1 files changed, 24 insertions, 18 deletions
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
index 5612d5ab52..db1405627a 100644
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: m_sigver.c,v 1.23 2024/03/27 04:18:50 joshua Exp $ */
+/* $OpenBSD: m_sigver.c,v 1.24 2024/03/27 06:33:51 joshua Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -166,11 +166,11 @@ int
 EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
 {
        EVP_PKEY_CTX *pctx = ctx->pctx;
-        EVP_MD_CTX tmp_ctx;
+        EVP_MD_CTX *md_ctx = NULL;
        unsigned char md[EVP_MAX_MD_SIZE];
        unsigned int mdlen = 0;
        int s;
-        int r = 0;
+        int ret = 0;
        if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
                return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen);
@@ -191,22 +191,28 @@ EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
                return 1;
        }
-        EVP_MD_CTX_legacy_clear(&tmp_ctx);
-        if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+        if ((md_ctx = EVP_MD_CTX_new()) == NULL)
-                return 0;
+                goto err;
-        if (ctx->pctx->pmeth->signctx != NULL) {
+        if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
-                r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
+                goto err;
-                    sigret, siglen, &tmp_ctx);
+        if (md_ctx->pctx->pmeth->signctx != NULL) {
-                EVP_MD_CTX_cleanup(&tmp_ctx);
+                if (md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
-                return r;
+                    sigret, siglen, md_ctx) <= 0)
+                        goto err;
+        } else {
+                if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
+                        goto err;
+                if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
+                        goto err;
        }
-        r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
+        ret = 1;
-        if (!r)
-                return r;
+ err:
-        if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
+        EVP_MD_CTX_free(md_ctx);
-                return 0;
-        return 1;
+        return ret;
 }
 int

diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c index 5612d5ab52..db1405627a 100644 --- a/src/lib/libcrypto/evp/m_sigver.c +++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: m_sigver.c,v 1.23 2024/03/27 04:18:50 joshua Exp $ */	1	/* $OpenBSD: m_sigver.c,v 1.24 2024/03/27 06:33:51 joshua Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -166,11 +166,11 @@ int
166	EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen)	166	EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen)
167	{	167	{
168	EVP_PKEY_CTX *pctx = ctx->pctx;	168	EVP_PKEY_CTX *pctx = ctx->pctx;
169	EVP_MD_CTX tmp_ctx;	169	EVP_MD_CTX *md_ctx = NULL;
170	unsigned char md[EVP_MAX_MD_SIZE];	170	unsigned char md[EVP_MAX_MD_SIZE];
171	unsigned int mdlen = 0;	171	unsigned int mdlen = 0;
172	int s;	172	int s;
173	int r = 0;	173	int ret = 0;
174		174
175	if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)	175	if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
176	return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen);	176	return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen);
@@ -191,22 +191,28 @@ EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen)
191	return 1;	191	return 1;
192	}	192	}
193		193
194	EVP_MD_CTX_legacy_clear(&tmp_ctx);	194
195	if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))	195	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
196	return 0;	196	goto err;
197	if (ctx->pctx->pmeth->signctx != NULL) {	197	if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
198	r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,	198	goto err;
199	sigret, siglen, &tmp_ctx);	199	if (md_ctx->pctx->pmeth->signctx != NULL) {
200	EVP_MD_CTX_cleanup(&tmp_ctx);	200	if (md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
201	return r;	201	sigret, siglen, md_ctx) <= 0)
		202	goto err;
		203	} else {
		204	if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
		205	goto err;
		206	if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
		207	goto err;
202	}	208	}
203	r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);	209
204	EVP_MD_CTX_cleanup(&tmp_ctx);	210	ret = 1;
205	if (!r)	211
206	return r;	212	err:
207	if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)	213	EVP_MD_CTX_free(md_ctx);
208	return 0;	214
209	return 1;	215	return ret;
210	}	216	}
211		217
212	int	218	int