[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Tue Jul 6 00:08:31 UTC 2021
The branch master has been updated
via 643ce3108f88751c44348335bed91e475d50677d (commit)
from 0a02c81f8173e0c5d554bd16daa68b7594f4cbd8 (commit)
- Log -----------------------------------------------------------------
commit 643ce3108f88751c44348335bed91e475d50677d
Author: Tomas Mraz <tomas at openssl.org>
Date: Fri Jul 2 15:29:13 2021 +0200
rsa_cms_verify: Avoid negative return with missing pss parameters
Fixes #15984
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15985)
-----------------------------------------------------------------------
Summary of changes:
crypto/cms/cms_rsa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c
index b9e895aed4..20ed816918 100644
--- a/crypto/cms/cms_rsa.c
+++ b/crypto/cms/cms_rsa.c
@@ -222,7 +222,7 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
nid = OBJ_obj2nid(alg->algorithm);
if (nid == EVP_PKEY_RSA_PSS)
- return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
+ return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL) > 0;
/* Only PSS allowed for PSS keys */
if (EVP_PKEY_is_a(pkey, "RSA-PSS")) {
ERR_raise(ERR_LIB_RSA, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
More information about the openssl-commits
mailing list