openssl/rsa at b4b8969df884d2f97fbe93244bc7fc93fdcdc71b - openssl - Atria-soft GIT

generic-library/openssl

History

Dr. Stephen Henson 5df07a7210 Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>

2014-09-29 12:24:04 +01:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

Makefile

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 12:47:19 +02:00

rsa_ameth.c

RT2626: Change default_bits from 1K to 2K

2014-09-08 17:23:37 -04:00

rsa_asn1.c

CMS RSA-OAEP and RSA-PSS support.

2013-10-01 14:01:18 +01:00

rsa_chk.c

Check for missing components in RSA_check.

2013-11-09 15:09:22 +00:00

rsa_crpt.c

Redirection of low level APIs to FIPS module.

2011-06-02 18:22:42 +00:00

rsa_depr.c

add additional checks + cleanup

2006-01-29 23:12:22 +00:00

rsa_eay.c

Return smaller of ret and f.

2014-07-05 22:38:17 +01:00

rsa_err.c

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 12:47:19 +02:00

rsa_gen.c

Use method rsa keygen first if FIPS mode if it is a FIPS method.

2011-06-09 13:18:07 +00:00

rsa_lib.c

Don't set default public key methods in FIPS mode so applications

2011-06-20 19:41:13 +00:00

rsa_locl.h

Make sure the int_rsa_verify() prototype matches the implementation

2006-09-08 06:00:40 +00:00

rsa_none.c

Constify the RSA library.

2000-11-06 22:34:17 +00:00

rsa_null.c

Update obsolete email address...

2008-11-05 18:39:08 +00:00

rsa_oaep.c

Include "constant_time_locl.h" rather than "../constant_time_locl.h".

2014-09-25 08:06:47 +02:00

rsa_pk1.c

Include "constant_time_locl.h" rather than "../constant_time_locl.h".

2014-09-25 08:06:47 +02:00

rsa_pmeth.c

CMS RSA-OAEP and RSA-PSS support.

2013-10-01 14:01:18 +01:00

rsa_prn.c

Update obsolete email address...

2008-11-05 18:39:08 +00:00

rsa_pss.c

Backport extended PSS support from HEAD: allow setting of mgf1Hash explicitly.

2011-06-02 18:13:33 +00:00

rsa_saos.c

Add lots of checks for memory allocation failure, error codes to indicate

2004-12-05 01:03:15 +00:00

rsa_sign.c

Add additional DigestInfo checks.

2014-09-29 12:24:04 +01:00

rsa_ssl.c

We should check the eight bytes starting at p[-9] for rollback attack

2008-07-17 22:11:53 +00:00

rsa_test.c

Remove the dual-callback scheme for numeric and pointer thread IDs,

2008-08-06 15:54:15 +00:00

rsa_x931.c

Update obsolete email address...

2008-11-05 18:39:08 +00:00

rsa.h

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 12:47:19 +02:00