wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Matt Caswell 7467c87c6e Ensure RSA PSS correctly returns the right default digest 
A default digest of SHA256 was being returned for RSA PSS even if the
PSS parameters indicated a different digest must be used. We change this
so that the correct default digest is returned and additionally mark this
as mandatory for PSS.

This bug had an impact on sig alg selection in libssl. Due to this issue
an incorrect sig alg might be selected in the event that a server is
configured with an RSA-PSS cert with parameter restrictions.

Fixes #9545

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9553)

(cherry picked from commit 9bcc9f973b)
2019-08-09 13:24:14 +01:00
..
aes Fix Typos 2019-07-31 19:48:30 +02:00
aria Fix potential null problem. 2017-09-01 09:30:18 +10:00
asn1 Fix Typos 2019-07-31 19:48:30 +02:00
async arch/async_posix.h: improve portability. 2018-10-19 10:31:04 +02:00
bf Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
bio Fix Typos 2019-07-31 19:48:30 +02:00
blake2 Update copyright year 2019-05-28 14:49:38 +02:00
bn Fix Typos 2019-07-31 19:48:30 +02:00
buffer Update copyright year 2018-04-03 13:57:12 +01:00
camellia Update copyright year 2018-09-11 13:45:17 +01:00
cast Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
chacha deps: add s390 asm rules for OpenSSL-1.1.1 2019-03-01 08:41:26 +01:00
cmac Update copyright year 2018-04-17 15:18:40 +02:00
cms Remove OPENSSL_X509V3_H include detector from openssl/cms.h 2019-07-24 17:08:38 +02:00
comp Fix last(?) batch of malloc-NULL places 2018-04-26 14:02:24 -04:00
conf crypto/conf: openssl_config_int() returns unitialized value 2019-05-29 10:47:40 +10:00
ct Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
des Update copyright year 2019-02-26 14:05:09 +00:00
dh Change DH parameters to generate the order q subgroup instead of 2q 2019-07-24 14:59:52 +02:00
dsa Fix Typos 2019-07-31 19:48:30 +02:00
dso Cygwin: enable the use of Dl_info and dladdr() 2019-07-21 11:08:56 +02:00
ec make ecp_nistz256_point_add_vis3() local 2019-08-09 09:12:42 +01:00
engine Fix CHECK_BSD_STYLE_MACROS for OpenBSD and cryptodev-linux 2019-05-31 12:52:10 +02:00
err make RSA and DSA operations throw MISSING_PRIVATE_KEY if needed, adapt ECDSA 2019-07-31 17:07:44 +03:00
evp Change EVP_CIPHER_CTX_iv_length() to return current ivlen for some modes 2019-08-08 13:19:23 +10:00
hmac Update copyright year 2019-05-28 14:49:38 +02:00
idea Remove parentheses of return. 2017-10-18 16:05:06 +01:00
include/internal Allocate DRBG additional data pool from non-secure memory 2019-07-23 23:14:14 +10:00
kdf Reset the HKDF state between operations 2018-10-29 14:11:40 +00:00
lhash Fix Typos 2019-07-31 19:48:30 +02:00
md2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
md4 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
md5 Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
mdc2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
modes Update copyright year 2019-05-28 14:49:38 +02:00
objects Fix GOST OID 2019-05-24 12:36:06 +03:00
ocsp Update copyright year 2019-05-28 14:49:38 +02:00
pem Update copyright year 2019-05-28 14:49:38 +02:00
perlasm Update copyright year 2019-02-26 14:05:09 +00:00
pkcs7 Update copyright year 2018-09-11 13:45:17 +01:00
pkcs12 Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
poly1305 deps: add s390 asm rules for OpenSSL-1.1.1 2019-03-01 08:41:26 +01:00
rand Fix Typos 2019-07-31 19:48:30 +02:00
rc2 Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
rc4 deps: add s390 asm rules for OpenSSL-1.1.1 2019-03-01 08:41:26 +01:00
rc5 Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
ripemd Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
rsa Ensure RSA PSS correctly returns the right default digest 2019-08-09 13:24:14 +01:00
seed Update copyright year 2018-09-11 13:45:17 +01:00
sha Fix Typos 2019-07-31 19:48:30 +02:00
siphash Fix SipHash init order. 2018-11-12 07:16:58 +01:00
sm2 Fix Typos 2019-07-31 19:48:30 +02:00
sm3 SM3: restructure to EVP internal and update doc to right location 2017-11-06 07:21:15 +08:00
sm4 SM4: Add SM4 block cipher to EVP 2017-10-31 15:19:14 +10:00
srp Update copyright year 2019-02-26 14:05:09 +00:00
stack Revert "stack/stack.c: omit redundant NULL checks." 2018-08-09 14:37:10 +01:00
store Fix Typos 2019-07-31 19:48:30 +02:00
ts Check conversion return in ASN1_INTEGER_print_bio. 2018-07-31 11:37:05 +10:00
txt_db Update copyright year 2018-04-03 13:57:12 +01:00
ui Fix Typos 2019-07-01 02:02:06 +08:00
whrlpool Fix warning C4164 in MSVC. 2019-07-31 17:32:16 +01:00
x509 Cleanup use of X509 STORE locks 2019-07-18 15:19:46 +10:00
x509v3 Add missing accessors for X509 AuthorityKeyIdentifier 2019-08-01 12:13:37 +02:00
alphacpuid.pl
arm64cpuid.pl {arm64|x86_64}cpuid.pl: add special 16-byte case to OPENSSL_memcmp. 2018-06-03 21:15:18 +02:00
arm_arch.h Fix building linux-armv4 with --strict-warnings 2018-04-20 15:49:33 +02:00
armcap.c Update copyright year 2019-02-26 14:05:09 +00:00
armv4cpuid.pl Update copyright year 2018-05-01 13:34:30 +01:00
build.info Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
c64xpluscpuid.pl Many spelling fixes/typo's corrected. 2017-11-11 19:03:10 -05:00
cpt_err.c Fix last(?) batch of malloc-NULL places 2018-04-26 14:02:24 -04:00
cryptlib.c Update copyright year 2019-02-26 14:05:09 +00:00
ctype.c Check for EOF in ASCII conversions. 2017-08-25 06:42:17 +10:00
cversion.c Fix SOURCE_DATE_EPOCH bug; use UTC 2017-11-27 14:34:14 -05:00
dllmain.c Update copyright year 2018-09-11 13:45:17 +01:00
ebcdic.c Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
ex_data.c Ensure the thread keys are always allocated in the same order 2018-04-20 15:45:06 +02:00
getenv.c Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
ia64cpuid.S Fix typo in files in crypto folder 2017-08-05 20:42:06 +02:00
init.c Fix Typos 2019-07-31 19:48:30 +02:00
LPdir_nyi.c
LPdir_unix.c typo-fixes: miscellaneous typo fixes 2018-09-21 23:59:02 +02:00
LPdir_vms.c
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
mem.c crypto/mem.c: switch to tsan_assist.h in CRYPTO_MDEBUG. 2018-08-07 09:08:50 +02:00
mem_clr.c
mem_dbg.c Update copyright year 2018-02-13 13:59:25 +00:00
mem_sec.c test/secmemtest: test secure memory only if it is implemented 2018-10-05 12:23:34 +02:00
mips_arch.h Update copyright year 2019-05-28 14:49:38 +02:00
o_dir.c Move e_os.h to be the very first include. 2017-08-30 07:20:44 +10:00
o_fips.c
o_fopen.c Add missing include file. 2018-09-17 12:54:20 +10:00
o_init.c Use "" not <> on e_os.h include 2017-08-22 11:07:56 -04:00
o_str.c Fix error handling at openssl_strerror_r 2019-06-18 13:58:52 +02:00
o_time.c Update copyright year 2018-04-03 13:57:12 +01:00
pariscid.pl PA-RISC assembly pack: make it work with GNU assembler for HP-UX. 2018-06-25 16:45:48 +02:00
ppc_arch.h Update copyright year 2019-02-26 14:05:09 +00:00
ppccap.c crypto/ppccap.c: Fix which hwcap value used to check for HWCAP_ARCH_3_00 2019-05-09 14:20:44 +10:00
ppccpuid.pl Update copyright year 2019-02-26 14:05:09 +00:00
s390x_arch.h s390x assembly pack: add KIMD/KLMD code path for sha3/shake 2018-08-06 12:04:52 +02:00
s390xcap.c s390x assembly pack: fix restoring of SIGILL action 2019-07-17 20:15:38 +02:00
s390xcpuid.pl s390x assembly pack: add KIMD/KLMD code path for sha3/shake 2018-08-06 12:04:52 +02:00
sparc_arch.h
sparccpuid.S
sparcv9cap.c Create a prototype for OPENSSL_rdtsc 2017-11-25 14:30:11 +01:00
threads_none.c crypto/threads_*: remove CRYPTO_atomic_{read|write}. 2018-08-17 12:40:39 +02:00
threads_pthread.c crypto/threads_*: remove CRYPTO_atomic_{read|write}. 2018-08-17 12:40:39 +02:00
threads_win.c Update copyright year 2019-05-28 14:49:38 +02:00
uid.c Swap #if blocks in uid.c so target platform gets checked before host 2019-06-18 12:53:27 +10:00
vms_rms.h
x86_64cpuid.pl {arm64|x86_64}cpuid.pl: add special 16-byte case to OPENSSL_memcmp. 2018-06-03 21:15:18 +02:00
x86cpuid.pl Fix issues in ia32 RDRAND asm leading to reduced entropy 2018-03-08 10:27:49 -05:00