PROV: Fix encoding of MDWithRSAEncryption signature AlgorithmID

All {MD}WithRSAEncryption signature AlgorithmID have the parameters being NULL, according to PKCS#1. We didn't. Now corrected. This bug was the topic of this thread on openssl-users@openssl.org: https://mta.openssl.org/pipermail/openssl-users/2021-January/013416.html Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14030)
author: Richard Levitte <levitte@openssl.org> 2021-01-31 23:15:08 +0100
committer: Richard Levitte <levitte@openssl.org> 2021-02-05 16:53:30 +0100
commit: 2bb05a9668323ac2719f84cf8e9ccffc2bc99916 (patch)
tree: ddaa3cb52b0d25ae644c558484922ce5b0c8b857 /providers/common
parent: 5682e77dff5123f0e9259c258bb58bc6d2e358ef (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/providers/common/der/der_rsa_sig.c b/providers/common/der/der_rsa_sig.c
index 94ed60b69f..7fb69f87b0 100644
--- a/providers/common/der/der_rsa_sig.c
+++ b/providers/common/der/der_rsa_sig.c
@@ -58,7 +58,9 @@ int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag,
     }
 
     return ossl_DER_w_begin_sequence(pkt, tag)
-        /* No parameters (yet?) */
+        /* PARAMETERS, always NULL according to current standards */
+        && ossl_DER_w_null(pkt, -1)
+        /* OID */
         && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz)
         && ossl_DER_w_end_sequence(pkt, tag);
 }
author	Richard Levitte <levitte@openssl.org>	2021-01-31 23:15:08 +0100
committer	Richard Levitte <levitte@openssl.org>	2021-02-05 16:53:30 +0100
commit	2bb05a9668323ac2719f84cf8e9ccffc2bc99916 (patch)
tree	ddaa3cb52b0d25ae644c558484922ce5b0c8b857 /providers/common
parent	5682e77dff5123f0e9259c258bb58bc6d2e358ef (diff)