From abe3dc48cc3b18af4ed48fa7e06c336961717aa4 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Fri, 22 Sep 2017 18:51:21 -0400 Subject: [PATCH] crypto: make Hash 1.1.0-compatible OpenSSL 1.1.0 requires EVP_MD_CTX be heap-allocated. PR-URL: https://github.com/nodejs/node/pull/16130 Reviewed-By: Ben Noordhuis Reviewed-By: Rod Vagg --- src/node_crypto.cc | 23 ++++++++++++++++------- src/node_crypto.h | 12 ++++-------- 2 files changed, 20 insertions(+), 15 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 2b3d64f32e3427..5e7ba75cb31638 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -204,6 +204,9 @@ static int X509_up_ref(X509* cert) { CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); return 1; } + +#define EVP_MD_CTX_new EVP_MD_CTX_create +#define EVP_MD_CTX_free EVP_MD_CTX_destroy #endif // OPENSSL_VERSION_NUMBER < 0x10100000L // Subject DER of CNNIC ROOT CA and CNNIC EV ROOT CA are taken from @@ -3937,6 +3940,11 @@ void Hmac::HmacDigest(const FunctionCallbackInfo& args) { } +Hash::~Hash() { + EVP_MD_CTX_free(mdctx_); +} + + void Hash::Initialize(Environment* env, v8::Local target) { Local t = env->NewFunctionTemplate(New); @@ -3966,20 +3974,22 @@ bool Hash::HashInit(const char* hash_type) { const EVP_MD* md = EVP_get_digestbyname(hash_type); if (md == nullptr) return false; - EVP_MD_CTX_init(&mdctx_); - if (EVP_DigestInit_ex(&mdctx_, md, nullptr) <= 0) { + mdctx_ = EVP_MD_CTX_new(); + if (mdctx_ == nullptr || + EVP_DigestInit_ex(mdctx_, md, nullptr) <= 0) { + EVP_MD_CTX_free(mdctx_); + mdctx_ = nullptr; return false; } - initialised_ = true; finalized_ = false; return true; } bool Hash::HashUpdate(const char* data, int len) { - if (!initialised_) + if (mdctx_ == nullptr) return false; - EVP_DigestUpdate(&mdctx_, data, len); + EVP_DigestUpdate(mdctx_, data, len); return true; } @@ -4023,8 +4033,7 @@ void Hash::HashDigest(const FunctionCallbackInfo& args) { unsigned char md_value[EVP_MAX_MD_SIZE]; unsigned int md_len; - EVP_DigestFinal_ex(&hash->mdctx_, md_value, &md_len); - EVP_MD_CTX_cleanup(&hash->mdctx_); + EVP_DigestFinal_ex(hash->mdctx_, md_value, &md_len); hash->finalized_ = true; Local error; diff --git a/src/node_crypto.h b/src/node_crypto.h index 7ed1066c6c99ec..4ec1bb377f0bab 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -524,11 +524,7 @@ class Hmac : public BaseObject { class Hash : public BaseObject { public: - ~Hash() override { - if (!initialised_) - return; - EVP_MD_CTX_cleanup(&mdctx_); - } + ~Hash() override; static void Initialize(Environment* env, v8::Local target); @@ -542,13 +538,13 @@ class Hash : public BaseObject { Hash(Environment* env, v8::Local wrap) : BaseObject(env, wrap), - initialised_(false) { + mdctx_(nullptr), + finalized_(false) { MakeWeak(this); } private: - EVP_MD_CTX mdctx_; /* coverity[member_decl] */ - bool initialised_; + EVP_MD_CTX* mdctx_; bool finalized_; };