summaryrefslogtreecommitdiff
path: root/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'ssl')
-rw-r--r--ssl/statem/extensions.c5
-rw-r--r--ssl/statem/extensions_srvr.c9
-rw-r--r--ssl/statem/statem_clnt.c7
-rw-r--r--ssl/statem/statem_lib.c14
-rw-r--r--ssl/statem/statem_srvr.c7
-rw-r--r--ssl/t1_enc.c6
6 files changed, 27 insertions, 21 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 9086348618..1a8e3cf829 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -1610,8 +1610,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
binderout = tmpbinder;
bindersize = hashsize;
- if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->propq,
- mackey, s->ctx->libctx) <= 0
+ if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq,
+ mackey) <= 0
|| EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0
|| EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0
|| bindersize != hashsize) {
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 27ddef9aaf..3eeafef828 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -784,8 +784,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
}
hmaclen = SHA256_DIGEST_LENGTH;
- if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
- s->ctx->libctx) <= 0
+ if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
+ s->ctx->libctx, s->ctx->propq, pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, data,
rawlen - SHA256_DIGEST_LENGTH) <= 0
|| hmaclen != SHA256_DIGEST_LENGTH) {
@@ -1873,8 +1873,9 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
goto err;
}
- if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
- s->ctx->libctx) <= 0
+ if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
+ s->ctx->libctx, s->ctx->propq,
+ pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, cookie,
totcookielen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 4cd85ef609..ff48759436 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2377,9 +2377,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
goto err;
}
- if (EVP_DigestVerifyInit_ex(md_ctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+ if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq,
+ pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE,
ERR_R_EVP_LIB);
goto err;
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index d8aab20e92..39ec4a92fd 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -277,9 +277,10 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
goto err;
}
- if (EVP_DigestSignInit_ex(mctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+ if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq,
+ pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
ERR_R_EVP_LIB);
goto err;
@@ -472,9 +473,10 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
OSSL_TRACE1(TLS, "Using client verify alg %s\n",
md == NULL ? "n/a" : EVP_MD_name(md));
- if (EVP_DigestVerifyInit_ex(mctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+ if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq,
+ pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
ERR_R_EVP_LIB);
goto err;
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index b329e89379..c46254c858 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2807,9 +2807,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
goto err;
}
- if (EVP_DigestSignInit_ex(md_ctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
+ if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq,
+ pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 11eea82fff..8285e5cd27 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -380,9 +380,9 @@ int tls1_change_cipher_state(SSL *s, int which)
mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
(int)*mac_secret_size);
if (mac_key == NULL
- || EVP_DigestSignInit_ex(mac_ctx, NULL,
- EVP_MD_name(m), s->ctx->propq,
- mac_key, s->ctx->libctx) <= 0) {
+ || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m),
+ s->ctx->libctx, s->ctx->propq,
+ mac_key) <= 0) {
EVP_PKEY_free(mac_key);
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
ERR_R_INTERNAL_ERROR);
View Lorry Controller Status