diff -cr openssl-snap-20010503.clean/apps/enc.c openssl-snap-20010503/apps/enc.c *** openssl-snap-20010503.clean/apps/enc.c Tue Feb 20 02:00:16 2001 --- openssl-snap-20010503/apps/enc.c Fri May 4 16:03:14 2001 *************** *** 66,74 **** #include #include #include - #ifndef OPENSSL_NO_MD5 - #include - #endif #include #include #include --- 66,71 ---- diff -cr openssl-snap-20010503.clean/apps/passwd.c openssl-snap-20010503/apps/passwd.c *** openssl-snap-20010503.clean/apps/passwd.c Tue Mar 13 16:00:16 2001 --- openssl-snap-20010503/apps/passwd.c Fri May 4 16:48:44 2001 *************** *** 20,26 **** # include #endif #ifndef NO_MD5CRYPT_1 ! # include #endif --- 20,26 ---- # include #endif #ifndef NO_MD5CRYPT_1 ! # include #endif *************** *** 310,316 **** unsigned char buf[MD5_DIGEST_LENGTH]; char *salt_out; int n, i; ! MD5_CTX md; size_t passwd_len, salt_len; passwd_len = strlen(passwd); --- 310,316 ---- unsigned char buf[MD5_DIGEST_LENGTH]; char *salt_out; int n, i; ! EVP_MD_CTX md; size_t passwd_len, salt_len; passwd_len = strlen(passwd); *************** *** 325,372 **** salt_len = strlen(salt_out); assert(salt_len <= 8); ! MD5_Init(&md); ! MD5_Update(&md, passwd, passwd_len); ! MD5_Update(&md, "$", 1); ! MD5_Update(&md, magic, strlen(magic)); ! MD5_Update(&md, "$", 1); ! MD5_Update(&md, salt_out, salt_len); { ! MD5_CTX md2; ! MD5_Init(&md2); ! MD5_Update(&md2, passwd, passwd_len); ! MD5_Update(&md2, salt_out, salt_len); ! MD5_Update(&md2, passwd, passwd_len); ! MD5_Final(buf, &md2); } for (i = passwd_len; i > sizeof buf; i -= sizeof buf) ! MD5_Update(&md, buf, sizeof buf); ! MD5_Update(&md, buf, i); n = passwd_len; while (n) { ! MD5_Update(&md, (n & 1) ? "\0" : passwd, 1); n >>= 1; } ! MD5_Final(buf, &md); for (i = 0; i < 1000; i++) { ! MD5_CTX md2; ! MD5_Init(&md2); ! MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf, ! (i & 1) ? passwd_len : sizeof buf); if (i % 3) ! MD5_Update(&md2, salt_out, salt_len); if (i % 7) ! MD5_Update(&md2, passwd, passwd_len); ! MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd, ! (i & 1) ? sizeof buf : passwd_len); ! MD5_Final(buf, &md2); } { --- 325,372 ---- salt_len = strlen(salt_out); assert(salt_len <= 8); ! EVP_DigestInit(&md,EVP_md5()); ! EVP_DigestUpdate(&md, passwd, passwd_len); ! EVP_DigestUpdate(&md, "$", 1); ! EVP_DigestUpdate(&md, magic, strlen(magic)); ! EVP_DigestUpdate(&md, "$", 1); ! EVP_DigestUpdate(&md, salt_out, salt_len); { ! EVP_MD_CTX md2; ! EVP_DigestInit(&md2,EVP_md5()); ! EVP_DigestUpdate(&md2, passwd, passwd_len); ! EVP_DigestUpdate(&md2, salt_out, salt_len); ! EVP_DigestUpdate(&md2, passwd, passwd_len); ! EVP_DigestFinal(&md2, buf, NULL); } for (i = passwd_len; i > sizeof buf; i -= sizeof buf) ! EVP_DigestUpdate(&md, buf, sizeof buf); ! EVP_DigestUpdate(&md, buf, i); n = passwd_len; while (n) { ! EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1); n >>= 1; } ! EVP_DigestFinal(&md, buf, NULL); for (i = 0; i < 1000; i++) { ! EVP_MD_CTX md2; ! EVP_DigestInit(&md2,EVP_md5()); ! EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf, ! (i & 1) ? passwd_len : sizeof buf); if (i % 3) ! EVP_DigestUpdate(&md2, salt_out, salt_len); if (i % 7) ! EVP_DigestUpdate(&md2, passwd, passwd_len); ! EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd, ! (i & 1) ? sizeof buf : passwd_len); ! EVP_DigestFinal(&md2, buf, NULL); } { diff -cr openssl-snap-20010503.clean/apps/speed.c openssl-snap-20010503/apps/speed.c *** openssl-snap-20010503.clean/apps/speed.c Wed Apr 11 05:00:20 2001 --- openssl-snap-20010503/apps/speed.c Fri May 4 16:18:36 2001 *************** *** 937,943 **** print_message(names[D_MD2],c[D_MD2][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD2][j]); count++) ! MD2(buf,(unsigned long)lengths[j],&(md2[0])); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD2],d); --- 937,943 ---- print_message(names[D_MD2],c[D_MD2][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD2][j]); count++) ! EVP_Digest(buf,(unsigned long)lengths[j],&(md2[0]),NULL,EVP_md2()); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD2],d); *************** *** 953,959 **** print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MDC2][j]); count++) ! MDC2(buf,(unsigned long)lengths[j],&(mdc2[0])); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MDC2],d); --- 953,959 ---- print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MDC2][j]); count++) ! EVP_Digest(buf,(unsigned long)lengths[j],&(mdc2[0]),NULL,EVP_mdc2()); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MDC2],d); *************** *** 970,976 **** print_message(names[D_MD4],c[D_MD4][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD4][j]); count++) ! MD4(&(buf[0]),(unsigned long)lengths[j],&(md4[0])); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD4],d); --- 970,976 ---- print_message(names[D_MD4],c[D_MD4][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD4][j]); count++) ! EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md4[0]),NULL,EVP_md4()); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD4],d); *************** *** 987,993 **** print_message(names[D_MD5],c[D_MD5][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD5][j]); count++) ! MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0])); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD5],d); --- 987,993 ---- print_message(names[D_MD5],c[D_MD5][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_MD5][j]); count++) ! EVP_Digest(&(buf[0]),(unsigned long)lengths[j],&(md5[0]),NULL,EVP_md5()); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD5],d); *************** *** 1018,1023 **** --- 1018,1024 ---- count,names[D_HMAC],d); results[D_HMAC][j]=((double)count)/d*lengths[j]; } + HMAC_cleanup(&hctx); } #endif #ifndef OPENSSL_NO_SHA *************** *** 1028,1034 **** print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_SHA1][j]); count++) ! SHA1(buf,(unsigned long)lengths[j],&(sha[0])); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_SHA1],d); --- 1029,1035 ---- print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_SHA1][j]); count++) ! EVP_Digest(buf,(unsigned long)lengths[j],&(sha[0]),NULL,EVP_sha1()); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_SHA1],d); *************** *** 1044,1050 **** print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_RMD160][j]); count++) ! RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0])); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_RMD160],d); --- 1045,1051 ---- print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); Time_F(START,usertime); for (count=0,run=1; COND(c[D_RMD160][j]); count++) ! EVP_Digest(buf,(unsigned long)lengths[j],&(rmd160[0]),NULL,EVP_ripemd160()); d=Time_F(STOP,usertime); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_RMD160],d); diff -cr openssl-snap-20010503.clean/crypto/asn1/t_x509.c openssl-snap-20010503/crypto/asn1/t_x509.c *** openssl-snap-20010503.clean/crypto/asn1/t_x509.c Thu Mar 15 13:01:14 2001 --- openssl-snap-20010503/crypto/asn1/t_x509.c Fri May 4 17:51:20 2001 *************** *** 259,265 **** unsigned char *dertmp; int derlen; int i; ! SHA_CTX SHA1buf ; unsigned char SHA1md[SHA_DIGEST_LENGTH]; /* display the hash of the subject as it would appear --- 259,265 ---- unsigned char *dertmp; int derlen; int i; ! EVP_MD_CTX SHA1buf; unsigned char SHA1md[SHA_DIGEST_LENGTH]; /* display the hash of the subject as it would appear *************** *** 271,279 **** goto err; i2d_X509_NAME(x->cert_info->subject, &dertmp); ! SHA1_Init(&SHA1buf); ! SHA1_Update(&SHA1buf, der, derlen); ! SHA1_Final(SHA1md,&SHA1buf); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; --- 271,279 ---- goto err; i2d_X509_NAME(x->cert_info->subject, &dertmp); ! EVP_DigestInit(&SHA1buf,EVP_sha1()); ! EVP_DigestUpdate(&SHA1buf, der, derlen); ! EVP_DigestFinal(&SHA1buf,SHA1md,NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; *************** *** 286,295 **** if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0) goto err; ! SHA1_Init(&SHA1buf); ! SHA1_Update(&SHA1buf, x->cert_info->key->public_key->data, x->cert_info->key->public_key->length); ! SHA1_Final(SHA1md,&SHA1buf); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) --- 286,295 ---- if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0) goto err; ! EVP_DigestInit(&SHA1buf,EVP_sha1()); ! EVP_DigestUpdate(&SHA1buf, x->cert_info->key->public_key->data, x->cert_info->key->public_key->length); ! EVP_DigestFinal(&SHA1buf,SHA1md,NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) diff -cr openssl-snap-20010503.clean/crypto/dsa/dsa_gen.c openssl-snap-20010503/crypto/dsa/dsa_gen.c *** openssl-snap-20010503.clean/crypto/dsa/dsa_gen.c Mon Feb 19 10:01:32 2001 --- openssl-snap-20010503/crypto/dsa/dsa_gen.c Fri May 4 16:23:50 2001 *************** *** 61,72 **** #ifdef GENUINE_DSA /* Parameter generation follows the original release of FIPS PUB 186, * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */ ! #define HASH SHA #else /* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in * FIPS PUB 180-1) */ ! #define HASH SHA1 #endif #ifndef OPENSSL_NO_SHA --- 61,72 ---- #ifdef GENUINE_DSA /* Parameter generation follows the original release of FIPS PUB 186, * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */ ! #define HASH EVP_sha() #else /* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in * FIPS PUB 180-1) */ ! #define HASH EVP_sha1() #endif #ifndef OPENSSL_NO_SHA *************** *** 74,80 **** #include #include #include "cryptlib.h" ! #include #include #include #include --- 74,80 ---- #include #include #include "cryptlib.h" ! #include #include #include #include *************** *** 158,165 **** } /* step 2 */ ! HASH(seed,SHA_DIGEST_LENGTH,md); ! HASH(buf,SHA_DIGEST_LENGTH,buf2); for (i=0; i #include #include "cryptlib.h" - #include #include #include #include --- 60,65 ---- diff -cr openssl-snap-20010503.clean/crypto/evp/bio_ok.c openssl-snap-20010503/crypto/evp/bio_ok.c *** openssl-snap-20010503.clean/crypto/evp/bio_ok.c Tue Jun 20 21:00:34 2000 --- openssl-snap-20010503/crypto/evp/bio_ok.c Fri May 4 16:40:36 2001 *************** *** 474,480 **** ctx->buf_len+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); ! md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0])); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; ctx->sigio= 0; --- 474,480 ---- ctx->buf_len+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); ! EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; ctx->sigio= 0; *************** *** 498,504 **** ctx->buf_off+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); ! md->digest->final(tmp, &(md->md.base[0])); ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; ctx->buf_off+= md->digest->md_size; if(ret == 1) --- 498,504 ---- ctx->buf_off+= md->digest->md_size; EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); ! EVP_DigestFinal(md, tmp, NULL); ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; ctx->buf_off+= md->digest->md_size; if(ret == 1) *************** *** 531,537 **** memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); tl= swapem(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); ! md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0])); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; } --- 531,537 ---- memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK); tl= swapem(tl); EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); ! EVP_DigestFinal(md, &(ctx->buf[ctx->buf_len]), NULL); ctx->buf_len+= md->digest->md_size; ctx->blockout= 1; } *************** *** 551,557 **** if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); ! md->digest->final(tmp, &(md->md.base[0])); if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) { /* there might be parts from next block lurking around ! */ --- 551,557 ---- if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); ! EVP_DigestFinal(md, tmp, NULL); if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) { /* there might be parts from next block lurking around ! */ diff -cr openssl-snap-20010503.clean/crypto/md2/md2test.c openssl-snap-20010503/crypto/md2/md2test.c *** openssl-snap-20010503.clean/crypto/md2/md2test.c Mon Feb 19 10:01:50 2001 --- openssl-snap-20010503/crypto/md2/md2test.c Fri May 4 16:35:00 2001 *************** *** 67,73 **** return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include --- 67,73 ---- return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include *************** *** 100,112 **** int i,err=0; char **P,**R; char *p; P=test; R=ret; i=1; while (*P != NULL) { ! p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL)); if (strcmp(p,*R) != 0) { printf("error calculating MD2 on '%s'\n",*P); --- 100,115 ---- int i,err=0; char **P,**R; char *p; + char md[MD2_DIGEST_LENGTH]; + EVP_add_digest(EVP_md2()); P=test; R=ret; i=1; while (*P != NULL) { ! EVP_Digest((unsigned char *)*P,(unsigned long)strlen(*P),md,NULL,EVP_md2()); ! p=pt(md); if (strcmp(p,*R) != 0) { printf("error calculating MD2 on '%s'\n",*P); *************** *** 119,124 **** --- 122,128 ---- R++; P++; } + EVP_cleanup(); exit(err); return(0); } diff -cr openssl-snap-20010503.clean/crypto/md4/md4test.c openssl-snap-20010503/crypto/md4/md4test.c *** openssl-snap-20010503.clean/crypto/md4/md4test.c Mon Feb 19 10:01:50 2001 --- openssl-snap-20010503/crypto/md4/md4test.c Fri May 4 16:37:50 2001 *************** *** 67,73 **** return(0); } #else ! #include static char *test[]={ "", --- 67,73 ---- return(0); } #else ! #include static char *test[]={ "", *************** *** 96,108 **** int i,err=0; unsigned char **P,**R; char *p; P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! p=pt(MD4(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL)); if (strcmp(p,(char *)*R) != 0) { printf("error calculating MD4 on '%s'\n",*P); --- 96,111 ---- int i,err=0; unsigned char **P,**R; char *p; + char md[MD4_DIGEST_LENGTH]; + EVP_add_digest(EVP_md4()); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4()); ! p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating MD4 on '%s'\n",*P); *************** *** 115,120 **** --- 118,124 ---- R++; P++; } + EVP_cleanup(); exit(err); return(0); } diff -cr openssl-snap-20010503.clean/crypto/md5/md5test.c openssl-snap-20010503/crypto/md5/md5test.c *** openssl-snap-20010503.clean/crypto/md5/md5test.c Mon Feb 19 10:01:50 2001 --- openssl-snap-20010503/crypto/md5/md5test.c Fri May 4 16:39:54 2001 *************** *** 67,73 **** return(0); } #else ! #include static char *test[]={ "", --- 67,73 ---- return(0); } #else ! #include static char *test[]={ "", *************** *** 96,108 **** int i,err=0; unsigned char **P,**R; char *p; P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! p=pt(MD5(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL)); if (strcmp(p,(char *)*R) != 0) { printf("error calculating MD5 on '%s'\n",*P); --- 96,111 ---- int i,err=0; unsigned char **P,**R; char *p; + char md[MD5_DIGEST_LENGTH]; + EVP_add_digest(EVP_md5()); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md5()); ! p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating MD5 on '%s'\n",*P); *************** *** 115,120 **** --- 118,124 ---- R++; P++; } + EVP_cleanup(); exit(err); return(0); } diff -cr openssl-snap-20010503.clean/crypto/mdc2/mdc2test.c openssl-snap-20010503/crypto/mdc2/mdc2test.c *** openssl-snap-20010503.clean/crypto/mdc2/mdc2test.c Mon Feb 19 10:01:52 2001 --- openssl-snap-20010503/crypto/mdc2/mdc2test.c Fri May 4 16:44:20 2001 *************** *** 71,77 **** return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include --- 71,77 ---- return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include *************** *** 92,98 **** int ret=0; unsigned char md[MDC2_DIGEST_LENGTH]; int i; ! MDC2_CTX c; static char *text="Now is the time for all "; #ifdef CHARSET_EBCDIC --- 92,98 ---- int ret=0; unsigned char md[MDC2_DIGEST_LENGTH]; int i; ! EVP_MD_CTX c; static char *text="Now is the time for all "; #ifdef CHARSET_EBCDIC *************** *** 99,107 **** ebcdic2ascii(text,text,strlen(text)); #endif ! MDC2_Init(&c); ! MDC2_Update(&c,(unsigned char *)text,strlen(text)); ! MDC2_Final(&(md[0]),&c); if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0) { --- 99,108 ---- ebcdic2ascii(text,text,strlen(text)); #endif ! EVP_add_digest(EVP_mdc2()); ! EVP_DigestInit(&c,EVP_mdc2()); ! EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text)); ! EVP_DigestFinal(&c,&(md[0]),NULL); if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0) { *************** *** 116,125 **** else printf("pad1 - ok\n"); ! MDC2_Init(&c); ! c.pad_type=2; ! MDC2_Update(&c,(unsigned char *)text,strlen(text)); ! MDC2_Final(&(md[0]),&c); if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0) { --- 117,126 ---- else printf("pad1 - ok\n"); ! EVP_DigestInit(&c,EVP_mdc2()); ! c.md.mdc2.pad_type=2; ! EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text)); ! EVP_DigestFinal(&c,&(md[0]),NULL); if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0) { *************** *** 134,139 **** --- 135,141 ---- else printf("pad2 - ok\n"); + EVP_cleanup(); exit(ret); return(ret); } diff -cr openssl-snap-20010503.clean/crypto/pkcs12/p12_mutl.c openssl-snap-20010503/crypto/pkcs12/p12_mutl.c *** openssl-snap-20010503.clean/crypto/pkcs12/p12_mutl.c Thu Mar 8 20:01:12 2001 --- openssl-snap-20010503/crypto/pkcs12/p12_mutl.c Fri May 4 15:58:48 2001 *************** *** 89,94 **** --- 89,95 ---- HMAC_Update (&hmac, p12->authsafes->d.data->data, p12->authsafes->d.data->length); HMAC_Final (&hmac, mac, maclen); + HMAC_cleanup (&hmac); return 1; } diff -cr openssl-snap-20010503.clean/crypto/rand/md_rand.c openssl-snap-20010503/crypto/rand/md_rand.c *** openssl-snap-20010503.clean/crypto/rand/md_rand.c Wed Apr 18 10:01:18 2001 --- openssl-snap-20010503/crypto/rand/md_rand.c Fri May 4 17:31:18 2001 *************** *** 264,270 **** MD_Update(&m,buf,j); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); ! MD_Final(local_md,&m); md_c[1]++; buf=(const char *)buf + j; --- 264,270 ---- MD_Update(&m,buf,j); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); ! MD_Final(&m,local_md); md_c[1]++; buf=(const char *)buf + j; *************** *** 457,463 **** } else MD_Update(&m,&(state[st_idx]),j); ! MD_Final(local_md,&m); for (i=0; i #define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH ! #define MD(a,b,c) MD5(a,b,c) #elif defined(USE_SHA1_RAND) - #include #define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH ! #define MD(a,b,c) SHA1(a,b,c) #elif defined(USE_MDC2_RAND) - #include #define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH ! #define MD(a,b,c) MDC2(a,b,c) #elif defined(USE_MD2_RAND) - #include #define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH ! #define MD(a,b,c) MD2(a,b,c) ! #endif ! #if defined(USE_MD5_RAND) ! #include ! #define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH ! #define MD_CTX MD5_CTX ! #define MD_Init(a) MD5_Init(a) ! #define MD_Update(a,b,c) MD5_Update(a,b,c) ! #define MD_Final(a,b) MD5_Final(a,b) ! #define MD(a,b,c) MD5(a,b,c) ! #elif defined(USE_SHA1_RAND) ! #include ! #define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH ! #define MD_CTX SHA_CTX ! #define MD_Init(a) SHA1_Init(a) ! #define MD_Update(a,b,c) SHA1_Update(a,b,c) ! #define MD_Final(a,b) SHA1_Final(a,b) ! #define MD(a,b,c) SHA1(a,b,c) ! #elif defined(USE_MDC2_RAND) ! #include ! #define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH ! #define MD_CTX MDC2_CTX ! #define MD_Init(a) MDC2_Init(a) ! #define MD_Update(a,b,c) MDC2_Update(a,b,c) ! #define MD_Final(a,b) MDC2_Final(a,b) ! #define MD(a,b,c) MDC2(a,b,c) ! #elif defined(USE_MD2_RAND) ! #include ! #define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH ! #define MD_CTX MD2_CTX ! #define MD_Init(a) MD2_Init(a) ! #define MD_Update(a,b,c) MD2_Update(a,b,c) ! #define MD_Final(a,b) MD2_Final(a,b) ! #define MD(a,b,c) MD2(a,b,c) #endif --- 129,154 ---- #endif #endif + #include + #define MD_CTX EVP_MD_CTX + #define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) + #define MD_Final(a,b) EVP_DigestFinal(a,b,NULL) #if defined(USE_MD5_RAND) #define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH ! #define MD_Init(a) EVP_DigestInit(a,EVP_md5()) ! #define MD(a,b,c) EVP_Digest(a,b,c,EVP_md5()) #elif defined(USE_SHA1_RAND) #define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH ! #define MD_Init(a) EVP_DigestInit(a,EVP_sha1()) ! #define MD(a,b,c) EVP_Digest(a,b,c,EVP_sha1()) #elif defined(USE_MDC2_RAND) #define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH ! #define MD_Init(a) EVP_DigestInit(a,EVP_mdc2()) ! #define MD(a,b,c) EVP_Digest(a,b,c,EVP_mdc2()) #elif defined(USE_MD2_RAND) #define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH ! #define MD_Init(a) EVP_DigestInit(a,EVP_md2()) ! #define MD(a,b,c) EVP_Digest(a,b,c,EVP_md2()) #endif diff -cr openssl-snap-20010503.clean/crypto/rc4/rc4.c openssl-snap-20010503/crypto/rc4/rc4.c *** openssl-snap-20010503.clean/crypto/rc4/rc4.c Tue Feb 20 02:00:54 2001 --- openssl-snap-20010503/crypto/rc4/rc4.c Fri May 4 17:47:34 2001 *************** *** 162,168 **** keystr=buf; } ! MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md); memset(keystr,0,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); --- 162,168 ---- keystr=buf; } ! EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); memset(keystr,0,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); diff -cr openssl-snap-20010503.clean/crypto/ripemd/rmdtest.c openssl-snap-20010503/crypto/ripemd/rmdtest.c *** openssl-snap-20010503.clean/crypto/ripemd/rmdtest.c Mon Feb 19 10:02:14 2001 --- openssl-snap-20010503/crypto/ripemd/rmdtest.c Fri May 4 16:46:38 2001 *************** *** 67,73 **** return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include --- 67,73 ---- return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include *************** *** 102,108 **** --- 102,110 ---- int i,err=0; unsigned char **P,**R; char *p; + char md[RIPEMD160_DIGEST_LENGTH]; + EVP_add_digest(EVP_ripemd160()); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; *************** *** 111,117 **** #ifdef CHARSET_EBCDIC ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); #endif ! p=pt(RIPEMD160(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL)); if (strcmp(p,(char *)*R) != 0) { printf("error calculating RIPEMD160 on '%s'\n",*P); --- 113,120 ---- #ifdef CHARSET_EBCDIC ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P)); #endif ! EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_ripemd160()); ! p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating RIPEMD160 on '%s'\n",*P); *************** *** 124,129 **** --- 127,133 ---- R++; P++; } + EVP_cleanup(); exit(err); return(0); } diff -cr openssl-snap-20010503.clean/crypto/rsa/rsa_oaep.c openssl-snap-20010503/crypto/rsa/rsa_oaep.c *** openssl-snap-20010503.clean/crypto/rsa/rsa_oaep.c Mon Feb 19 10:02:16 2001 --- openssl-snap-20010503/crypto/rsa/rsa_oaep.c Fri May 4 16:53:18 2001 *************** *** 24,30 **** #include "cryptlib.h" #include #include ! #include #include int MGF1(unsigned char *mask, long len, --- 24,30 ---- #include "cryptlib.h" #include #include ! #include #include int MGF1(unsigned char *mask, long len, *************** *** 62,68 **** seed = to + 1; db = to + SHA_DIGEST_LENGTH + 1; ! SHA1(param, plen, db); memset(db + SHA_DIGEST_LENGTH, 0, emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; --- 62,68 ---- seed = to + 1; db = to + SHA_DIGEST_LENGTH + 1; ! EVP_Digest((void *)param, plen, db, NULL, EVP_sha1()); memset(db + SHA_DIGEST_LENGTH, 0, emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; *************** *** 121,127 **** for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; ! SHA1(param, plen, phash); if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0) RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); --- 121,127 ---- for (i = 0; i < dblen; i++) db[i] ^= maskeddb[i]; ! EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1()); if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0) RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); *************** *** 154,160 **** { long i, outlen = 0; unsigned char cnt[4]; ! SHA_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; for (i = 0; outlen < len; i++) --- 154,160 ---- { long i, outlen = 0; unsigned char cnt[4]; ! EVP_MD_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; for (i = 0; outlen < len; i++) *************** *** 161,177 **** { cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255, cnt[2] = (i >> 8) & 255, cnt[3] = i & 255; ! SHA1_Init(&c); ! SHA1_Update(&c, seed, seedlen); ! SHA1_Update(&c, cnt, 4); if (outlen + SHA_DIGEST_LENGTH <= len) { ! SHA1_Final(mask + outlen, &c); outlen += SHA_DIGEST_LENGTH; } else { ! SHA1_Final(md, &c); memcpy(mask + outlen, md, len - outlen); outlen = len; } --- 161,177 ---- { cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255, cnt[2] = (i >> 8) & 255, cnt[3] = i & 255; ! EVP_DigestInit(&c,EVP_sha1()); ! EVP_DigestUpdate(&c, seed, seedlen); ! EVP_DigestUpdate(&c, cnt, 4); if (outlen + SHA_DIGEST_LENGTH <= len) { ! EVP_DigestFinal(&c, mask + outlen, NULL); outlen += SHA_DIGEST_LENGTH; } else { ! EVP_DigestFinal(&c, md, NULL); memcpy(mask + outlen, md, len - outlen); outlen = len; } diff -cr openssl-snap-20010503.clean/crypto/sha/sha1test.c openssl-snap-20010503/crypto/sha/sha1test.c *** openssl-snap-20010503.clean/crypto/sha/sha1test.c Mon Feb 19 10:02:16 2001 --- openssl-snap-20010503/crypto/sha/sha1test.c Fri May 4 17:04:26 2001 *************** *** 67,73 **** return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include --- 67,73 ---- return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include *************** *** 106,112 **** unsigned char **P,**R; static unsigned char buf[1000]; char *p,*r; ! SHA_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; #ifdef CHARSET_EBCDIC --- 106,112 ---- unsigned char **P,**R; static unsigned char buf[1000]; char *p,*r; ! EVP_MD_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; #ifdef CHARSET_EBCDIC *************** *** 114,125 **** ebcdic2ascii(test[1], test[1], strlen(test[1])); #endif P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL)); if (strcmp(p,(char *)*R) != 0) { printf("error calculating SHA1 on '%s'\n",*P); --- 114,127 ---- ebcdic2ascii(test[1], test[1], strlen(test[1])); #endif + EVP_add_digest(EVP_sha1()); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha1()); ! p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating SHA1 on '%s'\n",*P); *************** *** 137,146 **** #ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, 1000); #endif /*CHARSET_EBCDIC*/ ! SHA1_Init(&c); for (i=0; i<1000; i++) ! SHA1_Update(&c,buf,1000); ! SHA1_Final(md,&c); p=pt(md); r=bigret; --- 139,148 ---- #ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, 1000); #endif /*CHARSET_EBCDIC*/ ! EVP_DigestInit(&c,EVP_sha1()); for (i=0; i<1000; i++) ! EVP_DigestUpdate(&c,buf,1000); ! EVP_DigestFinal(&c,md,NULL); p=pt(md); r=bigret; *************** *** 152,157 **** --- 154,160 ---- } else printf("test 3 ok\n"); + EVP_cleanup(); exit(err); return(0); } diff -cr openssl-snap-20010503.clean/crypto/sha/shatest.c openssl-snap-20010503/crypto/sha/shatest.c *** openssl-snap-20010503.clean/crypto/sha/shatest.c Mon Feb 19 10:02:18 2001 --- openssl-snap-20010503/crypto/sha/shatest.c Fri May 4 17:04:52 2001 *************** *** 67,73 **** return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include --- 67,73 ---- return(0); } #else ! #include #ifdef CHARSET_EBCDIC #include *************** *** 106,112 **** unsigned char **P,**R; static unsigned char buf[1000]; char *p,*r; ! SHA_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; #ifdef CHARSET_EBCDIC --- 106,112 ---- unsigned char **P,**R; static unsigned char buf[1000]; char *p,*r; ! EVP_MD_CTX c; unsigned char md[SHA_DIGEST_LENGTH]; #ifdef CHARSET_EBCDIC *************** *** 114,125 **** ebcdic2ascii(test[1], test[1], strlen(test[1])); #endif P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL)); if (strcmp(p,(char *)*R) != 0) { printf("error calculating SHA on '%s'\n",*P); --- 114,127 ---- ebcdic2ascii(test[1], test[1], strlen(test[1])); #endif + EVP_add_digest(EVP_sha()); P=(unsigned char **)test; R=(unsigned char **)ret; i=1; while (*P != NULL) { ! EVP_Digest(*P,(unsigned long)strlen((char *)*P),md,NULL,EVP_sha()); ! p=pt(md); if (strcmp(p,(char *)*R) != 0) { printf("error calculating SHA on '%s'\n",*P); *************** *** 137,146 **** #ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, 1000); #endif /*CHARSET_EBCDIC*/ ! SHA_Init(&c); for (i=0; i<1000; i++) ! SHA_Update(&c,buf,1000); ! SHA_Final(md,&c); p=pt(md); r=bigret; --- 139,148 ---- #ifdef CHARSET_EBCDIC ebcdic2ascii(buf, buf, 1000); #endif /*CHARSET_EBCDIC*/ ! EVP_DigestInit(&c,EVP_sha()); for (i=0; i<1000; i++) ! EVP_DigestUpdate(&c,buf,1000); ! EVP_DigestFinal(&c,md,NULL); p=pt(md); r=bigret; *************** *** 152,157 **** --- 154,160 ---- } else printf("test 3 ok\n"); + EVP_cleanup(); exit(err); return(0); } diff -cr openssl-snap-20010503.clean/crypto/x509/x509_cmp.c openssl-snap-20010503/crypto/x509/x509_cmp.c *** openssl-snap-20010503.clean/crypto/x509/x509_cmp.c Mon Feb 19 10:02:22 2001 --- openssl-snap-20010503/crypto/x509/x509_cmp.c Fri May 4 17:07:22 2001 *************** *** 79,95 **** unsigned long X509_issuer_and_serial_hash(X509 *a) { unsigned long ret=0; ! MD5_CTX ctx; unsigned char md[16]; char str[256]; X509_NAME_oneline(a->cert_info->issuer,str,256); ret=strlen(str); ! MD5_Init(&ctx); ! MD5_Update(&ctx,(unsigned char *)str,ret); ! MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data, (unsigned long)a->cert_info->serialNumber->length); ! MD5_Final(&(md[0]),&ctx); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) )&0xffffffffL; --- 79,95 ---- unsigned long X509_issuer_and_serial_hash(X509 *a) { unsigned long ret=0; ! EVP_MD_CTX ctx; unsigned char md[16]; char str[256]; X509_NAME_oneline(a->cert_info->issuer,str,256); ret=strlen(str); ! EVP_DigestInit(&ctx,EVP_md5()); ! EVP_DigestUpdate(&ctx,(unsigned char *)str,ret); ! EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, (unsigned long)a->cert_info->serialNumber->length); ! EVP_DigestFinal(&ctx,&(md[0]),NULL); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) )&0xffffffffL; diff -cr openssl-snap-20010503.clean/ssl/s2_lib.c openssl-snap-20010503/ssl/s2_lib.c *** openssl-snap-20010503.clean/ssl/s2_lib.c Tue Feb 20 02:01:04 2001 --- openssl-snap-20010503/ssl/s2_lib.c Fri May 4 17:09:32 2001 *************** *** 61,67 **** #include #include #include ! #include static long ssl2_default_timeout(void ); const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; --- 61,67 ---- #include #include #include ! #include static long ssl2_default_timeout(void ); const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; *************** *** 415,421 **** void ssl2_generate_key_material(SSL *s) { unsigned int i; ! MD5_CTX ctx; unsigned char *km; unsigned char c='0'; --- 415,421 ---- void ssl2_generate_key_material(SSL *s) { unsigned int i; ! EVP_MD_CTX ctx; unsigned char *km; unsigned char c='0'; *************** *** 427,440 **** km=s->s2->key_material; for (i=0; is2->key_material_length; i+=MD5_DIGEST_LENGTH) { ! MD5_Init(&ctx); ! MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); ! MD5_Update(&ctx,&c,1); c++; ! MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length); ! MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length); ! MD5_Final(km,&ctx); km+=MD5_DIGEST_LENGTH; } } --- 427,440 ---- km=s->s2->key_material; for (i=0; is2->key_material_length; i+=MD5_DIGEST_LENGTH) { ! EVP_DigestInit(&ctx,EVP_md5()); ! EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); ! EVP_DigestUpdate(&ctx,&c,1); c++; ! EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); ! EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); ! EVP_DigestFinal(&ctx,km,NULL); km+=MD5_DIGEST_LENGTH; } } diff -cr openssl-snap-20010503.clean/ssl/s3_clnt.c openssl-snap-20010503/ssl/s3_clnt.c *** openssl-snap-20010503.clean/ssl/s3_clnt.c Tue Mar 6 19:01:26 2001 --- openssl-snap-20010503/ssl/s3_clnt.c Fri May 4 17:10:00 2001 *************** *** 60,67 **** #include #include #include - #include - #include #include #include "ssl_locl.h" --- 60,65 ---- diff -cr openssl-snap-20010503.clean/ssl/s3_enc.c openssl-snap-20010503/ssl/s3_enc.c *** openssl-snap-20010503.clean/ssl/s3_enc.c Sun Apr 8 08:00:38 2001 --- openssl-snap-20010503/ssl/s3_enc.c Fri May 4 17:15:00 2001 *************** *** 57,64 **** */ #include - #include - #include #include #include "ssl_locl.h" --- 57,62 ---- *************** *** 83,90 **** static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) { ! MD5_CTX m5; ! SHA_CTX s1; unsigned char buf[16],smd[SHA_DIGEST_LENGTH]; unsigned char c='A'; int i,j,k; --- 81,88 ---- static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) { ! EVP_MD_CTX m5; ! EVP_MD_CTX s1; unsigned char buf[16],smd[SHA_DIGEST_LENGTH]; unsigned char c='A'; int i,j,k; *************** *** 106,130 **** for (j=0; jsession->master_key, s->session->master_key_length); ! SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE); ! SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE); ! SHA1_Final( smd,&s1); ! MD5_Init( &m5); ! MD5_Update(&m5,s->session->master_key, s->session->master_key_length); ! MD5_Update(&m5,smd,SHA_DIGEST_LENGTH); if ((i+MD5_DIGEST_LENGTH) > num) { ! MD5_Final(smd,&m5); memcpy(km,smd,(num-i)); } else ! MD5_Final(km,&m5); km+=MD5_DIGEST_LENGTH; } --- 104,128 ---- for (j=0; jsession->master_key, s->session->master_key_length); ! EVP_DigestUpdate(&s1,s->s3->server_random,SSL3_RANDOM_SIZE); ! EVP_DigestUpdate(&s1,s->s3->client_random,SSL3_RANDOM_SIZE); ! EVP_DigestFinal(&s1,smd,NULL); ! EVP_DigestInit(&m5,EVP_md5()); ! EVP_DigestUpdate(&m5,s->session->master_key, s->session->master_key_length); ! EVP_DigestUpdate(&m5,smd,SHA_DIGEST_LENGTH); if ((i+MD5_DIGEST_LENGTH) > num) { ! EVP_DigestFinal(&m5,smd,NULL); memcpy(km,smd,(num-i)); } else ! EVP_DigestFinal(&m5,km,NULL); km+=MD5_DIGEST_LENGTH; } *************** *** 142,148 **** const EVP_CIPHER *c; COMP_METHOD *comp; const EVP_MD *m; ! MD5_CTX md; int exp,n,i,j,k,cl; exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); --- 140,146 ---- const EVP_CIPHER *c; COMP_METHOD *comp; const EVP_MD *m; ! EVP_MD_CTX md; int exp,n,i,j,k,cl; exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); *************** *** 252,270 **** /* In here I set both the read and write key/iv to the * same value since only the correct one will be used :-). */ ! MD5_Init(&md); ! MD5_Update(&md,key,j); ! MD5_Update(&md,er1,SSL3_RANDOM_SIZE); ! MD5_Update(&md,er2,SSL3_RANDOM_SIZE); ! MD5_Final(&(exp_key[0]),&md); key= &(exp_key[0]); if (k > 0) { ! MD5_Init(&md); ! MD5_Update(&md,er1,SSL3_RANDOM_SIZE); ! MD5_Update(&md,er2,SSL3_RANDOM_SIZE); ! MD5_Final(&(exp_iv[0]),&md); iv= &(exp_iv[0]); } } --- 250,268 ---- /* In here I set both the read and write key/iv to the * same value since only the correct one will be used :-). */ ! EVP_DigestInit(&md,EVP_md5()); ! EVP_DigestUpdate(&md,key,j); ! EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE); ! EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE); ! EVP_DigestFinal(&md,&(exp_key[0]),NULL); key= &(exp_key[0]); if (k > 0) { ! EVP_DigestInit(&md,EVP_md5()); ! EVP_DigestUpdate(&md,er1,SSL3_RANDOM_SIZE); ! EVP_DigestUpdate(&md,er2,SSL3_RANDOM_SIZE); ! EVP_DigestFinal(&md,&(exp_iv[0]),NULL); iv= &(exp_iv[0]); } } diff -cr openssl-snap-20010503.clean/ssl/s3_lib.c openssl-snap-20010503/ssl/s3_lib.c *** openssl-snap-20010503.clean/ssl/s3_lib.c Fri Mar 9 04:01:22 2001 --- openssl-snap-20010503/ssl/s3_lib.c Fri May 4 17:15:26 2001 *************** *** 110,117 **** */ #include - #include - #include #include #include "ssl_locl.h" --- 110,115 ---- diff -cr openssl-snap-20010503.clean/ssl/s3_srvr.c openssl-snap-20010503/ssl/s3_srvr.c *** openssl-snap-20010503.clean/ssl/s3_srvr.c Tue Mar 6 19:01:28 2001 --- openssl-snap-20010503/ssl/s3_srvr.c Fri May 4 17:15:46 2001 *************** *** 64,71 **** #include #include #include - #include - #include #include #include #include "ssl_locl.h" --- 64,69 ---- diff -cr openssl-snap-20010503.clean/ssl/t1_enc.c openssl-snap-20010503/ssl/t1_enc.c *** openssl-snap-20010503.clean/ssl/t1_enc.c Tue Apr 3 08:00:58 2001 --- openssl-snap-20010503/ssl/t1_enc.c Fri May 4 17:15:58 2001 *************** *** 58,65 **** #include #include - #include - #include #include #include #include "ssl_locl.h" --- 58,63 ---- *************** *** 78,83 **** --- 76,82 ---- chunk=EVP_MD_size(md); HMAC_Init(&ctx,sec,sec_len,md); + HMAC_Init(&ctx_tmp,sec,sec_len,md); HMAC_Update(&ctx,seed,seed_len); HMAC_Final(&ctx,A1,&A1_len); *************** *** 85,92 **** for (;;) { HMAC_Init(&ctx,NULL,0,NULL); /* re-init */ HMAC_Update(&ctx,A1,A1_len); ! memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */ HMAC_Update(&ctx,seed,seed_len); if (olen > chunk) --- 84,92 ---- for (;;) { HMAC_Init(&ctx,NULL,0,NULL); /* re-init */ + HMAC_Init(&ctx_tmp,NULL,0,NULL); /* re-init */ HMAC_Update(&ctx,A1,A1_len); ! HMAC_Update(&ctx_tmp,A1,A1_len); HMAC_Update(&ctx,seed,seed_len); if (olen > chunk) *************** *** 630,635 **** --- 630,636 ---- HMAC_Update(&hmac,buf,5); HMAC_Update(&hmac,rec->input,rec->length); HMAC_Final(&hmac,md,&md_size); + HMAC_cleanup(&hmac); #ifdef TLS_DEBUG printf("sec=");