ASN1_item_verify needs to initialize ctx before any "goto err" can
authorBodo Möller <bodo@openssl.org>
Wed, 4 Oct 2006 06:14:36 +0000 (06:14 +0000)
committerBodo Möller <bodo@openssl.org>
Wed, 4 Oct 2006 06:14:36 +0000 (06:14 +0000)
happen; the new code for the OID cross reference table failed to do so.

crypto/asn1/a_verify.c

index 4885539..cecdb13 100644 (file)
@@ -136,8 +136,9 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 
        int mdnid, pknid;
 
-       /* Convert signature OID into digest and public key OIDs */
+       EVP_MD_CTX_init(&ctx);
 
+       /* Convert signature OID into digest and public key OIDs */
        if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid))
                {
                ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
@@ -157,7 +158,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
                goto err;
                }
 
-       EVP_MD_CTX_init(&ctx);
        if (!EVP_VerifyInit_ex(&ctx,type, NULL))
                {
                ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);