X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fpem%2Fpem_seal.c;h=4e554e5481e0c60cf520906671b7c2498ff8d2c1;hp=fd493e5251ebce3c6a93f1792e7d67c9bf10077e;hb=fe591284be1575d85d3a2f40d8ba93436ba2b3db;hpb=6b691a5c85ddc4e407e32781841fee5c029506cd diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index fd493e5251..4e554e5481 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -56,13 +56,16 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_RSA */ +#ifndef OPENSSL_NO_RSA #include #include "cryptlib.h" -#include "evp.h" -#include "rand.h" -#include "objects.h" -#include "x509.h" -#include "pem.h" +#include +#include +#include +#include +#include +#include int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, @@ -83,17 +86,20 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, j=RSA_size(pubk[i]->pkey.rsa); if (j > max) max=j; } - s=(char *)Malloc(max*2); + s=(char *)OPENSSL_malloc(max*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE); goto err; } - EVP_EncodeInit(&(ctx->encode)); - EVP_SignInit(&(ctx->md),md_type); + EVP_EncodeInit(&ctx->encode); - ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk); + EVP_MD_CTX_init(&ctx->md); + EVP_SignInit(&ctx->md,md_type); + + EVP_CIPHER_CTX_init(&ctx->cipher); + ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk); if (!ret) goto err; /* base64 encode the keys */ @@ -107,8 +113,8 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, ret=npubk; err: - if (s != NULL) Free(s); - memset(key,0,EVP_MAX_KEY_LENGTH); + if (s != NULL) OPENSSL_free(s); + OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH); return(ret); } @@ -119,7 +125,7 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, int i,j; *outl=0; - EVP_SignUpdate(&(ctx->md),in,inl); + EVP_SignUpdate(&ctx->md,in,inl); for (;;) { if (inl <= 0) break; @@ -127,8 +133,8 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, i=1200; else i=inl; - EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i); - EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j); + EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i); + EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j); *outl+=j; out+=j; in+=i; @@ -150,27 +156,34 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, } i=RSA_size(priv->pkey.rsa); if (i < 100) i=100; - s=(unsigned char *)Malloc(i*2); + s=(unsigned char *)OPENSSL_malloc(i*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE); goto err; } - EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i); - EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i); + EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i); + EVP_EncodeUpdate(&ctx->encode,out,&j,s,i); *outl=j; out+=j; - EVP_EncodeFinal(&(ctx->encode),out,&j); + EVP_EncodeFinal(&ctx->encode,out,&j); *outl+=j; - if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err; + if (!EVP_SignFinal(&ctx->md,s,&i,priv)) goto err; *sigl=EVP_EncodeBlock(sig,s,i); ret=1; err: - memset((char *)&(ctx->md),0,sizeof(ctx->md)); - memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher)); - if (s != NULL) Free(s); + EVP_MD_CTX_cleanup(&ctx->md); + EVP_CIPHER_CTX_cleanup(&ctx->cipher); + if (s != NULL) OPENSSL_free(s); return(ret); } +#else /* !OPENSSL_NO_RSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + +#endif