diff options
| author | Juergen Christ <jchrist@linux.ibm.com> | 2023-01-17 19:16:43 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-01-19 14:08:36 +0100 |
| commit | f225fbf9521395aff86e85883db9bcb083eab154 (patch) | |
| tree | e081c43ed91f15d5ec4ab7283bc515fdd5cfb8e5 /providers | |
| parent | 235ef96049dbe337a3c3c5d419dacbb5a81df1b3 (diff) | |
| download | openssl-new-f225fbf9521395aff86e85883db9bcb083eab154.tar.gz | |
S390X: Fix Ed448ph
CPACF does not support pre-hashing. This was considered correctly for
Ed25519ph, but not for Ed448ph which lead to errors in the test_evp suite
(test vector 20 - pre-hashing without context string). Fix this by using the
non-accelerated version of Ed448 also if no context string is provided, but
pre-hashing is performed.
Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20067)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/implementations/signature/eddsa_sig.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c index e3d5c5a7c8..3321f1a9c2 100644 --- a/providers/implementations/signature/eddsa_sig.c +++ b/providers/implementations/signature/eddsa_sig.c @@ -343,10 +343,11 @@ int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret, return 0; } #ifdef S390X_EC_ASM - /* s390x_ed448_digestsign() does not yet support context-strings. - fall back to non-accelerated sign if a context-string is provided. */ + /* s390x_ed448_digestsign() does not yet support context-strings or pre-hashing. + fall back to non-accelerated sign if a context-string or pre-hasing is provided. */ if (S390X_CAN_SIGN(ED448) - && peddsactx->context_string_len == 0) { + && peddsactx->context_string_len == 0 + && peddsactx->prehash_flag == 0) { if (s390x_ed448_digestsign(edkey, sigret, tbs, tbslen) == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); return 0; @@ -424,10 +425,11 @@ int ed448_digest_verify(void *vpeddsactx, const unsigned char *sig, return 0; #ifdef S390X_EC_ASM - /* s390x_ed448_digestverify() does not yet support context-strings. - fall back to non-accelerated verify if a context-string is provided. */ + /* s390x_ed448_digestverify() does not yet support context-strings or pre-hashing. + fall back to non-accelerated verify if a context-string or pre-hasing is provided. */ if (S390X_CAN_SIGN(ED448) - && peddsactx->context_string_len == 0) { + && peddsactx->context_string_len == 0 + && peddsactx->prehash_flag == 0) { return s390x_ed448_digestverify(edkey, sig, tbs, tbslen); } #endif /* S390X_EC_ASM */ |