diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-09-13 02:08:33 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-09-13 12:12:33 +1000 |
commit | 482d23bcacdd3664f21cc82a5135f66fc598275f (patch) | |
tree | 362f697a94da0a765d1dabcfbf33370b2a4df121 /digest-openssl.c | |
parent | d70d061828730a56636ab6f1f24fe4a8ccefcfc1 (diff) |
upstream: hold our collective noses and use the openssl-1.1.x API in
OpenSSH; feedback and ok tb@ jsing@ markus@
OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
Diffstat (limited to 'digest-openssl.c')
-rw-r--r-- | digest-openssl.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/digest-openssl.c b/digest-openssl.c index 277099929..da7ed72bc 100644 --- a/digest-openssl.c +++ b/digest-openssl.c | |||
@@ -43,7 +43,7 @@ | |||
43 | 43 | ||
44 | struct ssh_digest_ctx { | 44 | struct ssh_digest_ctx { |
45 | int alg; | 45 | int alg; |
46 | EVP_MD_CTX mdctx; | 46 | EVP_MD_CTX *mdctx; |
47 | }; | 47 | }; |
48 | 48 | ||
49 | struct ssh_digest { | 49 | struct ssh_digest { |
@@ -106,7 +106,7 @@ ssh_digest_bytes(int alg) | |||
106 | size_t | 106 | size_t |
107 | ssh_digest_blocksize(struct ssh_digest_ctx *ctx) | 107 | ssh_digest_blocksize(struct ssh_digest_ctx *ctx) |
108 | { | 108 | { |
109 | return EVP_MD_CTX_block_size(&ctx->mdctx); | 109 | return EVP_MD_CTX_block_size(ctx->mdctx); |
110 | } | 110 | } |
111 | 111 | ||
112 | struct ssh_digest_ctx * | 112 | struct ssh_digest_ctx * |
@@ -118,11 +118,14 @@ ssh_digest_start(int alg) | |||
118 | if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) | 118 | if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL)) |
119 | return NULL; | 119 | return NULL; |
120 | ret->alg = alg; | 120 | ret->alg = alg; |
121 | EVP_MD_CTX_init(&ret->mdctx); | 121 | if ((ret->mdctx = EVP_MD_CTX_new()) == NULL) { |
122 | if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) { | ||
123 | free(ret); | 122 | free(ret); |
124 | return NULL; | 123 | return NULL; |
125 | } | 124 | } |
125 | if (EVP_DigestInit_ex(ret->mdctx, digest->mdfunc(), NULL) != 1) { | ||
126 | ssh_digest_free(ret); | ||
127 | return NULL; | ||
128 | } | ||
126 | return ret; | 129 | return ret; |
127 | } | 130 | } |
128 | 131 | ||
@@ -132,7 +135,7 @@ ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) | |||
132 | if (from->alg != to->alg) | 135 | if (from->alg != to->alg) |
133 | return SSH_ERR_INVALID_ARGUMENT; | 136 | return SSH_ERR_INVALID_ARGUMENT; |
134 | /* we have bcopy-style order while openssl has memcpy-style */ | 137 | /* we have bcopy-style order while openssl has memcpy-style */ |
135 | if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx)) | 138 | if (!EVP_MD_CTX_copy_ex(to->mdctx, from->mdctx)) |
136 | return SSH_ERR_LIBCRYPTO_ERROR; | 139 | return SSH_ERR_LIBCRYPTO_ERROR; |
137 | return 0; | 140 | return 0; |
138 | } | 141 | } |
@@ -140,7 +143,7 @@ ssh_digest_copy_state(struct ssh_digest_ctx *from, struct ssh_digest_ctx *to) | |||
140 | int | 143 | int |
141 | ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) | 144 | ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) |
142 | { | 145 | { |
143 | if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1) | 146 | if (EVP_DigestUpdate(ctx->mdctx, m, mlen) != 1) |
144 | return SSH_ERR_LIBCRYPTO_ERROR; | 147 | return SSH_ERR_LIBCRYPTO_ERROR; |
145 | return 0; | 148 | return 0; |
146 | } | 149 | } |
@@ -161,7 +164,7 @@ ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | |||
161 | return SSH_ERR_INVALID_ARGUMENT; | 164 | return SSH_ERR_INVALID_ARGUMENT; |
162 | if (dlen < digest->digest_len) /* No truncation allowed */ | 165 | if (dlen < digest->digest_len) /* No truncation allowed */ |
163 | return SSH_ERR_INVALID_ARGUMENT; | 166 | return SSH_ERR_INVALID_ARGUMENT; |
164 | if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1) | 167 | if (EVP_DigestFinal_ex(ctx->mdctx, d, &l) != 1) |
165 | return SSH_ERR_LIBCRYPTO_ERROR; | 168 | return SSH_ERR_LIBCRYPTO_ERROR; |
166 | if (l != digest->digest_len) /* sanity */ | 169 | if (l != digest->digest_len) /* sanity */ |
167 | return SSH_ERR_INTERNAL_ERROR; | 170 | return SSH_ERR_INTERNAL_ERROR; |
@@ -171,11 +174,10 @@ ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | |||
171 | void | 174 | void |
172 | ssh_digest_free(struct ssh_digest_ctx *ctx) | 175 | ssh_digest_free(struct ssh_digest_ctx *ctx) |
173 | { | 176 | { |
174 | if (ctx != NULL) { | 177 | if (ctx == NULL) |
175 | EVP_MD_CTX_cleanup(&ctx->mdctx); | 178 | return; |
176 | explicit_bzero(ctx, sizeof(*ctx)); | 179 | EVP_MD_CTX_free(ctx->mdctx); |
177 | free(ctx); | 180 | freezero(ctx, sizeof(*ctx)); |
178 | } | ||
179 | } | 181 | } |
180 | 182 | ||
181 | int | 183 | int |