1 files changed, 1 insertions, 61 deletions
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index ca3fb219cd..9a2a304250 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.38 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: digest.c,v 1.39 2023/11/19 15:46:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -118,10 +118,6 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
 #include "evp_local.h"
 int
@@ -136,49 +132,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 {
        EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-#ifndef OPENSSL_NO_ENGINE
-        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-         * so this context may already have an ENGINE! Try to avoid releasing
-         * the previous handle, re-querying for an ENGINE, and having a
-         * reinitialisation, when it may all be unnecessary. */
-        if (ctx->engine && ctx->digest && (!type ||
-            (type && (type->type == ctx->digest->type))))
-                goto skip_to_init;
-        if (type) {
-                /* Ensure an ENGINE left lying around from last time is cleared
-                 * (the previous check attempted to avoid this if the same
-                 * ENGINE and EVP_MD could be used). */
-                ENGINE_finish(ctx->engine);
-                if (impl != NULL) {
-                        if (!ENGINE_init(impl)) {
-                                EVPerror(EVP_R_INITIALIZATION_ERROR);
-                                return 0;
-                        }
-                } else
-                        /* Ask if an ENGINE is reserved for this job */
-                        impl = ENGINE_get_digest_engine(type->type);
-                if (impl != NULL) {
-                        /* There's an ENGINE for this job ... (apparently) */
-                        const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-                        if (d == NULL) {
-                                /* Same comment from evp_enc.c */
-                                EVPerror(EVP_R_INITIALIZATION_ERROR);
-                                ENGINE_finish(impl);
-                                return 0;
-                        }
-                        /* We'll use the ENGINE's private digest definition */
-                        type = d;
-                        /* Store the ENGINE functional reference so we know
-                         * 'type' came from an ENGINE and we need to release
-                         * it when done. */
-                        ctx->engine = impl;
-                } else
-                        ctx->engine = NULL;
-        } else if (!ctx->digest) {
-                EVPerror(EVP_R_NO_DIGEST_SET);
-                return 0;
-        }
-#endif
        if (ctx->digest != type) {
                if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
                    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
@@ -197,9 +150,6 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
                        }
                }
        }
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
        if (ctx->pctx) {
                int r;
                r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
@@ -266,13 +216,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
                EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
                return 0;
        }
-#ifndef OPENSSL_NO_ENGINE
-        /* Make sure it's safe to copy a digest context using an ENGINE */
-        if (in->engine && !ENGINE_init(in->engine)) {
-                EVPerror(ERR_R_ENGINE_LIB);
-                return 0;
-        }
-#endif
        if (out->digest == in->digest) {
                tmp_buf = out->md_data;
@@ -397,9 +340,6 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
         */
        if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
                EVP_PKEY_CTX_free(ctx->pctx);
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE_finish(ctx->engine);
-#endif
        memset(ctx, 0, sizeof(*ctx));
        return 1;

diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index ca3fb219cd..9a2a304250 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: digest.c,v 1.38 2023/07/07 19:37:53 beck Exp $ */	1	/* $OpenBSD: digest.c,v 1.39 2023/11/19 15:46:09 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -118,10 +118,6 @@
118	#include <openssl/evp.h>	118	#include <openssl/evp.h>
119	#include <openssl/objects.h>	119	#include <openssl/objects.h>
120		120
121	#ifndef OPENSSL_NO_ENGINE
122	#include <openssl/engine.h>
123	#endif
124
125	#include "evp_local.h"	121	#include "evp_local.h"
126		122
127	int	123	int
@@ -136,49 +132,6 @@ EVP_DigestInit_ex(EVP_MD_CTX ctx, const EVP_MD type, ENGINE *impl)
136	{	132	{
137	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);	133	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
138		134
139	#ifndef OPENSSL_NO_ENGINE
140	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
141	* so this context may already have an ENGINE! Try to avoid releasing
142	* the previous handle, re-querying for an ENGINE, and having a
143	* reinitialisation, when it may all be unnecessary. */
144	if (ctx->engine && ctx->digest && (!type \|\|
145	(type && (type->type == ctx->digest->type))))
146	goto skip_to_init;
147	if (type) {
148	/* Ensure an ENGINE left lying around from last time is cleared
149	* (the previous check attempted to avoid this if the same
150	* ENGINE and EVP_MD could be used). */
151	ENGINE_finish(ctx->engine);
152	if (impl != NULL) {
153	if (!ENGINE_init(impl)) {
154	EVPerror(EVP_R_INITIALIZATION_ERROR);
155	return 0;
156	}
157	} else
158	/* Ask if an ENGINE is reserved for this job */
159	impl = ENGINE_get_digest_engine(type->type);
160	if (impl != NULL) {
161	/* There's an ENGINE for this job ... (apparently) */
162	const EVP_MD *d = ENGINE_get_digest(impl, type->type);
163	if (d == NULL) {
164	/* Same comment from evp_enc.c */
165	EVPerror(EVP_R_INITIALIZATION_ERROR);
166	ENGINE_finish(impl);
167	return 0;
168	}
169	/* We'll use the ENGINE's private digest definition */
170	type = d;
171	/* Store the ENGINE functional reference so we know
172	* 'type' came from an ENGINE and we need to release
173	* it when done. */
174	ctx->engine = impl;
175	} else
176	ctx->engine = NULL;
177	} else if (!ctx->digest) {
178	EVPerror(EVP_R_NO_DIGEST_SET);
179	return 0;
180	}
181	#endif
182	if (ctx->digest != type) {	135	if (ctx->digest != type) {
183	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&	136	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
184	!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {	137	!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
@@ -197,9 +150,6 @@ EVP_DigestInit_ex(EVP_MD_CTX ctx, const EVP_MD type, ENGINE *impl)
197	}	150	}
198	}	151	}
199	}	152	}
200	#ifndef OPENSSL_NO_ENGINE
201	skip_to_init:
202	#endif
203	if (ctx->pctx) {	153	if (ctx->pctx) {
204	int r;	154	int r;
205	r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,	155	r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
@@ -266,13 +216,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX out, const EVP_MD_CTX in)
266	EVPerror(EVP_R_INPUT_NOT_INITIALIZED);	216	EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
267	return 0;	217	return 0;
268	}	218	}
269	#ifndef OPENSSL_NO_ENGINE
270	/* Make sure it's safe to copy a digest context using an ENGINE */
271	if (in->engine && !ENGINE_init(in->engine)) {
272	EVPerror(ERR_R_ENGINE_LIB);
273	return 0;
274	}
275	#endif
276		219
277	if (out->digest == in->digest) {	220	if (out->digest == in->digest) {
278	tmp_buf = out->md_data;	221	tmp_buf = out->md_data;
@@ -397,9 +340,6 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
397	*/	340	*/
398	if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))	341	if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
399	EVP_PKEY_CTX_free(ctx->pctx);	342	EVP_PKEY_CTX_free(ctx->pctx);
400	#ifndef OPENSSL_NO_ENGINE
401	ENGINE_finish(ctx->engine);
402	#endif
403	memset(ctx, 0, sizeof(*ctx));	343	memset(ctx, 0, sizeof(*ctx));
404		344
405	return 1;	345	return 1;