rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(): fix check of |md|
authorRichard Levitte <levitte@openssl.org>
Tue, 19 May 2020 10:52:07 +0000 (12:52 +0200)
committerRichard Levitte <levitte@openssl.org>
Wed, 20 May 2020 19:10:10 +0000 (21:10 +0200)
In the FIPS module, the code as written generate an unconditional
error.

Fixes #11865

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11869)

crypto/rsa/rsa_oaep.c

index 8ffde9ff186fab97bb35aeeb5dff81670129b04e..ce98802070dd56e17760349b282c55099c368282 100644 (file)
@@ -67,13 +67,14 @@ int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx,
     unsigned char seedmask[EVP_MAX_MD_SIZE];
     int mdlen, dbmask_len = 0;
 
+    if (md == NULL) {
 #ifndef FIPS_MODULE
-    if (md == NULL)
         md = EVP_sha1();
 #else
         RSAerr(0, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
 #endif
+    }
     if (mgf1md == NULL)
         mgf1md = md;