diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-05 15:54:00 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-14 20:00:57 +0900 |
| commit | f61ba48a8d0b4bfbb8a3cd440e3078e95c65bc80 (patch) | |
| tree | c85b5bdb001fc76a77d37a6bba1acccd2d6b9dbe | |
| parent | edd65f93b6d1bc3cd60b585bec172fd6ff58908d (diff) | |
| download | ruby-f61ba48a8d0b4bfbb8a3cd440e3078e95c65bc80.tar.gz | |
ext/openssl: use EVP_MD_CTX_new() to allocate EVP_MD_CTX
| -rw-r--r-- | ext/openssl/extconf.rb | 2 | ||||
| -rw-r--r-- | ext/openssl/openssl_missing.h | 8 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkey.c | 27 |
3 files changed, 25 insertions, 12 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 1ff59c1481..f7724f2b68 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -110,6 +110,8 @@ OpenSSL.check_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") # added in 1.1.0 have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API") +have_func("EVP_MD_CTX_new") +have_func("EVP_MD_CTX_free") have_func("HMAC_CTX_new") have_func("HMAC_CTX_free") have_func("HMAC_CTX_reset") diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index f9365124c5..1ada5c37ca 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -48,6 +48,14 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, const volatile void * vol #endif /* added in 1.1.0 */ +#if !defined(HAVE_EVP_MD_CTX_NEW) +# define EVP_MD_CTX_new EVP_MD_CTX_create +#endif + +#if !defined(HAVE_EVP_MD_CTX_FREE) +# define EVP_MD_CTX_free EVP_MD_CTX_destroy +#endif + #if !defined(HAVE_HMAC_CTX_NEW) HMAC_CTX *HMAC_CTX_new(void); #endif diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 6eb11754e0..b236ef34cb 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -271,21 +271,22 @@ static VALUE ossl_pkey_sign(VALUE self, VALUE digest, VALUE data) { EVP_PKEY *pkey; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); unsigned int buf_len; VALUE str; int result; - if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue) { + if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue) ossl_raise(rb_eArgError, "Private key is needed."); - } + if (!ctx) + ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_new() failed"); GetPKey(self, pkey); - EVP_SignInit(&ctx, GetDigestPtr(digest)); + EVP_SignInit(ctx, GetDigestPtr(digest)); StringValue(data); - EVP_SignUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); + EVP_SignUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)); str = rb_str_new(0, EVP_PKEY_size(pkey)+16); - result = EVP_SignFinal(&ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey); - EVP_MD_CTX_cleanup(&ctx); + result = EVP_SignFinal(ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey); + EVP_MD_CTX_free(ctx); if (!result) ossl_raise(ePKeyError, NULL); assert((long)buf_len <= RSTRING_LEN(str)); @@ -319,16 +320,18 @@ static VALUE ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data) { EVP_PKEY *pkey; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); int result; + if (!ctx) + ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_new() failed"); GetPKey(self, pkey); StringValue(sig); StringValue(data); - EVP_VerifyInit(&ctx, GetDigestPtr(digest)); - EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); - result = EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey); - EVP_MD_CTX_cleanup(&ctx); + EVP_VerifyInit(ctx, GetDigestPtr(digest)); + EVP_VerifyUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)); + result = EVP_VerifyFinal(ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey); + EVP_MD_CTX_free(ctx); switch (result) { case 0: return Qfalse; |