From: Hubert Kario Date: Tue, 22 Nov 2022 17:25:49 +0000 (+0100) Subject: smime/pkcs7: disable the Bleichenbacher workaround X-Git-Tag: openssl-3.2.0-alpha1~1597 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=056dade341d2589975a3aae71f81c8d7061583c7;p=thirdparty%2Fopenssl.git smime/pkcs7: disable the Bleichenbacher workaround Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tim Hudson Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13817) --- diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 31b368bda3b..8a46ab471df 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -163,6 +163,13 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (EVP_PKEY_decrypt_init(pctx) <= 0) goto err; + if (EVP_PKEY_is_a(pkey, "RSA")) + /* upper layer pkcs7 code incorrectly assumes that a successful RSA + * decryption means that the key matches ciphertext (which never + * was the case, implicit rejection or not), so to make it work + * disable implicit rejection for RSA keys */ + EVP_PKEY_CTX_ctrl_str(pctx, "rsa_pkcs1_implicit_rejection", "0"); + if (EVP_PKEY_decrypt(pctx, NULL, &eklen, ri->enc_key->data, ri->enc_key->length) <= 0) goto err;