leviathan
/
openssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

dh_cms_set_shared_info: Use explicit fetch to be able to provide libctx 

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13869)
master
Tomas Mraz 1 year ago
committed by Tomas Mraz
parent
6c4ecc655a
commit
616581aaac
2 changed files with 11 additions and 3 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +10
    -2
      crypto/cms/cms_dh.c
  2. +1
    -1
      test/recipes/80-test_cms.t

+ 10
- 2
crypto/cms/cms_dh.c View File

@ -13,6 +13,7 @@
#include <openssl/err.h>
#include <openssl/core_names.h>
#include "cms_local.h"
#include "crypto/evp.h"
static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
@ -80,8 +81,9 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
unsigned char *dukm = NULL;
size_t dukmlen = 0;
int keylen, plen;
const EVP_CIPHER *kekcipher;
EVP_CIPHER *kekcipher = NULL;
EVP_CIPHER_CTX *kekctx;
const char *name;
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
goto err;
@ -110,7 +112,12 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
if (kekctx == NULL)
goto err;
kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
if (name == NULL)
goto err;
kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery);
if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
goto err;
if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
@ -141,6 +148,7 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
rv = 1;
err:
X509_ALGOR_free(kekalg);
EVP_CIPHER_free(kekcipher);
OPENSSL_free(dukm);
return rv;
}


+ 1
- 1
test/recipes/80-test_cms.t View File

@ -616,7 +616,7 @@ my @smime_cms_param_tests = (
[ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
"-stream", "-out", "{output}.cms",
"-recip", catfile($smdir, "smdh.pem"), "-aes128" ],
[ "{cmd2}", "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
[ "{cmd2}", @prov, "-decrypt", "-recip", catfile($smdir, "smdh.pem"),
"-in", "{output}.cms", "-out", "{output}.txt" ],
\&final_compare
]


Write Preview
Loading…
Cancel
Save