Add a cleanup function for MDs.
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index c81f6e6..69a0bdb 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c
@@ -165,6 +165,8 @@ /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final, * because sometimes only copies of the context are ever finalised. */ + if(ctx->digest && ctx->digest->cleanup) + ctx->digest->cleanup(ctx); if(ctx->digest && ctx->digest->ctx_size && ctx->md_data) { memset(ctx->md_data,0,ctx->digest->ctx_size);
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 7f79838..de642c6 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h
@@ -222,6 +222,7 @@ int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count); int (*final)(EVP_MD_CTX *ctx,unsigned char *md); int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from); + int (*cleanup)(EVP_MD_CTX *ctx); /* FIXME: prototype these some day */ int (*sign)();
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c index f50b35b..beb8d7f 100644 --- a/crypto/evp/m_dss.c +++ b/crypto/evp/m_dss.c
@@ -82,6 +82,7 @@ update, final, NULL, + NULL, EVP_PKEY_DSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX),
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c index be27d63..f5668eb 100644 --- a/crypto/evp/m_dss1.c +++ b/crypto/evp/m_dss1.c
@@ -82,6 +82,7 @@ update, final, NULL, + NULL, EVP_PKEY_DSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX),
diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c index 8f95541..50914c8 100644 --- a/crypto/evp/m_md2.c +++ b/crypto/evp/m_md2.c
@@ -83,6 +83,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_method, MD2_BLOCK, sizeof(EVP_MD *)+sizeof(MD2_CTX),
diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c index 11458ee..8565e5d 100644 --- a/crypto/evp/m_md4.c +++ b/crypto/evp/m_md4.c
@@ -83,6 +83,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_method, MD4_CBLOCK, sizeof(EVP_MD *)+sizeof(MD4_CTX),
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c index 69ec8aa..b00a03e 100644 --- a/crypto/evp/m_md5.c +++ b/crypto/evp/m_md5.c
@@ -83,6 +83,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_method, MD5_CBLOCK, sizeof(EVP_MD *)+sizeof(MD5_CTX),
diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c index d36a6e3..9f6467c 100644 --- a/crypto/evp/m_mdc2.c +++ b/crypto/evp/m_mdc2.c
@@ -83,6 +83,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_ASN1_OCTET_STRING_method, MDC2_BLOCK, sizeof(EVP_MD *)+sizeof(MDC2_CTX),
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c index fa3a030..f6f0a1d 100644 --- a/crypto/evp/m_null.c +++ b/crypto/evp/m_null.c
@@ -81,6 +81,7 @@ update, final, NULL, + NULL, EVP_PKEY_NULL_method, 0, sizeof(EVP_MD *),
diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c index 0bfc04c..6472552 100644 --- a/crypto/evp/m_ripemd.c +++ b/crypto/evp/m_ripemd.c
@@ -83,6 +83,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_method, RIPEMD160_CBLOCK, sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c index acb7a44..10697c7 100644 --- a/crypto/evp/m_sha.c +++ b/crypto/evp/m_sha.c
@@ -82,6 +82,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX),
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index ea54ada..d6be350 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c
@@ -82,6 +82,7 @@ update, final, NULL, + NULL, EVP_PKEY_RSA_method, SHA_CBLOCK, sizeof(EVP_MD *)+sizeof(SHA_CTX),
diff --git a/crypto/evp/openbsd_hw.c b/crypto/evp/openbsd_hw.c index 550145e..2e4ad10 100644 --- a/crypto/evp/openbsd_hw.c +++ b/crypto/evp/openbsd_hw.c
@@ -291,6 +291,17 @@ return 1; } +static int dev_crypto_cleanup_digest(MD_DATA *md_data) + { + if (ioctl(fd,CIOCFSESSION,&md_data->sess.ses) == -1) + { + err("CIOCFSESSION failed"); + return 0; + } + + return 1; + } + /* FIXME: if device can do chained MACs, then don't accumulate */ /* FIXME: move accumulation to the framework */ static int dev_crypto_md5_init(EVP_MD_CTX *ctx) @@ -346,7 +357,7 @@ return 0; } } - printf("done\n"); + // printf("done\n"); return 1; } @@ -374,13 +385,15 @@ if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT) { memcpy(md,md_data->md,MD5_DIGEST_LENGTH); - return 1; + ret=1; } - - ret=do_digest(md_data->sess.ses,md,md_data->data,md_data->len); - OPENSSL_free(md_data->data); - md_data->data=NULL; - md_data->len=0; + else + { + ret=do_digest(md_data->sess.ses,md,md_data->data,md_data->len); + OPENSSL_free(md_data->data); + md_data->data=NULL; + md_data->len=0; + } return ret; } @@ -399,6 +412,11 @@ return 1; } +static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx) + { + return dev_crypto_cleanup_digest(ctx->md_data); + } + static const EVP_MD md5_md= { NID_md5, @@ -409,6 +427,7 @@ dev_crypto_md5_update, dev_crypto_md5_final, dev_crypto_md5_copy, + dev_crypto_md5_cleanup, EVP_PKEY_RSA_method, MD5_CBLOCK, sizeof(MD_DATA),