Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
author: Dr. Stephen Henson <steve@openssl.org> 2012-03-12 14:51:45 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-03-12 14:51:45 +0000
commit: 4f2fc3c2ddf6289daf9fc1d57e48a0f6ec4e772a (patch)
tree: d363d0d0d7a1648958e9cba47a0895deeee166e5 /apps
parent: 48819f4d545a16fbfd45a0eb22fb93e08a3a6096 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/apps/cms.c b/apps/cms.c
index 7407ae19ce..b8c0ee8dd5 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -226,6 +226,8 @@ int MAIN(int argc, char **argv)
 		else if (!strcmp(*args,"-camellia256"))
 				cipher = EVP_camellia_256_cbc();
 #endif
+		else if (!strcmp (*args, "-debug_decrypt")) 
+				flags |= CMS_DEBUG_DECRYPT;
 		else if (!strcmp (*args, "-text")) 
 				flags |= CMS_TEXT;
 		else if (!strcmp (*args, "-nointern")) 
@@ -1013,6 +1015,8 @@ int MAIN(int argc, char **argv)
 	ret = 4;
 	if (operation == SMIME_DECRYPT)
 		{
+		if (flags & CMS_DEBUG_DECRYPT)
+			CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
 
 		if (secret_key)
 			{
author	Dr. Stephen Henson <steve@openssl.org>	2012-03-12 14:51:45 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-03-12 14:51:45 +0000
commit	4f2fc3c2ddf6289daf9fc1d57e48a0f6ec4e772a (patch)
tree	d363d0d0d7a1648958e9cba47a0895deeee166e5 /apps
parent	48819f4d545a16fbfd45a0eb22fb93e08a3a6096 (diff)