mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

rsa_cms_verify: Avoid negative return with missing pss parameters

Browse Source 
Fixes #15984

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15985)
This commit is contained in:
Tomas Mraz 2021-07-02 15:29:13 +02:00 committed by Pauli
parent 0a02c81f81
commit 643ce3108f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/cms/cms_rsa.c
View File

@ -222,7 +222,7 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
nid = OBJ_obj2nid(alg->algorithm);
if (nid == EVP_PKEY_RSA_PSS)
return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL) > 0;
/* Only PSS allowed for PSS keys */
if (EVP_PKEY_is_a(pkey, "RSA-PSS")) {
ERR_raise(ERR_LIB_RSA, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);