New function EVP_MD_free()

This function re-implements EVP_MD_meth_free(), but has a name that
isn't encumbered by legacy EVP_MD construction functionality.

We also refactor most of EVP_MD_meth_new() into an internal
evp_md_new() that's used when creating fetched methods.

EVP_MD_meth_new() and EVP_MD_meth_free() are rewritten in terms of
evp_md_new() and EVP_MD_free().  This means that at any time, we can
deprecate all the EVP_MD_meth_ functions with no harmful consequence.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9758)

8 files changed, 73 insertions, 47 deletions

diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index d1743ddf7a..fa75a3b10e 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -310,7 +310,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
 
  err:
     EVP_MD_CTX_free(mdctx);
-    EVP_MD_meth_free(md);
+    EVP_MD_free(md);
     OPENSSL_free(k_bytes);
     OPENSSL_cleanse(private_bytes, sizeof(private_bytes));
     return ret;
diff --git a/crypto/ec/curve448/eddsa.c b/crypto/ec/curve448/eddsa.c
index 58e9e92d4c..45b6c4ab69 100644
--- a/crypto/ec/curve448/eddsa.c
+++ b/crypto/ec/curve448/eddsa.c
@@ -41,7 +41,7 @@ static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen,
     ret = C448_SUCCESS;
  err:
     EVP_MD_CTX_free(hashctx);
-    EVP_MD_meth_free(shake256);
+    EVP_MD_free(shake256);
     return ret;
 }
 
@@ -77,11 +77,11 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx,
             || !EVP_DigestUpdate(hashctx, dom_s, strlen(dom_s))
             || !EVP_DigestUpdate(hashctx, dom, sizeof(dom))
             || !EVP_DigestUpdate(hashctx, context, context_len)) {
-        EVP_MD_meth_free(shake256);
+        EVP_MD_free(shake256);
         return C448_FAILURE;
     }
 
-    EVP_MD_meth_free(shake256);
+    EVP_MD_free(shake256);
     return C448_SUCCESS;
 }
 
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index bb6d31bf4f..6cb9064b6c 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -86,7 +86,7 @@ void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
 
     EVP_MD_CTX_reset(ctx);
 
-    EVP_MD_meth_free(ctx->fetched_digest);
+    EVP_MD_free(ctx->fetched_digest);
     ctx->fetched_digest = NULL;
     ctx->digest = NULL;
     ctx->reqdigest = NULL;
@@ -156,7 +156,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
             || (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) {
         if (ctx->digest == ctx->fetched_digest)
             ctx->digest = NULL;
-        EVP_MD_meth_free(ctx->fetched_digest);
+        EVP_MD_free(ctx->fetched_digest);
         ctx->fetched_digest = NULL;
         goto legacy;
     }
@@ -181,7 +181,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
             return 0;
         }
         type = provmd;
-        EVP_MD_meth_free(ctx->fetched_digest);
+        EVP_MD_free(ctx->fetched_digest);
         ctx->fetched_digest = provmd;
 #endif
     }
@@ -415,7 +415,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 
     EVP_MD_CTX_reset(out);
     if (out->fetched_digest != NULL)
-        EVP_MD_meth_free(out->fetched_digest);
+        EVP_MD_free(out->fetched_digest);
     *out = *in;
     /* NULL out pointers in case of error */
     out->pctx = NULL;
@@ -616,6 +616,21 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
     return ret;
 }
 
+EVP_MD *evp_md_new(void)
+{
+    EVP_MD *md = OPENSSL_zalloc(sizeof(*md));
+
+    if (md != NULL) {
+        md->lock = CRYPTO_THREAD_lock_new();
+        if (md->lock == NULL) {
+            OPENSSL_free(md);
+            return NULL;
+        }
+        md->refcnt = 1;
+    }
+    return md;
+}
+
 static void *evp_md_from_dispatch(const char *name, const OSSL_DISPATCH *fns,
                                   OSSL_PROVIDER *prov, void *unused)
 {
@@ -623,9 +638,9 @@ static void *evp_md_from_dispatch(const char *name, const OSSL_DISPATCH *fns,
     int fncnt = 0;
 
     /* EVP_MD_fetch() will set the legacy NID if available */
-    if ((md = EVP_MD_meth_new(NID_undef, NID_undef)) == NULL
+    if ((md = evp_md_new()) == NULL
         || (md->name = OPENSSL_strdup(name)) == NULL) {
-        EVP_MD_meth_free(md);
+        EVP_MD_free(md);
         EVPerr(0, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
@@ -718,7 +733,7 @@ static void *evp_md_from_dispatch(const char *name, const OSSL_DISPATCH *fns,
          * The "digest" function can standalone. We at least need one way to
          * generate digests.
          */
-        EVP_MD_meth_free(md);
+        EVP_MD_free(md);
         ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
         return NULL;
     }
@@ -736,7 +751,7 @@ static int evp_md_up_ref(void *md)
 
 static void evp_md_free(void *md)
 {
-    EVP_MD_meth_free(md);
+    EVP_MD_free(md);
 }
 
 EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm,
@@ -750,6 +765,30 @@ EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm,
     return md;
 }
 
+int EVP_MD_up_ref(EVP_MD *md)
+{
+    int ref = 0;
+
+    CRYPTO_UP_REF(&md->refcnt, &ref, md->lock);
+    return 1;
+}
+
+void EVP_MD_free(EVP_MD *md)
+{
+    int i;
+
+    if (md == NULL)
+        return;
+
+    CRYPTO_DOWN_REF(&md->refcnt, &i, md->lock);
+    if (i > 0)
+        return;
+    ossl_provider_free(md->prov);
+    OPENSSL_free(md->name);
+    CRYPTO_THREAD_lock_free(md->lock);
+    OPENSSL_free(md);
+}
+
 void EVP_MD_do_all_ex(OPENSSL_CTX *libctx,
                           void (*fn)(EVP_MD *mac, void *arg),
                           void *arg)
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 460a5db003..b5b39a7f2d 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -529,54 +529,38 @@ unsigned long EVP_MD_flags(const EVP_MD *md)
 
 EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
 {
-    EVP_MD *md = OPENSSL_zalloc(sizeof(*md));
+    EVP_MD *md = evp_md_new();
 
     if (md != NULL) {
         md->type = md_type;
         md->pkey_type = pkey_type;
-        md->lock = CRYPTO_THREAD_lock_new();
-        if (md->lock == NULL) {
-            OPENSSL_free(md);
-            return NULL;
-        }
-        md->refcnt = 1;
     }
     return md;
 }
 
 EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
 {
-    EVP_MD *to = EVP_MD_meth_new(md->type, md->pkey_type);
+    EVP_MD *to = NULL;
 
-    if (to != NULL) {
+    /*
+     * Non-legacy EVP_MDs can't be duplicated like this.
+     * Use EVP_MD_up_ref() instead.
+     */
+    if (md->prov != NULL)
+        return NULL;
+
+    if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
         CRYPTO_RWLOCK *lock = to->lock;
+
         memcpy(to, md, sizeof(*to));
         to->lock = lock;
     }
     return to;
 }
 
-int EVP_MD_up_ref(EVP_MD *md)
-{
-    int ref = 0;
-
-    CRYPTO_UP_REF(&md->refcnt, &ref, md->lock);
-    return 1;
-}
-
 void EVP_MD_meth_free(EVP_MD *md)
 {
-    if (md != NULL) {
-        int i;
-
-        CRYPTO_DOWN_REF(&md->refcnt, &i, md->lock);
-        if (i > 0)
-            return;
-        ossl_provider_free(md->prov);
-        OPENSSL_free(md->name);
-        CRYPTO_THREAD_lock_free(md->lock);
-        OPENSSL_free(md);
-    }
+    EVP_MD_free(md);
 }
 int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
 {
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index a7b36dbc0e..4342956531 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -156,6 +156,9 @@ void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id,
                         void *method_data,
                         void (*free_method)(void *));
 
+/* Internal structure constructors for fetched methods */
+EVP_MD *evp_md_new(void);
+
 /* Helper functions to avoid duplicating code */
 
 /*
diff --git a/crypto/rand/drbg_hash.c b/crypto/rand/drbg_hash.c
index bb6f36ce54..6bef917e0f 100644
--- a/crypto/rand/drbg_hash.c
+++ b/crypto/rand/drbg_hash.c
@@ -290,7 +290,7 @@ static int drbg_hash_generate(RAND_DRBG *drbg,
 
 static int drbg_hash_uninstantiate(RAND_DRBG *drbg)
 {
-    EVP_MD_meth_free(drbg->data.hash.md);
+    EVP_MD_free(drbg->data.hash.md);
     EVP_MD_CTX_free(drbg->data.hash.ctx);
     OPENSSL_cleanse(&drbg->data.hash, sizeof(drbg->data.hash));
     return 1;
@@ -346,12 +346,12 @@ int drbg_hash_init(RAND_DRBG *drbg)
     if (hash->ctx == NULL) {
         hash->ctx = EVP_MD_CTX_new();
         if (hash->ctx == NULL) {
-            EVP_MD_meth_free(md);
+            EVP_MD_free(md);
             return 0;
         }
     }
 
-    EVP_MD_meth_free(hash->md);
+    EVP_MD_free(hash->md);
     hash->md = md;
 
     /* These are taken from SP 800-90 10.1 Table 2 */
diff --git a/crypto/rand/drbg_hmac.c b/crypto/rand/drbg_hmac.c
index baafc59064..14c4570b6b 100644
--- a/crypto/rand/drbg_hmac.c
+++ b/crypto/rand/drbg_hmac.c
@@ -184,7 +184,7 @@ static int drbg_hmac_generate(RAND_DRBG *drbg,
 
 static int drbg_hmac_uninstantiate(RAND_DRBG *drbg)
 {
-    EVP_MD_meth_free(drbg->data.hmac.md);
+    EVP_MD_free(drbg->data.hmac.md);
     HMAC_CTX_free(drbg->data.hmac.ctx);
     OPENSSL_cleanse(&drbg->data.hmac, sizeof(drbg->data.hmac));
     return 1;
@@ -239,13 +239,13 @@ int drbg_hmac_init(RAND_DRBG *drbg)
     if (hmac->ctx == NULL) {
         hmac->ctx = HMAC_CTX_new();
         if (hmac->ctx == NULL) {
-            EVP_MD_meth_free(md);
+            EVP_MD_free(md);
             return 0;
         }
     }
 
     /* These are taken from SP 800-90 10.1 Table 2 */
-    EVP_MD_meth_free(hmac->md);
+    EVP_MD_free(hmac->md);
     hmac->md = md;
     hmac->blocklen = EVP_MD_size(md);
     /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */
diff --git a/crypto/rand/rand_crng_test.c b/crypto/rand/rand_crng_test.c
index a014f936fa..0ba0986b96 100644
--- a/crypto/rand/rand_crng_test.c
+++ b/crypto/rand/rand_crng_test.c
@@ -87,7 +87,7 @@ int rand_crngt_get_entropy_cb(OPENSSL_CTX *ctx,
         if (r != 0)
             memcpy(buf, p, CRNGT_BUFSIZ);
         rand_pool_reattach(pool, p);
-        EVP_MD_meth_free(fmd);
+        EVP_MD_free(fmd);
         return r;
     }
     return 0;