wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Dr. Stephen Henson 2c4144638a Return an error if no recipient type matches. 
If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
(cherry picked from commit bd43b4cf778a53ffa5d77510ecd408a009dc00d2)
2014-05-09 14:24:53 +01:00
..
aes aes/asm/bsaes-x86_64.pl: Atom-specific optimization. 2014-04-24 10:14:46 +02:00
asn1 Don't try and verify signatures if key is NULL (CVE-2013-0166) 2014-04-01 16:39:35 +01:00
bf Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA 2011-08-14 13:47:30 +00:00
bio bss_dgram.c,d1_lib.c: make it compile with mingw. 2014-03-06 14:07:16 +01:00
bn bignum: allow concurrent BN_MONT_CTX_set_locked() 2014-05-06 18:01:59 -04:00
buffer Constification. 2013-10-01 14:51:04 +01:00
camellia camellia/asm/cmll-x86_64.pl: fix symptomless bugs (update from master). 2014-02-01 23:14:33 +01:00
cast make update 2013-01-15 16:24:07 +00:00
cmac oops, macro not present in OpenSSL 1.0.2 2012-04-11 15:10:48 +00:00
cms Return an error if no recipient type matches. 2014-05-09 14:24:53 +01:00
comp Assorted bugfixes: 2011-02-03 12:03:57 +00:00
conf PR: 2840 2012-07-03 20:20:11 +00:00
des SPARC T4 assembly pack: treat zero input length in CBC. 2014-03-07 10:48:51 +01:00
dh dh_check.c: check BN_CTX_get's return value. 2014-03-06 14:21:17 +01:00
dsa Return correct enveloped data type in ASN1 methods. 2013-10-01 14:01:18 +01:00
dso dso: eliminate VMS code on non-VMS systems 2014-05-06 18:03:52 -04:00
ec Double free in i2o_ECPublicKey 2014-05-04 00:50:42 +01:00
ecdh make update 2013-12-01 23:09:44 +00:00
ecdsa Add functions to set ECDSA_METHOD structure. 2013-09-18 01:23:40 +01:00
engine Don't use CRYPTO_AES_CTR if it isn't defined. 2014-02-18 22:21:41 +00:00
err Don't include comp.h if no-comp set. 2013-01-20 01:10:03 +00:00
evp evp: prevent underflow in base64 decoding 2014-05-06 18:02:02 -04:00
hmac Experimental multi-implementation support for FIPS capable OpenSSL. 2012-05-13 18:40:12 +00:00
idea make update 2013-01-15 16:24:07 +00:00
jpake apply J-PKAKE fix to HEAD (original by Ben) 2010-11-29 18:33:28 +00:00
krb5
lhash Revert lhash patch for PR#2124 2009-12-09 15:00:20 +00:00
md2 Prohibit use of low level digest APIs in FIPS mode. 2011-06-01 13:39:45 +00:00
md4 Fix some clang warnings. 2013-01-13 21:06:36 +00:00
md5 md5_locl.h: enable assembly support on SPARC [from master]. 2013-05-20 00:33:09 +02:00
mdc2 Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
modes bn/asm/armv4-gf2m.pl, modes/asm/ghash-armv4.pl: faster multiplication 2014-04-24 10:27:52 +02:00
objects CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:10 +00:00
ocsp Don't try and verify signatures if key is NULL (CVE-2013-0166) 2014-04-01 16:39:35 +01:00
pem Fix warning. 2014-01-29 17:57:32 +01:00
perlasm SPARC T4 assembly pack: treat zero input length in CBC. 2014-03-07 10:48:51 +01:00
pkcs7 Fixed NULL pointer dereference in PKCS7_dataDecode reported by David Ramos in PR#3339 2014-05-07 23:23:15 +01:00
pkcs12 PKCS#8 support for alternative PRFs. 2014-03-01 23:14:08 +00:00
pqueue Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
rand Return if ssleay_rand_add called with zero num. 2014-04-07 19:27:46 +01:00
rc2 make update 2013-01-15 16:24:07 +00:00
rc4 rc4/asm/rc4-586.pl: allow for 386-only build. 2014-02-27 14:28:54 +01:00
rc5 Intel compiler support update from HEAD. 2012-11-28 13:12:09 +00:00
ripemd Fix some clang warnings. 2013-01-13 21:06:36 +00:00
rsa Workaround for some CMS signature formats. 2014-03-19 17:29:55 +00:00
seed Revert "version skew" patches that break FIPS compilation 2012-06-09 23:36:38 +00:00
sha sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. 2014-02-26 10:23:56 +01:00
srp - fix coverity issues 966593-966596 2014-05-06 00:04:59 +01:00
stack CMS support for key agreeement recipient info. 2013-10-01 14:01:18 +01:00
store Make it possible to disable STORE. 2009-02-19 09:42:51 +00:00
threads Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 2009-05-15 16:37:08 +00:00
ts Fix double frees. 2014-04-22 17:00:52 +01:00
txt_db Change STRING to OPENSSL_STRING etc as common words such 2009-07-27 21:08:53 +00:00
ui Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
whrlpool wp-mmx.pl: ~10% performance improvement. 2014-02-01 22:27:07 +01:00
x509 For self signed root only indicate one error. 2014-03-03 23:33:51 +00:00
x509v3 Extension checking fixes. 2014-04-15 18:52:50 +01:00
.cvsignore
alphacpuid.pl Alpha assembler fixed from HEAD. 2011-08-12 12:31:08 +00:00
arm_arch.h ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
armcap.c crypto/armcap.c: fix typo in rdtsc subroutine. 2013-09-15 22:10:49 +02:00
armv4cpuid.S ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
cpt_err.c Implement FIPS_mode and FIPS_mode_set 2011-05-19 18:19:07 +00:00
cryptlib.c Avoid Windows 8 Getversion deprecated errors. 2014-02-25 13:41:53 +00:00
cryptlib.h Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
crypto-lib.com VMS build fix 2014-04-02 21:46:13 +01:00
crypto.h Add and use a constant-time memcmp. 2013-02-06 13:56:12 +00:00
cversion.c
ebcdic.c
ebcdic.h
ex_data.c
fips_err.h Update error codes for FIPS. 2011-10-21 13:04:27 +00:00
fips_ers.c Add FIPS error codes. 2011-06-21 16:58:10 +00:00
ia64cpuid.S IA64 assembler pack update from HEAD. 2011-11-14 20:45:57 +00:00
install-crypto.com Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
Makefile crypto/Makefile: make it OSF-make-friendly 2014-02-26 16:42:57 +01:00
md32_common.h Initial aarch64 bits. 2013-10-13 19:24:22 +02:00
mem.c Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
mem_clr.c
mem_dbg.c PR: 1894 2009-04-16 17:22:51 +00:00
o_dir.c
o_dir.h
o_dir_test.c
o_fips.c call OPENSSL_init when calling FIPS_mode too 2012-04-20 14:43:14 +00:00
o_init.c The first of many changes to make OpenSSL 1.0.1 FIPS capable. 2011-05-26 14:19:19 +00:00
o_str.c Improve WINCE support. 2014-02-01 22:48:56 +01:00
o_str.h
o_time.c Time difference functions. 2013-08-19 21:55:07 +01:00
o_time.h Time difference functions. 2013-08-19 21:55:07 +01:00
opensslconf.h.in
opensslv.h Prepare for 1.0.2-beta2-dev 2014-02-24 13:52:51 +00:00
ossl_typ.h Add KDF for DH. 2013-10-01 14:01:18 +01:00
pariscid.pl PA-RISC assembler pack: switch to bve in 64-bit builds. 2013-06-30 23:13:23 +02:00
ppccap.c PPC assembly pack: ppc64-mont update from master. 2014-02-01 21:51:51 +01:00
ppccpuid.pl PPC assembly pack: update from master branch. 2013-10-15 00:31:45 +02:00
s390xcap.c s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
s390xcpuid.S s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
sparc_arch.h sparcv9cap.c: update from master. 2013-05-20 00:16:18 +02:00
sparccpuid.S sparcv9cap.c: update from master. 2013-05-20 00:16:18 +02:00
sparcv9cap.c sparcv9cap.c: omit random detection. 2013-12-28 13:32:45 +01:00
symhacks.h Add new VMS hack symbol, update ordinals. 2014-03-02 13:50:06 +00:00
uid.c
vms_rms.h Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:47:47 +00:00
x86_64cpuid.pl x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:25:14 +01:00
x86cpuid.pl x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:25:14 +01:00