diff options
author | Matt Caswell <matt@openssl.org> | 2020-03-12 15:39:47 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-03-23 12:09:49 +0100 |
commit | a45694a3567ce8de754cffa7b450c22578ebdd6c (patch) | |
tree | 49037dc906ab05d209c9dc40aa8aa3fd20a0b8bb /crypto/evp/m_sigver.c | |
parent | DH, DSA, EC_KEY: Fix exporters to allow domain parameter keys (diff) | |
download | openssl-a45694a3567ce8de754cffa7b450c22578ebdd6c.tar.xz openssl-a45694a3567ce8de754cffa7b450c22578ebdd6c.zip |
Make it possible to easily specify a libctx for EVP_DigestSign*
EVP_DigestSignInit_ex and EVP_DigestVerifyInit_ex did not provide the
capability to specify an explicit OPENSSL_CTX parameter. It is still
possible by explicitly setting an EVP_PKEY_CTX - but in most cases it
would be much simpler to just specify it in the Init call. We add the
capability to do that.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11353)
Diffstat (limited to 'crypto/evp/m_sigver.c')
-rw-r--r-- | crypto/evp/m_sigver.c | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 1948f234ca..3d15a9fcbc 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -39,7 +39,7 @@ static const char *canon_mdname(const char *mdname) static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, const char *mdname, const char *props, ENGINE *e, EVP_PKEY *pkey, - int ver) + OPENSSL_CTX *libctx, int ver) { EVP_PKEY_CTX *locpctx = NULL; EVP_SIGNATURE *signature = NULL; @@ -59,8 +59,12 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ctx->provctx = NULL; } - if (ctx->pctx == NULL) - ctx->pctx = EVP_PKEY_CTX_new(pkey, e); + if (ctx->pctx == NULL) { + if (libctx != NULL) + ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props); + else + ctx->pctx = EVP_PKEY_CTX_new(pkey, e); + } if (ctx->pctx == NULL) return 0; @@ -258,28 +262,30 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey) + const char *mdname, const char *props, EVP_PKEY *pkey, + OPENSSL_CTX *libctx) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, 0); + return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, + 0); } int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, 0); + return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 0); } int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const char *mdname, const char *props, - EVP_PKEY *pkey) + EVP_PKEY *pkey, OPENSSL_CTX *libctx) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, 1); + return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, 1); } int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, 1); + return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 1); } #endif /* FIPS_MDOE */ |