openssl

History

Dr. Stephen Henson 6a0a48433b Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)

2012-03-12 14:22:59 +00:00

.cvsignore

.cvignore file for cms

2008-03-13 00:50:02 +00:00

cms_asn1.c

Fix CVE-2010-1633 and CVE-2010-0742.

2010-06-01 13:17:06 +00:00

cms_att.c

And so it begins...

2008-03-12 21:14:28 +00:00

cms_cd.c

Remove unnecessary header.

2008-03-29 21:08:37 +00:00

cms_dd.c

Remove unnecessary header.

2008-03-29 21:08:37 +00:00

cms_enc.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:22:59 +00:00

cms_env.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:22:59 +00:00

cms_err.c

Fix typo and add header files to err library.

2008-04-06 15:53:29 +00:00

cms_ess.c

Submitted by: Julia Lawall <julia@diku.dk>

2009-09-13 11:27:27 +00:00

cms_io.c

Use correct headers for signed receipts. Use consistent naming.

2008-03-31 15:03:55 +00:00

cms_lcl.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:22:59 +00:00

cms_lib.c

tolerate broken CMS/PKCS7 implementations using signature OID instead of digest

2010-02-02 14:26:32 +00:00

cms_sd.c

PR: 2058

2009-09-30 23:50:10 +00:00

cms_smime.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:22:59 +00:00

cms.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:22:59 +00:00

Makefile

Update dependencies.

2008-03-29 21:11:25 +00:00