mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
ffed597882
If you decrypt a random input using RSAES-PKCS-v1_5, then there is a non-negligible chance that the result will look like a valid plaintext (that is why RSAES-PKCS-v1_5 shouldn't be used anymore). This was the cause of an intermittent failure in a test that did a cms-encrypt operation targetting multiple recipients. The failure happened during key-only decrypt. The recipient decrypts every RSA ciphertext -- only one is supposed to decrypt successfully, which would reveal the right content-key. Occassionally, more than one decrypted successfully. Update the test by specifying the recipient cert in the decrypt op (this avoids looping over all RSA ciphertexts). Add a new test to get coverage for key-only decrypt, but use RSA-OAEP during the encrypt op. Fixes https://github.com/openssl/project/issues/380 Testing: $ make TESTS='test_cms' test Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23055) |
||
---|---|---|
.. | ||
badrsa.pem | ||
ca.cnf | ||
csrsa1.pem | ||
mksmime-certs.sh | ||
smdh.pem | ||
smdsa1.pem | ||
smdsa2.pem | ||
smdsa3.pem | ||
smdsap.pem | ||
smec1.pem | ||
smec2.pem | ||
smec3.pem | ||
smroot.pem | ||
smrsa1.pem | ||
smrsa2.pem | ||
smrsa3-cert.pem | ||
smrsa3-key.pem | ||
smrsa3.pem | ||
smrsa1024.pem |