aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ext/openssl/extconf.rb2
-rw-r--r--ext/openssl/openssl_missing.h8
-rw-r--r--ext/openssl/ossl_pkey.c27
3 files changed, 25 insertions, 12 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index b94aab099b..df826feae1 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -106,6 +106,8 @@ have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_O
have_func("BN_GENCB_new")
have_func("BN_GENCB_free")
have_func("BN_GENCB_get_arg")
+have_func("EVP_MD_CTX_new")
+have_func("EVP_MD_CTX_free")
have_func("HMAC_CTX_new")
have_func("HMAC_CTX_free")
have_func("HMAC_CTX_reset")
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 84bc93bafd..ce3e1ec740 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -73,6 +73,14 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, const volatile void * vol
# define BN_GENCB_get_arg(cb) (cb)->arg
#endif
+#if !defined(HAVE_EVP_MD_CTX_NEW)
+# define EVP_MD_CTX_new EVP_MD_CTX_create
+#endif
+
+#if !defined(HAVE_EVP_MD_CTX_FREE)
+# define EVP_MD_CTX_free EVP_MD_CTX_destroy
+#endif
+
#if !defined(HAVE_HMAC_CTX_NEW)
HMAC_CTX *HMAC_CTX_new(void);
#endif
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 4bf36a6ecc..2d131a1e56 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -271,21 +271,22 @@ static VALUE
ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
{
EVP_PKEY *pkey;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
unsigned int buf_len;
VALUE str;
int result;
- if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue) {
+ if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue)
ossl_raise(rb_eArgError, "Private key is needed.");
- }
+ if (!ctx)
+ ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_new() failed");
GetPKey(self, pkey);
- EVP_SignInit(&ctx, GetDigestPtr(digest));
+ EVP_SignInit(ctx, GetDigestPtr(digest));
StringValue(data);
- EVP_SignUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data));
+ EVP_SignUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data));
str = rb_str_new(0, EVP_PKEY_size(pkey)+16);
- result = EVP_SignFinal(&ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey);
- EVP_MD_CTX_cleanup(&ctx);
+ result = EVP_SignFinal(ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey);
+ EVP_MD_CTX_free(ctx);
if (!result)
ossl_raise(ePKeyError, NULL);
assert((long)buf_len <= RSTRING_LEN(str));
@@ -319,16 +320,18 @@ static VALUE
ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data)
{
EVP_PKEY *pkey;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
int result;
+ if (!ctx)
+ ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_new() failed");
GetPKey(self, pkey);
StringValue(sig);
StringValue(data);
- EVP_VerifyInit(&ctx, GetDigestPtr(digest));
- EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data));
- result = EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey);
- EVP_MD_CTX_cleanup(&ctx);
+ EVP_VerifyInit(ctx, GetDigestPtr(digest));
+ EVP_VerifyUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data));
+ result = EVP_VerifyFinal(ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey);
+ EVP_MD_CTX_free(ctx);
switch (result) {
case 0:
return Qfalse;