diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-11-13 14:33:57 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-11-13 23:48:35 +0000 |
commit | afa23c46d966fc3862804612be999d403a755cd7 (patch) | |
tree | 020e0687b6acef46dba7bb02f2616eeb7cf066cc /crypto/evp/p_sign.c | |
parent | 629b640bbc5391c6ac727aaa8465c5c5f99a5708 (diff) |
Flag to disable automatic copying of contexts.
Some functions such as EVP_VerifyFinal only finalise a copy of the passed
context in case an application wants to digest more data. Doing this when
it is not needed is inefficient and many applications don't require it.
For compatibility the default is to still finalise a copy unless the
flag EVP_MD_CTX_FLAG_FINALISE is set in which case the passed
context is finalised an *no* further data can be digested after
finalisation.
Diffstat (limited to 'crypto/evp/p_sign.c')
-rw-r--r-- | crypto/evp/p_sign.c | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 8afb664306..1889117d39 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -81,16 +81,26 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len; int i = 0,ok = 0,v; - EVP_MD_CTX tmp_ctx; EVP_PKEY_CTX *pkctx = NULL; *siglen=0; - EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) - goto err; - if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len)) - goto err; - EVP_MD_CTX_cleanup(&tmp_ctx); + if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) + { + if (!EVP_DigestFinal_ex(ctx, m, &m_len)) + goto err; + } + else + { + int rv; + EVP_MD_CTX tmp_ctx; + EVP_MD_CTX_init(&tmp_ctx); + rv = EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); + if (rv) + rv = EVP_DigestFinal_ex(&tmp_ctx, m, &m_len); + EVP_MD_CTX_cleanup(&tmp_ctx); + if (!rv) + return 0; + } if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { @@ -133,7 +143,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); return(0); } - return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, - pkey->pkey.ptr)); + return ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, + pkey->pkey.ptr); } |