OpenSSL: Clean up crypto_hash_*() to use a single implementation

Use compatibility wrapper functions to allow a single implementation
based on the latest OpenSSL API to be used to implement these functions
instead of having to maintain two conditional implementation based on
the library version.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index f386e9fee1615bd0e5a998c273e81ffaf8395f66..963d9bc7be528f19f90d4a9180b1b58ca5dc48ec 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -32,11 +32,30 @@
 #include "crypto.h"
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-/* Compatibility wrapper for older versions. */
+/* Compatibility wrappers for older versions. */
+
 static int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
 {
        return EVP_CIPHER_CTX_cleanup(ctx);
 }
+
+
+static HMAC_CTX * HMAC_CTX_new(void)
+{
+       HMAC_CTX *ctx;
+
+       ctx = os_zalloc(sizeof(*ctx));
+       if (ctx)
+               HMAC_CTX_init(ctx);
+       return ctx;
+}
+
+
+static void HMAC_CTX_free(HMAC_CTX *ctx)
+{
+       bin_clear_free(ctx, sizeof(*ctx));
+}
+
 #endif /* OpenSSL version < 1.1.0 */
 
 static BIGNUM * get_group5_prime(void)
@@ -733,11 +752,7 @@ void dh5_free(void *ctx)
 
 
 struct crypto_hash {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
        HMAC_CTX *ctx;
-#else
-       HMAC_CTX ctx;
-#endif
 };
 
 
@@ -772,7 +787,6 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
        ctx = os_zalloc(sizeof(*ctx));
        if (ctx == NULL)
                return NULL;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
        ctx->ctx = HMAC_CTX_new();
        if (!ctx->ctx) {
                os_free(ctx);
@@ -784,14 +798,6 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
                bin_clear_free(ctx, sizeof(*ctx));
                return NULL;
        }
-#else
-       HMAC_CTX_init(&ctx->ctx);
-
-       if (HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL) != 1) {
-               bin_clear_free(ctx, sizeof(*ctx));
-               return NULL;
-       }
-#endif
 
        return ctx;
 }
@@ -801,11 +807,7 @@ void crypto_hash_update(struct crypto_hash *ctx, const u8 *data, size_t len)
 {
        if (ctx == NULL)
                return;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
        HMAC_Update(ctx->ctx, data, len);
-#else
-       HMAC_Update(&ctx->ctx, data, len);
-#endif
 }
 
 
@@ -818,21 +820,14 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len)
                return -2;
 
        if (mac == NULL || len == NULL) {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
                HMAC_CTX_free(ctx->ctx);
-#endif
                bin_clear_free(ctx, sizeof(*ctx));
                return 0;
        }
 
        mdlen = *len;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
        res = HMAC_Final(ctx->ctx, mac, &mdlen);
        HMAC_CTX_free(ctx->ctx);
-#else
-       res = HMAC_Final(&ctx->ctx, mac, &mdlen);
-       HMAC_CTX_cleanup(&ctx->ctx);
-#endif
        bin_clear_free(ctx, sizeof(*ctx));
 
        if (res == 1) {
@@ -849,7 +844,6 @@ static int openssl_hmac_vector(const EVP_MD *type, const u8 *key,
                               const u8 *addr[], const size_t *len, u8 *mac,
                               unsigned int mdlen)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
        HMAC_CTX *ctx;
        size_t i;
        int res;
@@ -872,26 +866,6 @@ done:
        HMAC_CTX_free(ctx);
 
        return res == 1 ? 0 : -1;
-#else
-       HMAC_CTX ctx;
-       size_t i;
-       int res;
-
-       if (TEST_FAIL())
-               return -1;
-
-       HMAC_CTX_init(&ctx);
-       if (HMAC_Init_ex(&ctx, key, key_len, type, NULL) != 1)
-               return -1;
-
-       for (i = 0; i < num_elem; i++)
-               HMAC_Update(&ctx, addr[i], len[i]);
-
-       res = HMAC_Final(&ctx, mac, &mdlen);
-       HMAC_CTX_cleanup(&ctx);
-
-       return res == 1 ? 0 : -1;
-#endif
 }