From de984934ddc2574acc304183d4e8b68b8123f87a Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 31 Jul 2024 14:24:12 +0100
Subject: [PATCH] Don't restrict the ECDSA settable ctx params unnecessarily

We just allow all possible settables all the time. Some things like the
digest name can't actually be changed in some circumstances - but we already
have checks for those things. It's still possible to pass a digest of the
same name to one that's already been set for example.

Fixes #25012

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25057)

(cherry picked from commit d244abb6515c3f1c68975c5d62417aff03f488b5)
---
 providers/implementations/signature/ecdsa_sig.c | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c
index 440b1767837..52607245a4c 100644
--- a/providers/implementations/signature/ecdsa_sig.c
+++ b/providers/implementations/signature/ecdsa_sig.c
@@ -801,18 +801,9 @@ static const OSSL_PARAM settable_ctx_params[] = {
     ECDSA_COMMON_SETTABLE_CTX_PARAMS
 };
 
-static const OSSL_PARAM settable_ctx_params_no_digest[] = {
-    OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),
-    OSSL_PARAM_END
-};
-
 static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx,
                                                    ossl_unused void *provctx)
 {
-    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
-
-    if (ctx != NULL && !ctx->flag_allow_md)
-        return settable_ctx_params_no_digest;
     return settable_ctx_params;
 }
 
-- 
2.47.2