66 lines
1.8 KiB
Diff
66 lines
1.8 KiB
Diff
From: Ilie Halip <ilie.halip@nxp.com>
|
|
Date: Wed, 12 Mar 2025 20:57:10 +0200
|
|
Subject: [PATCH] Set "algorithm-id" before generating the EC key.
|
|
|
|
Upstream-Status: Pending
|
|
Signed-off-by: Ilie Halip <ilie.halip@nxp.com>
|
|
---
|
|
ssl/s3_lib.c | 30 ++++++++++++++++++++++++++++++
|
|
1 file changed, 30 insertions(+)
|
|
|
|
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
|
|
index 0e1445b38fb7..62f7409cb2aa 100644
|
|
--- a/ssl/s3_lib.c
|
|
+++ b/ssl/s3_lib.c
|
|
@@ -5274,6 +5274,30 @@ err:
|
|
return ret;
|
|
}
|
|
|
|
+void ssl_generate_set_pkey_alg(SSL_CONNECTION *s, EVP_PKEY_CTX *pctx)
|
|
+{
|
|
+ const char *alg = NULL;
|
|
+ OSSL_PARAM algparams[2] = { 0 };
|
|
+
|
|
+ switch (s->version) {
|
|
+ case TLS1_2_VERSION:
|
|
+ alg = "tls1.2";
|
|
+ break;
|
|
+ case TLS1_3_VERSION:
|
|
+ alg = "tls1.3";
|
|
+ break;
|
|
+ }
|
|
+
|
|
+ if (alg) {
|
|
+ algparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_ALGORITHM_ID,
|
|
+ (char *)alg, 0);
|
|
+ algparams[1] = OSSL_PARAM_construct_end();
|
|
+
|
|
+ /* intentionally ignore the result */
|
|
+ EVP_PKEY_CTX_set_params(pctx, algparams);
|
|
+ }
|
|
+}
|
|
+
|
|
/* Generate a private key from parameters */
|
|
EVP_PKEY *ssl_generate_pkey(SSL_CONNECTION *s, EVP_PKEY *pm)
|
|
{
|
|
@@ -5288,6 +5312,9 @@ EVP_PKEY *ssl_generate_pkey(SSL_CONNECTION *s, EVP_PKEY *pm)
|
|
goto err;
|
|
if (EVP_PKEY_keygen_init(pctx) <= 0)
|
|
goto err;
|
|
+
|
|
+ ssl_generate_set_pkey_alg(s, pctx);
|
|
+
|
|
if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
|
|
EVP_PKEY_free(pkey);
|
|
pkey = NULL;
|
|
@@ -5326,6 +5353,9 @@ EVP_PKEY *ssl_generate_pkey_group(SSL_CONNECTION *s, uint16_t id)
|
|
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
goto err;
|
|
}
|
|
+
|
|
+ ssl_generate_set_pkey_alg(s, pctx);
|
|
+
|
|
if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
|
|
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
|
EVP_PKEY_free(pkey);
|