Adapt all EVP_CIPHER_CTX users for it becoming opaque Reviewed-by: Rich Salz <rsalz@openssl.org>
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 5398912..0ce5b9e 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c
@@ -498,7 +498,7 @@ u_len >= 4 * (max_send_fragment = s->max_send_fragment) && s->compress == NULL && s->msg_callback == NULL && !SSL_USE_ETM(s) && SSL_USE_EXPLICIT_IV(s) && - EVP_CIPHER_flags(s->enc_write_ctx->cipher) & + EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) & EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) { unsigned char aad[13]; EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index fd98213..d8c7b1e 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c
@@ -587,7 +587,7 @@ rec->input = rec->data; } else { l = rec->length; - bs = EVP_CIPHER_block_size(ds->cipher); + bs = EVP_CIPHER_CTX_block_size(ds); /* COMPRESS */ @@ -690,9 +690,9 @@ ret = 1; } else { l = rec->length; - bs = EVP_CIPHER_block_size(ds->cipher); + bs = EVP_CIPHER_CTX_block_size(ds); - if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { + if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds)) & EVP_CIPH_FLAG_AEAD_CIPHER) { unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq; seq = send ? RECORD_LAYER_get_write_sequence(&s->rlayer) @@ -746,7 +746,7 @@ } i = EVP_Cipher(ds, rec->data, rec->input, l); - if ((EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_CUSTOM_CIPHER) + if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds)) & EVP_CIPH_FLAG_CUSTOM_CIPHER) ? (i < 0) : (i == 0)) return -1; /* AEAD can fail to verify MAC */ @@ -1064,7 +1064,7 @@ padding_length = rec->data[rec->length - 1]; - if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { + if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_read_ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) { /* padding is already verified */ rec->length -= padding_length + 1; return 1;
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index c20bff2..7a1e201 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c
@@ -228,14 +228,13 @@ if (which & SSL3_CC_READ) { if (s->enc_read_ctx != NULL) reuse_dd = 1; - else if ((s->enc_read_ctx = - OPENSSL_malloc(sizeof(*s->enc_read_ctx))) == NULL) + else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) goto err; else /* * make sure it's intialized in case we exit later with an error */ - EVP_CIPHER_CTX_init(s->enc_read_ctx); + EVP_CIPHER_CTX_reset(s->enc_read_ctx); dd = s->enc_read_ctx; if (ssl_replace_hash(&s->read_hash, m) == NULL) { @@ -262,14 +261,13 @@ } else { if (s->enc_write_ctx != NULL) reuse_dd = 1; - else if ((s->enc_write_ctx = - OPENSSL_malloc(sizeof(*s->enc_write_ctx))) == NULL) + else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) goto err; else /* * make sure it's intialized in case we exit later with an error */ - EVP_CIPHER_CTX_init(s->enc_write_ctx); + EVP_CIPHER_CTX_reset(s->enc_write_ctx); dd = s->enc_write_ctx; if (ssl_replace_hash(&s->write_hash, m) == NULL) { SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); @@ -293,7 +291,7 @@ } if (reuse_dd) - EVP_CIPHER_CTX_cleanup(dd); + EVP_CIPHER_CTX_reset(dd); p = s->s3->tmp.key_block; i = EVP_MD_size(m);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f3eb5b0..ba52a51 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -3119,13 +3119,11 @@ void ssl_clear_cipher_ctx(SSL *s) { if (s->enc_read_ctx != NULL) { - EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); - OPENSSL_free(s->enc_read_ctx); + EVP_CIPHER_CTX_free(s->enc_read_ctx); s->enc_read_ctx = NULL; } if (s->enc_write_ctx != NULL) { - EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); - OPENSSL_free(s->enc_write_ctx); + EVP_CIPHER_CTX_free(s->enc_write_ctx); s->enc_write_ctx = NULL; } #ifndef OPENSSL_NO_COMP
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 258c6fc..627f20a 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c
@@ -235,7 +235,7 @@ if (s->write_hash) { if (s->enc_write_ctx - && (EVP_CIPHER_CTX_flags(s->enc_write_ctx) & + && (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0) mac_size = 0; else @@ -245,7 +245,7 @@ if (s->enc_write_ctx && (EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE)) - blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher); + blocksize = 2 * EVP_CIPHER_CTX_block_size(s->enc_write_ctx); else blocksize = 0;
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index de20bcf..78f9f5c 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c
@@ -2926,7 +2926,7 @@ int tls_construct_new_session_ticket(SSL *s) { unsigned char *senc = NULL; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; HMAC_CTX *hctx = NULL; unsigned char *p, *macstart; const unsigned char *const_p; @@ -2953,7 +2953,7 @@ return 0; } - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); hctx = HMAC_CTX_new(); p = senc; @@ -3000,12 +3000,12 @@ * all the work otherwise use generated values from parent ctx. */ if (tctx->tlsext_ticket_key_cb) { - if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx, hctx, 1) < 0) + if (tctx->tlsext_ticket_key_cb(s, key_name, iv, ctx, hctx, 1) < 0) goto err; } else { if (RAND_bytes(iv, 16) <= 0) goto err; - if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, + if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, iv)) goto err; if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16, @@ -3028,13 +3028,13 @@ memcpy(p, key_name, 16); p += 16; /* output IV */ - memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx)); - p += EVP_CIPHER_CTX_iv_length(&ctx); + memcpy(p, iv, EVP_CIPHER_CTX_iv_length(ctx)); + p += EVP_CIPHER_CTX_iv_length(ctx); /* Encrypt session data */ - if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen)) + if (!EVP_EncryptUpdate(ctx, p, &len, senc, slen)) goto err; p += len; - if (!EVP_EncryptFinal(&ctx, p, &len)) + if (!EVP_EncryptFinal(ctx, p, &len)) goto err; p += len; @@ -3043,8 +3043,10 @@ if (!HMAC_Final(hctx, p, &hlen)) goto err; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); HMAC_CTX_free(hctx); + ctx = NULL; + hctx = NULL; p += hlen; /* Now write out lengths: p points to end of data written */ @@ -3060,7 +3062,7 @@ return 1; err: OPENSSL_free(senc); - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); HMAC_CTX_free(hctx); ossl_statem_set_error(s); return 0;
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 2d96330..9885f24 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c
@@ -330,14 +330,13 @@ if (s->enc_read_ctx != NULL) reuse_dd = 1; - else if ((s->enc_read_ctx = - OPENSSL_malloc(sizeof(*s->enc_read_ctx))) == NULL) + else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) goto err; else /* * make sure it's intialized in case we exit later with an error */ - EVP_CIPHER_CTX_init(s->enc_read_ctx); + EVP_CIPHER_CTX_reset(s->enc_read_ctx); dd = s->enc_read_ctx; mac_ctx = ssl_replace_hash(&s->read_hash, NULL); if (mac_ctx == NULL) @@ -405,7 +404,7 @@ } if (reuse_dd) - EVP_CIPHER_CTX_cleanup(dd); + EVP_CIPHER_CTX_reset(dd); p = s->s3->tmp.key_block; i = *mac_secret_size = s->s3->tmp.new_mac_secret_size;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 908f8e9..41b55c8 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -3060,7 +3060,7 @@ int slen, mlen, renew_ticket = 0; unsigned char tick_hmac[EVP_MAX_MD_SIZE]; HMAC_CTX *hctx = NULL; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; SSL_CTX *tctx = s->initial_ctx; /* Need at least keyname + iv + some encrypted data */ if (eticklen < 48) @@ -3069,11 +3069,11 @@ hctx = HMAC_CTX_new(); if (hctx == NULL) return -2; - EVP_CIPHER_CTX_init(&ctx); + ctx = EVP_CIPHER_CTX_new(); if (tctx->tlsext_ticket_key_cb) { unsigned char *nctick = (unsigned char *)etick; int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16, - &ctx, hctx, 0); + ctx, hctx, 0); if (rv < 0) return -1; if (rv == 0) @@ -3086,7 +3086,7 @@ return 2; if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, 16, EVP_sha256(), NULL) <= 0 - || EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, + || EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, tctx->tlsext_tick_aes_key, etick + 16) <= 0) { goto err; @@ -3108,26 +3108,27 @@ } HMAC_CTX_free(hctx); if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) { - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return 2; } /* Attempt to decrypt session data */ /* Move p after IV to start of encrypted ticket, update length */ - p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx); - eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx); + p = etick + 16 + EVP_CIPHER_CTX_iv_length(ctx); + eticklen -= 16 + EVP_CIPHER_CTX_iv_length(ctx); sdec = OPENSSL_malloc(eticklen); if (sdec == NULL - || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) { - EVP_CIPHER_CTX_cleanup(&ctx); + || EVP_DecryptUpdate(ctx, sdec, &slen, p, eticklen) <= 0) { + EVP_CIPHER_CTX_free(ctx); return -1; } - if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) { - EVP_CIPHER_CTX_cleanup(&ctx); + if (EVP_DecryptFinal(ctx, sdec + slen, &mlen) <= 0) { + EVP_CIPHER_CTX_free(ctx); OPENSSL_free(sdec); return 2; } slen += mlen; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); + ctx = NULL; p = sdec; sess = d2i_SSL_SESSION(NULL, &p, slen); @@ -3154,7 +3155,7 @@ */ return 2; err: - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); HMAC_CTX_free(hctx); return -1; }