[openssl/openssl] 7e3f84: Fix memleak in rsa_cms_decrypt

Shane noreply at github.com
Fri Dec 29 09:44:01 UTC 2023 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 7e3f84b41984442dae698bf4d7e593d2eed1c3c4
      https://github.com/openssl/openssl/commit/7e3f84b41984442dae698bf4d7e593d2eed1c3c4
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-12-29 (Fri, 29 Dec 2023)

  Changed paths:
    M crypto/cms/cms_rsa.c

  Log Message:
  -----------
  Fix memleak in rsa_cms_decrypt

If a call to EVP_PKEY_CTX_set_rsa_mgf1_md() fails then the caller
needs to free the label.

Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20319)

(cherry picked from commit d32dd65053431ee744d213b336b9a03a035807e6)


  Commit: 2e078bbef8677a08fe0a02bc506043314732538a
      https://github.com/openssl/openssl/commit/2e078bbef8677a08fe0a02bc506043314732538a
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-12-29 (Fri, 29 Dec 2023)

  Changed paths:
    M crypto/rsa/rsa_lib.c

  Log Message:
  -----------
  Limit RSA-OAEP related functions to RSA keys only

Make EVP_PKEY_CTX_set_rsa_oaep_md() and
EVP_PKEY_CTX_get_rsa_oaep_md_name() only work for RSA keys.

Since these calls use "digest" as a OSSL_PARAM, they should not
work for other key types.

Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20319)

(cherry picked from commit 0c3eb31b55d3c1544e4e044c2e3c939655bac93d)


  Commit: 8bc9bfab914afb680acae0c58034d25155b3e3f7
      https://github.com/openssl/openssl/commit/8bc9bfab914afb680acae0c58034d25155b3e3f7
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-12-29 (Fri, 29 Dec 2023)

  Changed paths:
    M providers/implementations/asymciphers/rsa_enc.c

  Log Message:
  -----------
  Add missing settable entry OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS for RSA asym

Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20319)

(cherry picked from commit 26183614ed1dc03f509f26839b8a465684ca0f84)


Compare: https://github.com/openssl/openssl/compare/aa50768bf6d0...8bc9bfab914a

More information about the openssl-commits mailing list