diff options
| author | Sebastian Andrzej Siewior <sebastian@breakpoint.cc> | 2022-08-01 17:42:05 +0200 |
|---|---|---|
| committer | Todd Short <todd.short@me.com> | 2022-08-04 09:23:15 -0400 |
| commit | 08d420dd8edb9b6b5a0616171b30b5a53beb630b (patch) | |
| tree | 12466a503e90ba9315e2f083633403e58690ff35 /providers | |
| parent | c69410a78666853454fafca071dea49fb4a4c515 (diff) | |
providers: Set the size of EC signature on s390.
The s390x provides its custom implementation for the creation of the
ed448 and ed25519 signatures. Unfortunately it does not set the size.
Users that rely of this return parameter end up with wrong values and
will compare wrong sizes of signature.
Set the proper size of the returned signature on success. Set an error
if the signing operation fails.
Fixes: #18912
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18928)
(cherry picked from commit bbedc052973b1c2fab7d7fb891d02aea393ff579)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/implementations/signature/eddsa_sig.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c index eb1a769128..9a9bb77eae 100644 --- a/providers/implementations/signature/eddsa_sig.c +++ b/providers/implementations/signature/eddsa_sig.c @@ -165,8 +165,14 @@ int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret, return 0; } #ifdef S390X_EC_ASM - if (S390X_CAN_SIGN(ED25519)) - return s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen); + if (S390X_CAN_SIGN(ED25519)) { + if (s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); + return 0; + } + *siglen = ED25519_SIGSIZE; + return 1; + } #endif /* S390X_EC_ASM */ if (ossl_ed25519_sign(sigret, tbs, tbslen, edkey->pubkey, edkey->privkey, peddsactx->libctx, NULL) == 0) { @@ -196,8 +202,14 @@ int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret, return 0; } #ifdef S390X_EC_ASM - if (S390X_CAN_SIGN(ED448)) - return s390x_ed448_digestsign(edkey, sigret, tbs, tbslen); + if (S390X_CAN_SIGN(ED448)) { + if (s390x_ed448_digestsign(edkey, sigret, tbs, tbslen) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); + return 0; + } + *siglen = ED448_SIGSIZE; + return 1; + } #endif /* S390X_EC_ASM */ if (ossl_ed448_sign(peddsactx->libctx, sigret, tbs, tbslen, edkey->pubkey, edkey->privkey, NULL, 0, edkey->propq) == 0) { |