diff options
Diffstat (limited to 'crypto')
32 files changed, 123 insertions, 102 deletions
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 3243beadd2..4931e222a0 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -82,7 +82,7 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, p=str; i2d(data,&p); - EVP_Digest(str, i, md, len, type); + EVP_Digest(str, i, md, len, type, NULL); OPENSSL_free(str); return(1); } @@ -99,7 +99,7 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, i=ASN1_item_i2d(asn,&str, it); if (!str) return(0); - EVP_Digest(str, i, md, len, type); + EVP_Digest(str, i, md, len, type, NULL); OPENSSL_free(str); return(1); } diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 6cc5c37ded..fc65b4ea56 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -123,7 +123,7 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, p=buf_in; i2d(data,&p); - EVP_SignInit(&ctx,type); + EVP_SignInit_ex(&ctx,type, NULL); EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) @@ -199,7 +199,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, goto err; } - EVP_SignInit(&ctx,type); + EVP_SignInit_ex(&ctx,type, NULL); EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 59ba322839..bf41de5146 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -100,7 +100,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, p=buf_in; i2d(data,&p); - EVP_VerifyInit(&ctx,type); + EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); memset(buf_in,0,(unsigned int)inl); @@ -150,7 +150,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat goto err; } - EVP_VerifyInit(&ctx,type); + EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); memset(buf_in,0,(unsigned int)inl); diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 9bfd0218ab..7a1d9ba39a 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -196,7 +196,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) i = strlen((char *)buf); /* If the key is used for SGC the algorithm is modified a little. */ if(sgckey) { - EVP_Digest(buf, i, buf, NULL, EVP_md5()); + EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL); memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; } @@ -284,7 +284,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, i = strlen((char *)buf); if(sgckey){ - EVP_Digest(buf, i, buf, NULL, EVP_md5()); + EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL); memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; } diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 454c695eb2..5de4833ed0 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -270,7 +270,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) goto err; i2d_X509_NAME(x->cert_info->subject, &dertmp); - EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1()); + EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; @@ -284,7 +284,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) goto err; EVP_Digest(x->cert_info->key->public_key->data, - x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1()); + x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 0dc00191ab..dc9c249310 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -159,8 +159,8 @@ DSA *DSA_generate_parameters(int bits, } /* step 2 */ - EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH); - EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH); + EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); + EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); for (i=0; i<SHA_DIGEST_LENGTH; i++) md[i]^=buf2[i]; @@ -207,7 +207,7 @@ DSA *DSA_generate_parameters(int bits, if (buf[i] != 0) break; } - EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH); + EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); /* step 8 */ if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index 4543d4d96a..c632dfb202 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -176,7 +176,7 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) { case BIO_CTRL_RESET: if (b->init) - EVP_DigestInit(ctx,ctx->digest); + EVP_DigestInit_ex(ctx,ctx->digest, NULL); else ret=0; ret=BIO_ctrl(b->next_bio,cmd,num,ptr); @@ -207,13 +207,13 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) case BIO_C_SET_MD: md=ptr; - EVP_DigestInit(ctx,md); + EVP_DigestInit_ex(ctx,md, NULL); b->init=1; break; case BIO_CTRL_DUP: dbio=ptr; dctx=dbio->ptr; - EVP_MD_CTX_copy(dctx,ctx); + EVP_MD_CTX_copy_ex(dctx,ctx); b->init=1; break; default: @@ -246,7 +246,7 @@ static int md_gets(BIO *bp, char *buf, int size) ctx=bp->ptr; if (size < ctx->digest->md_size) return(0); - EVP_DigestFinal(ctx,(unsigned char *)buf,&ret); + EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret); return((int)ret); } diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 6b00741e47..3cbc6e7848 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -415,7 +415,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_C_SET_MD: md=ptr; - EVP_DigestInit(&ctx->md,md); + EVP_DigestInit_ex(&ctx->md, md, NULL); b->init=1; break; case BIO_C_GET_MD: @@ -470,7 +470,7 @@ static void sig_out(BIO* b) if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return; - EVP_DigestInit(md, md->digest); + EVP_DigestInit_ex(md, md->digest, NULL); /* FIXME: there's absolutely no guarantee this makes any sense at all, * particularly now EVP_MD_CTX has been restructured. */ @@ -480,7 +480,7 @@ static void sig_out(BIO* b) ctx->buf_len+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); - EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL); + EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; ctx->sigio= 0; @@ -498,13 +498,13 @@ static void sig_in(BIO* b) if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return; - EVP_DigestInit(md, md->digest); + EVP_DigestInit_ex(md, md->digest, NULL); memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); longswap(md->md_data, md->digest->md_size); ctx->buf_off+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); - EVP_DigestFinal(md, tmp, NULL); + EVP_DigestFinal_ex(md, tmp, NULL); ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; ctx->buf_off+= md->digest->md_size; if(ret == 1) @@ -537,7 +537,7 @@ static void block_out(BIO* b) memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); tl= swapem(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); - EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL); + EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; } @@ -557,7 +557,7 @@ static void block_in(BIO* b) if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); - EVP_DigestFinal(md, tmp, NULL); + EVP_DigestFinal_ex(md, tmp, NULL); if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) { /* there might be parts from next block lurking around ! */ diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index aa1729012e..b0c8e0a968 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -131,6 +131,7 @@ EVP_MD_CTX *EVP_MD_CTX_create(void) int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) { + EVP_MD_CTX_init(ctx); return EVP_DigestInit_ex(ctx, type, NULL); } @@ -201,6 +202,15 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { int ret; + ret = EVP_DigestFinal_ex(ctx, md, size); + EVP_MD_CTX_cleanup(ctx); + return ret; + } + +/* The caller can assume that this removes any secret data from the context */ +int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) + { + int ret; ret=ctx->digest->final(ctx,md); if (size != NULL) *size=ctx->digest->md_size; @@ -215,6 +225,12 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { + EVP_MD_CTX_init(out); + return EVP_MD_CTX_copy_ex(out, in); + } + +int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) + { if ((in == NULL) || (in->digest == NULL)) { EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); @@ -243,16 +259,16 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) } int EVP_Digest(void *data, unsigned int count, - unsigned char *md, unsigned int *size, const EVP_MD *type) + unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX ctx; int ret; EVP_MD_CTX_init(&ctx); EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); - ret=EVP_DigestInit(&ctx, type) + ret=EVP_DigestInit_ex(&ctx, type, impl) && EVP_DigestUpdate(&ctx, data, count) - && EVP_DigestFinal(&ctx, md, size); + && EVP_DigestFinal_ex(&ctx, md, size); EVP_MD_CTX_cleanup(&ctx); return ret; diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 718b3d5ecb..ff3c797d98 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -425,8 +425,10 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, #define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) #define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) +#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) #define EVP_SignInit(a,b) EVP_DigestInit(a,b) #define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) #define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) #define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) #define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) @@ -457,17 +459,20 @@ void EVP_MD_CTX_init(EVP_MD_CTX *ctx); int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); EVP_MD_CTX *EVP_MD_CTX_create(void); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); -int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); +int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); #define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) #define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) #define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) -int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, unsigned int cnt); -int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); +int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_Digest(void *data, unsigned int count, - unsigned char *md, unsigned int *size, const EVP_MD *type); + unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); + +int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); +int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); +int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); void EVP_set_pw_prompt(char *prompt); diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 802e6de3b5..9d9b0af8de 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -121,19 +121,19 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, EVP_MD_CTX_init(&c); for (;;) { - EVP_DigestInit(&c,md); + EVP_DigestInit_ex(&c,md, NULL); if (addmd++) EVP_DigestUpdate(&c,&(md_buf[0]),mds); EVP_DigestUpdate(&c,data,datal); if (salt != NULL) EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); + EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds); for (i=1; i<(unsigned int)count; i++) { - EVP_DigestInit(&c,md); + EVP_DigestInit_ex(&c,md, NULL); EVP_DigestUpdate(&c,&(md_buf[0]),mds); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); + EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds); } i=0; if (nkey) diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c index da34c47bed..435bb09ee7 100644 --- a/crypto/evp/evp_test.c +++ b/crypto/evp/evp_test.c @@ -245,7 +245,7 @@ static int test_digest(const char *digest, hexdump(stdout,"Digest",ciphertext,cn); EVP_MD_CTX_init(&ctx); - if(!EVP_DigestInit(&ctx,d)) + if(!EVP_DigestInit_ex(&ctx,d, NULL)) { fprintf(stderr,"DigestInit failed\n"); exit(100); @@ -255,7 +255,7 @@ static int test_digest(const char *digest, fprintf(stderr,"DigestUpdate failed\n"); exit(101); } - if(!EVP_DigestFinal(&ctx,md,&mdn)) + if(!EVP_DigestFinal_ex(&ctx,md,&mdn)) { fprintf(stderr,"DigestFinal failed\n"); exit(101); diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index f05273f257..cbe904d495 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -129,19 +129,19 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, else if(passlen == -1) passlen = strlen(pass); EVP_MD_CTX_init(&ctx); - EVP_DigestInit (&ctx, md); - EVP_DigestUpdate (&ctx, pass, passlen); - EVP_DigestUpdate (&ctx, salt, saltlen); + EVP_DigestInit_ex(&ctx, md, NULL); + EVP_DigestUpdate(&ctx, pass, passlen); + EVP_DigestUpdate(&ctx, salt, saltlen); PBEPARAM_free(pbe); - EVP_DigestFinal (&ctx, md_tmp, NULL); + EVP_DigestFinal_ex(&ctx, md_tmp, NULL); for (i = 1; i < iter; i++) { - EVP_DigestInit(&ctx, md); + EVP_DigestInit_ex(&ctx, md, NULL); EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md)); - EVP_DigestFinal (&ctx, md_tmp, NULL); + EVP_DigestFinal_ex (&ctx, md_tmp, NULL); } EVP_MD_CTX_cleanup(&ctx); - memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher)); - memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), + memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); + memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), EVP_CIPHER_iv_length(cipher)); EVP_CipherInit(cctx, cipher, key, iv, en_de); memset(md_tmp, 0, EVP_MAX_MD_SIZE); diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 340dd05c8c..e4ae5906f5 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -65,7 +65,7 @@ #ifdef undef void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) { - EVP_DigestInit(ctx,type); + EVP_DigestInit_ex(ctx,type); } void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, @@ -85,8 +85,8 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, *siglen=0; EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy(&tmp_ctx,ctx); - EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); EVP_MD_CTX_cleanup(&tmp_ctx); for (i=0; i<4; i++) { diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index af175b84f7..d854d743a5 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -86,8 +86,8 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, return(-1); } EVP_MD_CTX_init(&tmp_ctx); - EVP_MD_CTX_copy(&tmp_ctx,ctx); - EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); + EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); EVP_MD_CTX_cleanup(&tmp_ctx); if (ctx->digest->verify == NULL) { diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 4403c84269..a2a49d986a 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -80,9 +80,9 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, j=EVP_MD_block_size(md); if (j < len) { - EVP_DigestInit(&ctx->md_ctx,md); + EVP_DigestInit_ex(&ctx->md_ctx,md, NULL); EVP_DigestUpdate(&ctx->md_ctx,key,len); - EVP_DigestFinal(&(ctx->md_ctx),ctx->key, + EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key, &ctx->key_length); } else @@ -99,15 +99,15 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, { for (i=0; i<HMAC_MAX_MD_CBLOCK; i++) pad[i]=0x36^ctx->key[i]; - EVP_DigestInit(&ctx->i_ctx,md); + EVP_DigestInit_ex(&ctx->i_ctx,md, NULL); EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)); for (i=0; i<HMAC_MAX_MD_CBLOCK; i++) pad[i]=0x5c^ctx->key[i]; - EVP_DigestInit(&ctx->o_ctx,md); + EVP_DigestInit_ex(&ctx->o_ctx,md, NULL); EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)); } - EVP_MD_CTX_copy(&ctx->md_ctx,&ctx->i_ctx); + EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx); } void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) @@ -123,10 +123,10 @@ void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) j=EVP_MD_block_size(ctx->md); - EVP_DigestFinal(&ctx->md_ctx,buf,&i); - EVP_MD_CTX_copy(&ctx->md_ctx,&ctx->o_ctx); + EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i); + EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx); EVP_DigestUpdate(&ctx->md_ctx,buf,i); - EVP_DigestFinal(&ctx->md_ctx,md,len); + EVP_DigestFinal_ex(&ctx->md_ctx,md,len); } void HMAC_CTX_init(HMAC_CTX *ctx) diff --git a/crypto/md2/md2test.c b/crypto/md2/md2test.c index c629280ed6..7d3664faf5 100644 --- a/crypto/md2/md2test.c +++ b/crypto/md2/md2test.c @@ -108,7 +108,7 @@ int main(int argc, char *argv[]) i=1; while (*P != NULL) { - EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2()); + EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2(), NULL); p=pt(md); if (strcmp(p,*R) != 0) { diff --git a/crypto/md4/md4test.c b/crypto/md4/md4test.c index 59ad0a3ab8..e0fdc42282 100644 --- a/crypto/md4/md4test.c +++ b/crypto/md4/md4test.c @@ -104,7 +104,7 @@ int main(int argc, char *argv[]) i=1; while (*P != NULL) { - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4()); + EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { diff --git a/crypto/md5/md5test.c b/crypto/md5/md5test.c index b10cd59471..862b89658a 100644 --- a/crypto/md5/md5test.c +++ b/crypto/md5/md5test.c @@ -104,7 +104,7 @@ int main(int argc, char *argv[]) i=1; while (*P != NULL) { - EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5()); + EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5(), NULL); p=pt(md); if (strcmp(p,(char *)*R) != 0) { diff --git a/crypto/mdc2/mdc2test.c b/crypto/mdc2/mdc2test.c index acb517e0cb..6db546025d 100644 --- a/crypto/mdc2/mdc2test.c +++ b/crypto/mdc2/mdc2test.c @@ -101,9 +101,9 @@ int main(int argc, char *argv[]) #endif EVP_MD_CTX_init(&c); - EVP_DigestInit(&c,EVP_mdc2()); + EVP_DigestInit_ex(&c,EVP_mdc2(), NULL); EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text)); - EVP_DigestFinal(&c,&(md[0]),NULL); + EVP_DigestFinal_ex(&c,&(md[0]),NULL); if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0) { @@ -118,11 +118,11 @@ int main(int argc, char *argv[]) else printf("pad1 - ok\n"); - EVP_DigestInit(&c,EVP_mdc2()); + EVP_DigestInit_ex(&c,EVP_mdc2(), NULL); /* FIXME: use a ctl function? */ ((MDC2_CTX *)c.md_data)->pad_type=2; EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text)); - EVP_DigestFinal(&c,&(md[0]),NULL); + EVP_DigestFinal_ex(&c,&(md[0]),NULL); if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0) { diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index 1ff8f4f423..3875af165c 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -123,7 +123,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err; /* Calculate the issuerKey hash, excluding tag and length */ - EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst); + EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL); if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err; diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c index 42d598dd78..c3b9808cb2 100644 --- a/crypto/pem/pem_sign.c +++ b/crypto/pem/pem_sign.c @@ -66,7 +66,7 @@ void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) { - EVP_DigestInit(ctx,type); + EVP_DigestInit_ex(ctx, type, NULL); } void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 2defeda518..1a405676f8 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -148,14 +148,14 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; for (i = 0; i < Plen; i++) *p++ = pass[i % passlen]; for (;;) { - EVP_DigestInit (&ctx, md_type); - EVP_DigestUpdate (&ctx, D, v); - EVP_DigestUpdate (&ctx, I, Ilen); - EVP_DigestFinal (&ctx, Ai, NULL); + EVP_DigestInit_ex(&ctx, md_type, NULL); + EVP_DigestUpdate(&ctx, D, v); + EVP_DigestUpdate(&ctx, I, Ilen); + EVP_DigestFinal_ex(&ctx, Ai, NULL); for (j = 1; j < iter; j++) { - EVP_DigestInit (&ctx, md_type); - EVP_DigestUpdate (&ctx, Ai, u); - EVP_DigestFinal (&ctx, Ai, NULL); + EVP_DigestInit_ex(&ctx, md_type, NULL); + EVP_DigestUpdate(&ctx, Ai, u); + EVP_DigestFinal_ex(&ctx, Ai, NULL); } memcpy (out, Ai, min (n, u)); if (u >= n) { diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 4ff021e323..4cc30554c5 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -538,7 +538,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* We now have the EVP_MD_CTX, lets do the * signing. */ EVP_MD_CTX_init(&ctx_tmp); - EVP_MD_CTX_copy(&ctx_tmp,mdc); + EVP_MD_CTX_copy_ex(&ctx_tmp,mdc); if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey))) { PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); @@ -565,7 +565,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) /* Add digest */ md_tmp=EVP_MD_CTX_md(&ctx_tmp); - EVP_DigestFinal(&ctx_tmp,md_data,&md_len); + EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len); digest=M_ASN1_OCTET_STRING_new(); M_ASN1_OCTET_STRING_set(digest,md_data,md_len); PKCS7_add_signed_attribute(si, @@ -573,7 +573,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) V_ASN1_OCTET_STRING,digest); /* Now sign the attributes */ - EVP_SignInit(&ctx_tmp,md_tmp); + EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL); alen = ASN1_item_i2d((ASN1_VALUE *)sk,&abuf, ASN1_ITEM_rptr(PKCS7_ATTR_SIGN)); if(!abuf) goto err; @@ -729,7 +729,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, /* mdc is the digest ctx that we want, unless there are attributes, * in which case the digest is the signed attributes */ - EVP_MD_CTX_copy(&mdc_tmp,mdc); + EVP_MD_CTX_copy_ex(&mdc_tmp,mdc); sk=si->auth_attr; if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) @@ -738,7 +738,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, unsigned int md_len, alen; ASN1_OCTET_STRING *message_digest; - EVP_DigestFinal(&mdc_tmp,md_dat,&md_len); + EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len); message_digest=PKCS7_digest_from_attributes(sk); if (!message_digest) { @@ -763,7 +763,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); goto err; } - EVP_VerifyInit(&mdc_tmp,EVP_get_digestbynid(md_type)); + EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL); alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY)); diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h index 21070efa7a..069b725344 100644 --- a/crypto/rand/rand_lcl.h +++ b/crypto/rand/rand_lcl.h @@ -131,26 +131,26 @@ #include <openssl/evp.h> #define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) -#define MD_Final(a,b) EVP_DigestFinal(a,b,NULL) +#define MD_Final(a,b) EVP_Dige |