); EVP_MD_CTX_init(&md); - EVP_DigestInit(&md,EVP_md5()); + EVP_DigestInit_ex(&md,EVP_md5(), NULL); EVP_DigestUpdate(&md, passwd, passwd_len); EVP_DigestUpdate(&md, "$", 1); EVP_DigestUpdate(&md, magic, strlen(magic)); @@ -335,11 +335,11 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) EVP_DigestUpdate(&md, salt_out, salt_len); EVP_MD_CTX_init(&md2); - EVP_DigestInit(&md2,EVP_md5()); + EVP_DigestInit_ex(&md2,EVP_md5(), NULL); EVP_DigestUpdate(&md2, passwd, passwd_len); EVP_DigestUpdate(&md2, salt_out, salt_len); EVP_DigestUpdate(&md2, passwd, passwd_len); - EVP_DigestFinal(&md2, buf, NULL); + EVP_DigestFinal_ex(&md2, buf, NULL); for (i = passwd_len; i > sizeof buf; i -= sizeof buf) EVP_DigestUpdate(&md, buf, sizeof buf); @@ -351,11 +351,11 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1); n >>= 1; } - EVP_DigestFinal(&md, buf, NULL); + EVP_DigestFinal_ex(&md, buf, NULL); for (i = 0; i < 1000; i++) { - EVP_DigestInit(&md2,EVP_md5()); + EVP_DigestInit_ex(&md2,EVP_md5(), NULL); EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf, (i & 1) ? passwd_len : sizeof buf); if (i % 3) @@ -364,7 +364,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) EVP_DigestUpdate(&md2, passwd, passwd_len); EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd, (i & 1) ? sizeof buf : passwd_len); - EVP_DigestFinal(&md2, buf, NULL); + EVP_DigestFinal_ex(&md2, buf, NULL); } EVP_MD_CTX_cleanup(&md2); diff --git a/apps/speed.c b/apps/speed.c index aeb2fa7fd7..3c359e3d6b 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -944,7 +944,7 @@ int MAIN(int argc, char **argv) print_message(names[D_MD2],c[D_MD2][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD2][j]); count++) - EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2()); + EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2(), NULL); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD2],d); @@ -960,7 +960,7 @@ int MAIN(int argc, char **argv) print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MDC2][j]); count++) - EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2()); + EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2(), NULL); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MDC2],d); @@ -977,7 +977,7 @@ int MAIN(int argc, char **argv) print_message(names[D_MD4],c[D_MD4][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD4][j]); count++) - EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4()); + EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4(), NULL); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD4],d); @@ -994,7 +994,8 @@ int MAIN(int argc, char **argv) print_message(names[D_MD5],c[D_MD5][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD5][j]); count++) - EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL,EVP_get_digestbyname("md5")); + EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL, + EVP_get_digestbyname("md5"), NULL); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD5],d); @@ -1038,7 +1039,7 @@ int MAIN(int argc, char **argv) print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_SHA1][j]); count++) - EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1()); + EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1(), NULL); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_SHA1],d); @@ -1054,7 +1055,7 @@ int MAIN(int argc, char **argv) print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_RMD160][j]); count++) - EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160()); + EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160(), NULL); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_RMD160],d); diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 3243beadd2..4931e222a0 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -82,7 +82,7 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, p=str; i2d(data,&p); - EVP_Digest(str, i, md, len, type); + EVP_Digest(str, i, md, len, type, NULL); OPENSSL_free(str); return(1); } @@ -99,7 +99,7 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, i=ASN1_item_i2d(asn,&str, it); if (!str) return(0); - EVP_Digest(str, i, md, len, type); + EVP_Digest(str, i, md, len, type, NULL); OPENSSL_free(str); return(1); } diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 6cc5c37ded..fc65b4ea56 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -123,7 +123,7 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, p=buf_in; i2d(data,&p); - EVP_SignInit(&ctx,type); + EVP_SignInit_ex(&ctx,type, NULL); EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) @@ -199,7 +199,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, goto err; } - EVP_SignInit(&ctx,type); + EVP_SignInit_ex(&ctx,type, NULL); EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 59ba322839..bf41de5146 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -100,7 +100,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, p=buf_in; i2d(data,&p); - EVP_VerifyInit(&ctx,type); + EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); memset(buf_in,0,(unsigned int)inl); @@ -150,7 +150,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat goto err; } - EVP_VerifyInit(&ctx,type); + EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); memset(buf_in,0,(unsigned int)inl); diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 9bfd0218ab..7a1d9ba39a 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -196,7 +196,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) i = strlen((char *)buf); /* If the key is used for SGC the algorithm is modified a little. */ if(sgckey) { - EVP_Digest(buf, i, buf, NULL, EVP_md5()); + EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL); memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; } @@ -284,7 +284,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, i = strlen((char *)buf); if(sgckey){ - EVP_Digest(buf, i, buf, NULL, EVP_md5()); + EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL); memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; } diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 454c695eb2..5de4833ed0 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -270,7 +270,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) goto err; i2d_X509_NAME(x->cert_info->subject, &dertmp); - EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1()); + EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; @@ -284,7 +284,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) goto err; EVP_Digest(x->cert_info->key->public_key->data, - x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1()); + x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 0dc00191ab..dc9c249310 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -159,8 +159,8 @@ DSA *DSA_generate_parameters(int bits, } /* step 2 */ - EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH); - EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH); + EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); + EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); for (i=0; i<SHA_DIGEST_LENGTH; i++) md[i]^=buf2[i]; @@ -207,7 +207,7 @@ DSA *DSA_generate_parameters(int bits, if (buf[i] != 0) break; } - EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH); + EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); /* step 8 */ if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index 4543d4d96a..c632dfb202 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -176,7 +176,7 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) { case BIO_CTRL_RESET: if (b->init) - EVP_DigestInit(ctx,ctx->digest); + EVP_DigestInit_ex(ctx,ctx->digest, NULL); else ret=0; ret=BIO_ctrl(b->next_bio,cmd,num,ptr); @@ -207,13 +207,13 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_SET_MD: md=ptr; - EVP_DigestInit(ctx,md); + EVP_DigestInit_ex(ctx,md, NULL); b->init=1; break; case BIO_CTRL_DUP: dbio=ptr; dctx=dbio->ptr; - EVP_MD_CTX_copy(dctx,ctx); + EVP_MD_CTX_copy_ex(dctx,ctx); b->init=1; break; default: @@ -246,7 +246,7 @@ static int md_gets(BIO *bp, char *buf, int size) ctx=bp->ptr; if (size < ctx->digest->md_size) return(0); - EVP_DigestFinal(ctx,(unsigned char *)buf,&ret); + EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret); return((int)ret); } diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 6b00741e47..3cbc6e7848 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -415,7 +415,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_C_SET_MD: md=ptr; - EVP_DigestInit(&ctx->md,md); + EVP_DigestInit_ex(&ctx->md, md, NULL); b->init=1; break; case BIO_C_GET_MD: @@ -470,7 +470,7 @@ static void sig_out(BIO* b) if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return; - EVP_DigestInit(md, md->digest); + EVP_DigestInit_ex(md, md->digest, NULL); /* FIXME: there's absolutely no guarantee this makes any sense at all, * particularly now EVP_MD_CTX has been restructured. */ @@ -480,7 +480,7 @@ static void sig_out(BIO* b) ctx->buf_len+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); - EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL); + EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; ctx->sigio= 0; @@ -498,13 +498,13 @@ static void sig_in(BIO* b) if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return; - EVP_DigestInit(md, md->digest); + EVP_DigestInit_ex(md, md->digest, NULL); memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); longswap(md->md_data, md->digest->md_size); ctx->buf_off+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); - EVP_DigestFinal(md, tmp, NULL); + EVP_DigestFinal_ex(md, tmp, NULL); ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; ctx->buf_off+= md->digest->md_size; if(ret == 1) @@ -537,7 +537,7 @@ static void block_out(BIO* b) memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); tl= swapem(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); - EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL); + EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; } @@ -557,7 +557,7 @@ static void block_in(BIO* b) if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); - EVP_DigestFinal(md, tmp, NULL); + EVP_DigestFinal_ex(md, tmp, NULL); if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) { /* there might be parts from next block lurking around ! */ diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index aa1729012e..b0c8e0a968 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -131,6 +131,7 @@ EVP_MD_CTX *EVP_MD_CTX_create(void) int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { + EVP_MD_CTX_init(ctx); return EVP_DigestInit_ex(ctx, type, NULL); } @@ -201,6 +202,15 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; + ret = EVP_DigestFinal_ex(ctx, md, size); + EVP_MD_CTX_cleanup(ctx); + return ret; + } + +/* The caller can assume that this removes any secret data from the context */ +int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) + { + int ret; ret=ctx->digest->final(ctx,md); if (size != NULL) *size=ctx->digest->md_size; @@ -215,6 +225,12 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { + EVP_MD_CTX_init(out); + return EVP_MD_CTX_copy_ex(out, in); + } + +int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) + { if ((in == NULL) || (in->digest == NULL)) { EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); @@ -243,16 +259,16 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) } int EVP_Digest(void *data, unsigned int count, - unsigned char *md, unsigned int *size, const EVP_MD *type) + unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX ctx; int ret; EVP_MD_CTX_init(&ctx); EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); - ret=EVP_DigestInit(&ctx, type) + ret=EVP_DigestInit_ex(&ctx, type, impl) && EVP_DigestUpdate(&ctx, data, count) - && EVP_DigestFinal(&ctx, md, size); + && EVP_DigestFinal_ex(&ctx, md, size); EVP_MD_CTX_cleanup(&ctx); return ret; diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 718b3d5ecb..ff3c797d98 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -425,8 +425,10 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, #define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) #define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) +#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) #define EVP_SignInit(a,b) EVP_DigestInit(a,b) #define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) #define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) #define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) #define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) @@ -457,17 +459,20 @@ void EVP_MD_CTX_init(EVP_MD_CTX *ctx); int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); EVP_MD_CTX *EVP_MD_CTX_create(void); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); -int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); +int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); #define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) #define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) #define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) -int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, unsigned int cnt); -int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); +int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_Digest(void *data, unsigned int count, - unsigned char *md, unsigned int *size, const EVP_MD *type); + unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); + +int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); +int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); +int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); void EVP_set_pw_prompt(char *prompt); diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 802e6de3b5..9d9b0af8de 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -121,19 +121,19 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, EVP_MD_CTX_init(&c); for (;;) { - EVP_DigestInit(&c,md); + EVP_DigestInit_ex(&c,md, NULL); if (addmd++) EVP_DigestUpdate(&c,&(md_buf[0]),mds); EVP_DigestUpdate(&c,data,datal); if (salt != NULL) EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); + EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds); for (i=1; i<(unsigned int)count; i++) { - EVP_DigestInit(&c,md); + EVP_DigestInit_ex(&c,md, NULL); EVP_DigestUpdate(&c,&(md_buf[0]),mds); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); + EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds); } i=0; if (nkey) diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c index da34c47bed..435bb09ee7 100644 --- a/crypto/evp/evp_test.c +++ b/crypto/evp/evp_test.c @@ -245,7 +245,7 @@ static int test_digest(const char *digest, hexdump(stdout,"Digest",ciphertext,cn); EVP_MD_CTX_init(&ctx); - if(!EVP_DigestInit(&ctx,d)) + if(!EVP_DigestInit_ex(&ctx,d, NULL)) { fprintf(stderr,"DigestInit failed\n"); exit(100); @@ -255,7 +255,7 @@ static int test_digest(const char *digest, fprintf(stderr,"DigestUpdate failed\n"); exit(101); } - if(!EVP_DigestFinal(&ctx,md,&mdn)) + if(!EVP_DigestFinal_ex(&ctx,md,&mdn)) { fprintf(stderr,"DigestFinal failed\n"); exit(101); diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index f05273f257..cbe904d495 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -129,19 +129,19 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, else if(passlen == -1) passlen = strlen(pass); EVP_MD_CTX_init(&ctx); - EVP_DigestInit (&ctx, md); - EVP_DigestUpdate (&ctx, pass, passlen); - EVP_DigestUpdate (&ctx, salt, saltlen); + EVP_DigestInit_ex(&ctx, md, NULL); + EVP_DigestUpdate(&ctx, pass, passlen); + EVP_DigestUpdate(&ctx, salt, saltlen); PBEPARAM_free(pbe); - EVP_DigestFinal (&ctx, md_tmp, NULL); + EVP_DigestFinal_ex(&ctx, md_tmp, NULL); for (i = 1; i < iter; i++) { - EVP_DigestInit(&ctx, md); + EVP_DigestInit_ex(&ctx, md, NULL); EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md)); - EVP_DigestFinal (&ctx, md_tmp, NULL); + EVP_DigestFinal_ex (&ctx, md_tmp, NULL); } EVP_MD_CTX_cleanup(&ctx); - memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher)); - memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), + memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); + memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), EVP_CIPHER_iv_length(cipher)); EVP_CipherInit(cctx, cipher, key, iv, en_de); memset(md_tmp, 0, EVP_MAX_MD_SIZE); diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 340dd05c8c..e4ae5906f5 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -65,7 +65,7 @@ #ifdef undef void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) { - EVP_DigestInit(ctx,type); + EVP_DigestInit_ex(ctx,type); } void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, @@ -85,8 +85,8 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, *siglen=0; EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy(&tmp_ctx,ctx); - EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); EVP_MD_CTX_cleanup(&tmp_ctx); for (i=0; i<4; i++) { diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index af175b84f7..d854d743a5 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -86,8 +86,8 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, return(-1); } EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy(&tmp_ctx,ctx); - EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); EVP_MD_CTX_cleanup(&tmp_ctx); if (ctx->digest->verify == NULL) { diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 4403c84269..a2a49d986a 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -8 |