krb5 commit [krb5-1.14]: Set alg param correctly for PKCS1
Tom Yu
tlyu at mit.edu
Mon Oct 24 15:57:54 EDT 2016
https://github.com/krb5/krb5/commit/a644a1f0ea587d8af25ab72966d24e9ddd55ce05
commit a644a1f0ea587d8af25ab72966d24e9ddd55ce05
Author: Tom Yu <tlyu at mit.edu>
Date: Tue Oct 4 18:14:51 2016 -0400
Set alg param correctly for PKCS1
When using a smart card and constructing a DigestInfo to pass to the
CKM_RSA_PKCS mechanism, make sure to set the AlgorithmIdentifier
parameters correctly. This is typically an ASN.1 NULL value.
Reported to Ubuntu in Launchpad #1629370.
(cherry picked from commit fded9063c23daa3dbd9ffaf32f8145844293f472)
ticket: 8506
version_fixed: 1.14.5
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index d5e2769..10e412f 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -1239,8 +1239,7 @@ cms_signeddata_create(krb5_context context,
alg = X509_ALGOR_new();
if (alg == NULL)
goto cleanup2;
- alg->algorithm = OBJ_nid2obj(NID_sha1);
- alg->parameter = NULL;
+ X509_ALGOR_set0(alg, OBJ_nid2obj(NID_sha1), V_ASN1_NULL, NULL);
alg_len = i2d_X509_ALGOR(alg, NULL);
alg_buf = malloc(alg_len);
if (alg_buf == NULL)
More information about the cvs-krb5
mailing list