1 files changed, 237 insertions, 17 deletions
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index c560733568..a969ac69ed 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -55,38 +55,258 @@
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/objects.h>
 #include <openssl/evp.h>
+#include <openssl/engine.h>
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+        {
+        memset(ctx,'\0',sizeof *ctx);
+        }
+EVP_MD_CTX *EVP_MD_CTX_create(void)
+        {
+        EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
+        EVP_MD_CTX_init(ctx);
+        return ctx;
+        }
+int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+        {
+        EVP_MD_CTX_init(ctx);
+        return EVP_DigestInit_ex(ctx, type, NULL);
+        }
-void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
        {
-        ctx->digest=type;
+        EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
-        type->init(&(ctx->md));
+        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
+         * so this context may already have an ENGINE! Try to avoid releasing
+         * the previous handle, re-querying for an ENGINE, and having a
+         * reinitialisation, when it may all be unecessary. */
+        if (ctx->engine && ctx->digest && (!type ||
+                        (type && (type->type == ctx->digest->type))))
+                goto skip_to_init;
+        if (type)
+                {
+                /* Ensure an ENGINE left lying around from last time is cleared
+                 * (the previous check attempted to avoid this if the same
+                 * ENGINE and EVP_MD could be used). */
+                if(ctx->engine)
+                        ENGINE_finish(ctx->engine);
+                if(impl)
+                        {
+                        if (!ENGINE_init(impl))
+                                {
+                                EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
+                                return 0;
+                                }
+                        }
+                else
+                        /* Ask if an ENGINE is reserved for this job */
+                        impl = ENGINE_get_digest_engine(type->type);
+                if(impl)
+                        {
+                        /* There's an ENGINE for this job ... (apparently) */
+                        const EVP_MD *d = ENGINE_get_digest(impl, type->type);
+                        if(!d)
+                                {
+                                /* Same comment from evp_enc.c */
+                                EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
+                                return 0;
+                                }
+                        /* We'll use the ENGINE's private digest definition */
+                        type = d;
+                        /* Store the ENGINE functional reference so we know
+                         * 'type' came from an ENGINE and we need to release
+                         * it when done. */
+                        ctx->engine = impl;
+                        }
+                else
+                        ctx->engine = NULL;
+                }
+        else if(!ctx->digest)
+                {
+                EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
+                return 0;
+                }
+        if (ctx->digest != type)
+                {
+                if (ctx->digest && ctx->digest->ctx_size)
+                        OPENSSL_free(ctx->md_data);
+                ctx->digest=type;
+                if (type->ctx_size)
+                        ctx->md_data=OPENSSL_malloc(type->ctx_size);
+                }
+skip_to_init:
+        return ctx->digest->init(ctx);
        }
-void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
             unsigned int count)
        {
-        ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
+        return ctx->digest->update(ctx,data,(unsigned long)count);
+        }
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+        {
+        int ret;
+        ret = EVP_DigestFinal_ex(ctx, md, size);
+        EVP_MD_CTX_cleanup(ctx);
+        return ret;
        }
-void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
        {
-        ctx->digest->final(md,&(ctx->md.base[0]));
+        int ret;
+        ret=ctx->digest->final(ctx,md);
        if (size != NULL)
                *size=ctx->digest->md_size;
-        memset(&(ctx->md),0,sizeof(ctx->md));
+        if (ctx->digest->cleanup)
+                {
+                ctx->digest->cleanup(ctx);
+                EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
+                }
+        memset(ctx->md_data,0,ctx->digest->ctx_size);
+        return ret;
+        }
+int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+        {
+        EVP_MD_CTX_init(out);
+        return EVP_MD_CTX_copy_ex(out, in);
+        }
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+        {
+        if ((in == NULL) || (in->digest == NULL))
+                {
+                EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
+                return 0;
+                }
+        /* Make sure it's safe to copy a digest context using an ENGINE */
+        if (in->engine && !ENGINE_init(in->engine))
+                {
+                EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
+                return 0;
+                }
+        EVP_MD_CTX_cleanup(out);
+        memcpy(out,in,sizeof *out);
+        if (out->digest->ctx_size)
+                {
+                out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+                memcpy(out->md_data,in->md_data,out->digest->ctx_size);
+                }
+        
+        if (out->digest->copy)
+                return out->digest->copy(out,in);
+        
+        return 1;
+        }
+int EVP_Digest(void *data, unsigned int count,
+                unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
+        {
+        EVP_MD_CTX ctx;
+        int ret;
+        EVP_MD_CTX_init(&ctx);
+        EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
+        ret=EVP_DigestInit_ex(&ctx, type, impl)
+          && EVP_DigestUpdate(&ctx, data, count)
+          && EVP_DigestFinal_ex(&ctx, md, size);
+        EVP_MD_CTX_cleanup(&ctx);
+        return ret;
        }
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in)
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
-{
+        {
-    if ((in == NULL) || (in->digest == NULL)) {
+        EVP_MD_CTX_cleanup(ctx);
-        EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
+        OPENSSL_free(ctx);
-        return 0;
+        }
-    }
-    memcpy((char *)out,(char *)in,in->digest->ctx_size);
+/* This call frees resources associated with the context */
-    return 1;
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
-}    
+        {
+        /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
+         * because sometimes only copies of the context are ever finalised.
+         */
+        if (ctx->digest && ctx->digest->cleanup
+            && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
+                ctx->digest->cleanup(ctx);
+        if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
+                {
+                memset(ctx->md_data,0,ctx->digest->ctx_size);
+                OPENSSL_free(ctx->md_data);
+                }
+        if(ctx->engine)
+                /* The EVP_MD we used belongs to an ENGINE, release the
+                 * functional reference we held for this reason. */
+                ENGINE_finish(ctx->engine);
+        memset(ctx,'\0',sizeof *ctx);
+        return 1;
+        }

diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index c560733568..a969ac69ed 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c
@@ -55,38 +55,258 @@
55	* copied and put under another distribution licence	55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
		58	/* ====================================================================
		59	* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
		60	*
		61	* Redistribution and use in source and binary forms, with or without
		62	* modification, are permitted provided that the following conditions
		63	* are met:
		64	*
		65	* 1. Redistributions of source code must retain the above copyright
		66	* notice, this list of conditions and the following disclaimer.
		67	*
		68	* 2. Redistributions in binary form must reproduce the above copyright
		69	* notice, this list of conditions and the following disclaimer in
		70	* the documentation and/or other materials provided with the
		71	* distribution.
		72	*
		73	* 3. All advertising materials mentioning features or use of this
		74	* software must display the following acknowledgment:
		75	* "This product includes software developed by the OpenSSL Project
		76	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
		77	*
		78	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
		79	* endorse or promote products derived from this software without
		80	* prior written permission. For written permission, please contact
		81	* openssl-core@openssl.org.
		82	*
		83	* 5. Products derived from this software may not be called "OpenSSL"
		84	* nor may "OpenSSL" appear in their names without prior written
		85	* permission of the OpenSSL Project.
		86	*
		87	* 6. Redistributions of any form whatsoever must retain the following
		88	* acknowledgment:
		89	* "This product includes software developed by the OpenSSL Project
		90	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
		91	*
		92	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
		93	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		94	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		95	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
		96	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
		97	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		98	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		99	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
		100	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
		101	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
		102	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
		103	* OF THE POSSIBILITY OF SUCH DAMAGE.
		104	* ====================================================================
		105	*
		106	* This product includes cryptographic software written by Eric Young
		107	* (eay@cryptsoft.com). This product includes software written by Tim
		108	* Hudson (tjh@cryptsoft.com).
		109	*
		110	*/
58		111
59	#include <stdio.h>	112	#include <stdio.h>
60	#include "cryptlib.h"	113	#include "cryptlib.h"
61	#include <openssl/objects.h>	114	#include <openssl/objects.h>
62	#include <openssl/evp.h>	115	#include <openssl/evp.h>
		116	#include <openssl/engine.h>
		117
		118	void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
		119	{
		120	memset(ctx,'\0',sizeof *ctx);
		121	}
		122
		123	EVP_MD_CTX *EVP_MD_CTX_create(void)
		124	{
		125	EVP_MD_CTX ctx=OPENSSL_malloc(sizeof ctx);
		126
		127	EVP_MD_CTX_init(ctx);
		128
		129	return ctx;
		130	}
		131
		132	int EVP_DigestInit(EVP_MD_CTX ctx, const EVP_MD type)
		133	{
		134	EVP_MD_CTX_init(ctx);
		135	return EVP_DigestInit_ex(ctx, type, NULL);
		136	}
63		137
64	void EVP_DigestInit(EVP_MD_CTX ctx, const EVP_MD type)	138	int EVP_DigestInit_ex(EVP_MD_CTX ctx, const EVP_MD type, ENGINE *impl)
65	{	139	{
66	ctx->digest=type;	140	EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
67	type->init(&(ctx->md));	141	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
		142	* so this context may already have an ENGINE! Try to avoid releasing
		143	* the previous handle, re-querying for an ENGINE, and having a
		144	* reinitialisation, when it may all be unecessary. */
		145	if (ctx->engine && ctx->digest && (!type \|\|
		146	(type && (type->type == ctx->digest->type))))
		147	goto skip_to_init;
		148	if (type)
		149	{
		150	/* Ensure an ENGINE left lying around from last time is cleared
		151	* (the previous check attempted to avoid this if the same
		152	* ENGINE and EVP_MD could be used). */
		153	if(ctx->engine)
		154	ENGINE_finish(ctx->engine);
		155	if(impl)
		156	{
		157	if (!ENGINE_init(impl))
		158	{
		159	EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
		160	return 0;
		161	}
		162	}
		163	else
		164	/* Ask if an ENGINE is reserved for this job */
		165	impl = ENGINE_get_digest_engine(type->type);
		166	if(impl)
		167	{
		168	/* There's an ENGINE for this job ... (apparently) */
		169	const EVP_MD *d = ENGINE_get_digest(impl, type->type);
		170	if(!d)
		171	{
		172	/* Same comment from evp_enc.c */
		173	EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
		174	return 0;
		175	}
		176	/* We'll use the ENGINE's private digest definition */
		177	type = d;
		178	/* Store the ENGINE functional reference so we know
		179	* 'type' came from an ENGINE and we need to release
		180	* it when done. */
		181	ctx->engine = impl;
		182	}
		183	else
		184	ctx->engine = NULL;
		185	}
		186	else if(!ctx->digest)
		187	{
		188	EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
		189	return 0;
		190	}
		191	if (ctx->digest != type)
		192	{
		193	if (ctx->digest && ctx->digest->ctx_size)
		194	OPENSSL_free(ctx->md_data);
		195	ctx->digest=type;
		196	if (type->ctx_size)
		197	ctx->md_data=OPENSSL_malloc(type->ctx_size);
		198	}
		199	skip_to_init:
		200	return ctx->digest->init(ctx);
68	}	201	}
69		202
70	void EVP_DigestUpdate(EVP_MD_CTX ctx, const void data,	203	int EVP_DigestUpdate(EVP_MD_CTX ctx, const void data,
71	unsigned int count)	204	unsigned int count)
72	{	205	{
73	ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);	206	return ctx->digest->update(ctx,data,(unsigned long)count);
		207	}
		208
		209	/* The caller can assume that this removes any secret data from the context */
		210	int EVP_DigestFinal(EVP_MD_CTX ctx, unsigned char md, unsigned int *size)
		211	{
		212	int ret;
		213	ret = EVP_DigestFinal_ex(ctx, md, size);
		214	EVP_MD_CTX_cleanup(ctx);
		215	return ret;
74	}	216	}
75		217
76	void EVP_DigestFinal(EVP_MD_CTX ctx, unsigned char md, unsigned int *size)	218	/* The caller can assume that this removes any secret data from the context */
		219	int EVP_DigestFinal_ex(EVP_MD_CTX ctx, unsigned char md, unsigned int *size)
77	{	220	{
78	ctx->digest->final(md,&(ctx->md.base[0]));	221	int ret;
		222	ret=ctx->digest->final(ctx,md);
79	if (size != NULL)	223	if (size != NULL)
80	*size=ctx->digest->md_size;	224	*size=ctx->digest->md_size;
81	memset(&(ctx->md),0,sizeof(ctx->md));	225	if (ctx->digest->cleanup)
		226	{
		227	ctx->digest->cleanup(ctx);
		228	EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
		229	}
		230	memset(ctx->md_data,0,ctx->digest->ctx_size);
		231	return ret;
		232	}
		233
		234	int EVP_MD_CTX_copy(EVP_MD_CTX out, const EVP_MD_CTX in)
		235	{
		236	EVP_MD_CTX_init(out);
		237	return EVP_MD_CTX_copy_ex(out, in);
		238	}
		239
		240	int EVP_MD_CTX_copy_ex(EVP_MD_CTX out, const EVP_MD_CTX in)
		241	{
		242	if ((in == NULL) \|\| (in->digest == NULL))
		243	{
		244	EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
		245	return 0;
		246	}
		247	/* Make sure it's safe to copy a digest context using an ENGINE */
		248	if (in->engine && !ENGINE_init(in->engine))
		249	{
		250	EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
		251	return 0;
		252	}
		253
		254	EVP_MD_CTX_cleanup(out);
		255	memcpy(out,in,sizeof *out);
		256
		257	if (out->digest->ctx_size)
		258	{
		259	out->md_data=OPENSSL_malloc(out->digest->ctx_size);
		260	memcpy(out->md_data,in->md_data,out->digest->ctx_size);
		261	}
		262
		263	if (out->digest->copy)
		264	return out->digest->copy(out,in);
		265
		266	return 1;
		267	}
		268
		269	int EVP_Digest(void *data, unsigned int count,
		270	unsigned char md, unsigned int size, const EVP_MD type, ENGINE impl)
		271	{
		272	EVP_MD_CTX ctx;
		273	int ret;
		274
		275	EVP_MD_CTX_init(&ctx);
		276	EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
		277	ret=EVP_DigestInit_ex(&ctx, type, impl)
		278	&& EVP_DigestUpdate(&ctx, data, count)
		279	&& EVP_DigestFinal_ex(&ctx, md, size);
		280	EVP_MD_CTX_cleanup(&ctx);
		281
		282	return ret;
82	}	283	}
83		284
84	int EVP_MD_CTX_copy(EVP_MD_CTX out, EVP_MD_CTX in)	285	void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
85	{	286	{
86	if ((in == NULL) \|\| (in->digest == NULL)) {	287	EVP_MD_CTX_cleanup(ctx);
87	EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);	288	OPENSSL_free(ctx);
88	return 0;	289	}
89	}	290
90	memcpy((char )out,(char )in,in->digest->ctx_size);	291	/* This call frees resources associated with the context */
91	return 1;	292	int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
92	}	293	{
		294	/* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
		295	* because sometimes only copies of the context are ever finalised.
		296	*/
		297	if (ctx->digest && ctx->digest->cleanup
		298	&& !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
		299	ctx->digest->cleanup(ctx);
		300	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
		301	{
		302	memset(ctx->md_data,0,ctx->digest->ctx_size);
		303	OPENSSL_free(ctx->md_data);
		304	}
		305	if(ctx->engine)
		306	/* The EVP_MD we used belongs to an ENGINE, release the
		307	* functional reference we held for this reason. */
		308	ENGINE_finish(ctx->engine);
		309	memset(ctx,'\0',sizeof *ctx);
		310
		311	return 1;
		312	}