Add additional DigestInfo checks.

Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-09-25 23:28:48 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2014-09-29 12:22:32 +0100
commit: 55614f89f0beb53ebafbfc680cf7b4d114b44d30 (patch)
tree: 63273f30d99ba3756745058bd12e6a206f035ec2 /CHANGES
parent: b1620443f3784fa11ae3018361b4fe547dc926bb (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index cf167a4647..79477f6c26 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,15 @@
 
  Changes between 1.0.1i and 1.0.1j [xx XXX xxxx]
 
-  *)
+  *) Add additional DigestInfo checks.
+ 
+     Reencode DigestInto in DER and check against the original when
+     verifying RSA signature: this will reject any improperly encoded
+     DigestInfo structures.
+
+     Note: this is a precautionary measure and no attacks are currently known.
+
+     [Steve Henson]
 
  Changes between 1.0.1h and 1.0.1i [6 Aug 2014]
author	Dr. Stephen Henson <steve@openssl.org>	2014-09-25 23:28:48 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2014-09-29 12:22:32 +0100
commit	55614f89f0beb53ebafbfc680cf7b4d114b44d30 (patch)
tree	63273f30d99ba3756745058bd12e6a206f035ec2 /CHANGES
parent	b1620443f3784fa11ae3018361b4fe547dc926bb (diff)