Adapt all EVP_CIPHER users for it becoming opaque

Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/apps/enc.c b/apps/enc.c
index 17cc8e8742ff1a9cbde7084b5c62ef6807626e0e..ab91369ee75b1f2d6cd63d8dae4c736c9ac84f64 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -528,15 +528,15 @@ int enc_main(int argc, char **argv)
                     printf("%02X", salt[i]);
                 printf("\n");
             }
                     printf("%02X", salt[i]);
                 printf("\n");
             }

-            if (cipher->key_len > 0) {
+            if (EVP_CIPHER_key_length(cipher) > 0) {

                 printf("key=");
                 printf("key=");

-                for (i = 0; i < cipher->key_len; i++)
+                for (i = 0; i < EVP_CIPHER_key_length(cipher); i++)

                     printf("%02X", key[i]);
                 printf("\n");
             }
                     printf("%02X", key[i]);
                 printf("\n");
             }

-            if (cipher->iv_len > 0) {
+            if (EVP_CIPHER_iv_length(cipher) > 0) {

                 printf("iv =");
                 printf("iv =");

-                for (i = 0; i < cipher->iv_len; i++)
+                for (i = 0; i < EVP_CIPHER_iv_length(cipher); i++)

                     printf("%02X", iv[i]);
                 printf("\n");
             }
                     printf("%02X", iv[i]);
                 printf("\n");
             }

diff --git a/apps/speed.c b/apps/speed.c
index a8f227fd5fdb086d3d20558402e0c80cb8bf28b0..d45a6f9bebd92d1c2bf589011ea856663c03d465 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1644,7 +1644,7 @@ int speed_main(int argc, char **argv)
                 (EVP_CIPHER_flags(evp_cipher) &
                  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
                 BIO_printf(bio_err, "%s is not multi-block capable\n",
                 (EVP_CIPHER_flags(evp_cipher) &
                  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
                 BIO_printf(bio_err, "%s is not multi-block capable\n",

-                        OBJ_nid2ln(evp_cipher->nid));
+                           OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));

                 goto end;
             }
             multiblock_speed(evp_cipher);
                 goto end;
             }
             multiblock_speed(evp_cipher);


@@ -1657,7 +1657,7 @@ int speed_main(int argc, char **argv)
                 EVP_CIPHER_CTX *ctx;
                 int outl;
 
                 EVP_CIPHER_CTX *ctx;
                 int outl;
 

-                names[D_EVP] = OBJ_nid2ln(evp_cipher->nid);
+                names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));

                 /*
                  * -O3 -fschedule-insns messes up an optimization here!
                  * names[D_EVP] somehow becomes NULL
                 /*
                  * -O3 -fschedule-insns messes up an optimization here!
                  * names[D_EVP] somehow becomes NULL


@@ -2447,7 +2447,7 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, no_key, no_iv);
     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key),
                         no_key);
     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, no_key, no_iv);
     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key),
                         no_key);

-    alg_name = OBJ_nid2ln(evp_cipher->nid);
+    alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));

 
     for (j = 0; j < num; j++) {
         print_message(alg_name, 0, mblengths[j]);
 
     for (j = 0; j < num; j++) {
         print_message(alg_name, 0, mblengths[j]);

diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 89321e8990464babc2659d5cc13124ccbe4d09b5..67cd99d13f07580bd2d9fab1e910866942fb3903 100644 (file)
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -345,11 +345,13 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
             }
 
             /* create the right magic header stuff */
             }
 
             /* create the right magic header stuff */

-            OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
+            OPENSSL_assert(strlen(objstr) + 23
+                           + 2 * EVP_CIPHER_iv_length(enc) + 13 <=

                            sizeof buf);
             buf[0] = '\0';
             PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
                            sizeof buf);
             buf[0] = '\0';
             PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);

-            PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+            PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc),
+                         (char *)iv);

 
             /* use the normal code to write things out */
             i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
 
             /* use the normal code to write things out */
             i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 29b391f6ac762b1e47380273bb9a242fd71bc8f3..439bb146cc9384d16e3b19ff7636bf6993c7a409 100644 (file)
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -388,8 +388,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
             kstr = (unsigned char *)buf;
         }
         RAND_add(data, i, 0);   /* put in the RSA key. */
             kstr = (unsigned char *)buf;
         }
         RAND_add(data, i, 0);   /* put in the RSA key. */

-        OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
-        if (RAND_bytes(iv, enc->iv_len) <= 0) /* Generate a salt */
+        OPENSSL_assert(EVP_CIPHER_iv_length(enc) <= (int)sizeof(iv));
+        if (RAND_bytes(iv, EVP_CIPHER_iv_length(enc)) <= 0) /* Generate a salt */

             goto err;
         /*
          * The 'iv' is used as the iv and as a salt.  It is NOT taken from
             goto err;
         /*
          * The 'iv' is used as the iv and as a salt.  It is NOT taken from


@@ -401,12 +401,12 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
         if (kstr == (unsigned char *)buf)
             OPENSSL_cleanse(buf, PEM_BUFSIZE);
 
         if (kstr == (unsigned char *)buf)
             OPENSSL_cleanse(buf, PEM_BUFSIZE);
 

-        OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
-                       sizeof buf);
+        OPENSSL_assert(strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13
+                       <= sizeof buf);

 
         buf[0] = '\0';
         PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
 
         buf[0] = '\0';
         PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);

-        PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+        PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), (char *)iv);

         /* k=strlen(buf); */
 
         ret = 1;
         /* k=strlen(buf); */
 
         ret = 1;


@@ -544,7 +544,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
         PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
         return (0);
     }
         PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
         return (0);
     }

-    if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
+    if (!load_iv(header_pp, &(cipher->iv[0]), EVP_CIPHER_iv_length(enc)))

         return (0);
 
     return (1);
         return (0);
 
     return (1);