diff options
-rw-r--r-- | ext/openssl/extconf.rb | 2 | ||||
-rw-r--r-- | ext/openssl/openssl_missing.h | 8 | ||||
-rw-r--r-- | ext/openssl/ossl_pkey.c | 27 |
3 files changed, 25 insertions, 12 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index b94aab099b..df826feae1 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -106,6 +106,8 @@ have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_O have_func("BN_GENCB_new") have_func("BN_GENCB_free") have_func("BN_GENCB_get_arg") +have_func("EVP_MD_CTX_new") +have_func("EVP_MD_CTX_free") have_func("HMAC_CTX_new") have_func("HMAC_CTX_free") have_func("HMAC_CTX_reset") diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 84bc93bafd..ce3e1ec740 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -73,6 +73,14 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, const volatile void * vol # define BN_GENCB_get_arg(cb) (cb)->arg #endif +#if !defined(HAVE_EVP_MD_CTX_NEW) +# define EVP_MD_CTX_new EVP_MD_CTX_create +#endif + +#if !defined(HAVE_EVP_MD_CTX_FREE) +# define EVP_MD_CTX_free EVP_MD_CTX_destroy +#endif + #if !defined(HAVE_HMAC_CTX_NEW) HMAC_CTX *HMAC_CTX_new(void); #endif diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 4bf36a6ecc..2d131a1e56 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -271,21 +271,22 @@ static VALUE ossl_pkey_sign(VALUE self, VALUE digest, VALUE data) { EVP_PKEY *pkey; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); unsigned int buf_len; VALUE str; int result; - if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue) { + if (rb_funcallv(self, id_private_q, 0, NULL) != Qtrue) ossl_raise(rb_eArgError, "Private key is needed."); - } + if (!ctx) + ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_new() failed"); GetPKey(self, pkey); - EVP_SignInit(&ctx, GetDigestPtr(digest)); + EVP_SignInit(ctx, GetDigestPtr(digest)); StringValue(data); - EVP_SignUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); + EVP_SignUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)); str = rb_str_new(0, EVP_PKEY_size(pkey)+16); - result = EVP_SignFinal(&ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey); - EVP_MD_CTX_cleanup(&ctx); + result = EVP_SignFinal(ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey); + EVP_MD_CTX_free(ctx); if (!result) ossl_raise(ePKeyError, NULL); assert((long)buf_len <= RSTRING_LEN(str)); @@ -319,16 +320,18 @@ static VALUE ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data) { EVP_PKEY *pkey; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); int result; + if (!ctx) + ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_new() failed"); GetPKey(self, pkey); StringValue(sig); StringValue(data); - EVP_VerifyInit(&ctx, GetDigestPtr(digest)); - EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); - result = EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey); - EVP_MD_CTX_cleanup(&ctx); + EVP_VerifyInit(ctx, GetDigestPtr(digest)); + EVP_VerifyUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)); + result = EVP_VerifyFinal(ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey); + EVP_MD_CTX_free(ctx); switch (result) { case 0: return Qfalse; |