[xmlsec/xmlsec-openssl-110: 7/9] convert openssl/kw_des.c and kt_rsa.c to OpenSSL 1.1.0
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec/xmlsec-openssl-110: 7/9] convert openssl/kw_des.c and kt_rsa.c to OpenSSL 1.1.0
- Date: Thu, 28 Jan 2016 17:12:48 +0000 (UTC)
commit 624749c7ad02439014aab975d0ad3ea202862a0b
Author: Aleksey Sanin <aleksey aleksey com>
Date: Wed Jan 27 23:34:54 2016 -0800
convert openssl/kw_des.c and kt_rsa.c to OpenSSL 1.1.0
src/openssl/kt_rsa.c | 23 ++++++++++++++++-------
src/openssl/kw_des.c | 29 ++++++++++++++++++++++-------
2 files changed, 38 insertions(+), 14 deletions(-)
---
diff --git a/src/openssl/kt_rsa.c b/src/openssl/kt_rsa.c
index 8c022d5..5001d6d 100644
--- a/src/openssl/kt_rsa.c
+++ b/src/openssl/kt_rsa.c
@@ -785,8 +785,17 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
}
outSize = ret;
} else if((transform->operation == xmlSecTransformOperationDecrypt) && (paramsSize != 0)) {
- BIGNUM bn;
+ BIGNUM * bn;
+ bn = BN_new();
+ if(bn == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "BN_new()",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
xmlSecBufferGetData(out),
ctx->pKey->pkey.rsa, RSA_NO_PADDING);
@@ -796,6 +805,7 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
"RSA_private_decrypt(RSA_NO_PADDING)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ BN_free(bn);
return(-1);
}
outSize = ret;
@@ -806,28 +816,27 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
* beggining so I have to do decode it back to BIGNUM and dump
* buffer again
*/
- BN_init(&bn);
- if(BN_bin2bn(xmlSecBufferGetData(out), outSize, &bn) == NULL) {
+ if(BN_bin2bn(xmlSecBufferGetData(out), outSize, bn) == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"BN_bin2bn",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"size=%d", outSize);
- BN_clear_free(&bn);
+ BN_free(bn);
return(-1);
}
- ret = BN_bn2bin(&bn, xmlSecBufferGetData(out));
+ ret = BN_bn2bin(bn, xmlSecBufferGetData(out));
if(ret <= 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"BN_bn2bin",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
- BN_clear_free(&bn);
+ BN_free(bn);
return(-1);
}
- BN_clear_free(&bn);
+ BN_free(bn);
outSize = ret;
ret = RSA_padding_check_PKCS1_OAEP(xmlSecBufferGetData(out), outSize,
diff --git a/src/openssl/kw_des.c b/src/openssl/kw_des.c
index a90b843..9ba01ae 100644
--- a/src/openssl/kw_des.c
+++ b/src/openssl/kw_des.c
@@ -505,7 +505,7 @@ xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
const xmlSecByte *in, xmlSecSize inSize,
xmlSecByte *out, xmlSecSize outSize,
int enc) {
- EVP_CIPHER_CTX cipherCtx;
+ EVP_CIPHER_CTX * cipherCtx;
int updateLen;
int finalLen;
int ret;
@@ -519,40 +519,55 @@ xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
- EVP_CIPHER_CTX_init(&cipherCtx);
- ret = EVP_CipherInit(&cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);
+ cipherCtx = EVP_CIPHER_CTX_new();
+ if(cipherCtx == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "EVP_CIPHER_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ ret = EVP_CipherInit(cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EVP_CipherInit",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ EVP_CIPHER_CTX_free(cipherCtx);
return(-1);
}
- EVP_CIPHER_CTX_set_padding(&cipherCtx, 0);
+ EVP_CIPHER_CTX_set_padding(cipherCtx, 0);
- ret = EVP_CipherUpdate(&cipherCtx, out, &updateLen, in, inSize);
+ ret = EVP_CipherUpdate(cipherCtx, out, &updateLen, in, inSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EVP_CipherUpdate",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ EVP_CIPHER_CTX_free(cipherCtx);
return(-1);
}
- ret = EVP_CipherFinal(&cipherCtx, out + updateLen, &finalLen);
+ ret = EVP_CipherFinal(cipherCtx, out + updateLen, &finalLen);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EVP_CipherFinal",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ EVP_CIPHER_CTX_free(cipherCtx);
return(-1);
}
- EVP_CIPHER_CTX_cleanup(&cipherCtx);
+ /* cleanup */
+ EVP_CIPHER_CTX_free(cipherCtx);
+
+ /* done */
return(updateLen + finalLen);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
