RFC5753 compliance.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 12 Oct 2015 20:14:04 +0000 (21:14 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 13 Oct 2015 21:57:47 +0000 (22:57 +0100)
RFC5753 requires that we omit parameters for AES key wrap and set them
to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm
parameters so can transparently handle either form.

Reviewed-by: Andy Polyakov <appro@openssl.org>
crypto/evp/evp_lib.c

index 5ee3dcb7008e540b4903763fbc04947cc2f29294..319eede5acc6d2466e368b1c96878322cbb6275d 100644 (file)
@@ -70,7 +70,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
     else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
         switch (EVP_CIPHER_CTX_mode(c)) {
         case EVP_CIPH_WRAP_MODE:
-            ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
+            if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap)
+                ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
             ret = 1;
             break;