crypto/evp/signature.c: add checks for consistent presence of 'update' and 'final...

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27367)

diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 9697889cf0b21855687f36338bcc5b9bfa2ab993..d01df3282fa41d694e689804ac0486396d5b32ee 100644 (file)
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -421,6 +421,35 @@ static void *evp_signature_from_algorithm(int name_id,
         goto err;
     }
 
+    if ((signature->sign_message_update == NULL) !=
+        (signature->sign_message_final == NULL)) {
+        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
+                       "only one of %s message signing update and final available:%s",
+                       signature->type_name, desc);
+        goto err;
+    }
+    if ((signature->verify_message_update == NULL) !=
+        (signature->verify_message_final == NULL)) {
+        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
+                       "only one of %s message verification update and final available:%s",
+                       signature->type_name, desc);
+        goto err;
+    }
+    if ((signature->digest_sign_update == NULL) !=
+        (signature->digest_sign_final == NULL)) {
+        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
+                       "only one of %s digest signing update and final available:%s",
+                       signature->type_name, desc);
+        goto err;
+    }
+    if ((signature->digest_verify_update == NULL) !=
+        (signature->digest_verify_final == NULL)) {
+        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
+                       "only one of %s digest verification update and final available:%s",
+                       signature->type_name, desc);
+        goto err;
+    }
+
     return signature;
  err:
     EVP_SIGNATURE_free(signature);