diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2001-10-17 00:37:12 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2001-10-17 00:37:12 +0000 |
| commit | 581f1c84940d77451c2592e9fa470893f6c3c3eb (patch) | |
| tree | 33ebc8fc45b20aceff7589249bbc9a12282d543d /ssl | |
| parent | 41ebed27faa5e7b283313f97729a9f52746c1ac2 (diff) | |
| download | openssl-581f1c84940d77451c2592e9fa470893f6c3c3eb.tar.gz | |
Modify EVP cipher behaviour in a similar way
to digests to retain compatibility.
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/kssl.c | 8 | ||||
| -rw-r--r-- | ssl/s2_enc.c | 4 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 8 | ||||
| -rw-r--r-- | ssl/s3_enc.c | 2 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 4 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 4 |
6 files changed, 15 insertions, 15 deletions
diff --git a/ssl/kssl.c b/ssl/kssl.c index e61b698062..726dceb66f 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1997,10 +1997,10 @@ krb5_error_code kssl_check_authent( */ goto err; } - if (!EVP_DecryptInit(&ciph_ctx, enc, kssl_ctx->key, iv)) + if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) { kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, - "EVP_DecryptInit error decrypting authenticator.\n"); + "EVP_DecryptInit_ex error decrypting authenticator.\n"); krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto err; } @@ -2019,10 +2019,10 @@ krb5_error_code kssl_check_authent( krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto err; } - if (!EVP_DecryptFinal(&ciph_ctx, &(unenc_authent[outl]), &padl)) + if (!EVP_DecryptFinal_ex(&ciph_ctx, &(unenc_authent[outl]), &padl)) { kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, - "EVP_DecryptFinal error decrypting authenticator.\n"); + "EVP_DecryptFinal_ex error decrypting authenticator.\n"); krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto err; } diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c index b4187bbbdd..a28e747d2d 100644 --- a/ssl/s2_enc.c +++ b/ssl/s2_enc.c @@ -98,9 +98,9 @@ int ssl2_enc_init(SSL *s, int client) ssl2_generate_key_material(s); - EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]), + EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]), s->session->key_arg); - EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]), + EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]), s->session->key_arg); s->s2->read_key= &(s->s2->key_material[(client)?0:num]); s->s2->write_key= &(s->s2->key_material[(client)?num:0]); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 8ebba65722..e56bfb1394 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1519,17 +1519,17 @@ static int ssl3_send_client_key_exchange(SSL *s) goto err; /* 20010420 VRS. Tried it this way; failed. - ** EVP_EncryptInit(&ciph_ctx,enc, NULL,NULL); + ** EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL); ** EVP_CIPHER_CTX_set_key_length(&ciph_ctx, ** kssl_ctx->length); - ** EVP_EncryptInit(&ciph_ctx,NULL, key,iv); + ** EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv); */ memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ - EVP_EncryptInit(&ciph_ctx,enc, kssl_ctx->key,iv); + EVP_EncryptInit_ex(&ciph_ctx,enc, kssl_ctx->key,iv); EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf, SSL_MAX_MASTER_KEY_LENGTH); - EVP_EncryptFinal(&ciph_ctx,&(epms[outl]),&padl); + EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); outl += padl; EVP_CIPHER_CTX_cleanup(&ciph_ctx); diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 833fea83c1..52d389ee0b 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -275,7 +275,7 @@ int ssl3_change_cipher_state(SSL *s, int which) s->session->key_arg_length=0; - EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); + EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE)); memset(&(exp_key[0]),0,sizeof(exp_key)); memset(&(exp_iv[0]),0,sizeof(exp_iv)); diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 29545715d8..f858a9f180 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1618,7 +1618,7 @@ static int ssl3_get_client_key_exchange(SSL *s) memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ - if (!EVP_DecryptInit(&ciph_ctx,enc,kssl_ctx->key,iv)) + if (!EVP_DecryptInit_ex(&ciph_ctx,enc,kssl_ctx->key,iv)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DECRYPTION_FAILED); @@ -1637,7 +1637,7 @@ static int ssl3_get_client_key_exchange(SSL *s) SSL_R_DATA_LENGTH_TOO_LONG); goto err; } - if (!EVP_DecryptFinal(&ciph_ctx,&(pms[outl]),&padl)) + if (!EVP_DecryptFinal_ex(&ciph_ctx,&(pms[outl]),&padl)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DECRYPTION_FAILED); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index c37b41775f..7bb04e6f8e 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -341,7 +341,7 @@ printf("which = %04X\nmac key=",which); #ifdef KSSL_DEBUG { int i; - printf("EVP_CipherInit(dd,c,key=,iv=,which)\n"); + printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n"); printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]); printf("\n"); printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]); @@ -349,7 +349,7 @@ printf("which = %04X\nmac key=",which); } #endif /* KSSL_DEBUG */ - EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); + EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE)); #ifdef TLS_DEBUG printf("which = %04X\nkey=",which); { int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); } |