diff options
author | Rich Salz <rsalz@akamai.com> | 2021-02-17 01:51:56 +0300 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-04-18 11:03:07 +0300 |
commit | f6c95e46c03025b2694241e1ad785d8bd3ac083b (patch) | |
tree | 5dcfc46ad06713bc6b581f6bed3ce3e26b0c5970 /crypto/evp/evp_enc.c | |
parent | 543e740b95e303790f8fe6ec59458b4ecdcfb56c (diff) |
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
Diffstat (limited to 'crypto/evp/evp_enc.c')
-rw-r--r-- | crypto/evp/evp_enc.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 9073312dfd..2de2a11e5a 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -325,7 +325,8 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, return 0; } - if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_CUSTOM_IV)) { + if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_get0_cipher(ctx)) + & EVP_CIPH_CUSTOM_IV) == 0) { switch (EVP_CIPHER_CTX_mode(ctx)) { case EVP_CIPH_STREAM_CIPHER: @@ -1602,23 +1603,29 @@ int EVP_CIPHER_up_ref(EVP_CIPHER *cipher) { int ref = 0; - CRYPTO_UP_REF(&cipher->refcnt, &ref, cipher->lock); + if (cipher->origin == EVP_ORIG_DYNAMIC) + CRYPTO_UP_REF(&cipher->refcnt, &ref, cipher->lock); return 1; } +void evp_cipher_free_int(EVP_CIPHER *cipher) +{ + ossl_provider_free(cipher->prov); + CRYPTO_THREAD_lock_free(cipher->lock); + OPENSSL_free(cipher); +} + void EVP_CIPHER_free(EVP_CIPHER *cipher) { int i; - if (cipher == NULL || cipher->prov == NULL) + if (cipher == NULL || cipher->origin != EVP_ORIG_DYNAMIC) return; CRYPTO_DOWN_REF(&cipher->refcnt, &i, cipher->lock); if (i > 0) return; - ossl_provider_free(cipher->prov); - CRYPTO_THREAD_lock_free(cipher->lock); - OPENSSL_free(cipher); + evp_cipher_free_int(cipher); } void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, |