yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

avcp: SHA-1 for ECDSA _verification_ is still supported by NIST.

Browse Source 
Change-Id: I26a643737e99ddf75af24143829df4551040f7db
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47144
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
Adam Langley 2021-04-22 10:00:22 -07:00 committed by CQ bot account: commit-bot@chromium.org
parent 2e54edf323
commit c5dc2781b1
3 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
util/fipstools/acvp/acvptool/test/expected/ECDSA.bz2
View File

Binary file not shown.

BIN
util/fipstools/acvp/acvptool/test/vectors/ECDSA.bz2
View File

Binary file not shown.

5
util/fipstools/acvp/modulewrapper/modulewrapper.cc
View File

@ -502,6 +502,7 @@ static bool GetConfig(const Span<const uint8_t> args[], ReplyCallback write_repl
"P-521"
],
"hashAlg": [
"SHA-1",
"SHA2-224",
"SHA2-256",
"SHA2-384",
@ -1481,7 +1482,9 @@ static bool ECDSAKeyVer(const Span<const uint8_t> args[], ReplyCallback write_re
}
static const EVP_MD *HashFromName(Span<const uint8_t> name) {
if (StringEq(name, "SHA2-224")) {
if (StringEq(name, "SHA-1")) {
return EVP_sha1();
} else if (StringEq(name, "SHA2-224")) {
return EVP_sha224();
} else if (StringEq(name, "SHA2-256")) {
return EVP_sha256();