New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
set MGF1 digest correctly #19342
set MGF1 digest correctly #19342
Conversation
Instead of having the code to reproduce the issue in the git commit message, would you like to add it as a testcase somewhere - for example to evp_extra_test.c? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving, although having a testcase would be nice. Also the commit message should be amended as it is not necessary to have the reproducer there. And there should be Fixes #19290
on a separate line in the commit message instead of having the reference in the commit message title.
Thanks, Tomas. I will add a test-case and update the commit message. |
@t8m : I've made the updates. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few minor adjustments needed for the testcase.
Fixes openssl#19290 update rsa_set_ctx_params() so that the digest function used in the MGF1 construction is set correctly. Add a test for this to evp_extra_test.c based on the code scaro-axway provided in openssl#19290.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are a few other places that use the 'str = ', like this, but they seem to do the right thing..
This pull request is ready to merge |
Fixes #19290 update rsa_set_ctx_params() so that the digest function used in the MGF1 construction is set correctly. Add a test for this to evp_extra_test.c based on the code scaro-axway provided in #19290. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #19342)
Merged to master and 3.0 branches. Thank you for your contribution. |
Fixes #19290 update rsa_set_ctx_params() so that the digest function used in the MGF1 construction is set correctly. Add a test for this to evp_extra_test.c based on the code scaro-axway provided in #19290. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #19342) (cherry picked from commit e5a7536)
Fixes openssl#19290 update rsa_set_ctx_params() so that the digest function used in the MGF1 construction is set correctly. Add a test for this to evp_extra_test.c based on the code scaro-axway provided in openssl#19290. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#19342)
update rsa_set_ctx_params() so that the digest function used in the MGF1 construction is set correctly.
Fixes #19290
Testing:
scaro-axway gave code to reproduce the defect in the github issue. The code is supposed to set the rsa-oaep hash function to SHA2-256 and mgf1 hash function to SHA1. Here is the code:
before this commit:
after this commit:
Checklist