Fix signature and semantics of EVP_{CIPHER,MD}_CTX_init()

When the EVP_CIPHER_CTX and the EVP_MD_CTX were still expected to live
on the stack, these initialization APIs were wrappers around memset.
In OpenSSL 1.1, somebody removed them and carelessly made _init() an
alias of _reset() aka _cleanup(). As a consequence, both signature and
semantics changed.

Unsurprisingly, there is now code out there that actually uses the new
semantics, which causes leaks on LibreSSL and older OpenSSL. This aligns
our _init() with OpenSSL 1.1 semantics.

ok jsing

diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h
index 1d86767..36de06f 100644 (file)
--- a/lib/libcrypto/evp/evp.h
+++ b/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.123 2024/03/02 09:39:02 tb Exp $ */
+/* $OpenBSD: evp.h,v 1.124 2024/03/02 09:55:30 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -464,7 +464,7 @@ int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in,
 EVP_MD_CTX *EVP_MD_CTX_new(void);
 void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
 #ifndef LIBRESSL_INTERNAL
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
+int EVP_MD_CTX_init(EVP_MD_CTX *ctx);
 #endif
 int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
 EVP_MD_CTX *EVP_MD_CTX_create(void);
@@ -578,7 +578,7 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
 int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
 
 #ifndef LIBRESSL_INTERNAL
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 #endif
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
 EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);

diff --git a/lib/libcrypto/evp/evp_cipher.c b/lib/libcrypto/evp/evp_cipher.c
index c2a88a5..48aaea0 100644 (file)
--- a/lib/libcrypto/evp/evp_cipher.c
+++ b/lib/libcrypto/evp/evp_cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_cipher.c,v 1.20 2024/02/24 08:00:37 tb Exp $ */
+/* $OpenBSD: evp_cipher.c,v 1.21 2024/03/02 09:55:30 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -613,15 +613,15 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
 }
 
 void
-EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
+EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx)
 {
        memset(ctx, 0, sizeof(*ctx));
 }
 
-void
-EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx)
+int
+EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
 {
-       memset(ctx, 0, sizeof(*ctx));
+       return EVP_CIPHER_CTX_cleanup(ctx);
 }
 
 int

diff --git a/lib/libcrypto/evp/evp_digest.c b/lib/libcrypto/evp/evp_digest.c
index 3a349ad..b8eedd4 100644 (file)
--- a/lib/libcrypto/evp/evp_digest.c
+++ b/lib/libcrypto/evp/evp_digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_digest.c,v 1.10 2024/02/18 15:45:42 tb Exp $ */
+/* $OpenBSD: evp_digest.c,v 1.11 2024/03/02 09:55:30 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -247,15 +247,15 @@ EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
 }
 
 void
-EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx)
 {
        memset(ctx, 0, sizeof(*ctx));
 }
 
-void
-EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx)
+int
+EVP_MD_CTX_init(EVP_MD_CTX *ctx)
 {
-       memset(ctx, 0, sizeof(*ctx));
+       return EVP_MD_CTX_cleanup(ctx);
 }
 
 int