From d79343f36918fd99861426f658fdfb53237661f0 Mon Sep 17 00:00:00 2001
From: Daniel Kurtz <djkurtz@chromium.org>
Date: Thu, 17 Oct 2019 20:45:53 +1100
Subject: [PATCH 03/10] libbrillo: Use a unique_ptr for EVP_MD_CTX

In OpenSSL 1.1, the EVP_MD_CTX struct will become opaque, and therefore
it will not be possible to allocate on the stack.

Replace this stack allocation with a heap allocated EVP_MD_CTX using the
existing OpenSSL 1.0.2 create/destroy APIs, and manage its lifetime using
a unique_ptr<>.

Note: There are cases (sludge, tael, tatl), where libbrillo is built
against a libchrome that has been built w/out libbase-crypto (ie,
USE="-crypto").  For this reason, we don't use the equivalent
crypto::ScopedEVP_MD_CTX type for this one instance of this in libbrillo.

BUG=chromium:737445
TEST=cros_workon --board=sarien start libbrillo
TEST=w/ openssl-1.0.2t: FEATURES=test emerge-sarien libbrillo
TEST=w/ openssl-1.1.0j: FEATURES=test emerge-sarien libbrillo
  => Both build and pass all unittests

Change-Id: Ic0a43b9c85fcb967c1b381b1602c03f48ac5dcef
Reviewed-on: https://chromium-review.googlesource.com/1866378
Tested-by: Daniel Kurtz <djkurtz@chromium.org>
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Nick Crews <ncrews@chromium.org>
---
 libbrillo/policy/device_policy_impl.cc | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/libbrillo/policy/device_policy_impl.cc b/libbrillo/policy/device_policy_impl.cc
index 958b7ebb7..eaf90c96a 100644
--- a/libbrillo/policy/device_policy_impl.cc
+++ b/libbrillo/policy/device_policy_impl.cc
@@ -55,36 +55,34 @@ bool ReadPublicKeyFromFile(const base::FilePath& key_file,
 bool VerifySignature(const std::string& signed_data,
                      const std::string& signature,
                      const std::string& public_key) {
-  EVP_MD_CTX ctx;
-  EVP_MD_CTX_init(&ctx);
+  std::unique_ptr<EVP_MD_CTX, void (*)(EVP_MD_CTX *)> ctx(EVP_MD_CTX_create(),
+                                                          EVP_MD_CTX_destroy);
+  if (!ctx)
+    return false;
 
   const EVP_MD* digest = EVP_sha1();
 
   char* key = const_cast<char*>(public_key.data());
   BIO* bio = BIO_new_mem_buf(key, public_key.length());
-  if (!bio) {
-    EVP_MD_CTX_cleanup(&ctx);
+  if (!bio)
     return false;
-  }
 
   EVP_PKEY* public_key_ssl = d2i_PUBKEY_bio(bio, nullptr);
   if (!public_key_ssl) {
     BIO_free_all(bio);
-    EVP_MD_CTX_cleanup(&ctx);
     return false;
   }
 
   const unsigned char* sig =
       reinterpret_cast<const unsigned char*>(signature.data());
-  int rv = EVP_VerifyInit_ex(&ctx, digest, nullptr);
+  int rv = EVP_VerifyInit_ex(ctx.get(), digest, nullptr);
   if (rv == 1) {
-    EVP_VerifyUpdate(&ctx, signed_data.data(), signed_data.length());
-    rv = EVP_VerifyFinal(&ctx, sig, signature.length(), public_key_ssl);
+    EVP_VerifyUpdate(ctx.get(), signed_data.data(), signed_data.length());
+    rv = EVP_VerifyFinal(ctx.get(), sig, signature.length(), public_key_ssl);
   }
 
   EVP_PKEY_free(public_key_ssl);
   BIO_free_all(bio);
-  EVP_MD_CTX_cleanup(&ctx);
 
   return rv == 1;
 }
-- 
2.24.1