projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7b7aef9) | patch
Add additional DigestInfo checks.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 25 Sep 2014 22:28:48 +0000 (23:28 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 29 Sep 2014 11:30:47 +0000 (12:30 +0100)
commitad8b2043860e7c02d6f28b5b9a4563b92f027f98
treec3fea37bee3fec398c22c078efb9e285e03a9f61tree | snapshot
parent7b7aef9bfd1e7e9b449db0c6a54f788d2adcb671commit | diff
Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
CHANGES diff | blob | history
crypto/rsa/rsa_sign.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.