diff options
Diffstat (limited to 'lib/libcrypto/evp/digest.c')
| -rw-r--r-- | lib/libcrypto/evp/digest.c | 61 |
1 files changed, 8 insertions, 53 deletions
diff --git a/lib/libcrypto/evp/digest.c b/lib/libcrypto/evp/digest.c index f21c63842ca..762e6d3450d 100644 --- a/lib/libcrypto/evp/digest.c +++ b/lib/libcrypto/evp/digest.c @@ -137,39 +137,6 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) return EVP_DigestInit_ex(ctx, type, NULL); } -#ifdef OPENSSL_FIPS - -/* The purpose of these is to trap programs that attempt to use non FIPS - * algorithms in FIPS mode and ignore the errors. - */ - -static int bad_init(EVP_MD_CTX *ctx) - { FIPS_ERROR_IGNORED("Digest init"); return 0;} - -static int bad_update(EVP_MD_CTX *ctx,const void *data,unsigned long count) - { FIPS_ERROR_IGNORED("Digest update"); return 0;} - -static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) - { FIPS_ERROR_IGNORED("Digest Final"); return 0;} - -static const EVP_MD bad_md = - { - 0, - 0, - 0, - 0, - bad_init, - bad_update, - bad_final, - NULL, - NULL, - NULL, - 0, - {0,0,0,0}, - }; - -#endif - int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); @@ -192,7 +159,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { if (!ENGINE_init(impl)) { - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); return 0; } } @@ -206,7 +173,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if(!d) { /* Same comment from evp_enc.c */ - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); return 0; } /* We'll use the ENGINE's private digest definition */ @@ -222,24 +189,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) else if(!ctx->digest) { - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); + EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); return 0; } #endif if (ctx->digest != type) { -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - { - if (!(type->flags & EVP_MD_FLAG_FIPS) - && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) - { - EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS); - ctx->digest = &bad_md; - return 0; - } - } -#endif if (ctx->digest && ctx->digest->ctx_size) OPENSSL_free(ctx->md_data); ctx->digest=type; @@ -253,9 +208,9 @@ skip_to_init: } int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, - unsigned int count) + size_t count) { - return ctx->digest->update(ctx,data,(unsigned long)count); + return ctx->digest->update(ctx,data,count); } /* The caller can assume that this removes any secret data from the context */ @@ -296,14 +251,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) unsigned char *tmp_buf; if ((in == NULL) || (in->digest == NULL)) { - EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); + EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED); return 0; } #ifndef OPENSSL_NO_ENGINE /* Make sure it's safe to copy a digest context using an ENGINE */ if (in->engine && !ENGINE_init(in->engine)) { - EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); + EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); return 0; } #endif @@ -330,7 +285,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) return 1; } -int EVP_Digest(void *data, unsigned int count, +int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX ctx; |