diff options
author | Richard Levitte <levitte@openssl.org> | 2021-01-31 23:15:08 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-02-05 16:53:30 +0100 |
commit | 2bb05a9668323ac2719f84cf8e9ccffc2bc99916 (patch) | |
tree | ddaa3cb52b0d25ae644c558484922ce5b0c8b857 /providers | |
parent | 5682e77dff5123f0e9259c258bb58bc6d2e358ef (diff) |
PROV: Fix encoding of MDWithRSAEncryption signature AlgorithmID
All {MD}WithRSAEncryption signature AlgorithmID have the parameters
being NULL, according to PKCS#1. We didn't. Now corrected.
This bug was the topic of this thread on openssl-users@openssl.org:
https://mta.openssl.org/pipermail/openssl-users/2021-January/013416.html
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14030)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/common/der/der_rsa_sig.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/providers/common/der/der_rsa_sig.c b/providers/common/der/der_rsa_sig.c index 94ed60b69f..7fb69f87b0 100644 --- a/providers/common/der/der_rsa_sig.c +++ b/providers/common/der/der_rsa_sig.c @@ -58,7 +58,9 @@ int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, } return ossl_DER_w_begin_sequence(pkt, tag) - /* No parameters (yet?) */ + /* PARAMETERS, always NULL according to current standards */ + && ossl_DER_w_null(pkt, -1) + /* OID */ && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) && ossl_DER_w_end_sequence(pkt, tag); } |