Dr. Stephen Henson 70ddf8ecca Return an error if no recipient type matches. ...

If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348
(cherry picked from commit 83a3182e0560f76548f4378325393461f6275493)

2014-05-08 13:18:49 +01:00

..

cms_asn1.c

Fix CVE-2010-0742

2010-06-01 14:39:57 +00:00

cms_att.c

Backport of CMS code to 0.9.8-stable branch. Disabled by default.

2008-04-03 23:03:56 +00:00

cms_cd.c

Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set

2013-01-23 01:16:59 +00:00

cms_dd.c

Backport of CMS code to 0.9.8-stable branch. Disabled by default.

2008-04-03 23:03:56 +00:00

cms_enc.c

Reported by: Solar Designer of Openwall

2012-05-10 13:27:57 +00:00

cms_env.c

Set Enveloped data version to 2 if ktri version not zero.

2014-05-06 14:05:05 +01:00

cms_err.c

Fix from HEAD.

2008-04-06 15:57:44 +00:00

cms_ess.c

Submitted by: Julia Lawall <julia@diku.dk>

2009-09-13 11:20:38 +00:00

cms_io.c

return failure code if I/O error

2012-03-06 19:08:30 +00:00

cms_lcl.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

cms_lib.c

Remove duplicate statement.

2014-02-15 01:31:34 +00:00

cms_sd.c

Properly check EVP_VerifyFinal() and similar return values

2009-01-07 10:48:23 +00:00

cms_smime.c

Return an error if no recipient type matches.

2014-05-08 13:18:49 +01:00

cms.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

Makefile

Merge changes to build system from fips branch.

2008-09-16 21:44:57 +00:00