From 4ec36aff2a3c221b640dafa56ac838312e6724f4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 12 Oct 2015 21:14:04 +0100 Subject: [PATCH] RFC5753 compliance. RFC5753 requires that we omit parameters for AES key wrap and set them to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm parameters so can transparently handle either form. Reviewed-by: Andy Polyakov --- crypto/evp/evp_lib.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index 5ee3dcb700..319eede5ac 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -70,7 +70,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) { switch (EVP_CIPHER_CTX_mode(c)) { case EVP_CIPH_WRAP_MODE: - ASN1_TYPE_set(type, V_ASN1_NULL, NULL); + if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap) + ASN1_TYPE_set(type, V_ASN1_NULL, NULL); ret = 1; break; -- 2.40.0