[openssl] master update

Dr. Paul Dale pauli at openssl.org
Thu Jul 15 06:47:05 UTC 2021 

The branch master has been updated
       via  8e94c51b3279f7faae9161df5112414f915cd9f3 (commit)
       via  56fdb70796010b8db598189d5c1e5a6b1479c2e6 (commit)
      from  11f18ef1f5ea92ba32a3efeb0eaf1af6a1f35e13 (commit)


- Log -----------------------------------------------------------------
commit 8e94c51b3279f7faae9161df5112414f915cd9f3
Author: Pauli <pauli at openssl.org>
Date:   Wed Jul 14 10:03:45 2021 +1000

    doc: document the params arguments to the initialisation functions.
    
    These were accidentally omitted when the arguments were added globally.
    
    Fixes #16067
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16072)

commit 56fdb70796010b8db598189d5c1e5a6b1479c2e6
Author: Pauli <pauli at openssl.org>
Date:   Wed Jul 14 10:03:22 2021 +1000

    evp: constify some OSSL_PARAM arguments
    
    These were missed when the initialisation params were added
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16072)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/m_sigver.c             | 6 +++---
 doc/man3/EVP_DigestSignInit.pod   | 6 ++++--
 doc/man3/EVP_DigestVerifyInit.pod | 6 ++++--
 include/openssl/evp.h             | 4 ++--
 4 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 63360a94bc..ae79562e2d 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -40,7 +40,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                           const EVP_MD *type, const char *mdname,
                           OSSL_LIB_CTX *libctx, const char *props,
                           ENGINE *e, EVP_PKEY *pkey, int ver,
-                          OSSL_PARAM params[])
+                          const OSSL_PARAM params[])
 {
     EVP_PKEY_CTX *locpctx = NULL;
     EVP_SIGNATURE *signature = NULL;
@@ -304,7 +304,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                           const char *mdname, OSSL_LIB_CTX *libctx,
                           const char *props, EVP_PKEY *pkey,
-                          OSSL_PARAM params[])
+                          const OSSL_PARAM params[])
 {
     return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0,
                           params);
@@ -320,7 +320,7 @@ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                             const char *mdname, OSSL_LIB_CTX *libctx,
                             const char *props, EVP_PKEY *pkey,
-                            OSSL_PARAM params[])
+                            const OSSL_PARAM params[])
 {
     return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1,
                           params);
diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod
index b1eb4ae7e3..8748014465 100644
--- a/doc/man3/EVP_DigestSignInit.pod
+++ b/doc/man3/EVP_DigestSignInit.pod
@@ -11,7 +11,8 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
 
  int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                            const char *mdname, OSSL_LIB_CTX *libctx,
-                           const char *props, EVP_PKEY *pkey);
+                           const char *props, EVP_PKEY *pkey,
+                           const OSSL_PARAM params[]);
  int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
  int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@@ -33,7 +34,8 @@ provider interprets the digest name is provider specific. The provider may
 implement that digest directly itself or it may (optionally) choose to fetch it
 (which could result in a digest from a different provider being selected). If the
 provider supports fetching the digest then it may use the I<props> argument for
-the properties to be used during the fetch.
+the properties to be used during the fetch. Finally, the passed parameters
+I<params>, if not NULL, are set on the context before returning.
 
 The I<pkey> algorithm is used to fetch a B<EVP_SIGNATURE> method implicitly, to
 be used for the actual signing. See L<provider(7)/Implicit fetch> for
diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod
index 3f332c1801..c318656fc9 100644
--- a/doc/man3/EVP_DigestVerifyInit.pod
+++ b/doc/man3/EVP_DigestVerifyInit.pod
@@ -11,7 +11,8 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
 
  int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                              const char *mdname, OSSL_LIB_CTX *libctx,
-                             const char *props, EVP_PKEY *pkey);
+                             const char *props, EVP_PKEY *pkey,
+                             const OSSL_PARAM params[]);
  int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                           const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
  int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@@ -32,7 +33,8 @@ provider interprets the digest name is provider specific. The provider may
 implement that digest directly itself or it may (optionally) choose to fetch it
 (which could result in a digest from a different provider being selected). If
 the provider supports fetching the digest then it may use the B<props> argument
-for the properties to be used during the fetch.
+for the properties to be used during the fetch. Finally, the passed parameters
+I<params>, if not NULL, are set on the context before returning.
 
 The I<pkey> algorithm is used to fetch a B<EVP_SIGNATURE> method implicitly, to
 be used for the actual signing. See L<provider(7)/Implicit fetch> for
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 76fabd63ed..f76c4a26d1 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -820,7 +820,7 @@ __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
 int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                           const char *mdname, OSSL_LIB_CTX *libctx,
                           const char *props, EVP_PKEY *pkey,
-                          OSSL_PARAM params[]);
+                          const OSSL_PARAM params[]);
 /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                                   const EVP_MD *type, ENGINE *e,
                                   EVP_PKEY *pkey);
@@ -831,7 +831,7 @@ __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
 int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                             const char *mdname, OSSL_LIB_CTX *libctx,
                             const char *props, EVP_PKEY *pkey,
-                            OSSL_PARAM params[]);
+                            const OSSL_PARAM params[]);
 __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
                                 const EVP_MD *type, ENGINE *e,
                                 EVP_PKEY *pkey);

More information about the openssl-commits mailing list