From 15de965ff04ccecb068f3ce6c643555dce9372c6 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 26 Sep 2019 14:31:56 +0100 Subject: [PATCH] Don't call EVP_MD_CTX_reset during EVP_DigestFinal This resets the fields of the EVP_MD_CTX and means we can no longer make calls using the EVP_MD_CTX, such as to query parameters. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/10013) --- crypto/evp/digest.c | 11 ++++++++++- crypto/evp/m_sigver.c | 10 ++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 1b6963cfba..6609e8f541 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -107,6 +107,16 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); + if (ctx->provctx != NULL) { + if (!ossl_assert(ctx->digest != NULL)) { + EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); + return 0; + } + if (ctx->digest->freectx != NULL) + ctx->digest->freectx(ctx->provctx); + ctx->provctx = NULL; + } + if (type != NULL) ctx->reqdigest = type; @@ -332,7 +342,6 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize) } } - EVP_MD_CTX_reset(ctx); return ret; /* TODO(3.0): Remove legacy code below */ diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 8b7a3e88b3..85272c9516 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -31,6 +31,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, void *provkey = NULL; int ret; + if (ctx->provctx != NULL) { + if (!ossl_assert(ctx->digest != NULL)) { + ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); + return 0; + } + if (ctx->digest->freectx != NULL) + ctx->digest->freectx(ctx->provctx); + ctx->provctx = NULL; + } + if (ctx->pctx == NULL) { ctx->pctx = EVP_PKEY_CTX_new(pkey, e); if (ctx->pctx == NULL) -- 2.40.0