From f92e0815b873758582f9c280df0d9ce9a6600197 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 7 Aug 2019 09:38:05 +0100 Subject: [PATCH] Fix no-ec Fix some unguarded references to EC code inside the FIPS provider. Reviewed-by: Paul Yang Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/9543) --- providers/fips/fipsprov.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index eb587f9e1d..f6a7aa7fe0 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -104,7 +104,9 @@ static int dummy_evp_call(void *provctx) BIGNUM *a = NULL, *b = NULL; unsigned char randbuf[128]; RAND_DRBG *drbg = OPENSSL_CTX_get0_public_drbg(libctx); +#ifndef OPENSSL_NO_EC EC_KEY *key = NULL; +#endif if (ctx == NULL || sha256 == NULL || drbg == NULL) goto err; @@ -138,6 +140,7 @@ static int dummy_evp_call(void *provctx) if (!BN_rand_ex(a, 256, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, bnctx)) goto err; +#ifndef OPENSSL_NO_EC /* Do some dummy EC calls */ key = EC_KEY_new_by_curve_name_ex(libctx, NID_X9_62_prime256v1); if (key == NULL) @@ -145,6 +148,7 @@ static int dummy_evp_call(void *provctx) if (!EC_KEY_generate_key(key)) goto err; +#endif ret = 1; err: @@ -154,7 +158,9 @@ static int dummy_evp_call(void *provctx) EVP_MD_CTX_free(ctx); EVP_MD_meth_free(sha256); +#ifndef OPENSSL_NO_EC EC_KEY_free(key); +#endif return ret; }