Set alg param correctly for PKCS1

When using a smart card and constructing a DigestInfo to pass to the
CKM_RSA_PKCS mechanism, make sure to set the AlgorithmIdentifier
parameters correctly.  This is typically an ASN.1 NULL value.

Reported to Ubuntu in Launchpad #1629370.

(cherry picked from commit fded9063c23daa3dbd9ffaf32f8145844293f472)

ticket: 8506
version_fixed: 1.14.5

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index d5e27698ec179ed6c05e34f014fae2d97bddd121..10e412fd80c43fe4f5d76a6093b91b562b664a21 100644 (file)
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -1239,8 +1239,7 @@ cms_signeddata_create(krb5_context context,
             alg = X509_ALGOR_new();
             if (alg == NULL)
                 goto cleanup2;
-            alg->algorithm = OBJ_nid2obj(NID_sha1);
-            alg->parameter = NULL;
+            X509_ALGOR_set0(alg, OBJ_nid2obj(NID_sha1), V_ASN1_NULL, NULL);
             alg_len = i2d_X509_ALGOR(alg, NULL);
             alg_buf = malloc(alg_len);
             if (alg_buf == NULL)