DH keys have an (until now) unused 'q' parameter. When creating from DSA copy

[oweals/openssl.git] / crypto / dsa / dsa_pmeth.c

diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 0ad12e008df7f6802bc262ddcce056b1d2c728d7..715d8d675bb766994d06d8ee2339bb71246a5a9a 100644 (file)
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -187,8 +187,11 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                case EVP_PKEY_CTRL_MD:
                if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1   &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_dsa    &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA    &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
-                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
                        {
                        DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
                        return 0;