From: Matt Caswell <matt@openssl.org>
Date: Thu, 12 Mar 2020 10:55:51 +0000 (+0000)
Subject: Handle the case where there is no digest in an EVP_MD_CTX
X-Git-Tag: openssl-3.0.0-alpha1~237
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a2b6231601c384bba043755bb58d500265ff6f1e;p=oweals%2Fopenssl.git

Handle the case where there is no digest in an EVP_MD_CTX

EVP_MD_CTX_ctrl assumes that a digest has always been set. However in a
non-legacy EVP_DigestSign* operation this is not the case because the
digest is handled entirely by the underlying signature implementation.

This fixes one of the travis failures on the master branch.

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11317)
---

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index be6fcb58f1..040a92dc5f 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -657,12 +657,12 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
     size_t sz;
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
-    if (ctx == NULL || ctx->digest == NULL) {
-        ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL);
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
 
-    if (ctx->digest->prov == NULL)
+    if (ctx->digest != NULL && ctx->digest->prov == NULL)
         goto legacy;
 
     switch (cmd) {