Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey

[openssl.git] / crypto / cms / cms_smime.c

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 5f1a47d768a9a65d1d11045137278781ab1c823b..ae95ff2dd22a2f9addb52fc096ce1365cec5dfae 100644 (file)
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -743,6 +743,10 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
         cms->d.envelopedData->encryptedContentInfo->debug = 1;
     else
         cms->d.envelopedData->encryptedContentInfo->debug = 0;
+    if (!cert)
+        cms->d.envelopedData->encryptedContentInfo->havenocert = 1;
+    else
+        cms->d.envelopedData->encryptedContentInfo->havenocert = 0;
     if (!pk && !cert && !dcont && !out)
         return 1;
     if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))