diff options
author | Richard Levitte <levitte@openssl.org> | 2015-12-13 22:08:41 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2016-01-12 13:52:22 +0100 |
commit | 846ec07d904f9cc81d486db0db14fb84f61ff6e5 (patch) | |
tree | 95f8e06e1e66296e20ade5ce79e098216ddbdf99 /ssl/statem | |
parent | 936166aff21dafed33aeb92bad0a5b46d730221d (diff) |
Adapt all EVP_CIPHER_CTX users for it becoming opaque
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_dtls.c | 4 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 22 |
2 files changed, 14 insertions, 12 deletions
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 258c6fc077..627f20aab7 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -235,7 +235,7 @@ int dtls1_do_write(SSL *s, int type) if (s->write_hash) { if (s->enc_write_ctx - && (EVP_CIPHER_CTX_flags(s->enc_write_ctx) & + && (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0) mac_size = 0; else @@ -245,7 +245,7 @@ int dtls1_do_write(SSL *s, int type) if (s->enc_write_ctx && (EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE)) - blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher); + blocksize = 2 * EVP_CIPHER_CTX_block_size(s->enc_write_ctx); else blocksize = 0; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index de20bcf9e8..78f9f5c7a9 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2926,7 +2926,7 @@ int tls_construct_server_certificate(SSL *s) int tls_construct_new_session_ticket(SSL *s) { unsigned char *senc = NULL; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; HMAC_CTX *hctx = NULL; unsigned char *p, *macstart; const unsigned char *const_p; @@ -2953,7 +2953,7 @@ int tls_construct_new_session_ticket(SSL *s) return 0; } - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); hctx = HMAC_CTX_new(); p = senc; @@ -3000,12 +3000,12 @@ int tls_construct_new_session_ticket(SSL *s) * all the work otherwise use generated values from parent ctx. */ if (tctx->tlsext_ticket_key_cb) { - if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx, hctx, 1) < 0) + if (tctx->tlsext_ticket_key_cb(s, key_name, iv, ctx, hctx, 1) < 0) goto err; } else { if (RAND_bytes(iv, 16) <= 0) goto err; - if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, + if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, iv)) goto err; if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16, @@ -3028,13 +3028,13 @@ int tls_construct_new_session_ticket(SSL *s) memcpy(p, key_name, 16); p += 16; /* output IV */ - memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx)); - p += EVP_CIPHER_CTX_iv_length(&ctx); + memcpy(p, iv, EVP_CIPHER_CTX_iv_length(ctx)); + p += EVP_CIPHER_CTX_iv_length(ctx); /* Encrypt session data */ - if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen)) + if (!EVP_EncryptUpdate(ctx, p, &len, senc, slen)) goto err; p += len; - if (!EVP_EncryptFinal(&ctx, p, &len)) + if (!EVP_EncryptFinal(ctx, p, &len)) goto err; p += len; @@ -3043,8 +3043,10 @@ int tls_construct_new_session_ticket(SSL *s) if (!HMAC_Final(hctx, p, &hlen)) goto err; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); HMAC_CTX_free(hctx); + ctx = NULL; + hctx = NULL; p += hlen; /* Now write out lengths: p points to end of data written */ @@ -3060,7 +3062,7 @@ int tls_construct_new_session_ticket(SSL *s) return 1; err: OPENSSL_free(senc); - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); HMAC_CTX_free(hctx); ossl_statem_set_error(s); return 0; |