For self signed root only indicate one error.

[oweals/openssl.git] / crypto / evp / digest.c

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index feab0831be0d49940dd01e65fb7b1fda16780fd6..af0044ff43d7486b1302c56b8e7d4e988d0b09b6 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -119,6 +119,7 @@
 
 #ifdef OPENSSL_FIPS
 #include <openssl/fips.h>
+#include "evp_locl.h"
 #endif
 
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
@@ -145,14 +146,14 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
        {
        EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
-#ifdef OPENSSL_FIPS_
+#ifdef OPENSSL_FIPS
        /* If FIPS mode switch to approved implementation if possible */
        if (FIPS_mode())
                {
                const EVP_MD *fipsmd;
                if (type)
                        {
-                       fipsmd = FIPS_get_digestbynid(EVP_MD_type(type));
+                       fipsmd = evp_get_fips_md(type);
                        if (fipsmd)
                                type = fipsmd;
                        }
@@ -280,6 +281,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
        return FIPS_digestfinal(ctx, md, size);
 #else
        int ret;
+
        OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
        ret=ctx->digest->final(ctx,md);
        if (size != NULL)
@@ -378,8 +380,11 @@ int EVP_Digest(const void *data, size_t count,
 
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
        {
-       EVP_MD_CTX_cleanup(ctx);
-       OPENSSL_free(ctx);
+       if (ctx)
+               {
+               EVP_MD_CTX_cleanup(ctx);
+               OPENSSL_free(ctx);
+               }
        }
 
 /* This call frees resources associated with the context */