diff options
author | gilles <gilles@poolp.org> | 2016-09-11 18:16:13 +0200 |
---|---|---|
committer | gilles <gilles@poolp.org> | 2016-09-11 18:16:13 +0200 |
commit | bb91995d63db4a39d0120da8061af46980193a25 (patch) | |
tree | 9c7e64276186b224506e8e74504d45f4715b622c | |
parent | don't use deprecated OpenSSL interface (diff) | |
download | OpenSMTPD-bb91995d63db4a39d0120da8061af46980193a25.tar.xz OpenSMTPD-bb91995d63db4a39d0120da8061af46980193a25.zip |
Revert "don't use deprecated OpenSSL interface"opensmtpd-6.0.0
This reverts commit f57f8e9361f08766bde1cf892fa852e096a977cc.
-rw-r--r-- | smtpd/crypto.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/smtpd/crypto.c b/smtpd/crypto.c index 1cc1af7c..2648dbe6 100644 --- a/smtpd/crypto.c +++ b/smtpd/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.6 2016/09/03 14:42:08 gilles Exp $ */ +/* $OpenBSD: crypto.c,v 1.5 2015/12/28 22:08:30 jung Exp $ */ /* * Copyright (c) 2013 Gilles Chehade <gilles@openbsd.org> @@ -42,6 +42,7 @@ size_t crypto_encrypt_buffer(const char *, size_t, char *, size_t); size_t crypto_decrypt_buffer(const char *, size_t, char *, size_t); static struct crypto_ctx { + const EVP_CIPHER *cipher; unsigned char key[KEY_SIZE]; } cp; @@ -52,6 +53,7 @@ crypto_setup(const char *key, size_t len) return 0; memset(&cp, 0, sizeof cp); + cp.cipher = EVP_aes_256_gcm(); /* openssl rand -hex 16 */ memcpy(cp.key, key, sizeof cp.key); @@ -90,7 +92,7 @@ crypto_encrypt_file(FILE * in, FILE * out) return 0; EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv); + EVP_EncryptInit(&ctx, cp.cipher, cp.key, iv); /* encrypt until end of file */ while ((r = fread(ibuf, 1, CRYPTO_BUFFER_SIZE, in)) != 0) { @@ -103,7 +105,7 @@ crypto_encrypt_file(FILE * in, FILE * out) goto end; /* finalize and write last chunk if any */ - if (!EVP_EncryptFinal_ex(&ctx, obuf, &len)) + if (!EVP_EncryptFinal(&ctx, obuf, &len)) goto end; if (len && (w = fwrite(obuf, len, 1, out)) != 1) goto end; @@ -170,7 +172,7 @@ crypto_decrypt_file(FILE * in, FILE * out) EVP_CIPHER_CTX_init(&ctx); - EVP_DecryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv); + EVP_DecryptInit(&ctx, cp.cipher, cp.key, iv); /* set expected tag */ EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag); @@ -193,7 +195,7 @@ crypto_decrypt_file(FILE * in, FILE * out) goto end; /* finalize, write last chunk if any and perform authentication check */ - if (!EVP_DecryptFinal_ex(&ctx, obuf, &len)) + if (!EVP_DecryptFinal(&ctx, obuf, &len)) goto end; if (len && (w = fwrite(obuf, len, 1, out)) != 1) goto end; @@ -238,7 +240,7 @@ crypto_encrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen) len += sizeof iv; EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv); + EVP_EncryptInit(&ctx, cp.cipher, cp.key, iv); /* encrypt buffer */ if (!EVP_EncryptUpdate(&ctx, out + len, &olen, in, inlen)) @@ -246,7 +248,7 @@ crypto_encrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen) len += olen; /* finalize and write last chunk if any */ - if (!EVP_EncryptFinal_ex(&ctx, out + len, &olen)) + if (!EVP_EncryptFinal(&ctx, out + len, &olen)) goto end; len += olen; @@ -291,7 +293,7 @@ crypto_decrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen) in += sizeof iv; EVP_CIPHER_CTX_init(&ctx); - EVP_DecryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv); + EVP_DecryptInit(&ctx, cp.cipher, cp.key, iv); /* set expected tag */ EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag); @@ -302,7 +304,7 @@ crypto_decrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen) len += olen; /* finalize, write last chunk if any and perform authentication check */ - if (!EVP_DecryptFinal_ex(&ctx, out + len, &olen)) + if (!EVP_DecryptFinal(&ctx, out + len, &olen)) goto end; ret = len + olen; |