diff options
author | RĂ©mi Verschelde <rverschelde@gmail.com> | 2017-05-27 19:51:04 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-05-27 19:51:04 +0200 |
commit | 1525071c28535816b98784f2ad62f9d5ef333654 (patch) | |
tree | 3502be2b2ae57c73fa21bd7b4a20dc02aab3aa06 /thirdparty/openssl/crypto/evp/digest.c | |
parent | ce8bf1592abfb0e9382d437fc453d0ffd500e076 (diff) | |
parent | 67305d1b0a6dbcdb032d5a5a0e92122cf8f10b8d (diff) |
Merge pull request #8960 from akien-mga/openssl-1.0.2l
OpenSSL: Cleanup and document update process from upstream sources + 1.0.2l
Diffstat (limited to 'thirdparty/openssl/crypto/evp/digest.c')
-rw-r--r-- | thirdparty/openssl/crypto/evp/digest.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/thirdparty/openssl/crypto/evp/digest.c b/thirdparty/openssl/crypto/evp/digest.c index 5b642b23fc..4db179629d 100644 --- a/thirdparty/openssl/crypto/evp/digest.c +++ b/thirdparty/openssl/crypto/evp/digest.c @@ -253,10 +253,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { #ifdef OPENSSL_FIPS - return FIPS_digestupdate(ctx, data, count); -#else - return ctx->update(ctx, data, count); + if (FIPS_mode()) + return FIPS_digestupdate(ctx, data, count); #endif + return ctx->update(ctx, data, count); } /* The caller can assume that this removes any secret data from the context */ @@ -271,10 +271,11 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) /* The caller can assume that this removes any secret data from the context */ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) { -#ifdef OPENSSL_FIPS - return FIPS_digestfinal(ctx, md, size); -#else int ret; +#ifdef OPENSSL_FIPS + if (FIPS_mode()) + return FIPS_digestfinal(ctx, md, size); +#endif OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); ret = ctx->digest->final(ctx, md); @@ -284,9 +285,8 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) ctx->digest->cleanup(ctx); EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); } - memset(ctx->md_data, 0, ctx->digest->ctx_size); + OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); return ret; -#endif } int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) |