| OLD | NEW |
|---|
| 1 /* crypto/evp/digest.c */ | 1 /* crypto/evp/digest.c */ |
| 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 * All rights reserved. | 3 * All rights reserved. |
| 4 * | 4 * |
| 5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
| 6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
| 7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
| 8 * | 8 * |
| 9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
| 10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 109 * | 109 * |
| 110 */ | 110 */ |
| 111 | 111 |
| 112 #include <stdio.h> | 112 #include <stdio.h> |
| 113 #include "cryptlib.h" | 113 #include "cryptlib.h" |
| 114 #include <openssl/objects.h> | 114 #include <openssl/objects.h> |
| 115 #include <openssl/evp.h> | 115 #include <openssl/evp.h> |
| 116 #ifndef OPENSSL_NO_ENGINE | 116 #ifndef OPENSSL_NO_ENGINE |
| 117 #include <openssl/engine.h> | 117 #include <openssl/engine.h> |
| 118 #endif | 118 #endif |
| 119 #include "evp_locl.h" | |
| 120 | 119 |
| 121 void EVP_MD_CTX_init(EVP_MD_CTX *ctx) | 120 void EVP_MD_CTX_init(EVP_MD_CTX *ctx) |
| 122 { | 121 { |
| 123 memset(ctx,'\0',sizeof *ctx); | 122 memset(ctx,'\0',sizeof *ctx); |
| 124 } | 123 } |
| 125 | 124 |
| 126 EVP_MD_CTX *EVP_MD_CTX_create(void) | 125 EVP_MD_CTX *EVP_MD_CTX_create(void) |
| 127 { | 126 { |
| 128 EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx); | 127 EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx); |
| 129 | 128 |
| 130 if (ctx) | 129 if (ctx) |
| 131 EVP_MD_CTX_init(ctx); | 130 EVP_MD_CTX_init(ctx); |
| 132 | 131 |
| 133 return ctx; | 132 return ctx; |
| 134 } | 133 } |
| 135 | 134 |
| 136 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) | 135 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) |
| 137 { | 136 { |
| 138 EVP_MD_CTX_init(ctx); | 137 EVP_MD_CTX_init(ctx); |
| 139 return EVP_DigestInit_ex(ctx, type, NULL); | 138 return EVP_DigestInit_ex(ctx, type, NULL); |
| 140 } | 139 } |
| 141 | 140 |
| 142 #ifdef OPENSSL_FIPS | 141 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) |
| 143 | |
| 144 /* The purpose of these is to trap programs that attempt to use non FIPS | |
| 145 * algorithms in FIPS mode and ignore the errors. | |
| 146 */ | |
| 147 | |
| 148 static int bad_init(EVP_MD_CTX *ctx) | |
| 149 » { FIPS_ERROR_IGNORED("Digest init"); return 0;} | |
| 150 | |
| 151 static int bad_update(EVP_MD_CTX *ctx,const void *data,size_t count) | |
| 152 » { FIPS_ERROR_IGNORED("Digest update"); return 0;} | |
| 153 | |
| 154 static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) | |
| 155 » { FIPS_ERROR_IGNORED("Digest Final"); return 0;} | |
| 156 | |
| 157 static const EVP_MD bad_md = | |
| 158 { | 142 { |
| 159 » 0, | 143 » EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); |
| 160 » 0, | |
| 161 » 0, | |
| 162 » 0, | |
| 163 » bad_init, | |
| 164 » bad_update, | |
| 165 » bad_final, | |
| 166 » NULL, | |
| 167 » NULL, | |
| 168 » NULL, | |
| 169 » 0, | |
| 170 » {0,0,0,0}, | |
| 171 » }; | |
| 172 | |
| 173 #endif | |
| 174 | |
| 175 #ifndef OPENSSL_NO_ENGINE | 144 #ifndef OPENSSL_NO_ENGINE |
| 176 | 145 » /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts |
| 177 #ifdef OPENSSL_FIPS | 146 » * so this context may already have an ENGINE! Try to avoid releasing |
| 178 | 147 » * the previous handle, re-querying for an ENGINE, and having a |
| 179 static int do_engine_null(ENGINE *impl) { return 0;} | 148 » * reinitialisation, when it may all be unecessary. */ |
| 180 static int do_evp_md_engine_null(EVP_MD_CTX *ctx, | 149 » if (ctx->engine && ctx->digest && (!type || |
| 181 » » » » const EVP_MD **ptype, ENGINE *impl) | 150 » » » (type && (type->type == ctx->digest->type)))) |
| 182 » { return 1; } | 151 » » goto skip_to_init; |
| 183 | 152 » if (type) |
| 184 static int (*do_engine_init)(ENGINE *impl) | |
| 185 » » = do_engine_null; | |
| 186 | |
| 187 static int (*do_engine_finish)(ENGINE *impl) | |
| 188 » » = do_engine_null; | |
| 189 | |
| 190 static int (*do_evp_md_engine) | |
| 191 » (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) | |
| 192 » » = do_evp_md_engine_null; | |
| 193 | |
| 194 void int_EVP_MD_set_engine_callbacks( | |
| 195 » int (*eng_md_init)(ENGINE *impl), | |
| 196 » int (*eng_md_fin)(ENGINE *impl), | |
| 197 » int (*eng_md_evp) | |
| 198 » » (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)) | |
| 199 » { | |
| 200 » do_engine_init = eng_md_init; | |
| 201 » do_engine_finish = eng_md_fin; | |
| 202 » do_evp_md_engine = eng_md_evp; | |
| 203 » } | |
| 204 | |
| 205 #else | |
| 206 | |
| 207 #define do_engine_init» ENGINE_init | |
| 208 #define do_engine_finish ENGINE_finish | |
| 209 | |
| 210 static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) | |
| 211 » { | |
| 212 » if (*ptype) | |
| 213 { | 153 { |
| 214 /* Ensure an ENGINE left lying around from last time is cleared | 154 /* Ensure an ENGINE left lying around from last time is cleared |
| 215 * (the previous check attempted to avoid this if the same | 155 * (the previous check attempted to avoid this if the same |
| 216 * ENGINE and EVP_MD could be used). */ | 156 * ENGINE and EVP_MD could be used). */ |
| 217 if(ctx->engine) | 157 if(ctx->engine) |
| 218 ENGINE_finish(ctx->engine); | 158 ENGINE_finish(ctx->engine); |
| 219 if(impl) | 159 if(impl) |
| 220 { | 160 { |
| 221 if (!ENGINE_init(impl)) | 161 if (!ENGINE_init(impl)) |
| 222 { | 162 { |
| 223 » » » » EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATI
ON_ERROR); | 163 » » » » EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZAT
ION_ERROR); |
| 224 return 0; | 164 return 0; |
| 225 } | 165 } |
| 226 } | 166 } |
| 227 else | 167 else |
| 228 /* Ask if an ENGINE is reserved for this job */ | 168 /* Ask if an ENGINE is reserved for this job */ |
| 229 » » » impl = ENGINE_get_digest_engine((*ptype)->type); | 169 » » » impl = ENGINE_get_digest_engine(type->type); |
| 230 if(impl) | 170 if(impl) |
| 231 { | 171 { |
| 232 /* There's an ENGINE for this job ... (apparently) */ | 172 /* There's an ENGINE for this job ... (apparently) */ |
| 233 » » » const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type
); | 173 » » » const EVP_MD *d = ENGINE_get_digest(impl, type->type); |
| 234 if(!d) | 174 if(!d) |
| 235 { | 175 { |
| 236 /* Same comment from evp_enc.c */ | 176 /* Same comment from evp_enc.c */ |
| 237 » » » » EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATI
ON_ERROR); | 177 » » » » EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZAT
ION_ERROR); |
| 238 ENGINE_finish(impl); | 178 ENGINE_finish(impl); |
| 239 return 0; | 179 return 0; |
| 240 } | 180 } |
| 241 /* We'll use the ENGINE's private digest definition */ | 181 /* We'll use the ENGINE's private digest definition */ |
| 242 » » » *ptype = d; | 182 » » » type = d; |
| 243 /* Store the ENGINE functional reference so we know | 183 /* Store the ENGINE functional reference so we know |
| 244 * 'type' came from an ENGINE and we need to release | 184 * 'type' came from an ENGINE and we need to release |
| 245 * it when done. */ | 185 * it when done. */ |
| 246 ctx->engine = impl; | 186 ctx->engine = impl; |
| 247 } | 187 } |
| 248 else | 188 else |
| 249 ctx->engine = NULL; | 189 ctx->engine = NULL; |
| 250 } | 190 } |
| 251 else | 191 else |
| 252 if(!ctx->digest) | 192 if(!ctx->digest) |
| 253 { | 193 { |
| 254 » » EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_NO_DIGEST_SET); | 194 » » EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); |
| 255 » » return 0; | |
| 256 » » } | |
| 257 » return 1; | |
| 258 » } | |
| 259 | |
| 260 #endif | |
| 261 | |
| 262 #endif | |
| 263 | |
| 264 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |
| 265 » { | |
| 266 » M_EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | |
| 267 #ifdef OPENSSL_FIPS | |
| 268 » if(FIPS_selftest_failed()) | |
| 269 » » { | |
| 270 » » FIPSerr(FIPS_F_EVP_DIGESTINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); | |
| 271 » » ctx->digest = &bad_md; | |
| 272 return 0; | 195 return 0; |
| 273 } | 196 } |
| 274 #endif | 197 #endif |
| 275 #ifndef OPENSSL_NO_ENGINE | |
| 276 /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | |
| 277 * so this context may already have an ENGINE! Try to avoid releasing | |
| 278 * the previous handle, re-querying for an ENGINE, and having a | |
| 279 * reinitialisation, when it may all be unecessary. */ | |
| 280 if (ctx->engine && ctx->digest && (!type || | |
| 281 (type && (type->type == ctx->digest->type)))) | |
| 282 goto skip_to_init; | |
| 283 if (!do_evp_md_engine(ctx, &type, impl)) | |
| 284 return 0; | |
| 285 #endif | |
| 286 if (ctx->digest != type) | 198 if (ctx->digest != type) |
| 287 { | 199 { |
| 288 #ifdef OPENSSL_FIPS | |
| 289 if (FIPS_mode()) | |
| 290 { | |
| 291 if (!(type->flags & EVP_MD_FLAG_FIPS) | |
| 292 && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) | |
| 293 { | |
| 294 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_F
OR_FIPS); | |
| 295 ctx->digest = &bad_md; | |
| 296 return 0; | |
| 297 } | |
| 298 } | |
| 299 #endif | |
| 300 if (ctx->digest && ctx->digest->ctx_size) | 200 if (ctx->digest && ctx->digest->ctx_size) |
| 301 OPENSSL_free(ctx->md_data); | 201 OPENSSL_free(ctx->md_data); |
| 302 ctx->digest=type; | 202 ctx->digest=type; |
| 303 » » if (type->ctx_size) | 203 » » if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) |
| 304 { | 204 { |
| 205 ctx->update = type->update; |
| 305 ctx->md_data=OPENSSL_malloc(type->ctx_size); | 206 ctx->md_data=OPENSSL_malloc(type->ctx_size); |
| 306 » » » if (!ctx->md_data) | 207 » » » if (ctx->md_data == NULL) |
| 307 { | 208 { |
| 308 » » » » EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAI
LURE); | 209 » » » » EVPerr(EVP_F_EVP_DIGESTINIT_EX, |
| 210 » » » » » » » ERR_R_MALLOC_FAILURE); |
| 309 return 0; | 211 return 0; |
| 310 } | 212 } |
| 311 } | 213 } |
| 312 } | 214 } |
| 313 #ifndef OPENSSL_NO_ENGINE | 215 #ifndef OPENSSL_NO_ENGINE |
| 314 » skip_to_init: | 216 skip_to_init: |
| 315 #endif | 217 #endif |
| 218 if (ctx->pctx) |
| 219 { |
| 220 int r; |
| 221 r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, |
| 222 EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); |
| 223 if (r <= 0 && (r != -2)) |
| 224 return 0; |
| 225 } |
| 226 if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) |
| 227 return 1; |
| 316 return ctx->digest->init(ctx); | 228 return ctx->digest->init(ctx); |
| 317 } | 229 } |
| 318 | 230 |
| 319 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, | 231 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) |
| 320 » size_t count) | |
| 321 { | 232 { |
| 322 #ifdef OPENSSL_FIPS | 233 » return ctx->update(ctx,data,count); |
| 323 » FIPS_selftest_check(); | |
| 324 #endif | |
| 325 » return ctx->digest->update(ctx,data,count); | |
| 326 } | 234 } |
| 327 | 235 |
| 328 /* The caller can assume that this removes any secret data from the context */ | 236 /* The caller can assume that this removes any secret data from the context */ |
| 329 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | 237 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) |
| 330 { | 238 { |
| 331 int ret; | 239 int ret; |
| 332 ret = EVP_DigestFinal_ex(ctx, md, size); | 240 ret = EVP_DigestFinal_ex(ctx, md, size); |
| 333 EVP_MD_CTX_cleanup(ctx); | 241 EVP_MD_CTX_cleanup(ctx); |
| 334 return ret; | 242 return ret; |
| 335 } | 243 } |
| 336 | 244 |
| 337 /* The caller can assume that this removes any secret data from the context */ | 245 /* The caller can assume that this removes any secret data from the context */ |
| 338 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | 246 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) |
| 339 { | 247 { |
| 340 int ret; | 248 int ret; |
| 341 #ifdef OPENSSL_FIPS | |
| 342 FIPS_selftest_check(); | |
| 343 #endif | |
| 344 | 249 |
| 345 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); | 250 OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); |
| 346 ret=ctx->digest->final(ctx,md); | 251 ret=ctx->digest->final(ctx,md); |
| 347 if (size != NULL) | 252 if (size != NULL) |
| 348 *size=ctx->digest->md_size; | 253 *size=ctx->digest->md_size; |
| 349 if (ctx->digest->cleanup) | 254 if (ctx->digest->cleanup) |
| 350 { | 255 { |
| 351 ctx->digest->cleanup(ctx); | 256 ctx->digest->cleanup(ctx); |
| 352 » » M_EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | 257 » » EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); |
| 353 } | 258 } |
| 354 memset(ctx->md_data,0,ctx->digest->ctx_size); | 259 memset(ctx->md_data,0,ctx->digest->ctx_size); |
| 355 return ret; | 260 return ret; |
| 356 } | 261 } |
| 357 | 262 |
| 358 int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) | 263 int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) |
| 359 { | 264 { |
| 360 EVP_MD_CTX_init(out); | 265 EVP_MD_CTX_init(out); |
| 361 return EVP_MD_CTX_copy_ex(out, in); | 266 return EVP_MD_CTX_copy_ex(out, in); |
| 362 } | 267 } |
| 363 | 268 |
| 364 int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | 269 int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) |
| 365 { | 270 { |
| 366 unsigned char *tmp_buf; | 271 unsigned char *tmp_buf; |
| 367 if ((in == NULL) || (in->digest == NULL)) | 272 if ((in == NULL) || (in->digest == NULL)) |
| 368 { | 273 { |
| 369 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED); | 274 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED); |
| 370 return 0; | 275 return 0; |
| 371 } | 276 } |
| 372 #ifndef OPENSSL_NO_ENGINE | 277 #ifndef OPENSSL_NO_ENGINE |
| 373 /* Make sure it's safe to copy a digest context using an ENGINE */ | 278 /* Make sure it's safe to copy a digest context using an ENGINE */ |
| 374 » if (in->engine && !do_engine_init(in->engine)) | 279 » if (in->engine && !ENGINE_init(in->engine)) |
| 375 { | 280 { |
| 376 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); | 281 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); |
| 377 return 0; | 282 return 0; |
| 378 } | 283 } |
| 379 #endif | 284 #endif |
| 380 | 285 |
| 381 if (out->digest == in->digest) | 286 if (out->digest == in->digest) |
| 382 { | 287 { |
| 383 tmp_buf = out->md_data; | 288 tmp_buf = out->md_data; |
| 384 » » M_EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); | 289 » » EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); |
| 385 } | 290 } |
| 386 else tmp_buf = NULL; | 291 else tmp_buf = NULL; |
| 387 EVP_MD_CTX_cleanup(out); | 292 EVP_MD_CTX_cleanup(out); |
| 388 memcpy(out,in,sizeof *out); | 293 memcpy(out,in,sizeof *out); |
| 389 | 294 |
| 390 » if (out->digest->ctx_size) | 295 » if (in->md_data && out->digest->ctx_size) |
| 391 { | 296 { |
| 392 if (tmp_buf) | 297 if (tmp_buf) |
| 393 out->md_data = tmp_buf; | 298 out->md_data = tmp_buf; |
| 394 else | 299 else |
| 395 { | 300 { |
| 396 out->md_data=OPENSSL_malloc(out->digest->ctx_size); | 301 out->md_data=OPENSSL_malloc(out->digest->ctx_size); |
| 397 if (!out->md_data) | 302 if (!out->md_data) |
| 398 { | 303 { |
| 399 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAI
LURE); | 304 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAI
LURE); |
| 400 return 0; | 305 return 0; |
| 401 } | 306 } |
| 402 } | 307 } |
| 403 memcpy(out->md_data,in->md_data,out->digest->ctx_size); | 308 memcpy(out->md_data,in->md_data,out->digest->ctx_size); |
| 404 } | 309 } |
| 405 | 310 |
| 311 out->update = in->update; |
| 312 |
| 313 if (in->pctx) |
| 314 { |
| 315 out->pctx = EVP_PKEY_CTX_dup(in->pctx); |
| 316 if (!out->pctx) |
| 317 { |
| 318 EVP_MD_CTX_cleanup(out); |
| 319 return 0; |
| 320 } |
| 321 } |
| 322 |
| 406 if (out->digest->copy) | 323 if (out->digest->copy) |
| 407 return out->digest->copy(out,in); | 324 return out->digest->copy(out,in); |
| 408 | 325 |
| 409 return 1; | 326 return 1; |
| 410 } | 327 } |
| 411 | 328 |
| 412 int EVP_Digest(const void *data, size_t count, | 329 int EVP_Digest(const void *data, size_t count, |
| 413 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGIN
E *impl) | 330 unsigned char *md, unsigned int *size, const EVP_MD *type, ENGIN
E *impl) |
| 414 { | 331 { |
| 415 EVP_MD_CTX ctx; | 332 EVP_MD_CTX ctx; |
| 416 int ret; | 333 int ret; |
| 417 | 334 |
| 418 EVP_MD_CTX_init(&ctx); | 335 EVP_MD_CTX_init(&ctx); |
| 419 » M_EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); | 336 » EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); |
| 420 ret=EVP_DigestInit_ex(&ctx, type, impl) | 337 ret=EVP_DigestInit_ex(&ctx, type, impl) |
| 421 && EVP_DigestUpdate(&ctx, data, count) | 338 && EVP_DigestUpdate(&ctx, data, count) |
| 422 && EVP_DigestFinal_ex(&ctx, md, size); | 339 && EVP_DigestFinal_ex(&ctx, md, size); |
| 423 EVP_MD_CTX_cleanup(&ctx); | 340 EVP_MD_CTX_cleanup(&ctx); |
| 424 | 341 |
| 425 return ret; | 342 return ret; |
| 426 } | 343 } |
| 427 | 344 |
| 428 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) | 345 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) |
| 429 { | 346 { |
| 430 EVP_MD_CTX_cleanup(ctx); | 347 EVP_MD_CTX_cleanup(ctx); |
| 431 OPENSSL_free(ctx); | 348 OPENSSL_free(ctx); |
| 432 } | 349 } |
| 433 | 350 |
| 434 /* This call frees resources associated with the context */ | 351 /* This call frees resources associated with the context */ |
| 435 int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) | 352 int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) |
| 436 { | 353 { |
| 437 /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, | 354 /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, |
| 438 * because sometimes only copies of the context are ever finalised. | 355 * because sometimes only copies of the context are ever finalised. |
| 439 */ | 356 */ |
| 440 if (ctx->digest && ctx->digest->cleanup | 357 if (ctx->digest && ctx->digest->cleanup |
| 441 » && !M_EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) | 358 » && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) |
| 442 ctx->digest->cleanup(ctx); | 359 ctx->digest->cleanup(ctx); |
| 443 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data | 360 if (ctx->digest && ctx->digest->ctx_size && ctx->md_data |
| 444 » && !M_EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) | 361 » && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) |
| 445 { | 362 { |
| 446 OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); | 363 OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); |
| 447 OPENSSL_free(ctx->md_data); | 364 OPENSSL_free(ctx->md_data); |
| 448 } | 365 } |
| 366 if (ctx->pctx) |
| 367 EVP_PKEY_CTX_free(ctx->pctx); |
| 449 #ifndef OPENSSL_NO_ENGINE | 368 #ifndef OPENSSL_NO_ENGINE |
| 450 if(ctx->engine) | 369 if(ctx->engine) |
| 451 /* The EVP_MD we used belongs to an ENGINE, release the | 370 /* The EVP_MD we used belongs to an ENGINE, release the |
| 452 * functional reference we held for this reason. */ | 371 * functional reference we held for this reason. */ |
| 453 » » do_engine_finish(ctx->engine); | 372 » » ENGINE_finish(ctx->engine); |
| 454 #endif | 373 #endif |
| 455 memset(ctx,'\0',sizeof *ctx); | 374 memset(ctx,'\0',sizeof *ctx); |
| 456 | 375 |
| 457 return 1; | 376 return 1; |
| 458 } | 377 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/