PR: 2029

Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix so that the legacy digest EVP_dss1() still works.

diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index a2e781c46802d8726eb9c548ee90754ca8aaccb0..84b77e3bfcd60000e6cf009edc42bd48110b0b2d 100644 (file)
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -186,6 +186,7 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
                case EVP_PKEY_CTRL_MD:
                if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1   &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_dsa    &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
                        {