Make CMAC work with EVP_PKEY.

Add patch originally accidentally omitted to allow CMAC to work with
EVP_PKEY APIs.

crypto/evp/m_sigver.c

@@ -72,6 +72,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 	if (ctx->pctx == NULL)
 		return 0;
 
+	if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM))
+		{
+
 		if (type == NULL)
 			{
 			int def_nid;
@@ -84,6 +87,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 			EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
 			return 0;
 			}
+		}
 
 	if (ver)
 		{
@@ -109,8 +113,8 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 		}
 	if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
 		return 0;
-	if (pctx)
+	if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
-		*pctx = ctx->pctx;
+		return 1;
 	if (!EVP_DigestInit_ex(ctx, type, e))
 		return 0;
 	return 1;
@@ -131,7 +135,20 @@ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
 	{
 	int sctx, r = 0;
-	if (ctx->pctx->pmeth->signctx)
+	EVP_PKEY_CTX *pctx = ctx->pctx;
+	if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
+		{
+		EVP_PKEY_CTX *dctx;
+		if (!sigret)
+			return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
+		dctx = EVP_PKEY_CTX_dup(ctx->pctx);
+		if (!dctx)
+			return 0;
+		r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);
+		EVP_PKEY_CTX_free(dctx);
+		return r;
+		}
+	if (pctx->pmeth->signctx)
 		sctx = 1;
 	else
 		sctx = 0;
@@ -158,13 +175,13 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
 		{
 		if (sctx)
 			{
-			if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <= 0)
+			if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)
 				return 0;
 			}
 		else
 			{
 			int s = EVP_MD_size(ctx->digest);
-			if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
+			if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)
 				return 0;
 			}
 		}