Still Failing: openssl/openssl#28118 (master - 5840ed0)
builds at travis-ci.org
Tue Sep 10 11:08:31 UTC 2019
Build Update for openssl/openssl
Status: Still Failing
Duration: 19 mins and 37 secs
Commit: 5840ed0 (master)
Author: Bernd Edlinger
Message: Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
An attack is simple, if the first CMS_recipientInfo is valid but the
second CMS_recipientInfo is chosen ciphertext. If the second
recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
encryption key will be replaced by garbage, and the message cannot be
decoded, but if the RSA decryption fails, the correct encryption key is
used and the recipient will not notice the attack.
As a work around for this potential attack the length of the decrypted
key must be equal to the cipher default key length, in case the
certifiate is not given and all recipientInfo are tried out.
The old behaviour can be re-enabled in the CMS code by setting the
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9777)
View the changeset: https://github.com/openssl/openssl/compare/fa3eb248e29c...5840ed0cd1e6
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/583107819?utm_medium=notification&utm_source=email
You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-commits