[openssl/openssl] ddeb0d: cms encrypt, better OBJ_nid2obj() return check
James Muir
noreply at github.com
Wed Oct 18 14:53:18 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: ddeb0d37dd28ffba1b94f5033c34e6581ab0f821
https://github.com/openssl/openssl/commit/ddeb0d37dd28ffba1b94f5033c34e6581ab0f821
Author: James Muir <james at openssl.org>
Date: 2023-10-18 (Wed, 18 Oct 2023)
Changed paths:
M crypto/cms/cms_enc.c
M test/recipes/80-test_cms.t
Log Message:
-----------
cms encrypt, better OBJ_nid2obj() return check
Fixes #22225
In OBJ_nid2obj(), if the NID does not have an OID, then a pointer to
the special "undefined" ASN1_OBJECT is returned. Check for the
undefined-ASN1_OBJECT and return an error. Also, add a test for this
in 80-test_cms.t.
Testing:
#!/bin/bash -x
shopt -s expand_aliases
alias openssl="LD_LIBRARY_PATH=~/git/openssl ~/git/openssl/apps/openssl"
echo "This is a confidential message. It should be encrypted." > msg.txt
## this should fail b/c there is no OID for aes-256-ctr
openssl cms -encrypt -in msg.txt -aes-256-ctr -out msg.txt.cms -recip demos/cms/signer.pem
echo $?
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22392)
(cherry picked from commit bd160912dcc5e39bcdc925d9aa6538f20e37ad16)
More information about the openssl-commits
mailing list