From 008e299aaf32af0b93eede649c6942af93b1c11e Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Sat, 15 Jun 2019 17:49:25 -0700 Subject: [PATCH 4/7] Replace EVP_CIPHER_CTX_cleanup with EVP_CIPHER_CTX_reset Deprecated in OpenSSL 1.1 --- src/_cffi_src/openssl/evp.py | 6 ++++++ src/cryptography/hazmat/backends/openssl/ciphers.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -48,6 +48,7 @@ int EVP_CipherUpdate(EVP_CIPHER_CTX *, u const unsigned char *, int); int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); +int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *); EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int); @@ -269,4 +270,9 @@ static const long Cryptography_HAS_EVP_D #ifndef EVP_PKEY_POLY1305 #define EVP_PKEY_POLY1305 NID_poly1305 #endif + +#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL +#define EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset +#define OpenSSL_add_all_algorithms() do {} while(0) +#endif """ --- a/src/cryptography/hazmat/backends/openssl/ciphers.py +++ b/src/cryptography/hazmat/backends/openssl/ciphers.py @@ -199,7 +199,7 @@ class _CipherContext(object): self._backend.openssl_assert(res != 0) self._tag = self._backend._ffi.buffer(tag_buf)[:] - res = self._backend._lib.EVP_CIPHER_CTX_cleanup(self._ctx) + res = self._backend._lib.EVP_CIPHER_CTX_reset(self._ctx) self._backend.openssl_assert(res == 1) return self._backend._ffi.buffer(buf)[: outlen[0]]