git.ipfire.org Git - thirdparty/openssl.git/commit

author	James Muir <james@openssl.org>
	Thu, 14 Dec 2023 19:14:37 +0000 (14:14 -0500)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 18 Dec 2023 11:21:45 +0000 (12:21 +0100)
commit	1304fff45aed53c66728ffdd819e1e44156df252
tree	b18b4eba053f41f3cdf30acd219c75147bf23cd0	tree
parent	fcf7207126ee7735c33b01ab7b0f574d2c4b21bb	commit \| diff

cms: avoid intermittent test failure

If you decrypt a random input using RSAES-PKCS-v1_5, then there is a
non-negligible chance that the result will look like a valid plaintext
(that is why RSAES-PKCS-v1_5 shouldn't be used anymore).  This was the
cause of an intermittent failure in a test that did a cms-encrypt
operation targetting multiple recipients.

The failure happened during key-only decrypt.  The recipient decrypts
every RSA ciphertext -- only one is supposed to decrypt successfully,
which would reveal the right content-key.  Occassionally, more than
one decrypted successfully.

Update the test by specifying the recipient cert in the decrypt op
(this avoids looping over all RSA ciphertexts).

Add a new test to get coverage for key-only decrypt, but use RSA-OAEP
during the encrypt op.

Fixes https://github.com/openssl/project/issues/380

Testing:

  $ make TESTS='test_cms' test

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23055)

(cherry picked from commit ffed597882baf2f07274e7eaa8f3c4fa9fa74ac1)

test/recipes/80-test_cms.t		diff \| blob \| blame \| history
test/smime-certs/smrsa3-cert.pem	[new file with mode: 0644]	blob
test/smime-certs/smrsa3-key.pem	[new file with mode: 0644]	blob