diff options
author | Richard Levitte <levitte@openssl.org> | 2020-04-08 15:41:05 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-04-10 22:15:25 +0200 |
commit | aec8de1a5f0b3f6e6279266b45836d6c9f6878df (patch) | |
tree | 2cfe0510c4b3ae191bc30a70b22a23a37df209da /include | |
parent | 1ae56f2f43d36618e54cbb8dd47a7107b74505b6 (diff) |
CMS KARI: Temporarly downgrade newly generated EVP_PKEYs to legacy
The EVP_PKEY_ASN1_METHOD code used by CMS_RecipientInfo_kari_decrypt()
and cms_RecipientInfo_kari_encrypt() is quite complex and needs more
careful thought to work with provider side keys. Unfortunately, we
need to get key generation in place, among others for ECC keys, so we
add a temporary hack, similar to what's already done in TLS code, that
downgrades a provider side EVP_PKEY to become EVP_PKEY_ASN1_METHOD /
EVP_PKEY_METHOD based.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11501)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/cmserr.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h index 494ae6191a..d4d8134171 100644 --- a/include/openssl/cmserr.h +++ b/include/openssl/cmserr.h @@ -87,6 +87,7 @@ int ERR_load_CMS_strings(void); # define CMS_F_CMS_RECEIPT_VERIFY 0 # define CMS_F_CMS_RECIPIENTINFO_DECRYPT 0 # define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 0 +# define CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT 0 # define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 0 # define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 0 # define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 0 |