Don't use deprecated OpenSSL functions.

This change simply switches from the deprecated
EVP_{En|De}crypt{Init|Final} to the newer, _ex versions of the same.

There is no difference in behaviour, save for calling
EVP_CIPHER_CTX_init, as the deprecated versions are just wrappers around
the _ex functions. See
https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=crypto/evp/evp_enc.c;h=f705967a40ab92cdf3c2ba8dd6bc19680d6157d6;hb=HEAD#l274

This change is required for the transition to BoringSSL, which removes
the deprecated functions.

Bug: 17409664
Change-Id: I35c6cc2d86d0c876a9edaff1e5571170fe393d87
Signed-off-by: Adam Langley <agl@google.com>
This commit is contained in:
Adam Langley 2014-09-03 14:23:13 -07:00
parent 52f5425ff5
commit 889c4f1e36

View file

@ -903,7 +903,8 @@ static int encrypt_master_key(char *passwd, unsigned char *salt,
scrypt(passwd, salt, ikey, crypt_ftr); scrypt(passwd, salt, ikey, crypt_ftr);
/* Initialize the decryption engine */ /* Initialize the decryption engine */
if (! EVP_EncryptInit(&e_ctx, EVP_aes_128_cbc(), ikey, ikey+KEY_LEN_BYTES)) { EVP_CIPHER_CTX_init(&e_ctx);
if (! EVP_EncryptInit_ex(&e_ctx, EVP_aes_128_cbc(), NULL, ikey, ikey+KEY_LEN_BYTES)) {
SLOGE("EVP_EncryptInit failed\n"); SLOGE("EVP_EncryptInit failed\n");
return -1; return -1;
} }
@ -915,7 +916,7 @@ static int encrypt_master_key(char *passwd, unsigned char *salt,
SLOGE("EVP_EncryptUpdate failed\n"); SLOGE("EVP_EncryptUpdate failed\n");
return -1; return -1;
} }
if (! EVP_EncryptFinal(&e_ctx, encrypted_master_key + encrypted_len, &final_len)) { if (! EVP_EncryptFinal_ex(&e_ctx, encrypted_master_key + encrypted_len, &final_len)) {
SLOGE("EVP_EncryptFinal failed\n"); SLOGE("EVP_EncryptFinal failed\n");
return -1; return -1;
} }
@ -941,7 +942,8 @@ static int decrypt_master_key_aux(char *passwd, unsigned char *salt,
kdf(passwd, salt, ikey, kdf_params); kdf(passwd, salt, ikey, kdf_params);
/* Initialize the decryption engine */ /* Initialize the decryption engine */
if (! EVP_DecryptInit(&d_ctx, EVP_aes_128_cbc(), ikey, ikey+KEY_LEN_BYTES)) { EVP_CIPHER_CTX_init(&d_ctx);
if (! EVP_DecryptInit_ex(&d_ctx, EVP_aes_128_cbc(), NULL, ikey, ikey+KEY_LEN_BYTES)) {
return -1; return -1;
} }
EVP_CIPHER_CTX_set_padding(&d_ctx, 0); /* Turn off padding as our data is block aligned */ EVP_CIPHER_CTX_set_padding(&d_ctx, 0); /* Turn off padding as our data is block aligned */
@ -950,7 +952,7 @@ static int decrypt_master_key_aux(char *passwd, unsigned char *salt,
encrypted_master_key, KEY_LEN_BYTES)) { encrypted_master_key, KEY_LEN_BYTES)) {
return -1; return -1;
} }
if (! EVP_DecryptFinal(&d_ctx, decrypted_master_key + decrypted_len, &final_len)) { if (! EVP_DecryptFinal_ex(&d_ctx, decrypted_master_key + decrypted_len, &final_len)) {
return -1; return -1;
} }