Don't call EVP_MD_CTX_reset during EVP_DigestFinal

This resets the fields of the EVP_MD_CTX and means we can no longer make calls using the EVP_MD_CTX, such as to query parameters. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10013)
2025-05-13 18:09:39 +00:00 · 2019-09-26 14:31:56 +01:00 · 2019-09-26 14:31:56 +01:00 · 15de965ff0
commit 15de965ff0
parent 9a071fef00
2 changed files with 20 additions and 1 deletions
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@ -107,6 +107,16 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)

    EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);

+    if (ctx->provctx != NULL) {
+        if (!ossl_assert(ctx->digest != NULL)) {
+            EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
+            return 0;
+        }
+        if (ctx->digest->freectx != NULL)
+            ctx->digest->freectx(ctx->provctx);
+        ctx->provctx = NULL;
+    }
+
    if (type != NULL)
        ctx->reqdigest = type;

@ -332,7 +342,6 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
        }
    }

-    EVP_MD_CTX_reset(ctx);
    return ret;

    /* TODO(3.0): Remove legacy code below */
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@ -31,6 +31,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
    void *provkey = NULL;
    int ret;

+    if (ctx->provctx != NULL) {
+        if (!ossl_assert(ctx->digest != NULL)) {
+            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
+            return 0;
+        }
+        if (ctx->digest->freectx != NULL)
+            ctx->digest->freectx(ctx->provctx);
+        ctx->provctx = NULL;
+    }
+
    if (ctx->pctx == NULL) {
        ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
        if (ctx->pctx == NULL)