Clean up EVP_MD_CTX_{legacy_clear,cleanup}() usage in x509/x509_cmp.c

ok tb@
author: joshua <> 2024-03-25 03:41:16 +0000
committer: joshua <> 2024-03-25 03:41:16 +0000
commit: 3a5ecf615999de2ca423f35d445edcac87059b45 (patch)
tree: 7619be7aadccff3d9c90f57a051f585e6ecfe994
parent: 5b2c7b1c97209f380ad76d8f409db7f19ccb1a14 (diff)
download: openbsd-3a5ecf615999de2ca423f35d445edcac87059b45.tar.gz
openbsd-3a5ecf615999de2ca423f35d445edcac87059b45.tar.bz2
openbsd-3a5ecf615999de2ca423f35d445edcac87059b45.zip
1 files changed, 25 insertions, 21 deletions
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index 6098b6e7e8..2c1e427093 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_cmp.c,v 1.43 2024/02/18 15:45:42 tb Exp $ */
+/* $OpenBSD: x509_cmp.c,v 1.44 2024/03/25 03:41:16 joshua Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -91,34 +91,35 @@ unsigned long
 X509_issuer_and_serial_hash(X509 *a)
 {
        unsigned long ret = 0;
-        EVP_MD_CTX ctx;
+        EVP_MD_CTX *md_ctx;
        unsigned char md[16];
-        char *f;
+        char *f = NULL;
-        EVP_MD_CTX_legacy_clear(&ctx);
+        if ((md_ctx = EVP_MD_CTX_new()) == NULL)
-        f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
-        if (f == NULL)
                goto err;
-        if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+        if ((f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0)) == NULL)
                goto err;
-        if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
+        if (!EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL))
                goto err;
-        free(f);
+        if (!EVP_DigestUpdate(md_ctx, (unsigned char *)f, strlen(f)))
-        f = NULL;
+                goto err;
-        if (!EVP_DigestUpdate(&ctx,
+        if (!EVP_DigestUpdate(md_ctx,
            (unsigned char *)a->cert_info->serialNumber->data,
            (unsigned long)a->cert_info->serialNumber->length))
                goto err;
-        if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
+        if (!EVP_DigestFinal_ex(md_ctx, &(md[0]), NULL))
                goto err;
        ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
            ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) &
            0xffffffffL;
 err:
-        EVP_MD_CTX_cleanup(&ctx);
+        EVP_MD_CTX_free(md_ctx);
        free(f);
-        return (ret);
+        return ret;
 }
 LCRYPTO_ALIAS(X509_issuer_and_serial_hash);
 #endif
@@ -285,24 +286,27 @@ LCRYPTO_ALIAS(X509_NAME_hash);
 unsigned long
 X509_NAME_hash_old(X509_NAME *x)
 {
-        EVP_MD_CTX md_ctx;
+        EVP_MD_CTX *md_ctx;
        unsigned long ret = 0;
        unsigned char md[16];
+        if ((md_ctx = EVP_MD_CTX_new()) == NULL)
+                return ret;
        /* Make sure X509_NAME structure contains valid cached encoding */
        i2d_X509_NAME(x, NULL);
-        EVP_MD_CTX_legacy_clear(&md_ctx);
+        if (EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL) &&
-        if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) &&
+            EVP_DigestUpdate(md_ctx, x->bytes->data, x->bytes->length) &&
-            EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) &&
+            EVP_DigestFinal_ex(md_ctx, md, NULL))
-            EVP_DigestFinal_ex(&md_ctx, md, NULL))
                ret = (((unsigned long)md[0]) |
                    ((unsigned long)md[1] << 8L) |
                    ((unsigned long)md[2] << 16L) |
                    ((unsigned long)md[3] << 24L)) &
                    0xffffffffL;
-        EVP_MD_CTX_cleanup(&md_ctx);
-        return (ret);
+        EVP_MD_CTX_free(md_ctx);
+        return ret;
 }
 LCRYPTO_ALIAS(X509_NAME_hash_old);
 #endif
author	joshua <>	2024-03-25 03:41:16 +0000
committer	joshua <>	2024-03-25 03:41:16 +0000
commit	3a5ecf615999de2ca423f35d445edcac87059b45 (patch)
tree	7619be7aadccff3d9c90f57a051f585e6ecfe994
parent	5b2c7b1c97209f380ad76d8f409db7f19ccb1a14 (diff)
download	openbsd-3a5ecf615999de2ca423f35d445edcac87059b45.tar.gz openbsd-3a5ecf615999de2ca423f35d445edcac87059b45.tar.bz2 openbsd-3a5ecf615999de2ca423f35d445edcac87059b45.zip

diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index 6098b6e7e8..2c1e427093 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_cmp.c,v 1.43 2024/02/18 15:45:42 tb Exp $ */	1	/* $OpenBSD: x509_cmp.c,v 1.44 2024/03/25 03:41:16 joshua Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -91,34 +91,35 @@ unsigned long
91	X509_issuer_and_serial_hash(X509 *a)	91	X509_issuer_and_serial_hash(X509 *a)
92	{	92	{
93	unsigned long ret = 0;	93	unsigned long ret = 0;
94	EVP_MD_CTX ctx;	94	EVP_MD_CTX *md_ctx;
95	unsigned char md[16];	95	unsigned char md[16];
96	char *f;	96	char *f = NULL;
97		97
98	EVP_MD_CTX_legacy_clear(&ctx);	98	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
99	f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
100	if (f == NULL)
101	goto err;	99	goto err;
102	if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))	100
		101	if ((f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0)) == NULL)
103	goto err;	102	goto err;
104	if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))	103	if (!EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL))
105	goto err;	104	goto err;
106	free(f);	105	if (!EVP_DigestUpdate(md_ctx, (unsigned char *)f, strlen(f)))
107	f = NULL;	106	goto err;
108	if (!EVP_DigestUpdate(&ctx,	107	if (!EVP_DigestUpdate(md_ctx,
109	(unsigned char *)a->cert_info->serialNumber->data,	108	(unsigned char *)a->cert_info->serialNumber->data,
110	(unsigned long)a->cert_info->serialNumber->length))	109	(unsigned long)a->cert_info->serialNumber->length))
111	goto err;	110	goto err;
112	if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))	111	if (!EVP_DigestFinal_ex(md_ctx, &(md[0]), NULL))
113	goto err;	112	goto err;
		113
114	ret = (((unsigned long)md[0]) \| ((unsigned long)md[1] << 8L) \|	114	ret = (((unsigned long)md[0]) \| ((unsigned long)md[1] << 8L) \|
115	((unsigned long)md[2] << 16L) \| ((unsigned long)md[3] << 24L)) &	115	((unsigned long)md[2] << 16L) \| ((unsigned long)md[3] << 24L)) &
116	0xffffffffL;	116	0xffffffffL;
117		117
118	err:	118	err:
119	EVP_MD_CTX_cleanup(&ctx);	119	EVP_MD_CTX_free(md_ctx);
120	free(f);	120	free(f);
121	return (ret);	121
		122	return ret;
122	}	123	}
123	LCRYPTO_ALIAS(X509_issuer_and_serial_hash);	124	LCRYPTO_ALIAS(X509_issuer_and_serial_hash);
124	#endif	125	#endif
@@ -285,24 +286,27 @@ LCRYPTO_ALIAS(X509_NAME_hash);
285	unsigned long	286	unsigned long
286	X509_NAME_hash_old(X509_NAME *x)	287	X509_NAME_hash_old(X509_NAME *x)
287	{	288	{
288	EVP_MD_CTX md_ctx;	289	EVP_MD_CTX *md_ctx;
289	unsigned long ret = 0;	290	unsigned long ret = 0;
290	unsigned char md[16];	291	unsigned char md[16];
291		292
		293	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
		294	return ret;
		295
292	/* Make sure X509_NAME structure contains valid cached encoding */	296	/* Make sure X509_NAME structure contains valid cached encoding */
293	i2d_X509_NAME(x, NULL);	297	i2d_X509_NAME(x, NULL);
294	EVP_MD_CTX_legacy_clear(&md_ctx);	298	if (EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL) &&
295	if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) &&	299	EVP_DigestUpdate(md_ctx, x->bytes->data, x->bytes->length) &&
296	EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) &&	300	EVP_DigestFinal_ex(md_ctx, md, NULL))
297	EVP_DigestFinal_ex(&md_ctx, md, NULL))
298	ret = (((unsigned long)md[0]) \|	301	ret = (((unsigned long)md[0]) \|
299	((unsigned long)md[1] << 8L) \|	302	((unsigned long)md[1] << 8L) \|
300	((unsigned long)md[2] << 16L) \|	303	((unsigned long)md[2] << 16L) \|
301	((unsigned long)md[3] << 24L)) &	304	((unsigned long)md[3] << 24L)) &
302	0xffffffffL;	305	0xffffffffL;
303	EVP_MD_CTX_cleanup(&md_ctx);
304		306
305	return (ret);	307	EVP_MD_CTX_free(md_ctx);
		308
		309	return ret;
306	}	310	}
307	LCRYPTO_ALIAS(X509_NAME_hash_old);	311	LCRYPTO_ALIAS(X509_NAME_hash_old);
308	#endif	312	#endif