Remove Ed25519ctx from the FIPS provider

author Igor Ustinov <igus68@gmail.com>

Thu, 6 Nov 2025 20:25:41 +0000 (21:25 +0100)

committer Tomas Mraz <tomas@openssl.org>

Wed, 26 Nov 2025 13:44:25 +0000 (14:44 +0100)
author Igor Ustinov <igus68@gmail.com>
Thu, 6 Nov 2025 20:25:41 +0000 (21:25 +0100)
committer Tomas Mraz <tomas@openssl.org>
Wed, 26 Nov 2025 13:44:25 +0000 (14:44 +0100)
diff --git a/doc/man7/EVP_SIGNATURE-ED25519.pod b/doc/man7/EVP_SIGNATURE-ED25519.pod

index 924f254aad0fc0d32e816ce962a44c5477987eed..559968664e1a909d34a5cd0afa92627ab8f71e66 100644 (file)
--- a/doc/man7/EVP_SIGNATURE-ED25519.pod
+++ b/doc/man7/EVP_SIGNATURE-ED25519.pod
@@ -134,6 +134,9 @@ since version 1.1.1.
  Valid algorithm names are B<ed25519>, B<ed448> and B<eddsa>. If B<eddsa> is
  specified, then both Ed25519 and Ed448 are benchmarked.
  
+Since Ed25519ctx is not included in FIPS 186-5, it is not present
+in the FIPS provider.
+
  =head1 EXAMPLES
  
  To sign a message using an ED25519 EVP_PKEY structure:
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c

index dea863c79f283fe1374ce73f88e5fa8edfff79a2..9abda597dbf270c5f0f40e8698b126a020752f49 100644 (file)
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -510,8 +510,6 @@ static const OSSL_ALGORITHM fips_signature[] = {
        ossl_ed25519_signature_functions },
      { PROV_NAMES_ED25519ph, FIPS_DEFAULT_PROPERTIES,
        ossl_ed25519ph_signature_functions },
-    { PROV_NAMES_ED25519ctx, FIPS_DEFAULT_PROPERTIES,
-      ossl_ed25519ctx_signature_functions },
      { PROV_NAMES_ED448, FIPS_DEFAULT_PROPERTIES,
        ossl_ed448_signature_functions },
      { PROV_NAMES_ED448ph, FIPS_DEFAULT_PROPERTIES,
diff --git a/providers/implementations/signature/eddsa_sig.c.in b/providers/implementations/signature/eddsa_sig.c.in

index 1ef925253d6a361b8ffa3da717651cfc60894a2c..3e58c22127d8df83cd02a2c2579fd4519d04737d 100644 (file)
--- a/providers/implementations/signature/eddsa_sig.c.in
+++ b/providers/implementations/signature/eddsa_sig.c.in
@@ -196,6 +196,7 @@ static int eddsa_setup_instance(void *vpeddsactx, int instance_id,
          peddsactx->prehash_flag = 0;
          peddsactx->context_string_flag = 0;
          break;
+#ifndef FIPS_MODULE
      case ID_Ed25519ctx:
          if (peddsactx->key->type != ECX_KEY_TYPE_ED25519)
              return 0;
@@ -203,6 +204,7 @@ static int eddsa_setup_instance(void *vpeddsactx, int instance_id,
          peddsactx->prehash_flag = 0;
          peddsactx->context_string_flag = 1;
          break;
+#endif
      case ID_Ed25519ph:
          if (peddsactx->key->type != ECX_KEY_TYPE_ED25519)
              return 0;
@@ -852,9 +854,11 @@ static int eddsa_set_ctx_params_internal
          if (OPENSSL_strcasecmp(pinstance_name, SN_Ed25519) == 0) {
              eddsa_setup_instance(peddsactx, ID_Ed25519, 0,
                                   peddsactx->prehash_by_caller_flag);
+#ifndef FIPS_MODULE
          } else if (OPENSSL_strcasecmp(pinstance_name, SN_Ed25519ctx) == 0) {
              eddsa_setup_instance(peddsactx, ID_Ed25519ctx, 0,
                                   peddsactx->prehash_by_caller_flag);
+#endif
          } else if (OPENSSL_strcasecmp(pinstance_name, SN_Ed25519ph) == 0) {
              eddsa_setup_instance(peddsactx, ID_Ed25519ph, 0,
                                   peddsactx->prehash_by_caller_flag);
@@ -866,6 +870,10 @@ static int eddsa_set_ctx_params_internal
                                   peddsactx->prehash_by_caller_flag);
          } else {
              /* we did not recognize the instance */
+            ERR_raise_data(ERR_LIB_PROV,
+                           PROV_R_INVALID_EDDSA_INSTANCE_FOR_ATTEMPTED_OPERATION,
+                           "unknown INSTANCE name: %s",
+                           pinstance_name != NULL ? pinstance_name : "<null>");
              return 0;
          }
  
diff --git a/test/recipes/30-test_evp_data/evppkey_ecx.txt b/test/recipes/30-test_evp_data/evppkey_ecx.txt

index e40141c34feb6b1a4cdebf22cff05cc1ae674009..15881618aa37ce708326fc61223b70043a0ea7ce 100644 (file)
--- a/test/recipes/30-test_evp_data/evppkey_ecx.txt
+++ b/test/recipes/30-test_evp_data/evppkey_ecx.txt
@@ -702,7 +702,7 @@ PublicKeyRaw = EDDSA-TV-6-PUBLIC-Raw:ED25519:dfc9425e4f968f7f0c29f0259cf5f9aed68
  
  PrivPubKeyPair = EDDSA-TV-6-Raw:EDDSA-TV-6-PUBLIC-Raw
  
-FIPSversion = >=3.2.0
+Availablein = default
  OneShotDigestSign = NULL
  Key = EDDSA-TV-6-Raw
  Input = f726936d19c800494e3fdaff20b276a8
@@ -718,7 +718,7 @@ PublicKeyRaw = EDDSA-TV-7-PUBLIC-Raw:ED25519:dfc9425e4f968f7f0c29f0259cf5f9aed68
  
  PrivPubKeyPair = EDDSA-TV-7-Raw:EDDSA-TV-7-PUBLIC-Raw
  
-FIPSversion = >=3.2.0
+Availablein = default
  OneShotDigestSign = NULL
  Key = EDDSA-TV-7-Raw
  Input = f726936d19c800494e3fdaff20b276a8
@@ -734,7 +734,7 @@ PublicKeyRaw = EDDSA-TV-8-PUBLIC-Raw:ED25519:dfc9425e4f968f7f0c29f0259cf5f9aed68
  
  PrivPubKeyPair = EDDSA-TV-8-Raw:EDDSA-TV-8-PUBLIC-Raw
  
-FIPSversion = >=3.2.0
+Availablein = default
  OneShotDigestSign = NULL
  Key = EDDSA-TV-8-Raw
  Input = 508e9e6882b979fea900f62adceaca35
@@ -750,7 +750,7 @@ PublicKeyRaw = EDDSA-TV-9-PUBLIC-Raw:ED25519:0f1d1274943b91415889152e893d80e9327
  
  PrivPubKeyPair = EDDSA-TV-9-Raw:EDDSA-TV-9-PUBLIC-Raw
  
-FIPSversion = >=3.2.0
+Availablein = default
  OneShotDigestSign = NULL
  Key = EDDSA-TV-9-Raw
  Input = f726936d19c800494e3fdaff20b276a8
diff --git a/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt b/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt

index d3e0d51a0ee4f8ee4b671dbc4e54161c2d79cb00..88a839948c64da96d38438b6b64f2637bd6916ce 100644 (file)
--- a/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt
+++ b/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt
@@ -442,7 +442,7 @@ PublicKeyRaw = EDDSA-TV-6-PUBLIC-Raw:ED25519:dfc9425e4f968f7f0c29f0259cf5f9aed68
  
  PrivPubKeyPair = EDDSA-TV-6-Raw:EDDSA-TV-6-PUBLIC-Raw
  
-FIPSversion = >=3.4.0
+Availablein = default
  Sign-Message = ED25519ctx:EDDSA-TV-6-Raw
  Input = f726936d19c800494e3fdaff20b276a8
  Ctrl = hexcontext-string:666f6f
@@ -456,7 +456,7 @@ PublicKeyRaw = EDDSA-TV-7-PUBLIC-Raw:ED25519:dfc9425e4f968f7f0c29f0259cf5f9aed68
  
  PrivPubKeyPair = EDDSA-TV-7-Raw:EDDSA-TV-7-PUBLIC-Raw
  
-FIPSversion = >=3.4.0
+Availablein = default
  Sign-Message = Ed25519ctx:EDDSA-TV-7-Raw
  Input = f726936d19c800494e3fdaff20b276a8
  Ctrl = hexcontext-string:626172
@@ -470,7 +470,7 @@ PublicKeyRaw = EDDSA-TV-8-PUBLIC-Raw:ED25519:dfc9425e4f968f7f0c29f0259cf5f9aed68
  
  PrivPubKeyPair = EDDSA-TV-8-Raw:EDDSA-TV-8-PUBLIC-Raw
  
-FIPSversion = >=3.4.0
+Availablein = default
  Sign-Message = Ed25519ctx:EDDSA-TV-8-Raw
  Input = 508e9e6882b979fea900f62adceaca35
  Ctrl = hexcontext-string:666f6f
@@ -484,7 +484,7 @@ PublicKeyRaw = EDDSA-TV-9-PUBLIC-Raw:ED25519:0f1d1274943b91415889152e893d80e9327
  
  PrivPubKeyPair = EDDSA-TV-9-Raw:EDDSA-TV-9-PUBLIC-Raw
  
-FIPSversion = >=3.4.0
+Availablein = default
  Sign-Message = Ed25519ctx:EDDSA-TV-9-Raw
  Input = f726936d19c800494e3fdaff20b276a8
  Ctrl = hexcontext-string:666f6f
author	Igor Ustinov <igus68@gmail.com>
	Thu, 6 Nov 2025 20:25:41 +0000 (21:25 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Wed, 26 Nov 2025 13:44:25 +0000 (14:44 +0100)
doc/man7/EVP_SIGNATURE-ED25519.pod		patch \| blob \| blame \| history
providers/fips/fipsprov.c		patch \| blob \| blame \| history
providers/implementations/signature/eddsa_sig.c.in		patch \| blob \| blame \| history
test/recipes/30-test_evp_data/evppkey_ecx.txt		patch \| blob \| blame \| history
test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt		patch \| blob \| blame \| history