wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8670 commits 20 branches 302 tags 153 MiB
Commit graph

13 commits

Author SHA1 Message Date
Dr. Stephen Henson
70ddf8ecca Return an error if no recipient type matches. 
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
(cherry picked from commit 83a3182e0560f76548f4378325393461f6275493)
 2014-05-08 13:18:49 +01:00
Dr. Stephen Henson
4f2fc3c2dd Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 14:51:45 +00:00
Dr. Stephen Henson
188abf7e2a Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com> 
Approved by: steve@openssl.org

Check return code properly in CMS_SignerInfo_verify_content().
 2009-03-25 10:40:32 +00:00
Dr. Stephen Henson
07dd3bfcd4 Oops. 2009-03-15 14:03:29 +00:00
Dr. Stephen Henson
37afdc953e Don't force S/MIME signing purpose: allow it to be overridden by store 
settings.

Don't set default values in X509_VERIFY_PARAM_new(): it stops parameters
being inherited properly.
 2009-03-15 13:36:01 +00:00
Dr. Stephen Henson
14d4074ee1 Update from HEAD. 2008-11-21 18:18:28 +00:00
Dr. Stephen Henson
405f382144 Fix from HEAD. 2008-08-05 15:56:11 +00:00
Dr. Stephen Henson
d140890259 Update from HEAD. 2008-04-18 11:19:56 +00:00
Dr. Stephen Henson
501af5ba89 Update from HEAD. 2008-04-12 10:15:33 +00:00
Dr. Stephen Henson
b983322bfb Revert change from HEAD. 2008-04-11 23:23:57 +00:00
Dr. Stephen Henson
339654e163 Fix from HEAD. 2008-04-11 17:34:42 +00:00
Dr. Stephen Henson
173acc185c Fix from HEAD. 2008-04-07 11:01:43 +00:00
Dr. Stephen Henson
94b2c29f9d Backport of CMS code to 0.9.8-stable branch. Disabled by default. 2008-04-03 23:03:56 +00:00