From bfb0641f932490c2e7fb5f9f7cb4a88017a5abfa Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 2 Dec 2015 00:49:35 +0100 Subject: [PATCH] Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy) Reviewed-by: Rich Salz --- apps/passwd.c | 8 ++++---- apps/req.c | 12 ++++++------ apps/ts.c | 6 +++--- crypto/asn1/a_sign.c | 10 +++++----- crypto/asn1/a_verify.c | 8 ++++---- crypto/cms/cms_asn1.c | 2 +- crypto/cms/cms_dd.c | 4 ++-- crypto/cms/cms_sd.c | 20 ++++++++++---------- crypto/dh/dh_kdf.c | 4 ++-- crypto/dsa/dsa_gen.c | 4 ++-- crypto/ecdh/ech_kdf.c | 4 ++-- crypto/evp/bio_md.c | 4 ++-- crypto/evp/bio_ok.c | 4 ++-- crypto/evp/digest.c | 4 ++-- crypto/evp/evp_key.c | 4 ++-- crypto/evp/m_sigver.c | 8 ++++---- crypto/evp/p5_crpt.c | 4 ++-- crypto/evp/p_sign.c | 4 ++-- crypto/evp/p_verify.c | 4 ++-- crypto/hmac/hmac.c | 18 +++++++++--------- crypto/pem/pem_seal.c | 4 ++-- crypto/pem/pvkfmt.c | 4 ++-- crypto/pkcs12/p12_key.c | 4 ++-- crypto/pkcs7/pk7_doit.c | 14 +++++++------- crypto/rand/md_rand.c | 12 ++++++------ crypto/rsa/rsa_oaep.c | 4 ++-- crypto/rsa/rsa_pss.c | 8 ++++---- crypto/srp/srp_lib.c | 12 ++++++------ crypto/srp/srp_vfy.c | 6 +++--- crypto/ts/ts_rsp_verify.c | 6 +++--- crypto/x509/x509_cmp.c | 8 ++++---- ssl/record/ssl3_record.c | 14 +++++++------- ssl/s3_cbc.c | 6 +++--- ssl/s3_enc.c | 22 +++++++++++----------- ssl/ssl_lib.c | 10 +++++----- ssl/statem/statem_clnt.c | 18 +++++++++--------- ssl/statem/statem_dtls.c | 3 +-- ssl/statem/statem_srvr.c | 10 +++++----- ssl/t1_enc.c | 14 +++++++------- test/ecdsatest.c | 4 ++-- test/evp_extra_test.c | 12 ++++++------ test/evp_test.c | 8 ++++---- test/gost2814789test.c | 4 ++-- test/mdc2test.c | 4 ++-- test/sha1test.c | 4 ++-- test/sha256t.c | 6 +++--- test/sha512t.c | 6 +++--- 47 files changed, 181 insertions(+), 182 deletions(-) diff --git a/apps/passwd.c b/apps/passwd.c index 70ecb874e..2a32111e9 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -322,7 +322,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) salt_len = strlen(salt_out); assert(salt_len <= 8); - md = EVP_MD_CTX_create(); + md = EVP_MD_CTX_new(); if (md == NULL) return NULL; EVP_DigestInit_ex(md, EVP_md5(), NULL); @@ -332,7 +332,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) EVP_DigestUpdate(md, "$", 1); EVP_DigestUpdate(md, salt_out, salt_len); - md2 = EVP_MD_CTX_create(); + md2 = EVP_MD_CTX_new(); if (md2 == NULL) return NULL; EVP_DigestInit_ex(md2, EVP_md5(), NULL); @@ -364,8 +364,8 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt) (i & 1) ? sizeof buf : passwd_len); EVP_DigestFinal_ex(md2, buf, NULL); } - EVP_MD_CTX_destroy(md2); - EVP_MD_CTX_destroy(md); + EVP_MD_CTX_free(md2); + EVP_MD_CTX_free(md); { /* transform buf into output string */ diff --git a/apps/req.c b/apps/req.c index 267a0a025..c27576393 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1511,7 +1511,7 @@ int do_X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts) { int rv; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); rv = do_sign_init(mctx, pkey, md, sigopts); /* Note: X509_sign_ctx() calls ASN1_item_sign_ctx(), which destroys @@ -1520,7 +1520,7 @@ int do_X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md, if (rv > 0) rv = X509_sign_ctx(x, mctx); else - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return rv > 0 ? 1 : 0; } @@ -1528,7 +1528,7 @@ int do_X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts) { int rv; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); rv = do_sign_init(mctx, pkey, md, sigopts); /* Note: X509_REQ_sign_ctx() calls ASN1_item_sign_ctx(), which destroys * the EVP_MD_CTX we send it, so only destroy it here if the former @@ -1536,7 +1536,7 @@ int do_X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md, if (rv > 0) rv = X509_REQ_sign_ctx(x, mctx); else - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return rv > 0 ? 1 : 0; } @@ -1544,7 +1544,7 @@ int do_X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts) { int rv; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); rv = do_sign_init(mctx, pkey, md, sigopts); /* Note: X509_CRL_sign_ctx() calls ASN1_item_sign_ctx(), which destroys * the EVP_MD_CTX we send it, so only destroy it here if the former @@ -1552,6 +1552,6 @@ int do_X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md, if (rv > 0) rv = X509_CRL_sign_ctx(x, mctx); else - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return rv > 0 ? 1 : 0; } diff --git a/apps/ts.c b/apps/ts.c index 4da61d422..00b5e53f7 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -523,7 +523,7 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md, return 0; if (input) { - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); unsigned char buffer[4096]; int length; @@ -535,10 +535,10 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md, EVP_DigestUpdate(md_ctx, buffer, length); } if (!EVP_DigestFinal(md_ctx, *md_value, NULL)) { - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 0; } - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); } else { long digest_len; *md_value = string_to_hex(digest, &digest_len); diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index ee9f66c39..5b5d5b7af 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -132,7 +132,7 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, const EVP_MD *type) { - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); unsigned char *p, *buf_in = NULL, *buf_out = NULL; int i, inl = 0, outl = 0, outll = 0; X509_ALGOR *a; @@ -205,7 +205,7 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); OPENSSL_clear_free((char *)buf_in, (unsigned int)inl); OPENSSL_clear_free((char *)buf_out, outll); return (outl); @@ -217,14 +217,14 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type) { - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); if (ctx == NULL) { ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE); return 0; } if (!EVP_DigestSignInit(ctx, NULL, type, NULL, pkey)) { - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return 0; } return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx); @@ -315,7 +315,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); OPENSSL_clear_free((char *)buf_in, (unsigned int)inl); OPENSSL_clear_free((char *)buf_out, outll); return (outl); diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index e958cdec8..4acee3eb8 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -77,7 +77,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey) { - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); const EVP_MD *type; unsigned char *p, *buf_in = NULL; int ret = -1, i, inl; @@ -126,7 +126,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, } ret = 1; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return (ret); } @@ -151,7 +151,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, return -1; } - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE); goto err; @@ -225,6 +225,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, } ret = 1; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return (ret); } diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c index 7aafc8dab..3b9f7b5c5 100644 --- a/crypto/cms/cms_asn1.c +++ b/crypto/cms/cms_asn1.c @@ -95,7 +95,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; EVP_PKEY_free(si->pkey); X509_free(si->signer); - EVP_MD_CTX_destroy(si->mctx); + EVP_MD_CTX_free(si->mctx); } return 1; } diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c index dcbd5788f..9ac45b53e 100644 --- a/crypto/cms/cms_dd.c +++ b/crypto/cms/cms_dd.c @@ -99,7 +99,7 @@ BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms) int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify) { - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); unsigned char md[EVP_MAX_MD_SIZE]; unsigned int mdlen; int r = 0; @@ -137,7 +137,7 @@ int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify) } err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return r; diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 1570fb6fe..5c39746b3 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -287,7 +287,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, si->pkey = pk; si->signer = signer; - si->mctx = EVP_MD_CTX_create(); + si->mctx = EVP_MD_CTX_new(); si->pctx = NULL; if (si->mctx == NULL) { @@ -576,7 +576,7 @@ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si) static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si, BIO *chain) { - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); int r = 0; EVP_PKEY_CTX *pctx = NULL; @@ -654,7 +654,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, r = 1; err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); EVP_PKEY_CTX_free(pctx); return r; @@ -696,7 +696,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) if (si->pctx) pctx = si->pctx; else { - EVP_MD_CTX_init(mctx); + EVP_MD_CTX_reset(mctx); if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0) goto err; } @@ -728,7 +728,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) goto err; } - EVP_MD_CTX_init(mctx); + EVP_MD_CTX_reset(mctx); ASN1_STRING_set0(si->signature, abuf, siglen); @@ -736,7 +736,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) err: OPENSSL_free(abuf); - EVP_MD_CTX_init(mctx); + EVP_MD_CTX_reset(mctx); return 0; } @@ -757,7 +757,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) if (md == NULL) return -1; if (si->mctx == NULL) - si->mctx = EVP_MD_CTX_create(); + si->mctx = EVP_MD_CTX_new(); mctx = si->mctx; if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0) goto err; @@ -780,7 +780,7 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) if (r <= 0) CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE); err: - EVP_MD_CTX_init(mctx); + EVP_MD_CTX_reset(mctx); return r; } @@ -817,7 +817,7 @@ BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms) int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain) { ASN1_OCTET_STRING *os = NULL; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); EVP_PKEY_CTX *pkctx = NULL; int r = -1; unsigned char mval[EVP_MAX_MD_SIZE]; @@ -886,7 +886,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain) err: EVP_PKEY_CTX_free(pkctx); - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return r; } diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 35a40bd75..8ce849896 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -152,7 +152,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, int derlen; if (Zlen > DH_KDF_MAX) return 0; - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (mctx == NULL) return 0; mdlen = EVP_MD_size(md); @@ -188,7 +188,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, rv = 1; err: OPENSSL_free(der); - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return rv; } #endif diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index f659d081d..d6e36149c 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -360,7 +360,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, int counter = 0; int r = 0; BN_CTX *ctx = NULL; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); unsigned int h = 2; if (mctx == NULL) @@ -640,7 +640,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, BN_CTX_end(ctx); BN_CTX_free(ctx); BN_MONT_CTX_free(mont); - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return ok; } diff --git a/crypto/ecdh/ech_kdf.c b/crypto/ecdh/ech_kdf.c index d856b7f5e..cbcbfd9ea 100644 --- a/crypto/ecdh/ech_kdf.c +++ b/crypto/ecdh/ech_kdf.c @@ -72,7 +72,7 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX || Zlen > ECDH_KDF_MAX) return 0; - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (mctx == NULL) return 0; mdlen = EVP_MD_size(md); @@ -106,6 +106,6 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, } rv = 1; err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return rv; } diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index 381ca599a..24c7dc3be 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -100,7 +100,7 @@ static int md_new(BIO *bi) { EVP_MD_CTX *ctx; - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) return (0); @@ -114,7 +114,7 @@ static int md_free(BIO *a) { if (a == NULL) return (0); - EVP_MD_CTX_destroy(a->ptr); + EVP_MD_CTX_free(a->ptr); a->ptr = NULL; a->init = 0; a->flags = 0; diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 49105bd83..5f3f2dea9 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -183,7 +183,7 @@ static int ok_new(BIO *bi) ctx->cont = 1; ctx->sigio = 1; - ctx->md = EVP_MD_CTX_create(); + ctx->md = EVP_MD_CTX_new(); bi->init = 0; bi->ptr = (char *)ctx; bi->flags = 0; @@ -194,7 +194,7 @@ static int ok_free(BIO *a) { if (a == NULL) return (0); - EVP_MD_CTX_destroy(((BIO_OK_CTX *)a->ptr)->md); + EVP_MD_CTX_free(((BIO_OK_CTX *)a->ptr)->md); OPENSSL_clear_free(a->ptr, sizeof(BIO_OK_CTX)); a->ptr = NULL; a->init = 0; diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 0b1af6f3c..5da0e0103 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -345,7 +345,7 @@ int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); int ret; if (ctx == NULL) @@ -354,7 +354,7 @@ int EVP_Digest(const void *data, size_t count, ret = EVP_DigestInit_ex(ctx, type, impl) && EVP_DigestUpdate(ctx, data, count) && EVP_DigestFinal_ex(ctx, md, size); - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; } diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 231c06b86..65f038138 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -136,7 +136,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, if (data == NULL) return (nkey); - c = EVP_MD_CTX_create(); + c = EVP_MD_CTX_new(); if (c == NULL) goto err; for (;;) { @@ -191,7 +191,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, } rv = type->key_len; err: - EVP_MD_CTX_destroy(c); + EVP_MD_CTX_free(c); OPENSSL_cleanse(md_buf, sizeof(md_buf)); return rv; } diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index b21000f86..067d33014 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -158,7 +158,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, else r = EVP_DigestFinal_ex(ctx, md, &mdlen); } else { - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) return 0; if (sctx) @@ -166,7 +166,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, sigret, siglen, tmp_ctx); else r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen); - EVP_MD_CTX_destroy(tmp_ctx); + EVP_MD_CTX_free(tmp_ctx); } if (sctx || !r) return r; @@ -203,7 +203,7 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, } else r = EVP_DigestFinal_ex(ctx, md, &mdlen); } else { - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) return -1; if (vctx) { @@ -211,7 +211,7 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, sig, siglen, tmp_ctx); } else r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen); - EVP_MD_CTX_destroy(tmp_ctx); + EVP_MD_CTX_free(tmp_ctx); } if (vctx || !r) return r; diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index 26bf04898..d27d83f7e 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -110,7 +110,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, else if (passlen == -1) passlen = strlen(pass); - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) { EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, ERR_R_MALLOC_FAILURE); goto err; @@ -148,6 +148,6 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); rv = 1; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return rv; } diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 8ddb89f69..c5e479e8b 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -78,7 +78,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, goto err; } else { int rv = 0; - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL) { EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE); return 0; @@ -86,7 +86,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); if (rv) rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len); - EVP_MD_CTX_destroy(tmp_ctx); + EVP_MD_CTX_free(tmp_ctx); if (!rv) return 0; } diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index c2328f229..32ec0de12 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -76,7 +76,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, goto err; } else { int rv = 0; - EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); if (tmp_ctx == NULL) { EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE); return 0; @@ -84,7 +84,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); if (rv) rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len); - EVP_MD_CTX_destroy(tmp_ctx); + EVP_MD_CTX_free(tmp_ctx); if (!rv) return 0; } diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 6d1aaf845..2fe511938 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -182,9 +182,9 @@ HMAC_CTX *HMAC_CTX_new(void) static void hmac_ctx_cleanup(HMAC_CTX *ctx) { - EVP_MD_CTX_init(ctx->i_ctx); - EVP_MD_CTX_init(ctx->o_ctx); - EVP_MD_CTX_init(ctx->md_ctx); + EVP_MD_CTX_reset(ctx->i_ctx); + EVP_MD_CTX_reset(ctx->o_ctx); + EVP_MD_CTX_reset(ctx->md_ctx); ctx->md = NULL; ctx->key_length = 0; memset(ctx->key, 0, sizeof(HMAC_MAX_MD_CBLOCK)); @@ -194,9 +194,9 @@ void HMAC_CTX_free(HMAC_CTX *ctx) { if (ctx != NULL) { hmac_ctx_cleanup(ctx); - EVP_MD_CTX_destroy(ctx->i_ctx); - EVP_MD_CTX_destroy(ctx->o_ctx); - EVP_MD_CTX_destroy(ctx->md_ctx); + EVP_MD_CTX_free(ctx->i_ctx); + EVP_MD_CTX_free(ctx->o_ctx); + EVP_MD_CTX_free(ctx->md_ctx); OPENSSL_free(ctx); } } @@ -205,15 +205,15 @@ int HMAC_CTX_init(HMAC_CTX *ctx) { hmac_ctx_cleanup(ctx); if (ctx->i_ctx == NULL) - ctx->i_ctx = EVP_MD_CTX_create(); + ctx->i_ctx = EVP_MD_CTX_new(); if (ctx->i_ctx == NULL) goto err; if (ctx->o_ctx == NULL) - ctx->o_ctx = EVP_MD_CTX_create(); + ctx->o_ctx = EVP_MD_CTX_new(); if (ctx->o_ctx == NULL) goto err; if (ctx->md_ctx == NULL) - ctx->md_ctx = EVP_MD_CTX_create(); + ctx->md_ctx = EVP_MD_CTX_new(); if (ctx->md_ctx == NULL) goto err; ctx->md = NULL; diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index 5d9c5975f..d0db77783 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -93,7 +93,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, EVP_EncodeInit(&ctx->encode); - ctx->md = EVP_MD_CTX_create(); + ctx->md = EVP_MD_CTX_new(); if (!EVP_SignInit(ctx->md, md_type)) goto err; @@ -178,7 +178,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, ret = 1; err: - EVP_MD_CTX_destroy(ctx->md); + EVP_MD_CTX_free(ctx->md); EVP_CIPHER_CTX_cleanup(&ctx->cipher); OPENSSL_free(s); return (ret); diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index f06272893..c95967cae 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -650,7 +650,7 @@ static int derive_pvk_key(unsigned char *key, const unsigned char *salt, unsigned int saltlen, const unsigned char *pass, int passlen) { - EVP_MD_CTX *mctx = EVP_MD_CTX_create();; + EVP_MD_CTX *mctx = EVP_MD_CTX_new();; int rv = 1; if (mctx == NULL || !EVP_DigestInit_ex(mctx, EVP_sha1(), NULL) @@ -659,7 +659,7 @@ static int derive_pvk_key(unsigned char *key, || !EVP_DigestFinal_ex(mctx, key, NULL)) rv = 0; - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return rv; } diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index a561d1619..3efdd4a5c 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -115,7 +115,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int tmpn = n; #endif - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) goto err; @@ -218,7 +218,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, OPENSSL_free(I); BN_free(Ij); BN_free(Bpl1); - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; } diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index c5ac2fac9..91864dcea 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -707,7 +707,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) return 0; } - ctx_tmp = EVP_MD_CTX_create(); + ctx_tmp = EVP_MD_CTX_new(); if (ctx_tmp == NULL) { PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE); return 0; @@ -854,7 +854,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) } ret = 1; err: - EVP_MD_CTX_destroy(ctx_tmp); + EVP_MD_CTX_free(ctx_tmp); return (ret); } @@ -871,7 +871,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) if (md == NULL) return 0; - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (mctx == NULL) { PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, ERR_R_MALLOC_FAILURE); goto err; @@ -908,7 +908,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) goto err; } - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); ASN1_STRING_set0(si->enc_digest, abuf, siglen); @@ -916,7 +916,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) err: OPENSSL_free(abuf); - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return 0; } @@ -989,7 +989,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, BIO *btmp; EVP_PKEY *pkey; - mdc_tmp = EVP_MD_CTX_create(); + mdc_tmp = EVP_MD_CTX_new(); if (mdc_tmp == NULL) { PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_MALLOC_FAILURE); goto err; @@ -1087,7 +1087,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, } ret = 1; err: - EVP_MD_CTX_destroy(mdc_tmp); + EVP_MD_CTX_free(mdc_tmp); return (ret); } diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index ec42fc29f..c2dfce419 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -234,7 +234,7 @@ static int rand_add(const void *buf, int num, double add) * hash function. */ - m = EVP_MD_CTX_create(); + m = EVP_MD_CTX_new(); if (m == NULL) goto err; @@ -355,7 +355,7 @@ static int rand_add(const void *buf, int num, double add) #endif rv = 1; err: - EVP_MD_CTX_destroy(m); + EVP_MD_CTX_free(m); return rv; } @@ -412,7 +412,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo) if (num <= 0) return 1; - m = EVP_MD_CTX_create(); + m = EVP_MD_CTX_new(); if (m == NULL) goto err_mem; @@ -600,7 +600,7 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo) ASYNC_unblock_pause(); CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - EVP_MD_CTX_destroy(m); + EVP_MD_CTX_free(m); if (ok) return (1); else if (pseudo) @@ -613,11 +613,11 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo) } err: RANDerr(RAND_F_RAND_BYTES, ERR_R_EVP_LIB); - EVP_MD_CTX_destroy(m); + EVP_MD_CTX_free(m); return 0; err_mem: RANDerr(RAND_F_RAND_BYTES, ERR_R_MALLOC_FAILURE); - EVP_MD_CTX_destroy(m); + EVP_MD_CTX_free(m); return 0; } diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 0f742f996..0ad1ef320 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -242,7 +242,7 @@ int PKCS1_MGF1(unsigned char *mask, long len, { long i, outlen = 0; unsigned char cnt[4]; - EVP_MD_CTX *c = EVP_MD_CTX_create(); + EVP_MD_CTX *c = EVP_MD_CTX_new(); unsigned char md[EVP_MAX_MD_SIZE]; int mdlen; int rv = -1; @@ -274,6 +274,6 @@ int PKCS1_MGF1(unsigned char *mask, long len, } rv = 0; err: - EVP_MD_CTX_destroy(c); + EVP_MD_CTX_free(c); return rv; } diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index 0a41ae99b..5f44dd3ee 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -88,7 +88,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, int hLen, maskedDBLen, MSBits, emLen; const unsigned char *H; unsigned char *DB = NULL; - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); unsigned char H_[EVP_MAX_MD_SIZE]; @@ -174,7 +174,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, err: OPENSSL_free(DB); - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; @@ -244,7 +244,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) goto err; if (!EVP_DigestInit_ex(ctx, Hash, NULL) @@ -282,7 +282,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, ret = 1; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); OPENSSL_free(salt); return ret; diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index 649d2b5a6..0a073b61e 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -78,7 +78,7 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) if (BN_ucmp(g, N) >= 0) return NULL; - ctxt = EVP_MD_CTX_create(); + ctxt = EVP_MD_CTX_new(); if (ctxt == NULL) return NULL; if ((tmp = OPENSSL_malloc(longN)) == NULL) @@ -98,7 +98,7 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) EVP_DigestFinal_ex(ctxt, digest, NULL); res = BN_bin2bn(digest, sizeof(digest), NULL); err: - EVP_MD_CTX_destroy(ctxt); + EVP_MD_CTX_free(ctxt); return res; } @@ -119,7 +119,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) longN = BN_num_bytes(N); - ctxt = EVP_MD_CTX_create(); + ctxt = EVP_MD_CTX_new(); if (ctxt == NULL) return NULL; if ((cAB = OPENSSL_malloc(2 * longN)) == NULL) @@ -140,7 +140,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) u = NULL; } err: - EVP_MD_CTX_destroy(ctxt); + EVP_MD_CTX_free(ctxt); return u; } @@ -213,7 +213,7 @@ BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass) if ((s == NULL) || (user == NULL) || (pass == NULL)) return NULL; - ctxt = EVP_MD_CTX_create(); + ctxt = EVP_MD_CTX_new(); if (ctxt == NULL) return NULL; if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL) @@ -234,7 +234,7 @@ BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass) res = BN_bin2bn(dig, sizeof(dig), NULL); err: - EVP_MD_CTX_destroy(ctxt); + EVP_MD_CTX_free(ctxt); return res; } diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index 24fe437e9..1be68f234 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -499,12 +499,12 @@ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username) if (RAND_bytes(digv, SHA_DIGEST_LENGTH) <= 0) goto err; - ctxt = EVP_MD_CTX_create(); + ctxt = EVP_MD_CTX_new(); EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL); EVP_DigestUpdate(ctxt, vb->seed_key, strlen(vb->seed_key)); EVP_DigestUpdate(ctxt, username, strlen(username)); EVP_DigestFinal_ex(ctxt, digs, NULL); - EVP_MD_CTX_destroy(ctxt); + EVP_MD_CTX_free(ctxt); ctxt = NULL; if (SRP_user_pwd_set_sv_BN(user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL), @@ -512,7 +512,7 @@ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username) return user; err: - EVP_MD_CTX_destroy(ctxt); + EVP_MD_CTX_free(ctxt); SRP_user_pwd_free(user); return NULL; } diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index 24c81ee24..c79db38ab 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -551,7 +551,7 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info, goto err; } - md_ctx = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE); goto err; @@ -564,11 +564,11 @@ static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info, } if (!EVP_DigestFinal(md_ctx, *imprint, NULL)) goto err; - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 1; err: - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); X509_ALGOR_free(*md_alg); OPENSSL_free(*imprint); *imprint_len = 0; diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 8ea70ace6..5c3ac6a66 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -82,7 +82,7 @@ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) unsigned long X509_issuer_and_serial_hash(X509 *a) { unsigned long ret = 0; - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); unsigned char md[16]; char *f; @@ -104,7 +104,7 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L) ) & 0xffffffffL; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return (ret); } #endif @@ -249,7 +249,7 @@ unsigned long X509_NAME_hash(X509_NAME *x) unsigned long X509_NAME_hash_old(X509_NAME *x) { - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); unsigned long ret = 0; unsigned char md[16]; @@ -265,7 +265,7 @@ unsigned long X509_NAME_hash_old(X509_NAME *x) ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L) ) & 0xffffffffL; - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return (ret); } diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 02424f1f6..99c655e65 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -854,7 +854,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) } else { unsigned int md_size_u; /* Chop the digest off the end :-) */ - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) return -1; @@ -875,12 +875,12 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) || EVP_DigestUpdate(md_ctx, ssl3_pad_2, npad) <= 0 || EVP_DigestUpdate(md_ctx, md, md_size) <= 0 || EVP_DigestFinal_ex(md_ctx, md, &md_size_u) <= 0) { - EVP_MD_CTX_init(md_ctx); + EVP_MD_CTX_reset(md_ctx); return -1; } md_size = md_size_u; - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); } ssl3_record_sequence_update(seq); @@ -918,7 +918,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) if (stream_mac) { mac_ctx = hash; } else { - hmac = EVP_MD_CTX_create(); + hmac = EVP_MD_CTX_new(); if (hmac == NULL || !EVP_MD_CTX_copy(hmac, hash)) return -1; @@ -957,14 +957,14 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) rec->length + md_size, rec->orig_len, ssl->s3->read_mac_secret, ssl->s3->read_mac_secret_size, 0) <= 0) { - EVP_MD_CTX_destroy(hmac); + EVP_MD_CTX_free(hmac); return -1; } } else { if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0 || EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0 || EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) { - EVP_MD_CTX_destroy(hmac); + EVP_MD_CTX_free(hmac); return -1; } if (!send && !SSL_USE_ETM(ssl) && FIPS_mode()) @@ -973,7 +973,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) rec->length, rec->orig_len); } - EVP_MD_CTX_destroy(hmac); + EVP_MD_CTX_free(hmac); #ifdef TLS_DEBUG fprintf(stderr, "seq="); diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index 1e46c6692..f07a0451a 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -497,7 +497,7 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, mac_out[j] |= block[j] & is_block_b; } - md_ctx = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) goto err; if (EVP_DigestInit_ex(md_ctx, EVP_MD_CTX_md(ctx), NULL /* engine */ ) <= 0) @@ -522,11 +522,11 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, ret = EVP_DigestFinal(md_ctx, md_out, &md_out_size_u); if (ret && md_out_size) *md_out_size = md_out_size_u; - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 1; err: - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 0; } diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 026f2c839..c20bff2e7 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -153,8 +153,8 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) c = os_toascii[c]; /* 'A' in ASCII */ #endif k = 0; - m5 = EVP_MD_CTX_create(); - s1 = EVP_MD_CTX_create(); + m5 = EVP_MD_CTX_new(); + s1 = EVP_MD_CTX_new(); if (m5 == NULL || s1 == NULL) { SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_MALLOC_FAILURE); goto err; @@ -194,8 +194,8 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) OPENSSL_cleanse(smd, sizeof(smd)); ret = 1; err: - EVP_MD_CTX_destroy(m5); - EVP_MD_CTX_destroy(s1); + EVP_MD_CTX_free(m5); + EVP_MD_CTX_free(s1); return ret; } @@ -447,7 +447,7 @@ void ssl3_free_digest_list(SSL *s) { BIO_free(s->s3->handshake_buffer); s->s3->handshake_buffer = NULL; - EVP_MD_CTX_destroy(s->s3->handshake_dgst); + EVP_MD_CTX_free(s->s3->handshake_dgst); s->s3->handshake_dgst = NULL; } @@ -472,7 +472,7 @@ int ssl3_digest_cached_records(SSL *s, int keep) return 0; } - s->s3->handshake_dgst = EVP_MD_CTX_create(); + s->s3->handshake_dgst = EVP_MD_CTX_new(); if (s->s3->handshake_dgst == NULL) { SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE); return 0; @@ -509,7 +509,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) return 0; } - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) { SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC, ERR_R_MALLOC_FAILURE); return 0; @@ -518,7 +518,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) ret = EVP_MD_CTX_size(ctx); if (ret < 0) { - EVP_MD_CTX_init(ctx); + EVP_MD_CTX_reset(ctx); return 0; } @@ -531,7 +531,7 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) ret = 0; } - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; } @@ -551,7 +551,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, #endif }; unsigned char buf[EVP_MAX_MD_SIZE]; - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); int i, ret = 0; unsigned int n; #ifdef OPENSSL_SSL_TRACE_CRYPTO @@ -584,7 +584,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, out += n; ret += n; } - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); #ifdef OPENSSL_SSL_TRACE_CRYPTO if (ret > 0 && s->msg_callback) { diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index adbb7bb95..3ca7c3ffa 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3177,9 +3177,9 @@ void SSL_set_not_resumable_session_callback(SSL *ssl, EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md) { ssl_clear_hash_ctx(hash); - *hash = EVP_MD_CTX_create(); + *hash = EVP_MD_CTX_new(); if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) { - EVP_MD_CTX_destroy(*hash); + EVP_MD_CTX_free(*hash); *hash = NULL; return NULL; } @@ -3190,7 +3190,7 @@ void ssl_clear_hash_ctx(EVP_MD_CTX **hash) { if (*hash) - EVP_MD_CTX_destroy(*hash); + EVP_MD_CTX_free(*hash); *hash = NULL; } @@ -3204,7 +3204,7 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen) ret = 0; goto err; } - ctx = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); if (ctx == NULL) { ret = 0; goto err; @@ -3213,7 +3213,7 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen) || EVP_DigestFinal_ex(ctx, out, NULL) <= 0) ret = 0; err: - EVP_MD_CTX_destroy(ctx); + EVP_MD_CTX_free(ctx); return ret; } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index f19ac8e38..60c0983de 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1592,7 +1592,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) #endif PACKET save_param_start, signature; - md_ctx = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -1921,7 +1921,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) } } EVP_PKEY_free(pkey); - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return MSG_PROCESS_CONTINUE_READING; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -1938,7 +1938,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) EC_POINT_free(srvr_ecpoint); EC_KEY_free(ecdh); #endif - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } @@ -2721,7 +2721,7 @@ psk_err: * Compute shared IV and store it in algorithm-specific context * data */ - ukm_hash = EVP_MD_CTX_create(); + ukm_hash = EVP_MD_CTX_new(); if (EVP_DigestInit(ukm_hash, EVP_get_digestbynid(dgst_nid)) <= 0 || EVP_DigestUpdate(ukm_hash, s->s3->client_random, @@ -2729,12 +2729,12 @@ psk_err: || EVP_DigestUpdate(ukm_hash, s->s3->server_random, SSL3_RANDOM_SIZE) <= 0 || EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len) <= 0) { - EVP_MD_CTX_destroy(ukm_hash); + EVP_MD_CTX_free(ukm_hash); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } - EVP_MD_CTX_destroy(ukm_hash); + EVP_MD_CTX_free(ukm_hash); if (EVP_PKEY_CTX_ctrl (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) { @@ -2905,7 +2905,7 @@ int tls_construct_client_verify(SSL *s) long hdatalen = 0; void *hdata; - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (mctx == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE); goto err; @@ -2958,10 +2958,10 @@ int tls_construct_client_verify(SSL *s) goto err; } - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return 1; err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); return 0; } diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index aafd28f8d..6d73659df 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -204,8 +204,7 @@ void dtls1_hm_fragment_free(hm_fragment *frag) if (frag->msg_header.is_ccs) { EVP_CIPHER_CTX_free(frag->msg_header. saved_retransmit_state.enc_write_ctx); - EVP_MD_CTX_destroy(frag->msg_header. - saved_retransmit_state.write_hash); + EVP_MD_CTX_free(frag->msg_header.saved_retransmit_state.write_hash); } OPENSSL_free(frag->fragment); OPENSSL_free(frag->reassembly); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index f1d1796d1..3ccb28777 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1733,7 +1733,7 @@ int tls_construct_server_key_exchange(SSL *s) BIGNUM *r[4]; int nr[4], kn; BUF_MEM *buf; - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -2075,7 +2075,7 @@ int tls_construct_server_key_exchange(SSL *s) goto f_err; } - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); return 1; f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -2084,7 +2084,7 @@ int tls_construct_server_key_exchange(SSL *s) OPENSSL_free(encodedPoint); BN_CTX_free(bn_ctx); #endif - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); ossl_statem_set_error(s); return 0; } @@ -2888,7 +2888,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) long hdatalen = 0; void *hdata; - EVP_MD_CTX *mctx = EVP_MD_CTX_create(); + EVP_MD_CTX *mctx = EVP_MD_CTX_new(); if (mctx == NULL) { SSLerr(SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_MALLOC_FAILURE); @@ -3013,7 +3013,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) } BIO_free(s->s3->handshake_buffer); s->s3->handshake_buffer = NULL; - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); EVP_PKEY_free(pkey); return ret; } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 05a0ec7ca..5889558d7 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -166,9 +166,9 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec, chunk = EVP_MD_size(md); OPENSSL_assert(chunk >= 0); - ctx = EVP_MD_CTX_create(); - ctx_tmp = EVP_MD_CTX_create(); - ctx_init = EVP_MD_CTX_create(); + ctx = EVP_MD_CTX_new(); + ctx_tmp = EVP_MD_CTX_new(); + ctx_init = EVP_MD_CTX_new(); if (ctx == NULL || ctx_tmp == NULL || ctx_init == NULL) goto err; EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); @@ -230,9 +230,9 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec, ret = 1; err: EVP_PKEY_free(mac_key); - EVP_MD_CTX_destroy(ctx); - EVP_MD_CTX_destroy(ctx_tmp); - EVP_MD_CTX_destroy(ctx_init); + EVP_MD_CTX_free(ctx); + EVP_MD_CTX_free(ctx_tmp); + EVP_MD_CTX_free(ctx_init); OPENSSL_cleanse(A1, sizeof(A1)); return ret; } @@ -374,7 +374,7 @@ int tls1_change_cipher_state(SSL *s, int which) goto err; dd = s->enc_write_ctx; if (SSL_IS_DTLS(s)) { - mac_ctx = EVP_MD_CTX_create(); + mac_ctx = EVP_MD_CTX_new(); if (mac_ctx == NULL) goto err; s->write_hash = mac_ctx; diff --git a/test/ecdsatest.c b/test/ecdsatest.c index dcd9ba0a5..a55a553df 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -188,7 +188,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) const char message[] = "abc"; unsigned char digest[20]; unsigned int dgst_len = 0; - EVP_MD_CTX *md_ctx = EVP_MD_CTX_create(); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); EC_KEY *key = NULL; ECDSA_SIG *signature = NULL; BIGNUM *r = NULL, *s = NULL; @@ -246,7 +246,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) ECDSA_SIG_free(signature); BN_free(r); BN_free(s); - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); BN_clear_free(kinv); BN_clear_free(rp); return ret; diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 50c9e918f..a5363085f 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -279,8 +279,8 @@ static int test_EVP_DigestSignInit(void) size_t sig_len = 0; EVP_MD_CTX *md_ctx, *md_ctx_verify; - md_ctx = EVP_MD_CTX_create(); - md_ctx_verify = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); + md_ctx_verify = EVP_MD_CTX_new(); if (md_ctx == NULL || md_ctx_verify == NULL) goto out; @@ -319,8 +319,8 @@ static int test_EVP_DigestSignInit(void) ERR_print_errors_fp(stderr); } - EVP_MD_CTX_destroy(md_ctx); - EVP_MD_CTX_destroy(md_ctx_verify); + EVP_MD_CTX_free(md_ctx); + EVP_MD_CTX_free(md_ctx_verify); EVP_PKEY_free(pkey); OPENSSL_free(sig); @@ -333,7 +333,7 @@ static int test_EVP_DigestVerifyInit(void) EVP_PKEY *pkey = NULL; EVP_MD_CTX *md_ctx; - md_ctx = EVP_MD_CTX_create(); + md_ctx = EVP_MD_CTX_new(); pkey = load_example_rsa_key(); if (pkey == NULL || @@ -349,7 +349,7 @@ static int test_EVP_DigestVerifyInit(void) ERR_print_errors_fp(stderr); } - EVP_MD_CTX_destroy(md_ctx); + EVP_MD_CTX_free(md_ctx); EVP_PKEY_free(pkey); return ret; diff --git a/test/evp_test.c b/test/evp_test.c index 92e153f2d..725af8a53 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -691,7 +691,7 @@ static int digest_test_run(struct evp_test *t) EVP_MD_CTX *mctx; unsigned char md[EVP_MAX_MD_SIZE]; unsigned int md_len; - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (!mctx) goto err; err = "DIGESTINIT_ERROR"; @@ -713,7 +713,7 @@ static int digest_test_run(struct evp_test *t) goto err; err = NULL; err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); t->err = err; return 1; } @@ -1100,7 +1100,7 @@ static int mac_test_run(struct evp_test *t) if (!md) goto err; } - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (!mctx) goto err; err = "DIGESTSIGNINIT_ERROR"; @@ -1128,7 +1128,7 @@ static int mac_test_run(struct evp_test *t) goto err; err = NULL; err: - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); OPENSSL_free(mac); EVP_PKEY_CTX_free(genctx); EVP_PKEY_free(key); diff --git a/test/gost2814789test.c b/test/gost2814789test.c index 486326cef..2ab0782f8 100644 --- a/test/gost2814789test.c +++ b/test/gost2814789test.c @@ -1391,7 +1391,7 @@ int main(int argc, char *argv[]) */ continue; } - mctx = EVP_MD_CTX_create(); + mctx = EVP_MD_CTX_new(); if (mctx == NULL) { fflush(NULL); fprintf(stderr, "ENGINE_ctrl_cmd_string: malloc failure\n"); @@ -1417,7 +1417,7 @@ int main(int argc, char *argv[]) siglen = 4; OPENSSL_assert(EVP_DigestSignFinal(mctx, bTest, &siglen)); EVP_PKEY_free(mac_key); - EVP_MD_CTX_destroy(mctx); + EVP_MD_CTX_free(mctx); enlu = (int)tcs[t].ullLen; enlf = 0; l = siglen; diff --git a/test/mdc2test.c b/test/mdc2test.c index 4cf952c3f..938a3c13b 100644 --- a/test/mdc2test.c +++ b/test/mdc2test.c @@ -102,7 +102,7 @@ int main(int argc, char *argv[]) ebcdic2ascii(text, text, strlen(text)); # endif - c = EVP_MD_CTX_create(); + c = EVP_MD_CTX_new(); EVP_DigestInit_ex(c, EVP_mdc2(), NULL); EVP_DigestUpdate(c, (unsigned char *)text, strlen(text)); EVP_DigestFinal_ex(c, &(md[0]), NULL); @@ -135,7 +135,7 @@ int main(int argc, char *argv[]) } else printf("pad2 - ok\n"); - EVP_MD_CTX_destroy(c); + EVP_MD_CTX_free(c); # ifdef OPENSSL_SYS_NETWARE if (ret) printf("ERROR: %d\n", ret); diff --git a/test/sha1test.c b/test/sha1test.c index 6b8ad4214..676cc8483 100644 --- a/test/sha1test.c +++ b/test/sha1test.c @@ -96,7 +96,7 @@ int main(int argc, char *argv[]) ebcdic2ascii(test[1], test[1], strlen(test[1])); #endif - c = EVP_MD_CTX_create(); + c = EVP_MD_CTX_new(); P = test; R = ret; i = 1; @@ -137,7 +137,7 @@ int main(int argc, char *argv[]) printf("ERROR: %d\n", err); #endif EXIT(err); - EVP_MD_CTX_destroy(c); + EVP_MD_CTX_free(c); return (0); } diff --git a/test/sha256t.c b/test/sha256t.c index 25f762f82..2ff9ed2a7 100644 --- a/test/sha256t.c +++ b/test/sha256t.c @@ -80,7 +80,7 @@ int main(int argc, char **argv) fprintf(stdout, "."); fflush(stdout); - evp = EVP_MD_CTX_create(); + evp = EVP_MD_CTX_new(); if (evp == NULL) { fflush(stdout); fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n"); @@ -133,14 +133,14 @@ int main(int argc, char **argv) fprintf(stdout, "."); fflush(stdout); - EVP_MD_CTX_init(evp); + EVP_MD_CTX_reset(evp); EVP_DigestInit_ex(evp, EVP_sha224(), NULL); for (i = 0; i < 1000000; i += 64) EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", (1000000 - i) < 64 ? 1000000 - i : 64); EVP_DigestFinal_ex(evp, md, NULL); - EVP_MD_CTX_destroy(evp); + EVP_MD_CTX_free(evp); if (memcmp(md, addenum_3, sizeof(addenum_3))) { fflush(stdout); diff --git a/test/sha512t.c b/test/sha512t.c index dff19aaa5..e1f30de2c 100644 --- a/test/sha512t.c +++ b/test/sha512t.c @@ -113,7 +113,7 @@ int main(int argc, char **argv) fprintf(stdout, "."); fflush(stdout); - evp = EVP_MD_CTX_create(); + evp = EVP_MD_CTX_new(); if (evp == NULL) { fflush(stdout); fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n"); @@ -132,7 +132,7 @@ int main(int argc, char **argv) "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", (1000000 - i) < 288 ? 1000000 - i : 288); EVP_DigestFinal_ex(evp, md, NULL); - EVP_MD_CTX_init(evp); + EVP_MD_CTX_reset(evp); if (memcmp(md, app_c3, sizeof(app_c3))) { fflush(stdout); @@ -174,7 +174,7 @@ int main(int argc, char **argv) "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", (1000000 - i) < 64 ? 1000000 - i : 64); EVP_DigestFinal_ex(evp, md, NULL); - EVP_MD_CTX_destroy(evp); + EVP_MD_CTX_free(evp); if (memcmp(md, app_d3, sizeof(app_d3))) { fflush(stdout);