granicus.if.org Git - openssl/commit

]> granicus.if.org Git - openssl/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Thu, 25 Sep 2014 22:28:48 +0000 (23:28 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Mon, 29 Sep 2014 11:01:05 +0000 (12:01 +0100)
commit	1cfd255c9123cdb4637cc9a65c6665fe4a06c6d5
tree	86e26adccb01a6f970de107123649ea51c055d91	tree \| snapshot
parent	3d81ec5b92e1141762eb72caf2aeb9b2cd019a78	commit \| diff

Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>

CHANGES		diff \| blob \| history
crypto/rsa/rsa_sign.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom