diff options
author | Matt Caswell <matt@openssl.org> | 2018-05-17 16:24:29 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-05-18 10:14:29 +0100 |
commit | f3021aca4a154c2ff9bd0030f7974eb6a719550d (patch) | |
tree | 357805e6c31ea2d2035c7e119ae52c214e336c7f /crypto/ec/ecx_meth.c | |
parent | 8a59c08583424d59ac30c1261eedff40d653f8b0 (diff) |
Allow the ca application to use EdDSA
Using the ca application to sign certificates with EdDSA failed because it
is not possible to set the digest to "null". This adds the capability and
updates the documentation accordingly.
Fixes #6201
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6286)
Diffstat (limited to 'crypto/ec/ecx_meth.c')
-rw-r--r-- | crypto/ec/ecx_meth.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 501daeca7e..ea56df0d4e 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -778,7 +778,7 @@ static int pkey_ecd_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) switch (type) { case EVP_PKEY_CTRL_MD: /* Only NULL allowed as digest */ - if (p2 == NULL) + if (p2 == NULL || (const EVP_MD *)p2 == EVP_md_null()) return 1; ECerr(EC_F_PKEY_ECD_CTRL, EC_R_INVALID_DIGEST_TYPE); return 0; |