Change all calls to low level digest routines in the library and

applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().

Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.

3 files changed, 34 insertions, 36 deletions

diff --git a/apps/enc.c b/apps/enc.c
index fd25a21222..ac3014b24c 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -66,9 +66,6 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/rand.h>
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
 #include <openssl/pem.h>
 #include <openssl/engine.h>
 #include <ctype.h>
diff --git a/apps/passwd.c b/apps/passwd.c
index 53dbe073d2..750a3cb39d 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -20,7 +20,7 @@
 # include <openssl/des.h>
 #endif
 #ifndef NO_MD5CRYPT_1
-# include <openssl/md5.h>
+# include <openssl/evp.h>
 #endif
 
 
@@ -310,7 +310,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 	unsigned char buf[MD5_DIGEST_LENGTH];
 	char *salt_out;
 	int n, i;
-	MD5_CTX md;
+	EVP_MD_CTX md;
 	size_t passwd_len, salt_len;
 
 	passwd_len = strlen(passwd);
@@ -325,48 +325,48 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 	salt_len = strlen(salt_out);
 	assert(salt_len <= 8);
 	
-	MD5_Init(&md);
-	MD5_Update(&md, passwd, passwd_len);
-	MD5_Update(&md, "$", 1);
-	MD5_Update(&md, magic, strlen(magic));
-	MD5_Update(&md, "$", 1);
-	MD5_Update(&md, salt_out, salt_len);
+	EVP_DigestInit(&md,EVP_md5());
+	EVP_DigestUpdate(&md, passwd, passwd_len);
+	EVP_DigestUpdate(&md, "$", 1);
+	EVP_DigestUpdate(&md, magic, strlen(magic));
+	EVP_DigestUpdate(&md, "$", 1);
+	EVP_DigestUpdate(&md, salt_out, salt_len);
 	
 	 {
-		MD5_CTX md2;
+		EVP_MD_CTX md2;
 
-		MD5_Init(&md2);
-		MD5_Update(&md2, passwd, passwd_len);
-		MD5_Update(&md2, salt_out, salt_len);
-		MD5_Update(&md2, passwd, passwd_len);
-		MD5_Final(buf, &md2);
+		EVP_DigestInit(&md2,EVP_md5());
+		EVP_DigestUpdate(&md2, passwd, passwd_len);
+		EVP_DigestUpdate(&md2, salt_out, salt_len);
+		EVP_DigestUpdate(&md2, passwd, passwd_len);
+		EVP_DigestFinal(&md2, buf, NULL);
 	 }
 	for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
-		MD5_Update(&md, buf, sizeof buf);
-	MD5_Update(&md, buf, i);
+		EVP_DigestUpdate(&md, buf, sizeof buf);
+	EVP_DigestUpdate(&md, buf, i);
 	
 	n = passwd_len;
 	while (n)
 		{
-		MD5_Update(&md, (n & 1) ? "\0" : passwd, 1);
+		EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
 		n >>= 1;
 		}
-	MD5_Final(buf, &md);
+	EVP_DigestFinal(&md, buf, NULL);
 
 	for (i = 0; i < 1000; i++)
 		{
-		MD5_CTX md2;
+		EVP_MD_CTX md2;
 
-		MD5_Init(&md2);
-		MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf,
-		                 (i & 1) ? passwd_len : sizeof buf);
+		EVP_DigestInit(&md2,EVP_md5());
+		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf,
+		                       (i & 1) ? passwd_len : sizeof buf);
 		if (i % 3)
-			MD5_Update(&md2, salt_out, salt_len);
+			EVP_DigestUpdate(&md2, salt_out, salt_len);
 		if (i % 7)
-			MD5_Update(&md2, passwd, passwd_len);
-		MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd,
-		                 (i & 1) ? sizeof buf : passwd_len);
-		MD5_Final(buf, &md2);
+			EVP_DigestUpdate(&md2, passwd, passwd_len);
+		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd,
+		                       (i & 1) ? sizeof buf : passwd_len);
+		EVP_DigestFinal(&md2, buf, NULL);
 		}
 	
 	 {
diff --git a/apps/speed.c b/apps/speed.c
index dd3270f6eb..dbf7732a2a 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -924,7 +924,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_MD2],c[D_MD2][j],lengths[j]);
 			Time_F(START,usertime);
 			for (count=0,run=1; COND(c[D_MD2][j]); count++)
-				MD2(buf,(unsigned long)lengths[j],&(md2[0]));
+				EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2());
 			d=Time_F(STOP,usertime);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_MD2],d);
@@ -940,7 +940,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]);
 			Time_F(START,usertime);
 			for (count=0,run=1; COND(c[D_MDC2][j]); count++)
-				MDC2(buf,(unsigned long)lengths[j],&(mdc2[0]));
+				EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2());
 			d=Time_F(STOP,usertime);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_MDC2],d);
@@ -957,7 +957,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_MD4],c[D_MD4][j],lengths[j]);
 			Time_F(START,usertime);
 			for (count=0,run=1; COND(c[D_MD4][j]); count++)
-				MD4(&(buf[0]),(unsigned long)lengths[j],&(md4[0]));
+				EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4());
 			d=Time_F(STOP,usertime);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_MD4],d);
@@ -974,7 +974,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
 			Time_F(START,usertime);
 			for (count=0,run=1; COND(c[D_MD5][j]); count++)
-				MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0]));
+				EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL,EVP_md5());
 			d=Time_F(STOP,usertime);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_MD5],d);
@@ -1005,6 +1005,7 @@ int MAIN(int argc, char **argv)
 				count,names[D_HMAC],d);
 			results[D_HMAC][j]=((double)count)/d*lengths[j];
 			}
+		HMAC_cleanup(&hctx);
 		}
 #endif
 #ifndef OPENSSL_NO_SHA
@@ -1015,7 +1016,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]);
 			Time_F(START,usertime);
 			for (count=0,run=1; COND(c[D_SHA1][j]); count++)
-				SHA1(buf,(unsigned long)lengths[j],&(sha[0]));
+				EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1());
 			d=Time_F(STOP,usertime);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_SHA1],d);
@@ -1031,7 +1032,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
 			Time_F(START,usertime);
 			for (count=0,run=1; COND(c[D_RMD160][j]); count++)
-				RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0]));
+				EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160());
 			d=Time_F(STOP,usertime);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_RMD160],d);