Ignore NULL parameter in EVP_MD_CTX_destroy.

[openssl.git] / crypto / evp / digest.c

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 467e6b5ae9cf930775fd8e21c192294a5f2cfab7..87317572fe621b4e6ae13207c572dff5cd3419af 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -145,6 +145,19 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
        {
        EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
+#ifdef OPENSSL_FIPS
+       /* If FIPS mode switch to approved implementation if possible */
+       if (FIPS_mode())
+               {
+               const EVP_MD *fipsmd;
+               if (type)
+                       {
+                       fipsmd = FIPS_get_digestbynid(EVP_MD_type(type));
+                       if (fipsmd)
+                               type = fipsmd;
+                       }
+               }
+#endif
 #ifndef OPENSSL_NO_ENGINE
        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
         * so this context may already have an ENGINE! Try to avoid releasing
@@ -267,6 +280,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
        return FIPS_digestfinal(ctx, md, size);
 #else
        int ret;
+
        OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
        ret=ctx->digest->final(ctx,md);
        if (size != NULL)
@@ -365,8 +379,11 @@ int EVP_Digest(const void *data, size_t count,
 
 void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
        {
-       EVP_MD_CTX_cleanup(ctx);
-       OPENSSL_free(ctx);
+       if (ctx)
+               {
+               EVP_MD_CTX_cleanup(ctx);
+               OPENSSL_free(ctx);
+               }
        }
 
 /* This call frees resources associated with the context */