Mailing List Archive

Changing the following to help with future portability. SHA256_Init() -> EVP_DigestInit_ex() SHA256_Update() -> EVP_DigestUpdate() SHA256_Final() -> EVP_DigestFinal_ex() Also add EVP_MD_CTX_new() and EVP_MD_CTX_free() OK? Index: rrdp.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/rrdp.c,v diff -u -p -r1.33 rrdp.c --- rrdp.c 16 Feb 2024 11:46:57 -0000 1.33 +++ rrdp.c 27 Feb 2024 21:15:57 -0000 @@ -28,7 +28,7 @@ #include <imsg.h> #include <expat.h> -#include <openssl/sha.h> +#include <openssl/evp.h> #include "extern.h" #include "rrdp.h" @@ -63,7 +63,7 @@ struct rrdp { enum rrdp_task task; char hash[SHA256_DIGEST_LENGTH]; - SHA256_CTX ctx; + EVP_MD_CTX *ctx; struct rrdp_session *repository; struct rrdp_session *current; @@ -509,7 +509,8 @@ rrdp_data_handler(struct rrdp *s) if (s->task != NOTIFICATION) { char h[SHA256_DIGEST_LENGTH]; - SHA256_Final(h, &s->ctx); + EVP_DigestFinal_ex(s->ctx, h, NULL); + EVP_MD_CTX_free(s->ctx); if (memcmp(s->hash, h, sizeof(s->hash)) != 0) { s->state |= RRDP_STATE_PARSE_ERROR; warnx("%s: bad message digest", s->local); @@ -523,7 +524,7 @@ rrdp_data_handler(struct rrdp *s) /* parse and maybe hash the bytes just read */ if (s->task != NOTIFICATION) - SHA256_Update(&s->ctx, buf, len); + EVP_DigestUpdate(s->ctx, buf, len); if ((s->state & RRDP_STATE_PARSE_ERROR) == 0 && XML_Parse(p, buf, len, 0) != XML_STATUS_OK) { warnx("%s: parse error at line %llu: %s", s->local, @@ -568,7 +569,9 @@ proc_rrdp(int fd) uri = notification_get_next(s->nxml, s->hash, sizeof(s->hash), s->task); - SHA256_Init(&s->ctx); + s->ctx = EVP_MD_CTX_new(); + EVP_DigestInit_ex(s->ctx, EVP_sha256(), + NULL); rrdp_http_req(s->id, uri, NULL); break; } Index: validate.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/validate.c,v diff -u -p -r1.72 validate.c --- validate.c 22 Feb 2024 12:49:42 -0000 1.72 +++ validate.c 27 Feb 2024 21:15:57 -0000 @@ -25,6 +25,8 @@ #include <string.h> #include <unistd.h> +#include <openssl/evp.h> + #include "extern.h" extern ASN1_OBJECT *certpol_oid; @@ -218,10 +220,10 @@ valid_spl(const char *fn, struct cert *c int valid_filehash(int fd, const char *hash, size_t hlen) { - SHA256_CTX ctx; - char filehash[SHA256_DIGEST_LENGTH]; - char buffer[8192]; - ssize_t nr; + EVP_MD_CTX *ctx; + char filehash[SHA256_DIGEST_LENGTH]; + char buffer[8192]; + ssize_t nr; if (hlen != sizeof(filehash)) errx(1, "bad hash size"); @@ -229,11 +231,13 @@ valid_filehash(int fd, const char *hash, if (fd == -1) return 0; - SHA256_Init(&ctx); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); while ((nr = read(fd, buffer, sizeof(buffer))) > 0) - SHA256_Update(&ctx, buffer, nr); + EVP_DigestUpdate(ctx, buffer, nr); close(fd); - SHA256_Final(filehash, &ctx); + EVP_DigestFinal_ex(ctx, filehash, NULL); + EVP_MD_CTX_free(ctx); if (memcmp(hash, filehash, sizeof(filehash)) != 0) return 0;

2024-02-27 21:23 Job Snijders:
rpki-client: change SHA256_{Init,Update,Final} to EVP_Digest{Init_ex,Update,Final_ex}
- 2024-02-27 21:26 Theo Buehler:
  rpki-client: change SHA256_{Init,Update,Final} to EVP_Digest{Init_ex,Update,Final_ex}
- - 2024-02-27 21:47 Job Snijders:
    rpki-client: change SHA256_{Init,Update,Final} to EVP_Digest{Init_ex,Update,Final_ex}