From 39e8d0ce73fb4cd760fbc02b82081a52263c8781 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Fri, 18 Dec 2015 17:05:57 +0100
Subject: Adapt all engines that need it to opaque EVP_CIPHER

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 engines/ccgost/gost_crypt.c | 103 ++++++++++++++++++++++++++++++--------------
 engines/ccgost/gost_eng.c   |   8 ++--
 engines/ccgost/gost_lcl.h   |   6 +--
 3 files changed, 77 insertions(+), 40 deletions(-)

(limited to 'engines/ccgost')

diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c
index e276b89732..9c6dcc53a0 100644
--- a/engines/ccgost/gost_crypt.c
+++ b/engines/ccgost/gost_crypt.c
@@ -12,6 +12,7 @@
 #include <openssl/rand.h>
 #include "e_gost_err.h"
 #include "gost_lcl.h"
+#include <openssl/evp.h>
 
 #if !defined(CCGOST_DEBUG) && !defined(DEBUG)
 # ifndef NDEBUG
@@ -38,39 +39,75 @@ static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
 /* Control function */
 static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
 
-EVP_CIPHER cipher_gost = {
-    NID_id_Gost28147_89,
-    1,                          /* block_size */
-    32,                         /* key_size */
-    8,                          /* iv_len */
-    EVP_CIPH_CFB_MODE | EVP_CIPH_NO_PADDING |
-        EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
-    gost_cipher_init,
-    gost_cipher_do_cfb,
-    gost_cipher_cleanup,
-    sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
-    gost89_set_asn1_parameters,
-    gost89_get_asn1_parameters,
-    gost_cipher_ctl,
-    NULL,
-};
+static EVP_CIPHER *_hidden_Gost28147_89_cipher = NULL;
+const EVP_CIPHER *cipher_gost(void)
+{
+    if (_hidden_Gost28147_89_cipher == NULL
+        && ((_hidden_Gost28147_89_cipher =
+             EVP_CIPHER_meth_new(NID_id_Gost28147_89,
+                                 1  /* block_size */,
+                                 32 /* key_size */)) == NULL
+            || !EVP_CIPHER_meth_set_iv_length(_hidden_Gost28147_89_cipher, 8)
+            || !EVP_CIPHER_meth_set_flags(_hidden_Gost28147_89_cipher,
+                                          EVP_CIPH_CFB_MODE |
+                                          EVP_CIPH_NO_PADDING |
+                                          EVP_CIPH_CUSTOM_IV |
+                                          EVP_CIPH_RAND_KEY |
+                                          EVP_CIPH_ALWAYS_CALL_INIT)
+            || !EVP_CIPHER_meth_set_init(_hidden_Gost28147_89_cipher,
+                                         gost_cipher_init)
+            || !EVP_CIPHER_meth_set_do_cipher(_hidden_Gost28147_89_cipher,
+                                              gost_cipher_do_cfb)
+            || !EVP_CIPHER_meth_set_cleanup(_hidden_Gost28147_89_cipher,
+                                            gost_cipher_cleanup)
+            || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_Gost28147_89_cipher,
+                                                  sizeof(struct ossl_gost_cipher_ctx))
+            || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_Gost28147_89_cipher,
+                                                    gost89_set_asn1_parameters)
+            || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_Gost28147_89_cipher,
+                                                    gost89_get_asn1_parameters)
+            || !EVP_CIPHER_meth_set_ctrl(_hidden_Gost28147_89_cipher,
+                                         gost_cipher_ctl))) {
+        EVP_CIPHER_meth_free(_hidden_Gost28147_89_cipher);
+        _hidden_Gost28147_89_cipher = NULL;
+    }
+    return _hidden_Gost28147_89_cipher;
+}
 
-EVP_CIPHER cipher_gost_cpacnt = {
-    NID_gost89_cnt,
-    1,                          /* block_size */
-    32,                         /* key_size */
-    8,                          /* iv_len */
-    EVP_CIPH_OFB_MODE | EVP_CIPH_NO_PADDING |
-        EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
-    gost_cipher_init_cpa,
-    gost_cipher_do_cnt,
-    gost_cipher_cleanup,
-    sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
-    gost89_set_asn1_parameters,
-    gost89_get_asn1_parameters,
-    gost_cipher_ctl,
-    NULL,
-};
+static EVP_CIPHER *_hidden_gost89_cnt = NULL;
+const EVP_CIPHER *cipher_gost_cpacnt(void)
+{
+    if (_hidden_gost89_cnt == NULL
+        && ((_hidden_gost89_cnt =
+             EVP_CIPHER_meth_new(NID_gost89_cnt,
+                                 1  /* block_size */,
+                                 32 /* key_size */)) == NULL
+            || !EVP_CIPHER_meth_set_iv_length(_hidden_gost89_cnt, 8)
+            || !EVP_CIPHER_meth_set_flags(_hidden_gost89_cnt,
+                                          EVP_CIPH_OFB_MODE |
+                                          EVP_CIPH_NO_PADDING |
+                                          EVP_CIPH_CUSTOM_IV |
+                                          EVP_CIPH_RAND_KEY |
+                                          EVP_CIPH_ALWAYS_CALL_INIT)
+            || !EVP_CIPHER_meth_set_init(_hidden_gost89_cnt,
+                                         gost_cipher_init_cpa)
+            || !EVP_CIPHER_meth_set_do_cipher(_hidden_gost89_cnt,
+                                              gost_cipher_do_cnt)
+            || !EVP_CIPHER_meth_set_cleanup(_hidden_gost89_cnt,
+                                            gost_cipher_cleanup)
+            || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_gost89_cnt,
+                                                  sizeof(struct ossl_gost_cipher_ctx))
+            || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_gost89_cnt,
+                                                    gost89_set_asn1_parameters)
+            || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_gost89_cnt,
+                                                    gost89_get_asn1_parameters)
+            || !EVP_CIPHER_meth_set_ctrl(_hidden_gost89_cnt,
+                                         gost_cipher_ctl))) {
+        EVP_CIPHER_meth_free(_hidden_gost89_cnt);
+        _hidden_gost89_cnt = NULL;
+    }
+    return _hidden_gost89_cnt;
+}
 
 /* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
 /* Init functions which set specific parameters */
@@ -86,7 +123,7 @@ static int gost_imit_cleanup(EVP_MD_CTX *ctx);
 static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
 
 static EVP_MD *_hidden_Gost28147_89_MAC_md = NULL;
-EVP_MD *imit_gost_cpa(void)
+const EVP_MD *imit_gost_cpa(void)
 {
 
     if (_hidden_Gost28147_89_MAC_md == NULL) {
diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c
index fed3abed35..bc43848b37 100644
--- a/engines/ccgost/gost_eng.c
+++ b/engines/ccgost/gost_eng.c
@@ -153,8 +153,8 @@ static int bind_gost(ENGINE *e, const char *id)
         || !ENGINE_register_digests(e)
         || !ENGINE_register_pkey_meths(e)
         /* These two actually should go in LIST_ADD command */
-        || !EVP_add_cipher(&cipher_gost)
-        || !EVP_add_cipher(&cipher_gost_cpacnt)
+        || !EVP_add_cipher(cipher_gost())
+        || !EVP_add_cipher(cipher_gost_cpacnt())
         || !EVP_add_digest(digest_gost())
         || !EVP_add_digest(imit_gost_cpa())
         ) {
@@ -202,9 +202,9 @@ static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
     }
 
     if (nid == NID_id_Gost28147_89) {
-        *cipher = &cipher_gost;
+        *cipher = cipher_gost();
     } else if (nid == NID_gost89_cnt) {
-        *cipher = &cipher_gost_cpacnt;
+        *cipher = cipher_gost_cpacnt();
     } else {
         ok = 0;
         *cipher = NULL;
diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h
index 1e047c6f0a..895e2d66d7 100644
--- a/engines/ccgost/gost_lcl.h
+++ b/engines/ccgost/gost_lcl.h
@@ -146,7 +146,7 @@ struct ossl_gost_digest_ctx {
 EVP_MD *digest_gost(void);
 void digest_gost_destroy(void);
 /* EVP_MD structure for GOST 28147 in MAC mode */
-EVP_MD *imit_gost_cpa(void);
+const EVP_MD *imit_gost_cpa(void);
 void imit_gost_cpa_destroy(void);
 /* Cipher context used for EVP_CIPHER operation */
 struct ossl_gost_cipher_ctx {
@@ -176,8 +176,8 @@ extern struct gost_cipher_info gost_cipher_list[];
 /* Find encryption params from ASN1_OBJECT */
 const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
 /* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
-extern EVP_CIPHER cipher_gost;
-extern EVP_CIPHER cipher_gost_cpacnt;
+const EVP_CIPHER *cipher_gost(void);
+const EVP_CIPHER *cipher_gost_cpacnt(void);
 # define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
 # define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
 /* EVP_PKEY_METHOD key encryption callbacks */
-- 
cgit v1.2.3