You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We shouldn't be able to call EVP_DigestSign twice with the same signer. Calling sign_oneshot twice fails with a panic with 'ED25519' (see test code below).
After openssl commit 3fc2b7d this should fail for all signing algorithms.
To prevent users from using sign_oneshot twice (which is always a mistake), we could change the sign_oneshot function to take ownership of signer. Since that breaks backward compatibilty we should probably consider deprecating sign_oneshot and replace it with a function that takes ownership.
More information about EVP_DigestSign is available on this openssl issue.
[package]
name = "test-openssl"version = "0.1.0"edition = "2021"# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
openssl = { version = "=0.10.64", features = ["vendored"] }
openssl-sys = "0.9.102"
Error message:
thread 'main' panicked at src/main.rs:17:49:
called `Result::unwrap()` on an `Err` value: ErrorStack([Error { code: 50331836, library: "digital envelope routines", function: "EVP_DigestSign", reason: "final error", file: "crypto/evp/m_sigver.c", line: 585 }])
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
The text was updated successfully, but these errors were encountered:
We shouldn't be able to call
EVP_DigestSign
twice with the same signer. Callingsign_oneshot
twice fails with a panic with 'ED25519' (see test code below).After openssl commit 3fc2b7d this should fail for all signing algorithms.
To prevent users from using
sign_oneshot
twice (which is always a mistake), we could change thesign_oneshot
function to take ownership of signer. Since that breaks backward compatibilty we should probably consider deprecatingsign_oneshot
and replace it with a function that takes ownership.More information about
EVP_DigestSign
is available on this openssl issue.WDYT?
Failing test case
Here is the
Cargo.toml
:Error message:
The text was updated successfully, but these errors were encountered: