projects / platform / upstream / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 87cd342) | patch
Add additional DigestInfo checks.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 25 Sep 2014 22:28:48 +0000 (23:28 +0100)
committerJanusz Kozerski <j.kozerski@samsung.com>
Mon, 20 Oct 2014 13:26:05 +0000 (15:26 +0200)
commite907b12f496a427389f8ce9467c157f2b26a87d2
tree3ad6e760515f3842ce41c6e5b35abe3800c0d7a9tree | snapshot
parent87cd3427385b619137a01aa2dc731ffae89fa73bcommit | diff
Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
CHANGES diff | blob | history
crypto/rsa/rsa_sign.c diff | blob | history
Domain: Security / Utilities;