diff options
author | Richard Levitte <levitte@openssl.org> | 2020-05-19 12:52:07 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-05-20 21:10:10 +0200 |
commit | e637d47c9122d74d4f3a40a8cbe867de29468ba3 (patch) | |
tree | 45ceff21728a47ba3361250e0a043edd8bd81d61 /crypto/rsa | |
parent | a30027b680c4ccf69f0600b3a5406821b2d7fe0b (diff) | |
download | openssl-e637d47c9122d74d4f3a40a8cbe867de29468ba3.tar.gz |
rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(): fix check of |md|
In the FIPS module, the code as written generate an unconditional
error.
Fixes #11865
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11869)
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/rsa_oaep.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 8ffde9ff18..ce98802070 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -67,13 +67,14 @@ int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx, unsigned char seedmask[EVP_MAX_MD_SIZE]; int mdlen, dbmask_len = 0; + if (md == NULL) { #ifndef FIPS_MODULE - if (md == NULL) md = EVP_sha1(); #else RSAerr(0, ERR_R_PASSED_NULL_PARAMETER); return 0; #endif + } if (mgf1md == NULL) mgf1md = md; |