]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2bd8190)
providers: Set the size of EC signature on s390.
authorSebastian Andrzej Siewior <sebastian@breakpoint.cc>
Mon, 1 Aug 2022 15:42:05 +0000 (17:42 +0200)
committerTodd Short <todd.short@me.com>
Thu, 4 Aug 2022 13:14:20 +0000 (09:14 -0400)
The s390x provides its custom implementation for the creation of the
ed448 and ed25519 signatures. Unfortunately it does not set the size.
Users that rely of this return parameter end up with wrong values and
will compare wrong sizes of signature.

Set the proper size of the returned signature on success. Set an error
if the signing operation fails.

Fixes: #18912
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18928)

providers/implementations/signature/eddsa_sig.c patch | blob | blame | history

diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c
index 41b0eb172f65502fbbc88ad33408527cca53270e..2dc6c5e9d1bfed3364514958559e9ab2950ce85c 100644 (file)
--- a/providers/implementations/signature/eddsa_sig.c
+++ b/providers/implementations/signature/eddsa_sig.c
@@ -164,8 +164,14 @@ int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret,
         return 0;
     }
 #ifdef S390X_EC_ASM
-    if (S390X_CAN_SIGN(ED25519))
-        return s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen);
+    if (S390X_CAN_SIGN(ED25519)) {
+           if (s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen) == 0) {
+                   ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN);
+                   return 0;
+           }
+           *siglen = ED25519_SIGSIZE;
+           return 1;
+    }
 #endif /* S390X_EC_ASM */
     if (ossl_ed25519_sign(sigret, tbs, tbslen, edkey->pubkey, edkey->privkey,
                           peddsactx->libctx, NULL) == 0) {
@@ -195,8 +201,14 @@ int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret,
         return 0;
     }
 #ifdef S390X_EC_ASM
-    if (S390X_CAN_SIGN(ED448))
-        return s390x_ed448_digestsign(edkey, sigret, tbs, tbslen);
+    if (S390X_CAN_SIGN(ED448)) {
+        if (s390x_ed448_digestsign(edkey, sigret, tbs, tbslen) == 0) {
+               ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN);
+               return 0;
+       }
+       *siglen = ED448_SIGSIZE;
+       return 1;
+    }
 #endif /* S390X_EC_ASM */
     if (ossl_ed448_sign(peddsactx->libctx, sigret, tbs, tbslen, edkey->pubkey,
                         edkey->privkey, NULL, 0, edkey->propq) == 0) {
Mirror of https://github.com/openssl/openssl.git