diff options
author | Bodo Möller <bodo@openssl.org> | 2001-09-06 10:42:56 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2001-09-06 10:42:56 +0000 |
commit | a9ed4da8eb6af03d551c68b4b9ec1c47e16fed19 (patch) | |
tree | 744d8220ea31be43e7d4a0ac487d8fb92575acfb /CHANGES | |
parent | e1a4814cd4805b5c80cb6ea5adc3e888bb447e0d (diff) |
improve OAEP check
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -12,11 +12,18 @@ *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 +) applies to 0.9.7 only + *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid + 'wristwatch attack' using huge encoding parameters (cf. + James H. Manger's CRYPTO 2001 paper). Note that the + RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use + encoding paramters and hence was not vulnerable. + [Bodo Moeller] + +) Add a "destroy" handler to ENGINEs that allows structural cleanup to be done prior to destruction. Use this to unload error strings from ENGINEs that load their own error strings. NB: This adds two new API functions to "get" and "set" this destroy handler in an ENGINE. - [Geoff] + [Geoff Thorpe] +) Alter all existing ENGINE implementations (except "openssl" and "openbsd") to dynamically instantiate their own error strings. This |