X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fevp%2Fp_verify.c;h=02c26631f0d8f054a03d3e958683c7623f3594da;hp=892c646b36a6054b8373fec67cf2dad64bbefb8e;hb=77a01145be26ceeefa6870e1e9dd7f99ac123fa3;hpb=90945fa31a42dcf3beb90540c618e4d627c595ea

diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 892c646b36..02c26631f0 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -67,57 +67,37 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
 {
     unsigned char m[EVP_MAX_MD_SIZE];
     unsigned int m_len = 0;
-    int i = 0, ok = 0, v = 0;
+    int i = 0;
     EVP_PKEY_CTX *pkctx = NULL;
 
-    if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
+    if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {
         if (!EVP_DigestFinal_ex(ctx, m, &m_len))
             goto err;
     } else {
         int rv = 0;
-        EVP_MD_CTX tmp_ctx;
-        EVP_MD_CTX_init(&tmp_ctx);
-        rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
+        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_create();
+        if (tmp_ctx == NULL) {
+            EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
         if (rv)
-            rv = EVP_DigestFinal_ex(&tmp_ctx, m, &m_len);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
+            rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);
+        EVP_MD_CTX_destroy(tmp_ctx);
         if (!rv)
             return 0;
     }
 
-    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-        i = -1;
-        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (pkctx == NULL)
-            goto err;
-        if (EVP_PKEY_verify_init(pkctx) <= 0)
-            goto err;
-        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-            goto err;
-        i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
+    i = -1;
+    pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+    if (pkctx == NULL)
+        goto err;
+    if (EVP_PKEY_verify_init(pkctx) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+        goto err;
+    i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
  err:
-        EVP_PKEY_CTX_free(pkctx);
-        return i;
-    }
-
-    for (i = 0; i < 4; i++) {
-        v = ctx->digest->required_pkey_type[i];
-        if (v == 0)
-            break;
-        if (pkey->type == v) {
-            ok = 1;
-            break;
-        }
-    }
-    if (!ok) {
-        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-        return (-1);
-    }
-    if (ctx->digest->verify == NULL) {
-        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
-        return (0);
-    }
-
-    return (ctx->digest->verify(ctx->digest->type, m, m_len,
-                                sigbuf, siglen, pkey->pkey.ptr));
+    EVP_PKEY_CTX_free(pkctx);
+    return i;
 }