Handle mdname in legacy EVP_DigestSignInit_ex codepaths

Even though an application callS the new EVP_DigestSignInit_ex()
function to pass an mdname by string rather than EVP_MD, we may still end
up in legacy codepaths, and therefore we need to handle either mdname or
EVP_MD, in both legacy and non-legacy codepaths.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11353)

diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 3d15a9fcbcb89c3f4bed2fde3ed7f4f6cea7be6c..8dd4207d1783e5421145ddacccfd1dcf53126eec 100644 (file)
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -200,6 +200,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
      */
     ERR_pop_to_mark();
 
+    if (type == NULL && mdname != NULL)
+        type = evp_get_digestbyname_ex(locpctx->libctx, mdname);
+
     if (ctx->pctx->pmeth == NULL) {
         EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
         return 0;