Add a cleanup function for MDs.

[openssl.git] / crypto / evp / digest.c

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index f1c905ab757328ac4f468389c9fd82b8a6827afa..69a0bdbe3438952dcad42e5d763894b5040f1cb3 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -75,28 +75,39 @@ EVP_MD_CTX *EVP_MD_CTX_create(void)
        return ctx;
        }
 
+#ifdef CRYPTO_MDEBUG
+int EVP_DigestInit_dbg(EVP_MD_CTX *ctx, const EVP_MD *type,const char *file,
+                      int line)
+#else
 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+#endif
        {
        if(ctx->digest != type)
                {
-               OPENSSL_free(ctx->md_data);
+               if(ctx->digest && ctx->digest->ctx_size)
+                       OPENSSL_free(ctx->md_data);
                ctx->digest=type;
-               ctx->md_data=OPENSSL_malloc(type->ctx_size);
+               if(type->ctx_size)
+#ifdef CRYPTO_MDEBUG
+                       ctx->md_data=CRYPTO_malloc(type->ctx_size,file,line);
+#else
+                       ctx->md_data=OPENSSL_malloc(type->ctx_size);
+#endif
                }
-       return type->init(ctx->md_data);
+       return type->init(ctx);
        }
 
 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
             unsigned int count)
        {
-       return ctx->digest->update(ctx->md_data,data,(unsigned long)count);
+       return ctx->digest->update(ctx,data,(unsigned long)count);
        }
 
 /* The caller can assume that this removes any secret data from the context */
 int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
        {
        int ret;
-       ret=ctx->digest->final(md,ctx->md_data);
+       ret=ctx->digest->final(ctx,md);
        if (size != NULL)
                *size=ctx->digest->md_size;
        /* FIXME: add a cleanup function to the ctx? */
@@ -110,11 +121,19 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
         EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
        return 0;
     }
+
     EVP_MD_CTX_cleanup(out);
     memcpy(out,in,sizeof *out);
-    out->md_data=OPENSSL_malloc(out->digest->ctx_size);
-    /* FIXME: we really need a per-MD copy function */
-    memcpy(out->md_data,in->md_data,out->digest->ctx_size);
+
+    if(out->digest->ctx_size)
+       {
+       out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+       memcpy(out->md_data,in->md_data,out->digest->ctx_size);
+       }
+
+    if(out->digest->copy)
+       return out->digest->copy(out,in);
+
     return 1;
 }
 
@@ -125,6 +144,7 @@ int EVP_Digest(void *data, unsigned int count,
        int ret;
 
        EVP_MD_CTX_init(&ctx);
+       EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
        ret=EVP_DigestInit(&ctx, type)
          && EVP_DigestUpdate(&ctx, data, count)
          && EVP_DigestFinal(&ctx, md, size);
@@ -142,8 +162,16 @@ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
 /* This call frees resources associated with the context */
 int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
        {
-       /* assume ctx->md_data was cleaned in EVP_Digest_Final */
-       OPENSSL_free(ctx->md_data);
+       /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
+        * because sometimes only copies of the context are ever finalised.
+        */
+       if(ctx->digest && ctx->digest->cleanup)
+               ctx->digest->cleanup(ctx);
+       if(ctx->digest && ctx->digest->ctx_size && ctx->md_data)
+               {
+               memset(ctx->md_data,0,ctx->digest->ctx_size);
+               OPENSSL_free(ctx->md_data);
+               }
        memset(ctx,'\0',sizeof *ctx);
 
        return 1;