[openssl-dev] [openssl.org #4643] [patch] pass EVP_MD to engines verifyctx_init and signctx_init
Stephen Henson via RT
rt at openssl.org
Mon Aug 8 14:42:54 UTC 2016
On Mon Aug 08 13:52:12 2016, F.Schueller at infodas.de wrote:
> Hello,
>
> for some engine-implementations one needs the possibility to change
> the EVP_MD used in signctx_init and verifyctx_init.
> (because different EVP_MD are needed for standalone calculating of the
> digest and calculating the digest during signature-operations.)
> This is only possible if a pointer-pointer is passed through the
> calls. The attached patch (against 1.1.0-pre6) realises this.
>
This shouldn't be necessary becasuse the underlying method gets notified
through EVP_PKEY_CTX_set_signature_md() which it can then check and take
appropriate action.
If the method wants to change the MD it can set the EVP_PKEY_FLAG_SIGCTX_CUSTOM
flag and then use whatever EVP_MD is appropriate instead of the passed one.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4643
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list