Commit ea8d9cec4739d6b06d25f3d01a1b7666d5a090ed - openssl

Test the result of CMS_RecipientInfo_ktri_get0_algs() before using its output in rsa_cms_encrypt(). CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4966) (cherry picked from commit 178989b4a3ed714fa169cae5865c75f156ec9fdb) Brad Spencer authored 6 years ago Ben Kaduk committed 6 years ago

1 changed file(s) with 2 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all

-1

crypto/rsa/rsa_ameth.c less more

772	772	EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
773	773	int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen;
774	774	unsigned char *label;
775		CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg);
	775	if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) <= 0)
	776	return 0;
776	777	if (pkctx) {
777	778	if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
778	779	return 0;