projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Constify version strings is ssl lib.
[openssl.git] / ssl / s2_enc.c
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index c05ce5ddc0921b6cd7a4ef6d7f6f81037d0583c1..18882bf70487f56bf73abff5b6b3a36ccaf849b4 100644 (file)
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -95,12 +95,15 @@ int ssl2_enc_init(SSL *s, int client)
 
        num=c->key_len;
        s->s2->key_material_length=num*2;
+       OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
 
-       ssl2_generate_key_material(s);
+       if (ssl2_generate_key_material(s) <= 0)
+               return 0;
 
-       EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]),
+       OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
+       EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
                s->session->key_arg);
-       EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]),
+       EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
                s->session->key_arg);
        s->s2->read_key=  &(s->s2->key_material[(client)?0:num]);
        s->s2->write_key= &(s->s2->key_material[(client)?num:0]);
@@ -111,8 +114,8 @@ err:
        }
 
 /* read/writes from s->s2->mac_data using length for encrypt and 
- * decrypt.  It sets the s->s2->padding, s->[rw]length and
- * s->s2->pad_data ptr if we are encrypting */
+ * decrypt.  It sets s->s2->padding and s->[rw]length
+ * if we are encrypting */
 void ssl2_enc(SSL *s, int send)
        {
        EVP_CIPHER_CTX *ds;
@@ -169,14 +172,15 @@ void ssl2_mac(SSL *s, unsigned char *md, int send)
        l2n(seq,p);
 
        /* There has to be a MAC algorithm. */
-       EVP_DigestInit(&c,s->read_hash);
+       EVP_MD_CTX_init(&c);
+       EVP_DigestInit_ex(&c, s->read_hash, NULL);
        EVP_DigestUpdate(&c,sec,
                EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
        EVP_DigestUpdate(&c,act,len); 
        /* the above line also does the pad data */
        EVP_DigestUpdate(&c,sequence,4); 
-       EVP_DigestFinal(&c,md,NULL);
-       /* some would say I should zero the md context */
+       EVP_DigestFinal_ex(&c,md,NULL);
+       EVP_MD_CTX_cleanup(&c);
        }
 #else /* !OPENSSL_NO_SSL2 */
 
Unnamed repository; edit this file 'description' to name the repository.