From: Martin Oliveira <martin.oliveira@eideticom.com>
Date: Wed, 12 Mar 2025 17:09:04 +0000 (-0600)
Subject: Fix gettable_params() for ECX
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=482d3f9338b3d4c7537a1d112dce9c8e370c8d9f;p=thirdparty%2Fopenssl.git

Fix gettable_params() for ECX

The OSSL_PKEY_PARAM_MANDATORY_DIGEST parameter is only handled by the
ed25519_get_params() and ed448_get_params(). The x25519 and x448
versions of get_params() always ignore that parameter, so it should not
be in the list of gettable params.

Fixes: 1a7328c88256 ("PROV: Ensure that ED25519 & ED448 keys have a mandatory digest")

cla: trivial

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27043)
---

diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c
index b8d316ba8e9..b229b0bf39c 100644
--- a/providers/implementations/keymgmt/ecx_kmgmt.c
+++ b/providers/implementations/keymgmt/ecx_kmgmt.c
@@ -359,7 +359,6 @@ static const OSSL_PARAM ecx_gettable_params[] = {
     OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
-    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST, NULL, 0),
     OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
     ECX_KEY_TYPES(),
     OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
@@ -370,6 +369,7 @@ static const OSSL_PARAM ed_gettable_params[] = {
     OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST, NULL, 0),
     ECX_KEY_TYPES(),
     OSSL_PARAM_END
 };