diff options
| author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2020-05-09 12:41:41 -0700 |
|---|---|---|
| committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2020-05-09 12:41:41 -0700 |
| commit | afec8169d57f735ddd2cd5edf93808d952ef7929 (patch) | |
| tree | bcbf69f21f1465160ac3c287dc14ee4164a4e292 | |
| parent | 695b434d705de49f11d02a250b64a4b0450f3ac9 (diff) | |
| download | openssl_tpm2_engine-afec8169d57f735ddd2cd5edf93808d952ef7929.tar.gz | |
tpm2-common.c: make openssl handle explicitly parametrised curves correcly
Over the years openssl seems to have changed its handling of elliptic
curves to automatically assume the curve is named unless told
otherwise. When the engine produces an explicit parametrisation, it
now has to reset the asn1_flag of the key to remove the named curve
setting otherwise the public key ends up being empty.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
| -rw-r--r-- | tpm2-common.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tpm2-common.c b/tpm2-common.c index 291d0ba..9a57c53 100644 --- a/tpm2-common.c +++ b/tpm2-common.c @@ -726,6 +726,7 @@ int tpm2_get_ecc_group(EC_KEY *eck, TPMI_ECC_CURVE curveID) if (!g) goto err; + EC_GROUP_set_asn1_flag(g, 0); P = EC_POINT_new(g); if (!P) goto err; |