diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-05-07 17:44:26 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-05-13 13:19:39 +0200 |
commit | e9fe0f7e9df7e0909ca52a024b889e48616a29d9 (patch) | |
tree | 0063dedfae3fa67b80e46e5572743298a3eb2037 /ssl/t1_lib.c | |
parent | 3c39bd9b89198c6b3834c369c7da6f582788f645 (diff) |
Replace EVP_PKEY_supports_digest_nid
The EVP_PKEY_supports_digest_nid() is renamed to
EVP_PKEY_digestsign_supports_digest() and implemented
via EVP_DigestSignInit_ex().
Fixes #14343
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15198)
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r-- | ssl/t1_lib.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 14c16e355d..1dc57af43a 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3052,15 +3052,18 @@ static int check_cert_usable(SSL *s, const SIGALG_LOOKUP *sig, X509 *x, const SIGALG_LOOKUP *lu; int mdnid, pknid, supported; size_t i; + const char *mdname = NULL; /* - * If the given EVP_PKEY cannot supporting signing with this sigalg, + * If the given EVP_PKEY cannot support signing with this digest, * the answer is simply 'no'. */ - ERR_set_mark(); - supported = EVP_PKEY_supports_digest_nid(pkey, sig->hash); - ERR_pop_to_mark(); - if (supported == 0) + if (sig->hash != NID_undef) + mdname = OBJ_nid2sn(sig->hash); + supported = EVP_PKEY_digestsign_supports_digest(pkey, s->ctx->libctx, + mdname, + s->ctx->propq); + if (supported <= 0) return 0; /* |