Skip to content

Commit

Permalink
signature: ED448 requires parameter even if none is provided by OpenSSL
Browse files Browse the repository at this point in the history
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
  • Loading branch information
Jakuje committed Jan 9, 2025
1 parent 8389bdc commit ad6c196
Showing 1 changed file with 14 additions and 7 deletions.
21 changes: 14 additions & 7 deletions src/signature.c
Original file line number Diff line number Diff line change
Expand Up @@ -2290,10 +2290,23 @@ static int p11prov_eddsa_set_ctx_params(void *ctx, const OSSL_PARAM params[])
{
P11PROV_SIG_CTX *sigctx = (P11PROV_SIG_CTX *)ctx;
const OSSL_PARAM *p;
CK_ULONG size;
int ret;

P11PROV_debug("eddsa set ctx params (ctx=%p, params=%p)", sigctx, params);

size = p11prov_obj_get_key_bit_size(sigctx->key);
if (size != ED25519_BIT_SIZE && size != ED448_BIT_SIZE) {
P11PROV_raise(sigctx->provctx, CKR_KEY_TYPE_INCONSISTENT,
"Invalid EdDSA key size %lu", size);
return RET_OSSL_ERR;
}

/* PKCS #11 parameters are mandatory for Ed448 key type anyway */
if (size == ED448_BIT_SIZE) {
sigctx->use_eddsa_params = CK_TRUE;
}

if (params == NULL) {
return RET_OSSL_OK;
}
Expand All @@ -2302,20 +2315,13 @@ static int p11prov_eddsa_set_ctx_params(void *ctx, const OSSL_PARAM params[])
if (p) {
const char *instance = NULL;
bool matched = false;
CK_ULONG size;

ret = OSSL_PARAM_get_utf8_string_ptr(p, &instance);
if (ret != RET_OSSL_OK) {
return ret;
}
P11PROV_debug("Set OSSL_SIGNATURE_PARAM_INSTANCE to %s", instance);

size = p11prov_obj_get_key_bit_size(sigctx->key);
if (size != ED25519_BIT_SIZE && size != ED448_BIT_SIZE) {
P11PROV_raise(sigctx->provctx, CKR_KEY_TYPE_INCONSISTENT,
"Invalid EdDSA key size %lu", size);
return RET_OSSL_ERR;
}
if (size == ED25519_BIT_SIZE) {
if (OPENSSL_strcasecmp(instance, "Ed25519") == 0) {
matched = true;
Expand Down Expand Up @@ -2359,6 +2365,7 @@ static int p11prov_eddsa_set_ctx_params(void *ctx, const OSSL_PARAM params[])
return ret;
}
sigctx->eddsa_params.ulContextDataLen = datalen;
sigctx->use_eddsa_params = CK_TRUE;
}

return RET_OSSL_OK;
Expand Down

0 comments on commit ad6c196

Please sign in to comment.