Don't (re-)initialize the FFC_PARAMs in dh_init and dsa_init

The initialization was introduced in commit dc8de3e6f1ee and changes the behaviour of the `init` method for DSA and DH between 1.1.1 and 3.0, while the behaviour for RSA and EC_KEY remains unchanged. The initialization is not necessary in 3.x and master imho and breaks the use-case of intercepting the methods of an existing key. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22185)
2025-03-31 20:10:45 +08:00 · 2023-10-02 12:10:01 +02:00 · 2023-10-02 12:10:01 +02:00 · 706512ecbc
commit 706512ecbc
parent 860e36d0dd
4 changed files with 4 additions and 2 deletions
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@ -194,7 +194,6 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
 static int dh_init(DH *dh)
 {
    dh->flags |= DH_FLAG_CACHE_MONT_P;
-    ossl_ffc_params_init(&dh->params);
    dh->dirty_cnt++;
    return 1;
 }
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@ -119,6 +119,8 @@ static DH *dh_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx)
        goto err;
 #endif /* FIPS_MODULE */

+    ossl_ffc_params_init(&ret->params);
+
    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
        ERR_raise(ERR_LIB_DH, ERR_R_INIT_FAIL);
        goto err;
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@ -179,6 +179,8 @@ static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx)
        goto err;
 #endif

+    ossl_ffc_params_init(&ret->params);
+
    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
        ERR_raise(ERR_LIB_DSA, ERR_R_INIT_FAIL);
        goto err;
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@ -462,7 +462,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
 static int dsa_init(DSA *dsa)
 {
    dsa->flags |= DSA_FLAG_CACHE_MONT_P;
-    ossl_ffc_params_init(&dsa->params);
    dsa->dirty_cnt++;
    return 1;
 }