projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 397051a) | patch
Allow provider sigalgs in SignatureAlgorithms conf
authorAlex Bozarth <ajbozart@us.ibm.com>
Mon, 20 Nov 2023 21:20:31 +0000 (15:20 -0600)
committerDmitry Belyavskiy <beldmit@gmail.com>
Fri, 29 Mar 2024 20:54:38 +0000 (21:54 +0100)
commit4169d58c855718d90424fd5da632cf2f2b46e691
tree3fded719cba8248b5f3011e9c65a9762cf6da649tree | snapshot
parent397051a40db2d68433b842e7505e8cf3c9effb36commit | diff
Allow provider sigalgs in SignatureAlgorithms conf

Though support for provider-based signature algorithms was added in
ee58915 this functionality did not work with the SignatureAlgorithms
configuration command. If SignatureAlgorithms is set then the provider
sigalgs are not used and instead it used the default value.

This PR adds a check against the provider-base sigalg list when parsing
the SignatureAlgorithms value.

Based-on-patch-by: Martin Schmatz <mrt@zurich.ibm.com>
Fixes #22761

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22779)
ssl/s3_lib.c diff | blob | history
ssl/ssl_lib.c diff | blob | history
ssl/ssl_local.h diff | blob | history
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.