openssl: Dedox crypt_init().

[paraslash.git] / openssl.c

diff --git a/openssl.c b/openssl.c
index 32891cbb012b66c0eaf5b8ca56f2c4288cd3bb1b..bc287905c2f4036bfac69c42938d8f5b44a47a16 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -11,6 +11,7 @@
 #include <openssl/sha.h>
 #include <openssl/bn.h>
 #include <openssl/aes.h>
+#include <openssl/evp.h>
 
 #include "para.h"
 #include "error.h"
@@ -36,12 +37,8 @@ void get_random_bytes_or_die(unsigned char *buf, int num)
 }
 
 /*
- * Read 64 bytes from /dev/urandom and add them to the SSL PRNG. Seed the PRNG
- * used by random(3) with a random seed obtained from SSL. If /dev/urandom is
- * not readable, the function calls exit().
- *
- * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3),
- * random(3), \ref para_random().
+ * Read 64 bytes from /dev/urandom and add them to the SSL PRNG. Then seed the
+ * PRNG used by random(3) with a random seed obtained from SSL.
  */
 void crypt_init(void)
 {
@@ -283,7 +280,7 @@ int apc_get_pubkey(const char *key_file, struct asymmetric_key **result)
        unsigned char *blob;
        size_t decoded_size;
        int ret;
-       struct asymmetric_key *key = para_malloc(sizeof(*key));
+       struct asymmetric_key *key = alloc(sizeof(*key));
 
        ret = decode_public_key(key_file, &blob, &decoded_size);
        if (ret < 0)
@@ -324,7 +321,7 @@ int apc_priv_decrypt(const char *key_file, unsigned char *outbuf,
                return ret;
        if (inlen < 0)
                return -E_RSA;
-       priv = para_malloc(sizeof(*priv));
+       priv = alloc(sizeof(*priv));
        ret = get_private_key(key_file, &priv->rsa);
        if (ret < 0) {
                free(priv);
@@ -366,7 +363,7 @@ struct stream_cipher {
 
 struct stream_cipher *sc_new(const unsigned char *data, int len)
 {
-       struct stream_cipher *sc = para_malloc(sizeof(*sc));
+       struct stream_cipher *sc = alloc(sizeof(*sc));
 
        assert(len >= 2 * AES_CRT128_BLOCK_SIZE);
        sc->aes = EVP_CIPHER_CTX_new();
@@ -390,7 +387,7 @@ static void aes_ctr128_crypt(EVP_CIPHER_CTX *ctx, struct iovec *src,
 
        *dst = (typeof(*dst)) {
                /* Add one for the terminating zero byte. */
-               .iov_base = para_malloc(inlen + 1),
+               .iov_base = alloc(inlen + 1),
                .iov_len = inlen
        };
        ret = EVP_EncryptUpdate(ctx, dst->iov_base, &outlen, src->iov_base, inlen);
@@ -409,16 +406,24 @@ void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst)
 
 void hash_function(const char *data, unsigned long len, unsigned char *hash)
 {
-       SHA_CTX c;
-       SHA1_Init(&c);
-       SHA1_Update(&c, data, len);
-       SHA1_Final(hash, &c);
+       EVP_MD_CTX *c = EVP_MD_CTX_new();
+       int ret = EVP_DigestInit_ex(c, EVP_sha1(), NULL);
+       assert(ret != 0);
+       ret = EVP_DigestUpdate(c, data, len);
+       assert(ret != 0);
+       ret = EVP_DigestFinal_ex(c, hash, NULL);
+       assert(ret != 0);
+       EVP_MD_CTX_free(c);
 }
 
 void hash2_function(const char *data, unsigned long len, unsigned char *hash)
 {
-       SHA256_CTX c;
-       SHA256_Init(&c);
-       SHA256_Update(&c, data, len);
-       SHA256_Final(hash, &c);
+       EVP_MD_CTX *c = EVP_MD_CTX_new();
+       int ret = EVP_DigestInit_ex(c, EVP_sha256(), NULL);
+       assert(ret != 0);
+       ret = EVP_DigestUpdate(c, data, len);
+       assert(ret != 0);
+       ret = EVP_DigestFinal_ex(c, hash, NULL);
+       assert(ret != 0);
+       EVP_MD_CTX_free(c);
 }