projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
make EVP_PKEY opaque
[openssl.git]
/
crypto
/
cms
/
cms_kari.c
diff --git
a/crypto/cms/cms_kari.c
b/crypto/cms/cms_kari.c
index 77181bc775271ae0022f93ea0de8549bc45ab041..a8dc9ab72e34be7b1e3512cae997587736c0672c 100644
(file)
--- a/
crypto/cms/cms_kari.c
+++ b/
crypto/cms/cms_kari.c
@@
-220,7
+220,7
@@
int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
{
if (ri->type == CMS_RECIPINFO_AGREE)
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
{
if (ri->type == CMS_RECIPINFO_AGREE)
- return
&
ri->d.kari->ctx;
+ return ri->d.kari->ctx;
return NULL;
}
return NULL;
}
@@
-239,22
+239,22
@@
static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
int rv = 0;
unsigned char *out = NULL;
int outlen;
int rv = 0;
unsigned char *out = NULL;
int outlen;
- keklen = EVP_CIPHER_CTX_key_length(
&
kari->ctx);
+ keklen = EVP_CIPHER_CTX_key_length(kari->ctx);
if (keklen > EVP_MAX_KEY_LENGTH)
return 0;
/* Derive KEK */
if (EVP_PKEY_derive(kari->pctx, kek, &keklen) <= 0)
goto err;
/* Set KEK in context */
if (keklen > EVP_MAX_KEY_LENGTH)
return 0;
/* Derive KEK */
if (EVP_PKEY_derive(kari->pctx, kek, &keklen) <= 0)
goto err;
/* Set KEK in context */
- if (!EVP_CipherInit_ex(
&
kari->ctx, NULL, NULL, kek, NULL, enc))
+ if (!EVP_CipherInit_ex(kari->ctx, NULL, NULL, kek, NULL, enc))
goto err;
/* obtain output length of ciphered key */
goto err;
/* obtain output length of ciphered key */
- if (!EVP_CipherUpdate(
&
kari->ctx, NULL, &outlen, in, inlen))
+ if (!EVP_CipherUpdate(kari->ctx, NULL, &outlen, in, inlen))
goto err;
out = OPENSSL_malloc(outlen);
goto err;
out = OPENSSL_malloc(outlen);
- if (
!out
)
+ if (
out == NULL
)
goto err;
goto err;
- if (!EVP_CipherUpdate(
&
kari->ctx, out, &outlen, in, inlen))
+ if (!EVP_CipherUpdate(kari->ctx, out, &outlen, in, inlen))
goto err;
*pout = out;
*poutlen = (size_t)outlen;
goto err;
*pout = out;
*poutlen = (size_t)outlen;
@@
-264,7
+264,8
@@
static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
OPENSSL_cleanse(kek, keklen);
if (!rv)
OPENSSL_free(out);
OPENSSL_cleanse(kek, keklen);
if (!rv)
OPENSSL_free(out);
- EVP_CIPHER_CTX_cleanup(&kari->ctx);
+ EVP_CIPHER_CTX_reset(kari->ctx);
+ /* FIXME: WHY IS kari->pctx freed here? /RL */
EVP_PKEY_CTX_free(kari->pctx);
kari->pctx = NULL;
return rv;
EVP_PKEY_CTX_free(kari->pctx);
kari->pctx = NULL;
return rv;
@@
-366,7
+367,7
@@
int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
if (!cms_kari_create_ephemeral_key(kari, pk))
return 0;
if (!cms_kari_create_ephemeral_key(kari, pk))
return 0;
-
CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY
);
+
EVP_PKEY_up_ref(pk
);
rek->pkey = pk;
return 1;
}
rek->pkey = pk;
return 1;
}
@@
-374,7
+375,7
@@
int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
const EVP_CIPHER *cipher)
{
static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
const EVP_CIPHER *cipher)
{
- EVP_CIPHER_CTX *ctx =
&
kari->ctx;
+ EVP_CIPHER_CTX *ctx = kari->ctx;
const EVP_CIPHER *kekcipher;
int keylen = EVP_CIPHER_key_length(cipher);
/* If a suitable wrap algorithm is already set nothing to do */
const EVP_CIPHER *kekcipher;
int keylen = EVP_CIPHER_key_length(cipher);
/* If a suitable wrap algorithm is already set nothing to do */