From: tb <tb@openbsd.org>
Date: Sun, 10 Sep 2023 16:53:56 +0000 (+0000)
Subject: EVP_CipherInit(): use EVP_CIPHER_CTX_cleanup()
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e30cae19668b74eda9fa733df75ea51f637618a5;p=openbsd

EVP_CipherInit(): use EVP_CIPHER_CTX_cleanup()

Before EVP_CIPHER_CTX was opaque, callers could pass an uninitialized
ctx into EVP_CipherInit() and calling EVP_CIPHER_CTX_cleanup() on such
a ctx would end in tears.

The only way to initialize a ctx is by way of EVP_CIPHER_CTX_new(), on
which we can call EVP_CIPHER_CTX_cleanup() and avoid silly leaks on ctx
reuse. This also allows some simplifications in the documentation.

There are more changes of this kind that should be done all over libcrypto.
They will be tackled in subsequent commits.

"makes a lot of sense" schwarze
ok jsing
---

diff --git a/lib/libcrypto/evp/evp_enc.c b/lib/libcrypto/evp/evp_enc.c
index 27f753baa07..7534b4c9d27 100644
--- a/lib/libcrypto/evp/evp_enc.c
+++ b/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.52 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.53 2023/09/10 16:53:56 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -78,8 +78,8 @@ int
 EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
     const unsigned char *key, const unsigned char *iv, int enc)
 {
-	if (cipher)
-		EVP_CIPHER_CTX_init(ctx);
+	if (cipher != NULL)
+		EVP_CIPHER_CTX_cleanup(ctx);
 	return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
 }