diff options
author | Simo Sorce <simo@redhat.com> | 2023-03-09 11:45:02 -0500 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-03-15 08:42:59 +1100 |
commit | 3fc2b7d6b8f961144905330dfd4689f5bd515199 (patch) | |
tree | 6636f65738ba67a2c55d1941a0c7f3a4432e590d /include | |
parent | f3c0dd4f0cd3bc282575a98181f8190d81189a78 (diff) | |
download | openssl-new-3fc2b7d6b8f961144905330dfd4689f5bd515199.tar.gz |
Add a flag so finalised contexts are not reused
The EVP layer should not rely on the underlying low level code to
handle catching incorrect reuse of contexts.
Add a flag to mark a context as finalised as needed and then catch and
immediately error on Update/Final operations if called improperly.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/20375)
Diffstat (limited to 'include')
-rw-r--r-- | include/crypto/evp.h | 1 | ||||
-rw-r--r-- | include/openssl/evp.h | 3 |
2 files changed, 3 insertions, 1 deletions
diff --git a/include/crypto/evp.h b/include/crypto/evp.h index dbbdcccbda..55b44cd835 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -21,6 +21,7 @@ * values in evp.h */ #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 +#define EVP_MD_CTX_FLAG_FINALISED 0x0800 #define evp_pkey_ctx_is_legacy(ctx) \ ((ctx)->keymgmt == NULL) diff --git a/include/openssl/evp.h b/include/openssl/evp.h index b8bafe4e12..e10c0617a4 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -226,7 +226,8 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, * if the following flag is set. */ # define EVP_MD_CTX_FLAG_FINALISE 0x0200 -/* NOTE: 0x0400 is reserved for internal usage */ +/* NOTE: 0x0400 and 0x0800 are reserved for internal usage */ + # ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len); |