diff options
| author | Tom Yu <tlyu@mit.edu> | 2016-10-04 18:14:51 -0400 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2016-10-24 15:38:13 -0400 |
| commit | a644a1f0ea587d8af25ab72966d24e9ddd55ce05 (patch) | |
| tree | 0b646ea6e1a0f51acc7a9194415aa6f02a6feec9 | |
| parent | 10d20626a327213f05578d7dffb4d02ddfce5b0f (diff) | |
| download | krb5-a644a1f0ea587d8af25ab72966d24e9ddd55ce05.zip krb5-a644a1f0ea587d8af25ab72966d24e9ddd55ce05.tar.gz krb5-a644a1f0ea587d8af25ab72966d24e9ddd55ce05.tar.bz2 | |
Set alg param correctly for PKCS1
When using a smart card and constructing a DigestInfo to pass to the
CKM_RSA_PKCS mechanism, make sure to set the AlgorithmIdentifier
parameters correctly. This is typically an ASN.1 NULL value.
Reported to Ubuntu in Launchpad #1629370.
(cherry picked from commit fded9063c23daa3dbd9ffaf32f8145844293f472)
ticket: 8506
version_fixed: 1.14.5
| -rw-r--r-- | src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index d5e2769..10e412f 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -1239,8 +1239,7 @@ cms_signeddata_create(krb5_context context, alg = X509_ALGOR_new(); if (alg == NULL) goto cleanup2; - alg->algorithm = OBJ_nid2obj(NID_sha1); - alg->parameter = NULL; + X509_ALGOR_set0(alg, OBJ_nid2obj(NID_sha1), V_ASN1_NULL, NULL); alg_len = i2d_X509_ALGOR(alg, NULL); alg_buf = malloc(alg_len); if (alg_buf == NULL) |