RFC5753 compliance.

RFC5753 requires that we omit parameters for AES key wrap and set them to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm parameters so can transparently handle either form. Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-10-12 21:14:04 +01:00 · 2015-10-12 21:14:04 +01:00 · 4ec36aff2a
commit 4ec36aff2a
parent 6220acf887
1 changed files with 2 additions and 1 deletions
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@ -70,7 +70,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
    else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
        switch (EVP_CIPHER_CTX_mode(c)) {
        case EVP_CIPH_WRAP_MODE:
-            ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
+            if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap)
+                ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
            ret = 1;
            break;