Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pkcs7: allow recipient's certificate to be omitted for PKCS7#decrypt #183

Merged

Conversation

rhenium
Copy link
Member

@rhenium rhenium commented Jan 4, 2018

The recipient's certificate is not mandatory for PKCS7_decrypt(). Make
it possible to call OpenSSL::PKCS7#decrypt with only the private key to
match the functionality with PKCS7_decrypt().

Reference: #182

@rhenium rhenium changed the title pkcs7: allow recipient's certificate to be omitted for PKCS7.decrypt pkcs7: allow recipient's certificate to be omitted for PKCS7#decrypt Jan 4, 2018
@rhenium rhenium force-pushed the ky/pkcs7-decrypt-without-recipients-certificate branch from a51a2d7 to 769b557 Compare January 4, 2018 09:46
The recipient's certificate is not mandatory for PKCS7_decrypt(). Make
it possible to call OpenSSL::PKCS7#decrypt with only the private key to
match the functionality.

Reference: ruby#182
@rhenium rhenium merged commit f707996 into ruby:master Jan 6, 2018
cmd-ntrf added a commit to cmd-ntrf/hiera-eyaml that referenced this pull request Apr 29, 2024
In PKCS7 RFC, the recipient certificate is not mandatory when decrypting.
This is also how it is implemented in OpenSSL PKCS7_decrypt(). However,
it is only since version 2.2.0 of ruby-openssl that it is possible to
call OpenSSL::PKCS7#decrypt with only the private key.

Ref: ruby/openssl#183

The issue of hiera-eyaml requiring the public key when decrypting has
been brought before in voxpupuli#137, but ruby-openssl was yet patched.
cmd-ntrf added a commit to cmd-ntrf/hiera-eyaml that referenced this pull request Apr 29, 2024
In PKCS7 RFC, the recipient certificate is not mandatory when decrypting.
This is also how it is implemented in OpenSSL PKCS7_decrypt(). However,
it is only since version 2.2.0 of ruby-openssl that it is possible to
call OpenSSL::PKCS7#decrypt with only the private key.

Ref: ruby/openssl#183

The issue of hiera-eyaml requiring the public key when decrypting has
been brought before in voxpupuli#137, but ruby-openssl was yet patched.
cmd-ntrf added a commit to cmd-ntrf/hiera-eyaml that referenced this pull request May 1, 2024
In PKCS7 RFC, the recipient certificate is not mandatory when decrypting.
This is also how it is implemented in OpenSSL PKCS7_decrypt(). However,
it is only since version 2.2.0 of ruby-openssl that it is possible to
call OpenSSL::PKCS7#decrypt with only the private key.

Ref: ruby/openssl#183

The issue of hiera-eyaml requiring the public key when decrypting has
been brought before in voxpupuli#137, but ruby-openssl was yet patched.
cmd-ntrf added a commit to cmd-ntrf/hiera-eyaml that referenced this pull request May 1, 2024
In PKCS7 RFC, the recipient certificate is not mandatory when decrypting.
This is also how it is implemented in OpenSSL PKCS7_decrypt(). However,
it is only since version 2.2.0 of ruby-openssl that it is possible to
call OpenSSL::PKCS7#decrypt with only the private key.

Ref: ruby/openssl#183

The issue of hiera-eyaml requiring the public key when decrypting has
been brought before in voxpupuli#137, but ruby-openssl was yet patched.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant