From: David Woodhouse <dwmw2@infradead.org>
Date: Tue, 16 Oct 2018 14:41:17 +0000 (-0700)
Subject: Stop marking default digest for EC keys as mandatory
X-Git-Tag: OpenSSL_1_0_2r~25
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=cf68eb3687e271d02e55af2c132ea7527d76bcac;p=oweals%2Fopenssl.git

Stop marking default digest for EC keys as mandatory

ASN1_PKEY_CTRL_DEFAULT_MD_NID is documented to return 2 for a mandatory
digest algorithm, when the key can't support any others. That isn't true
here, so return 1 instead.

Partially fixes #7348

(cherry picked from commit eb7eb1378cd15c4652884b3701d4c0ef27b5b8a6)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/7610)
---

diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index aa5f3056af..db7e791bf5 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -601,7 +601,7 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 
     case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
         *(int *)arg2 = NID_sha256;
-        return 2;
+        return 1;
 
     default:
         return -2;