Adjust all accesses to EVP_MD_CTX to use accessor functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Richard Levitte <levitte@openssl.org> 2015-11-27 14:02:12 +0100
committer: Richard Levitte <levitte@openssl.org> 2015-12-07 17:39:23 +0100
commit: 6e59a892db781658c050e5217127c4147c116ac9 (patch)
tree: eec9e79e1c71f9c2897f49b29084bf42a66e96db /crypto/asn1/a_verify.c
parent: Document the changed HMAC API. (diff)
download: openssl-6e59a892db781658c050e5217127c4147c116ac9.tar.xz
openssl-6e59a892db781658c050e5217127c4147c116ac9.zip
1 files changed, 20 insertions, 13 deletions
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index 540b71c4d4..e958cdec87 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -77,12 +77,15 @@
 int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
                 char *data, EVP_PKEY *pkey)
 {
-    EVP_MD_CTX ctx;
+    EVP_MD_CTX *ctx = EVP_MD_CTX_create();
     const EVP_MD *type;
     unsigned char *p, *buf_in = NULL;
     int ret = -1, i, inl;
 
-    EVP_MD_CTX_init(&ctx);
+    if (ctx == NULL) {
+        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
     i = OBJ_obj2nid(a->algorithm);
     type = EVP_get_digestbyname(OBJ_nid2sn(i));
     if (type == NULL) {
@@ -104,8 +107,8 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
     p = buf_in;
 
     i2d(data, &p);
-    ret = EVP_VerifyInit_ex(&ctx, type, NULL)
-        && EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl);
+    ret = EVP_VerifyInit_ex(ctx, type, NULL)
+        && EVP_VerifyUpdate(ctx, (unsigned char *)buf_in, inl);
 
     OPENSSL_clear_free(buf_in, (unsigned int)inl);
 
@@ -115,7 +118,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
     }
     ret = -1;
 
-    if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data,
+    if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data,
                         (unsigned int)signature->length, pkey) <= 0) {
         ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
         ret = 0;
@@ -123,7 +126,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
     }
     ret = 1;
  err:
-    EVP_MD_CTX_cleanup(&ctx);
+    EVP_MD_CTX_destroy(ctx);
     return (ret);
 }
 
@@ -132,7 +135,7 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
 int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
                      ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
 {
-    EVP_MD_CTX ctx;
+    EVP_MD_CTX *ctx = NULL;
     unsigned char *buf_in = NULL;
     int ret = -1, inl;
 
@@ -148,7 +151,11 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
         return -1;
     }
 
-    EVP_MD_CTX_init(&ctx);
+    ctx = EVP_MD_CTX_create();
+    if (ctx == NULL) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
 
     /* Convert signature OID into digest and public key OIDs */
     if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
@@ -161,7 +168,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
                     ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
             goto err;
         }
-        ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey);
+        ret = pkey->ameth->item_verify(ctx, it, asn, a, signature, pkey);
         /*
          * Return value of 2 means carry on, anything else means we exit
          * straight away: either a fatal error of the underlying verification
@@ -185,7 +192,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
             goto err;
         }
 
-        if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
+        if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) {
             ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
             ret = 0;
             goto err;
@@ -200,7 +207,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
         goto err;
     }
 
-    ret = EVP_DigestVerifyUpdate(&ctx, buf_in, inl);
+    ret = EVP_DigestVerifyUpdate(ctx, buf_in, inl);
 
     OPENSSL_clear_free(buf_in, (unsigned int)inl);
 
@@ -210,7 +217,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
     }
     ret = -1;
 
-    if (EVP_DigestVerifyFinal(&ctx, signature->data,
+    if (EVP_DigestVerifyFinal(ctx, signature->data,
                               (size_t)signature->length) <= 0) {
         ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
         ret = 0;
@@ -218,6 +225,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
     }
     ret = 1;
  err:
-    EVP_MD_CTX_cleanup(&ctx);
+    EVP_MD_CTX_destroy(ctx);
     return (ret);
 }
author	Richard Levitte <levitte@openssl.org>	2015-11-27 14:02:12 +0100
committer	Richard Levitte <levitte@openssl.org>	2015-12-07 17:39:23 +0100
commit	6e59a892db781658c050e5217127c4147c116ac9 (patch)
tree	eec9e79e1c71f9c2897f49b29084bf42a66e96db /crypto/asn1/a_verify.c
parent	Document the changed HMAC API. (diff)
download	openssl-6e59a892db781658c050e5217127c4147c116ac9.tar.xz openssl-6e59a892db781658c050e5217127c4147c116ac9.zip