Revert "Apply the FIPS_eddsa_no_verify_digested indicator on prehash EdDSA only"

This reverts commit ca112fccdd34a8538f14ddf8c3569b8331eae357. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25192)
2024-08-15 09:49:05 +10:00 · 2024-08-15 09:49:05 +10:00 · 1348f4b5cf
commit 1348f4b5cf
parent 4b7b40f2f7
1 changed files with 3 additions and 4 deletions
--- a/providers/implementations/signature/eddsa_sig.c
+++ b/providers/implementations/signature/eddsa_sig.c
@ -383,10 +383,9 @@ static int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret,
 static int fips_check_verify(PROV_EDDSA_CTX *ctx)
 {
 #ifdef FIPS_MODULE
-    if (ctx->prehash_flag
-        && !OSSL_FIPS_IND_ON_UNAPPROVED(ctx, OSSL_FIPS_IND_SETTABLE0,
-                                        ctx->libctx, "Verify", "EdDSA",
-                                        FIPS_eddsa_no_verify_digested))
+    if (!OSSL_FIPS_IND_ON_UNAPPROVED(ctx, OSSL_FIPS_IND_SETTABLE0,
+                                     ctx->libctx, "Verify", "EdDSA",
+                                     FIPS_eddsa_no_verify_digested))
        return 0;
 #endif  /* FIPS_MODULE */
    return 1;