[openssl/openssl] f6fdbe: OSSL_CMP_validate_msg(): make sure to reject prote...
David von Oheimb
noreply at github.com
Thu Dec 8 07:28:24 UTC 2022
Branch: refs/heads/openssl-3.0
Home: https://github.com/openssl/openssl
Commit: f6fdbe63c7c51bd7c2c37567781d166e475ab5b1
https://github.com/openssl/openssl/commit/f6fdbe63c7c51bd7c2c37567781d166e475ab5b1
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: 2022-12-08 (Thu, 08 Dec 2022)
Changed paths:
M crypto/cmp/cmp_err.c
M crypto/cmp/cmp_vfy.c
M crypto/err/openssl.txt
M doc/man3/OSSL_CMP_validate_msg.pod
M include/openssl/cmperr.h
M test/cmp_vfy_test.c
Log Message:
-----------
OSSL_CMP_validate_msg(): make sure to reject protection type mismatch
Do not accept password-based if expected signature-based and no secret is available and
do not accept signature-based if expected password-based and no trust anchors available.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb at siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19729)
(cherry picked from commit fc93335760686ad7cf3633d457caf18b0ac83ea2)
More information about the openssl-commits
mailing list