Don't call EVP_MD_CTX_reset during EVP_DigestFinal

This resets the fields of the EVP_MD_CTX and means we can no longer make calls using the EVP_MD_CTX, such as to query parameters. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10013)
author: Matt Caswell <matt@openssl.org> 2019-09-26 14:31:56 +0100
committer: Matt Caswell <matt@openssl.org> 2019-10-03 09:47:34 +0100
commit: 15de965ff04ccecb068f3ce6c643555dce9372c6 (patch)
tree: ed0bd7181c9c810c1b1e0c876e0ca18a24f4d2fd /crypto/evp/digest.c
parent: 9a071fef00a6d58cfbce4dab4848eda12f1c7dcf (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 1b6963cfba..6609e8f541 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -107,6 +107,16 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 
     EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
 
+    if (ctx->provctx != NULL) {
+        if (!ossl_assert(ctx->digest != NULL)) {
+            EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
+            return 0;
+        }
+        if (ctx->digest->freectx != NULL)
+            ctx->digest->freectx(ctx->provctx);
+        ctx->provctx = NULL;
+    }
+
     if (type != NULL)
         ctx->reqdigest = type;
 
@@ -332,7 +342,6 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
         }
     }
 
-    EVP_MD_CTX_reset(ctx);
     return ret;
 
     /* TODO(3.0): Remove legacy code below */
author	Matt Caswell <matt@openssl.org>	2019-09-26 14:31:56 +0100
committer	Matt Caswell <matt@openssl.org>	2019-10-03 09:47:34 +0100
commit	15de965ff04ccecb068f3ce6c643555dce9372c6 (patch)
tree	ed0bd7181c9c810c1b1e0c876e0ca18a24f4d2fd /crypto/evp/digest.c
parent	9a071fef00a6d58cfbce4dab4848eda12f1c7dcf (diff)