add support for ecdsa-with-sha256 etc.

[openssl.git] / crypto / ec / ec_pmeth.c

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index caaeebdb6d0fed0bcee7841585b562a23a0dd8e0..3f137b892ad5ff436c54e78954818ea2ee383aac 100644 (file)
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -120,7 +120,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                                        const unsigned char *tbs, size_t tbslen)
        {
        int ret, type;
-       size_t sltmp;
+       unsigned int sltmp;
        EC_PKEY_CTX *dctx = ctx->data;
        EC_KEY *ec = ctx->pkey->pkey.ec;
 
@@ -145,7 +145,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 
        if (ret < 0)
                return ret;
-       *siglen = sltmp;
+       *siglen = (size_t)sltmp;
        return 1;
        }
 
@@ -220,7 +220,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                return 1;
 
                case EVP_PKEY_CTRL_MD:
-               if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1)
+               if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
                        {
                        ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
                        return 0;
@@ -230,6 +234,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
                case EVP_PKEY_CTRL_PEER_KEY:
                /* Default behaviour is OK */
+               case EVP_PKEY_CTRL_PKCS7_SIGN:
                return 1;
 
                default: