]> granicus.if.org Git - openssl/commit
projects / openssl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 116fd37) | patch
Add additional DigestInfo checks.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 29 Sep 2014 11:16:13 +0000 (12:16 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 29 Sep 2014 11:31:29 +0000 (12:31 +0100)
commit5a7fc89394bb11dc8ac578d23d77762d2d58fff2
treea6a17746b05b34d6ad4e629ca8388d63efb28502tree | snapshot
parent116fd3732a873976aeb0baff401c8f618171e6bbcommit | diff
Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
CHANGES diff | blob | history
crypto/rsa/rsa_sign.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.