RFC5753 compliance.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 12 Oct 2015 20:14:04 +0000 (21:14 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 13 Oct 2015 21:57:47 +0000 (22:57 +0100)
RFC5753 requires that we omit parameters for AES key wrap and set them
to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm
parameters so can transparently handle either form.

Reviewed-by: Andy Polyakov <appro@openssl.org>
crypto/evp/evp_lib.c

index 5ee3dcb..319eede 100644 (file)
@@ -70,7 +70,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
     else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
         switch (EVP_CIPHER_CTX_mode(c)) {
         case EVP_CIPH_WRAP_MODE:
     else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
         switch (EVP_CIPHER_CTX_mode(c)) {
         case EVP_CIPH_WRAP_MODE:
-            ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
+            if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap)
+                ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
             ret = 1;
             break;
 
             ret = 1;
             break;