openssl/test/smime-certs
James Muir ffed597882 cms: avoid intermittent test failure
If you decrypt a random input using RSAES-PKCS-v1_5, then there is a
non-negligible chance that the result will look like a valid plaintext
(that is why RSAES-PKCS-v1_5 shouldn't be used anymore).  This was the
cause of an intermittent failure in a test that did a cms-encrypt
operation targetting multiple recipients.

The failure happened during key-only decrypt.  The recipient decrypts
every RSA ciphertext -- only one is supposed to decrypt successfully,
which would reveal the right content-key.  Occassionally, more than
one decrypted successfully.

Update the test by specifying the recipient cert in the decrypt op
(this avoids looping over all RSA ciphertexts).

Add a new test to get coverage for key-only decrypt, but use RSA-OAEP
during the encrypt op.

Fixes https://github.com/openssl/project/issues/380

Testing:

  $ make TESTS='test_cms' test

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23055)
2023-12-18 12:18:24 +01:00
..
badrsa.pem Check CMS failure during BIO setup with -stream is handled correctly 2023-02-07 17:05:10 +01:00
ca.cnf test/smime-certs/{mksmime-certs.sh,ca.cnf}: simplify and speed up cert generation 2023-03-14 17:26:49 +01:00
csrsa1.pem
mksmime-certs.sh cms: avoid intermittent test failure 2023-12-18 12:18:24 +01:00
smdh.pem
smdsa1.pem
smdsa2.pem
smdsa3.pem
smdsap.pem
smec1.pem
smec2.pem
smec3.pem
smroot.pem
smrsa1.pem
smrsa2.pem
smrsa3-cert.pem cms: avoid intermittent test failure 2023-12-18 12:18:24 +01:00
smrsa3-key.pem cms: avoid intermittent test failure 2023-12-18 12:18:24 +01:00
smrsa3.pem
smrsa1024.pem signature: Clamp PSS salt len to MD len 2022-12-08 11:02:52 +01:00