summaryrefslogtreecommitdiffstats
path: root/crypto/evp/m_sigver.c
diff options
context:
space:
mode:
authorRichard Levitte <levitte@openssl.org>2020-05-06 21:44:58 +0200
committerRichard Levitte <levitte@openssl.org>2020-05-14 12:16:35 +0200
commit2c6094baca6476d8b024dc7d9f461dae597ae797 (patch)
treeb86aadf58bb549dbc052a83ff5cd6ecd02017b79 /crypto/evp/m_sigver.c
parentPROV & SERIALIZER: Adapt the RSA serializers for PSS-parameters (diff)
downloadopenssl-2c6094baca6476d8b024dc7d9f461dae597ae797.tar.xz
openssl-2c6094baca6476d8b024dc7d9f461dae597ae797.zip
EVP: For SIGNATURE operations, pass the propquery early
Instead of passing it with signature->digest_verify_init() and signature->digest_sign_init(), we pass it with signature->newctx(). This allows the digests that are indicated by RSA PSS parameters to have a useful propquery. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11710)
Diffstat (limited to 'crypto/evp/m_sigver.c')
-rw-r--r--crypto/evp/m_sigver.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index c77683a69d..44e7cab1af 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -71,6 +71,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
locpctx = ctx->pctx;
evp_pkey_ctx_free_old_ops(locpctx);
+ if (props == NULL)
+ props = locpctx->propquery;
+
/*
* TODO when we stop falling back to legacy, this and the ERR_pop_to_mark()
* calls can be removed.
@@ -142,7 +145,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX
: EVP_PKEY_OP_SIGNCTX;
locpctx->op.sig.sigprovctx
- = signature->newctx(ossl_provider_ctx(signature->prov));
+ = signature->newctx(ossl_provider_ctx(signature->prov), props);
if (locpctx->op.sig.sigprovctx == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
@@ -182,14 +185,14 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
goto err;
}
ret = signature->digest_verify_init(locpctx->op.sig.sigprovctx,
- mdname, props, provkey);
+ mdname, provkey);
} else {
if (signature->digest_sign_init == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
ret = signature->digest_sign_init(locpctx->op.sig.sigprovctx,
- mdname, props, provkey);
+ mdname, provkey);
}
return ret ? 1 : 0;