Check that the public key OID matches the sig alg (11d2641f) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Commit 11d2641f authored Jul 17, 2018 by

Matt Caswell

Check that the public key OID matches the sig alg



Using the rsa_pss_rsae_sha256 sig alg should imply that the key OID is
rsaEncryption. Similarly rsa_pss_pss_sha256 implies the key OID is
rsassaPss. However we did not check this and incorrectly tolerated a key
OID that did not match the sig alg sent by the peer.

Fixes #6611

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6732)

parent 1a50eedf

Hide whitespace changes

Inline Side-by-side

Please register or to comment