mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

s390x: Fix prehash-by-caller handling for ED25519 and ED448

Browse Source 
In case of prehash or prehash-by-caller is set skip the s390x specific
acceleration an fallback to the non-accelerated code path.

Fixes: 6696682774

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25351)
This commit is contained in:
Ingo Franzki 2024-09-02 09:08:02 +02:00 committed by Tomas Mraz
parent a75d62637a
commit c23ce35225
1 changed files with 30 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
providers/implementations/signature/eddsa_sig.c
View File

@ -401,12 +401,17 @@ static int ed25519_sign(void *vpeddsactx,
return 0;
}
#ifdef S390X_EC_ASM
/* s390x_ed25519_digestsign() does not yet support dom2 or context-strings.
fall back to non-accelerated sign if those options are set. */
/*
* s390x_ed25519_digestsign() does not yet support dom2 or context-strings.
* fall back to non-accelerated sign if those options are set, or pre-hasing
* is provided.
*/
if (S390X_CAN_SIGN(ED25519)
&& !peddsactx->dom2_flag
&& !peddsactx->context_string_flag
&& peddsactx->context_string_len == 0) {
&& peddsactx->context_string_len == 0
&& !peddsactx->prehash_flag
&& !peddsactx->prehash_by_caller_flag) {
if (s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN);
return 0;
@ -504,11 +509,15 @@ static int ed448_sign(void *vpeddsactx,
return 0;
}
#ifdef S390X_EC_ASM
/* s390x_ed448_digestsign() does not yet support context-strings or pre-hashing.
fall back to non-accelerated sign if a context-string or pre-hasing is provided. */
/*
* s390x_ed448_digestsign() does not yet support context-strings or
* pre-hashing. Fall back to non-accelerated sign if a context-string or
* pre-hasing is provided.
*/
if (S390X_CAN_SIGN(ED448)
&& peddsactx->context_string_len == 0
&& peddsactx->prehash_flag == 0) {
&& !peddsactx->prehash_flag
&& !peddsactx->prehash_by_caller_flag) {
if (s390x_ed448_digestsign(edkey, sigret, tbs, tbslen) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN);
return 0;
@ -563,14 +572,18 @@ static int ed25519_verify(void *vpeddsactx,
return 0;
#ifdef S390X_EC_ASM
/* s390x_ed25519_digestverify() does not yet support dom2 or context-strings.
fall back to non-accelerated verify if those options are set. */
/*
* s390x_ed25519_digestverify() does not yet support dom2 or context-strings.
* fall back to non-accelerated verify if those options are set, or
* pre-hasing is provided.
*/
if (S390X_CAN_SIGN(ED25519)
&& !peddsactx->dom2_flag
&& !peddsactx->context_string_flag
&& peddsactx->context_string_len == 0) {
&& peddsactx->context_string_len == 0
&& !peddsactx->prehash_flag
&& !peddsactx->prehash_by_caller_flag)
return s390x_ed25519_digestverify(edkey, sig, tbs, tbslen);
}
#endif /* S390X_EC_ASM */
if (peddsactx->prehash_flag) {
@ -617,13 +630,16 @@ static int ed448_verify(void *vpeddsactx,
return 0;
#ifdef S390X_EC_ASM
/* s390x_ed448_digestverify() does not yet support context-strings or pre-hashing.
fall back to non-accelerated verify if a context-string or pre-hasing is provided. */
/*
* s390x_ed448_digestverify() does not yet support context-strings or
* pre-hashing. Fall back to non-accelerated verify if a context-string or
* pre-hasing is provided.
*/
if (S390X_CAN_SIGN(ED448)
&& peddsactx->context_string_len == 0
&& peddsactx->prehash_flag == 0) {
&& !peddsactx->prehash_flag
&& !peddsactx->prehash_by_caller_flag)
return s390x_ed448_digestverify(edkey, sig, tbs, tbslen);
}
#endif /* S390X_EC_ASM */
if (peddsactx->prehash_flag) {