提交 0bcb17a7 编写于 作者: D Dr. Stephen Henson

Return an error if no recipient type matches.

If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
上级 a9351320
......@@ -697,7 +697,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
STACK_OF(CMS_RecipientInfo) *ris;
CMS_RecipientInfo *ri;
int i, r, ri_type;
int debug = 0;
int debug = 0, match_ri = 0;
ris = CMS_get0_RecipientInfos(cms);
if (ris)
debug = cms->d.envelopedData->encryptedContentInfo->debug;
......@@ -714,6 +714,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
ri = sk_CMS_RecipientInfo_value(ris, i);
if (CMS_RecipientInfo_type(ri) != ri_type)
continue;
match_ri = 1;
if (ri_type == CMS_RECIPINFO_AGREE)
{
r = cms_kari_set1_pkey(cms, ri, pk, cert);
......@@ -757,7 +758,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
}
}
/* If no cert and not debugging always return success */
if (!cert && !debug)
if (match_ri && !cert && !debug)
{
ERR_clear_error();
return 1;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册