From abaa2311add6f19c712655b3d12fea979b774843 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 16 Oct 2018 07:41:17 -0700 Subject: [PATCH] Stop marking default digest for EC keys as mandatory ASN1_PKEY_CTRL_DEFAULT_MD_NID is documented to return 2 for a mandatory digest algorithm, when the key can't support any others. That isn't true here, so return 1 instead. Partially fixes #7348 Reviewed-by: Nicola Tuveri Reviewed-by: Richard Levitte (cherry picked from commit eb7eb1378cd15c4652884b3701d4c0ef27b5b8a6) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7609) --- crypto/ec/ec_ameth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index a3164b5b2e..8b363e096b 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -505,7 +505,7 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) case ASN1_PKEY_CTRL_DEFAULT_MD_NID: *(int *)arg2 = NID_sha256; - return 2; + return 1; case ASN1_PKEY_CTRL_SET1_TLS_ENCPT: return EC_KEY_oct2key(EVP_PKEY_get0_EC_KEY(pkey), arg2, arg1, NULL); -- 2.25.1