Workaround for some CMS signature formats.

author Dr. Stephen Henson <steve@openssl.org>

Wed, 19 Mar 2014 17:28:01 +0000 (17:28 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 19 Mar 2014 17:29:55 +0000 (17:29 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 19 Mar 2014 17:28:01 +0000 (17:28 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 19 Mar 2014 17:29:55 +0000 (17:29 +0000)
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c

index db926b0e4260a8f67959c4502c37dd7002bf11ae..929193b4fa518ae5268d413dffbb25a183fa4c91 100644 (file)
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -700,7 +700,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
  
  static int rsa_cms_verify(CMS_SignerInfo *si)
         {
-       int nid;
+       int nid, nid2;
         X509_ALGOR *alg;
         EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
         CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
@@ -709,6 +709,12 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
                 return 1;
         if (nid == NID_rsassaPss)
                 return rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
+       /* Workaround for some implementation that use a signature OID */
+       if (OBJ_find_sigid_algs(nid, NULL, &nid2))
+               {
+               if (nid2 == NID_rsaEncryption)
+                       return 1;
+               }
         return 0;
         }
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 19 Mar 2014 17:28:01 +0000 (17:28 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 19 Mar 2014 17:29:55 +0000 (17:29 +0000)