diff options
author | Hubert Kario <hkario@redhat.com> | 2022-10-27 19:16:58 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-12-12 11:30:52 +0100 |
commit | 5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a (patch) | |
tree | 8891701c8e4c4429fb9030cca393c132f938dd34 /crypto/cms | |
parent | 8ae4f0e68ebb7435be494b58676827ae91695371 (diff) |
rsa: Add option to disable implicit rejection
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13817)
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_env.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index d25504a03f..c55511011f 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -608,6 +608,13 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, if (!ossl_cms_env_asn1_ctrl(ri, 1)) goto err; + if (EVP_PKEY_is_a(pkey, "RSA")) + /* upper layer CMS code incorrectly assumes that a successful RSA + * decryption means that the key matches ciphertext (which never + * was the case, implicit rejection or not), so to make it work + * disable implicit rejection for RSA keys */ + EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_pkcs1_implicit_rejection", "0"); + if (EVP_PKEY_decrypt(ktri->pctx, NULL, &eklen, ktri->encryptedKey->data, ktri->encryptedKey->length) <= 0) |