[openssl] master update
Matt Caswell
matt at openssl.org
Thu Oct 3 12:34:48 UTC 2019
The branch master has been updated
via 19cfe7847c17fb4d73c8b7267da841ec1a639dd3 (commit)
from 85870311fd98acab2ee8a31a1ce17dc2db695989 (commit)
- Log -----------------------------------------------------------------
commit 19cfe7847c17fb4d73c8b7267da841ec1a639dd3
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 3 12:44:55 2019 +0100
Don't follow legacy path if ctx->pctx is set
EVP_DigestInit_ex forced following of the legacy path if ctx->pctx is
set (meaning we've actually been called via EVP_DigestSignInit_ex).
There is some code in the legacy path that calls the
EVP_PKEY_CTRL_DIGESTINIT ctrl on the pctx. Not going down the legacy path
if ctx->pctx is set means that ctrl message will neve get sent. However,
it turns out that all algs that understand that ctrl also set the
EVP_MD_CTX_FLAG_NO_INIT flag which forces legacy anyway. Therefore the
ctx->pctx check is not required and can be removed.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10082)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/digest.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 874b16b6ee..4f6b68c667 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -140,15 +140,14 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
#endif
/*
- * If there are engines involved or if we're being used as part of
- * EVP_DigestSignInit then we should use legacy handling for now.
+ * If there are engines involved or EVP_MD_CTX_FLAG_NO_INIT is set then we
+ * should use legacy handling for now.
*/
if (ctx->engine != NULL
|| impl != NULL
#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
|| tmpimpl != NULL
#endif
- || ctx->pctx != NULL
|| (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0) {
if (ctx->digest == ctx->fetched_digest)
ctx->digest = NULL;
More information about the openssl-commits
mailing list