RFC5753 compliance.

RFC5753 requires that we omit parameters for AES key wrap and set them
to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm
parameters so can transparently handle either form.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 4ec36aff2a3c221b640dafa56ac838312e6724f4)

diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index d2c9ae4d590ce75c09da07833e29975efbe6d8cd..7e0bab90d49aca1ddf1940db891ef2f1d9cf301c 100644 (file)
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -74,7 +74,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
     else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
         switch (EVP_CIPHER_CTX_mode(c)) {
         case EVP_CIPH_WRAP_MODE:
-            ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
+            if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap)
+                ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
             ret = 1;
             break;