Commit e637d47c authored by Richard Levitte's avatar Richard Levitte

rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(): fix check of |md|

In the FIPS module, the code as written generate an unconditional
error.

Fixes #11865
Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
Reviewed-by: default avatarTomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11869)
parent a30027b6
......@@ -67,13 +67,14 @@ int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx,
unsigned char seedmask[EVP_MAX_MD_SIZE];
int mdlen, dbmask_len = 0;
if (md == NULL) {
#ifndef FIPS_MODULE
if (md == NULL)
md = EVP_sha1();
#else
RSAerr(0, ERR_R_PASSED_NULL_PARAMETER);
return 0;
#endif
}
if (mgf1md == NULL)
mgf1md = md;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment