From 1b20579d5c35ca8d3c6e79fb6f5067ad98c47beb Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Wed, 16 Apr 2025 06:20:23 +0200 Subject: [PATCH] crypto/evp/signature.c: add checks for consistent presence of 'update' and 'final' functions Reviewed-by: Nicola Tuveri Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27367) (cherry picked from commit 8626a716b0776e4203dc89f2e81c54d078a7ad07) --- crypto/evp/signature.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c index 9697889cf0b..d01df3282fa 100644 --- a/crypto/evp/signature.c +++ b/crypto/evp/signature.c @@ -421,6 +421,35 @@ static void *evp_signature_from_algorithm(int name_id, goto err; } + if ((signature->sign_message_update == NULL) != + (signature->sign_message_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s message signing update and final available:%s", + signature->type_name, desc); + goto err; + } + if ((signature->verify_message_update == NULL) != + (signature->verify_message_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s message verification update and final available:%s", + signature->type_name, desc); + goto err; + } + if ((signature->digest_sign_update == NULL) != + (signature->digest_sign_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s digest signing update and final available:%s", + signature->type_name, desc); + goto err; + } + if ((signature->digest_verify_update == NULL) != + (signature->digest_verify_final == NULL)) { + ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS, + "only one of %s digest verification update and final available:%s", + signature->type_name, desc); + goto err; + } + return signature; err: EVP_SIGNATURE_free(signature); -- 2.47.2