openssl

Files

Dr. Stephen Henson 4f2fc3c2dd Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)

2012-03-12 14:51:45 +00:00

cms_asn1.c

Fix CVE-2010-0742

2010-06-01 14:39:57 +00:00

cms_att.c

Backport of CMS code to 0.9.8-stable branch. Disabled by default.

2008-04-03 23:03:56 +00:00

cms_cd.c

Backport of CMS code to 0.9.8-stable branch. Disabled by default.

2008-04-03 23:03:56 +00:00

cms_dd.c

Backport of CMS code to 0.9.8-stable branch. Disabled by default.

2008-04-03 23:03:56 +00:00

cms_enc.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

cms_env.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

cms_err.c

Fix from HEAD.

2008-04-06 15:57:44 +00:00

cms_ess.c

Submitted by: Julia Lawall <julia@diku.dk>

2009-09-13 11:20:38 +00:00

cms_io.c

return failure code if I/O error

2012-03-06 19:08:30 +00:00

cms_lcl.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

cms_lib.c

tolerate broken CMS/PKCS7 implementations using signature OID instead of digest

2010-02-02 14:19:54 +00:00

cms_sd.c

Properly check EVP_VerifyFinal() and similar return values

2009-01-07 10:48:23 +00:00

cms_smime.c

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

cms.h

Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and

2012-03-12 14:51:45 +00:00

Makefile

Merge changes to build system from fips branch.

2008-09-16 21:44:57 +00:00