From ba88e0fba5fcb73db395193e958402ffe4cad88a Mon Sep 17 00:00:00 2001
From: Dirkjan Bussink <d.bussink@gmail.com>
Date: Sat, 12 Dec 2020 17:10:37 +0100
Subject: [PATCH] Use current OpenSSL API as the example

EVP_MD_CTX_new / EVP_MD_CTX_free is the current recommended / documented
API. The other names are defined as aliases for backwards compatibility.

The other part here is that EVP_MD_CTX_init is not needed for a context
allocated with EVP_MD_CTX_new. Only for the compatibility path for older
OpenSSL is the init needed if the structure is allocated directly.

Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 src/libcrypto-compat.c |  6 +++++-
 src/libcrypto.c        | 35 +++++++++++++++--------------------
 2 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/src/libcrypto-compat.c b/src/libcrypto-compat.c
index 01ca70e7..d9947379 100644
--- a/src/libcrypto-compat.c
+++ b/src/libcrypto-compat.c
@@ -236,7 +236,11 @@ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
 
 EVP_MD_CTX *EVP_MD_CTX_new(void)
 {
-    return OPENSSL_zalloc(sizeof(EVP_MD_CTX));
+    EVP_MD_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MD_CTX));
+    if (ctx != NULL) {
+        EVP_MD_CTX_init(ctx);
+    }
+    return ctx;
 }
 
 static void OPENSSL_clear_free(void *str, size_t num)
diff --git a/src/libcrypto.c b/src/libcrypto.c
index edfd799b..0dc103c3 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -118,14 +118,13 @@ int ssh_get_random(void *where, int len, int strong)
 SHACTX sha1_init(void)
 {
     int rc;
-    SHACTX c = EVP_MD_CTX_create();
+    SHACTX c = EVP_MD_CTX_new();
     if (c == NULL) {
         return NULL;
     }
-    EVP_MD_CTX_init(c);
     rc = EVP_DigestInit_ex(c, EVP_sha1(), NULL);
     if (rc == 0) {
-        EVP_MD_CTX_destroy(c);
+        EVP_MD_CTX_free(c);
         c = NULL;
     }
     return c;
@@ -141,7 +140,7 @@ void sha1_final(unsigned char *md, SHACTX c)
     unsigned int mdlen = 0;
 
     EVP_DigestFinal(c, md, &mdlen);
-    EVP_MD_CTX_destroy(c);
+    EVP_MD_CTX_free(c);
 }
 
 void sha1(const unsigned char *digest, int len, unsigned char *hash)
@@ -210,14 +209,13 @@ void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)
 SHA256CTX sha256_init(void)
 {
     int rc;
-    SHA256CTX c = EVP_MD_CTX_create();
+    SHA256CTX c = EVP_MD_CTX_new();
     if (c == NULL) {
         return NULL;
     }
-    EVP_MD_CTX_init(c);
     rc = EVP_DigestInit_ex(c, EVP_sha256(), NULL);
     if (rc == 0) {
-        EVP_MD_CTX_destroy(c);
+        EVP_MD_CTX_free(c);
         c = NULL;
     }
     return c;
@@ -233,7 +231,7 @@ void sha256_final(unsigned char *md, SHA256CTX c)
     unsigned int mdlen = 0;
 
     EVP_DigestFinal(c, md, &mdlen);
-    EVP_MD_CTX_destroy(c);
+    EVP_MD_CTX_free(c);
 }
 
 void sha256(const unsigned char *digest, int len, unsigned char *hash)
@@ -248,14 +246,13 @@ void sha256(const unsigned char *digest, int len, unsigned char *hash)
 SHA384CTX sha384_init(void)
 {
     int rc;
-    SHA384CTX c = EVP_MD_CTX_create();
+    SHA384CTX c = EVP_MD_CTX_new();
     if (c == NULL) {
         return NULL;
     }
-    EVP_MD_CTX_init(c);
     rc = EVP_DigestInit_ex(c, EVP_sha384(), NULL);
     if (rc == 0) {
-        EVP_MD_CTX_destroy(c);
+        EVP_MD_CTX_free(c);
         c = NULL;
     }
     return c;
@@ -271,7 +268,7 @@ void sha384_final(unsigned char *md, SHA384CTX c)
     unsigned int mdlen = 0;
 
     EVP_DigestFinal(c, md, &mdlen);
-    EVP_MD_CTX_destroy(c);
+    EVP_MD_CTX_free(c);
 }
 
 void sha384(const unsigned char *digest, int len, unsigned char *hash)
@@ -286,14 +283,13 @@ void sha384(const unsigned char *digest, int len, unsigned char *hash)
 SHA512CTX sha512_init(void)
 {
     int rc = 0;
-    SHA512CTX c = EVP_MD_CTX_create();
+    SHA512CTX c = EVP_MD_CTX_new();
     if (c == NULL) {
         return NULL;
     }
-    EVP_MD_CTX_init(c);
     rc = EVP_DigestInit_ex(c, EVP_sha512(), NULL);
     if (rc == 0) {
-        EVP_MD_CTX_destroy(c);
+        EVP_MD_CTX_free(c);
         c = NULL;
     }
     return c;
@@ -309,7 +305,7 @@ void sha512_final(unsigned char *md, SHA512CTX c)
     unsigned int mdlen = 0;
 
     EVP_DigestFinal(c, md, &mdlen);
-    EVP_MD_CTX_destroy(c);
+    EVP_MD_CTX_free(c);
 }
 
 void sha512(const unsigned char *digest, int len, unsigned char *hash)
@@ -324,14 +320,13 @@ void sha512(const unsigned char *digest, int len, unsigned char *hash)
 MD5CTX md5_init(void)
 {
     int rc;
-    MD5CTX c = EVP_MD_CTX_create();
+    MD5CTX c = EVP_MD_CTX_new();
     if (c == NULL) {
         return NULL;
     }
-    EVP_MD_CTX_init(c);
     rc = EVP_DigestInit_ex(c, EVP_md5(), NULL);
     if(rc == 0) {
-        EVP_MD_CTX_destroy(c);
+        EVP_MD_CTX_free(c);
         c = NULL;
     }
     return c;
@@ -347,7 +342,7 @@ void md5_final(unsigned char *md, MD5CTX c)
     unsigned int mdlen = 0;
 
     EVP_DigestFinal(c, md, &mdlen);
-    EVP_MD_CTX_destroy(c);
+    EVP_MD_CTX_free(c);
 }
 
 #ifdef HAVE_OPENSSL_EVP_KDF_CTX_NEW_ID