root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Raise error when invalid digest used with SM2 

Otherwise commands like openssl req -newkey sm2 fail silently without
reporting any error unless -sm3 option is added.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16833)

(cherry picked from commit d5d95daba5)
This commit is contained in:
Tomas Mraz 2021-10-14 11:02:36 +02:00
parent f9c4823987
commit 31287743c0
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
providers/implementations/signature/sm2_sig.c
View File

@ -94,9 +94,13 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname)
if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */
psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname,
psm2ctx->propq);
if (psm2ctx->md == NULL
|| strlen(mdname) >= sizeof(psm2ctx->mdname)
if (psm2ctx->md == NULL)
return 0;
if (strlen(mdname) >= sizeof(psm2ctx->mdname)
|| !EVP_MD_is_a(psm2ctx->md, mdname)) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s",
mdname);
return 0;
}