Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md for

the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.

CHANGES

@@ -4,6 +4,11 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 2000]
 
+  *) Change the EVP_MD_CTX_type macro so its meaning consistent with
+     EVP_MD_type. The old functionality is available in a new macro called
+     EVP_MD_md(). Change code that uses it and update docs.
+     [Steve Henson]
+
   *) ..._ctrl functions now have corresponding ..._callback_ctrl functions
      where the 'void *' argument is replaced by a function pointer argument.
      Previously 'void *' was abused to point to functions, which works on

TABLE

@@ -784,7 +784,7 @@ $rc5_obj      =
 
 *** debug-steve
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Wshadow -pipe
+$cflags       = -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 

crypto/evp/evp.h

@@ -421,9 +421,10 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define EVP_MD_size(e)			((e)->md_size)
 #define EVP_MD_block_size(e)		((e)->block_size)
 
+#define EVP_MD_CTX_md(e)		((e)->digest)
 #define EVP_MD_CTX_size(e)		EVP_MD_size((e)->digest)
 #define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
-#define EVP_MD_CTX_type(e)		((e)->digest)
+#define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
 
 #define EVP_CIPHER_nid(e)		((e)->nid)
 #define EVP_CIPHER_block_size(e)	((e)->block_size)

crypto/pkcs7/pk7_doit.c

@@ -554,7 +554,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 					PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
 					goto err;
 					}
-				if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == j)
+				if (EVP_MD_CTX_type(mdc) == j)
 					break;
 				else
 					btmp=btmp->next_bio;
@@ -588,7 +588,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 					V_ASN1_UTCTIME,sign_time);
 
 				/* Add digest */
-				md_tmp=EVP_MD_CTX_type(&ctx_tmp);
+				md_tmp=EVP_MD_CTX_md(&ctx_tmp);
 				EVP_DigestFinal(&ctx_tmp,md_data,&md_len);
 				digest=M_ASN1_OCTET_STRING_new();
 				M_ASN1_OCTET_STRING_set(digest,md_data,md_len);
@@ -746,7 +746,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 							PKCS7_R_INTERNAL_ERROR);
 			goto err;
 			}
-		if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == md_type)
+		if (EVP_MD_CTX_type(mdc) == md_type)
 			break;
 		btmp=btmp->next_bio;	
 		}

doc/crypto/EVP_DigestInit.pod

@@ -21,9 +21,10 @@ EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal - EVP digest routines
  #define EVP_MD_size(e)			((e)->md_size)
  #define EVP_MD_block_size(e)		((e)->block_size)
 
+ #define EVP_MD_CTX_md(e)		(e)->digest)
  #define EVP_MD_CTX_size(e)		EVP_MD_size((e)->digest)
  #define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
- #define EVP_MD_CTX_type(e)		((e)->digest)
+ #define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
 
  EVP_MD *EVP_md_null(void);
  EVP_MD *EVP_md2(void);
@@ -75,7 +76,7 @@ representing the given message digest when passed an B<EVP_MD> structure.
 For example EVP_MD_type(EVP_sha1()) returns B<NID_sha1>. This function is
 normally used when setting ASN1 OIDs.
 
-EVP_MD_CTX_type() returns the B<EVP_MD> structure corresponding to the passed
+EVP_MD_CTX_md() returns the B<EVP_MD> structure corresponding to the passed
 B<EVP_MD_CTX>.
 
 EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
@@ -170,9 +171,6 @@ digest name passed on the command line.
 
 =head1 BUGS
 
-B<EVP_MD_CTX_type> is not a good name because its name wrongly implies it does
-the same as B<EVP_MD_type> but takes an B<EVP_MD_CTX> parameter instead.
-
 Several of the functions do not return values: maybe they should. Although the
 internal digest operations will never fail some future hardware based operations
 might.

doc/crypto/EVP_EncryptInit.pod

@@ -0,0 +1,131 @@
+=pod
+
+=head1 NAME
+
+EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal - EVP cipher routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, unsigned char *key, unsigned char *iv);
+ void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);
+ void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+ void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, unsigned char *key, unsigned char *iv);
+ void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ void EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, unsigned char *key,unsigned char *iv,int enc);
+ void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+ void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+ #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+ #define EVP_CIPHER_nid(e)		((e)->nid)
+ #define EVP_CIPHER_block_size(e)	((e)->block_size)
+ #define EVP_CIPHER_key_length(e)	((e)->key_len)
+ #define EVP_CIPHER_iv_length(e)		((e)->iv_len)
+
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+ #define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
+ #define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
+ #define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
+ #define EVP_CIPHER_CTX_key_length(e)	((e)->cipher->key_len)
+ #define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
+ #define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+
+=head1 DESCRIPTION
+
+The EVP cipher routines are a high level interface to certain
+symmetric ciphers.
+
+EVP_EncryptInit() initialises a cipher context B<ctx> for encryption
+with cipher B<type>. B<type> is normally supplied by a function such
+as EVP_des_cbc() . B<key> is the symmetric key to use and B<iv> is the
+IV to use (if necessary), the actual number of bytes used for the
+key and IV depends on the cipher.
+
+EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
+writes the encrypted version to B<out>. This function can be called
+multiple times to encrypt successive blocks of data. The amount
+of data written depends on the block alignment of the encrypted data:
+as a result the amount of data written may be anything from zero bytes
+to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
+room.  The actual number of bytes written is placed in B<outl>.
+
+EVP_EncryptFinal() encrypts the "final" data, that is any data that
+remains in a partial block. It uses standard block padding (aka PKCS
+padding). The encrypted final data is written to B<out> which should
+have sufficient space for one cipher block. The number of bytes written
+is placed in B<outl>. After this function is called the encryption operation
+is finished and no further calls to EVP_EncryptUpdate() should be made.
+
+EVP_DecryptInit(), EVP_DecryptUpdate() and EVP_DecryptFinal() are the
+corresponding decryption operations. EVP_DecryptFinal() will return an
+error code if the final block is not correctly formatted. The parameters
+and restrictions are identical to the encryption operations except that
+the decrypted data buffer B<out> passed to EVP_DecryptUpdate() should
+have sufficient room for (B<inl> + cipher_block_size) bytes unless the
+cipher block size is 1 in which case B<inl> bytes is sufficient.
+
+EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal() are functions
+that can be used for decryption or encryption. The operation performed
+depends on the value of the B<enc> parameter. It should be set to 1 for
+encryption and 0 for decryption.
+
+EVP_CIPHER_CTX_cleanup() clears all information from a cipher context.
+It should be called after all operations using a cipher are complete
+so sensitive information does not remain in memory.
+
+=head1 RETURN VALUES
+
+EVP_EncryptInit(), EVP_EncryptUpdate() and EVP_EncryptFinal() do not return
+values.
+
+EVP_DecryptInit() and EVP_DecryptUpdate() do not return values.
+EVP_DecryptFinal() returns 0 if the decrypt failed or 1 for success.
+
+EVP_CipherInit() and EVP_CipherUpdate() do not return values.
+EVP_CipherFinal() returns 1 for a decryption failure or 1 for success, if
+the operation is encryption then it always returns 1.
+
+=head1 NOTES
+
+Where possible the B<EVP> interface to symmetric ciphers should be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the cipher used and much more flexible.
+
+PKCS padding works by adding B<n> padding bytes of value B<n> to make the total 
+length of the encrypted data a multiple of the block size. Padding is always
+added so if the data is already a multiple of the block size B<n> will equal
+the block size. For example if the block size is 8 and 11 bytes are to be
+encrypted then 5 padding bytes of value 5 will be added.
+
+When decrypting the final block is checked to see if it has the correct form.
+
+Although the decryption operation can produce an error, it is not a strong
+test that the input data or key is correct. A random block has better than
+1 in 256 chance of being of the correct format and problems with the
+input data earlier on will not produce a final decrypt error.
+
+=head1 BUGS
+
+The current B<EVP> cipher interface is not as flexible as it should be. Only
+certain "spot" encryption algorithms can be used for ciphers which have various
+parameters associated with them (RC2, RC5 for example) this is inadequate.
+
+Several of the functions do not return error codes because the software versions
+can never fail. This is not true of hardware versions.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>
+
+=head1 HISTORY
+
+=cut

ssl/s23_srvr.c

@@ -389,7 +389,6 @@ int ssl23_get_client_hello(SSL *s)
 			}
 		}
 
-next_bit:
 	if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
 		{
 		/* we have SSLv3/TLSv1 in an SSLv2 header

ssl/s3_both.c

@@ -76,7 +76,7 @@ int ssl3_do_write(SSL *s, int type)
 	if (type == SSL3_RT_HANDSHAKE)
 		/* should not be done for 'Hello Request's, but in that case
 		 * we'll ignore the result anyway */
-		ssl3_finish_mac(s,&s->init_buf->data[s->init_off],ret);
+		ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret);
 	
 	if (ret == s->init_num)
 		return(1);

ssl/s3_enc.c

@@ -443,7 +443,7 @@ static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
 	EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
 	EVP_DigestFinal(&ctx,md_buf,&i);
 
-	EVP_DigestInit(&ctx,EVP_MD_CTX_type(&ctx));
+	EVP_DigestInit(&ctx,EVP_MD_CTX_md(&ctx));
 	EVP_DigestUpdate(&ctx,s->session->master_key,
 		s->session->master_key_length);
 	EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);

ssl/s3_pkt.c

@@ -827,8 +827,8 @@ start:
 	 */
 		{
 		int dest_maxlen = 0;
-		unsigned char *dest;
-		int *dest_len;
+		unsigned char *dest = NULL;
+		int *dest_len = NULL;
 
 		if (rr->type == SSL3_RT_HANDSHAKE)
 			{

util/libeay.num

@@ -2223,3 +2223,4 @@ CRYPTO_get_mem_debug_options            2248
 des_crypt                               2249
 PEM_write_bio_X509_REQ_NEW              2250
 PEM_write_X509_REQ_NEW                  2251
+BIO_callback_ctrl                       2252