openssl

History

Dr. Stephen Henson 146b52edd1 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)

2012-03-12 16:31:39 +00:00

.cvsignore

.cvignore file for cms

2008-03-13 00:50:02 +00:00

cms_asn1.c

add CVE-2010-0742 and CVS-2010-1633 fixes

2010-06-01 14:39:01 +00:00

cms_att.c

And so it begins...

2008-03-12 21:14:28 +00:00

cms_cd.c

Remove unnecessary header.

2008-03-29 21:08:37 +00:00

cms_dd.c

update cms code to use X509_ALGOR_set_md instead of internal function

2010-03-11 13:29:39 +00:00

cms_enc.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 16:31:39 +00:00

cms_env.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 16:31:39 +00:00

cms_err.c

Experimental CMS password based recipient Info support.

2009-11-26 18:57:39 +00:00

cms_ess.c

Submitted by: Julia Lawall <julia@diku.dk>

2009-09-13 11:29:29 +00:00

cms_io.c

Use correct headers for signed receipts. Use consistent naming.

2008-03-31 15:03:55 +00:00

cms_lcl.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 16:31:39 +00:00

cms_lib.c

update cms code to use X509_ALGOR_set_md instead of internal function

2010-03-11 13:29:39 +00:00

cms_pwri.c

Fix some warnings caused by __owur. Temporarily (I hope) remove the more

2011-11-14 00:36:10 +00:00

cms_sd.c

update cms code to use X509_ALGOR_set_md instead of internal function

2010-03-11 13:29:39 +00:00

cms_smime.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 16:31:39 +00:00

cms.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 16:31:39 +00:00

Makefile

Change AR to ARX to allow exclusion of fips object modules

2011-01-26 16:08:08 +00:00