diff options
author | Richard Levitte <levitte@openssl.org> | 2020-05-06 21:44:58 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-05-14 12:16:35 +0200 |
commit | 2c6094baca6476d8b024dc7d9f461dae597ae797 (patch) | |
tree | b86aadf58bb549dbc052a83ff5cd6ecd02017b79 /crypto/evp/m_sigver.c | |
parent | PROV & SERIALIZER: Adapt the RSA serializers for PSS-parameters (diff) | |
download | openssl-2c6094baca6476d8b024dc7d9f461dae597ae797.tar.xz openssl-2c6094baca6476d8b024dc7d9f461dae597ae797.zip |
EVP: For SIGNATURE operations, pass the propquery early
Instead of passing it with signature->digest_verify_init() and
signature->digest_sign_init(), we pass it with signature->newctx().
This allows the digests that are indicated by RSA PSS parameters
to have a useful propquery.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
Diffstat (limited to 'crypto/evp/m_sigver.c')
-rw-r--r-- | crypto/evp/m_sigver.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index c77683a69d..44e7cab1af 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -71,6 +71,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, locpctx = ctx->pctx; evp_pkey_ctx_free_old_ops(locpctx); + if (props == NULL) + props = locpctx->propquery; + /* * TODO when we stop falling back to legacy, this and the ERR_pop_to_mark() * calls can be removed. @@ -142,7 +145,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX : EVP_PKEY_OP_SIGNCTX; locpctx->op.sig.sigprovctx - = signature->newctx(ossl_provider_ctx(signature->prov)); + = signature->newctx(ossl_provider_ctx(signature->prov), props); if (locpctx->op.sig.sigprovctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; @@ -182,14 +185,14 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, goto err; } ret = signature->digest_verify_init(locpctx->op.sig.sigprovctx, - mdname, props, provkey); + mdname, provkey); } else { if (signature->digest_sign_init == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } ret = signature->digest_sign_init(locpctx->op.sig.sigprovctx, - mdname, props, provkey); + mdname, provkey); } return ret ? 1 : 0; |