... | ... |
@@ -731,7 +731,7 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
731 | 731 |
unsigned int dsize, message_size, attrs_size; |
732 | 732 |
cli_crt_hashtype hashtype; |
733 | 733 |
cli_crt *x509; |
734 |
- EVP_MD_CTX *ctx; |
|
734 |
+ EVP_MD_CTX ctx; |
|
735 | 735 |
int result; |
736 | 736 |
int isBlacklisted = 0; |
737 | 737 |
|
... | ... |
@@ -1021,15 +1021,10 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
1021 | 1021 |
break; |
1022 | 1022 |
} |
1023 | 1023 |
|
1024 |
- ctx = EVP_MD_CTX_create(); |
|
1025 |
- if (!(ctx)) |
|
1026 |
- break; |
|
1027 |
- |
|
1028 |
- EVP_DigestInit(ctx, EVP_sha1()); |
|
1029 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
1030 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
1031 |
- EVP_DigestFinal(ctx, sha1, NULL); |
|
1032 |
- EVP_MD_CTX_destroy(ctx); |
|
1024 |
+ EVP_DigestInit(&ctx, EVP_sha1()); |
|
1025 |
+ EVP_DigestUpdate(&ctx, "\x31", 1); |
|
1026 |
+ EVP_DigestUpdate(&ctx, attrs + 1, attrs_size - 1); |
|
1027 |
+ EVP_DigestFinal(&ctx, sha1, NULL); |
|
1033 | 1028 |
|
1034 | 1029 |
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) { |
1035 | 1030 |
cli_dbgmsg("asn1_parse_mscat: failed to read encryptedDigest\n"); |
... | ... |
@@ -1267,25 +1262,15 @@ static int asn1_parse_mscat(fmap_t *map, size_t offset, unsigned int size, crtmg |
1267 | 1267 |
} |
1268 | 1268 |
|
1269 | 1269 |
if(hashtype == CLI_SHA1RSA) { |
1270 |
- ctx = EVP_MD_CTX_create(); |
|
1271 |
- if (!(ctx)) |
|
1272 |
- break; |
|
1273 |
- |
|
1274 |
- EVP_DigestInit(ctx, EVP_sha1()); |
|
1275 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
1276 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
1277 |
- EVP_DigestFinal(ctx, sha1, NULL); |
|
1278 |
- EVP_MD_CTX_destroy(ctx); |
|
1270 |
+ EVP_DigestInit(&ctx, EVP_sha1()); |
|
1271 |
+ EVP_DigestUpdate(&ctx, "\x31", 1); |
|
1272 |
+ EVP_DigestUpdate(&ctx, attrs + 1, attrs_size - 1); |
|
1273 |
+ EVP_DigestFinal(&ctx, sha1, NULL); |
|
1279 | 1274 |
} else { |
1280 |
- ctx = EVP_MD_CTX_create(); |
|
1281 |
- if (!(ctx)) |
|
1282 |
- break; |
|
1283 |
- |
|
1284 |
- EVP_DigestInit(ctx, EVP_md5()); |
|
1285 |
- EVP_DigestUpdate(ctx, "\x31", 1); |
|
1286 |
- EVP_DigestUpdate(ctx, attrs + 1, attrs_size - 1); |
|
1287 |
- EVP_DigestFinal(ctx, sha1, NULL); |
|
1288 |
- EVP_MD_CTX_destroy(ctx); |
|
1275 |
+ EVP_DigestInit(&ctx, EVP_md5()); |
|
1276 |
+ EVP_DigestUpdate(&ctx, "\x31", 1); |
|
1277 |
+ EVP_DigestUpdate(&ctx, attrs + 1, attrs_size - 1); |
|
1278 |
+ EVP_DigestFinal(&ctx, sha1, NULL); |
|
1289 | 1279 |
} |
1290 | 1280 |
|
1291 | 1281 |
if(!fmap_need_ptr_once(map, asn1.content, asn1.size)) { |
... | ... |
@@ -905,7 +905,7 @@ void cache_remove(unsigned char *md5, size_t size, const struct cl_engine *engin |
905 | 905 |
int cache_check(unsigned char *hash, cli_ctx *ctx) { |
906 | 906 |
fmap_t *map; |
907 | 907 |
size_t todo, at = 0; |
908 |
- EVP_MD_CTX *hashctx; |
|
908 |
+ EVP_MD_CTX hashctx; |
|
909 | 909 |
int ret; |
910 | 910 |
|
911 | 911 |
if(!ctx || !ctx->engine || !ctx->engine->cache) |
... | ... |
@@ -919,10 +919,7 @@ int cache_check(unsigned char *hash, cli_ctx *ctx) { |
919 | 919 |
map = *ctx->fmap; |
920 | 920 |
todo = map->len; |
921 | 921 |
|
922 |
- hashctx = EVP_MD_CTX_create(); |
|
923 |
- if (!(hashctx)) |
|
924 |
- return CL_VIRUS; |
|
925 |
- EVP_DigestInit(hashctx, EVP_md5()); |
|
922 |
+ EVP_DigestInit(&hashctx, EVP_md5()); |
|
926 | 923 |
|
927 | 924 |
while(todo) { |
928 | 925 |
const void *buf; |
... | ... |
@@ -934,14 +931,13 @@ int cache_check(unsigned char *hash, cli_ctx *ctx) { |
934 | 934 |
todo -= readme; |
935 | 935 |
at += readme; |
936 | 936 |
|
937 |
- if (!EVP_DigestUpdate(hashctx, buf, readme)) { |
|
937 |
+ if (!EVP_DigestUpdate(&hashctx, buf, readme)) { |
|
938 | 938 |
cli_errmsg("cache_check: error reading while generating hash!\n"); |
939 | 939 |
return CL_EREAD; |
940 | 940 |
} |
941 | 941 |
} |
942 | 942 |
|
943 |
- EVP_DigestFinal(hashctx, hash, NULL); |
|
944 |
- EVP_MD_CTX_destroy(hashctx); |
|
943 |
+ EVP_DigestFinal(&hashctx, hash, NULL); |
|
945 | 944 |
|
946 | 945 |
ret = cache_lookup_hash(hash, map->len, ctx->engine->cache, ctx->recursion); |
947 | 946 |
cli_dbgmsg("cache_check: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x is %s\n", hash[0], hash[1], hash[2], hash[3], hash[4], hash[5], hash[6], hash[7], hash[8], hash[9], hash[10], hash[11], hash[12], hash[13], hash[14], hash[15], (ret == CL_VIRUS) ? "negative" : "positive"); |
... | ... |
@@ -78,7 +78,7 @@ void cl_cleanup_crypto(void) |
78 | 78 |
|
79 | 79 |
unsigned char *cl_hash_data(char *alg, const void *buf, size_t len, unsigned char *obuf, unsigned int *olen) |
80 | 80 |
{ |
81 |
- EVP_MD_CTX *ctx; |
|
81 |
+ EVP_MD_CTX ctx; |
|
82 | 82 |
unsigned char *ret; |
83 | 83 |
size_t mdsz; |
84 | 84 |
const EVP_MD *md; |
... | ... |
@@ -95,55 +95,42 @@ unsigned char *cl_hash_data(char *alg, const void *buf, size_t len, unsigned cha |
95 | 95 |
if (!(ret)) |
96 | 96 |
return NULL; |
97 | 97 |
|
98 |
- ctx = EVP_MD_CTX_create(); |
|
99 |
- if (!(ctx)) { |
|
100 |
- if (!(obuf)) |
|
101 |
- free(ret); |
|
102 |
- |
|
103 |
- return NULL; |
|
104 |
- } |
|
105 |
- |
|
106 |
- if (!EVP_DigestInit(ctx, md)) { |
|
98 |
+ if (!EVP_DigestInit(&ctx, md)) { |
|
107 | 99 |
if (!(obuf)) |
108 | 100 |
free(ret); |
109 | 101 |
|
110 | 102 |
if ((olen)) |
111 | 103 |
*olen = 0; |
112 | 104 |
|
113 |
- EVP_MD_CTX_destroy(ctx); |
|
114 | 105 |
return NULL; |
115 | 106 |
} |
116 | 107 |
|
117 | 108 |
cur=0; |
118 | 109 |
while (cur < len) { |
119 | 110 |
size_t todo = MIN(EVP_MD_block_size(md), len-cur); |
120 |
- if (!EVP_DigestUpdate(ctx, (void *)(((unsigned char *)buf)+cur), todo)) { |
|
111 |
+ if (!EVP_DigestUpdate(&ctx, (void *)(((unsigned char *)buf)+cur), todo)) { |
|
121 | 112 |
if (!(obuf)) |
122 | 113 |
free(ret); |
123 | 114 |
|
124 | 115 |
if ((olen)) |
125 | 116 |
*olen = 0; |
126 | 117 |
|
127 |
- EVP_MD_CTX_destroy(ctx); |
|
128 | 118 |
return NULL; |
129 | 119 |
} |
130 | 120 |
|
131 | 121 |
cur += todo; |
132 | 122 |
} |
133 | 123 |
|
134 |
- if (!EVP_DigestFinal(ctx, ret, &i)) { |
|
124 |
+ if (!EVP_DigestFinal(&ctx, ret, &i)) { |
|
135 | 125 |
if (!(obuf)) |
136 | 126 |
free(ret); |
137 | 127 |
|
138 | 128 |
if ((olen)) |
139 | 129 |
*olen = 0; |
140 | 130 |
|
141 |
- EVP_MD_CTX_destroy(ctx); |
|
142 | 131 |
return NULL; |
143 | 132 |
} |
144 | 133 |
|
145 |
- EVP_MD_CTX_destroy(ctx); |
|
146 |
- |
|
147 | 134 |
if ((olen)) |
148 | 135 |
*olen = i; |
149 | 136 |
|
... | ... |
@@ -152,7 +139,7 @@ unsigned char *cl_hash_data(char *alg, const void *buf, size_t len, unsigned cha |
152 | 152 |
|
153 | 153 |
unsigned char *cl_hash_file_fd(int fd, char *alg, unsigned int *olen) |
154 | 154 |
{ |
155 |
- EVP_MD_CTX *ctx; |
|
155 |
+ EVP_MD_CTX ctx; |
|
156 | 156 |
const EVP_MD *md; |
157 | 157 |
unsigned char *res; |
158 | 158 |
|
... | ... |
@@ -160,18 +147,12 @@ unsigned char *cl_hash_file_fd(int fd, char *alg, unsigned int *olen) |
160 | 160 |
if (!(md)) |
161 | 161 |
return NULL; |
162 | 162 |
|
163 |
- ctx = EVP_MD_CTX_create(); |
|
164 |
- if (!(ctx)) |
|
165 |
- return NULL; |
|
166 |
- |
|
167 |
- if (!EVP_DigestInit(ctx, md)) { |
|
168 |
- EVP_MD_CTX_destroy(ctx); |
|
163 |
+ if (!EVP_DigestInit(&ctx, md)) { |
|
169 | 164 |
return NULL; |
170 | 165 |
} |
171 | 166 |
|
172 |
- res = cl_hash_file_fd_ctx(ctx, fd, olen); |
|
167 |
+ res = cl_hash_file_fd_ctx(&ctx, fd, olen); |
|
173 | 168 |
|
174 |
- EVP_MD_CTX_destroy(ctx); |
|
175 | 169 |
return res; |
176 | 170 |
} |
177 | 171 |
|
... | ... |
@@ -259,7 +240,7 @@ unsigned char *cl_sha1(const void *buf, size_t len, unsigned char *obuf, unsigne |
259 | 259 |
|
260 | 260 |
int cl_verify_signature_hash(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned int siglen, unsigned char *digest) |
261 | 261 |
{ |
262 |
- EVP_MD_CTX *ctx; |
|
262 |
+ EVP_MD_CTX ctx; |
|
263 | 263 |
const EVP_MD *md; |
264 | 264 |
size_t mdsz; |
265 | 265 |
|
... | ... |
@@ -269,33 +250,24 @@ int cl_verify_signature_hash(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsi |
269 | 269 |
|
270 | 270 |
mdsz = EVP_MD_size(md); |
271 | 271 |
|
272 |
- ctx = EVP_MD_CTX_create(); |
|
273 |
- if (!(ctx)) { |
|
274 |
- return -1; |
|
275 |
- } |
|
276 |
- |
|
277 |
- if (!EVP_VerifyInit(ctx, md)) { |
|
278 |
- EVP_MD_CTX_destroy(ctx); |
|
272 |
+ if (!EVP_VerifyInit(&ctx, md)) { |
|
279 | 273 |
return -1; |
280 | 274 |
} |
281 | 275 |
|
282 |
- if (!EVP_VerifyUpdate(ctx, digest, mdsz)) { |
|
283 |
- EVP_MD_CTX_destroy(ctx); |
|
276 |
+ if (!EVP_VerifyUpdate(&ctx, digest, mdsz)) { |
|
284 | 277 |
return -1; |
285 | 278 |
} |
286 | 279 |
|
287 |
- if (EVP_VerifyFinal(ctx, sig, siglen, pkey) != 0) { |
|
288 |
- EVP_MD_CTX_destroy(ctx); |
|
280 |
+ if (EVP_VerifyFinal(&ctx, sig, siglen, pkey) != 0) { |
|
289 | 281 |
return -1; |
290 | 282 |
} |
291 | 283 |
|
292 |
- EVP_MD_CTX_destroy(ctx); |
|
293 | 284 |
return 0; |
294 | 285 |
} |
295 | 286 |
|
296 | 287 |
int cl_verify_signature_fd(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned int siglen, int fd) |
297 | 288 |
{ |
298 |
- EVP_MD_CTX *ctx; |
|
289 |
+ EVP_MD_CTX ctx; |
|
299 | 290 |
const EVP_MD *md; |
300 | 291 |
size_t mdsz; |
301 | 292 |
unsigned char *digest; |
... | ... |
@@ -310,38 +282,28 @@ int cl_verify_signature_fd(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsign |
310 | 310 |
|
311 | 311 |
mdsz = EVP_MD_size(md); |
312 | 312 |
|
313 |
- ctx = EVP_MD_CTX_create(); |
|
314 |
- if (!(ctx)) { |
|
315 |
- free(digest); |
|
316 |
- return -1; |
|
317 |
- } |
|
318 |
- |
|
319 |
- if (!EVP_VerifyInit(ctx, md)) { |
|
313 |
+ if (!EVP_VerifyInit(&ctx, md)) { |
|
320 | 314 |
free(digest); |
321 |
- EVP_MD_CTX_destroy(ctx); |
|
322 | 315 |
return -1; |
323 | 316 |
} |
324 | 317 |
|
325 |
- if (!EVP_VerifyUpdate(ctx, digest, mdsz)) { |
|
318 |
+ if (!EVP_VerifyUpdate(&ctx, digest, mdsz)) { |
|
326 | 319 |
free(digest); |
327 |
- EVP_MD_CTX_destroy(ctx); |
|
328 | 320 |
return -1; |
329 | 321 |
} |
330 | 322 |
|
331 |
- if (EVP_VerifyFinal(ctx, sig, siglen, pkey) != 0) { |
|
323 |
+ if (EVP_VerifyFinal(&ctx, sig, siglen, pkey) != 0) { |
|
332 | 324 |
free(digest); |
333 |
- EVP_MD_CTX_destroy(ctx); |
|
334 | 325 |
return -1; |
335 | 326 |
} |
336 | 327 |
|
337 |
- EVP_MD_CTX_destroy(ctx); |
|
338 | 328 |
free(digest); |
339 | 329 |
return 0; |
340 | 330 |
} |
341 | 331 |
|
342 | 332 |
int cl_verify_signature(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned int siglen, unsigned char *data, size_t datalen, int decode) |
343 | 333 |
{ |
344 |
- EVP_MD_CTX *ctx; |
|
334 |
+ EVP_MD_CTX ctx; |
|
345 | 335 |
const EVP_MD *md; |
346 | 336 |
size_t mdsz; |
347 | 337 |
unsigned char *digest; |
... | ... |
@@ -377,8 +339,7 @@ int cl_verify_signature(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned |
377 | 377 |
|
378 | 378 |
mdsz = EVP_MD_size(md); |
379 | 379 |
|
380 |
- ctx = EVP_MD_CTX_create(); |
|
381 |
- if (!(ctx)) { |
|
380 |
+ if (!EVP_VerifyInit(&ctx, md)) { |
|
382 | 381 |
free(digest); |
383 | 382 |
if (decode) |
384 | 383 |
free(sig); |
... | ... |
@@ -386,9 +347,7 @@ int cl_verify_signature(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned |
386 | 386 |
return -1; |
387 | 387 |
} |
388 | 388 |
|
389 |
- if (!EVP_VerifyInit(ctx, md)) { |
|
390 |
- EVP_MD_CTX_destroy(ctx); |
|
391 |
- |
|
389 |
+ if (!EVP_VerifyUpdate(&ctx, digest, mdsz)) { |
|
392 | 390 |
free(digest); |
393 | 391 |
if (decode) |
394 | 392 |
free(sig); |
... | ... |
@@ -396,9 +355,7 @@ int cl_verify_signature(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned |
396 | 396 |
return -1; |
397 | 397 |
} |
398 | 398 |
|
399 |
- if (!EVP_VerifyUpdate(ctx, digest, mdsz)) { |
|
400 |
- EVP_MD_CTX_destroy(ctx); |
|
401 |
- |
|
399 |
+ if (EVP_VerifyFinal(&ctx, sig, siglen, pkey) != 0) { |
|
402 | 400 |
free(digest); |
403 | 401 |
if (decode) |
404 | 402 |
free(sig); |
... | ... |
@@ -406,18 +363,6 @@ int cl_verify_signature(EVP_PKEY *pkey, char *alg, unsigned char *sig, unsigned |
406 | 406 |
return -1; |
407 | 407 |
} |
408 | 408 |
|
409 |
- if (EVP_VerifyFinal(ctx, sig, siglen, pkey) != 0) { |
|
410 |
- EVP_MD_CTX_destroy(ctx); |
|
411 |
- |
|
412 |
- free(digest); |
|
413 |
- if (decode) |
|
414 |
- free(sig); |
|
415 |
- |
|
416 |
- return -1; |
|
417 |
- } |
|
418 |
- |
|
419 |
- EVP_MD_CTX_destroy(ctx); |
|
420 |
- |
|
421 | 409 |
if (decode) |
422 | 410 |
free(sig); |
423 | 411 |
|
... | ... |
@@ -579,7 +524,7 @@ unsigned char *cl_sign_data_keyfile(char *keypath, char *alg, unsigned char *has |
579 | 579 |
|
580 | 580 |
unsigned char *cl_sign_data(EVP_PKEY *pkey, char *alg, unsigned char *hash, unsigned int *olen, int encode) |
581 | 581 |
{ |
582 |
- EVP_MD_CTX *ctx; |
|
582 |
+ EVP_MD_CTX ctx; |
|
583 | 583 |
const EVP_MD *md; |
584 | 584 |
unsigned int siglen; |
585 | 585 |
unsigned char *sig; |
... | ... |
@@ -588,35 +533,25 @@ unsigned char *cl_sign_data(EVP_PKEY *pkey, char *alg, unsigned char *hash, unsi |
588 | 588 |
if (!(md)) |
589 | 589 |
return NULL; |
590 | 590 |
|
591 |
- ctx = EVP_MD_CTX_create(); |
|
592 |
- if (!(ctx)) { |
|
593 |
- free(hash); |
|
594 |
- return NULL; |
|
595 |
- } |
|
596 |
- |
|
597 | 591 |
sig = (unsigned char *)calloc(1, EVP_PKEY_size(pkey)); |
598 | 592 |
if (!(sig)) { |
599 |
- EVP_MD_CTX_destroy(ctx); |
|
600 | 593 |
free(hash); |
601 | 594 |
return NULL; |
602 | 595 |
} |
603 | 596 |
|
604 |
- if (!EVP_SignInit(ctx, md)) { |
|
605 |
- EVP_MD_CTX_destroy(ctx); |
|
597 |
+ if (!EVP_SignInit(&ctx, md)) { |
|
606 | 598 |
free(sig); |
607 | 599 |
free(hash); |
608 | 600 |
return NULL; |
609 | 601 |
} |
610 | 602 |
|
611 |
- if (!EVP_SignUpdate(ctx, hash, EVP_MD_size(md))) { |
|
612 |
- EVP_MD_CTX_destroy(ctx); |
|
603 |
+ if (!EVP_SignUpdate(&ctx, hash, EVP_MD_size(md))) { |
|
613 | 604 |
free(sig); |
614 | 605 |
free(hash); |
615 | 606 |
return NULL; |
616 | 607 |
} |
617 | 608 |
|
618 |
- if (!EVP_SignFinal(ctx, sig, &siglen, pkey)) { |
|
619 |
- EVP_MD_CTX_destroy(ctx); |
|
609 |
+ if (!EVP_SignFinal(&ctx, sig, &siglen, pkey)) { |
|
620 | 610 |
free(sig); |
621 | 611 |
free(hash); |
622 | 612 |
return NULL; |
... | ... |
@@ -625,7 +560,6 @@ unsigned char *cl_sign_data(EVP_PKEY *pkey, char *alg, unsigned char *hash, unsi |
625 | 625 |
if (encode) { |
626 | 626 |
unsigned char *newsig = (unsigned char *)cl_base64_encode(sig, siglen); |
627 | 627 |
if (!(newsig)) { |
628 |
- EVP_MD_CTX_destroy(ctx); |
|
629 | 628 |
free(sig); |
630 | 629 |
free(hash); |
631 | 630 |
return NULL; |
... | ... |
@@ -636,7 +570,6 @@ unsigned char *cl_sign_data(EVP_PKEY *pkey, char *alg, unsigned char *hash, unsi |
636 | 636 |
siglen = (unsigned int)strlen((const char *)newsig); |
637 | 637 |
} |
638 | 638 |
|
639 |
- EVP_MD_CTX_destroy(ctx); |
|
640 | 639 |
free(hash); |
641 | 640 |
|
642 | 641 |
*olen = siglen; |
... | ... |
@@ -315,12 +315,7 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un |
315 | 315 |
dbio->readsize = dbio->size < dbio->bufsize ? dbio->size : dbio->bufsize - 1; |
316 | 316 |
dbio->bufpt = NULL; |
317 | 317 |
dbio->readpt = dbio->buf; |
318 |
- dbio->hashctx = EVP_MD_CTX_create(); |
|
319 |
- if (!(dbio->hashctx)) { |
|
320 |
- cli_tgzload_cleanup(compr, dbio, fdd); |
|
321 |
- return CL_EMALFDB;; |
|
322 |
- } |
|
323 |
- EVP_DigestInit(dbio->hashctx, EVP_sha256()); |
|
318 |
+ EVP_DigestInit(&(dbio->hashctx), EVP_sha256()); |
|
324 | 319 |
dbio->bread = 0; |
325 | 320 |
|
326 | 321 |
/* cli_dbgmsg("cli_tgzload: Loading %s, size: %u\n", name, size); */ |
... | ... |
@@ -354,7 +349,7 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un |
354 | 354 |
cli_tgzload_cleanup(compr, dbio, fdd); |
355 | 355 |
return CL_EMALFDB; |
356 | 356 |
} |
357 |
- EVP_DigestFinal(dbio->hashctx, hash, NULL); |
|
357 |
+ EVP_DigestFinal(&(dbio->hashctx), hash, NULL); |
|
358 | 358 |
if(memcmp(db->hash, hash, 32)) { |
359 | 359 |
cli_errmsg("cli_tgzload: Invalid checksum for file %s\n", name); |
360 | 360 |
cli_tgzload_cleanup(compr, dbio, fdd); |
... | ... |
@@ -32,7 +32,7 @@ struct cli_dbio { |
32 | 32 |
char *buf, *bufpt, *readpt; |
33 | 33 |
unsigned int usebuf, bufsize, readsize; |
34 | 34 |
unsigned int chkonly; |
35 |
- EVP_MD_CTX *hashctx; |
|
35 |
+ EVP_MD_CTX hashctx; |
|
36 | 36 |
}; |
37 | 37 |
|
38 | 38 |
int cli_cvdload(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, unsigned int dbtype, const char *filename, unsigned int chkonly); |
... | ... |
@@ -158,7 +158,7 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
158 | 158 |
unsigned char *decoded, digest1[HASH_LEN], digest2[HASH_LEN], digest3[HASH_LEN], *salt; |
159 | 159 |
unsigned char mask[BLK_LEN], data[BLK_LEN], final[8 + 2 * HASH_LEN], c[4]; |
160 | 160 |
unsigned int i, rounds; |
161 |
- EVP_MD_CTX *ctx; |
|
161 |
+ EVP_MD_CTX ctx; |
|
162 | 162 |
mp_int n, e; |
163 | 163 |
|
164 | 164 |
mp_init(&e); |
... | ... |
@@ -187,15 +187,10 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
187 | 187 |
c[2] = (unsigned char) (i / 256); |
188 | 188 |
c[3] = (unsigned char) i; |
189 | 189 |
|
190 |
- ctx = EVP_MD_CTX_create(); |
|
191 |
- if (!(ctx)) |
|
192 |
- return CL_EVERIFY; |
|
193 |
- |
|
194 |
- EVP_DigestInit(ctx, EVP_sha256()); |
|
195 |
- EVP_DigestUpdate(ctx, digest2, HASH_LEN); |
|
196 |
- EVP_DigestUpdate(ctx, c, 4); |
|
197 |
- EVP_DigestFinal(ctx, digest3, NULL); |
|
198 |
- EVP_MD_CTX_destroy(ctx); |
|
190 |
+ EVP_DigestInit(&ctx, EVP_sha256()); |
|
191 |
+ EVP_DigestUpdate(&ctx, digest2, HASH_LEN); |
|
192 |
+ EVP_DigestUpdate(&ctx, c, 4); |
|
193 |
+ EVP_DigestFinal(&ctx, digest3, NULL); |
|
199 | 194 |
if(i + 1 == rounds) |
200 | 195 |
memcpy(&data[i * 32], digest3, BLK_LEN - i * HASH_LEN); |
201 | 196 |
else |
... | ... |
@@ -217,14 +212,9 @@ int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n |
217 | 217 |
memcpy(&final[8], sha256, HASH_LEN); |
218 | 218 |
memcpy(&final[8 + HASH_LEN], salt, SALT_LEN); |
219 | 219 |
|
220 |
- ctx = EVP_MD_CTX_create(); |
|
221 |
- if (!(ctx)) |
|
222 |
- return CL_EVERIFY; |
|
223 |
- |
|
224 |
- EVP_DigestInit(ctx, EVP_sha256()); |
|
225 |
- EVP_DigestUpdate(ctx, final, sizeof(final)); |
|
226 |
- EVP_DigestFinal(ctx, digest1, NULL); |
|
227 |
- EVP_MD_CTX_destroy(ctx); |
|
220 |
+ EVP_DigestInit(&ctx, EVP_sha256()); |
|
221 |
+ EVP_DigestUpdate(&ctx, final, sizeof(final)); |
|
222 |
+ EVP_DigestFinal(&ctx, digest1, NULL); |
|
228 | 223 |
|
229 | 224 |
return memcmp(digest1, digest2, HASH_LEN) ? CL_EVERIFY : CL_SUCCESS; |
230 | 225 |
} |
... | ... |
@@ -718,48 +718,22 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
718 | 718 |
const char *virname = NULL; |
719 | 719 |
uint32_t viroffset = 0; |
720 | 720 |
uint32_t viruses_found = 0; |
721 |
- EVP_MD_CTX *md5ctx, *sha1ctx, *sha256ctx; |
|
721 |
+ EVP_MD_CTX md5ctx, sha1ctx, sha256ctx; |
|
722 | 722 |
|
723 | 723 |
if(!ctx->engine) { |
724 | 724 |
cli_errmsg("cli_scandesc: engine == NULL\n"); |
725 | 725 |
return CL_ENULLARG; |
726 | 726 |
} |
727 | 727 |
|
728 |
- md5ctx = EVP_MD_CTX_create(); |
|
729 |
- if (!(md5ctx)) |
|
730 |
- return CL_CLEAN; |
|
731 |
- |
|
732 |
- sha1ctx = EVP_MD_CTX_create(); |
|
733 |
- if (!(sha1ctx)) { |
|
734 |
- EVP_MD_CTX_destroy(md5ctx); |
|
735 |
- return CL_CLEAN; |
|
736 |
- } |
|
737 |
- |
|
738 |
- sha256ctx = EVP_MD_CTX_create(); |
|
739 |
- if (!(sha256ctx)) { |
|
740 |
- EVP_MD_CTX_destroy(md5ctx); |
|
741 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
728 |
+ if (!EVP_DigestInit(&md5ctx, EVP_md5())) { |
|
742 | 729 |
return CL_CLEAN; |
743 | 730 |
} |
744 | 731 |
|
745 |
- if (!EVP_DigestInit(md5ctx, EVP_md5())) { |
|
746 |
- EVP_MD_CTX_destroy(md5ctx); |
|
747 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
748 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
732 |
+ if (!EVP_DigestInit(&sha1ctx, EVP_sha1())) { |
|
749 | 733 |
return CL_CLEAN; |
750 | 734 |
} |
751 | 735 |
|
752 |
- if (!EVP_DigestInit(sha1ctx, EVP_sha1())) { |
|
753 |
- EVP_MD_CTX_destroy(md5ctx); |
|
754 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
755 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
756 |
- return CL_CLEAN; |
|
757 |
- } |
|
758 |
- |
|
759 |
- if (!EVP_DigestInit(sha256ctx, EVP_sha256())) { |
|
760 |
- EVP_MD_CTX_destroy(md5ctx); |
|
761 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
762 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
736 |
+ if (!EVP_DigestInit(&sha256ctx, EVP_sha256())) { |
|
763 | 737 |
return CL_CLEAN; |
764 | 738 |
} |
765 | 739 |
|
... | ... |
@@ -795,9 +769,6 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
795 | 795 |
free(info.exeinfo.section); |
796 | 796 |
|
797 | 797 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
798 |
- EVP_MD_CTX_destroy(md5ctx); |
|
799 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
800 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
801 | 798 |
return ret; |
802 | 799 |
} |
803 | 800 |
} |
... | ... |
@@ -810,9 +781,6 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
810 | 810 |
free(info.exeinfo.section); |
811 | 811 |
|
812 | 812 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
813 |
- EVP_MD_CTX_destroy(md5ctx); |
|
814 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
815 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
816 | 813 |
return ret; |
817 | 814 |
} |
818 | 815 |
if(troot->bm_offmode) { |
... | ... |
@@ -826,9 +794,6 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
826 | 826 |
free(info.exeinfo.section); |
827 | 827 |
|
828 | 828 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
829 |
- EVP_MD_CTX_destroy(md5ctx); |
|
830 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
831 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
832 | 829 |
return ret; |
833 | 830 |
} |
834 | 831 |
|
... | ... |
@@ -895,9 +860,6 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
895 | 895 |
free(info.exeinfo.section); |
896 | 896 |
|
897 | 897 |
cli_hashset_destroy(&info.exeinfo.vinfo); |
898 |
- EVP_MD_CTX_destroy(md5ctx); |
|
899 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
900 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
901 | 898 |
return ret; |
902 | 899 |
} |
903 | 900 |
} |
... | ... |
@@ -934,11 +896,11 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
934 | 934 |
uint32_t data_len = bytes - maxpatlen * (offset!=0); |
935 | 935 |
|
936 | 936 |
if(compute_hash[CLI_HASH_MD5]) |
937 |
- EVP_DigestUpdate(md5ctx, data, data_len); |
|
937 |
+ EVP_DigestUpdate(&md5ctx, data, data_len); |
|
938 | 938 |
if(compute_hash[CLI_HASH_SHA1]) |
939 |
- EVP_DigestUpdate(sha1ctx, data, data_len); |
|
939 |
+ EVP_DigestUpdate(&sha1ctx, data, data_len); |
|
940 | 940 |
if(compute_hash[CLI_HASH_SHA256]) |
941 |
- EVP_DigestUpdate(sha256ctx, data, data_len); |
|
941 |
+ EVP_DigestUpdate(&sha256ctx, data, data_len); |
|
942 | 942 |
} |
943 | 943 |
} |
944 | 944 |
|
... | ... |
@@ -957,13 +919,13 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
957 | 957 |
enum CLI_HASH_TYPE hashtype, hashtype2; |
958 | 958 |
|
959 | 959 |
if(compute_hash[CLI_HASH_MD5]) |
960 |
- EVP_DigestFinal(md5ctx, digest[CLI_HASH_MD5], NULL); |
|
960 |
+ EVP_DigestFinal(&md5ctx, digest[CLI_HASH_MD5], NULL); |
|
961 | 961 |
if(refhash) |
962 | 962 |
compute_hash[CLI_HASH_MD5] = 1; |
963 | 963 |
if(compute_hash[CLI_HASH_SHA1]) |
964 |
- EVP_DigestFinal(sha1ctx, digest[CLI_HASH_SHA1], NULL); |
|
964 |
+ EVP_DigestFinal(&sha1ctx, digest[CLI_HASH_SHA1], NULL); |
|
965 | 965 |
if(compute_hash[CLI_HASH_SHA256]) |
966 |
- EVP_DigestFinal(sha256ctx, digest[CLI_HASH_SHA256], NULL); |
|
966 |
+ EVP_DigestFinal(&sha256ctx, digest[CLI_HASH_SHA256], NULL); |
|
967 | 967 |
|
968 | 968 |
virname = NULL; |
969 | 969 |
for(hashtype = CLI_HASH_MD5; hashtype < CLI_HASH_AVAIL_TYPES; hashtype++) { |
... | ... |
@@ -1020,10 +982,6 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
1020 | 1020 |
} |
1021 | 1021 |
} |
1022 | 1022 |
|
1023 |
- EVP_MD_CTX_destroy(md5ctx); |
|
1024 |
- EVP_MD_CTX_destroy(sha1ctx); |
|
1025 |
- EVP_MD_CTX_destroy(sha256ctx); |
|
1026 |
- |
|
1027 | 1023 |
if(troot) { |
1028 | 1024 |
if(ret != CL_VIRUS || SCAN_ALL) |
1029 | 1025 |
ret = cli_lsig_eval(ctx, troot, &tdata, &info, refhash); |
... | ... |
@@ -2796,7 +2796,6 @@ rfc1341(message *m, const char *dir) |
2796 | 2796 |
int n; |
2797 | 2797 |
char pdir[NAME_MAX + 1]; |
2798 | 2798 |
unsigned char md5_val[16]; |
2799 |
- EVP_MD_CTX *ctx; |
|
2800 | 2799 |
char *md5_hex; |
2801 | 2800 |
|
2802 | 2801 |
id = (char *)messageFindArgument(m, "id"); |
... | ... |
@@ -2853,14 +2852,7 @@ rfc1341(message *m, const char *dir) |
2853 | 2853 |
} |
2854 | 2854 |
|
2855 | 2855 |
n = atoi(number); |
2856 |
- ctx = EVP_MD_CTX_create(); |
|
2857 |
- if (!(ctx)) { |
|
2858 |
- free(id); |
|
2859 |
- return CL_EMEM; |
|
2860 |
- } |
|
2861 |
- EVP_DigestInit(ctx, EVP_md5()); |
|
2862 |
- EVP_DigestUpdate(ctx, id, strlen(id)); |
|
2863 |
- EVP_DigestFinal(ctx, md5_val, NULL); |
|
2856 |
+ cl_hash_data("md5", id, strlen(id), md5_val, NULL); |
|
2864 | 2857 |
md5_hex = cli_str2hex((const char*)md5_val, 16); |
2865 | 2858 |
|
2866 | 2859 |
if(!md5_hex) { |
... | ... |
@@ -864,24 +864,19 @@ char *cli_hashstream(FILE *fs, unsigned char *digcpy, int type) |
864 | 864 |
char buff[FILEBUFF]; |
865 | 865 |
char *hashstr, *pt; |
866 | 866 |
int i, bytes, size; |
867 |
- EVP_MD_CTX *ctx; |
|
868 |
- |
|
869 |
- ctx = EVP_MD_CTX_create(); |
|
870 |
- if (!(ctx)) |
|
871 |
- return NULL; |
|
867 |
+ EVP_MD_CTX ctx; |
|
872 | 868 |
|
873 | 869 |
if(type == 1) |
874 |
- EVP_DigestInit(ctx, EVP_md5()); |
|
870 |
+ EVP_DigestInit(&ctx, EVP_md5()); |
|
875 | 871 |
else if(type == 2) |
876 |
- EVP_DigestInit(ctx, EVP_sha1()); |
|
872 |
+ EVP_DigestInit(&ctx, EVP_sha1()); |
|
877 | 873 |
else |
878 |
- EVP_DigestInit(ctx, EVP_sha256()); |
|
874 |
+ EVP_DigestInit(&ctx, EVP_sha256()); |
|
879 | 875 |
|
880 | 876 |
while((bytes = fread(buff, 1, FILEBUFF, fs))) |
881 |
- EVP_DigestUpdate(ctx, buff, bytes); |
|
877 |
+ EVP_DigestUpdate(&ctx, buff, bytes); |
|
882 | 878 |
|
883 |
- EVP_DigestFinal(ctx, digest, &size); |
|
884 |
- EVP_MD_CTX_destroy(ctx); |
|
879 |
+ EVP_DigestFinal(&ctx, digest, &size); |
|
885 | 880 |
|
886 | 881 |
if(!(hashstr = (char *) cli_calloc(size*2 + 1, sizeof(char)))) |
887 | 882 |
return NULL; |
... | ... |
@@ -2800,7 +2800,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2800 | 2800 |
struct cli_exe_section *exe_sections; |
2801 | 2801 |
struct pe_image_data_dir *dirs; |
2802 | 2802 |
fmap_t *map = *ctx->fmap; |
2803 |
- EVP_MD_CTX *hashctx; |
|
2803 |
+ EVP_MD_CTX hashctx; |
|
2804 | 2804 |
|
2805 | 2805 |
if (flags & CL_CHECKFP_PE_FLAG_STATS) |
2806 | 2806 |
if (!(hashes)) |
... | ... |
@@ -2939,13 +2939,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2939 | 2939 |
} |
2940 | 2940 |
} |
2941 | 2941 |
|
2942 |
- hashctx = EVP_MD_CTX_create(); |
|
2943 |
- if (!(hashctx)) { |
|
2944 |
- free(exe_sections); |
|
2945 |
- return CL_EMEM; |
|
2946 |
- } |
|
2947 |
- |
|
2948 |
- EVP_DigestInit(hashctx, EVP_sha1()); |
|
2942 |
+ EVP_DigestInit(&hashctx, EVP_sha1()); |
|
2949 | 2943 |
} |
2950 | 2944 |
|
2951 | 2945 |
#define hash_chunk(where, size, isStatAble, section) \ |
... | ... |
@@ -2957,16 +2951,12 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
2957 | 2957 |
return CL_EFORMAT; \ |
2958 | 2958 |
} \ |
2959 | 2959 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE) \ |
2960 |
- EVP_DigestUpdate(hashctx, hptr, size); \ |
|
2960 |
+ EVP_DigestUpdate(&hashctx, hptr, size); \ |
|
2961 | 2961 |
if (isStatAble && flags & CL_CHECKFP_PE_FLAG_STATS) { \ |
2962 |
- EVP_MD_CTX *md5ctx; \ |
|
2963 |
- md5ctx = EVP_MD_CTX_create(); \ |
|
2964 |
- if ((md5ctx)) { \ |
|
2965 |
- EVP_DigestInit(md5ctx, EVP_md5()); \ |
|
2966 |
- EVP_DigestUpdate(md5ctx, hptr, size); \ |
|
2967 |
- EVP_DigestFinal(md5ctx, hashes->sections[section].md5, NULL); \ |
|
2968 |
- EVP_MD_CTX_destroy(md5ctx); \ |
|
2969 |
- } \ |
|
2962 |
+ EVP_MD_CTX md5ctx; \ |
|
2963 |
+ EVP_DigestInit(&md5ctx, EVP_md5()); \ |
|
2964 |
+ EVP_DigestUpdate(&md5ctx, hptr, size); \ |
|
2965 |
+ EVP_DigestFinal(&md5ctx, hashes->sections[section].md5, NULL); \ |
|
2970 | 2966 |
} \ |
2971 | 2967 |
} while(0) |
2972 | 2968 |
|
... | ... |
@@ -3018,11 +3008,9 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
3018 | 3018 |
hlen = fsize - at; |
3019 | 3019 |
if(dirs[4].Size > hlen) { |
3020 | 3020 |
if (flags & CL_CHECKFP_PE_FLAG_STATS) { |
3021 |
- EVP_MD_CTX_destroy(hashctx); |
|
3022 | 3021 |
flags ^= CL_CHECKFP_PE_FLAG_AUTHENTICODE; |
3023 | 3022 |
break; |
3024 | 3023 |
} else { |
3025 |
- EVP_MD_CTX_destroy(hashctx); |
|
3026 | 3024 |
free(exe_sections); |
3027 | 3025 |
return CL_EFORMAT; |
3028 | 3026 |
} |
... | ... |
@@ -3039,8 +3027,7 @@ int cli_checkfp_pe(cli_ctx *ctx, uint8_t *authsha1, stats_section_t *hashes, uin |
3039 | 3039 |
free(exe_sections); |
3040 | 3040 |
|
3041 | 3041 |
if (flags & CL_CHECKFP_PE_FLAG_AUTHENTICODE) { |
3042 |
- EVP_DigestFinal(hashctx, authsha1, NULL); |
|
3043 |
- EVP_MD_CTX_destroy(hashctx); |
|
3042 |
+ EVP_DigestFinal(&hashctx, authsha1, NULL); |
|
3044 | 3043 |
|
3045 | 3044 |
if(cli_debug_flag) { |
3046 | 3045 |
char shatxt[SHA1_HASH_SIZE*2+1]; |
... | ... |
@@ -1202,18 +1202,13 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
1202 | 1202 |
unsigned char h[65]; |
1203 | 1203 |
unsigned char sha256_dig[32]; |
1204 | 1204 |
unsigned i; |
1205 |
- EVP_MD_CTX *sha256; |
|
1205 |
+ EVP_MD_CTX sha256; |
|
1206 | 1206 |
|
1207 |
- sha256 = EVP_MD_CTX_create(); |
|
1208 |
- if (!(sha256)) |
|
1209 |
- return CL_SUCCESS; |
|
1207 |
+ EVP_DigestInit(&sha256, EVP_sha256()); |
|
1208 |
+ EVP_DigestUpdate(&sha256, host, hlen); |
|
1209 |
+ EVP_DigestUpdate(&sha256, path, plen); |
|
1210 |
+ EVP_DigestFinal(&sha256, sha256_dig, NULL); |
|
1210 | 1211 |
|
1211 |
- EVP_DigestInit(sha256, EVP_sha256()); |
|
1212 |
- EVP_DigestUpdate(sha256, host, hlen); |
|
1213 |
- EVP_DigestUpdate(sha256, path, plen); |
|
1214 |
- EVP_DigestFinal(sha256, sha256_dig, NULL); |
|
1215 |
- |
|
1216 |
- EVP_MD_CTX_destroy(sha256); |
|
1217 | 1212 |
for(i=0;i<32;i++) { |
1218 | 1213 |
h[2*i] = hexchars[sha256_dig[i]>>4]; |
1219 | 1214 |
h[2*i+1] = hexchars[sha256_dig[i]&0xf]; |
... | ... |
@@ -420,8 +420,7 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
420 | 420 |
dbio->bufpt = dbio->buf; |
421 | 421 |
dbio->size -= bread; |
422 | 422 |
dbio->bread += bread; |
423 |
- if ((dbio->hashctx)) |
|
424 |
- EVP_DigestUpdate(dbio->hashctx, dbio->readpt, bread); |
|
423 |
+ EVP_DigestUpdate(&(dbio->hashctx), dbio->readpt, bread); |
|
425 | 424 |
} |
426 | 425 |
if(dbio->chkonly && dbio->bufpt) { |
427 | 426 |
dbio->bufpt = NULL; |
... | ... |
@@ -478,8 +477,7 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
478 | 478 |
bs = strlen(buff); |
479 | 479 |
dbio->size -= bs; |
480 | 480 |
dbio->bread += bs; |
481 |
- if ((dbio->hashctx)) |
|
482 |
- EVP_DigestUpdate(dbio->hashctx, buff, bs); |
|
481 |
+ EVP_DigestUpdate(&(dbio->hashctx), buff, bs); |
|
483 | 482 |
return pt; |
484 | 483 |
} |
485 | 484 |
} |