Missing hash algorithm

Context in EVP routine is initialized without a hash algorithm

Description

This defect occurs when you use a message digest context in these EVP routines, but you initialize the context without specifying a hash algorithm.

EVP_DigestFinal
EVP_DigestSignFinal
EVP_SignFinal
EVP_VerifyFinal

Risk

Using a message digest context that was initialized without an algorithm to perform a hashing operation might result in a run-time error. Even if the hashing operation is successful, the resulting digest is not secure.

Fix

Specify a hash algorithm when you initial a message digest context that you use in an EVP routine.

Examples

expand all

Context Used in EVP Routine After Context Cleanup


#include <openssl/evp.h>

void func(unsigned char* src, int len)
{
    EVP_MD_CTX ctx;
    EVP_MD_CTX_init(&ctx);

    EVP_VerifyInit(&ctx, EVP_sha256());
    EVP_MD_CTX_cleanup(&ctx);
    EVP_VerifyUpdate(&ctx, src, len);
}

In this example, context ctx is initialized with secure hash algorithm SHA-256. But, ctx is cleaned up before it is used by EVP_VerifyUpdate. The clean up of ctx frees up its resources and reinitializes it without a hash algorithm. The hashing operation of EVP_VerifyUpdate might result in a run-time error.

Correction — Clean Up Context Only After You No Longer Need It

One possible correction is to clean up the digest context only after you no longer need it.


#include <openssl/evp.h>

void func(unsigned char* src, int len)
{
    EVP_MD_CTX ctx;
    EVP_MD_CTX_init(&ctx);

    EVP_VerifyInit(&ctx, EVP_sha256());
    EVP_VerifyUpdate(&ctx, src, len);
    EVP_MD_CTX_cleanup(&ctx);
}

Result Information

Group: Cryptography

Language: C | C++

Default: Off

Command-Line Syntax: CRYPTO_MD_NO_ALGORITHM

Impact: Medium

Version History

Introduced in R2019b