Merge openssl-0.9.7-stable-SNAP-20020519

author: beck <> 2002-05-21 01:49:11 +0000
committer: beck <> 2002-05-21 01:49:11 +0000
commit: 7ebf0f8371844decf17c65829147760ed09339a6 (patch)
tree: b39f86312e7ebfd4945e393b8949356694ad06fe /src/lib/libcrypto/evp
parent: 2117eaece54016b776476220b41b97441e75b0e0 (diff)
download: openbsd-7ebf0f8371844decf17c65829147760ed09339a6.tar.gz
openbsd-7ebf0f8371844decf17c65829147760ed09339a6.tar.bz2
openbsd-7ebf0f8371844decf17c65829147760ed09339a6.zip
4 files changed, 24 insertions, 20 deletions
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 915fe62341..0d870d60be 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -184,7 +184,7 @@ typedef struct evp_pkey_md_st
                        EVP_rsa_octet_string(),EVP_mdc2())
 #define EVP_dsa_sha() \
                EVP_PKEY_MD_add(NID_dsaWithSHA,\
-                        EVP_dsa(),EVP_mdc2())
+                        EVP_dsa(),EVP_sha())
 #define EVP_dsa_sha1() \
                EVP_PKEY_MD_add(NID_dsaWithSHA1,\
                        EVP_dsa(),EVP_sha1())
@@ -525,7 +525,7 @@ int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 int     EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
                int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
-void    EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+int     EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
 void    EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
 void    EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index d28a7d266e..32a1c7a2e9 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -102,11 +102,13 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
                goto skip_to_init;
        if (cipher)
                {
-                /* Ensure an ENGINE left lying around from last time is cleared
+                /* Ensure a context left lying around from last time is cleared
                 * (the previous check attempted to avoid this if the same
                 * ENGINE and EVP_CIPHER could be used). */
-                if(ctx->engine)
+                EVP_CIPHER_CTX_cleanup(ctx);
-                        ENGINE_finish(ctx->engine);
+                /* Restore encrypt field: it is zeroed by cleanup */
+                ctx->encrypt = enc;
                if(impl)
                        {
                        if (!ENGINE_init(impl))
@@ -140,6 +142,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
                        }
                else
                        ctx->engine = NULL;
                ctx->cipher=cipher;
                ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
                ctx->key_len = cipher->key_len;
@@ -303,7 +306,6 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
        {
        int ret;
        ret = EVP_EncryptFinal_ex(ctx, out, outl);
-        EVP_CIPHER_CTX_cleanup(ctx);
        return ret;
        }
@@ -314,14 +316,12 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
        b=ctx->cipher->block_size;
        if (b == 1)
                {
-                EVP_CIPHER_CTX_cleanup(ctx);
                *outl=0;
                return 1;
                }
        bl=ctx->buf_len;
        if (ctx->flags & EVP_CIPH_NO_PADDING)
                {
-                EVP_CIPHER_CTX_cleanup(ctx);
                if(bl)
                        {
                        EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
@@ -336,7 +336,6 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                ctx->buf[i]=n;
        ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
-        EVP_CIPHER_CTX_cleanup(ctx);
        if(ret)
                *outl=b;
@@ -394,7 +393,6 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
        {
        int ret;
        ret = EVP_DecryptFinal_ex(ctx, out, outl);
-        EVP_CIPHER_CTX_cleanup(ctx);
        return ret;
        }
@@ -407,7 +405,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
        b=ctx->cipher->block_size;
        if (ctx->flags & EVP_CIPH_NO_PADDING)
                {
-                EVP_CIPHER_CTX_cleanup(ctx);
                if(ctx->buf_len)
                        {
                        EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
@@ -420,14 +417,12 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                {
                if (ctx->buf_len || !ctx->final_used)
                        {
-                        EVP_CIPHER_CTX_cleanup(ctx);
                        EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
                        return(0);
                        }
                n=ctx->final[b-1];
                if (n > b)
                        {
-                        EVP_CIPHER_CTX_cleanup(ctx);
                        EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
                        return(0);
                        }
@@ -435,7 +430,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                        {
                        if (ctx->final[--b] != n)
                                {
-                                EVP_CIPHER_CTX_cleanup(ctx);
                                EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
                                return(0);
                                }
@@ -447,17 +441,21 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                }
        else
                *outl=0;
-        EVP_CIPHER_CTX_cleanup(ctx);
        return(1);
        }
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
        {
-        if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
+        if (c->cipher != NULL)
                {
-                if(!c->cipher->cleanup(c)) return 0;
+                if(c->cipher->cleanup && !c->cipher->cleanup(c))
+                        return 0;
+                /* Zero cipher context data */
+                if (c->cipher_data)
+                        memset(c->cipher_data, 0, c->cipher->ctx_size);
                }
-        OPENSSL_free(c->cipher_data);
+        if (c->cipher_data)
+                OPENSSL_free(c->cipher_data);
        if (c->engine)
                /* The EVP_CIPHER we used belongs to an ENGINE, release the
                 * functional reference we held for this reason. */
diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c
index 3607fe7776..decd0713d6 100644
--- a/src/lib/libcrypto/evp/evp_test.c
+++ b/src/lib/libcrypto/evp/evp_test.c
@@ -209,6 +209,8 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
        exit(9);
        }
+    EVP_CIPHER_CTX_cleanup(&ctx);
    printf("\n");
    }
@@ -279,6 +281,8 @@ static int test_digest(const char *digest,
    printf("\n");
+    EVP_MD_CTX_cleanup(&ctx);
    return 1;
    }
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
index 5570ca3745..37e547fe72 100644
--- a/src/lib/libcrypto/evp/p_seal.c
+++ b/src/lib/libcrypto/evp/p_seal.c
@@ -106,8 +106,10 @@ int inl;
        }
 */
-void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
        {
-        EVP_EncryptFinal_ex(ctx,out,outl);
+        int i;
+        i = EVP_EncryptFinal_ex(ctx,out,outl);
        EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+        return i;
        }
author	beck <>	2002-05-21 01:49:11 +0000
committer	beck <>	2002-05-21 01:49:11 +0000
commit	7ebf0f8371844decf17c65829147760ed09339a6 (patch)
tree	b39f86312e7ebfd4945e393b8949356694ad06fe /src/lib/libcrypto/evp
parent	2117eaece54016b776476220b41b97441e75b0e0 (diff)
download	openbsd-7ebf0f8371844decf17c65829147760ed09339a6.tar.gz openbsd-7ebf0f8371844decf17c65829147760ed09339a6.tar.bz2 openbsd-7ebf0f8371844decf17c65829147760ed09339a6.zip

diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h index 915fe62341..0d870d60be 100644 --- a/src/lib/libcrypto/evp/evp.h +++ b/src/lib/libcrypto/evp/evp.h
@@ -184,7 +184,7 @@ typedef struct evp_pkey_md_st
184	EVP_rsa_octet_string(),EVP_mdc2())	184	EVP_rsa_octet_string(),EVP_mdc2())
185	#define EVP_dsa_sha() \	185	#define EVP_dsa_sha() \
186	EVP_PKEY_MD_add(NID_dsaWithSHA,\	186	EVP_PKEY_MD_add(NID_dsaWithSHA,\
187	EVP_dsa(),EVP_mdc2())	187	EVP_dsa(),EVP_sha())
188	#define EVP_dsa_sha1() \	188	#define EVP_dsa_sha1() \
189	EVP_PKEY_MD_add(NID_dsaWithSHA1,\	189	EVP_PKEY_MD_add(NID_dsaWithSHA1,\
190	EVP_dsa(),EVP_sha1())	190	EVP_dsa(),EVP_sha1())
@@ -525,7 +525,7 @@ int EVP_OpenFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl);
525		525
526	int EVP_SealInit(EVP_CIPHER_CTX ctx, const EVP_CIPHER type, unsigned char **ek,	526	int EVP_SealInit(EVP_CIPHER_CTX ctx, const EVP_CIPHER type, unsigned char **ek,
527	int ekl, unsigned char iv,EVP_PKEY **pubk, int npubk);	527	int ekl, unsigned char iv,EVP_PKEY **pubk, int npubk);
528	void EVP_SealFinal(EVP_CIPHER_CTX ctx,unsigned char out,int *outl);	528	int EVP_SealFinal(EVP_CIPHER_CTX ctx,unsigned char out,int *outl);
529		529
530	void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);	530	void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
531	void EVP_EncodeUpdate(EVP_ENCODE_CTX ctx,unsigned char out,	531	void EVP_EncodeUpdate(EVP_ENCODE_CTX ctx,unsigned char out,


diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index d28a7d266e..32a1c7a2e9 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -102,11 +102,13 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *imp
102	goto skip_to_init;	102	goto skip_to_init;
103	if (cipher)	103	if (cipher)
104	{	104	{
105	/* Ensure an ENGINE left lying around from last time is cleared	105	/* Ensure a context left lying around from last time is cleared
106	* (the previous check attempted to avoid this if the same	106	* (the previous check attempted to avoid this if the same
107	* ENGINE and EVP_CIPHER could be used). */	107	* ENGINE and EVP_CIPHER could be used). */
108	if(ctx->engine)	108	EVP_CIPHER_CTX_cleanup(ctx);
109	ENGINE_finish(ctx->engine);	109
		110	/* Restore encrypt field: it is zeroed by cleanup */
		111	ctx->encrypt = enc;
110	if(impl)	112	if(impl)
111	{	113	{
112	if (!ENGINE_init(impl))	114	if (!ENGINE_init(impl))
@@ -140,6 +142,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *imp
140	}	142	}
141	else	143	else
142	ctx->engine = NULL;	144	ctx->engine = NULL;
		145
143	ctx->cipher=cipher;	146	ctx->cipher=cipher;
144	ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);	147	ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
145	ctx->key_len = cipher->key_len;	148	ctx->key_len = cipher->key_len;
@@ -303,7 +306,6 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
303	{	306	{
304	int ret;	307	int ret;
305	ret = EVP_EncryptFinal_ex(ctx, out, outl);	308	ret = EVP_EncryptFinal_ex(ctx, out, outl);
306	EVP_CIPHER_CTX_cleanup(ctx);
307	return ret;	309	return ret;
308	}	310	}
309		311
@@ -314,14 +316,12 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
314	b=ctx->cipher->block_size;	316	b=ctx->cipher->block_size;
315	if (b == 1)	317	if (b == 1)
316	{	318	{
317	EVP_CIPHER_CTX_cleanup(ctx);
318	*outl=0;	319	*outl=0;
319	return 1;	320	return 1;
320	}	321	}
321	bl=ctx->buf_len;	322	bl=ctx->buf_len;
322	if (ctx->flags & EVP_CIPH_NO_PADDING)	323	if (ctx->flags & EVP_CIPH_NO_PADDING)
323	{	324	{
324	EVP_CIPHER_CTX_cleanup(ctx);
325	if(bl)	325	if(bl)
326	{	326	{
327	EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);	327	EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
@@ -336,7 +336,6 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
336	ctx->buf[i]=n;	336	ctx->buf[i]=n;
337	ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);	337	ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
338		338
339	EVP_CIPHER_CTX_cleanup(ctx);
340		339
341	if(ret)	340	if(ret)
342	*outl=b;	341	*outl=b;
@@ -394,7 +393,6 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
394	{	393	{
395	int ret;	394	int ret;
396	ret = EVP_DecryptFinal_ex(ctx, out, outl);	395	ret = EVP_DecryptFinal_ex(ctx, out, outl);
397	EVP_CIPHER_CTX_cleanup(ctx);
398	return ret;	396	return ret;
399	}	397	}
400		398
@@ -407,7 +405,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
407	b=ctx->cipher->block_size;	405	b=ctx->cipher->block_size;
408	if (ctx->flags & EVP_CIPH_NO_PADDING)	406	if (ctx->flags & EVP_CIPH_NO_PADDING)
409	{	407	{
410	EVP_CIPHER_CTX_cleanup(ctx);
411	if(ctx->buf_len)	408	if(ctx->buf_len)
412	{	409	{
413	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);	410	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
@@ -420,14 +417,12 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
420	{	417	{
421	if (ctx->buf_len \|\| !ctx->final_used)	418	if (ctx->buf_len \|\| !ctx->final_used)
422	{	419	{
423	EVP_CIPHER_CTX_cleanup(ctx);
424	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);	420	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
425	return(0);	421	return(0);
426	}	422	}
427	n=ctx->final[b-1];	423	n=ctx->final[b-1];
428	if (n > b)	424	if (n > b)
429	{	425	{
430	EVP_CIPHER_CTX_cleanup(ctx);
431	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);	426	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
432	return(0);	427	return(0);
433	}	428	}
@@ -435,7 +430,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
435	{	430	{
436	if (ctx->final[--b] != n)	431	if (ctx->final[--b] != n)
437	{	432	{
438	EVP_CIPHER_CTX_cleanup(ctx);
439	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);	433	EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
440	return(0);	434	return(0);
441	}	435	}
@@ -447,17 +441,21 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
447	}	441	}
448	else	442	else
449	*outl=0;	443	*outl=0;
450	EVP_CIPHER_CTX_cleanup(ctx);
451	return(1);	444	return(1);
452	}	445	}
453		446
454	int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)	447	int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
455	{	448	{
456	if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))	449	if (c->cipher != NULL)
457	{	450	{
458	if(!c->cipher->cleanup(c)) return 0;	451	if(c->cipher->cleanup && !c->cipher->cleanup(c))
		452	return 0;
		453	/* Zero cipher context data */
		454	if (c->cipher_data)
		455	memset(c->cipher_data, 0, c->cipher->ctx_size);
459	}	456	}
460	OPENSSL_free(c->cipher_data);	457	if (c->cipher_data)
		458	OPENSSL_free(c->cipher_data);
461	if (c->engine)	459	if (c->engine)
462	/* The EVP_CIPHER we used belongs to an ENGINE, release the	460	/* The EVP_CIPHER we used belongs to an ENGINE, release the
463	* functional reference we held for this reason. */	461	* functional reference we held for this reason. */


diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c index 3607fe7776..decd0713d6 100644 --- a/src/lib/libcrypto/evp/evp_test.c +++ b/src/lib/libcrypto/evp/evp_test.c
@@ -209,6 +209,8 @@ static void test1(const EVP_CIPHER c,const unsigned char key,int kn,
209	exit(9);	209	exit(9);
210	}	210	}
211		211
		212	EVP_CIPHER_CTX_cleanup(&ctx);
		213
212	printf("\n");	214	printf("\n");
213	}	215	}
214		216
@@ -279,6 +281,8 @@ static int test_digest(const char *digest,
279		281
280	printf("\n");	282	printf("\n");
281		283
		284	EVP_MD_CTX_cleanup(&ctx);
		285
282	return 1;	286	return 1;
283	}	287	}
284		288


diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c index 5570ca3745..37e547fe72 100644 --- a/src/lib/libcrypto/evp/p_seal.c +++ b/src/lib/libcrypto/evp/p_seal.c
@@ -106,8 +106,10 @@ int inl;
106	}	106	}
107	*/	107	*/
108		108
109	void EVP_SealFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)	109	int EVP_SealFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
110	{	110	{
111	EVP_EncryptFinal_ex(ctx,out,outl);	111	int i;
		112	i = EVP_EncryptFinal_ex(ctx,out,outl);
112	EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);	113	EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
		114	return i;
113	}	115	}