diff options
author | Richard Levitte <levitte@openssl.org> | 2015-12-02 00:49:35 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2015-12-07 17:40:20 +0100 |
commit | bfb0641f932490c2e7fb5f9f7cb4a88017a5abfa (patch) | |
tree | 6b6b0a9dfe55b4b3a2e5961ed1778dd156128f35 /ssl | |
parent | 959ed5316c84d0e12ad18acfd40cefe15603ddfb (diff) |
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/ssl3_record.c | 14 | ||||
-rw-r--r-- | ssl/s3_cbc.c | 6 | ||||
-rw-r--r-- | ssl/s3_enc.c | 22 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 10 | ||||
-rw-r--r-- | ssl/statem/statem_clnt.c | 18 | ||||
-rw-r--r-- | ssl/statem/statem_dtls.c | 3 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 10 | ||||
-rw-r--r-- | ssl/t1_enc.c | 14 |
8 files changed, 48 insertions, 49 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 02424f1f68..99c655e65b 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -854,7 +854,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) } else { unsigned int md_size_u; /* Chop the digest off the end :-) */ - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) return -1; @@ -875,12 +875,12 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) || EVP_DigestUpdate(md_ctx, ssl3_pad_2, npad) <= 0 || EVP_DigestUpdate(md_ctx, md, md_size) <= 0 || EVP_DigestFinal_ex(md_ctx, md, &md_size_u) <= 0) { - EVP_MD_CTX_init(md_ctx); + EVP_MD_CTX_reset(md_ctx); return -1; } md_size = md_size_u; - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); } ssl3_record_sequence_update(seq); @@ -918,7 +918,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) if (stream_mac) { mac_ctx = hash; } else { - hmac = EVP_MD_CTX_create(); + hmac = EVP_MD_CTX_new(); if (hmac == NULL || !EVP_MD_CTX_copy(hmac, hash)) return -1; @@ -957,14 +957,14 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) rec->length + md_size, rec->orig_len, ssl->s3->read_mac_secret, ssl->s3->read_mac_secret_size, 0) <= 0) { - EVP_MD_CTX_destroy(hmac); + EVP_MD_CTX_free(hmac); return -1; } } else { if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0 || EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0 || EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) { - EVP_MD_CTX_destroy(hmac); + EVP_MD_CTX_free(hmac); return -1; } if (!send && !SSL_USE_ETM(ssl) && FIPS_mode()) @@ -973,7 +973,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) rec->length, rec->orig_len); } - EVP_MD_CTX_destroy(hmac); + EVP_MD_CTX_free(hmac); #ifdef TLS_DEBUG fprintf(stderr, "seq="); diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index 1e46c6692e..f07a0451a0 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -497,7 +497,7 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, mac_out[j] |= block[j] & is_block_b; } - md_ctx = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) goto err; if (EVP_DigestInit_ex(md_ctx, EVP_MD_CTX_md(ctx), NULL /* engine */ ) <= 0) @@ -522,11 +522,11 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, ret = EVP_DigestFinal(md_ctx, md_out, &md_out_size_u); if (ret && md_out_size) *md_out_size = md_out_size_u; - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 1; err: - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 0; } diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 026f2c8395..c20bff2e75 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -153,8 +153,8 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) c = os_toascii[c]; /* 'A' in ASCII */ #endif k = 0; - m5 = EVP_MD_CTX_create(); - s1 = EVP_MD_CTX_create(); + m5 = EVP_MD_CTX_new(); + s1 = EVP_MD_CTX_new(); if (m5 == NULL || s1 == NULL) { SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE); goto err; @@ -194,8 +194,8 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) OPENSSL_cleanse(smd, sizeof(smd)); ret = 1; err: - EVP_MD_CTX_destroy(m5); - EVP_MD_CTX_destroy(s1); + EVP_MD_CTX_free(m5); + EVP_MD_CTX_free(s1); return ret; } @@ -447,7 +447,7 @@ void ssl3_free_digest_list(SSL *s) { BIO_free(s->s3->handshake_buffer); s->s3->handshake_buffer = NULL; - EVP_MD_CTX_destroy(s->s3->handshake_dgst); + EVP_MD_CTX_free(s->s3->handshake_dgst); s->s3->handshake_dgst = NULL; } @@ -472,7 +472,7 @@ int ssl3_digest_cached_records(SSL *s, int keep) return 0; } - s->s3->handshake_dgst = EVP_MD_CTX_create(); + s->s3->handshake_dgst = EVP_MD_CTX_new(); if (s->s3->handshake_dgst == NULL) { SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE); return 0; @@ -509,7 +509,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) return 0; } - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) { SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE); return 0; @@ -518,7 +518,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) ret = EVP_MD_CTX_size(ctx); if (ret < 0) { - EVP_MD_CTX_init(ctx); + EVP_MD_CTX_reset(ctx); return 0; } @@ -531,7 +531,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) ret = 0; } - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; } @@ -551,7 +551,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, #endif }; unsigned char buf[EVP_MAX_MD_SIZE]; - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); int i, ret = 0; unsigned int n; #ifdef OPENSSL_SSL_TRACE_CRYPTO @@ -584,7 +584,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, out += n; ret += n; } - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); #ifdef OPENSSL_SSL_TRACE_CRYPTO if (ret > 0 && s->msg_callback) { diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index adbb7bb95a..3ca7c3ffa6 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3177,9 +3177,9 @@ void SSL_set_not_resumable_session_callback(SSL *ssl, EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md) { ssl_clear_hash_ctx(hash); - *hash = EVP_MD_CTX_create(); + *hash = EVP_MD_CTX_new(); if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) { - EVP_MD_CTX_destroy(*hash); + EVP_MD_CTX_free(*hash); *hash = NULL; return NULL; } @@ -3190,7 +3190,7 @@ void ssl_clear_hash_ctx(EVP_MD_CTX **hash) { if (*hash) - EVP_MD_CTX_destroy(*hash); + EVP_MD_CTX_free(*hash); *hash = NULL; } @@ -3204,7 +3204,7 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen) ret = 0; goto err; } - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) { ret = 0; goto err; @@ -3213,7 +3213,7 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen) || EVP_DigestFinal_ex(ctx, out, NULL) <= 0) ret = 0; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index f19ac8e38a..60c0983def 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1592,7 +1592,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) #endif PACKET save_param_start, signature; - md_ctx = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -1921,7 +1921,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) } } EVP_PKEY_free(pkey); - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return MSG_PROCESS_CONTINUE_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -1938,7 +1938,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) EC_POINT_free(srvr_ecpoint); EC_KEY_free(ecdh); #endif - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2721,7 +2721,7 @@ psk_err: * Compute shared IV and store it in algorithm-specific context * data */ - ukm_hash = EVP_MD_CTX_create(); + ukm_hash = EVP_MD_CTX_new(); if (EVP_DigestInit(ukm_hash, EVP_get_digestbynid(dgst_nid)) <= 0 || EVP_DigestUpdate(ukm_hash, s->s3->client_random, @@ -2729,12 +2729,12 @@ psk_err: || EVP_DigestUpdate(ukm_hash, s->s3->server_random, SSL3_RANDOM_SIZE) <= 0 || EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len) <= 0) { - EVP_MD_CTX_destroy(ukm_hash); + EVP_MD_CTX_free(ukm_hash); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } - EVP_MD_CTX_destroy(ukm_hash); + EVP_MD_CTX_free(ukm_hash); if (EVP_PKEY_CTX_ctrl (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) { @@ -2905,7 +2905,7 @@ int tls_construct_client_verify(SSL *s) long hdatalen = 0; void *hdata; - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (mctx == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE); goto err; @@ -2958,10 +2958,10 @@ int tls_construct_client_verify(SSL *s) goto err; } - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return 1; err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return 0; } diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index aafd28f8de..6d73659df6 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -204,8 +204,7 @@ void dtls1_hm_fragment_free(hm_fragment *frag) if (frag->msg_header.is_ccs) { EVP_CIPHER_CTX_free(frag->msg_header. saved_retransmit_state.enc_write_ctx); - EVP_MD_CTX_destroy(frag->msg_header. - saved_retransmit_state.write_hash); + EVP_MD_CTX_free(frag->msg_header.saved_retransmit_state.write_hash); } OPENSSL_free(frag->fragment); OPENSSL_free(frag->reassembly); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index f1d1796d1e..3ccb28777e 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1733,7 +1733,7 @@ int tls_construct_server_key_exchange(SSL *s) BIGNUM *r[4]; int nr[4], kn; BUF_MEM *buf; - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -2075,7 +2075,7 @@ int tls_construct_server_key_exchange(SSL *s) goto f_err; } - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 1; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -2084,7 +2084,7 @@ int tls_construct_server_key_exchange(SSL *s) OPENSSL_free(encodedPoint); BN_CTX_free(bn_ctx); #endif - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); ossl_statem_set_error(s); return 0; } @@ -2888,7 +2888,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) long hdatalen = 0; void *hdata; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); if (mctx == NULL) { SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_MALLOC_FAILURE); @@ -3013,7 +3013,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) } BIO_free(s->s3->handshake_buffer); s->s3->handshake_buffer = NULL; - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); EVP_PKEY_free(pkey); return ret; } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 05a0ec7caa..5889558d7e 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -166,9 +166,9 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec, chunk = EVP_MD_size(md); OPENSSL_assert(chunk >= 0); - ctx = EVP_MD_CTX_create(); - ctx_tmp = EVP_MD_CTX_create(); - ctx_init = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); + ctx_tmp = EVP_MD_CTX_new(); + ctx_init = EVP_MD_CTX_new(); if (ctx == NULL || ctx_tmp == NULL || ctx_init == NULL) goto err; EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); @@ -230,9 +230,9 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec, ret = 1; err: EVP_PKEY_free(mac_key); - EVP_MD_CTX_destroy(ctx); - EVP_MD_CTX_destroy(ctx_tmp); - EVP_MD_CTX_destroy(ctx_init); + EVP_MD_CTX_free(ctx); + EVP_MD_CTX_free(ctx_tmp); + EVP_MD_CTX_free(ctx_init); OPENSSL_cleanse(A1, sizeof(A1)); return ret; } @@ -374,7 +374,7 @@ int tls1_change_cipher_state(SSL *s, int which) goto err; dd = s->enc_write_ctx; if (SSL_IS_DTLS(s)) { - mac_ctx = EVP_MD_CTX_create(); + mac_ctx = EVP_MD_CTX_new(); if (mac_ctx == NULL) goto err; s->write_hash = mac_ctx; |