openssl/rsa at d2866063015d839569c2323cae85d1d27ccdb484 - openssl - Atria-soft GIT

generic-library/openssl

History

Dr. Stephen Henson 5a7fc89394 Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>

2014-09-29 12:31:29 +01:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

Makefile

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 14:39:44 +02:00

rsa_asn1.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

rsa_chk.c

This is a first-cut at improving the callback mechanisms used in

2002-12-08 05:24:31 +00:00

rsa_depr.c

backport recent changes from the cvs head

2006-02-08 19:16:33 +00:00

rsa_eay.c

Return smaller of ret and f.

2014-07-05 22:39:16 +01:00

rsa_eng.c

PR: 2124

2009-12-09 13:41:50 +00:00

rsa_err.c

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 14:39:44 +02:00

rsa_gen.c

Merge public key FIPS code, RSA, DSA, DH.

2008-09-16 14:55:26 +00:00

rsa_lib.c

Merge public key FIPS code, RSA, DSA, DH.

2008-09-16 14:55:26 +00:00

rsa_none.c

Constify the RSA library.

2000-11-06 22:34:17 +00:00

rsa_null.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

rsa_oaep.c

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 14:39:44 +02:00

rsa_pk1.c

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 14:39:44 +02:00

rsa_pss.c

Submitted by: Julia Lawall <julia@diku.dk>

2009-09-13 11:20:38 +00:00

rsa_saos.c

Add lots of checks for memory allocation failure, error codes to indicate

2004-12-05 01:03:15 +00:00

rsa_sign.c

Add additional DigestInfo checks.

2014-09-29 12:31:29 +01:00

rsa_ssl.c

We should check the eight bytes starting at p[-9] for rollback attack

2008-07-17 22:11:24 +00:00

rsa_test.c

Make sure we detect corruption.

2007-04-04 12:50:13 +00:00

rsa_x931.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

rsa_x931g.c

PR: 1840

2009-02-14 22:19:31 +00:00

rsa.h

RT3066: rewrite RSA padding checks to be slightly more constant time.

2014-09-24 14:39:44 +02:00