openssl

Author	SHA1	Message	Date
Dr. Stephen Henson	70ddf8ecca	Return an error if no recipient type matches. If the key type does not match any CMS recipient type return an error instead of using a random key (MMA mitigation). This does not leak any useful information to an attacker. PR#3348 (cherry picked from commit 83a3182e0560f76548f4378325393461f6275493)	2014-05-08 13:18:49 +01:00
Dr. Stephen Henson	f51f374199	Set Enveloped data version to 2 if ktri version not zero. (cherry picked from commit 9c5d953a07f472452ae2cb578e39eddea2de2b9c)	2014-05-06 14:05:05 +01:00
Dr. Stephen Henson	d471adf351	Remove duplicate statement. (cherry picked from commit 5a7652c3e585e970e5b778074c92e617e48fde38)	2014-02-15 01:31:34 +00:00
Dr. Stephen Henson	dd2dee60f3	Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set	2013-01-23 01:16:59 +00:00
Dr. Stephen Henson	3978429ad5	Reported by: Solar Designer of Openwall Make sure tkeylen is initialised properly when encrypting CMS messages.	2012-05-10 13:27:57 +00:00
Dr. Stephen Henson	4f2fc3c2dd	Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)	2012-03-12 14:51:45 +00:00
Dr. Stephen Henson	73eb0972cf	return failure code if I/O error	2012-03-06 19:08:30 +00:00
Dr. Stephen Henson	82b6b541b1	Fix CVE-2010-0742	2010-06-01 14:39:57 +00:00
Dr. Stephen Henson	4a9d335bb4	tolerate broken CMS/PKCS7 implementations using signature OID instead of digest	2010-02-02 14:19:54 +00:00
Dr. Stephen Henson	e1246e1ad7	Submitted by: Julia Lawall <julia@diku.dk> The functions ENGINE_ctrl(), OPENSSL_isservice(), CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix so the return code is checked correctly.	2009-09-13 11:20:38 +00:00
Dr. Stephen Henson	188abf7e2a	Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com> Approved by: steve@openssl.org Check return code properly in CMS_SignerInfo_verify_content().	2009-03-25 10:40:32 +00:00
Dr. Stephen Henson	07dd3bfcd4	Oops.	2009-03-15 14:03:29 +00:00
Dr. Stephen Henson	37afdc953e	Don't force S/MIME signing purpose: allow it to be overridden by store settings. Don't set default values in X509_VERIFY_PARAM_new(): it stops parameters being inherited properly.	2009-03-15 13:36:01 +00:00
Dr. Stephen Henson	a00c3c4019	Properly check EVP_VerifyFinal() and similar return values (CVE-2008-5077). Submitted by: Ben Laurie, Bodo Moeller, Google Security Team	2009-01-07 10:48:23 +00:00
Dr. Stephen Henson	14d4074ee1	Update from HEAD.	2008-11-21 18:18:28 +00:00
Dr. Stephen Henson	d83dde6180	Merge changes to build system from fips branch.	2008-09-16 21:44:57 +00:00
Dr. Stephen Henson	405f382144	Fix from HEAD.	2008-08-05 15:56:11 +00:00
Dr. Stephen Henson	d140890259	Update from HEAD.	2008-04-18 11:19:56 +00:00
Dr. Stephen Henson	501af5ba89	Update from HEAD.	2008-04-12 10:15:33 +00:00
Dr. Stephen Henson	b983322bfb	Revert change from HEAD.	2008-04-11 23:23:57 +00:00
Dr. Stephen Henson	339654e163	Fix from HEAD.	2008-04-11 17:34:42 +00:00
Dr. Stephen Henson	173acc185c	Fix from HEAD.	2008-04-07 11:01:43 +00:00
Dr. Stephen Henson	fb4c24b6e7	Update from HEAD.	2008-04-06 16:30:38 +00:00
Dr. Stephen Henson	1366f6b9bd	Fix from HEAD.	2008-04-06 15:57:44 +00:00
Dr. Stephen Henson	e13546f739	Update error codes.	2008-04-06 15:46:17 +00:00
Dr. Stephen Henson	d6c813daff	Fix from HEAD.	2008-04-06 15:42:29 +00:00
Dr. Stephen Henson	415fe2abe9	Delete functions not implemented in 0.9.8 from cms.h	2008-04-03 23:31:35 +00:00
Dr. Stephen Henson	94b2c29f9d	Backport of CMS code to 0.9.8-stable branch. Disabled by default.	2008-04-03 23:03:56 +00:00

28 Commits