From owner-svn-src-projects@freebsd.org Wed Sep 19 06:39:11 2018 Return-Path: Delivered-To: svn-src-projects@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CDCD81091319 for ; Wed, 19 Sep 2018 06:39:11 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7CA3E73212; Wed, 19 Sep 2018 06:39:11 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 69132321E; Wed, 19 Sep 2018 06:39:11 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w8J6dBG8056204; Wed, 19 Sep 2018 06:39:11 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w8J6dB2k056203; Wed, 19 Sep 2018 06:39:11 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201809190639.w8J6dB2k056203@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Wed, 19 Sep 2018 06:39:11 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r338769 - projects/openssl111/contrib/bsnmp/lib X-SVN-Group: projects X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: projects/openssl111/contrib/bsnmp/lib X-SVN-Commit-Revision: 338769 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2018 06:39:12 -0000 Author: jkim Date: Wed Sep 19 06:39:10 2018 New Revision: 338769 URL: https://svnweb.freebsd.org/changeset/base/338769 Log: Make libbsnmp buildable. Modified: projects/openssl111/contrib/bsnmp/lib/snmpcrypto.c Modified: projects/openssl111/contrib/bsnmp/lib/snmpcrypto.c ============================================================================== --- projects/openssl111/contrib/bsnmp/lib/snmpcrypto.c Wed Sep 19 06:29:06 2018 (r338768) +++ projects/openssl111/contrib/bsnmp/lib/snmpcrypto.c Wed Sep 19 06:39:10 2018 (r338769) @@ -94,9 +94,14 @@ snmp_pdu_calc_digest(const struct snmp_pdu *pdu, uint8 uint32_t i, keylen, olen; int32_t err; const EVP_MD *dtype; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; - err = snmp_digest_init(&pdu->user, &ctx, &dtype, &keylen); + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) + return (SNMP_CODE_FAILED); + err = snmp_digest_init(&pdu->user, ctx, &dtype, &keylen); + if (err <= 0) + EVP_MD_CTX_free(ctx); if (err < 0) return (SNMP_CODE_BADDIGEST); else if (err == 0) @@ -111,29 +116,29 @@ snmp_pdu_calc_digest(const struct snmp_pdu *pdu, uint8 key2[i] = extkey[i] ^ opad; } - if (EVP_DigestUpdate(&ctx, key1, SNMP_EXTENDED_KEY_SIZ) != 1 || - EVP_DigestUpdate(&ctx, pdu->outer_ptr, pdu->outer_len) != 1 || - EVP_DigestFinal(&ctx, md, &olen) != 1) + if (EVP_DigestUpdate(ctx, key1, SNMP_EXTENDED_KEY_SIZ) != 1 || + EVP_DigestUpdate(ctx, pdu->outer_ptr, pdu->outer_len) != 1 || + EVP_DigestFinal(ctx, md, &olen) != 1) goto failed; - if (EVP_DigestInit(&ctx, dtype) != 1 || - EVP_DigestUpdate(&ctx, key2, SNMP_EXTENDED_KEY_SIZ) != 1 || - EVP_DigestUpdate(&ctx, md, olen) != 1 || - EVP_DigestFinal(&ctx, md, &olen) != 1) + if (EVP_DigestInit(ctx, dtype) != 1 || + EVP_DigestUpdate(ctx, key2, SNMP_EXTENDED_KEY_SIZ) != 1 || + EVP_DigestUpdate(ctx, md, olen) != 1 || + EVP_DigestFinal(ctx, md, &olen) != 1) goto failed; if (olen < SNMP_USM_AUTH_SIZE) { snmp_error("bad digest size - %d", olen); - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); return (SNMP_CODE_BADDIGEST); } memcpy(digest, md, SNMP_USM_AUTH_SIZE); - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); return (SNMP_CODE_OK); failed: - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); return (SNMP_CODE_BADDIGEST); } @@ -176,7 +181,7 @@ snmp_pdu_encrypt(const struct snmp_pdu *pdu) int32_t err, olen; uint8_t iv[SNMP_PRIV_AES_IV_SIZ]; const EVP_CIPHER *ctype; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; err = snmp_pdu_cipher_init(pdu, pdu->scoped_len, &ctype, iv); if (err < 0) @@ -184,18 +189,23 @@ snmp_pdu_encrypt(const struct snmp_pdu *pdu) else if (err == 0) return (SNMP_CODE_OK); - if (EVP_EncryptInit(&ctx, ctype, pdu->user.priv_key, iv) != 1) + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) return (SNMP_CODE_FAILED); + if (EVP_EncryptInit(ctx, ctype, pdu->user.priv_key, iv) != 1) + goto failed; - if (EVP_EncryptUpdate(&ctx, pdu->scoped_ptr, &olen, pdu->scoped_ptr, + if (EVP_EncryptUpdate(ctx, pdu->scoped_ptr, &olen, pdu->scoped_ptr, pdu->scoped_len) != 1 || - EVP_EncryptFinal(&ctx, pdu->scoped_ptr + olen, &olen) != 1) { - EVP_CIPHER_CTX_cleanup(&ctx); - return (SNMP_CODE_FAILED); - } + EVP_EncryptFinal(ctx, pdu->scoped_ptr + olen, &olen) != 1) + goto failed; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return (SNMP_CODE_OK); + +failed: + EVP_CIPHER_CTX_free(ctx); + return (SNMP_CODE_FAILED); } enum snmp_code @@ -204,7 +214,7 @@ snmp_pdu_decrypt(const struct snmp_pdu *pdu) int32_t err, olen; uint8_t iv[SNMP_PRIV_AES_IV_SIZ]; const EVP_CIPHER *ctype; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; err = snmp_pdu_cipher_init(pdu, pdu->scoped_len, &ctype, iv); if (err < 0) @@ -212,19 +222,24 @@ snmp_pdu_decrypt(const struct snmp_pdu *pdu) else if (err == 0) return (SNMP_CODE_OK); - if (EVP_DecryptInit(&ctx, ctype, pdu->user.priv_key, iv) != 1 || - EVP_CIPHER_CTX_set_padding(&ctx, 0) != 1) - return (SNMP_CODE_EDECRYPT); + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) + return (SNMP_CODE_FAILED); + if (EVP_DecryptInit(ctx, ctype, pdu->user.priv_key, iv) != 1 || + EVP_CIPHER_CTX_set_padding(ctx, 0) != 1) + goto failed; - if (EVP_DecryptUpdate(&ctx, pdu->scoped_ptr, &olen, pdu->scoped_ptr, + if (EVP_DecryptUpdate(ctx, pdu->scoped_ptr, &olen, pdu->scoped_ptr, pdu->scoped_len) != 1 || - EVP_DecryptFinal(&ctx, pdu->scoped_ptr + olen, &olen) != 1) { - EVP_CIPHER_CTX_cleanup(&ctx); - return (SNMP_CODE_EDECRYPT); - } + EVP_DecryptFinal(ctx, pdu->scoped_ptr + olen, &olen) != 1) + goto failed; - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return (SNMP_CODE_OK); + +failed: + EVP_CIPHER_CTX_free(ctx); + return (SNMP_CODE_EDECRYPT); } /* [RFC 3414] - A.2. Password to Key Algorithm */ @@ -234,13 +249,19 @@ snmp_passwd_to_keys(struct snmp_user *user, char *pass int err, loop, i, pwdlen; uint32_t keylen, olen; const EVP_MD *dtype; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; uint8_t authbuf[SNMP_AUTH_BUF_SIZE]; if (passwd == NULL || user == NULL) return (SNMP_CODE_FAILED); - err = snmp_digest_init(user, &ctx, &dtype, &keylen); + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) + return (SNMP_CODE_FAILED); + + err = snmp_digest_init(user, ctx, &dtype, &keylen); + if (err <= 0) + EVP_MD_CTX_free(ctx); if (err < 0) return (SNMP_CODE_BADDIGEST); else if (err == 0) @@ -252,18 +273,18 @@ snmp_passwd_to_keys(struct snmp_user *user, char *pass for (loop = 0; loop < SNMP_AUTH_KEY_LOOPCNT; loop += i) { for (i = 0; i < SNMP_EXTENDED_KEY_SIZ; i++) authbuf[i] = passwd[(loop + i) % pwdlen]; - if (EVP_DigestUpdate(&ctx, authbuf, SNMP_EXTENDED_KEY_SIZ) != 1) + if (EVP_DigestUpdate(ctx, authbuf, SNMP_EXTENDED_KEY_SIZ) != 1) goto failed; } - if (EVP_DigestFinal(&ctx, user->auth_key, &olen) != 1) + if (EVP_DigestFinal(ctx, user->auth_key, &olen) != 1) goto failed; - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); return (SNMP_CODE_OK); failed: - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); return (SNMP_CODE_BADDIGEST); } @@ -274,16 +295,22 @@ snmp_get_local_keys(struct snmp_user *user, uint8_t *e int err; uint32_t keylen, olen; const EVP_MD *dtype; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; uint8_t authbuf[SNMP_AUTH_BUF_SIZE]; if (user == NULL || eid == NULL || elen > SNMP_ENGINE_ID_SIZ) return (SNMP_CODE_FAILED); + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) + return (SNMP_CODE_FAILED); + memset(user->priv_key, 0, sizeof(user->priv_key)); memset(authbuf, 0, sizeof(authbuf)); - err = snmp_digest_init(user, &ctx, &dtype, &keylen); + err = snmp_digest_init(user, ctx, &dtype, &keylen); + if (err <= 0) + EVP_MD_CTX_free(ctx); if (err < 0) return (SNMP_CODE_BADDIGEST); else if (err == 0) @@ -293,12 +320,12 @@ snmp_get_local_keys(struct snmp_user *user, uint8_t *e memcpy(authbuf + keylen, eid, elen); memcpy(authbuf + keylen + elen, user->auth_key, keylen); - if (EVP_DigestUpdate(&ctx, authbuf, 2 * keylen + elen) != 1 || - EVP_DigestFinal(&ctx, user->auth_key, &olen) != 1) { - EVP_MD_CTX_cleanup(&ctx); + if (EVP_DigestUpdate(ctx, authbuf, 2 * keylen + elen) != 1 || + EVP_DigestFinal(ctx, user->auth_key, &olen) != 1) { + EVP_MD_CTX_free(ctx); return (SNMP_CODE_BADDIGEST); } - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); if (user->priv_proto != SNMP_PRIV_NOPRIV) memcpy(user->priv_key, user->auth_key, sizeof(user->priv_key)); @@ -312,9 +339,15 @@ snmp_calc_keychange(struct snmp_user *user, uint8_t *k int32_t err, rvalue[SNMP_AUTH_HMACSHA_KEY_SIZ / 4]; uint32_t i, keylen, olen; const EVP_MD *dtype; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; - err = snmp_digest_init(user, &ctx, &dtype, &keylen); + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) + return (SNMP_CODE_FAILED); + + err = snmp_digest_init(user, ctx, &dtype, &keylen); + if (err <= 0) + EVP_MD_CTX_free(ctx); if (err < 0) return (SNMP_CODE_BADDIGEST); else if (err == 0) @@ -326,13 +359,13 @@ snmp_calc_keychange(struct snmp_user *user, uint8_t *k memcpy(keychange, user->auth_key, keylen); memcpy(keychange + keylen, rvalue, keylen); - if (EVP_DigestUpdate(&ctx, keychange, 2 * keylen) != 1 || - EVP_DigestFinal(&ctx, keychange, &olen) != 1) { - EVP_MD_CTX_cleanup(&ctx); + if (EVP_DigestUpdate(ctx, keychange, 2 * keylen) != 1 || + EVP_DigestFinal(ctx, keychange, &olen) != 1) { + EVP_MD_CTX_free(ctx); return (SNMP_CODE_BADDIGEST); } - EVP_MD_CTX_cleanup(&ctx); + EVP_MD_CTX_free(ctx); return (SNMP_CODE_OK); }