From: Pauli <pauli@openssl.org>
Date: Thu, 15 Apr 2021 00:35:28 +0000 (+1000)
Subject: srp: remove references to EVP_sha1()
X-Git-Tag: openssl-3.0.0-alpha15~18
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=42e7d043f09f7a54005800fb00cb11a0c38e891f;p=thirdparty%2Fopenssl.git

srp: remove references to EVP_sha1()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14881)
---

diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index 2c2ec11cd4d..85e2c96e1a1 100644
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -551,6 +551,7 @@ SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username)
     unsigned char digv[SHA_DIGEST_LENGTH];
     unsigned char digs[SHA_DIGEST_LENGTH];
     EVP_MD_CTX *ctxt = NULL;
+    EVP_MD *md = NULL;
 
     if (vb == NULL)
         return NULL;
@@ -574,21 +575,27 @@ SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username)
 
     if (RAND_priv_bytes(digv, SHA_DIGEST_LENGTH) <= 0)
         goto err;
+    md = EVP_MD_fetch(NULL, SN_sha1, NULL);
+    if (md == NULL)
+        goto err;
     ctxt = EVP_MD_CTX_new();
     if (ctxt == NULL
-        || !EVP_DigestInit_ex(ctxt, EVP_sha1(), NULL)
+        || !EVP_DigestInit_ex(ctxt, md, NULL)
         || !EVP_DigestUpdate(ctxt, vb->seed_key, strlen(vb->seed_key))
         || !EVP_DigestUpdate(ctxt, username, strlen(username))
         || !EVP_DigestFinal_ex(ctxt, digs, NULL))
         goto err;
     EVP_MD_CTX_free(ctxt);
     ctxt = NULL;
+    EVP_MD_free(md);
+    md = NULL;
     if (SRP_user_pwd_set0_sv(user,
-                               BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
-                               BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
+                             BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
+                             BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
         return user;
 
  err:
+    EVP_MD_free(md);
     EVP_MD_CTX_free(ctxt);
     SRP_user_pwd_free(user);
     return NULL;