From 6a1bb953230a2095a9ef7b9f1e979cf519ac616b Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Fri, 11 May 2018 13:50:38 +1000
Subject: [PATCH] hcrypto PKCS#11 backend: allow digest update with NULL (#378)

In the PKCS#11 backend, add an assertion check to p11_md_update()
to validate that the data length is zero if the data is NULL.
---
 lib/hcrypto/evp-pkcs11.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/hcrypto/evp-pkcs11.c b/lib/hcrypto/evp-pkcs11.c
index f605dd8d5..ea47dd871 100644
--- a/lib/hcrypto/evp-pkcs11.c
+++ b/lib/hcrypto/evp-pkcs11.c
@@ -387,6 +387,7 @@ p11_md_update(EVP_MD_CTX *ctx, const void *data, size_t length)
     CK_RV rv;
 
     assert(p11_module != NULL);
+    assert(data != NULL || length == 0);
 
     rv = p11_module->C_DigestUpdate(p11ctx->hSession,
                                     data ? (CK_BYTE_PTR)data : (CK_BYTE_PTR)"",