WIP: Harmonize calls to EVP_Digest*{Init,Update,Final}()#6854
WIP: Harmonize calls to EVP_Digest*{Init,Update,Final}()#6854mspncp wants to merge 3 commits intoopenssl:masterfrom
Conversation
crypto/evp/m_sigver.c
Outdated
There was a problem hiding this comment.
Checking for sigret != NULL looks like a mistake.
There was a problem hiding this comment.
No. If sigret == NULL, then it's expected that the caller tries to figure out what the signature length will be. In that case, the EVP_DigestSignUpdate call is a waste of cycles (and I have no idea what corner cases it might hit as well)
There was a problem hiding this comment.
(or at least that's my guess. It might be prudent to look through history on this one)
|
At least this test fails: |
|
Thanks Richard! The latest fixup seems heal most of the evp_test, except for the SM2 tests, which I will have to look at later. Strangely, the test outcome is 'ok' although the SM2 tests report a mismatch. Is this a bug in the test? |
|
I created issue #6857 for the test problem. |
The majority of callers does not check for an empty buffer (buffer_length == 0) before calling EVP_Digest*Update(), because all implementations handle this case correctly as no-op. (See discussions in openssl#6800, openssl#6817, and openssl#6838.)
[extended tests] According to the manual pages, the functions return a boolean value, so checking for `EVP_Digest*() <= 0` is misleading. Also the statistics show a clear tendency towards using `!EVP_Digest*()` (77 vs. 245 locations).
2c826cb to
226e65c
Compare
| ssl_clear_hash_ctx(hash); | ||
| *hash = EVP_MD_CTX_new(); | ||
| if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) { | ||
| if (*hash == NULL || (md && !EVP_DigestInit_ex(*hash, md, NULL))) { |
There was a problem hiding this comment.
Hmmm... Do we call this function with a NULL md, ever? Is it reasonable to expect it to be NULL? If not, then I don't see why we're testing it...
There was a problem hiding this comment.
Hmmm, good question... Its seems to be the only place in the entire source code where this is checked.
~/src/openssl$ rgrep EVP_DigestInit | grep -F '&&'
ssl/ssl_lib.c:4396: if (*hash == NULL || (md && !EVP_DigestInit_ex(*hash, md, NULL))) {
Probably you're right. I will remove the check and see what the tests say about it.
There was a problem hiding this comment.
Just noticed right now that the doc comment says that the md is optional. So even if nobody would use this feature we still couldn't change it in this release.
|
ping |
|
ping @openssl/omc for a second review. |
|
Speaking of harmonization, have you read |
|
Hmmm, ok... thanks for pointing out that inconsistency with the documentation. I will have to check the sources first whether the documentation is correct and EVP_DigestSign EVP_Digest |
I'll mark it WIP because there is still some work to be done and I did not have much time to do it recently.
|
This pull request has aged and I currently have no plans to resume it. |
Commit 2 was motivated by @Bugcheckers remark #6819 (comment). The other two commits are by-products.
Commit 1
Commit 2
Commit 3
Noticed while working on commit 2. Can be squashed with commit 2 if desired, or discarded if you think it is consistency overkill.