Raise error when invalid digest used with SM2

Otherwise commands like openssl req -newkey sm2 fail silently without reporting any error unless -sm3 option is added. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16833) (cherry picked from commit d5d95daba59adc41ab60ea86acd513f255fca3c0)
author: Tomas Mraz <tomas@openssl.org> 2021-10-14 11:02:36 +0200
committer: Tomas Mraz <tomas@openssl.org> 2021-10-15 14:38:02 +0200
commit: 31287743c07cef63a2bc9b31a393a7e3b2527f88 (patch)
tree: a1af9d5330dac64b0d73a18f92bd49d297918dc9 /providers
parent: f9c48239879a870b9d43ccd05f659f6355831139 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c
index 719e7a2eb2..10a9496904 100644
--- a/providers/implementations/signature/sm2_sig.c
+++ b/providers/implementations/signature/sm2_sig.c
@@ -94,9 +94,13 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname)
     if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */
         psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname,
                                    psm2ctx->propq);
-    if (psm2ctx->md == NULL
-        || strlen(mdname) >= sizeof(psm2ctx->mdname)
+    if (psm2ctx->md == NULL)
+        return 0;
+
+    if (strlen(mdname) >= sizeof(psm2ctx->mdname)
         || !EVP_MD_is_a(psm2ctx->md, mdname)) {
+        ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s",
+                       mdname);
         return 0;
     }
author	Tomas Mraz <tomas@openssl.org>	2021-10-14 11:02:36 +0200
committer	Tomas Mraz <tomas@openssl.org>	2021-10-15 14:38:02 +0200
commit	31287743c07cef63a2bc9b31a393a7e3b2527f88 (patch)
tree	a1af9d5330dac64b0d73a18f92bd49d297918dc9 /providers
parent	f9c48239879a870b9d43ccd05f659f6355831139 (diff)