From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 20 May 2017 02:18:32 +0000 (+0100)
Subject: Allow NULL md for custom signing methods
X-Git-Tag: OpenSSL_1_1_1-pre1~1425
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7dd6de9fddf41db98647925b9fbbc162370b385b;p=oweals%2Fopenssl.git

Allow NULL md for custom signing methods

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3503)
---

diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 4e93b5a768..5683cbbe83 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -147,7 +147,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
     type = EVP_MD_CTX_md(ctx);
     pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx));
 
-    if (type == NULL || pkey == NULL) {
+    if (pkey == NULL) {
         ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
         goto err;
     }
@@ -172,10 +172,15 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
             ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
         if (rv <= 1)
             goto err;
-    } else
+    } else {
         rv = 2;
+    }
 
     if (rv == 2) {
+        if (type == NULL) {
+            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
+            goto err;
+        }
         if (!OBJ_find_sigid_by_algs(&signid,
                                     EVP_MD_nid(type),
                                     pkey->ameth->pkey_id)) {