diff options
| author | Jakub Zelenka <jakub.openssl@gmail.com> | 2024-12-13 13:48:23 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2025-01-06 11:45:02 +0100 |
| commit | 894e69e747a93a1f166891f5f029b78c68088f50 (patch) | |
| tree | 534fd41ba52ecf17cb52fe47500e9b26f90a328d /test | |
| parent | Fix originator cert leak in cms app (diff) | |
| download | openssl-894e69e747a93a1f166891f5f029b78c68088f50.tar.xz openssl-894e69e747a93a1f166891f5f029b78c68088f50.zip | |
Fix CMS encryption with key agreement when originator set
OpenSSL currently does not support encryption with originator flag so it
should fail nicely instead of segfaulting.
Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26014)
Diffstat (limited to 'test')
| -rw-r--r-- | test/recipes/80-test_cms.t | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 182460cd12..6eca00a923 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -1268,6 +1268,22 @@ ok(!run(app(['openssl', 'cms', '-verify', ])), "issue#19643"); +# Check that kari encryption with originator does not segfault +with({ exit_checker => sub { return shift == 3; } }, + sub { + SKIP: { + skip "EC is not supported in this build", 1 if $no_ec; + + ok(run(app(['openssl', 'cms', '-encrypt', + '-in', srctop_file("test", "smcont.txt"), '-aes128', + '-recip', catfile($smdir, "smec1.pem"), + '-originator', catfile($smdir, "smec3.pem"), + '-inkey', catfile($smdir, "smec3.pem") + ])), + "Check failure for currently not supported kari encryption with static originator"); + } + }); + # Check that we get the expected failure return code with({ exit_checker => sub { return shift == 6; } }, sub { |