X509_digest_sig(): Improve default hash for EdDSA and allow to return the chosen default

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15762)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2021-06-15 13:00:38 +0200
committer: Matt Caswell <matt@openssl.org> 2021-06-16 14:30:35 +0100
commit: eefdb8e013fa9d0881566b41291c5725a77b332a (patch)
tree: 0e70fb71ad1bc367d5a13e57f0209e1ad895a1e5 /crypto/cmp/cmp_msg.c
parent: 6882652e65d39310c98ba506ceb55a87c702d419 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index b625147b6e..cfe96f516d 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -810,10 +810,11 @@ OSSL_CMP_MSG *ossl_cmp_certConf_new(OSSL_CMP_CTX *ctx, int fail_info,
     if (!ASN1_INTEGER_set(certStatus->certReqId, OSSL_CMP_CERTREQID))
         goto err;
     /*
-     * the hash of the certificate, using the same hash algorithm
-     * as is used to create and verify the certificate signature
+     * The hash of the certificate, using the same hash algorithm
+     * as is used to create and verify the certificate signature.
+     * If not available, a default hash algorithm is used.
      */
-    if ((certHash = X509_digest_sig(ctx->newCert)) == NULL)
+    if ((certHash = X509_digest_sig(ctx->newCert, NULL, NULL)) == NULL)
         goto err;
 
     if (!ossl_cmp_certstatus_set0_certHash(certStatus, certHash))
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2021-06-15 13:00:38 +0200
committer	Matt Caswell <matt@openssl.org>	2021-06-16 14:30:35 +0100
commit	eefdb8e013fa9d0881566b41291c5725a77b332a (patch)
tree	0e70fb71ad1bc367d5a13e57f0209e1ad895a1e5 /crypto/cmp/cmp_msg.c
parent	6882652e65d39310c98ba506ceb55a87c702d419 (diff)