From: Richard Levitte Date: Wed, 24 Mar 2021 18:51:01 +0000 (+0100) Subject: RSA-PSS: When printing parameters, always print the trailerfield ASN.1 value X-Git-Tag: openssl-3.0.0-alpha14~118 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=814581bb7a1360ee054ad3500cd0907fbfeef915;p=thirdparty%2Fopenssl.git RSA-PSS: When printing parameters, always print the trailerfield ASN.1 value The legacy implementation would print the ASN.1 value of the trailerfield, except when it wasn't set (i.e. is default). For better consistency, we now always print the ASN.1 value, both in the legacy and the provided implementation. Fixes #14363 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/14676) --- diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 067b7db12dd..7a747a33efa 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -280,7 +280,7 @@ static int rsa_pss_param_print(BIO *bp, int pss_key, RSA_PSS_PARAMS *pss, if (pss->trailerField) { if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0) goto err; - } else if (BIO_puts(bp, "BC (default)") <= 0) { + } else if (BIO_puts(bp, "01 (default)") <= 0) { goto err; } BIO_puts(bp, "\n"); diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index f913a9bb149..9bdbe526569 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -764,13 +764,6 @@ static int rsa_to_text(BIO *out, const void *key, int selection) saltlen, (saltlen == 20 ? " (default)" : "")) <= 0) goto err; - /* - * TODO(3.0) Should we show the ASN.1 trailerField value, or - * the actual trailerfield byte (i.e. 0xBC for 1)? - * crypto/rsa/rsa_ameth.c isn't very clear on that, as it - * does display 0xBC when the default applies, but the ASN.1 - * trailerField value otherwise... - */ if (BIO_printf(out, " Trailer Field: 0x%x%s\n", trailerfield, (trailerfield == 1 ? " (default)" : "")) <= 0)