upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 14:00:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

explicitly set ec points properties in pre-3.0 openssl

Browse source 
Generating a P-256 key in pre-3.0 wasn't explicitly using uncompressed
named curves in DNSSEC but was when generating an epheremal TLS key.
This commit is contained in:
Aydın Mercan 2026-01-14 17:32:01 +03:00
parent 251af02fe7
commit b748651bb0
No known key found for this signature in database
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lib/isc/ossl_wrap/ossl1_1.c
View file

@ -122,6 +122,9 @@ generate_ec_key(EVP_PKEY **pkeyp, const int nid) {
CLEANUP(OSSL_WRAP_ERROR("EC_KEY_generate_key"));
}
EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE);
EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED);
pkey = EVP_PKEY_new();
if (pkey == NULL) {
CLEANUP(OSSL_WRAP_ERROR("EVP_PKEY_new"));