From ff3fa48fc79029d46f5285bdf9347b96f2262ce2 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Sun, 9 Dec 2001 21:53:31 +0000 Subject: [PATCH] Improve back compatibility. --- apps/speed.c | 6 +++--- crypto/evp/p5_crpt2.c | 2 +- crypto/hmac/hmac.c | 12 ++++++++++-- crypto/hmac/hmac.h | 6 +++++- crypto/pkcs12/p12_mutl.c | 2 +- doc/crypto/hmac.pod | 31 +++++++++++++++++++++++++++---- ssl/t1_enc.c | 10 +++++----- 7 files changed, 52 insertions(+), 17 deletions(-) diff --git a/apps/speed.c b/apps/speed.c index 795a1430c8..5d609a8c16 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1065,8 +1065,8 @@ int MAIN(int argc, char **argv) HMAC_CTX hctx; HMAC_CTX_init(&hctx); - HMAC_Init(&hctx,(unsigned char *)"This is a key...", - 16,EVP_md5()); + HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...", + 16,EVP_md5()); for (j=0; j> 16) & 0xff); itmp[2] = (unsigned char)((i >> 8) & 0xff); itmp[3] = (unsigned char)(i & 0xff); - HMAC_Init(&hctx, pass, passlen, EVP_sha1()); + HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1()); HMAC_Update(&hctx, salt, saltlen); HMAC_Update(&hctx, itmp, 4); HMAC_Final(&hctx, digtmp, NULL); diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index a2a49d986a..3fff7b1af3 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -60,8 +60,8 @@ #include #include -void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, - const EVP_MD *md) +void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, + const EVP_MD *md) { int i,j,reset=0; unsigned char pad[HMAC_MAX_MD_CBLOCK]; @@ -110,6 +110,14 @@ void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx); } +void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, + const EVP_MD *md) + { + if(key && md) + HMAC_CTX_init(ctx); + HMAC_Init_ex(ctx,key,len,md); + } + void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) { EVP_DigestUpdate(&ctx->md_ctx,data,len); diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h index e70b01b2fb..58ac3d0993 100644 --- a/crypto/hmac/hmac.h +++ b/crypto/hmac/hmac.h @@ -86,8 +86,12 @@ typedef struct hmac_ctx_st void HMAC_CTX_init(HMAC_CTX *ctx); void HMAC_CTX_cleanup(HMAC_CTX *ctx); +#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */ + void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, - const EVP_MD *md); + const EVP_MD *md); /* deprecated */ +void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, + const EVP_MD *md); void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 2e1b7d874f..b6a10de70c 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -87,7 +87,7 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, return 0; } HMAC_CTX_init(&hmac); - HMAC_Init (&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type); + HMAC_Init_ex (&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type); HMAC_Update (&hmac, p12->authsafes->d.data->data, p12->authsafes->d.data->length); HMAC_Final (&hmac, mac, maclen); diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod index f86e7d7ddf..579bf9e8a0 100644 --- a/doc/crypto/hmac.pod +++ b/doc/crypto/hmac.pod @@ -13,11 +13,16 @@ authentication code int key_len, const unsigned char *d, int n, unsigned char *md, unsigned int *md_len); + void HMAC_CTX_init(HMAC_CTX *ctx); + void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md); + void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, + const EVP_MD *md); void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); + void HMAC_CTX_cleanup(HMAC_CTX *ctx); void HMAC_cleanup(HMAC_CTX *ctx); =head1 DESCRIPTION @@ -39,13 +44,31 @@ B can be EVP_sha1(), EVP_ripemd160() etc. B and B may be B if a key and hash function have been set in a previous call to HMAC_Init() for that B. -HMAC_cleanup() erases the key and other data from the B. +HMAC_CTX_init() initialises a B before first use. It must be +called. + +HMAC_CTX_cleanup() erases the key and other data from the B +and releases any associated resources. It must be called when an +B is no longer required. + +HMAC_cleanup() is an alias for HMAC_CTX_cleanup() included for back +compatibility with 0.9.6b, it is deprecated. The following functions may be used if the message is not completely stored in memory: HMAC_Init() initializes a B structure to use the hash -function B and the key B which is B bytes long. +function B and the key B which is B bytes +long. It is deprecated and only included for backward compatibility +with OpenSSL 0.9.6b. + +HMAC_Init_ex() initializes or reuses a B structure to use +the function B and key B. Either can be NULL, in which +case the existing one will be reused. HMAC_CTX_init() must have been +called before the first use of an B in this +function. B. HMAC_Update() can be called repeatedly with chunks of the message to be authenticated (B bytes at B). @@ -57,8 +80,8 @@ must have space for the hash function output. HMAC() returns a pointer to the message authentication code. -HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup() do not -return values. +HMAC_CTX_init(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and +HMAC_CTX_cleanup() do not return values. =head1 CONFORMING TO diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 11cd1b6e82..0548533354 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -78,16 +78,16 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, HMAC_CTX_init(&ctx); HMAC_CTX_init(&ctx_tmp); - HMAC_Init(&ctx,sec,sec_len,md); - HMAC_Init(&ctx_tmp,sec,sec_len,md); + HMAC_Init_ex(&ctx,sec,sec_len,md); + HMAC_Init_ex(&ctx_tmp,sec,sec_len,md); HMAC_Update(&ctx,seed,seed_len); HMAC_Final(&ctx,A1,&A1_len); n=0; for (;;) { - HMAC_Init(&ctx,NULL,0,NULL); /* re-init */ - HMAC_Init(&ctx_tmp,NULL,0,NULL); /* re-init */ + HMAC_Init_ex(&ctx,NULL,0,NULL); /* re-init */ + HMAC_Init_ex(&ctx_tmp,NULL,0,NULL); /* re-init */ HMAC_Update(&ctx,A1,A1_len); HMAC_Update(&ctx_tmp,A1,A1_len); HMAC_Update(&ctx,seed,seed_len); @@ -652,7 +652,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */ HMAC_CTX_init(&hmac); - HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash); + HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash); HMAC_Update(&hmac,seq,8); HMAC_Update(&hmac,buf,5); HMAC_Update(&hmac,rec->input,rec->length); -- 2.25.1