Have other crypto/evp files include evp_locl.h

Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: N Rich Salz <rsalz@openssl.org>

Have other crypto/evp files include evp_locl.h
Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: N Rich Salz <rsalz@openssl.org>
77a01145 · Richard Levitte · 7638370c · 77a01145 · 77a01145 · 77a01145
8 changed file
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -61,6 +61,7 @@
 #include "internal/cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/evp.h>
+#include "evp_locl.h"
 /*
 * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest

--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -149,7 +149,7 @@ typedef struct ok_struct {
    size_t buf_off_save;
    int cont;                   /* <= 0 when finished */
    int finished;
-    EVP_MD_CTX md;
+    EVP_MD_CTX *md;
    int blockout;               /* output block is ready */
    int sigio;                  /* must process signature */
    unsigned char buf[IOBS];
@@ -182,7 +182,7 @@ static int ok_new(BIO *bi)
    ctx->cont = 1;
    ctx->sigio = 1;
-    EVP_MD_CTX_init(&ctx->md);
+    ctx->md = EVP_MD_CTX_create();
    bi->init = 0;
    bi->ptr = (char *)ctx;
    bi->flags = 0;
@@ -193,7 +193,7 @@ static int ok_free(BIO *a)
 {
    if (a == NULL)
        return (0);
-    EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
+    EVP_MD_CTX_destroy(((BIO_OK_CTX *)a->ptr)->md);
    OPENSSL_clear_free(a->ptr, sizeof(BIO_OK_CTX));
    a->ptr = NULL;
    a->init = 0;
@@ -412,14 +412,14 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
        break;
    case BIO_C_SET_MD:
        md = ptr;
-        if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+        if (!EVP_DigestInit_ex(ctx->md, md, NULL))
            return 0;
        b->init = 1;
        break;
    case BIO_C_GET_MD:
        if (b->init) {
            ppmd = ptr;
-            *ppmd = ctx->md.digest;
+            *ppmd = EVP_MD_CTX_md(ctx->md);
        } else
            ret = 0;
        break;
@@ -468,30 +468,36 @@ static int sig_out(BIO *b)
 {
    BIO_OK_CTX *ctx;
    EVP_MD_CTX *md;
+    const EVP_MD *digest;
+    int md_size;
+    void *md_data;
    ctx = b->ptr;
-    md = &ctx->md;
+    md = ctx->md;
+    digest = EVP_MD_CTX_md(md);
+    md_size = EVP_MD_size(digest);
+    md_data = EVP_MD_CTX_md_data(md);
-    if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE)
+    if (ctx->buf_len + 2 * md_size > OK_BLOCK_SIZE)
        return 1;
-    if (!EVP_DigestInit_ex(md, md->digest, NULL))
+    if (!EVP_DigestInit_ex(md, digest, NULL))
        goto berr;
    /*
     * FIXME: there's absolutely no guarantee this makes any sense at all,
     * particularly now EVP_MD_CTX has been restructured.
     */
-    if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
+    if (RAND_bytes(md_data, md_size) <= 0)
        goto berr;
-    memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
+    memcpy(&(ctx->buf[ctx->buf_len]), md_data, md_size);
-    longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
+    longswap(&(ctx->buf[ctx->buf_len]), md_size);
-    ctx->buf_len += md->digest->md_size;
+    ctx->buf_len += md_size;
    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
        goto berr;
    if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
        goto berr;
-    ctx->buf_len += md->digest->md_size;
+    ctx->buf_len += md_size;
    ctx->blockout = 1;
    ctx->sigio = 0;
    return 1;
@@ -506,25 +512,31 @@ static int sig_in(BIO *b)
    EVP_MD_CTX *md;
    unsigned char tmp[EVP_MAX_MD_SIZE];
    int ret = 0;
+    const EVP_MD *digest;
+    int md_size;
+    void *md_data;
    ctx = b->ptr;
-    md = &ctx->md;
+    md = ctx->md;
+    digest = EVP_MD_CTX_md(md);
+    md_size = EVP_MD_size(digest);
+    md_data = EVP_MD_CTX_md_data(md);
-    if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
+    if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md_size)
        return 1;
-    if (!EVP_DigestInit_ex(md, md->digest, NULL))
+    if (!EVP_DigestInit_ex(md, digest, NULL))
        goto berr;
-    memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
+    memcpy(md_data, &(ctx->buf[ctx->buf_off]), md_size);
-    longswap(md->md_data, md->digest->md_size);
+    longswap(md_data, md_size);
-    ctx->buf_off += md->digest->md_size;
+    ctx->buf_off += md_size;
    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
        goto berr;
    if (!EVP_DigestFinal_ex(md, tmp, NULL))
        goto berr;
-    ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
+    ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md_size) == 0;
-    ctx->buf_off += md->digest->md_size;
+    ctx->buf_off += md_size;
    if (ret == 1) {
        ctx->sigio = 0;
        if (ctx->buf_len != ctx->buf_off) {
@@ -547,9 +559,13 @@ static int block_out(BIO *b)
    BIO_OK_CTX *ctx;
    EVP_MD_CTX *md;
    unsigned long tl;
+    const EVP_MD *digest;
+    int md_size;
    ctx = b->ptr;
-    md = &ctx->md;
+    md = ctx->md;
+    digest = EVP_MD_CTX_md(md);
+    md_size = EVP_MD_size(digest);
    tl = ctx->buf_len - OK_BLOCK_BLOCK;
    ctx->buf[0] = (unsigned char)(tl >> 24);
@@ -561,7 +577,7 @@ static int block_out(BIO *b)
        goto berr;
    if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
        goto berr;
-    ctx->buf_len += md->digest->md_size;
+    ctx->buf_len += md_size;
    ctx->blockout = 1;
    return 1;
 berr:
@@ -575,9 +591,11 @@ static int block_in(BIO *b)
    EVP_MD_CTX *md;
    unsigned long tl = 0;
    unsigned char tmp[EVP_MAX_MD_SIZE];
+    int md_size;
    ctx = b->ptr;
-    md = &ctx->md;
+    md = ctx->md;
+    md_size = EVP_MD_size(EVP_MD_CTX_md(md));
    assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
    tl = ctx->buf[0];
@@ -588,7 +606,7 @@ static int block_in(BIO *b)
    tl <<= 8;
    tl |= ctx->buf[3];
-    if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size)
+    if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md_size)
        return 1;
    if (!EVP_DigestUpdate(md,
@@ -596,10 +614,9 @@ static int block_in(BIO *b)
        goto berr;
    if (!EVP_DigestFinal_ex(md, tmp, NULL))
        goto berr;
-    if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) ==
+    if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md_size) == 0) {
-        0) {
        /* there might be parts from next block lurking around ! */
-        ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size;
+        ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md_size;
        ctx->buf_len_save = ctx->buf_len;
        ctx->buf_off = OK_BLOCK_BLOCK;
        ctx->buf_len = tl + OK_BLOCK_BLOCK;

--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -116,6 +116,7 @@
 #ifndef OPENSSL_NO_ENGINE
 # include <openssl/engine.h>
 #endif
+#include "evp_locl.h"
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
 {

--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -123,7 +123,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
                   int datal, int count, unsigned char *key,
                   unsigned char *iv)
 {
-    EVP_MD_CTX c;
+    EVP_MD_CTX *c;
    unsigned char md_buf[EVP_MAX_MD_SIZE];
    int niv, nkey, addmd = 0;
    unsigned int mds = 0, i;
@@ -136,27 +136,29 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
    if (data == NULL)
        return (nkey);
-    EVP_MD_CTX_init(&c);
+    c = EVP_MD_CTX_create();
+    if (c == NULL)
+        goto err;
    for (;;) {
-        if (!EVP_DigestInit_ex(&c, md, NULL))
+        if (!EVP_DigestInit_ex(c, md, NULL))
            goto err;
        if (addmd++)
-            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+            if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
                goto err;
-        if (!EVP_DigestUpdate(&c, data, datal))
+        if (!EVP_DigestUpdate(c, data, datal))
            goto err;
        if (salt != NULL)
-            if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
+            if (!EVP_DigestUpdate(c, salt, PKCS5_SALT_LEN))
                goto err;
-        if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+        if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
            goto err;
        for (i = 1; i < (unsigned int)count; i++) {
-            if (!EVP_DigestInit_ex(&c, md, NULL))
+            if (!EVP_DigestInit_ex(c, md, NULL))
                goto err;
-            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+            if (!EVP_DigestUpdate(c, &(md_buf[0]), mds))
                goto err;
-            if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+            if (!EVP_DigestFinal_ex(c, &(md_buf[0]), &mds))
                goto err;
        }
        i = 0;
@@ -189,7 +191,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
    }
    rv = type->key_len;
 err:
-    EVP_MD_CTX_cleanup(&c);
+    EVP_MD_CTX_destroy(c);
    OPENSSL_cleanse(md_buf, sizeof(md_buf));
    return rv;
 }
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -63,6 +63,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include "internal/evp_int.h"
+#include "evp_locl.h"
 static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
@@ -157,16 +158,15 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
            else
                r = EVP_DigestFinal_ex(ctx, md, &mdlen);
        } else {
-            EVP_MD_CTX tmp_ctx;
+            EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create();
-            EVP_MD_CTX_init(&tmp_ctx);
+            if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx))
-            if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
                return 0;
            if (sctx)
-                r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
+                r = tmp_ctx->pctx->pmeth->signctx(tmp_ctx->pctx,
-                                                 sigret, siglen, &tmp_ctx);
+                                                  sigret, siglen, tmp_ctx);
            else
-                r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
+                r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);
-            EVP_MD_CTX_cleanup(&tmp_ctx);
+            EVP_MD_CTX_destroy(tmp_ctx);
        }
        if (sctx || !r)
            return r;
@@ -203,16 +203,15 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
        } else
            r = EVP_DigestFinal_ex(ctx, md, &mdlen);
    } else {
-        EVP_MD_CTX tmp_ctx;
+        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create();
-        EVP_MD_CTX_init(&tmp_ctx);
+        if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx))
-        if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
            return -1;
        if (vctx) {
-            r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
+            r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx,
-                                               sig, siglen, &tmp_ctx);
+                                                sig, siglen, tmp_ctx);
        } else
-            r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
+            r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
+        EVP_MD_CTX_destroy(tmp_ctx);
    }
    if (vctx || !r)
        return r;

--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -75,7 +75,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
                       ASN1_TYPE *param, const EVP_CIPHER *cipher,
                       const EVP_MD *md, int en_de)
 {
-    EVP_MD_CTX ctx;
+    EVP_MD_CTX *ctx;
    unsigned char md_tmp[EVP_MAX_MD_SIZE];
    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
    int i;
@@ -84,7 +84,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
    unsigned char *salt;
    int mdsize;
    int rv = 0;
-    EVP_MD_CTX_init(&ctx);
    /* Extract useful info from parameter */
    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
@@ -111,24 +110,30 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
    else if (passlen == -1)
        passlen = strlen(pass);
-    if (!EVP_DigestInit_ex(&ctx, md, NULL))
+    ctx = EVP_MD_CTX_create();
+    if (ctx == NULL) {
+        EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, ERR_R_MALLOC_FAILURE);
        goto err;
-    if (!EVP_DigestUpdate(&ctx, pass, passlen))
+    }
+    if (!EVP_DigestInit_ex(ctx, md, NULL))
+        goto err;
+    if (!EVP_DigestUpdate(ctx, pass, passlen))
        goto err;
-    if (!EVP_DigestUpdate(&ctx, salt, saltlen))
+    if (!EVP_DigestUpdate(ctx, salt, saltlen))
        goto err;
    PBEPARAM_free(pbe);
-    if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+    if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL))
        goto err;
    mdsize = EVP_MD_size(md);
    if (mdsize < 0)
        return 0;
    for (i = 1; i < iter; i++) {
-        if (!EVP_DigestInit_ex(&ctx, md, NULL))
+        if (!EVP_DigestInit_ex(ctx, md, NULL))
            goto err;
-        if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
+        if (!EVP_DigestUpdate(ctx, md_tmp, mdsize))
            goto err;
-        if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+        if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL))
            goto err;
    }
    OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
@@ -143,6 +148,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
    OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
    rv = 1;
 err:
-    EVP_MD_CTX_cleanup(&ctx);
+    EVP_MD_CTX_destroy(ctx);
    return rv;
 }
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -72,17 +72,20 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
    EVP_PKEY_CTX *pkctx = NULL;
    *siglen = 0;
-    if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
+    if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {
        if (!EVP_DigestFinal_ex(ctx, m, &m_len))
            goto err;
    } else {
        int rv = 0;
-        EVP_MD_CTX tmp_ctx;
+        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create();
-        EVP_MD_CTX_init(&tmp_ctx);
+        if (tmp_ctx == NULL) {
-        rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
+            EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
        if (rv)
-            rv = EVP_DigestFinal_ex(&tmp_ctx, m, &m_len);
+            rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
+        EVP_MD_CTX_destroy(tmp_ctx);
        if (!rv)
            return 0;
    }
@@ -101,6 +104,6 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
    *siglen = sltmp;
    i = 1;
 err:
-        EVP_PKEY_CTX_free(pkctx);
+    EVP_PKEY_CTX_free(pkctx);
-        return i;
+    return i;
 }
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -70,17 +70,20 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
    int i = 0;
    EVP_PKEY_CTX *pkctx = NULL;
-    if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
+    if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {
        if (!EVP_DigestFinal_ex(ctx, m, &m_len))
            goto err;
    } else {
        int rv = 0;
-        EVP_MD_CTX tmp_ctx;
+        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create();
-        EVP_MD_CTX_init(&tmp_ctx);
+        if (tmp_ctx == NULL) {
-        rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
+            EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
        if (rv)
-            rv = EVP_DigestFinal_ex(&tmp_ctx, m, &m_len);
+            rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
+        EVP_MD_CTX_destroy(tmp_ctx);
        if (!rv)
            return 0;
    }