From: Dr. David von Oheimb Date: Wed, 16 Apr 2025 04:20:23 +0000 (+0200) Subject: crypto/evp/signature.c: add checks for consistent presence of 'update' and 'final... X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8626a716b0776e4203dc89f2e81c54d078a7ad07;p=thirdparty%2Fopenssl.git crypto/evp/signature.c: add checks for consistent presence of 'update' and 'final' functions Reviewed-by: Nicola Tuveri Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27367) --- diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c index 9697889cf0b..d01df3282fa 100644 --- a/crypto/evp/signature.c +++ b/crypto/evp/signature.c @@ -421,6 +421,35 @@ static void *evp_signature_from_algorithm(int name_id, goto err; } + if ((signature->sign_message_update == NULL) != + (signature->sign_message_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s message signing update and final available:%s", + signature->type_name, desc); + goto err; + } + if ((signature->verify_message_update == NULL) != + (signature->verify_message_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s message verification update and final available:%s", + signature->type_name, desc); + goto err; + } + if ((signature->digest_sign_update == NULL) != + (signature->digest_sign_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s digest signing update and final available:%s", + signature->type_name, desc); + goto err; + } + if ((signature->digest_verify_update == NULL) != + (signature->digest_verify_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s digest verification update and final available:%s", + signature->type_name, desc); + goto err; + } + return signature; err: EVP_SIGNATURE_free(signature);