mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Raise error when invalid digest used with SM2

Browse Source 
Otherwise commands like openssl req -newkey sm2 fail silently without
reporting any error unless -sm3 option is added.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16833)
This commit is contained in:
Tomas Mraz 2021-10-14 11:02:36 +02:00
parent 34563be536
commit d5d95daba5
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
providers/implementations/signature/sm2_sig.c
View File

@ -94,9 +94,13 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname)
if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */
psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname,
psm2ctx->propq);
if (psm2ctx->md == NULL
|| strlen(mdname) >= sizeof(psm2ctx->mdname)
if (psm2ctx->md == NULL)
return 0;
if (strlen(mdname) >= sizeof(psm2ctx->mdname)
|| !EVP_MD_is_a(psm2ctx->md, mdname)) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s",
mdname);
return 0;
}