diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2018-09-13 02:08:33 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-09-13 12:12:33 +1000 |
| commit | 482d23bcacdd3664f21cc82a5135f66fc598275f (patch) | |
| tree | 362f697a94da0a765d1dabcfbf33370b2a4df121 /digest-openssl.c | |
| parent | d70d061828730a56636ab6f1f24fe4a8ccefcfc1 (diff) | |
upstream: hold our collective noses and use the openssl-1.1.x API in
OpenSSH; feedback and ok tb@ jsing@ markus@
OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
Diffstat (limited to 'digest-openssl.c')
| -rw-r--r-- | digest-openssl.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/digest-openssl.c b/digest-openssl.c index 277099929..da7ed72bc 100644 --- a/digest-openssl.c +++ b/digest-openssl.c | |||
| @@ -43,7 +43,7 @@ | |||
| 43 | 43 | ||
| 44 | struct ssh_digest_ctx { | 44 | struct ssh_digest_ctx { |
| 45 | int alg; | 45 | int alg; |
| 46 | EVP_MD_CTX mdctx; | 46 | EVP_MD_CTX *mdctx; |
| 47 | }; | 47 | }; |
| 48 | 48 | ||
| 49 | struct ssh_digest { | 49 | struct ssh_digest { |
| @@ -106,7 +106,7 @@ ssh_digest_bytes(int alg) | |||
| 106 | size_t | 106 | size_t |
| 107 | ssh_digest_blocksize(struct ssh_digest_ctx *ctx) | 107 | ssh_digest_blocksize(struct ssh_digest_ctx *ctx) |
| 108 | { | 108 | { |
| 109 | return EVP_MD_CTX_block_size(&ctx->mdctx); | 109 | return EVP_MD_CTX_block_size(ctx->mdctx); |
| 110 | } | 110 | } |
| 111 | 111 | ||
| 112 | struct ssh_digest_ctx * | 112 | struct ssh_digest_ctx * |
| @@ -118,11 +118,14 @@ ssh_digest_start(int alg) | |||
| 118 | if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) | 118 | if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) |
| 119 | return NULL; | 119 | return NULL; |
| 120 | ret->alg = alg; | 120 | ret->alg = alg; |
| 121 | EVP_MD_CTX_init(&ret->mdctx); | 121 | if ((ret->mdctx = EVP_MD_CTX_new()) == NULL) { |
| 122 | if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { | ||
| 123 | free(ret); | 122 | free(ret); |
| 124 | return NULL; | 123 | return NULL; |
| 125 | } | 124 | } |
| 125 | if (EVP_DigestInit_ex(ret->mdctx, digest->mdfunc(), NULL) != 1) { | ||
| 126 | ssh_digest_free(ret); | ||
| 127 | return NULL; | ||
| 128 | } | ||
| 126 | return ret; | 129 | return ret; |
| 127 | } | 130 | } |
| 128 | 131 | ||
| @@ -132,7 +135,7 @@ ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) | |||
| 132 | if (from->alg != to->alg) | 135 | if (from->alg != to->alg) |
| 133 | return SSH_ERR_INVALID_ARGUMENT; | 136 | return SSH_ERR_INVALID_ARGUMENT; |
| 134 | /* we have bcopy-style order while openssl has memcpy-style */ | 137 | /* we have bcopy-style order while openssl has memcpy-style */ |
| 135 | if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) | 138 | if (!EVP_MD_CTX_copy_ex(to->mdctx, from->mdctx)) |
| 136 | return SSH_ERR_LIBCRYPTO_ERROR; | 139 | return SSH_ERR_LIBCRYPTO_ERROR; |
| 137 | return 0; | 140 | return 0; |
| 138 | } | 141 | } |
| @@ -140,7 +143,7 @@ ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) | |||
| 140 | int | 143 | int |
| 141 | ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) | 144 | ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) |
| 142 | { | 145 | { |
| 143 | if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) | 146 | if (EVP_DigestUpdate(ctx->mdctx, m, mlen) != 1) |
| 144 | return SSH_ERR_LIBCRYPTO_ERROR; | 147 | return SSH_ERR_LIBCRYPTO_ERROR; |
| 145 | return 0; | 148 | return 0; |
| 146 | } | 149 | } |
| @@ -161,7 +164,7 @@ ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | |||
| 161 | return SSH_ERR_INVALID_ARGUMENT; | 164 | return SSH_ERR_INVALID_ARGUMENT; |
| 162 | if (dlen < digest->digest_len) /* No truncation allowed */ | 165 | if (dlen < digest->digest_len) /* No truncation allowed */ |
| 163 | return SSH_ERR_INVALID_ARGUMENT; | 166 | return SSH_ERR_INVALID_ARGUMENT; |
| 164 | if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) | 167 | if (EVP_DigestFinal_ex(ctx->mdctx, d, &l) != 1) |
| 165 | return SSH_ERR_LIBCRYPTO_ERROR; | 168 | return SSH_ERR_LIBCRYPTO_ERROR; |
| 166 | if (l != digest->digest_len) /* sanity */ | 169 | if (l != digest->digest_len) /* sanity */ |
| 167 | return SSH_ERR_INTERNAL_ERROR; | 170 | return SSH_ERR_INTERNAL_ERROR; |
| @@ -171,11 +174,10 @@ ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | |||
| 171 | void | 174 | void |
| 172 | ssh_digest_free(struct ssh_digest_ctx *ctx) | 175 | ssh_digest_free(struct ssh_digest_ctx *ctx) |
| 173 | { | 176 | { |
| 174 | if (ctx != NULL) { | 177 | if (ctx == NULL) |
| 175 | EVP_MD_CTX_cleanup(&ctx->mdctx); | 178 | return; |
| 176 | explicit_bzero(ctx, sizeof(*ctx)); | 179 | EVP_MD_CTX_free(ctx->mdctx); |
| 177 | free(ctx); | 180 | freezero(ctx, sizeof(*ctx)); |
| 178 | } | ||
| 179 | } | 181 | } |
| 180 | 182 | ||
| 181 | int | 183 | int |