zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't restrict the ECDSA settable ctx params unnecessarily

Browse Source 
We just allow all possible settables all the time. Some things like the
digest name can't actually be changed in some circumstances - but we already
have checks for those things. It's still possible to pass a digest of the
same name to one that's already been set for example.

Fixes #25012

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25057)
This commit is contained in:
Matt Caswell 2024-07-31 14:24:12 +01:00 committed by Tomas Mraz
parent 8cc0a97d60
commit d244abb651
1 changed files with 0 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
providers/implementations/signature/ecdsa_sig.c
View File

@ -801,18 +801,9 @@ static const OSSL_PARAM settable_ctx_params[] = {
ECDSA_COMMON_SETTABLE_CTX_PARAMS
};
static const OSSL_PARAM settable_ctx_params_no_digest[] = {
OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx,
ossl_unused void *provctx)
{
PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
if (ctx != NULL && !ctx->flag_allow_md)
return settable_ctx_params_no_digest;
return settable_ctx_params;
}