void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
{
+ /*
+ * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
+ * we have to deal with the cleanup job here.
+ */
+ if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
+ EVP_PKEY_CTX_free(ctx->pctx);
+
ctx->pctx = pctx;
- /* make sure pctx is not freed when destroying EVP_MD_CTX */
- EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
+
+ if (pctx != NULL) {
+ /* make sure pctx is not freed when destroying EVP_MD_CTX */
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
+ } else {
+ EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
+ }
}
void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx)
Assigns an B<EVP_PKEY_CTX> to B<EVP_MD_CTX>. This is usually used to provide
a customzied B<EVP_PKEY_CTX> to L<EVP_DigestSignInit(3)> or
-L<EVP_DigestVerifyInit(3)>. The B<EVP_PKEY_CTX> passed to this function should
-be freed by the caller.
+L<EVP_DigestVerifyInit(3)>. The B<pctx> passed to this function should be freed
+by the caller. A null B<pctx> pointer is also allowed to clear the B<EVP_PKEY_CTX>
+assigned to B<ctx>. In such case, freeing the cleared B<EVP_PKEY_CTX> or not
+depends on how the B<EVP_PKEY_CTX> is created.
=back
EVP_dss1() was removed in OpenSSL 1.1.0.
-EVP_MD_CTX_set_pkey_ctx() is added in 1.1.1.
+EVP_MD_CTX_set_pkey_ctx() was added in 1.1.1.
=head1 COPYRIGHT
projects / oweals / openssl.git / commitdiff