From 6c2ff56ec606ed82cf02b9a6679b90bde6ce18aa Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Fri, 18 Dec 2015 17:08:49 +0100
Subject: [PATCH 1/1] Adapt all EVP_CIPHER users for it becoming opaque

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 apps/enc.c            |  8 ++++----
 apps/speed.c          |  6 +++---
 crypto/pem/pem_info.c |  6 ++++--
 crypto/pem/pem_lib.c  | 12 ++++++------
 4 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/apps/enc.c b/apps/enc.c
index 17cc8e8742..ab91369ee7 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -528,15 +528,15 @@ int enc_main(int argc, char **argv)
                     printf("%02X", salt[i]);
                 printf("\n");
             }
-            if (cipher->key_len > 0) {
+            if (EVP_CIPHER_key_length(cipher) > 0) {
                 printf("key=");
-                for (i = 0; i < cipher->key_len; i++)
+                for (i = 0; i < EVP_CIPHER_key_length(cipher); i++)
                     printf("%02X", key[i]);
                 printf("\n");
             }
-            if (cipher->iv_len > 0) {
+            if (EVP_CIPHER_iv_length(cipher) > 0) {
                 printf("iv =");
-                for (i = 0; i < cipher->iv_len; i++)
+                for (i = 0; i < EVP_CIPHER_iv_length(cipher); i++)
                     printf("%02X", iv[i]);
                 printf("\n");
             }
diff --git a/apps/speed.c b/apps/speed.c
index a8f227fd5f..d45a6f9beb 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1644,7 +1644,7 @@ int speed_main(int argc, char **argv)
                 (EVP_CIPHER_flags(evp_cipher) &
                  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
                 BIO_printf(bio_err, "%s is not multi-block capable\n",
-                        OBJ_nid2ln(evp_cipher->nid));
+                           OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
                 goto end;
             }
             multiblock_speed(evp_cipher);
@@ -1657,7 +1657,7 @@ int speed_main(int argc, char **argv)
                 EVP_CIPHER_CTX *ctx;
                 int outl;
 
-                names[D_EVP] = OBJ_nid2ln(evp_cipher->nid);
+                names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
                 /*
                  * -O3 -fschedule-insns messes up an optimization here!
                  * names[D_EVP] somehow becomes NULL
@@ -2447,7 +2447,7 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, no_key, no_iv);
     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key),
                         no_key);
-    alg_name = OBJ_nid2ln(evp_cipher->nid);
+    alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
 
     for (j = 0; j < num; j++) {
         print_message(alg_name, 0, mblengths[j]);
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 89321e8990..67cd99d13f 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -345,11 +345,13 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
             }
 
             /* create the right magic header stuff */
-            OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
+            OPENSSL_assert(strlen(objstr) + 23
+                           + 2 * EVP_CIPHER_iv_length(enc) + 13 <=
                            sizeof buf);
             buf[0] = '\0';
             PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-            PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+            PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc),
+                         (char *)iv);
 
             /* use the normal code to write things out */
             i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 29b391f6ac..439bb146cc 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -388,8 +388,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
             kstr = (unsigned char *)buf;
         }
         RAND_add(data, i, 0);   /* put in the RSA key. */
-        OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
-        if (RAND_bytes(iv, enc->iv_len) <= 0) /* Generate a salt */
+        OPENSSL_assert(EVP_CIPHER_iv_length(enc) <= (int)sizeof(iv));
+        if (RAND_bytes(iv, EVP_CIPHER_iv_length(enc)) <= 0) /* Generate a salt */
             goto err;
         /*
          * The 'iv' is used as the iv and as a salt.  It is NOT taken from
@@ -401,12 +401,12 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
         if (kstr == (unsigned char *)buf)
             OPENSSL_cleanse(buf, PEM_BUFSIZE);
 
-        OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
-                       sizeof buf);
+        OPENSSL_assert(strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13
+                       <= sizeof buf);
 
         buf[0] = '\0';
         PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-        PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+        PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), (char *)iv);
         /* k=strlen(buf); */
 
         ret = 1;
@@ -544,7 +544,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
         PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
         return (0);
     }
-    if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
+    if (!load_iv(header_pp, &(cipher->iv[0]), EVP_CIPHER_iv_length(enc)))
         return (0);
 
     return (1);
-- 
2.34.1