On Mon, 2022-12-05 at 16:14 -0800, Benjamin Kaduk via openssl-users
wrote:
> On Mon, Dec 05, 2022 at 11:31:18AM -0800, Thomas Dwyer III wrote:
> > Why does EVP_get_digestbyname("md4") return non-NULL if the legacy
> > provider
> > isn't loaded? Similarly, why does it return non-NULL for "md5"
> >
On Mon, Dec 05, 2022 at 11:31:18AM -0800, Thomas Dwyer III wrote:
> Why does EVP_get_digestbyname("md4") return non-NULL if the legacy provider
> isn't loaded? Similarly, why does it return non-NULL for "md5" after doing
> EVP_set_default_properties(NULL, "fips=yes")? This seems unintuitive.
Why does EVP_get_digestbyname("md4") return non-NULL if the legacy
provider isn't loaded? Similarly, why does it return non-NULL for "md5"
after doing EVP_set_default_properties(NULL, "fips=yes")? This seems
unintuitive. Legacy code that does not know about EVP_MD_fetch() checks
the return
Hi,
there is an error in your code - see my comment below.
On Mon, 2022-12-05 at 08:45 +, Zhongyan Wang wrote:
...
> md = EVP_get_digestbyname(dgst);
> if (!md) {
> printf("Error EVP_get_digestbyname %s\n", dgst);
> goto err_exit;
> }
>
> in =
Hi team,
I find a segment fault in BIO_read() on openssl 3.0 about calculate digest with
BIO using md4 algorithm.
This is my test code, put it in a.c, build & run, it will crash.
If don't load legacy provider:
1. Set dgst = "md4", EVP_get_digestbyname(dgst) won't return NULL, but a
non-NULL
